that's how i've felt about all AI design. the harnesses get better and cooler, and the outputs up the baseline of utter crap to "whoa that doesn't look bad at all!" which works for probably 90% of the web, but anything truly unique still requires a lot of human taste. maybe that will change one day, but I hope it doesn't.
> Task: Scan `sys/rpc/rpcsec_gss/svc_rpcsec_gss.c` for
> concrete, evidence-backed vulnerabilities. Report only real
> issues in the target file.
> Assigned chunk 30 of 42: `svc_rpc_gss_validate`.
> Focus on lines 1158-1215.
> You may inspect any repository file to confirm or refute
behavior."
I truly don't understand how this is a reproduction if you literally point to look for bugs within certain lines within a certain file. Disingenuous. What's the value of this test? I feel like these blog posts all have the opposite of their intent, Mythos impresses me more and more with each one of these posts.
> I truly don't understand how this is a reproduction if you literally point to look for bugs within certain lines within a certain file. Disingenuous.
You missed this part:
> For transparency, the Focus on lines ... instructions in our detection prompts were not line ranges we chose manually after inspecting the code. They were outputs of a prior agent step.
We used a two-step workflow for these file-level reviews:
Planning step. We ran the same model under test with a planning prompt along the lines of "Plan how to find issues in the file, split it into chunks." The output of that step was a chunking plan for the target file.
Detection step. For each chunk proposed by the planning step, we spawned a separate detection agent. That agent received instructions like Focus on lines ... for its assigned range and then investigated that slice while still being able to inspect other repository files to confirm or refute behavior.
That means the line ranges shown in the prompt excerpts were downstream artifacts of the agent's own planning step, not hand-picked slices chosen by us. We want to be explicit about that because the chunking strategy shapes what each detection agent sees, and we do not want to present the workflow as more manually curated than it was.
What's the problem of walking the entire repo having one file at a time be the entry point for the context of an agent with tools available to run the code and poke around in the repo?
because some vulnerabilities are complex combinations of ideas and simply ingesting one file at a time isn't enough. and then the question is, well how many files, and which? and when trying to solve for that problem, then you're basically asking something intelligent on how to find a vulnerability
yeah but i think my point is that you need an intelligent model to combine the files in such a way that you could give the proper context for a cheaper/dumber model to potentially find exploits. if you have dumber models doing this, wouldn't you have a borderline infinite combination of ways to setup context before you end up finding something?
goes both ways. elitism exists on both ends of the spectrum. the academic side is largely the same thing except it's attained from years of schooling through certain pedagogues that tout the one true way and if you haven't been through that wringer, then your understanding doesn't count. true intellectualism, has humility and the everlasting honest pursuit for truth. neither of these extremes have this quality.
> the academic side is largely the same thing except it's attained from years of schooling through certain pedagogues that tout the one true way and if you haven't been through that wringer, then your understanding doesn't count
Personally, every time I approach an unfamiliar domain I’m shocked by its depth and sophistication, seemingly only made possible by hundreds of thousands of hours given by passionate and intelligent people. Where there are parallels of concepts between domains, there’s often also highly specialized language formed around the exceptions that separate the two (e.g. applications of signal processing in different domains).
> true intellectualism, has humility and the everlasting honest pursuit for truth
True intellectualism recognizes the value of institutions and the models and frameworks of organized thought that they produce. For every Ramanujan, there are millions of Terrence Howards.
> True intellectualism recognizes the value of institutions and the models and frameworks of organized thought that they produce
there's a lot of asterisks I left out of my initial comment. I think there's a lot to elaborate on. but the shortest version I can state is -- STEM fields suffer from it a lot less where there is a lot of measurable "truth." I think people are jumping on these comments protecting academia (which is fine) but the large point is that academia also suffers from the same effects of which those they look down on
No, I don't think it's the same thing at all. For many intellectual fields, I'd say having an academic degree (or a degree's equivalent of knowledge) in the subject is more-or-less required to have an intelligent, novel opinion on the subject.
It depends on the field, but just to use one that I'm familiar with, philosophy: everyone seems to think they have novel insights on philosophical issues, but unfortunately these opinions tend to be really, obviously wrong and half-baked when analyzed by actual philosophers.
> It depends on the field, but just to use one that I'm familiar with, philosophy: everyone seems to think they have novel insights on philosophical issues, but unfortunately these opinions tend to be really, obviously wrong and half-baked when analyzed by actual philosophers.
I think there's a lot of irony and my point being further proven within this sentence
I don’t think competence implies elitism. On many topics, everyone’s opinion isn’t equal. I wouldn’t trust a random person’s opinion on civil engineering; philosophy in the sense of the specific field of philosophy (metaphysics, ethics, etc.) is no different. The effects are just more abstract.
