{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreia2zjiqtjewd5xdxe3cpjbtz7gbj4t4opowcxhbdw2p2ro2ig35yi",
    "uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3mi5rrt4lzzr2"
  },
  "path": "/t/local-ai-question/36445#post_5",
  "publishedAt": "2026-03-28T18:53:30.000Z",
  "site": "https://discuss.privacyguides.net",
  "textContent": "> Is it possible that, even if Draw Things (or whatever application one uses) is safe and privacy-respecting, one of the AI _models_ one uses could in fact compromise one’s privacy or security?\n\nWell that’s not how it works. Downloading a model _could_ compromise your security, but it wouldn’t be the model itself that is unsafe.\n\nA model is a bunch of numbers (think CSV file or content of a spreadsheet). Those numbers won’t do anything to your privacy or security. However, it’s a lot of numbers so we typically share them in a compressed format (basically a ZIP file) and to make the numbers do anything we need a program (like excel).\n\nThe compressed file (the “ZIP”) could contain malicious code that does bad things when you try to unpack it. The way you protect against this is by looking at hashes (MD-5 or SHA-256) of what you have downloaded compared to what the provider (that you must trust) says it should be. If they match the data is unlikely to have been tampered with.\n\nThe program that runs the model is typically build into the app you use. In your case, it is likely that Draw Things will use the same code to run a model. I have not read the code, so I can’t say with certainty, but that’s how the vast majority of AI apps work under the hood. If that is “safe” for one model, it is safe for any model.\n\nSo yeah, the model is safe and won’t leak any data. The stuff around the model is _probably_ safe assuming you trust Draw Things and have basic hygiene around “downloading things from the internet”.",
  "title": "Local AI question"
}