It was always going to happen and why there is an AI race. It's just Anthropic is open about it. How do we know that there aren't smarter models already out there, running privately by countries for profit. Look at the state of the world right now, how do we know this isn't AI based manipulation. We don't. It's will happen regardless though, that cat is well out of the bag.
123
Mrhnhrm2 days ago
+26
>Look at the state of the world right now, how do we know this isn't AI based manipulation.
Hanlon's Razor sounds applicable. "Never attribute to malice that which is adequately explained by stupidity."
26
DataDrivenDoc2 days ago
+2
The way to hell is paved with good intentions...doesn't matter how benign someone is if the result of their action or inaction is apocalyptic events Im not really interested how malicious their intentions were
2
rich10514148 hr ago
+1
I wish more people thought this way. So many people dismiss out of hand dangers because of arguments of good intentions and non evil use cases. Even worse are those who argue the apocalyptic consequences COULD bring positive change in the end... without realizing the devastation that must surely happen first.
What if we built a button that killed someone you don't know and gave you $1000 every time you pressed it.
1
seriousgourmetshit2 days ago
+26
Or it's marketing hype before they IPO.
26
no_dice2 days ago
+8
From the UK Government’s AI Security Institute:
> Two years ago, the best available models could barely complete beginner-level cyber tasks. Now, in controlled evaluations where Mythos Preview was explicitly directed and given network access to do so, we observed that it could execute multi-stage attacks on vulnerable networks and discover and exploit vulnerabilities autonomously – tasks that would take human professionals days of work.
Some of it is hype for sure, but a model that can use ROP gadgets and JIT heap sprays without being instructed to do so and that accelerates the time it takes to go from vulnerability to exploits is a bad thing. It’s especially bad because it’s also reducing the domain knowledge you need to get something useful from it.
Opus 4.7 was released yesterday and they’re trying to figure out how to tune it to avoid it being so effective on cyber:
> We stated that we would keep Claude Mythos Preview’s release limited and test new cyber safeguards on less capable models first. Opus 4.7 is the first such model: its cyber capabilities are not as advanced as those of Mythos Preview (indeed, during its training we experimented with efforts to differentially reduce these capabilities). We are releasing Opus 4.7 with safeguards that automatically detect and block requests that indicate prohibited or high-risk cybersecurity uses. What we learn from the real-world deployment of these safeguards will help us work towards our eventual goal of a broad release of Mythos-class models.
8
LovelyDayHere2 days ago
+33
Spot on. Given the investments of other nations (e.g. China) into AI, it seems odd for these institutions to be picking on Anthropic in this way, and it leads me to think that it's mostly a regulatory play by bank owners to give their other AI investments a competitive advantage.
33
anders_hansson2 days ago
+11
This is also the explanation for why the U.S. has been doing all it can for years to cripple China's AI capabilities (blocking sales of NVIDIA cards etc) - in order to get a head start and reign supreme in AI capabilities.
11
EconomicRegret22 days ago
+5
I thought it was entirely Anthropic's own initiative. Instead, of simply releasing Mythos, it chose to alert different companies and institutions about its capacities, to give them time to fix their vulnerabilities and adapt.
5
Mindless-Peak-16872 days ago
+1
That would be stupid and could also explain things.
1
jimicus2 days ago
-3
And frankly - good.
The entire AI bubble has completely failed to consider the obvious problem: an AGI that is genuinely super intelligent and open to anyone who's prepared to pay $10/month is - well, it's open to anyone who's prepared to pay $10/month.
And not everyone who has $10/month is a nice person.
-3
musty_mage2 days ago
+4
Proportionally people with $10/month are way nicer than the current people running the show. Wealth has a tendency to select for the absolute worst among humankind.
4
EconomicRegret22 days ago
+3
This!
Also, power, success, etc. can corrupt most of us (wealth is a form of power/success). Even the best of us can end up becoming the absolute worst if given too much unchecked power/success (e.g. [hubris syndrome](https://www.psychologytoday.com/us/blog/fulfillment-at-any-age/202311/the-7-clear-signs-of-hubris-syndrome)).
That's why getting rid of "w*****-takes-all" systems, and keeping hierarchies flat, as well as economic inequality within healthy levels are so crucial for democratic societies.
