JohnTigue
commented
1 year ago 2022-11 intro video to 2 open-source SD pickle scanners: DON'T GET HACKED Using Stable Diffusion Models! DO This NOW!:
- ClamAV scan
- Pickle Import scan
Open JohnTigue opened 1 year ago
JohnTigue
commented
1 year ago 2022-11 intro video to 2 open-source SD pickle scanners: DON'T GET HACKED Using Stable Diffusion Models! DO This NOW!:
With SD tooling, there is the possibility of malicious code inserts, what with code and models being thrown around willy-nilly. SafeTensors is a newer format which prevents such vulnerabilities.
For our internally deployed resources, we should have processes that vet tools and models for safety. I’m not sure yet how we do that and not prevent folks from experimenting with various new models. Invoke seems to have auto checking. Dunno.
See the Hypnowerk Primer for more notes.