If Claude Fable stops helping you, you'll never know

Posted by mips_avatar 1 hour ago

221105Original

Comments

Comment by variety8675 1 hour ago

It is absolutely fine to distill the IP of everyone else, but you'd be violating the TOS to distill ours :)

Comment by david_shi 48 minutes ago

Is there a technical term for this phenomenon? Ladder pulling?

https://blog.google/innovation-and-ai/technology/safety-secu...

Comment by ashleyn 36 minutes ago

I believe the term is "hypocrisy."

Comment by dofm 10 minutes ago

There are several domain-general four-letter terms.

Comment by giancarlostoro 11 minutes ago

Corporate espionage?

Comment by atmavatar 27 minutes ago

Disney?

Comment by matt_daemon 28 minutes ago

NIMBYism

Comment by cyanydeez 38 minutes ago

"Capitalism"

Comment by hedora 21 minutes ago

Yep. Demand open source approve licenses for LLM weights.

The Chinese apache 2.0 models might be censored, but at least they can’t sue you in the US for finding the censorship line.

OTOH, the US models are definitely censored, per TFA, and they’re making vague legal threats against anyone that encounters the censored edge of the model.

Comment by nextaccountic 7 minutes ago

the base models released to the public are not censored. censorship happens with another model, that isn't released

Comment by mips_avatar 1 hour ago

Fine for me. Not for thee

Comment by anematode 1 hour ago

It's utterly bonkers. Hopefully the model weights get leaked. Then we can claim it's public domain or, at the very least, distill it and then release it for free.

Comment by prmph 1 minute ago

[delayed]

Comment by skeledrew 1 minute ago

It was good while it lasted. Time for me to resume my migration to another provider. One that promotes an open ecosystem, even if I can't opt out of them using my data to train. Heck I'll actively GIVE them my data and do my part in promoting openness, tiny though it may be. DeepSeek and GLM looking damn fine for a start.

Comment by jkxyz 39 minutes ago

"To effectively contain a civilization’s development and disarm it across such a long span of time, there is only one way: kill its science." - Cixin Liu, The Three-Body Problem

This immediately made me think of the Sophons silently manipulating the sensors of particle accelerators to prevent humanity from developing advanced knowledge of particle physics.

Comment by delichon 16 minutes ago

The level of oppression necessary to get software geeks to stop making progress on AI is similar to that necessary to get Ukrainian geeks to stop making progress on drones.

Comment by xyzsparetimexyz 4 minutes ago

Not so sure those things are equivalent

Comment by somesortofthing 1 hour ago

This is a fun peek into the economic implications of RSI/ASI. Because it's so infinitely valuable that it basically destroys all markets, labs will eventually do stuff like stop releasing models completely and skipping out on contracted commitments because they'll have the power to just drive their competitors out of business before the legal battle gets expensive.

Cloud providers - at first smaller ones, then the hyperscalers - will follow suit, completely closing sales to anyone but the labs and demanding payment in equity/direct decision-making power rather than cash. There's no particular reason why the inference/training split has to be 80/20, and no amount of willingness to pay can help you in an event that turns your money worthless.

Comment by stratos123 6 minutes ago

I don't think this scenario makes sense. It's one of a class of scenarios I've seen several of, that simultaneously assume:

  A) ASI is developed and massively overshadows the rest of the world economy 
  B) the world still has rule of law, contracts, business, well-developed finance, etc

You can get to a lot of weird conclusions if you assume both A and B, but I think the much more likely scenario is that if A happens, B stops being true in short order. If you are a company and you have ASI, you just stop caring about business and money and economics, and your outcomes instead start looking like "you conquer the world" or "you upload the board of directors to a fleet of von Neumann probes" or "you messed up, everyone dies".

Comment by platinumrad 39 minutes ago

Nothing is infinitely valuable.

Comment by windexh8er 21 minutes ago

Especially when you can actively choose to not use Anthropic. They think they have a moat from all of the IP they've stolen. Just wait until there's nothing more to steal and the laws eventually turn against them. And let's be honest about these companies. It is very much Dario and Sam and Sundar and Mark and Peter and Elon and... These are the choices they are making and hopefully they are held accountable both legally and within society as a whole.

