jonny (good kind)2d ago
It's so cool that anthropic is setting up a double-sided protection racket where it will profit from the massive token burn of attackers and defenders with a tool specifically designed to generate exploits and their only observable mitigation is a clientside system prompt that sternly warns the LLM to be good and not do malware
https://red.anthropic.com/2026/mythos-preview/
Claude Mythos Preview \ red.anthropic.com

Show threadjonny (good kind)2d ago
sure they are doing """alignment""" to the models, and maybe they have some more sophisticated serverside mitigations. but the fact that the system prompt text is in the package at all rather than all being entirely serverside does the opposite of inspire confidence. Even the system prompt is fine with hacking as long as you go "it's ok I am good"
https://neuromatch.social/@jonny/116325221458366596
Show threadjonny (good kind)2d ago
so this raises the floor of doing open source at all to "if you can afford brute force generating exploits against your repos for days at a time" while simultaneously causing so many false positives that bug bounties are crumbling and the info giants will pull labor from open source projects by just generating them badly in-house - don't roll your own crypto becomes "now you have to roll your own crypto because nobody else is, and then pay an AI company to secure it for you."
The end of the curl bug-bounty

tldr: an attempt to reduce the terror reporting. There is no longer a curl bug-bounty program. It officially stops on January 31, 2026. After having had a few half-baked previous takes, in April 2019 we kicked off the first real curl bug-bounty with the help of Hackerone, and while it stumbled a bit at first … Continue reading The end of the curl bug-bounty →

daniel.haxx.se
Show threadjonny (good kind)2d ago
you know that problem where it's actually in Google's best interests to sabotage their traditional search results to force everyone to use the AI results because then you never leave the site and direct prompt advertising becomes extremely valuable? yeah, it's like that for code, where it's actually in anthropic's best interests for all the code to be entirely unmaintainable and unsecurable except for with LLMs
Show threadjonny (good kind)2d ago
i feel bad constantly fixating on the informational capitalists while there is so much material harm being done in the world, and then simultaneously remind myself that this is literally capitalism's gamble to finally and fully enclose not only the material world but also our minds. If informational reality comes to be owned by 4 megacorporations, then it's all fascism forever baby.
Show threadLord Caramac the Clueless, KSC1d ago
@jonny Not forever, only until the end of the Industrial Age, which won't last for very much longer, maybe another 50 to 70 years if things keep getting worse.
Show threadyak1d ago
@LordCaramac @jonny the issue is they'll take a solid chunk of the biosphere down with them
Show threadLord Caramac the Clueless, KSC1d ago
@yakmacker @jonny We will probably lose at least half of all species of plants and animals. If we can keep the 6th Extinction within that range, we will most likely survive as a species even though our numbers will dwindle. However, if we let the ongoing extinction event escalate to the point where 85-95% of all species go extinct, we won't make it.
Show threadyak
@LordCaramac @jonny I dunno if this kind of reasoning is really worth doing. A lot of the viability of humans depends on not just the percent of species that persist, but also which species persist, and I don't think anyone could provide a comprehensive list.

Another issue is that this appears to be a very gradual and non-synchronous mass extinction event, making the long term effects even harder to predict. The K-PG event, for example, probably started with a single apocalyptic event that made the entire world uninhabitable for large animals overnight. It's pretty unclear based on my casual reading on whether that is true of other famous extinction events like the P-T event.
Apr 9 at 2:12amWeb