Roll to disbelieve. There are only a handful of mentions of this string indexed by google, and all of them trace back to this imgur screenshot. This imgur screenshot is basically a pastebin: it has no attribution or metadata. It also misspells HKEY_LOCAL_MACHINE, by replacing underscores with spaces.
I'm sure nvidia collects telemetry, and I would not be surprised at all if that telemetry identified who's running language models and which ones they're running. But this isn't what a real notice of that fact would look like.
This seems like it might be a hoax? Can anyone independently confirm that this is actually happening?
Seems like OP just uploaded a screenshot with no additional information. I don't want to claim that they're lying, but extraordinary claims require extraordinary evidence.
It's not too farfetched, given Nvidia previously implemented a LHR GPU model lineup. I can envision them doing something similar to cripple LLMs in the near future.
Does anyone know if there is there any way to prevent the Nvidia drivers from accessing the internet on Linux?
I would think that I could just add it to some no-internet group or something but I am not sure if Nvidia could bypass that given that they have a physical card on the PCIe bus.
You could pass the device into a VM that either lacks a network interface or which otherwise has no viable route.
Extrapolating a bit (regardless of whether or not this is a hoax), we may soon live in a world where GPUs won't compute certain workloads unless they're able to phone home via a connection associated with a registered identity.
Is it possible for the GPU to communicate directly with the network card? I don't know enough about this area of the stack. I can't find anything on the internet about this
if it's being loaded at hypervisor layer via vfio-pci, then within the KVM VM it loads the nvidia binary blob, even if at the KVM layer it has kernel space privs, at the hypervisor layer it does not.
ooof. I remember discussing how effective those drivers were compared to the open source AMD ones a few years back. Now the open AMD drivers are good and there is all more more reason to be skeptical of the binary blob.
The message in the screenshot says "HKEY LOCAL MACHINE", but shouldn't it be "HKEY_LOCAL_MACHINE", with underscores?
Maybe it's just a typo by the Nvidia engineer who wrote it, but why would they even write a notice like this? The language is a bit threatening, and doesn't seem to serve any legal purpose like a disclaimer or EULA. And why would they print it in red?
This looks like it might be a joke or a hoax. Maybe it's meant to draw attention to the near-monopoly that Nvidia holds over chips capable of running generative AI.
The image is quite bitcrushed, so the underscores are probably missing due to sampling error. Notice how on the same baseline there’s a missing period.
I've not seen this myself, but I find it suspicious that this is printed at all; Specifically because that means that somehow the nVidia driver has access to print to the specific console. I mean, it could be true, but this feels a little too far... off.
Notice: NVIDIA has detected that you might be attempting to load LLM or generative language model weights. For research and safety, a one-time aggregation of non-personally-identifying information has been sent to NVIDIA and stored in an anonymized database. The result of this check on this system has been stored in HKEY_LOCAL_MACHINE\SOFTWARE\NVIDIA Corporation\Global\LlmResearch.
Why would Nvidia want to prevent someone from doing it though (I guess they have a competing product?), and why should any consumer accept being prevented from doing it on hardware they've purchased? Is that even legal?
Go to torrents, get the leak from FB of LLAMA. Scan HN for plenty of entries of GitHub "how to" with said LLAMA. Follow steps there and load the model. See if that's the trigger or this is a hoax.
I'm sure nvidia collects telemetry, and I would not be surprised at all if that telemetry identified who's running language models and which ones they're running. But this isn't what a real notice of that fact would look like.