alt Hacker NewsI think this brings out the cognitive dissonance around "safety" regarding cyber security:
a) In order to make us safe, the LLM should help us find (and fix) the vulnerabilities in our own code.
b) In order for us to be safe, the LLM should not find vulnerabilities in other people's code.
I don't think this is resolvable in a way where both (a) and (b) win.
Replies
Yes, it's so wildly silly if you assume good faith on the part of both parties.
Hence why I think the real explanation lies in bad faith positions from both the US Government and Anthropic:
Anthropic's doomerism-as-marketing (in reality its like 17% better at coding) basically enabled the US Gov to plausibly take them down on an irrelevant technicality as retribution for the dept of war showdown.
Both groups (the current US Admin and Anthropic) are full of authoritarian-minded people, just on opposite ends of the political spectrum. Which is the only thing I find scary here, not the silly LLMs.
To me, OpenAI seems like the least bad option given they're a quaint old "center-left in the streets, center-right in the sheets" capitalist enterprise.
At least I know why they make the decisions they make. I trust the people building a profit-seeking enterprise more than I trust people trying to build a religion using compute.
Exactly, it's a failure of Anthropic and others to understand cyber security. Finding security bugs in software is a good thing and not evil. It will lead to more secure software.
Defense and offense in cyber security are two sides of the same coin.