Nobody@lemmy.world to Linux@lemmy.ml · 17 hours agoThe zero-days are numbered | The Mozilla Blog - Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation [of Mythos Preview]blog.mozilla.orgexternal-linkmessage-square36fedilinkarrow-up1124cross-posted to: technology@lemmy.worldfirefox@fedia.io
arrow-up1124external-linkThe zero-days are numbered | The Mozilla Blog - Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation [of Mythos Preview]blog.mozilla.orgNobody@lemmy.world to Linux@lemmy.ml · 17 hours agomessage-square36fedilinkcross-posted to: technology@lemmy.worldfirefox@fedia.io
minus-squaredb2@lemmy.worldlinkfedilinkarrow-up8·16 hours agoSlopzilla Slopfox 🙄 This isn’t going to end well.
minus-squareAlex@lemmy.mllinkfedilinkarrow-up15·15 hours agoIf it’s finding valid vulnerabilities then it’s just another tool like static analysis, fuzzers and sanitizers. There definitely seems to be a difference in quality compared to earlier generations that were behind the sloppy avalanch of reports.
minus-squaresem@piefed.blahaj.zonelinkfedilinkEnglisharrow-up4·6 hours agoInstead of 271 vulns, it was more like 2 vulns, found 271 different times. Here’s a o good article about it https://www.flyingpenguin.com/the-boy-that-cried-mythos-verification-is-collapsing-trust-in-anthropic/
minus-squareVincent@feddit.nllinkfedilinkarrow-up1·55 minutes agoI don’t think these are all Mythos, but it’s more than 2 fixes: https://infosec.exchange/@tomrittervg/116443139069130293
minus-squareMentalEdge@sopuli.xyzlinkfedilinkarrow-up6·14 hours agoThere’s a difference between using AI to apply fixes for problems, and using AI to find problems that you didn’t know about. Mythos does the latter, not the former.
minus-squaredb2@lemmy.worldlinkfedilinkarrow-up2·14 hours agoIt’s only a matter of time until they decide it should do both and it makes a mess. Calling it now.
minus-squareFauxLiving@lemmy.worldlinkfedilinkarrow-up4·14 hours agoYes, the sky is falling, AI is ending the world, slopslopslop, etc We know the bit.
Slopzilla Slopfox 🙄
This isn’t going to end well.
If it’s finding valid vulnerabilities then it’s just another tool like static analysis, fuzzers and sanitizers. There definitely seems to be a difference in quality compared to earlier generations that were behind the sloppy avalanch of reports.
Instead of 271 vulns, it was more like 2 vulns, found 271 different times.
Here’s a o good article about it https://www.flyingpenguin.com/the-boy-that-cried-mythos-verification-is-collapsing-trust-in-anthropic/
I don’t think these are all Mythos, but it’s more than 2 fixes: https://infosec.exchange/@tomrittervg/116443139069130293
There’s a difference between using AI to apply fixes for problems, and using AI to find problems that you didn’t know about.
Mythos does the latter, not the former.
It’s only a matter of time until they decide it should do both and it makes a mess. Calling it now.
Yes, the sky is falling, AI is ending the world, slopslopslop, etc
We know the bit.