Cybersecurity Braces for AI ‘Bugmaggedon’

“So OpenBSD is an operating system... it's been around for a long time. It's kind of on the front of the Internet for many corporations. It's used in firewalls. So it's facing the hackers all the time. A guy named Niels Provos had written some code in 1998 and he made a mistake. Nobody noticed that mistake for over 27 years until Mythos took a shot at it.”

“Twenty-five years ago, there were a million bugs being found in the Windows operating system, and for that to happen, people had to really dig into the ins and outs of how the Internet interacted with Windows. But it required hours and hours of work for humans to achieve the level of mastery required to even be playing in the bug hunting game. AI changes all that, right? Like, AI can just look at all these bugs and kind of get to that level of mastery very quickly.”

“Eight years ago, the average time between a bug being found and a hacker using that bug in a cyber attack was 847 days. Now it's like within a day. It's not rocket science, but it takes time for a human to do it. You have to have a certain level of expertise. AI has absorbed all of that.”

“Anthropic was talking about it as very dangerous, you know, like we're not sure what to do with this, like who should get it? They picked about 50 corporations and organizations and said, take a look at this, see what you can do with it. The idea is that access to mythos could give those companies a head start against bugmageddon, allowing them to find the holes in their systems and patch them before hackers get their hands on mythos.”

“However you slice it, it's the Y2K problem for AI. In cybersecurity, we always talk about the awful things, the ransomware outbreaks and hacks and things like that. But occasionally, we do something right collectively. And Y2K was an example of when the world knew about a problem and worked really hard to fix it.”