Comment by hootz
6 days ago
My bet is that Mythos is still over-hyped and the cybersecurity fear and guardrails are mostly marketing to force company partnerships through Glasswing and get public attention.
6 days ago
My bet is that Mythos is still over-hyped and the cybersecurity fear and guardrails are mostly marketing to force company partnerships through Glasswing and get public attention.
Mythos is from the same guy who did "GPT-2 is too dangerous to release"
https://naokishibuya.github.io/blog/2022-12-30-gpt-2-2019/
He was kinda right.
Lawyers, doctors, students, teachers. Lots of people using GPT models carelessly in harmful ways.
Obviously not what he meant at the time but hilarious(ly sad) in retrospect.
Delaying a technology release is not going to stop that in the long term. Society, culture, and the support tooling just needs to adapt. Just like how AI coding is still in the early days.
The sooner people learn the risks and build the infrastructure to make it fail less the better.
The claim I remember was that releasing it would start an arms race for AGI, which was absolutely true
If it was truely an arm's race to AGI they would've stopped relying on the data/param scaling law BS ages ago.
"Malicious use" means spam, propaganda bots, etc. It's nice to give people who work on spam filters some heads-up.
It's clear that the parent didn't bother to read the link they shared, which articulates exactly this. That's embarrassing.
From the link:
> They summarized their findings from the nine months:
> 1. Humans find GPT-2 outputs convincing.
> 2. GPT-2 can be fine-tuned for misuse.
> 3. Detection is challenging (detection rates of ~95% for detecting 1.5B GPT-2-generated text by RoBERTa).
> We’ve seen no strong evidence of misuse so far.
> We need standards for studying bias.
>> All these points are valid, and OpenAI did a great job identifying potential risks, especially misuse and biases, at an early stage.
2 replies →
People quote the "GPT-2 is too dangerous to release" thing as if it were wrong, but given all the slop all over social media and how it's used to create division and attack social cohesion, he was clearly right.
History is long and never over, so he could easily be right both times before this is through.
That guy is the biggest clown lmao
The UK gov disagrees with you:
https://arstechnica.com/ai/2026/04/uk-govs-mythos-ai-tests-h...
https://www.aisi.gov.uk/blog/our-evaluation-of-claude-mythos...
AISI did also say that GPT-5.5, which has been public for months, scores basically the same as Mythos on their cybersec evaluation. But there wasn't as much media about about that for some reason.
https://www.aisi.gov.uk/blog/our-evaluation-of-openais-gpt-5...
AISI found the release version of mythos preview outperformed GPT-5.5 https://x.com/AISecurityInst/status/2054589763173126339
Government of the least mismanaged country in the world?
AISI is basically the crown jewel of the British government at this point in that its actually pretty good.
You mean the most mismanaged country?
Bingo.
"We had to do extra work to make this safe because it's so advanced and dangerous..." how many times can they trot out that line before it loses its effect entirely?
Only three times, if fables are right.
The Startup Who Cried Unsafe, by AIsop
[dead]
With homo "sapiens" "sapiens"? A few decades at least.
I mean, they do actually describe what that extra work was, and people elsewhere in this thread are complaining about the effects of those safeguards. So it's not like this is purely empty rhetoric.
people are not questioning whether they did the work, they are questioning whether the work was really necessary (i.e. if mythos is really so good that it needs safeguards to prevent malicious actors from using it)
It worked for OpenAI when GPT 3 was deemed too dangerous to be released. This is just a spin of that.
I still remember it. "Open"AI going API-only because GPT-3 is really really dangerous, so forget the Open in our name and all of that, you can't download our models anymore and must request access to them because they pose a THREAT.
Fast forward to today and GPT-3 has laughable performance.
Even back then there were plenty of people who got fooled by AI generated articles. It's easier to spot AI writing now because we are so used to it. They were right to be concerned; not that it achieved much since oss models run laps around gpt-3 now.
1 reply →
I know a security researcher at Google with access to Mythos. He says it's the "real deal" and that "there are career plans I had that are no longer viable".
“trust me bro”
He could be incredibly naive. We'll all find out with time.
Yes, and "in collaboration with the U.S. Government" feels like a very gross ploy at appeal to authority. You don't need Mythos or really any SotA frontier model to make malware or do extensive penetration testing/reconnaissance already. Sure, Mythos might be faster/more efficient, but the cat has been out of the bag for awhile. Even the terminology "infrastructure providers" practically screams "Enterprise leads".
I think all models can find vulnerabilities if read the entire code base. Or intelligently combine parts of the codebase. Especially with test loops.
And to ensure that only USG-approved entities are allowed to secure their code.
I fear it's a smokescreen to manage cost and capacity.