Cyber Sentries: AI Insight to Cloud Security

Open Source AI: Transparency, Sovereignty, and Who Controls the Data
In this episode of Cyber Sentries, host John Richards is joined by JJ Asghar, an Open Source Champion and Developer Advocate at IBM. They explore the importance of open source in the AI world, how transparency can allow for AI sovereignty, and why we should care about who controls the data.
JJ shares his journey into the AI space at IBM and his strong opinions formed from working on open source AI projects. The discussion delves into the differences between mainstream closed-source AI models and the emerging open-source alternatives, highlighting the privacy and trust aspects that are becoming increasingly important, especially outside the United States.
Questions we answer in this episode:
  • How does open source fit into the recent surge of AI?
  • What are the benefits of open-source AI models compared to closed-source ones?
  • Why is AI sovereignty important, and how does it relate to open source?
The conversation covers the challenges of building and running AI models, the compute resources required, and how open-source approaches can provide more transparency and control. JJ explains the concept of AI sovereignty, where countries and organizations want to run AI within their borders and under their own rules and restrictions. This brings up issues of hardware accessibility and the lifecycle of AI models.
Key Takeaways:
  • Open-source AI allows for greater transparency and trust compared to closed-source models
  • AI sovereignty is becoming increasingly important for countries with strict privacy laws
  • The lifecycle of AI involves training, fine-tuning, and inferencing, each with different compute requirements
While open source offers many benefits, the discussion also touches on the challenges, such as the potential for model poisoning and the current lack of genealogy in AI models. Despite these hurdles, open source remains a powerful force in the AI world, with the potential to provide more eyes on the code and faster problem resolution.
This episode offers valuable insights into the complex world of AI, the role of open source, and the importance of data control and transparency. Whether you're a developer, a security professional, or simply interested in the future of AI, this conversation provides a thought-provoking look at the challenges and opportunities ahead.
Links & Notes

Creators & Guests

Host
John Richards II
Head of Developer Relations @ Paladin Cloud The avatar of non sequiturs. Passions: WordPress 🧑‍💻, cats 🐈‍⬛, food 🍱, boardgames ♟, a Jewish rabbi ✝️.

What is Cyber Sentries: AI Insight to Cloud Security?

Dive deep into AI's accelerating role in securing cloud environments to protect applications and data. In each episode, we showcase its potential to transform our approach to security in the face of an increasingly complex threat landscape. Tune in as we illuminate the complexities at the intersection of AI and security, a space where innovation meets continuous vigilance.

John Richards:
Welcome to Cyber Sentries from Paladin Cloud on TruStory FM. I'm your host, John Richards. Here we explore the transformative potential of AI for cloud security. Our sponsor, Paladin Cloud, is an AI-powered prioritization engine for cloud security. Check them out at paladincloud.io.
Our guest today is JJ Asghar, an open source champion and developer advocate at IBM. On this episode, JJ shares the importance of open source to the AI world, how transparency can allow AI sovereignty and why we should care about who controls the data. Let's dive right in.
Welcome everyone. Today, I am excited to be speaking with JJ Asghar, a developer advocate at IBM. JJ, thank you so much for joining us today.

JJ Asghar:
Hey, thanks for having me. I'm excited to have this conversation.

John Richards:
I've met you a couple of time at conferences, have loved what you had to say, especially around the world of AI and the role it's playing. So I'm really excited for this discussion today. But before we jump to that piece, I'm sure our listeners would love to hear a little bit about how you ended up at IBM, how you got involved with AI, and I know especially around this area of sovereignty that we'll talk about later. But yeah, can you share a little bit about your journey to this spot?

JJ Asghar:
So I like to say I've fallen backwards my whole career. I come from the configuration management space and I was an employee at Chef Software back in the day when Chef was cool, was a little while ago now.

John Richards:
Just a little bit.

JJ Asghar:
Just a little bit. And I eventually found myself at IBM from Chef because of my connections I made in the OpenStack community. So if you know what OpenStack is, that is the open source cloud operating system. That's wrong term, but close enough. History models words. So basically, I got recruited into IBM from Chef. The story goes is the gentleman who hired me, I was at KubeCon Austin, which I actually live in Austin, so it was really easy for me to get to as a Chef employee. I got a phone call from a buddy of mine who eventually became my manager at IBM, and he walked up to me, he flew into Austin, he's like, "Hey, JJ, are you at KubeCon?" I'm like, "Yeah." He called me and it's on the phone and he's like, "All right, I'll be there in 15 minutes." I'm like, "All right, that's weird. I haven't talked to this guy in two years."
And he walks up to me at the Chef booth and said, "Hey, walk with me for a second." I'm like, "All right, cool." I'm like, "I'm going to go walk with this guy." 15 feet away of the booth, he turned to me and he is like, "Hey, would you work for me?" I'm like, "Yeah, I guess." And he looked like, "All right, cool. I'll put the paperwork in."
And that was it.

