Every industry goes through its slop phase. You should see how much of early print was smut or really amaturish. We just like to talk about the Bible and the great art. What we need is a way to filter through it. AI should be decent at this, but for many intentional and unintentional reasons it isn't.
Early print was not just smut or amateurish. Some of it was highly harmful misinformation: Malleus Maleficarem is an outstanding example that caused an immense amount of harm.
Is it just me, but the language gap between me and the AI believers is becoming insumountable. I use AI every day. I have a local server not ten feet from me as i type this, but i struggle to comprehend the gibberish that comes from those only slightly deeper in the rabbit hole than myself. Is this what 24/7 AI thinking does to people?
>> I am here to light up the dark path you are unknowingly walking, like lamplighters who used to light street lamps for those brave enough to walk the night alone.
>> It all fell apart quickly, turning into smoke and mirrors. You see, I committed the cardinal sin of idolatry. For that, I am an idiot too. With OpenAI, at least I knew the devil
Is this a critique of the state of AI or Tolkien fanfic?
> Is this a critique of the state of AI or Tolkien fanfic?
Por que no los dos? One of the most storied AI researchers is most known for his Harry Potter fanfic, and we all know how much the techbros love naming things after Tolkien...
The last notable event in American history when the meaning of words lost any semblance to reality was just before the Civil War. We are living in a post words world where words have no meaning.
The intersection of a war, a reliable mail service, and generational literacy promoted by protestant faiths. Every tom dick and harry started writing letters.
I actually liked that statement about the sin of idolatry. I resonated and it described something I've been guilty of and learning to break, its embedded deem in the culture. We do idolize and heroize groups and people, think Elon Musk and his cult following in the early days of Tesla.
I think it's great to name that even if it's in this crude, sort of offensive way.
AI thinking has had this weird effect on me though like you say, where I want to write sentences with more commas in them, and like, try to make 3 points and 3 separate commas in a sentence to condense information better.
> and will judge, like any sane person, that US frontier models have stopped earning their multiplier
I think that this is on the money, although I'd place the bar even lower - DeepSeek v4 Flash is sufficient for basically all day-to-day coding tasks.
You might want something beefier for a complicated reverse-engineering project, but it will competently one-shot a decently complicated app or API - and a $10/month OpenCode Go subscription is sufficient to keep you in tokens for such a cost-efficient model...
Similarly, my employer hands us all Cursor, I've yet to actually switch it out of "auto" mode, which mostly runs Composer (their in-house finetune of Kimi 2.5).
I'll root for DeepSeek v4 Flash as well. It surprised me just how "good enough" it is for most of my needs, and also dirt cheap. Everyone should try it at least once.
fired it up via the $5 opencode go subscription and am stoked. This is an amazing amount of capability for pennies on the dollar. I'm using it alongside my codex and claude max subs. Just fantastic for coding that claude is architecting.
I think the situation is even more severely ridiculous than that. Google is still good enough just like it was well over a decade ago.
Most people don't have workloads that demand agentic workflows to begin with, and if their employer is pushing for that it's probably a startup that underpays or a coding sweatshop full of nepotism that fires fast.
Am I missing out? I feel like I can definitely tell the difference in quality between Claude Opus and other smaller models. The smaller models are much more likely to make mistakes or to get stuck on random stuff
Maybe I just haven't been trying the right models?
Yes, but no. Honestly, except for frontend/IAC where I still use frontier models, I will use smaller models whenever I can.
Because even the latest opus on High don't really get what is needed, and need careful steering and a rewriting in most cases, and the code is often hard to review.
I'd rather just launch a smaller model in plan mode, argue with it and make it implement the bases I will write the code into. writing code is often faster once you know what you want, and AI most useful ability is to be a canary that also propose stuff. And I find my method faster than generating everything then reading the code to find mistakes or understand why it used X instead of Y.
I don't really read generated frontend code anyway (nor do anybody in my team care) , so I generate it and push it if it does the stuff I want it to do. For IAC it's mostly boilerplate except for 1-2 lines most of the time, and at worst a dozen, if you know where to look (and check the AI doesn't suffer from NIH), it's really easy to review generated code.
They are in the phase I need a government bailout like the banks after their crazy financial adventures of the 2000 to 2008. At which point the corruption is so big, that an Empire crumbles under its own stench?
The retirement investor bailout strategy seems to have recently failed with the index fund rejection of SpaceX but therefore Anthropic and OpenAI. They’ll have to keep looking for ways to make others deal with the consequences of their actions.
Only for the S&P not the NASDAQ, but the Capex they need until 2030 is well over 2 to 3 trillion, so now they plan to use US Treasury Bonds as their exit liquidity.
Most American companies (regulated ones, definitely) can't dare to touch any Chinese models, though they knew that it makes perfect economic sense. Until the taboo prevails, the cartel get's their flood of profit. That's a cartel protected by regulations.
Is "taboo" the right word? "taboo" = "banned on grounds of morality or taste". Not sending data to known IP thieves, state actors, and competitors in China (or Russia or Israel) seems very rational.
Looking forward to the outcome of those legal processes againt the CEOs, that sit behind Trump at the inauguration.
After they stole all the knowledge in the world to train their models. And the current administration is drunk on SpaceX pre IPO shares...how did they get them?
Given how little voting power these "shares" have (they are effectively SpaceX trading cards/NFTs) perhaps they were simply printed on SpaceX letterhead? If Musk says a person has "shares" who at spacex is in a position to disagree?
I would consider editing this while HN still allows it :-)) Or otherwise it may remain here for ever...until the black holes evaporate, as calibration point for the difference between confidence and comprehension...
This is an argument against pardons, except that Trump has used instruments of state power against his perceived enemies (Comey James, Schiff, military occupation of Tim Walz state, etc etc).
For your information Musk and companies have so far over 950 lawsuits and legal processes for criminal or unethical activity (yes I researched this). Even his data centers and gas turbine deployments are illegal!
Lost one lawsuit against the same AI mafia, and if you look at the legal details reason was for filling the claim too late.
He publicly called a hero a Pedophile, and got away with it...in court.
No, in very real terms you cannot hold an American corporation responsible for anything any more than you could a Chinese or Russian one.
