If they succeed here, won't they have to gate access to this feature, too? For the same reasons as, "if I so much as mention mitochondria, it downgrades me to Opus."
Step 1. Make it so Claude can do anything — the whole point of AGI
Step 2. Wait, if the user can do Anything, that would be Very Bad!
Step 3. Err on the safe side with blanket bans of entire fields
The latter actually seems to me a sensible reaction to e.g. the compartmentalization used in the large scale cyber attack using Claude last year. Where they were able to do Bad Thing by dividing it into many, many Small, Seemingly Harmless Things.
Gated access sounds bad (and I agree it sounds bad!) but it might actually be the only sensible response to such a set of conditions. I'm not sure though.
--
I saw some studies recently which showed LLMs provide much more detailed information to expert users. So we can distinguish between competence and incompetence based on use of language, and that is a reasonable metric for harm reduction.
But I don't think we can reliably detect "user has harmful intentions", at least not at a sufficient level of sophistication of the attacker.
Applicable to only those of the US (who choose to comply), which would mean giving non-US an advantage, which is a distinct no-no. They tried to restrict Fable to only-US, but that backfired since the world isn't at all clean cut, resulting in full unavailability of the model
Without international treaty and regulation restricting frontier capabilities globally, any attempt to outlaw open source models will only be as effective as King Canute ordering the tide to turn. Unless the USA fancies bombing those who refuse.
It cannot. The only available law is an export control law. A restriction on an open model would be strongly unconstitutional due to a freedom of speech guarantee in the Constitution.
Maybe? It seems like their strategy is to accept that safety is imperfect, err on the side of over-triggering, and iterate.
I don’t think it’s a black and white “if fable 5 over triggers on bio safety in 2026, that’s the final pattern we should expect to see from post-Mythos 20 in 2036”
"Making Claude a chemist" is a punch in the face of all us here after we got a taste of Claude fable blocking almost any STEM-related topic. So i don't know what Story Anthropic wants to tell us with this blog. Probably more like "Hey, look at what awesome tricks Claude can do which of course you will never experience because you're not american, not friends with the CEO, not rich or simply because fuck you"
I think one time I asked opus about copyfail when it just came out and it did treat me like some sort of criminal, but are there really people that run into this on a regular basis other than cybersecurity experts (which cannot be a big enough group to generate all of this criticism)?
I have been trying to work on debugging tools using Opus 4.8. As it turns out working with low-level techniques that inspects and alters behavior of other processes is bordering close enough to cybersecurity research that it often hits the guardrails.
It would make more sense to have specialized versions of Claude instead of having a universal one ie BioClaude, ProgrammerClaude, NuclearClaude, CyberSecurityClaude, et al
This would be both safer and less annoying to use.
The non-professional side of Organic Chemistry is one place where I think AI would really shine.
Feels complex like solving a Rubik's cube to write down synthesis steps but it is all a sequence of memorized tricks. Do Cannizaro if you want this, Bergmann to do that.
But the synthesis plan is only 10% of the actual work.
The gap between writing down the synthesis step and actually doing it is also extremely large.
Even if you get the right molecule, it might be the wrong way around or just clump up into a useless mess.
The Ritonavir episode of Veritasium is a great example of how all chemistry on paper is a mere shadow of what actually happens in real life.
> Feels complex like solving a Rubik's cube to write down synthesis steps but it is all a sequence of memorized tricks. Do Cannizaro if you want this, Bergmann to do that.
I remember two years ago, when I actually got into using graph data structures, wondering if maybe the "space" of available reactions for any given starter and target molecules could be mapped as a graph, with intermediates as nodes and reactions as weighted directed edges, so synthesis becomes pathfinding through chemical space.
Turns out, it’s a thing! [^0]
Edit: Makes you wonder how much interesting stuff is sitting in plain sight, waiting for someone with the right cross-domain awareness / knowledge / whatever to notice it.
There is a lot of graph theory in Chemistry - modelling chemicals as (vertex/edge coloured) graphs, reaction networks, etc.
Of course some molecules (eg aromatic systems, like ferrocene) are not naturally representable as graphs. I wonder if it is the same with synthesis - are there reactions hard to model as a graph (or petri net or whatever). One simple example I know is that you have to be careful with including a node for 'water' as it gets connected to everything else! Or at least in biochemistry it does.
