Mastodawn

Kevin Beaumont 18h ago

I’ve had a bunch of people ask my thoughts on Anthropic’s Mythos. I’ve read the research paper they released and the numbers, and basically I agree with @malwaretech’s take. It’s marketing. The cybersecurity industry is historically very good at marketing cyber pearl harbour and the need to buy magic boxes.

Companion video https://youtu.be/fM7GIIylXqI

Is Cybersecurity Over?

YouTube

Kevin Beaumont 17h ago

I don't think anybody actually watches videos any more, so here's MWT's core point -

The flagship and lead vuln in the research is a BSD vuln, it cost $20k to discover with Mythos. Anthropic only reached a crash, and the vuln class in 99%+ cases never reaches RCE, just crashes.

So.. cool.. you spent $20k of VC money to find a crash as the flagship vuln. But... uhm... that isn't the end of the world.

The proof is going to be if any of the open source vulns turn out to be important. So far:

Kevin Beaumont 17h ago

Anthropic set the project across open source projects and provided access and reported the vulns. Typically, you'd expect to see NCSCs spinning up advisories to patch high impact vulns, CISA telling orgs to patch etc etc etc.

What's actually happening is... uhm... a whole heap of nothing but people copy and pasting marketing about how cybersecurity is over.

It's not though, is it?

Klaus Frank 17h ago

Well cybersecurity is over but not because of this but because of everyone and their mother deploying openclaw in production...

Cure53 🇭🇺 🇪🇺17h ago

@agowa338 Cyber security is an insanely complex beast with some parts being technical, some being human, some being regulatory, etc., and well, finding bugs is one small component.

Emphasis on small.

We have not really been great at cyber security in the past, and improvements are needed all across the board. We won't be great at it tomorrow because magic.

Having one component potentially improve is, especially given how speculative the current situation is, is nothing to really worry about. Rather the contrary.

Time will tell, some processes might change, and that is likely all that will happen for a long time.

Most humans in cyber security will very likely notice very little impact for now. Can this all go sideways? Yes, of course. Is it time to say that cyber security is over? I don't think so. At all.

Klaus Frank 17h ago

I know. I've been done that. I was the only technician that talked to the compliance people so I "earned" all of the work involved in communicating and bridging both worlds.

And since then it just got worse. Nobody cares about it security. The compliance people are just writing some shit and at this point in many companies they don't even expect their technicians to actually implement it anymore either (if it is even possible at all).

It's just a work creation measure at this point…

The Doctor 10h ago

@agowa338 @GossiTheDog And anybody with a lick of knowledge about security getting laid off.

VessOnSecurity 17h ago

@GossiTheDog Haven't we already been there with fuzzing?

Anyway, even if Mythos is as good as they claim, that's not really a problem as long as it is available only to a few. It's when every script kiddie gets access to it that we should start worrying.

Cure53 🇭🇺 🇪🇺17h ago

@bontchev @GossiTheDog Agreed. Current recommendation from our end:

Keep calm, find and fix bugs, make the world a bit safer one bug at a time...

And ignore the hype train, but keep an open eye on how real and measurable things develop. Just what we did before.

@bontchev @GossiTheDog if it really did burn $20k in tokens to find the vuln, those script kiddies would have to be very well funded.

trademark 17h ago

@GossiTheDog They aren't claiming it's over, that's a strawman. But interestingly they are providing commit hashes of things they've found. Some of these are seriously scary. I've saved a copy of the webpage and will be waiting to see if the promised commits turn up. If they do check out my opinion of Anthropic will rise. If not...

⊥ᵒᵚ Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️16h ago

@trademark @GossiTheDog why would it go up? They could have hired a security professional for the cost and they'd have found them too, or different ones. Proves nothing.

trademark 16h ago

@falken @GossiTheDog You're being incredibly rude to OpenBSD if you claim that "just give 20k to a professional" will make a meaningful difference to what they're already doing. https://www.openbsd.org/security.html

OpenBSD: Security

⊥ᵒᵚ Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️16h ago

@trademark @GossiTheDog not my intent. Shade on LLM slop peddler's only!

trademark 15h ago

@falken @GossiTheDog both of them actually look very good after this. Anthropic because the bug is very hard to spot, I can imagine reading that code a thousand times without seeing it. OpenBSD looks good because the AI did not find a single stupid/careless mistake.

