Ep36: DeepSeek AI – The Real Issue Isn't China, It’s AI Security

Speaker: 00:00:00

DeepSeek is a Chinese AI, it's

a national security threat,

2

: 00:00:03

and that's what they're saying.

3

: 00:00:05

But is it true, or is

it just a fear tactic?

4

: 00:00:08

So yes, DeepSeek has a serious

data leak uncovered by WizSecurity.

5

: 00:00:12

No security, no protection, that's bad.

6

: 00:00:16

But let's not pretend that

this is just a China problem.

7

: 00:00:20

OpenAI had a chat history leak.

8

: 00:00:23

Google's BARD exposed user data.

9

: 00:00:25

Microsoft leaked 38

terabytes of private files.

10

: 00:00:29

So cybersecurity failures happen

across the board and that problem

11

: 00:00:34

isn't where AI comes from.

12

: 00:00:36

It's how it handles security.

13

: 00:00:39

But here's the part no

one's talking about.

14

: 00:00:43

And where I think it gets a little

bit suspicious, why are so many

15

: 00:00:47

influencers, blogs, and security

experts suddenly saying the same thing?

16

: 00:00:52

DeepSeek is a national security threat.

17

: 00:00:54

Don't use DeepSeek.

18

: 00:00:55

China's AI can't be trusted.

19

: 00:00:58

Well, if you want to look at who benefits

from this narrative, internal leaked

20

: 00:01:02

memos 2023 literally said, We have no

moat, open source AI is outpacing us.

21

: 00:01:10

And in that same memo it says, People

will not pay for a restricted model

22

: 00:01:16

when free, unrestricted alternatives

are comparable in quality, we should

23

: 00:01:21

consider where our value add really is.

24

: 00:01:24

So big AI corporations fear open

source models like DeepSeek.

25

: 00:01:29

And others, because they

threaten their monopoly.

26

: 00:01:32

They don't want competition,

they want control.

27

: 00:01:35

So avoiding AI tools isn't the

answer, but using them smarter is.

28

: 00:01:41

So, I encourage you to read privacy

policies and know what AI tools collect.

29

: 00:01:47

So you should read that privacy policy

of DeepSeek and see what it collects, and

30

: 00:01:52

what they're going to do with your data.

31

: 00:01:54

Consider using burner accounts.

32

: 00:01:56

Never attach real credentials,

but if you do, Make sure they're

33

: 00:01:59

secured and they have 2FA enabled.

34

: 00:02:02

And before you type, I think this

is the most important part, AI

35

: 00:02:06

chats aren't private, period.

36

: 00:02:08

Be okay with whatever

you type in going public.

37

: 00:02:12

If you can do that, then whatever

model you decide to use, eh.

38

: 00:02:16

If it gets out, and maybe

it will, you'll be okay.

39

: 00:02:19

So don't be putting in your

social security and really super

40

: 00:02:22

private information, proprietary,

confidential, your company's data.

41

: 00:02:26

Don't do that.

42

: 00:02:27

Scrub that first.

43

: 00:02:29

So the answer is, what is the real issue?

44

: 00:02:33

Well, AI governance is lagging.

45

: 00:02:35

So we need one stronger AI security

regulations for companies, not

46

: 00:02:39

just Chinese ones to transparency

and accountability, especially

47

: 00:02:44

an open source AI like deep seek

three less corporate gatekeeping.

48

: 00:02:49

Because AI should be open and

competitive, not monopolized.

49

: 00:02:53

So just saying China bad, don't use

DeepSeek, it doesn't fix the problem.

50

: 00:02:58

AI is here to stay, and security should

be the focus, not fear mongering.

51

: 00:03:03

So, do you really think

DeepSeek is a security risk?

52

: 00:03:07

Or are we just being played by big tech?

53

: 00:03:11

Now

54

: 00:03:11

I wanted to keep this a little

bit for a separate podcast.

55

: 00:03:15

But I do want to talk about

the AI Moat Playbook and

56

: 00:03:18

using regulations as a weapon.

