"Herbert-Voss noted that Mythos excels at finding both 'shallow' bugs and more complex vulnerabilities, attributing this capability to 'supralinear scaling' where increased resources lead to exponentially better performance."
"He argued that attackers and defenders can achieve comparable results with open source models by building 'scaffolding' to run several models together, improving defense in depth."
"Herbert-Voss emphasized that human expertise is still essential to orchestrate open source models effectively and to assess the bug reports generated by AI."
"He pointed out that fuzzing and AI bug-hunters create numerous warnings, leading to extra work for infosec workers, indicating they will have plenty to manage in the future."
Ari Herbert-Voss stated that open source models can match the bug-finding capabilities of Anthropic's Mythos, which excels at identifying both shallow and complex vulnerabilities. He attributed this to supralinear scaling, where increased data and compute lead to significantly enhanced model performance. While Mythos is tightly controlled due to misuse concerns, Herbert-Voss believes that open source models, when combined effectively, can provide similar results. He emphasized the necessity of human expertise in managing these models and addressing the overwhelming number of warnings generated by AI bug-hunting techniques.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]