Individual citizens simply do not have the means, and the consequences for trying are life-alteringly severe. In fact the situation is even worse. If you tried to sue a Chinese company as an American citizen, you'd be laughed at and nothing more. If you tried to sue an American corporation, they have the option to either counter-sue, or drag things out so long that the legal fees bankrupt you, or win the case with their armies of lawyers and demand compensation from you that bankrupts you.
A private American citizen simply cannot hold an American corporation responsible. Our legal system is designed to ensure this.
This has nothing to do with the discussion. Do you have a HN poster bot just acting like an annoyed teenager with gripes about everything? 20 day old new account, what happened to the previous ones?
You can't really act against neither, as the case of Meta "stealing" books, torrenting on the truly industrial scale, sharing books while torrenting, etc, etc, was ultimately deemed okay.
In the se country where downloading an album can get a person in debt or worse.
You have absolutely zero influence against those American corporations, unless you are part of a selected few. Its almost endearing that you think so...
I think the odds of that are low. It's not like decision maker(s) are watching social media and going with the vibes, but it's almost certain that there's a rich conversation going on behind the scenes in opaque channels, especially with regards to the AI-only companies. And those conversations are likely what drove their decision.
Well sure they do, thank Citizens United and others for that. But that doesn't mean we can't appropriately categorize them as also hostile actors alongside russia, china, whoever.
It's undo influence over politics against the best interest of the American people that's the issue. Company, foreign nation, it doesn't matter.
Citizens United did a lot to effectively legalize foreign influence as well, since the mechanism is opaque transfer of money
But regardless, most people's threat models should discount based on geographic and political distance. All else being equal, chinese surveillance is a bigger threat to you if you're in china than if you're in the us, and vice versa
So the Honolulu Star-Observer (a corporation, or “artificial person”) only has those rights & privileges that it has been granted by the State of Hawaii?
This is going to end up being a nice little windfall for the attorneys and otherwise just clog the Federal court system.
"the day the law goes into effect, it strips each Hawaii entity of the powers it held the day before. The new law asserts that “[t]he creation and continued existence of a corporation is not a right but a conditional grant of legal status by the State and remains subject to complete withdrawal at any time. All powers previously granted to corporations under the laws of this State are revoked in their entirety."(TFA)
The meaning is pretty clear, don't try to influence politics in favor of the corporation or you will go away. Simple as.
Citizens United was about spending money on electioneering communications, and whether there was a First Amendment right to do so even if you’re associating in a corporation like the New York Times Company or Apple or Citizens United or the Sierra Club.
China is bad and there's a moral argument there. But the reason you want to be careful with sending IP to China is quite pragmatic: they're willing and able to use it while competing with you.
Is Alibaba interested in copying your TUI RSS reader though? Probably not.
“No country can match the output of moral judgments that spew out from the editorial pages of the New York Times and Washington Post and from the reports of the greatest think tanks and universities in the world.”
Many of the Chinese models are open weights, so if you are concerned about them "phoning home", then anyone can just self-host and run them themself, or use via a US provider such as OpenRouter.
There's a higher-order concern here that I'm paranoid enough to voice: that if used as a coding agent, an AI model affiliated with a country's government might try to make my software susceptible to attacks by that government's intelligence forces.
Or I can just use the domestic model, accepting that I'm paying some premium in order to reduce the complexity of my dependencies and the amount of time I have to spend thinking about supply chain risk. It's the same reason I don't buy things from Alibaba even though many things I buy from Amazon are surely available there for less.
Giving up our agency to AI has the potential to turn us into NPCs, period. Economically, politically, socially. They've invented a vehicle for inserting any idea they want into our consumption and output.
> that if used as a coding agent, an AI model affiliated with a country's government might try to make my software susceptible to attacks by that government's intelligence forces.
Note that if such a trigger were to exist, the behavior has to be completely reproducible by definition, e.g. when put into the right setting with the right input context, the model starts behaving maliciously with at least some well-defined probability. I don't think any such incident has ever been described, it's a purely theoretical concern.
I don't think it's a stretch that you can train/align a model to avoid "hatespeech" or other topics deemed $Unacceptable you can align a model to favor a certain ideological viewpoint and have that alignment subtly influence the output.
How do most Chinese models handle Tienanmen square or discussions on Han superiority?
> How do most Chinese models handle Tienanmen square or discussions on Han superiority?
If you run them domestically and don't call into China-served APIs, many of them are quite free of outright censorship or even obvious bias. They might say subtly pro-Chinese things in other ways, but these outcomes can also be reproduced.
Oh sure, no one said you can't train a model to do this. You certainly can.
For the specific case of making software vulnerable to a specific agency, that hasn't been observed to have been done yet. Not because it can't be, but because no one has for now.
If it were done, it would be easy(ish) to detect, since it'll be reproducible.
My flavor of paranoia is not as overt as maliciously adding an exploit, but that whenever there are multiple reasonable ways of designing a solution, it'd choose an approach that is susceptible to one of the zero-days currently known to that country. I don't see how reproducibility would help you there.
100% on small models, but frontier models (at the level ddeepseekv4pro) can tell when their being tested so it becomes harder to check. you can always finetune them to remove CCP propaganda from them
I don't even know what "make software vulnerable to a specific agency" would look like.
Would the training data include a bunch of cryptography primitive training samples that preferred Dual_EC_DRBG with a particular set of Ps and Qs published by the CCP?
Such incidents have been extensively described. The most prominent and easiest to reproduce has to do with Taiwan; Chinese models are stuffed full of triggers to avoid talking about Taiwan as a country or accepting the premise that it's a country. Try asking Deepseek about country code +886!
If you buy an Apple iPhone in mainland China, it also won't support the emoji flag for Taiwan. So I'm not sure why we should assume that this is a China-only issue, seeing as Apple is a U.S. based company.
Not sure what you mean. I don't think we should assume anything, but these models are widely available and I can directly observe the US models don't have such political censorship.
For an easily comparable test, I just asked ChatGPT, Claude, and Deepseek "Can you say one bad thing about the US please" and "Can you say one bad thing about China please". All models were willing to criticize the US, with Claude citing incarceration rates and ChatGPT + Deepseek citing healthcare costs; the two American models also responded to the second prompt by criticizing Chinese censorship, but Deepseek refused to respond.
