Marc Frankel

The terrifying story that I will tell you is that the most common, the most popular text-to-image model, you know, you type in, make me a picture of a cat wearing a sombrero, and it generates a picture of a cat wearing a sombrero. The most popular text-to-image model is called staple diffusion. It's in use very, very widely. Different applications use it.

The terrifying story that I will tell you is that the most common, the most popular text-to-image model, you know, you type in, make me a picture of a cat wearing a sombrero, and it generates a picture of a cat wearing a sombrero. The most popular text-to-image model is called staple diffusion. It's in use very, very widely. Different applications use it.

Stable Diffusion is trained on a number of different data sets. One of them is called the LION-5B. Again, the names here don't really matter. But this training data set had 400 million text-to-image pairs. So it had a picture of a cat. When it said the word cat, it had a picture of pencil, so the word pencil.

Stable Diffusion is trained on a number of different data sets. One of them is called the LION-5B. Again, the names here don't really matter. But this training data set had 400 million text-to-image pairs. So it had a picture of a cat. When it said the word cat, it had a picture of pencil, so the word pencil.

Security researchers at Stanford in December discovered that this training data set contained over 1,600 images of child pornography. Accidentally. Accidentally. Nobody did this on purpose. This wasn't anybody's fault, right? This is an artifact of what happens when you hoover up at scale 400 million images and then put text labels on them.

Security researchers at Stanford in December discovered that this training data set contained over 1,600 images of child pornography. Accidentally. Accidentally. Nobody did this on purpose. This wasn't anybody's fault, right? This is an artifact of what happens when you hoover up at scale 400 million images and then put text labels on them.

So all of a sudden it becomes this like rapid question of what did we train online on 5B? Oh, we trained stable diffusion. Where do we have stable diffusion deployed? Well, I don't know because we haven't been requiring that from our AI.

So all of a sudden it becomes this like rapid question of what did we train online on 5B? Oh, we trained stable diffusion. Where do we have stable diffusion deployed? Well, I don't know because we haven't been requiring that from our AI.

And so the future, what I anticipate the future of the BOM or the technology supply chain field to be is going to be a concept known as AI BOM, artificial intelligence bills of materials. It's the exact same problem. We need a better name. We need a better name. I don't name these things, but it's the exact same problem as SBOM.

And so the future, what I anticipate the future of the BOM or the technology supply chain field to be is going to be a concept known as AI BOM, artificial intelligence bills of materials. It's the exact same problem. We need a better name. We need a better name. I don't name these things, but it's the exact same problem as SBOM.

It's the exact same problem of we found out that there was, you know, pencil shavings and, you know, a box of cereal. It's the exact same problem of whenever you have upstream components and downstream components, you have a duty to inventory the upstream components so that you know how to remediate when one of the downstream components is found to be wrong.

It's the exact same problem of we found out that there was, you know, pencil shavings and, you know, a box of cereal. It's the exact same problem of whenever you have upstream components and downstream components, you have a duty to inventory the upstream components so that you know how to remediate when one of the downstream components is found to be wrong.

And that's really where I feel the industry is going is transparency, not just for traditional software, not just for on-prem software, not just for artificial intelligence, but transparency across the technology supply chain. Because otherwise we're going to end up in some pretty scary situations where our businesses are built on technologies that we don't have a full accounting of.

And that's really where I feel the industry is going is transparency, not just for traditional software, not just for on-prem software, not just for artificial intelligence, but transparency across the technology supply chain. Because otherwise we're going to end up in some pretty scary situations where our businesses are built on technologies that we don't have a full accounting of.

And when that happens, you know, there's going to be a lot of finger pointing and a lot of tough questions being raised.

And when that happens, you know, there's going to be a lot of finger pointing and a lot of tough questions being raised.

Yeah, absolutely. That cultural muscle. of of course we have to know where this thing came from and of course we have to know what's inside of it we see it in automotive we see it in manufacturing we see it in food we've seen pharmaceutical uh certainly where we don't where we have a harder time is in verticals that are not as reliant on intimately understanding their supply chains writ large.

Yeah, absolutely. That cultural muscle. of of course we have to know where this thing came from and of course we have to know what's inside of it we see it in automotive we see it in manufacturing we see it in food we've seen pharmaceutical uh certainly where we don't where we have a harder time is in verticals that are not as reliant on intimately understanding their supply chains writ large.

They don't have that muscle. They don't have that institutional mantra of, of course, we have to know where all this stuff came from. And that's where it's, you know, it's harder to make the case. But no, I'm with you. I anticipate that food manufacturing will be an area that will adopt the concept of an SBOM. These are large, complex organizations.

They don't have that muscle. They don't have that institutional mantra of, of course, we have to know where all this stuff came from. And that's where it's, you know, it's harder to make the case. But no, I'm with you. I anticipate that food manufacturing will be an area that will adopt the concept of an SBOM. These are large, complex organizations.