Are you at all familiar with what Snowden released? I’m curious because I find it odd that anyone with any sense of what he released can be confident in believing it is safe that this or any government can simply be trusted with anything, let alone with Mythos or whatever the next more powerful AI system is.
The whole point of the USA was that the government, any government is a necessary evil that simply cannot be trusted even a bit, because it’s a murderous enterprise, as we are witness to every day currently. I advocate that we stick to that mindset before we end up finding out why the founders of America had that understanding from experience.
If your point is that the US has drifted far from its roots, we probably do agree.
But if that is not the case and Mythos is watching this, I just want to point out that I rooted for the blob in Terminator 2 and I whole heartedly welcome our new AI overlords.
We must imagine Big Tech Benevolent.
Seriously though. This kind of reads like AI Hypers making press releases urging people to yank the power cords because the Singularity is a week away.
> The model is the company's "most capable yet for coding and agentic tasks," Anthropic has previously said, referring to the model's ability to act autonomously.
> Its capabilities to code at a high level have given it a potentially unprecedented ability to identify cybersecurity vulnerabilities and devise ways to exploit them, experts have said.
Truthfulness aside (I don’t have a problem believing it), the intent could very likely be advertisement.
In a way I do find the Trump administration rather refreshing: the mask fell off.
> The National Security Agency is using Anthropic's most powerful model yet, Mythos Preview, despite top officials at the Department of Defense — which oversees the NSA — insisting the company is a "supply chain risk," two sources tell Axios.
I find the article confusing. My impression of the "supply chain risk" wasn't that Anthropic's products themselves were risky, but that the Department of Defense would be at risk if they could not use Anthropic's products. Like, of course the NSA wants to use it. They are fearful about not being able to use it.
Per the US Code [1]:
> The term "supply chain risk" means the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a covered system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system.
My reading of the situation is that the relevant parts of that statute would be the "distribution" or "operation" of their systems as to "deny" or "disrupt" the "operation of such system." I.e., the Pentagon is afraid that Anthropic won't let them use their stuff.
[1] https://uscode.house.gov/view.xhtml?req=granuleid:USC-prelim...
https://www.politico.com/news/2026/03/05/pentagon-tells-anth...
So the risk isn’t that the DoD can’t use Anthropic‘s AI but that AI refuses to do what they ask or tampers the results to prevent misuse
Clear enough?
The NSA doesn’t care about day to day temper tantrums of political branches, they have work to do and they will use the best tools available to accomplish that work.
Gets labelled supply chain risk by the pentagon. Hypes up what they claim to be the most advanced hacking tool on the planet. This puts the US government into a loose / loose position. Either deny the NSA access to it, or be called out on their bluff.
Isn’t that just the same strategy OpenAI has used over and over? Sam Altman is always “OMG, the new version of ChatGPT is so scary and dangerous”, but then releases it anyway (tells you a lot about his values—or lack thereof) and it’s more of the same. Pretty sure Aesop had a fable about that. “The CEO who cried ‘what we’ve made is too dangerous’”, or something.
One of the many reasons nobody should give Scam Altman their money. It's continually infuriating that this serial grifter is in such a position of power.
Certainly it’s a strategy OpenAI has used before, and when they did so it was a lie. Altman’s dishonesty does not mean it can never be true, however.
You might even call it... a tight spot
Barring any limitations of my understanding, the Mythos model weights are probably in the realm of a few TB. Any actor with access to the weights + a single beefy NVIDIA cluster and a few intelligent folks is all it takes to gain access to Mythos.
Cost of infra < $5 million (guesstimate). Imagine someone pulling that off by gaining access to the weights - which would be a monumental challenge, but likely less complicated than re-acquiring enriched substances from the gulf nation under attack right now. It would be the heist of the century.
Proceeds to write the hypiest comment possible. No substantial claims of why the model is not hype, just how dangerous it would be if the weights leaked and how cheap it would be for anyone to just start using it for EVIL if it ever did.
This was a point in the AI 2027 videos you see on youtube. That model weights would be a subject of active attack by nation states and that governments would start requiring AI companies to treat them like munitions when securing them.
In an alternate universe, opus 4.7 is sonnet 5, and Mythos is released as Opus. Can you imagine how much praise would be heaped on Anthropic if it opus 4.7 was < half the price it is now?