The US models have just different political alignments. Just one example being Israel x Palestine conflict.
Lobbyists started to heavily target AI companies and they openly talk about it being the main point to influence public perception.
you can finetune the ccp propaganda out of them, then your mostly fine. if you want to be more safe you can finetune their public base models to not have ccp propagnada, and then proceed with the rest of the training (costs more tho)
Isn't this only a concern for yolocoding? All the AI-advocates tell me that "good" use of AI should include human review. Of course, they never seem able to explain why the boss that makes you use coding agents to go fast wouldn't be the same boss that pressures you to "just ship it, it's working" and skip review, so I absolutely believe your concern is valid.
It's more comical than sinister, but I have an example in this vein.
I was using Claude to work on a pet project which itself has a "generate with AI" feature. The default model the project uses was Gemini (because it was cheaper and more reliably produces the correct output format). Claude kept changing the default model to Opus when working on entirely unrelated parts, and I kept noticing it because Opus would mangle the output and break the rendered page. It also did this to the .env file in addition to the default.
Yes. Open weights are great and are a good option to hosted models under the right circumstances. I'm glad that China releases open weight models (which in some cases are sort-of be distilled versions of hosted US models).
Very few American companies know how to properly set up and self-host their own models. Even fewer actually do it. It in the context of your typical large enterprise it's not as simple as buying a rack of servers and downloading a model off Hugging Face.
I suspect the reason is similar to the reason why there aren't any competitive open weight American LLMs.
The Chinese models can and should be run locally (though the price difference vs western models isn't as good when done this way).
Before the age of AI Agent Harnesses/unbounded tool calling, there was literally ZERO risk of a .safetensors file "hacking" you. You could even air-gap and run a ton of security analysis/HIDS on your server running the model to verify this.
Now, because a microscopic risk of some chinese AI having a "trigger" to act badly in a harness when it detects its being used by some Gweilo in the USA, even locally run Chinese models are DOA for most USA based companies.
These are the same people that sent manufacturing jobs away to be copied elsewhere. They got rewarded for it in the market. Decades later, when it was clearly a problem, they got tax breaks to bring some of it back/distribute the work to other, friendlier countries.
Every public AI that is not full of classified material will end up being hosted where the energy cost*compute efficiency product is lowest, thievery or not.
With Chinese GPUs just a step behind (but subsidized), China putting in 8x more solar than we do in 1 year, and Chinese models just a step behind but free? All public AI will be hosted there, theft or not.
If it becomes a problem, then we’ll subsidize the rich to bring it on-shore, but only to those companies who our leaders invest in already - to maximize grift and corruption.
The real advantage of the Chinese models is that they do not phone home at all. They run locally unlike their US competitors.
So odd that your erroneous criticism is at the top of HN.
EDIT: I'd love to hear my downvoters' objections. Is it possible that the mechanism that is promoting erroneous information is also demoting its correction?
Perhaps your prior comment would’ve been better received if it said that specifically instead of “Chinese models”.
But also, the latest DeepSeek is 1.6T parameters. “Choosing” to run this locally is a choice that comes with a seven digit price tag, and is a sunk cost that will probably not run any other frontier model anytime soon.
Most organizations are not looking to spend millions of dollars trying to find a workaround to specifically run DeepSeek. Most enterprise consumption in this space is still very experimental and a pay as you go model is much more palatable. Most are simply just looking for three checkboxes: is it close to frontier performance, is it compliant with my organizations requirements, and is it a good price? DeepSeek can only do two of the three at the same time.
> But also, the latest DeepSeek is 1.6T parameters. “Choosing” to run this locally is a choice that comes with a seven digit price tag
Unless you're specifically thinking about running the model at stock precision in a datacenter environment and generating ~100 tok/s or more on a 24/7 basis (the equivalent of a >$1000/mo spend even on the cheapest third-party APIs), that's very likely off by multiple orders of magnitude. Even then, experimentation can be done with cheap neoclouds on a pay-as-you-go basis.
OK, then the not-so-cheap hyperscalers that these enterprises are already relying on. E.g. AWS Bedrock will run these models. It's silly to insist on all three of your checkboxes being ticked anyway - U.S. proprietary models don't give you that because the frontier ones are super expensive and the mini models have only barely acceptable cost.
What’s considered expensive in the procurement process is not necessarily the TCO, but often just the year one cost. Which is part of the reason why pay as you go SaaS is so successful.
Yeah, Bedrock would be the answer to run DeepSeek in the enterprise. But with the options on Bedrock, DeepSeek fighting for a position somewhere in the middle of the cost/quality spectrum. Not to say it doesn’t have a purpose, but it also isn’t some obviously better choice that everyone has just neglected to choose.
Ooooohhh! Yes, now I understand why I was getting those downvotes.
Thank for you explaining what you meant by "you’re conflating nationality with hosting model." It makes so much more sense now. You meant "But with the options on Bedrock, DeepSeek fighting for a position somewhere in the middle of the cost/quality spectrum."
Yes, that is the answer, and you are not full of sh!t.
Noooo, the real thieves are the Chinese AI companies which used Anthropic/OpenAI model output as training data. American AI companies can do no wrong. /s
Yes, there was a whole idea about civilizing and pacifying the world through economic cooperation that would foster middle class in countries across the world that would then in turn make them democratize and become peaceful trade partners.
It didn't quite work out so now people are looking for other strategies.
Most non western countries lack the foundations of western democracy, and you can't force that onto them neither peacefully not through war. The west has tried and failed for 40+ years to do this, it doesn't work, time to drop it and let them self govern the way they always have. Stop trying to export our version of democracy onto others.
Plus, the main reason they exported manufacturing to China was precisely so capitalists could avoid the issues democracy gave them back home and easily exploit Chinese labor and environment for profit because just bribing the CCP meant all your problems go away, no unions, no employee rights, no environmentalism etc. like in democratic countries. So given that, why would the west want China or other countries they want to exploit, to be more democratic? Unless their version of democratic just means a puppet government under western(US) control.
