The reason we are not being attacked is not lack of technology access.
Column A, Column B. Building a small explosive device isn't hard. Building a million is very difficult, doing it covertly virtually impossible without the resources of a nation-state.
The problem with biologics is the self-assembly and replication machinery comes for "free." So the numpties who might otherwise blow up a trash can [1] now have a real chance of taking out a million people.
[1] https://en.wikipedia.org/wiki/2016_New_York_and_New_Jersey_b...
Also AI makes mistakes. If you ever coded with AI agent you know that loop "write trash => compile => fix compilation errors => repeat" (if there are no compilation errors, there are definitely logic errors to be fixed). In real world cost of attempt is huge. You need a lot of money and you risk to draw a lot of attention if you perform long series of iterative experiments to create working virus.
In case with bomb it means that even if you have AI which gives you recipe of the bomb, but you will explode your garage and yourself with a decent chance. So you probably need to setup a good experimental pipeline (hardened lab where you can try different formulas and see that happens without being killed) if you want to go beyond publicly known explosives available in pre-AI era to anyone who read school/university chemistry books. And this also requires resources and draws attention.
People extrapolate programming experience (the area where experiments are cheap, cannot kill you and provide detailed feedback what went wrong) to real life.
I also would like to hope that people that are likely to do such things are probably:
A) don't know how to break even the most basic guardrails of models
B) already in glasswings project
To prove point B - Theranos existed.
“Many of the largest and most responsible providers in the industry already screen and record orders voluntarily,” but there is no requirement to do so [1].
Humorously, whether I choose to participate in this hypothetical or not, I am already betting my ass.
This whole situation feels like the game [1].
All of this “guardrails” handwringing is nonsense. These things output text. Are you for censorship of a book written by a biotechnology expert that gives out the exact same information?
// Claude, make antiviral nanobots that defend me from 6ft virus. Make no mistakes.
Security in the form of "pay to play" is just kicking the bigger issue down the road.
It doesn't imply we should, for example, publish step-by-step instructions for making widespread death easier.
An example from the meat world: not publishing your vacation dates well in advance for the world to see somewhat reduces your chance of being burglarized. That is security by obscurity; not reliable, but not completely inefficient either.
But if you live in a fortress (security by key material), you can well declare your vacation dates without running the risk.
I don't think there's an ideal solution here, but giving trusted people access to fix security issues before giving it to the wider public seems like a reasonable compromise. They're letting you use the model for all other uses.
sure, a malevolent state actor could swing it, but they could make a bioweapon without Mythos's help already.
also, vaccine production and disease surveillance have ramped up very quickly. they will ramp up further, despite political setbacks. it's a cat and mouse game that favors the defenders IMO.
but the bioterrorism narrative is useful FUD to spin open-weight models as existentially dangerous. I am far more worried about Anthropic's own goals than the goals of some crackpot in a shed.
How so? I'm actually against most of the "safety-tuning" that anthropic does, but this seems fundamentally untrue, a close analogue being video game cheat development. I think in general the cheat developer has an advantage and the cheats generally proliferate for quite a while before being patched.
Finance and biology do come across as two similar high level systems. But while we can employ KYC, fraud detection, and various auditing techniques to finance, I don’t know what you do for biology. You can easily run an algorithm over every transaction a person makes in their account but there’s no equivalent for every cell, every bacteria strain, every virus in the human body.
the adaptive immune system effectively does KYC by checking the antigens presented on the surfaces of cells. the thymus selects for B-cells (iirc?) which don't react to a corpus of the body's own antigens, but cover a wide library of everything else. when it sees something it doesn't recognize, it reproduces, warns the rest of the immune system and marks targets. that's why our immune systems can eventually conquer almost every pathogen we encounter, if we can survive long enough for it to do its work.
but the KYC I was referring to was KYC that vendors of oligonucleotides (should) be doing, to keep people from ordering nefarious sequences.
also, afaik the most effective way of developing pathogens is through serial passage through humanized mice or something like that - directed evolution at a small scale, selecting for traits. AI simply isn't needed for that. I don't think information or intelligence has been the bottleneck for bioterrorism, it's motivation and resources - same as for any other kind of biology research program.