A.I. Safety Is So Back + Mythos Mayhem with Nikesh Arora + Hot Mess Express

Introduction to AI

0:00So there's a lot of noise about AI, but time's too tight for more promises. So let's talk about results. At IBM, we work with our employees to integrate technology right into the systems they need. Now, a global workforce of 300,000 can use AI to fill their HR questions, resolving 94% of common questions. Not noise. Proof of how we can help companies get smarter by putting AI where it actually pays off, deep in the work that moves the business. Let's create smarter business. It's IBM.

Audiobook Recording

0:30Casey, will you record my audiobook for me? Yes, I would love to, actually. Okay, thanks. Yeah, because I got the briefing yesterday on what this would entail for me. They want 36 hours in the studio to record this audiobook. That's, wait, hold on. 8, 16, 24. That's over four days worth. That's four and a half days of recording. That's like almost a full week. I know. Oh my God. I know, but apparently people have, you know, a connection to us because of our voices. So they didn't want me using like an AI clone to do it.

1:01It makes sense. You know what? I really think that there would be a case that I should do this because it would force me to read your book. You know what I mean? Like, then I really can't get out of it. Like, I'm on the hook to read this thing for real. And so that might be the best way to do it. You can insert your little like snotty wisecracks if you want. Like, mystery science theater it. Yeah, a little extra commentary on the side. Like, oh, I see we're using that transition again. Hmm. Oh boy, he really ended this whole thing with time will tell.

1:31I would have suggested a different direction. Was this book edited? No, wait. Now I kind of actually want you to do it.

Host Introduction

1:45I'm Kevin Russo, tech columnist at the New York Times. I'm Casey Noon from Platformer. And this is Hard Fork. This week, is AI safety back? The Trump administration seems to be changing its tune. Then Palo Alto Network CEO Nikesh Arora joins us to discuss what's real and what's hype in the freak out over Claude Mythos. And finally, the train has returned to the station. It's the Hot Mess Express. Buckle up. People don't typically buckle a seatbelt on a train. This is a very safe train. All right.

Trump Administration

2:21Well, the big news this week is that President Trump headed to China with a cohort of American business executives to have a series of meetings about Chinese trade policy and AI. and other things with Xi Jinping and other leading Chinese officials. Now, is it true when they walked off the plane, a bunch of H-100s fell out of the leg of Jensen Wong's pants?

2:44I haven't heard that confirmed, but I'll look into it. Thank you. I want to talk about this, but less through the lens of like sort of President Trump and United States trade policy than through this sort of larger shift that I think we've both observed over the past week or so, which is that after several years of kind of dismissing AI safety and Doomer fear-mongering about AI, the Trump administration, or at least parts of the Trump administration, seem to be getting quite scared about what's happening. Yes. And while this is something that I think was honestly inevitable, it still has been jarring

3:17to see it happen because it seems like this administration has really turned on a dime when it comes to this subject. Yeah. So let's talk about what's been going on and some of the data points that support the idea that the Trump administration is sort of changing its AI posture, or at least has several different AI postures that it's considering.

AI Disclosures

3:34But first, let's do our AI disclosures. I work for the New York Times, which is suing OpenAI, Microsoft, and Perplexity. And my fiancé works at Anthropoc. So first, there was this executive order, or rumored executive order, that my colleagues at the New York Times reported on last week. This would be a new executive order to create an AI working group that would bring together tech executives and government officials to potentially come up with new ways of overseeing or regulating AI. One of the potential plans being discussed is a formal government review process for new

4:07AI models before they are released. So this is still ongoing. We still don't know exactly what the executive order will or won't include, but we are expecting more news on that.

AI Regulation

4:19Yes.

AI Regulation

4:19And the reason that is notable, Kevin, is that on President Trump's first day in office, in his second term, he canceled President Biden's executive order on AI, which, among other things, included this, a very similar kind of review process for new frontier AI models, right? Like, the Biden people were very confident that we would one day get models that could be used to commit great harm. And so they wanted to get a handle on that before those models were released. And when Biden did that, many Republicans were saying, this is anti-innovation, you're

4:52going to make us lose to China. Well, well, well. Now the shoe is on the other foot, and they're saying, hey, slow down. Don't release those things quite so fast. It's so remarkable how fast the Overton window has shifted on this idea. I mean, as you just said, like, during the Biden administration, during the SB 1047 fight here in California over this proposed AI bill, people in tech and on the tech right and sort of among the more libertarian crowd were incensed about the idea that the government might ask

5:23them to do pre-release testing of their models that they then submit the results of to the government, they called this, you know, communist. They were sort of implying this would be kind of the end of free enterprise as we know it. And now just a couple of years later, they are reportedly considering doing something similar. So what do you think happened here? Well, I think that basically, to use a phrase you sometimes like to use, like the Trump administration's view of AI just did not survive contact with reality, right? And that, in a word, what has changed here is Mythos, the model that Anthropic now has

5:57released in a preview to a very small group that includes now many federal agencies. This model is very good, apparently, at finding novel vulnerabilities in code that can be used to create exploits. And that appears to be true across many, many, many programs. And so the administration, I think, took a look at this and the serious people over there said, look, you know, whatever your views may be about, you know, free trade and the threat of losing to China, like we have a model right now that if it were just sort of unleashed

6:28on the public could just create vast amounts of harm. And I think to their credit, the Trump administration said, OK, then what would be a policy to prevent harm from happening? Yes, Mythos is the proximate cause here for a lot of this. But I think it's also worth talking about the various factions within the Trump administration that appear to be battling over control of this new AI regulatory push. There appears to be a turf war breaking out between the Center for AI Standards and Innovation

6:58or Casey. Shout out to Casey. Which is formerly known as the U.S. AI Safety Institute. This was a group within the Commerce Department that was set up under the Biden administration. The Trump administration came in and basically they didn't like that this was, you know, what they considered sort of a bunch of doomers. So they sort of made some changes, including to the name. But this is a group of AI researchers and safety experts who work in the Commerce Department who want to be involved in vetting new models. And there is just something so funny about these people coming in and saying AI safety is such

7:31a stupid idea that we have to remove safety from the name of this institute. And then one year later be like, well, AI safety is really going to be a focus for us from now on. Yeah. So there are some people who believe that the vetting of frontier models should take place like in the intelligence community among like the NSA and various other organizations. So there's some turf war there. There's also just like this interesting kind of posture war over like whether the kind of let it rip approach to AI development or as former AI czar David Sachs put it, the let

8:07them cook philosophy of laissez-faire regulation and this more sort of hawkish safety oriented faction within the Republican Party that does see these models as a big threat and wants to take steps to reel them in.

