7,000 Exposed Ollama APIs Leave DeepSeek AI Models Wide Open to Attack (hackread.com)
from kid@sh.itjust.works to cybersecurity@sh.itjust.works on 10 Feb 11:35
https://sh.itjust.works/post/32552173

#cybersecurity

threaded - newest

ADKSilence@piefed.social on 10 Feb 16:18 next collapse

So big scary warning, but nothing than "audit your shit" to address it? I'm not an expert, and in fact just got ollama w/deepseek running on my machine last night... but like, isn't it common courtesy to at least suggest a couple of ways to mitigate things when posting a "big scary warning" like that?

Especially given deepseek's more open nature, and the various tidbits I've seen indicating that deepseek is open enough to be able to tweak/run entirely locally. So addressing the API issue seems within the realm of possibility...

Jakeroxs@sh.itjust.works on 10 Feb 22:16 collapse

It’s not for people running the software, it’s a scare headline aimed at people who don’t know anything about AI but have seen big scary Chinese deepseek

sunzu2@thebrainbin.org on 10 Feb 21:44 collapse

How this different if you are running other models?

Ajen@sh.itjust.works on 10 Feb 21:53 next collapse

This one is a buzzword.

Breve@pawb.social on 10 Feb 22:03 collapse

It’s not, they just wanted to tap into the Deepseek is bad narrative to get more clicks.