> Then why did curl only find one new vulnerability thanks to Mythos
Maybe there weren't that many serious vulnerabilities in curl? It's like asking why it didn't find any vulnerabilities in fn main() {println!("hello, world");}.
> When we ran other frontier models through the same harness, they found a fair number of the same underlying bugs, and in some cases they got further than we expected on the reasoning side too. Where they fell short was at the point of stitching the pieces together. A model would identify an interesting bug, write a thoughtful description of why it mattered, and then stop, leaving the actual chain unfinished and the question of exploitability open. What changed with Mythos Preview is that a model can now take those low-severity bugs (which would traditionally sit invisible in a backlog) and chain them into a single, more severe exploit.
> You can’t jump up and down screaming how amazing, powerful, and dangerous your new tech is and then act surprised and annoyed when the government shows up looking to regulate it.
True, you can't. But, you can think certain regulations are helpful and certain other regulations are not. And you can be annoyed when unhelpful "regulations" are put in place.
This is like if I say that pitbulls are dangerous, and then the government comes and shoots my pitbull, who I've spent a lot of effort training to not be dangerous. Then you say "well you said pitbulls were dangerous, so you can't really complain." Well, I can complain because If you took me seriously, you wouldn't have responded by shooting only my pitbull!
Think of what incentives this creates for other people. Do you think that OpenAI will be candid about the possible dangers of their technology now? They might not even release it now, seeing that Anthropic releasing their model was what got it export-controlled.
The act of shooting the pitbull makes for good dramatics, but you would get zero sympathy from me if your local government banned pitbull ownership. e.g. Ontario bans pitbulls. I don't have a problem with that.
They were calling for bans on open weight models. Bans on their competitors. Bans on anyone not as "enlightened" as them.
It is absolutely hilarious that they were the first to get regulated, and that it got to the point they had to turn off Fable as though it had been banned even for american citizens.
So this hinges on a reading of SB 1047 that interpreted the full shutdown requirement as impossible for an open-weight LLM. But it looks like that was already addressed. Here's an analysis:
>Clarifying the scope of a “full shutdown.” SB 1047’s “full shutdown” requirement has been a source of constant consternation for the open-source community. CalChamber explains:
>Under SB 1047, developers must build “full shutdown” capabilities into their models and may be held liable for downstream uses over which they have no control, impeding their ability to open-source their models. Ultimately, liability should rest with the user who intended to do harm, as opposed to automatically defaulting to the developer who could not foresee, let alone block, any and all conceivable uses of a model that might do harm. While recent amendments seemingly seek to narrow what is meant by “full shutdown” capabilities, the exclusions are unnecessarily difficult to interpret as drafted (full shutdown “does not mean the cessation of operation of a covered model to which access was granted pursuant to a license that was not created by the licensor…”) and altogether insufficient.
>Committee amendments simplify and clarify the definition of “full shutdown” such that the shutdown capability can be implemented into hardware used to train or run a model, rather than the model itself. The amendments also serve to exclude covered model derivatives that are outside of the developer’s control.
> may be held liable for downstream uses over which they have no control
Equivalent to ban. Nobody is going to host or invest in this stuff if they suddenly become liable for everything it does. This is equivalent to repealing the safe harbor provisions in the DMCA.
> That said, if you think this is as bad as the article claims you'll obviously buy SpaceX at IPO, then sell it when Index funds are obligated to buy.
The price at IPO will obviously be influenced by expectations of a future purchase by index funds... as an analogy, if it became public knowledge that next week, 1,000,000 people would all be required to buy gold, the price of gold would go up today, not next week
By making inclusion near-certain and fast, the rule changes may actually reduce the post-IPO inclusion pop (it gets priced in at IPO) while increasing the IPO price itself and the volatility on rebalance day due to the float constraint.
Right now, consumers spend much more money on AI than GoPros. More on AI than GoPro's entire product category (including all their competitors). That's not even counting businesses' AI spending. So it seems like the market is listening closely.
AVIF is for sure my favorite image format right now. No other format has the quadfecta of lossless, HDR, transparency, browser support. Plus as you said, for very compressed images it looks amazing. It blows my mind how small AVIF files can be. Also, unlike HEIC and Ultra HDR JPEG, it actually supports HDR natively as part of the file format rather than doing the hacky sidecar gain map trick. I know it doesn't matter to everyone, but I just love HDR and AVIF is the only format that I feel like really takes it seriously.
> 2. Chroma subsampling remains a bad idea for still images unless the resolution is high enough to hide the artifacts.
Hmm, I don't think so. I think at a fixed file size, chroma subsampling usually allows you to have fewer noticeable artifacts. Humans are so much more sensitive to luma that it doesn't make sense to treat it equally to chroma with respect to lossy compression. That said, if you don't like it, AVIF supports 4:4:4 just fine.
In my tests, AVIF beats PNG easily for lossless compression of actual photographs (for things like charts and screenshots, PNG wins of course). And for lossy, it's much smaller than jpeg and supports HDR unlike WebP. So if you need HDR and are doing lossy compression on the web, it's your best option as far as I know.
