Summary
Chinese AI company DeepSeek exposed an unprotected database containing over a million unencrypted chat logs, API keys, and other sensitive data.
Security researchers at Wiz discovered the vulnerability and alerted DeepSeek, which promptly took the database offline.
It’s unclear how long the data was exposed or if others accessed it before Wiz.
DeepSeek, which gained viral popularity since its December launch, has not commented.
Who tf keeps that kind of sensitive shit unencrypted at rest?
The kind of company who develops an AI for 4% the cost of everyone else
I don’t know, it doesn’t feel like a cost thing to me. If even one second of thought was given to security this could have been prevented basically for free.
Security costs money to develop and implement.
Technically correct but that’s like saying it takes effort to set up a passcode on your phone. Yes but it’s basically as close to zero as you can get and the return makes it a no brainer. Data breaches also cost money to remediate and can cause potentially trust destroying reputational damage.
It’s a no brainer if you’re paying people enough to understand the problem.
Unprotected and internet accessible?
Truly a side project
It wasn’t at rest according to the blog post:
we found a publicly accessible ClickHouse database linked to DeepSeek, completely open and unauthenticated, exposing sensitive data. It was hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000.
So probably either a service that was meant to be bound on loopback or a firewall issue.
I guess that shows how dangerous it is to have something secured by the ‘nobody should be able to access this port’ method.
This is why you always use dummy information if you are asking for programming assistance.
Gee, who could’ve guessed.
It’s unclear how long the data was exposed or if others accessed it before Wiz.
Long enough, I’m sure.
I’m not surprised. It’s why I haven’t touched it yet.
Just run it locally
Yeah! Locally! There’s no possibility of a backdoor!
Why would the Chinese do that?
You download a model that you plug into a front-end that supports that model type, if the front-end doesn’t give it access it won’t have access.
It’s like being afraid of Photoshop brush file, the brush is only used when you want it how you want it within the confines of Photoshop. Same for models. At worst a backdoor would exist in Photoshop (or in our actual case in one of the front ends) that the brush file somehow exploits, but that’s a big reach, especially with open source software.
If people are however downloading self contained .exes or something with a model+frontend pre-packaged, well, that’s on them. I don’t think deepseek makes any such file available anyway so blaming them feels a bit… xenophobic?
It’s only xenophobic if you trust all the other LLMs made in other countries… which I don’t.
But you jumped on that accusing people of bigotry claim before you bothered to find that out.
Damn, jumping to accusations sure is crazy, what was your first comment in this reply thread again? Jumping to backdoor accusations.
What makes you think I meant that the others don’t have them?
Do I really have to mention every other country with LLMs when I bring up DeepSeek?
To be fair you can run it locally in a virtual machine that is airgapped if you did want to run it
But I’m with you. Im gonna wait a bit longer before trying this one on my personal machines
Yeah, airgapped is definitely different.
