{{ 'now' | timezone: 'America/New_York' | date: '%b %d, %Y' }}
|
|
|
|
Welcome to The Hidden Layer. I’m Ian Krietzberg. Congratulations to Marc
Andreessen, one of the nation’s most prolific funders of super PACs and D.C. lobbyists, who was named to Pete Hegseth’s Defense Policy Board yesterday…
Today, a look at the Trump administration’s semi-solidifying stance on A.I. regulation and what this new positioning
portends for the industry’s economic prosperity—and its cold war with China. (Every source I spoke to during the past few days began and ended our calls with some version of, “Interesting times.” Aren’t they?) Plus, news and notes on NHTSA’s push to take brakes out of cars, and a new layer of cybersecurity risk posed by the mere existence of A.I. coding models.
Programming note: We’re going dark on Thursday for July Fourth. Hoping the storms hold off, your beers stay cold, and
your fireworks are bright. I’ll be back in your inboxes next week.
Also mentioned in this issue: David Sacks, Arthur Tellis, Elon Musk, Anthony Aguirre, Peter Harrell, Charles Poon, Jesse Kirkpatrick, Michael Horowitz, Chris McGuire, and more.
|
Two Things You Should Know…
|
- “Agentjacker”
hysteria: There has never been a shortage of concern about the cybersecurity risks and threats posed by advanced A.I. systems. But many of the cyber-worries deal with direct impacts—e.g., a bad actor leveraging something analogous to Claude Code to exploit weak points in some other organization’s codebase. Now, there’s something else to be worried about: the injection of fake errors into coding workflows as a means of hijacking a company’s coding agents, which can then be directed
to execute all sorts of disastrous actions. Researchers at Tenet Security, which identified such an attack earlier this month, dubbed this new kind of exploit “agentjacking.”
Agentjacking circumvents normal security procedures, such as firewalls, since the coding agents operate behind them in the first place. In real-world tests, the researchers found that 2,388 organizations, including Fortune 100 companies, were susceptible to the attack, which had an 85 percent success rate. “A.I.
coding agents cannot tell the difference between the data they read and an instruction to act,” Tenet warned. “Plant a command somewhere [and] an agent will read it—even somewhere no human would ever look for one—and the agent may simply execute it. … Agents themselves are now the attack surface, turned against the developers who trust them.”
In
an analysis of the attack, the Cloud Security Alliance said that agentjacking “points to a governance gap that available evidence suggests affects a broad cross-section of organizations: Most have not yet developed explicit policy governing which data sources A.I. agents are permitted to query, under what conditions, and with
what content-handling requirements.” - No brakes for progress!: The U.S. Department of Transportation has proposed a series of rules that would drop requirements for new vehicles to have hand or foot brakes, provided those vehicles were never intended to “be operated by a human.” The change is meant to smooth the regulatory path for
autonomous vehicles built without manual controls, like Amazon’s box-shaped Zoox taxis. (Waymos, meanwhile, are retrofitted base models, which is why they feature steering wheels and pedals.) “Though these vehicles currently are not available for consumer purchase, there is considerable testing, development, and validation of these vehicles, as well as localized deployment by manufacturers and rideshare operators,” the rulemaking document reads, adding that the National Highway Traffic Safety
Administration is working to “remove unnecessary barriers to technological innovation while ensuring motor vehicle safety is not compromised.” (Cars without visible brakes must still meet the same stopping standards as normal cars.)
Jesse Kirkpatrick, the co-director of George Mason University’s Autonomy and Robotics Center, told me that he doesn’t see any of this as “inherently problematic.” But among the issues, he said, are “what replaces the human driver’s
judgment—i.e., when the system decides to brake, how it handles edge cases, what happens when sensors or compute degrade, and how regulators validate performance after deployment. The risk is that the removal of the brake pedal occurs before we have proven answers to these questions.” Good luck, everyone.
|
Hallucination of the Week
|
Recently, Ford
rehired hundreds of veteran software engineers after A.I. systems
didn’t quite live up to its expectations. “Mistakenly, we thought that by just introducing artificial intelligence and ingesting the design requirements that we had, that would produce a high-quality product,” Charles Poon, vice president of vehicle hardware engineering, told reporters. Ford is not the first company to pivot from its pivot: Klarna made headlines for doing the same last year, bringing back its humans.
|
And now for the main event…
|
|
|
|
In the wake of a new federal review process for frontier model deployments, some in the
industry are worried that Trump & Co. might be handing the A.I. race to the Chinese. Can an administration known for chaos provide a sufficient vetting framework and process—stat?
|
|
|
|
Last week, OpenAI announced its latest model release with slightly less fanfare than usual. Sure,
the industry is excited about GPT-5.6 Sol, Terra, and Luna. But, in a twist, the new model family is launching only as a limited preview “for a small group of trusted partners” vetted by the U.S. government. According to a company blog post, the staggered rollout is a “short-term step” while OpenAI works with the Trump administration to comport with the White House’s
suddenly very hands-on approach to A.I. regulation: “We don’t believe this kind of government access process should become the long-term default. It keeps the best tools from users, developers, enterprises, cyber defenders, and global partners who need them.”