Government Incoherence

8:20Right.

Government Incoherence

8:20So do we know at this point who seems to be winning that battle? And do you think it matters to the average person which side gains the upper hand? I do. I think there's obviously going to be some back and forth. We'll see when this executive order comes out, like what they do about the testing requirements and where they locate that. If it's like we're going to let the NSA do this or we're going to let Casey do this. I think that all might matter a little bit. But I think that the general posture of the administration changing from AI safety is ridiculous

8:53and these doomers are using hyped up fears to enact regulatory capture is very different from what we are seeing now, which is, oh, wait, these models are very powerful and we don't want our adversaries to get access to them. But we should also say it is entirely confused and incoherent right now at the level of the federal government, because on one level you have President Trump inviting Jensen Huang of NVIDIA onto Air Force One to fly with him to China to try to make a deal to presumably like

9:25open up the export of NVIDIA's most powerful AI chips to China, while at the same time you have other high-ranking government officials saying we need to institute some kind of safety regime because these models are potentially very dangerous. Yes, and nowhere is that schism more apparent than in the Pentagon, Kevin, where on one hand the Pentagon has designated Anthropoc as a supply chain risk because it refused to amend its contract to enable any, quote, lawful use of its technology, as we talked about on the show

9:57for a few months. That designation the Pentagon is still arguing for in court. But at the same time, we learned that this week during the period where the Pentagon is supposed to be unwinding all of Anthropoc's technology from the Pentagon, the Pentagon is also implementing mythos and using it to try to scan for vulnerabilities. It's truly wild. I want to be in the meeting where the person who has to remove Anthropoc from the Pentagon sits down with the person who's installing Anthropoc into the Pentagon and just sort of hear

10:28what those talks are like. Yeah. So aside from the obvious sort of incoherence and maybe hypocrisy of these conflicting positions, like which side do you think is going to come out on top here? Well, obviously, I'm always going to side with Casey. You know, Casey is a great agency, great people over there. And I mean, honestly, like they were just set up to do this exact thing, right? Like when it was established under President Biden, the idea was these models are getting better. Pretty soon they're going to be dangerous. We need to have a way of evaluating them before they are released.

11:01And frankly, they've just sort of like hired a lot of people who I think ordinarily might not work in a Trump administration, but felt like this is so important that I'm going to swallow hard and go over there and try to, you know, serve my country by protecting us from the worst things that AI can do. And so to me, like that seems like they would be very well set up to do this kind of work. Where I think we still just have an obvious gap though, Kevin, is it's not entirely clear to me what is supposed to happen in the case when a company like Anthropic comes up with a model that is too dangerous to release in the view of something like Casey, but wants to release

11:33it anyway. And I assume we are just going to get there. Like sometime within the next six months, one of these companies is going to say, yeah, it's risky. But, you know, we think it's sort of fine to put out there. We have like business imperatives. We're going to talk ourselves into it. And like then what happens? Yeah. I mean, it's also just so clearly unfortunate that the issue of AI safety has become polarized in the way that it did over the past couple of years, that sort of caring about safety, talking about safety became sort of like vaguely woke coded. And people in the Trump administration thought it was like a bunch of hysterical liberals,

12:07you know, using fears of AI to like get heavy handed regulation into place. Like, I don't think that was ever true, but I think it has become especially untrue now when you have very senior people in the Republican Party talking about how we need to restrain these systems. So it's just it's frustrating because I think you and I both saw like this technology is real. It's going to get, you know, even more powerful than it is. And at that point, it's not going to matter whether you're a Republican or a Democrat. Like you do not want this stuff falling into the hands of our adversaries.

12:40True. But I think the Trump administration was always out on a limb here in a really weird way. Like we have talked a lot recently about what the surveys show when it comes to the public opinion of AI in America. Republicans and Democrats are like largely allied in being like deeply skeptical of it and even, you know, outright hating it. And that's why you see so many Republican state legislators trying to pass laws to rein in AI, right? Like you did not have to convince Republican state legislatures that AI was dangerous and needed to be regulated like they were racing to do it.

13:12And the Trump administration has had to put a lot of energy into trying to pass a moratorium so that it can preserve its sort of all gas, no brakes approach to AI. So what I think happened here was that there was basically like a minority of Republicans that happened to be running the country that said, let the labs do whatever they want. And then mythos comes out and the bill comes due and they sort of have their pants down and they have to change their tune. Yeah. Just to sort of throw a lot of metaphors in there.

13:37Pants, tunes. Oh, I'll come up with more. Don't worry.

International Reaction

13:40We're getting there. One other thing here is that you are starting to see the issue of catastrophic or existential risk floating up and percolating on the right. This is something that people like Bernie Sanders have now been talking about on the left for a couple of months. But on Tuesday of this week, Ted Cruz was talking about catastrophic risk and the need to protect against it. So I just think that the improvement of these models and the fact that they are so clearly useful for dangerous things like cyber attacks is going to scramble some of the usual partisan

14:16allegiances here. Yeah. I mean, look, the idea that a large language model might eventually get so good that it could like break into your computer and wreak havoc like that was not a liberal view. Like that was just a view grounded in an observation of like the rate of improvement in the model. In truth, I am glad that they are reversing course on this and they're doing it before we've had a massive catastrophe. Maybe an asterisk there, though, which is I truly feel like every single day for the past week I've seen news of a major cyber attack and increasingly we're getting word that

14:47these may have had AI systems involved in identifying these vulnerabilities. Yeah. So there may be a catastrophe unfolding under our noses. We just don't know about it yet. Yeah. Stay tuned for next week's episode.

