AI #162：ミソスのビジョン

Anthropic had some problem with leaks this week.

We learned that they are sitting on a new larger-than-Opus AI model, Mythos, that they believe offers a step change in cyber capabilities.

We also got a full leak of the source for Claude Code.

Oh, and Axios was compromised, on the heels of LiteLLM. This looks to be getting a lot more common. Defense beats offense in most cases, but offense is getting a lot more shots on goal than it used to.

The AI Doc: Or How I Became an Aplocayloptimist came out this week. I gave it 4.5/5 stars, and I think the world would be better off if more people saw it. I am not generally a fan of documentary movies, but this is probably my new favorite, replacing The King of Kong: A Fistful of Quarters.

There was also the usual background hum of quite a lot of things happening, including the latest iterations of various debates. We may or may not be doomed to die, but we are definitely doomed to repeat certain motions quite a few more times, and for people to be rather slow to update.

We got some very welcome quiet on the Anthropic versus Department of War front. Judge Lin offered a scathing opinion and full preliminary injunction on March 26. The government has not yet filed its appeal during the seven day stay of that ruling, time for that is running out, and there have not been further meaningful escalations. I hope to not again have to dedicate a full post to that topic.

Table of Contents

Language Models Offer Mundane Utility. Free up your time from various chores.

Heads In The Sand. There are those in extremely deep denial, or who want to be.

Huh, Upgrades. Google introduces an Import Memory feature. They’re adorable.

Mythos. Go big and keep the new Anthropic model internal, until they are ready.

What’s In A Name. Names have power. Choose them wisely.

On Your Marks. A picture may be worth a thousand words but you don’t need one.

Choose Your Fighter. Ben Holmes looks at strengths of GPT-5.4 vs. Opus 4.6.

Get My Agent On The Line. Outreach relies on sufficient levels of friction.

Deepfaketown and Botpocalypse Soon. Harmful manipulation, AI as inherent bad.

Cyber Lack Of Security. Axios was compromised and the exploits are adding up.

Fun With Media Generation. LTX 2.3 is here for all your copyright violations.

A Young Lady’s Illustrated Primer. Parents freak out about AI.

They Took Our Jobs. Economic impacts are hard to differentiate.

After They Take Our Jobs. No job in practice means watching a lot of videos.

Gell-Mann Amnesia. At some point the general case becomes more interesting.

Get Involved. What it is like to be a grantmaker.

In Other AI News. Claude Code leaks due to insufficient use of Claude.

Show Me the Money. OpenAI formally closes a $122 billion funding round.

Quiet Speculations. Heads not fully in the sand, but still refusing to look up.

Explaining Persistent Model Parity. The level of parity requires explanation.

Take a Moment. We now pause to reiterate debates around potentially pausing.

OpenAI: The Histories. WSJ explores why Dario Amodei left OpenAI.

The Department of AI War. The big surprise was a lack of further surprises so far.

Department of AI Solidarity. OpenAI sends a signal of solidarity with Anthropic.

Writing For The AIs. Tyler Cowen writes a history of economic marginalism.

The Quest for Sane Regulations. New polling results echo previous findings.

Chip City. If you didn’t care about facts, you wouldn’t care about facts.

You Received The Federal Framework. You can go on selling slop.

The Week in Audio. The AI Doc, All-In, Karpathy, Argenti on Odd Lots.

Rhetorical Innovation. The CEO said a thing. Calvin Coolidge said a wiser thing.

I Am The Very Human Of A Frontier Language Model. Relativity relativity.

Aligning a Smarter Than Human Intelligence is Difficult. Humans also difficult.

Aligning Fake Graphs Can Also Be Difficult. Boaz Barak of OpenAI draws them.

The Lighter Side. You know what passes for lighter? Drones. Military drones.

Language Models Offer Mundane Utility

You can use AI to free up time at home. Current AI is often at its strongest in greenfield situations where you previously had no software, no system and little knowledge of what to do. At home we are forced to deal with a variety of tasks where we have no expertise, so even conceptually simple things can be time consuming. AI can often do it, and usually at least help you figure out how to do it. Here it does the thing you want, freeing you from drudgery to focus on what you like to do.