Cassandrich 11h ago

@trademark @GossiTheDog What does "commit hashes of things they've found" even mean? No non-slop project is going to merge the same commits they used in their fixes, because they're LLM slop without provenance to license. If any of these are real, the upstream will fix the bug properly in a way the actual people working on the project understand and can document.

Andrew Zonenberg 11h ago

@dalias @trademark @GossiTheDog the hashes are of advisories they claim they will publish in the future afaik, not patches.

Andrew Zonenberg 11h ago

@dalias @trademark @GossiTheDog so easily verifiable if they actually turn up but the hype cycle will have moved on by then and they already got the PR benefit of claiming a huge number of bugs

trademark 10h ago

@azonenberg @dalias @GossiTheDog I think it will be a big deal if they don't keep their promises. It's the sort of thing journalists will use for attack pieces. We do already know that some of the bugs are real, for instance Anthropic is keeping the exploit for CVE-2026-4747 secret, but somebody else used public version of Claude to create their own working exploit: https://blog.calif.io/p/mad-bugs-claude-wrote-a-full-freebsd

MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)

To our knowledge, this is the first remote kernel exploit both discovered and exploited by an AI.

Calif

Cassandrich 10h ago

@trademark @azonenberg @GossiTheDog I love how they hype what's a vuln in the in-kernel NFS server (FFS we've been doing this shit at least 2/3 of my lifetime, stop doing NFS/sunrpc shit already) as "FreeBSD RCE".

I knew when I was like 15 that you don't run NFS unless you want to get popped.

trademark 10h ago

@dalias @azonenberg @GossiTheDog To summarize your position: "If Anthropic witholds something to give defenders time to fix it, it means they're lying and have nothing. When they do release a real bug it means that it was for some stupid thing you shouldn't be running anyway." Got it.

Cassandrich 10h ago

@trademark @azonenberg @GossiTheDog Huh? Did your LLM just vomit that? Because it's completely unrelated to what I said.

What I said is that they're hyping a vuln in one small thing, an NFS server, that FreeBSD happens to have a version of that runs in kernelspace, that nobody security-conscious would be using to begin with, and calling it "vuln in FreeBSD!" to make it sound important and impressive.

Absolutely nothing to do with disclosure timeines or whether their findings are real.

trademark 9h ago

@dalias @azonenberg @GossiTheDog Let me try explaining more clearly: Anthropic does this to demonstrate the technical capabilities of their new model. Your denigration of the utility of the FreeBSD NFS-server does not detract from that in the slightest, so Anthropic and their customers are not going to care in the slightest. You're being rather insulting to FreeBSD though, is that intentional?

Cassandrich 9h ago

@trademark @azonenberg @GossiTheDog They do this to impress investors/C-suites and to keep the grift train going.

I'm not going to address any claims about whether the "technical capabilities of their new model" are a thing.

And to be impressive, yes, they need the thing they attack to be highly regarded in terms of its reputation for security and quality. "Vuln in NFS server module that runs on FreeBSD" does not impress. "Vuln in FreeBSD" does. And it's a lie.

I have no idea how you think this is "insulting to FreeBSD".

trademark 9h ago

@dalias @azonenberg @GossiTheDog You're saying nobody should run the NFS-server they are making. How is that not insulting? Why don't you go to their mailing lists and tell them to stop? For extra effect repeat the phrase you used: "I knew when I was like 15 that you don't run NFS unless you want to get popped."

Cassandrich 9h ago

@trademark @azonenberg @GossiTheDog I don't know the project dynamics of this NFS server module, but I doubt it's something core folks are proud of. NFS is basically a domain of meeting very old legacy requirements, and for old die-hard Sun fans who run it by choice. Back in the day it had utterly zero access control. You just told the server "hey, I'm root" and it said "ok, cool". AIUI the vuln here is in part of an authentication layer bolted on.

trademark 8h ago

@dalias @azonenberg @GossiTheDog You are being incredibly rude and even more ignorant. FreeBSD support latest NFSv4 including Kerberos encryption and authentication. if you don't believe me ask on the relevant mailing list. Though if you do I recommend you tone down your rudeness.

@trademark @dalias @azonenberg @GossiTheDog > How is that not insulting? Why don't you go to their mailing lists and tell them to stop?