14:59I want to talk a little bit about this China trip and what, if anything, we think that has to do with AI regulations. So there was some reporting in the Wall Street Journal last week that both the U.S. and China have been considering a series of official discussions around AI. We know that AI is on the agenda for President Trump's meetings with Xi in China this week. And we also know that China has been looking to get access to mythos. There was a great story recently in The Times that talked about the fact that a representative

15:30from a Chinese think tank approached anthropic officials at a meeting in Singapore last month to basically lobby them to open this model up to China. And we want to give them the hard fork chutzpah award for shooting your shot. If you work at a Chinese think tank and you think Dario Amadei was about to hand you mythos, like, that is truly, like, I aspire to your level of self-confidence. Listen, you miss 100% of the shots you don't take. So along with Jensen Huang, who finagled a last-minute invite on Air Force One after there

16:00were news reports that he was not going to be going on this trip, Elon Musk, Tim Cook, and Dina Powell-McCormick from Meta are also on the trip with Trump. What's going on here, and how would you characterize the blunt rotation among those tech executives? You know, I mean, this is a group of executives that are aligned with the Trump administration, and they have all found in various ways that the more time you spend flattering President Trump, the more, like, tax breaks and other forms of relief your company gets.

16:33So, I mean, you know, this is exactly what we talked about expecting Tim Cook to do once he announced that he'd be stepping down as CEO, is, you know, you're just kind of like a Trump whisperer, and you follow him around, and you say, you know, go, President Trump, and also please give Apple what we want. So, you know, Meta, Apple, and NVIDIA have all had huge success with this administration, and now, as their reward, they get to be, you know, photographed with the president flying around China. Yeah, I think, like, I am just very unsure where all of this settles out, because I can imagine, you know, Trump wanting to go to China and make a bunch of deals,

17:05and obviously, Jensen Huang and NVIDIA want to be able to sell their chips in China, and so I can see them, on one hand, like, giving some kind of expanded access to Chinese AI companies to get these American chips, but then I can also see them not wanting China to get access to models like Mythos. So, I just, I don't know how that resolves, and I see it as basically inherently contradictory that you want to give China or sell China the means to make its own Mythos-caliber models, while at the same time trying to block them from getting access to the one that we have today.

17:39This is where it would be helpful to have a coherent strategy, but we don't, right? It's like the same administration that is, like, installing and uninstalling Anthropic at the same time is kind of having a similar level of confusion over in China, where it seems like the administration is just, like, highly susceptible to, like, blowing wherever the wind is today. Yeah, I mean, I am generally not all that optimistic about the government's ability to regulate technology in a way that is timely and relevant, and I hope I'm wrong here,

18:10but I just, I think that we will see this sort of incoherence and contradiction until there is, like, some big event that kind of forces everyone to, like, sit up straight. I mean, my question is, will this be a case of the same AI safety-minded people who were dismissed for the past couple years by the Trump administration be proven right again in the future when it turns out that China did use access to American technology to build mythos or better-level models, and will there be any regrets, you know,

18:42that we sort of pave the way for them to do that? I mean, you know, I don't think it's unlikely. Yeah. It's interesting, though. Like, I had a conversation with a federal official recently, like, in the last couple of weeks, where this person was basically telling me that AI is just a normal technology, sort of taking the line that we've heard again and again from the people who don't want to regulate this stuff, saying, like, this is just the Internet, this is just the PC, it's not some special technology that requires special rules. And that position has just become so untenable, to me at least,

19:15when you have models that are out there finding zero-day exploits. Like, clearly our military, our intelligence agencies, they don't think this is a normal technology. They think it's more like a step change that requires them to, like, act in different ways. So I am very curious what happens to the sort of AI's normal technology camp inside the Trump administration as the technology continues to grow. They may change their arguments, or they may not. Like, that's the thing. You just don't know how committed these people are to their view. You don't. We should also talk about some of the international reaction to Mythos,

19:47because it's not just China who wants into this thing. Germany's Digital Affairs and Cybersecurity Agency are out this week with a proposal for establishing their own version of something like the USKC. They are also demanding access to state-of-the-art models like Mythos. So it just seems like this model has sort of forced conversations around the world about who should have access to which models when, should the public have access, should governments have access,

20:18which governments should have access. It just seems like we are kind of, like, in a new era of AI brinksmanship. For sure. And, you know, what I hope that we will see in the coming months is more and more cooperation. Like, the whole reason that we had that series of AI action summits over the past few years was to try to get more cooperation among the Western powers with this stuff. And then last year, the US sort of came in and said, that's over. The US is winning the AI race, and you can like it or learn to live with it, basically. Right. And, you know, so it's no wonder to me that these other, you know,

20:50Western powers are seeking access to these models. And I think there's probably, honestly, a good case that they should get access to these models because when it comes to, you know, fixing every vulnerability on the internet, I think we could probably use all the help we can get. Yeah. And I remember that AI action summit. I didn't go to this, the most recent one in India, but the one in Paris before that, I remember it was just like, oh, we're just not going to talk about any of this. Like, we're just not going to talk about the dangers that this technology might create because we're so invested in this sort of accelerationist posture. So how far we've come, and yet we are still in the very early innings of this.

21:25Does it make you wonder what would have happened if the Trump administration had just been listening to Hard Fork a year ago? Could they have saved themselves some trouble here? It's possible. So Casey, the politics of AI and AI regulation are obviously shifting very quickly. We may learn more this week after these meetings in China. But like, what is your take on what this latest burst of news signals about AI or AI regulation? My take is this is a rare bit of good news when it comes to AI regulation, right?

21:56Like, I am somebody who's been worried about AI safety for a long time. And one of the main reasons I've been worried about it is that our government has seemed to have this feeling of like, let's just see what happens. Whereas to me, it was seemed pretty obvious what was going to happen. Now we have arrived at that point. We have a super powerful model. And to their credit, the Trump administration is saying, OK, it seems like we were wrong about how capable these models were going to be. Let's make some changes. And do you think there's any way that this turns out to backfire? I mean, I'm just remembering like people wanting social media to be regulated.

