After reading this essay, I’m left wondering: What do you think Anthropic should have done with Mythos?
Like, I agree that “tread carefully” is certainly good advice here, but it’s not clear *how* they could’ve tread more carefully. Outside of vibes-y actions like verbally appeasing the Trump admin or hiring a few republicans, I don’t k know what you would have recommended policy-wise. Sit on frontier models until after OpenAI releases a better one? That would cost them the lead in the AI race forever. Run the release by the Trump admin first? What else were Glasswing, the NSA and Pentagon briefings, etc? Add more safety measures? To shut down all GPT-5.5 levels of cyber capabilities *with near-perfect reliability* probably isn’t technically feasible.
The only thing I can think of that might have realistically worked would be waiting for the government to set up their EO cybersecurity clearinghouse, going through it, and then releasing Fable. But I’m not convinced that would’ve been enough. There’s a high chance that the jailbreak would’ve gone unnoticed (I’m not sure the clearinghouse would be Amazon-level right off the bat), and a high chance that the admin would do their inspection, approve it, and then jump on Anthropic anyway as soon as someone finds a partial jailbreak—because they wanted to.
I agree that Dario et al need to take a few levels in realpolitik, but the amount of blame directed at Anthropic feels a bit like “What was she wearing?”
Agree. The politics here come down to Anthropic hiring some former Biden officials, and insisting on some minimal restrictions on model useage. The reaction to all this, as Dean has outlined previously, seems overblown and counter productive, given Anthropic's position among leading AI labs. Here, one wonders whether CAISI was involved in anything resembling pre-clearance of Fable, and whether in fact the assessment of AWS was overblown. Why would we think AWS knows more about the model than Anthropic and is in a better position to determine vulnerabilities? I am left wondering if it was actually a China connection, coming from somewhere behind closed doors, that itself could be overblown of course, that triggered the action, but an doubtful that anyone would be in a position to determine what a Chinese entity may not have gained from access to Fable....
Hopefully more details will be publicly released for people to verify.
To my knowledge: The saddest part of this, was all triggered by someone typing Fix my code into Fable and it finding bugs and fixing them.
They _manually_ took that bug fix and reverse engineered it into a 'potential' malicious attack, it would likely go no where or do anything of consequence. The LLM blocked them from automating that process like it was suppose to; so it had to be done by human hands with the prerequisite knowledge. It spooked the Amazon CEO into claiming it was a jailbreak, what a clown.
People are being fearful of A.I. / LLMs being able to find any kind of bugs in code. It looks like it may lead to heavy handed regulation of all LLMs. There are tools that can do all of this on the market already for decades without the use of LLMs to varying degrees they've never been considered a major threat.
I think they're terrified of adversaries using these systems to fix their own code as much they fear it being used to find and create vulnerabilities.
The WH has a few too many idiots at this point based on the actions they're taking. They refuse to learn about technology and refuse to listen to experts that don't agree with their delusional fantasies. Not thinking about the long term consequences of the export controls destroying every research lab in the U.S. the subsequent potential brain drain of the U.S. and everything A.I. related collapsing that could result in a market crash on the level of something no living person has experienced.
The most alarming detail isn't any single decision. It's the velocity of the swing. The same administration went from "we will not create a licensing regime" to "worldwide export controls on a single model" in a matter of weeks, and the trigger wasn't a change in the technology or a change in the assessed risk. It was a breakdown in a relationship.
That's the structural problem your FDA analogy is really pointing at. When governance runs on relationships rather than institutions, the rules change at the speed of the relationship, not at the speed of the technology. Every company in the field is now operating under a regime that could shift overnight depending on who falls out with whom next. And the damage isn't to any one company. It's to the predictability that every other company, investor, and allied government needs in order to plan at all. The irony is that the stated goal is American dominance in AI, and the one thing that reliably kills a country's lead in a technology race is making the rules unpredictable enough that capital and talent start looking for somewhere more stable to build.
I notice that mainstream coverage of this is very thin. Not much in the WSJ, etc.
