Lumo gives you the power to solve problems big and small, while keeping your personal data confidential. Try it now.
Less interested in the AI thing, more interested in this bit nested at the bottom of the page: (h/t Jonah Aragon)
Because of legal uncertainty around Swiss government proposals to introduce mass surveillance — proposals that have been outlawed in the EU — Proton is moving most of its physical infrastructure out of Switzerland. Lumo will be the first product to move.
Many people wants to use AI and this is a private alternative and so feels like appropriate part of the Proton’s ecosystem.
“Private” as in only you and Proton can access the messages’ unencrypted contents?
This is a far cry from any other of their products where they can’t access the user’s data.
https://fosstodon.org/@notesnook/114927444378333659
“Your chats with Lumo are stored with zero-access encryption, so Proton can’t see your chat history. Only you can securely access your conversations by logging in to your Proton Account.”
Keywords being “stored” and “history”.
The LLM doesn’t operate with encryption, so it is served and extrudes unencrypted data.
Proton operates the LLM, meaning Proton has access to your unencrypted data.
Comparatively, Proton Drive doesn’t leak your files’ contents at any point, even to Proton.
The data are not logged, not used to improve the AI, as stated. https://proton.me/support/lumo
Stated can be a long way away from reality. That website statement can be changed at a whim and doesn’t have any legal binding.
If you wanna rely on encryption to protect your privacy, you have to be encrypted/protected from the service provider too, that’s what E2EE is all about, and what many of Proton’s services provide, but Lumo not.
Where are you finding Lumo is not E2EE?
From their own response (and due to logical thinking about how the LLM service works): https://fosstodon.org/@notesnook/114927444378333659
Strictly speaking, if you consider Lumo’s GPU servers to be one of the “ends”, then yeah, it is E2EE (you and the server being the ends).
But Proton own the GPU servers, and therefore have access to their private keys, so they can decrypt your messages as they arrive, before they’re deleted, which happens after they’re encrypted with your asymetric key (so only you can read it) and stored with zero-access.
I don’t consider this safe. In a system where you are only interfacing with a computer (and not other users), E2EE should mean that only you have access to the unencrypted data, at any given time. Which is how Proton Drive works.
Holy crap! It’s as if I had access to this blog post beforehand!
Joke aside, it is still a “trust me bro, we don’t keep your clear text history” security model. AKA no guaranteed privacy.
https://proton.me/blog/lumo-security-model
Yeah, you were spot on. Appreciate you laying it out. I’m still ‘head-in-the-sand’ when it comes to learning how LLMs work.
Everything I had found up until that point stated matter of factly that it was E2EE. But I can understand now how that’s not really possible (or how calling it that is just semantics).