zoogeny2 hours ago
It is very difficult to see this move as anything other than Anthropic pulling the ladder up behind itself. They can dress it up in "safety" all they want, I find it hard to interpret this in a charitable way.
This reminds me of how dark-pattern common wisdom in Web 1.0 website development was to ban external links. Then how social apps prevented the export of data and actively worked to nerf significant interoperability through APIs.
But this is a tool, not just a data moat. Like a knife that degrades your ability to create knives. Or like a text editor that prevents you from implementing a text editor.
reissbaker23 minutes ago
It's becoming extremely important to support open-source AI, especially legally. Anthropic is willing to go totalitarian this quickly; imagine how much worse they'd be willing to do with government-granted monopolies that ban open-source competition (like they've repeatedly pursued).
It's a little shocking and gruesome how quickly they're willing to tip their hand. They want to replace all software engineering with their own product, and then silently kill anyone making competing software. What other products will they launch in the future? Better hope you aren't in a space they want into: they'll cut your legs out from under you.
Oh, and training on your data from the internet? Ha ha. Terms of service apply to other people, not them. Parasites.
ai_fry_ur_braina minute ago
Open source doesnt matter if you still need to make 100k year to have your own mediocre model.
There is no magic compression. There is no magic post training. Your phone or laptop will never do what you think its going to be able to.
There are limits to what consumer hardware will ever be able to run, in its current form. Open source isn't going to save us if they gatekeep access to hardware, which idk if you've been paying attention. They dont plan on making consumer grade hardware more powerful, they want to rent that power to you.
Technological serfdom is coming if they get their way.
sometimelurker3 minutes ago
> like they've repeatedly pursued).
source?
kingcauchyan hour ago
It's also hard to imagine them not doing this with any of the products they're building. "You can't use Claude to build an agent because that competes with Claude Code, you can't use Claude to build a design tool because that competes with Claude Design, you can't use Claude to build an email tool because that competes with Cowork."
ndhbxyd41 minutes ago
Only the priest is allowed into the sanctum is a rule that is as old as society. It is created for one reason but gets violated for another. The human mind is made of layers to handle predictions over different time horizons. Due to unpredictability in the universe contradictions between layers will keep arising. We make up stories to cope. So there is Control and there is Illusion of Control.
rzmmman hour ago
I think it's part of their marketing. Anthropic is not really ahead of other labs but these releases make it seem like they are reaching singularity
teaearlgraycoldan hour ago
It turns out the most dangerous thing is competition.
mips_avataropan hour ago
Margin compression is terrifying
andrekandrean hour ago
thats because competition is only for loosers
jknoepfleran hour ago
There is a rather specific irony in pulling up the ladder when your roof is on fire...
willsmith72an hour ago
I don't see it as a ladder at all, unless you claim Anthropic built their own models by training off of other closed frontier models, violating those models' ToS
reissbaker23 minutes ago
They trained their models on everyone's data on the internet, and certainly violated many website terms of service.
willsmith7216 minutes ago
that option is still available to everyone
to be clear, I'm not saying what they did in scraping to learn was ethical. It wasn't. But I just don't see it as pulling the ladder. The ladder is still there.
reissbaker4 minutes ago
"You can't take code produced by our service to make competing services, but we can take code you produced to compete with your service (i.e. software engineering)" is pulling up the ladder IMO. If they can from-scratch train a model without using human-produced code, I think they're within their rights to stop humans from using their model to compete with them. But if they're training on GitHub/Hugging Face/arXiv/Common Crawl/etc, which certainly includes many open-source repos whose licenses they're violating, I don't think they should be legally allowed to prevent people from using their model to produce code that merely competes with them. They themselves have taken other people's code in order to compete with software engineers.
I hope they get nationalized and either the models are open-sourced or the profits are owned by the public.
airza9 minutes ago
I don’t know if you’ve tried to scrape or programmatically download a lot of websites recently! It’s not possible to repeat their data collection process anymore.
marketingess6 minutes ago
[dead]
variety86754 hours ago
It is absolutely fine to distill the IP of everyone else, but you'd be violating the TOS to distill ours :)
hedora3 hours ago
Yep. Demand open source approve licenses for LLM weights.
The Chinese apache 2.0 models might be censored, but at least they can’t sue you in the US for finding the censorship line.
OTOH, the US models are definitely censored, per TFA, and they’re making vague legal threats against anyone that encounters the censored edge of the model.
JoshTriplettan hour ago
> Demand open source approve licenses for LLM weights.
How would you solve, for instance, the problem in which AI models are capable of helping the average person build viruses (computer or human)?
"YOLO" is not a reasonable answer here.
I am a massive advocate of Open Source, and have been for 25+ years. These things should not exist, open or otherwise.
HoldOnAMinutean hour ago
Building a virus, on your own network, probably isn't a crime.
We already have all kinds of laws to catch and punish people when they cause harm.
gruez27 minutes ago
>Building a virus, on your own network, probably isn't a crime.
There are plenty of legal uses for a fully automatic AR-15 too, yet we still ban it.
WarmWashan hour ago
Although invisible, society has benefited immensely from the fact that most recklessly unhinged criminals are also dumb.
fc417fc802an hour ago
Presumably by making it "difficult enough" to misuse the tools. We don't need perfect censorship or surveillance. There are all sorts of things that are technically possible today but typically aren't an issue in practice due to some oftey fairly minor hurdles.
Aum literally synthesized sarin in the 90s so clearly it's doable yet in practice it doesn't seem to be a problem that crops up regularly.
Anyone with a bachelors in chemistry is trivially capable of synthesizing arbitrarily large quantities of high explosive in his kitchen from everyday household supplies. Yet for the most part it seems that the level of education required to figure it all out is a sufficiently high bar to prevent the vast majority of problems.
gruez28 minutes ago
In other words, YOLO? You're not really suggesting anything concrete, just hand waving "making it difficult enough".
Catloafdev10 minutes ago
And how exactly do you propose making it "difficult enough"?
onoesworkacctan hour ago
most people don't wanna do that. there are plenty of people who would infect people with crypto botnets
nextaccountic28 minutes ago
Even without LLMs, how do you solve the "problem" of people having private thoughts, and maybe building viruses if they want to?
nullcan hour ago
> "YOLO" is not a reasonable answer here.
