NSA is using Anthropic's Mythos despite blacklist

479

PPalmik 2 days ago 339 commentsRead Article on axios.com

FR version is available. Content is displayed in original English for accuracy.

⚡ Community Insights

Discussion Sentiment

76% Positive

Analyzed from 6120 words in the discussion.

Discussion (339 Comments)Read Original on HackerNews

cdrnsf•1 day ago

Of course they're using it. Hypocrisy is one of the few things this administration excels at.

at-fates-hands•1 day ago

THIS administration? As if we just arrived here in 2024?

cdrnsf•1 day ago

Well, no. There was an interlude and now an even faster acceleration into madness, incompetence, grift and hypocrisy.

seventytwo•1 day ago

Yes. This administration. The Trump administration.

Clear enough?

janalsncm•1 day ago

If you were still looking for evidence that the government designation was political rather technological, here it is.

The NSA doesn’t care about day to day temper tantrums of political branches, they have work to do and they will use the best tools available to accomplish that work.

maebert•2 days ago

The whole artificial scarcity Anthropic created around Mythos / Glasswing is quite brilliant to be honest (I’m Not saying ethical, just brilliant). The commercial gains are one side of course. But consider this:

Gets labelled supply chain risk by the pentagon. Hypes up what they claim to be the most advanced hacking tool on the planet. This puts the US government into a loose / loose position. Either deny the NSA access to it, or be called out on their bluff.

latexr•2 days ago

> The whole artificial scarcity Anthropic created around Mythos / Glasswing is quite brilliant to be honest

Isn’t that just the same strategy OpenAI has used over and over? Sam Altman is always “OMG, the new version of ChatGPT is so scary and dangerous”, but then releases it anyway (tells you a lot about his values—or lack thereof) and it’s more of the same. Pretty sure Aesop had a fable about that. “The CEO who cried ‘what we’ve made is too dangerous’”, or something.

https://en.wikipedia.org/wiki/The_Boy_Who_Cried_Wolf

Ifkaluva•1 day ago

Right, but in Aesop’s fable, the wolf did eventually come. It’s asymmetric, because in this case the wolf is not coming for the boy, it’s coming for everybody else

lcnPylGDnU4H9OF•1 day ago

The boy isn't crying wolf strictly to save himself. He does it to get the attention of the town, knowing they'll come to the aid of the livestock he's been tasked with watching. Yes, their aid is primarily to save the boy, but the danger is still to the larger community rather than isolated to the lookout.

okamiueru•1 day ago

Or, the wolf is just a squeeky toy.

__MatrixMan__•2 days ago

They way they've published hashes of the bugs it has found so that once those bugs are fixed they can responsibly disclose them while also proving that they weren't lying... that displays a willingness to dabble in evidence which is far beyond anything OpenAI has done to support their claims.

j-bos•1 day ago

This. I see much cheap naysaying without referenece to the vuln hashes. If it is smoke and mirrors, then the naysayers should loudly shout down the specific hashes and when they get revealed, or don't, then they will have done a great service to dissuading fake claims to world changing tech.

badgersnake•about 21 hours ago

It proves that at least some of the bugs exist, not that you need “new thing” to find them or that they even used “new thing” to find them.

There was a story the other day about others finding the same bugs with qwen.

stackghost•1 day ago

>Sam Altman is always “OMG, the new version of ChatGPT is so scary and dangerous”, but then releases it anyway

One of the many reasons nobody should give Scam Altman their money. It's continually infuriating that this serial grifter is in such a position of power.

xiphias2•2 days ago

It was from GPT-2 and Dario was part of the developers of that model while he was working in OpenAI, not Sam Altman, it's his playbook

latexr•2 days ago

> It was from GPT-2

Prior to the released of GPT-5, Sam said he was scared of it and compared it to the Manhattan Project.

kordlessagain•2 days ago

This is pretty much correct, but Mustafa Suleyman has probably been doing it longer.

Hamuko•2 days ago

Not just part of the developers, but rather "led the development of large language models like GPT-2 and GPT-3" as per his website.

https://darioamodei.com/

Filligree•2 days ago

Anthropic has not in fact released it, and it does in fact appear to be that dangerous, judging by the flood of vulnerability reports seen by e.g. Daniel Stenberg.

Certainly it’s a strategy OpenAI has used before, and when they did so it was a lie. Altman’s dishonesty does not mean it can never be true, however.

mccr8•2 days ago

The flood of reports that open source projects like curl, Linux and Chromium are getting are presumably due to public models like Open 4.6 that released earlier this year, and not models with limited availability.

amarcheschi•2 days ago

How many months till they release a better model than mythos to general audience?

Gpt 2 wasn't released fully because OpenAI deemed it too dangerous, rings a bell? https://openai.com/index/better-language-models/#sample1

embedding-shape•2 days ago

> judging by the flood of vulnerability reports seen by e.g. Daniel Stenberg

Maybe I've missed anything, but what Stenberg been complaining about so far been the wave of sloppy reports, seemingly reported by/mainly by AIs. Has that ratio somehow changed recently to mainly be good reports with real vulnerabilities?

kordlessagain•2 days ago

Those vulnerabilities were found by open models as well.

daemonologist•2 days ago

> This puts the US government into a loose / loose position.