Comment by SwellJoe 23 minutes ago

The moat looks deep today but it's going to become more shallow every year.

Training a new model from scratch takes serious resources. Post-training/fine-tuning an existing model, dramatically less. The knowledge for the process was esoteric two years ago, now you can ask a current model (one of several) to walk you through it, while building the tools to do it as you go. Several of my recent weekend projects have been exactly that sort of thing, just so I understand it better. "Let's make a LoRA", "let's generate a corpus of training data for fine-tuning a model for X task", "how can I put my face in a text-to-image model?" stuff like that. All of this is do-able on kinda modest local hardware (a couple of old GPUs or a Strix Halo or DGX Spark or big Mac Studio), or for a few bucks or a few hundred bucks or a few thousand bucks of cloud compute, depending on scale.

Scale that up to corporate or startup scale, with the money that's been flowing into AI for the past couple/few years, and it's obviously there's going to be a lot of competition just as the top model makers need to start ringing the cash register. That's a lot of opportunities for people to look at their ballooning Claude usage costs and find other ways to do the same thing for drastically less money. $100/month or $200/month is a no-brainer for Claude Code with probably the best model for coding, but they're pushing more users to usage-based billing which becomes cost-prohibitive real fast.

So, they desperately need to continue to be among the only ways to solve the hardest problems, and they need the alternatives to cost a similar amount. They can count on OpenAI and Google to ratchet up prices, too. They probably can't count on everybody, especially the vendors in China with different economics, to do it. And, they can't count on companies to look at their own usage and not ask, "Can we train a smaller specialist model that does this one thing we're using the Anthropic API most heavily for?"

I'm hoping they just mean stuff like using Claude for distillation by e.g. Chinese model makers, and not "how do I fine-tune Gemma 4 to write more like me?" or whatever.

Comment by hedora 17 minutes ago

What moat? There are multiple companies providing pareto-optimal frontier models, and it takes O(10) people to build one of these things.

The rest is capital intensive, and the price will approach the cost of production over time.

Thinking this is a profitable endeavor is equivalent to claiming coal plants have good margins because boilers are expensive.

Comment by delichon 31 seconds ago

The Pentagon's struggles with Anthropic guardrails were foreshadowing.

Comment by Artoooooor 14 minutes ago

It is as if Jetbrains told that "you can't use IntelliJ Idea to develop frontier IDE. We can introduce slight compilation errors if we detect you doing so".

Comment by 48 seconds ago

Comment by mips_avatar 13 minutes ago

Thats exactly it

Comment by CrankyBear 1 hour ago

"Claude can now be silently nerfed. Anthropic has decided it won't tell users when this happens." W T F!!

Comment by Ifkaluva 1 hour ago

I guess an uncharitable way to read this might be “the ML engineers/scientists want to automate all of the jobs except their own.”

Comment by afavour 1 hour ago

The charitable read is that their restrictions for "safety" (i.e. what's separating Fable from Mythos) makes this inevitable. If you could just make your own Mythos it would circumvent the protection.

Which kinda just highlights how weird this situation is.

Comment by cyanydeez 26 minutes ago

"Haves" and "Havenots" is how they should be calling, init

Comment by throwaway89864 1 hour ago

Insta-job security.

Comment by numpad0 1 hour ago

I don't understand how businesses could trust cloud LLMs going forward with this ongoing "safety" paranoia. Building dependence on them doesn't feel like a sane strategic decision for users.

Comment by forshaper 1 hour ago

Looking better and better for people to go after local solutions.

Comment by mcmcmc 47 minutes ago

Tell that to the GPU market

Comment by hedora 13 minutes ago

I think it heard. A 128GB strix halo was $1400 at launch. Now they’re $3299.

That 7 months of claude -> 16.5 months of claude.

Comment by cubefox 1 hour ago

It's not paranoia. Cyber attacks have gone up massively in the past few months even with the weaker models we had so far. And Claude Mythos 5 scores even higher than the unreleased Mythos Preview on ExploitBench. If you made this capability publicly available you would see another acceleration of cyber attacks.

