upvote
I think calculator is not part of the labels in cifar-10. Pretty normal as it has ‘only’ 90% accuracy. Things could improve quickly though
reply
That 90% only measures images already known to be one of CIFAR-10’s ten classes. There is no “none of the above,” so even a perfect benchmark score would still force a calculator into one of those labels.
reply
yep: https://en.wikipedia.org/wiki/CIFAR-10

"The 10 different classes represent airplanes, cars, birds, cats, deer, dogs, frogs, horses, ships, and trucks."

reply
Consider encrypted AI. You ask a question under encryption. The remote calculates the answer, which is still under encryption. This is the critical point; the remote cannot see the question and answer. It only calculates. Once you receive the answer, you decrypt it and see the answer; only you see the answer.
reply
Ah, that sounds impossible. Good luck, sir...Also, who wants this if you can just run a local model?
reply
It'll be very useful for even local setups when the data needs to be confidential. Look at the research related to medical training of llms (ignore their current lack of direct usefulness/trustworthiness, those are potentially solvable), with a homomorphically encrypted session, the large inference servers never see hipaa protected data in a way that exposes it if the server is compromised even if its an on premises setup in your doctors office processing the data, reducing risk of the data leaking anywhere.
reply
Thanks a lot. Though encrypted AI chat bot is not far ahead, do not think of that as the primary target of today. Instead, there are many untapped applications (e.g. inter-bank transfers, industry, healthcare) where regulations, privacy laws and compliance requirements restrict institutions from touching data. These will initially be our key enablers, and over time we hope to extend the range of applications.
reply
Have you considered that maybe the computation itself on the private data, no matter how you put it, even if encrypted, was designed to protect the consumer?

I.E., gaining any sort of insight a transaction of protected information is what the protections were in place for.

So is FHE more about skirting regulations and privacy laws? Or, is it a new frontier of an untapped data source that has some red tape around it?

To me, something was simply not encrypted properly if you are able to draw conclusions/learn insights/detect anything about the data. It's in conflict with the idea of what secure encryption means to me.

reply
> gaining any sort of insight

The server providing the FHE-based service does not gain any sort of insight. This is a key point: only the client can see the output of the computation.

reply
Interesting. I have some homework to do then. Do we have to close our eyes and look away for it to be true or does it really not gain any insight?

Where can I find out more about how this could be possible?

reply
From the webpage:

> Image classification without the server seeing the image.

The value is in being able to get the prediction from the model without ever giving unencrypted data to somebody you don’t trust.

You could have an LLM generate code for you without ever giving the operator your proprietary source code.

reply