John Richards:
I love that story.

JJ Asghar:
Yeah. Eight months later, I was an IBMer. It was completely bizarre, but that's how I got here. That's how I got here.

John Richards:
Amazing, amazing. So how then at IBM did you get involved on some of the AI side of things? Is this mostly a personal thing or are you involved in it professionally there as well?

JJ Asghar:
Yeah, no, that's a great question. So I came in through the cloud space, right? Obviously, Kubernetes and all that ecosystem, and I joined the open source team because that's where it all fell in place, and that's where developer advocacy sits inside of IBM. IBM quickly recognized I had a very good skill set at engaging with open source communities and getting people to be successful in open source. There's a project here at IBM and Red Hat called Instruct Lab that needed some people that have the same open mind first. So back in March- ish, I got tapped as part of that project, I started my journey in AI just back in February, March of this year, and I've learned a ton while I'm going through it and being that I live and breathe this every single day, I have very strong opinions now, let's just put it that way.

John Richards:
Excellent. That's what we want to hear, these strong opinions, and I mean, I'm fascinated. I love open source and the fact that this recent surge of AI, its prominence and how does open source fit into that? So can you compare what the difference is between maybe popular models people are familiar with that are close source and then the open source models that are being built from the ground up?

JJ Asghar:
One of the challenges with how models, the mainstream models, I'm just going to call them mainstream, if you really put your mind to it, you know exactly the ones I'm talking about, but I'm not going to actually call them out, because I have some level of decorum I guess. But if you think about the mainstream ones out there, they are there to make money. They are there to build a business around it. So everything you send to them, you trust that they do not train if you pay them money off of that stuff. What is the saying? If something's free on the internet, you're the product, right? Because they're taking your stuff. Well, that's the same thing with all these mainstream models out there is that when you use them for free, you have no idea where that information that you are sending to it that it trains on to pull back. So if you accidentally send your corporate knowledge into the free tier of that system in Silicon Valley, you might be giving it your secret sauce.
Now, here in the US, again, I live in Austin, Texas, so I can say this as an American, most of us don't really care about this stuff as a whole, right? We're okay with the Facebooks of the world of us giving ourselves as the products. When you get outside of the United States with places like the GDPR or in the Middle East or in Southeast Asia, they takes privacy so much more secure, or more important. And that level of understanding is where open source is starting to grow when it comes to the privacy aspect and the trusted aspect of these AI models. Because if you just, yeah, you might be able to get awesome things outside of the things in Silicon Valley, but you are also giving away your secrets to that. It's the devil you don't know, right?
Where with open source models, we can actually give you the actual paper and the actual data sets that the models are trained on that is completely attributed correctly. Also set with IBM lawyers behind it, at least the IBM standpoint, that we will say whatever comes out of this is legally okay internationally for you to build your products and your things outside of. You can't do that with the ones out of Silicon Valley. So if you start thinking about it as a macro problem, all of a sudden you realize, wait, I'm giving away my secrets to a faceless corporation, but there's also this open source thing on the other side that we will show you exactly how it's being built.
Now, I do want to say, even though we will give you the papers on how it's being built, all the data sets it being built, you're probably like, "Well, how are you doing that? Can't I just recreate this thing inside my own data center?" I'm sorry, but to build a foundational model from the ground up takes a lot of compute and GPUs. It takes a lot of hardware out there to make this happen, and only really governments and the international massive corporations can afford to make these things. So what we've done is we've released these what we call foundational models that are open source that we can show you exactly what's inside of them and prove to you exactly what's inside of them and allow you to fine tune them on top of it.
Did I answer your question?

John Richards:
Yeah, it does, and I think that's fascinating. Because I feel most people's introduction to the idea of open source is the free as in beer, when you talk about the different kinds of free, and in this model, there's a place where it's like, well, because of the underlying cost of running this stuff, even if it technically would be free for the layout, it's still not possible to use it. So it's really getting at the other freedoms that come from open source around the freedom of speech, freedom of control of your data and the importance of those, and that's not the first thing that comes to people's mind. You got to explain and train people on here is why those other freedoms are actually more important than even the idea of the money piece is this idea of it being open source, collectively owned, a common good.