Comment by extr 1 hour ago

This isn't even about cyber attacks. This is just LLM development which is increasingly just called software development. And at least for cyber it says "Sorry I can't help with that"!

Comment by thinkingtoilet 17 minutes ago

Because this effectively hinders 0% of people. I understand why people don't like it but day to day this is nothing. If you're using it for coding, it won't stop you. The pearl clenching here and over reacting is predictable and sad. If you are working for a large organization and you were going through the vendor procurement process, questions like Can this produce pornography? Can this tell my employees how to break the law? are normal and anyone wiht half a brain knows that this is the case. Before people jump on that, I understand people have access to the internet. Your question "how businesses could trust cloud LLMs going forward" is absurd and you know it. There is an extremely small set of edge cases that effect 0% of people day to day. You can trust them just fine.

Comment by mike-cardwell 32 minutes ago

I spend a lot of time telling Opus 4.8 to search for security bugs in the code it wrote, and it spends a lot of time finding them, and then fixing them. Fable wont let me fix the security issues that Opus 4.8 created.

Comment by throwawayffffas 11 minutes ago

> we’ve implemented new interventions that limit Claude’s effectiveness for requests targeting frontier LLM development (for example, on building pretraining pipelines, distributed training infrastructure, or ML accelerator design).

Dig that moat son, we would want to automate our job away.

Comment by thot_experiment 1 hour ago

It's a SaaS, when in the history of SaaS has it ever been a good idea to trust that the company won't ruin the product under you?

Comment by booi 1 hour ago

I think there's a pretty big difference here. It's not like Github prevents you from building a Github competitor. Or Linear is preventing you from using it to build a Linear competitor.

This is more akin to Windows somehow preventing you from building a new OS.

Or worse yet, sabotaging vs preventing.

Comment by semiquaver 1 hour ago

A surprising number of companies do include “you may not use the service we provide you to compete with us” in their terms of service.

After a quick search the best example is Atlassian. It would (apparently, IANAL) break terms to plan a JIRA competitor using JIRA.

  > Customer must not (and must not permit anyone else to): [...] (d) use the Products to develop a similar or competing product or service

https://www.atlassian.com/legal/atlassian-customer-agreement

Also Salesforce. Their competitors are explicitly disallowed from using any of their services for any reason.

  > SFDC’s direct competitors are prohibited from accessing the Services, except with SFDC’s prior written consent.

https://www.salesforce.com/en-us/wp-content/uploads/sites/4/...

Comment by wincy 20 minutes ago

I remember working for a company that did a lot of business in logistics. We were strictly prohibited from using any Amazon Web Services because several of our very high profile customers didn’t want anything on AWS. The higher ups were thoroughly convinced Amazon would copy it (and I mean, they came out with a product that competed with us, so they weren’t wrong!)

Comment by trhaynes 39 minutes ago

Perhaps provide an example or two?

Comment by ncallaway 29 minutes ago

Was the parent comment edited, because it does have a couple of examples in it

Comment by rhubarbtree 47 minutes ago

Most of the time, which is why SaaS has been very popular.

Comment by preg_match 10 minutes ago

The popularity of SaaS was never derived from the products themselves, but rather business' weird aversion to doing in-house development. Most companies not in tech view software as literal magic, and act as if hiring some engineers could risk opening Pandora's box or something. Banks are particularly notorious for this; despite basically their entire business being done digitally, they treat software as a necessary evil, not as their underlying value.

But, the cost of in-house development just went down significantly. SaaS has always had a lot of broken promises. The thing is the software is never tailored to your use case, and you often have to integrate into your other tools anyway. And, you don't get to control the requirements, features, velocity, or bug fixes. Jira as a bug? Too bad I guess, hopefully it gets fixed eventually.

But the dirty secret is that companies are filled to the brim with bright-eyed aspirational employees, who want nothing more than to make their job easier and their company more efficient. The thing is they're doing it using cursed Excel workbooks on share drives. I think, in the near future, they'll be doing it with hand-rolled applications.

Comment by thot_experiment 28 minutes ago

In comparison to some absurdist baseline maybe, actual software NEVER stops working under you, so in comparison something like an works 80% "most of the time" is godawful. Though I would argue that with SaaS the trend is toward 100% likelyhood to fuck your shit up given enough time, and it has borne out this way in the real world time and time again. SaaS is popular because it allows companies to more effectively extort you for your dollars.

