Checkpoint repository being used to phish for information?
Hello all,
I noticed after my request for approval to this repository was rejected that it continues to maintain 0 downloads since release. While I recognize it's possible the owners are acting in good faith, it's also possible they are using the allure of a meta-repository of old and missing to gather information for malicious purposes.
I wanted to create a record for those who apply and are rejected to share. Admittedly, my account is very new so I can understand why it might be viewed suspiciously, but I'm curious if any older and more established accounts have also been denied.
Hey Joshua,
I'll start with the fact that this repository is legitimate and currently has around 6,800 checkpoints (SDv1 SDv2 and SDXL) archived.
As for why the downloads are not going up, it's due to Huggingface not counting downloads if there are no Diffusers checkpoint inside the repo.
Yes this is a very dumb system put in place by Huggingface, for us to fix it we would need to archive a Diffusers checkpoint but we don't do that because it would make maintaining the repo harder.
Since your account is quite new I contacted Jemnite on if we should accept your request.
As for further information I'll wait for Jemnite input on this.
- Ashtaka
Hi Joshua,
I would like to preface this with the statement that we don't run this repo as a public service nor do we advertise it as such. This is first and foremost a private backup for friends as we respect the decision of model makers to pull their models from public distribution. As such access is completely at our discretion. That being said, the only reason I generally reject people, outside of a handful of exceptions, is if you are using an email provider that has been flagged as suspicious. If you were rejected it's very likely that you are using some sort of email service that is frequently abused by spam bots or other malicious actors.
In any case, you can always obtain access through applying to the parent org or requesting that the rejection be reversed. I will note that in any case accusing us of running a phishing scam is not really going to make a favorable impression.
@AshtakaOOf Thank you for the information, I wasn't aware that Diffusers were needed to increment the download count. I also appreciate you letting Jemnite know of my post.
@Jemnite I wasn't accusing you of phishing, but I was noting it as a possibility. Please consider how you might feel to come across a rare trove of old and missing checkpoints that appears to have no recent downloads and minimal discussion occurring around it, requiring you share contact information with the owners to gain access. I hope you can see why I felt starting a conversation about this possibility was appropriate.
Still, I appreciate both of you responding to address my concerns, I'll make the thread closed.