Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
bobbycastorama 5 hours ago

I've seen a blog post by a security researcher saying that he was able to find the same vulnerabilities (for Firefox IIRC) with a ~30B params LLM...

So yeah, huge marketing as always.

simonw 4 hours ago | parent | next [-]

You mean this one? https://aisle.com/blog/ai-cybersecurity-after-mythos-the-jag...

That's the one that says:

> We took the specific vulnerabilities Anthropic showcases in their announcement, isolated the relevant code, and ran them through small, cheap, open-weights models. Those models recovered much of the same analysis.

dansquizsoft 35 minutes ago | parent [-]

Sounds like he applied exactly the same methodology then!

Brystephor 5 hours ago | parent | prev | next [-]

Did the security researcher point the LLM at the blob of information and say "Find vulnerabilities" or was the LLM told to "determine if vulnerability X is present in this blob"? Confirmation of suspected vulnerabilities is a different problem from finding vulnerabilities.

krisbolton 5 hours ago | parent | prev | next [-]

This is different though right? He found one (? we don't know who you're referring to - post sources for a higher quality discussion) vulnerability, he already knew it was there, etc. Anthropic didn't claim no other model can find vulnerabilities, nor that it's impossible with smaller models. They're claiming Mythos is a step-change in ability for end-to-end vulnerability discover and exploit creation. And that other frontier models are close behind.

nikcub 4 hours ago | parent | prev | next [-]

Finding the neeedle is easier when you remove the haystack

Or providing a map with a direction

There is a long history of high-value private vulns being rediscovered from scant details

wiwiwq 5 hours ago | parent | prev [-]

To me it’s clear what’s going on.

The American firms are focused on marketing now to convince people to not even consider open sourced models / open weight models as they are inferior (that’s what they want you to believe).

rhubarbtree 5 hours ago | parent [-]

IPO is coming is what is going on

wiwiwq 5 hours ago | parent [-]

That’s implicit in my post.

If people actually believe the narrative then the bankers will over price Anthropic and get away with it.

0gs 4 hours ago | parent [-]

what's weirdest to me (and i agree with you) is that it could ALSO be true that a highly competently managed, highly capitalized closed source and weights model training on tons of real-world data non-stop COULD stay ahead of open weights models, and that lead COULD grow. now, how competent (much less merciless) the frontier-blazing U.S. corporations will be able to be long-term ... i suspect they are right to be nervous and highly focused on optics, regardless of the truth :)