Your points highlight some important nuances in mitigating risks associated with frontier models and their potential misuse. I agree that smaller models are inherently easier to exfiltrate due to lower upload size requirements, which makes "upload limits" a less effective defense in such scenarios. This implies that a focus on securing access to the environments where these models are stored and run (e.g., datacenters and their physical and virtual security layers) might be more critical than relying solely on data transmission restrictions.
Your points highlight some important nuances in mitigating risks associated with frontier models and their potential misuse. I agree that smaller models are inherently easier to exfiltrate due to lower upload size requirements, which makes "upload limits" a less effective defense in such scenarios. This implies that a focus on securing access to the environments where these models are stored and run (e.g., datacenters and their physical and virtual security layers) might be more critical than relying solely on data transmission restrictions.