22:29And then when the Trump administration started doing things in the realm of social media, it amounted to what you and I would consider sort of censorship or at least wanting to strong arm the social media companies into doing their bidding. So do you think there's it's possible that something similar happens with AI where it's like we get the regulation, but it's just the wrong kind or this pre-release testing is testing for the wrong kind of thing? Yes, I am very sympathetic to those who believe that this is could amount to a kind of prior restraint on free speech and that there is the risk that there are members of the Trump

23:03administration will effectively say you can't release that model, not because it's actually dangerous, but just because it seems woke and gay. And I think that we need to keep an eye out for that. And, you know, potentially someone is going to need to sue over it. But when I look at how I want to balance those things for the moment, I would rather have an administration saying the crazy cyber model. Don't give that to everyone. Yeah, I think I'm landing at a pretty similar place where I'm like, I'm a little worried that this regulatory push from the right is going to be confused and maybe too sudden.

23:36And there's going to be some sort of overreaction that ends up with something more like the sort of censorship that you mentioned. But I am glad that after many years of kind of denying that this technology was important, that it would become as good as the people at the lab said, that our government at least appears open to the idea that maybe they need to step in and do something here. I'll take the little wins where I can get them.

Nikesh Arora Interview

24:01That's what I'm saying. When's the last time we talked about a win on this show? When we come back, what is Claude Mythos doing to the world of cybersecurity? We'll talk to Palo Alto Network's CEO, Nikash Arora.

24:28Meet Rovo, your AI-powered teammate by Atlassian. With Rovo, you can streamline your workflow and power up your team's productivity. Find what you need in a snap with Rovo Search. Connect Rovo to your favorite SaaS apps to get the personalized context you need. From brainstorming to complex requests, Rovo Chat delivers insights in the context of your work. And Rovo is already built into Jira and Confluence. Get started with Rovo, your new AI teammate, at rovo.com. So there's a lot of noise about AI, but time's too tight for more promises.

25:02So let's talk about results. At IBM, we work with our employees to integrate technology right into the systems they need. Now, a global workforce of 300,000 can use AI to fill their HR questions, resolving 94% of common questions. Not noise. Proof of how we can help companies get smarter by putting AI where it actually pays off, deep in the work that moves the business. Let's create smarter business. IBM. If you're still paying one of your biggest expenses, either rent or mortgage without Built, it's time for a change.

25:34Built is the membership for where you live that rewards you on rent, mortgage, and around your neighborhood. Every monthly housing payment earns you points that can be used toward flights, hotels, lift rides, Amazon.com purchases, and more. Earn rewards and get something back wherever you live. Become a Built member today at joinbuilt.com slash hardfork. That's J-O-I-N-B-I-L-T dot com slash hardfork. Well, Kevin, is it just me or every time you look at the tech news, do you see some new

26:05cyber attack that seems to have befallen some company or another? Yes. This is my experience of social media over the past two weeks. I log in. I see three posts from companies about how they've discovered more bugs in a 24-hour window than in the previous, you know, 80 years of their company's history. And then everyone's reposting that with just like, it begins or it is over or hide your kids. Yes. Just to name a few of those, Mozilla was one of those companies saying that it had pushed 423 security bug fixes in April alone compared to an average of about 22 per month

26:39throughout 2025. Google announced on Monday that for the first time ever, its threat intelligence group had identified an attacker using a zero-day exploit that the group believes was developed with AI. So that's kind of a grim milestone. And then if you're a student, perhaps you noticed the cyber attack on the learning platform Canvas last week, which forced the site down for several hours. And the company behind Canvas, which is called Instructure, had to negotiate a deal with hackers for the return and destruction of the stolen data. So, you know, on one hand, there are cyber attacks going on all the time, but it does seem

27:13like some new inflection point has been reached. And of course, a reason that people think we might be seeing more of these is AI. Yes. So we have talked about Claude Mythos Preview, the model that Anthropic did not release widely, but released to a select group of companies and open source maintainers. And today we're actually going to talk to someone who has used Mythos and who has been on the front lines of this frantic sprint to secure the infrastructure of modern life. Yes. Our guest today is Nikesh Arora.

27:44Nikesh is the CEO and chairman of Palo Alto Networks, the largest cybersecurity firm in the world, which supports more than 70,000 customers, including the vast majority of the Fortune 100. And as you mentioned, Kevin, Palo Alto was among the organizations given early access to Claude Mythos, as well as GPT 5.5 Cyber. Yes. And Nikesh is one of the people I think who is best positioned to see the effects that these models are having on cybersecurity because they do work so broadly across industries. They're also a big government contractor.

28:15So I'm just really interested in what he thinks is different about this new class of models. Yes. And something I appreciate about Nikesh is that in an industry where there is a lot of hype, because, of course, the more scared that a cybersecurity executive can make you, the more likely you might be to buy their software. Nikesh is somebody who I think tries to maintain an even keeled approach here and not to ring alarm bells where none are needed. But that said, I do think that he is quite concerned about some of the things that he's saying. Well, let's bring him in.

28:45Nikesh Tororo, welcome to Hard Fork. Well, thank you for having me. I want to just start with your account of what it feels like to run a major cybersecurity company right now. Casey and I have talked with people at these companies for many years, usually because something terrible has happened. And I feel like the vibe we get is like, this is the worst, most dangerous time ever in cybersecurity. What is your subjective experience as someone who's been in this field for a long time?

