Discussion

Has Mythos just broken the deal that kept the internet safe?

ece: Standard disclosure rules should apply, give security stake holders 90-days of advance access, then release the model.

ur-whale: Utter BS, and actually it's just Anthropic lame attempt at doing marketing.I'd advise everyone to carefully listen to Ed Zitron in this video, he talks about the whole Mythos bullshit towards the end.The bit about Altman is also excellent and completely correlates with my experience of the man.https://www.youtube.com/watch?v=RojN74P1lDI

theamk: > According to Anthropic, Mythos Preview successfully generates a working exploit for Firefox's JS shell in 72.4% of trialsWhy are AI people so dramatic? Ok, there is yet another JS sandbox escape - not the first one, not the last one. It will be patched, and the bar will be raised for a bit... at least until the next exploit is found.If anything, AI will make _weaponized_ exploits less likely. Before, one had to find a talented person, and get pretty lucky too. If this AI is as good as promised, you can have dependabot-style exploit finder running 24/7 for the 1/10th cost of a single FTE. If it's really that good, I'd expect that all browser authors adopt those into their development process.

mingus88: All software has bugs. What this tells me is that the actors with the best models (and Anthropic apparently has one so good and expensive it is outstripping compute supply) they will find the exploits first and probably the ones that are hardest to findSo yeah, dependabot, but the richest actors will have the best bits and they probably won’t share the ones they can find that nobody else’s models can

PunchyHamster: > Before, one had to find a talented person, and get pretty lucky too. If this AI is as good as promised, you can have dependabot-style exploit finder running 24/7 for the 1/10th cost of a single FTENot you. EVERYONE doing ANY kind of software will have to, because else attacker can just pick and choose targets to point their exploit-bot

rcxdude: Which has always been the case. Attackers only have to find one exploit in the weakest part of the system, and usually that's more a function of grunt work than it is being particularly sophisticated.

sharts: Meh the cybersecurity risk isn’t LLMs. It’s the already fundamentally broken systems that it easily can exploit.Are folks going to actually go back and fix things that were only secure because they were or buried in layers of obfuscation and obscurity?Probably not. And that’s the real cyber security risk. Short term profit always wins.

p-e-w: You’re asking why people are being “dramatic” about an automated system that can do what highly specialized experts get paid hundreds of thousands of dollars to do?It’s just fascinating to see how AI’s accomplishments are being systematically downplayed. I guess when an AI proves that P!=NP, I’m going to read on this forum “so what, mathematicians prove conjectures all the time, and also, we pretty much always knew this was true anyway”.

Shank: > I guess when an AI proves that P!=NP,What would be the practical impacts of this discovery?

nine_k: Likely all existing cryptography would become crackable, possibly some of it, very readily.

0xbadcafebee: No, you have not been safe all this time. Every security person I know has known for ages that you need to run NoScript to block all javascript if you want to be remotely secure on the web. We also know about all the 0days found on all browsers every year. Same for mobile devices. You have always been insecure. AI just makes it slightly faster to do what hackers have been doing for ages.BTW: Mythos is not new. OpenAI literally released a press release 1 month ago talking about GPT 5.4's redteaming features being so powerful they require ID verification to use it, and will use heuristics to downgrade you if you look like you're doing something shady. I guess everyone's got a short-term memory, or Anthropic's PR is so good that people genuinely don't understand that OpenAI's models are superior to Anthropic's.

Rekindle8090: Noscript breaks 99% of websites these days, entirely. Netsec freaks are so disingenous"BTW: Mythos is not new. OpenAI literally released a press release 1 month ago " these two sentences make no semantic sense together

fleebee: Well, you can only do that if you have access to the model. We're setting a precedent for the AI labs getting to pick and choose.

dmw_ng: This is marketing fluff that has been going on for over 7 years now, it really doesn't belong here. https://www.sciencealert.com/scientists-developed-an-ai-so-a...See also https://xcancel.com/ramez/status/2041946766598402459

readthenotes1: I tried to read the article and what I got out of it was that the author believes that the deal that keeps the internet safe is that we just don't try to break it hard enough. Ignoring all the state actors who do that all the time.Seems something of a unusual take on the state of the world

Morromist: This is how a lot of the world works. Certain things aren't done very much because it takes a lot of human effort to do those things and that creates a status-quo.For example a lot more people would sue eachother for petty things if it suddenly became very easy and cost efficiant. Its not, so they dont.Another example of AI doing this exact type of thing in another realm: In the past convincing someone you were somebody they should give money to for a scam was very possible to do, but also difficult and not very cost efficiant. You could try to impersonate someone's daughter or a police officer, but it took a lot of effort to get it right.Now, with voice mimicking ai, deepfakes, social media to mine for personal info, etc its not as difficult and so, very likely, its becoming a bigger problem than it was.

fwip: I think you read it backwards - that's a possible consequence of P==NP, not P!=NP.

nine_k: Yes, I meant the equality.We already operate on the assumption that P ≠ NP, so little would change if that were proved.

layer8: It would be warranted if Mythos could jailbreak an up-to-date iPhone. (Maybe it can?) That would actually also be nice, “please rewrite without Liquid Glass”.

p-e-w: The claim that you need to disable JavaScript to be secure is bullshit anyway, otherwise disabling JavaScript would be standard practice in any security-critical environment such as high-level government offices, which it most certainly isn’t.

