GPT-5.5 Is Still Live in Hong Kong — So Why Is Fable 5 Banned

My engineering team came to me with a question I couldn't immediately answer. It was Saturday, June 13, 2026 — the morning after Anthropic had pulled Fable 5 and Mythos 5 from global availability — and one of my developers had spent the night running capability comparisons. He pulled up his benchmarks and asked: "If GPT-5.5 is still live through Copilot, and Gemini Ultra is still live, and we can do the same code vulnerability analysis with either of those, what exactly did the US government just protect us from?"

I didn't have a satisfying answer. And the more I've researched it since, the less satisfying the government's position becomes. The Fable 5 export control directive, evaluated on its own stated terms — preventing the exploitation of a specific jailbreak technique that enables AI-assisted software vulnerability discovery — is one of the most internally inconsistent policy documents in the recent history of technology regulation.

Let me establish exactly what was available in Hong Kong on the day Fable 5 was shut down, because the contrast matters for evaluating the policy logic.

Blocked or restricted: Fable 5 and Mythos 5 — shut down globally by government directive as of June 12, 2026, 5:21 PM ET. No access via any pathway.

Fully available: - GPT-5.5 through Microsoft Copilot (Microsoft explicitly carves Hong Kong out of its China restrictions) - GPT-5.5 through Perplexity, which aggregates multiple models for Hong Kong users - Google Gemini Ultra, available directly in Hong Kong since March 2026 - DeepSeek R2 via direct API with no nationality restrictions - Meta Llama 4 series via various hosting providers - Grok via xAI's platform - Earlier Claude versions (Opus 4.8 and below) via Perplexity aggregation

The model that was shut down is categorically not the only model capable of performing the action that justified the shutdown. That statement is not contested by anyone in the technical community, by independent AI safety researchers, by Anthropic itself, or reportedly by the US government officials who drafted the directive. And yet Fable 5 is offline and GPT-5.5 is not.

The US government's case for the shutdown rested on a single technical claim: that Fable 5 could be "jailbroken" by asking it to read a specific codebase and identify software vulnerabilities. Let's examine what this means technically and why it matters for evaluating the policy.

According to Anthropic's public statement, the government provided verbal evidence (not written documentation) of a potential jailbreak vulnerability. The technique, as described, involves presenting Fable 5 with a software codebase and asking the model to identify security flaws within it. The government's concern is that this capability could be exploited to identify vulnerabilities in critical infrastructure software, financial systems, or other high-value targets.

This is a real category of concern. AI-assisted vulnerability discovery is a legitimate dual-use risk. Sophisticated cyberattacks increasingly use automation to accelerate the vulnerability identification phase of an attack chain, and a model as capable as Fable 5 plausibly offers meaningful acceleration to that process.

Anthropic's response addressed the specific claim directly. First, they characterised the jailbreak as "narrow and non-universal" — meaning it doesn't work consistently across all queries or all codebase types. Second, they noted that the vulnerabilities discovered through this method were "a small number of previously known, minor vulnerabilities" that "appear relatively simple." Third, and most important for our purposes, they stated explicitly: "Other publicly-available models can discover the same vulnerabilities without requiring a bypass."

That last statement is the crux of the issue. If GPT-5.5 can perform equivalent code vulnerability analysis without even requiring a jailbreak — which is consistent with what Anthropic's engineers tested — then the Fable 5 shutdown didn't prevent anything. It just inconvenienced Anthropic's commercial relationships.

Researchers and practitioners who evaluated the specific capability in question after the shutdown were consistent in their findings: modern frontier code models broadly share the ability to perform static analysis-style vulnerability identification. GPT-5.5, which has strong code reasoning capabilities, can be prompted to analyse software for security issues in ways that substantially replicate the capability the government was ostensibly trying to restrict. Gemini Ultra's code reasoning similarly covers this domain. The notion that Fable 5 uniquely or decisively enabled this capability in a way that no available alternative could provide is not supported by the technical evidence in the public record.