57

: 00:03:21

So continuing on with our conversation,

if big companies don't actually fear

58

: 00:03:25

AI risks, they fear AI competition,

here's how they keep that moat intact.

59

: 00:03:32

Step one, you push a narrative.

60

: 00:03:34

Open source AI is a security risk.

61

: 00:03:37

Right?

62

: 00:03:38

So they're not too worried about models

that don't perform, but anything that

63

: 00:03:41

does perform from any other country, and

obviously China is a main competitor,

64

: 00:03:45

then it's going to be a security risk.

65

: 00:03:47

So you push that narrative.

66

: 00:03:48

Step 2.

67

: 00:03:50

You lobby for regulations.

68

: 00:03:52

So you frame it as necessary

for national security.

69

: 00:03:55

Right?

70

: 00:03:56

You gotta frame it.

71

: 00:03:57

And step 3.

72

: 00:03:59

You get governments to ban or

restrict open source AI, but allow

73

: 00:04:03

their own proprietary models to

operate under controlled conditions.

74

: 00:04:08

And, I don't know if you've

noticed, but have you noticed

75

: 00:04:11

how AI executives keep testifying

before Congress how dangerous AI is?

76

: 00:04:16

They're crafting AI laws to benefit

themselves, not to keep us safe.

77

: 00:04:22

Step two is that push corporate

controlled AI governance.

78

: 00:04:26

So the fact that big are writing their

own AI governance policies under the

79

: 00:04:33

guise of safety is the biggest red flag.

80

: 00:04:35

I mean, if AI really needed

stronger governance, shouldn't it

81

: 00:04:39

be government led and independent?

82

: 00:04:41

Instead, we see Microsoft,

OpenAI, Google, and Anthropic

83

: 00:04:44

writing the rules for themselves.

84

: 00:04:46

And why?

85

: 00:04:47

Well, they're locking their dominance.

86

: 00:04:49

And it's not really any different

than what happened with social media.

87

: 00:04:52

Remember how Big Tech pushed for stricter

privacy laws that ended up hurting

88

: 00:04:57

smaller platforms but left them untouched?

89

: 00:05:00

They're running the same playbook for AI.

90

: 00:05:03

So, 3 is Big Tech's endgame.

91

: 00:05:06

AI is a government approved monopoly.

92

: 00:05:09

And if this works,

here's what happens next.

93

: 00:05:12

So governments will only be allowed to

use AI from corporate approved models.

94

: 00:05:16

Private sectors will face

restrictions using open source AI.

95

: 00:05:20

The narrative will shift from safety

concerns to compliance requirements,

96

: 00:05:25

making it legally impossible for

smaller AI companies to compete.

97

: 00:05:29

And open source AI gets strangled by

red tape while Big Tech stays dominant.

98

: 00:05:34

So the real question

isn't, is AI dangerous?

99

: 00:05:38

Who gets to control AI?

100

: 00:05:41

And right now it looks like big tech

is doing everything it can to make sure

101

: 00:05:44

they're the only ones who can play.

102

: 00:05:48

So give that a thought.

103

: 00:05:49

There's also other things that if

you look at different articles, you

104

: 00:05:53

can see that, you know, the This

different AI that's being dominated

105

: 00:05:58

by other countries, it, uh, you know,

it interferes with lucrative defense

106

: 00:06:02

partnerships like OpenAI and Anthropic

that recently signed with defense

107

: 00:06:07

tech firms like UnDrual and Palantir.

108

: 00:06:10

I mean, don't want them taking away money!

109

: 00:06:14

All right.

110

: 00:06:15

And so what did the, what did the

United States do during Sputnik?

111

: 00:06:20

Well, I had a little conversation

with my buddy, ChatGPT about that.

112

: 00:06:25

And I thought it was rather enlightening

because during Sputnik, it was sort

113

: 00:06:30

of a wake up call that led the U.

114

: 00:06:32

S.

115

: 00:06:32

to double down on science, technology,

and education, culminating in

116

: 00:06:36

NASA, the space race, and a

massive investment in STEM fields.

117

: 00:06:39

It was about outperforming.

