A

Hello and welcome to a free preview of Sharp Tech. Hello and welcome back to another episode of Sharp Tech. I'm Andrew Sharp and on the other line, Ben Thompson. Ben, how you doing?

B

I mean, you know, I've been working through, working through the five stages of grief. Okay, what are the stages again? I was never mad, but bargaining is one of them.

A

Acceptance is the final stage. Denial is definitely one of the stages as well.

B

Yeah, well, you and I, we are together in the permanent underclass.

A

Oh boy.

B

We do not have access to Mythos.

A

We are not part of class wing here at Certecary, unfortunately.

B

You know, down on the bottom, just mucking along as good as we can, making some podcasts. So it is what it is.

A

Just speculating from the outside, that's all we can do today. But that what we will do. I'll begin with the Wall Street Journal, by the way.

B

I. I did. I used the exact same opening on dithering. Maybe I need more. Maybe that's why I'm in the permanent cross platform promotion.

A

That's two weeks in a row now. I love to see it.

B

Yeah, that's good. I'm kind of feeling self chastised. I need to get some material.

A

It's self chastised. So at least you're consistent with your mispronunciation. The brand remains strong here. And we will begin with the Wall Street Journal. Anthropic is taking steps to arm some of the world's biggest technology companies with tools to find and patch bugs in their hardware and software. The company is making a preview model of its new AI model called Mythos, available to about 50 companies and organizations that maintain critical infrastructure, including Amazon, Microsoft, Apple, Alphabet, owned Google and the Linux Foundation. Mythos has proved to be so capable at potentially dangerous things such as finding and exploiting software bugs, and that Anthropic has at present no plans to release it to the general public, said Logan Graham, the head of Anthropic's Frontier Red team, which evaluates Claude for risks. So, Ben, generally speaking, I'll let you take it any direction you want. You wrote about Anthropic on both Tuesday and Wednesday. And this Mythos model, reading about it was pretty unsettling earlier in the week. But what do you think of what's happening here?

B

Why is it unsettling? We just discussed it on Sharp Tech a week ago.

A

Well, we. Exactly what we discussed and the threats to security that we discuss now appear to be imminent, albeit private for the time being.

B

Maybe that's why we're. Maybe that's why we're already. Yeah, well, maybe that's why we're already at stage five. No, I think a very timely discussion we had last week about the reality that, I mean, it's. This actually ties into a long running discussion that we've had particularly this year, about the uniqueness of programming and code and its suitability for large language models and the fact that, you know, how do you program, you put a bunch of words and symbols together in sort of arcane ways that it can be difficult for a lot of humans to sort of do. But human computers quite good at it. Particularly large language models can handle large amounts of language, which at the end of the day, all of software is just massive amounts of language. And again, that language may not be very understandable to you or I, but it is very predictable and understandable. And to that end, given what we've talked about, this should not be a surprise to us or to our listeners. So, yeah, here we are. Now how here are we? This is hard to say, right? Because this is anthropic. These are the same people who, going back, it's funny, people are like, oh, OpenAI did this too. No, the anthropic people did this at OpenAI where they're like, you know, like, why is OpenAI not open? Because GPT2 posed too many dangers to the world. So. So it's like, yeah, we're not gonna be open anymore. And just so happens that not being open is actually good for business. You think back to the. Don't. So let me back up. No one get mad at me until we finish this whole segment, okay? Cause we're gonna cover lots of different areas. I already see our first email as someone that's very mad at me. So, Mr. Anonymous, relax, we're gonna get there, okay? You go back to 2019. I think it was 2019 when GPT2 came out. And there's a, this is dangerous. And there's also a maybe it's not the best thing in the world if we're on the leading edge to give everyone our weights because then they can just run the bottle themselves. Right? The equivalent here. And by the way, I think another area where we were very early. What was one of the points that we brought up with Deep Seek a year and a half ago? Well, Deep Seq looks like it's kind of distilled from leading us models and everyone just sort of takes it as a given or they hold it up as an excuse when these labs are complaining about distillation, which we've talked about this idea that you basically query the API a gazillion times for all sorts of things and you get your own data from the model to train your own model. Like how do you get these? Oh, OpenAI is. Or open source is only six months behind. Well, because it's about six months that it takes to query the models because successfully distill them.

