This weekly roundup thread is intended for all culture war posts. 'Culture war' is vaguely defined, but it basically means controversial issues that fall along set tribal lines. Arguments over culture war issues generate a lot of heat and little light, and few deeply entrenched people ever change their minds. This thread is for voicing opinions and analyzing the state of the discussion while trying to optimize for light over heat.
Optimistically, we think that engaging with people you disagree with is worth your time, and so is being nice! Pessimistically, there are many dynamics that can lead discussions on Culture War topics to become unproductive. There's a human tendency to divide along tribal lines, praising your ingroup and vilifying your outgroup - and if you think you find it easy to criticize your ingroup, then it may be that your outgroup is not who you think it is. Extremists with opposing positions can feed off each other, highlighting each other's worst points to justify their own angry rhetoric, which becomes in turn a new example of bad behavior for the other side to highlight.
We would like to avoid these negative dynamics. Accordingly, we ask that you do not use this thread for waging the Culture War. Examples of waging the Culture War:
-
Shaming.
-
Attempting to 'build consensus' or enforce ideological conformity.
-
Making sweeping generalizations to vilify a group you dislike.
-
Recruiting for a cause.
-
Posting links that could be summarized as 'Boo outgroup!' Basically, if your content is 'Can you believe what Those People did this week?' then you should either refrain from posting, or do some very patient work to contextualize and/or steel-man the relevant viewpoint.
In general, you should argue to understand, not to win. This thread is not territory to be claimed by one group or another; indeed, the aim is to have many different viewpoints represented here. Thus, we also ask that you follow some guidelines:
-
Speak plainly. Avoid sarcasm and mockery. When disagreeing with someone, state your objections explicitly.
-
Be as precise and charitable as you can. Don't paraphrase unflatteringly.
-
Don't imply that someone said something they did not say, even if you think it follows from what they said.
-
Write like everyone is reading and you want them to be included in the discussion.
On an ad hoc basis, the mods will try to compile a list of the best posts/comments from the previous week, posted in Quality Contribution threads and archived at /r/TheThread. You may nominate a comment for this list by clicking on 'report' at the bottom of the post and typing 'Actually a quality contribution' as the report reason.
Jump in the discussion.
No email address required.
Notes -
AI bros still in shambles, news at 7.
A few weeks ago, Anthropic made a post about their new model, Mythos. As has been done by other members of the AI industry as far back as the release of GPT 2, the creators of it said it was too dangerous to release. The headline feature of Mythos, at least as described by Anthropic, was not code generation. Instead, they specifically hyped it as the most amazing thing ever for finding security vulnerabilities in code.
Several people, including here on this forum, shared the hype. As usual, I remained unconvinced. I've mentioned elsewhere that I don't think AIs are inherently incapable of finding security vulnerabilities in code, my main skepticism is that they will generate lots of false positives in the process that will make them a lot less useful than the companies selling them have advertised. And more importantly, I think they are currently incapable of designing and maintaining any significant projects that go beyond a basic bitch CRUD application or things of that sort. I'm also skeptical that there is all that much room for growth or improvement beyond their current capabilities, for a number of reasons that I won't get into right now.
But enough about my opinions, I'm just a retarded code monkey doing API integrations for boring tax software. Enter Daniel Stenberg, the creator and maintainer of curl. For those who don't know, if you have a program or library that makes HTTP requests, there is an extremely high likelihood that it is using curl under the hood. It's basically one of the foundational pieces of modern digital infrastructure, a "project some random person in Nebraska has been thanklessly maintaining since 2003", as XKCD might put it: https://xkcd.com/2347/
Stenberg/curl was one of the projects that was offered early access to Mythos. However despite being promised access initially, it took several weeks to get it. And even then he suddenly was no longer being offered direct access, but was offered to have someone else run Mythos against his codebase for him and to then share the results with him. This is a big red flag for me, because if Mythos does actually generate a lot of noise/false positives, it would make sense that Anthropic would want to hide that by running it themselves as many times as they could until it actually generated some real, actionable results.
In any case, the results that Stenberg got back were underwhelming. Mythos claimed to have identified 5 vulnerabilities. After investigating all of them, Stenberg and his team determined that only one of those was a vulnerability, and a low severity one at that. In Stenberg's own words: "curl is certainly getting better thanks to this report, but counted by the volume of issues found, all the previous AI tools we have used have resulted in larger bugfix amounts."
Most damning from Stenberg is this: "My personal conclusion can however not end up with anything else than that the big hype around this model so far was primarily marketing. I see no evidence that this setup finds issues to any particular higher or more advanced degree than the other tools have done before Mythos. Maybe this model is a little bit better, but even if it is, it is not better to a degree that seems to make a significant dent in code analyzing."
So I'm asking @self_made_human and others who seem more on-board with the AI hype train: does this report from a knowledgeable and experienced developer change your opinions on the future trajectory of AI at all?
Full article by Stenberg can be found here:
https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/
Choo choo!
So it only found 1 minor vulnerability in curl that hasn't been fixed before (including by these high level human programmers)... but it did find a bunch of other vulnerabilities in other software? It is indeed still markedly stronger than its predecessors?
So the future trajectory is just the same as the current trajectory, the lines on the chart go up and everything the lines correspond to in the real world also goes up, albeit in a messier way.
If you're an AI skeptic, then I recommend to simply short Nvidia, Coreweave, cloud providers, HBM manufacturers like Micron... What does it matter how random people on the internet think, compared to making money? I put my money where my mouth is and bought AI stocks and made lots of money. Let money flow to those who are right. If you think you know better than Google, Amazon, Microsoft, Facebook and everyone else pouring money into AI hand over fist, then don't just say so, position yourself to exploit your superior insights.
Thinking that a loss-leading strategy is not going to pay off for the current AI ecosystem and AI skepticism are not the same thing, is it? You can think that the AI is very impressive and also that there's no way that Anthropic will ever climb out of its hole, or alternatively you can be the fiercest AI skeptic in the world and think that everyone will pay billions for a glorified chatbot.
That's what he thinks. Surely he should just put his money where his mouth is? If Anthropic AIs cannot design or maintain any significant projects beyond a CRUD application and this isn't going to significantly change then presumably Anthropic is not worth near a trillion dollars and so the biggest industrial buildout in human history is a waste of money.
The premise that they're incapable of doing anything beyond CRUD and yet also they're completing long expert-level cyber infiltration exercises is bizarre and incoherent to me... but that's what he thinks.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link