JJ Asghar:
One of the stories I used to use when I was a cloud engineer, which is this is still accurate to this day, when a CTO or CIO would come to me and be like, "Hey, JJ, I want to use Kubernetes." I'm like, "All right, cool, what do you want to do with that?" They're like, "Oh, I hear it's free and I can run this in my data center." And I'm like, "Cool. How much are you going to spend on it?" I'm like, "Oh, a couple hundred thousand, and I can run my whole infrastructure on it." I'm like, "Okay, cool. Do you have... For one of your clusters, how many clusters are you expecting to have?" They're like, "Oh, five or six" "All right, cool. Do you have $5 million in OpEx?" And they're like, "What?" I'm like, "Yeah, you're going to need to spend every single cluster, you're going to need at least five $250,000 a year engineers to run this in a production environment."
They're like, "Wait, but it's free software." "But yeah, the human costs of running this thing is $250,000 on average to run a Kubernetes cluster, to have the knowledge to be able to do it, to get this done." And they are like, "Wait, but it's free software." I'm like, "Yeah, free software means you need humans who actually understand what the hell they're doing."

John Richards:
Yes. Well, okay, so let's take that to this challenge with AI then. If we need these large entities to be running this, what's the approach here for open source to be able to compete with these mainstream models to get that compute that they need?

JJ Asghar:
That's an interesting state. What we've done on the IBM side is there's this one thing out there that's a pilot that is also cooperative, if you will, that one of the mainstream models use that's really easy to use with an open source editor called VS Code. Hopefully, that's enough hints that I'm trying to say there. So one of the challenge is that one, is that by default that we don't actually know the way that model was trained, and they are never going to teach us how that model was trained because they can't, right? We have no idea where they got all the base code from. They claim that they did only scrape the public GitHubs of the world, but have you looked at GitHub? Is it licensed properly on GitHub? There are billions of repositories even on the open source side. I know people don't throw licenses in there all the time. GPL is a thing. It's hairy really fast, right?

John Richards:
Yeah, yeah. The way they cascade, it's very complex.

JJ Asghar:
Exactly. So what we've done on the IBM side is that we've actually found a bunch of repositories that are attributed correctly with the correct license, and we have something called Granite Code out there, and what we've done is we've been able to figure out, which I can link to if you like, how to build a local AI copilot that can run solely on your laptop with our foundational model so you don't have to use the thing that is naturally built into VS code.
Why is this important? Well, what we've learned is that people really like AI code assistants as a whole, right? The problem is is that they're not that great. The way I like to talk about it is that they're like the best intern you'll ever have in your life. You ask them how to build a four loop for you that does A B, and C and D, they'll build a four loop that does A, B, C and D, but that's about it, which is not great, but at the same time, it's useful because now you can just get the general idea of what you're looking for, but you still tweak it.
Problem is is there's a generation of people coming out of university right now that they don't collaborate with other developers, they're actually using AI code completers as their collaboration. So they're getting used to this. So that means we need to build a system now that can be secure and trusted, that can contribute correctly, that we can say that when they come into the space, their natural tooling actually fits within the legal aspects so you don't completely kneecap them when they come out.
Now, where am I going with this? As you build up and you start taking this as a larger space, this brings this into the AI sovereignty conversation because now if I can run this local model on my laptop to help me do some development, the natural progression is, well, can't I have a shared model inside my own data center that only my company uses that I can work with? Okay, hold on. What about my government agency that I can only do inside of my borders?
And that brings us into the AI conversation of AI sovereignty because think about it, can you take that thing from Silicon Valley and put it inside of Germany and then have only Germans access it? No, you have to go to their website and okay, maybe if you have enough money, they might be able to spin up inside there, but that is out of the access of the majority of laymen out there. So you have to start, I'm babbling here, but does this make sense?

John Richards:
No, this is making sense. And I think it would be helpful for me if you've got a layman's explanation of what is meant by this term sovereignty in this case for what we're thinking about when we talk about that.

JJ Asghar:
Yeah. So getting to AI sovereignty. Right now, we know for a fact that the world is moving towards AI as a whole. We have it on our phones. We have ways to communicate with it to the theory being is that we should be able to ask it questions and get us things back.

John Richards:
And every tool and app that I have has just rolled out a new AI component as part of it.

