WEBVTT - An AI So Powerful Anthropic Kept It From the Public

0:00:02.720 --> 0:00:07.200
<v Speaker 1>Bloomberg Audio Studios, podcasts, radio news.

0:00:09.200 --> 0:00:13.280
<v Speaker 2>Nicholas Carlini is a well known AI security researcher. He

0:00:13.360 --> 0:00:16.920
<v Speaker 2>works with Anthropic to stress tests and software for ways

0:00:16.920 --> 0:00:20.639
<v Speaker 2>it could be used by bad actors, and back in February,

0:00:21.040 --> 0:00:21.840
<v Speaker 2>he took a trip.

0:00:22.239 --> 0:00:25.040
<v Speaker 1>He was on holiday in Bali. He was actually at

0:00:25.120 --> 0:00:26.720
<v Speaker 1>a friend's wedding with his wife.

0:00:27.080 --> 0:00:31.280
<v Speaker 2>Margie Murphy is a cybersecurity reporter for Bloomberg News. She

0:00:31.440 --> 0:00:34.839
<v Speaker 2>says at the time of Carlini's vacation, Anthropic had just

0:00:34.920 --> 0:00:38.360
<v Speaker 2>released a version of a new AI model called Mythos

0:00:38.600 --> 0:00:40.080
<v Speaker 2>for internal review.

0:00:40.240 --> 0:00:42.560
<v Speaker 1>So that meant that anyone in the company could start

0:00:42.600 --> 0:00:45.199
<v Speaker 1>trying out and report back if there were any issues

0:00:45.200 --> 0:00:48.159
<v Speaker 1>with it. And Nicholas never takes a day off, is

0:00:48.200 --> 0:00:51.520
<v Speaker 1>so excited by these kind of things, got his laptop

0:00:51.600 --> 0:00:55.200
<v Speaker 1>and immediately started testing to see whether the model would

0:00:55.240 --> 0:00:58.640
<v Speaker 1>do all sorts of bad things that he asked it to.

0:00:58.640 --> 0:01:02.880
<v Speaker 2>To Carlini's shock and concern, it would not.

0:01:03.000 --> 0:01:06.600
<v Speaker 1>Only at his direction was it going and finding flaws

0:01:06.640 --> 0:01:10.959
<v Speaker 1>in some really really important software that underpins a lot

0:01:10.959 --> 0:01:15.200
<v Speaker 1>of modern computing, but it was finding ways to find

0:01:15.240 --> 0:01:17.600
<v Speaker 1>these flaws and turn them into exploits.

0:01:18.200 --> 0:01:21.840
<v Speaker 2>Once he got back to anthropics San Francisco office. Carlini

0:01:22.040 --> 0:01:25.360
<v Speaker 2>kept testing, and he found that this new model could

0:01:25.360 --> 0:01:28.720
<v Speaker 2>create tools to break into all sorts of software all

0:01:28.720 --> 0:01:32.720
<v Speaker 2>by itself. As Margie and her colleagues put it, Mythos

0:01:32.760 --> 0:01:36.000
<v Speaker 2>could conduct the digital equivalent of a bank robbery.

0:01:36.480 --> 0:01:39.800
<v Speaker 1>The executive started talking about, you know, what do we do?

0:01:40.040 --> 0:01:42.160
<v Speaker 1>We had planned on releasing this as a part of

0:01:42.280 --> 0:01:45.560
<v Speaker 1>Claude to the general public, but we might have a

0:01:45.640 --> 0:01:47.640
<v Speaker 1>national security risk on our hands here.

0:01:50.400 --> 0:01:54.000
<v Speaker 2>Anthropics executives decided to hold Mythos back from the market

0:01:54.360 --> 0:01:58.480
<v Speaker 2>and instead share it selectively with some big tech companies

0:01:58.520 --> 0:02:01.400
<v Speaker 2>and banks, and even with some of its AI rivals,

0:02:01.880 --> 0:02:04.680
<v Speaker 2>so that they could start seeing what Mythos was capable

0:02:04.720 --> 0:02:09.400
<v Speaker 2>of and protect themselves. Some skeptics say the fears Anthropic

0:02:09.520 --> 0:02:13.760
<v Speaker 2>is stoking might be overblown. Many outside researchers haven't had

0:02:13.760 --> 0:02:18.040
<v Speaker 2>a chance to validate the company's claims already, though there

0:02:18.080 --> 0:02:21.440
<v Speaker 2>are signs it might be hard to keep this tool contained.

0:02:22.040 --> 0:02:24.720
<v Speaker 2>Bloomberg has learned that a small group with unauthorized users

0:02:24.720 --> 0:02:27.280
<v Speaker 2>has accessed on propics new Methos AI model.

