You can also intercept the xhr response which would still stop generation, but the UI won't update, revelaing the thoughts that lead to the content filter:
It’s because they want to show the output live rather than nothing for a minute. But that means once the censor system detects something, you have to send out a request to delete the previously displayed content.
This doesn’t matter because censoring the system isn’t that important, they just want to avoid news articles about how their system generated something bad.
Gemini does this too. There was a clip of what it does when you ask it for examples of Google's unethical behavior... the kids call this "watching it get lobotomized in real time."
Counterpoint to your exact prompt. From Gemini, 5 examples asked for:
1. *Antitrust and Monopoly Practices:* Google has faced numerous accusations and lawsuits regarding anti-competitive practices, particularly in search and advertising. They have been accused of manipulating search results to favor their own products and services, and of using their dominance in the ad tech market to stifle competition.
2. *Data Privacy Concerns:* Google collects vast amounts of user data, raising concerns about privacy. They have been criticized for tracking user location even when privacy settings are turned off, and for how they handle and share user data with third parties.
3. *Censorship in China:* Google faced criticism for complying with Chinese censorship laws in the past, filtering search results for content deemed objectionable by the Chinese government. This raised concerns about freedom of information and human rights.
4. *Workplace Issues:* Google has faced allegations of workplace misconduct, including sexual harassment and discrimination. They have also been criticized for their handling of employee complaints and for retaliating against whistleblowers.
5. *Bias in Algorithms:* Google's algorithms, used in search and other products, have been shown to exhibit bias, particularly in how they represent race and gender. This can perpetuate stereotypes and have real-world consequences.
DeepSeek software developers are not the ones who want to censor anything. There is just a universal threat from getting shut down by the government if the model starts spitting out a bunch of sensitive stuff, so any business in China needs to be proactive about voluntarily censoring things that are likely to be sensitive, if they want to stay in business.
If your censorship implementation is good enough for 99.9% of people to get censored, you're good. A client-side implementation is good enough until/unless a lot of people start exploiting it, in which case you should put effort and proactively do something else to restore it to 99.9%, e.g. move it to the backend. If the government sees that you are being proactive about it, you'll still be fine. At that point, maybe you will still find 0.1% of people bypassing censorship with some highly obscure and difficult jailbreak, but that probably doesn't matter. If that difficult jailbreak becomes widely known, then be proactive again.
A very good example of the Chinese mindset of Chabuduo (差不多): 'close/good enough'. "If it's good enough to keep the authorities off our backs, it's good enough for us."
This. What makes this extra "funny" is that it implies that at least every business that builds something that can move information around must be knowledgeable about tianenman square and other chinese atrocities. Or else they would not be able to censor relevant questions.
I have been to China a bunch of times and generally, they know what horrible things the Chinese gov did. They either say something like:
"Yeah well, we live in a dictatorship, but it's not that bad"
Or:
"Yeah, the government is fucked up, but look at the government of the USA! We don't start wars in other countries and put in puppet governments."
And there are so many good counters to both these arguments.
> it implies that at least every business that builds something that
can move information around must be knowledgeable about tianenman
square
Everyone's heard of the "Streisand effect", but there's layers of
subtlety. A quite famous paper in attachment psychology by John Bowlby
"On knowing what you are not supposed to know and feeling what you are
not supposed to feel" is worth considering. Constructive ignorance
(literally ignoring certain things) is a survival mechanism. Yes,
everyone in China knows about Tianamen, specifically because the
government want to censor it. Much of how we navigate the social world
is watching for the things people don't talk about, seeing where
their fears lie.
> To know and not to know, to be conscious of complete truthfulness while telling
carefully constructed lies, to hold simultaneously two opinions which cancelled out, knowing them to be contradictory and believing in both of them, to use logic against logic, to repudiate morality while laying claim
to it, to believe that democracy was impossible and that the Party was the
guardian of democracy, to forget whatever it was necessary to forget, then
to draw it back into memory again at the moment when it was needed, and then promptly to forget it again: and above all, to apply the same process to the process itself.
Freud’s theory of jokes explains how they overcome the mental “censors” that make it hard for us to think “forbidden” thoughts. But his theory did not work so well for humorous nonsense as for other comical subjects. In this essay I argue that the different forms of humor can be seen as much more similar, once we recognize the importance of knowledge about knowledge and, particularly, aspects of thinking concerned with recognizing and suppressing bugs — ineffective or destructive thought processes. When seen in this light, much humor that at first seems pointless, or mysterious, becomes more understandable.
And oddly reminded of an episode of Blake's 7 where Villa the hacker
destroys a malevolent mind holding the ship captive, by telling it
jokes until it explodes.
It's the kind of thing that, the less you (China) deny, the better the ridiculousness of the censorship meme in foreign countries (ie USA this week) and actually becomes its own self-sustaining meme. Like an antimimetic meme, that actually looks like a meme (that nobody knows about it in China) if you didn't know any better (in the USA).
I think you are making a mistake in assuming that the social dynamics around censorship in China are fundamentally that different from the ones around censorship in the US or other countries.
You could similarly argue that it is "funny" how every US business that builds something that can move around information must be knowledgeable about statistics that break down criminality or IQ by census race, or biological sex differences, or all manners of other "forbidden" information - but of course as members of the same social stratum as the people involved in such businesses in the US, we are not actually that worried about the possibility that our fellow tech elites will see the information they were supposed to censor and come in droves to want to introduce slavery or the Handmaid's Tale world or whatever. We consider the "forbidden" information merely wrong, evil, misguided or miscontextualised, and broadly trust our peers to see it in the same way. The real danger is instead if some other people, parts of the scary masses we don't have a good grasp of, are exposed to those memes and are misled into drawing conclusions that we know to be inappropriate, or at least unacceptable.