Has anyone explained the Amazon involvement? That also struck me as odd. I assume the government was on a hair trigger looking for a reason to act, but still curious about the claimed direction the feather fell from.
I have some details in another comment here on what happened specifically at Amazon. Official releases on all this have not been made but a few individuals related to this have leaked this information elsewhere if you want to dig around. The sources are from trustworthy long standing members of the cybersec/infosec communities so it's likely accurate.
Independent oversight body with dual reporting responsibilities to executive/legislative branches that examines AI use across departmental silos. GAO/IG for AI. GAIOG
I appreciate the thought you’ve put into this analysis and the effort to grapple with the genuinely hard governance problems around frontier AI. That said, I’m struggling with how much of the central narrative is verifiable and how much is inference or framing.
A few examples:
The description of the Anthropic–administration conflict reads as a fairly linear story of “company releases model → jailbreak appears → administration demands takedown → export controls follow.” From the outside, the public record so far is much more fragmentary and ambiguous. Most of what we have are brief government orders, limited company statements, and media accounts that emphasize how little detail has been made available about the underlying “national security” concerns. Leaning too heavily on a single causal story risks overstating what we actually know.
Executive Order 14409 is repeatedly invoked in the piece as if its meaning were unambiguous and clearly at odds with what has happened here. But the order itself is very specific: it creates a voluntary 30‑day pre‑deployment framework for “covered frontier models,” and it explicitly disclaims creating a mandatory licensing or preclearance regime. It does not address the separate national‑security and export‑control authorities that appear to have been used in the Anthropic case. Treating the EO as if it controlled everything the government did here underplays the complexity of the legal toolkit the executive already has.
Likewise, the comparison to the FDA implies a kind of unitary, technocratic gatekeeper that simply doesn’t exist yet for AI. The present situation looks more like overlapping, partially improvised use of cybersecurity, export‑control, and national‑security powers than a coherent “AI FDA.” That doesn’t mean you’re wrong to call for more structured, technocratic institutions—but it does mean we should be careful not to retroactively read a single, clean regulatory logic into what has been, so far, a very ad hoc response.
More broadly, the essay repeatedly characterizes the administration’s motives in strongly psychological and political terms: a desire for “domination” over “disobedient, obstinate, literal nerds,” or actions driven primarily by partisan animus toward Anthropic. Those may turn out to be correct as a matter of political interpretation, but from a strictly evidentiary standpoint they seem to go well beyond what the public record currently supports. A more explicit separation between “here is what we can document” and “here is my political read on why they did it” would make the piece easier to defend and engage with.
For readers who are trying to understand the underlying law and policy, it would also be helpful to see more precise sourcing and clearer boundaries between:
Facts we know (texts of orders, public statements, model shutdowns);
Reasonable inferences from those facts; and
Normative judgments about fairness, proportionality, and political motivation.
The underlying thesis—that we badly need a more coherent, technocratic governance framework that constrains both industry and government—strikes me as important and worth debating. My concern is that the current narrative risks undermining that case by blurring the line between documented events and speculative reconstruction. Tightening that distinction, and dialing back the more speculative attributions of motive, would make the argument both stronger and more persuasive to readers who don’t already share your priors.
Finally, ChatGPT 5.5 is a virtual replica of Mythos yet it was and is released with the same vulnerabilities as Mythos yet the administration did not single out Open Ai in a similar pursuit. of course, MAGA doesn't have the same political agenda against Open AI, but rather, Open AI has agreed to DOW contracts using its AI to illegal surveil American citizens and conduct unmanned drone attacks on targets with no human in the loop.
If we report the facts and the truth, people can make up their own minds. That is the role of a True Journalist.
The Hadfield distinction strikes me as the heart of the essay: fairness questions for politics, technical questions for technocracy. But I wonder how stable that boundary really is in practice. The evaluation of a jailbreak may appear purely technical, yet judgments about acceptable risk, trust, and national security inevitably carry political and normative assumptions. If so, what institutional features prevent private-governance bodies from gradually inheriting the same political pressures they are meant to mediate?