JJ Asghar:
Exactly. And there's a larger conversation about if it should actually be there or not, but for this conversation, let's just say we are moving towards that space. Unfortunately, the majority of the world, apart from us being in the United States, the majority of the world have very specific laws and restrictions around privacy and how data is moved around inside of their countries.
Within the last week of us recording this, there's actually been some jokes around Europe saying, Hey, why don't we have AI companies showing up in Europe? Well, it's because the laws they've created basically kneecap AI companies in Europe because of their privacy laws, so they don't obviously want to be there because they're like, we can't do what we need to do. There's a couple of memes on it, if you want to find it, it's actually funny. But it's a really good microcosm of the story. It's AI sovereignty where they're trying to build AI that fits within their, lack of better term, borders and their rules and restrictions.
Now, there's extreme cases, for instance, in Saudi Arabia inside of the kingdom there, they have to have AI that only lives inside their actual borders with Saudi Arabia. Also, Germany is like that too. Their rules inside of Germany are even more restrictive than the GDPR, which is privacy inside of Europe. There's also France and Spain that have these issues too, same as with Italy and Canada too. So when you start thinking about it with AI sovereignty, that means they have to run their AI inside their borders on their own hardware.
That also brings in conversations of GPUs. Now, if you don't know, you can run an AI on a CPU, the main brain of a computer, but to actually get good performance of it, you need a GPU, which is the graphics processing unit, all the things your kids are buying to play video games or mine Bitcoin.

John Richards:
Yeah, yeah, exactly.

JJ Asghar:
Yeah. It turns out that's actually required for useful aspects of the crunching that is done for AI. So that's one reason why certain places in the world are fighting over Nvidia chips, because there's a lack of those out in space. AMD with the ROMCOM or ARCOM opens up a whole other conversation, but it's important to recognize that if you are a company trying to play in this space, you also need access to the hardware that runs it, which there are certain tariffs out there or certain restrictions on Nvidia giving out chips to the rest of the world where if you are an international company like me, we actually have to think about this stuff where we're like, well, our AI runs only on Nvidia chips and we need to sell it to this country and they're not allowed to get Nvidia chips. Ah, shit.

John Richards:
What does that look like then for, let's say, you're an organization out there and you are serving government, so you've got a level of security or compliance you have to do, does that mean in some of these cases you're like, I can't use AI unless it fits within this criteria? One of the other things with this is that AI models get trained and then they can be run much faster locally once they're trained. Is that what this open source model is looking at doing? If we scale this up enough to work, can then these smaller groups get this trained model that maybe doesn't require a whole bunch of Nvidia chips to run?

JJ Asghar:
Exactly. Exactly. And you touched on something very important there where there's the lifecycle of AI, right? We're just talking about running AI or what we call inferencing, right? Talking to the AI.
So you have a foundational model, an open source foundational model like Granite or the Granite family, it's actually like eight different models, but I don't want to get into those details. Let's just call it the foundational models of Granite. And then you have the inferencing where you ask it questions like the Granite code or the local co-pilot that we're talking about or asking it questions about certain stuff.
Then what we tell you is something called fine-tuning, which is where you take your knowledge or your understanding of what you want to add to the model where you layer it on top of it. Think of it almost like a Docker container where you have the base OS instead of Docker container. Then you put your app on top of it. That's what fine-tuning is. Not 100%, don't yell at me, but it's enough for you to grasp what's going on.
But then in order to get to the full training of the model, that's where all the majority of the GPUs live, where you actually need to fine tune that thing. But as soon as you get the model out of the pipeline, then you can actually ship that model around. It's a binary file. It's actually just a binary file that you can just ship two different locations and host in different places where you still want to host it on a GPU because that's the best performance it gets, not as a CPU, but if you need five GPUs to train and fine tune the model, you'll need one GPU to do the inference on it.
Does that make sense? So that gives us the ability to work with it that way.

John Richards:
As I think about this, it reminds me of how the last few KubeCons in the security aspect, there's been a lot of talk about this idea of SOP, and you talked about being able in this open source model to say, Hey, I can attribute all of this data. Is there a similar concept where you're saying, if I want to run a model locally, there's value in knowing that I can trace back all of this to where it went, it was only used on things that I know are legally OK, on data that was allowed, so then now I can run this? Because it gets to be a bit of a black box at a certain point, but you need something there to be able to say, "I know I'm not going to hit legal repercussions later when all of a sudden somebody else's code pops up when I'm trying to complete this, and they're like, "Oh, you used this that's not free to use," and now I've got this legal ramifications."