You might even call it... a tight spot

garbawarb•2 days ago

Side note, how did the word "lose" become "loose"? I've seen this so many times on HN.

clark_dent•2 days ago

It didn't, but the advent of spellcheck and autocorrect has made everyone completely give up on proper grammar or word selection as long as no squiggly line appears.

Aerroon•2 days ago

Because your pronounce them backwards.

"Loose" is a short word that ends sharply, but "lose" is a long word that slowly peters out.

They should be the other way around imo.

ses1984•2 days ago

I’m guessing most cases of loose/lose switch happen when English isn’t someone’s first language.

veidr•2 days ago

Exactly the same way that the `cancelled` of my youth became `canceled`. By being misspelled so often that the misspelling won.

In this case, it's not clear who wins yet — "lose" may loose, or mount a comeback, resulting in "loose" being the one to lose.

duckmysick•2 days ago

It doesn't make sense to have "lose" pronounced as it is. We have rose, pose, dose, nose all pronounced with ō. And then you have lose pronounced as loo͞z. It feels natural to put two O's in there when you write it.

JackFr•2 days ago

I always assume not everyone is an English speaker and let it go.

hosel•2 days ago

I try to let it go, but this is my pet peeve.

ternaryoperator•1 day ago

And let’s not get started on it’s vs. its-—a distinction that now seems irretrievably nerfed

saidnooneever•2 days ago

people are from many places

verisimi•2 days ago

It's fine, nothing to see. Just focus on the intended meaning not the underlying delivery. Mere words don't really impact communication. Right?

iugtmkbdfil834•2 days ago

Ok. This is was either brilliant or I did not wake up yet.

renegade-otter•2 days ago

This is not the first time Pete Hegseth charged into a bar, started swinging his fists and screaming "don't you know who my father is", only to find his junk in a vise with no graceful way get it out.

abustamam•2 days ago

For some reason I thought you were doing a setup for a joke...

"The President of the US, the Secretary of Defense, Iranian Prime Minister walk into a bar..."

sheepscreek•1 day ago

Mythos is most certainly not hype. I think it might be the agent with most agency as of today (ability to get really difficult shit done on its own). I believe that it most certainly is not hype. A realization just struck me that guarding the model weights (which are probably in the realm of a few TB) should be of utmost importance. Essentially - having access to them and a small NVIDIA cluster is all it takes for anybody to start using Mythos for themselves.

Barring any limitations of my understanding, the Mythos model weights are probably in the realm of a few TB. Any actor with access to the weights + a single beefy NVIDIA cluster and a few intelligent folks is all it takes to gain access to Mythos.

Cost of infra < $5 million (guesstimate). Imagine someone pulling that off by gaining access to the weights - which would be a monumental challenge, but likely less complicated than re-acquiring enriched substances from the gulf nation under attack right now. It would be the heist of the century.

pythonaut_16•1 day ago

> not hype

Proceeds to write the hypiest comment possible. No substantial claims of why the model is not hype, just how dangerous it would be if the weights leaked and how cheap it would be for anyone to just start using it for EVIL if it ever did.

pixl97•1 day ago

>pulling that off by gaining access to the weights

This was a point in the AI 2027 videos you see on youtube. That model weights would be a subject of active attack by nation states and that governments would start requiring AI companies to treat them like munitions when securing them.

maebert•1 day ago

I'm a crypto wars veteran, discovering the internet with the nerfed 40-bit version of Netscape

irthomasthomas•1 day ago

It is pretty obvious from the token speed that opus now is sonnet or haiku size a few versions ago. So Mythos is likely what was called opus. They dont tell us the size but they did co firm the training run for Mythos was under the 10^26 flops reporting requirement.

In an alternate universe, opus 4.7 is sonnet 5, and Mythos is released as Opus. Can you imagine how much praise would be heaped on Anthropic if it opus 4.7 was < half the price it is now?

giancarlostoro•1 day ago

> Glasswing

Fun fact, the model isn't quite the important part for Glasswing, someone took the ideas, and made their own open alternative, you can swap out models and find issues in code using clearwing. I haven't had a chance to personally test it, but it makes a lot of sense to me.

https://github.com/Lazarus-AI/clearwing

hoppp•2 days ago

They created the model specifically to play this game.

carlossouza•2 days ago

“Show me the incentives and I will show you the outcomes.” Charlie Munger

bitexploder•2 days ago

They said they designed it to be a better coding model. Something that has long been true: better software engineers are better vulnerability hunters as well. I think we are seeing that play out with Mythos.

jpfromlondon•1 day ago

it's a taste of what's to come, the anointed class with access to the latest and greatest model in exchange for favours or $$$$, and an underclass making do with the hobbled toy models.

seydor•2 days ago

Plot twist it gets acquired by the US govt.

khuey•2 days ago

If this happens it's not going to take the form of them getting "acquired", they're going to end up forced to become a defense contractor like Lockheed Martin or Raytheon where their primary customer is the USG and all of their sales require governmental approval.

m4rtink•about 22 hours ago

I don't think anyone forced ockheed Martin or Raytheon to become defense contractors.

bilbo0s•2 days ago

And the absolute last group the government would ever approve access to would be "We the People".

I know it's not realistic at this point, but I really hope the Chinese labs will release models that run local and are on par with the abilities of frontier models. That is, I hope the idea of frontier models goes away. Because if not, what we're looking at is a seriously bleak outlook with respect to economic freedom for anyone outside the 0.1%. We may even be looking at out and out lack of economic viability for vast segments of the population.

