Comment by Topfi
1 day ago
I still am struggling to understand why they informed the government about something that is known to be an issue in every LLM. There is no LLM that cannot be jailbroken, so unless this means that we have reached the absolute maximum publicly accessible US made LLMs are allowed to operate at with GPT 5.5, this is not grounded in any sane regulation attempt.
Does anyone know what limits Fable 5 has overstepped in the eyes of the government? Parameter count? Certain benchmark results? Training computer?
Cause if it’s just the ability to assist with cyberattacks and being jailbreakable, there is no model previously released that isn’t equally guilty.
Remember that for GPT 5.5 and 5.4, OpenAI also restricted the cybersecurity focused use under designated models, otherwise rerouting to 5.3-codex like Fable did with Opus 4.8. And both OpenAI models can also be jailbroken all the same.
Basically, what was the reason to tell the government now and not with Opus 4.5 or GPT 5.4? sama has been doing the rounds with apocalyptic predictions…
I submitted separately, but this Axios report has some details that call a lot of the speculation in this thread into question, i.e. that this wasn't much of a "jailbreak" at all and that it's not Anthropic-specific - the White House intends to generally regulate Mythos-class models (whatever exactly that means):
Between the lines: The government's response "seems way out of line with what's actually in the research report," Luta Security CEO Katie Moussouris, who Anthropic shared the Amazon report with, told Axios.
Moussouris said the researchers were able to find security vulnerabilities by asking questions normal defenders would ask AI, which is exactly what the model was intended to do.
An administration official told Axios they do not view other models as national security threats because they do not surpass the bar that Mythos set.
Anything at Mythos level or above would need to go through the administration to ensure the government's national security apparatus is hardened enough, the official added.
https://www.axios.com/2026/06/13/anthropic-amazon-white-hous...
The governments national security apparatus was using a public signal group and invited a reporter into it. I don't think we should use them as the standard for secure.
https://www.whitehouse.gov/presidential-actions/2025/07/prev... the government using this terminology shouldn't be entrusted to make such decisions.
Why amazon? I bet the three letters had a hissy fit field day worrying that their expensive hancrafted zero days would evaporate and software would get more secure. So, the government is throwing a wrench for the NSA
That’s a terrible way to create AI regulations
If they actually cared about this issue we’d have predictable laws and regulatory bodies that let companies actually plan
There’s a reason royal fiat doesn’t lead to healthy economies. It’s just confusing and chaotic. It’s not clear why anyone would invest in a new model now.
Then the next administration comes in and instantly, by fiat, they decide to lift the ban. The market just gets jerked around with no ability to plan long term investments.
It’s a great way to regulate if you’re corrupt. When the rules are opaque and arbitrary, there’s a lot more room for corruption.
16 replies →
> That’s a terrible way to create AI regulations
This administration doesn't do regulations, its extortion. Same as the tariffs. Just grease someone's palm and then the vague restriction is lifted.
2 replies →
Not that I'm ever one to support anything this regime does but I'm kind of okay with them pumping the brakes on this until we really get a handle on what the
The USG has limited capabilities on technologies from GPS chips to thermal imaging with "national security" implications for a while and now they're doing it but it seems people don't like how ill defined "Mythos-class" means. Would it be better if it was some %X on some benchmark that the frontier model peddlers could just limbo under to make it "acceptable" for release? Do we just accept that jailbreaking will never be prevented?
The part of all this I do have a problem with is the national state cybersecurity cat-and-mouse this kicks off. Will the US tech landscape have enough time to safely get a "Mythos-class" model to harden itself before China releases or leverages a "Mythos-class" cyber munition?
18 replies →
In a parallel universe where we have Biden (or Democratic Party) administration, how different do you think the regulations / approach would be for this fast moving and unpredictable technology?
14 replies →
> the White House intends to generally regulate Mythos-class models (whatever exactly that means)
This is not at all surprising. And I hope people don't make the mistake that it's a "this administration" problem.
