I mean what do you expect when covering memory safety topics with a model that's not allowed to cover security topics? This seems totally expected. It'll be the same when 5.6 is released.
I mean what do you expect when covering memory safety topics with a model that's not allowed to cover security topics? This seems totally expected. It'll be the same when 5.6 is released.
> what do you expect
I expect the strong cybersecurity model to help me strengthen the cybersecurity of my project.
> not allowed to cover security topics
They said it wouldn't be usable for offensive purposes. This is the opposite of that.
You don't have the strong cybersecurity model. That is not Fable. It never was, even at release.
The cybersecurity model is Mythos, which was never made publicly available. It is only available to a list of US government approved companies.
> They said it wouldn't be usable for offensive purposes
No, they said Fable would refuse for cybersecurity and offensive purposes. You are conflating Fable with Mythos.
Fable adds guard rails like cyber refusals to mythos. Mythos is the starting point for fable. Same model family.
They're very similar models though, just with different safeguards and restrictions in placae around particular use cases.
I guess the underlying issue is that there is this model that is very capable, but it's being hobbled because of a fear of abuse. It may well be justified, but for a legitimate user any restriction just makes it a worse product and after all the puffery around how good it is (and some practical experience of how good it is) it's a pretty shit experience. "Here's our best model, no you can't really use it".
Fable is very strong for finding bugs. But you are explicitly not supposed to use it for cybersecurity. Even in the initial rollout I had it refuse and fall back to Opus when implementing a change password function
> Fable is very strong for finding bugs.
That's what I was trying to use it for. Find bugs. Anthropic just refused to let it find the memory safety bugs in my C project.
Is there a difference though?
Fable 5, harden my openssl project. Then you use the diffs/summary to find out what the bug is for your exploit.
They're going to be verifying people's identities anyway. Why not put that bit of security theater to good use for once? I'm the author of project X, now let the model work on it, would you kindly?
This "only super special corporations get the model" nonsense is dividing society into haves and have-nots.