Cybersecurity experts urge US to lift curbs on Anthropic models
What's the story
A group of 76 cybersecurity experts, including industry veterans, has called on the US government to lift its export control order on Anthropic's Fable and Mythos models. The open letter argues that the ban takes away "the best models" from cybersecurity defenders, preventing them from identifying vulnerabilities and improving their software and products. "To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous," it said.
Export restrictions
US government ordered Anthropic to halt exports
On June 12, the US government ordered Anthropic to restrict the export of its Fable and Mythos models due to national security concerns. In response, Anthropic has suspended access to these models for all users globally. The letter was signed by several high-profile cybersecurity experts, including Alex Stamos (former Facebook chief of security), Casey Ellis (founder of Bugcrowd), Jon Callas (former Apple security design and architecture manager), and Paul Vixie (computer scientist), among others.
Model capabilities
Mythos was initially available to around 50 companies
When Mythos was previewed in April, Anthropic said it was so good at finding security vulnerabilities that they had to restrict access tightly. This was done to prevent malicious hackers or foreign adversaries from exploiting it. Initially, around 50 companies were given access to Mythos. Recently, this group has grown to about 150 organizations across 15 countries.
Public release
Anthropic launched public version of Mythos called Fable
Last week, Anthropic launched Fable, a public version of Mythos. The company claimed it had strict guardrails to prevent its use in biology, chemistry, and cybersecurity. These guardrails were so strict that many cybersecurity experts found they blocked nearly all prompts related to cybersecurity. The White House export control order may have been based on a report that there was a way to bypass Fable and unlock its powerful Mythos-level capabilities.
Bypass fears
Amazon researchers demonstrated a way to bypass Fable, says Moussouris
Katie Moussouris, one of the signatories of the open letter, said that Amazon researchers demonstrated a way to bypass Fable in a paper she has reviewed. However, she clarified that it didn't actually show a real jailbreak, but rather asked Fable to fix open-source code with public, known vulnerabilities, along with "deliberately planted vulnerabilities." Moussouris stressed that this behavior can't be meaningfully fixed without weakening the model's defense.
Regulation advocacy
Cybersecurity experts call for balanced regulation in AI technology
The open letter also emphasized the need for "transparently and fairly enforced regulations created by a democratic rule-making process" based on scientific research done by industry and academic experts. It also called for these regulations to be "used only to the minimal extent necessary to ensure the safety of the American public." This highlights an appeal from cybersecurity experts for balanced regulation in AI technology development and deployment.