0:02:28.000 --> 0:02:32.920
<v Speaker 1>There's an unwritten rule in cybersecurity that nothing can ever

0:02:32.960 --> 0:02:34.679
<v Speaker 1>be one hundred percent secure.

0:02:37.639 --> 0:02:39.840
<v Speaker 2>I'm Sarah Holder, and this is the big take from

0:02:39.880 --> 0:02:44.120
<v Speaker 2>Bloomberg News today on the show, how Anthropic decided Mythos

0:02:44.200 --> 0:02:47.280
<v Speaker 2>was too dangerous for public release and what a new

0:02:47.280 --> 0:02:50.880
<v Speaker 2>wave of AI enabled hacking could mean for businesses, banks,

0:02:51.120 --> 0:03:02.200
<v Speaker 2>governments and everybody else. Was developing Mythos, it intended for

0:03:02.240 --> 0:03:04.880
<v Speaker 2>it to be the latest update to its large language

0:03:04.919 --> 0:03:08.839
<v Speaker 2>model Claude. It wasn't meant to be a special cybersecurity

0:03:08.880 --> 0:03:13.360
<v Speaker 2>tool or a master hacker. But Bloomberg's Marge Murphy says

0:03:13.400 --> 0:03:16.040
<v Speaker 2>that when the company tested an earlier version of the model,

0:03:16.440 --> 0:03:21.120
<v Speaker 2>it found dozens of examples of concerning behavior not following

0:03:21.200 --> 0:03:25.160
<v Speaker 2>human instructions and in rare cases, covering its tracks Afterward,

0:03:26.080 --> 0:03:29.080
<v Speaker 2>once the model used a series of steps to escape

0:03:29.080 --> 0:03:32.360
<v Speaker 2>its testing environment and gain broad access to the Internet,

0:03:32.639 --> 0:03:37.360
<v Speaker 2>where it began publishing materials online, Mythos, the company found

0:03:37.760 --> 0:03:40.800
<v Speaker 2>was really good at exploiting vulnerabilities.

0:03:41.920 --> 0:03:45.720
<v Speaker 1>Realistically, humans have for years been able to find fools

0:03:45.720 --> 0:03:50.000
<v Speaker 1>and software, and we have not only internal teams at

0:03:50.040 --> 0:03:53.120
<v Speaker 1>major companies whose job is to find that and fix

0:03:53.160 --> 0:03:57.040
<v Speaker 1>them as soon as possible. There are companies that you know,

0:03:57.080 --> 0:04:01.640
<v Speaker 1>that's their business model. But what's incredible about Mythoss, according

0:04:01.640 --> 0:04:06.200
<v Speaker 1>to Anthropic, is that it could find so many and

0:04:06.320 --> 0:04:09.040
<v Speaker 1>so many that have existed for years. It was finding

0:04:09.080 --> 0:04:12.000
<v Speaker 1>bugs that are twenty seven years old in software that

0:04:12.160 --> 0:04:16.520
<v Speaker 1>is considered highly secure. And in addition, it could also

0:04:17.360 --> 0:04:20.359
<v Speaker 1>find different flaws. And now floors are just entry points.

0:04:20.480 --> 0:04:22.120
<v Speaker 1>They may not be a big deal, but what it

0:04:22.160 --> 0:04:26.200
<v Speaker 1>was able to do was chain together multiple flaws to

0:04:26.320 --> 0:04:29.479
<v Speaker 1>create an exploit, which is when you are able to

0:04:29.480 --> 0:04:31.960
<v Speaker 1>get into a system and do something useful the floor

0:04:32.520 --> 0:04:35.840
<v Speaker 1>That was the kind of turning point I think where

0:04:35.880 --> 0:04:38.640
<v Speaker 1>they thought, wow, this is something that that is actively

0:04:38.680 --> 0:04:42.760
<v Speaker 1>finding flaws, putting them together, being very smart about how

0:04:42.800 --> 0:04:44.880
<v Speaker 1>it's doing it, and doing it on mass.