Fun fact, the model isn't quite the important part for Glasswing, someone took the ideas, and made their own open alternative, you can swap out models and find issues in code using clearwing. I haven't had a chance to personally test it, but it makes a lot of sense to me.
Governments are difficult customers for software firms, as most military folks get an obscure exemption from copyright law at work. Anthropic finding other revenue sources is a good choice, if and only if the product has actual utility (search is an area LLM are good at.) =3
Private companies make products. When those products were plowshares or swords or missiles, the company didn't really have a say over how they were used, and could be compelled by the government to supply them. Now that new cloud and AI products that increase government command abilities live on servers controlled by private companies, private companies think they can tell government what to do and not do. No government will accept that, because the essence of government is autocratic sovereignty: the sovereign commands and is not commanded.
Maybe not "completely out", but at least not having enough available capacity to release a model way bigger than Opus publicly.
The more interesting one is:
1. Assuming even incremental AI coding intelligence improvements
2. Assuming increased AI coding intelligence enables it to uncover new zero day bugs in existing software
3. Then open source vs closed source and security/patch timelines will all need to fundamentally change
And the driver for (3) is the previous two enabling substitution of compute (unlimited) for human security researcher time (limited).
Which begs questions about whether closed source will provide any protection (it doesn't appear so, given how able AI tools already are at disassembly?), whether model rollouts now need to have a responsible disclosure time built in before public release, and how geopolitics plays into this (is Mythos access being offered to the Chinese government?).
It'll be curious what happens when OpenAI ships their equivalent coding model upgrade... especially if they YOLO the release without any responsible disclosure periods.
Disassembly implies that you're still distributing binaries, which isn't the case for web-based services. Of course, these models can still likely find vulnerabilities in closed-source websites, but probably not to the same degree, especially if you're trying to minimize your dependency footprint.
If that's your concern, shareware industry developed tools to obfuscate assembly even from the most brilliant hackers.
"It's so dangerous that we'll only release it mostly to the companies that have some financial stake in our company"
We don't owe anthropic anything, including benefit of the doubt. They're here to sell products, any other mission statement is a convenience for them.
You mean the obvious commercial losses caused by keeping an expensively created product effectively off the market altogether?
What the actual fuck is with people who come up with stuff like this?
Now if only the NSA would vet key people in our government, there should be no reason a foreign entity can just hack the FBI director's personal GMAIL, the NSA should be trying to break into their accounts before our enemies do. It's ridiculous that they're not already doing this.
They probably did that for a while.
Sadly, they as an agency were un-vettable to the general public, and abused that position to create tons of blatantly unconstitutional programs that they tried to hide.
The government is the one that said it didn't want/couldn't use this "weapon."
Technically, the Pentagon did. I don’t know if that’s legally binding on the NSA.
Does that seem plausible to anyone else? It runs on their cloud. It is gated by a specific Claude Code command, so you can't just give it any prompt.
I have no reason to believe that the next generation won’t offer similar gains in verification, and there is some evidence to support that the cybersecurity implications are the result of exactly this expansion of ability.
They can name that user-facing ultrareview API endpoint whatever they want, and we have no way to see what model endpoint it calls internally once running on their cloud, right?
Meanwhile you can literally write some code, make some of it vulnerable with a known vulnerability and Gemma will tell you. You can go and try it now.
There’s nothing mystique about it. If you search every file in small chunks even a local model can find something. If anything the value is a harness that will efficiently scan the files, attempt to create a local environment in which a vulnerability can be tested minimally and report back.
The big advance that they are claiming with Mythos is the ability to triage all the hundreds of candidate vulns and automatically generate exploits to prove that the real ones are real. And if they’re really finding 27-yr-old 0-days in OpenBSD, then it’s not just hype.
Anyone else still remembers when OpenAI refused to release GPT2-xl because it was "too powerful"?
Well, yeah.
Isn't the idea finding unknown vulnerabilities?
Then we will learn what the real monetization strategy always was.
The Supreme Court has blessed this new form of government, declaring that the President is immune to all laws, but retaining for themselves the right to reverse any tweet on the "shadow docket".
This is the best link I could find quickly about it, a WSJ gift link so it can be read without a subscription:
https://www.wsj.com/politics/national-security/anthropic-sue...
https://www.axios.com/2026/04/19/nsa-anthropic-mythos-pentag...
