We often talk about the "kill switch" in AI as a theoretical safety mechanism. This week, we saw what it looks like in practice. In a move that sent shockwaves through the industry, Anthropic suddenly disabled global access to its most advanced models, Claude Fable 5 and Mythos 5, following a direct order from the U.S. government.
A few weeks ago we talked about the Meta AI exploit - Fable and Mythos had the potential to create thousands more of those types of exploits in software used throughout the world.
What Happened?
Following a U.S. government export directive citing national security concerns, Anthropic was forced to block access for all foreign nationals both inside and outside the United States.
The directive wasn't just a suggestion and had teeth behind it; reports indicate that the Commerce Department gave Anthropic a narrow 90-minute window to take the models down before a formal control letter was issued.
Anthropic decided to pull the model from all users instead because selective enforcement of ‘foreign national use’ would have been impossible. Many of its own researchers are foreign nationals.
The catalyst for this drastic action was a report of a "narrow, non-universal jailbreak". Specifically, internal security research from Amazon flagged that the models could be instructed to read a specific codebase and fix software flaws - a capability that, while commercially valuable, was deemed a security risk in the wrong hands.
Anthropic complied with the order but expressed clear disagreement, arguing that these minor vulnerabilities exist in other publicly available models, such as OpenAI's GPT-5.5.
Why This Is Different from a Typical Vulnerability
In previous security incidents, like the Meta AI support chatbot exploit, the failure was a lack of authentication checkpoints to prevent clever prompt engineering. The system was tricked into performing an action it was authorized to do for the wrong person.
This is different. This is a "capability-based" restriction. The models were not "broken" in the traditional sense; they were too good at their jobs and could’ve exponentially increased the amount of open vulnerabilities.
The government’s intervention suggests a new era where the utility of a model is itself the vulnerability. Officials from the U.S. Department of War have stated that “national security must now be prioritized over company revenue.” Anthropic, ironically, were the ones who clamored for regulation in the past and are now surprised when they are being regulated themselves.
The Structural Problem Behind the Incident
The shutdown highlights a massive friction point between the AI industry and national regulators:
- The Oversight Gap: Amazon's research flagged the issue and brought it to the Commerce Department rather than just the model provider. This suggests that the infrastructure layers (the cloud providers) are becoming the primary enforcement mechanism for AI policy.
- Lack of Nuance: Anthropic’s technical staff was dispatched to Washington for face-to-face discussions after the fact. The 90-minute window left no room for the "human escalation path" we frequently advocate for in security workflows.
- The "Backhanded" Marketing Win: While disruptive, the restriction signals to the market that Anthropic’s models are potentially the most powerful tools currently available – powerful enough to be classified as national security threats.
The Open Source Horizon: A 10-Month Countdown?
While the government can exert control over centralized entities like Anthropic, the landscape of AI is shifting. There is significant speculation regarding how long these government-imposed restrictions can remain effective.
Some industry leaders have suggested that the gap between closed-source giants and the open-source community is closing rapidly. If open-source models catch up to the capabilities of Mythos and Fable - which current trajectories suggest could happen in approximately 8 months - the government's ability to "pull the plug" becomes much more complicated.
The implications are twofold:
- Geopolitical Diffusion: If the U.S. restricts its commercial models, global users may pivot to open-source alternatives that are not subject to the same kill-switch directives.
- Safety vs. Sovereignty: Organizations that rely on AI for critical workflows must now consider the "platform risk" of their model being taken offline with 90 minutes' notice.
The post above illustrates this potential 10 month or sooner gap. Elon Musk, head of X.ai estimates open source will catch up to Claude Mythos/Dable 5 by Q1 2027.
Jie Tang, Professor at Tsinghua University and founder of Zhipu or Z.ai has a more aggressive timeline prediction - he says it won’t take that long which means by the end of 2026. Zhipu/Z.ai’s open source GLM is China’s closest equivalent of Anthropic’s Claude so his prediction does hold considerable weight.
Tsinghua, where Z.ai’s leadership is from, is known to have the deepest talent pool in the world for AI research (even compared to Deepseek and Zhejiang University) and so it’s worth watching what they release as open-source by the end of the year. Meta and Open AI have hired many Tsinghua alumni in recent years.
The Broader Lesson
The Anthropic shutdown is a reminder that AI is no longer just a software product; it is a strategic asset. Mythos and Fable had the potential to exponentially increase the number of exploits available for commonly used software products.
As we move forward, the question for security teams is not just "Can the AI be prompted to do something bad?" but "Is our model too powerful to be allowed to stay online?" Safeguards must be in place, and redundancy - perhaps through open-source alternatives - is no longer an optional strategy.
Regulation as it currently exists may not even be enough, open-source models are apparently close to Mythos's performance which can be freely used by anybody in the world, and even self-hosted to completely detach yourself from the company’s infrastructure. The US government’s block may have bought the security world some time, but a flood of security exploits may still be on the horizon for the end of the year.
.png){kind=small}
