Nobody@lemmy.world to Linux@lemmy.ml · 3 days agoThe zero-days are numbered | The Mozilla Blog - Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation [of Mythos Preview]blog.mozilla.orgexternal-linkmessage-square48fedilinkarrow-up1190arrow-down110cross-posted to: firefox@lemmy.ml
arrow-up1180arrow-down1external-linkThe zero-days are numbered | The Mozilla Blog - Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation [of Mythos Preview]blog.mozilla.orgNobody@lemmy.world to Linux@lemmy.ml · 3 days agomessage-square48fedilinkcross-posted to: firefox@lemmy.ml
minus-squaredb2@lemmy.worldlinkfedilinkarrow-up10arrow-down21·3 days agoSlopzilla Slopfox 🙄 This isn’t going to end well.
minus-squareAlex@lemmy.mllinkfedilinkarrow-up16arrow-down4·3 days agoIf it’s finding valid vulnerabilities then it’s just another tool like static analysis, fuzzers and sanitizers. There definitely seems to be a difference in quality compared to earlier generations that were behind the sloppy avalanch of reports.
minus-squaresem@piefed.blahaj.zonelinkfedilinkEnglisharrow-up5·2 days agoInstead of 271 vulns, it was more like 2 vulns, found 271 different times. Here’s a o good article about it https://www.flyingpenguin.com/the-boy-that-cried-mythos-verification-is-collapsing-trust-in-anthropic/
minus-squareVincent@feddit.nllinkfedilinkarrow-up1·2 days agoI don’t think these are all Mythos, but it’s more than 2 fixes: https://infosec.exchange/@tomrittervg/116443139069130293
minus-squareArtVandelay@lemmy.worldlinkfedilinkEnglisharrow-up1·2 days agoLook, I’m all for fuck AI, but this isn’t that.
minus-squareMentalEdge@sopuli.xyzlinkfedilinkarrow-up6arrow-down3·3 days agoThere’s a difference between using AI to apply fixes for problems, and using AI to find problems that you didn’t know about. Mythos does the latter, not the former.
minus-squaredb2@lemmy.worldlinkfedilinkarrow-up3arrow-down8·3 days agoIt’s only a matter of time until they decide it should do both and it makes a mess. Calling it now.
minus-squareFauxLiving@lemmy.worldlinkfedilinkarrow-up5arrow-down6·3 days agoYes, the sky is falling, AI is ending the world, slopslopslop, etc We know the bit.
Slopzilla Slopfox 🙄
This isn’t going to end well.
If it’s finding valid vulnerabilities then it’s just another tool like static analysis, fuzzers and sanitizers. There definitely seems to be a difference in quality compared to earlier generations that were behind the sloppy avalanch of reports.
Instead of 271 vulns, it was more like 2 vulns, found 271 different times.
Here’s a o good article about it https://www.flyingpenguin.com/the-boy-that-cried-mythos-verification-is-collapsing-trust-in-anthropic/
I don’t think these are all Mythos, but it’s more than 2 fixes: https://infosec.exchange/@tomrittervg/116443139069130293
Look, I’m all for fuck AI, but this isn’t that.
It will be. You’ll see.
There’s a difference between using AI to apply fixes for problems, and using AI to find problems that you didn’t know about.
Mythos does the latter, not the former.
It’s only a matter of time until they decide it should do both and it makes a mess. Calling it now.
Yes, the sky is falling, AI is ending the world, slopslopslop, etc
We know the bit.