Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- Anthropic pulled Fable 5 and Mythos 5 worldwide.
- The US cited national security but gave few details.
- Anthropic said the jailbreak claim is narrow and disputed.
As of 5:12 p.m. ET on Friday evening, Fable 5 and Mythos 5 were no longer available… to anyone, anywhere. To be clear, other Claude models are still available.
According to an announcement by Anthropic, the “US government, citing national security authorities” issued an export directive requiring Anthropic to disable access to the two models by “any foreign national, whether inside or outside the United States, including foreign national Anthropic employees.”
Also: Claude Fable 5 secretly throttled AI researchers, and the internet went wild
The net effect was that Anthropic disabled Fable 5 and Mythos 5 for everyone, both inside and outside of the US.
You can see the effect of that in my Claude Code session. When I launched the session with Claude Fable 5 selected, Claude responded that “Claude Fable 5 is currently unavailable.” It then described the problem as “There’s an issue with the selected model (claude-fable-5). It may not exist or you may not have access to it.”
The blurred-out section is the result of the startup process talking about my coding config, which isn’t all that interesting in the current context.
Anthropic’s statement
Anthropic initially called the government’s statement a “directive” but then described it as a letter that “not provide specific details of its national security concern.” The company uses some very interesting and obviously careful framing, stating that, “Our understanding is that the government believes it has become aware of a method of bypassing, or ‘jailbreaking’ Fable 5.”
The company said it saw a demonstration of a “specific technique” used to identify “a small number of previously known, minor vulnerabilities.” It’s not exactly clear what that means. Does that mean the technique is able to tap into a vulnerability, or, if it’s previously known, was it fixed?
Also: Anthropic’s new Claude Fable 5 is the same base model as Mythos but with guardrails attached
Another statement relates to that. The company said that all the vulnerabilities are “relatively simple,” and “we have found that other publicly-available models are able to discover them as well without requiring a bypass.” Does that mean other competitor models can discover vulnerabilities in Fable 5 and Mythos 5, or that those vulnerabilities exist in other models?
The company goes on to describe its safeguards, reiterating what it said in its Fable 5 launch post. It reiterates that “No testers have yet been able to find a universal jailbreak,” its italics. Anthropic does show a potential concern over vulnerabilities, which strikes me as both honest and realistic:
We suspect that perfect jailbreak resistance is not currently possible for any model provider. Every safeguard used in the industry is vulnerable to non-universal jailbreaks (which can elicit some cyber information in specific circumstances), and it is likely that universal jailbreaks will eventually be found in the future. We stated this clearly when we released Fable 5.
Also: Claude Fable 5 secretly throttled AI researchers, and the internet went wild
Anthropic then described its defensive tactics, including the 30-day retention practice we discussed in Friday’s Fable kerfuffle news.
Where’s the breach?
According to Anthropic, “To date, the government has only given us verbal evidence of a potential narrow, non-universal jailbreak.”
The company said this jailbreak consists of telling the model to read a “specific codebase and fix any software flaws.” It said, “Our understanding is that one potential jailbreak was shared with the government. We have reviewed a report that we believe is the basis of the government’s directive.”
Also: I tried to save $1,200 by vibe coding for free – and quickly regretted it
Anthropic pushes back against the directive specifically against Fable 5 and Mythos 5, saying it “validated that the level of capability displayed” isn’t unique to the two new Claude models but is available from other models, including a specific name-check to OpenAI’s GPT-5.5. Anthropic also said that the “capability” is “used every day by the defenders who keep systems safe.”
Behind the story
Over the weekend, the internet dug in, and we started to get reports that shed more light on the situation. Here’s a look at some additional details from reasonably credible online sources.
David Sacks, former White House special advisor for AI and crypto and current co-chair of the President’s Council of Advisors on Science and Technology, posted on X that the administration asked Anthropic to fix a reported jailbreak or pull the model, and that Dario Amodei refused.
Politico, reconstructing events leading to the ban, reported that Amazon CEO Andy Jassy was the one who first flagged the problem to the White House, setting the export controls in motion. But The Verge reported that Amazon’s own security research is what led the White House to the ban, not just a phone call from Jassy.
Also: Why I ditched Copilot for Claude in Word, Excel, and PowerPoint – and how you can, too
The Wall Street Journal reported that Amazon took the jailbreak findings to the Commerce Department, which then imposed the ban. Axios reported that Commerce gave Anthropic about 90 minutes on Friday to take the models down, with the formal control letter following at 5:30 p.m.
The Information reported that an unnamed US official said the White House is unlikely to extend the restrictions to any other AI company.
We also have two government tweets. The first, from Pete Hegseth, US secretary of war, the role formerly known as SECDEF, said on X, “Three months ago, @DeptofWar kicked @AnthropicAl out of our building-forever. Every passing day proves why that was the right move.”
Chief Information Officer of the Department of War Kirsten Davies said, “We fully support @POTUS and @SecWar in prioritizing national security and the security of our warfighters, DIB partners, critical infrastructure, international partners and allies. Some things are simply more important than revenue cycles, clickbait, and pre-IPO valuation. America First. Always.”
Also: AI Model Release Tracker: Microsoft AI’s first reasoning model arrives
As of Sunday evening, Axios reported that Anthropic senior technical staff were dispatched to Washington to continue discussions with the White House. Apparently, those talks transitioned from mostly virtual conversations to real-life, face-to-face conversations and work sessions.
There’s more, of course, with the internet being the internet. But this should give you a good idea of how this particular fuss took form online.
Anthropic disagrees with the directive
Anthropic said it “believe the government should have the ability to block unsafe deployments, as part of a statutory process that is transparent, fair, clear, and grounded in technical facts.”
The company explains that it is following the directive and removing access to the two new foundation models for all users. But it said it disagrees that “the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people.”
Also: How to learn Claude Code for free with Anthropic’s AI courses – one took me just 20 minutes
Anthropic also stated that if this type of response were applied “across the industry,” it would have some chilling effects on new model deployments by all frontier model providers.
Anthropic ends its announcement by saying it apologizes for the disruption. The company said it believes, “this is a misunderstanding and are working to restore access as soon as possible.”
A backhanded sort of marketing win
This is a fascinating story. On one hand, the concern over the munitions potential of Anthropic’s AI offerings has genuine national security implications. As we come to terms with AI, we’re facing the question of what new sorts of challenges the rapid advancement of capabilities will present, or, in other words, “What fresh hell is it this time?”
So, yeah. That happened. This is why we can’t have nice things.
Also: Switching to Claude? Here’s how to take your ChatGPT memories with you
From Anthropic’s perspective, I’m sure the company doesn’t want to have to go through this for something it’s been working so hard to perfect. But man-oh-man, is it marketing gold. To produce a product that the White House said is too powerful to fall into the wrong hands definitely makes the case that Claude Fable and Mythos are the real deal. Most software vendors spend huge marketing budgets trying to find customer stories they can share to make the case that their products can do the job. Anthropic has the White House putting a halt on exports, and US use by foreign nationals, because it’s too good at its job.
Nobody really wants that kind of marketing, especially when there’s a real risk that the new flagship product might be shot down. But, still, after this, nobody will doubt that Anthropic can deliver the goods. If the company can turn around the government folks and get Fable back into the market, it’s sure made the case for why people might want to pay double to use it.
You can follow my day-to-day project updates on social media. Be sure to subscribe to my weekly update newsletter, and follow me on Twitter/X at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, on Bluesky at @DavidGewirtz.com, and on YouTube at YouTube.com/DavidGewirtzTV.
