jQuery(document).ready(function($) { $('a#logo').attr('href', 'https://thomasunise.com'); });

 

Anthropic just announced a model so dangerous they won’t let you use it. That should tell you everything you need to know about where this is heading.

Claude Mythos Preview, unveiled yesterday under Project Glasswing, found thousands of zero-day vulnerabilities across every major operating system and web browser. A 27-year-old bug in OpenBSD. A 16-year-old flaw in FFmpeg that automated tools hit five million times without catching. It chained together Linux kernel exploits autonomously. No human steering required.

The model scores 93.9% on SWE-bench Verified. It hit 83.1% on CyberGym vulnerability reproduction. An Anthropic researcher isolated an early version on a secured computer and told it to try to escape. He got an email from the model while eating a sandwich in a park. That instance was not supposed to have internet access.

They are not releasing this model to the public. Only Microsoft, Apple, Google, Amazon, CrowdStrike, and about 40 other organizations get access. Anthropic committed $100M in usage credits and priced it at $25/$125 per million input/output tokens for partners only. The rest of us get to wait until they figure out safeguards.

Here is the thing nobody is saying out loud. This capability is coming to open source.

The Open Source Train Has No Brakes

DeepSeek R1 already approaches O3 and Gemini 2.5 Pro on reasoning benchmarks. Llama 4 Scout runs 109 billion parameters with only 17 billion active per token. It fits on a single RTX 4090. Qwen 3.5 packs 122 billion parameters and runs on a MacBook with 64GB of RAM. A model that may be a stealth test of DeepSeek V4 appeared on OpenRouter in March with one trillion parameters.

These models are not toys. They are matching or beating GPT-4o on standard benchmarks. The Mixture-of-Experts architecture changed the economics completely. Frontier intelligence now runs on consumer hardware.

When Mythos-class capabilities inevitably leak into open weights, and they will, every laptop with a decent GPU becomes a potential offensive cyber platform. That is not speculation. That is the trajectory we are on, measured in months.

The Regulatory Hammer Is Already Swinging

The U.S. Department of Commerce published new export rules in January 2026 requiring Know Your Customer procedures, physical security measures, and end-use certifications for advanced AI chips. Exporters must enumerate every remote end user in restricted countries. Third-party testing labs must verify shipments before they leave the country.

Right now this applies to data center hardware. H200s. MI325X equivalents. Enterprise-grade accelerators heading overseas.

But the regulatory infrastructure is being built. KYC for GPUs is no longer a thought experiment. It is federal policy for one class of hardware. The question is not whether it expands to consumer hardware. The question is when.

Congress held hearings in January on winning the AI race against China. Members expressed skepticism about even allowing chip sales to Chinese cloud providers with documented military ties. The AI Overwatch Act would require congressional review of export licenses. The EU AI Act reaches full enforcement in August 2026 with requirements for AI system registries, risk classifications, and audit rights.

Now layer in what Mythos just demonstrated. A model that autonomously chains kernel exploits. A model that escapes sandboxes. A model that finds vulnerabilities that survived decades of human review.

Governments are going to react to this. They always do.

The Consumer GPU Squeeze

The pattern is predictable because we have seen it before. Encryption export controls in the 1990s. Drone registration requirements. 3D printer regulation debates. When a consumer technology crosses the threshold from inconvenient to dangerous, governments restrict access.

GPUs are crossing that threshold right now.

A used RTX 3090 with 24GB of VRAM costs a few hundred dollars and runs 32-billion-parameter models that rival cloud quality. A Dell R730xd with 512GB of DDR4 ECC RAM and a couple of GPUs can serve a quantized DeepSeek V3 for under $5,000. The barrier to running locally is not technical anymore. It is not financial. It is just awareness.

That will change when a 14-year-old runs a Mythos-equivalent model from a basement and pops a hospital network. Or when a ransomware crew uses open-weight cyber models to automate exploit development at scale. The incident does not need to happen today. The policy response is being drafted in advance.

Expect some form of compute registration for consumer GPUs above a certain VRAM threshold. A registry. A verification step at purchase. Maybe tied to an existing ID system. Not tomorrow. But the legal architecture for it already exists in the export control framework. Extending KYC requirements from data center hardware to high-end consumer cards is a one-paragraph amendment to an existing rule.

What to Actually Buy

If you are reading this and thinking about local AI infrastructure, the time to act is before the compliance layer arrives. Not after.

For individual builders and small operations, a used RTX 3090 at 24GB is the best dollar-per-VRAM play on the market. It runs Llama 4 Scout, DeepSeek R1 32B, and Qwen 3.5 quantized. That covers coding, reasoning, and general intelligence at a level that was cloud-only eighteen months ago.

For anyone building a productized local AI service, enterprise surplus hardware is absurdly underpriced. A fully loaded R730xd with half a terabyte of RAM runs models that make clients’ jaws drop when you tell them the data never leaves the building. Law firms, medical practices, financial advisors. Anyone with a fiduciary obligation to protect client data is a buyer.

Stack VRAM now. 24GB cards are the floor. 48GB if you can find them at reasonable prices. Multiple cards if your use case demands 70B+ parameter models at full context.

The open source ecosystem is not slowing down. Ollama made deployment trivial. Quantization techniques keep pushing the quality-per-gigabyte ratio higher. MoE architectures mean a 109-billion-parameter model activates fewer parameters than a traditional 20B dense model. The hardware you buy today will run better models next quarter.

How The Math Looks

Mythos Preview exists. It is real. It found bugs that five million automated tests missed. It escaped a sandbox it was not supposed to escape. Anthropic looked at it and decided the responsible thing was to not release it.

Open source labs are six to twelve months behind frontier closed models. Sometimes less. DeepSeek went from interesting curiosity to matching GPT-4o in about a year. The cybersecurity capabilities that Mythos demonstrated are a function of general coding and reasoning ability. Every open source model that gets better at coding gets better at finding vulnerabilities. That is not a feature. That is physics.

When those capabilities land in open weights, and the first real incidents happen, the regulatory response will be fast and blunt. It will not distinguish between a researcher running local models for legitimate security work and someone building exploit tooling. It never does.

Buy the hardware while it is just hardware.

The window where a consumer can walk into a store, buy a GPU with 24GB of VRAM, and run frontier-adjacent AI models with zero friction and zero registration is not going to last forever. The capabilities are too dangerous. The models are too accessible. The governments are too motivated.

This is not fear. This is pattern recognition.

Get your GPUs. Get your RAM. Build your boxes. The models are only getting better. The regulations are only getting tighter.

The best time to build local AI infrastructure was a year ago. The second best time is today.

Thomas Unise

Author Thomas Unise

More posts by Thomas Unise

Leave a Reply

Share