"We know, it's for intranet-use only, in trusted network where you care more about performance than security between trusted peers" is the likely answer.

trademark 8h ago

@lispi314 @GossiTheDog @dalias @azonenberg That's not what they're saying though. From the wiki "krb5p
Kerberos authentication, integrity, and privacy. This is the most secure flavor of NFS. Not only does it provide authentication and integrity, but the entire RPC payload is encrypted. Thus a passive eavesdropper can see nothing but RPC headers. krb5p is a good choice for insecure networks, including wireless networks. "

@trademark @GossiTheDog @dalias @azonenberg Then whoever wrote that was:

a) Irresponsible
b) Basically copy-pasting press release material on NFS + Kerberos feature.

trademark 8h ago

@lispi314 @GossiTheDog @dalias @azonenberg Please direct your suggestions to the FreeBSD people directly, they are easily contactable.

Cassandrich 8h ago

@trademark @lispi314 @GossiTheDog @azonenberg We're not making technical recommendations for the FreeBSD team here. Anyone who actually has reason to use NFS knows the risks/tradeoffs and if they're choosing to use something that's going to get them popped that's on them, not on the FreeBSD team.

We're debunking hype that's intentionally exploiting the ignorance of people like yourself about what component was actually vulnerable and whether it's actually something important and noteworthy like Anthropic's propaganda department would have folks believe.

trademark 8h ago

@dalias @lispi314 @GossiTheDog @azonenberg That's not debunking. Actual debunking would be to provide evidence that what Anthropic achieved was not actually technically difficult. Instead of doing that you chose to insult FreeBSD. Instead of providing technical arguments you displayed your ignorance of the last 20 years of progress in NFS. Fascinating how somebody can be so wrong and still sound so arrogant.

trademark 8h ago

@dalias @lispi314 @GossiTheDog @azonenberg Oh, and also, earlier you said: 'I'm not going to address any claims about whether the "technical capabilities of their new model" are a thing.' But this is exactly what you need to do if you want to debunk what Anthropic is saying.

Cassandrich 8h ago

@trademark @lispi314 @GossiTheDog @azonenberg I am debunking the fraudulent importance from misrepresenting what software the vuln was in.

Whether their technical claims are bullshit is another completely legitimate area for debunking but not the one I'm engaged with in this thread.

Cassandrich 8h ago

@trademark @lispi314 @GossiTheDog @azonenberg Running a NFS server in kernelspace is no less backwards than running a httpd in kernelspace (something Linux folks actually tried at one point; it was eventually removed).

Yes there will always be apologists for it. I am not worried about being considered rude when I state that this is just completely untenable from both a security standpoint and a good software engineering standpoint.

trademark 8h ago

@dalias @lispi314 @GossiTheDog @azonenberg Please tell this to the FreeBSD people, I am sure they will appreciate your insights.

@dalias @trademark @GossiTheDog @azonenberg > a good software engineering standpoint.

At first I didn't question it, as a naive computer user.

Then I experienced my first NFS server bug that broke a bunch of other stuff in the kernel and couldn't be fixed without a reboot.

I took the logical conclusion from that. Run as little as possible in the kernel.

When I learned about security after that and learned about the concept of ambient authority and isolation, I only became more convinced that conclusion was correct.

trademark 7h ago

@lispi314 @GossiTheDog @dalias @azonenberg The point of what Anthropic did was to demonstrate how good the new model is. Whether the NFS code should be in the kernel or not is an interesting discussion. However the fact is that exploiting kernel-level code usually is harder than attacking userspace programs. So when the AI succeeded in doing just that it is an indication of how technically skilled it is compared to earlier versions.

Cassandrich 7h ago

@trademark @lispi314 @GossiTheDog @azonenberg OK, blocking the AI booster shill concern troll who thinks he's stealth now. Can't believe I wasted this much time on this asshat already.

@dalias @GossiTheDog @azonenberg I consider the matter more of an instructive reading experience for onlookers.

@trademark @GossiTheDog @dalias @azonenberg Or evidence of awful security practices that should have been long discontinued but may (reasonably) subsist in code based on edge-case deployments (outside of which deployments it goes back to being unreasonable and an awful security practice).