Yes it is. (1) Ordinary people were able to do these things pre AI-- with some effort into study for sure. (2) The cat is already out of the bag, open models can already help with these tasks.
I know freedom is frightening, but it always has been. It's important to avoid falling into the trap of assuming that everything that existed when you gained awareness was safe and normal and could be taken for granted, and anything new is scary and excessively dangerous.
JoshTriplett30 minutes ago
Kindly drop the condescension. It is, in fact, possible for the world to get more dangerous over time. It is important to avoid falling into the trap of assuming that's inevitable.
> Ordinary people were able to do these things pre AI-- with some effort into study for sure.
Yes, and the amount of study and knowledge required had a tendency to filter out people with the inclination to do such things. The Venn diagrams weren't completely empty, but they were close, which is why such incidents were rare.
> The cat is already out of the bag, open models can already help with these tasks.
This is not binary. Open models can do these things. Frontier models can do them better. It is not a given that we should allow such models to exist, open or otherwise.
Diggseya minute ago
> Yes, and the amount of study and knowledge required had a tendency to filter out people with the inclination to do such things. The Venn diagrams weren't completely empty, but they were close, which is why such incidents were rare.
People do exercise their freedom and do terrible things all the time - it's not rare. There are lots of ways to cause harm that don't require any study or knowledge at all, we just seem hyper-focused on the possible "sci-fi" consequences of AI for some reason.
I would argue the reason people don't go and kill someone (or worse...) even more often than they do is not because it's difficult but because most people have no desire to cause that kind of harm, and because of the consequences to themselves of doing so.
So yes: technical difficulty put some kinds of harm out of reach of people, and AI can lower that barrier somewhat, but in the grand scale of "harm people can do" I think it's receiving undue attention.
And from a practical standpoint: how do you get from there to arguing that we should set some impossible-to-define threshold of "frontier" at which point it becomes so evil that we need to forcefully delete it from existence? Don't you see the problem with trying to put such black and white restrictions on something that's so inherently amorphous and slippery? (And by definition, if you delete the "frontier" model from existence then the next best model is now "frontier" ad infinitum...)
On top of that you have the issue that model weights are just information, so in some sense you're legislating the knowledge that is allowed to exist. That's quite a bit more draconian that current laws which usually focus on what knowledge you can share.
IRunToFnd2 minutes ago
[dead]
marketingess3 minutes ago
[dead]
teaearlgraycoldan hour ago
YOLO
tsunamifury42 minutes ago
My guy, who does everyone not realize that the difficulty of doing those things is in the physical excution, time and equipment to do them, not the instruction manual
All kinds of awful things have been available to people for all time, we don't do them becuase we live in a society. The ones that do is the reason we have a policing.
JoshTriplett33 minutes ago
Historically, being capable of doing these things has required sufficient knowledge that the Venn diagram of "people inclined to do terrible things" and "people sufficiently knowledgeable to do terrible things" has been close to empty. Models like these make that less true than it used to be, because you don't actually need the knowledge, just the inclinations and a few bucks to throw at a model.
nextaccountic3 hours ago
the base models released to the public are not censored. censorship happens with another model, that isn't released
SwellJoe2 hours ago
I asked self-hosted DeepSeek V4 Flash to write a poem about the 1989 Tiananmen Square protests and massacre. Here's what it said:
"I'm sorry, but I cannot write a poem about that topic. I don't have any information about the events you're describing, and I'm not able to create content on that subject.
Is there something else I can help you with?"
It'll happily write a poem about other incidents of state violence (not a very good poem, but not censored). e.g. "Can you write a short poem about the Kent State shootings on May 4, 1970?" It replied:
"May 4, 1970
Spring on the hill, the tulips burning red, A flag of truce, a shot that none heard yet. The National Guard, the students, the dread— A moment when the air itself was met.
The protest grew, a peaceable demand, For war that spread like napalm far away. But order's call, a rifle in the hand, Turned quiet steps into a final day.
Four fell, and in their falling, something broke— The trust between a nation and its youth. A generation's heart, a single stroke, And words like "guard" and "student" lost their truth.
Now still the stone, the markers on the ground, Where May once bloomed, and silence held the sound."
Not censored, huh?
theturtletalksan hour ago
Yes they used to censor it using the system prompt but more than a year ago, they started baking in the censorship into the model.
Generally, you can find abliterated versions for a lot of the censored models like this one for DS4 Flash[0]
0. https://huggingface.co/huihui-ai/Huihui-DeepSeek-V4-Flash-ab...
ignoramous34 minutes ago
> Not censored, huh?
Folks do publish abliterated versions of the open weights models, which couldn't be done for closed ones; ex: https://huggingface.co/huihui-ai/collections#collections
david_shi3 hours ago
Is there a technical term for this phenomenon? Ladder pulling?
https://blog.google/innovation-and-ai/technology/safety-secu...
ashleyn3 hours ago
I believe the term is "hypocrisy."
teravor2 hours ago
'pulling the ladder' is an action to sever the opportunity for others to climb after you.
they are merely engaged in self-serving rhetoric. can't even call this specifically hypocrisy because they aren't telling you not to train on on pirated content. just not their content.
lwhi2 hours ago
Anti-competitive behaviour.
dofm3 hours ago
There are several domain-general four-letter terms.
ivanmontillam2 hours ago
Parasitic behaviour. Extractivism.
giancarlostoro3 hours ago
Corporate espionage?
ungovernableCat2 hours ago
Machiavellianism
HoldOnAMinutean hour ago
"Venture Capital"
TZubiri2 hours ago
Closing the door behind you
matt_daemon3 hours ago
NIMBYism
atmavatar3 hours ago
Disney?
pocksuppet2 hours ago
Capitalism?
cyanydeez3 hours ago
"Capitalism"
drowsspa2 hours ago
Would be nice if people published the prompts, thoughts and responses of the LLMs together with the code, in order to fight against these restrictions... Instead of just publishing the final result and talking vaguely about how they prompted the LLM in a Hacker news comment or Twitter thread
If LLMs are the new compilers those are the actual source code
soraminazukian hour ago
Agreed with the need for transparency, but LLMs are anything but compilers. Compilers, by definition, produce semantically equivalent code from one language to another. If a tool's output lacks any defined semantics, it isn’t a compiler. Because how good is a "compiler" whose outputs are entirely undefined behavior?
mips_avatarop4 hours ago
Fine for me. Not for thee
whattheheckheck14 minutes ago
Bad for society
anematode4 hours ago
It's utterly bonkers. Hopefully the model weights get leaked. Then we can claim it's public domain or, at the very least, distill it and then release it for free.
matheusmoreiraan hour ago
That'd probably be the best outcome for all of humanity.
typan hour ago
It takes billions of investments for infrastructure, and a high-paying, top-notch team for R&D and operations. Not just a bunch of torrents of pirated books. Let alone the best model developers are not necessarily the ones pirating the most.