A metal atom sandwiched between two Cp rings. You _can_ model this as 5 single bonds between each atom of a ring (so 10 total C-M bonds), or you have to have some kind of 'edge' (bond) between the ring as a whole and the metal.
The more general issue is that a graph model of a chemical assumes a 'bond' is between exactly two atoms. Three-center hydrogen bonds are another example where this model fails to capture the chemistry very well.
Of course, it's a tradeoff - you can model _most_ compounds with just graphs (plus atom type, charge, chirality) and the relatively few that do not quite fit are special cases.
Hamilton Morris and his stuff on clandestine chemistry is super interesting in this domain. Sometimes the chemistry is straight forward but access to certain chemicals is hard, so the procedure must change based on what's available not necessarily what's ideal
Modern biochemistry (so far) IS vibe coding lol. You mostly have vibes on how the chemistry should work, based on (very strong) natural evidence coupled with theoretical development and lab studies. Then you mix and match, goading bacteria and praying that they produce what you want in good measure. Then you take their secretions and run chromatography studies on them to check if that's what you actually want, or whether it's just some random bullshit. If it's the latter, you have to toss that out and start all over again.
Organic chemistry seems like a discipline better done by chemists than forward deployed staff with their payoff function sharply truncated at an IPO which at this point may or may not happen on schedule.
Combine it with automated lab like this[1][2][3][4][5] (and many others) and it will iterate much quicker. Some already do but at a smaller scale, AFAIK.
I feel like chemistry is one thing that current models will struggle with for the next while, because it's inherently 3D. In the micro world, shape = function. Maybe enough textual patterns will let it under chemistry, but like how do you describe a hydrogen shift without showing how it moves positions and rebalances bonds?
I think this is a very interesting concept/question. I feel like programming is more about shapes than anything else… but they seem to have mastered that fairly easily… but I totally get your point!
I work a lot with the geometry side of computer vision (camera calibration, 3d reconstruction etc.) and LLMs have been really bad in this space. They throw stuff at the problem until a minor improvement is made by over fitting on a testset, then gaslight that this is the best thing possible. Then I go do something like working with raster-based data, or some JavaScript based visualization, and it goes super smoothly.
you can already get that information by reading books in the library.
The biggest barrier is not information, it's the ability to secure enough of the materials and equipment.
For example, information for how to make a nuclear weapon is already there in the library. However, mining enough yellow cake and then purifying it is an industrial scale operation, out of reach unless you are a nation state, and have good mountain tunnels, etc. To a lesser extent, this is also true for producing chemical weapons. The theory is there, but actual production extremely out of reach. No LLM can help you there. (You can verify by reading up on Aum Shinrikyo to get an idea of the staggering scale required)
Sure, information on all sorts of things is in “the library”. But (a) most people in the world don’t have access to a decent library (if you’re on HN you’re statistically much more likely to), (b) most people have no idea how to use one (same), and most importantly (c) AI will distill the knowledge from ten books you might need to read into step by step simple instructions if you ask.
Highly unlikely. Just the energy cost of running centrifuges, let alone manufacturing them is impossible to hide. It's staggering when you consider it.
To put some more perspective, an LLM could show you how to make a Boeing 747 in detail, but the actual chance of someone making one with no tools and logistics would be 0.
Step 1. Make it so Claude can do anything — the whole point of AGI
Step 2. Wait, if the user can do Anything, that would be Very Bad!
Step 3. Err on the safe side with blanket bans of entire fields
The latter actually seems to me a sensible reaction to e.g. the compartmentalization used in the large scale cyber attack using Claude last year. Where they were able to do Bad Thing by dividing it into many, many Small, Seemingly Harmless Things.
Gated access sounds bad (and I agree it sounds bad!) but it might actually be the only sensible response to such a set of conditions. I'm not sure though.
--
I saw some studies recently which showed LLMs provide much more detailed information to expert users. So we can distinguish between competence and incompetence based on use of language, and that is a reasonable metric for harm reduction.
But I don't think we can reliably detect "user has harmful intentions", at least not at a sufficient level of sophistication of the attacker.
reply