Who decides when AI is too dangerous?

On today’s episode of Decoder, my guest is Hayden Field, senior AI reporter for The Verge. Often when Hayden comes on the show, it’s because something has gone wrong in the world of AI. Last weekend, that something was a pretty intense mix of Anthropic, the Trump administration, and Anthropic’s new AI model, Fable 5. On Friday, not even a week since Anthropic released Fable to the public, the US government said it was imposing export controls on the new model, as well as the underlying Mythos model that Fable is based on. Those controls restricted foreign nationals, even those working for Anthropic in the United States, from accessing these models. Anthropic then took Fable and Mythos offline for everyone, because the company said it was worried it would not be able to restrict access and reasonably comply with the order otherwise. As you might imagine, this is all a giant mess. Hayden actually just published a fantastic play-by-play on The Verge about how this all went down last Friday and the scramble through the weekend from both sides to figure out what exactly happened and how it might get resolved. So I wanted her to come on and just walk me through the timeline and what it all means. --- [Image: https://platform.theverge.com/wp-content/uploads/sites/2/chorus/uploads/chorus_asset/file/24792604/The_Verge_Decoder_Tileart.jpg?quality=90&strip=all] Verge subscribers, don’t forget you get exclusive access to ad-free Decoder wherever you get your podcasts. Head here. Not a subscriber? You can sign up here. --- The situation is ongoing. As of Tuesday when we’re recording this episode, Fable is still offline — in fact, if you boot up Claude, it tells you right above the chatbox window that “Fable 5 is currently unavailable.” Yet as you’ll hear Hayden explain, whether Fable comes back online this week or not, the ripple effects of the government’s feud with Anthropic have far-reaching consequences for the tech industry and the US’s AI regulatory regime. There’s also a big irony here, and you’ll hear Hayden and me get into that, too: Anthropic has spent years arguing that AI might soon be powerful enough to be dangerous — and that the government needed to get serious about regulating AI sooner rather than later. Well… now we’re here, and Anthropic doesn’t love the way it’s playing out. And now, everyone — but maybe especially the Chinese government — is watching to see whether the United States’ AI regulatory approach takes the shape of a serious safety framework. Or whether it’s just another weapon for the White House to use against the companies and people that don’t bend the knee to the Trump admin. Like I said, it’s a real mess. OK: Verge senior AI reporter Hayden Field on the Claude Fable ban and the new AI regulatory landscape. Here we go. This transcript has been lightly edited for length and clarity. Hayden Field, you’re a senior AI reporter here at The Verge. Welcome back to Decoder. Thanks. Great to be here. It’s always chaos when you’re here, Hayden. That’s what I’ve come to discover. It really is. My rule is still in effect, in that it’s always a Friday. Stuff always hits the fan on a Friday and this was no different. Particularly when it comes to the government regulating AI, there’s a real “what if it all went crazy on Friday, so we all had to think about it over the weekend.” And then I think this has been basically true throughout the Trump administration. The scramble to put it all back together on Monday is immediate. Yep, exactly. It’s crazy. And the fact that all these talks were happening all over the weekend and then Monday, still no resolution. I’m surprised that things aren’t resolved yet, but yeah, lots of drama. Well, this podcast is going to come out on a Thursday. We’re recording on a Tuesday. We’ll see what happens over the next two days. But I think the big picture here of how the United States government should regulate AI and what that means for American AI companies on the world stage is open. I don’t think it’s going to be resolved with whatever happens with Fable. Let’s try to understand the whole story and then pull those themes out of it, because they’re just going to keep coming back around again and again and again, I think with every new model released now. So, let’s start at the start. What is Claude Mythos? What is Fable? How do they relate to each other? Great question. I asked Anthropic the same thing when they came out with this like a week ago. Because AI companies are really bad at naming things and it’s always very confusing. But the situation is that Mythos is the underlying model that is powering both Mythos 5 and Fable 5. Fable is a new model. They haven’t had Fable 1, 2, 3, or 4. They just immediately started with Fable 5, very confusing. But Fable is the watered down, or safeguarded, version of Mythos 5. When they came out with Mythos Preview in April, Anthropic kept really hyping it up. They were saying this is a potential cyber-weapon. It can never be released to the public, at least until safeguards catch up. We’re only going to release it to enterprise and governments, or “cyber defenders” is what they called them — places that need to patch up all their frameworks before bad actors come in and exploit those vulnerabilities. Now, fast-forward to last week and Anthropic released not only Mythos 5, which is the first official Mythos — before it was Mythos Preview, so we skipped straight to 5 — then they also released on the same day Fable 5, which was the very first public version of Mythos-class models. So, same underlying framework, but now tons of safeguards built on top to hopefully stop the public from accessing this super dangerous — by Anthropic’s own admission — model that could mess up everything. So, that’s what they released. And they spent a long time hyping this up and talking about how dangerous it was and then it kind of came back to haunt them later. Fable is a Mythos with security guardrails. When it