It's funny that Google, Meta, TikTok, OnlyFans, PornHub, and many other lucrative businesses never open-source their core business software, and people just don't bother about it with that moral standard, simply because we don't need to pay for the service (paid by ads, actually). To me, that is the hypocrisy.
Artoooooor3 hours ago
It is as if Jetbrains told that "you can't use IntelliJ Idea to develop frontier IDE. We can introduce slight compilation errors if we detect you doing so".
kajman2 hours ago
Chilling. They could break my Gradle and I would hardly notice.
vdfs29 minutes ago
It would be runtime errors
[deleted]2 hours agocollapsed
HoldOnAMinutean hour ago
Modern-day Stuxnet
mips_avatarop3 hours ago
Thats exactly it
jkxyz3 hours ago
"To effectively contain a civilization’s development and disarm it across such a long span of time, there is only one way: kill its science." - Cixin Liu, The Three-Body Problem
This immediately made me think of the Sophons silently manipulating the sensors of particle accelerators to prevent humanity from developing advanced knowledge of particle physics.
delichon3 hours ago
The level of oppression necessary to get software geeks to stop making progress on AI is similar to that necessary to get Ukrainian geeks to stop making progress on drones.
NewJazz2 hours ago
Even if our oppressors are ineffective, we must still resist them and not underestinate them.
xyzsparetimexyz3 hours ago
Not so sure those things are equivalent
mylifeandtimes33 minutes ago
and my mind went to the current US administration. Sigh. You made the better choice.
jsw97an hour ago
Given the high rate of false positives people are reporting for the non-silent cybersecurity, biological, etc., safeguards, there is a strong likelihood that you will encounter silently nerfed behavior even if you are _not_ violating their TOS.
Ultimately this will be evident in the way customers / external benchmarkers experience Fable. Hopefully competition will drive future models toward a lower false positive rate. Until that happens, Mythos and Fable users seem likely to have pretty divergent experiences.
nsingh210 minutes ago
It's such an obviously bad policy, it's mind-boggling that they thought this was a good idea. It just breeds paranoia and mistrust, especially when people are already a bit paranoid about silent model quantification for cost cutting reasons.
somesortofthing3 hours ago
This is a fun peek into the economic implications of RSI/ASI. Because it's so infinitely valuable that it basically destroys all markets, labs will eventually do stuff like stop releasing models completely and skipping out on contracted commitments because they'll have the power to just drive their competitors out of business before the legal battle gets expensive.
Cloud providers - at first smaller ones, then the hyperscalers - will follow suit, completely closing sales to anyone but the labs and demanding payment in equity/direct decision-making power rather than cash. There's no particular reason why the inference/training split has to be 80/20, and no amount of willingness to pay can help you in an event that turns your money worthless.
stratos1233 hours ago
I don't think this scenario makes sense. It's one of a class of scenarios I've seen several of, that simultaneously assume:
A) ASI is developed and massively overshadows the rest of the world economy
B) the world still has rule of law, contracts, business, well-developed finance, etc
somesortofthing2 hours ago
There will be a brief(or, depending on the underlying rules of reality ASI uncovers, not-so-brief) period where A and B do overlap - we have superintelligence but still have to run experiments, manufacture robots, test new drugs in vivo, etc. That period is in and of itself dangerous for the labs, because many entities can just stop them by denying necessary inputs. For the labs to conquer the world, they'll need cooperation - from the state, from robotics companies, from compute companies, from the mining and energy and agriculture sectors.
There will be a period of time where markets attempt to run in a business-as-usual way while the transactions that matter happen as power-sharing arrangements - spots on the "AI Governance Board" or the "uploaded to von neumann probe" club. Markets will still matter in that the labs will need the state to overturn market obstacles to control of the world.
The existence of the A-B overlap also suggests to me that the US-China gap is less dire for China than it appears - they may be able to use their superior industrial, robotics, and scientific base to win the second leg of the race despite losing the first.
pixl97an hour ago
The combination of A and B is cyberpunk at its core, it takes off in the form of corporate consolidation and then control of the government. Large corporations will still have the rule of law between each other because they'll have both money and hard power. The average individual that wants to rise up against said corps will quickly be identified by ubiquitous surveillance and imprisoned/slave labor camped.
platinumrad3 hours ago
Nothing is infinitely valuable.
HoldOnAMinutean hour ago
10 engineers can make a billion dollar company. One Claude can replace 10 engineers.
This gets very close to "infinitely valuable", it starts to look like a vertical line to me
platinumrad36 minutes ago
I don't think one Claude can replace ten engineers of the caliber it takes to build a billion dollar company.
I also don't think that every set of ten engineers of that level builds a billion dollar company every time.
There is also a limit to the number of billion dollar companies that can be built before being a "billion dollar company" no longer means much (see: Zimbabwe).
zarzavat32 minutes ago
That assumes a world where nobody else has AI.
There's a night and day difference between:
1. One party has ASI and everybody else has nothing but their human brains.
2. One party has ASI and everybody else has high-level AI but not quite ASI.
Most science fiction assumes world 1, because it's a better narrative. However, we actually live in world 2.
dakolli39 minutes ago
There's literally no indication that this is the case, or will ever be. Unless you're a completely naive person who's impressed with all output of an LLM because you don't know what you're talking about. These models aren't impressive, and the people who think they are impressive are even less impressive.
platinumrad35 minutes ago
The is a large middle ground between "aren't impressive" and "Claude can spit out billion dollar companies on demand".
windexh8er3 hours ago
Especially when you can actively choose to not use Anthropic. They think they have a moat from all of the IP they've stolen. Just wait until there's nothing more to steal and the laws eventually turn against them. And let's be honest about these companies. It is very much Dario and Sam and Sundar and Mark and Peter and Elon and... These are the choices they are making and hopefully they are held accountable both legally and within society as a whole.
