[object Object]“why won’t the AI haters admit claude mythos is good?” when it turns out the exploits it found are utterly overblown (ie the firefox exploit that only works on a custom build with the sandbox disabled amongst many other non-exploitable bugs), were found at extreme expense, and required a ton of human staff to verify (just like with existing non-LLM techniques), why won’t you admit this is a grift? why won’t you admit you’ve been falling for the same grift since 2019?
Chris Palmer@zzt Address Sanitizer builds of the JS shell run in isolation are a norm for browser bug finding. Treating such bugs as potentially exploitable is a maximally cautious and thus wise bug triaging approach. AI is awash in grift, sure, but not this. The Firefox security team agrees these are real bugs.