That's an indictment of a project's quality, not a validation of the LLM's quality. Any vaguely qualified human without a personal stake in the project's current lacking state could've found similar indictment of the project's quality.

I have considerable concerns about how much of the filesystem support in Linux (and various BSDs) is in-kernel only, and Plan9 & Hurd (among others) actually do the right thing. There is absolutely no legitimate reason why the filesystem has to run in the same privilege level as hardware management & the rest of the kernel.

(Zero-copy schemes for speed are very much possible without making the filesystem server/translator a kernel program.)

trademark 6h ago

@lispi314 @GossiTheDog @dalias @azonenberg "That's an indictment of a project's quality, not a validation of the LLM's quality." So you're saying that FreeBSD is bad. Fine. Anyway an additional motivation for what Anthropic did is to help open source projects by alerting them to security vulnerabilities so they can fix them. Are you objecting to that as well?

kravietz 🦇7h ago

@dalias

Unikernel is a way of achieving the same goal in a way that is reasonable from security point of view.

@dalias @trademark @azonenberg @GossiTheDog NFS-Ganesha is the userspace server the industry came up with specifically to not run an NFS server in kernelspace anymore.

It still sucks but at least it doesn't compromise the kernel and can actually be run with limited permissions.

Marius Kießling 13h ago

@GossiTheDog Even *if* the word prediction box is now capable of findings vulns by throwing massive compute at the problem (leaving all the problems with this aside), you still need to get people to fix their shit. Like have they ever looked at what it takes to get a company to just patch their god damn network edge devices?

Nicole Parsons 11h ago

@marius @GossiTheDog

In my observation, organizations use these PR announcements & media releases to do layoffs, so they can outsource to a nephew's startup or grandchild's consultancy.

And the necessary patches or policy changes never get implemented.

Marius Kießling 11h ago

@Npars01 from experience, we can even leave out the nepotism and just trace it back to incompetence within the management team

nyanbinary 11h ago

@GossiTheDog the thing I find the funniest is that their headline vulnerability in OpenBSD was closed as a reliability, not security issue & without a CVE, as far as I can tell?

Mark Koek 10h ago

@GossiTheDog They’re doing the right thing with responsible disclosure, but omg they’re full of themselves. Zero days are not part of the daily cybersecurity churn to begin with, at all, but even so what they’ve found is unimpressive. Yet they literally take it as a given that they’ve turned the industry upside-down. Quod effing none.

@GossiTheDog from a practical perspective what worries me more is time to poc/working exploit for known vulns.

OSS library releases patch, model looks at diff + cve description and drops a working exploit for a couple of hundred $ of compute.

Most companies (at least this side of the pond) are not currently equipped to deal with continuously applying patches for 1-day vulns in prod.
Many large orgs here are proud that they've managed to get on a monthly update cycle

@GossiTheDog to be fair, the current time to poc is in many cases already down ≤ 1 day or so, but this could take some of the skill out of it and make it more broadly available

@GossiTheDog but other than that... yeah hype-marketing playbook 101.

Didn't OpenAI pull the:"oh no it's too powerful, humanity couldn't take it yet so we're not releasing it to the public", stunt with one of their earlier models as well?^^

The Doctor 10h ago

@wall_e @GossiTheDog Yep.

Mike Siegel 17h ago

@GossiTheDog he makes a good point about the subsidized cost. It's like in the early days when Uber was cheap AF to put the taxis out of business. Once they had market share, they cost as much as taxis.

Simon Zerafa 17h ago

Yes, we do watch videos! 🤔

David Chisnall (*Now with 50% more sarcasm!*)16h ago

I asked the FreeBSD security officer to compare the (not yet public) one to Coverity reports. Apparently it found something that Coverity didn't, which means at least it isn't just regurgitating static analyser reports.

That said, last time I read the Coverity reports, they found tens of thousands of possible issues (over 90% of the ones I triaged were false positives). You could probably get a higher RoI from paying someone $20K to triage Coverity scan reports.

Wouter Hindriks 16h ago

@GossiTheDog Thanks for the summary, ain't got time for viewing videos.

coffe☕15h ago

@GossiTheDog I still do XD

Jeremy Kun 13h ago

@GossiTheDog IMO it's not nothing but not apocalypse. Enough for forward thinking groups to start taking it seriously and considering risks.