The generalist in your project, as your guide and your creative sense is a powerfull asset. As such AI has just proven the imminent danger and the power of a generalist mind as a threat to ANY security flaw in ANY digital and human environment. With a sneak peak of Claude Mythos Preview, we’ve got the proof: if a 95% top security expert in one domain is a huge threat, than a combination of six 85% top expertise is the bigger threat.
Elite Expert vs Masterful Multi Talent
People imagine criminal security hackers as a big threat, so the experts on every domain (operating system, server hardware, application stack, API’s, user interface, browser and more) try to harden their area of expertise. With the coming of Claude Mythos, a LLM sneak peeked by Anthropic, they have proven themselves as vulnerable. The reason? Claude has a moderate expertise on each node in a security chain and perceives the hack as a route AND Venn diagram, rather than an entry point. Therefor Mythos can ‘sneak’ past most obvious vulnerabilities, and make use of individually benign security weak points, lay them together as a hacking route, and threats through the portal created.
Hacking IS a generalist game
This mode of operating of course quite common for many hackers, both white and black-hat. They also incorporate social hacking and environmental hacking to create , or expose edge-case vulnerabilities as an entrance to do their work. The rub with Claude Mythos it seems, is that its base knowledge for many domains is higher than most experts AND it has greater capacity to both identify and make use of new vulnerabilities in our digital life. This has been proven by exposing three very important and yet undiscovered security holes in systems that have been regarded as very secure.
Freeing this model into the world would as the people at Anthropic indicate, would do some serious damage, as the preliminary tests and found vulnerabilities already indicated.
Check out this analysis of Anthropic Claude Mythos Preview:
Which is worse: one naughty genius, or ten evil masters?
It also seems that with this greater stack of moderate experts, it gained so much experise that their risk taking profile does not fit that of said expertise. Where an expert of one system can’t do that much harm to a total system, even with a high risk taking profile. A collection of overlapping expertise has so much more power, it needs a greatly adjusted risk taking profile to end up as moderate threat, or even be a safe model. And that’s where there is the rub. The scale of expertise is exponential with every added domain and so should be its mitigating measures to deal with such power.
Anthropic has not released Mythos to the world as they fear that it might do some serious damage. Not only as a model, but specifically a training model for other malicious model-makers. They also started an initiative ‘Project Glasswing’ with various companies that might be threatened by the various found exposures in their systems.
Generalism for good
As this case pointed out: generalism is back, and proven as being the power that might not only threaten your organisation, but similarly might also be able to solve your most complex challenges.
As a generalist myself I totally see the logic in where a collection of mastered expertise can trump any domain expertise once applied in the real world. As I experience in my day to day work.