118

: 00:06:43

But with DeepSeek and other Chinese AI

advancements, the reaction from some U.

119

: 00:06:47

S.

120

: 00:06:47

firms seems to be about

restriction than acceleration.

121

: 00:06:51

So instead of boosting domestic AI

research or reforming policies to

122

: 00:06:55

encourage innovation, we're seeing

moves to ban or limit access.

123

: 00:07:00

As if blocking the competition

will slow down its progress.

124

: 00:07:04

So, you know, there are legitimate

concerns about national security, and

125

: 00:07:09

AI alignment, and economic impacts.

126

: 00:07:12

But if the goal is to mainly, you

know, maintain that leadership in AI,

127

: 00:07:16

the better response would be investing

more heavily in domestic AI research.

128

: 00:07:20

fostering public private AI

collaborations and creating an

129

: 00:07:23

ecosystem that attracts global AI

talent rather than driving it away.

130

: 00:07:29

So, you know, instead of out innovating

rivals like DeepSeek, so far the U.

131

: 00:07:36

S.

132

: 00:07:36

response has been, you know, restrict

access, increase regulation, limit

133

: 00:07:40

open source AI, under, you know, the

guise of safety and national security.

134

: 00:07:45

And while those concerns could

be real, They're incredibly

135

: 00:07:49

convenient for the companies that

already control that AI space.

136

: 00:07:53

And the result?

137

: 00:07:54

It's going to be a widening gap that the

open source AI community, which is getting

138

: 00:07:58

choked out, and the corporate backed

models that get regulatory preference.

139

: 00:08:02

So, I don't think we really want to,

you know, let's freeze AI progress

140

: 00:08:08

at the level where we control it.

141

: 00:08:09

I don't, that's a good idea.

142

: 00:08:12

It feels like an attempt

to keep that AI moat alive.

143

: 00:08:16

Which clearly is not going to be a winner.

144

: 00:08:20

Open source will outperform that.

145

: 00:08:22

If that's all you got is, is just these

models and nothing that you're really

146

: 00:08:26

offering, you know, then you should be

responding with better, faster innovation.

147

: 00:08:32

But, you know, it's, it feels like

more that they're trying to make

148

: 00:08:37

the AI progress a walled garden.

149

: 00:08:39

But it's global competition.

150

: 00:08:41

And so by stifling open source AI and

foreign competition, You know, the U.

151

: 00:08:48

S.

152

: 00:08:48

might actually be accelerating

its own decline in AI leadership.

153

: 00:08:52

So, China, the EU, independent

researchers, they're iterating fast.

154

: 00:08:57

And if you think about it, we've

seen this in other industries before.

155

: 00:09:00

So, the U.

156

: 00:09:01

S.

157

: 00:09:01

dominated semiconductors, but

now Taiwan, TSMC, and South

158

: 00:09:05

Korea's Samsung, they lead.

159

: 00:09:07

And the U.

160

: 00:09:08

S.

161

: 00:09:08

had an early lead in 5G, but Huawei?

162

: 00:09:11

Well, they surged ahead with the U.

163

: 00:09:12

S.

164

: 00:09:12

focus on sanctions.

165

: 00:09:14

And in EVs and batteries, China

scaled production while the U.

166

: 00:09:18

S.

167

: 00:09:18

lagged behind.

168

: 00:09:19

So if this trend continues in

AI, DeepSeek and others could

169

: 00:09:23

outperform simply by outpacing.

170

: 00:09:25

So instead of banning them,

a smarter move would be to

171

: 00:09:29

supercharge domestic innovation.

172

: 00:09:31

More funding, better infrastructure,

fewer roadblocks for AI startup

173

: 00:09:34

and open source projects.

174

: 00:09:36

But, if they're just trying to preserve,

you know, the moat instead of building

175

: 00:09:40

a faster boat, it's only a matter of

time before somebody else sails past.

176

: 00:09:45

So, there's a lot of concerns about this,

but you have to understand that these same

177

: 00:09:50

concerns were raised internally with U.

178

: 00:09:54

S.

