NSA director: 'Mythos "broke into almost all of our classified systems in hours"

Original Article ↗ Hacker News Discussion ↗

Context of the Mythos/NSA Claim

  • Thread centers on a reported remark that Mythos “broke into almost all of our classified systems in hours.”
  • Several commenters note this is second-hand (senator quoting NSA director) and likely compressed or misinterpreted testimony.
  • Later update (via linked post) says the journalist clarified: Mythos was used by internal red-team pentesters with high-side access to speed up compromising systems, not an autonomous, external breach.
  • Many see the original framing as exaggerated or misleading, possibly to justify new restrictions on Anthropic or AI models more broadly.

How Mythos Was Likely Used

  • Common assumption: Mythos was placed “inside the perimeter” or on the same internal networks, assisting humans rather than acting alone on the open internet.
  • Some suggest “broke into” may conflate any successful exploit (including simple crashes) with serious remote code execution.
  • Several argue that if Mythos works this well, other top models (commercial or open) could likely achieve similar results given time and access.

Security Posture of Government Systems

  • Multiple comments stress this reflects more on NSA/DoD security than on Mythos’ uniqueness.
  • Claims that high-side systems rely heavily on air-gapping but run old, COTS, poorly maintained software with significant tech debt.
  • View that many vulnerabilities are already known or trivial; AI mainly makes exploitation cheaper and faster.
  • Some note the long-standing availability of more robust designs (capability-based microkernels, seL4, KeyKOS, strong isolation), arguing secure general-purpose computing has been “solved” in principle but not adopted.

Open-Source and AI Proliferation Concerns

  • Debate over how far open-source models lag behind state-of-the-art (estimates from a few months to a year+).
  • Some argue nonproliferation controls on powerful models are unrealistic; adversaries and open projects will continue regardless of US bans.
  • Others say even if open models reach Mythos-like capability, defenders will have had more time to harden systems.

Hype, Propaganda, and Skepticism

  • Significant skepticism that the US possesses an AI able to autonomously crack “all classified systems,” comparing this to prior intelligence-community exaggerations.
  • Some view the narrative as effective propaganda or marketing for both Cyber Command and Anthropic.
  • General sentiment: AI-assisted pentesting is serious, but the headline claim is likely an overhyped distortion.