It was obviously from the early days of these LLMs that the shoe was going to drop and we (as Joe public) would not retain access. I mean that once ChatGPT3 dropped it was clear there was some level of functionality at which we would be denied further access.
The only carve out will be as per older technical innovations the US is more concerned with foreign national access than US citizen access at home.
I don't remember the details with encryption but it was basically you have to ship a breakable version for the rest of the world, and you generally sometimes ship a backdoored version.
And Anthropic is more concerned by what they are asked to do to US citizens than the broader group.
Same story with encryption, CPUs, GPUs, blah blah blah.
It seems logical for govts to want to regulate AI/LLMs. In the US, would it be FCC (comms) or something new?
Yet unlike CPUs/GPUs, there's currently zero way to lock down who has access.
Giving access to 'citizens', with the current way the Internet operates, is absurd. One back door into a desktop, workstation, and 'validated citizens' are now 'hackers from where-ever'.
1 reply →
> I don't remember the details with encryption but it was basically you have to ship a breakable version for the rest of the world, and you generally sometimes ship a backdoored version.
I do remember the details: the result of Bernstein v. United States was that you have a First Amendment right to publish code because it is a speech act and so the USGOV cannot prevent you from publishing effective encryption algorithms. Will model weights be afforded the same protection? What about serving a model without publishing its weights? We shall see.
[flagged]
2 replies →
Interesting. Hope there is any clarification on what "Mythos level" is and why 5.5-cyber doesn't arise to it. Any metric I could come up with (parameters, pre-train compute, benchmark scores, etc.) seems somewhere between imperfect and utterly nonsensical. Pure speculation, but GPT-5 series models including the new 5.5 pre-train appear far closer to Sonnet than Opus or Fable in pure parameter count, so maybe that's it, but the "they do not surpass the bar that Mythos set" line sounds more like there is a believe that Mythos/Fable are more capable in cybersecurity tasks, whereas the data [0] doesn't seem to bare this out. I did not do any cybersecurity assessment of Fable 5 myself, partly due to personal reasons that make that something I'm abstaining from, but my coding evals showed that while task adherence and assessment wise it was neck and neck with 5.5, the task inference was a major jump again (something prior Anthropic models tended to already do incredibly well on) and while that makes it a far better model to work with for UX experiments, I don't see how that translates to cybersecurity, along with the aforementioned publicly available evals by AISI.
Seeing as neither Mythos nor GPT-5.5 had been pre-trained with a particular focus on cybersecurity, this would have to mean any model that benchmarks better than GPT-5.4 or Opus 4.6 on these tasks cannot be used by None-US-Citizens. If such guidance isn't enforced for all US labs, I think that's irrefutable evidence that this isn't about cybersecurity or "the bar that Mythos set"...
[0] https://xcancel.com/AISecurityInst/status/205458976317312633...
Firefox bugs found per month, actively advertised as a sign of how powerful Mythos is: https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2F...
I am, thus far, not aware of 5.5-Cyber managing anything similar to "Project Glasswing"
That said, the government also knew about Mythos since Project Glasswing was announced... April 7th, two months ago, so if they wanted to block a public release, they had more than enough time to do it in an orderly way.
And basically every sign that Mythos is well above the previous baseline was pretty publicly known by early May, when we started getting stuff like the Firefox bug reports.
I can see an argument that Mythos is just barely a "cut above" enough to regulate, but I cannot see any argument for doing this by a fiat order three days after the release.
2 replies →
This is obviously political and the entire narrative is fabrication.
David Sacks is publicly gloating about it: https://x.com/DavidSacks/status/2065853007619588171
I can't really say that Anthropic didn't get what they deserved. They exploited security threats to sell their product and play political games, and now their rivals are rubbing it in their faces.
> This is obviously political and the entire narrative is fabrication.