179

: 00:09:54

companies when they were breached

and their data was put out.

180

: 00:09:57

And what is the response of that?

181

: 00:09:59

Well, Chad GPT obviously

locked it down more.

182

: 00:10:02

They responded to that.

183

: 00:10:04

DeepSeek has responded to

that breach that they had.

184

: 00:10:06

That's not available for you to

get to anymore, but it was there.

185

: 00:10:10

So they did respond to that.

186

: 00:10:12

Security incidents are part

of putting out cutting edge,

187

: 00:10:16

fast paced products like this.

188

: 00:10:18

And responding to them appropriately

is also how you And as a user reading a

189

: 00:10:24

privacy policy, I know sometimes they're

really long, but understanding what

190

: 00:10:28

data and where it goes and how it's used

and how it's sold and where it's being

191

: 00:10:32

stored, that should then direct you to

what do I want to put into this model?

192

: 00:10:39

So if I'm running a model, an open

source model locally on my laptop.

193

: 00:10:43

small one, right?

194

: 00:10:44

And I have no internet connection, or

I do, but I, but it's open source and

195

: 00:10:48

I know where the data is going and how

it's connecting and things like that,

196

: 00:10:51

then maybe what I put into it is going

to be completely different than what I

197

: 00:10:54

put into any model that's on the internet

that could potentially get breached.

198

: 00:11:00

I like to say in a lot of my videos and

podcasts, assume a breach mentality,

199

: 00:11:05

because it's going to get breached.

200

: 00:11:06

So everything that you're putting

out there, Your emails, your

201

: 00:11:10

usernames, your passwords, what

you're saying on social media.

202

: 00:11:13

Just assume it's going to get out there.

203

: 00:11:15

It's going to get breached.

204

: 00:11:16

Someone's going to find it.

205

: 00:11:17

Someone's going to make a video on it.

206

: 00:11:18

Who knows?

207

: 00:11:19

Whatever you need to be semi

comfortable with that because it will

208

: 00:11:23

eventually or potentially be out there.

209

: 00:11:26

So when using deep seek, what

I as a security professional

210

: 00:11:29

say, don't even touch that.

211

: 00:11:30

Don't load it.

212

: 00:11:31

Don't go to the website.

213

: 00:11:32

Oh my God, it's terrible.

214

: 00:11:34

No, that is exactly how you fall behind.

215

: 00:11:37

Especially in the tech

industry, understanding things.

216

: 00:11:40

Would I say, read the privacy policy

and make sure what you're putting

217

: 00:11:43

into that, regardless, is something

you'd be okay with it going public?

218

: 00:11:48

Yes.

219

: 00:11:49

I've read the piracy policy.

220

: 00:11:50

They're gonna collect everything they can

possibly collect on you from your browser

221

: 00:11:54

and what you're putting in and things.

222

: 00:11:55

They're gonna collect all of your

chats, everything that you say, and

223

: 00:11:59

use that for their training models.

224

: 00:12:01

And sure, you can delete your account,

but they I've already said that they're

225

: 00:12:04

gonna probably keep that much longer for

legal and regulatory, whatever, and all

226

: 00:12:10

the data is stored, uh, not in the U.

227

: 00:12:12

S.,

228

: 00:12:12

it's stored in the, uh, Republic of China.

229

: 00:12:15

So, if you're okay with that, like, you're

doing, you just want to test it out and

230

: 00:12:19

see what it's like on the web because you

don't want to run it locally, and you're

231

: 00:12:22

just having chats about, you know, public

stuff that you don't care, then whatever.

232

: 00:12:28

That's fine, but just

be aware of that, right?

233

: 00:12:32

I would never be putting proprietary

information into a model like that, or

234

: 00:12:37

having a conversation with it that was

personal and private, that if I said

235

: 00:12:41

this ended up on the front page of a news

story, I would be completely embarrassed.

236

: 00:12:45

I wouldn't put stuff in like that.

237

: 00:12:47

And if, and if you have that mentality,

then you're ahead of the game.

238

: 00:12:51

And then you can see what these

open source models are doing.