JJ Asghar:
You found the chink in the armor on that one. So yes. One of the biggest problems, and we still don't really have a good answer for, is this black box situation. And that's one reason why if you go to Hugging Face, if you've never heard of Hugging Face, the TLDR it is it's basically a GitHub of AI and ML now where people can post models for free for people to use that are open source. Problem is is that what happens is people just fork the models and they just do a little bit of fine-tuning on top of it and then release it.

John Richards:
Yeah. The numbers of how many things are hosted there are insane because it's just a ton of forks of a couple of the popular models it seems.

JJ Asghar:
Exactly. And the problem is we have no way of actually knowing if that's true, right? There is no genealogy when it comes to models, and we've never really... Unfortunately, this hit the market before we found a way to verify that the models that are out on the open source ecosystem aren't poisoned, right? So if you imagine if someone just takes the base model that is open source, not Granite, because Granite has protections around it, but if you take a general model on Hugging Face and then you fork it, and then you do some stuff and somebody forks it from you and then somebody forks it from them, and then somebody poisons it with something, maybe for instance, really bad political stances on things that we all have strong opinions about nowadays, and then they fork it and then they slide it into something else by changing in the name or something like that, and then they fork it and all of a sudden it's buried inside the model and then all of a sudden you start using it somewhere and all of a sudden it's telling us we should kill all humans, that's probably a problem, right?

John Richards:
Yes.

JJ Asghar:
Which is not great for-

John Richards:
Yeah, like the famous, what was it? Microsoft's Tay Tay bot rollout that they had to take down?

JJ Asghar:
Yes.

John Richards:
Yeah.

JJ Asghar:
Within a day. Within a day, it completely just went pear-shaped, right? So it's important to recognize these things. And unfortunately, we don't really have a lot of good guardrails in this space, and it's the same story with open source as a whole, right? Where you're like, well, how can I trust open source as an entity? And in the ecosystem, we have enough engineers with a bunch of good handshake agreements that we pay attention to it. For instance, remember the CrowdStrike problem, with closed source, it took down travel across the world for multiple days, right?

John Richards:
Yes.

JJ Asghar:
Remember also during that exact same time, there was that one engineer who couldn't SSH into their box fast enough and they recognized that there was a built-in or there was a back door put inside a very specific version of open SSH that had just been released, and it would been like, because they couldn't log into their machine fast enough, they will get that it will be patched very quickly because we had a bunch of nerds who had access to the software to be able to see what was going on. And that's the difference, right? With open source, you have many eyes looking at the situation.
Now, you would think that would translate really easily over into the AI space. But because of the black box problem that you alluded to earlier, we don't. And that brings in the conversation of what is truly open source AI and what's becoming as a core tenant is that you have to have the data sets that you know you could, if you have the hardware, be able to transfer the data set training into the entity that is the model that you have just downloaded. Right now, it's a handshake agreement because of how expensive it is to train foundational models from nothing, but it's important to recognize that. We're giving you the source code, but you have to trust us that it comes out with this thing in the other side. Now, from IBM's standpoint, we have lawyers that will back us up on that, but if you go talk to homeboybongripper69 or whatever on Hugging Face, that's a much different conversation to have, right? Do you see where I'm going with this?

John Richards:
Yes. Yes. Yeah, and that does... You also are sharing about what data sets you're trained on because some of this stuff, even if it's an open source model, doesn't always even attribute where it trained its data. It's just like, Hey, this model itself is open for you to use or adjust versus saying, I've got a whole data set that I'm certifying, which when you have a legal entity backing that up gives it a little more credence of this is what it was trained on. So we know for sure how we got to this state. Even if we don't know all the steps in between, we know where we started, we know where we ended, and we know this was the tooling we used to run on top of it.

JJ Asghar:
And to reinforce that, that's exactly why. Obviously. I work at IBM and I'm a proponent of this is one reason why I see this as a future moving forward compared to our friends in the Silicon Valley. Where I have kids, I want to create a society that's better for my kids in the future, and I would rather have that level of transparency. I would rather have someone like IBM who will stand up in court in the U.S., which I understand our courts are very strong, it's supposed to be a joke, that we will stay in court that this is exactly what you are getting. Compared to our friends in Silicon Valley where they will never tell us what it was based off of. The one in Silicon Valley, the one in Redmond, the one in Mountain View, they hide that in a walled garden.
Now, admittedly, they perform extremely well, but just as I said at the very beginning of this conversation, you don't know what you have to give up to be able to use those things. What's the analogy of poison fruit or something like that, right? You have no idea what is this actually doing for you. Yes, it might be able to write you a nice sonnet about Kubernetes, but do you really want to give up your secrets for it to get a sonnet for Kubernetes? It's a trade-off.
And that's one reason why we've learned, and again, to bring it all the way back to more so outside of the United States, for a security-focused entity, you have to really think of it that way. Now, they say they make promises, but again, they make promises and they say that if you pay them, it can only stay within their space or whatever. But again, who's actually going to take them to court about that, and how do you prove that? You can't. There's no entity that you can say, oh, it turns out I was putting in my military secrets and using this to get this back out, but I paid for it. So it's cool. And then you find out your competitor gets, or your other government agency gets that military secret that you just put in there. What was it? There's a game called World of Tanks, right?

