• skillissuer@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    6
    ·
    6 months ago

    it’s not airgapped, it’s still cloud, it can’t be. it’s some kind of “secure” cloud that passed some kind of audit. openai already had a breach or a few, so i’m not entirely sure it will pan out

    • conciselyverbose@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      2
      ·
      6 months ago

      My interpretation of what they’re saying is that it’s on their own servers in their own location that can only be accessed from specific access points.

      Talking about networks as airgapped isn’t abnormal.

    • V0ldek@awful.systems
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      Iirc OpenAI uses Microsoft’s cloud?

      If so, MSFT has a special airgapped cloud specifically for USGov.

      • deborah@awful.systems
        link
        fedilink
        English
        arrow-up
        2
        ·
        6 months ago

        they probably do. I worked for a content-as-a-service company that had a contract to deliver our product, airgapped, to a three-letter agency on a regular schedule, and we were a tiny company. Microsoft’s biggest customer is probably the U.S. government; I’d be shocked if they don’t provide an in-house airgapped set of full Azure services for the entire intelligence agency system.

        • V0ldek@awful.systems
          link
          fedilink
          English
          arrow-up
          3
          ·
          6 months ago

          They do. Source: I worked in at MSFT in Azure Identity. It’s completely separate, has its own rollout schedule for all products, etc.

          There’s also a physically separate cloud for China 🙃

      • froztbyte@awful.systems
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        tbh I personally wouldn’t expect/suspect this to be using any of the flavours of govcloud for mass-market flavours (because that has implications on staff hiring etc)

        the easy way to handle this is to have a backend/frontend separation with baseline access controlled simply by construction of routing and zone primitives. it’s relatively simple (albeit moderately involved) to do this on most cloud providers