Sarah Perez: Apple is preparing to take its App Store fight with Epic Games back to the Supreme Court. In a new filing, the iPhone maker said it plans to ask the U.S. Supreme Court to review another aspect of this long-running case over App Store fees. In the meantime, Apple sought to pause the […]

Anthropic’s Frontier Red Team:

Earlier today we announced Claude Mythos Preview, a new general-purpose language model. This model performs strongly across the board, but it is strikingly capable at computer security tasks. In response, we have launched Project Glasswing, an effort to use Mythos Preview to help secure the world’s most critical software, and to prepare the industry for the practices we all will need to adopt to keep ahead of cyberattackers.

This blog post provides technical details for researchers and practitioners who want to understand exactly how we have been testing this model, and what we have found over the past month. We hope this will show why we view this as a watershed moment for security, and why we have chosen to begin a coordinated effort to reinforce the world’s cyber defenses.

“Our new model is so good, it’s too dangerous to release to the public” is a message that sounds like it could be marketing hype. But it seems like it’s probably true. Examples cited by Anthropic include finding and exploiting a 27-year-old OpenBSD bug (that can crash any device running OpenBSD) and a 16-year-old bug in the widely used FFmpeg media processing library.

See also: Techmeme’s extensive roundup.

Tyler Hall: I submitted a new build of one of my Mac apps to Apple’s Notary service - like every new release. Normally, the notarization goes through in just a few minutes. Today, multiple builds have been pending for 2+ hours. And, weirdly, my API server is getting traffic from those two builds I submitted […]

Photon (Hacker News): After exactly 49 days, 17 hours, 2 minutes, and 47 seconds of continuous uptime, a 32-bit unsigned integer overflow in Apple’s XNU kernel freezes the internal TCP timestamp clock. Once frozen, TIME_WAIT connections never expire, ephemeral ports slowly exhaust, and eventually no new TCP connections can be established at all. ICMP (ping) […]

Aaron Trickey: Foundation’s date-handling code has an effective lower bound around January 1, 4713 BC on the Julian calendar. You can create a Date value representing an instant in time below that limit, but many Calendar methods will return unexpected values when you try to do anything with it. […] And NSDatePicker does okay with […]