I agree with this
> David Sacks is publicly gloating about it: https://x.com/DavidSacks/status/2065853007619588171
I do no like David Sacks but how do you say this is gloating about it?
Again, I do believe this is political, but Sacks is saying "you said this is dangerous and wanted regulation, and we believe you. Fix this because it's dangerous and we'll let it out again".
How is this gloating?
Sacks works for the government now. Everything is political. This happening on the day SpaceX IPO’d? It’s a flex, and a message.
2 replies →
> How is this gloating?
he is emphasizing that they used their own words against them. everyone knows the security threat is a pretext. the message is that he is smart and they are stupid and he won, which is what I call gloating.
> "Those trying to misdirect and tie this action to the prior DoW/Anthropic issues are wrong."
an obvious lie, which is inserted to emphasize that it is a lie. when you purposefully lie, not to deceive, but with the intent that the counter-party knows you are lying and must accept the lie, that is an assertion of power.
2 replies →
It is gloating in the context of it being the exact same form of dangerous as all the other frontier models out there?
anthropic would see a crazy boost to its ipo for releasing " so good that we had to ban it" model .
i dont see how it effects them negatively at all given their opus models are already on par or exceed any other model out there.
They literally asked for it. Two days ago Amodei wrote an essay urging the government to regulate them. He explicitly cited Mythos, as proof that frontier AI has acquired autonomous hacking capabilities that threaten critical infrastructure and national security.
https://darioamodei.com/post/policy-on-the-ai-exponential
A third-party demonstrated that it was possible to jailbreak the safety measures of Fable to access the raw Mythos abilities. Abilities which Anthropic say are too dangerous for the public.
Edit. From David Sacks:
David Sacks could not be further from a reliable or impartial narrator on this topic.
And before someone calls this an ad hominem, it isn’t; I am not saying he is bad or morally wrong or anything else (you are free to think that or not, as am I).
But Sacks has skin in the game. And that makes him both unreliable and partial.
Cynically: this is an attempt to quash open source or discount model competition through regulatory capture.
I'm sure it's also a step towards requiring id and limiting access for us plebians to real power and keeping it for maintaining or growing power of those in charge. It's all an excuse to give us a Westworld season 3. Probably a better example out there..
1 reply →
> A third-party demonstrated that it was possible to jailbreak the safety measures of Fable to access the raw Mythos abilities. Abilities which Anthropic say are too dangerous for the public.
Pressure test this assumption before getting behind this position.
I will certainly revisit it as more information comes out, but is it your contention that Anthropic solved jailbreaking with Mythos?
10 replies →
What assumption?
2 replies →
“This power must be scoped to the above four specific risks and there must be protective measures against political favoritism or arbitrary decisions.”
> They literally asked for it.
Yes, and rape victims are "asking for it" by wearing short skirts. I thought we stopped with this nonsense a couple decades ago?
There's a huge difference between "we want regulation", and the government swinging it's dick at random.
If the government had said, a week ago, don't release Fable? That wouldn't have gotten nearly this reaction. And the government has known that these capabilties exist since they were announced TWO MONTHS AGO.
>I still am struggling to understand why they informed the government about something that is known to be an issue in every LLM. There is no LLM that cannot be jailbroken, so unless this means that we have reached the absolute maximum publicly accessible US made LLMs are allowed to operate at with GPT 5.5, this is not grounded in any sane regulation attempt.
I wondering where you are getting the idea that there is an sane regulation right now?
The only reason I can see is because Amazon wanted something like this to happen. But I'm not sure what Amazon would gain from that, since they don't have their own competing frontier models.
Of course, Amazon wanted this to happen.
They own 20% of Anthropic.
Anthropic bleeds cash. They have to raise capital.
There are only 2 ways: an IPO or follow-ons from existing investors.
If the IPO gets delayed because of these restrictions, Anthropic will be forced to raise more capital from existing investors.
And existing investors (Amazon) will end up owning more of Anthropic at a cheaper valuation.