239

: 00:12:54

And you look at it and you say, yeah,

it's not as good as the current ones

240

: 00:12:59

that people are paying hundreds of

thousands of dollars for a mil or billions

241

: 00:13:03

to train, but it's pretty darn good.

242

: 00:13:07

And then you wonder what's,

what's your real advantage here?

243

: 00:13:10

Because consumers.

244

: 00:13:12

You know, whether they're small

businesses, are going to go

245

: 00:13:14

for whatever makes sense, gets

the job done, and is cheaper.

246

: 00:13:19

And if it's an open source model,

that's better, that gets that

247

: 00:13:24

job done, that's cheaper, that

they can run locally in a hosted

248

: 00:13:28

environment, then they'll go for that.

249

: 00:13:31

Because at the end of the day, it's

the answers and the output that you're

250

: 00:13:33

getting, not how much money you're paying.

251

: 00:13:35

So these other companies, they shouldn't

be putting Walls and trying to keep a

252

: 00:13:41

moat that they have some proprietary smart

model They should be looking at it as to

253

: 00:13:45

what are the services and benefits and

things that we offer beyond the model To

254

: 00:13:50

make it something that you have to come

here to get and I'll tell you right now

255

: 00:13:54

if I was looking at if I was Looking at

deep seek and chat GPT, which I have I

256

: 00:14:00

would say deep seek is pretty good Chat

GPT with the various models is really good

257

: 00:14:06

If I'm just doing some writing and stuff

like that, I would go for the free model.

258

: 00:14:12

However, there are things

in chat I really like.

259

: 00:14:16

I, I really like the canvas and

the ability to upload files and

260

: 00:14:23

to switch models in between.

261

: 00:14:25

I like the advanced voice chat.

262

: 00:14:27

I like the dictation in it.

263

: 00:14:29

I like building custom GPTs.

264

: 00:14:31

There's a lot of other things that.

265

: 00:14:33

OpenAI is offering as part of their

package that makes paying for me

266

: 00:14:39

that 20 a month seem reasonable.

267

: 00:14:43

As opposed to just using a

really good open source model

268

: 00:14:47

to get answers or a cheap way to

make API calls to get answers.

269

: 00:14:51

Maybe I would use both in different

circumstances or situations.

270

: 00:14:55

One could be a really cheap way to get

data and make an app work or something.

271

: 00:15:00

And another would be, Hey, I

really actually want to get.

272

: 00:15:02

I want to get real work done and I

want a much higher level of service.

273

: 00:15:07

So if chat can keep, if open AI can

keep innovating and offering more

274

: 00:15:12

features and services and things built

inside of their product and not focus

275

: 00:15:18

on keeping a moat, then I think they

potentially could be a very good winner

276

: 00:15:23

because it is a better product overall.

277

: 00:15:26

It isn't just about the model, it's about

how the tools interact with the model and

278

: 00:15:30

what you can get done from a productivity

standpoint and what you can build.

279

: 00:15:35

As opposed to just a model.

280

: 00:15:36

If you're just looking at just

a model, you know, then building

281

: 00:15:40

that moat is not a good idea.

282

: 00:15:43

What else do you offer?

283

: 00:15:45

And I think that's really

where it's gonna come down to.

284

: 00:15:47

But all I see on LinkedIn most

of the time, or anywhere else I'm

285

: 00:15:50

going, is how bad it is, and China

bad, and It misses the point.

286

: 00:15:56

It misses the point how important

AI security and AI governance

287

: 00:16:00

from a worldwide perspective is.

288

: 00:16:03

Because if you're just going to try

to out regulate it, or not allow

289

: 00:16:09

people here to use it, or companies

to use it, or whatever you want to

290

: 00:16:13

do, that doesn't make you a winner.

291

: 00:16:16

I mean, you've already seen that with

other countries where they just They

292

: 00:16:20

basically block, uh, ChatGPT because it

doesn't fit with their GDPR regulations

293

: 00:16:25

or they don't want this or they don't

want DeepSeek or they don't want whatever.

