The Cat's Out of the Bag — Now What?

When Anthropic pulled the plug on Fable 5 and Mythos 5 earlier this month, the headlines were all about national security. The US government had security concerns. Export controls were involved. The models were suspended just days after launch. It all sounds serious and classified and appropriately heavy.

But if you zoom out past the government level and think about what this actually means for regular people, there is a more interesting question hiding underneath.

The question is not whether Fable 5 posed a legitimate national security risk. I do not know the classified reasons and I am not going to pretend to have an opinion on whether the government was right to restrict those specific models. What I do know is that restricting one model from one company does not actually solve the underlying problem.

Because here is the thing about AI development. Once the research is out there, it is very hard to put it back in the box. The techniques get published. The papers get cited. Other companies implement similar approaches. Open source models pop up that anyone can download and run. Foreign companies are racing ahead with their own versions. Even if the US government successfully restrains Anthropic, that does not stop Meta from releasing Llama 4. It does not stop OpenAI from shipping GPT-5. It does not stop models from being hosted on servers all over the world and accessible to anyone.

So if Fable 5 and Mythos 5 actually posed risks, those risks are not going away just because those particular models got restricted. The capabilities they demonstrated are going to keep improving. The tools are going to keep getting more powerful. And eventually, regular people are going to encounter AI this powerful whether the government likes it or not.

This is where the conversation needs to shift from national security to personal security.

When we talk about AI that is "too powerful," what does that actually mean for an individual? It is not abstract. It means very specific risks that are going to become more common and more sophisticated.

Think about social engineering. Right now, phishing emails are often clumsy and full of typos. But an AI model that can write perfect, context-aware phishing emails at scale changes the game. It can scrape your LinkedIn, your Twitter, your public posts, and craft an email that sounds exactly like it is from your coworker or your bank or your boss. The defense against that is not "hope AI gets restricted." The defense is personal vigilance and verification habits.

Or think about data extraction. If you have been feeding years of emails and documents into AI tools without thinking about it, what happens when a more powerful model comes along that has better techniques for extracting that data? Prompt injection attacks are getting more sophisticated. The idea that your data might sit safely in some company is reassuring until you realize that the company itself might become the vulnerability.

There is also automation of attacks. We are already seeing AI-written malware and reconnaissance scripts. As models get more capable at understanding code and network architecture, the barrier to entry for sophisticated attacks drops lower. A teenager with access to a powerful AI model might be able to do what used to require a whole team of skilled hackers.

And then there is identity manipulation. Deepfake video, voice cloning, synthetic media. We are not that far from a world where a video call from your boss asking for a wire transfer might not actually be your boss. The AI needed to clone a voice or generate a convincing video is going to be available to anyone, not just nation states.

This is not meant to be alarmist. The point is that waiting for governments and tech companies to solve this problem is not a strategy. They are focused on national security and corporate risk. Their solutions are going to be at the system level. But your risk is personal. You need to think about your own defense.

So what does personal preparation actually look like?

It starts with understanding what you should not share with AI. There is a temptation to treat AI chatbots like confidential assistants, but you should assume that anything you type into one is potentially going to be used to train future models. That means passwords. Internal company documents. Sensitive code. Personal financial information. Medical information. If it is something you would not post publicly, you probably should not feed it to an AI system that you do not control.

Then there is the question of where your data actually lives. This is something I have spent a lot of time thinking about. I built a tool called ThunderSweep because I realized that years of my sensitive documents were just sitting in my Gmail. Bank statements, tax returns, medical records, all accumulating because I never deleted them. The risk was not just that Gmail might get hacked. The risk was that all that data was sitting there waiting for a more sophisticated tool to come along and exploit it.

That same principle applies to the AI era. If your data is scattered across cloud services, if your emails contain everything, if your documents are uploaded to dozen different platforms, you are expanding your attack surface. Local-first tools, where your data never leaves your device, become more important when AI models are getting better at extracting and synthesizing information from massive datasets.

Verification habits matter too. We are moving toward a world where you cannot trust anything by default. A video call might be deepfaked. An email might be AI-generated. A website might be cloned. The defense is not technological as much as it is behavioral. Verify out of band. Call the person back. Check the URL. Do not trust urgent requests that bypass normal processes.

There is also a role for open source and self-hosted models. If you run the AI yourself on hardware you control, you do not have to worry about your data being used to train someone else model or being exposed through a prompt injection attack on their servers. This is not practical for everyone, but for people handling truly sensitive information, it is becoming a real option.

The broader point is about control.

The government is trying to control AI at the national level. Tech companies are trying to control it at the corporate level. But the individual needs to think about control at the personal level. What happens when the service you use gets breached? What happens when the AI model gets exploited? What happens when your data is trained into a model that gets leaked?

National security is important. I am not dismissing it. But personal security is also important. And the thing about AI is that it does not really distinguish between the two. A tool that can exploit data at scale does not care whether that data belongs to a government agency or a random person. The vulnerability is the same.

The most honest takeaway from the Fable 5 and Mythos 5 suspension is not that the government saved us from a dangerous model. It is that we are entering an era where powerful AI is going to be ubiquitous. Some of it will be restrained. Some of it will not. The models will get more capable regardless. The attack surface will keep expanding.

Preparing for that future means thinking about your own digital hygiene. It means reducing your data footprint. It means being selective about what you share with AI systems. It means assuming that anything you put online could eventually be extracted or synthesized.

The government can secure the nation. But you have to secure yourself.