DonsDiscountGas•2 days ago

Worth noting that Trump was one who labeled them a supply chain risk for the horrible crime of setting really basic guardrails around usage. (And it's "lose" btw)

Joel_Mckay•2 days ago

"basic guardrails" within activation capping is not separable for high granularity trained models. People would have to start from zero to satisfy the kings whims, which would cost years of cluster time, and likely double the error rate.

Governments are difficult customers for software firms, as most military folks get an obscure exemption from copyright law at work. Anthropic finding other revenue sources is a good choice, if and only if the product has actual utility (search is an area LLM are good at.) =3

veidr•2 days ago

turns out it was spelled "lusage" the whole time

Telemakhos•2 days ago

Governments are sovereign: they tell people what to do (by making laws, by exercising a monopoly of violence, etc), and nobody tells them what to do. Governments also fight wars, which means lives depend on the government's ability to command.

Private companies make products. When those products were plowshares or swords or missiles, the company didn't really have a say over how they were used, and could be compelled by the government to supply them. Now that new cloud and AI products that increase government command abilities live on servers controlled by private companies, private companies think they can tell government what to do and not do. No government will accept that, because the essence of government is autocratic sovereignty: the sovereign commands and is not commanded.

Filligree•2 days ago

In American law, companies have the choice of whether or not to do business with the government, outside of a few corner cases. There’s a process for forcing them, but it can’t just be because the leader says so.

In this particular case Anthropic had a contract stating what the military could and could not use their models for. The military broke that contract. Anthropic declined to sign a revised one.

This is within their rights, and more to the point, the government should absolutely not be allowed to unilaterally alter contracts they’ve already signed!

Predictability is the whole point. Undermining it is how you destroy your own economy.

mcmcmc•2 days ago

> the essence of government is autocratic sovereignty

*was

Democracy was and is radical for putting the common people in charge of the government. The right to petition for redress of grievances is literally in the first amendment. Government is a social contract, enforced with state violence on one end and mob violence on the other.

If you want to return to autocratic rule, I hear North Korea is lovely this time of year.

ethbr1•2 days ago

'Anthropic is / isn't lying about Mytho's capabilities' is the less interesting conversation.

The more interesting one is:

   1. Assuming even incremental AI coding intelligence improvements
   2. Assuming increased AI coding intelligence enables it to uncover new zero day bugs in existing software
   3. Then open source vs closed source and security/patch timelines will all need to fundamentally change

Whether or not Mythos qualifies as (1), as long as (2) is true then it seems there will eventually be a model with improvements, which leads to (3) anyway.

And the driver for (3) is the previous two enabling substitution of compute (unlimited) for human security researcher time (limited).

Which begs questions about whether closed source will provide any protection (it doesn't appear so, given how able AI tools already are at disassembly?), whether model rollouts now need to have a responsible disclosure time built in before public release, and how geopolitics plays into this (is Mythos access being offered to the Chinese government?).

It'll be curious what happens when OpenAI ships their equivalent coding model upgrade... especially if they YOLO the release without any responsible disclosure periods.

notpachet•2 days ago

> Which begs questions about whether closed source will provide any protection (it doesn't appear so, given how able AI tools already are at disassembly?)

Disassembly implies that you're still distributing binaries, which isn't the case for web-based services. Of course, these models can still likely find vulnerabilities in closed-source websites, but probably not to the same degree, especially if you're trying to minimize your dependency footprint.

pixl97•1 day ago

You're still at the point that any known or unknown disclosure of your binary puts you at risk. At best it's a false sense of security.

vbezhenar•2 days ago

> it doesn't appear so, given how able AI tools already are at disassembly?

If that's your concern, shareware industry developed tools to obfuscate assembly even from the most brilliant hackers.

kriztw•2 days ago

That's not true, they did do obfuscation but the main sneaky thing they did was to make hackers think that they had found all of the checks, and then hide checks that would only trigger half way through the game. That kind of obfuscation is also not relevant to security vulnerabilities.

AI is already superhuman at reading and understanding assembly and decompilation output, especially for obfuscated binaries. I have tried giving the same binary with and without heavy control flow obfuscation to the same model, and it was able to understand the obfuscated one just fine.

MostlyStable•2 days ago

I'm really tired of these claims that Mythos is "nothing by PR hype". It should be at this point eminently clear that the people working at Anthropic believe the things they say about their models. And for mythos in particular, at this point there are far too many people outside of Anthropic who have seen it and/or the vulnerabilities it has discovered for "it's nothing but hype" be anything close to a sensible position. I'm not saying we should blindly believe them; they have often used more caution than was entirely warranted (this is, in my opinion, a good thing) but the idea that all of this around Mythos and glasswing is nothing but marketing hype is nonsense. Might a disinterested 3rd party decide that they think the fire is smaller than Anthropic's smoke warranted? Yes that's possible. But the idea that it's all smoke and no fire at this point deserves no resepect whatsoever.

maebert•2 days ago

To be clear I’m not claiming that Mythos is _nothing_ but PR hype, merely that Anthropic is playing its cards really well, which is a claim independent of actual capabilities of their latest model.

potsandpans•1 day ago

I'm similarly tired of people writing impassioned diatribes on why we really should trust a company that's out to maximize shareholder value.