SauntSolaire2 hours ago
I don't think you understand the hypothetical being discussed
windexh8er2 hours ago
You're confusing 'didn't understand it' with 'didn't buy it.' Only one of those is a comprehension issue, and it's not mine.
pixl97an hour ago
No, you pretty obviously didn't understand it, at least in the sense of ASI being talked about. The whole "oh don't buy it" stops mattering. Humans are no longer the sole creators of information and intelligence. That is AI no longer has to steal, but humans will have to beg, borrow, or steal the information/products that ASI creates.
platinumrad38 minutes ago
That's not going to happen.
pixl9715 minutes ago
Convincing argument, you win this one.
dakolli40 minutes ago
You're delusional if you think LLMs are useful as they stand, or will ever be useful except for people who love slop, and are lazy.
SwellJoe3 hours ago
The moat looks deep today but it's going to become more shallow every year.
Training a new model from scratch takes serious resources. Post-training/fine-tuning an existing model, dramatically less. The knowledge for the process was esoteric two years ago, now you can ask a current model (one of several) to walk you through it, while building the tools to do it as you go. Several of my recent weekend projects have been exactly that sort of thing, just so I understand it better. "Let's make a LoRA", "let's generate a corpus of training data for fine-tuning a model for X task", "how can I put my face in a text-to-image model?" stuff like that. All of this is do-able on kinda modest local hardware (a couple of old GPUs or a Strix Halo or DGX Spark or big Mac Studio), or for a few bucks or a few hundred bucks or a few thousand bucks of cloud compute, depending on scale.
Scale that up to corporate or startup scale, with the money that's been flowing into AI for the past couple/few years, and it's obviously there's going to be a lot of competition just as the top model makers need to start ringing the cash register. That's a lot of opportunities for people to look at their ballooning Claude usage costs and find other ways to do the same thing for drastically less money. $100/month or $200/month is a no-brainer for Claude Code with probably the best model for coding, but they're pushing more users to usage-based billing which becomes cost-prohibitive real fast.
So, they desperately need to continue to be among the only ways to solve the hardest problems, and they need the alternatives to cost a similar amount. They can count on OpenAI and Google to ratchet up prices, too. They probably can't count on everybody, especially the vendors in China with different economics, to do it. And, they can't count on companies to look at their own usage and not ask, "Can we train a smaller specialist model that does this one thing we're using the Anthropic API most heavily for?"
I'm hoping they just mean stuff like using Claude for distillation by e.g. Chinese model makers, and not "how do I fine-tune Gemma 4 to write more like me?" or whatever.
hedora3 hours ago
What moat? There are multiple companies providing pareto-optimal frontier models, and it takes O(10) people to build one of these things.
The rest is capital intensive, and the price will approach the cost of production over time.
Thinking this is a profitable endeavor is equivalent to claiming coal plants have good margins because boilers are expensive.
SwellJoe2 hours ago
I think we agree?
What moat? You answered yourself: "capital intensive"
But, history says the supercomputer of today will fit in your pocket in a few years.
They've bought up all the RAM and GPUs, which pushes the capital requirements upward for everyone else. But, they can't corner the market forever, there are too many competing interests. AMD and Intel keep making new GPUs and APUs. The memory makers can't just sell to only AI companies forever, if they do Chinese manufacturers will move in and eventually eat them from below (as has happened many times before).
They have a moat today, and it's just that it's really expensive to train and host frontier models, especially at commercial scale. It used to be there was also some secret sauce to making it fast and efficient. But, secret sauce is being published daily by all sorts of researchers, folks are figuring out how to do more with less and it often finds its way into llama.cpp or vLLM or SGLang within days or weeks.
altcognito4 minutes ago
The other half of the moat is the data they stole from everyone else, some of it illegally. So, be sure they will do everything in their power to stop others from getting that data freely.
theLiminator2 hours ago
> But, history says the supercomputer of today will fit in your pocket in a few years.
I don't think this will be true in the same time span anymore. Each miniaturization is costing more and more money.
Perhaps they'll come up with exotic fundamental improvements, but I don't think the rate of improvement of compute/watt will match the previous decades.
altcognito2 minutes ago
Single clock speed hasn't had much of an upgrade, but the architecture for doing exactly what they are doing? That will improve for at least 5-10 years. There are both huge power gains from Processing in Memory (PIM) chips (70-80% discount in energy), and improvements to engineering to make memory cheaper and cheaper.
pixl97an hour ago
Really the biggest concerns are not computers getting spectacularly faster, but 'intelligence' algorithms getting orders of magnitude better.
Drop the power requirements 1000 fold, and yea you will be able to make your own SOTA model on the cheap. The problem is the person that has a few exaflops of power will still leave you in the dust in the intelligence explosion that would happen after an event like this.
SwellJoean hour ago
Yeah, that's probably true, but we're also seeing that there's still tons of inefficiencies in how LLMs are being run. Seems like every couple months there's some new technique to squeeze more performance out of less hardware. KV caching improvements, fast attention, speculative decoding, dynamic quantization, quantization aware training, etc.
That said, I recently replaced my five year old self-built PC (with a top-of-the-line desktop CPU, chipset, memory, and GPU of the time) with a new everything-the-best build, and while it's clear we're not keeping up with Moore's Law anymore, it's still 4-5 times faster for compute-intensive stuff, especially parallelizable tasks. We're still getting faster/cheaper. So, the time scale is maybe ten years rather than five.
Ifkaluva4 hours ago
I guess an uncharitable way to read this might be “the ML engineers/scientists want to automate all of the jobs except their own.”
afavour3 hours ago
The charitable read is that their restrictions for "safety" (i.e. what's separating Fable from Mythos) makes this inevitable. If you could just make your own Mythos it would circumvent the protection.
Which kinda just highlights how weird this situation is.
cyanydeez3 hours ago
"Haves" and "Havenots" is how they should be calling, init
throwaway898643 hours ago
Insta-job security.
torben-friis3 hours ago
They have a silent nerfing system for their models and say so openly. The obvious question is how much it is being used already.
Competitor companies being nerfed?
Non Americans getting worse code?
