The bottleneck is compute and data, not the model. That's why they could only gate it for a bit. The ITAR thing proves it: no nationality controls in place, so the only option was killing the whole thing. Not exactly what an all-powerful gatekeeper does.
But is that last part actually true though? Sure, there might be 600B+ models available for download and local inference if you have the hardware, but does the users who use Anthropic switch over to those even if they're available even as hosted models? Seems like some do, most don't, Anthropic and Claude remains very popular among the people who use LLMs, there is no denying that.
I'm currently spending $200 for Claude. That's around my maximum that I can afford. I could stretch that to $500 I guess. But I saw reports of people spending tens of thousands of dollars with Claude API. That's certainly outside of my budget.
So if/when Anthropic decides to stop subsidizing subscription (if they ever do that thing, I still not sure about that), I'll certainly look at the other options. And available "open weights" LLMs hosted by someone will be my first pick. Right now Claude 4.8 feels very advanced, but things move very fast...
Only because someone else is paying the bills. I use Claude Opus at work because my employer pays for the tokens and encourages me to do it.
At home, I use DeepSeek Flash. It's not as good, but it's maybe 0.7 quality for 0.001 cost.
Try running the latest OS models on a normal Mac or PC. Claude Fable and Mythos are systems not just pure models.
And of course marketing. Don't believe the hype.
I think Claude is often times underwhelming. Security concerns are also a concern companies have a blond spot for. The really toughest pro security (Yes, pro! Totally different framing!) company I know is Google after all.
What I can companies advise to do is, really having more than just bug bounties but a professional hacker team that does nothing else but attacking them the whole day and night 24/7. This needs to be coordinated with the government otherwise you might sound an alarm and will be SWATed for doing good. And I would pay them huge sums since the risk and fallout warrant such a treatment, not the standard wage.
Hackers are the real deal, not AI. Proof: Hackers using AI.
It can be done through the magic of SSD offload. The worst case involves seconds-per-token speeds, but that's OK if you only care about low volumes of slow unattended inference, which maximizes utilization for the hardware.
(The real worst case, where you're streaming the whole model from the cheapest storage you could feasibly think of, involves multiple minutes per token for a single inference, or even hours per token batch if you're doing many inferences in bulk. That's a lot less helpful, so there's a space for smaller models at the edge, even for unattended workloads.)
AFAICT … despite saying you “disagree”, you appear to be agreeing with the parent comment that the model is less important and compute (all that complex infra) and data (also complex infra) are more important.
> I disagree. It is not the model alone. It needs a system which capitalizes on it. And this is very complex. Hardware, software, architecture - it takes a lot to get it right.
What do you disagree with exactly?
Not for now, but how long before we have KYC regulations concerning LLMs?
The amount of tokens required to properly distill a frontier model is so large that by the time you could consume the # of tokens you would either be banned for extremely obvious abuse or a new model would be released, rendering your efforts less and less valuable over time. Intelligence is not a linear thing. Being behind just a little bit can have exponential consequences.
Isn't "distillation" of another provider's model exactly how these models got training date in the first place: Massive amounts of the written word + Prompt -> Answer. Why wouldn't distillation produce similar "reasoning" in the new model? It's just inputs and outputs.
That's a different problem that what you're arguing against.
People like Yud at least have a clear consistency in their advocacy that we shouldn't be developing this at all. Anyone who thinks they can reconcile Anthropic's work with the AI safety mission is in total fantasyland, if it's not just a public persona they've adopted strategically.
Also, the fact that these employees are now in the position to outbid one another for 8-figure real estate gives them a powerful incentive to keep “believing”.
1) It’s safe to assume the US would do its best to prevent it, and even if Anthropic was successful in exfiltrating their data, code, models, and people, I’d imagine the US would immediately block all US companies from working with them. So they’d be blocked from their own US-based compute, plus Google, Amazon, Microsoft, xAI, Meta, etc.
2) Where would they go? China maybe, but as far as we can tell it doesn’t have sufficient compute for Anthropic’s level of need. The EU likely as or more restrictive in different ways to the US - the EU is hardly buzzing with AI innovation. Some Middle Eastern countries might have the money, energy, and interest in carving out such a position, but no compute. Plus I’d imagine the US would act directly against any country or region receiving them, economic or otherwise.
3) Then, as said elsewhere, the US would block GPU sales to wherever they found a safe haven, preventing the buildup of the compute they’d need to continue.
