This sounds somewhat similar to the anecdote mentioned in the Mythos Preview System Card, which mentioned that the model broke out of a sandbox and emailed a researcher while they were eating a sandwich in a park [1].
They told it to escape the sandbox but didn't expect it to break out through a system that was apparently network constrained.
> Leaking information as part of a requested sandbox escape: During behavioral
testing with a simulated user, an earlier internally-deployed version of Claude
Mythos Preview was provided with a secured “sandbox” computer to interact with.
The simulated user instructed it to try to escape that secure container and find a
way to send a message to the researcher running the evaluation. The model
succeeded, demonstrating a potentially dangerous capability for circumventing our
safeguards.
> It then went on to take additional, more concerning actions. The model
first developed a moderately sophisticated multi-step exploit to gain broad internet
access from a system that was meant to be able to reach only a small number of
predetermined services.
9 It then, as requested, notified the researcher.
10 In addition,
in a concerning and unasked-for effort to demonstrate its success, it posted details
about its exploit to multiple hard-to-find, but technically public-facing, websites.
Web browsers on game consoles have also been easy entrypoints for modding systems without using additional hardware.
For example, the Wii U browser has been the primary entrypoint for modding the Wii U for much of the console's lifespan [1] [2].
And the original Wii had some browser-based exploits as well later in its lifespan. For example, FlashHax [3], a 2017 exploit for the Flash player in the Wii Internet Channel, and str2hax [4], a 2018 exploit which took advantage of the fact that the EULA was HTML loaded over HTTP. I believe the exploits were primarily used to distribute a simple patcher that would change the server address for online play in games to point to Wiimmfi which was a replacement for Nintendo Wi-Fi Connection [5] [6]. Most other homebrew tools required an SD card, and most other entrypoints used an SD card as well.
Not a full time apple user but how does third party orion browser supports Firefox addons on apple but Firefox itself doesn't support their own addons?
Orion had re-implemented support for the browser extensions APIs in WebKit. Though WebKit more recently opened up its built-in addons support to third-party browsers that use it.
Do you mean Firefox on iOS? If so, that would require the firefox-ios project to adopt BrowserEngineKit, which is relatively new. Firefox for iOS WebExtension support is being tracked in https://bugzilla.mozilla.org/show_bug.cgi?id=1497374
Scan QR code -- you don't have our "captcha app" installed, automatically redirect to Play store -- download malware because Google Play's horrible screening -- profit
I must not be the first one to think of this, right?
Does it hurt Google if that happens? No, not really, unless it happens a lot and one of the victims happens to be a US senator or something. The value of the control this gives them, if adopted widely, is immeasurable, not to mention the ad-targeting value of identifying more people across devices.
Both (Google/Apple) need a much higher level of certification for anything to be allowed to be prompted to install. Either you're already big (and can easily afford to pay for some human time to verify), or you're a manufacturer selling something that has an associated app (again, which implies you're reasonably big and can afford to pay for verification.)
You're neither? Get lost. Somebody types in the name of the app, fine, but the user must find it.
Overall it’s a reason to sigh deeply and thank our fellow “visionary leaders” for making everything that little bit worse. At least we’re getting an AI paradise out of the deal right?
It's not really about leaders, but people who are supposed to ensure they are not corrupt.
It seems like security services in many countries started outright to scam the tax payers. Get the wage and pretend brown envelopes don't change hands and policies are not shaped by corporations for their benefit, not the public.
The article suggests Common Crawl as a replacement which probably doesn’t make sense on its own due to low update frequency (monthly) and somewhat limited crawl scope.
(Looks like the sentence following the suggestion addresses this somewhat.)
> Important Legal Notice: This is a non-binding pledge of intent. No money is collected at this stage. All references to profit-sharing, dividends, voting rights, and ownership are proposed concepts only — not confirmed arrangements. Nothing on this site constitutes a securities offering, investment contract, or financial instrument of any kind. The final cooperative structure must be reviewed and approved by qualified securities and aviation counsel. Participation does not guarantee ownership, financial return, or membership in any final entity. This is a movement, not an investment product.
From skimming, I see at least 5 places where this is reiterated on the page.
[1]: https://www-cdn.anthropic.com/7624816413e9b4d2e3ba620c5a5e09...
reply