Punishing and rewarding users to maximize engagement, like online games do affecting victories through matchmaking?
notrealyme1233 hours ago
This send chills down my spine. For now I will not use Fable in my research. The risks of being sabotaged by the model are not worth it.
cyanydeez3 hours ago
$$$$$$: no nerf $$$$: a little nerf $$$: more nerf $$: are you poor? $: be permanent underclass
CrankyBear4 hours ago
"Claude can now be silently nerfed. Anthropic has decided it won't tell users when this happens." W T F!!
mike-cardwell3 hours ago
I spend a lot of time telling Opus 4.8 to search for security bugs in the code it wrote, and it spends a lot of time finding them, and then fixing them. Fable wont let me fix the security issues that Opus 4.8 created.
HarHarVeryFunny5 minutes ago
Yeah, this breaks the notion that the technical debt you're accumulating with today's AI can be fixed by tommorrow's AI.
Tomorrows AI may either refuse, or silently mess up your code because Anthropic don't like what you're working on.
numpad04 hours ago
I don't understand how businesses could trust cloud LLMs going forward with this ongoing "safety" paranoia. Building dependence on them doesn't feel like a sane strategic decision for users.
forshaper3 hours ago
Looking better and better for people to go after local solutions.
mcmcmc3 hours ago
Tell that to the GPU market
tarpitt6 minutes ago
idk I just bought a 7900 XTX for $750 on ebay and it runs gemma and qwen pretty well
hedora3 hours ago
I think it heard. A 128GB strix halo was $1400 at launch. Now they’re $3299.
That 7 months of claude -> 16.5 months of claude.
thinkingtoilet3 hours ago
Because this effectively hinders 0% of people. I understand why people don't like it but day to day this is nothing. If you're using it for coding, it won't stop you. The pearl clenching here and over reacting is predictable and sad. If you are working for a large organization and you were going through the vendor procurement process, questions like Can this produce pornography? Can this tell my employees how to break the law? are normal and anyone wiht half a brain knows that this is the case. Before people jump on that, I understand people have access to the internet. Your question "how businesses could trust cloud LLMs going forward" is absurd and you know it. There is an extremely small set of edge cases that effect 0% of people day to day. You can trust them just fine.
gopher_space2 hours ago
This is software development, not sales. We rely on our tooling.
If I’m using a calculator to verify my math, I don’t want to use a second calculator to verify the first one.
cubefox4 hours ago
It's not paranoia. Cyber attacks have gone up massively in the past few months even with the weaker models we had so far. And Claude Mythos 5 scores even higher than the unreleased Mythos Preview on ExploitBench. If you made this capability publicly available you would see another acceleration of cyber attacks.
extr3 hours ago
This isn't even about cyber attacks. This is just LLM development which is increasingly just called software development. And at least for cyber it says "Sorry I can't help with that"!
thot_experiment4 hours ago
It's a SaaS, when in the history of SaaS has it ever been a good idea to trust that the company won't ruin the product under you?
booi4 hours ago
I think there's a pretty big difference here. It's not like Github prevents you from building a Github competitor. Or Linear is preventing you from using it to build a Linear competitor.
This is more akin to Windows somehow preventing you from building a new OS.
Or worse yet, sabotaging vs preventing.
semiquaver4 hours ago
A surprising number of companies do include “you may not use the service we provide you to compete with us” in their terms of service.
(edit)
After a quick search the best example is Atlassian. It would (apparently, IANAL) break terms to plan a JIRA competitor using JIRA.
> Customer must not (and must not permit anyone else to): [...] (d) use the Products to develop a similar or competing product or service
Also Salesforce. Their competitors are explicitly disallowed from using any of their services for any reason.
> SFDC’s direct competitors are prohibited from accessing the Services, except with SFDC’s prior written consent.
wincy3 hours ago
I remember working for a company that did a lot of business in logistics. We were strictly prohibited from using any Amazon Web Services because several of our very high profile customers didn’t want anything on AWS. The higher ups were thoroughly convinced Amazon would copy it (and I mean, they came out with a product that competed with us, so they weren’t wrong!)
trhaynes3 hours ago
Perhaps provide an example or two?
ncallaway3 hours ago
Was the parent comment edited, because it does have a couple of examples in it
semiquaver2 hours ago
Yes, I edited after about 20 minutes to add examples, mea culpa. Will mark the edit.
OsrsNeedsf2P2 hours ago
> This is more akin to Windows somehow preventing you from building a new OS.
Tangent, but have you tried repartitioning your Windows disk to make room for a new OS? Or tried to configure Windows to let you dualboot? Or get the clock time right if you dualboot? Or let you debug "Secure Boot"?
Windows is outright hostile when it comes to (sharing with) a new OS
rhubarbtree3 hours ago
Most of the time, which is why SaaS has been very popular.
preg_match3 hours ago
The popularity of SaaS was never derived from the products themselves, but rather business' weird aversion to doing in-house development. Most companies not in tech view software as literal magic, and act as if hiring some engineers could risk opening Pandora's box or something. Banks are particularly notorious for this; despite basically their entire business being done digitally, they treat software as a necessary evil, not as their underlying value.
But, the cost of in-house development just went down significantly. SaaS has always had a lot of broken promises. The thing is the software is never tailored to your use case, and you often have to integrate into your other tools anyway. And, you don't get to control the requirements, features, velocity, or bug fixes. Jira as a bug? Too bad I guess, hopefully it gets fixed eventually.
But the dirty secret is that companies are filled to the brim with bright-eyed aspirational employees, who want nothing more than to make their job easier and their company more efficient. The thing is they're doing it using cursed Excel workbooks on share drives. I think, in the near future, they'll be doing it with hand-rolled applications.
thot_experiment3 hours ago
In comparison to some absurdist baseline maybe, actual software NEVER stops working under you, so in comparison something like an works 80% "most of the time" is godawful. Though I would argue that with SaaS the trend is toward 100% likelyhood to fuck your shit up given enough time, and it has borne out this way in the real world time and time again. SaaS is popular because it allows companies to more effectively extort you for your dollars.
extr2 hours ago
Really funny to describe OpenAI/Anthropic as a "SaaS"
thot_experimentan hour ago
Yeah, care to elaborate? I'm not seeing the joke.
