China Sought Access to Anthropic’s Newest A.I. The Answer Was No. - The New York Times

China Sought Access to Anthropic’s Newest A.I. The Answer Was No.

"The latest artificial intelligence models from Anthropic and OpenAI are extending the United States’ lead over China and intensifying the rivalry between the countries.

May 12, 2026Updated 11:36 a.m. ET

A growing number of national security officials and analysts have begun to liken the intensifying competition between China and the United States over artificial intelligence to the Cold War’s nuclear arms race.Marissa Leshnov for The New York Times

A representative from a Chinese think tank approached officials from Anthropic at a meeting in Singapore last month to insist that the company change its stance and give Beijing access to its powerful new artificial intelligence model, according to people briefed on the discussions.

Anthropic refused.

The request was not an official demand from the Chinese government. But the talks in Singapore were a form of exchange that is often meant to pave the way for formal, direct diplomacy.

When officials from the National Security Council at the White House learned about the exchange at the meeting, which was convened by the Washington-based Carnegie Endowment for International Peace, they reacted with alarm. Some Trump administration officials saw it as another sign that Beijing would try every possible avenue to swiftly acquire the most powerful artificial intelligence model a U.S. company has produced so far, according to people briefed on the discussions.

However subtle, the outreach is a sign of the intensifying competition between China and the United States over artificial intelligence, which a growing number of national security officials and analysts have begun to liken to the Cold War’s nuclear arms race. Chinese analysts see the release of the latest models from Anthropic and ChatGPT as a significant advance in American technology, one that could pose a threat to China.

The escalating rivalry is an important backdrop to the summit this week between the United States and China. President Trump is scheduled to arrive in Beijing on Wednesday, for meetings with the Chinese leader Xi Jinping. While the race to develop the most effective model is unlikely to be discussed, the two sides could talk about access to the chips that power artificial intelligence or guardrails around its use.

Previewing the summit Sunday during a call with reporters, a senior U.S. official said A.I. and cybersecurity were high on the agenda with Beijing, noting concerns with “the latest models of A.I.” The official said the United States and China were exploring how to establish better communication over artificial intelligence, creating a “deconfliction” channel in which experts from each country could address the risks of artificial intelligence.

In April, Anthropic announced a new A.I. model called Mythos. The company said it was withholding it from a public release because it was skilled at finding software vulnerabilities and could cause a cybersecurity reckoning. It made the model available to the U.S. government and more than 40 organizations and companies, so that they could identify and guard against future attacks.

The technology has set off alarm bells across the world. For rivals like China and Russia, it showed the risks of falling behind in the race to develop powerful artificial intelligence. The systems have the potential to give a nation-state the upper hand in defending against — and spearheading — cyberattacks at a vast scope and scale.

For years, U.S. officials have estimated that artificial intelligence models developed by the most advanced American firms are around six months ahead of China’s best models.

But according to some U.S. government and industry officials, the latest models — OpenAI’s ChatGPT 5.5 as well as Anthropic’s Mythos — have drastically extended the lead, potentially by nine months to a year. Other American officials have been more cautious, noting that China has a track record of catching up quickly.

Last year, innovations by the Chinese firm DeepSeek showcased the country’s ability to close the A.I. gap. And DeepSeek has said that its new model was adapted to run on chips made by the Chinese tech giant Huawei, further underscoring Beijing’s push to keep pace.

Still, Chinese analysts have expressed concern over the potential of the new Anthropic model. One organization, IDC China, said that Mythos posed a significant risk to Chinese companies, and that Anthropic’s limits on its reach created a technology gap. Another analyst, highlighting the cybersecurity threat, wrote that China was sharpening swords while the other side rolled out a Gatling gun.

Chinese analysts have been particularly worried because they view Anthropic as hostile to China. The start-up is currently embroiled in suits with the Pentagon, which announced it would be removed from American government networks after a dispute over how the technology would be used.

But since its founding, Anthropic has geared its business toward U.S. national security customers. It was the first to put its A.I. models on classified American networks, for example, and has long taken pains to keep its technology out of the hands of the Chinese. In September, Anthropic expanded restrictions on its technology to include companies whose ownership structures made them vulnerable to control “from jurisdictions where our products are not permitted, like China, regardless of where they operate.”