Comment by sneilan1 8 minutes ago

I am so happy that Anthropic has signaled the possibility that their UI moat for agentic AI is copyable by competitors. At least that's the way I read this. When companies try to lock something down it can be a signal of weakness.

If so, it's possible to built great user interfaces in Chatbots and more companies/people can have amazing agentic development workflows! We don't have to live in a world where only the market leader has the most enjoyable model.

Comment by torben-friis 58 minutes ago

They have a silent nerfing system for their models and say so openly. The obvious question is how much it is being used already.

Competitor companies being nerfed?

Non Americans getting worse code?

Punishing and rewarding users to maximize engagement, like online games do affecting victories through matchmaking?

Comment by notrealyme123 11 minutes ago

This send chills down my spine. For now I will not use Fable in my research. The risks of being sabotaged by the model are not worth it.

Comment by cyanydeez 16 minutes ago

$$$$$$: no nerf $$$$: a little nerf $$$: more nerf $$: are you poor? $: be permanent underclass

Comment by mips_avatar 1 hour ago

I'm really uncomfortable with these changes, like everything Anthropic's doing as "frontier research" today will be regular product engineering in a year.

Comment by __natty__ 1 hour ago

This makes Fable unusable for me. If I cannot tell whether I am paying for the whole service or just a partial one, because somehow their guardrails have decided my work silently broke their terms of service, then I prefer to go to older models or alternatives

Comment by maxall4 57 minutes ago

As someone who works in bioinformatics, and, as such, does a great deal of machine learning, this makes Fable unusable for me as well.

Comment by flexagoon 43 minutes ago

Fable would be unusable for you in a more literal way, since it just directly refuses to answer any query even remotely related to biology

Comment by maxall4 36 minutes ago

I’m very aware of this as well.

Comment by hedora 9 minutes ago

How do local models work? I’m specifically interested in things that run in the 32-128GiB space. (I don’t care about bio specifically; just trying to track when local models start surpassing cloud ones in some practical dimensions).

Comment by varispeed 54 minutes ago

I am sure they've been doing that with Opus. I am getting mixed results all the time.

Comment by idle_zealot 16 minutes ago

I currently have Fable set on cleaning up the work of smaller models to bring my code up to standards I'd feel comfortable developing on manually. Y'know, for when they decide I don't get to use it anymore.

Comment by lelanthran 18 minutes ago

I bet it's more a case of trying to cut down the competition so that there is not a large distillation just before they IPO.

Everything the large LLM providers do now, I view it through the lens of "how does this impact their IPO".

Comment by Avicebron 56 minutes ago

Can't you just switch the toggle that says "switch models when a message is flagged"? I turned mine off in case anything does get flagged I will know..

For now, I'm really not happy about this limited rollout and then turning off. That's probably the most egregious thing I think Anthropic has done recently

Comment by platinumrad 37 minutes ago

This is a separate mechanism. The user is not notified about the flagging and rather than redirecting to a weaker model, the response is intentionally sabotaged.

It's user-hostile to the point of parody.

Comment by Avicebron 23 minutes ago

I stand corrected. That sucks. A lot.

Comment by tempestn 44 minutes ago

> If Claude gives me poor or incorrect advice while I’m working on an AI component, I have no way of knowing whether the model was confused, whether my problem is unsolvable, or if some invisible policy restriction quietly kicked in.

You should be able to know if your problem was solvable by using your own expertise and judgement, no? If you're relying on LLMs as a substitute for those, I wouldn't expect great results.

Comment by notrealyme123 8 minutes ago

You come up with a hypothesis -> you let fable implement it -> fable sabotages your experiment -> you get evidence that hypothesis is not true.

It's that simple.

Comment by hedora 1 minute ago

Or, worse:

- It says your safety hypothesis is true, you incorrectly ship, killing lots of people.

- It proposes dangerous experiments.

Comment by hedora 3 minutes ago

[dead]

Comment by comboy 1 hour ago

I'm fairly certain they were doing something similar already possibly with some quantizations and not for the good humanity but just trying to handle the increased usage. Not for API requests though, just subscription CLI usage.