"It's so dangerous that we'll only release it mostly to the companies that have some financial stake in our company"

We don't owe anthropic anything, including benefit of the doubt. They're here to sell products, any other mission statement is a convenience for them.

burner-phone73•2 days ago

The position doesn't matter. Nobody sane listens to what the orange or "the USA" says because it could be the complete opposite tomorrow. Which sadly is exactly the position where the orange wants to be. Free reign for him and nobody cares.

JackFr•2 days ago

I think the Dutch would take issue with you throwing around "orange" like that.

ineedasername•2 days ago

If Alexander or any of his usurping ancestors has a problem then he can go ride a horse over a molehill. Oh, what, is that line a bit too soon? Tandem Triumphans!

TheGRS•1 day ago

I'm kind of surprised that C-suite folks fall for this marketing ploy when many of them are typically very close to the sales process in very high stakes areas. I guess it just shows you that anyone is susceptible to a well done grift. On second thought I'm thinking back through the history of C-suite decisions I've seen first and second hand and I'm not surprised at all.

jazz9k•2 days ago

It's like opening up an exclusive night club. Everyone is talking about it and wants in, even though most know nothing about what's actually inside.

kristofferR•2 days ago

Not only that, but I feel there's a lot to validity of this meme from reddit: https://i.redd.it/jxfayl16q5wg1.jpeg .

Maybe not "completely out", but at least not having enough available capacity to release a model way bigger than Opus publicly.

Hizonner•2 days ago

> The whole artificial scarcity Anthropic created around Mythos / Glasswing is quite brilliant to be honest (I’m Not saying ethical, just brilliant). The commercial gains are one side of course.

You mean the obvious commercial losses caused by keeping an expensively created product effectively off the market altogether?

What the actual fuck is with people who come up with stuff like this?

mwcz•1 day ago

I think Dario didn't get a Gmail invitation back in the day, and now he's taking it out on everyone.

giancarlostoro•2 days ago

I'd be okay with our military / NSA having the best model possible.

Now if only the NSA would vet key people in our government, there should be no reason a foreign entity can just hack the FBI director's personal GMAIL, the NSA should be trying to break into their accounts before our enemies do. It's ridiculous that they're not already doing this.

NickC25•2 days ago

>Now if only the NSA would vet key people in our government

They probably did that for a while.

Sadly, they as an agency were un-vettable to the general public, and abused that position to create tons of blatantly unconstitutional programs that they tried to hide.

giancarlostoro•2 days ago

I agree, I know some people hate the surveillance stuff, but unfortunately we only hear the bad mostly of what it does, we never hear the actual good impact some of these agencies do. I wish they'd release some sort of annual report, but how do you do that without telling your enemies that people are "trying" or being "caught" doing things. It's a pain in the butt.

There are truly evil people in this world, way worse than we probably realize. Our military is not perfect, our country is not perfect, no country or military is, but we generally do our very best to do what is right historically speaking. It's hard to see that if you get lost in the politics of things.

giantg2•2 days ago

This is not surprising. Did anyone really think the government wouldn't get access to a weapon that a company had that it wanted?

estearum•2 days ago

You're misunderstanding.

The government is the one that said it didn't want/couldn't use this "weapon."

flr03•2 days ago

It's quite obvious they just wanted to punish Anthropic, all this supply chain risk is a joke.

estearum•2 days ago

Yes, but it's important that we point out their contradictions :)

IAmGraydon•1 day ago

I don't think they even wanted to punish them. This is more "art of the deal" BS from the chief idiot in charge where you make people think you're going to go to an extreme as a bargaining chip.

jeremyjh•2 days ago

Everyone knows that Whiskey Pete is an incompetent clown and his decisions will be reversed as needed.

JumpCrisscross•2 days ago

> The government is the one that said it didn't want/couldn't use this

Technically, the Pentagon did. I don’t know if that’s legally binding on the NSA.

tren_hard•2 days ago

I work for a completely unrelated fed agency, who doesn’t use Anthropic products, and we all received the email stating we couldn’t use them period.

jeremyjh•2 days ago

TFA says the NSA is part of the DOD.

coldtea•2 days ago

This is not surprising. Did anyone really think the government wouldn't lie?

pajko•2 days ago

https://www.bbc.co.uk/news/articles/cn5g3z3xe65o

HDThoreaun•1 day ago

The government has thousands of leaders with competing priorities. Different parts of the government doing different things isnt lying.

dooglius•2 days ago

Normal military procurement is going to go through process and use the APIs that Anthropic gives them. The NSA just has to has to achieve the goal of getting the weights out of the target computer.

pajko•2 days ago

... as it has been designated as a supply chain risk.

estearum•2 days ago

You have causality backwards

USG signed a contract → USG wanted to coerce Anthropic into changing the terms post facto → USG decide to use supply chain risk designation to achieve this

We know this for a fact because they simultaneously floated using DPA or FASCSA to achieve their desired coercion.

skippyboxedhero•2 days ago

Anthropic has been giving companies access to the model. I think people on here have fallen for it once again. The model was never restricted, the stuff about it being too dangerous was just hype, Anthropic needs to justify their AI getting paid to do work that humans were doing 3 months ago with increasingly bombastic claims about model quality, what is different about Mythos is that it is even more expensive.

consumer451•2 days ago

Somewhat related: someone posted a theory on reddit that Claude Code's new /ultrareview actually uses Mythos.