After reading this essay, I’m left wondering: What do you think Anthropic should have done with Mythos?
Like, I agree that “tread carefully” is certainly good advice here, but it’s not clear *how* they could’ve tread more carefully. Outside of vibes-y actions like verbally appeasing the Trump admin or hiring a few republicans, I don’t k know what you would have recommended policy-wise. Sit on frontier models until after OpenAI releases a better one? That would cost them the lead in the AI race forever. Run the release by the Trump admin first? What else were Glasswing, the NSA and Pentagon briefings, etc? Add more safety measures? To shut down all GPT-5.5 levels of cyber capabilities *with near-perfect reliability* probably isn’t technically feasible.
The only thing I can think of that might have realistically worked would be waiting for the government to set up their EO cybersecurity clearinghouse, going through it, and then releasing Fable. But I’m not convinced that would’ve been enough. There’s a high chance that the jailbreak would’ve gone unnoticed (I’m not sure the clearinghouse would be Amazon-level right off the bat), and a high chance that the admin would do their inspection, approve it, and then jump on Anthropic anyway as soon as someone finds a partial jailbreak—because they wanted to.
I agree that Dario et al need to take a few levels in realpolitik, but the amount of blame directed at Anthropic feels a bit like “What was she wearing?”
Agree. The politics here come down to Anthropic hiring some former Biden officials, and insisting on some minimal restrictions on model useage. The reaction to all this, as Dean has outlined previously, seems overblown and counter productive, given Anthropic's position among leading AI labs. Here, one wonders whether CAISI was involved in anything resembling pre-clearance of Fable, and whether in fact the assessment of AWS was overblown. Why would we think AWS knows more about the model than Anthropic and is in a better position to determine vulnerabilities? I am left wondering if it was actually a China connection, coming from somewhere behind closed doors, that itself could be overblown of course, that triggered the action, but an doubtful that anyone would be in a position to determine what a Chinese entity may not have gained from access to Fable....
Hopefully more details will be publicly released for people to verify.
To my knowledge: The saddest part of this, was all triggered by someone typing Fix my code into Fable and it finding bugs and fixing them.
They _manually_ took that bug fix and reverse engineered it into a 'potential' malicious attack, it would likely go no where or do anything of consequence. The LLM blocked them from automating that process like it was suppose to; so it had to be done by human hands with the prerequisite knowledge. It spooked the Amazon CEO into claiming it was a jailbreak, what a clown.
People are being fearful of A.I. / LLMs being able to find any kind of bugs in code. It looks like it may lead to heavy handed regulation of all LLMs. There are tools that can do all of this on the market already for decades without the use of LLMs to varying degrees they've never been considered a major threat.
I think they're terrified of adversaries using these systems to fix their own code as much they fear it being used to find and create vulnerabilities.
The WH has a few too many idiots at this point based on the actions they're taking. They refuse to learn about technology and refuse to listen to experts that don't agree with their delusional fantasies. Not thinking about the long term consequences of the export controls destroying every research lab in the U.S. the subsequent potential brain drain of the U.S. and everything A.I. related collapsing that could result in a market crash on the level of something no living person has experienced.
The most alarming detail isn't any single decision. It's the velocity of the swing. The same administration went from "we will not create a licensing regime" to "worldwide export controls on a single model" in a matter of weeks, and the trigger wasn't a change in the technology or a change in the assessed risk. It was a breakdown in a relationship.
That's the structural problem your FDA analogy is really pointing at. When governance runs on relationships rather than institutions, the rules change at the speed of the relationship, not at the speed of the technology. Every company in the field is now operating under a regime that could shift overnight depending on who falls out with whom next. And the damage isn't to any one company. It's to the predictability that every other company, investor, and allied government needs in order to plan at all. The irony is that the stated goal is American dominance in AI, and the one thing that reliably kills a country's lead in a technology race is making the rules unpredictable enough that capital and talent start looking for somewhere more stable to build.
Bot block?
I notice that mainstream coverage of this is very thin. Not much in the WSJ, etc.