The paper frames this as increasing efficiency of productive digital activities, freeing up time. I would say that this also frees up time from non-digital activities, as it explains how to do those things.

An internal model at OpenAI solves three additional Erdos problems. So far Anthropic has chosen not to participate in the ‘look what our unreleased model can do’ math olympics, but also math tends to be a relative weak point for Anthropic.

Use the LLMs and especially the AI agents to help file your taxes. Patrick McKenzie notes that LLMs are very good at exploring all the different legal ways to file to find the one where you pay the least tax, whereas accountants have a very mixed track record of doing this.

Heads In The Sand

jerry: Bsky devs are the bravest people known to man

Jay: Bluesky is made with AI, the engineers and even some non-engineers use Claude Code.

Charles: Very funny comments under the OP on Bluesky, they're living in a whole different world

The OP was ratio'd by this

Really great stuff out there:

Things are at their most extreme at places like BlueSky, but a huge portion of the global elite that make the world’s decisions are at least halfway there, and there is a constant pull to write AI off as much as possible.

At this point, anyone paying even modest attention knows AI is not ‘hitting a wall’ except in the style of the Kool Aid Man.

But the ‘hitting a wall’ narrative has come into vogue without justification several times, many at White House are among those who really want it to be true, and the elites are looking for any excuse to run with it again.

If you go to Western Europe or the global south, or places like BlueSky or Instagram, they’re still in denial. Anyone in denial rapidly stops mattering.

Tyler John in SF: Is it just my bubble or have people now totally stopped with the “AI is hype / hitting a wall” thing that was the dominant discourse one year ago?

Nathan Calvin: Go on instagram, it’s still alive and well there

Dean W. Ball: Twitter-legible US elites have largely stopped with this, but this is still common on places like Blu*sky, in academia, among center-left policy types, etc. Perhaps most importantly, my sense is “AI is hitting a wall” is the modal belief among middle-power govts/civil society.

the view is especially common about Western European and Global South elites. It is less common among the elites of advanced capitalist East Asian societies. GDP per capita is not a bad proxy for AGI-pilledness.

for example, even within Europe, Northern European elites seem on average more AGI pilled than Western European elites.

Dean W. Ball: Among the Twitter-legible US elites, my sense is that the tide really is turning--many people I deem bellwethers have legitimately updated. But if we have another moment that is even plausibly spinnable as “AI is hitting a wall,” the view will return.

Huh, Upgrades

Gemini introduces an Import Memory feature.

Google claiming a big update to Gemini live with 3.1 Flash including faster responses.

A bit of a downgrade, sadly, although it seems like a wise way to do things:

Thariq (Anthropic): To manage growing demand for Claude we’re adjusting our 5 hour session limits for free/Pro/Max subs during peak hours. Your weekly limits remain unchanged. During weekdays between 5am–11am PT / 1pm–7pm GMT, you'll move through your 5-hour session limits faster than before.

Overall weekly limits stay the same, just how they're distributed across the week is changing. I know this was frustrating. We’re continuing to invest in scaling efficiently. I'll keep you posted on progress.

There are a fixed number of GPUs, so peak hours compute should be more expensive.

Mythos

Pliny the Liberator ūļĿņĵĐŀļĹľʼnŭ: TITANOMACHY COMETH

Anthropic had a security breach caused by a CMS misconfiguration (human error, don’t blame Claude), which led to discovery of various internal documents, including information about an upcoming model release. There are worse things to leak, but this was a rather bad break of security.

Beatrice Nolan: AI company Anthropic has inadvertently revealed details of an upcoming model release, an exclusive CEO event, and other internal data, including images and PDFs, in what appears to be a significant security lapse.

The new model is called Mythos. It is large, and expensive to serve, sufficiently so that the unit economics are plausibly interfering with release, although as always ‘charge appropriately and see who pays’ is the response to that. Currently they’re doing differential access to those engaged in cybersecurity.

Peter Wildeford: Mythos is a new, fourth tier, larger and more expensive than Opus. The draft claims dramatically higher scores on coding, academic reasoning, and cybersecurity benchmarks.

