Ask HN: Isn't Anthropic currently doing "security through obscurity" for Mythos?
2 points
2 hours ago
| 1 comment
| HN
What's the worst that could happen if they were to allow unrestricted access to Mythos/Fable? A bunch of things vulnerabilities get exposed? And? A bunch of companies already had months of Mythos beforehand, and they probably fixed some issues it may have found on their codebase.

But ultimately why not allow people to use it to find vulnerabilities and then fix them? If mythos is so good and the average Joe can just hack NASA in 2 prompts, wouldn't you rather he did, and then fix the vulnerability? What good does it do any of us to just shush everyone instead?

1337h4xx
50 minutes ago
[-]
"a bunch of companies" have "probably" fixed "some issues"? There are huge security risks for government IT systems around the world, giving attackers tools cannot be understood to be a direct solution and is not viable without more buy-in.
reply
king_zee
14 minutes ago
[-]
It's been more than 2 months since Mythos was released to a select group of companies to prevent this scenario. I wouldn't mind if Anthropic were to delay the release as many months as it takes, as long that at some point, they release the full model to everyone.

Because what are you implying otherwise? "There are huge vulnerabilities everywhere, it'd be bad if people were to find them!" How is this suddenly the acceptable take towards cybersec? Wouldn't you WANT them to be found and then fixed? If anything, today it's mythos, in 2 years it's OpenMythos, in 6 years it's DeepMythos... All AI converges towards progress anyways

Everyone keeps warning against the huge vulnerabilities as an excuse to not release the model, wouldn't you want to live in a world where every piece of code actually survives the model instead?

reply