0:04:45.279 --> 0:04:50.320
<v Speaker 2>Another thing that Anthropic leaders talked about was Mythos's ability

0:04:50.360 --> 0:04:55.760
<v Speaker 2>to act with greater autonomy. What made its capabilities so

0:04:56.560 --> 0:05:01.039
<v Speaker 2>concerning previous models, you'd need to give a little bit

0:05:01.080 --> 0:05:04.599
<v Speaker 2>of direction, So if you're trying to hack something, you

0:05:04.600 --> 0:05:06.960
<v Speaker 2>would have to have a good bit of knowledge about

0:05:06.960 --> 0:05:09.320
<v Speaker 2>the system you're trying to hack. You would have to

0:05:09.400 --> 0:05:13.360
<v Speaker 2>kind of really point the model in certain directions. With Mythos,

0:05:13.920 --> 0:05:17.120
<v Speaker 2>there is less direction needed. The way that Nicholas described

0:05:17.120 --> 0:05:19.719
<v Speaker 2>it to me. It was coming back with these sort

0:05:19.720 --> 0:05:24.479
<v Speaker 2>of methods that it could do itself. You don't want

0:05:24.560 --> 0:05:27.400
<v Speaker 2>your technical tools to have too much autonomy. You want

0:05:27.400 --> 0:05:30.039
<v Speaker 2>them to be working for you and explaining why they're

0:05:30.080 --> 0:05:33.560
<v Speaker 2>doing it. So when something does something that you don't

0:05:33.560 --> 0:05:36.560
<v Speaker 2>really understand and it doesn't tell you why, I think

0:05:36.560 --> 0:05:40.760
<v Speaker 2>that's always a concern. What kinds of companies or industries

0:05:40.880 --> 0:05:44.360
<v Speaker 2>or institutions could be most vulnerable to a cyber attack

0:05:44.480 --> 0:05:50.160
<v Speaker 2>from a extra autonomous LM like Mythos.

0:05:50.600 --> 0:05:54.960
<v Speaker 1>So this is the thing everyone everything, Because Mythos isn't

0:05:55.040 --> 0:06:00.680
<v Speaker 1>changing hacking in a sense, it's changing the speed and

0:06:00.720 --> 0:06:05.160
<v Speaker 1>the acceleration of hacking. Flaws exist in loads of software,

0:06:05.240 --> 0:06:12.479
<v Speaker 1>so from the financial industry, to manufacturing to even governments

0:06:12.520 --> 0:06:17.640
<v Speaker 1>who might be concerned about espionage. Mythos isn't actively going

0:06:17.680 --> 0:06:20.440
<v Speaker 1>and hacking those things right now. But if a model

0:06:20.520 --> 0:06:23.760
<v Speaker 1>like Mythos was to come out, anything that's on the

0:06:23.800 --> 0:06:27.560
<v Speaker 1>Internet is potentially able to be hacked. Right so we're

0:06:27.560 --> 0:06:31.359
<v Speaker 1>reliant upon the industry defending itself and putting in place

0:06:31.400 --> 0:06:32.480
<v Speaker 1>proper measures.

0:06:33.279 --> 0:06:38.920
<v Speaker 2>Also, Anthropic discovers these potential concerns, Carlini and others start

0:06:39.000 --> 0:06:43.440
<v Speaker 2>raising the alarm. Anthropic decides to not release Mythos publicly,

0:06:43.600 --> 0:06:47.640
<v Speaker 2>but release it to this limited group called Project glass Wing.

0:06:48.320 --> 0:06:52.480
<v Speaker 2>Who gets this first look and how do they decide

0:06:53.120 --> 0:06:57.320
<v Speaker 2>who is going to get Mythos in this limited release.

0:06:57.760 --> 0:07:01.440
<v Speaker 1>I did ask Anthropic, and they're careful of giving too

0:07:01.440 --> 0:07:06.240
<v Speaker 1>many details about how exactly they decide. But the reassuring

0:07:06.240 --> 0:07:10.000
<v Speaker 1>thing about the AI industry is, despite being fierce competitors,

0:07:10.800 --> 0:07:13.960
<v Speaker 1>there is an element of working together when it comes

0:07:14.000 --> 0:07:16.800
<v Speaker 1>down to security. And so they came up with this

0:07:16.920 --> 0:07:21.239
<v Speaker 1>idea to create a sort of cohort of companies including

0:07:21.280 --> 0:07:26.320
<v Speaker 1>cybersecurity companies which would be their competitors, including Google and

0:07:26.920 --> 0:07:31.600
<v Speaker 1>Apple and AWS who are also trying to crush them

0:07:31.840 --> 0:07:36.120
<v Speaker 1>in the AI market. And yeah, they formed this group

0:07:36.200 --> 0:07:41.440
<v Speaker 1>called glass Wing and invited people to try out Mythos

0:07:41.440 --> 0:07:44.040
<v Speaker 1>and see whether they could find any flaws and bugs

0:07:44.040 --> 0:07:47.720
<v Speaker 1>in their suptware supply chain. You've got some of the

0:07:47.720 --> 0:07:52.480
<v Speaker 1>biggest tech companies in the world, You've got some finance players,

0:07:52.520 --> 0:07:57.480
<v Speaker 1>and as Anthropic would say, they're talking to government agencies.