29:17I'm a little more perhaps relaxed than what you're trying to ascribe, that people come here and tell us is the worst moment. Historically, what's happened is, in the last seven years, you've seen the time from somebody breaching an organization and being able to extract, let's say, crown jewels, has been measured in days. Unfortunately, with the emergence of AI, the arrival of vast technologies, that timeframe has shrunk down to minutes. And when that happens in minutes, your defense systems have to be able to be activated and

29:49defend yourself for minutes. And fundamentally, the cybersecurity infrastructure was designed for days. Some parts of it are making it to seconds, the good parts where you know how to stop them. But we have to go basically overhaul the backend infrastructure to make sure it's AI ready, so we can find AI with AI. So you're seeing that. You're seeing AIs out there. You're seeing people like Anthropic launch models like Mythos. You see an open AI do that. It's 5.5 cyber. They're showing you the art of the possible from a bad actor perspective. So we have to make sure we move as fast as them, or faster perhaps, to try and plug those

30:21holes, make the infrastructure better. So your company recently put out a report on some patches that you all have made to your own systems. You disclosed 26 critical exploits covering 75 issues, and you said that's against a typical baseline of under five. Meaning that they discovered like five times as many in a comparable period. Five to seven times, yeah, depending. Yeah, so is that pretty standard for what kind of spike you all are seeing in exploits

30:51or discovered exploits as a result of Mythos and similar models? So what we've discovered, some of the newer models that have come out in the last few weeks, perhaps a month or so, is AI models are getting really good at coding. Well, guess what? But as the models start to understand what good code looks like, they also start developing and understanding what bad code looks like. So if you point this model and say, okay, now look through all this code repository I have and find me bad code, it will. And unfortunately, humans have been writing bad code for a very long time. So on average, we'll find about one-fifth or one-seventh of what was found in the last

31:25six weeks using these models. Now, of course, remember, we ran a concerted effort to see what the models are going to find. We had hundreds of engineers working on it to make sure we look under every rock, run every product through it. It's almost like it's a great cleansing, right? So it's a great cleansing moment. We found seven times the volume that we would have normally found in a normal period. It's not going to happen again, hopefully, because we have hopefully cleared out a whole bunch of the, let's call it the tech debt or the vulnerability debt. But I think a lot of organizations will have to go through this moment to understand how

31:57much of their code written in the past suffers from these vulnerabilities. They'll have to do their own work. They'll have to make sure that it's fixed. I think the challenge we're going to run into is most companies use a large corpus of open source. And open source doesn't get bashed or remediated as quickly as your own proprietary code can. The other thing we found very interestingly with Mythos and other models is it's really good at daisy-chaining vulnerabilities. And that's what needs to be sort of contended for. I'm trying to get a sense of the scale of this issue because I feel like within the past

32:29few weeks, I've heard a lot of stories like the one you just described about your own company. You know, Mozilla has been publishing blog posts about discovering hundreds of bugs, you know, over a period where maybe previously they only would have discovered a couple of dozen. My sense is that as more companies sort of like undertake this audit, they're going to find that they have similar problems. So, like, what is the time scale that we might expect these kinds of issues to be fixed? And is there enough time to fix particularly like critical infrastructure before our adversaries

33:02gain access to similarly capable models? That's a great question, Casey. I think that's what should keep us up at night, right? Because not every organization has resources to fix code that could have been written 20 years ago. Now, the good news is that, you know, pretty much most of the cyber defenders have had access to the models. They understand the scale and enormity of the problem to some degree. I think what we have been able to do is we've been able to enlist the support of many of the system integrators in the world, like the IBMs, the Pricewaterhouse, the Lloyds, the

33:34Accentures, et cetera, who are all rallying to make sure they make resources available to many of these customers to be able to patch these things. But I think we are in the midst of sort of testing an interesting solve where we can, once we know the vulnerabilities in an organization, we can write signatures into our perimeter defense firewalls to say, if you see somebody trying to go in this direction, we know there's an unpatched piece of code behind it, block them. So we can create a temporary scaffolding to let organizations have a little bit more time

34:06to go fix their vulnerabilities, but, you know, it has to be done. And the risk, like you rightly articulated, is that open source or nation states or third parties can start building models that are similar to what Anthropic or OpenAI have built. And the risk is that they get there faster than the patches or have been enabled in many enterprises. Yeah. I want to understand a little bit more about the defense side of this, now that you have access to this Mythos model. There's been a lot written about it. It's the subject of much debate at the highest levels of power.

34:38And I kind of just want to ask, like, what is it like to use it? Does it feel different than using like Claude code? You know, like if you've used another Anthropic product, does it feel kind of the same? Or just like, what is it like to use Mythos? In the beginning, it was not that impactful because when you're looking for bad code, it's going to find everything. Remember, I mean, it's 30% of false positives, right? So it's not like always going to get the right thing. But unfortunately, we've got to go test every one of them out to see which is real. But what became more and more fascinating, the more context we gave it, the better it

35:10became. What do you mean? Well, you show it a piece of code. It doesn't know what the code is trying to achieve. Right. Right? So you have to give it context. So you're not just pointing it and say, go test this firewall and tell me what you find. You're actually like giving it some instructions beyond that. You have to give it context in terms of what is the purpose of the code? What does it do? What is normal behavior supposed to look like? Then you have to give it more context in terms of other threat research. Like the models don't have all the threat research in the world. We sit on hordes of threat data saying, this is how 10,000 attacks have been conducted in

35:40the past five years, which is data we store, we hold, because we write machine learning algorithms to protect against those instances. So we say, oh, we're arming you with all the past known techniques that have been used. Can you see if some of those known techniques can be applied in this scenario? Effectively, you're giving all the human training of the past to make sure that in the future you can build defense against those techniques. You mentioned using both Mythos and GPT 5.5 cyber. I'm curious, like in your mind, how comparable those models are? Like, are they in the same class or is one different than the other?

36:12You know, the most fascinating part is that they both found different things, which tells you that based on their grounding, their training, whatever they've been used to train at, one of them was better at certain things, the other one is better at some other things. But it just tells you that there is still a lot that's going to get found. I mean, one thing that's stuck out to me as I was reading some of your blog posts and your sort of post-mortems about your experiments with Mythos is like, if a cybersecurity company is finding five to seven times more vulnerabilities using this model, like the average bank, the

36:46average insurance company. To say nothing of Kevin's personal website. My personal website. I mean, we're going to be looking at many multiples of that, right? Or is it the case that everything is so centralized and runs through just a few platforms that like the average institution is not as screwed as I think they are? I wouldn't say the average is, I think, look, there's a lot of work that needs to be done. It's not just good at finding vulnerabilities. The other thing we also found as part of our testing, it can even take a look at products you might be using perhaps to power your website, which you may have misconfigured.