John Richards:
Yes, yes.

JJ Asghar:
Yes. We've had this conversation, but I'll say it again, right? World of Tanks is a perfect example. World of Tanks is a free-to-play multiplayer game where you get to play in tanks and fight against one another. It is super realistic. Well, it turns out somebody has taken, they've used the AI in Silicon Valley to try to get some information around these tanks, and it turns out they actually have top-secret information about these tanks that were attributed to World of Tanks because they figured out how they do this. And they used the AI to find it, right? So think about that for a second. How our tanks are made here in the United States is inside the AI that is done for a video game. What? That's not good, right? That's not good.

John Richards:
Yeah. That's wild. No, I saw that the meme was like how many days since the last security breach from World of Tanks or whatever, because they were so accurate and yeah, no, okay, so there's a very real problem here for government agencies and folks tied into that level. But for people out there who made me feel like, oh, I don't need that much security, I'm already giving a bunch of my information over to Google or Apple or whoever I run my Microsoft or my SSO or whatever I'm doing, and I'm trusting that, right now, some of these mainstream models, especially at the beginning, seemed to be really far ahead, and it was like this trade off of, oh, well, this is cutting edge and useful, and we've got, especially here in the U.S., this startup mentality of move fast break things, and so there's a drive for that.
At the same time, it's like, well, breaking things can have really terrible consequences. So folks out there are trying to weigh the difference between these two things. Do you see the end result being a both models where we see, oh, where folks are very needing a lot of security, they go into this and everybody else who's like, oh, I'll be a little bit risky, is going to keep going this way, or do you see some of these open source models, I've heard the gap is getting smaller between those eventually that value becoming so dominant that they're able to overtake and actually become the dominant model in the space?

JJ Asghar:
So I'm going to age myself for a second here. I got some gray in my beard. There was a really interesting parallel conversation or parallel lifecycle between this operating system called Windows and this operating system called Linux a handful of years ago, and right now, what runs the internet?

John Richards:
Yeah, it's Linux or Unix all the way down.

JJ Asghar:
Exactly. It took years, admittedly. It took years to get there, but eventually it became the way that the internet is ran. And I like to say, I think the kids say it, "Go touch grass" or whatever, like you get away from the computer and give yourself some thoughts. I say I like staring at some trees because I have a bunch of trees outside my house and I stare at them when I'm trying to think. If you stare at enough trees and you really start seeing what the AI ecosystem is, there are so many parallels in the idea of Windows versus Linux. But the interesting thing was the Windows versus Linux conversation took frankly a decade, maybe even two decades to turn into what it is. The AI ecosystem moves so quickly, something that you've been working on for a month in the AI space is the equivalent of a year in the cloud native space. It moves that fast.
And there's a whole ecosystem of so-called, I can't say the word correctly, but I'm going to try, agentic. Agents of AI. There's one system out there called Crew AI that's if you have any level of Python knowledge, it is insanely easy to use. And the idea is when you interface with an AI, you usually give it a prompt and then you ask it a question to give it a little bit of a space it needs to play with inside. Agentic is the next idea of being able to give it multiple prompts, but multiple calls and then it hands it off to the different agents so we can come out with something at the end. So you can have a researcher do something, something that is going to make some pictures for you and then compile it into what they say, like a newsletter, like a writer, and then you can change the newsletter to an editor to be more fun or more business-like.
And the idea is you can scrape a bunch of things from the internet and create a blog post or a newsletter that you immediately email off to your friends. So instead of you going through a researcher, pictures, a writer, an editor, and then an email, you can just write five agents that does this all through AI. Does it make sense?

John Richards:
It does. Yeah.