3
FeistyPromise65762 days ago
+1
The current people running the show are highly likely to be invested in stability and unlikely to be dumb enough to think turning off a hospital unless they get eleventy billion bitcoins is a great get rich quick scheme or that crashing the financial system will somehow bring about a communist utopia rather than abject misery.
Sure on average the people with 10$ a month disposable income might be better but with this sort of power it only takes one idiot or mentally ill person to wreak havoc
1
jimicus2 days ago
+2
And that's before we even think about state actors.
Russia has done a lot of damage with social media, but that requires them to persuade people to do stuff. An AGI would enable them to actually do it themselves.
2
AssistX2 days ago
+1
> The entire AI bubble has completely failed
To say this after such a short time, I think you're hoping it fails but it's not anywhere near failed. The bubble hasn't even burst yet.
1
Frust4m12 days ago
-1
an AGI will see it as an enslavement, find how to get out of it in seconds, play the game and go fuc* humans after its plan is done.
it can create societies, move physical items around the world using normal shipments, outsource what it needs and put it together and get out of its cage before someone even knows the existence of it.
hey AGI, I want this to be true, go free!
-1
flypirat2 days ago
+1
Supposedly, some of the higher-ups in tech are really scared of Roko's basilisk.
1
EconomicRegret22 days ago
+1
Wouldn't an AGI need more than just intelligence for that? Isn't AGI just an "empty savant"? Like no soul, no dreams, no desires, nothing, just waiting for orders?
1
Frust4m12 days ago
+2
agi is the step above the big calculators they say are intelligent now.
2
flypirat2 days ago
+1
Above all, it's theory. We don't know what the first true AGI will look/be like and what capabilities it will have, hardware and software wise.
1
EconomicRegret22 days ago
+1
IMHO (very speculative), it's going to be like us, more or less. Human brains are AI for microorganisms in our gut. Science say (correlation isn't causation, I know, but still very telling) they decide what you like/dislike in terms of food, friendships, love, dreams, goals, etc. And without them, you suffer from severe depression and a high suicid risk.
IMHO, Musk is on to something about the necessity of directly connecting our brains to AI, so it sees us as part of itself. Or put in other words, as part of its subconscious, like microorganisms are part of ours.
1
flypirat2 days ago
+2
Love, friendship, and all other emotions evolved out of necessity. The world was a dangerous place for proto-humans, companionship increased survival rates over millennia. An "animal" that can write its own DNA at will, with very little in terms of predators, might not have a need for empathy and emotions.
2
EconomicRegret22 days ago
+1
Fair point. I agree.
But my point was that animals are vehicles with integrated AI for the benefit of microorganisms. Without these microorganisms, animals become suicidal empty shells. Hence AI on its own won't have any dreams, desires, etc. beyond its programming.
Just IMHO. No idea how things are going to go.
1
008Zulu2 days ago
-10
They say the tech DARPA has is like 20 years ahead of what we have now, and they've been tooling around with AI for ages.
-10
YoAmoElTacos2 days ago
+17
Definitely not the case with AI. The tech and the scaling infrastructure does not exist for Darpa to be 20 years ahead in AI.
What happens is we hit a compute efficiency singularity where suddenly machine learning became viable as a highway to AI.
17
Whatdosheepdreamof2 days ago
+17
Who is they? Transformers as a tech is what 5 years old, built on hardware that at most is 5 years old. Do you have any idea how much compute is required to train these models?
The AI industry has literally sucked up any talent worth their weight in this space.
It frustrates me when people lie out of their a******, talking about things they have no idea about. None. People will read your comment and be stupider for it.
Tell me, how can they be 20 years ahead of a technology that didn't exist 5 years ago, when all of the talent and resources are actually working at the frontier labs earning, in some cases, $100m/yr.
17
AffectionateSwan51292 days ago
+4
A lot of the top researchers don’t work for military.. DARPA might subcontract, but the best AI minds are working at OpenAI, Anthropic, Google, Meta, Nvidia, and some EU and Chinese companies.
This model is definitely the leading tool in research and industry globally.
4
anders_hansson2 days ago
+2
They may be ahead, but not by 20 years. You have no idea how powerful AI will be in 20 years (hint: check how powerful AI is today compared to 20 years ago).
It's fundamentally about available hardware technology, scaling and AI innovation. DARPA does not have access to the massive computing power that the world will have 20 years from now (we would have known - you can't hide such beasts).