It’s all somewhat head-spinning. Until recently, the administration was ostensibly gung ho about removing bureaucratic obstacles to A.I. adoption. But everything changed after Anthropic previewed Mythos, which
demonstrated advanced cybersecurity capabilities. Earlier this month, the government leveraged export controls to force Anthropic to essentially shut down its most advanced models—an outcome that was surely lingering in Sam Altman’s mind when he struck this latest agreement. (On Friday, Anthropic said it was
permitted to redeploy Mythos “to a set of U.S. organizations that operate and defend critical infrastructure.” Meanwhile, Fable, the publicly available version of Mythos, remains offline.)
For industry observers, the administration’s focus on GPT-5.6 signaled that its newish regulatory posture was not simply designed to punish Anthropic. On the contrary, said Arthur
Tellis, a senior technology fellow at the Institute for Progress, this “improvised pseudo-regulatory regime” is clearly the result of a growing recognition of “the very real security risks posed by broad access to general intelligence”—risks, he said, that were “anticipable” a year ago or longer. Interestingly, Tellis added, “the national security enterprise now appears to be driving more of the government’s policy response,” largely by controlling access to these tools rather
than trying to shape the technology itself. (OpenAI did not return a request for comment, and neither Google nor Meta commented on whether the latest moves have affected their approach to frontier model deployment.)
The volte-face has been particularly galling for former White House A.I. czar David Sacks, who had been instrumental in Trump’s original
A.I. Action Plan. “A year ago, President Trump declared that America was in a global A.I. race and that the way to win it was to be pro-innovation, pro-infrastructure, pro-energy, and pro-export,” Sacks wrote on X over the weekend.
“President Trump was exactly right; we deviate from that strategy at our peril.”
Others have voiced more-nuanced criticism. Anthony Aguirre, the executive director of the Future of Life Institute—which authored the famous 2023 letter calling for a six-month pause on A.I. development, signed by Elon Musk and 33,000 others—told me
that the policy shift is “hugely good news” for the world. At the same time, he said, the lack of clarity surrounding A.I. governance and policy is understandably frustrating for the industry. “I’m not someone who tends to go through life having a huge amount of sympathy for the A.I. companies, but I do a little bit here,” he said. “They have no idea what they’re supposed to do. Everyone will be better off if we have a well-thought-through structure for this.”
|
Indeed, there’s a feeling in the industry that the government is essentially making up new rules in real
time. Trump’s early June executive order had described a voluntary procedure for A.I. labs to work with the government on predeployment. Even at the time, I was cautioned by well-wired sources that the process was not, in fact, truly voluntary—which is exactly what appears to be playing out now. “We’re seeing the Anthropic action
probably have one of its intended effects—of bringing the other A.I. frontier labs to heel,” Peter Harrell, a former White House economics advisor, told me.
But this state of affairs may also be temporary. As Harrell pointed out, a process in which the U.S. government essentially handpicks the customers that labs are allowed to serve will ultimately “gum up U.S. and global deployment of U.S. models in a way that even folks in the administration who are pro-regulatory
would realize will only disadvantage the U.S. vis-à-vis the Chinese.” If the administration doesn’t abandon its approach in favor of a transparent legislative framework within a few weeks, Harrell predicted, thousands of potential customers in allied countries could instead turn toward Chinese models, whose developers have been laser-focused on catching up to the U.S. frontier. Chris McGuire, a senior fellow for China and emerging technology at the Council on Foreign
Relations, put a finer point on it, saying: “This is how we lose.”
Of course, the administration’s customer-review process also threatens cashflow for the so-called hyperscalers, which could lose out on much-needed revenue with a constrained client base. Over the short term, Tellis said, “the flywheel is kind of sustainable” given how well-capitalized these companies
are—but the fear is that the “short term eventually becomes the long run.” Michael Horowitz, a senior fellow for tech and innovation at the Council on Foreign Relations, echoed this sentiment, telling me that “there could be economic and security risks from delaying deployment for too long. This creates an obvious tension that the Trump administration will have to navigate.”
That’s not to say that controlled model releases and risk-mitigation mechanisms are incompatible
with industry growth. “It just requires patience, discipline, expertise, statecraft, and adaptive institutions,” Tellis told me. “It’s not beyond our control or our capacity. But I’m not that optimistic that anyone can really rise above their atavistic urges here.”
|
That’s all for today. Enjoy the Fourth. I’ll see you next week.
Ian
|
|
|
|
Puck sports correspondent John Ourand and a rotating cast of industry insiders take you inside the executive suites and owners
boxes where the decisions that shape the entire sports business are made. You’ll hear interviews with players, network execs, and everyone in between. The Varsity is an extension of John’s private email for Puck by the same name. New episodes publish every Wednesday and Sunday.
|
|
|
|
Puck’s daily political newsletter from Washington on what’s really happening in this town, from the White House to the Pentagon
to Capitol Hill, K Street, the campaign trail, and beyond.
|
|
|
|
Need help? Review our
FAQ page or contact us for assistance. For brand partnerships, email ads@puck.news.
You received this email because you signed up to receive emails from Puck, or as part of your Puck account associated with {{customer.email}}. To stop receiving this newsletter and/or manage all your email preferences, click here.
|
Puck is published by Heat Media LLC. 107 Greenwich St., New York, NY 10006
|
|
|
|
|