Ian Klatzco

@richinseattle I'm particularly interested in the new-ish secure enclave feature, "NVIDIA Confidential Compute".

Hey @richinseattle! Thanks again for your Toorcamp talk last year, I really enjoyed getting curious about e.g. why .safetensors is "safer" than .pickle. Do you know anyone who is really into GPU security? I've been curious about their fuzzability for a while.

update: they enable you to know that the request you're seeing Now was signed by the same secure element you saw Earlier. (now, there is also syncing between devices in an eg apple/google ecosystem)

Good day to remember just how big that green tree is

@TaroNuke fraud is expensivvve

it's definitely impossible, but how hard would it actually, seriously be for someone with a ton of money and some technical knowhow to make their own payment processor? like what are the genuine "risks and challenges" (earnest question) there's clearly money to be made there...

sdv3 might be a transformer (cf sdv2 which is a vae+unet)

USENIX Security ML / AI Track

usenix dot org really needs to put the papers in a cdn....

input: manually labeled dataset of unsafe concepts (gun violence, banned flags, sexual harassment)... result/contribution: UnsafeConcepts dataset of 75 concepts / 1500 images in 9 categories

identifying unsafe content using vision language models