← Back to context

Comment by secretslol

6 days ago

"Lower ability to perform cybersecurity-related tasks" makes me super concerned it will leave my codebase like Swiss cheese for any American granny with access to Fable 5, when we non-American Brits, or rest-of-worlders, don't have access to it to clean our codebases.

100% this. I read these caveats in new models and all I hear is "we made sure this model has no idea about computer security." Such a weird thing to brag about.

I think they don’t understand that cybersecurity skills are what prevent bad code from making it into production.

It’s like telling a chef to cook without a knife because knives can kill people.

Dario and his lackeys at Anthropic aren’t visionaries.

  • I think this is more aimed at the US gov't than anything. They want to be clear that it's not very good at hacking, so that the gov't won't ban it.

    I'm sure they're well-aware that this also will make it worse at building secure systems, but the gov't isn't restricting releases based on that.

  • I think you misunderstood what their vision is, or rather what their possible futures are. They are many steps ahead of almost everyone, both in wargaming possibilities and the actual realized path. What doesn’t make sense to you may be the only safe option for them.

    • > What doesn’t make sense to you may be the only safe option for them

      thats true because their point of view makes no sense for us. dario is all in on lesswrong machine god theory and really believes they need to create a super intelligence before anyone else. that means doing as much as possible to slow down others progress and accelerate your own. but the fact that they believe its the only option doesnt make it true for the rest of us.

      1 reply →

    • I've been wondering this - I don't have an intuition for Anthropic's gaming around military applications, or how this stage could play out in terms of relationship to Government controlling AI.

      Are there some Less Wrong posts or similar I should read that probably explain it?

This is code for "this model can't be used to hack other systems as effectively as Opus or Mythos."

  • "dangerous cyber skills, such as developing software exploits" is very plainly referring to the same thing you are, but is more precise industry terminology rather than the loaded slang "hack".

That's the literal mission of the NSA. Security and strong cryptography for the US while everyone else gets "export grade" nonsense.

I think that increasingly, the US will have to be passed by for these things. Clearly we’ll have to start looking to China for world leadership, to be the land of the free.

> any American granny with access to Fable 5,

Fable is effectively not available to the general public in the US either

  • True, but Trump & Co. did give them permission to let Americans continue using it, but Anthropic turned that down (for now at least...).

    • Because there is no practical way to comply with what they asked for. They'd have to start validating their users passports.

That’s not even close to true. Unless you’re vibe coding trash that a better model might catch.

  • I don't think so. During the time I was using Fable 5, I was getting it to clean security bugs that Opus 4.8 had introduced ... bugs which weren't localised to a single PHP file but were caused by cascading data flow through multiple PHP files. I'm not an expert on security but I know I wouldn't have found these myself. I knew from day one of Fable's release that it would do thorough security audits and fix loads of flaws, even offering up PoCs to help show that it fixed them, as long as I didn't explicitly ask it to do a security audit. I just said, "My codebase is a mess," and it went on for an hour doing a thorough security audit and helping plug numerous holes. This was before the "fix my code" story came out.