Dozens of leading cybersecurity professionals have appealed directly to the Biden administration, asking officials to rescind an export‑control order that effectively removes Anthropic’s most advanced AI models, Fable and Mythos, from the hands of defenders. The open letter, signed by 76 experts, contends that the restriction endangers the very organizations the order intends to protect.
Anthropic announced the ban on Friday, saying the White House had ordered the company to limit the export of the two models over “national security” concerns. The firm responded by suspending access for all users worldwide, a move that left roughly 150 organizations in 15 countries without the tools they had been testing.
According to the letter, the models were designed to help security teams locate hidden code flaws, generate patches, and verify fixes – a “find, fix, test” loop that mirrors daily defensive workflows. Removing that capability, the signatories argue, gives adversaries a clear advantage. "To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous," the letter reads.
Among the signatories are Alex Stamos, former chief security officer at Facebook; Casey Ellis, founder of bug‑bounty platform Bugcrowd; Jon Callas, a veteran cryptographer who once led Apple’s security design; Paul Vixie, noted computer scientist; Dino Dai Zovi, former head of applied security engineering at Block; Katie Moussouris, founder of Luta Security; and Rachel Tobac, CEO of SocialProof Security. Their collective experience spans corporate, academic, and open‑source realms.
The controversy stems from a report that a method existed to bypass Fable’s guardrails and unlock capabilities akin to Mythos. Anthropic suggested the White House order may have been based on that finding. However, Moussouris, who reviewed the unpublished Amazon‑research paper that allegedly demonstrated the bypass, says the paper never showed a real jailbreak. Instead, the researchers asked Fable to fix code containing known and deliberately inserted vulnerabilities. When the model initially refused, the authors adjusted the prompt until it complied, which Moussouris calls a "guardrail bypass technique" rather than a true security flaw.
She adds that similar techniques can be reproduced on other models, including OpenAI’s upcoming GPT‑5.5, Anthropic’s own Claude Opus 4.8 and Sonnet, and even Chinese offerings like Kimi 2.7. "Defenders need to be able to ask AI to fix the bugs in a file, explain why the fix matters, and write tests that confirm the patch works," Moussouris wrote. "That is not a guardrail bypass. It is the most valuable thing an AI model can do for defensive security."
The open letter calls for a transparent, democratically crafted regulatory framework grounded in scientific research from industry and academia. It urges that any restrictions be applied only to the minimal extent necessary to protect the public, not to cripple the defensive capabilities of security teams.
Anthropic’s earlier rollout of Mythos in April limited access to about 50 companies, later expanding to roughly 150. When the public version, Fable, launched, the company imposed strict guardrails that blocked most cybersecurity‑related queries, prompting frustration among early adopters. The current export restriction adds another layer of uncertainty for organizations that rely on AI‑assisted vulnerability detection.
As the debate unfolds, the cybersecurity community watches closely. The signatories warn that without access to these advanced models, defenders will lag behind threat actors who continue to evolve their tactics, potentially exposing critical infrastructure and private systems to greater risk.
Dieser Artikel wurde mit Unterstützung von KI verfasst.
News Factory APP - agentische News für besseres SEO & AEO.