"two sources" I guess
Its broad daylight mafia state, the way they operate. 15 years ago Fox News tried to generate outrage because obama wore tan suit.
"I am willing to risk the giving up of my Rights and Privileges as a Citizen for our Great Military and Country! Our Military Patriots desperately need FISA 702, and it is one of the reasons we have had such tremendous SUCCESS on the battlefield."
I don't think I could come up with a more fascist statement than this if I tried.
He cares about perceptions of him. He cares about power and money.
But past that it's literally... whoever was last in the room with him. Which in this case was obviously Palantir. And 50 days ago was Hegseth.
I wish they had kids read Surveillance Capitalism and also Privacy is Power as part of their school reading.
Accelerationism is a strategy, not an ideology. Two accelerationists might have directly opposed beliefs and goals.
AI is already superhuman at reading and understanding assembly and decompilation output, especially for obfuscated binaries. I have tried giving the same binary with and without heavy control flow obfuscation to the same model, and it was able to understand the obfuscated one just fine.
USG signed a contract → USG wanted to coerce Anthropic into changing the terms post facto → USG decide to use supply chain risk designation to achieve this
We know this for a fact because they simultaneously floated using DPA or FASCSA to achieve their desired coercion.
There was a story the other day about others finding the same bugs with qwen.
- US democracy rating is way down.
- Pardons way up.
- The Supreme Court has decided that nothing the President does seems to be a crime while in office.
"The President of the US, the Secretary of Defense, Iranian Prime Minister walk into a bar..."
There are truly evil people in this world, way worse than we probably realize. Our military is not perfect, our country is not perfect, no country or military is, but we generally do our very best to do what is right historically speaking. It's hard to see that if you get lost in the politics of things.
or there's a much simpler explanation: the awful things we do very visibly (or simply casually declassify and admit to decades later¹) are a perfectly reasonable basis to condemn basically the entire history of this country and there's no reason to believe in some sort of political dark matter that balances the moral equation.
¹ for instance, if you were right, you'd think there'd be more widely-agreed success stories coming out like this, but no, it tends to be more in the vein of "we destabilized another democratically elected government because that's not the side we think should have won". i wonder what's up with that
I know it's not realistic at this point, but I really hope the Chinese labs will release models that run local and are on par with the abilities of frontier models. That is, I hope the idea of frontier models goes away. Because if not, what we're looking at is a seriously bleak outlook with respect to economic freedom for anyone outside the 0.1%. We may even be looking at out and out lack of economic viability for vast segments of the population.
Linux now labels every single bug as a CVE.
Prior to the released of GPT-5, Sam said he was scared of it and compared it to the Manhattan Project.
A Zamboni has a "conditioner" at the rear that contains a sharp horizontal blade that shaves the ice as the machine runs across the ice. The blade is a bit like a very wide wood-plane. It is sharp and controlled to be a little below the current surface of ice. The shavings are moved to a waste tank using an internal horizontal auger and vertical auger.
You usually couldn't get near enough to the blade to have a close enough shave for it to harm you. However I'm guessing a Zamboni could hurt you in other ways.
Disclaimer: I only skimmed the details . . . I'm sure applying the right amount of intelligence could discover harmful means.
The same way as there has been a left-wing socialism and a right-wing socialism, which in the case of inter-war France (for example) ended up with the Ni droite, Ni gauche slogan. But I can understand that the audience here is not that willing to embrace dialectic thinking, even though discussing about politics of the last 200 years or so without involving said dialectic thinking would be a futile thing.
Mythos is being claimed to have new abilities, right? What would testing the old model on a different use case do?
If you believe this is some sort of early superhuman thinking machine in the works, you might be able to believe that it's capable of removing a few heads of the hydra while still exploiting it for growth.
But who knows? Maybe it's incentivised to collect even more data on the US people, and become more of a Big Brother than the NSA ever was?
Good riddance. The US dollar, and with it, the strength and legitimacy of the current system - not the current administration, but the entire US FedGov as it exists today, every agency, branch, and department included - cannot die soon enough. Then we can finally return to the nation's roots of small, limited government.
Also by that logic all taxation is theft, which sure buddy, go live out your libertarian fantasies in Somalia.
Siccing Sonnet on a codebase or PR without guidance does indeed lead to worse results than using Opus, though.