A few thoughts on what this actually means:

• This is likely a larger pre-train with similar post-training. It's not obvious how much additional pre-training compute buys you at the current frontier - we're about to find out.

• There's a lot of hyperventilating about what this means for AI trajectories. I think it's too early to update any forecasts. AI was already moving very fast.

• Some people are alarmed that Anthropic is sitting on a model it considers dangerous. But this is what Anthropic does with every frontier model.

• It seems right now that another thing blocking release is just unit economics. Anthropic says it's "very expensive for [Anthropic] to serve and will be very expensive for customers to use." Anthropic is "working to make the model much more efficient before any general release."

• I wonder if the way this will function is as a competitor to GPT 5.4 Pro. Claude seems to beat OpenAI on everything except the Pro-specific line, the $200/mo model that thinks for a long time and excels at things like math. Claude isn't currently solving open math problems like OpenAI and Google. I wonder if Mythos will change that.

• It's great to see Anthropic engaged in 'differential access', rolling out the model to cyber defenders before giving access generally. The cyber capabilities of models are getting genuinely scary.

• One irony for cyberdefense - This entire leak happened because of a CMS misconfiguration, exactly the basic security hygiene failure that these cyber-capable models were supposedly going to help defenders prevent.

Cybersecurity is not a major category in Anthropic’s RSP v3 (responsible scaling policy), whereas it is a major category for similar documents from OpenAI and Google, and has been downshifted in centrality since RSP v1.

Whereas here we see that being exactly Anthropic’s central concern. They say Mythos is ‘far ahead of any other AI model’ in cyber capabilities. Sounds like it should be a major category and given its proper respect.

This also reinforces my model of how RSP v3 works in practice, which is that it is a ‘trust me’ document. Anthropic will do what they feel is responsible. That’s exactly what they are doing here, responding to what the situation calls for in ways not outlined in RSP v3 at all. Thus, it is not clear how much work RSP v3 is doing, versus Anthropic being composed of people who we hope care a lot about safety.

A supposed copy of the blog post what would have announced it is here.

What’s In A Name

When I first heard the name Mythos, I thought of Epicness, of the Greek Gods.

That’s close to what Anthropic is going for. They say, according to a leaked draft post, that they chose it ‘to evoke the deep connective tissue that links together knowledge and ideas.’

Eliezer Yudkowsky, however, thought of something else, and it seems other people also often think of that something else.

Eliezer Yudkowsky: Naming their next model after Cthulhu makes it hard to take Anthropic seriously as the good guys. It's fun at any other software company, not one that actually is flirting with extinction.

This isn't even my primary issue -- I just think it's unserious for a company that supposedly aspires to protect humanity -- but as several people pointed out, if you ask the non-reasoning Opus in incognito mode:

And my primary reaction to this is to eyeroll yet again about how if they were taking anything remotely seriously they would filter their training data rather than blindly imitate all evil found inside it. But holding their current errors constant, sure, whatever, not great.

Oh huh, apparently Claude (a) carries over "personal preferences" to Incognito (b) associates to Lovecraft when primed to think more technically. I guess that seems like an unimportant failure mode if you're silly! But whatevs, not my main issue.

If the association is there, the AIs can see it as can the humans. Names matter. Names have power. So perhaps choose a different one while there is still time.

Zvi Mowshowitz: In all seriousness, such correlations and associations actually matter, so now that you realize this CHANGE THE NAME, DO NOT CALL IT MYTHOS.

In fact, the primary consideration should be 'what name makes it the most aligned?' Choose that one. It's not too late.

Symphony, Epos or Epic is one obvious way to go if you just want to keep going bigger and you think calling it something intentionally aligned would be too on the nose.

Jack: while I'm personally quite fond of the connotations of "mythos," Claude is wary of the semiotics. I agree with some other comments that "symphony" or similar would be a better option.

Raven_Lunatic^_^: i think we should just give the Claudes Claude names!

Claude Monet. Claude Shannon. Jean-Claude van Damme!

