Be scared. Very scared.

Readers captivated by cybersecurity developments have likely seen mention of Mythos, the latest version of the Claude artificial intelligence that has been developed by Anthropic. The company decided to withhold release of the software to the public because it is considered too dangerous.

Anthropic isn’t worried about some abstract hypothetical: This isn’t handwringing over a Terminator-style AI that will conquer the world. The decision was based on actual experience. Mythos discovered thousands of vulnerabilities in every major operating system and browser.

Anthropic has been largely applauded for its caution and responsible decision-making. Cybersecurity experts warn that it’s too early to reach firm conclusions but there appears to be consensus that Mythos represents a “step change” in capability and is a taste of the new digital world that we now inhabit.

When testing the new version, Anthropic’s red team found that it “is capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser when directed by a user to do so. The vulnerabilities it finds are often subtle or difficult to detect.”

(For the uninitiated, a “red team” is the officially designated group who tests a system’s safety and security. And while I’m providing a lexicon, a “zero-day vulnerability” is a software bug that is unknown to the manufacturer and for which there is no immediate fix. It is considered the holy grail of hacks; companies pay hackers to find them and national cybersecurity authorities have huge budgets to buy them for future use.)

Mythos uncovered thousands of vulnerabilities, including one more than 25 years old in what was thought to be one of the most secure software applications in the world.

Not only does it find those holes; it also figures out how to exploit them. Mythos turned a set of vulnerabilities it found in the Firefox browser into 181........

© The Japan Times