There's probably some truth to it. If the Mythos model is as good as Anthropic says it is at identifying security vulnerabilities, then releasing it publicly would either result in a best case scenario of an avalanche of CVEs or, more likely, vulnerabilities being exploited quickly in the wild.
Let's just say I have my doubts. AI promotion is always cherry picked results. You found a 23 year old linux bug with it? Cool. How many false positives did you go through to do that? You guys never say. You also never do live demos of your AI because you know it's going to hallucinate and make your company a laughing stock.
My guess is the new model has gotten even worse than the latest release and this is the cover story. All that DoD money evaporated and it hurt them badly, they just can't admit it.
> How many false positives did you go through to do that? You guys never say. You also never do live demos of your AI because you know it's going to hallucinate and make your company a laughing stock.
The false positive rate might be too big for a live demo to work. A 50 (for example) hour live demo of someone working with the AI to find a bug might look bad even though finding a 23 year old security bug in 50 hours with a human in the loop would still be impressive.
_allegedly_
Until there's evidence of the CVE's the model found and the severity of them etc. it's just a statement and "trust me bro" vibes wrapped in a PR puff piece
There's probably some truth to it. If the Mythos model is as good as Anthropic says it is at identifying security vulnerabilities, then releasing it publicly would either result in a best case scenario of an avalanche of CVEs or, more likely, vulnerabilities being exploited quickly in the wild.
After seeing everyone's response to the latest release and all the damage control happening around it
https://news.ycombinator.com/item?id=47660925
Let's just say I have my doubts. AI promotion is always cherry picked results. You found a 23 year old linux bug with it? Cool. How many false positives did you go through to do that? You guys never say. You also never do live demos of your AI because you know it's going to hallucinate and make your company a laughing stock.
My guess is the new model has gotten even worse than the latest release and this is the cover story. All that DoD money evaporated and it hurt them badly, they just can't admit it.
> How many false positives did you go through to do that? You guys never say. You also never do live demos of your AI because you know it's going to hallucinate and make your company a laughing stock.
The false positive rate might be too big for a live demo to work. A 50 (for example) hour live demo of someone working with the AI to find a bug might look bad even though finding a 23 year old security bug in 50 hours with a human in the loop would still be impressive.
_allegedly_ Until there's evidence of the CVE's the model found and the severity of them etc. it's just a statement and "trust me bro" vibes wrapped in a PR puff piece
lol they only care about hazards to the extent it might hurt them, f everyone else
[dead]