Jeff Bennett:
Anthropic announced this week that it has begun limited testing of its latest AI model, called Mythos. According to the company, it is extremely powerful and could cause widespread disruption if released to the public.
Logan Graham, anthropologist:
It is generally better to pursue very long-term tasks, such as those that human security researchers do all day long.
Obviously, the features of such models can be harmful in the wrong hands. Therefore, we will not widely release this model.
Jeff Bennett:
So far, Anthropic has provided access to Mythos to more than 40 tech companies, including some rivals, so they can test Mythos and identify vulnerabilities across their systems. But even that move is raising concerns.
To find out more about all this and its implications, we speak to Gerrit De Vynck, who covers AI at The Washington Post.
Thank you for joining us.
Gerrit de Vink, Washington Post technology reporter:
of course.
Jeff Bennett:
So please understand the concern here. What specifically makes this model different from other AI models, and frankly, why is there so much fear around it?
Gerrit de Vink:
A particular concern raised here is that this model is very good at finding gaps in software that hackers can exploit.
I mean, right now, all software has bugs, but software is so complex that you have to really understand what you’re doing to sift through all the code and find something that can be used to hack into your system.
And what Anthropic and some of the independent cybersecurity experts that they’ve given access to this model are saying is that this basically allows them to do that automatically. It can sift through all kinds of code. What might take a skilled person months to do can be done in minutes or hours.
The concern here is that if this were released to the public, anyone could use it and anyone who wanted to hack into any kind of software for any reason would be able to do so using this technology. And that’s why the company says it’s keeping it a secret, at least for now.
Jeff Bennett:
It is kept secret, but as mentioned earlier, it has also given access to about 40 other companies, including Microsoft and Nvidia, in part to strengthen their own cyber defenses.
What do we know about that decision? Does sharing more widely actually reduce risk or potentially increase risk?
Gerrit de Vink:
Yes, I mean, there’s a bit of precedent in cybersecurity.
A lot of times, when one company notices that another company’s software is missing something, rather than just releasing it to the public and creating a situation where that company could be hacked, they kind of sit behind the scenes and say, “Hey, guys, we found this.” You might want to fix this problem before the rest of the world figures it out.
So I think it’s kind of a tradition of them doing this. But, of course, some say, “All the powerful technology companies now have access to supposedly very powerful tools for cybersecurity.” Well, it’s powerful for other things too, and other things you can use to grow your business or get an edge in other companies, right?
So, there have been some complaints that if this is really something great, why not let the whole world actually see it with their own eyes and then we can decide what to do with it?
Jeff Bennett:
Logan Graham, one of Anthropic’s researchers, suggested that once fully released, the AI program could force widespread software updates and ultimately expose weaknesses everywhere.
Is that a realistic scenario or is he exaggerating it in some way?
Gerrit de Vink:
Yes, potentially.
So it’s difficult because there are no companies other than these companies that have actually been able to get their hands on it.
And I think we always have to discount these big AI companies. This isn’t the first time an AI company has said, “Oh my god, our new technology is so powerful that we should be afraid of it.”
You know, this is good marketing. Because if something is powerful enough to change the world or cause chaos, it is also very powerful in other things. And I think we need to be careful.
I’m not — I’m not necessarily saying Anthropic is lying or misleading the public here. I believe they are very valid in these concerns. But I think we’re already in a pretty bad place with cybersecurity. In other words, everyone has been hacked at least once.
If someone really wants to get into software systems, they can probably do it given the resources and incentives. We already live in a world where software is broken and needs to be constantly updated, right?
Every time you open your operating system, you’ll probably receive a message asking you to update the apps on your computer. That’s because of the current cybersecurity situation.
And just as this Mythos technology can be used to hack into computers, it can also be used to protect against hacking. And a lot of cybersecurity experts are saying, “Yes, this is concerning, but we can also use this technology.” Good people can also use it to protect us.
So the balance of power that we currently have will not necessarily change completely.
Jeff Bennett:
Well, tell me more about that. Because there’s this strange disconnect where AI companies themselves are warning of the potential dangers. And that’s because AI companies are also racing to release more powerful systems at the same time. What is the reason?
Gerrit de Vink:
Yes, I mean, I think it’s very easy to point that out and say, “What’s really going on here?”
And I think each AI company is a little different. They have different incentives. But it’s true. So they’re all in this very competitive race to build the best AI systems. These are very expensive to train. Each new version of this AI technology costs hundreds of millions of dollars to develop.
And very few companies can do that. And the entire technology industry agrees that this is probably the most important technology to emerge since the Internet itself. Huge amounts of money are being invested in the development of this technology.
At the same time, many people who work at these companies legitimately believe that there are concerns that this could be used for cybersecurity, that it could be used for misinformation. Some even believe that in a few years, it could become so intelligent that humanity may have difficulty controlling it.
So I think these are real beliefs that some people in these companies have. Nevertheless, they are locked into this competitive dynamic.
Jeff Bennett:
Gerrit De Vynck covers AI for The Washington Post.
Gerrit, thank you for being with us.