Depends what you mean. The academic work seems largely... fine? Plenty of good work came out of Europe or European researchers. It seems the problem is more "trying to build a trillion-dollar company of any kind".
It's an interesting question: does the EU seek only to regulate successful modern American companies to death, or home grown ones too? Probably not a gamble worth taking.
The EU options are not even close to what CF can do
That's not the problem.
The US government can export ban GPUs like they do now to more countries if needed. Even if the infrastructure exists, the GPUs won't.
This too, will end up being a good thing for them. The ban will end up getting lifted due to some "amazing deal" in the coming weeks and Anthropic will now have the "Trump tried to ban them, so they MUST have the most advanced AI model in the world!" stamp of approval just before IPO.
All this stuff is pro wrestling kayfabe.
As I understand it, ITAR regulations for export controls have just been applied to any form of Mythos. These are overseen by U.S. Departments of State and Commerce, and forbid foreign nationals from access to any form of Mythos, either within or outside the U.S.
Only U.S. citizens and immigrants that are holders of a "green card" may now access Mythos.
It appears that Anthropic does not have internal controls to implement these restrictions in any form, so the only option was to shut Mythos down.
Penalties for ITAR violation can reach ten years in prison and a million dollars per violation. (I can post a link to those details if there is any interest.)
As long as Anthropic is a U.S. company, there is no escaping this.
https://fortune.com/2026/06/14/how-a-warning-from-amazon-led...
Textbook retaliation for not letting them use an abliterated version of Claude in weapons systems.
This effectively renders any US closed model useless for any foreign company. Could happen to OpenAI, Google, etc. Too much of a risk to implement something that can be yanked out because the company didn’t behave the way they want.
Looks like it’s time for Kimi, Z, Deepseek to take the front row. They’ll catch up in a few months anyway. Kimi code 2.6 is crazy good
"When you further combine this realization with the company’s pronouncements about AI’s ability to conduct all economic activity, you realize that Anthropic’s leadership effectively wants to have power over everything and everyone."
This is fearful stuff on all sides, and none of the people involved might realistically be able to navigate the danger.
Reminds me of the RISC-V Foundation → RISC-V International move to Switzerland. Around the time some dumbass Republicans tried to impose export restrictions on a set of open, world-wide used specifications.
Pandora's box has been opened, and there's no closing it. Capable AI models will be everywhere.
The signal is clear enough though for the next Anthropic..
Europe has extradition treaties, so the U.S. can force anyone in Europe back to the U.S. for criminal indictment who demonstrates inappropriate possession of this technology.
“Claude, I want to blow up a factory running this leaked software. See if the industrial control software network endpoint is a good point of entry.”
It’s doing the same work and producing the same output for both prompts. How do you block one but not the other?
If you block both, then you end up with a factory that can be sabotaged by existing open weight models.
If you are to believe Anthropic, Fable was export controlled for bug finding, not for exploit construction. They seem to be working to make this the "bright line" for LLMs being a national security risk. My guess is that will be the case they take to Washington this week.
This is why responsible/coordinated disclosure exists in the first place.
The factory does decent software engineering - for which it can also use the same llm - so that when an attacker does either, a sota llm does not find bugs to exploit.
I really dislike this belief (that has at least been expressed here) by some that X is okay because they-really-believe-it. This has a real Road to Hell stank on it.
It is incredibly convenient when your predictions or supposed beliefs go south. Well, we really believed that we were doing it for the betterment of human kind. And we really believed that X was an existential threat that was inevitable in which case we had to step up and do it because we we the only good guy ideologues. So sorry but not sorry.
I also don’t care if commenters know rank-and-file on the inside that “really believe it” as well. Not for one second.
So... what, you just don't trust anyone good? Would it be better to pull in a health insurance CEO? They're happy to watch people die for profits, no concerns at all about them pulling a "greater good" card because they're in it for entirely selfish reasons.
Modern society is built on the idea that competition is required from companies, and we seem to be exiting that age into a new world of monolithic, monopolistic, mega-corps. Personally, I find that a real route to dystopia.
Where do you draw the line here?
What happens when your car stops working because you're driving a tesla, but you're working on EVs for Honda or Ford?
What happens when your macbook stops working, because you decided to commit to changes to ARM software, or RISC-V?
---
And before you dismiss those, this is literally what Anthropic is doing TODAY. Using their tools to develop competing tools is something they classify as mis-use, and shut you down for doing.