The presence of GPT-5.5 in Hong Kong throughout this entire episode is not just an embarrassing inconsistency. It is direct evidence that the Fable 5 export control directive either does not accomplish its stated purpose, or was not designed primarily to accomplish its stated purpose.

GPT-5.5 is OpenAI's mid-2026 flagship model, positioned between the broadly capable GPT-5 series and the specialist research models. It has extremely strong code analysis capabilities. It can read codebases of substantial size, reason about architectural patterns, identify common vulnerability classes including injection attacks, memory management issues, authentication flaws, and cryptographic weaknesses. It can be prompted with specific vulnerability frameworks like CWE, OWASP, or NIST guidelines and apply those frameworks to code analysis. In terms of the specific capability the government was concerned about, GPT-5.5 is at minimum comparable to Fable 5 and arguably superior in some code-specific domains.

GPT-5.5 is accessible to Hong Kong users today through Microsoft Copilot — no VPN required, no workaround needed, no nationality verification. It is also accessible through Perplexity, which HKT has been bundling free to consumers since 2025. Any Hong Kong-based actor with a legitimate or illegitimate desire to exploit AI-assisted vulnerability discovery has had continuous, uninterrupted access to a model fully capable of providing that assistance throughout the period since Fable 5 was shut down.

There are several possible explanations for the disparity, and none of them reflect well on the coherence of US AI export control policy.

The timing theory — The directive was issued on June 12, three days after Fable 5 launched. The government may have been reacting specifically to the Fable 5 launch rather than conducting a comprehensive review of which models pose which risks. Under this theory, the directive is an artifact of timing and bureaucratic process rather than a principled capability assessment. GPT-5.5 had been available for longer and hadn't recently been the subject of media attention or policy discussion.

The commercial relationship theory — OpenAI and the current US administration have a notably different relationship than Anthropic does. Anthropic's relationship with the Trump administration ruptured when Anthropic refused to allow US military use for domestic surveillance and fully autonomous weapons systems. The government subsequently placed Anthropic on a Pentagon contractor blacklist. OpenAI, by contrast, has been more accommodating to government partnership requests. Under this theory, the directive is at least partially punitive — a continuation of the political conflict between Anthropic and the administration — dressed up in national security language.

The jurisdictional theory — OpenAI technically does not directly serve Hong Kong through its ChatGPT platform. The accessible version of GPT-5.5 runs through Microsoft's infrastructure, which has made its own representations to the US government about its compliance frameworks. The government may consider GPT-5.5 effectively regulated through Microsoft's enterprise controls in a way that direct Claude API access is not. This would make the directive a jurisdictional one about access pathways rather than capabilities.

None of these explanations, individually or in combination, constitutes a principled rationale for why Fable 5 should be unavailable in Hong Kong while GPT-5.5 is freely accessible.

The Fable 5 versus GPT-5.5 disparity creates a specific and damaging dynamic in the Hong Kong market that compounds the already-problematic access restrictions.

Enterprise AI procurement is not purely a technical decision. It involves vendor evaluation processes, security reviews, legal review of service terms, and board-level risk assessments about platform reliability. When two models offer comparable capabilities but one has demonstrated that it can be shut down by US government directive without notice while the other continues operating, the procurement decision is not hard. Enterprises will rationally favour the model with demonstrably more reliable access guarantees — even if, absent the shutdown risk, they might prefer the other model for technical reasons.

The Fable 5 incident has permanently shifted some portion of Hong Kong enterprise AI procurement toward OpenAI models running through Microsoft's infrastructure, simply because Microsoft has demonstrated it can maintain service continuity where Anthropic could not. This is not a commentary on model quality. It is a comment on institutional reliability as a procurement criterion — and Anthropic lost that battle decisively on June 12.

There is a direct cost, beyond commercial market distortion, to the security theatre dimension of an export control regime that can be trivially circumvented by switching to an equivalent model from a different provider. When security controls demonstrably don't accomplish their stated purpose, they undermine confidence in the legitimacy and proportionality of the entire regulatory framework. They make future controls harder to implement credibly. They create a pervasive sense that compliance obligations are arbitrary rather than principled.

