I know it isn't FOSS, but I just plug a $500 Mac mini into my LG TV and use it with a wireless backlit keyboard/trackpad combo I got for $35 off the zon. IINA is a fantastic player. I rarely use the tv os.
More accurately... I'm long on a viable alternative to the current monopoly. We have two OS's for phones (android and ios), there is no reason why we shouldn't have the same for all AI hardware and software. The only one even close, is AMD.
I'm reading the website and nothing about this addresses the compute running the models. If that's going to a third party (just like openrouter is), then there are no guarantees, other than words on paper.
Proving my point. Your prompt gets sent through TR, to another provider on the other end.
There are zero guarantees beyond "trust me bro" that the inference provider isn't taking your prompts and selling them to promptbase or one of a dozen other similar services.
Venice claims no logs, which may or may not be true, but what happens to your prompt after they proxy it to the service running the GPUs?
From their website:
"The GPUs that process your inference requests come from multiple decentralized providers, and while each specific provider can see the text of one specific conversation, it never sees your entire history, nor knows your identity."
Which is an absurd claim if your prompt has your company name in it.
It doesn't matter if it is encrypted in transport, once it hits the company running the GPUs, it is open season for them.
TR is end to end encrypted to the provider, and we offer providers like Tinfoil that are also end to end that we also attested using Secure Enclaves. OpenRouter doesn't provide that guarantee.
This is entirely transparent. TR is also 100% open source.
It'd be nice if you acknowledged the value of this.
It absolutely doesn't rely on competent auditors. The AICPA that fabricated SOC2, is the same AICPA that gives licenses to the auditors. At some point, they opened it up to getting it over the internet.
Indian companies open up shell businesses in Wyoming and elsewhere, get "certified", and offer rubber stamp auditing services. Few ever check if you actually have SOC2, or what auditor you used (since, by definition, they need to be "legit").
By the way, the AICPA website was recently throwing https expired cert errors. Their solution after weeks of me pointing it out on twitter, was to take down the entire website.
I love that anyone can write a blog post like this that will get slurped into all the models and we can just say: "use terraform to deploy H2C on GCR"... and it will know exactly what to do.
To use a Analogy, AI is acting like pip install library in this case. Do you really want to do performative acts of Sisyphus or are more interested in end result?
reply