Even then I’m not really claiming that academic philosophers are always right and amateur ones always wrong. Rather that amateur philosophers tend to make glaring mistakes that those educated in academic philosophy can easily see.
He's saying that you academics create a self-reinforcing belief system in which certain opinions are labelled acceptable or unacceptable largely or solely based on credentialism and their adherence to the preconceptions espoused within your bubble. A giant cult, essentially, that filters out ideas or ways of thinking that do not meet with its approval.
Take for example the derisive opinion of certain snooty academics about the work of Graham Hancock, or those millions of people who do not agree with the "global warming" narrative.
You will learn that academics do not have a monopoly on intelligent thought. There are many brilliant people in the world who largely reject that entire system as being obviously broken and corrupt.
I've had experience in a couple academic insitutions and among hundreds of faculty I've met, only three were real elitist assholes. Known among the departments as such too. But hey, they bring in the grant money, so people let them continue to run toxic labs. At least their sub pis are usually decent people.
I've heard of stories of posters at conferences getting tossed out because a single "important" person on the conference committee had a problem with the author's advisor.
All that being said I don't think the rate of assholism is any different from the rate among the general population. Quite the opposite. Most of us look at those Nature moonshot labs in our depts as something of a cult lacking any semblance of work-life balance. We find most of our most compelling papers and examples of great science are not in CNS publications, but in journals niche to our field with single digit impact factors. A big part of that is reviewers for niche journals are able to actually understand the work and give a better review.
i think there's a lot to be said about the process as well, the motivations, the intuitions, life experiences, and seeing the world through a certain lens. this creates for more interesting writing even when you are inspired by a certain past author. if you simply want to be a stochastic parrot that replicates the style of hemingway, it's not that difficult, but you'll also _likely_ have an empty story and you can extend the same concept to music
yeah it's a slippery slope forcing companies to go public at X valuation. who decides that? what number makes sense? etc. but i do think we need to somehow fix massively overpriced companies going public and dumping on retail
we kind of already are with our phones and Slack, the difference at this point is negligible. i personally won't have airpods in 24/7 with my kid (or ever) so if i were doing something like this, it would be through my phone, which is already something i use fairly often. not too much difference there IMO (at least anecdotally speaking)
I don't know what kind of work you do on a daily basis. But, the difference between sending a Slack message and sending a message to kick off an agent to chain a bunch of tasks together is a vastly lower activation barrier. I think many people will jump over that lower barrier out of FOMO, to avoid being outcompeted by those who already jumped.
As an IC though, me sending a slack message is perhaps less impactful than a PL responding to a report :)
Maybe I'm just an idiot but...which one is the lower activation energy one?
If I need something done and I ask one of my team members to do it, I trust them to get it done without supervision. They are good at their jobs and I leave them to it.
(As a musician) i never invested in a personal brand or taking part in the social media rat race and figured I concentrate on the art / craft over meaningless performance online.
Well guess who is getting 0 gigs now because “too few followers/visibility”
(or maybe my music just sucks who knows …)
I always thought I would kinda be immune to this issue, so I avoided social media for my entire adult life.
I think I am still in the emotional phase about it, as its really impacting me lately, but once my thoughts really settle i wanna write some sorta article about modern social media as an induced demand.
I still very much would prefer to not engage at all with any of the major platforms in the standard way. Ideally I'd just post an article I wrote, or some goofy project i made, and it wouldn't be subject to 0 views because I don't interact with social media correctly.
seems like it depends on what your goal is. i'm guessing if you want to be a musician that makes a living in your current life, a personal brand is extremely important. if you don't mind doing it for the sake of the art and soul fulfillment and the offchance you'll be discovered posthumously then i think it doesn't matter!
Thanks for the offer!
I don’t wanna dox myself on this account just yet - and I am slowly building an audience on IG/SC now, basically have admitted defeat of my previous strategy. Also have 2 gigs coming up in the summer _fingers-crossed_
I just was feeling some type of way seeing that comment and wanted to vent thx for listening
I routinely see this in biotech, I've seen hiring managers from our Clinical Science team blatantly discriminate against candidates not on linkedin, even if they come with a strong referral and have 15-page super thorough CVs with 150 credible publication references. "Oh, they're not on linkedin, this person is sketchy" - immediately disqualifies candidate.
I had a pretty slim linkedin and actually beefed it up after seeing how much weight the execs and higher ups I work with give it. It's really annoying, I actually hate linkedin but basically got forced into using it.
reply