> It's easier to produce vulnerable code than it is to use the same Model to make sure there are no vulnerabilities.
I once had a car where the engine was more powerful than the brakes. That was one heck of an interesting ride.
So now we have a company that supplies a good chunk of the world's software engineering capability.
They're choosing a global policy that works the same as my fun car. Powerful generative capacity; but gating the corrective capacity behind forms and closed doors.
Anthropic themselves are already predicting big trouble in the near term[1] , but imo they've gone and done the wrong thing.
Pandora is an interesting parable here: Told not to do it, she opens the box anyway, releases the evils, then slams the lid too late and ends up trapping hope inside.
Given their model naming scheme, they should read more Greek Mythos. (and it was actually a jar ;-)
> its cyber capabilities are not as advanced as those of Mythos Preview (indeed, during its training we experimented with efforts to differentially reduce these capabilities)
I wonder if this means that it will simply refuse to answer certain types of questions, or if they actually trained it to have less knowledge about cyber security. If it's the latter, then it would be worse at finding vulnerabilities in your own code, assuming it is willing to do that.
I can confirm from experience that reviewing your own code for vulnerabilities has fallen under "prohibited uses" starting with Opus 4.6 as recently as April 10; forcing me to spend a day troubleshooting and quarantining state from my search system.
"This request triggered restrictions on violative cyber content and was blocked under Anthropic's Usage Policy. To learn more, provide feedback, or request an exemption based on how you use Claude, visit our help center: https://support.claude.com/en/articles/8241253-safeguards-wa..."
"stop_reason":"refusal"
To be fair, they do provide a form at https://claude.com/form/cyber-use-case which you can use, and in my case Anthropic actually responded within 24 hours, which I did not expect.
I admit I'm now once bitten twice shy about security testing though.
Opus 4.7 was still 'pausing' (refusing) random things on the web interface when I tested it yesterday, so I'm unable to confirm that the form applies to 4.7 or how narrow the exemptions are or etc.
i've not had the issue with codex, i was testing a public api i work on for issues, codex was happy to attempt to break it but did refuse to create a script that would automate the issue it found.
I'm assuming finding vulnerabilities in open source projects is the hard part and what you need the frontier models for. Writing an exploit given a vulnerability can probably be delegated to less scrupulous models.
Currently 4.7 is suspicious of literally every line of code. May be a bug, but it shows you how much they care about end-users for something like this to have such a massive impact and no one care before release.
Good luck trying to do anything about securing your own codebase with 4.7.
I hope you have spam filtering happening somewhere upstream of your local computer. Spammers are constantly adjusting to find ways around filters, and there is no way a third class open source legacy email client I going to be able to give their filter the continuous attention it needs to stay effective.
I was surprised to be able to install packages from the Racket package server. The search is case sensitive (be sure to use all lowercase instead of the default first capital letter) and the install can take a while, but it works!
"What's the good of Mercator's North Poles and Equators,
Tropics, Zones, and Meridian Lines?"
So the Bellman would cry: and the crew would reply
"They are merely conventional signs!
I feel like we would disagree on the role of immigration in the US but I really appreciate you calling out how the current administration’s approach is only effective at making viral clips online. Meta comment, but it’s refreshing to talk with people who have different goals while still referencing a shared reality. Removing the masks and adding cameras shouldn’t be controversial unless your goal really is to make a paramilitary force for the president.
Illegal immigration has been a political issue in the USA for a long time now. Trump is, however cruelly, fulfilling a campaign promise. One of the few he's managed to do.
The unstated but obvious (to me?) goal of what ICE is doing is not to get large numbers of people out of the country, but to drive costs down for migrant labor by further disenfranchising them, making them scared, marginal, etc.
If they actually thoroughly evicted non-status migrant workers they'd have a outright revolt on their hands from farmers and other businesses that depend on them.
Instead those businesses can now take further advantage of the fear of harassment and/or deportation to drive down compensation and rights.
Contrast with countries like Canada that have a legal temporary foreign agriculture worker program that provides a regulated source of seasonal migrant farm worker labour under a non-citizen temporary status, but with some rights (still often abused). It's notable to me as a Canadian that I don't see this being advocated on any large scale by either party in the US.
Anyways, all this just to say that the jackboot clown theater is the point, not a side effect.
Limiting the supply of migrant labor drives costs up, not down, and the ICE raids have had a significant negative effect on businesses reliant on illegal immigrants.
Do you have numbers on how many migrant farm workers have actually been deported or detained?
Because going around and harassing and deporting other or non-essential non-status immigrants would drive labor costs down because of the chill it would put through those who are grudgingly tolerated.
And besides, given the quality of personality ICE seems to be employing even (especially) at its highest levels, I simply assume there's corruption such that if I'm a large orchard or whatever I simply pay ICE to stay away.
"There was a significant drop-off in entries to the United States in 2025 relative to 2024 and an increase in enforcement activity leading to removals and voluntary departures. We estimate that net migration was between –10,000 and –295,000 in 2025, the first time in at least half a century it has been negative."
Honestly think it’s just a matter of resources and they would rather play theater for their leader than actually do the job. However, the effect has been felt.
It's not merely a matter of detainment or deportation. Racial minorities, not just immigrants, face intimidation tactics. These guys are walking into schools, they're walking into social security offices, and courthouses. They stand around menacingly just to scare people. They harass random passerby's on the street, or in the grocery store. You would feel unsafe and stressed if this happened to you, no matter your circumstances.
Unfortunately, the most extreme is that it's the new normal that now, there's >0 chance that someone, whether they are a US citizen or not apparently, child or adult, can end up in a camp, with no due process.
I think it would be a useful exercise to look at all the revocations of legal access in the us, and then do the division to see how we've increased the likelihood of becoming an illegal, and therefore targeted.
I dont think youre as right as you want to believe. Certainly not as right as I want you to believe
This wasn’t a statement about capability. It’s just a detail about what model they used to compare the speed of two chips for this purpose. You want a bigger model, run a bigger model.
reply