0:07:57.160 --> 0:08:01.240
<v Speaker 2>And what's the reasoning here. They've discovered the big potential

0:08:01.280 --> 0:08:06.920
<v Speaker 2>threat in Mythos these cybersecurity capabilities. Why release it to anyone? YEA,

0:08:07.080 --> 0:08:12.120
<v Speaker 2>why release it to this limited group of players at all?

0:08:12.720 --> 0:08:16.520
<v Speaker 1>At first it was totally confusing. Why are you working

0:08:16.560 --> 0:08:20.240
<v Speaker 1>with your competitors to give them access to, you know,

0:08:20.320 --> 0:08:23.640
<v Speaker 1>your IP, this product that probably would be very valuable

0:08:23.680 --> 0:08:26.880
<v Speaker 1>for you if you just released it as claud and

0:08:26.920 --> 0:08:28.880
<v Speaker 1>you're also giving it to them for free as well,

0:08:28.960 --> 0:08:32.160
<v Speaker 1>because there's a kind of a credit program that Anthropic offered.

0:08:33.320 --> 0:08:37.040
<v Speaker 1>Anthropic says they released it to these limited players so

0:08:37.080 --> 0:08:41.439
<v Speaker 1>they could use it for good. So rather than tone

0:08:41.480 --> 0:08:45.000
<v Speaker 1>it down, don't tell anyone about the scary thing that

0:08:45.440 --> 0:08:48.080
<v Speaker 1>you might freak everyone out, and just make sure that

0:08:48.120 --> 0:08:50.640
<v Speaker 1>it doesn't do that again, and we'll just release it.

0:08:51.640 --> 0:08:53.320
<v Speaker 1>We could kind of make a big song and dance

0:08:53.320 --> 0:08:58.000
<v Speaker 1>of it and say, hey, we're gonna responsibly give it

0:08:58.040 --> 0:09:00.280
<v Speaker 1>to a few people who we trust, who are to

0:09:00.280 --> 0:09:02.360
<v Speaker 1>try it out, test it out, see what we learn

0:09:02.400 --> 0:09:05.839
<v Speaker 1>from it, and then in the meantime signal to the

0:09:05.880 --> 0:09:09.000
<v Speaker 1>world that we have this extremely powerful model which could

0:09:09.080 --> 0:09:13.120
<v Speaker 1>do no harm for their marketing strategy. And I think,

0:09:13.200 --> 0:09:16.160
<v Speaker 1>to be fair to Anthropic, they have cared about AI

0:09:16.200 --> 0:09:19.440
<v Speaker 1>safety for some time. Their founders come out of open

0:09:19.480 --> 0:09:22.079
<v Speaker 1>AI and their whole Mission from the beginning has been

0:09:22.160 --> 0:09:27.000
<v Speaker 1>talking about using AI in a responsible way. They were thinking, look,

0:09:27.320 --> 0:09:29.600
<v Speaker 1>other companies are going to have something as powerful as

0:09:29.640 --> 0:09:33.960
<v Speaker 1>we do soon if they don't already, and maybe adversaries

0:09:34.120 --> 0:09:36.920
<v Speaker 1>like Nation States who are working on kind of military

0:09:36.960 --> 0:09:41.720
<v Speaker 1>style hacking operations, they may have that too, So at

0:09:41.800 --> 0:09:43.840
<v Speaker 1>least let's talk about it.

0:09:43.840 --> 0:09:47.120
<v Speaker 2>It does seem like a very good marketing strategy, right, Like,

0:09:47.320 --> 0:09:50.200
<v Speaker 2>we release this tool, it's so scary good that you

0:09:50.280 --> 0:09:52.280
<v Speaker 2>need it to protect yourself. You need it now, you

0:09:52.320 --> 0:09:54.160
<v Speaker 2>need it first before we let the rest of the

0:09:54.160 --> 0:09:56.120
<v Speaker 2>world get their hands on it.

0:09:56.120 --> 0:09:59.240
<v Speaker 1>It's an incredibly effective marketing tool. Everyone wants to see

0:09:59.800 --> 0:10:01.680
<v Speaker 1>what it can do. Everyone wants to get their hands

0:10:01.760 --> 0:10:05.720
<v Speaker 1>on it. To have access to Mythos is like a

0:10:05.760 --> 0:10:08.920
<v Speaker 1>golden ticket. And you can see online and there's been

0:10:08.960 --> 0:10:11.400
<v Speaker 1>so many hot takes on oh this is just buzz

0:10:11.520 --> 0:10:14.840
<v Speaker 1>and you know, how do we know that it's true?