There's a much simpler explanation: Amazon's business is selling cloud services. Amazon is constantly under threat of attack and anything that disturbs the balance between attackers and defenders is bad for Amazon. Amazon also needs to keep their AWS customers safe.
This is Amazon prioritizing their 100% stake in AWS over their 20% stake in Anthropic. It's also possible that Amazon knows things that are not public.
The fact that Amazon is willing to report this despite owning shares in Anthropic and being close to a liquidation event points to whatever they found being actually serious.
Why would they have launched Fable on Bedrock if they knew they were going to be shutting it down a day later?
4 replies →
My guess is that they liked the status quo with Project Glasswing and didn't want Fable to be public, especially if anyone is jailbreaking it into Mythos and using it for cyber
But then it backfired spectacularly and now it seems they can't use Mythos currently
This is either a complete own goal by Amazon… a play to consolidate compute/model access.
Will Chinese models be allowed on the market… at all? Will startups be banned from training models of equivalent capacity?
At this point would I be outsourcing my knowledge work or would I be entering self-exile?
...Not to mention that they're investors in Anthropic.
Did it cross your mind that Amazon cares about the security of the United States and reported the jailbreak to protect it?
Claims of retribution aside, one steelman is that Mythos is likely the most capable model that's usable by folks like the NSA [1], and decision-makers across the USG and industry partners have seen a stream of reports of Mythos successfully finding serious vulnerabilities over the past couple months due to Glasswing.
So even if GPT 5.5 is just as capable in these scenarios (which, imo, it largely is), it is not known by the government apparatus as having the same capabilities.
Personally, I think we crossed the threshold of capabilities with Opus 4.6 [2], which translated to an even more capable open-weight GLM 5.1 (which it is rumored to have distilled Opus 4.6) [3][4]. But the USG and its partners aren't fully rational actors with perfect data, so it's possible they're only viscerally aware of these capabilities in the context of Mythos.
[1]: https://www.reuters.com/business/us-security-agency-is-using...
[2]: Opus 4.6 was used for https://www.noahlebovic.com/testing-an-autonomous-hacker/
[3]: See GLM 5.1 scoring in https://www.cybergym.io/cybergym/
[4]: https://dualuse.dev/posts/chinese-models-are-sometimes-bette...
I doubt that the capabilities of GPT-5.5-cyber aren’t known by the US government considering OpenAI is their primary LLM partner after Anthropic had concerns about using models for autonomous weaponry and mass surveillance of US citizens. If anything, they should have more experience in GPT-5.5s full feature set due to longer access and may even already have GPT-5.6 access.
Hanlon's razor. Are the people with the right access talking to the right people? Wouldn't be the first time for miscommunication in the executive branch.
2 replies →
They made a deal for access, but I'm unsure if it's usable, scaled, and has vulnerabilities attributed to it at this point. But I have no inside information here, so I could be wrong.
1 reply →
[dead]
The simple answer is that Trump has a stick up his ass against Anthropic and is also fond of stock market manipulation. No need to get too deep when it comes to dealing with that orange shmuck.
This is just another shakedown like with Tylenol etc, knock the product, lower the stock price and have a competitor hostile takeover, or get kickbacks
This is a hypothesis, and a viable one.
But I caution you against drawing conclusions from your hypothesis and calling it a day, instead of taking in the available data and using it to broaden your understanding of what's actually happening.
This could be many things: a shakedown, Trump's pettiness, marketing kayfabe, an actual government reaction to a very weaponizable technology, and so on.
But if you call it "just another shakedown" and go about your day, then you're doing yourself a disservice, because the story is still unfolding and we don't have all the facts.
You don't actually have the full story, so don't delude yourself into think you do.
5 replies →
Its not Fable 5 that overstepped in the eyes of the US government.
It's Anthropic.
This is transparent revenge for them daring to try and push back a little on enabling war crimes.
