Daniel Stenberg has published a lengthy
article on his thoughts on Anthropic's Mythos, which the company
decided was too dangerous for wide public release.
My personal conclusion can however not end up with anything else
than that the big hype around this model so far was primarily
marketing. I see no evidence that this setup finds issues to any
particular higher or more advanced degree than the other tools have
done before Mythos. Maybe this model is a little bit better, but even
if it is, it is not better to a degree that seems to make a
significant dent in code analyzing.
This is just one source code repository and maybe it is much better
on other things. I can only tell and comment on what it found
here.
But allow me to highlight and reiterate what I have said before: AI
powered code analyzers are significantly better at finding security
flaws and mistakes in source code than any traditional code analyzers
did in the past. All modern AI models are good at this now. Anyone
with time and some experimental spirits can find security problems
now. The high
quality chaos is real.
https://lwn.net/Articles/1072325/
--- SBBSecho 3.37-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)