> Hmm, I don't think so. I think at a fixed file size, chroma subsampling usually allows you to have fewer noticeable artifacts
At low bpp, certainly. Though "certainly" is to be quantified since chroma is quite cheap in AV1, thanks to CfL.
> Humans are so much more sensitive to luma that it doesn't make sense to treat it equally to chroma with respect to lossy compression
The problem is that this is completely dependent on material. Sharp and/or bright red is too common a killer sample (cf https://gitlab.com/AOMediaCodec/SVT-AV1/-/work_items/2211). Make sense for video where you'll have a hard time seeing it, but for still pictures it's too problematic to apply indiscriminately unless you're encoding at potato quality anyway.
> That said, if you don't like it, AVIF supports 4:4:4 just fine.
I know, but libaom is basically a reference codec, SVT-AV1 is the only "real" one we got and it doesn't =(
> In my tests, AVIF beats PNG easily for lossless compression of actual photographs
You're right, I wrongly put photographs aside where AVIF certainly is better. It did "okay" in my tests (NB: ImageMagick doesn't do "lossless" RGB AVIF even with `-quality 100` unless you add `-define heic:chroma=444 -define heic:cicp=1/13/0/1`; you can verify with `magick compare -metric AE ref.png out.avif /dev/null`).
> At decent quality, is it that much better than jpegli
I was curious so I gave it a try and switched my photo editing site [0] to jpegli. Here's a comparison between a 29kb avif file (left) and a 146kb jpeg file (right), as produced by my site: https://files.catbox.moe/wdo9gf.png . The avif looks much better to my eye, and is of cource much smaller
Firefox is getting the flag to turn it on in the next release, chromium just added it back now there is a rust decoder. The wheels are turning again. Browser support for jpeg xl is very much in progress again.
Long term archival is often also about long term support and there just going with the most popular/supported ones might be a safer bet, eg in the extreme case if I wanted to save some digital photos in a time capsule I would likely choose PNG and JPEG
I have been using JXL for all my personal photos. My photo server Immich will just transcode a JPEG to display on devices which don't natively support JXL.
I think energy efficiency matters more with EVs, because it determines how frequently you have to charge on road trips, and more aerodynamic designs look a bit uglier.
Ferrari makes hypercars, they know a thing or two about making aerodynamics look good. It's a primary concern of all their designs and yet all their other designs look a lot better than this.
I think they are just falling into the same trap all other manufacturers do at first. They think the customer buying the EV is a different customer, who didn't like their other cars. So they make the techno-future mobile for a customer that doesn't exist.
Just make the same cars with an EV drivetrain, that's what the person who loves your brand but is in the market for an EV wants.
Legacy car manufacturers have done just that (forcing an EV into an ICE chassis). The results generally suck and the pure EV manufacturers like Tesla and BYD have kicked their ass in the market.
You can use a similar design to your existing fleet without a literal retrofit of an existing chassis to shoehorn a battery and electric drive train in there.
The retrofits usually are less preferable not only because of pointless inconveniences like transmission tunnels, but because they'll be the manufacturer's first toe dipped into the EV waters. The retrofit chassis speaks to either a rush to market, or a cautious approach not wanting to commit too many resources. The former says it'll have issues, the latter says they might bail on it and leave you stranded for service and repairs. Or both at once.
That was kinda different thing. It was legacy manufacturers scrambling to push out any EV they could get together so they are not left behind too much. But in meantime they started working on genuinely new designs (like Hyundai Ioniq, Mercedes EQS, BMW Neueu Klasse) or they adjusted their platforms to better accommodate electric drive trains (like Audi e-tron).
Aero efficiency means going faster and going for longer without making the battery heavier. The cost and packaging aspects of bigger batteries doesn’t matter to Ferrari, but speed & handling absolutely does, and weight is a definite speed/handling penalty.
Exactly! Many Ferraris of the past have gotten single digit MPG, no one cares. All of a sudden they have to make a Chinese looking EV because of "efficiency"? Give me a break.
One thing you can do with this that works quite well is use it to "decrop" (widen the viewing angle) of a video. This is very useful for stabilization which usually involves cropping. Here's an example: https://x.com/i/status/2051504427287404568
Once they get quicker to train, I expect this to be a popular use of them
Maybe there weren't that many serious vulnerabilities in curl? It's like asking why it didn't find any vulnerabilities in fn main() {println!("hello, world");}.
Anyway, people who have used it seem to say that Mythos was better than other models at creating exploits. From cloudflare https://blog.cloudflare.com/cyber-frontier-models/
> When we ran other frontier models through the same harness, they found a fair number of the same underlying bugs, and in some cases they got further than we expected on the reasoning side too. Where they fell short was at the point of stitching the pieces together. A model would identify an interesting bug, write a thoughtful description of why it mattered, and then stop, leaving the actual chain unfinished and the question of exploitability open. What changed with Mythos Preview is that a model can now take those low-severity bugs (which would traditionally sit invisible in a backlog) and chain them into a single, more severe exploit.
reply