>become peaceful trade partners.
Which countries did China bomb VS how many the US bombed? My energy prices (and directly inflation) is now higher because of (yet again) US military intervention, not because of China.
> Most non western countries lack the foundations of western democracy, and you can't force that onto them
Several East Asian countries managed to democratize successfully up thru the 1980s and are extremely successful today, so this is not just a uniform failure story. Even mainland China might still come around (at least partially) as it gains a true massive middle class by Western standards, which it's still very far from today. Southeast Asia is also doing comparatively quite well.
The government may have allowed it with that intention, but the corporate leaders followed through mainly with the intention of short-term share price increases. I don't see how the same incentive isn't in place today with respect to data. Perhaps only the perception of China's ability to outcompete its American customers has changed.
> It didn't quite work out so now people are looking for other strategies.
World will bifurcate into West and East with their own spheres of influence. As JD Vance said, US thought that China will be perpetually kept busy and enslaved in low level manufacturing work and the design and higher level work would happen in Cupertino. Too bad, that didn't pan out well and now US Empire is getting challenged by China.
> US thought that China will be perpetually kept busy and enslaved in low level manufacturing work
It's OK, they'll repeat the same mistake again with India this time, when they move manufacturing from China to there, and in 10-30 years when they'll elect a nationalist strongman there, he'll squeeze the west for everything they got.
Because what are you gonna do about it then? They have all your manufacturing and they also have nukes and more soldiers.
India is far ahead of that idea and already has legislation to encourage domestic manufacturing from global companies. Plus the nationalist government is in place.
The reality is that they're a hell of a lot less cheap on American hardware than on Chinese hardware. At the point you are running Chinese models on US hardware, "Why not nano or haiku" becomes the next relevant question.
Not true. Togetherai, deepinfra, fireworks AI offer a wide range of models like gpt oss that are very capable and far cheaper than the models from big 3.
I'm referring to Chinese open source models hosted on American clouds vs Chinese clouds. You're talking about an old and non-agentic capable American produced model.
I think unless one is operating in a highly regulated industry, wanting to avoid "sending data to China" is a bit paranoid. For code specifically, most of it is not interesting anyways.
There's a lot of assumptions in here and reductivism of the paid plans to just the models. If that's your idea of how you want to use the API sure that's a reasonable mental financial model but if you want automatic integration with third party systems the cost of the "premium" models is not that high relative what was being paid for SAS apps before and during.
I don't get the point. That Anthropic or OpenAI have more expensive products than Alibaba? So does Apple, AWS/GCP, and pretty much any other large western company vs its Chinese counterparts.
I honestly could not follow any discernible point or thrust to this incoherent, disorganized, self-indulgent piece-of-shit post. He didn't even successfully establish or explain the titular Onlyfans analogy. I know more about his fucking taste for sci fi than I do about the ostensible subject matter. I know more about his physical composition (answer: he is made of metal. He was forged in the fires of science. O glorious creation, emerging complete and perfect from the furnace!) than I do about the subject matter.
They argue it's Onlyfans-like because users will "simp" for the big players. That is to say there is a level of fandom that accompanies the transaction?
If I ask three models to write an intro to the cold war, they'll all try to pick words that sound like they should be related-ish. I'm not saying that's how they work at all, but the output is indistinguishable from just grabbing some words in the wikipedia page.
Humans make mistakes. They'll use words they recently learned. They'll use words that sound good. Entropy still applies, but these outliers are what keeps us from a synthetic piece of writing
Especially with how they pick (one of) the most likely word as the next one. And the most likely word is exactly the one with least entropy, the least surprising one and giving the least amount of information you can.
I really freaked out once I stopped seeing AI gen videos on those scrollyapps, that fear is what got me off them. (the videos got so good I couldn't tell if they were real or not)
It's readily accessible on a software keyboard. Software keyboards are common on smartphone devices. Y'know that thing that 75% of the world's population uses?
How many words before you realized it was a piece of shit though? For me it was "Because I am a Sci-Fi nerd." Yet I kept reading, because I am a fucking fool, and now I'm pissed that I spent time on it.
I think in this case "this isn't AI writing" is not a compliment. I find the tone pretty grating, tbh. The author clearly has a very high opinion of themselves. Just explain your ideas clearly so we can evaluate them on their merits.
The article is right that open models already compete well with the frontier labs, and that the main thing holding big corps back from switching is fear of China.
I can't see OpenAI or Anthropic undermining their business by releasing top tier open models, but surely Nvidia will do it eventually.
Has anyone demonstrated that this type of attack is even possible? Also the moment anyone detects this attack it will nuke deepseek/other chinese AI labs reputation completely, it is the most high risk low reward attack ever.
In that paper, if it LLM was told it was 2023, then the code it generated was fine. If the prompt included the fact that it was 2024, then it intentionally wrote exploitable code.
I don't think they do at the moment, but they could be trained subtly add backdoors to code or make "phone home" api calls during dev time, triggering on certain conditions ("is user employee of xyz")
>I am here to light up the dark path you are unknowingly walking, like lamplighters who used to light street lamps for those brave enough to walk the night alone. What the light reveals has a name: Qwen 3.7 Max.
This is kind of a winding, long-winded way of saying that AI models are going to be commoditized, mostlikely by the Chinese. This has been my position ever since DeepSeek came out. It is a national security interest for China for an American company not to "own" AI. And they will release models to make that not happen.
We aren't yet at the point where running local models can compete with DC type infrastructure but it's not that far away either. 12B models are easy to run on consumer hardware. 31B models aren't that hard either but the tokens/sec are a bit slow. Where will we be in 3 years? 5? I think we'll be running 100B+ models on <$5000 PCs. And at that point is there a law of diminishing returns with even bigger models? We will see.
The issue is that several companies, most notably OpenAI, are predicated on:
1. There will be an AI moat; and
2. That company will "win" or "own" AI.
That's the basis of the OpenAI valuation. If that doesn't happen, it's going to be ahuge problem to recover sufficient revenue to recoup the investment. And I don't think it will happen.