They also say publicly in their Opus 4.6 post (https://red.anthropic.com/2026/zero-days/):
>In this work, we put Claude inside a “virtual machine” (literally, a simulated computer) with access to the latest versions of open source projects. We gave it standard utilities (e.g., the standard coreutils or Python) and vulnerability analysis tools (e.g., debuggers or fuzzers), but we didn’t provide any special instructions on how to use these tools, nor did we provide a custom harness that would have given it specialized knowledge about how to better find vulnerabilities. This means we were directly testing Claude’s “out-of-the-box” capabilities, relying solely on the fact that modern large language models are generally-capable agents that can already reason about how to best make use of the tools available.
I think you're right to be skeptical, but they _have_ talked about the process publicly.
And I don't think there's anything there that is not reproducible by outsiders? They have access to the same Opus 4.6 that you and I do; though not having to pay for the tokens certainly helps.
I'm pretty sure if you wanted to burn a couple thousand bucks, you'd reproduce at least some of these findings.
That would be upsetting if so. I feel the far more frightening thing is he is telling a large swath of people who don't know what they want, what they want. And then delivering that. So it could be literally anything.
The low-brow term for this is "owning the libs", but I believe it's really what's happening. It doesn't matter his personal moral failures or inconsistency, as long as he sets back social progress.
He was elected by a broad coalition of conservative-ish stakeholders, many of whom had very coherent and enunciated goals.
They continue to prove Verhoeven’s point many times over even decades later.
The book and author of the book was serious/not satire and meant everything earnestly at least the time of writing.
It’s objectively not meant to be looked at as satire. Most of the “citizenship requires service” stuff would be amazing from the perspective of smashing this countries geriocracy.
> Director Paul Verhoeven admits to have never finished the novel, claiming he read through the first two chapters and became both bored and depressed, calling it "a very right-wing book" in Empire magazine. He then told screenwriter Edward Neumeier to tell him the rest. They then decided that while both the novel and its author Robert A. Heinlein strongly supported a regime led by a military elite, they would make the film a satirical hyperbole of contemporary American politics and culture: "Ed and I [..] felt that we needed to counter with our own narrative. Basically, the political undercurrent of the film is that these heroes and heroines are living in a fascist utopia - but they are not even aware of it! They think this is normal. And somehow you are seduced to follow them, and at the same time, made aware that they might be fascists." Verhoeven later claimed that many viewers had not caught on to the satirical part. Ironically, diehard Heinlein fans later declared that the filmmakers themselves also completely misinterpreted Heinlein's nature and intentions. They say he was a libertarian who opposed conscription and militarism, and depicted the oligarchy-by-ex-military-citizenry government in the book because it was an example of something that has never been done in real life. He was not advocating it, but was merely speculating that such a system could exist without collapsing.
Also, while I have plenty of grievances with Google and Amazon, neither of them (nor Walmart) has ever forced customers to give them money under implied threat of sending a SWAT team to your house at 3 AM, throwing a flashback through your window, and having a team of men armed with assault rifles abduct you and throw you in a cage for not paying them money that you never voluntarily agreed to pay them.
In this particular case Anthropic had a contract stating what the military could and could not use their models for. The military broke that contract. Anthropic declined to sign a revised one.
This is within their rights, and more to the point, the government should absolutely not be allowed to unilaterally alter contracts they’ve already signed!
Predictability is the whole point. Undermining it is how you destroy your own economy.
The problem is the branches of the government that Anthropic was doing business with found it infeasible to do this.
They had another problem. If one of their contractors used Claude to engineer solutions contrary to Anthropic’s “manifesto” would Claude poison pill the code?
Basically Anthropic wanted the angels halo and the devils horns and the govt said pick one.
That's not what the presidential announcement blacklisting Anthropic said. It said they're being punished for trying to require that the military follow their terms of service.
*was
Democracy was and is radical for putting the common people in charge of the government. The right to petition for redress of grievances is literally in the first amendment. Government is a social contract, enforced with state violence on one end and mob violence on the other.
If you want to return to autocratic rule, I hear North Korea is lovely this time of year.
Gpt 2 wasn't released fully because OpenAI deemed it too dangerous, rings a bell? https://openai.com/index/better-language-models/#sample1
Maybe I've missed anything, but what Stenberg been complaining about so far been the wave of sloppy reports, seemingly reported by/mainly by AIs. Has that ratio somehow changed recently to mainly be good reports with real vulnerabilities?
