I've been brewing on this topic since Mythos preview was announced. As Mythos got finally released, then banned, then released again under U.S. government control, it was time to finally flesh it out and use it as a way to exit the lurker-zone on HN !
I was actually pleased to see OpenAI openly (although timidly) complaining about the situation in their latest announcement, framing it as an unsustainable system.
One can only guess the outrage in the news if the Chinese government had been the first to pull this kind of stunt.
> outrage in the news if the Chinese government had been the first to pull this kind of stunt.
I suspect that the Chinese government "pulls this kind of stunt" often but just nobody ever hears about it because their society is not free to complain about such a thing publicly.
The fear porn around this all has been horrible. I work in Cybersecurity and Mythos is all the vendors will talk about because they want to sell something. It started the day of the announcement which is what told me it was all BS. They had no information about it yet would happily tell me about all their solutions for it.
Anyone in my profession worth a damn will tell you the vast majority of security issues are related to bad configurations and bad practices + accidents and bad luck. Vulnerable software is a problem but basic defense in depth will either mitigate or drastically reduce attack surface. Mythos does nothing to change that.
The technical debt at companies is the largest security threat. That, and layer 8 which is the people factor. The amount of silliness I've seen from people and companies as a whole is truly hard to verbalize. I've seen banks that gave every employee from the janitor up to the CEO domain admin access due to a crappy application that was written in 2004 that they never updated. I've seen a fortune 250 company write its own internal routing protocol that was basically clear text traffic that dated back to the 1990's and was never retired because, why not. I've seen contractors infect entire fab's in the chip industry because they plugged an infected USB stick into a 30 year old tool that hadn't seen an update in over 20. Then when the fab came back up, they did it again the next day.
Ultimately, Mythos is just another tool in the toolbox. It's great to find new vulns but it is incredibly short sighted to think it will move the needle in any meaningful way in the security industry.
Forget whether it is Mythos or GPT 5.6, or any other specific model. SOTA models have tool likely have the knowledge and capability to create zero days from nearly every discovered and many undiscovered vulnerabilities. In the wrong hands can deploy and generate malware and submarine code that would go undetected behind secured systems. Add in the ability to clone voices, create mass social engineering campaigns.
Yet "Just another tool in the toolbox." I mean, that's not wrong!
The actual story here: The Trump administration is going to choose which organizations get access to which AI models when.
This will establish an asymmetry where the chosen organizations get to secure their stuff and break other people’s systems with each new model release.
If you believe the “good guys” will be the ones given asymmetric offensive access, then you’re either severely misinformed or support things like ethnic cleansing (which these models are already being used for).
Mythos’ slightly higher performance is a nothing burger. It is not even the current top model. According to anthropic, gpt 5.5 is!
Personally, I’m switching to open weight models asap, and probably will start sending money to Chinese vendors since they have values more compatible with western democracy.
I was actually pleased to see OpenAI openly (although timidly) complaining about the situation in their latest announcement, framing it as an unsustainable system.
One can only guess the outrage in the news if the Chinese government had been the first to pull this kind of stunt.
I suspect that the Chinese government "pulls this kind of stunt" often but just nobody ever hears about it because their society is not free to complain about such a thing publicly.
Anyone in my profession worth a damn will tell you the vast majority of security issues are related to bad configurations and bad practices + accidents and bad luck. Vulnerable software is a problem but basic defense in depth will either mitigate or drastically reduce attack surface. Mythos does nothing to change that.
The technical debt at companies is the largest security threat. That, and layer 8 which is the people factor. The amount of silliness I've seen from people and companies as a whole is truly hard to verbalize. I've seen banks that gave every employee from the janitor up to the CEO domain admin access due to a crappy application that was written in 2004 that they never updated. I've seen a fortune 250 company write its own internal routing protocol that was basically clear text traffic that dated back to the 1990's and was never retired because, why not. I've seen contractors infect entire fab's in the chip industry because they plugged an infected USB stick into a 30 year old tool that hadn't seen an update in over 20. Then when the fab came back up, they did it again the next day.
Ultimately, Mythos is just another tool in the toolbox. It's great to find new vulns but it is incredibly short sighted to think it will move the needle in any meaningful way in the security industry.
Yet "Just another tool in the toolbox." I mean, that's not wrong!
This will establish an asymmetry where the chosen organizations get to secure their stuff and break other people’s systems with each new model release.
If you believe the “good guys” will be the ones given asymmetric offensive access, then you’re either severely misinformed or support things like ethnic cleansing (which these models are already being used for).
Mythos’ slightly higher performance is a nothing burger. It is not even the current top model. According to anthropic, gpt 5.5 is!
Personally, I’m switching to open weight models asap, and probably will start sending money to Chinese vendors since they have values more compatible with western democracy.