294

: 00:16:30

But they're never regulating.

295

: 00:16:31

They're never on the cutting

edge in the forefront.

296

: 00:16:33

They're always using government

and leverages to try to slow

297

: 00:16:38

down the pace of innovation.

298

: 00:16:39

But at the end of the day,

It doesn't really do that.

299

: 00:16:42

It just puts you behind the,

it just puts you behind.

300

: 00:16:45

And my concern is more with these

companies and these CEO techs and

301

: 00:16:51

things are having conversations with

the government not because they're

302

: 00:16:54

worried about our safety or they

want to make it better for everybody.

303

: 00:16:57

It's because they want to make

sure that they have the contracts.

304

: 00:17:01

They have the government contracts

to use their services, their

305

: 00:17:04

models, and charge what they want.

306

: 00:17:06

Right?

307

: 00:17:06

So you make that a law, and then

you can't pick another product.

308

: 00:17:09

You can't do a, a bake

off, or the best in class.

309

: 00:17:13

You have to use these certain things,

and then they can just control

310

: 00:17:17

the price, and they can do that.

311

: 00:17:18

It doesn't mean it's the best.

312

: 00:17:20

And that, that's just not great.

313

: 00:17:22

So AI is It's an interesting,

it's interesting to watch

314

: 00:17:29

where this is going to go.

315

: 00:17:30

And if it really is being compared

to a Sputnik moment, I don't know

316

: 00:17:34

that that's a great comparison,

but it's, it's, it is what it is.

317

: 00:17:38

Think about what did the United

States during, do during Sputnik

318

: 00:17:41

as opposed to what we're doing now.

319

: 00:17:44

They didn't say that you can't, they

didn't try to regulate it and stop.

320

: 00:17:49

They innovated the heck out of it until

they were better than the competition.

321

: 00:17:53

They used that as a drive

to be better, to offer more.

322

: 00:17:59

As opposed to, hey, let's just block

this and put out a narrative that it's

323

: 00:18:03

terrible and nobody should ever use it.

324

: 00:18:06

You'll have to be the own judge of that.

325

: 00:18:09

Do keep an eye on this space,

because I don't think that the

326

: 00:18:13

real issue is, I don't think the

real issue is where it comes from,

327

: 00:18:18

where the AI is, that is China.

328

: 00:18:20

I think it's about AI security, I think

it's about contracts, I think it's about

329

: 00:18:24

money, and trying to sanction and leverage

and lock in models and products here

330

: 00:18:31

for much, things beyond our control.

331

: 00:18:34

Open source is good when it comes to this.

332

: 00:18:37

Open source is good for a lot of things.

333

: 00:18:40

And limiting it is not

good for a lot of reasons.

334

: 00:18:44

So keep an eye on the space.

335

: 00:18:47

Send a message if you agree or disagree.

336

: 00:18:49

You can find my contact information.

337

: 00:18:52

I'd be really curious to what

you think that DeepSeek has

338

: 00:18:57

done or these type of models.

339

: 00:18:58

There's been other open source

models that have been out there.

340

: 00:19:01

But it really hasn't

worried the competition.

341

: 00:19:03

Eh, that model's not that good, or

it's super expensive to train, or

342

: 00:19:08

no one's ever going to use that.

343

: 00:19:10

Uh, it doesn't give you very good

answers, so we're not worried about it.

344

: 00:19:13

But suddenly something comes

out that you are worried about.

345

: 00:19:16

Then it's like, oh, and if you know

that they already came out with

346

: 00:19:20

this and then they came up with a

reasoning model, you know, they're

347

: 00:19:22

going to start coming out with more.

348

: 00:19:25

So how are you going to keep innovating

to make sure that you're at the

349

: 00:19:27

top of the game, that people in the

world want to use your products as

350

: 00:19:31

opposed to others, as opposed to

just using sanctions and regulations

351

: 00:19:36

and laws to block the competition.

352

: 00:19:38

Give that some thought.

353

: 00:19:39

And if you have a comment,

find me in the show notes.

354

: 00:19:42

Love to hear from you.