JJ Asghar:
It's a natural progression. And this is maybe 90 days old, and it's really easy to use. Think about that. This idea of us just talking to AIs as a whole was maybe back in February, maybe back in December. And then 90 days later, and now we're like, well, we need to take this to the next level. I need to be able to talk to multiple AIs with multiple different prompts so I don't have to talk to humans anymore because I just needed to write me a newsletter to do this, and now it can scrape the internet to find links and shit and then go up and talk to Wikipedia to get the right... The more you look at it, the more you're like, "Wow, this is really cool. Oh God, this just showed up yesterday." Right?

John Richards:
Yeah. And we have no idea what we're doing. We're still like, oh, what can this do? So with that speed, are you seeing then that you think that 20 year timeline will get condensed of maybe open source starting to really become dominant? Or are you saying it's just so chaotic right now that trying to think about what that will be in the future is... It's so chaotic, we can't even really guess at what that would be.

JJ Asghar:
Do you want the engineer answer or do you want the JJ answer?

John Richards:
I want the JJ answer.

JJ Asghar:
Okay. The JJ answer is, well, we are finding some awesome stuff coming out with this stuff. I'm excited about everything I get to learn every single day. Frankly, as soon as I get off this call, I'm going to be playing with some really cool stuff, I'm not going to lie. So JJ is excited. But also I am cautiously optimistic when it comes to certain things, and I'm going to bring it down for a second because we have to be realistic. Right now, when you use an AI, to inference with an AI, it takes about four to five times the amount of energy for it to do the generation of the text than it is to do a simple Google search.

John Richards:
Oh, wow.

JJ Asghar:
Right? Now, that is a significant difference. What does that mean? Well, first, it means we're burning the oceans. That's probably not good. Again, I'm a dad. I want my kids to have a better world than I live in, so I need to make something... We need to... Cool, bells and whistles are awesome. Yes, awesome. We need to find a way to make this four or five times better than a Google search. We need to find that thing. And right now, I think we're still, what is it, the hype cycle or whatever, I think we're past the peak and we're starting to go down a little bit because people are realizing this is actually costing a shit ton of money. We're at that spike, but I know for a fact there is something out there. We just need to hit that vein in mining, a gold vein. I've been playing some Satisfactory lately, so I'm locked up into the whole I need to build awesome factors. But in all seriousness, we need to find that vein so then we can truly make this the thing that we need for the future.
But that is the JJ answer, right? That's like, this is really cool, but we need that... We've gotten past the POC phase. Now, we need something to actually productize, or productionize this that can be benefit for the world because spending billions of dollars writing Kubernetes sonnets, that's cool for a party trick, but that's really hard to justify for a business.

John Richards:
Yeah. Because these folks doing this aren't doing it to be profitable yet. And at a certain point, that's going to have to happen. And back to your point of like, are we the product or what is is going to change that, so some sustainable model for this will be really important.

JJ Asghar:
But the cool part is is if you do go into Ollama, Ollama's become the default standard of running local LLMs or large language models if you don't know what that stand is for, there's a whole ecosystem of you being able to pull those models down and run them on your local laptop, Windows, Linux or Mac, and you can inference against these and you don't have to pay the Silicon Valleys or the Redmonds or the Mountain Views of the world. You can do it all on your local laptop, and then you're not wasting energy back to that five time problem. But when you start scaling it out and you start looking at it from a business standpoint and trying to implement AI into your business workflow, then you need to really start really thinking about this.
And obviously, from the open source AI standpoint and from the IBM standpoint, of course, I'm going to try to tell you to go down this specific path, that's literally my job. But from an engineer standpoint, from a JJ standpoint about society as a whole, please reach out and have this conversation with me because not always... You might have a hammer, but you might have a screw in front of you, or you might have a screwdriver, and you might have a nail. So let's make sure you use the right tool for the right job.

John Richards:
Yeah, that's so important. And I also feel we're probably not too far away from a couple big explosions or crises around how fast we're moving quickly and breaking things that may suddenly call into clear focus why an open source model provides value. You get a couple high... I know of some smaller ones, as you talked about, poison models and stuff that have happened, but you get a high profile one of those, and we may suddenly get a lot more boards and leadership groups saying, "Hey, maybe we should be very careful about this."

JJ Asghar:
Exactly. And transparency and security, it's true, just to reiterate and to yes and what you just said. You need to learn how to figure out a way to trust this stuff, it's that simple. Right? And is it easier to trust with a window into how it's being built or is it easier to throw money at the problem and trust that if something goes pear shaped, you can take them to court? Which is easier for you?

John Richards:
Yeah. Sometimes denial is easier in the moment, but it has a cost eventually.