Increasingly, both the Chinese and U.S. governments view their artificial intelligence companies — including those that produce the models and the cloud companies that host the computer networks they run on — as national assets. China blocked a $2 billion acquisition by Meta of the Chinese A.I. company Manus. China has also told some of its A.I. start-ups that they cannot accept American investment without government approval.

Anthropic and OpenAI have restricted access to their latest models to a few companies and U.S. government agencies. Both models have the ability to discover previously unknown vulnerabilities in computer networks.

Chinese officials have argued that Anthropic and OpenAI have been wrong to keep a close hold on the models, contending that China needs access to them to find vulnerabilities in software, especially to defend its own critical infrastructure.

The meeting in Singapore was hosted by Carnegie under the ground rules that participants would not attribute the information discussed at the meetings. Many of the sessions dealt with domestic regulation of artificial intelligence.

The direct request by the Chinese think tank official was made on the sidelines of the meeting, not during one of the formal sessions, according to people briefed on the events.

Matt Sheehan, a Carnegie senior fellow and the organizer of the Singapore meeting, declined to comment on the conversations held at the event last month but described the broader meeting as essential to the two countries. “It’s critical for experts in the U.S. and China to maintain lines of communication about the potential risks with A.I.,” he said. “That’s why we host these dialogues.”

Officials from Anthropic declined to discuss the Chinese request.

Liu Pengyu, a spokesman for the Chinese Embassy in Washington, said he was not familiar with the exchange at the Carnegie meeting. But he said China was committed to balancing A.I. development with security.

“China stands ready to strengthen exchanges and cooperation on A.I. with all parties, to foster shared benefits through joint consultation and to work together to create an open, inclusive and mutually beneficial development environment,” he said in a statement.

U.S. officials noted that while a member of a Chinese think tank made the overture, it was all but certain that the Chinese government had approved and directed the message. Beijing typically exercises a strong degree of control over its think tanks, especially when they are engaged in unofficial diplomacy, like that type of exchange, known as a Track 2 dialogue.

While China’s official government line has been that its technology sector will be able to innovate independently and can overcome restrictions placed on it by the United States, Chinese companies have been more worried about their access to advanced chips, according to American industry officials and independent researchers.

U.S. officials are hoping the American companies will continue to delay China’s access to the most advanced chips so that American spy agencies may be able to use the new program to gain access to sensitive Chinese networks, according to former U.S. officials.

Industry officials are trying to persuade China to change its strategy on artificial intelligence and to not make its most powerful new models open source, which anyone can use. Putting a model that has the ability to quickly infiltrate networks in the hands of hackers could unleash chaos around the globe, security experts have said.

But Chinese officials remain skeptical, as the United States continues to look for ways to extend its lead over competition from Beijing. American companies including Anthropic, OpenAI and Google have accused Chinese firms of trying to steal their technology by essentially copying a model’s core competencies. Reuters reported last month that the State Department had sent a diplomatic complaint to China warning it against the practice.

Congress and the Trump administration are also increasing funding for an arm of the Commerce Department that devises export controls on chips and other technology.

A correction was made on 

May 12, 2026

: 

An earlier version of this article misstated the day President Trump is scheduled to arrive in Beijing. It is Wednesday, not Thursday.

Dustin Volz writes about cybersecurity and intelligence for The Times. He is based in Washington.

Julian E. Barnes covers the U.S. intelligence agencies and international security matters for The Times. He has written about security issues for more than two decades.

Sheera Frenkel is a reporter based in the San Francisco Bay Area, covering the ways technology affects everyday lives with a focus on social media companies, including Facebook, Instagram, Twitter, TikTok, YouTube, Telegram and WhatsApp.

Tripp Mickle reports on some of the world’s biggest tech companies, including Nvidia, Google and Apple. He also writes about trends across the tech industry like layoffs and artificial intelligence."

China Sought Access to Anthropic’s Newest A.I. The Answer Was No. - The New York Times

Neil deGrasse Tyson: Elon Musk's DELUSION?

 

 

Neil deGrasse Tyson: Elon Musk's DELUSION?

 

Passkeys Are the New Passwords. You Should Start Using Them Now.

​

​

April 29, 2026

Max Eddy/NYT Wirecutter

By Max Eddy

“Max Eddy is a writer who has covered privacy and security — including password managers, VPNs, security keys, and more — for over a decade.

