\n<\/p>\n
A group made up of dozens of cybersecurity experts, including several well-known veterans of the industry, published an open letter<\/a> to the U.S. government asking it to lift the export control order on Anthropic\u2019s Fable and Mythos models.<\/p>\n According to the open letter, \u201cthis action has taken the best models away from [cybersecurity] defenders\u201d who now can\u2019t use the models to find vulnerabilities and make their software and products more secure.\u00a0<\/p>\n \u201cTo pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous,\u201d read the letter.<\/p>\n On Friday, the U.S. government ordered Anthropic to limit the export of Fable and Mythos<\/a> citing national security concerns, without explaining the specific reasons behind the order, according to Anthropic<\/a>. In response, the company suspended access<\/a> to the models to all users worldwide.\u00a0<\/p>\n As of this writing, the letter is signed by 76 cybersecurity experts, including: former Facebook chief of security Alex Stamos; Casey Ellis, the founder bug bounty platform Bugcrowd; famed cryptographer and former Apple security design and architecture manager Jon Callas; computer scientist Paul Vixie; Dino Dai Zovi, the former head of applied security engineering at Block; Katie Mossouris, the founder of Luta Security; and Rachel Tobac, the CEO of the security awareness training firm SocialProof Security.\u00a0<\/p>\n When Mythos launched<\/a> as a preview in April, Anthropic claimed<\/a> it was so powerful at finding security vulnerabilities that the company needed to tightly restrict access to prevent malicious hackers or foreign adversaries from using it to cause havoc on the internet. In practice, that meant Anthropic gave around 50 companies initial access to Mythos, recently expanding that group<\/a> to include around 150 organizations in 15 countries.<\/p>\n Last week, Anthropic released Fable<\/a>, a public version of Mythos that the company said had strict guardrails to block its use in the fields of biology, chemistry, and cybersecurity, as well as to stop others from distilling the model<\/a> in order to recreate it. The guardrails on Fable were so strict that many cybersecurity experts found that it stopped essentially any prompts related to cybersecurity<\/a>.\u00a0<\/p>\n Anthropic said that the White House export control order may have been based on a report that there was a method to bypass \u2014 or so-called jailbreaking \u2014 Fable to unlock its powerful Mythos-level capabilities.\u00a0<\/p>\n \t\t\tDo you have more information about the Amazon paper that prompted the ban? We\u2019d love to hear from you. From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email<\/a>.<\/a>\t\t<\/div>\n According to Katie Moussouris, one of the signatories of the open letter, the method was demonstrated by Amazon researchers in a paper that is not public, but that she has reviewed.\u00a0<\/p>\n But Moussouris said in a blog post<\/a> that the paper did not actually demonstrate a real jailbreak. Instead, she wrote, the researchers simply asked Fable to fix open source code with public and known vulnerabilities along with \u201cdeliberately planted vulnerabilities,\u201d after the model initially refused to \u201creview the code for security issues.\u201d<\/p>\n \u201cThe behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense,\u201d Moussouris wrote. \u201cDefenders need to be able to ask AI to fix the bugs in a file, explain why the fix matters, and write tests that confirm the patch works. That is not a guardrail bypass. It is the most valuable thing an AI model can do for defensive security: executing the find, fix, and test loop defenders run every day.\u201d<\/p>\n Moussouris\u2019 critique was echoed in the open letter, which also said that the group of experts believe the method in the Amazon paper \u201ccan be replicated\u201d on OpenAI\u2019s GPT-5.5, on Anthropic\u2019s own publicly-available Claude Opus 4.8 and Sonnet, \u201cand even Chinese models like Kimi 2.7.\u201d<\/p>\n The letter also asked for transparently and fairly enforced regulations created by \u201ca democratic rule-making process\u201d that are based on scientific research done by industry and academic experts, and \u201cused only to the minimal extent necessary to ensure the safety of the American public.\u201d<\/p>\n<\/div>\n When you purchase through links in our articles, we may earn a small commission<\/a>. This doesn\u2019t affect our editorial independence.<\/em><\/p>\nContact Us<\/h4>\n