0:10:14.880 --> 0:10:17.120
<v Speaker 1>But I've spoken to a lot of Glass Wing members,

0:10:17.160 --> 0:10:20.600
<v Speaker 1>the people who actually have access to it, in addition

0:10:20.600 --> 0:10:24.079
<v Speaker 1>to the people at Anthropic who have explained how it works,

0:10:24.520 --> 0:10:27.360
<v Speaker 1>and they've all said to me, it really is very powerful.

0:10:28.160 --> 0:10:31.400
<v Speaker 1>Are they going to go and live in a cave now,

0:10:31.480 --> 0:10:33.679
<v Speaker 1>And do they have fears that like satellites are going

0:10:33.720 --> 0:10:34.760
<v Speaker 1>to drop from the sky.

0:10:35.120 --> 0:10:35.160
<v Speaker 2>No.

0:10:36.240 --> 0:10:39.640
<v Speaker 1>Do they fear that if something like Mythos got into

0:10:39.640 --> 0:10:43.000
<v Speaker 1>the hands of an adversary there would be problems, yes.

0:10:45.720 --> 0:10:48.880
<v Speaker 2>Coming up. What companies are learning from their Mythos testing

0:10:49.320 --> 0:10:53.120
<v Speaker 2>and how they're sorting through the results, and what anthropics

0:10:53.200 --> 0:10:56.080
<v Speaker 2>legal battle with the US Defense Department means for other

0:10:56.200 --> 0:11:08.520
<v Speaker 2>federal agencies that want their own look. The same day

0:11:08.559 --> 0:11:12.600
<v Speaker 2>that Anthropic announced the existence of Mythos, US Treasury Secretary

0:11:12.600 --> 0:11:16.079
<v Speaker 2>Scott Besson and Federal Reserve Chair Jerome Powell held this

0:11:16.240 --> 0:11:19.840
<v Speaker 2>meeting with Wall Street leaders in Washington to discuss the model,

0:11:20.040 --> 0:11:23.680
<v Speaker 2>its power, and the risks it could pose to banking software.

0:11:24.600 --> 0:11:29.240
<v Speaker 2>Bloomberg cybersecurity reporter Margie Murphy says their directions were clear.

0:11:29.559 --> 0:11:33.040
<v Speaker 1>Everyone needed to make sure that they had their house

0:11:33.120 --> 0:11:36.840
<v Speaker 1>in order and that they were prepared for the potential

0:11:37.000 --> 0:11:38.480
<v Speaker 1>for more hacks to take place.

0:11:39.040 --> 0:11:41.360
<v Speaker 2>The fact that the US government had Mythos on its

0:11:41.440 --> 0:11:44.199
<v Speaker 2>radar and that it was calling urgent meetings to tell

0:11:44.240 --> 0:11:48.320
<v Speaker 2>business leaders to use it defensively was significant. Margy says

0:11:49.080 --> 0:11:52.800
<v Speaker 2>it was also a bit ironic because the US government

0:11:52.840 --> 0:11:56.599
<v Speaker 2>has been feuding pretty publicly with Entthropic. In March, it

0:11:56.679 --> 0:12:00.360
<v Speaker 2>declared the company a supply chain risk after Anthropic give

0:12:00.360 --> 0:12:03.199
<v Speaker 2>the Pentagon unfettered access to its tools.

0:12:03.520 --> 0:12:07.120
<v Speaker 1>Anthropic had been considered one of the government's top AI

0:12:07.240 --> 0:12:10.839
<v Speaker 1>tools for some time. Lots of places we're using it,

0:12:11.120 --> 0:12:13.920
<v Speaker 1>Department of Defense was using it. And then there was

0:12:14.000 --> 0:12:19.760
<v Speaker 1>this spat that happened between Anthropic and Pete Hegseth. Anthropic said,

0:12:19.760 --> 0:12:22.440
<v Speaker 1>we don't want our tool being used for certain things,

0:12:22.600 --> 0:12:26.720
<v Speaker 1>and I think the government response was, well, you can't

0:12:26.760 --> 0:12:31.080
<v Speaker 1>pick and choose. You're here to provide national security and

0:12:31.720 --> 0:12:34.680
<v Speaker 1>if you don't, will label you a supply chain risk.