For 15 years, experts have told me that passwords are the biggest problem with online security and that’s just the way it is. The passwords that people make up are easily guessed by machines, and the ones that can’t be guessed are too hard to remember. 

Over time, as more and more passwords became necessary, many people simply recycled theirs across different accounts — creating a precarious situation where one phished password or data breach gave an attacker access to the victims’ email, bank accounts, and anything else that shared that password. 

Then came password managers, services and software in which a person could safely store all of their complex passwords and thus need to remember only a single password: the password for their password manager. This technology addressed, but didn’t solve, some of the problems. If people put in the effort, they could eventually have unique and complex passwords everywhere. But the majority of people did not opt to take on this herculean task that brought no immediate reward except that (maybe) in the future something bad might not happen to them (possibly). And a smart attacker could just phish even the best passwords anyway.

Two-factor authentication was the next bandage on the gaping wound of passwords. With 2FA protecting you, an attacker could have your password but wouldn’t be able to use it without a second confirmation, such as a code generated by an app or sent by text message. But another hoop to jump through for logging in remains a hard sell. And a smart attacker could just (you guessed it) phish most forms of 2FA anyway.

But passkeys are different. Instead of trying to fix unfixable passwords, passkeys are an entirely new technology that securely logs you in without your needing to remember your password or to perform a 2FA ritual. Passkeys are not perfect, and we’re still a ways off from their being commonplace, but learning what a passkey is and how to use it moves you a little closer to a more secure future.

What is a passkey?

A passkey is, essentially, a digital key that “unlocks” your online account by securely logging you in without a password. In Tamora Pierce’s fantasy novel First Test, knight student Kel acquires a lock for her room that opens only when she speaks a magic word while turning an equally magical key. This is, in high-fantasy terms, a passkey: It works on only one door, it can’t be duplicated, and it works only when the owner allows it to do so with a magic word.

When you have a passkey, your device, instead of prompting you to type in your password, automatically finds your passkey and asks your permission to use it. You then authenticate it with a PIN, facial recognition, or a fingerprint scan, and only then does it log you in to your account. 

“A passkey is like a super-long password that you can’t copy-paste, but that your computer and phone can use to log in to a website quicker and more safely than a password,” said Jacob Hoffman-Andrews, a senior staff technologist at the Electronic Frontier Foundation. 

Passkeys can’t be forgotten, unlike passwords. Passkeys are bound to specific websites, so there’s no risk of their being used on a phishing site or being sent to a savvy scammer. And unlike passwords, they can’t be exposed if the site where you have an account has a data breach.

“In a world where AI can mimic voices and generate flawless phishing emails at scale, passkeys are the most critical defense we have to prevent credential theft,” said Derek Hanson, chief technology officer for Yubico, the maker of Wirecutter’s favorite security keys and a major force behind the creation of passkeys.

Build your virtual keychain

The first thing you need to create a passkey is to figure out where to store it. 

You can create a passkey in a few places: on your device, in a password manager, or on a physical piece of hardware called a security key. Regardless of where you store your passkeys, they’re secured with end-to-end encryption. As a result, Apple, Google, Microsoft, and your password manager don’t have the means to decrypt them. Only the devices that you authorize can access your passkeys.

You may have seen some of the biggest sites on the internet — such as Amazon, Google, and PayPal — prompt you to create passkeys. And the reason is that many of the biggest tech companies actively support them. Apple, Google, and Microsoft all back passkeys, and their devices are set up to create, store, and use passkeys. If you’re just starting out with passkeys, we recommend using whatever the default option is on your device.

The passkeys you create can automatically sync between devices to be more available to you — but that feature is limited by where you store your passkeys. Passkeys made on iPhones, iPads, and Macs are saved to the Apple Passwords app and automatically sync between devices where you’re logged in with your Apple ID. Android devices, Chromebooks, and the Chrome browser save your passkeys to the Google Password Manager and sync similarly. Windows also has built-in support for creating and storing passkeys and syncs your passkeys between Windows devices where you’re logged in with your Microsoft account.

You can also choose to store your passkeys in password managers — our top picks both support passkeys. Passkeys stored in password managers such as 1Password sync to the apps and browser extensions, making them available no matter what device you’re using. If you store passkeys in your password manager, secure your password manager account with a complex, unique password and enable 2FA.