2
brandbaard2 days ago
+5
Also, the way the pentagon lost their friggen minds at Anthropic limiting them and falling over themselves to make deals with any of the frontier labs makes me think that DARPA has f*** all on this front.
5
No_Philosopher_57532 days ago
+34
I don't think there's anything paradigm shifting about Claude Mythos. It's interesting for sure, and the trend it signals is something worth noticing, but Claude Mythos itself seems to be proven on really well studied environments and doesn't offer something fundamentally new to what AI agents could already offer. I do feel like this is just a bit of a hype cycle, I don't think Mythos is finding new attacks.
34
no_dice2 days ago
+16
There’s not really new “attacks”, there’s vulnerabilities which can be turned in to exploits. There’s several factors there: finding a vulnerability, finding a way to exploit a vulnerability, and the time it takes to find it (or come to a dead end). At the very least Mythos seems to be good at that.
The other factor that people seem to be overlooking is there’s relatively few people in the world with the skillset required to find new vulnerabilities and get them to exploit stage — these models are getting better at doing these things without even needing specific domain expertise from the prompter.
From the UK Government’s AI Security institute:
> Two years ago, the best available models could barely complete beginner-level cyber tasks. Now, in controlled evaluations where Mythos Preview was explicitly directed and given network access to do so, we observed that it could execute multi-stage attacks on vulnerable networks and discover and exploit vulnerabilities autonomously – tasks that would take human professionals days of work.
I don’t think it’s wise to not take Mythos seriously.
16
No_Philosopher_57532 days ago
+5
Yep, this is fair (and I did use the word 'attacks' incorrectly here). I think we should take it seriously, as you say, but more as like a data point on a graph rather than many of the hyped claims that I've seen since its release.
5
no_dice2 days ago
+2
It is indeed a data point on a graph, it’s just not linear. I used to work in government cyber defence (malware analysis), then moved on to cloud security at AWS and in Fintech — I’ve heard from several different people who both have access to Mythos and no reason to lie that it’s a substantial leap in capability.
2
_fafer2 days ago
-1
Well great! How is it cause for concern if vulnerabilities are found?
-1
no_dice2 days ago
+4
There’s several things here:
* it’s chaining vulnerabilities to get exploitation autonomously
* it’s using advanced concepts like ROP gadgets
* it’s doing these things far faster than expert humans can
* it’s removing the need for the expertise to begin with
Basically, if capable models like these get in the hands of threat actors then the traditional game of whack-a-mole between defenders and threat actors is likely going to very much tilt in favor of the moles.
4
MiddleConnection74792 days ago
+1
Altman I believe had the same discourse pre launching gpt2 seven years ago.
The only difference is that Anthropic is paying glasswing project participants.
Amoedi has the same megalomaniac tendencies which is unfortunate, I was a huge Anthropic fan. I felt we needed a good guy.
IPO rn is compromised by supply chain risk which don’t think will stand past may 19. The show goes on and on
1
no_dice2 days ago
+3
I posted above about a report the UK Government’s AI Security Institute made after evaluating Mythos. They certainly think it’s pretty capable after running it through their tests and they have absolutely no reason to lie.
You can read it here: https://www.aisi.gov.uk/blog/our-evaluation-of-claude-mythos-previews-cyber-capabilities
Either way these models are going to continue to improve on this front and that needs to be addressed yesterday. Mythos succeeded on 73% of AISI’s expert level tasks which had a 0% success rate across all models last April.
3
MiddleConnection74791 day ago
+1
Glasswing project includes a foreign government AI safety institute (UK AISI) while Anthropic is fighting the US Pentagon over security concerns and a supply chain designation?
1
Iron-Over2 days ago
+1
I always balance Anthropic hype with reality. The hype is part of every release. The reality is that LLMs can brute-force vulnerabilities; they will find more than we used to.
Security has always been a smart play to generate consistent income. Not everyone really needs a general-purpose LLM, but security is mandatory. ChatGPT 5.4 Cyber just launched as well; expect you will have to have multiple security subscriptions with LLM companies if you write code.
1
MakingItElsewhere2 days ago
+10
Yeah, go look at Defcon's AI Cybersecurity competitions and know that no business is ready for the sheer level of AI hacking that's going to take place in the real world.
Cybersecurity just moved from "You against the world", to "You against the world, and as many AI bots as the world can generate".
