On June 9, 2026, Anthropic shipped its most capable models yet: Claude Fable 5 and Claude Mythos 5. Big launch, lots of fanfare, the usual "this changes everything" energy that every AI release comes wrapped in these days.
Three days later, at 5:21pm ET on June 12, both models were just... gone. Not "down for maintenance." Not quietly deprecated the way products usually die. Switched off, worldwide, for every single customer, by direct order of the US government.
And that's the bit that should actually bother you — not that a government cares about AI safety (sure, fine, that's its job), but that nobody had done this before. Export controls have spent years climbing the AI stack like a very slow, very bureaucratic ladder: chips first, back in 2022, then the equipment that makes chips, then the compute and cloud access that runs the chips. Every rung of that ladder was infrastructure. Something you could physically point at in a warehouse.
This time it was the model. Software. Already deployed. Already in the hands of hundreds of millions of people. Pulled offline on a random Tuesday evening like someone yanking a cable out of the wall.
What actually happened (the part they'd rather you skim past)
Commerce Secretary Howard Lutnick sent a letter to Anthropic CEO Dario Amodei ordering the company to suspend all access to Fable 5 and Mythos 5, for any foreign national, anywhere on Earth — including Anthropic's own foreign-national employees, presumably mid-lunch. Anthropic complied that evening. Then, in a move that I can only describe as "in for a penny," it disabled the models for everyone, domestic users included, because apparently geofencing in real time was more hassle than just turning the whole thing off.
Here's the trigger, as best as anyone's pieced it together: Amazon researchers found a way to prompt Fable 5 into identifying — and in at least one case, demonstrating how to exploit — a software vulnerability. Anthropic's own read afterward was that the flaw was minor and already known. Not zero-day. Not "the internet is on fire." The kind of bug a mildly caffeinated engineer finds on a slow Tuesday and files as a low-priority ticket.
The government, for its part, didn't publish much beyond "trust us." Anthropic has said the evidence it received was largely verbal. As in: someone talked, and a product used by hundreds of millions of people got switched off worldwide.
Anthropic's public response was, politely, "are you serious." If a minor, already-known vulnerability is grounds for a full global recall, every frontier lab on the planet is one prompt away from a shutdown letter. That's a company with a very obvious financial interest saying it — worth flagging — but it's also not a crazy thing to point out.
The part that genuinely doesn't add up
Fourteen days after the shutdown, on June 26, the government partially caved. Mythos 5 — Anthropic's strongest cybersecurity-flavored model — was cleared for use again. Not for everyone. For a specific list of more than 100 companies and government agencies, under a program with the very serious code name "Project Glasswing," framed around defending US critical infrastructure.
A handful of names leaked out: Cisco, JPMorgan Chase. Big, respectable, "of course they're on the list" names that make the whole "critical infrastructure" framing sound very reasonable.
Except the actual list — which the government's own letter calls "Annex A," like it's a classified appendix in a spy novel — was never made public. We know it's 100-plus organizations. We don't know most of them. We don't know how you get added.
Then on July 1, eighteen days after the original shutdown, Fable 5 came back too. For everyone. Globally. The fix wasn't a strongly worded statement — it was an actual cybersecurity classifier, purpose-built to catch the exploit, blocking it in more than 99% of cases in testing.
So walk through that timeline slowly, because it stops making sense the longer you look at it. If this was serious enough to pull a global product on almost no public evidence, how did the fix take under three weeks to design, build, and ship? And if it was mild enough to fully resolve in eighteen days, why did a hundred-plus companies get early, quiet access to the "dangerous" model eleven days before anyone else — off a list nobody outside government and Anthropic has ever seen?
Both things happened. Both are documented. Neither one makes the other one make sense.
A quick history lesson, because this has happened before (sort of)
This isn't the first time Washington decided software counts as a weapon. In the 1990s, the US classified strong encryption as a controlled munition — same legal bucket as missile parts, which is a genuinely wild sentence to type in 2026. It took a lawsuit, Bernstein v. DOJ, before courts ruled that publishing security code was protected expression, which put a real ceiling on how far that era of control could reach.
Here's the difference, though, and it matters: those 1990s controls restricted export. They didn't reach into a product already humming along on American users' laptops and switch it off. This order did exactly that, at least for a few hours before the "foreign nationals only" scope got clarified. That's a bigger claim of authority than the encryption era ever actually tested in court.
My honest read
I don't think this was theater. Amazon researchers found something real, even if "minor and previously known" is doing a lot of quiet work in that sentence. And the government didn't sit on this indefinitely — three weeks, a technical fix, a full restoration. That's not really the profile of an agency trying to permanently grab the wheel of frontier AI.
But "it got resolved fast" isn't actually the question worth asking here. The real question isn't about Fable 5 at all. It's that the mechanism now exists, it's been used once, it worked, and the public got a letter and a verbal briefing instead of anything resembling evidence. Levers that get pulled successfully once tend to get pulled again — and the next reason might be a lot messier than a documented jailbreak.
Key things worth holding onto:
For the first time, a government suspended an already-deployed, mass-market AI model worldwide — not chips, not compute, the actual model.
The disclosed evidence was thin: a jailbreak technique, described as minor and previously known, delivered largely verbally.
Access came back in stages — Mythos 5 partially, in 14 days, for a non-public list of 100+ organizations; Fable 5 fully, in 18 days, after a technical fix.
The undisclosed "Annex A" list means the actual criteria for early, privileged access to a "risky" model are still not public — even after the fact.
The closest historical parallel, 1990s encryption export controls, only restricted export. This reached an already-deployed domestic product, which is a meaningfully bigger claim of authority.
If a government can switch off a commercial AI model worldwide on a random Tuesday evening, on evidence it never fully shows the public, and then quietly hand early access back to a hundred companies it won't name — what exactly is the process the next company should expect, the next time this happens?
Sources: Anthropic, "Statement on the US government directive to suspend access to Fable 5 and Mythos 5"; Anthropic, "Redeploying Claude Fable 5"; Bloomberg, "Anthropic Says US Orders Halt to Foreign Access for Fable 5, Mythos 5 AI Models"; CNBC, "Anthropic disables access to Fable 5 and Mythos 5 to comply with government directive"; CNBC, "Trump admin allows Anthropic to release Mythos AI model to some companies, government agencies"; Al Jazeera, "US orders Anthropic to disable AI models for all foreign nationals"; TechCrunch, "Trump admin releases Anthropic Mythos to be used by more than 100 US companies, agencies"; Forbes, "Anthropic Disabled Fable 5 And Mythos 5 After A U.S. Export-Control Order"; Bloomberg, "US Government Lifts Restrictions on Anthropic's Fable 5 Model."
No comments:
Post a Comment