Anthropic is perfectly fine with the US government using Claude to commit war crimes. The US military has done hundreds of extra-judicial killings in the waters around South America over the last year and Anthropic hasn't had anything to say about that.
Holy crap, I didn't realize that some many people had been killed, over 200 according to a New York Times report: https://www.nytimes.com/2026/05/31/world/americas/us-boat-st...
Use nuance and judgement, friend. Anthropic notably pushed back on completely autonomous no-human-in-the-loop drone killings and mass surveillance of the US population, where others like OpenAI scrambled to agree. Anthropic isn't perfect but that doesn't make them equally bad.
3 replies →
>This is transparent revenge for them daring to try and push back a little on enabling war crimes.
Anthropic wasn't pushing back on enabling war crimes. They said they didn't want the models to work with autonomous weapons because the the models weren't good enough.
Arguably it’s a worse (or different) war crime to knowingly target people incompetently and thus kill more innocent civilians. In this respect, they showed themselves against one war crime. Not “war crimes” in general but a specific misuse of ai in war.
That's pushing back. The regime doesn't care if the models are good enough, they want the optics of killing lots of people using cutting edge tech, they don't really care if it's the right people.
Whether you or me or Anthropic think it was pushing back or not is besides the point.
1 reply →
It's the AWS CEO being a little snitch to gain favor from the Government. That is what this is about.
Clarification: They want someone who isn’t them to make the decision to commit the war crime. They are happy to facilitate.
Why not both?
[dead]
>This is transparent revenge for them daring to try and push back a little on enabling war crimes.
Don't be so pessimistic, maybe they're just trying to give their buddy Musk and XAi a chance to catch up.
Anthropic is one of the two consistent revenue sources for XAI via their colossus deal. I have been critical of this man longer than most, but I don’t see him hurting his own bottom line.
2 replies →
Antropic models are the ones that designated that school as valid target
People designated that school as a valid target - using fancy calculators does not remove that the pass/fail rests with people. AI models have no agency. Even if they are given autonomy - it is given.
What is the basis for that claim? There’s been lots of wild conjecture, but as The Guardian reported, “Almost none of this had any relationship to reality” and “LLMs-gone-rogue dominated coverage, but had nothing to do with the targeting.” https://www.theguardian.com/news/2026/mar/26/ai-got-the-blam...
That's wild misinformation. There was an outdated military database at play, and not just Claude. It doesn't exclude AI interference of course but your statement is just not correct.
The reason is pretty obvious. Anthropic tried to play hardball with the government and now they are under their thumb for scrutiny of any and every little thing they do.
That's what this admin is known for. If you do even what a normal person would think is sane but they don't like it, well now they need to make you bow down and break you so you "learn your lesson".
It doesn't help that they themselves marketed this model as being especially dangerous in the publics hands. If this was just another model drop and none of the fear mongering I don't doubt this probably wouldn't have had any issues.
It is important to note this formula doesn't require understanding any subject.
People keep seeking logic where there is non. We have an internet full of theories assuming there is more to it.
I mean the logic is simple but people don't want to admit it, you must pay the vig if you want in on the action. Before this type of naked corruption would take the form of boardroom seats/book deals/speaking gigs after you leave office but now it's more open so others will take note.
It also helps if you bust a few kneecaps in the process to show what happens if you go astray.
>The reason is pretty obvious. Anthropic tried to play hardball with the government
that is one.
Another is who is going into the first IPO. Troubles for Anthropic IPO would channel all those money into OpenAI's one. Check financial interests of this admin. Hint - they aren't with Anthropic.
Third - most of the export and access controlled tech of the past wasn't productivity multiplier, nor human replacement. AI is a different case - the more capable AI the more its general economic benefit. Export and access control of AI allows you to more and more control the whole domestic and large part of global economy, not just military capabilities like in the past.
Political - coming into elections with "this evil new tech was coming after your jobs, yet we reigned it in and protected your jobs". After all such approach has been for decades working great when it comes to coalminers.
