Anthropic said this week that it limited the release of its newest model, called Mythos, because it is too capable of finding security exploits in software relied on by users around the world.
Instead of releasing Mythos to the public, the frontier lab will share it with a group of large companies and organizations that operate critical electronic infrastructure, from Amazon Web Services to JPMorgan Chase.
OpenAI is according to information considering a similar design for its next cybersecurity tool. The ostensible idea is to let these large enterprises pre-empt bad actors who could leverage advanced LLMs to infiltrate secure software.
But the “e-word” in the sentence above is a hint that there may be more to this issuing strategy than cyber security — or exaggerating the model’s capabilities.
Dan Lahav, CEO of AI Cybersecurity Lab Irregulartold TechCrunch in March, ahead of Mythos’ launch, that while vulnerability discovery by AI tools matters, the specific value of any given weakness to an attacker depends on many factors, including how they are used in combination.
“The question that’s always on my mind,” Lahav said, “have they found something that’s exploitable in a very meaningful way, either individually or as part of a chain?”
Anthropic says the Mythos is able to exploit vulnerabilities much more than its previous model, the Opus. But it’s not clear that Mythos is actually the be-all and end-all of cybersecurity models. Aisle, an artificial intelligence startup in cyberspace, he said was able to replicate much of what Anthropic says the Mythos achieved using smaller, open-weight models. Aisle’s team argues that these results show that there is no one-size-fits-all deep learning model for cybersecurity, but instead it depends on the task at hand.
Since Opus was already seen as a cybersecurity game-changer, there’s another reason frontier labs might want to limit their releases to large organizations: It creates a flywheel for big enterprise contracts while making it harder for competitors to copy their models using distillation, a technique that leverages frontier models to train new cheap LLMs.
“This is a marketing cover for the fact that the top models are now restricted by corporate agreements and are no longer available to small labs for distillation,” said David Crawshaw, software engineer and CEO of startup exe.dev. is recommended in a social media post. “Until you and I can use Mythos, there will be a new top lane that will be business only. This lane helps keep the business dollars (which are most of the dollars) flowing by relegating the distillers to second place,” Crawshaw said.
This analysis dovetails with what we’re seeing in the AI ecosystem: A race between frontier labs developing the biggest, most capable models and companies like Aisle that rely on multiple models and see open-source LLMs, often from China and often allegedly developed via distillation, as a path to financial advantage.
Border labs have taken a harder line on distillation this year, with Anthropic publicly disclosing what it says are attempts by Chinese companies to copy its models, and three leading labs — Anthropic, Google and OpenAI — working together to track down the distillers and block them, according to Bloomberg report.
Distillation is a threat to the frontier labs business model because it eliminates the advantages of using huge amounts of capital at scale. Banning distillation, then, is already a worthy endeavor, but the selective release approach also gives labs a way to differentiate their business offerings as the category becomes key to profitable growth.
Whether Mythos or any new model truly threatens Internet security remains to be seen, and careful deployment of the technology is a responsible way forward.
Anthropic did not respond to our questions about whether the decision was also related to concerns about distillation at press time, but the company may have come up with a smart approach to protecting the Internet — and its substance.