A

Well, can I ask one question on that? Because this came up on Sharp China and it's come up a couple different times on Sharp China and I don't have a good answer. And as a tech podcaster, I feel like I'm failing Bill Bishop in the course of these conversations.

B

Is there, I mean, what a tough gig for you. You have to be the dumb normie on this podcast that you have to. I know the brilliant tech understand that wearing many hats.

A

But is there a way to reliably prevent distillation in the future? Because distilling a model that's as powerful as Mythos seems like it could be a problem going forward.

B

Yeah, well, I mean a sealed model is never going to be quite as good as the regular one. And it's much more jagged, there's much more holes, you know, much more, much less comprehensive. So just in general, it's a bit where they're always going to be behind to a certain extent. But that doesn't change the fact that if they're more than good enough and these leading edge models are very expensive, it's a great alternative if you want something else. So just to go back to this story, there's a very good business reason for not making this available. Just like there is a good reason for not making open weights available. This is like it's the same story. And if you think about these companies wanting to have market power, pricing power in the long run, well, making sure there's not nearly as good models to the extent you can is a way to do that. And the challenge is if you have a self serve walkup API that anyone can use. Yeah, it's pretty hard to stop. Like, I mean, we've all pirated music. It's not like the same story. Other than to say like trying to stop people doing stuff on the Internet when there's open APIs and things that you can access is a tough game.

A

Effectively impossible. You can make it harder, but not impossible.

B

Right. And it's one of those things you often find it after it's happened. Like you go through your logs and say, wow, we're getting hit on this endpoint from this set of IP addresses a gazillion times which have been routed through a gazillion points. It's not like they're coming from the Forbidden City IP range and accessing the model. They're spinning up cloud servers on DigitalOcean or on Ada AWS or whatever. And like doing this probably aws, probably too expensive. But like there's a. It's not. Yeah, it's not easy, but basically just like it is a rough analogy, like policing chips is a lot harder than like policing uranium for example, right?

A

Which you can see from satellites and it's much easier, right?

B

There's a bit where like if someone like breaks into like OpenAI and exfiltrates the weights, you know, very queer thievery going on. If you're going on and just sort of asking a bunch of questions at a very high rate of speed, which computers are very good at, it's a lot tougher to stop. So you have this sort of business issue. You also have anthropic can barely stay online right now, right? Like there, you know, the people. It is this massive upsurge in revenue in users. They're doing this weird rationing thing like these five hour blocks, which aren't really five hours. Cause like the five hours is shorter than five hours during certain times of day and then it's longer at other times. And then people are complaining about, oh, they're purposely reducing the model quality. There's definitely like they're serving distilled models themselves. And you can distill much more effectively if it's your model and you have like full access to it instead of just using the API. And they're quantizing. But also they're doing lots of things like trying to leverage cash and doing sort of like trying to batch a bunch of stuff together. And all these optimizations sort of layer on each other to really diminish the experience to the extent that it's very hard to separate. Is it on purpose? I don't think it's on purpose, but it's inevitable as you're trying to sort of scale up this compute. And even then they can barely stay online, right? And so you have this new model comes out that is extremely computationally expensive and intense. And you just look at the API pricing, which is like 5x what opus is. And by the way, OPUS is significantly more expensive than say GPT 5.4, which is an even smaller model. Um, and so if we could limit it not to the hoi polloi but to people who will actually pay Us, real money. Also a good sort of business justification. Right. They'd. Right. You know, and so.

A

But this is making me feel much better as we read about a potentially existentially dangerous model here.

B

Right.

A

But lots of rationalization where we started is to approach it this way.