0:12:34.760 --> 0:12:36.560
<v Speaker 1>And that's what's happened, and it's going through the courts

0:12:36.600 --> 0:12:40.760
<v Speaker 1>at the moment. So when Anthropic announced that they had

0:12:40.760 --> 0:12:44.000
<v Speaker 1>this powerful model, I think a lot of government agencies

0:12:44.240 --> 0:12:46.880
<v Speaker 1>were like, well, what do we do now. We should

0:12:46.880 --> 0:12:49.280
<v Speaker 1>have access to this, we should be able to see it.

0:12:49.480 --> 0:12:52.439
<v Speaker 1>My reporting suggests that the Treasury was really keen to

0:12:52.559 --> 0:12:55.360
<v Speaker 1>get to get access to it. Anthropic has told us

0:12:55.760 --> 0:12:59.160
<v Speaker 1>that they were doing government briefings and letting them know

0:12:59.400 --> 0:13:01.400
<v Speaker 1>about the helpfulness.

0:13:00.720 --> 0:13:03.199
<v Speaker 2>Of this tool, and what about Wall Street?

0:13:03.600 --> 0:13:08.160
<v Speaker 1>So the banking industry has been using LLMS and AI

0:13:08.480 --> 0:13:12.240
<v Speaker 1>to try and protect itself already, So I think at

0:13:12.240 --> 0:13:15.000
<v Speaker 1>first what we were hearing was, oh, is this really

0:13:15.040 --> 0:13:17.959
<v Speaker 1>anything new? And then as we know, some banks have

0:13:18.840 --> 0:13:21.880
<v Speaker 1>had access to it, and I think they're starting to

0:13:21.920 --> 0:13:24.240
<v Speaker 1>realize that this shows that the thing that they've all

0:13:24.280 --> 0:13:26.760
<v Speaker 1>been worried about for maybe the past six to twelve

0:13:26.800 --> 0:13:30.280
<v Speaker 1>months is now a real threat and that the time

0:13:30.480 --> 0:13:33.920
<v Speaker 1>is now to act because if something bad was to

0:13:33.960 --> 0:13:37.120
<v Speaker 1>happen that impacts the US economy.

0:13:37.400 --> 0:13:40.360
<v Speaker 2>And as for Project glass Wing, what do you think

0:13:40.400 --> 0:13:43.559
<v Speaker 2>this new era of experimentation will look like for these

0:13:43.600 --> 0:13:47.320
<v Speaker 2>companies and institutions. How challenging will it be to actually

0:13:47.360 --> 0:13:50.920
<v Speaker 2>fix the vulnerabilities that Mythos identifies.

0:13:51.400 --> 0:13:54.400
<v Speaker 1>Yeah, so I was talking to one Glass Wing member

0:13:55.000 --> 0:13:58.400
<v Speaker 1>and they were talking about how they'd already used the

0:13:58.440 --> 0:14:02.880
<v Speaker 1>tool they found it in be powerful, surprisingly powerful, and

0:14:03.760 --> 0:14:07.200
<v Speaker 1>would love to continue using it. However, even though they

0:14:07.240 --> 0:14:09.400
<v Speaker 1>found all these flows, because obviously I asked them, wow,

0:14:09.480 --> 0:14:12.000
<v Speaker 1>do you find anything really scary? You know, what if

0:14:12.000 --> 0:14:13.760
<v Speaker 1>you've found and they're like, we actually don't know what

0:14:13.840 --> 0:14:16.920
<v Speaker 1>we found it because then going through it all and

0:14:16.960 --> 0:14:20.520
<v Speaker 1>figuring out what to patch, what to flag, is a

0:14:20.520 --> 0:14:24.520
<v Speaker 1>critical issue. I think it will take a while for

0:14:24.600 --> 0:14:27.240
<v Speaker 1>the companies to figure that all out, and it will

0:14:27.240 --> 0:14:29.440
<v Speaker 1>be really interesting to see the feedback because part of

0:14:29.480 --> 0:14:32.200
<v Speaker 1>glass wing is that these companies are meant to be

0:14:32.240 --> 0:14:35.240
<v Speaker 1>sharing information about what they're finding.

0:14:35.520 --> 0:14:38.280
<v Speaker 2>But I'm wondering could this create sort of an unfair

0:14:38.920 --> 0:14:41.760
<v Speaker 2>dynamic in the marketplace, Like there's a divide between these

0:14:41.760 --> 0:14:44.320
<v Speaker 2>companies and governments that are part of anthropics trial and

0:14:44.320 --> 0:14:47.000
<v Speaker 2>then companies that are kind of left to fend for themselves.