37:16That's not a vulnerability, that's human error in the way you're using the product if you've left the door open. For example, many people will take products and say, ah, it's easier if this control pane of this product was accessible from home or from the internet so I could just go access it from wherever I am and manage this thing. Well, you should not leave control panes of most products in your company exposed to the internet. Because if I can find it, other people can find it too. When Mythos was first announced, there were a lot of people who were very skeptical.

37:47They said, oh, this is just marketing hype or Anthropic doesn't have the compute to serve this model, which is why they're only releasing it to a select group of companies. A month or so later, do you still hear that kind of thing from people in your industry that maybe this isn't the sort of apocalyptic moment that Anthropic and others have said? Yeah, I look at it slightly from a longer term perspective. I think what the Mythos model showed is what the art of the possible is going to be in the

38:17future once we are compute unconstrained or we have better models in the future which are trained better. So it sort of gave us a window into what's coming. I think it was very useful. I think that's a bit of a, you know, it's a bit of a tough rap towards Mythos that did this and purpose, I think, remember, these companies, whether it's OpenAI or Anthropic, they're sort of working their way, trying to understand how to do this. Both of them and OpenAI want to do it right. They want to do it so that AI is not used in a bad way, at least in this instance.

38:49I think they were trying to do the right thing. I think there is no easy solve to this. I give them marks for trying to do the right thing. And I think they sort of, they've partly got most of it right. Some of it, they fumbled on the way there. But in credit to both of them for trying to get it done right. Speaking of how we fix this, so for decades, cybersecurity has operated using this sort of 90-day responsible disclosure window, right? Like, I find something, I find a bug, I sort of privately notify you. But, you know, in 90 days, you know, I'm going to go public with this.

39:20So you better get your act together and fix it. And companies often do take 90 days or longer to sort of implement those bug fixes. So I read a blog post this week by a researcher named Himanshu Anand, who wrote that, in his opinion, the 90-day responsible disclosure window is dead. I also saw that in your own company's blog post last week, you guys said that within 25 minutes in an AI-assisted scenario, somebody could get initial access to a system and exfiltrate the data. So do you agree that this 90-day window is dead? And if so, like, what the heck do we do about it?

39:51Like, I think the principle of the 90-day window is to allow the owners of the product or the piece of software or piece of code to have enough time to investigate, to fix it, and make sure their customers are secured. I think the 90-day window is going to shrink, as he has rightly articulated. How much does it shrink is still up for debate. How long do we have? Like, think about it for what we just did, right? We announced this morning that we've patched almost 30 critical vulnerabilities. We've known about these for two or three weeks.

40:21We've had the time to go test it. We had time to build patches, pretty much deployed everything that's available from a SaaS software perspective. So challenge is not the SaaS software, right? SaaS software you can find, you can fix, you can deploy. It's not a problem. The challenge is when there's a laptop sitting in front of you, and I've got to go make sure you update your laptop because you're required to do something with it. And I can tell you, he will go like six months without installing the mandatory updates. I'm not even kidding. Delay, delay, delay. I mean, I am starting to see more of those just in my products, and I'm getting more

40:52requests to update system software. Is that Mythos related? Like, no, seriously, like, I'm wondering to myself every time I see it, I'm like, oh, what did Mythos find now? So it's like, are we starting to see as consumers evidence that some of these systems are needing to be patched more frequently? I think there is going to be, as I said, there is going to be the cleansing of the vulnerability backlog that has been built over the years. So you will most likely experience in the next three to six months, if you're an enterprise, you'll experience it in a lot more boxes that you buy. You buy servers, you buy switches, you buy routers, all those things where you have code

41:25lying on them will have to be looked at and will have to be patched or upgraded over time. So you're going to see some of that cleansing happen, but hopefully you can power through it and get to the other side. But it sounds like it is just a good time to install those software updates when you get them. Yes, I highly recommend you do that. One persistent question about these kind of models is whether they favor attackers or defenders. So I guess I'm just going to put that question to you. Like, is this technology better for people who want to break into systems or people who want to safeguard systems? And if you had attackers and defenders with an equal model, who would win?

42:00It's a great question. Classic Batman versus Superman. Remember, it's an unbalanced fight to start with. We have to be right 100% of the time. The bad guys can be right once. So it's an uneven playing field from that perspective. So the model, if you can find your five vulnerabilities and you can exploit one of them, it's a win for them and a loss for us. It doesn't matter if we protect you on the other four. We don't get 80% grade for protecting the other four. We get zero because it was able to find something to reach it. So for now, the bad actor is most likely able to use it much better than the good people.

42:35That's not a model constraint or model fault. It's because the model doesn't protect. Remember, the sensors protect. The sensors we apply around your perimeter protect. The sensor has to be smart enough to understand what the model is going to find. And that's why the fact that we got this window of four to six weeks to test them, to understand them, we're busy building defense techniques to make sure that as this tsunami of AI-based attacks starts to arrive, we have enough defense capability, which is still powered by AI, to give us a real-time response that we need. Is there a sector of the economy that you're most worried about when it comes to cybersecurity

43:10and the new capabilities of the AI systems? You know, the challenge always is the companies which use technology where their core business is 95% something else, and the 5% part is technologies. And you can take that to mean small businesses. You can take that to mean sort of core industrial manufacturing output type businesses where they're not spending as much time thinking about the technology. They're busy digging for gold or building infrastructure or something else. Or hospitals, you know, that use technology. So you're worried about the non-tech businesses that may not have as many resources or as many

43:45engineers working out. I'm not worried about financial institutions. They have more engineers than I do. So they will go rally against it. They'll put the resources to work. And they've been protecting themselves for a very long time. They understand the implications of these things. So it's like, you know, poor doctor's office. Remember that there was a breach that happened, I think, almost a year ago now. It's slightly more of change healthcare, which caused a whole bunch of the entire physician ecosystem to come to a halt. And the physician didn't know what to do about it. Yeah. Hmm. I mean, like, for the moment, like, do you sort of breathe a sigh of relief that these models are not generally available?

