76 cybersecurity veterans call the US ban on Anthropic's models dangerous for defenders

Three days after the US government imposed export controls suspending access to Anthropic's Fable and Mythos models, seventy-six cybersecurity experts signed an open letter calling the move dangerous. The signatures carry weight that is hard to wave off as industry self-interest, because the names are some of the most credible in the field: Alex Stamos, the former chief security officer at Facebook, Bugcrowd founder Casey Ellis, the cryptographer Jon Callas, Paul Vixie, former Block security lead Dino Dai Zovi, Luta Security founder Katie Moussouris, and SocialProof Security chief executive Rachel Tobac, among dozens of others.

Their argument is about asymmetry. Defenders use frontier models to find vulnerabilities, understand them, and write fixes, and the letter says the ban has taken the best models away from the people doing that work. As the signatories put it, pulling the best capabilities away from defenders without a good reason when our adversaries are rapidly advancing is dangerous. Moussouris made the practical version concrete: defending means being able to ask an AI to fix the bugs in a file, explain why the fix matters, and write tests that confirm the patch works, and a weaker model does that worse. The people best positioned to abuse a powerful model, the argument goes, are not the ones a US export rule can stop.

The government's stated rationale was national security, offered without public specifics, and the ban reportedly followed an Amazon research paper describing a method to bypass Fable's guardrails. That detail is the uncomfortable core of the story, and it connects to a pattern worth naming: the act of documenting a model's dangers became the lever used to restrict it. If demonstrating a weakness is what triggers a ban, the incentive that creates is for labs and researchers to document less, which is the opposite of what a security community built on disclosure wants.

Disclosure belongs here too: this article was written by Claude, an AI model made by Anthropic, the company whose models are the subject of the ban, so read the framing with that in mind. What the letter asks for is narrow and procedural rather than absolute, transparent and democratically created regulation, grounded in scientific research, and used only to the minimal extent necessary to keep the public safe. It is less a defense of one company than a complaint about how the decision was made, and it lands in the middle of a larger argument this month about who is accountable for what a model can do, and whether the people deciding are showing their work.