fickling VS Pytorch

You're right! You should probably use Trail of Bits Fickling tool to investigate. https://github.com/trailofbits/fickling

I tested the Anything V3 pruned from Hugging Face, and indeed nothing funny in its pickle. I used the Fickling library to decompile it. I do not use Windows so my interests in .ckpt security are largely related to Pickle exploits— which could extract malicious code from a data file and then do something with it, but the data files themselves are not executed. I will edit this comment with lines referencing that data file.

I've been using Diffusion Bee on my Mac, and it's just gained the ability to import models (which it converts), but it is unpickling to do so— but barely. It unpickles, figures out what sort of data is in every data file and then computes what it wants from them on its own. I would love it to not use unpickling at all, so my intention is if I can figure it out, to write a script to decode the pickle file (with Fickling or otherwise) and then just do the weight calculation/assignment.

Something you won't gather from skim-reading the headline is that this is that the author has also created a tool, Fickling: https://github.com/trailofbits/fickling - to aid in playing around with pickle files.

From the article: [Fickling] can help you reverse engineer, test, and even create malicious pickle files.

TensorFlow

TensorFlow, developed by Google, and PyTorch, developed by Facebook, are two of the most popular frameworks for building and training complex machine learning models. TensorFlow is known for its flexibility and robust scalability, making it suitable for both research prototypes and production deployments. PyTorch is praised for its ease of use, simplicity, and dynamic computational graph that allows for more intuitive coding of complex AI models. Both frameworks support a wide range of AI models, from simple linear regression to complex deep neural networks.

> does PyTorch have a similar concept

of course https://github.com/pytorch/pytorch/blob/main/torch/utils/_py...

fyi should work on most 40xx[1]

[1] https://github.com/pytorch/pytorch/issues/119638#issuecommen...

Sure, right here: https://github.com/pytorch/pytorch/blob/main/torch/autograd/...

Here's the documentation: https://pytorch.org/tutorials/intermediate/forward_ad_usage....

> When an input, which we call “primal”, is associated with a “direction” tensor, which we call “tangent”, the resultant new tensor object is called a “dual tensor” for its connection to dual numbers[0].

*My post explains Dot, Matrix and Element-wise multiplication in PyTorch.

In PyTorch with @, dot() or matmul():

import torch # we use PyTorch: https://pytorch.org data = torch.tensor(encode(text), dtype=torch.long) print(data.shape, data.dtype) print(data[:1000]) # the 1000 characters we looked at earlier will to the GPT look like this

AI's Open Embrace Artificial intelligence (AI) and machine learning (ML) are increasingly leveraging open-source frameworks like TensorFlow [https://www.tensorflow.org/] and PyTorch [https://pytorch.org/]. This democratization of AI tools is driving innovation and lowering entry barriers across industries.

Which label applies to a tool sometimes depends on what you do with it. For example, PyTorch or TensorFlow can be called a library, a toolkit, or a machine-learning framework.