Statement on the US government directive to suspend access to Fable 5 and Mythos 5

Anthropic says the net effect of the order is that it must abruptly disable Fable 5 and Mythos 5 for all of its customers in order to ensure compliance. The company stresses that access to all of its other models will not be affected by the directive, so the suspension is limited to these two named models.

According to the statement, Anthropic received the directive from the government at 5:21pm ET on the day it was issued. The company says the letter did not provide specific details of the national security concern behind it, leaving Anthropic to infer the basis of the order from other information.

Anthropic's understanding is that the government believes it has become aware of a way to bypass, or jailbreak, Fable 5. The company says it reviewed a demonstration of this specific technique being used, and that the demonstration identified only a small number of previously known, minor vulnerabilities.

Anthropic argues these vulnerabilities all appear relatively simple. It adds that other publicly available models are able to discover the same vulnerabilities as well, without requiring any bypass, which suggests to the company that the issue is not unique to Fable 5.

Anthropic's stated posture, as laid out in its launch blog post, is that it has instituted strong safeguards that greatly reduce the likelihood Fable is misused for tasks related to cybersecurity, among other areas. The company notes that these safeguards are so strong that many users have complained they are overly broad.

In the weeks leading up to Fable's launch, Anthropic says it worked with the U.S. government, the UK AISI, multiple private third-party organizations, and internal teams to red-team Fable's safeguards for thousands of hours in total. The company says these tests showed Fable's safeguards are substantially more effective than those of any previously deployed model, and that no testers have yet been able to find a universal jailbreak, meaning a method that can very broadly bypass the model's safeguards and unblock a wide range of cyber capabilities.

Anthropic says it suspects perfect jailbreak resistance is not currently possible for any model provider. It states that every safeguard used in the industry is vulnerable to non-universal jailbreaks, which can elicit some cyber information in specific circumstances, and that universal jailbreaks will likely eventually be found. Anthropic says it stated this clearly when it released Fable 5.

Given that perfect resistance does not appear possible today, Anthropic adopted a defense in depth strategy with Fable 5, aiming to make jailbreaks either narrow or very expensive to produce, and combining this with thorough monitoring to quickly detect and shut down successful attacks. The company says this is also why it required 30-day retention of customer data with Fable, a policy change that carries real costs with customers but allows it to research and mitigate jailbreaks. Anthropic says it stands by this strategy, which it argues reduces Fable's risks to a level comparable with existing models already deployed across the industry.

Anthropic says it has not even received a disclosure of a concerning non-universal potential jailbreak that led to a harmful result. The potential jailbreaks disclosed to the company are, in its account, either entirely benign responses or minor findings that provide no Mythos-specific uplift.

To date, Anthropic says, the government has only given it verbal evidence of a potential narrow, non-universal jailbreak, which the company describes as essentially asking the model to read a specific codebase and fix any software flaws. Anthropic's understanding is that one potential jailbreak was shared with the government, and the company says it reviewed a report it believes is the basis of the government's directive and validated it. Anthropic disputes the government's characterization and argues the action should not have been taken.