At least at this point most people using them are using them running on western infrastructure. A backdoored llm would be an interesting thing to see. Like every time it realizes it was running in claude code it installed a backdoor or something. For now seems to be theoretical.
This report is far more positive with a far lower false positive rate than I was expecting based on reports from the curl team and a few others. I guess I have just been hearing about the ten percent misses. Can anyone not employed by Anthropic who has used it vouch that it is equal to general human testers and do you need xbow to make it that way.
The only way I see this actually working given the resource requirement is delta-v style with in orbit resource extraction using robots. By transferring heat to asteroids in the shade of the solar panels at L1 or something.
"That's the crazy thing most of the security that active directory uses was built in the 90s or early 00s with windows nt. The have only really been patching it since, security is a great place to see really retro stuff
As a pentester kerberosting used to reveal a service password on about 50% of networks on the 2010s when admins were making the passwords. Today our advice to clients on kerberosting is the same as it was back then, use a password manager to generate a 21 character password for all service accounts and disabled RC4 where possible. 52^21 is quite a large key space and even at 10^10 guesses per second over a year your chances are less than 1 in a billion of a successful crack.
I think they are trying to communicate that their benchmarks will go down as they try to tackle hallucinations. Honestly I am surprised they didn't just say we think all benchmarks need a incorrect vs abstinence ratio so our cautious honest model can do well on that. Although they did seem to hint that's what they want.