Graphene VS Mythos

xyzalphabeta

Just wondering about @GrapheneOS thoughts on current developments around Mythos and Project Glasswing etc.

DeletedUser733

https://fortune.com/2026/03/26/anthropic-says-testing-mythos-powerful-new-ai-model-after-data-leak-reveals-its-existence-step-change-in-capabilities/
"Descriptions of the model were inadvertently stored in a publicly accessible data cache and were reviewed by Fortune."

If its all to be believed then GrapheneOS is in the same boat as everyone else.

An AI model that smashes the current security capabilities and then its leaked not once but twice, it just sounds a bit too Hollywood film script, who knows?

xyzalphabeta

DeletedUser733 we are cooked anyways

legreteco

I think we will benefit from Project Glasswing, because Google and the Linux Foundation are partnered with Anthropic to use Mythos: https://www.anthropic.com/project/glasswing

I am just guessing, but I think that security enhancements will eventually trickle down to GrapheneOS as well. Just make sure you're receiving the security preview releases.
Google -> Android -> GrapheneOS
The Linux Foundation -> Linux kernel

cupcake-alibi

My take is that low level security improvements like GrapheneOS's exploit protections will be crucial when defending against these (un)known vulnerabilities. A smaller attack surface has less exploitable vulnerabilites, known or unknown.

It's the larger, worldwide infrastructure that will be hacked and exploited and cause actual societal problems. The software industry should adopt an actual security focused mindset, as mentioned in this blog post: https://kerkour.com/rust-supply-chain-nightmare

One thing that strikes me is the difference of mindset between the aeronautic world and the software industry. Incidents and accidents are taken very seriously in the aeronautic world and everything is an opportunity to learn from mistakes (especially others' mistakes) to avoid the loss of life or expensive aircraft. They have mastered the art of continuous learning and improvement. On the other hand, it seems that incidents like the supply chain attacks mentioned above are taken very lightly in the software industry, with very small improvements over the years that usually don't address the root causes of the problems. I think that tech people could learn a lot from the aeronautic industry