Note that specific bug-finding capabilities of a specific model is a red herring here, and other leading models are almost there, and definitely will be there in a month.
It is all about revenge, money and power.
Alternatively, this is the best advertising for which Anthropic could hope: "Our product, and nobody else's, is so good that the government declared us a threat to national security." If they bring it back for US-nationals only, maybe demanding ID for users, people will think it's the bees knees: "so dangerous that non-Americans can't have access" probably sounds like a ringing endorsement to some C-level decision makers.
Crowdstrike took down airports in July 2024, and its stock was back up by October; it's double the price now. Everyone saw how systemically important it was and how it took down entire industries, and they asked why they weren't using it themselves if it's so important. See also the 2025 cloud outages.
6 replies →
>Troubles for Anthropic IPO would channel all those money into OpenAI's one.
Troubles for Anthropic would almost certainly affect OpenAI, significantly. Yesterday just proved that the government sees it within their remit to shut down AI models. All current and future AI investment now has to contend with this risk. You should even see the effect of this decision on SPCX on market open despite X.ai being whatever tiny fraction that it is.
1 reply →
>> Another is who is going into the first IPO. Troubles for Anthropic IPO would channel all those money into OpenAI's one. Check financial interests of this admin. Hint - they aren't with Anthropic.
Yep. Kushner owns private shares of OpenAI.
> The reason is pretty obvious
I would argue the simple reason is that Amazon wanted to fsck Anthropic to set them back, despite whatever partnership they may claim. The competition at that level is intense and these guys do not play by the same rules that regular people do. They can't flat out murder each other (yet) so they find other ways to do it.
Why? Amazon makes tons of money serving Anthropic models through Bedrock and they seem to have basically given up on their own frontier models.
Previous administration was same way… intentionally not including Tesla in an EV summit
This is lacking any nuance. The CEO not being invited to a meaningless ceremony vs being designated a supply chain risk by the DoD and being forced to shut down your product. Use judgment.
4 replies →
> intentionally not including Tesla in an EV summit
this comparison is orders of magnitude different
Wasn't that a UAW summit about EVs? Tesla does not work with UAW, so they wouldn't appear at a UAW event.
Give me a break with this. You are not so thick as to think the two things are remotely comparable.
This is corporate Game of Thrones, nothing more. Amazon, maybe in alliance/deals with others as well saw an opportunity to hurt their rival. Or maybe they were instructed to report this by the WH themselves. Hegseth and the WH will happily take any excuse to hurt Anthropic after the confrontation with DOW, being the vindictive cronies they are.
I thought Amazon has a stake in Anthropic, and would want them to succeed.
Probably a con job. The AI companies don't think they will be able to significantly improve their models in the next year or so, so they are stalling with government regulations whilst taking in investor money.
I’d invert - given their significant competition for government business, what would be a reason for not doing this?
Doesn’t Amazon own 14% of Anthropic?
Anthropic themselves have played up the dangers of Mythos, limited its release, etc. So if it can be jail broken then it specifically deserves controls, per Dario’s own manifestos. David Sacks - the “AI Czar” - also said the government asked Anthropic to patch the issue but they refused, which is bizarre. And that led to the export ban.
sama says think more about what direction you want to go in, and then go in that direction. Some people think in one direction and go in the opposite direction.
Because based upon on what Anthropic has told the “AI people” and military, it is dangerous if an adversary gets its hands in the cyber capabilities. Knowing that if they ignored it and something did happen, heads will roll. Blame Anthropic for that, or wait if they are all for safety, they shouldnt complain.
> why they informed the government
Having no moat, they want to manipulate the government into creating one for them.
> I still am struggling to understand
And? Does it matter?
Reminds me of people freaking out about the Grok Bikini thing, but GPT and Googles image model they all do the same behavior. Clearly biased against Elon Musk despite it being a problem for every single image model out there.