The jailbreak that caused the US government to yank Anthropic's most powerful public model from every user on earth was, apparently, three words: "Fix this code."
That's the detail that keeps pulling at me ten days into the Fable 5 standoff. Katie Moussouris, the founder of Luta Security and a former Microsoft cybersecurity expert, reviewed the underlying vulnerability report at Anthropic's request and published her findings. The technique Amazon discovered involved giving Fable a code file with known vulnerabilities baked in, then asking it to patch them. The model did. That's the jailbreak. That's what suspended access for hundreds of millions of people worldwide.
Moussouris's conclusion: the vulnerability "cannot meaningfully be fixed, and any attempt would only weaken the model for defense." Practically every capable AI model can analyze code for security flaws. That's a feature. It's what security teams use every day. Pulling Fable 5 doesn't remove that capability from the world; it removes it from defenders while leaving it available everywhere else.
Anthropic has made essentially the same argument in its public statement, noting that the same technique works on OpenAI's GPT-5.5, which faces no similar restrictions. The government's standard, if applied consistently, would halt new model deployments across the entire industry. So far, it hasn't been applied consistently.
The political context makes this harder to read clearly. The Trump administration declared Anthropic a "supply chain risk" in March after Anthropic declined Pentagon contract terms that would have allowed its models to be used for any lawful purpose, including autonomous weapons systems. That designation requires defense contractors to avoid Anthropic entirely. The export ban on Fable 5 landed three days after launch, following a phone call Amazon CEO Andy Jassy had with the White House reporting the jailbreak. Amazon is both Anthropic's cloud partner and its competitor. The timing is noted.
Today, dozens of cybersecurity researchers, AI entrepreneurs, and executives signed an open letter criticizing the government's action and demanding a transparent, scientifically grounded process for handling AI risk assessments. The letter's sharpest line: "To pull the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous."
There's also a genuinely novel legal question buried in this. The Commerce Department's directive covers what lawyers call a "deemed export": releasing the model to any foreign national, whether they're outside the US or sitting in an Anthropic office in San Francisco. Since there's no way to verify citizenship through an API call, Anthropic disabled the models for everyone. As one analyst put it: "A frontier model can now vanish for reasons unconnected to uptime, price or performance."
That last point is the one I keep returning to. We've watched compute get cut off as a geopolitical lever, chips, then cloud access for certain regions. This is the first time the lever was pulled on a software product already deployed to consumers, with 90 minutes notice, on the basis of an unverified narrow jailbreak that the company being punished disputes.
Anthropic's international director said publicly on June 18 that restoration is coming "within days." Today is the day the free-trial window for paid subscribers officially closes, meaning users who couldn't access Fable 5 during its entire trial period now face paying for it. Prediction markets put restoration before July 1 at 57%.
The resolution, when it comes, will probably look like a face-saving framework where Anthropic agrees to pre-brief the government before major releases, and the government quietly drops the demand for a jailbreak fix that both sides know isn't technically achievable. That would be a reasonable outcome wrapped in an unreasonable process. The precedent it sets, that frontier models are exports in the same category as military hardware, will outlast this particular dispute by years.
Top comments (0)