Nobody@lemmy.world to Linux@lemmy.ml · 7 days agoThe zero-days are numbered | The Mozilla Blog - Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation [of Mythos Preview]blog.mozilla.orgexternal-linkmessage-square48fedilinkarrow-up1194arrow-down111cross-posted to: technology@lemmy.world
arrow-up1183arrow-down1external-linkThe zero-days are numbered | The Mozilla Blog - Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation [of Mythos Preview]blog.mozilla.orgNobody@lemmy.world to Linux@lemmy.ml · 7 days agomessage-square48fedilinkcross-posted to: technology@lemmy.world
minus-squaredb2@lemmy.worldlinkfedilinkarrow-up10arrow-down21·7 days agoSlopzilla Slopfox 🙄 This isn’t going to end well.
minus-squareAlex@lemmy.mllinkfedilinkarrow-up16arrow-down4·7 days agoIf it’s finding valid vulnerabilities then it’s just another tool like static analysis, fuzzers and sanitizers. There definitely seems to be a difference in quality compared to earlier generations that were behind the sloppy avalanch of reports.
minus-squaresem@piefed.blahaj.zonelinkfedilinkEnglisharrow-up6·7 days agoInstead of 271 vulns, it was more like 2 vulns, found 271 different times. Here’s a o good article about it https://www.flyingpenguin.com/the-boy-that-cried-mythos-verification-is-collapsing-trust-in-anthropic/
minus-squareVincent@feddit.nllinkfedilinkarrow-up1·6 days agoI don’t think these are all Mythos, but it’s more than 2 fixes: https://infosec.exchange/@tomrittervg/116443139069130293
minus-squareMentalEdge@sopuli.xyzlinkfedilinkarrow-up6arrow-down3·7 days agoThere’s a difference between using AI to apply fixes for problems, and using AI to find problems that you didn’t know about. Mythos does the latter, not the former.
minus-squaredb2@lemmy.worldlinkfedilinkarrow-up3arrow-down8·7 days agoIt’s only a matter of time until they decide it should do both and it makes a mess. Calling it now.
minus-squareFauxLiving@lemmy.worldlinkfedilinkarrow-up5arrow-down6·7 days agoYes, the sky is falling, AI is ending the world, slopslopslop, etc We know the bit.
minus-squareArtVandelay@lemmy.worldlinkfedilinkEnglisharrow-up1·6 days agoLook, I’m all for fuck AI, but this isn’t that.
Slopzilla Slopfox 🙄
This isn’t going to end well.
If it’s finding valid vulnerabilities then it’s just another tool like static analysis, fuzzers and sanitizers. There definitely seems to be a difference in quality compared to earlier generations that were behind the sloppy avalanch of reports.
Instead of 271 vulns, it was more like 2 vulns, found 271 different times.
Here’s a o good article about it https://www.flyingpenguin.com/the-boy-that-cried-mythos-verification-is-collapsing-trust-in-anthropic/
I don’t think these are all Mythos, but it’s more than 2 fixes: https://infosec.exchange/@tomrittervg/116443139069130293
There’s a difference between using AI to apply fixes for problems, and using AI to find problems that you didn’t know about.
Mythos does the latter, not the former.
It’s only a matter of time until they decide it should do both and it makes a mess. Calling it now.
Yes, the sky is falling, AI is ending the world, slopslopslop, etc
We know the bit.
Look, I’m all for fuck AI, but this isn’t that.
It will be. You’ll see.