What's incredibly ironic is that research labs are releasing the most advanced hacking toolkit ever known, and cybersecurity defence stocks are going down as a result somehow. There’s no logic in the stock markets.
replyI assume that's why this is gated behind a request for access from teams / enterprise users rather than being GA
replybut there are open versions available built on the cn OSS models:
The GA functionality is already here with a crafted prompt or jailbreak :)
replyit's gone a bit unnoticed that they've stopped support for response prefilling in the 4.6 models :/
replyDefinitely will be a fight against bad actors pulling bulk open source software projects, npm packages, etc and running this for their own 0 days.
replyI hope Anthropic can place alerts for their team to look for accounts with abnormal usage pre-emptively.
You want frontier models to actively prevent people from using them to do vulnerability research because you're worried bad people will do vulnerability research?
replyNot at all. I was suggesting if an account is performing source code level request scanning of "numerous" codebases - that it could be an account of interest. A sign of mis-use.
replyThis is different than someones "npm audit" suggesting issues with packages in a build and updating to new revisions. Also different than iterating deeply on source code for a project (eg: nginx web server).
deleted
replyI don't understand the joke here.
replyIt's an Internet trope — we could link to knowyourmeme, or link to the HN Guidelines
replyA vuln scanner is dual-use.
reply[dead]
reply