CuriouslyC: I've been mystified by how sticky Anthropic's marketing is for a while. It's really surprising given how poorly they run community relations compared with OAI, and how they're just now starting to be transparent.

rootusrootus: > Anthropic's PR is so good that people genuinely don't understand that OpenAI's models are superior to Anthropic'sThat is a provocative statement that would be especially interesting if you were to add some supporting evidence.

rogerrogerr: (Assuming you mean P==NP)Would it become crackable, or just theoretically crackable?E.g. it's one thing to show it's possible to fly to Mars, it's another thing to actually do it.

ryeights: Sorry, this guy is a hack and this is cope. Most of the things he's saying re: Mythos are objectively false.- Open source models found the same bugs? Sure, if you tell them "here is a file which may contain a vulnerability, look for a bug in how function XYZ handles ABC"- It's all mostly false positives? According to Anth, each suspected vulnerability came with a bug report and working PoC...- "Humans had to fix the things"? As in, he thinks models are incapable of writing the patch?

themafia: > doing ANY kind of softwareThat's not at all clear. JS escape exploits have high value in our current Internet so there's going to be a lot of prior art. It's not surprising at all that this is what their model found and it's not a statistic that immediately suggest it has any broader implications.

svnt: Ding ding ding, and this is why you are hearing about it. It is marketing for enterprise to pay a premium for the next model, with maybe a wakeup call to enforcement agencies as well (which is also marketing).Codegen for many companies is much less continuous. Security is always on, and always a motivator.

rvz: This is instead another great advertisement for Rust. Anthropic really got the Mythos marketing scarecrows out once again.Dario is trying to scare you to buying into his IPO and you're over-estimating the capability of Mythos...because he said so? With no independent reviews on the research and with many security researchers and experts accusing them of blatant scaremongering.This is Anthropic's latest attempt to frame local models and to get them banned as they stand to be a threat against their business model.

SpicyLemonZest: [delayed]

jauntywundrkind: I see this as a Brandolini's Law 2.0, a software supplemental really. Where-as before it was:> The amount of energy needed to refute bullshit is an order of magnitude bigger than that needed to produce it.Now the energy needed to secure against exploits is orders of magnitude bigger than the effort needed to secure it.The combination of deep expertise + infinite patience of the LLM meeting the vastly increasing surface of software has a certain apocalyptic chaos gods ruin to it all, just as well known bias for mistruth to unfairly propogate itself bedevils this good planet.

SkyPuncher: Further, Opus identified most of the vulnerabilities itself already. It just couldn’t exploit them.Mythos seems much, much more creative and self directed, but I’m not yet convinced the core capabilities are significantly higher than what’s possible today.The full price of finding the vulnerabilities was also something like $20k. That’s a price point that brings a skilled professional in to accomplish the same task.

ryeights: Remember, that's the most expensive this capability will ever be.

paulryanrogers: If it's model is opened up and can run on commodity hardware. Otherwise price could go up as RAM and silicon prices climb.

localuser13: I am sceptical because AI companies, and anthropic in particular, like to overplay their achievements and build undeserved hype. I also don't understand all the caveats (maybe official announcement is more clear what this really means).But yeah, if their model can reliably write an exploit for novel bugs (starting from a crash, not a vulnerable line of code) then it's very significant. I guess we'll see, right?edit: Actually the original post IS dramatic: "Has Mythos just broken the deal that kept the internet safe? For nearly 20 years the deal has been simple: you click a link, arbitrary code runs on your device, and a stack of sandboxes keeps that code from doing anything nasty". Browser exploits have existed before, and this capability helps defenders as much as it helps attackers, it's not like JS is going anywhere.

imperio59: This whole thing has just been a huge PR stunt the whole time. Even the original leak of the blog post was just more fuel to the hype.

riknos314: By that logic though the model would release 90 days from the last vulnerability it finds, so never.

heliumtera: >Anthropic just launched a model so good it scapes every know sandboxed.No, they launched a card with that capability written on.

signatoremo: And the companies such as Google and Nvidia are just happy to trust them and lent their names to Anthropic because? Maybe a big conspiracy?

theamk: [delayed]