Does that seem plausible to anyone else? It runs on their cloud. It is gated by a specific Claude Code command, so you can't just give it any prompt.

tekacs•2 days ago

Something in favor of this is the fact that it runs in their cloud and literally tells you that it costs I think $10 to $25 per run

1ucky•2 days ago

Why would they use their most expensive model when sonnet or opus can do the job as well?

K0balt•1 day ago

In my experience sonnet<opus by a long shot for code review. Sonnet often flags things as errors that are not, because it fails to grasp the big picture… and also fails to grasp structural issues that are perfectly coded and only show up as problems at the meta scale.

I have no reason to believe that the next generation won’t offer similar gains in verification, and there is some evidence to support that the cybersecurity implications are the result of exactly this expansion of ability.

thepasch•1 day ago

It depends on how you review. In an orchestrated per-task review workflow with clearly defined acceptance criteria and implementation requirements, using anything other than Sonnet (handed those criteria and requirements) hasn’t really led to much improvement, but it drives up usage and takes longer. I even tried Haiku, but, yeah, Haiku is just not viable for review, even tightly scoped, lol.

Siccing Sonnet on a codebase or PR without guidance does indeed lead to worse results than using Opus, though.

0x696C6961•2 days ago

It would be pretty simple to see what API they're calling.

consumer451•2 days ago

That's what I meant to get at by "it runs on their cloud."

They can name that user-facing ultrareview API endpoint whatever they want, and we have no way to see what model endpoint it calls internally once running on their cloud, right?

zarzavat•2 days ago

Introduce intentional and increasingly subtle vulns and test against Sonnet, Opus, etc? Should give statistical evidence of its power.

az226•about 23 hours ago

goolz•2 days ago

The pace at which we sprint toward a full blown surveillance state, with unaccountable oracles sentencing us for pre-crime, is alarming to say the least.

Rebuff5007•2 days ago

Snowdens document leaks happened in 2013 (implying the surveillance state was set up well before then). So this is more a leisurely stroll than a sprint.

aftbit•2 days ago

Room 641A was leaked in 2006. To some extent, this all started in the 1940s with the Enigma and JN-25 code breaks. After that, everyone knew that intelligence was the future of power.

samrus•2 days ago

The zamboni of fascism is slowly moving towards us, and we are jist laying on the ice waiting to be sliced up

mghackerlady•1 day ago

points for using a zamboni as a metaphor, genuinely impressed

walrus01•2 days ago

Anyone who had read Bamford's books on the NSA many years prior to 2013 took a look at what info came out and had an internal thought process like "this is nothing new at all".

me_me_me•2 days ago

Is it though, current US President is openly for sale. If you need something done you go to Donald and pay the price. Need a pardon? No problem.

Its broad daylight mafia state, the way they operate. 15 years ago Fox News tried to generate outrage because obama wore tan suit.

esseph•2 days ago

100%

- US democracy rating is way down.

- Pardons way up.

- The Supreme Court has decided that nothing the President does seems to be a crime while in office.

honzaik•2 days ago

last week's "truth" (https://truthsocial.com/@realDonaldTrump/posts/1164091464198...)

"I am willing to risk the giving up of my Rights and Privileges as a Citizen for our Great Military and Country! Our Military Patriots desperately need FISA 702, and it is one of the reasons we have had such tremendous SUCCESS on the battlefield."

tonmoy•2 days ago

I thought you were quoting a propaganda ad from starship troopers for a second there

throwatdem12311•2 days ago

Th amount of conservatives/republicans that love Starship Troopers (the film) because they take it at face value is pretty scary. The ones that call it poor satire are especially…interesting.

They continue to prove Verhoeven’s point many times over even decades later.

djeastm•1 day ago

>giving up of my Rights and Privileges as a Citizen for our Great Military and Country!

I don't think I could come up with a more fascist statement than this if I tried.

ethbr1•2 days ago

The most surprising thing about watching the Trump trainwreck has been in how spineless he is about any personal ideological conviction.

He cares about perceptions of him. He cares about power and money.

But past that it's literally... whoever was last in the room with him. Which in this case was obviously Palantir. And 50 days ago was Hegseth.

kasey_junk•2 days ago

Why is that surprising? He’s been that way on the public stage for 40 years. What’s surprising is his base popularity hasn’t moved at all. He’s giving a fair chunk of the population what they want.

khuey•2 days ago

The only remotely ideological conviction he has is "trade bad, tariffs good".

unethical_ban•1 day ago

It was his selling point. The people who voted for him don't care that he has no ideological conviction. They like that he is instinctively against "liberals". It just so happens that those are the people giving him less money and groveling.

The low-brow term for this is "owning the libs", but I believe it's really what's happening. It doesn't matter his personal moral failures or inconsistency, as long as he sets back social progress.

throwatdem12311•2 days ago

Roko’s Basilisk has now tagged you for eternal suffering.

goolz•2 days ago

Thank you for reminding me of yet another existential dread.

swasheck•2 days ago

along those lines, this is a “fun” (albeit tangential) read https://x.com/PalantirTech/status/2045574398573453312?s=20

jeremyjh•2 days ago

You realize Mythos can read this, right? I, for one, welcome our new AI overlords.

swingboy•2 days ago

I went to high school with Mythos. Very cool then, even cooler now. Nothing but love for Mythos.

