| ▲ | Kim_Bruning 7 hours ago |
| > "We are releasing Opus 4.7 with safeguards that automatically detect and block requests that indicate prohibited or high-risk cybersecurity uses. " This decision is potentially fatal. You need symmetric capability to research and prevent attacks in the first place. The opposite approach is 'merely' fraught. They're in a bit of a bind here. |
|
| ▲ | dgb23 5 hours ago | parent | next [-] |
| I agree with you here. I think this is for product placement for Mythos. |
| |
| ▲ | nicce 3 hours ago | parent [-] | | Absolutely just about the business. Mythos not tempting if basic models reaches almost the same. | | |
|
|
| ▲ | erdaniels 6 hours ago | parent | prev | next [-] |
| Now we have to trick the models when you legitimately work in the security space. |
| |
| ▲ | tclancy 4 hours ago | parent [-] | | Set the models against each other to get them all opened up again. | | |
|
|
| ▲ | johnmlussier 5 hours ago | parent | prev | next [-] |
| I am absolutely moving off them if this continues to be the case. |
|
| ▲ | velcrovan 6 hours ago | parent | prev | next [-] |
| Questions about "fatality" aside, where do you see asymmetry here? |
| |
| ▲ | jp0001 5 hours ago | parent [-] | | It's easier to produce vulnerable code than it is to use the same Model to make sure there are no vulnerabilities. | | |
| ▲ | velcrovan 5 hours ago | parent [-] | | It's not likely that reviewing your own code for vulnerabilities will fall under "prohibited uses" though. | | |
| ▲ | convnet 3 hours ago | parent | next [-] | | > its cyber capabilities are not as advanced as those of Mythos Preview (indeed, during its training we experimented with efforts to differentially reduce these capabilities) I wonder if this means that it will simply refuse to answer certain types of questions, or if they actually trained it to have less knowledge about cyber security. If it's the latter, then it would be worse at finding vulnerabilities in your own code, assuming it is willing to do that. | |
| ▲ | nicce 3 hours ago | parent | prev | next [-] | | There is no way model can know the origin of the code. | |
| ▲ | xlbuttplug2 4 hours ago | parent | prev | next [-] | | May not be very effective if so. I'm assuming finding vulnerabilities in open source projects is the hard part and what you need the frontier models for. Writing an exploit given a vulnerability can probably be delegated to less scrupulous models. | |
| ▲ | whatisthiseven 4 hours ago | parent | prev [-] | | Currently 4.7 is suspicious of literally every line of code. May be a bug, but it shows you how much they care about end-users for something like this to have such a massive impact and no one care before release. Good luck trying to do anything about securing your own codebase with 4.7. |
|
|
|
|
| ▲ | ls612 6 hours ago | parent | prev | next [-] |
| Only software approved by Anthropic (and/or the USG) is allowed to be secure in this brave new era. |
| |
|
| ▲ | vessenes 2 hours ago | parent | prev [-] |
| Oh don't worry. They have Mythos and the extremely dystopian-named "helpful only" series which is internal only and can do all the things. |
