Big news in frontier model land:
Over the past few weeks, we have used Claude Mythos Preview to identify thousands of zero-day vulnerabilities (that is, flaws that were previously unknown to the software’s developers), many of them critical, in every major operating system and every major web browser, along with a range of other important pieces of software.
The following are three examples:
Mythos Preview found a 27-year-old vulnerability in OpenBSD—which has a reputation as one of the most security-hardened operating systems in the world and is used to run firewalls and other critical infrastructure. The vulnerability allowed an attacker to remotely crash any machine running the operating system just by connecting to it;
It also discovered a 16-year-old vulnerability in FFmpeg—which is used by innumerable pieces of software to encode and decode video—in a line of code that automated testing tools had hit five million times without ever catching the problem;
The model autonomously found and chained together several vulnerabilities in the Linux kernel—the software that runs most of the world’s servers—to allow an attacker to escalate from ordinary user access to complete control of the machine.
Paradoxically, the Department of Defense had its national security supply-chain risk labeling of Anthropic affirmed by the courts, depriving itself of the most advanced cybersecurity model.
Perfect encapsulation of where we are at
“I also thought about the global order established after World War II, centered around the United Nations and shaped under Roosevelt’s leadership,” he said, referring to former President Franklin D. Roosevelt. “And I wondered, how it is possible for a U.S. president to undermine and discredit all American values and 250 years of human legacy?”
Experts are sounding the alarm. A study in September by the Information Technology and Innovation Foundation, a Washington think tank, warned that without a reversal, the cuts to science could shrink the U.S. economy by nearly $1 trillion over 10 years. That could leave the U.S. lagging behind China, which is investing heavily in research.
“The Government’s fundamental problem is that it has presented no evidence whatsoever of fraud,” Boasberg said in his order Friday.