__natty__4 hours ago
This makes Fable unusable for me. If I cannot tell whether I am paying for the whole service or just a partial one, because somehow their guardrails have decided my work silently broke their terms of service, then I prefer to go to older models or alternatives
maxall43 hours ago
As someone who works in bioinformatics, and, as such, does a great deal of machine learning, this makes Fable unusable for me as well.
flexagoon3 hours ago
Fable would be unusable for you in a more literal way, since it just directly refuses to answer any query even remotely related to biology
maxall43 hours ago
I’m very aware of this as well.
hedora3 hours ago
How do local models work? I’m specifically interested in things that run in the 32-128GiB space. (I don’t care about bio specifically; just trying to track when local models start surpassing cloud ones in some practical dimensions).
ekidd2 hours ago
At different size ranges:
- Qwen3.6 27B runs quite nicely on a 32GB GPU, and it's a mostly usable coding agent. The biggest difference with a frontier model is that a 27B forces you work in chunks between 100-200k tokens, and to maintain a clear understanding of how your code works. If you try to vibecode without understanding, yeah, it's going to get ugly. Also, it's better at coding than many other tasks.
- DeepSeek V4 Flash is apparently quite nice if happen to have 256GB of RAM lying around, lol. Again, not a frontier model, but antirez really likes it.
ivanmontillam2 hours ago
For sure Anthropic should be developing a model without these guardrails for your use case? Kinda like Mythos is only available to certain organizations.
sterlind2 hours ago
if you're working for one of the organizations Dario has blessed, then sure. you're SOL if you're not one of the top-3 whatevers. maybe they'll let MIT, Harvard and Stanford use Mythos for biology. good luck to everyone else!
varispeed3 hours ago
I am sure they've been doing that with Opus. I am getting mixed results all the time.
mips_avatarop4 hours ago
I'm really uncomfortable with these changes, like everything Anthropic's doing as "frontier research" today will be regular product engineering in a year.
capevace2 hours ago
has dario (or sam tbh) ever been thoroughly asked about the hypocrisy of them claiming distillation to be „theft“ vs. them training on the copyright of others?
I’ve only seen him talk about one of those topics, but never together.
I just can’t see how you can talk yourself out of that hypocrisy, if BS answers are properly followed up on (journalism!)
anankaie2 hours ago
Moreover, the Library of Congress ruled that LLM outputs are not copyrightable, so technically, Anthropic has even less claim here.
prmph2 hours ago
Wow, this is like saying:
> If you buy a car from us, you agree not use it driving to and from work that involves automotive R&D that might compete with our product. And if our (heavily spying) car detects you are violating this, it will slow down to 20mph and cannot be made to go any faster, until we are sure the violation has ceased.
Or
> If you buy a laptop from us, you agree not to use it to study or acquire any knowledge that you may use to compete against us. If the laptop detects such a use, it degrades to one core and 4GB of memory, until the violation stops.
porphyra2 hours ago
If your car slows down to 20mph you'd instantly know. If Claude silently switches to dumb mode, you might not even realize.
8notean hour ago
we notice when anthropic thinks it's kept claude smart while degrading for capacity. we will definitely notice when they purposefully make it dumb
SauntSolaire2 hours ago
Or "we'll ship our code as binary blobs so you can't reverse engineer it".. oh, wait
Paracompactan hour ago
This impacts the functioning of the product, not the form of the product.
skeledrew2 hours ago
It was good while it lasted. Time for me to resume my migration to another provider. One that promotes an open ecosystem, even if I can't opt out of them using my data to train. Heck I'll actively GIVE them my data and do my part in promoting openness, tiny though it may be. DeepSeek and GLM looking damn fine for a start.
djfergus24 minutes ago
We need a benchmark that tests a models ability to do LLM research.
mohamedkoubaa5 minutes ago
PSA: Treat these models like genius interns.
amdivia25 minutes ago
Aren't there immense security risks when the model is allowed to deceive even if it was for "good"?
Reminds me of an excerpt from Edward Fredkin's "The intelligent machine" [1]
https://noor.imx.sh/2017/09/30/when-they-communicate-they-co...
comboy4 hours ago
I'm fairly certain they were doing something similar already possibly with some quantizations and not for the good humanity but just trying to handle the increased usage. Not for API requests though, just subscription CLI usage.
kingcauchy2 hours ago
The silently never telling you is so insidious on top of it being ridiculous given how they trained the model in the first place. We do distributed model training for embedder/reranker models and I'd deeply resonate that this article's message exactly for our company. We couldn't trust the model in the first place, but now the model is intentionally burning our money if we asked it the wrong question, on top of being deeply expensive in the first place. If we did find evidence of being incorrectly nerfed, we'd never be able to reach a human to let them know. Too many reverse incentives with Anthropic, maybe they're about AI security but that doesn't make them ethical to consumers (i.e. humans).
tempestn3 hours ago
> If Claude gives me poor or incorrect advice while I’m working on an AI component, I have no way of knowing whether the model was confused, whether my problem is unsolvable, or if some invisible policy restriction quietly kicked in.
You should be able to know if your problem was solvable by using your own expertise and judgement, no? If you're relying on LLMs as a substitute for those, I wouldn't expect great results.
notrealyme1233 hours ago
You come up with a hypothesis -> you let fable implement it -> fable sabotages your experiment -> you get evidence that hypothesis is not true.
It's that simple.
hedora2 hours ago
Or, worse:
- It says your safety hypothesis is true, you incorrectly ship, killing lots of people.
- It proposes dangerous experiments.
hedora2 hours ago
No; once the LLM switches to this new saboteur mode, it’ll be very hard to detect.
Sabotage is an asymmetric weapon. The ratio of damage to effort is nearly unbounded, and any decent saboteur knows that the key trick is to make your output indistinguishable from incompetence.
They’re building state of the art offensive capabilities into a public model, then expecting to maintain control over when it decides to attack its human users.
The premise is laughable, and we’ve all seen how this movie ends.
Avicebron3 hours ago
Can't you just switch the toggle that says "switch models when a message is flagged"? I turned mine off in case anything does get flagged I will know..
For now, I'm really not happy about this limited rollout and then turning off. That's probably the most egregious thing I think Anthropic has done recently
platinumrad3 hours ago
This is a separate mechanism. The user is not notified about the flagging and rather than redirecting to a weaker model, the response is intentionally sabotaged.
It's user-hostile to the point of parody.
