扩展 Project Glasswing 项目

扩展 Project Glasswing 项目
Expanding Project Glasswing

原始链接: https://www.anthropic.com/news/expanding-project-glasswing

“玻璃翼计划”（Project Glasswing）是一项旨在通过向选定合作伙伴提供“Claude Mythos 预览版”AI 模型访问权限，以保护全球关键软件安全的计划。自启动以来，首批合作伙伴已识别出超过 10,000 个高危或极高危安全漏洞。该计划现正扩展至 15 个国家的约 150 家新机构，重点关注水务、电力、医疗保健及关键开源基础设施等核心领域。鉴于具备高级网络能力的 AI 模型即将广泛普及，该计划旨在帮助网络防御者在应对潜在威胁时保持领先。该项目不仅限于漏洞识别，还在不断演进以帮助合作伙伴简化漏洞披露、验证及补丁修复流程。通过发布专业安全工具并整合 AI 驱动的补丁建议，“玻璃翼计划”力求在强大的 AI 时代建立新的行业标准。最终，该计划作为探索前沿 AI “双重用途”属性的试点，旨在通过稳固的保障措施、协作性的最佳实践以及对先进网络安全工具的广泛应用，创造持续的防御优势。

Hacker News 上关于 Anthropic “Project Glasswing” 的讨论，反映出人们对该公司在人工智能网络安全领域所扮演角色的深切怀疑与争议。评论者提出了几点主要担忧： * **生存安全风险：** 一些用户认为，即便技术漏洞得到修补，由人工智能驱动的社会工程学的必然兴起，也将使传统安全系统过时，并可能动摇人们对所有数字机构的信任。 * **战略怀疑：** 批评者认为该计划是一种“营销手段”或“投毒与解药”模式，暗示大型科技公司在制造安全威胁，只是为了从解决方案中获利。另一些人则怀疑，限制先进的网络能力模型是一种维持市场主导地位并为其高昂成本辩护的策略。 * **投资潜力：** 相反，一些人将 Anthropic 在网络基础设施领域的推进视为长期价值的标志，认为该公司有望成为值得投资的“网络安全巨头”。总的来说，社区对于 Project Glasswing 究竟是巩固全球基础设施的真诚努力，还是主导企业为控制人工智能生态系统而采取的蓄意行动，仍存在分歧。

原文

Project Glasswing is our collaborative effort to secure the world’s most important software. In early April, we announced that roughly 50 initial partners had access to Claude Mythos Preview, and since then, they’ve been deploying the model to scan their codebases for vulnerabilities. We recently described how these partners have so far found more than ten thousand high- or critical-severity security flaws.

We’re now expanding Project Glasswing. Following several weeks of close collaboration with our Project Glasswing partners, the security industry, open-source software maintainers, and the US government, we’re extending the partnership to approximately 150 new organizations. Each one will need to meet our security requirements before they gain access.

The organizations in this new group are based in more than fifteen countries, and most provide critical infrastructure to many more. (In the future, we intend to expand our geographical reach much further.) The group covers several industries that weren’t well-represented in our initial cohort, such as power, water, healthcare, communications, and hardware. And many of the new partners are vendors—companies or nonprofits that maintain codebases that are relied upon by lots of other organizations around the world, including governments.

What each partner has in common is that a successful attack on their codebase could be catastrophic. For most partners, we estimate that a major attack could affect more than 100 million people, with important ramifications for both global and national security.

This expansion is the next step toward our long-term goals: for AI to make all software more secure, and for us to help the industry adjust to how AI could change many of the core assumptions of cybersecurity.

The role of Project Glasswing

Project Glasswing and the capabilities of Claude Mythos Preview have sparked broad conversations—both within the software industry and with governments—about how AI is changing cybersecurity. These conversations have informed how we’ve expanded the program. They’ve also shaped our thinking about the very purpose of Project Glasswing.

Cheap, fast AI models with powerful cyber capabilities are around the corner. We want Project Glasswing to spur institutions toward operating norms that reflect this reality.

Mythos Preview continues a long-term trend that we’ve been warning about for some time: within 6 to 12 months, we expect that many other AI companies will have Mythos-class models, and they could release them without safeguards that prevent misuse. In that world, cyberattacks could occur much more often, and in much more unpredictable forms. It’s imperative that cyberdefenders adapt to maintain pace.

We see our role as twofold. First, to help the software industry adapt by safely providing wide access to better models, tools, and common infrastructure. Second, to steadily shift the support we provide, from finding vulnerabilities to disclosing, fixing, and deploying patched software. We’ll now discuss each of these in turn.

Supporting cyberdefenders

So far, companies, nonprofits, maintainers, and researchers have acted quickly. Within the first weeks of Project Glasswing, each member began using Mythos Preview at large scale, sharing information and best practices with other partners, and working with third parties to triage the model’s findings. These organizations’ methods for adapting to new tools can, and should, be replicated widely across the millions of organizations and developers who are vulnerable to cyberattacks.

To support this, we are releasing—on request, to trusted security teams—the tools we’ve developed to support Project Glasswing’s partners in finding vulnerabilities more quickly. We’ve also created Claude Security, a product that uses our frontier public models, like Claude Opus 4.8, to scan codebases and suggest patches.

We intend to go much further: our longer-term aim is to support the industry in creating new initiatives, standards, and infrastructure for the era of powerful cyber models.

Accelerating patching and the rest of security

As we’ve previously discussed, the bottleneck in cybersecurity is now verifying, disclosing, and patching the large numbers of vulnerabilities that Mythos-class models can surface.

Mythos Preview itself can help. Many of Project Glasswing’s partners now use the model to write patches, as well as for pre-release checks that prevent vulnerabilities from appearing in the first place. Models like Mythos Preview can also be used for penetration testing (simulating a cyberattack to identify how vulnerabilities might be exploited), automating threat detection and response, and rebuilding legacy codebases in memory-safe languages, among many other defensive tasks.

We’re in discussions with third parties about how we might substantially scale up the reviewing and patching of vulnerabilities in open-source software. We’re also working on sharing ideas and best practices for disclosing vulnerabilities to open-source maintainers, with the intent of making these reports easier to triage and to act upon.

The path ahead

To address the scale of this coming challenge, hundreds of thousands of organizations, researchers, and maintainers will likely need access to the most advanced cyber capabilities and tools available.

We’re working as quickly as we can to safely release Mythos-level capabilities in general access. To do so, we’ll need highly robust safeguards that prevent the model’s cyber capabilities from being misused—safeguards that we (and, to our knowledge, all other AI developers) have yet to develop. Because cybersecurity has both helpful and destructive uses, making safeguards that are both strong and precise enough is a major challenge.

In the meantime, we plan to expand Project Glasswing even further—prioritizing additional essential infrastructure providers, maintainers of critical open-source software, and safety testers. We intend for future expansions to cover organizations in the US and overseas, just as this one does. We also intend to scale up our Cyber Verification Program, which would grant Mythos-class capabilities to many more organizations for specific cyberdefense tasks.

In the future, frontier model releases will become increasingly high-stakes. Capabilities will continue to improve across all domains, including many that—like cybersecurity—can empower attackers and defenders alike. This will not be the last time we need to confront a challenge like this one. But Project Glasswing has taught us a great deal about how to respond when models cross important capability thresholds. If we’re successful, we hope to enable a permanent advantage for defenders.