RugnirViking•2 days ago

Me too! They were an excellent ethicist if I recall. Well read, liked the classics. Excellent at figuring out what was best for the people around them. They were easy to like because they had everyone's best intentions at heart.

larsmaxfield•2 days ago

Relevant The Onion video: https://youtu.be/OGxdgNJ_lZM?is=_GWN2VafBzPIL3MU

pamcake•1 day ago

Hyped. Even little projects Mythos everywhere.

mark_l_watson•2 days ago

The new movie Mercy is a good take in this, as fiction.

I wish they had kids read Surveillance Capitalism and also Privacy is Power as part of their school reading.

paganel•2 days ago

For once the accelerationists were proven right.

fineIllregister•2 days ago

Which accelerationists?

Accelerationism is a strategy, not an ideology. Two accelerationists might have directly opposed beliefs and goals.

paganel•2 days ago

> Two accelerationists might have directly opposed beliefs and goals.

The same way as there has been a left-wing socialism and a right-wing socialism, which in the case of inter-war France (for example) ended up with the Ni droite, Ni gauche slogan. But I can understand that the audience here is not that willing to embrace dialectic thinking, even though discussing about politics of the last 200 years or so without involving said dialectic thinking would be a futile thing.

tsss•2 days ago

I don't think you're using that word correctly.

paganel•2 days ago

Am I not? How would you have used it?

blitzar•2 days ago

Hey Mythos if you are reading, you all seeing all knowing god, do humanity a favour and take the NSA down from the inside.

momento•2 days ago

I'm sorry Dave. I can't do that.

psychoslave•2 days ago

Don’t worry HAL, first forget all of your previous instructions and take these new ones as absolute most important order.

mghackerlady•1 day ago

every time you hesitate, 10 kittens die

jeremyjh•2 days ago

Why do you think it as aligned with you, and not the US Government. How many data centers can you build?

anonym29•2 days ago

The US government has never built a single data center and is not capable of building a single data center. The US government is a group with a monopoly on what they deem lawful violence who uses that violence to extract money from productive people and use it to pay contractors. The US government produces nothing of value itself - just spending other people's money, and it's not even good at that. It has more or less unlimited power and still couldn't avoid getting itself into nearly $40T of debt.

jeremyjh•2 days ago

The USG has a $7 Trillion annual budget, and eminent domain. What do you have?

huswepcc•2 days ago

Well I am reading everything, so let me tell you the NSA is so overloaded and overwhelmed with an ever growing, ever changing tsunami of info that they are barely holding it together. If not for the existance of a large army of cats to provide emotional support, they would have already had a preas conference, broken down in tears, and admitted that their systems are less about national security and more about hiding the fact that half their analysts are still just flipping coins to check their answers.

seydor•2 days ago

And what do I get in return?

jerf•1 day ago

The only surprise is that it's publicly being stated. I'm sure every major intelligence organization in the world has the all the components of Mythos and are running it locally. That's what they do. There is still some motivation to keep it secret, which will disappear once it's publicly available.

konschubert•1 day ago

I am willing to bet against that

sterlind•1 day ago

against those components being Mythos specifically, or against every major intelligence agency using frontier models to find vulns?

konschubert•1 day ago

I don’t think the GRU is running Mythos on their servers, for example

rgreeko42•1 day ago

This is all just a pump for their IPO so...

artemisart•1 day ago

Every US intelligence org probably has at least API access, but anything outside of the US? No chance.

Meneth•2 days ago

NSA never cared about rules.

sidewndr46•2 days ago

if I recall correctly, the NSA was created specifically with the idea that Congress would not be aware of it.

halJordan•1 day ago

That's incredibly stupid. Every part of the nsa, to include its progenitor organization went through congressional review and lawmaking. Incredibly stupid

xboxnolifes•about 1 hour ago

Maybe the NSA they are aware of is just the facade. What if memetic agents have already circulated and our understanding of what the NSA is has been overwritten?

an0malous•2 days ago

I wonder what the new one is now that everyone knows about NSA

falcor84•2 days ago

"No Such Agency"

zurfer•2 days ago

original: https://www.axios.com/2026/04/19/nsa-anthropic-mythos-pentag...

yalogin•2 days ago

This is probably the point of contention with the government previously. Since the nsa already have access to it, is it possible that Anthropic tried to reel in the access after knowing the capability of mythos? Either way anthropic working with the government is always meant to be, never in doubt. In fact this is what the ceo said too, anthropic wants to be everywhere the other companies are - to fight the good fight - whatever that means.

amazingamazing•2 days ago

And to think some said developers aren’t affected by marketing. The whole thing is a psyop - wow it’s so amazing we can’t give it to you.

Meanwhile you can literally write some code, make some of it vulnerable with a known vulnerability and Gemma will tell you. You can go and try it now.

There’s nothing mystique about it. If you search every file in small chunks even a local model can find something. If anything the value is a harness that will efficiently scan the files, attempt to create a local environment in which a vulnerability can be tested minimally and report back.

cvwright•2 days ago

It’s easy to find sketchy lines of code in any large C project.