JJ Asghar:
Exactly.

John Richards:
Well, JJ, thank you so much for coming on here. This has been so informative. I appreciate you really diving deep in this idea of sovereignty and sharing your knowledge on the topic. Found it fascinating. Before I let you go, I'd love to, if you could share a little bit about anything you want to promote, maybe how folks can reach out to you if they have questions. I know we'll put a bunch of links in the show notes here about things that you've referenced as well.

JJ Asghar:
Yeah. Well, again, thank you so much for having me. I realize I babble a lot, but there's a lot here. And what I'm asking you to do if you've gotten this far in listening into this conversation, first of all, thank you because that means that you're actually interested in this space. You're going to have to do a lot of homework, and obviously, there's different ways of doing this homework, but the best thing to do is to start and understand that this is a lot harder than you think it is. I have a privilege to be able to work on this daily, and a lot of people don't. So if you feel confused and worried, reach out to the community because there's a lot of people who want to help you, including myself. And my email address literally is awesome@ibm.com. Yes, it really is.

John Richards:
The best email address. I don't know how you swung that, but kudos to you.

JJ Asghar:
Paperwork is an amazing thing. But no, my job is to be accessible, and if you want to go down this path and you're just like, what the hell does this even mean? Trust me, let's go on this path together and I will help you however I can. All you got to do is reach out.

John Richards:
Amazing. And one question on that. You mentioned reach out to the community. Are there any folks out there that maybe have been, Hey, I've been learning, I've been using these models a lot, but I'm not in connect with the community. Are there any communities you would recommend go check out this group?

JJ Asghar:
So yeah, obviously, at IBM, we have a dedicated community space for a lot of these things. What's real interesting about this is because it turns out it's a really hard problem. Back in the day, once again, gray beard over here, when you were trying to learn Linux as a whole, we had this thing called IRC out there where internet relay, by the way, I'm still on IRC, but that's a different conversation. And we would be able just join #Linux and be like, "I can't boot my machine. Help me." And somebody would help you. That was literally what had happened.
Nowadays, every project's fragmented. So when you start playing in this space and you use, for instance, to talk about Crew AI, when you start playing with Crew AI, you have to go to their Discord and talk to them in that space. And then with there, it's the networking effect. And all of a sudden they mention another project and you find yourself looking at that project and frankly going to their Discord and working from there. And then if you go to that Discord, you might find yourself over at a Slack. Like for instance, in Struck Lab, which is something dear to my heart, which is an open source project for fine-tuning models, we have our own Slack that I'm constantly in, in strucklab.ai that I would absolutely love for you to join. And we are trying to build up the open source fine-tuning of the Granite models this way.
But the idea is it's not centralized by any standard like we had with IRC back in the day. It's very fragmented and it requires real homework and real work, and I wish there was a better answer, but that's unfortunately the way it is right now.

John Richards:
Well, it sounds like whichever group, go, just jump into one and then that will slowly expand until you're overwhelmed with different community groups, as it seems like a lot of open source projects end up that way.

JJ Asghar:
Yeah. And there's a lot of YouTube videos out there. Some very strong people in the AI space on YouTube that, believe it or not, are extremely accurate and walk you through this stuff. Always, when I've learned, choose the tutorial ones where they're actually doing the thing in front of you, not talking about it at a high level, but doing the actual thing in front of you where you can sit there and follow the bouncing ball, and before you know it, after about six weeks of doing that, you followed enough bouncing balls so you have situational awareness so you can actually be able to start understanding what people are saying in those different communities.

John Richards:
That's so helpful. Well, thank you. It's, again, JJ. I really appreciate you coming on here. This has been a wonderful chat. Have a wonderful rest of your day.

JJ Asghar:
Thank you.

John Richards:
This podcast is made possible by Paladin Cloud, an AI-powered prioritization engine for cloud security. DevOps and security teams often struggle under the massive amount of notifications they receive. Reduce alert fatigue with Paladin Cloud, using generative AI, the model risk scores, and correlates findings across your existing tools, empowering teams to identify, prioritize, and remediate the most important security risks. If you'd like to know more, visit paladincloud.io.
Thank you for tuning in to Cyber Sentries. I'm your host, John Richards. This has been a production of TruStory FM. Audio Engineering by Andy Nelson. Music by Ahmet Seguin. You can find all the links in the show notes. We appreciate you downloading and listening to this show. Take a moment and leave a like and a review. It helps us get the word out.
We'll be back November 13th right here on Cyber Sentries.