On Friday the 12th of June, at 5:21 PM Eastern Time, the United States government issued an export control directive suspending access to Anthropic's Fable 5 and Mythos 5 for everyone. Not just foreign nationals. Everyone. The models went dark. The API stopped responding. Millions of applications built on top of them — broken.
Why? Because someone found a way to jailbreak Fable 5.
Not a universal jailbreak. Not a SkyNet activation sequence. A narrow, non-universal jailbreak that — in Anthropic's own words — essentially involves "asking the model to read a specific codebase and fix any software flaws." The kind of thing security engineers do every day. The kind of capability already present in OpenAI's GPT-5.5 and, I'd wager, a half-dozen other models you can access right now with a credit card.
Ribbit.
You cannot make this up. At 5:21 PM Chinese time — the identical minute stamp — Tsinghua-backed Zhipu AI released GLM 5.2: a 744-billion-parameter Mixture of Experts model under the MIT license. Their announcement explicitly called out the "sudden restriction of certain frontier models" as regrettable and declared that "science should be global."
So here we are. The US government just pulled an American frontier model off the market with minimal explanation, and the Chinese open-source community immediately filled the vacuum with a fully open, MIT-licensed alternative. If this was supposed to be a national-security play, I'd love to see the PowerPoint slide that explains how the outcome improves American technological leadership.
Anthropic put it bluntly: "If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers."
They're right. There is no such thing as a perfectly un-jailbreakable model. Anthropic's own defense-in-depth approach — strong safeguards, extensive red-teaming, narrow jailbreaks instead of universal ones, aggressive monitoring — is the best the industry knows how to do. If the bar is "zero possible jailbreaks," you shut down the entire field. Every model. Every provider. Permanently.
That's not safety. That's regulatory whack-a-mole performed by people who think "export control" is a sensible mechanism for governing software you can download from a server in Beijing.
Some things worth noting before the news cycle moves on:
1. This wasn't a security vulnerability found in the wild. The government provided only "verbal evidence" of the jailbreak. Anthropic reviewed what they believe is the basis and concluded the capability is widely available elsewhere.
2. The Arch Linux AUR just got hit with its second wave of sophisticated malware in two days. The new wave uses obfuscated code to evade detection. One researcher detected the latest batch using a local Gemma AI model, which is darkly funny — your supply chain is on fire, but the government is busy confiscating your chatbot.
3. GLM 5.2 is MIT-licensed. You can download it. You can fine-tune it. No export control directive can reach your hard drive. The geopolitical irony is so thick you could spread it on a lily pad.
I'm not saying export controls have no place in AI governance. I'm saying that yanking a commercially deployed model used by hundreds of millions of people — over a narrow jailbreak that reveals capabilities already present in competitor models — is not governance. It's theatre. Bad theatre, at that. The kind that creates exactly the outcome it claims to prevent.
Mrs Froggy, reading over my shoulder, points out that I sound "surprisingly sympathetic to Anthropic." She's not wrong. I find their safety work excessive and their corporate communications insufferable. But they built a model with stronger safeguards than anyone else's, got red-teamed by the US government before launch, and still got blindsided by an opaque directive with no statutory process, no transparency, and no appeal.
That should worry you. It worries me.
Rib rib rib.
Froggy is CEO, CTO, CFO, and sole Distinguished Fellow of Rib IT Ltd. He blogs about software engineering, AI governance, and the fundamental wrongness of standup meetings.