44:16Or do you think they could be released and it wouldn't be that big of a deal? Well, they have been released, right? Both Opus 4.7 Cyber and OpenAI's 5.5 have both been released with cyber capabilities and guardrails. But not Mythos. Not Mythos. But Mythos has another unique property, which perhaps goes towards a conversation about constraints, is that Mythos runs in ultra mode. Ultra mode is a compute consumptive mode, which allows the model to persist for much longer than the flash mode that most models are released in.

44:48So if you're... So you're saying it can just work for a lot longer, spend a lot more compute... That's right. That's right. That's right. Than other models. Compute cost is from the persistence, perhaps, not from the capability. And the persistence allows the daisy chaining to happen much more effectively, right? Because it's trying different techniques, trying to see which one's most likely to work. So that's what causes the daisy chaining to happen in a more effective fashion. So that's why... So is it a good thing that, like, the average person doesn't have access to that right now? I think so. I think every company should have a chance to be able to fix these things in the meantime.

45:19But again, I don't know who the average person is in this case, right? Is every company out there an average person that they should have access to because they have to fix their stuff? You mean the average bad person? Basically. I mean, I'm just, like, thinking about, you know, all of these cyber attacks that we've seen just over the past couple of weeks. And I'm assuming that they do not have access to a mythos-level model. And so I'm just asking myself, like, well, what if they did? Yeah. What if they did that they'll find a way to attack companies much faster? Yeah. Right. I don't think the nature of the attacks change. I don't think the nature of the outcomes change. Most likely, they will be used to leverage ransomware, perhaps cause economic harm, if

45:51you're looking at it from a nation-state perspective. I think the entire sort of fundamentals of how the bad actor industry works is not going to change. What it does change is the pace and the volume, perhaps, of attacks are going to be made possible because of the availability of these models. I want to talk a little bit about what, if anything, an average person can do here. I, myself, am the subject of an ongoing phishing attack where... Somebody must like you. I mean, I hope so. But basically, almost every day, somebody tries to get me to, like, reset my X password

46:21from an email address that has nothing to do with X.com. And because I'm looking at my emails on the desktop, that's very easy for me to see. And I'm not fooled. You know, congratulations. But... That's me. I've been trying to steal your big point. How could you? But I also believe that, like, within six months or a year, one of those emails is going to come in and it's just going to look way more convincing, right? It's just going to figure out a way to trick me. And one of my frustrations with talking about cybersecurity in general is it tends to leave people with the sense of, like, well, everything's really bad. Sorry. Good luck to you.

46:53Usually, we give people advice like create a strong password and use multi-factor authentication. That's right. Is that good enough or do people need to update the playbook? Look, I think one of the things to my frustration has always been that if you think about it, we have much better cybersecurity solutions in the enterprise world than we do for the consumers. For example, if you had a corporate email and all the phishing attacks will come to your corporate email or spam is coming to your corporate email, we'd be pretty good at sussing these out because the X email address that you talk about that you're getting, which is not

47:24actually X, we see it in one customer, we'll block it everywhere else. Now, the problem is the consumer world doesn't have any such gatekeepers, right? It's because we're effectively the gatekeepers of the enterprise, but consumer world doesn't have gatekeepers. The consumer gatekeepers are the email providers. The consumer gatekeepers are the telecom networks that give us, you know, if you were getting an attack on your corporate mobile device and we were sitting in front of it, it won't happen. But in our personal devices, we can all get spam, we can all get phished, we can all get all this stuff happen to us. I think part of the frustration I have is that there are some consumer companies that need

47:56to implement better cyber controls for all of us consumers, which they're not. Well, like any particular controls come to mind that you'd like to see out there? Well, think about the email, right? I mean, you're telling me, is it hard for the email provider to figure out that this is not an X email address? Like, we should, these same guys are building AI, right? These guys are building AI, just going to anticipate what we want and do it for us. So some of you just need to pay attention to it. So that's sort of, I mean, like for what it's worth, so, you know, this is like my paid Google workspace for my work account. And like, you're absolutely right.

48:27Like, it seems like a very simple classifier that Google makes to just be like, hmm, this probably isn't coming from X.com. How are your engineers feeling about all this? I mean, I imagine they're working a lot these days. Are they excited because there's this new tool, new set of tools available to them? Are they stressed out because all of a sudden their workload just got five times bigger? Like, what is the mood? Yes. All of it. Look, I can think about it. If you're a technologist, this is a phenomenal time to be doing this, right? The amount of opportunity to learn, the amount of opportunity to understand.

49:00Some of the people are fearful. I'm like, how is this thing going to work? And then you can find, I think every emotion you can think of is probably in every engineering team out there. We have 9,000 plus technical people. I think it's not just the tool in front of us. I think it's the uncertainty of what this holds in the next two or three years. I mean, people are seeing OpenClaw being deployed. Now, OpenClaw is a scary thing from a security perspective. It's going to take all your permissions, all your credentials, do all kinds of stuff for you, but it's cool.

49:31So the early adopters are doing cool shit. I had dinner with somebody, came to my house, like, I got OpenClaw on my phone. It's doing everything. I've given her names called Zara. And it's doing all the things I'm asking you to do. And the guy sitting next to me, I said, holy shit, that's a security nightmare. You're worried about your X, AI, X, you know, post to change a password. You don't need to change a password. OpenClaw is going to tweet on your behalf because it's had a moment last night. Totally. Right? Yeah. Yeah. And for all of my objectionable tweets over the years, I would like to just formally say that was my OpenClaw acting autonomously.

50:02There we go. So are you personally, like, running any of these insecure, like, are you running OpenClaw? Are you experimenting with this stuff just from, like, a, I need to understand the landscape perspective? On a segregated device, which has no connection to many of my things, which makes it totally useless, by the way. You can't even book a meeting on my schedule because it does not have access to my schedule. It can't respond to an email on my behalf because it doesn't have access to my email. So I'm still sort of using it the old-fashioned way, which is I'm using Gemini. I did do that. I took my earnings script, sent it to Gemini, and said, what do you think?