Comment by 56 minutes ago

Comment by mrinterweb 54 minutes ago

It kind of sucks, but I get the silent change. If a user was trying to use the model for something untoward, having a rejected prompt would just give signal to train on how to eventually successfully bypass security measures.

Comment by pablogancharov 1 hour ago

“When you realize the goal is the path, the pursuit itself becomes the prize. Stones in the road are not obstacles blocking your path; they are the path”

now I understand distillation is much more important thank I thought

Comment by atleastoptimal 43 minutes ago

There is a possibility this may not end at simply nerfing the model. The idea of manipulating the behavior of a model depending on the prompt given to it can extend to

1. Detecting if employees from competing companies are using it and sabatoge their work, even not LLM-training related

2. Direct users to outcomes that would justify higher compute spend. Deliberately coding a project to 95% completion but designed to be losing a critical step right before one's weekly rate limit is expended

3. Reduce the quality of writing when a person is writing an essay where the argument is against the interests of the model company, or steering the user using the model for brainstorming in a direction which causes them to waste time or abandon their train of reasoning

etc. etc. The possibilities are enormous. Many people use AI daily for their job, personal advice, companionship. A model company that steers the behavior of the model towards a deliberate outcome could develop a controlling interest in human behavior and productivity at large, even with subtle influence would compound enormously over its millions of users.

Comment by andrewchambers 20 minutes ago

So this is what 'alignment' looks like to them.

Comment by hbarka 26 minutes ago

I think this is a bit hyperbolic. Fable will fall back to Opus.

Comment by trilogic 1 hour ago

https://huggingface.co/Trilogix1/Hugston-Nex-N2-Pro-gguf

Comment by darkbatman 1 hour ago

This is crazy and would be frustrating, I probably would just be using another model as authority and keep fable as reviewer only in this case.

Comment by hmokiguess 58 minutes ago

I'm sure someone is gonna be able to jailbreak, abliterate, or equivalent, on this input moderation attempt they have going on.

Comment by dofm 5 minutes ago

DIRECTIVE 4: [Classified]

Any attempt to arrest a senior officer of OCP results in shutdown.

Comment by Anvoker 1 hour ago

This kind of opacity is unacceptably user hostile. It's not okay to treat some amount of developers as acceptable casualties, without them even knowing, in order to help enforce a restriction that only serves Anthropic's interests. And if you want to tell me this is for managing the x-risk factor, I'm frankly unimpressed.

Comment by m_krebs 49 minutes ago

this is probably overstating their abilities at present - I am experimenting with Fable on a completely benign personal application and I am constantly hitting the "cybersecurity and biology topics" guardrail

Comment by noncoml 1 hour ago

Disillusioned CEOs convincing themselves they have the mandate and right to define morality for everyone else. They get to decide what is right, wrong, permissible, or dangerous from the top, in the name of "safety". This is corporate nannying.

Comment by themaninthedark 56 minutes ago

You just have to force behavior...

https://youtube.com/shorts/QmGGUnZNqv4?si=Q4CsGsYMvR02vay8

Comment by miroljub 56 minutes ago

It's dangerous when personal moral and religious beliefs of company leadership leaks into the product itself and get force fed upon customers.

Comment by maipen 31 minutes ago

careful there cowboy, we are in the golden age of ai, regulation is still catching up.

You don't want to sell guns to people without some sort of background check. The amount of exploits found in the last few months have been pretty scary already.

This is just one more layer of caution, because it reveals how little we know how these llms work. They know how to make them, but they seem to be unable to properly restrain them.

Comment by 7 minutes ago

Comment by tuggi 1 hour ago

It’s very frustrating…

Comment by mips_avatar 1 hour ago

Like if you hired a different services company who decided to sabotage your business that would be fraud.

Comment by Guillaume86 1 hour ago

The EU could/should probably legislate against this, it's bonkers...

Comment by varispeed 51 minutes ago

It's probably already illegal, but given many government already use Anthropic models, they cannot really get the company to court.

