someoneMar 13

Is LM Studio's GUI safe despite being closed source?

https://lemmy.today/post/49279261

Is LM Studio's GUI safe despite being closed source? - Lemmy Today

I really liked LM Studio and then I realized it’s closed source. One of the reasons I fear closed source software is because of backdoors. Another reason is that the US government can require backdoors using court orders and force corporations to lie about backdoors existing or telemetry when it’s closed source code and can’t be reviewed. Does this present any sort of real risk with LM Studio? When LM Studio contacts external servers, is what sent clear or encrypted? (In other words, if they were sending my sexy discussion with CyberPunk Gemi the femboy to a server, could I see that in the packets showing the conversation with wireshark or would I just not know because anything going to their server has encrypted packets from https? Is any data sent by the App something that could be reviewed in wireshark?) Would it be possible for the government to order LM Studio to upload data only when certain keywords are used (like “Cyberpunk Femboy” or “Leftist on Lemmy”)? It’s great software, but closed source is scary and weird. I don’t know if I am over-reacting and should take a chill pill (by which I mean illegal drugs) or if I am rightfully freaking out and should celebrate my new insights by uninstalling LM Studio (and then taking illegal drugs). (I don’t know where LM Studio is made and don’t know how to use a search engine to find out so I am guessing USA.)

Show threadPlacidMar 14

The first bullet point in the privacy policy answers your question.

LM Studio Privacy Policy

None of your messages, chat histories, and documents are ever transmitted from your system - everything is saved locally on your device by default.

LM Studio Privacy Policy

LM Studio Privacy Policy

Show threadsomeoneMar 14
US Corporations that receive secret court orders are required by law to violate their privacy policies.
Show threadPlacidMar 14
Sounds like you’re looking for a reason to not use this application.
Show threadParagone

Are you old enough to remember all the machiavellianisms committed by Microslop corp?

As a relatively-recent example, their Windows Vista would secretly inform MS of all the search-queries done within windows.

And … for some incomprehensible reason, that wasn’t prosecuted as a criminal offense.

So, MS was being informed of things like …

  • hospital searching for “William Smith, bone cancer” & the search found the right file, & THAT kind of information was being forwarded back?

  • police searching for “Bob and Alice, classical physics violators”, & THAT kind of information would be forwarded back to MS?

You don’t engineer-in machiavellianism like MS has done, for … it’s 40-years now? something like that … without making SOME people understand just how religious some corporations are, about being DarkTriad ( narcissism/machiavellianism/sociopathy-psychopathy ), in nature.

& they aren’t the only ones.

Nowadays, any corporation which violates DarkTriad … is considered … perhaps “mentally ill”, by market standards?

I’m only using MS as an example.

Remember when OpenOffice.org became the property of Oracle?

LibreOffice.org was born in a week or 2?

Cynicism absolutely is warranted, nowadays.

I’m old-enough that MS’s stealing of Stac Electronics’ disk-compression algorithm, but they fucked-it-up, in their DOS 6.20 bit me.

Assuming altruism on the part of some company … that is mental-illness, nowadays.

I’m not agreeing with the assumption-river of the person you’re replying to, but I am saying that their reaction has basis/validity, nowadays.

I found out, after using LM Studio, that LLM’s can access everything on one’s own system.

I don’t know to what degree that’s true with LM Studio, but 1 time I gave an internet-address, & the LLM told me what it had found on the site I just told it of.

I hadn’t known it had unrestricted internet-access.

Later, I learned it could probably read every file on my system, too, & some AI-attacks get the LLM to get info from people’s personal files, single-out the credit-card, address, contacts, etc, information, & have the LLM forward that to a server out there…

That isn’t a security-concern that normals would even consider.

NOW I know that if I ever fire-up my desktop again, I’ll have to rip-out the LLM’s from my normal user-account, & create a completely-separate locked-down account, with NOTHING ELSE in it, only for them.

& keep EVERYTHING personal in a different account, that they can’t even see.

That isn’t an LM Studio specific thing, that is apparently required for ALL the things.

& nobody’s warning anybody about this?

I think it was on The Register that I found that out, last year…

_ /\ _

Mar 14 at 3:13amWeb