NSA director: 'Mythos "broke into almost all of our classified systems in hours"(www.economist.com)
21 pointsby ricksunny4 hours ago9 comments
  • mirekrusin3 hours ago
    If mythos can break into almost all of their classified systems in hours then other models including opus, gpt, gemini and large open weight models can do so as well, maybe you'll have to double hours or it may become days, but they also will, there is no "maybe" in here.

    State sponsored, non-public penetration fine tunes (of possibly public ones) likely can do it even faster.

    Unsupervised penetration RL loop is ideal setup similar to optimization one – it's relatively easy to gain function on it.

    • johndough3 hours ago
      I don't think that is necessarily true.

      - With a weaker model, the time to break into the system might grow so larger that it becomes infeasible, similar to how password hashes can be bruteforced, but if the password is long enough, that is not going to happen in our lifetime.

      - There might be problems which are inherently unsolvable with a lower level of intelligence. For example, your dog won't derive calculus from scratch, even if it lived forever.

      - LLMs might be biased in such a way that they never explore the entire solution space, no matter how many attempts are made. Some models are notorious for getting stuck in a loop, trying small variations of the same approach every time, even though it is doomed to fail. This can be counteracted somewhat with higher sampling temperature, but that hurts reasoning capabilities.

      • mirekrusin2 hours ago
        Mythos and other models are not brute-forcing passwords (and with this analogy passwords, ie. systems are the same).

        We're not talking about dogs, but LLM systems.

        Mythos is not exploring entire solution space either.

        Usually looping is solved by repetition/frequency/presence/n-gram penalties/DRY/min-p sampling, not temperature but we're not talking about small models that have those classes of issues here.

        • johndough11 minutes ago
          > Mythos and other models are not brute-forcing passwords (and with this analogy passwords, ie. systems are the same).

          I am not talking about literally bruteforcing passwords (although LLMs are being used for that, too), but bruteforcing passwords and solving verifiable domain tasks have quite a few similarities, especially when considering rule-based and probabilistic bruteforce methods.

          > We're not talking about dogs, but LLM systems.

          Well, clearly dogs are not LLM systems. It is an analogy. If there is an important point on your mind that makes the analogy break down, feel free to spell it out.

          > Mythos is not exploring entire solution space either.

          Yes, but weaker models do not find the solution right away, so they need to try more often. But if they only try the same thing every time, they will never succeed, so we need some kind of guarantee that they try something different every time.

          > Usually looping is solved by repetition/frequency/presence/n-gram penalties/DRY/min-p sampling, not temperature but we're not talking about small models that have those classes of issues here.

          Those might help to reduce looping (at the cost of biasing the generation), but to guarantee that a model can generate all possible generations, we need non-zero probabilities for all tokens, not lower probabilities for likely tokens.

      • BikDk2 hours ago
        The concept of infinity claims that the dog eventually becomes Shakespeare. The same way we handled encryption, even before Alan Turing codes were broken and evolved. Last, it is a huge advantage to have the machine/mind and to evolve from there. P.S. Even if you go back to lemon juice on paper there may be a thief around that knows the trick.
  • vsgherzi3 hours ago
    This is really making me raise an eyebrow. I’m sure mythos is an improvement for sure. I don’t think the framing of it hacked the entire NSA is fully truthful. I’d like a more in depth understanding of what actually happened. Excited to be proved wrong tho!
    • Epa0953 hours ago
      Yeah, this article cites someone saying that someone else said something. Maybe it was said, maybe not. Maybe it was a exaggeration, maybe not.
  • ggm4 hours ago
    I made a point about this in relation to anthropic last week: nobody inside the strategic information spaces is worried about AGI they're worried about core strategic information leaking out. Either it's in the model, or the model exposes pathways to finding it in the core strategic systems.

    Those "tapes" DOGE took away? Nothing on them can be considered private any more. That's how brute force risk happens. Mythos' risks are showing doorways to exfiltration surely? Why bother when you can walk out the door with a data dump?

    The NSA is just a highly specific subclass of the problem. Their traditional publicly stated approach to security is "nothing electronic which enters our domain leaves" and yet somehow they have assessed these systems as capable of breaching their walls? That's super bad.

    I suspect they ran an analogue/instance inside their protection rings. I doubt they ran a test outside in the global internet. If they have actually lost control of their boundary, that's a bigger story (which I doubt) and contextually he could have been referring to information systems in NSAs duty of care, not things inside Ft Meade.

  • ggm4 hours ago
    https://archive.is/aA1dB
    • pelario4 hours ago
      The link does not seem to be working
      • johndough3 hours ago
        Works for me though, even when using a proxy that is usually blocked everywhere.
  • instagiban hour ago
    https://archive.ph/dXddV

    “Donald Trump’s blocking of Anthropic is capricious and chaotic” - current title

    I don’t understand the posted title quote and assume it’s missing a lot of context or was misinterpreted as it’s a secondary attribution. “Mythos broke into almost all of our classified systems in hours”.

    When you put it on those networks already and gave it compute?

    • ricksunny41 minutes ago
      (see other comment about HN titles). I think expecting an HN post title to match the article title is an overzealous interpretation of the fieldname ‘title’ in the HN submission form. Happy to be corrected if it’s right in the HN forum rules, but I’ve found highly upvoted posts to have an accurately descriptive title that is other than the source article’s title.

      In other words, ontologically speaking, post.title -= article.title

      I used to treat it as post.title = article.title, but the community taught me by example to cease being a purist.

      Anyway article’s flagged so this is just pedantic at this point.

  • bel83 hours ago
    HN post title does not match link title

    > NSA director: 'Mythos "broke into almost all of our classified systems in hours"

    > Donald Trump’s blocking of Anthropic is capricious and chaotic

    • ricksunnyan hour ago
      I’ve found that high community-upvoted posts don’t bury the lede by parroting the headline. I used to be a headline title scribe until the HN community showed me the light.
  • ricksunnyan hour ago
    flagged because reasons. @dang
  • MaxPock3 hours ago
    What happens when open source models achieve Mythos level capabilities in six months' time?
    • ionwake3 hours ago
      I dont seem to understand why no one is talking about this obvious fact? I mean suddenyl everyone is banning .. ok .. well how many months behind are the open source models?
  • ionwake3 hours ago
    Not being funny but does most of HN subscribe to the economist? I dont think ive ever paid for an online newspaper ( and Im not trying to be edgy )
    • arvid-lind3 hours ago
      more likely, most of HN who care about reading this article use something like archive.is