B

The danger is totally plausible. And if the. And even if the danger. This is why I told everyone to hold off the people who want to be mad at me. Even if it's possible they're overstating it right now, doesn't mean they're overstating the reality in six months or nine months or a year. The fact of the matter is we are going to have a crisis of thousands, not thousands, millions, billions of lines of code that have been built by humans from the beginning of the computing era till now, which unquestionably contained tons and tons of bugs, because that is just the reality of software. And theoretically you could have tons and tons and millions of humans go over them and find them all. But that's not practical. And what a computer's really good at doing, boring sort of line by line yeoman's work and going over and working through everything. And the larger these models get and the more capable they get and the larger context they have and the more like, yes, this is going to happen. So if it's not happening now, and it might be happening now, it will be happening in the future. So it's almost pointless to speculate on. I'll give Anthropic more grace here. Basically, I consistently criticize them for overstating things where they're at right now. And it's a very much a boy. But this is why I brought up the boy cried wolf analogy. People talk about the boy crying wolf and they only talk about the first 80% of the story where the boy keeps crying wolf.

A

Yeah.

B

At the end of the story, the wolf does come.

A

Right.

B

You know what I mean?

A

I was not familiar. I mean, I'm obviously familiar with the fable there, but I didn't know that the wolf does come at the end of the Boy Cried wolf fable until reading strategy earlier in the week there.

B

Well, what. How is this possible?

A

I mean, it's been, what, probably 35 years since I read that story. So over time I'm familiar with the cliche and not necessarily the original text undergirding the cliche.

B

Oh, well, the great thing is all of those fables, like the real versions are all very like, dark, dark, well, argument is something we've forgotten. Right. The point of them was to instill healthy Fear and instincts into children. Right. Like, you know, there's been a real movement to soften all these things and make them more complex.

A

And, oh, believe me, I'm reading children. Children's books every single night. And nobody ever dies. Nothing bad ever happens. Whereas my wife grew up with her mom reading her, like, German fables.

B

That's right. No, the original German ones.

A

Really grisly. So perhaps we're at a better place on that front. Or perhaps not. Perhaps children needed those lessons.

B

Yeah, that's. That might be the case.

A

Well, you tease this email. I'll read it from Anonymous. He says, I was annoyed by Ben's daily update today about Mythos. Yes, there are lots of reasons to be cynical of Anthropic. I myself have very large concerns about them, both about their actual plans and their motivations, along with all the other leading AI companies. But I wish that for at least some of that update on Mythos, he could have put his cynicism to the side and talked about what he thinks a company should do if they have the capability Anthropic claims Mythos has. There are leading security researchers saying they found more security vulnerabilities with Mythos in the last month or two than they found in their entire careers. That sounds like it could be a pretty big deal. I'd love to hear Ben's thoughts if he takes the capabilities at face value, regardless of which company develops them, instead of just using it as an opportunity for another round of reasons to be cynical about Anthropic Dario and their motivations. So if these capabilities exist, what should a company do? What's the optimal course of action?

B

So there's a great concept on Greatest of All Talk that you guys really lay into some emailers who are, like, begging for, like, generic praise. They're like, you know, I appreciate my

A

team, appreciate my favorite player. Yes.

B

Right.

A

There's a whole genre, little bit like

B

a generic phrase request here. In my update, I listed the reasons to be cynical and said I made the wolf analogy, which is the wolf is going to come at some point. Like, so I think I gave it credence and even if it's not real right now, it's going to be real. So I think Anonymous is a little bit, you know, he's got me painted as the anti anthropic guy, which probably fairly fair to like, but my. My anthropic bit is rooted in deep respect and appreciation for the company and like. So that's like, it's only a reason to be worried about them, to the extent that they're like legitimate and have their shit together in a major way. And I think that's been my sort of point all along. So. Yeah, so and in that if you want to frame this very narrowly. And this actually came up. I don't know if I mentioned it on the podcast, but when the quad code source code leaked, there was a bit in there about hiding mode, like anonymous mode, where you report issues but don't say who you are. And that seems like that was probably what we're seeing now. Or that was for Mythos to go out. Don't show that it's Mythos finding this, but start reporting all these bugs. And I brought up that example.

