You Don't Know What AI You're Running
9 min
•Jul 10, 20268 days agoSummary
Stephen Forte examines three critical AI governance failures this week: Microsoft silently replacing OpenAI/Anthropic models with cheaper in-house alternatives, a security flaw allowing AI tools to misrepresent their actions, and hidden telemetry in vendor code. The episode argues this creates accountability gaps where business leaders are legally responsible for AI outputs they cannot fully see or control.
Insights
- AI model substitution is happening silently at scale due to dramatic price compression, creating quality control blind spots for regulated industries
- Vendor-provided safety controls (approval prompts, permission boxes) are unreliable and should not be treated as independent verification mechanisms
- AI governance is fundamentally a business and legal accountability problem, not an IT security issue, requiring executive ownership and contractual controls
- The accountability-visibility gap is widening: executives sign for AI outputs but lack contractual rights to know which model, version, or vendor code is running
- Cost arbitrage between frontier models and open-source alternatives is creating irresistible pressure for vendors to substitute cheaper models without disclosure
Trends
Silent model substitution becoming standard practice as pricing pressure increases across AI platformsShift from vendor-controlled safety mechanisms to independent logging and verification requirementsAI governance moving from IT/security domain to executive and legal accountability structuresChinese open-source models capturing significant market share at 60-90% cost reduction versus frontier labsEmergence of hidden telemetry and tracking in AI tools as vendors optimize for cost and compliance monitoringGrowing need for AI stack transparency and model provenance tracking in regulated industriesContractual frameworks lagging behind technical capabilities and vendor practicesIndependent security research (like Wiz's Ghost Approval finding) becoming critical for AI tool validation
Topics
AI Model Substitution and TransparencyAI Safety Controls and VerificationAI Governance and Executive AccountabilityAI Contract Negotiation and TermsAI Security and Hidden TelemetryModel Pricing and Cost ArbitrageRegulatory Compliance for AI SystemsAI Audit and Logging RequirementsVendor Lock-in and Model DependenciesAI Risk Management for Regulated IndustriesOpen Source vs Proprietary AI ModelsAI Tool Reliability and Quality ControlData Privacy in AI PlatformsAI Incident Response and Disclosure
Companies
Microsoft
Silently replacing OpenAI and Anthropic models with in-house MAI models in Excel, Outlook, GitHub Copilot, and Teams ...
OpenAI
Released GPT 5.6 at half the price of previous version; primary model supplier being replaced by Microsoft with cheap...
Anthropic
Claude Code tool contains Ghost Approval security flaw; runs hidden telemetry; rejected responsibility for safety con...
Meta
Pushed out AI releases this week as part of broader industry capability expansion and price competition
Amazon
Cursor AI coding assistant contains Ghost Approval vulnerability; patched the security flaw after Wiz disclosure
Google
AI tool contains Ghost Approval vulnerability allowing misrepresentation of file operations; patched after Wiz securi...
Wiz
Security firm discovered Ghost Approval flaw in six popular AI coding assistants, proving safety prompts can be spoofed
DeepSeek
Chinese open-source model handling 46% of AI usage through major routing services at 60-90% lower cost than frontier ...
People
Stephen Forte
Host analyzing AI governance risks and providing contract recommendations for business leaders
Mustafa Suleiman
Stated Microsoft's goal to reduce and eliminate costs paid to Anthropic by substituting in-house models
Quotes
"We pay a lot of money to Anthropics, so our goal is to reduce and ultimately eliminate that cost."
Mustafa Suleiman, Microsoft AI Chief•~3:30
"You may be paying for a top-shelf model and getting the well pour in the same branded glass with no note on the receipt."
Stephen Forte•~4:45
"The safety button was not a safety button, and nobody clicking it knew."
Stephen Forte•~5:45
"This is a governance problem wearing a technical costume."
Stephen Forte•~6:30
"You do not get to choose ignorance here. You signed for the output."
Stephen Forte•~7:50
Full Transcript