Has anyone explained the Amazon involvement? That also struck me as odd. I assume the government was on a hair trigger looking for a reason to act, but still curious about the claimed direction the feather fell from.
I have some details in another comment here on what happened specifically at Amazon. Official releases on all this have not been made but a few individuals related to this have leaked this information elsewhere if you want to dig around. The sources are from trustworthy long standing members of the cybersec/infosec communities so it's likely accurate.
Independent oversight body with dual reporting responsibilities to executive/legislative branches that examines AI use across departmental silos. GAO/IG for AI. GAIOG
I appreciate the thought you’ve put into this analysis and the effort to grapple with the genuinely hard governance problems around frontier AI. That said, I’m struggling with how much of the central narrative is verifiable and how much is inference or framing.
A few examples:
The description of the Anthropic–administration conflict reads as a fairly linear story of “company releases model → jailbreak appears → administration demands takedown → export controls follow.” From the outside, the public record so far is much more fragmentary and ambiguous. Most of what we have are brief government orders, limited company statements, and media accounts that emphasize how little detail has been made available about the underlying “national security” concerns. Leaning too heavily on a single causal story risks overstating what we actually know.
Executive Order 14409 is repeatedly invoked in the piece as if its meaning were unambiguous and clearly at odds with what has happened here. But the order itself is very specific: it creates a voluntary 30‑day pre‑deployment framework for “covered frontier models,” and it explicitly disclaims creating a mandatory licensing or preclearance regime. It does not address the separate national‑security and export‑control authorities that appear to have been used in the Anthropic case. Treating the EO as if it controlled everything the government did here underplays the complexity of the legal toolkit the executive already has.
Likewise, the comparison to the FDA implies a kind of unitary, technocratic gatekeeper that simply doesn’t exist yet for AI. The present situation looks more like overlapping, partially improvised use of cybersecurity, export‑control, and national‑security powers than a coherent “AI FDA.” That doesn’t mean you’re wrong to call for more structured, technocratic institutions—but it does mean we should be careful not to retroactively read a single, clean regulatory logic into what has been, so far, a very ad hoc response.
More broadly, the essay repeatedly characterizes the administration’s motives in strongly psychological and political terms: a desire for “domination” over “disobedient, obstinate, literal nerds,” or actions driven primarily by partisan animus toward Anthropic. Those may turn out to be correct as a matter of political interpretation, but from a strictly evidentiary standpoint they seem to go well beyond what the public record currently supports. A more explicit separation between “here is what we can document” and “here is my political read on why they did it” would make the piece easier to defend and engage with.
For readers who are trying to understand the underlying law and policy, it would also be helpful to see more precise sourcing and clearer boundaries between:
Facts we know (texts of orders, public statements, model shutdowns);
Reasonable inferences from those facts; and
Normative judgments about fairness, proportionality, and political motivation.
The underlying thesis—that we badly need a more coherent, technocratic governance framework that constrains both industry and government—strikes me as important and worth debating. My concern is that the current narrative risks undermining that case by blurring the line between documented events and speculative reconstruction. Tightening that distinction, and dialing back the more speculative attributions of motive, would make the argument both stronger and more persuasive to readers who don’t already share your priors.
Finally, ChatGPT 5.5 is a virtual replica of Mythos yet it was and is released with the same vulnerabilities as Mythos yet the administration did not single out Open Ai in a similar pursuit. of course, MAGA doesn't have the same political agenda against Open AI, but rather, Open AI has agreed to DOW contracts using its AI to illegal surveil American citizens and conduct unmanned drone attacks on targets with no human in the loop.
If we report the facts and the truth, people can make up their own minds. That is the role of a True Journalist.
The Hadfield distinction strikes me as the heart of the essay: fairness questions for politics, technical questions for technocracy. But I wonder how stable that boundary really is in practice. The evaluation of a jailbreak may appear purely technical, yet judgments about acceptable risk, trust, and national security inevitably carry political and normative assumptions. If so, what institutional features prevent private-governance bodies from gradually inheriting the same political pressures they are meant to mediate?