Anthropic to release Mythos-class models to the public
Anthropic has announced its intention to make models that match its Mythos bug-finding AI publicly available — but only after it can guarantee their security.
Anthropic has announced its intention to make models that match its Mythos bug-finding AI publicly available — but only after it can guarantee their security.
In early April, Anthropic announced the development of a model called Mythos. It is so effective at finding vulnerabilities in code that the company decided to make it available only to a limited number of organizations. Free access to the model would mean that cybercriminals would be able to quickly find and exploit flaws in software, writes The Register.
This access program is called Project Glasswing. Its participants note that the AI does indeed find many bugs quickly, but there are few that humans could not have found themselves, given enough time and resources. Those with access to Mythos also sometimes add that the number of bugs discovered is slightly outpacing their ability to release fixes for them in a timely manner.
Last week, Anthropic published its first Project Glasswing report. The penultimate paragraph of the report states that the company’s next steps will be “…working with critical partners, including the U.S. and allied governments, to bring new members to Project Glasswing. In the near future, as we develop significantly more robust defenses, we hope to open up the Mythos-class models to the public.”
The company did not specify what it meant by “the near future,” and acknowledged that “to date, no company—including Anthropic—has developed protections that are robust enough to prevent such models from being misused and potentially causing serious harm.”
Anthropic used Mythos to scan over 1,000 open source projects, which it says “together form the basis of much of the internet and much of our own infrastructure.”
To date, Mythos has identified approximately 6,202 vulnerabilities of high or critical severity in these projects — and a total of 23,019 flaws.
The post states that when Mythos finds a flaw, Anthropic and its colleagues in the security community reproduce the problem Mythos discovered and “reassess its severity.”
The company also reported that developers have fixed only 75 of the 530 critical bugs found, and 65 of them have already been publicly reported. Why so few? Anthropic explains that “the 90-day deadline that developers are given by the rules to close holes has just passed, so there will be many more patches soon.” In addition, the real statistics may be higher, because developers patch some bugs “quietly”, without public announcements. But the fact remains: the avalanche of AI bugs found “simply overwhelms the already overloaded security ecosystem with work.”
Claude Mythos helped researchers crack the macOS kernel on Apple's M5 chips
Claude Mythos helped researchers crack the macOS kernel on Apple's M5 chips
4 out of 5 vulnerabilities were fake. A famous Swedish programmer is convinced that Anthropic's Mythos is nothing more than a successful advertising gimmick
4 out of 5 vulnerabilities were fake. A famous Swedish programmer is convinced that Anthropic's Mythos is nothing more than a successful advertising gimmick
Anthropic claims unauthorized access to Mythos model via contractor
Anthropic claims unauthorized access to Mythos model via contractor
Pentagon bipolar: Anthropic's Mythos resonant model is used in US military structures, while simultaneously proving in courts that these products threaten national security
Pentagon bipolar: Anthropic's Mythos resonant model is used in US military structures, while simultaneously proving in courts that these products threaten national security
Read the country's main IT news in our Telegram
Read the country's main IT news in our Telegram