first came out, there was a wave of controversy, right? AI and security researchers found those guardrails were actually preventing them from doing research and seeing what Fable was capable of, because if they tried to push the boundary, it would downgrade them to Anthropic’s previous models. Yeah. It became kind of like a meme. People were making fun of how strict the guardrails were when it came out. So, that’s the thing that’s confusing me, where there’s a controversy because the guardrails are so strict and then something happened that made the government think Fable was so dangerous that it needed to be pulled. What happened? I talked to some independent red teamers about this. Before the Amazon white paper was circulating, before this allegation of a jailbreak was public, I talked to some red teamers about how safe Fable 5 was. They were all pretty impressed with how the guardrails held up. I was expecting it to be a little bit easier to jailbreak. They were saying they had tried a lot of stuff and nothing was working. That’s not my experience when I usually talk to independent red teamers. They’re like, “Yeah, I got it to break here. I got it to break there.” In this case, they were saying it held up pretty well. Now, according to a source familiar with the negotiations who was directly involved that I spoke with yesterday, this is kind of the timeline of last week. In the middle of last week, Anthropic was made aware of some research that Amazon researchers conducted. They had uncovered a potential jailbreak, something they were pretty worried about. They sent it over to Anthropic. Anthropic was kind of going back and forth with the Amazon researchers talking about it. They were discussing whether it was really a jailbreak, or whether it was not that big of a deal essentially. Apparently, reports say that Amazon CEO Andy Jassy then got worried about it and called maybe [Treasury Secretary] Scott Bessent, or some member of the Trump administration, on Friday and talked about his concerns. The Trump administration freaked out. They immediately called Anthropic. They send them a message actually and they say, “Look, you need to shut this down in 90 minutes.” 90 minutes? Yep, 90-minute ultimatum. And they said, “We need to figure out how to fix this jailbreak that’s come to light.” Anthropic got on the phone with the Trump administration within 15 minutes of that first call and they were asking for more details. They’re like, “Okay, let’s talk about this. Are you talking about the research we’re already aware of? Are you talking about something different? What is the jailbreak you’re talking about?” They’re trying to get more details and talk to the administration. I think the administration was also mad that Dario Amodei, the CEO of Anthropic, didn’t call back until an hour and 15 minutes after that first call. Anthropic called back 15 minutes in. It took Dario an hour and 15 minutes to call back. So, there was a lot going on here. But by the time they’re talking, the 90-minute deadline passes and the Trump administration says, “Okay, that’s it. Yep. We’re hitting you with export controls.” That is when they told Anthropic that no foreign national can use either of these models and Anthropic has to just make sure that that is the case. No foreign national, whether they work at Anthropic or not. If you’re, say, Bank of America and you have access to Mythos 5 and you’re using it to plug vulnerabilities in your system and you’re not a US citizen, you can’t use it. Same with a random, just regular individual using Fable 5. Same with an Anthropic researcher who is not a US citizen. So, Anthropic did the only thing it could really do in the situation and they said, “Okay, we got to sideline both these models. We can’t in like one minute figure out a way to make sure no non-US citizens are using the models.” So, that’s what happened. I mean, it was a crazy couple of hours. Anthropic comes out with a statement later that night saying they’re trying to work with the Trump administration on this. They spent all weekend virtually meeting with administration officials and then flying three employees out — who I detail in the piece we just published — to D.C. to talk to them in person. Notably, Dario was not there in person. He’s virtually joining all these meetings. I can confirm he was not at a wellness retreat, which is what some reports say, but they won’t tell me where he is. But he’s not at a wellness retreat. That’s all I know. Absolutely not at a wellness retreat is Anthropic’s position. Okay. [Laughs] So, yeah, there’s a lot going on, very dramatic. All the sources I spoke with over the past couple of days were saying the whole tech industry and the cybersecurity community in particular are just talking. One source told me, “Beijing is laughing at us right now.” It was interesting because some cybersecurity leaders in the space came together to write a public letter and they said, “Look, not all of us believe in regulation, but if you are going to regulate it, this is not the way,” which I think is just indicative of this whole situation. Maybe you believe in aggressive government regulation, maybe you don’t. There’s a way to operate the regulatory efforts that is rigorous and thoughtful and careful and predictable. Nothing about this seems like it was rigorous or thoughtful or predictable. I actually want to start at the beginning. Andy Jassy and Scott Bessent might be smart guys. They obviously have very senior positions in our society. They’re not experts in AI. How did we get to Andy Jassy, the CEO of Amazon, relaying concerns about AI security research to Scott Bessent, who does not really oversee AI policy in any meaningful way, and that resulted in a 90-minute ultimatum delivered to a company whose CEO is absent? I don’t think your politics should matter. Either this is the worst security breach in history that the CEO of Amazon is going to call the treasury secre

[truncated for AI cost control]