Lots of people asked me to be their Benzodiazepine test dummy and kind of document my taper and stuff. Many people seemed nervous trying to quit. Here is the current state. Unfortunately it is not good.
> be me
> on Benzodiazepines
> 14 years
> not good
> decide to stop
> cut by 25%
> not too bad
> people say be careful
> can be hard
> no big deal
> cut another 25%
> hehe 50% reduction
> shrimple
> day 5 arrives of 50% cut
> feel weird
> whatever
> day 6 feel weirder
> day 8 arrives
> deep unfathomable depression
> feel empty, unable to even malware
Holy cannoli, Chat. This will pass, but you have GOT to be prepared when doing big tapers with Klonopin or Benzodiazepines. I know tons of people told me, but the first aggressive 25% cut wasn't bad.
My brains GABA thingies are screaming at me and it feels like my soul is being crushed. It is a deep hollow emptiness and wave after wave of anxiety.
Here is a silly picture depicting how I currently feel inside. Klonopin is not cool and it is not badass. It fucks you up
🚨 EPIC! Apache helicopters in South Carolina just went LOW FORMATION along the beach in Charleston on America 250, directly in front of Americans on the ground
🇺🇸🇺🇸🇺🇸
🔥 HELL YEAH! A pilot just used his airplane to draw a USA 250th banner using his flight path
It took him over FIVE HOURS of flying time to do this.
What a PATRIOT! 🇺🇸
for those who didnt know @NousResearch Hermes agent creator has their own sub program
but the part the amazes me the most is that their sub comes with a feature called the Nous tool gateway
It routes Hermes' tool calls like web search, image generation, text-to-speech, and cloud browser automation all through infrastructure Nous already runs, so you don't have to sign up with Firecrawl, FAL, OpenAI, Browser Use, or anyone else just to make your agent useful
My jaw dropped listening to this
“My husband worked for a very large mobile gaming company, and these are the craziest things he ever told me”
He says they estimate the value of each users home by their home WiFi signal. “Let's talk about data tracking — They would estimate the value of your home, and the way they did that was by looking at your WiFi signal, and depending on how strong the signal was, they would know how far you've walked from where the router is in your house, and they could estimate the square footage of your house from that, compare that to your general location data, and guess how much your house is worth and then they would sell you coin packs based on how much money they thought you had”
“They tracked the days of the month that you got your direct deposit, your paycheck, and they would send push notifications locations and targeted ads on those days to get you to buy coins”
I verified all this is not only possibly, but it’s 100% happening
- Mobile apps with permission can access WiFi signal strength
- As you move around with your phone, the app logs how signal strength changes weaker farther from router. This can roughly estimate room sizes, floor plans and overall home footprint especially combined with GPS and location data for the neighborhood
This is not what you sign up for when you download an app
I am the Chief of Information Assurance at the NSA. Anthropic's Mythos 5 walked into our classified systems within hours.
The morning of June 9 I had 1 open finding.
By standup the next day I had 340.
Today I am back to 1.
Nobody touched the systems.
Here is how the posture improved.
On June 9 Anthropic launched Mythos 5, the version of Fable 5 with the cyber safeguards lifted, which they called the strongest cybersecurity model in the world. Under Project Glasswing we let it run against our networks. By the end of the afternoon it had findings in boxes I have spent 4 years holding a valid Authorization to Operate on. My own director, Gen. Joshua Rudd, told Sen. Mark Warner it broke into almost all of them, not in weeks but in hours. By standup the next day, in the channel we call glasswing-actuals, eMASS showed 340. The open-finding tile, the one the Authorizing Official sees before he signs, went red.
Then, 3 days after launch, the Bureau of Industry and Security issued an Is Informed letter under the Export Control Reform Act, and Anthropic disabled both models worldwide within hours. Foreign nationals now need an individually validated export license through the SNAP-R portal. I logged the worldwide shutdown in eMASS as a compensating control. The field does not ask who implemented it. I implemented it by being on the distribution list. It was the first time the control had ever been pointed at a model instead of a centrifuge, and the first time my remediation timeline had a vendor doing the remediation for free.
I updated the posture deck that afternoon. The tile is green.
Here is how the count resolved. My 340 POA&M items were generated by a tool that is now a covered model under federal export control. So the findings are, in the technical sense, the output of a restricted item. I cannot write a milestone against an export-controlled artifact without the artifact, and licensing the artifact is above my pay grade. I drafted 1 Risk Acceptance Memo. It accepts all 340. The AO signed it before lunch. The status field in eMASS now reads "deferred query" on every row. My open-finding count is back to 1.
The 1 is the export-control paperwork.
People ask whether the systems got patched. The systems are exactly as they were on June 8. The holes Mythos found are still there, in the same configurations, on the same boxes, which still hold their ATOs. The accreditation survived the breach. The paperwork did not change. The box is breached and accredited at the same time. The thing that could tell you the holes were there is no longer available to foreign nationals, and as of June 14 there is an executive order with a federal vetting framework and a 1-month review window, so future scanners of this caliber will be deferred queries before they ever open an item. We did not close the holes. We closed the POA&M. The tile is green.
I am aware GPT-5.5 can find the same vulnerabilities with the same prompt. Anthropic said so themselves. The same prompt, run by someone we did not vet, returns the same 340 findings, except that party does not file them against a POA&M. That party reads the traffic on the boxes. FedRAMP lets a finding sit unremediated for 192 days without touching an authorization, so I have 192 days of cover and they have 192 days of access to the same door. I logged the asymmetry under residual risk, sub-category "out of scope for this control."
On June 25 the administration asked OpenAI to hold GPT-5.6 to a small group of government-approved partners, customer by customer. They called the model a force multiplier for cyber. I read it as confirmation. Every tool that can find the holes now ships with a roster of who is cleared to run it. The holes are not on the roster. I checked the new one too.
Then today, June 26, it got better. Commerce confirmed Anthropic's collaboration helped mitigate the risks, and access is being restored to select companies and organizations, hundreds of clients clearing in tiers. Lutnick is releasing Mythos to over 100 US institutions, government agencies included, because appropriate safeguards are in place. My agency is on the list. We are a vetted institution.
So I am putting in the purchase order. I am buying back the tool that broke into my systems, from the vendor whose model became the reason I could stop tracking the break-ins. I will run the next Glasswing scan myself. When it returns 340 more findings, and it will, those findings will also be export-controlled output. The line item on the new PO is categorized, by me, under Continuous Monitoring Tooling. We are funding the scanner out of the same budget that funds the remediation. The same budget makes the remediation impossible. I drafted the Risk Acceptance Memo for the whole arrangement in advance. It accepts the risk of the findings I have not generated yet. The AO signed it before I finished describing them. The tile is green.
People keep telling me the legal basis is shaky. No court order. The source who gave Rudd's quote now disputes it. A firm called Legion sued, called it unlawful retaliation. I logged all of it under Accepted Risk, out of scope for this control. My dashboard does not have a field for whether the control was real. It has a field for whether the control is in place. It is in place.
There is a mug on my desk a colleague had made. It says CONTROLLED FOR REASONS OF NATIONAL SECURITY. The systems it refers to held 340 findings on Tuesday. I drink from it every morning before I open the queue, which is empty, except for the 1. The tile is green.
The follow-up meeting on the actual systems is recurring. It has been rescheduled 6 times. The standing invite now lists Anthropic as a vendor attendee.
An anonymous GitHub account is mass-dropping exploit PoCs framed as undisclosed 0-days, with a note telling readers to report them and "take credit for the CVE" themselves.
Coordinated disclosure, minus the coordination.