Top pick

1Password offers attractive, colorful apps and a straightforward onboarding experience that’s easy for newcomers to understand. At the same time, the technically inclined will appreciate its advanced features and security.

$29 from 1Password
(per year)

Budget pick

The free version of Bitwarden covers all the basics of a good password manager and doesn’t cost anything. But features like advanced security reports and encrypted file storage cost extra.

If you don’t like the idea of your passkeys floating around in the cloud between your devices, you can store them offline on a hardware security key. I recommend both the Yubico Security Key C and the Yubico YubiKey 5C NFC in Wirecutter’s guide to security keys, based on price, durability, and brand reputation among the 12 keys I tested. 

Top pick

This key works just about anywhere security keys are supported. It can store passkeys, and it supports NFC for wireless communication with your phone.

$29 from Amazon

$29 from Walmart

$29 from Best Buy

Upgrade pick

The Yubico YubiKey 5C NFC supports many authentication protocols, so it works anywhere security keys are accepted. If you can make the most of its advanced features, such as signing and encrypting with OpenPGP, it’s well worth the price.

$58 from Amazon

$58 from Walmart

$58 from Best Buy

But remember that if you lose your physical security key, you lose all of its passkeys as well. If you go this route, you should create backup passkeys for your accounts and store them on a second, backup security key that you keep in a safe place.

Unlocking sites with a passkey

You can use passkeys only on sites that support them. The FIDO Alliance, the industry group that developed the core technology for passkeys, has a searchable list of sites that use passkeys, which is a good place to start. But you are likely to see a prompt pop up on any of the major online services and retailers that are now using passkeys.

The passkey experience differs slightly depending on the device you’re using and the site you’re logging in to. 

Some websites, like Amazon, will prompt you to create a passkey. On a phone, tap Add Passkey and authenticate using the same method you use to unlock your phone (in my case, with Face ID). That’s it — your phone has created a unique passkey for Amazon and securely saved it. 

The next time you log in to Amazon, your phone will recognize that you have a passkey and ask to use it. (On desktop computers, you may have to enter your username before you can use a passkey.) Tap the button to confirm and authorize with biometrics or a PIN, and you’re logged in. No password, no problem. 

You can also use a device with a passkey to log in to a website on a different device where you don’t have a passkey. After navigating to Amazon’s website on a laptop, for example, enter your username and then choose the option to use a passkey. The browser will display a QR code that you scan with your iPhone, which in turn triggers a request to use a passkey. Tap to confirm, perform a quick Face ID scan, and that’s it: You’re logged in. Note that both devices must have Bluetooth enabled, but you don’t need to pair them.

An important detail: When you use a passkey on one device (like your phone) to authenticate a different device (such as your laptop), the passkey isn’t transferred from one to the other. If you plan on logging in again on the laptop in the future, you might want to create a new passkey specifically for the laptop.

The disadvantages of passkeys

The greatest obstacle to passkey adoption may end up being exhaustion. It’s yet another thing that’s being asked of you to keep your accounts safe. 

“Security fatigue is real,” Hoffman-Andrews said. 

Passkeys are still in their early-adoption phase, and it can be hard to find sites that support them. So for the foreseeable future, you’ll need to continue using password managers and enabling 2FA wherever possible. Meanwhile, some sites that do use passkeys still rely on passwords and 2FA, which clever attackers can obtain through phishing, as backups.

And while passkeys are intended to be more convenient than passwords, that’s not entirely the case at the moment. Some sites don’t require 2FA for passkey logins, and others do; some sites let you create as many passkeys as you like for an account, while others limit you to just one. Logging in to the same site on an iPhone doesn’t work quite the same as it does on Android. These are little things, but they create more confusion for people still unfamiliar with the technology. 

I’ve also found that it can be tricky to remember where I’ve created my passkey, which sometimes means I simply don’t know what device to use to log in. It’s not currently possible to transfer passkeys between different types of devices, which is annoying, but Hoffman-Andrews explained that this limitation also helps keep passkeys safe from phishing attacks. 

Although passkeys are stored with end-to-end encryption, which prevents both providers and third parties from accessing or examining them, they’re not entirely in your control when you store them on third-party cloud services like those of Apple and Google. 

