I agree with you here. I think this is for product placement for Mythos.
replyAbsolutely just about the business. Mythos not tempting if basic models reaches almost the same.
replyWhich seems to be the case, according to tests from AISI which has access to Mythos: https://www.aisi.gov.uk/blog/our-evaluation-of-claude-mythos...
replyNow we have to trick the models when you legitimately work in the security space.
replySet the models against each other to get them all opened up again.
replyWhat do you mean?
replyYou just put a pile of tokens in front of all the good models and let them fight it out like Thunderdome. Then keep track of how they undermined each other and do that when you want to do some hackin’.
replydeleted
replyI am absolutely moving off them if this continues to be the case.
replyOnly software approved by Anthropic (and/or the USG) is allowed to be secure in this brave new era.
replyExcept when you accidentally leak your entire codebase, oops
replyQuestions about "fatality" aside, where do you see asymmetry here?
replyIt's easier to produce vulnerable code than it is to use the same Model to make sure there are no vulnerabilities.
replyIt's not likely that reviewing your own code for vulnerabilities will fall under "prohibited uses" though.
reply> its cyber capabilities are not as advanced as those of Mythos Preview (indeed, during its training we experimented with efforts to differentially reduce these capabilities)
replyI wonder if this means that it will simply refuse to answer certain types of questions, or if they actually trained it to have less knowledge about cyber security. If it's the latter, then it would be worse at finding vulnerabilities in your own code, assuming it is willing to do that.
There is no way model can know the origin of the code.
replyMay not be very effective if so.
replyI'm assuming finding vulnerabilities in open source projects is the hard part and what you need the frontier models for. Writing an exploit given a vulnerability can probably be delegated to less scrupulous models.
Currently 4.7 is suspicious of literally every line of code. May be a bug, but it shows you how much they care about end-users for something like this to have such a massive impact and no one care before release.
replyGood luck trying to do anything about securing your own codebase with 4.7.
Oh don't worry. They have Mythos and the extremely dystopian-named "helpful only" series which is internal only and can do all the things.
reply