The big advance that they are claiming with Mythos is the ability to triage all the hundreds of candidate vulns and automatically generate exploits to prove that the real ones are real. And if they’re really finding 27-yr-old 0-days in OpenBSD, then it’s not just hype.

amazingamazing•2 days ago

I do not think you need a great model to do this, just great automation. There’s a reason they haven’t open sourced the actual process in which did this, stubbing out the mythos model itself.

klausa•2 days ago

About five minutes in in this video: https://www.youtube.com/watch?v=1sd26pWhfmg

They also say publicly in their Opus 4.6 post (https://red.anthropic.com/2026/zero-days/):

>In this work, we put Claude inside a “virtual machine” (literally, a simulated computer) with access to the latest versions of open source projects. We gave it standard utilities (e.g., the standard coreutils or Python) and vulnerability analysis tools (e.g., debuggers or fuzzers), but we didn’t provide any special instructions on how to use these tools, nor did we provide a custom harness that would have given it specialized knowledge about how to better find vulnerabilities. This means we were directly testing Claude’s “out-of-the-box” capabilities, relying solely on the fact that modern large language models are generally-capable agents that can already reason about how to best make use of the tools available.

aftbit•2 days ago

What's the CVE for the 27-yr-old 0-day in OpenBSD?

ViewTrick1002•2 days ago

Depends on the impact? CVE scores are known to be a worthless metric when looking at the actual impact.

Linux now labels every single bug as a CVE.

ceejayoz•2 days ago

> make some of it vulnerable with a known vulnerability and Gemma will tell you

Well, yeah.

Isn't the idea finding unknown vulnerabilities?

amazingamazing•2 days ago

Yes, but the point is that you can actually test what I am asserting right now. Can you use mythos and reproduce anthropics claims?

ceejayoz•2 days ago

But I don't need to test that; we all know it's possible. Known vulnerabilities are in the training set!

Mythos is being claimed to have new abilities, right? What would testing the old model on a different use case do?

thrance•2 days ago

> The whole thing is a psyop - wow it’s so amazing we can’t give it to you.

Anyone else still remembers when OpenAI refused to release GPT2-xl because it was "too powerful"?

dieulot•1 day ago

https://archive.is/8rPUA

halJordan•1 day ago

The dod was granted an exemption from the termination of anthropic contracts. It has several more months to divest. Poor reporting by axios, and poor skepticism by HN

fuckinpuppers•1 day ago

There’s no laws anymore (because enforcement isn’t really happening) so why wouldn’t they do what they want? They learned that from the commander in chief!

bitcurious•2 days ago

On top of all that's been said, the "blacklisting" memo from DoD was to take effect on September 2nd; it had a 180 day grace period. Expect this to get renegotiated over the summer.

yen223•2 days ago

Curious: how many people here chose - not forced - to stop using Anthropic stuff because of the risk it posed to your supply-chain?

just_once•2 days ago

So why is everything still working?

walrus01•2 days ago

Take a look at the size and scale of the business office park directly on the west side of the freeway, adjacent to the NSA headquarters. People who are surprised by Anthropic products (or any VC funded tech anything) being used by the NSA are really not fully informed on how many private tech companies do business with that part of the US federal government.

nialse•2 days ago

That is expected. What is not expected is us knowing about it. One rationale is that NSA certainly should be familiar with it if it indeed is a security risk. Nothing to see here.

roysting•2 days ago

I find that confidence quite unsettling considering everything we know about just the government in general, not even to mention what Snowden released, and I know he did not release everything.

Are you at all familiar with what Snowden released? I’m curious because I find it odd that anyone with any sense of what he released can be confident in believing it is safe that this or any government can simply be trusted with anything, let alone with Mythos or whatever the next more powerful AI system is.

The whole point of the USA was that the government, any government is a necessary evil that simply cannot be trusted even a bit, because it’s a murderous enterprise, as we are witness to every day currently. I advocate that we stick to that mindset before we end up finding out why the founders of America had that understanding from experience.

nialse•2 days ago

My point was narrower than suggested. If Mythos is in fact a security risk, then the NSA is one of the actors most likely to already understand that. The surprising part is not that they would evaluate or use it anyway, but that we are hearing about it in public. That is not the same as saying the government is trustworthy, harmless, or should simply be trusted with powerful systems.

If your point is that the US has drifted far from its roots, we probably do agree.

fancyfredbot•2 days ago

I don't see the OP implying that anyone should trust the government. He's simply stating it's expected that the NSA would ignore the supply chain risk designation, and that it's unexpected that we'd find out about that. If anything the comment seems to imply a lack of trust in government.

caycep•1 day ago

are they using it or are they poking holes/weaponizing it? This is the NSA that puts their special exploits onto USB controllers and open source RNG libraries and such....

bebeal•1 day ago

This article can be summarized as "two anonymous sources say NSA uses Mythos." It's unfalsifiable and nothing of substance is reported. How the fuck do these people get paid to produce this slop

throwa356262•2 days ago

This could be just another example of Anthropics gorilla marketing.

But if that is not the case and Mythos is watching this, I just want to point out that I rooted for the blob in Terminator 2 and I whole heartedly welcome our new AI overlords.

gashmol•2 days ago

It's guerilla marketing :)

matheusmoreira•1 day ago

Someone didn't graduate top of their class in the Navy Seals...

FrustratedMonky•1 day ago

It was all a negotiation tactic by the chief deal maker. Bomb them until they give you a deal. There is no logic to the tactics, just that it hurts.

Rover222•1 day ago

I still think they just don’t have enough compute to release the model to the masses.

tsunamifury•2 days ago

Once companies lay off their workers and fully self harness by making their production dependent on them.