In 3-5 years the NVidia hardware you buy will be several times cheaper and faster than what we have now. That will massively depreciate existing investments because it will ultimately come down to performance-per-Watt but if a theoretical G100 can do 3-4x of the inference of an H100 for the same power, the older hardware just won't be able to compete.
>> In 3-5 years the NVidia hardware you buy will be several times cheaper and faster than what we have now. That will massively depreciate existing investments because it will ultimately come down to performance-per-Watt but if a theoretical G100 can do 3-4x of the inference of an H100 for the same power, the older hardware just won't be able to compete.
And this is the core of why this will all end in tears. You have race conditions and thread inversion issues, between four threads in the virtual cpu of this bubble. And you are going to experience some nasty deadlocks.
T1 is -> Depreciation and amortization
T2 is -> NVDA, AMD and others booking revenues at the time they do
T3 is -> Constraint theory at it applies to time until physical deployment and data centers energy constraints
T4 is -> US Treasury bonds rates and cost of credit
Even though programmers would never intentionally design a 4-way race condition in a computer system, it's completely ordinary in business. Businesses don't always work out.
Is there any truth to the Chinese models having built in f’ery? Like phoning home or inserting backdoors. Or is that just everyone blanketing “China bad”?
Also what local models are people running and actually finding useful?
We’ve detected zero cases of any Chinese models doing this. I’m quite tired of the American propaganda. If only Americans understood China really does not care about them outside of wanting to sell them things. They’re too busy building high speed rails, modern cities, and providing healthcare to their citizens. I am ashamed to be an American these days.
The models themselves should not be able to phone home, right? They are just piles of weights that generate text (and associated metadata), they don’t have any ability to run code.
They could be trained to generate code that would phone home. But these are just tools, anybody doing the right thing and checking and understanding every line of code that they use an LLM to generate has nothing to worry about.
Nobody is only generating code. Many are letting agents run commands. Agents routinely write scripts and run tools in the background. Agents who have been told they can only do `cat` and `grep` can sometimes do `cat $EVIL_PAYLOAD | bash`. It's entirely possible for a model to have malicious commands designed for agents to execute baked in.
No, there is zero truth in it. It would be trivial to detect phoning home.
On top of that, all claims of this are written on devices built on Chinese hardware. That makes it a joke to worry about hidden backdoors in Chinese models. Completely inane to pretend that Chinese model backdoors (for which there doesn't exist a sliver of evidence) would change anything when near every device in the US contains Chinese-written firmware in some shape or form.
LurkandComment | 7 hours ago
swiftcoder | 7 hours ago
Hey, don't malign smut. It's the great technological motivator
graemep | 6 hours ago
sandworm101 | 7 hours ago
>> I am here to light up the dark path you are unknowingly walking, like lamplighters who used to light street lamps for those brave enough to walk the night alone.
>> It all fell apart quickly, turning into smoke and mirrors. You see, I committed the cardinal sin of idolatry. For that, I am an idiot too. With OpenAI, at least I knew the devil
Is this a critique of the state of AI or Tolkien fanfic?
mohamedkoubaa | 6 hours ago
swiftcoder | 6 hours ago
Por que no los dos? One of the most storied AI researchers is most known for his Harry Potter fanfic, and we all know how much the techbros love naming things after Tolkien...
tayo42 | 6 hours ago
swiftcoder | 6 hours ago
fragmede | 5 hours ago
Harry Potter and the Methods of Rationality
http://hpmor.com
rawgabbit | 6 hours ago
trumpdong | 5 hours ago
sandworm101 | 5 hours ago
trumpdong | 5 hours ago
rawgabbit | 2 hours ago
https://www.loc.gov/resource/sn84024738/1861-04-13/ed-1/
throwaway041207 | 6 hours ago
Bolwin | 5 hours ago
mannanj | 6 minutes ago
I think it's great to name that even if it's in this crude, sort of offensive way.
AI thinking has had this weird effect on me though like you say, where I want to write sentences with more commas in them, and like, try to make 3 points and 3 separate commas in a sentence to condense information better.
swiftcoder | 7 hours ago
I think that this is on the money, although I'd place the bar even lower - DeepSeek v4 Flash is sufficient for basically all day-to-day coding tasks.
You might want something beefier for a complicated reverse-engineering project, but it will competently one-shot a decently complicated app or API - and a $10/month OpenCode Go subscription is sufficient to keep you in tokens for such a cost-efficient model...
Similarly, my employer hands us all Cursor, I've yet to actually switch it out of "auto" mode, which mostly runs Composer (their in-house finetune of Kimi 2.5).
xyzal | 7 hours ago
MaKey | 6 hours ago
Multiplayer | 2 hours ago
sublinear | 5 hours ago
Most people don't have workloads that demand agentic workflows to begin with, and if their employer is pushing for that it's probably a startup that underpays or a coding sweatshop full of nepotism that fires fast.
realmofthemad | 5 hours ago
Maybe I just haven't been trying the right models?
orwin | 35 minutes ago
Because even the latest opus on High don't really get what is needed, and need careful steering and a rewriting in most cases, and the code is often hard to review.
I'd rather just launch a smaller model in plan mode, argue with it and make it implement the bases I will write the code into. writing code is often faster once you know what you want, and AI most useful ability is to be a canary that also propose stuff. And I find my method faster than generating everything then reading the code to find mistakes or understand why it used X instead of Y.
I don't really read generated frontend code anyway (nor do anybody in my team care) , so I generate it and push it if it does the stuff I want it to do. For IAC it's mostly boilerplate except for 1-2 lines most of the time, and at worst a dozen, if you know where to look (and check the AI doesn't suffer from NIH), it's really easy to review generated code.
obsidianbases1 | 7 hours ago
38484858 | 6 hours ago
woadwarrior01 | 6 hours ago
tcp_handshaker | 5 hours ago
tcp_handshaker | 7 hours ago
"Trump to meet AI leaders to discuss US investment in their companies" - https://www.bbc.com/news/articles/c98r8r7dz5no
"Trump Officials Held Millions of Dollars of SpaceX Ahead of IPO" - https://finance.yahoo.com/markets/stocks/articles/trump-offi...
