From PGP to Mythos: a brief history of export controls that didn’t stop anyone

The recent unveiling of Anthropic’s "Mythos," a specialized model designed to bolster cybersecurity defenses, has reignited a dormant but fierce debate regarding the efficacy of digital export controls. Proponents argue that restricting the cross-border distribution of such potent dual-use technologies prevents adversaries from weaponizing automated vulnerability discovery. However, history suggests that these administrative barriers are often porous. By attempting to wall off software that functions essentially as mathematical logic, regulators are retracing the steps of failed 20th-century policies, hoping for a different outcome in a far more interconnected era.

The precedent for this friction dates back to the "Crypto Wars" of the 1990s. The most famous casualty of that era was Phil Zimmermann, the creator of PGP (Pretty Good Privacy) encryption. At the time, the U.S. government classified high-level encryption as "munitions," placing it under the same restrictive export umbrella as stinger missiles. The absurdity of this classification was laid bare when activists printed the PGP source code in a book and exported it physically, arguing that software was protected speech under the First Amendment. Eventually, the government capitulated, realizing that once a sequence of logic is public, it cannot be un-invented or contained by national borders.

Technically, the challenge with a model like Mythos is even more complex than static encryption. Mythos represents a shift toward "agentic" cybersecurity—AI that can autonomously scan, interpret, and potentially patch code. Unlike the "export" of a physical tank, exporting an AI model involves the transmission of weight files and parameters. These are easily mirrored across decentralized servers or leaked via employees. Furthermore, the "dual-use" nature of Mythos means that the very same logic used to harden a power grid’s defense can be inverted to find the precise fracture point for a kinetic strike, making the stakes higher than the PGP era while the enforcement mechanisms remain just as fragile.

From a market perspective, these controls often backfire by creating a "compliance chasm." If U.S.-based firms like Anthropic are hamstrung by stringent export license requirements, it creates a vacuum that international competitors or open-source projects are eager to fill. History shows that when the U.S. restricted high-performance computing exports in the early 2000s, it didn't stop the proliferation of supercomputers; it merely incentivized China and Europe to develop their own indigenous supply chains. By placing Mythos under heavy guard, the U.S. may inadvertently drive the global cybersecurity market toward less transparent, non-aligned alternatives that do not adhere to any safety guardrails.

The regulatory implications also touch upon the definition of "open" versus "closed" ecosystems. If the government determines that cybersecurity weights are too dangerous to transit borders, it sets a chilling precedent for the broader open-weights movement. We are seeing a collision between the national security establishment, which views AI as a strategic asset to be hoarded, and the Silicon Valley ethos, which views software as a universal utility. This friction creates a bifurcated internet, where the quality of one's digital defense is determined by their geographic proximity to a handful of San Francisco-based servers.

As we look toward the immediate future, the primary metric for success will not be how many licenses the Department of Commerce denies, but how quickly the underlying techniques of Mythos are replicated elsewhere. In the age of distributed GPU clusters and model distillation, "secrets" in the AI world have a remarkably short half-life. The industry should watch for whether these controls lead to a "brain drain" of researchers seeking more permissive environments, or if the federal government eventually adopts a more pragmatic strategy focused on "defensive dominance" rather than futile containment. Monitoring the first major leak or unsanctioned foreign replication of a Mythos-class model will likely be the moment this policy meets its reckoning.