Dr. Suelet Dreyfus

We're only going to have it restricted to these 12 partner organizations for defensive security work.

And that indicates pretty strongly, I mean, this is a company that has been funded billions of dollars by investors, that they think this is such a

enormous risk that they won't actually release it beyond the 12 partner organizations.

I think, in fact, people are saying, oh, but is that hyped up?

If anything, I actually think it's hyped down.

I think it's potentially more serious than we're seeing.

Now, Anthropic is saying, okay, look, we're framing this, this model.

Ultimately, it's going to be good for defenders of cybersecurity, of our privacy and our security.

but only after we do this transitional period.

Maybe, but the thing about a transitional period is that assumes that we'll eventually find all of the security flaws that are hidden in all of the technology we use in a relatively short period of time.

But searching for security flaws has been going on for 50 years, and they still keep coming up.

It's not as though you're done.

It's like delivering the mail, right?

The mailman doesn't wake up one day and go, oh, I'm done.

The post doesn't need to be delivered anymore.

This is an ongoing process, which means that if their tool does go out there in a commercial thing, it will be able to access these ongoing flaws and weaponize them.

So I don't know what this looks like in the future, but I can't really see immediately how they could defend against that if they released it, because it's adaptive.

I mean, there's two sort of scenarios that immediately come to mind.

One is that the LLM decides to escape from its prison or its sandbox itself.

And that's, in fact, something that a number of people who are involved in testing systems, so the red team or the penetration tests, you know, if you're a bank, you might hire someone to test or try and break in and tell us where our flaws are and we'll fix them, right?