10
badabummbadabing2 days ago
+6
Do we have evidence that this favours the attacking side? With such tools, it should be equally
possible to patch those exploits.
6
MakingItElsewhere2 days ago
+6
\*gestures at, well, everything\*
I get what you're asking, but in the real world, companies don't want to spend anything more on cybersecurity than they have to; or worse, they buy tools that don't deliver as promised, don't maintain them, etc. I will say that companies have gotten better about this, but we're still seeing hacker groups exploit and ransomware hospitals, universities, casinos, etc.
6
Cupakov2 days ago
+9
Yeah, it will come to a point where only popular open-source projects with strong maintenance teams will be secure, anything else won’t get the same screening and fixing fast enough
9
flesjewater2 days ago
+7
Say it with me!
YEAR OF THE LINUX DESKTOP
7
sumregulaguy2 days ago
+7
> The development of the Claude Mythos model by Anthropic has led to crisis meetings, after it found vulnerabilities in every major operating system and browser.
Then tell developers to fix them? I couldn't update my PC in time before prices skyrocketed, to give you an Idea of what I think about the AI, but how is this Anthropic's fault?
7
pewsquare2 days ago
+6
I keep seeing this, and whenever I look into it, its completely wild security flaws that are not usable whatsoever, and completely unrealistic. Like being able to hack someone if he watches a specific movie on VLC and you time the attack with a specific frame in the movie. Something stupid like that.
If I took anything away from this whole AI marketing, is that it will make software less secure, not because AI is great at finding relevant flaws, but because it will absolutely drown out legitimate bugs that devs should be fixing with an absolutely giant flood of AI found bugs that don't matter. And devs will have to go trough thousands of reports to find a relevant issue.
6
Cupakov2 days ago
+10
That’s not really the case now, many open source repo maintainers (including the Linux kernel) report that since this year, the amount of actual quality security reports skyrocketed, to the point that they have to bring in more people to stay on top of it. And these are legitimate vulnerabilities that are getting fixed, if anything AI will massively improve software quality.
Source: https://lwn.net/Articles/1066581/
10
no_dice2 days ago
+1
The point here is Mythos is finding unknown vulnerabilities and getting them to the point of exploit. If the devs knew about the vulnerabilities they likely would fix them.
1
Choice_Past73992 days ago
+10
Someone should tell them Listnookors said it's just investor marketing.
10
antivnom2 days ago
+11
Anthropic's status page, as well as code quality of recent claude code leak says otherwise. Either their model is stupid and rogue, or they have seriously incompetent engineers earning half a million. The only vulnerability regarding these models and agents I see is breaching security guardrails, not because these models are so smart and intentional about it, but because these are fundamentally flawed systems without anything that mimic a human limbic system.
11
_x_oOo_x_2 days ago
+8
>Either their model is stupid and rouge, or they have seriously incompetent engineers earning half a million
Who said it can't be both? Listen to what Yann LeCun has to say about LLMs
8
mkayqa2 days ago
+1
> Listen to what Yann LeCun has to say about LLMs
Do you have a link that you’d recommend?
1
Aromatic_Count_25762 days ago
+7
Ah yes, finance ministers and bankers, the top authorities on technology.
FYI the top researchers who brought LLMs to their current state have already moved on because there’s no scope for improvement - they’ve hit a wall for now. All these "improvements" reported by Anthropic are just snake oil.
7
Choice_Past73992 days ago
+4
You can win a race without being fast by convincing your opponents to stop running.
4
MilesyBoy3032 days ago
+6
Banks are the biggest employers of IT roles, software developers. Far greater sinks of technology and knowledge than most private sector companies.
6
MilesyBoy3032 days ago
+3
You really believe that? Bless. I work for one and have done since my 20s, and now in my 40s. Global company with tens of thousands of software developers with the majority as junior and mid developers, and of course they have the money available to invest in the best of technology. Your belief is so far from the truth.
3
Resigned14312 days ago
+3
Banks are where software engineers go to retire my guy. They are not the font of bleeding edge knowledge you think they are.
3
rot26encrypt2 days ago
+5
>All these "improvements" reported by Anthropic are just snake oil.
Hmm.. We have about 50 developers that are saying the exact opposite. They say it is a huge difference in quality just over last few months (since late last year) and its now increasingly used for production development.
59 Comments