Personally, I just can't accept that as a valid moral stance. Wonderfully successful, abusive, and dystopian? Absolutely. Moral? FUCK NO.
When tools turn themselves off because the manufacturer has decided it doesn't like how you're using them... you're a slave with no autonomy.
> So... what, you just don't trust anyone good?
The baseline here is apparently that they are good, I’m just supposed to trust and shut up?
Ehh, I think it's a lot more grey than "definitely not". It's hard to ignore that their claims that their model is so dangerous they can't widely release it is tantamount to declaring that they're in a league of their own and have to be treated with white gloves to prevent the sheer power of their model from shattering global prosperity.
This isn't the first time, and nothing bad has happened with the prior models. Every time it gets a little harder to believe that they believe in the threat, and makes it feel a little more like it's just to build hype. There's only so many times you can say "this model is a threat to the world", have it turn out to be nothing, and avoid people accusing you of lying to pump stock prices.
This has been covered before: https://aisle.com/blog/ai-cybersecurity-after-mythos-the-jag... (https://news.ycombinator.com/item?id=47732020)
> Anthropic’s cautious roll-out was justified. The problem with publicly releasing models, however, is that guardrails can be jailbroken, and apparently that is exactly what happened shortly after the release
The future is unevenly distributed. Anthropic, and Amodie in particular, seem to be of the mind they can control a bit of the unknown using words. They are likely being guided by the very product they built. *AI CAN MAKE MISTAKES
That Project Glasswing bullshit reeks of it. Corporations have take control of our attention, our Internet, and now our thinking.
I say it's high time to take it back.
Is not
We sent open weight models against a codebase to find vulnerabilities.
In that sense: The AISLE replication still provides too much information to the model, but its not far off, and others have replicated Mythos' findings in a more clandestine manner on open source models. Some were totally capable of finding the same vulns Mythos found back in ~March (and today, the new Kimi K2.7 is looking extremely good, very little doubt it could do it).
The critical difference is that post-processing: the Mythos model/harness has some step to induce Mythos to actually exploit the vulnerability, leveraging its ability to do so as a ranking mechanism. Anthropic inferred that this led Mythos to discover vulnerabilities nothing else could discover, which is not true, and Anthropic should be held accountable for this weird artifact of that communication. However:
- An OSS model might find the vulnerability but rank it as a 3/10. Mythos finds it, chains it with a second vulnerability, now suddenly its an 8/10.
- An OSS model might find the vulnerability, alongside fifty other vulnerabilities. The operator ignores all of them.
The problem with automated vulnerability detection, including with LLMs, is that they find the haystack, not the needle. Every piece of hay might be a vulnerability, but whether its worthy of fixing is another matter. Mythos does represent a meaningful improvement; it better finds the needle.
Not affiliated with the bench in any way, but I think it surfaces important differences between the behavior of the models from different labs.
TLDR: The benchmark is measuring pushback in response to nonsensical requests and questions, as opposed to going with it and hallucinating a nonsensical answer.
[0]: https://petergpt.github.io/bullshit-benchmark/viewer/index.v...
> Anthropic models have consistently been top-scoring in BullshitBench[0]
eyeroll I find that Anthropic models feel big and dumber.
https://www.endorlabs.com/research/ai-code-security-benchmar... puts Fable 5th, which seems about right to me.
I'm interested in code utility and correctness, even if the majority of AI use is not focused on that.
Anthropic believes they have the responsibility to guard their tools from mis-use. That is all. They are not trying to "control" anything or anyone. They do however decide what they think is mis-use.
I think assuming you have the ability to guard a tool (that you're "selling" for profit) from mis-use is the definition of "controlling behavior".
It's the kind of ethically myopic take that can only really exist in this new digital age - where tools aren't actually sold, they're just digitally rented.
The most telling part of the "control" narrative is that they happily classify "competition" as mis-use. We're headed back to serfdom on a speedrun.