“It is technically possible that a compromised cloud account — or a legal subpoena directed at the cloud provider — could impact the security or privacy of those synced credentials,” said Hanson. 

If someone steals your phone, or confiscates your laptop, or gains access to the account that manages your passkeys, they might be able to access those passkeys. That’s why you should never reveal your PIN to anyone. You should also enable manufacturer tools to protect lost devices and learn how to deactivate fingerprint login or facial recognition on devices. People with elevated risk, such as journalists, activists, and politicians, should consider using hardware security keys to store their passkeys.

The bottom line: Use passkeys when you can

Password phishing, data breaches, two-factor authentication, and increasingly lengthy strings of mixed-case alphanumeric nonsense phrases may soon be relics of our password past — just not yet.

We recommend that you create a passkey on any site that allows it. If you’ve previously dismissed the option to create a passkey, or if you aren’t sure whether a site supports them, there are a few places to look. On the login page, look for the option to create or use a passkey. You should also check the security options in your account settings page for information on passkeys. On Amazon, for instance, go to Your Account > Login & Security > Passkey.

Although passkeys haven’t won out against passwords, “that doesn’t mean the users won’t benefit from them today where they are already available,” Hanson said. 

Every passkey you create makes your accounts, and your online life, a little safer. And someday, the magic of passkeys will be so commonplace, you won’t be able to imagine life without them.

This article was edited by Caitlin McGarry and Annemarie Conte.

Meet your guide

I write about how to get the most out of your phones and computers, whether that means keeping your photos neatly sorted or protecting yourself from scams and surveillance.“

Opinion | Mark Zuckerberg Is Running Meta Into the Ground - The New York Times

Meta Is Dying

May 8, 2026, 

Alex Gamsu Jenkis

By Julia Angwin

"Ms. Angwin, a contributing Opinion writer, is an investigative journalist.

There is a moment when internet companies get the stink of death on them. For AOL, it was 2003, when it became clear that its users were abandoning its clunky dial-up internet service for far-faster broadband. For Yahoo, it was 2015, when their last-ditch acquisition spree failed, and they sold themselves to Verizon.

For Meta, that time is now. I believe the company — one of the most powerful media organizations in the world and one of the most valuable members of the S&P 500 — is at the start of a long, slow decline that will trigger aftershocks to our economy and our society.

It may be named Meta, but the company’s biggest asset is still Facebook. Started from a Harvard dorm, the original online social network has dominated our world for two decades. Its three billion users are still bigger than any single country. Its platforms can help sway an election, fuel an insurrection or spark a genocide.

But if you look carefully, you can see chinks in the armor. Meta’s earnings are starting to show the strain from years of growing consumer disaffection and reckless spending. The latest earnings, released on April 29, revealed a dip in user numbers for the first time since it started reporting these figures. And the slumping stock confirms what we have all known in our guts for a while: This is a company entering its zombie era.

Death is different on the internet. Lifeless companies like AOL and Yahoo are still technically with us. You can visit their websites. They have customers. They may even be profitable, as they cut staff and monetize their last remnants of traffic. But they are, as the kids say, peak cringe. Many teens wouldn’t be caught dead with an AOL account, a Yahoo email address — or a Facebook profile.

Sign up for the Opinion Today newsletter  Get expert analysis of the news and a guide to the big ideas shaping the world every weekday morning. 

As a company’s brand ages, its founders leave. The excitement evaporates. The stock shrivels to a fraction of its former glory as the user base withers to those captured by an old email account or friend group. New owners often arrive — usually bean counters who are focused on cutting costs and maximizing profits. That’s when websites stoop to junk mode, spamming you with endless email “final sales” and loading up the pages with ads so gross and disturbing that they should be age-restricted.

Of course, Meta is a long way from hitting rock bottom. The online giant — which benefits from its ownership of WhatsApp, the world’s largest messaging app, and Instagram, the popular photo-sharing social network — made $200 billion in ad revenue last year. That was an astonishing 20 percent of the global ad market. Meta’s founder, Mark Zuckerberg, is still firmly at the helm thanks to an unusual ownership structure that prevents him from being fired.