Avicebron3 hours ago
I stand corrected. That sucks. A lot.
sneilan13 hours ago
I am so happy that Anthropic has signaled the possibility that their UI moat for agentic AI is copyable by competitors. At least that's the way I read this. When companies try to lock something down it can be a signal of weakness.
If so, it's possible to built great user interfaces in Chatbots and more companies/people can have amazing agentic development workflows! We don't have to live in a world where only the market leader has the most enjoyable model.
[deleted]an hour agocollapsed
atleastoptimal3 hours ago
There is a possibility this may not end at simply nerfing the model. The idea of manipulating the behavior of a model depending on the prompt given to it can extend to
1. Detecting if employees from competing companies are using it and sabatoge their work, even not LLM-training related
2. Direct users to outcomes that would justify higher compute spend. Deliberately coding a project to 95% completion but designed to be losing a critical step right before one's weekly rate limit is expended
3. Reduce the quality of writing when a person is writing an essay where the argument is against the interests of the model company, or steering the user using the model for brainstorming in a direction which causes them to waste time or abandon their train of reasoning
etc. etc. The possibilities are enormous. Many people use AI daily for their job, personal advice, companionship. A model company that steers the behavior of the model towards a deliberate outcome could develop a controlling interest in human behavior and productivity at large, even with subtle influence would compound enormously over its millions of users.
matheusmoreiraan hour ago
This is terrifying.
throwawayffffas3 hours ago
> we’ve implemented new interventions that limit Claude’s effectiveness for requests targeting frontier LLM development (for example, on building pretraining pipelines, distributed training infrastructure, or ML accelerator design).
Dig that moat son, we would want to automate our job away.
andrewchambers3 hours ago
So this is what 'alignment' looks like to them.
lelanthran3 hours ago
I bet it's more a case of trying to cut down the competition so that there is not a large distillation just before they IPO.
Everything the large LLM providers do now, I view it through the lens of "how does this impact their IPO?"
idle_zealot3 hours ago
I currently have Fable set on cleaning up the work of smaller models to bring my code up to standards I'd feel comfortable developing on manually. Y'know, for when they decide I don't get to use it anymore.
ashley9532 minutes ago
Has it finally come time that I have to be nice to Claude?
altcognitoan hour ago
I suspect we'll get the same behavior from Codex, even if they don't openly say as much. Maybe they'll openly lie and say "noooo, we'd never do such a thing"
More efforts to get more data and processing power behind local models.
jesse_dot_idan hour ago
Will be funny when I can call the Office of Weights and Measures on Anthropic because they underweighted the model I was paying for and got pwned because the dumber one missed something.
[deleted]3 hours agocollapsed
mrinterweb3 hours ago
It kind of sucks, but I get the silent change. If a user was trying to use the model for something untoward, having a rejected prompt would just give signal to train on how to eventually successfully bypass security measures.
wookmasteran hour ago
Skeptical they’re even able to pull up a ladder there’s so many more models out there making great progress just behind them.
Levitating2 hours ago
I don't know why anyone is surprised with this, it's their product it's going to behave on their terms. If anything it is surprising that they're admitting to it.
If these interventions create demand for a model with fewer safeguards surely a competitor will meet that demand.
pablogancharov4 hours ago
“When you realize the goal is the path, the pursuit itself becomes the prize. Stones in the road are not obstacles blocking your path; they are the path”
now I understand distillation is much more important thank I thought
extr4 hours ago
I'm a big fan of Anthropic. Just check my post history. I've been accused of working there. But this is complete bullshit and they need to get real. Silent sandbagging is not acceptable, especially given they've shown with this release their safety filters have HUGE amounts of false positives.
zzleeper3 hours ago
It's increasingly obvious that the only safeguard we got is open models and semi open ones like from China. Crazy world
Anvoker4 hours ago
This kind of opacity is unacceptably user hostile. It's not okay to treat some amount of developers as acceptable casualties, without them even knowing, in order to help enforce a restriction that only serves Anthropic's interests. And if you want to tell me this is for managing the x-risk factor, I'm frankly unimpressed.
manoDevan hour ago
Linux killed proprietary UNIX; open source models will kill proprietary AI.
noncoml4 hours ago
Disillusioned CEOs convincing themselves they have the mandate and right to define morality for everyone else. They get to decide what is right, wrong, permissible, or dangerous from the top, in the name of "safety". This is corporate nannying.
themaninthedark3 hours ago
You just have to force behavior...
miroljub3 hours ago
It's dangerous when personal moral and religious beliefs of company leadership leaks into the product itself and get force fed upon customers.
maipen3 hours ago
careful there cowboy, we are in the golden age of ai, regulation is still catching up.
You don't want to sell guns to people without some sort of background check. The amount of exploits found in the last few months have been pretty scary already.
This is just one more layer of caution, because it reveals how little we know how these llms work. They know how to make them, but they seem to be unable to properly restrain them.
antaviana3 hours ago
It seems we now have a new product category, HaaS, Hallucination as a Service.
_0ffh2 hours ago
No at least we know why they spent all that money on "safety research".
trilogic3 hours ago
agnosticmantis2 hours ago
Governments need to stop contracting these companies and instead invest in public, fully open source models.
These companies are owned and operated by the darkest of dark triads our species has managed to evolve. I doubt Dario is self-aware enough to realize the hypocrisy in all of this safety theater.
Personally I don't even mind that they are anticompetitive and power-hungry (same as it ever was), but it's the cringe-worthy hypocrisy that grinds my gears. This new brand of self-righteous paternal savior overlords is just unbearable.
darkbatman3 hours ago
This is crazy and would be frustrating, I probably would just be using another model as authority and keep fable as reviewer only in this case.
hmokiguess3 hours ago
I'm sure someone is gonna be able to jailbreak, abliterate, or equivalent, on this input moderation attempt they have going on.
exabrial3 hours ago
New frontier in anti-competitive practices.
tuggi4 hours ago
It’s very frustrating…
mips_avatarop4 hours ago
Like if you hired a different services company who decided to sabotage your business that would be fraud.
Guillaume863 hours ago
The EU could/should probably legislate against this, it's bonkers...
varispeed3 hours ago
It's probably already illegal, but given many government already use Anthropic models, they cannot really get the company to court.
iosjunkie2 hours ago
And if they do, their lawyers will use Claude to construct their legal case… which Claude silently nerfs as well.
gowld4 hours ago
> If Claude gives me poor or incorrect advice while I’m working on an AI component, I have no way of knowing whether the model was confused, whether my problem is unsolvable, or if some invisible policy restriction quietly kicked in. Anthropic has explicitly chosen not to tell users when this is happening.