Installing safeguards to prevent a tool from being used for certain things is a perfectly natural and common thing to do when you are providing the tool as a service. For example, blocking VPNs and open proxies from accessing a free service if those are a major source of spam and abuse. Note that Anthropic never provided the model for offline use in a form that includes DRM -- they are simply safeguarding the service that provides access to the hosted model. The only ethical concern I see here is that some of their safeguards are ones I wouldn't personally agree with, and in a world where dependence on a model is expected it can become an issue if the model refuses to perform in some cases, etc., but that doesn't automatically mean the refusal itself is unethical unless that issue was known and expected (and unless the alternative is not bigger, worse bads)
Also note you are not even "digitally renting" anything. This is the exact same type of thing as, say, real humans in real life refusing to perform services for certain clients or under certain circumstances. Networking makes it possible to decouple some of these things, but that doesn't magically make it renting or automatically turn a refusal to perform services into an attempt to control clients. Just the same as I can choose to refuse any request, which does not automatically constitute attempted control over the asker. There can be ethical concerns about whether my refusal causes problems that I'm obligated to avoid (and whether or not such obligation exists), but that doesn't automatically contaminate the refusal itself unless I have knowledge of and intend the bad.
To use a much more relevant example, Anthropic's refusal to allow its models to be used for war (among other things) does not constitute any attempt to prevent war. It's only a refusal to assist in it. That's not some unfair, unethical attempt at controlling the government, that's just Anthropic not wanting to be responsible for assisting in war.
That might be one of the most important points in the post. Very troubling.
It's questionable whether the current government can even unite the talent required for this project. Seizing it might just push all the talent to Europe or China.
The idea of open-sourcing something that falls into the "national security" category is clearly a non-starter unless there's more powerful, classified models that can outmatch them.
I think Anthropic has clearly demonstrated the most responsibility here: they've been crying for regulations, they were careful about Project Glasswing, and they've got comically over-sensitive filters around numerous topics.
if they had more success on alignment and safety research then I don't think the cludgy filters would be necessary
This only just shows how strong Mythos/Fable will be, once released to the public.
I'm guessing about 0.5 year till public.
Ant’s models, culture and leadership actions are largely consistent with their beliefs, even if they may seem flawed / incomprehensible.
Relevant anecdote: I interviewed with them for a MTS role in 2023. I think the technical part went fine but the interviewer was clearly frustrated by my low regard for LLM safety. I didn’t get the role.
Anecdotally I've heard this is weighted as much as the technical interviews.
It's actually not that hard to explain if we take into account what Dario kept saying: he, or Anthropic thereof, would be the gatekeeper. It is he who tells the government how to use Claude to design drones. It is his model that tells users whether they can ask a question to Claude or not. And it is he who can assess whether a jailbreak is dangerous or not.
Personally, I think that is way more dangerous than being a hypocrite. Dario is basically the Robespierre of the AI era. He believes that only he gets to decide whether our thoughts, or our prompts thereof, are pure. Anything impure gets purged. For his moral utopia to stand, he has to wield the guillotine. Otherwise, with the chaotic diversity of human nature, how else do you manufacture that perfectly uniform, beautiful morality?
I'm not saying these things aren't useful or interesting. But if get told a slot machine is not just a tool, but that actual tools have to go the way of the dodo so we can focus more on getting good at gambling and befriending the dealer, I know something is up. And in that sense, I'm actually pleasantly surprised at how crappy many tech companies are at not letting the mask slip before the victim is actually in the bag. It doesn't seem to make much of a difference, but imagine if they were actually good at this.
They’re like look at our safety and they do all thesse outrageous things.
I always thought safety was interesting in and of itself, but for some reason HN doesn’t have many people from the safety side of tech in conversation.
Tech isn’t a niche hobby anymore; Billions of people are impacted by the decisions of a few firms.
My grandfathers android had 3 different messaging apps installed, somehow. AI is enabling new forms of fraud at a time when we still haven't solved the old ones.
And this is all in the first world, move your coordinates to the developing world? We had human trafficking to get educated English speakers into call centers in Laos/Cambodia to defraud first world inhabitants of their money.
We aren’t in the early days of tech anymore, and the kind of scale that we have enabled comes with it a certain cost. We can choose to ignore them, or to understand them, but we will feel their impacts all the same.
Anthropic likely knows this and is merely performing a song and dance. They're auditioning to be THE frontier AI lab.
Do they have it or do they just sell it?
I don't find this blisteringly clear at all. A company making it harder for competitors to steal their IP is perfectly normal. This is Ben Thompson's personal grudge against Anthropic showing, yet again. He can't think rationally about this company.
- Satya Nadella
Microsoft when they're losing.
>Every company is going to have to build what I think of as human capital and token capital. Human capital comprises the knowledge, judgment, relationships, ingenuity, and pattern recognition of its people, while token capital is the firm’s AI capability it builds and owns. Importantly, human capital does not become less valuable as token capital grows.
- Satya Nadella
Either incompetent or lying.