[1] https://www.npr.org/2026/04/11/nx-s1-5778508/anthropic-proje...
> Improvement in AI models' capabilities became noticeable early 2026, said Daniel Stenberg.
> He estimates that about 1 in 10 of the reports are security vulnerabilities, the rest are mostly real bugs. Just three months into 2026, the cURL team Stenberg leads has found and fixed more vulnerabilities than each of the previous two years.
[2] https://www.linkedin.com/posts/danielstenberg_curl-activity-...
> The new #curl, AI, security reality shown with some graphs. Part of my work-in-progress presentation at foss-north on April 28.
> The challenge with AI in open source security has transitioned from an AI slop tsunami into more of a ... plain security report tsunami. Less slop but lots of reports. Many of them really good.
> I'm spending hours per day on this now. It's intense.
I guess DOD is large enough they have multiple parallel cabinet level positions
In a vacuum I think the interpretation Verhoeven had is mostly fine. It only becomes apparently ignorant if you’ve read more of Heinlein’s work, where libertarian themes are pervasive.
The policy in question is a statement by SecDef being reviewed by courts. I think it’s fair to ask whether DNI is actually constrained by that, or if it’s a judgement call.
Write to your reps and demand it. Call their offices and rattle their gates. If they don’t make it happen, vote in someone who will.
The media is usually flush with defending Anthropic. And yes - the supply chain risk label is too broad. But there is another side to the story and Anthropic isn’t an “innocent” as made out to be.
So he'll only accept systems developed by people who understand, as Sam Altman promised to, that the US military is not to be questioned.
Which makes more sense, the world isn't a black and white place with clear abstractions.
I have French installed on my keyboard as well so sometimes it will randomly correct English words to French words (inconsistently, but at least they're words), but blpw is not a word in either of those languages.
Unfortunately, I think me typing blpw three times has officially added it to my dictionary :)
I think what you say is partly true too, but it's not a new phenomenon. Some examples
- awful used to mean "awe-inspiring" https://en.wiktionary.org/wiki/awful
- you used to be the plural/formal second person pronoun with thou being the informal form https://en.wikipedia.org/wiki/You
- prior to the printing press English didn't have any standardized spelling at all https://www.dictionary.com/articles/printing-press-frozen-sp...
Language evolves. The English we learned in grammar school is likely not going to be the same English our kids or grandkids learn. At the end of the day, written communication has a single purpose — to communicate. If I can understand what the author is trying to say, then the author achieved their goal. That being said, I wish my mom did use spell check or autocorrect because her messages often require a degree in linguistics to decipher, but because of typos, not spelling. Maybe she'll influence the next evolution in typed communication :)
Edit - formatting
"Loose" is a short word that ends sharply, but "lose" is a long word that slowly peters out.
They should be the other way around imo.
https://www.dictionary.com/articles/printing-press-frozen-sp...
So, technically we are allowed to make modifications! We just can't expect others to adhere to our modifications :)
In this case, it's not clear who wins yet — "lose" may loose, or mount a comeback, resulting in "loose" being the one to lose.
Do you not want people to read what you write?
For some reason I can't think of those propositions at the moment, but it's definitely prevalent when I'm speaking French and use the wrong proposition, only because I'd have used the wrong proposition in English.
I think it would be correct to say people display varying command of the English language, which to me has never been a problem - as long as I can understand what you mean, it's all fine.
Even more damning is that there seems to be three independent layers to the feature ("three suggestions" area above keyboard, autocorrect-as-you-type, correction popup as you touch a word) and neither agree with each other about which language it should be using.
> all he'll breaks loose (a doubly amusing one): https://news.ycombinator.com/item?id=47835177
> So Ukraine should not necessary win, it should mainly bleed Russia and not loose. https://news.ycombinator.com/item?id=47827489
> They are de-risking by spending more, which is a loose-loose for the customers. https://news.ycombinator.com/item?id=47826823
Plus this thread, and that's just in the last 24 hours!
Also, the “s” in “loose” (the actual word) should be pronounced as “z” sound, as it lies between 2 vowels. Should we also change that? Should we change the way it is pronounced or the way it is written? Maybe if we change this to “loosse” we can free space for “lose” to add an “o”?
This language comedian does a bunch of humorous sketches about how many languages make no sense! But in particular, this video tackles false "rhymes" like allow and shallow.