If AI can do mass exploitation then it can also do mass patching. Some malware in the past has been used to mass patch machines.
Get to it. Give the teams doing this presidential pardons and full immunity. Apply patches and mitigations on all the things. Impress us all. One big downtime, get 'er done.
I don't even believe that AI is real. To me it's just a predictive chat bot using LLM with big-data shoved up it's back-side. As for trust, I do not trust anyone or anything but if our choices are mass exploitation and mass patching, I will take the latter if people are not patching their own stuff especially if AI can gain access to it already. If AI can get to it so can spooks right now. There is a lot of hardware with state operated unofficial remote access and some of their companies are listed in In-Q-Tel's website.
If there is a third option where companies drop everything, all hands on deck to patch all the things I would take that but it's just never been a priority. That's why I was always a big fan of ransomware separating customer data away from companies that should not have had it in the first place.
Suddenly when we invest 100m into cyber security (project glasswire) and 100b in training toppling governments is months away, but if you were to train and hire a team of people for the same amount of money it's nothing new.
There might be a bigger reason why five eyes is doing this, but even with all the knowledge I have of the (publically known) capabilities of five eyes I really don't see why this statement exists. Either we're on the verge of real, efficient computer intelligence or this is just fearmongering that has been elevated from mouth to mouth making it sound way more severe than it actually is.
State sponsored actors have already had the capability of mythos, the only thing mythos allows is reducing the amount of precursor knowledge needed in order to perform explotation.
I've been slowly working on "mythos at home" article with solid proof of replicating many of the (claimed) capabilties that mythos has with opensource models and GLM-5.2 has been pretty instrumental in advancing it forward.
I strongly believe there is either something extremely serious being hidden from the public (nothing new, five eyes operates in secrecy) or this is overblown fearmongering being brought up to the upper decision center that are afraid that non state sponsored entities now have the capability to achieve what was previously only possible when you're backed by a state.
On the bright side, glm-5.2 is pretty good at autonomously optimizing software so at least we're not going to be locked out of the frontier for long.
--
Side note: The amount of vulerabilities found in blockchains around gpt and opus 4.7 release does show that it is a real problem and I am not denying that. There have been several government agencies that have suffered from data leaks last few months as well as general more public CVE's such as copyfail. But I still believe if the same kind of money was invested into people we'd have similar if not better results.
Hmm. The article seems to be about AIs enabling cyberattacks.
How bad would a cyberattack have to be to topple a government? I guess I could see a parliamentary government losing public confidence if it failed to prevent a severe enough attack. I'm not sure I see it for something like the US, where elections are fixed. It might swing the next election, but that's not the same as "toppling a government", is it?
Aren't there plenty of countries which aren't exactly super-stable anyway? Might not take much to have select countries pushed over the edge. Especially if you have territorial disputes with neighboring countries looking to take advantage. For the U.S., what if Social Security payments suddenly stopped for 6 months? What if the U.S. lost records of Treasury Bills, and they couldn't be redeemed for a while? What if electricity went out for 30% of the population for three months? I would think it pretty cold comfort that the government didn't topple, because the next election results were a mix of democrats and republicans.
misinformation (already exists)
personalized attacks to influence voting behavior (already exists)
attacks of the financial system (the big one here)
Basically more of the same, but at much larger scale. The only way I could see five eyes react to this is if it turns out that our financial system is compromised.
Get to it. Give the teams doing this presidential pardons and full immunity. Apply patches and mitigations on all the things. Impress us all. One big downtime, get 'er done.