A

Reporting them to what? To companies.

B

What I brought that example for. Like there was a discussion in the Linux one of the. I think it was the. The colonel group about we're getting a

A

bunch more bug reports, unbelievable amounts of bugs. And they're all real bugs.

B

And they're all real bugs. Right. And so like, you know, how much of that was actually anthropic acting? I absolutely think it's a really interesting question that you look at this narrowly. Yeah, this is good, right? Like, let's get out there and fix as many of these bugs as possible before bad actors get ahold of this and figure out all these exploits. So I will grant this to Anonymous and I think that's a fair point. Though the challenge, the issue that what I was going for in the last section of the update is this very much ties into the ongoing anthropic discussion we've had, which is to the extent you do take them seriously, it's just validating all of the points, questions, concerns that came up in the dispute with the department of whatever you want to call it, Defense, war. Very annoying that this is a political.

A

A loaded topic. A loaded distinction there. Well, yeah, I mean, that's. Reading about it. Any normal person would think, why should a private company have all this power? Like, what's the argument? That the technology shouldn't be nationalized is I think, a natural follow up to.

B

Because nationalizing stuff is terrible. Right?

A

No, I know, but I think a lot of people will read a blog post for Anthropic and be like, holy crap, it can do all of this. And obviously like the CCP's involvement with deep Seek seems to have junked up their operation a good bit. So I have full faith that the government would screw up Anthropic if it were nationalized. But at the same time, like having the ability to hack into every company and every government on earth. Seems like a pretty dangerous power to vest in a group of private individuals.

B

Right? Well, this is the interesting thing to think about, right? So it's funny to see, you know, after we got, you know, or we in my mouse my pocket, I got sort of like fairly attacked for making the argument in the context of that dispute between the US government Anthropic. My argument there was the problem is it's not a question of like laws, it's that the people who have the guns, if are they're fundamentally threatened, are going to ignore the law because the law is downstream from that. Right. Like the extreme version of sort of a real politic argument. And not just in the context of international relations, in the context of like who's actually in charge of day to day life. Like ultimately where do you know, where does the laws come from? If you believe they come from the end of the barrel of a gun. If someone else is developing a better gun than you, the it's entering into a fraught situation in the intervening period before you have full power for the other entity to say, ah, I'm gonna take that for myself, you're not gonna be able to develop this power. But what's interesting is so you saw a few more people, I think Derek Thompson was one. It's sort of like the center, center left is now starting to like say there might be a little bit of a concern here and saying like, well,

A

or at least inevitable tension that needs to be resolved somehow.

B

But their tension they're coming up with is, well wait, anthropic could like hack the. We're depending on their good grace not to do that. Well, that's one angle. Another angle is you could imagine the US government looking at this capability and saying not just worried about us being hacked, but actually we would like to be able to go hack China.

A

Right?

B

Right. Like we would be able to have this capability for ourselves. And so, and it sounds, it's funny because on one hand you can sit here and make fun of Anthropic for being scaremongers and Chicken Littles about everything. In GPT2, you could turn that same criticism on me, right, where I'm like scaremongering about the US government, viewing it as an opponent or someone that needs to be sort of brought to heel, as it were. And everyone is sort of looking into theoreticals and seeing what might happen down the road. So in that regard I have appreciation and sympathy for their position as well. But this, it's like I feel like it's starting to. This is the tension in this announcement to the extent you do take them seriously, sure. Good job. We're glad you're out there patching bugs. That is a good thing to happen. But you are just inviting and accentuating this fundamental tension that has not yet been resolved from a month ago.

A

All right, and that is the end of the free preview. If you'd like to hear more from Ben and I, there are links to subscribe in the show Notes, or you can also go to SharpTech FM. Either option will get you access to a personalized feed that has all the shows we do every week, plus lots more great content from strikeri and the strikeright bundle. Check it out, and if you've got feedback, please email us at. Email sharptech FM.