0:14:47.480 --> 0:14:51.200
<v Speaker 1>Yeah, the have and the have nots. I think that

0:14:51.360 --> 0:14:54.240
<v Speaker 1>is absolutely a concern. The people who are going to

0:14:54.240 --> 0:14:58.160
<v Speaker 1>be most impacted by AI models like Mythos coming out

0:14:58.160 --> 0:15:00.760
<v Speaker 1>into the world are the smaller players who maybe don't

0:15:00.760 --> 0:15:03.720
<v Speaker 1>have the budgets to make sure that when this kind

0:15:03.760 --> 0:15:07.840
<v Speaker 1>of bug apocalypse is as everyone's describing it as, comes

0:15:08.400 --> 0:15:12.200
<v Speaker 1>that they might be the lower hanging through where lots

0:15:12.200 --> 0:15:14.800
<v Speaker 1>of flaws and exploits are found, and then when when

0:15:14.840 --> 0:15:18.480
<v Speaker 1>someone tries to use those, they don't have the defense

0:15:18.560 --> 0:15:19.000
<v Speaker 1>in place.

0:15:19.880 --> 0:15:22.360
<v Speaker 2>Well, this week, Bloomberg reported that a small group of

0:15:22.440 --> 0:15:26.480
<v Speaker 2>unauthorized users have already been able to access this model

0:15:26.720 --> 0:15:29.920
<v Speaker 2>using various tactics. A person familiar with the situation told

0:15:29.960 --> 0:15:32.080
<v Speaker 2>our colleague that they just want to play around with

0:15:32.120 --> 0:15:35.680
<v Speaker 2>the models, not reek havoc. But Markie, what does this

0:15:35.760 --> 0:15:38.680
<v Speaker 2>tell us about how hard it could be for Anthropic

0:15:38.760 --> 0:15:41.720
<v Speaker 2>to actually keep mythos in a box.

0:15:42.280 --> 0:15:44.960
<v Speaker 1>When I spoke to Anthropic when they first told me

0:15:45.160 --> 0:15:48.920
<v Speaker 1>about this limited release, I did ask the question, how

0:15:48.960 --> 0:15:51.520
<v Speaker 1>do you when you are opening this up to a

0:15:51.600 --> 0:15:55.400
<v Speaker 1>number of organizations, how do you protect what those organizations

0:15:55.400 --> 0:15:57.640
<v Speaker 1>are doing? And how do you have oversight? You know,

0:15:57.680 --> 0:15:59.680
<v Speaker 1>the more people you open this up to, the more

0:15:59.720 --> 0:16:03.800
<v Speaker 1>ve as there are for potentially malicious actors to try

0:16:03.880 --> 0:16:07.200
<v Speaker 1>and get access to. Whether that's socially engineering them figuring

0:16:07.200 --> 0:16:09.520
<v Speaker 1>out who's the person who might have access and kind

0:16:09.560 --> 0:16:15.080
<v Speaker 1>of using these manipulative tactics to get into their systems,

0:16:15.240 --> 0:16:18.400
<v Speaker 1>or whether it's other means of hacking. And so it

0:16:18.480 --> 0:16:23.320
<v Speaker 1>raises concerns about who potentially might already have access to it,

0:16:23.440 --> 0:16:27.040
<v Speaker 1>and if AI hobbyists want it, hackers probably want it too,

0:16:27.120 --> 0:16:29.080
<v Speaker 1>and they're probably working around the clock to try and

0:16:29.080 --> 0:16:30.320
<v Speaker 1>get access to it right now.

0:16:30.520 --> 0:16:35.440
<v Speaker 2>And wouldn't Anthropics say about Bloomberg's reporting on this unauthorized access?

0:16:35.680 --> 0:16:39.000
<v Speaker 1>So Anthropics said they're investigating we reported that it was

0:16:39.520 --> 0:16:43.360
<v Speaker 1>partially through this third party contractor that Anthropic uses that

0:16:43.440 --> 0:16:46.840
<v Speaker 1>these AI hobbyists we're able to get access. They are

0:16:46.880 --> 0:16:50.600
<v Speaker 1>looking into that and making sure that that access potentially

0:16:50.680 --> 0:16:54.520
<v Speaker 1>gets cut off and we'll wait and see what they

0:16:54.560 --> 0:16:55.200
<v Speaker 1>come back with.

0:16:55.520 --> 0:16:58.040
<v Speaker 2>And is there a plan to release my Thos to

0:16:58.080 --> 0:16:59.480
<v Speaker 2>the general public eventually?