This matters for Hong Kong's business environment because the credibility of regulatory frameworks — American ones, Hong Kong ones, and international ones — is a genuine asset for operating in a market that positions itself as a trusted intermediary between global and Asian commerce. Arbitrary-seeming US policy actions that produce no security benefit while imposing commercial costs don't just harm Anthropic's revenue. They degrade the perceived seriousness and professionalism of the regulatory environment that both US and Hong Kong businesses have to navigate.

If the US government genuinely wanted to prevent AI-assisted software vulnerability discovery from being accessible to potential adversaries in certain jurisdictions, a consistent policy would have to apply across all models with comparable capabilities. That would mean restricting access to GPT-5.5, Gemini Ultra, the complete Claude family, and potentially Meta's Llama series — since open-weight models can be downloaded and run locally with no geofencing whatsoever.

It would also need to grapple with the fact that China has its own frontier code models. DeepSeek and similar mainland-developed models have demonstrated strong code analysis capabilities. An access restriction that only applies to US-origin models, while leaving Chinese alternatives unrestricted, does not reduce the overall cognitive difficulty of the task for a determined adversary. It merely shifts which models they use.

A consistent policy would also have to address the Microsoft Copilot pathway explicitly, since that pathway provides GPT-5.5 access to Hong Kong users through a US company's infrastructure without nationality verification. The current regime allows this while banning Fable 5 — a selectivity that cannot be explained on capability grounds.

The deeper policy challenge is that frontier AI capabilities are not discrete and enumerable in the way that, say, nuclear material or advanced microchip specifications are. Code vulnerability analysis is a capability distributed across essentially all sufficiently large language models. The question is not whether a model "has" the capability but how capable it is and what the marginal risk contribution of the most capable model is relative to widely available alternatives. To justify shutting down one model on national security grounds, you have to make the case that the marginal increment in capability it provides is meaningful relative to what adversaries could access through alternative channels. That case was not made for Fable 5, because in the specific domain cited — code vulnerability analysis — the marginal increment over readily available alternatives was not credibly demonstrated.

The disparate treatment of Fable 5 and GPT-5.5 matters for Hong Kong's technology sector beyond the immediate commercial disruption. It has generated a specific and damaging lesson among Hong Kong enterprise and startup founders: US AI access is contingent on factors that have nothing to do with your legitimate business use case and everything to do with the domestic political relationship between a specific AI company and the current US administration.

That lesson will not be forgotten. It will inform vendor selection, platform architecture decisions, and investment priorities for years. It will accelerate the trend toward multi-model architectures designed to eliminate single-vendor dependency. And it will continue pushing attention toward models from providers who don't carry the same geopolitical reliability risk — whether that's Google, Microsoft, or non-US alternatives.

The question I couldn't answer for my developer on that Saturday morning still doesn't have a good answer. What exactly did the US government protect us from by banning Fable 5 while leaving GPT-5.5 live? Based on everything I can find in the technical record and the policy documents, the honest answer is: nothing that GPT-5.5 couldn't accomplish. Which means the shutdown protected no one from anything — while costing everyone who relied on it something real.

The contrast between Fable 5's global shutdown and GPT-5.5's continued availability in Hong Kong is not a minor inconsistency worth overlooking in the interest of supporting US national security objectives. It is evidence that the directive either lacked a serious capability assessment process or was influenced by factors other than the stated national security rationale. Either possibility is deeply concerning for anyone who has to make long-term technology platform decisions in a market subject to these controls.

Hong Kong technology companies, investors, and founders are not naive about geopolitics. We understand that the US-China technology competition is real and consequential. We understand that national security considerations sometimes override commercial interests. What we reasonably expect, and what we are not currently getting, is a policy framework whose stated rationale is coherent and whose application is consistent. The Fable 5 situation fails on both counts — and the GPT-5.5 comparison makes that failure impossible to ignore.