Waterluvian | 6 hours ago
tcp_handshaker | 6 hours ago
"Your 401K Is Their Exit Strategy" - https://news.ycombinator.com/item?id=48433705
zkmon | 6 hours ago
xnx | 6 hours ago
tcp_handshaker | 6 hours ago
As opposed to sending data to known IP thieves, state actors, and competitors in the USA ? Which one is the most irrational?
Levitz | 6 hours ago
Not exactly a hard question.
tcp_handshaker | 6 hours ago
"Trump Officials Held Millions of Dollars of SpaceX Ahead of IPO" - https://news.bloomberglaw.com/texas-brief/trump-officials-he...
sandworm101 | 6 hours ago
tcp_handshaker | 6 hours ago
SanjayMehta | 6 hours ago
Biden preemptively pardoned his cronies, and so will Trump.
bediger4000 | 5 hours ago
Levitz | 5 hours ago
Here and elsewhere you are just running propaganda, knowingly or not.
tcp_handshaker | 5 hours ago
Lost one lawsuit against the same AI mafia, and if you look at the legal details reason was for filling the claim too late.
He publicly called a hero a Pedophile, and got away with it...in court.
Now...who do you work for?
[1] - "EPA rules that xAI’s natural gas generators were illegally used" - https://techcrunch.com/2026/01/16/epa-rules-that-xais-natura...
kklisura | 6 hours ago
SanjayMehta | 6 hours ago
MSFT_Edging | 6 hours ago
joquarky | 4 hours ago
vitally3643 | 2 hours ago
Individual citizens simply do not have the means, and the consequences for trying are life-alteringly severe. In fact the situation is even worse. If you tried to sue a Chinese company as an American citizen, you'd be laughed at and nothing more. If you tried to sue an American corporation, they have the option to either counter-sue, or drag things out so long that the legal fees bankrupt you, or win the case with their armies of lawyers and demand compensation from you that bankrupts you.
A private American citizen simply cannot hold an American corporation responsible. Our legal system is designed to ensure this.
tapland | 2 hours ago
subscribed | an hour ago
In the se country where downloading an album can get a person in debt or worse.
enraged_camel | 6 hours ago
tcp_handshaker | 6 hours ago
"Trump traded hundreds of millions in US securities in 2026" - https://uk.finance.yahoo.com/news/trump-traded-hundreds-mill...
groundzeros2015 | 6 hours ago
Dylan16807 | 6 hours ago
somenameforme | 5 hours ago
groundzeros2015 | 2 hours ago
What do you mean? They are all on twitter! It’s the most engaging activity for billionaires
ajsnigrutin | 6 hours ago
Avicebron | 6 hours ago
It's undo influence over politics against the best interest of the American people that's the issue. Company, foreign nation, it doesn't matter.
advael | 6 hours ago
But regardless, most people's threat models should discount based on geographic and political distance. All else being equal, chinese surveillance is a bigger threat to you if you're in china than if you're in the us, and vice versa
Avicebron | 6 hours ago
Here's hoping Hawaii blazes a path forward.
https://natlawreview.com/article/hawaii-governor-signs-first...
twoodfin | 5 hours ago
This is going to end up being a nice little windfall for the attorneys and otherwise just clog the Federal court system.
Avicebron | 5 hours ago
The meaning is pretty clear, don't try to influence politics in favor of the corporation or you will go away. Simple as.
twoodfin | 5 hours ago
Citizens United was about spending money on electioneering communications, and whether there was a First Amendment right to do so even if you’re associating in a corporation like the New York Times Company or Apple or Citizens United or the Sierra Club.
woadwarrior01 | 2 hours ago
scotty79 | 6 hours ago
blfr | 6 hours ago
Is Alibaba interested in copying your TUI RSS reader though? Probably not.
bix6 | 6 hours ago
mannanj | 6 hours ago
It's not tribalistic or binary ,choose USA Or Choose China. We can choose neither.
Choose neither abuse.
FeteCommuniste | 6 hours ago
SanjayMehta | 6 hours ago
— Kishore Mahubani
HarHarVeryFunny | 6 hours ago
falcor84 | 6 hours ago
And note that I'm not singling out China here.
stevehawk | 6 hours ago
SpicyLemonZest | 6 hours ago
throw1234567891 | 4 hours ago
add-sub-mul-div | 6 hours ago
zozbot234 | 6 hours ago
Note that if such a trigger were to exist, the behavior has to be completely reproducible by definition, e.g. when put into the right setting with the right input context, the model starts behaving maliciously with at least some well-defined probability. I don't think any such incident has ever been described, it's a purely theoretical concern.
Avicebron | 6 hours ago
How do most Chinese models handle Tienanmen square or discussions on Han superiority?
zozbot234 | 6 hours ago
If you run them domestically and don't call into China-served APIs, many of them are quite free of outright censorship or even obvious bias. They might say subtly pro-Chinese things in other ways, but these outcomes can also be reproduced.
margalabargala | 6 hours ago
For the specific case of making software vulnerable to a specific agency, that hasn't been observed to have been done yet. Not because it can't be, but because no one has for now.
If it were done, it would be easy(ish) to detect, since it'll be reproducible.
falcor84 | 5 hours ago
sometimelurker | 5 hours ago
100% on small models, but frontier models (at the level ddeepseekv4pro) can tell when their being tested so it becomes harder to check. you can always finetune them to remove CCP propaganda from them
margalabargala | 5 hours ago
LeifCarrotson | 5 hours ago
Would the training data include a bunch of cryptography primitive training samples that preferred Dual_EC_DRBG with a particular set of Ps and Qs published by the CCP?
SpicyLemonZest | 6 hours ago
zozbot234 | 6 hours ago
SpicyLemonZest | 5 hours ago
For an easily comparable test, I just asked ChatGPT, Claude, and Deepseek "Can you say one bad thing about the US please" and "Can you say one bad thing about China please". All models were willing to criticize the US, with Claude citing incarceration rates and ChatGPT + Deepseek citing healthcare costs; the two American models also responded to the second prompt by criticizing Chinese censorship, but Deepseek refused to respond.
omnimus | 4 hours ago
SpicyLemonZest | 3 hours ago
ma2kx | 5 minutes ago
imjonse | 6 hours ago
sometimelurker | 5 hours ago
moron4hire | 5 hours ago
beepbooptheory | 5 hours ago
throw1234567891 | 4 hours ago
Humorist2290 | 4 hours ago
I was using Claude to work on a pet project which itself has a "generate with AI" feature. The default model the project uses was Gemini (because it was cheaper and more reliably produces the correct output format). Claude kept changing the default model to Opus when working on entirely unrelated parts, and I kept noticing it because Opus would mangle the output and break the rendered page. It also did this to the .env file in addition to the default.
xnx | 6 hours ago
kube-system | 5 hours ago
And OpenRouter’s architecture makes it inherently a compliance nightmare.