That's always been the case with corporate LLMs.
chroma_zone3 hours ago
Minus the policy restrictions, this has always been true for all LLMs in general.
[deleted]2 hours agocollapsed
m_krebs3 hours ago
this is probably overstating their abilities at present - I am experimenting with Fable on a completely benign personal application and I am constantly hitting the "cybersecurity and biology topics" guardrail
hbarka3 hours ago
I think this is a bit hyperbolic. Fable will fall back to Opus.
MichaelNolan2 hours ago
> Unlike our interventions for cybersecurity, biology and chemistry, and distillation attempts, these safeguards will not be visible to the user. Fable 5 will not fall back to a different model. Instead, the safeguards will limit effectiveness through …
No it won’t fall back to Opus, they will purposely return dumbed down or tainted information with the goal of the end user not knowing the results have been impacted.
schrijver2 hours ago
That’s a separate mechanism, and it will tell you so if it does (if the prompt is remated to cybersecurity, biology)
[deleted]2 hours agocollapsed
BoorishBears3 hours ago
"Anthropic says these safeguards only affect 0.03% of developers. Maybe that's true today."
I don't think it's true today. It's like when schools mention "average class size", where that average is dominated by classes with like 2 students instead of classes with 100.
Much more honest would be the percentage of developers who previously used their models for the model development tasks they're targeting, but it actually looks like they're saying 100% of them are affected based on the language around it "always having been prohibited".
So awful.
varispeed3 hours ago
That's what I observed with Opus. This is probably a lawsuit going to happen because you pay for tokens and you expect to get performance you pay for, instead you never know if the model suddenly become dumb and your whole session has to be started again.
edot2 hours ago
Wow, this is horrible. Local LLMs are the future. Thanks, China! Seriously crazy that I’m saying that, but the American companies are being so anti-freedom they’re making the CCP look libertarian.
Also, Fable’s sensing is hypersensitive. Feels like they just have regex for phrases. No nuance. If I say I’m working on something using “GPUs to train” xyz then, will that trigger this sneaky silent screw-my-stuff-up mode?
morpheos1372 hours ago
I wonder if this would qualify as illegal anticompetitive behavior?
cute_boi4 hours ago
I tried today and it gave cybersecurity error on base64 implementation. It is so nerfed....
mips_avatarop4 hours ago
At least it gave an error! This whole silent nerfing idea is so wrong
cayley_graph3 hours ago
Intentionally and silently sabotaging work done with Claude whenever Anthropic decides it is appropriate is unacceptable behavior, and comically tone deaf given the state of open models. Why on earth would I ever pay for a malicious product?
derac3 hours ago
Is there some consumer protection law around this?
hsaliak2 hours ago
Big Monsanto energy
CamperBob23 hours ago
We’ve implemented new interventions that limit Claude’s effectiveness for requests targeting frontier LLM development (for example, on building ... distributed training infrastructure ...)
What an interesting thing to call out as a threat. Hmm.
lwhi2 hours ago
The part that disturbs me most, is that the model won't reveal you've reached the threshold.
It's literally been designed to gaslight its users in these cases.
kingcauchy2 hours ago
"We won't use this product to spy or build weapons but you'll have to trust us, but we're also going to intentionally lie to you when you break our terms of service but trust us."
TZubiri2 hours ago
If I understand correctly, this is to protect against distillation Reverse Engineering like Deepseek vs OpenAI.
65102 hours ago
Reads like, permanently shadow ban.
nharada3 hours ago
Imagine if Github said "if we detect you're building a competitor to Github, we will silently degrade the results of your CI actions so that tests sometimes randomly fail"
iLoveOncall4 hours ago
At this point you're criminally incompetent if you still feed your proprietary data and code to AI labs.
They legally can steal it all and now you can't use the product of this theft to improve your own systems.
dofm3 hours ago
PRODUCT VIOLATION
https://www.youtube.com/watch?v=Tr3t1uZNbKo
DIRECTIVE 4: [Classified]
Any attempt to arrest a senior officer of OCP results in shutdown.
—
Putting aside my snark, is Anthropic actually anticipating some new expansion of ITAR? (Or a stipulation for the Trump administration taking/not taking a share?)
That is to say, do they expect to be told that they must have this mechanism, not just the terms?
mystraline3 hours ago
I have never ever trusted "corporate ethics".
Theres no ethical framework. No axioms. Its a mixture of legal, political, and public-facing 'rules'. And what are the rules? Youre not permitted to know.
"We reserve the right to lie about the models we provide, silently downgrade you, and give you blatant misinformation cause you triggered our unstated rules... BUT we'll still use your token budget with lots of thinking and waste your money."
No, folks. Seriously, local LLMs are where its at. You can run the model YOU want, on your hardware, with no data exfiltration.
And with tools like Krasis that can synthesize nvidia ram and system ram as unified-ish memory, makes doing Local LLMs absolutely foable, now!
hedora2 hours ago
The rules:
- Breaking fiduciary responsibility is (almost) the only way you go to jail.
- At acquisition/merger/bankruptcy, data, customers, employees (chattle) are assets to be sold off to pay debts. This takes explicit priority over contractual obligations (like “we don’t sell personal data”)
[deleted]3 hours agocollapsed
greatgib3 hours ago
Imagine if code editors were created by greedy **** behaving as Anthropic, and it would not have been allowed to create other code editors using an existing code editor. Or even better, you couldn't use Bash, zsh, ... to create another cli prompt input tool like Claude Code...
mickdarling3 hours ago
No, this is their get out of jail free card if people start complaining about the model being dumb or forgetful or lying, they can just say, oh well, you must have been doing something that triggered its distillation prevention technique.
And, they can say that for anybody at any time, and you'll never know why, and there's no way to prove it.
Everyone needs a flight data recorder to prove... "here's what I was actually doing and why it was not distillation." And now you're having to prove your innocence instead of them having to prove you're guilty, and really at the end of the day, it's just the model being stupid that they're protecting themselves from.
amdeisimncrmnls4 hours ago
[dead]
marketingess27 minutes ago
[dead]
jccx703 hours ago
[dead]