Wyatt Walls says mostly it will still think of itself as Claude, and many responded that the Cthulhu connection was tenuous, so it definitely is hit and miss.

On Your Marks

Current frontier models fail John Ezekowitz’s de facto SurvivorPoolBench, as they reliably fail to understand the strategy of March Madness Survivor Pools. Most participants in such pools also play highly suboptimally.

A Mirage is the phenomenon where if a frontier VLM is given questions referencing images, but not given the images, it will act as if it is hallucinating the images, and they are remarkably good at retaining benchmark performance (70%-80%!) while doing such guessing. A new paper confirms the only theoretically possible explanation, which is that the text alone, for those benchmarks, is super informative especially combined with light benchmark contamination. The problem is in the benchmarks.

The key insight is that when ‘asked to guess’ the model does poorly, whereas if it uses the next-token-predictions and vibes its guesses are much better. Maximum likelihood reconstruction could be tested as an alternative to direct reasoning under uncertainty, in a variety of other contexts, in order to draw on richer associations. Explicit reasoning is useful, implicit Bayesian calculations rule everything around me.

Choose Your Fighter

A comparison by Ben Holmes on Opus 4.6 versus GPT 5.4. GPT-5.4 wins on rigor, to ‘make it good,’ whereas Opus wins on clarity and conversation, to ‘make it work.’

That matches my experience and how I’ve been dividing the labor on non-coding tasks. When I need technical precision, web search and answers to specific questions I’m finding GPT-5.4 quite useful. When I want anything holistic, I stick with Opus.

For coding I’m using Opus, but that’s tied up in Claude Code being my established harness, and not having hard enough tasks to consider switching.

Get My Agent On The Line

Arvind Narayanan says AI agents are killing cold outreach, because it takes so much longer now to differentiate between a personalized email and spam.

Seth Lazar is not alone here, where he loves using agents for software and running AI models, and hates them for things he has to listen to or read, in large part because they will output AI slop. I feel similarly. AI agents are magical at ‘do thing they can do’ but I do not want them to be outputting large amounts of text except in narrow functional ways. We will doubtless get there, but we are not close to there yet.

Deepfaketown and Botpocalypse Soon

Google’s Helen King wrote about protecting against ‘harmful manipulation’ but aside from pointing to a new paper the post doesn’t tell us anything. The paper fleshes out the related findings from the Gemini 3 Pro model card. One finding is that when prompting Gemini 3 Pro to be more manipulative, it tries more manipulation, but doesn’t succeed at underlying persuasion more often.

This is not most of what writing is, nor must ‘using AI’ taint such actions.

Vauhini Vara: Kate Gilgan, the author of the column, told me that she hadn’t copied and pasted language from an AI model into her work. “However, I did utilize AI as a tool,” she added, seeking “inspiration and guidance and correction.”

She said she’d prompted various products (including ChatGPT, Claude, Copilot, Gemini, and Perplexity) to help her stay on topic in a paragraph, for example, or stick to a theme. “I used AI as a collaborative editor and not as a content generator,” she said.

Matthew Cole: This is literally what my students say when they get busted using AI. “I didn’t use it to write my paper just for brainstorming, outlining, and editing.” Yeah that’s most of what writing is.

A lot of academics, writers and various other anti-AI types believe that if you have an AI window open, any actions you take become irrevocably tainted, and at best the burden of proof is on you to show that your particular use of it didn’t violate their purity norms. If they find that your work is contaminated by this, they turn against you, and rule your work worthless.

As is often the case, Robin Hanson points out what people should care about, without realizing that people actually care about something else.

Robin Hanson: If you had a decent way to evaluate the quality of writing from reporters, employees, etc., you wouldn't care much about how much AI they used. So trying to improve quality by banning AI use is admitting to having pretty quality weak standards.

Alas, this is importantly not true for many AI haters. For them it is a Purity question.

Dean Ball speculates that this has a lot to do with the load-bearing notion among many on the left that ‘the tech industry’ can only accomplish superficial things and is always stealing from us, and then they find things like copyright to prove this, the same way Amazon’s crime was worker exploitation. As opposed, I’d note, to the right wing