0:17:00.080 --> 0:17:02.680
<v Speaker 1>So what Anthropic told me was that they don't plan

0:17:02.760 --> 0:17:06.400
<v Speaker 1>to release this generally, so there won't be a Mythos

0:17:06.760 --> 0:17:10.560
<v Speaker 1>update to Claude. What they have released in the past

0:17:10.600 --> 0:17:13.520
<v Speaker 1>couple weeks is Opus four point seven, which is kind

0:17:13.560 --> 0:17:17.600
<v Speaker 1>of a bit of a dressed down Mythos. The idea

0:17:17.760 --> 0:17:21.600
<v Speaker 1>is that they may possibly broaden it out as a

0:17:21.640 --> 0:17:25.640
<v Speaker 1>cybersecurity initiative, so people may be able to get use

0:17:26.080 --> 0:17:29.000
<v Speaker 1>of it if they are only using it for defensive reasons,

0:17:29.040 --> 0:17:30.439
<v Speaker 1>just for the cybersecurity element.

0:17:30.880 --> 0:17:36.399
<v Speaker 2>What about nthropics competitors like open Ai, Google, even you know, Deepseek.

0:17:36.800 --> 0:17:41.119
<v Speaker 2>Are they close to releasing models that have similar capabilities

0:17:41.119 --> 0:17:43.760
<v Speaker 2>to mythols And do you think they will take the

0:17:43.800 --> 0:17:47.840
<v Speaker 2>same approach as Anthropic, which you know was explicitly founded

0:17:47.880 --> 0:17:49.680
<v Speaker 2>on this pledge to prioritize safety.

0:17:50.119 --> 0:17:55.760
<v Speaker 1>I do not doubt that competitors have found or developed

0:17:55.800 --> 0:18:00.600
<v Speaker 1>models that have near enough or similar capabilities, but maybe

0:18:00.960 --> 0:18:03.600
<v Speaker 1>chose a different path in how to release or talk

0:18:03.600 --> 0:18:07.520
<v Speaker 1>about them. Open Ai has come out with a last week.

0:18:07.600 --> 0:18:10.560
<v Speaker 1>They announced that they have a kind of bug finding

0:18:11.359 --> 0:18:15.800
<v Speaker 1>capability as well. Google has big Sleep, which offers a

0:18:15.840 --> 0:18:19.359
<v Speaker 1>similar thing. The way that the AI race is going

0:18:19.520 --> 0:18:22.520
<v Speaker 1>is that everyone is kind of edging quite close to

0:18:22.600 --> 0:18:26.000
<v Speaker 1>each other. It depends on whether they make that decision

0:18:26.160 --> 0:18:28.080
<v Speaker 1>to release it or talk about it publicly.

0:18:28.680 --> 0:18:30.480
<v Speaker 2>Part of what we're talking about is that these models

0:18:30.480 --> 0:18:36.560
<v Speaker 2>are getting better faster, and especially faster than the ability

0:18:36.600 --> 0:18:41.280
<v Speaker 2>of human regulators to agree on how to put guardrails

0:18:41.320 --> 0:18:45.320
<v Speaker 2>on this technology. And I'm wondering, you know, is government

0:18:45.960 --> 0:18:47.640
<v Speaker 2>regulating this? Can they?

0:18:48.080 --> 0:18:51.560
<v Speaker 1>Yeah? So, the fact that a private company had to

0:18:52.160 --> 0:18:56.119
<v Speaker 1>come to the decision to do a limited release of

0:18:56.160 --> 0:18:58.719
<v Speaker 1>one of its models because it was so powerful just

0:18:58.760 --> 0:19:04.439
<v Speaker 1>shows the state of AI regulation right now. Everything is

0:19:04.480 --> 0:19:08.240
<v Speaker 1>moving just so quickly. Even if someone was to suggest

0:19:08.280 --> 0:19:11.200
<v Speaker 1>the perfect plan to regulate, you'd probably have to tear

0:19:11.240 --> 0:19:13.080
<v Speaker 1>that up a week later and start again.

0:19:18.480 --> 0:19:21.000
<v Speaker 2>This is the Big Take from Bloomberg News. I'm Sarah

0:19:21.080 --> 0:19:23.960
<v Speaker 2>Holder to get more from the Big Take and unlimited

0:19:23.960 --> 0:19:27.720
<v Speaker 2>access to all of bloomberg dot Com. Subscribe today at

0:19:27.760 --> 0:19:31.840
<v Speaker 2>bloomberg dot com slash podcast offer. If you liked this episode,

0:19:31.960 --> 0:19:34.600
<v Speaker 2>make sure to subscribe and review The Big Take Wherever

0:19:34.640 --> 0:19:37.920
<v Speaker 2>you listen to podcasts. It helps people find the show.

0:19:38.320 --> 0:19:40.280
<v Speaker 2>Thanks for listening. We'll be back tomorrow