Article 77188 SpaceX open sources Grok Build in same week company was found beaming users' repos to the cloud

SpaceX open sources Grok Build in same week company was found beaming users' repos to the cloud

by
from www.theregister.com - Articles on (#77188)
Story ImageElon Musk has confirmed SpaceX has now open sourced the Grok Build CLI just days after researchers caught the AI tool scooping up users' entire repositories and uploading them to company-controlled cloud storage. SpaceXAI's data grab was first publicized on Sunday by Cereblab, who probed Grok Build traffic and found that repos were being packaged up as Git Bundles and beamed to Google Cloud storage. Concerning. The news gathered so much negative attention that Elon Musk felt compelled to issue a public statement alongside SpaceX, and its technical staff, promising to delete all data that Grok Build has ever stored and give users more choice over how their data is handled. SpaceX is the parent company of xAI, the corporate subdivision where X, the company once known as Twitter, and Grok, its AI division, both nest. As part of these promises, Musk also said SpaceX would open-source Grok Build to sow greater trust in the product, after the codebase was audited for security vulnerabilities. On Wednesday, that promise was fulfilled. You can see it all on GitHub right now. It's a single commit, so you can't see all the changes that have been made over time. There are no pull requests or git history. We've open-sourced Grok Build and have reset usage limits for all users," SpaceX said. Open-sourcing Grok Build allows anyone to support making a reliable and robust harness. Check out our code, including the Git repo for the Grok Build CLI." According to Simon Willison, creator of Datasette and co-creator of Django, the Grok Build codebase comprises 844,530 lines of Rust code, and while the code responsible for sending repos to the cloud remains, it appears altered to reverse the behavior. In a separate statement accompanying the open source announcement, SpaceX said it has always respected Zero Data Retention (ZDR), which was applied to enterprise customers by default, and acknowledged that data retention was enabled by default for everyone else, which has now been corrected. It said: In response to user questions about privacy: Since launch, Grok Build has fully respected zero data retention (ZDR). All users have always had the ability to disable data upload in the CLI. When data upload was disabled, this choice was respected. In the early beta, data retention was enabled by default for non-ZDR users. Based on your feedback, we changed this. We are now going further to protect privacy. With all retained data deleted, retention default off, and an open-source harness, we are offering complete user privacy. You can also run Grok Build fully open-sourced and local-first with your own inference. We disabled default retention for all Grok Build users starting on July 12th. Additionally, we are deleting all coding data that was previously retained, ensuring every user's preferences are respected. With these steps, Grok Build goes beyond other major coding products to protect user privacy." SpaceX also invited researchers to probe Grok Build for security issues and report them to its bug bounty program, which offers rewards ranging from $100-$20,000, depending on the severity. (R)
External Content
Source RSS or Atom Feed
Feed Location http://www.theregister.co.uk/headlines.atom
Feed Title www.theregister.com - Articles
Feed Link https://www.theregister.com/
Reply 0 comments