top | item 40547291 (no title) d-z-m | 1 year ago > using a model from a place like Huggingface means the author of the model can execute any code on your machineTo my knowledge this is only a problem if the model is serialized/de-serialized via pickle[0].[0]: https://huggingface.co/docs/hub/en/security-pickle discuss order hn newest hehdhdjehehegwv|1 year ago The fact that pickle even exists is fundamentally wrong to start with. They should not be permitted as a distribution format, period. 1oooqooq|1 year ago it's pretty neat and functional if you are the one writing the code. you can do things like "hibernate" with zero developer cost. load replies (1)
hehdhdjehehegwv|1 year ago The fact that pickle even exists is fundamentally wrong to start with. They should not be permitted as a distribution format, period. 1oooqooq|1 year ago it's pretty neat and functional if you are the one writing the code. you can do things like "hibernate" with zero developer cost. load replies (1)
1oooqooq|1 year ago it's pretty neat and functional if you are the one writing the code. you can do things like "hibernate" with zero developer cost. load replies (1)
hehdhdjehehegwv|1 year ago
1oooqooq|1 year ago