←back to thread

Bypass DeepSeek censorship by speaking in hex

(substack.com)
755 points MedadNewman | 2 comments | 31 Jan 25 19:41 UTC | HN request time: 0.412s | source
Show context
lxe ◴[31 Jan 25 20:13 UTC] No.42891381[source]
You can also intercept the xhr response which would still stop generation, but the UI won't update, revelaing the thoughts that lead to the content filter:

    const filter = t => t?.split('\n').filter(l => !l.includes('content_filter')).join('\n');

    ['response', 'responseText'].forEach(prop => {
      const orig = Object.getOwnPropertyDescriptor(XMLHttpRequest.prototype, prop);
      Object.defineProperty(XMLHttpRequest.prototype, prop, {
        get: function() { return filter(orig.get.call(this)); }
      });
    });
Paste the above in the browser console ^
replies(2): >>42891427 #>>42891516 #
tills13 ◴[31 Jan 25 20:25 UTC] No.42891516[source]
insane that this is client-side.
replies(8): >>42891775 #>>42891802 #>>42892213 #>>42892242 #>>42892457 #>>42896609 #>>42896617 #>>42896757 #
Gigachad ◴[01 Feb 25 07:38 UTC] No.42896617[source]
It’s because they want to show the output live rather than nothing for a minute. But that means once the censor system detects something, you have to send out a request to delete the previously displayed content.

This doesn’t matter because censoring the system isn’t that important, they just want to avoid news articles about how their system generated something bad.

replies(3): >>42896943 #>>42897228 #>>42897366 #
bdcp ◴[01 Feb 25 09:49 UTC] No.42897228[source]
yea but i think the point is they can still filter it server side before streaming it
replies(1): >>42897922 #
1. Gigachad ◴[01 Feb 25 12:46 UTC] No.42897922[source]
They have already streamed the first part of the response before the filtered phrase has even been generated.
replies(1): >>42900297 #
2. _fzslm ◴[01 Feb 25 17:46 UTC] No.42900297[source]
Could you stream the raw tokens into a server side filter which then streams censored tokens at near real time?