A group of 76 cybersecurity experts, including industry veterans, has called on the US government to lift its export control order on Anthropic’s Fable and Mythos models. The open letter argues that the ban takes away the best models from cybersecurity defenders, preventing them from identifying vulnerabilities and improving their software and products. To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous, it said. On June 12, the US government ordered Anthropic to restrict
the export of its Fable and Mythos models due to national security concerns. In response, Anthropic has suspended access to these models for all users globally. The letter was signed by several high-profile cybersecurity experts, including Alex Stamos (former Facebook chief of security), Casey Ellis (founder of Bugcrowd), Jon Callas (former Apple security design and architecture manager), and Paul Vixie (computer scientist), among others. When Mythos was previewed in April, Anthropic said it was so good at finding security vulnerabilities that they had to restrict
access tightly. This was done to prevent malicious hackers or foreign adversaries from exploiting it. Initially, around 50 companies were given access to Mythos. Recently, this group has grown to about 150 organizations across 15 countries. Last week, Anthropic launched Fable, a public version of Mythos. The company claimed it had strict guardrails to prevent its use in biology, chemistry, and cybersecurity. These guardrails were so strict that many cybersecurity experts found they blocked nearly all prompts related to cybersecurity. The White House export control
order may have been based on a report that there was a way to bypass Fable and unlock its powerful Mythos-level capabilities. Katie Moussouris, one of the signatories of the open letter, said that Amazon researchers demonstrated a way to bypass Fable in a paper she has reviewed. However, she clarified that it didn’t actually show a real jailbreak, but rather asked Fable to fix open-source code with public, known vulnerabilities, along with deliberately planted vulnerabilities. Moussouris stressed that this behavior can’t be meaningfully fixed
without weakening the model’s defense. The open letter also emphasized the need for transparently and fairly enforced regulations created by a democratic rule-making process based on scientific research done by industry and academic experts. It also called for these regulations to be used only to the minimal extent necessary to ensure the safety of the American public. This highlights an appeal from cybersecurity experts for balanced regulation in AI technology development and deployment.
Anthropic, Fable, Mythos, export control, cybersecurity experts, open letter, US government, guardrails, national security