Every time I hear the warnings about the current or next big thing in Artificial Intelligence, I’m reminded of the Surgeon General’s warnings that are printed on packs of cigarettes. I’m also reminded of every new fad I’ve seen in my lifetime, that might have inched over into a trend, but eventually ended up waiting for its turn on the nostalgia wheel of time.
As the world was holding its breath from the civilization destroying threats that sprung forth from the mind of the U.S. President, and then exhaling as they turned into the latest episode of “Bluff, Bluster, and Bullshit,” we were learning about a new AI leap and threat from Anthropic potentially as dire, called Claude Mythos Preview. To get ahead of any damage this coming attraction might visit upon us, Anthropic created Project Glasswing. Given that the raving lunatic in the White House came to power a second time with a civilization destroying manual in hand called Project 2025, I’m more than a bit leery of anything with a title that leads with the word “Project.”
From what I’ve read, Mythos is the latest innovation in Anthropic’s flavor of Artificial Intelligence. It is so powerful that it has sought out and found vulnerabilities in so much of the software the world runs on, that Anthropic is only releasing it to a hand full of companies (Apple, Microsoft, Google, Broadcom, JPMorganChase, the Linux Foundation, NVIDIA, and more.) That’s Project Glasswing. Tech overlords uniting to protect us from themselves. (The lawyers will have a field day.)
Anthropic, having been declared by the U.S. as an unacceptable national security threat and supply chain risk, nevertheless is also working with the U.S. Government. Somehow security and existential threats always seem to become negotiating partners with their foes when money is at stake. Also occasionally when global annihilation is knocking on the door.
The way I interpret the idea behind Project Glasswing is that these companies, and presumably governments, might use Mythos to seek out all of the vulnerabilities, and perhaps obliterate them (I use that in the Trumpian and Hegsethian sense) before they can filter down into things like power grids, banking systems, and consumer use. It can supposedly do this at a scale humans can’t. Note that Mythos discovered problems in every operating system and, on a level both big and small, the constantly updating browsers we use on our computers.
During our testing, we found that Mythos Preview is capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser when directed by a user to do so. The vulnerabilities it finds are often subtle or difficult to detect.
I think of it this way. Announcing the existence of Mythos is akin to seeing surveillance photos of nuclear missiles pointed in your direction. I’d call it an “Oh, shit” moment.
If you ask me Mythos is also exposing quite a few myths as well as vulnerabilities. The sound you hear is PR slide decks about security enhancements in the latest releases of current software being furiously redone.
As M.G. Siegler puts it,
Historically, many vulnerabilities have been fixed only after someone exploited them in some way. Again, that’s because the incentives are in favor of the attacker versus the defender. If and when Mythos-caliber tools are put in the hands of hackers… yeah.
That’s obviously exactly why Anthropic isn’t releasing Mythos to the public and also why they’ve set up Glasswing. While the company may be first to such capabilities, they won’t be the last. They probably don’t even have long to try to get ahead of the situation. While I generally dislike the nuclear weapons analogy for AI, I must admit, this all does feel a bit Manhattan Project-y. The good guys are racing against the clock to implement a new technology before the bad guys catch up. But they will. They always do.
Yeah, that sounds problematic.
Paul Krugman took a break from agonizing and writing about the situation in the Middle East and weighed in with this,
The good news is that Anthropic discovered in the process of developing Claude Mythos that the A.I. could not only write software code more easily and with greater complexity than any model currently available, but as a byproduct of that capability, it could also find vulnerabilities in virtually all of the world’s most popular software systems more easily than before.
The bad news is that if this tool falls into the hands of bad actors, they could hack pretty much every major software system in the world, including all those made by the companies in the consortium.
So, there’s plenty of doom floating around, along with the now clichéd approach to all things AI, that there’s good tech behind all of the bad things that the tech can do. Note that the profits from tobacco helped found the U.S. and twisted science and politics into knots trying not to end up on the ash heap.
I’ve largely stayed away from playing with any of these AI tools and toys, but I follow the news of the advances on all fronts, and those who do play around with it because, like it or not, those who run the world have decided this is our future.
I’ll be honest. Hallucinations aside, I don’t know enough rather or not to trust the software. I have my doubts and I do have fears about the tech. Project Glasswind might be a noble effort. Yet, with a clear mind, I do know enough not to trust any of the humans running the show. Frankly, it feels like they don’t know enough to trust the software either, much less to protect their and our systems from being destroyed by some kid in a basement.
As Natasha MH puts it, not writing about Mythos specifically, but about Artificial Intelligence in general, AI didn’t make you stupid. You were already getting there.
You can also find more of my writings on a variety of topics on Medium at this link, including in the publications Ellemeno and Rome. I can also be found on social media under my name as above.
Life on the Wicked Stage: Act 3 