Really interesting read on the vulnerabilities to be mindful of while pulling DeepSeek R1 model
Security Risks:
Hosted on Their Servers: If DeepSeek-R1 is hosted on their servers, there are concerns about data sharing, infrastructure security, and reliability. For example, data might be stored in locations with different privacy laws, potentially exposing sensitive information.
Hosted Locally: If hosted on your own infrastructure, enabling features like trust_remote_code can introduce vulnerabilities Legal and Reputational Concerns:
Questionable Data Sources: DeepSeek-R1 might use data from sources that are not transparent or ethically sourced, leading to potential legal issues.
Censorship: The model may align with censorship laws from its country of origin, which can affect the outputs and lead to reputational damage if the model produces biased or censored responses.
Information Leakage:
Chain-of-Thought (CoT) Reasoning: This technique, while powerful, can inadvertently leak sensitive information. For example, if the model is asked to explain its reasoning, it might reveal more information than intended, leading to inefficiencies and higher costs.Database Leaks: There have been instances where sensitive data, such as chat logs and API keys, were exposed due to security vulnerabilities in the model's infrastructure.
Vulnerabilities:
Jailbreak Techniques: These are methods used to bypass the model's safety constraints. For instance, prompting the model to adopt an "evil" persona can lead it to generate harmful outputs.
Prompt Injections: This involves manipulating the input prompts to make the model behave in unintended ways.
Glitch Tokens: Exploiting specific tokens that cause the model to malfunction.
Control Tokens: Using tokens that control the model's behavior to exploit its outputs.
Further Read
DeepSh*t: Exposing the Security Risks of DeepSeek-R1
DeepSeek-R1 sets new benchmarks for open-weight models, but what are the security risks? Understand the security implications before deploying.
hiddenlayer.com
Exposed DeepSeek Database Revealed Chat Prompts and Internal Data | WIRED
China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database.
wired.com
Top comments (2)
Which of these are unique to DeepSeek, though? Running locally, I suppose, but the rest of these seem like they'd also apply to OpenAI or even more bespoke implementations like Apple Intelligence.
Hi @manchicken : Your understanding is correct. Any LLM you might need to factor these. Responsible design should ensure we dont miss use the technology and enable fairness to all the end users