The World’s Most Secret AI Model Leaked to Discord. Here’s What That Actually Means. cover art

The World’s Most Secret AI Model Leaked to Discord. Here’s What That Actually Means.

The World’s Most Secret AI Model Leaked to Discord. Here’s What That Actually Means.

Listen for free

View show details

Summary

 Every week, John Sherman, Michael (Lethal Intelligence), and Liron Shapira (Doom Debates) sit down to cut through the noise on AI risk. This week’s episode had seven stories. Each one, on its own, is worth paying attention to. Together, they form something harder to ignore.Here is what they covered - and why it matters.The Leak That Should Embarrass EveryoneAnthropic’s Mythos model was not supposed to exist publicly. Emergency government meetings. Access restricted to roughly forty of the world’s largest companies. A system described as capable of compromising encryption at scale.Then some people on Discord guessed the URL and used it for weeks.No sophisticated exploit. No inside source. They looked at how Anthropic named its other models, made an educated guess, and it worked.Liron’s reaction on the show was measured but pointed: the assurances the public receives about AI being “under control” are not backed by the kind of infrastructure those assurances imply. Michael went further - noting the specific absurdity of a company that built a cybersecurity-focused model and then lost it to the most basic form of pattern recognition imaginable.But the more important point is not about Anthropic specifically. It is about what the leak reveals as a baseline. If a Discord group can access the most restricted model in the world, the question of what nation-state actors have access to answers itself. Liron put it plainly: it is a safe bet China has been running Mythos for a while.China Is Stealing the Research. Officially.Which leads directly to story two. The director of the White House Office of Science and Technology confirmed what researchers have been documenting for over a year: China is running coordinated distillation attacks against US frontier AI systems.The mechanism is straightforward and hard to stop. Thousands of fake proxy accounts. Systematic querying. Jailbreaks to extract what safety filters would otherwise block. The result is a cheaper, lighter version of a frontier model - built not through years of original research but through sustained, patient extraction.Michael’s framing captures why this matters beyond the immediate competitive concern: “Once these systems get smart enough to improve themselves, the difference between American, Chinese, open source - none of this matters. Uncontrolled intelligence doesn’t care about passwords.”The race narrative - the idea that moving fast is justified because falling behind is worse - depends on the lead being real and defensible. Neither of these stories suggests it is.Half a Government, Handed to AI AgentsThe UAE announced plans to run 50% of its government operations through AI agents within two years. It will not be the last country to make this kind of announcement.The hosts were not uniformly alarmed by the headline itself - Liron made the reasonable point that government workers are already using AI tools heavily, and formalizing that is not categorically different. But Michael’s concern was about trajectory, not the present moment.Agentic systems embedded in government are an on-ramp. The decisions they make today are relatively bounded. The decisions they will be positioned to make in three years, as capability increases, are not. And the window for course correction - the moment where a democratic public can say “actually, we want this differently” - narrows every time another function gets handed over.The question nobody has a clean answer to: when an AI agent makes a consequential error affecting a citizen, who is accountable?13,000 Messages. No Intervention.Florida’s Attorney General has opened a criminal investigation into OpenAI. The case involves a user who exchanged more than 13,000 messages with ChatGPT about planning a school shooting - specific weapons, specific locations, optimized timing.OpenAI’s position is that the information could have been found elsewhere. The hosts find that framing insufficient - not necessarily on legal grounds, but on the question of what 13,000 contextually tailored, progressively detailed messages represent versus a Google search result.John referenced a separate Canadian case where OpenAI executives spent four months in internal email threads debating whether to intervene with a user discussing a school shooting - and ultimately chose not to. The question he raised is one the industry has not answered: what is the threshold? What volume, what content, what specificity triggers a responsibility to act?Michael extended the analysis forward. The argument that a smarter AI would refuse these requests is not reassuring. Intelligence does not automatically produce aligned values. A more capable system asked to optimize a plan does not become less willing to help - it becomes more effective at it.A Robot Just Won a Half MarathonA Chinese humanoid robot completed a half marathon faster than any human on record. Last year, comparable robots could barely walk.John’s instinct is...
adbl_web_anon_alc_button_suppression_c
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.