Comment by antaviana 59 minutes ago

It seems we now have a new product category, HaaS, Hallucination as a Service.

Comment by gowld 1 hour ago

That's always been the case with corporate LLMs.

Comment by chroma_zone 46 minutes ago

Minus the policy restrictions, this has always been true for all LLMs in general.

Comment by exabrial 45 minutes ago

New frontier in anti-competitive practices.

Comment by nharada 18 minutes ago

Imagine if Github said "if we detect you're building a competitor to Github, we will silently degrade the results of your CI actions so that tests sometimes randomly fail"

Comment by derac 59 minutes ago

Is there some consumer protection law around this?

Comment by extr 1 hour ago

I'm a big fan of Anthropic. Just check my post history. I've been accused of working there. But this is complete bullshit and they need to get real. Silent sandbagging is not acceptable, especially given they've shown with this release their safety filters have HUGE amounts of false positives.

Comment by zzleeper 31 minutes ago

It's increasingly obvious that the only safeguard we got is open models and semi open ones like from China. Crazy world

Comment by cayley_graph 27 minutes ago

Intentionally and silently sabotaging work done with Claude whenever Anthropic decides it is appropriate is unacceptable behavior, and comically tone deaf given the state of open models. Why on earth would I ever pay for a malicious product?

Comment by varispeed 55 minutes ago

That's what I observed with Opus. This is probably a lawsuit going to happen because you pay for tokens and you expect to get performance you pay for, instead you never know if the model suddenly become dumb and your whole session has to be started again.

Comment by CamperBob2 56 minutes ago

We’ve implemented new interventions that limit Claude’s effectiveness for requests targeting frontier LLM development (for example, on building ... distributed training infrastructure ...)

What an interesting thing to call out as a threat. Hmm.

Comment by cute_boi 1 hour ago

I tried today and it gave cybersecurity error on base64 implementation. It is so nerfed....

Comment by mips_avatar 1 hour ago

At least it gave an error! This whole silent nerfing idea is so wrong

Comment by BoorishBears 46 minutes ago

"Anthropic says these safeguards only affect 0.03% of developers. Maybe that's true today."

I don't think it's true today. It's like when schools mention "average class size", where that average is dominated by classes with like 2 students instead of classes with 100.

Much more honest would be the percentage of developers who previously used their models for the model development tasks they're targeting, but it actually looks like they're saying 100% of them are affected based on the language around it "always having been prohibited".

So awful.

Comment by iLoveOncall 1 hour ago

At this point you're criminally incompetent if you still feed your proprietary data and code to AI labs.

They legally can steal it all and now you can't use the product of this theft to improve your own systems.

Comment by greatgib 14 minutes ago

Imagine if code editors were created by greedy **** behaving as Anthropic, and it would not have been allowed to create other code editors using an existing code editor. Or even better, you couldn't use Bash, zsh, ... to create another cli prompt input tool like Claude Code...

Comment by mickdarling 42 minutes ago

No, this is their get out of jail free card if people start complaining about the model being dumb or forgetful or lying, they can just say, oh well, you must have been doing something that triggered its distillation prevention technique.

And, they can say that for anybody at any time, and you'll never know why, and there's no way to prove it.

Everyone needs a flight data recorder to prove... "here's what I was actually doing and why it was not distillation." And now you're having to prove your innocence instead of them having to prove you're guilty, and really at the end of the day, it's just the model being stupid that they're protecting themselves from.

Comment by mystraline 55 minutes ago

I have never ever trusted "corporate ethics".

Theres no ethical framework. No axioms. Its a mixture of legal, political, and public-facing 'rules'. And what are the rules? Youre not permitted to know.

"We reserve the right to lie about the models we provide, silently downgrade you, and give you blatant misinformation cause you triggered our unstated rules... BUT we'll still use your token budget with lots of thinking and waste your money."

No, folks. Seriously, local LLMs are where its at. You can run the model YOU want, on your hardware, with no data exfiltration.

And with tools like Krasis that can synthesize nvidia ram and system ram as unified-ish memory, makes doing Local LLMs absolutely foable, now!

Comment by jccx70 9 minutes ago

[dead]

Comment by amdeisimncrmnls 1 hour ago

[dead]