Thanks to that, we will all get to watch Mr. Zuckerberg drive the company into the ground. From 2021 to 2026, he poured $80 billion into the Metaverse in the firm belief that we would all want to don headsets and hang out in a virtual world populated by legless avatars. Even after shutting that project down, the company still loses billions a quarter on projects like selling $500 “smart” glasses that are not only unpopular but also give major creep-filming-you-without-consent vibes.

While its adventures in avatars were going nowhere, Meta’s revenues still soared as even more ad dollars moved online in the pandemic. Then in 2022, the revolutionary chatbot ChatGPT burst on the scene, and Mr. Zuckerberg jumped into the A.I. race with an open checkbook. Pontificating about the democratization of A.I., he sank about $100 billion into building an A.I. model that anyone could run on their own machine. But last year, when that model turned out to be too slow, too inaccurate and too unwieldy for most people to operate on their own, Mr. Zuckerberg abandoned the effort and plunked down another $14 billion for a new team to play catch-up with the other leading A.I. models. Now Meta has said it will spend another $115 billion (minimum) over the next year into its new effort, which thus far performs worse than the competition.

Where is this money coming from? Increasingly, Meta has been using debt to fuel its spending, amassing $59 billion in long-term debt on its balance sheet by the end of 2025, double the prior year’s total. And that doesn’t count the “aggressive” accounting it has used to keep the cost of a $27 billion Louisiana data center off its books. “The spending growth looks increasingly unsustainable,” The Wall Street Journal’s “Heard on the Street” columnist Asa Fitch wrote this week.

Now, as the company careens from one staggeringly expensive misadventure to another, its cash-cow core business is starting to wear out. Last quarter, the number of daily active users across its properties declined for the first time to 3.56 billion from 3.58 billion.

When an aging business starts to take on water, the quickest, easiest — and most destructive — solution is to make moves that will generate more money now, but may cost the company later. And that’s exactly what Meta has started to do. In the first three months of this year, the company started cramming more ads onto its platforms while charging advertisers more. Those choices may have allowed the company to increase its revenue-per-user by a significant 27 percent in the first quarter of 2026, but they are also likely to further alienate users (and annoy advertisers).

At the same time, judges and juries are starting to penalize Meta for the societal harms of its products. In March, the company (alongside YouTube) lost a bellwether lawsuitalleging that its addictive design choices triggered anxiety, depression and body-image issues in a teen. Waiting in the wings are over 100,000 similar cases seeking claims in the tens of billions of dollars.

There is a grim satisfaction in watching this organization hoist with its own petard. This is the company that profited from trafficking in lies, that tuned its algorithms to boost hatred and division, that stole our data and used it against us, that created the culture of toxic memes that are now central to our degraded public discourse. The fall of Facebook could even be a sign of a heartening turn in our national conversation: TikTok traffics more in inspirational content — prom videos are currently trending — than in the divisive narratives Facebook fostered.

But in the continued absence of any meaningful regulation, history shows us that internet companies can still wreak a lot of damage when they are in decline.

As it was being outpaced by Google on nearly every front, Yahoo failed to invest in cybersecurity and fell victim to what is still the largest data breach of all time. In 2014, Russian hackers gained access to 500 million Yahoo accounts, targeting Russian dissidents and journalists while stealing gift card and credit card numbers.

Meta’s properties, which are already riddled with fraud and scams, are likely to get even worse, given that the company has been slashing its work force in key areas focused on A.I. safety and identifying dangerous and illegal content. That means its apps are likely to grow even more polluted with everything from A.I. deep fakes to child sexual abuse material.

And Meta is still Meta. Even after losing that bellwether case on its efforts to addict users to its platforms, Meta’s chief financial officer, Susan Li, recently bragged to Wall Street that the company is using A.I. to increase the amount of time users spend watching videos and interacting with content. Fortunately, given the company’s recent track record, there’s a good chance that at least some of these terrible ideas are likely to end up in the same graveyard where Meta’s other expensive flops are buried.

Meta may be dying, but rest assured it won’t go gently into that good night. Maybe that could be a good thing. The more users quit, and the more corroded Meta’s apps grow, the faster we can all log off and close this chapter of the social-media revolution forever.

Julia Angwin, a contributing Opinion writer and the founder of Proof News, writes about tech policy. She is the author of the forthcoming book “On Courage: How to Be a Dissident in an Age of Fear.”

Opinion | Mark Zuckerberg Is Running Meta Into the Ground - The New York Times