Back in the early early days of chatgpt it was possible to prompt it to spit out active AWS keys. Secrets are only secret if you don't share them. :)jedishrfu said:
Thank you. How would I technically implement that?QuarkyMeson said:
Thanks. Has that been addressed? I understand there was an effort to this effect, of sanitizing both input and output, to restrict prompt injection. Just filter the input to restrict and disallow troublesome requests.QuarkyMeson said:
There have been cases of search string injection. Other than sanitizing input and output, don't know if something has been or can be done to prevent it. The fact they don't filter SEO s doesn't seem to abide by their mantra (Or is it "womantra" now? ;) ) either. Edit: Kind of depressing how just about every aspect of searching, web searching, can be made subject to injection, though a good chunk of injection can be done away by designing things more carefully.jedishrfu said:
Here is a link to git repo I've used to play around with this: llama.cppWWGD said:
WWGD said:
Lumo and ChatGPT are both conversational AI assistants, but they’re built with different priorities and ecosystems in mind. Below is a balanced look at the main areas where they differ, which can help you decide which one aligns better with your needs.
1. Core Philosophy
Aspect Lumo ChatGPT Privacy‑first design Zero‑access encryption means Proton’s servers never see the raw content of your chats. Your data stays encrypted end‑to‑end. OpenAI retains conversation data (unless you opt out via the API settings) for model improvement and safety monitoring. Integration with Proton services Seamlessly connects to Proton Mail, Drive, VPN, Pass, and other Proton products, letting you manage email, files, passwords, and secure browsing from the same interface. No native ties to Proton services; integrations rely on third‑party plugins or custom API work. Model routing Uses several specialized sub‑models that are automatically selected based on the task (e.g., summarisation, code assistance, creative writing). This can give sharper results for certain domains. Primarily a single large language model (GPT‑4/3.5) that handles all tasks, which works well overall but isn’t tuned per‑task. 2. Feature Set
Feature Lumo ChatGPT Multilingual support 11 languages with full UI localisation. Over 30 languages, but quality varies more widely across less‑common languages. Voice input Built‑in voice entry on iOS (widgets) and Android. Voice is available only through the official app or third‑party wrappers. File handling Direct file uploads (PDF, CSV, code snippets) with in‑chat extraction, summarisation, and analysis. Can reference uploaded files in the web UI, but the depth of analysis is more limited. Web search (Lumo Plus) Optional “Lumo Plus” tier adds live web search, unlimited usage, and extended features. ChatGPT Plus (or Enterprise) gives priority access and higher usage caps, but the free tier already includes web‑search‑augmented responses via the browsing tool (if enabled). Pricing • Free – basic encrypted chat, limited usage.• Lumo Plus – $12.99 / month (or $9.99 / month annual) for unlimited usage + web search.• Included with Proton Visionary/Lifetime plans. • Free tier – limited daily usage.• ChatGPT Plus – $20 / month for GPT‑4 access and faster response times.• Enterprise plans for higher volume and dedicated instances. 3. Performance & Capabilities
- General conversation & creativity – Both models produce fluent, human‑like text. ChatGPT (especially GPT‑4) tends to have a slight edge in breadth of world knowledge because its training data extends later into 2023 and includes more diverse internet sources.
- Domain‑specific tasks – Lumo’s task‑routing can yield sharper results for things like code debugging, data‑frame summarisation, or legal‑style drafting, because each sub‑model is fine‑tuned for that niche.
- Safety & bias mitigation – Both systems employ extensive moderation layers. Lumo’s tighter integration with Proton’s privacy policies means fewer data‑driven personalization signals, which can reduce inadvertent bias stemming from user profiling.
4. Ecosystem & Extensibility
- Proton ecosystem – If you already use Proton Mail, Drive, VPN, or Pass, Lumo becomes a natural hub. You can, for example, ask Lumo to draft an encrypted email, attach a PDF from Drive, and encrypt the whole thread—all without leaving the chat.
- OpenAI ecosystem – ChatGPT benefits from a massive developer community, many third‑party plugins (e.g., Wolfram Alpha, Zapier), and easy API access for custom integrations.
5. When One Might Suit You Better
Situation Prefer Lumo if… Prefer ChatGPT if… You prioritize end‑to‑end privacy (data retained unless opted out)
You’re deep in the Proton suite You need the absolute latest knowledge (post‑2023 events) May need Lumo Plus + web search (or enable web search) (with browsing enabled)
You want the most polished, broad‑knowledge model out‑of‑the‑box Good, but ChatGPT‑4 may feel slightly richer You need specialized assistance (code, data tables, legal drafts) without extra prompting You want a large library of third‑party plugins Limited to Proton‑centric extensions 6. Bottom Line
Both assistants are strong, but they serve different philosophies:
- Lumo shines when privacy, security, and tight integration with Proton services are top priorities. Its modular model approach can give you a crisp experience for specific tasks, and the free tier already offers solid encrypted chat.
- ChatGPT excels when you need the widest knowledge base, extensive plugin ecosystem, and the most up‑to‑date information (especially with browsing enabled). It’s also a good fit if you’re building custom applications that rely on OpenAI’s API.
What would you like to explore next?
Let me know which angle interests you!
- A deeper dive into a particular feature (e.g., how Lumo handles file analysis)?
- Guidance on setting up Lumo Plus for web‑search‑enhanced answers?
- A side‑by‑side demo of a typical workflow in each assistant?
Excellent, Thank you so much @jack action .jack action said:
printf( DATEMSG, month, day , year);The Lumo's chat are encrypted, thus only the users have access to them. The only thing a court can force them to do is to share the encrypted texts and let the other party have fun decoding them.jedishrfu said:
WhatsApp was also end-to-end encrypted, but they were hacked.jack action said:
jack action said:
A quick search returns nothing of the sort, do you have a source? I found individual accounts that were hacked with spyware, but not the encryption on the servers' data.WWGD said:
jedishrfu said:
I know. I did such an app on a website. The problem was that I was doing the encryption/decryption locally with Javascript. It all relies on the adminstrator's good nature: One sneaky change in the Javascript code and they can download a copy of the decrypted messages without the user's knowledge. With an app coming from a "store" (Google Play, App Store, Microsoft Store, etc.), the problem is less important has any change/update to the Javascript files must be "signified" to the users. This "flaw" was already discussed about Protonmail (and everyone else), where its mobile version app is considered "safer" than its website version.jedishrfu said: