I suppose the importance of the openness of the training data depends on your view of what a model is doing.
If you feel like a model is more like a media file that the model loaders are playing back, where the prompt is more of a type of control over how you access this model then yes I suppose from a trustworthiness aspect there’s not much to the model’s training corpus being open
I see models more in terms of how any other text encoder or serializer would work, if you were, say, manually encoding text. While there is a very low chance of any “malicious code” being executed, the importance is in the fact that you can check the expectations about how your inputs are being encoded against what the provider is telling you.
As an example attack vector, much like with something like a malicious replacement technique for anything, if I were to download a pre-trained model from what I thought was a reputable source, but was man-in-the middled and provided with a maliciously trained model, suddenly the system I was relying on that uses that model is compromised in terms of the expected text output. Obviously that exact problem could be fixed with some has checking but I hope you see that in some cases even that wouldn’t be enough. (Such as malicious “official” providence)
As these models become more prevalent, being able to guarantee integrity will become more and more of an issue.
There are VERY FEW fully open LLMs. Most are the equivalent of source-available in licensing and at best, they’re only partially open source because they provide you with the pretrained model.
To be fully open source they need to publish both the model and the training data. The importance is being “fully reproducible” in order to make the model trustworthy.
In that vein there’s at least one project that’s turning out great so far:
The project was using a way to bypass requiring a backing account to proxy the requests, but the API update broke that
The instances that chose (and choose) to go the extra mile by creating and maintaining proxy account(s) are the ones still working
If the instance gets too popular the twitter goons quickly figure out what the proxy account is and ban it, though. So it’s a constant game of cat and mouse.
Well, then there’s also this:
Green Pass PDF Wallet https://f-droid.org/packages/com.michaeltroger.gruenerpass/
Extremely simple functionality but it does exactly what’s on the tin
If you need something to store pkpass files: fWallet https://f-droid.org/packages/business.braid.f_wallet/
Yes of course, there’s nothing gestalt about model training, fixed inputs result in fixed outputs