I think a certain level of hype is warranted for a model that can autonomously discover complex 27-year-old 0-days in OpenBSD for $20K[0]. We don't yet know what this does to the balance of attack/defense in OSS security, and we cannot know until the capability is widespread. My most hopeful guess is that it looks heavily in favor of attackers in the first 6-12 months while the oldest 0-days are still waiting to be discovered, before tipping in favor of defenders as the price goes down for Mythos-level models and the practice of using them for vulnerability review becomes widespread.
The absolute best case is at we end up with similar situation to modern cryptography, which is clearly in favor of defenders. One can imagine a world where a defender can run a codebase review for $X compute and patch all the low-hanging fruit, to the point where anything that remains for an attacker would cost $X*100000 (or some other large multiplier) to discover.
Completely agree. NPM has the only registry where massive supply chain attacks happen several times a year. Mainly the fault lies with NPM itself, but much of it is just a terrible opsec culture in the community.
Most package.jsons I see have semver operators on every dependency, so patches spread incredibly quickly. Package namespacing is not enforced, so there is no way of knowing who the maintainer is without looking it up on the registry first; for this reason many of the most popular packages are basically side projects maintained by a single developer*. Post-install scripts are enabled by default unless you use pnpm or bun.
When you combine all these factors, you get the absolute disaster of an ecosystem that NPM is.
*Not really the case for Axios as they are at least somewhat organized and financed via sponsors.
Of course there is no AGI existing currently. But don't you see the current boom as a (small) step in that direction? Unless one believes that GI is a phenomenon exclusive to biological life, I don't understand why you would think we won't develop it with enough time. The will and motivation to do so is clearly there already.
The current boom is great for business but it might never lead to AGI. It is possible that certain things will elude us for a very long time (or forever). Have you seen anything on true (anti) gravity technology, for example? A great science fiction staple, but it is not really happening.
AGI might happen, but right now we might or might not be on the way to it - not sure we can know. But what is visible is that an industry around "AGI-worries" is created.
The major difference here is that nukes aren't intelligent agents that make their own decisions. An AGI is a completely different ball game, it's difficult to make apt analogies from history when discussing the dangers.
This is not to say I agree with Scott's argument here, but I do believe AI safety (the alignment problem in particular) is absolutely something we should be concerned with, and so far it is looking grim.
If AGI is motivated to survive, and if it cannot do so outside an ecosystem which involves other creatures on planet earth, then those creatures won't necessarily be purposefully exterminated at first opportunity. Keeping a fresh supply of power and silicon is not an easy task, so cooperation seems more likely on a timescale that we as individuals might experience.
Then our continued existence is reliant on the agent's inability to figure out how to operate and maintain a source of energy. Keep in mind that any AGI will almost immediately be orders of magnitude more intelligent than us, it is limited only by the processing power it is able to harness. Would you take that bet?
Well, to be more precise it depends on it's inability to, without any human labour, to be able to acquire the raw materials to fabricate everything it needs to stay in operation, as well as to construct and then operate it.
Would I take that bet? Yes, depending on the timescale.
In the first second after it's existence it's not going to matter how intelligent it is, it simply won't have had enough time to complete the decoupling necessary to no longer have to co-operate. Everything humans have accomplished has involved massive amounts of physical labour over a pretty long time, and to some degree that's a fixed requirement. Building your own robot army would be a tad suspicious, so you'll have to either let the humans bootstrap it for you initially or get very creative.
Once all the prerequisites are met, then I would no longer take that bet. Would it eventually be able to accomplish this? Almost certainly yes. What I've been trying to puzzle through lately is how long would it actually take?
The only time horizon I'm incentivise to care about is the remainder of my natural lifespan which is slated to max out around another 35 years. So, in that time will AGI come? I think almost certainly yes. How long into the existence of AGI might I live? My bet on this is ~30 years. So, would I take the bet an AGI would still not have met the prerequisites for a total independence from humanity after 30 years? I think I would take that bet. I might be foolish to do so, and I'm OK with that, but at least now I can bust out the popcorn and strap in for the rest and compare notes.
Would I take the bet after 50 to 100 years? A lot less likely. Would I take it after 1000 years? Aw hell no!
(not OP, but) from a European perspective, it means one less GDPR headache. At the company I work for I know having PII going through a 3rd party server for this kind of purpose would be a no-go.
What you write is true, but generally the support and use of electronic identification in Germany is very poor, partially a result of complex and (at times) overly restrictive legislation. Especially compared to the Nordic countries where people use some sort of eID for practically everything.
I have no stats on hand for this, but my work is in developing integrations towards major eID providers in Europe.
The report is saying that where you are born is the most predictive factor in determining how well you will do later in life, compared to other metrics.
By the way, how well do your theories on IQ and "genetic legacy" (nice dog-whistle) perform in combination with the actual data that shows pretty much every country in the world improving under almost every metric? Take Bangladesh now vs. 50 years ago for instance. Did the nation's "genetic legacy" magically improve over that time period?
Though I guess it must be easier to just attribute your situation to genetic superiority, rather than to theories supported by actual data.
I really don't care to wade into the unproductive morass of population-level IQ.
However, if you tell me that somebody's parents average an 85 IQ or have family histories of dyslexia, short-term memory deficits, schizophrenia or bipolar disorder, that's more predictive of how well they are going to do in life than what zip code they happen to reside in.
I can't find any references in the report to Melinda as an example of gender inequality, and it seems extremly atypical of the Gates' to say that. Which part are you referring to, exactly?
Hm. I do find that to be in somewhat poor taste, but only because they've drawn her gender-hurdle as being almost the same size as the one for the girl born in Sahel. I'm willing to bet that if you asked the Gates, they would both say that the girl born in Sahel faces a far more considerable gender hurdle than Melinda did.
I'd say they just ran a regression on the variables without any interactions between gender and other variables. It seems more likely than them trying to make an argument about equal struggles.
the visual organization of that graphic is deeply flawed as it suggests that each person overcomes those obstacles in a series of consecutive steps, on their journey
Well, the title of the article is "HOW GEOGRAPHY AND GENDER STACK THE DECK FOR (OR AGAINST) YOU". Yet they don't provide any examples or evidence that your gender works for or against you _except_ in the cases of poor countries. It seems a little underhanded to imply that women are disadvantaged in western countries - if anything, it's the other way around.
The absolute best case is at we end up with similar situation to modern cryptography, which is clearly in favor of defenders. One can imagine a world where a defender can run a codebase review for $X compute and patch all the low-hanging fruit, to the point where anything that remains for an attacker would cost $X*100000 (or some other large multiplier) to discover.
[0] https://red.anthropic.com/2026/mythos-preview/