52
Too much open-source AI is exposing itself to the web (www.theregister.com)
submitted 19 hours ago by Powderhorn@beehaw.org to c/technology@beehaw.org
9 comments fedilink hide all child comments

As if AI weren't enough of a security concern, now researchers have discovered that open-source AI deployments may be an even bigger problem than those from commercial providers.

Threat researchers at SentinelLABS teamed up with internet mappers from Censys to take a look at the footprint of Ollama deployments exposed to the internet, and what they found was a global network of largely homogenous, open-source AI deployments just waiting for the right zero-day to come along.

175,108 unique Ollama hosts in 130 countries were found exposed to the public internet, with the vast majority of instances found to be running Llama, Qwen2, and Gemma2 models, most of those relying on the same compression choices and packaging regimes. That, says the pair, suggests open-source AI deployments have become a monoculture ripe for exploitation.

you are viewing a single comment's thread
view the rest of the comments
[-] tal@lemmy.today 1 points 4 hours ago* (last edited 4 hours ago)

Oh, yeah, it's not that ollama itself is opening holes (other than adding something listening on a local port), or telling people to do that. I'm saying that the ollama team is explicitly promoting bad practices. I'm just saying that I'd guess that there are a number of people who are doing things like fully-exposing or port-forwarding to ollama or whatever because they want to be using the parallel compute hardware on their computer remotely. The easiest way to do that is to just expose ollama without setting up some kind of authentication mechanism, so...it's gonna happen.

I remember someone on here who had their phone and desktop set up so that they couldn't reach each other by default. They were fine with that, but they really wanted their phone to be able to access the LLM on their computer, and I was helping walk them through it. It was hard and confusing for them

they didn't really have a background in the stuff, but badly wanted the functionality. In their case, they just wanted local access, while the phone was on their home WiFi network. But...I can say pretty confidently that there are people who want access all the time, to access the thing remotely.

this post was submitted on 02 Feb 2026
52 points (100.0% liked)

Technology

41664 readers
302 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 4 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
coldredlight@beehaw.org
SemioticStandard@beehaw.org
TheRtRevKaiser@kbin.social
remington@beehaw.org