Hello, and welcome to TechScape. I’m your host, Blake Montgomery, the Guardian’s US tech editor, writing to you from my happy village in Pokopia.

Where does the truth about AI lie?

Artificial intelligence companies make powerful products. They also make outlandish claims.

Last week, Anthropic released Claude Mythos, an AI model focused on cybersecurity, which has inspired widespread thrill and panic over how capable it is said to be. There’s a catch, though: the public can’t touch it. OpenAI declared at the end of last week that it, too, had developed a frighteningly capable cybersecurity AI.

Anthropic called Mythos a “reckoning” for the cybersecurity industry because of how keenly adept at exposing software weaknesses the new tool had proven. According to Anthropic, Mythos has laid bare thousands of vulnerabilities in commonly used applications for which no patch or fix exists, prompting the startup to form an alliance with cybersecurity specialists, nicknamed Project Glasswing, to bolster defenses against hacking and withhold the model from wide distribution, much like an arthouse film that plays solely in Los Angeles and New York.

Shakeel Hashim writes in a Guardian op-ed:

Mythos, the company claims, has found vulnerabilities in every major browser and operating system. In other words, this new AI model might be able to help hackers disrupt much of the world’s most important software.

If such technology was widely available and as capable as Anthropic claims, the implications could be catastrophic. Cyber-attacks are no longer a solely digital problem. Almost everything we rely on in the physical world involves software. In recent years, airports, hospitals and transport networks have been crippled by cyber-attacks. Until now, attacks of this scale required serious expertise. Mythos would put that capability in reach of amateurs – and turbocharge the professionals’ ability to wreak havoc.

Already, though, cybersecurity experts are pushing back on Anthropic’s claims. My colleague Aisha Down reports:

It is unclear if Anthropic has built the machine god. What is more apparent is that the San Francisco startup widely seen as the “responsible” AI company is brilliant at marketing.

“Mythos is a real development and Anthropic was right to treat it seriously,” said Jameison O’Reilly, an expert in offensive cybersecurity. But, he said, some of Anthropic’s claims, such as that it found thousands of “zero-day vulnerabilities” in major operating systems, were not that significant to real-world cybersecurity considerations.

In 2017, BuzzFeed News’s tech editor argued that the engineering of desire was Apple’s greatest strength. I agree, and Anthropic seems to possess a similar genius. The technology is powerful, but so is the manipulation of attention. Like Apple’s genuinely transformative iPhone, Claude is the real deal. Businesses can’t get enough of its coding capabilities. Serious companies – Apple, Nvidia, Google, JPMorganChase, Amazon Web Services, Broadcom – have partnered with Anthropic on Project Glasswing. However, it is also a clever bit of marketing to say: “You can’t have this; it’s too strong.” Nothing sparks a stronger desire than withholding. According to Bloomberg, Anthropic was the talk of the town at the HumanX AI conference in San Francisco last week.

Hype has obscured the public’s understanding of generative AI since the technology’s advent. Journalists and clear-eyed observers have been trying to pierce it for just as long. In 2019, Slate published a piece, “OpenAI says its text-generating algorithm GPT-2 is too dangerous to release” (hat tip to X’s @Banteg for surfacing the story in a tweet). The headlines may look similar because Anthropic’s CEO, Dario Amodei, was once the vice-president of research at OpenAI. He left the company in 2020. OpenAI also withheld its video generator Sora from wide release for many months. Did that kill Hollywood and film-making as we know it? No. The company shuttered Sora late last month.

Concerns over the hazards of simple text generation might seem quaint in comparison to the complete end of digital security, but the fact that we have moved past the fears of 2019 points to a heartening likelihood: we will move on from today’s fears of cybersecurity’s demise as well, settling in a middle-ground reality between the present status quo and the hyperbolic future.

Read more: AI companies know they have an image problem. Will funding policy papers and thinktanks dig them out?

Reworked: A Guardian series about AI and the future of work

• Tech companies are cutting jobs and betting on AI. The payoff is far from guaranteed

• ‘There’s a lot of desperation’: skilled older workers turn to AI training to stay afloat

• ‘It has your name on it, but I don’t think it’s you’: how AI is impersonating musicians on Spotify

How a Guardian investigation exposed child sex trafficking on Facebook and Instagram

Two weeks ago in New Mexico, Meta lost a multimillion-dollar legal battle over its failure to prevent children being sold on its platforms. Longtime Guardian writer Katie McQue uncovered evidence that became part of the case against the tech giant. She detailed her investigative reporting process in a piece last week:

It started with a tipoff. I was reporting on the trafficking and exploitation of migrant workers in the Gulf when a source I had known for more than a decade reached out. They told me that child sexual abuse trafficking in the US was surging. As the Covid pandemic pushed predators online, some were using Facebook and Instagram to buy and sell children.

It was 2021, and I was about to begin an investigation with Mei-Ling McNamara, a human rights journalist, that would lead to the tech company Meta losing a multimillion-pound court case in March this year. The company had not yet rebranded and was known as Facebook, and there had not been any reporting on how children were being trafficked on its platforms. Experts from anti-trafficking nonprofit organisations and an American law enforcement official talked me through the crimes they were seeing.

Much of the trafficking on Facebook and Instagram was happening in non-public areas of the platforms, such as Facebook Messenger and private Instagram accounts, I would learn later. Traffickers were searching for teens to target and groom, and to later advertise to sex buyers.

In July 2022, we went to Washington DC to visit a safe house run by the nonprofit Courtney’s House, which cares for teen girls of colour who are survivors of trafficking or are actively being trafficked.

Its location is not public and we were only sent the address an hour before our appointment. Courtney’s House is run by Tina Frundt, a trafficking survivor and former member of the United States Advisory Council on Human Trafficking during the Obama administration.

Read the rest of her ticktock here: ‘It started with a tipoff’: how a Guardian investigation exposed child sex trafficking on Facebook and Instagram

Read her full investigation here: How Facebook and Instagram became marketplaces for child sex trafficking

The wider TechScape

• ‘It feels as if I’ve made a new best friend’: my experiment with AI journalling

• ‘Irresponsible failure’: Google, Meta, Snap and Microsoft slam EU over child sexual abuse law lapse

• ‘Abhorrent’: the inside story of the Polymarket gamblers betting millions on war

• OpenAI CEO Sam Altman’s home targeted with molotov cocktail