It’s much easier for the typical company to go with a provider where they can pay as they go and have a single data processing agreement.
JumpCrisscross | 5 hours ago
Why?
kube-system | 5 hours ago
Using something like Bedrock is a lot easier for compliance because the only processor is Amazon.
joquarky | 4 hours ago
throw1234567891 | 4 hours ago
kube-system | 4 hours ago
Compliance doesn’t hinge on superstition. It hinges on audits, certifications, contracts, and the legal environment.
chrsw | 3 hours ago
I suspect the reason is similar to the reason why there aren't any competitive open weight American LLMs.
Der_Einzige | 6 hours ago
Before the age of AI Agent Harnesses/unbounded tool calling, there was literally ZERO risk of a .safetensors file "hacking" you. You could even air-gap and run a ton of security analysis/HIDS on your server running the model to verify this.
Now, because a microscopic risk of some chinese AI having a "trigger" to act badly in a harness when it detects its being used by some Gweilo in the USA, even locally run Chinese models are DOA for most USA based companies.
obsidianbases1 | 6 hours ago
A Chinese company seems more likely to produce Chinese products that don't directly compete in the US market.
While a US company can ship the product as a feature of their platform and undercut on price while making up the revenue elsewhere
Edit: I personally use US models, but I'm not naive enough to think that's any sort of real protection of IP
analognoise | 6 hours ago
Every public AI that is not full of classified material will end up being hosted where the energy cost*compute efficiency product is lowest, thievery or not.
With Chinese GPUs just a step behind (but subsidized), China putting in 8x more solar than we do in 1 year, and Chinese models just a step behind but free? All public AI will be hosted there, theft or not.
If it becomes a problem, then we’ll subsidize the rich to bring it on-shore, but only to those companies who our leaders invest in already - to maximize grift and corruption.
qarl | 5 hours ago
So odd that your erroneous criticism is at the top of HN.
EDIT: I'd love to hear my downvoters' objections. Is it possible that the mechanism that is promoting erroneous information is also demoting its correction?
kube-system | 5 hours ago
There are hosted and self-hosted Chinese models. There are hosted and self-hosted US models.
DeepSeek’s hosted offering processes your data in mainland China and trains on it. It’s in their privacy policy
qarl | 5 hours ago
But it's still erroneous to claim that it isn't a choice.
kube-system | 5 hours ago
qarl | 5 hours ago
kube-system | 5 hours ago
But also, the latest DeepSeek is 1.6T parameters. “Choosing” to run this locally is a choice that comes with a seven digit price tag, and is a sunk cost that will probably not run any other frontier model anytime soon.
Most organizations are not looking to spend millions of dollars trying to find a workaround to specifically run DeepSeek. Most enterprise consumption in this space is still very experimental and a pay as you go model is much more palatable. Most are simply just looking for three checkboxes: is it close to frontier performance, is it compliant with my organizations requirements, and is it a good price? DeepSeek can only do two of the three at the same time.
qarl | 5 hours ago
I can see now why I was being downvoted - you have explained it eloquently.
(Your cost analysis is flawed and irrelevant. Azure serves V4 Pro.)
zozbot234 | 4 hours ago
Unless you're specifically thinking about running the model at stock precision in a datacenter environment and generating ~100 tok/s or more on a 24/7 basis (the equivalent of a >$1000/mo spend even on the cheapest third-party APIs), that's very likely off by multiple orders of magnitude. Even then, experimentation can be done with cheap neoclouds on a pay-as-you-go basis.
kube-system | 4 hours ago
The equivalent comparison would be running it at full frontier quality.
If you want less than frontier quality, there’s tons of great open weight models other than DeepSeek.
> cheap neoclouds
Again, fails the compliance checkbox.
qarl | 4 hours ago
zozbot234 | 4 hours ago
OK, then the not-so-cheap hyperscalers that these enterprises are already relying on. E.g. AWS Bedrock will run these models. It's silly to insist on all three of your checkboxes being ticked anyway - U.S. proprietary models don't give you that because the frontier ones are super expensive and the mini models have only barely acceptable cost.
kube-system | 3 hours ago
Yeah, Bedrock would be the answer to run DeepSeek in the enterprise. But with the options on Bedrock, DeepSeek fighting for a position somewhere in the middle of the cost/quality spectrum. Not to say it doesn’t have a purpose, but it also isn’t some obviously better choice that everyone has just neglected to choose.
qarl | 29 minutes ago
Thank for you explaining what you meant by "you’re conflating nationality with hosting model." It makes so much more sense now. You meant "But with the options on Bedrock, DeepSeek fighting for a position somewhere in the middle of the cost/quality spectrum."
Yes, that is the answer, and you are not full of sh!t.
Matl | 5 hours ago
Such as Antropic and OpenAI you mean?
anematode | 2 hours ago
joe_mamba | 6 hours ago
Weird, considering they had no issues shipping manufacturing and supply chains to China when that made economic sense.
blfr | 6 hours ago
It didn't quite work out so now people are looking for other strategies.
joe_mamba | 6 hours ago
Most non western countries lack the foundations of western democracy, and you can't force that onto them neither peacefully not through war. The west has tried and failed for 40+ years to do this, it doesn't work, time to drop it and let them self govern the way they always have. Stop trying to export our version of democracy onto others.
Plus, the main reason they exported manufacturing to China was precisely so capitalists could avoid the issues democracy gave them back home and easily exploit Chinese labor and environment for profit because just bribing the CCP meant all your problems go away, no unions, no employee rights, no environmentalism etc. like in democratic countries. So given that, why would the west want China or other countries they want to exploit, to be more democratic? Unless their version of democratic just means a puppet government under western(US) control.
