Comment on Proton’s Lumo AI chatbot: not end-to-end encrypted, not open source
loudwhisper@infosec.pub 3 weeks agoThey actually don’t explain it in the article. The author doesn’t seem to understand why there is a claim of e2e chat history, and zero-access for chats. The point of zero access is trust. You need to trust the provider to do it, because it’s not cryptographically veritable. Upstream there is no encryption, and zero-access means providing the service (usually, unencrypted), then encrypting and discarding the plaintext.
Of course the model needs to have access to the context in plaintext, exactly like proton has access to emails sent to non-PGP addresses. What they can do is encrypt the chat histories, because these don’t need active processing, and encrypt on the fly the communication between the model (which needs plaintext access) and the client. The same is what happens with scribe.
I personally can’t stand LLMs, I am waiting eagerly for this bubble to collapse, but this article is essentially a nothing burger.
DreamlandLividity@lemmy.world 3 weeks ago
You understand that, but try to read it from the point of view of an average user that knows next to nothing about cyber security and LLMs. It sounds like it’s e2ee that email and drive are famous for. To us, that’s obviously impossible but most people will interpret that marketing this way.
loudwhisper@infosec.pub 3 weeks ago
How would you explain it in a way that is both nontechnical, accurate and differentiates yourself from all the other companies that are not doing something even remotely similar? I am asking genuinely because from the perspective of a user that decided to trust the company, zero-access is functionally much closer to e2ee than it is to “regular services”, which is the alternative.
DreamlandLividity@lemmy.world 3 weeks ago
The easiest is to explain the consequence.
We can’t access your chat history retroactively, but we can start wiretapping your future chats.
If that is too honest for you, then just explain the data is encrypted after the LLM reads them instead of using technical terms like zero access.