MHR Labs: Mythos and Project Glasswing

The release of Mythos

In early April, Anthropic released a preview of their latest large language model called ‘Mythos’. The difference between this and previous model releases is that Anthropic specifically chose not to release it, effectively because it was too powerful.

Mythos was trained as a general-purpose frontier model and, consistent with Anthropic’s recent direction, was expected to represent a significant step up in coding capability over its current flagship, Claude Opus. However, the claims coming out of Anthropic are that the model is so good that it also turns out to be very good at cybersecurity, and not necessarily in a positive way.

Anthropic claimed that Mythos had found previously undiscovered vulnerabilities in various pieces of infrastructure, including a 27-year-old bug in OpenBSD (a UNIX-like operating system used in areas such as firewalls and network servers) and a 16-year-old bug in FFmpeg (a media processing library used to encode and decode video and image files). In addition, it had the ability to find small innocuous vulnerabilities in code and link them together to form something much more dangerous.

Project Glasswing

As a result of this, Anthropic decided not to release the model to the wider public and instead allowed preview access to a small number of players who are effectively the gatekeepers of most of the internet – Google, Apple, Microsoft, the Linux Foundation, et al. This was released as a new initiative called Project Glasswing, launched to allow a joint defensive coalition to prevent LLMs such as Mythos from being exploited by bad actors.

To quote their original Project Glasswing release:

Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser. Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout—for economies, public safety, and national security—could be severe. Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes.

The research view

It’s hard not to immediately reach for the ‘dubious-marketing’ claxon when reading this, but Anthropic do come across as some of the more benign tech-bro billionaires. It’s clearly struck a chord with many companies and governments, with British government finance ministers raising concern about the model along with others at the International Monetary Fund meeting. It also scratches the surface ever so slightly of what many of the original AI researchers, such as Geoffrey Hinton, have been trying to push into the public domain about the danger of these models and how we’re not defensively minded enough about them. Whether other AI companies take the same mindset is a different matter, and they may see it as an opportunity to steal a march on Anthropic.

What could it mean for most companies?

The immediate concern is of course from a security perspective. If it can find a 27-year-old bug in what was assumed to be solid and trusted software, then any enterprise codebase could be seen to be vulnerable. But at the same time, there are opportunities to make all our software much more robust by utilising these new and powerful AI agents to shine a light on any vulnerabilities that may lurk in the depths of the code. Just because nobody has found them before doesn’t mean that they wouldn’t have eventually, even without an AI assistant. An investment in these tools could save a lot of money further down the line and companies will have to embrace the new technology to remain safe or at least make sure the security companies they use do on their behalf.

There is also a harder financial reality: cyber insurance premiums are currently stable, but there is a growing likelihood that they will start to rise, or that policy exemptions will quietly widen, as insurers begin to price in the risk of AI-augmented attacks.

Finally, the talent angle shouldn’t be ignored; an interesting Forrester blog by Jeff Pollard looks at it from the “fixing it” side of things, in that knowing a vulnerability exists is a different problem from knowing how to fix it. AI coding tools can help reveal these issues and to some degree fix them, but ultimately you’re going to need experienced engineers in the loop to make sure they’re fixed properly. These engineers are already scarce, and as highlighted in the above Forrester blog, there are interesting parallels with old infrastructure code such as those dependent on the ancient COBOL language (critical infrastructure code that hardly anyone under the age of 60 understands).

Utilising these tools could be critical, but only so far as we maintain a good workforce to utilise them effectively.

Assessing AI’s impact on jobs

To say that AI is causing uncertainty in the future of how we work may be a bit of an understatement. Anyone following recent advances in AI has likely experienced a mild existential dread, wondering, “In five years’ time, what will I be doing?” And this is completely understandable. The rapid rise of AI is disrupting all areas of work, with forecasts ranging from widespread job displacement to significant job creation, often with little evidence to back up their views.

This has led many to seek answers in trying to analyse what parts of a job could be done by AI. Recent studies from OpenAI and Anthropic have explored this by breaking down jobs into individual tasks, determining how much impact LLMs will likely have on them. They found that in the near future around half of jobs could be significantly impacted by AI.

Both are excellent articles well worth a read. However, their methods of using current tasks to determine how jobs will be impacted in the future assumes that the way we work won’t change. That raises a more fundamental question: even if AI can do more of the work, does that always mean there will be less work to do? A recent MIT Tech Review article offers an alternative way of thinking about this.

In the article, economist Alex Imas argues the important factor is not how much of a job AI can do, but how demand for the work they produce changes when AI reduces the cost to deliver that work. If demand remains stable, the efficiency gains offered by AI makes workforce reduction more likely. If instead delivering work faster and cheaper unlocks a greater demand, employers may find they need more staff in spite of automation.

This is an interesting perspective, as it shifts the focus from “What might AI be able to automate?”, to “What will the impacts on my specific business be?”

Approaching the problem in this way may help to reduce a lot of the uncertainty surrounding the topic. The main argument is that we lack the data needed to understand how demand will respond to increasing automation and how this will vary between roles and industries. Without this, predictions around how AI will affect businesses and their employees remain limited.

Every organisation therefore needs to be thinking about this. Rather than focusing solely on where effort can be saved, it’s worth considering where faster or cheaper delivery might change how much work there is to do. In some cases, that may mean doing the same with less. In others, it could unlock the ability to do far more than before.

It also offers more hope for employees grappling with uncertainty. Many have suggested AI will bring about mass unemployment due to the reduced need for people’s work. The ideas shown here offer a different perspective, where their skills (adapted to work within these new systems) can still be needed and may even be in greater demand.