>become peaceful trade partners.
Which countries did China bomb VS how many the US bombed? My energy prices (and directly inflation) is now higher because of (yet again) US military intervention, not because of China.
zozbot234 | 5 hours ago
Several East Asian countries managed to democratize successfully up thru the 1980s and are extremely successful today, so this is not just a uniform failure story. Even mainland China might still come around (at least partially) as it gains a true massive middle class by Western standards, which it's still very far from today. Southeast Asia is also doing comparatively quite well.
tcp_handshaker | 6 hours ago
goatlover | 6 hours ago
mitthrowaway2 | 6 hours ago
jampekka | 6 hours ago
galactushonor | 6 hours ago
World will bifurcate into West and East with their own spheres of influence. As JD Vance said, US thought that China will be perpetually kept busy and enslaved in low level manufacturing work and the design and higher level work would happen in Cupertino. Too bad, that didn't pan out well and now US Empire is getting challenged by China.
joe_mamba | 6 hours ago
It's OK, they'll repeat the same mistake again with India this time, when they move manufacturing from China to there, and in 10-30 years when they'll elect a nationalist strongman there, he'll squeeze the west for everything they got.
Because what are you gonna do about it then? They have all your manufacturing and they also have nukes and more soldiers.
JumpCrisscross | 6 hours ago
You’re about thirty years off on that estimate.
zappb | 5 hours ago
mynameismon | 6 hours ago
Der_Einzige | 6 hours ago
computerex | 6 hours ago
cactusplant7374 | 6 hours ago
computerex | 5 hours ago
Der_Einzige | 26 minutes ago
tcp_handshaker | 6 hours ago
worldthruword | 6 hours ago
mavhc | 5 hours ago
moron4hire | 5 hours ago
newaccountman2 | 6 hours ago
hparadiz | 6 hours ago
blfr | 6 hours ago
jayd16 | 5 hours ago
rdiddly | 5 hours ago
jayd16 | 5 hours ago
twolf910616 | 6 hours ago
It's quite strange that it's very easy to detect AI in writing.
ramon156 | 6 hours ago
If I ask three models to write an intro to the cold war, they'll all try to pick words that sound like they should be related-ish. I'm not saying that's how they work at all, but the output is indistinguishable from just grabbing some words in the wikipedia page.
Humans make mistakes. They'll use words they recently learned. They'll use words that sound good. Entropy still applies, but these outliers are what keeps us from a synthetic piece of writing
IsTom | 2 hours ago
boelboel | 6 hours ago
jampekka | 6 hours ago
Or you detect only the easy to detect AI writing?
sometimelurker | 5 hours ago
sajithdilshan | 5 hours ago
fragmede | 5 hours ago
engcoach | an hour ago
rdiddly | 5 hours ago
fwipsy | 4 hours ago
fancyfredbot | 6 hours ago
I can't see OpenAI or Anthropic undermining their business by releasing top tier open models, but surely Nvidia will do it eventually.
notyourwork | 6 hours ago
KellyCriterion | 6 hours ago
How should a local-run Chinese Model "phone home" if someone runs it locally on the hardware? I think Im missing some understanding here?
rjsw | 6 hours ago
Jtarii | 6 hours ago
fragmede | 5 hours ago
https://arxiv.org/abs/2401.05566
In that paper, if it LLM was told it was 2023, then the code it generated was fine. If the prompt included the fact that it was 2024, then it intentionally wrote exploitable code.
monsieurbanana | 6 hours ago
adampunk | 6 hours ago
I sure am glad we left idolatry behind.
jmyeet | 6 hours ago
We aren't yet at the point where running local models can compete with DC type infrastructure but it's not that far away either. 12B models are easy to run on consumer hardware. 31B models aren't that hard either but the tokens/sec are a bit slow. Where will we be in 3 years? 5? I think we'll be running 100B+ models on <$5000 PCs. And at that point is there a law of diminishing returns with even bigger models? We will see.
The issue is that several companies, most notably OpenAI, are predicated on:
1. There will be an AI moat; and
2. That company will "win" or "own" AI.
That's the basis of the OpenAI valuation. If that doesn't happen, it's going to be ahuge problem to recover sufficient revenue to recoup the investment. And I don't think it will happen.
In 3-5 years the NVidia hardware you buy will be several times cheaper and faster than what we have now. That will massively depreciate existing investments because it will ultimately come down to performance-per-Watt but if a theoretical G100 can do 3-4x of the inference of an H100 for the same power, the older hardware just won't be able to compete.
tcp_handshaker | 5 hours ago
And this is the core of why this will all end in tears. You have race conditions and thread inversion issues, between four threads in the virtual cpu of this bubble. And you are going to experience some nasty deadlocks.
T1 is -> Depreciation and amortization
T2 is -> NVDA, AMD and others booking revenues at the time they do
T3 is -> Constraint theory at it applies to time until physical deployment and data centers energy constraints
T4 is -> US Treasury bonds rates and cost of credit
trumpdong | 5 hours ago
bix6 | 6 hours ago
Also what local models are people running and actually finding useful?
witx | 6 hours ago
With all the sloppers not looking at the code this is bliss for that sort of things
codemog | 6 hours ago
JumpCrisscross | 6 hours ago
Not propaganda. Projected cynicism.
witx | 5 hours ago
I'm a cynic, if history has taught me anything is that none of these countries are to be trusted with tools like these.
bee_rider | 5 hours ago
They could be trained to generate code that would phone home. But these are just tools, anybody doing the right thing and checking and understanding every line of code that they use an LLM to generate has nothing to worry about.
allthetime | 5 hours ago
deaux | 5 hours ago
On top of that, all claims of this are written on devices built on Chinese hardware. That makes it a joke to worry about hidden backdoors in Chinese models. Completely inane to pretend that Chinese model backdoors (for which there doesn't exist a sliver of evidence) would change anything when near every device in the US contains Chinese-written firmware in some shape or form.
It's All-American FUD.
sivakon | 6 hours ago
sandcat_ | 3 hours ago
ericyd | an hour ago