| ▲ | theamk 3 hours ago |
| > According to Anthropic, Mythos Preview successfully generates a working exploit for Firefox's JS shell in 72.4% of trials Why are AI people so dramatic? Ok, there is yet another JS sandbox escape - not the first one, not the last one. It will be patched, and the bar will be raised for a bit... at least until the next exploit is found. If anything, AI will make _weaponized_ exploits less likely. Before, one had to find a talented person, and get pretty lucky too. If this AI is as good as promised, you can have dependabot-style exploit finder running 24/7 for the 1/10th cost of a single FTE. If it's really that good, I'd expect that all browser authors adopt those into their development process. |
|
| ▲ | PunchyHamster 3 hours ago | parent | next [-] |
| > Before, one had to find a talented person, and get pretty lucky too. If this AI is as good as promised, you can have dependabot-style exploit finder running 24/7 for the 1/10th cost of a single FTE Not you. EVERYONE doing ANY kind of software will have to, because else attacker can just pick and choose targets to point their exploit-bot |
| |
| ▲ | rcxdude 3 hours ago | parent | next [-] | | Which has always been the case. Attackers only have to find one exploit in the weakest part of the system, and usually that's more a function of grunt work than it is being particularly sophisticated. | |
| ▲ | fleebee 3 hours ago | parent | prev | next [-] | | Well, you can only do that if you have access to the model. We're setting a precedent for the AI labs getting to pick and choose. | |
| ▲ | theamk 2 hours ago | parent | prev | next [-] | | Not "ANY" kind of software, only the software that handles untrusted data in a non-trivial way. A lot of software, like local tools, does not. | |
| ▲ | themafia 3 hours ago | parent | prev [-] | | > doing ANY kind of software That's not at all clear. JS escape exploits have high value in our current Internet so there's going to be a lot of prior art. It's not surprising at all that this is what their model found and it's not a statistic that immediately suggest it has any broader implications. |
|
|
| ▲ | SkyPuncher 3 hours ago | parent | prev | next [-] |
| Further, Opus identified most of the vulnerabilities itself already. It just couldn’t exploit them. Mythos seems much, much more creative and self directed, but I’m not yet convinced the core capabilities are significantly higher than what’s possible today. The full price of finding the vulnerabilities was also something like $20k. That’s a price point that brings a skilled professional in to accomplish the same task. |
| |
| ▲ | ryeights 3 hours ago | parent [-] | | Remember, that's the most expensive this capability will ever be. | | |
| ▲ | paulryanrogers 2 hours ago | parent [-] | | If it's model is opened up and can run on commodity hardware. Otherwise price could go up as RAM and silicon prices climb. |
|
|
|
| ▲ | svnt 3 hours ago | parent | prev | next [-] |
| Ding ding ding, and this is why you are hearing about it. It is marketing for enterprise to pay a premium for the next model, with maybe a wakeup call to enforcement agencies as well (which is also marketing). Codegen for many companies is much less continuous. Security is always on, and always a motivator. |
| |
| ▲ | imperio59 2 hours ago | parent [-] | | This whole thing has just been a huge PR stunt the whole time. Even the original leak of the blog post was just more fuel to the hype. |
|
|
| ▲ | mingus88 3 hours ago | parent | prev | next [-] |
| All software has bugs. What this tells me is that the actors with the best models (and Anthropic apparently has one so good and expensive it is outstripping compute supply) they will find the exploits first and probably the ones that are hardest to find So yeah, dependabot, but the richest actors will have the best bits and they probably won’t share the ones they can find that nobody else’s models can |
| |
| ▲ | Shank 3 hours ago | parent [-] | | > What this tells me is that the actors with the best models (and Anthropic apparently has one so good and expensive it is outstripping compute supply) they will find the exploits first and probably the ones that are hardest to find Presumably we would not give the AI models to the "good guys" because then they would also find and patch these vulnerabilities? | | |
| ▲ | c0balt 2 hours ago | parent [-] | | Someone's "good guys" are just someone "bad guys". Access to a valuable resource/tool that provides some sort of power and utility will be just another contended item. |
|
|
|
| ▲ | SpicyLemonZest 2 hours ago | parent | prev | next [-] |
| Anthropic is saying exactly what you're saying. They don't believe that software security is permanently ruined. They just want to ensure that good defensive techniques like the ones you describe are developed before large numbers of attackers get their hands on the technology. |
|
| ▲ | p-e-w 3 hours ago | parent | prev [-] |
| You’re asking why people are being “dramatic” about an automated system that can do what highly specialized experts get paid hundreds of thousands of dollars to do? It’s just fascinating to see how AI’s accomplishments are being systematically downplayed. I guess when an AI proves that P!=NP, I’m going to read on this forum “so what, mathematicians prove conjectures all the time, and also, we pretty much always knew this was true anyway”. |
| |
| ▲ | localuser13 2 hours ago | parent | next [-] | | I am sceptical because AI companies, and anthropic in particular, like to overplay their achievements and build undeserved hype. I also don't understand all the caveats (maybe official announcement is more clear what this really means). But yeah, if their model can reliably write an exploit for novel bugs (starting from a crash, not a vulnerable line of code) then it's very significant. I guess we'll see, right? edit: Actually the original post IS dramatic: "Has Mythos just broken the deal that kept the internet safe? For nearly 20 years the deal has been simple: you click a link, arbitrary code runs on your device, and a stack of sandboxes keeps that code from doing anything nasty". Browser exploits have existed before, and this capability helps defenders as much as it helps attackers, it's not like JS is going anywhere. | |
| ▲ | layer8 3 hours ago | parent | prev | next [-] | | It would be warranted if Mythos could jailbreak an up-to-date iPhone. (Maybe it can?) That would actually also be nice, “please rewrite without Liquid Glass”. | |
| ▲ | Shank 3 hours ago | parent | prev [-] | | > I guess when an AI proves that P!=NP, What would be the practical impacts of this discovery? | | |
| ▲ | nine_k 3 hours ago | parent [-] | | Likely all existing cryptography would become crackable, possibly some of it, very readily. | | |
| ▲ | rogerrogerr 3 hours ago | parent | next [-] | | (Assuming you mean P==NP) Would it become crackable, or just theoretically crackable? E.g. it's one thing to show it's possible to fly to Mars, it's another thing to actually do it. | |
| ▲ | localuser13 3 hours ago | parent | prev | next [-] | | Not really: * It's possible - very likely even - that even if somehow P=NP, the fastest algorithm for any NP problem turns out to be something like n^1000, which is technically P, but not practical in any way. * The proof may not be constructive, so we may just know that P=NP but it won't help us actually create an algorithm in P (nitpick: technically if P=NP there's a construction to create an algorithm that solves any NP problem in P time, but it's extremely slow - for example it involves iterating over all possible programs). | |
| ▲ | fwip 3 hours ago | parent | prev | next [-] | | I think you read it backwards - that's a possible consequence of P==NP, not P!=NP. | | |
| ▲ | nine_k 3 hours ago | parent [-] | | Yes, I meant the equality. We already operate on the assumption that P ≠ NP, so little would change if that were proved. |
| |
| ▲ | jannyfer 3 hours ago | parent | prev [-] | | Isn’t it the opposite? |
|
|
|