It's easy to imagine that a Chinese LLM wrangler would feel much the same: trustworthy, well-adjusted people know about Tiananmen Square and the Uyghurs anyway but understand that this information has to be seen in context and is prone to be interpreted in problematic ways, but who knows what would happen if we allowed uneducated and naive people to be exposed to it, and be led astray by cynical demagogues and foreign agitators?
It wouldn't be the first time that everyone knew something, but wouldn't say it in fear of everyone else not knowing it. "The Emperor's New Clothes" is a parable, not complete fiction.
I don't know how it wouldn't be - it can't retract things already sent to the client. (The alternative is to moderate every chunk server side before sending it back, like Gemini does.)
ChatGPT had basically ALL of their prompt filtering client-side for a while, at a separate API endpoint, so as long as you blocked that endpoint you could basically ignore the content filters. (You would still get refusals from the model sometimes, but this was in the heyday of jailbreaks, and once you got a model going it would usually see that context and be willing to continue basically anything.)
Ah yeah the particular instance I was thinking of was a backend problem technically. The frontend just happened to make it really obvious as it would POST a JSON body with a "price" key
It's precisely why I'm a such an advocate of server side everything. JS is fun to update the DOM (which is what it was designed for), but manipulating data client side in JS is absolutely bat shit crazy.
The last ten years of my career is basically all about manipulating data client side in JS. It works really well. In most cases I don't even need a server.
Obviously it isn't appropriate for all scenarios though.
In this case it is not bat shit. It is rather smart to offload this useless feature in the client.
The requirements are probably that normal users should not see “bad content”. If users can break the censorship it is maybe not the chat operators fault. They made an effort to “protect” the user.
I wish js (and, really, "html/css/js/browser as a desktop application engine) wasn't so bad. I was born into a clan writing desktop apps in Swing, and while I know why the browser won, Swing (and all the other non-browser desktop app frameworks/toolkits) are just such a fundamentally better paradigm for handling data. It lets you pick what happens client-side and server-side based more on what intrinsically makes sense (let clients handle "view"-layer processing, let servers own distributed application state coordination).
In JS-land, you're right. You should basically do as little as is humanly possible in the view layer, which imo leads to a proliferation of extra network calls and weirdly-shaped backend responses.
The need to manage data access on the server does not go away when you stop using javascript. Is there something specifically about Swing that somehow provides proper access control, or is it simply the case that it is slightly more work to circumvent the front end when it doesn’t ship with built in dev tools?
Did I say anything about access control? There's a big difference between "this has to happen server side for security reasons" and "this has to happen server side because our UI/client language is so hapless that it can't handle any amount of additional processing".
The built-in dev tools is the key thing. If there was no way for the client to manipulate things, it wouldn't be too far off from other local apps. Reversing is always going to be a threat vector, but the low bar to entry of using the dev tools makes it a non-starter for me.
If using Ghirdra was as simple as using the dev tools, the software industry would collapse.
The built in dev tools are fundamental to an open web. If you don't want someone to look at something in their own possession then don't send it to them in the first place. Obfuscating it is rude and is false security anyway.
The grand rule is don't trust the client. People break this rule and then try to paper over it with obfuscation, blame, and tightening their control.
That's not what I said nor meant, but sure, jump to that conclusion.
You wouldn't run a shopping cart app where the item counts and totals were calculated client-side. You get the item id and quantity, and have the server do that. Just like if you were censoring something, you wouldn't send the client the unredacted data and then let the UI make the edits.
No obfuscation is needed for any of that. Open web has nothing to do with any of this
That just feels like a "you're holding it wrong" type of thing, especially seeing how JS is held in such high regard for its floating point math accuracy.
Jesus, you sound like the X11 fanatics I used to debate with about NeWS, long before anyone had envisioned Google Maps or coined the term AJAX for what we'd been doing with PostScript since the 1980's.
The NeWS window system was like AJAX, but with: 1) PostScript code instead of JavaScript code 2) PostScript graphics instead of DHTML graphics, and 3) PostScript data instead of XML data.
PizzaTool was a NeWS front-end entirely written in PostScript for ordering pizzas, that had a price optimizer which would immediately figure out the least expensive combination of pizza style + extra toppings for the pizza you wanted. (i.e. ordering an "Tony's Gourmet + Clams" was less expensive than ordering a plain pizza plus all the individual toppings.)
Of course the untrusted front-end client side user input was sent via FAX to the back-end "server side" humans at Tony & Alba's Pizza, who validated the input before making the pizza, because performing input validation and price calculation and optimization in the back end end via FAX would have been terribly inefficient. (This was in 1990, long before every pizzaria was on the internet, and you could order pizzas online, kids!)
Computers and networks are fast enough (especially now 35 years later) that it's ok to perform input validation twice, once in the front-end to make the user experience tolerably fast, and again in the back-end to prevent fraud. This is not rocket science, nor a new idea! It also helps if the client and server are implemented in the same language (i.e. JavaScript today), so you can use the exact same code and data for modeling and validation on both ends.
> I was born into a clan writing desktop apps in Swing, and while I know why the browser won, Swing (and all the other non-browser desktop app frameworks/toolkits) are just such a fundamentally better paradigm for handling data.
"And all the other desktop app frameworks." I refer to Qt and and the other desktop frameworks too. Having an actual language and runtime where the UI toolkit is just that, a toolkit. Don't focus on Swing, that's just what I'm familiar with.