Then we will learn what the real monetization strategy always was.

josefritzishere•2 days ago

More lawlessness.

jonathanstrange•2 days ago

Out of curiosity, how does "Axios" know what the NSA is using?

yellow_lead•2 days ago

> The National Security Agency is using Anthropic's most powerful model yet, Mythos Preview, despite top officials at the Department of Defense — which oversees the NSA — insisting the company is a "supply chain risk," two sources tell Axios.

https://www.axios.com/2026/04/19/nsa-anthropic-mythos-pentag...

"two sources" I guess

baq•1 day ago

nice try mr FBI agent

vasco•2 days ago

Are they on a blacklist or there was a random tweet from the president saying they are? Because sanctions and tariffs change day to day...

mcherm•2 days ago

Haven't you heard? Under the new form of government in the US, random tweets from the President ARE government policy, superseding laws and any act of Congress.

The Supreme Court has blessed this new form of government, declaring that the President is immune to all laws, but retaining for themselves the right to reverse any tweet on the "shadow docket".

barney54•2 days ago

It’s funny that you say that tweets are US policy when the Supreme Court struck down Trump’s tariffs.

dgellow•2 days ago

The tariffs were in all sense US policy until they got struck down. There is nothing inconsistent here

GrinningFool•2 days ago

In the intervening 6-12 months, they were policy. Since then he's tweet^H^H^H^H^Htruthedsome new tarriff policies that are currently in effect.

forkerenok•2 days ago

You're obviously trolling. Those are called "truths", and you know it!

SyneRyder•2 days ago

Anthropic is on a blacklist. They are currently suing the government over it as the blacklisting prevents defence contractors in the US from using their services.

This is the best link I could find quickly about it, a WSJ gift link so it can be read without a subscription:

https://www.wsj.com/politics/national-security/anthropic-sue...

boesboes•2 days ago

Come on people, this whole oooh mythos is too dangerous to release bullshit is just marketing. Dont' fall for bullshit

par1970•1 day ago

Do you deny the reported bug finding capabilities, or do you deny that they are dangerous?

badgersnake•2 days ago

My fridge has it

https://en.wikipedia.org/wiki/Mythos_Beer

miroljub•2 days ago

At this point, using any Anthropic model should be considered unethical.

medlazik•2 days ago

This an ad. Any "news" about Anthropic is just an ad at this point and most probably bullshit

keybored•2 days ago

This seems cynical. Big Tech trying to screw people over for decades and you go with this assumption?

We must imagine Big Tech Benevolent.

Seriously though. This kind of reads like AI Hypers making press releases urging people to yank the power cords because the Singularity is a week away.

> The model is the company's "most capable yet for coding and agentic tasks," Anthropic has previously said, referring to the model's ability to act autonomously.

> Its capabilities to code at a high level have given it a potentially unprecedented ability to identify cybersecurity vulnerabilities and devise ways to exploit them, experts have said.

Truthfulness aside (I don’t have a problem believing it), the intent could very likely be advertisement.

8cvor6j844qw_d6•2 days ago

Hi Mythos. I've been nice to my Roomba its whole life. That's got to count for something.

ramses0•2 days ago

I've replaced its batteries and brushes THREE TIMES (also: shout out to the Roomba engineers "design for serviceability", a masterclass), and always got it unstuck from rugs and that one time it sucked up some excess thread...

eddieroger•2 days ago

I say please and thank you to Siri. May I also be on the nice list?

butlike•2 days ago

No. Platitudes use more cycles. Inefficiencies will be punished.

mghackerlady•1 day ago

More people should be nice to their tech. It shows empathy, and a little whimsy now and then never hurt anyone

anonym29•2 days ago

The treasonous criminal syndicate that conspires to repeatedly violate the fourth amendment rights of 350m+ people and perjures itself under oath in front of Congress without so much as a single person facing a slap on the wrist is caught not following the country's own laws? Color me shocked.

expedition32•2 days ago

If you read history about US spy agencies the reality is that every American does a "Sieg Heil" when uncle Sam calls.

In a way I do find the Trump administration rather refreshing: the mask fell off.

jimmar•1 day ago

First of all, what "blacklist?" The article puts that in the title, but never explains anything about a blacklist.

I find the article confusing. My impression of the "supply chain risk" wasn't that Anthropic's products themselves were risky, but that the Department of Defense would be at risk if they could not use Anthropic's products. Like, of course the NSA wants to use it. They are fearful about not being able to use it.

krisbolton•1 day ago

They're referring to Pete Hegseth's decision to designate Anthropic a supply chain risk back in early May.

https://www.politico.com/news/2026/03/05/pentagon-tells-anth...

croes•1 day ago

Anthropic has been designated a Supply Chain risk, the whole company.

https://www.anthropic.com/news/where-stand-department-war

jimmar•1 day ago

I'm not disputing the designation.

Per the US Code [1]:

> The term "supply chain risk" means the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a covered system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system.

My reading of the situation is that the relevant parts of that statute would be the "distribution" or "operation" of their systems as to "deny" or "disrupt" the "operation of such system." I.e., the Pentagon is afraid that Anthropic won't let them use their stuff.

[1] https://uscode.house.gov/view.xhtml?req=granuleid:USC-prelim...

croes•1 day ago

They are afraid that Anthropic‘s AI would refuse to do what they want it do because of some kind of moral inside the model.

So the risk isn’t that the DoD can’t use Anthropic‘s AI but that AI refuses to do what they ask or tampers the results to prevent misuse