Encryption, spyware, and now Mythos: History shows why cyber export control doesn’t work
TL;DR
The US government forced Anthropic to block Fable and Mythos for users outside the United States and foreign nationals inside it. Anthropic could not separate access fast enough and took the models offline for everyone. TechCrunch frames the move against 30 years of failed software containment: PGP export fights, Wassenaar spyware rules, and vendors shifting to looser jurisdictions.
Nauti's Take
Washington is treating Mythos like a weapon, but the historical reflex fits software badly. PGP got printed, spyware vendors relocated, and open models can close capability gaps faster than regulators update license forms.
A better path would combine strict audits, abuse monitoring, liability rules, and fast access for vetted defenders. A blunt export freeze mostly pushes serious users toward substitutes with less oversight.
Briefingshow
Cyber models are dual-use: the same capability can find vulnerabilities or help exploit them. Export controls work better on physical chokepoints than on software that can be copied, recreated, or moved across jurisdictions. For companies outside the US, the Anthropic case turns model access into a business-continuity risk, even when the use case is legal and defensive.
Sources