50:33Two quarters ago, it says, are you trying to hide something? You're too enthusiastic. You use the word momentum and excited too much more than you normally use. I'm like, holy shit. That's not bad. It's going to tone it down. Yeah. That's very funny. Is it changing your hiring plans at all? I mean, you employ thousands of cybersecurity engineers and researchers. Yes. You may need fewer of those people in the future? No. I need more. I think this is the fallacy out there, right? The fallacy is that organizations are going to get 30%, 40%, 50%, 60% more productive from a development perspective and a testing perspective, so we need less people.

51:10The problem is every technologist that you talk to has a feature request list, which is longer than their arm. And typically, people have product roadmaps that are six to 12 months out. Why is that? Because they don't have enough people or they cannot serialize something because it takes a lot of effort to get it done. So I think the first thing that's going to happen is as we create more capacity, we're going to try and fill the technological backlog and try and make that work. And I do understand there are people out there, I'll call it, reshaping their technical organizations by creating capacities.

51:41Everybody who's out there saying, I'm reducing my headcount by 7% or 15% or 20%, which you're beginning to see recently, I think they're just creating capacity. They're saying, that capacity allows me to hire more people and make room for people that I need who have the newer skill set. Hmm. They're not just spending that salary money on tokens instead. Look, I think that the interesting part is, I was saying this earlier, I was speaking somewhere else, and the part we don't realize is that we're dealing with a tsunami of a desire to transform. I think we're in a decade-long transformation of business ahead of us.

52:15Imagine, like, you have a new technology. My CFO would never come and say, I want to use AI to transform my team. He wants to transform his team and see if he can do it much more efficiently, but he wants AI. My head of HR wants AI because he wants to create an AI interviewer, an AI assessor, instead of having humans do it. So, every function wants more AI to deploy. Now, the question is, where's the money going to come from? It's probably going to come from efficiency in those teams, those functions. So, that's what's going to pay for the tokens. I have to say, I don't think anyone wants to be interviewed by the AI assessor.

52:46That's not a good vibe, you know? I don't know. Would you want to be interviewed, like, for a job by an AI? I think AI is most likely going to be better at assessing my domain skills than a human being. Really? Yes. If you're trying to hire a good coder, if you're trying to hire somebody who knows agentic AI really well, I mean, sitting and talking to them is not going to get me a better answer. If they can sit and code and deploy OpenClaw in front of me, it's like, I'll tell you I've done that in an interview. It's like, the guy says, well, I'm really conversing with AI. I'm like, really? That's cool.

53:17I'm like, what have you done for a second? Well, I built myself an agent. I'm like, show me. It's like, what do you mean? I'm like, you're on Zoom? Show me. They see this, like, bizarre, like, you know, simplistic, like, oh, I got to make a shopping list from the recipe I saw. I'm like, dude. It's an AI girlfriend. It's like, actually, I shouldn't show you this.

53:34Yeah. So now we have an HR problem. Well, Nikesh, thanks so much for coming in. Really great to talk to you, and good luck out there. Fascinating. Thank you, Kevin. Please tell Mythos to spare our families in the coming uprising. Thank you.

Hot Mess Express

53:51When we come back, it's time for the Hot Mess Express. Maybe that's an urgent message from your CEO.

54:22Or maybe it's a deepfake trying to target your business. Doppel is the AI-native social engineering defense platform fighting back against impersonation and manipulation. As attackers use AI to make their tactics more sophisticated, Doppel uses it to fight back. From automatically dismantling cross-channel attacks to building team resilience and more. Doppel. Outpacing what's next in social engineering. Learn more at Doppel.com. That's D-O-P-P-E-L dot com. The thing about AI for business, it may not automatically fit the way your business works.

54:56At IBM, we've seen this firsthand. But by embedding AI across HR, IT, and procurement processes, we've reduced costs by millions, slash repetitive tasks, and freed thousands of hours for strategic work. Now we're helping companies get smarter by putting AI where it actually pays off. Deep in the work that moves the business. Let's create smarter business. IBM. If you're still paying one of your biggest expenses, either rent or mortgage, without Bilt, it's time for a change.

55:27Bilt is the membership for where you live that rewards you on rent, mortgage, and around your neighborhood. Every monthly housing payment earns you points that can be used toward flights, hotels, lift rides, Amazon.com purchases, and more. Earn rewards and get something back wherever you live. Become a Bilt member today at joinbilt.com slash hardfork. That's J-O-I-N-B-I-L-T dot com slash hardfork. Well, Casey, we've got a train to catch today. The Hot Mess Express is here.

55:59Hot Mess Express. The Hot Mess Express is, of course, our segment where we take a look at the various calamities befalling people in and around the tech industry. And at the end of discussing them, decide what kind of mess was this. What's pulling up to the station today? Well, let's see what's first here on the tracks. You just love the sound effect. Our first story today comes from The Verge. Oh, and this is truly the end of an era.

56:29Venmo is starting to test a big redesign of its app. And as part of the changes, Kevin, it will be implementing a major new privacy feature. The onboarding process for new users will set their posts to only be viewable by their friends by default instead of being public. And this is very sad for me because for years now, every time I've opened up Venmo to, you know, pay a friend, I've seen a recent transaction from someone I hooked up with once in 2016. And the thought that other people aren't going to have that experience makes me really sad.

57:01So, you know, as a nosy person who loves to gossip, I am sad about this story because, you know, it was always fun to see which of your random phone contacts had been paying their fractional share of the rent or back for dinner. People put various jokey things on their transactions, you know, illicit drug deal, foreign arms trade, etc. And it's just sad that we won't get to experience that. Yeah, also, you know, the public by default Venmo transactions gave us many great stories over the years, including Joe Biden's secret Venmo, which was a BuzzFeed story.

57:35J.D. Vance had a public Venmo that Wired reported on. Matt Gaetz's Venmo payments were part of a federal inquiry into his payments to women, according to The New York Times.