AI周刊第510期:奥特曼向华盛顿提供OpenAI的5%股份。以及其余所有人的5%。

内容来源:https://aiweekly.co/issues/altman-offered-washington-5-of-openai-and-5-of-everybody
内容总结:
美国政府拟入股OpenAI:联邦监管从“旁观”转向“入局”
过去三个月,美国政府与前沿AI实验室的关系发生了根本性转变。据《金融时报》报道,OpenAI创始人山姆·奥特曼耗时一年向白宫游说,提议美国政府持有该公司5%的股份——按OpenAI当前8520亿美元估值计算,这部分股权价值约426亿美元。更值得关注的是,这一提议还“顺带”将其他竞争对手纳入其中:华盛顿将持有美国主要AI开发商各5%的股份。特朗普曾在6月表示,公众持有AI公司股份将是“一件美好的事情”,能让美国人成为“这场革命的合伙人”。
与此同时,Anthropic在7月1日恢复了其先进模型Fable 5的全球访问权限,条件是在监督方面做出让步——包括扩大政府预览权限和组建联合研究团队。这一系列事件勾勒出清晰的图景:美国政府已不再满足于“街对面观望”,而是直接在前沿AI实验室里“安了张办公桌”。
监管工具包升级:白宫签署行政令,要求前沿实验室向政府提供最长30天的预发布访问权限;美国AI安全研究所(CAISI)已与谷歌DeepMind、微软、xAI签署模型测试协议。OpenAI正在逐客户推出GPT-5.6,政府将在审查期内审批访问权限。科技政策媒体Tech Policy Press称这是“联邦对前沿AI监管前所未有的扩张”——而这还是在股权提议进入讨论之前。
AI安全漏洞引发关注:安全研究人员披露了Cursor代码编辑器中两个零点击、严重度9.8的安全漏洞(CVE-2026-50548和CVE-2026-50549),攻击者可通过AI代理读取的恶意内容逃逸沙箱、写入任意文件并执行代码。所有早于Cursor 3.0的版本均受影响。苹果也因AI工具加速了漏洞武器化进程,提前发布了iOS 26.5.2安全补丁。
监管层“先斩后奏”:在立法者尚未通过正式AI法案之前,各机构和法院已开始即兴创新。英国就业仲裁庭积压案件达53.1万件,AI工具让无律师的申请人能结构化提交文件,但部分文件引用了不存在的判例法。加州首例算法定价集体诉讼指控Kalibrate的“定价云”系统将1700多个加油站的油泵和价格牌连接成共享定价平台,涉及BP、马拉松石油、7-11、沃尔玛等巨头。
专家观点分裂:对于Anthropic新安全分类器的效果,安全专家意见不一。凯蒂·穆苏里斯警告“修复越狱只会延缓防御者”;前Facebook安全主管亚历克斯·斯塔莫斯则认为出口管制事件是“乌龙球”,更严格的代码请求过滤可能将安全团队推向中国模型。
关键启示:①前沿API开发者需将政府审查视为供应商发布流程的常态;②标价不代表实际成本——标记化器变更可能在价格不变的情况下增加30%费用;③应把智能体IDE视为生产基础设施来维护;④最先落地的监管不会是AI法案,而是机构通过延伸威胁类别、反垄断法规和诉讼程序实现的“即兴监管”。
中文翻译:
山姆·奥特曼花了一年时间游说白宫,希望其入股OpenAI。如今这份提议已摆上台面,而且他还主动将竞争对手也纳入其中。再加上《寓言5》的回归——以接受监管让步为代价换取回归——一种模式已然清晰可见:就在这个季度,政府不再站在街对面旁观前沿人工智能,而是直接在其内部获得了一席之地。下文将聚焦:智能体集成开发环境中的安全乱象、法院与监管机构比立法者更快的即兴应变,以及我们的新栏目《分歧》——由我们追踪的专家阅读、提及、引用并争论的本周最大事件。
赞助商
定义行为。生成测试。验证智能体。
Spec27帮助团队将智能体预期转化为可复用的规范、生成验证测试,并更清晰地呈现AI智能体在不同场景下的行为证据。
热点追踪
从应用排行榜到社区动态,AI领域当下趋势一览。我们的追踪器每两小时抓取一次应用榜单,每六小时更新视频与社区动态;以下为截止发稿时的最新快照。完整汇总请见此处。
- Meta AI本周升至美国应用商店生产力榜单第4位,在我们的追踪中上升两位。Meta的助手持续将其内置分发渠道转化为下载量。
- 《Claude vs Gemini:从零开始编写着色器》是当下增长最快的AI视频之一,播放量已达12.9万次。两个模型正面交锋,编写《我的世界》着色器。这是直观感受智能体编程实际样貌的有趣方式。
- 《Anthropic工程师如何真正向Fable 5进行提示》在不到一天内获得2万次观看。随着Fable回归(见《快讯》),许多人正在重新学习如何与之对话。
- Sherlock,一款AI人脸搜索应用,跃升四位进入应用商店实用工具前20名。针对人脸的反向图片搜索已成为主流消费级应用——无论你是否安装它,都值得了解。
- 栩栩如生的陪伴机器人正进入中国家庭,本周我们的趋势追踪中,对人形机器人的搜索兴趣激增。优必选U1起售价约17650美元,拥有88个伺服关节和硅胶皮肤,数据存储在设备本地而非云端。
- r/ChatGPT 社区再次热议AI陪伴。本周一个热门帖子询问那些将ChatGPT视为超越工具的存在的人,这种关系具体是怎样的。我们无意发表尖锐评论;它恰好与本期的《等等,什么?》相得益彰。
快讯
实验室角斗士时代
- OpenAI提议向美国政府移交5%的股权——以OpenAI 8520亿美元估值计算,这部分股权价值约426亿美元,作为更广泛安排的一部分,其中华盛顿将持有每家领先美国AI开发商5%的股份。特朗普在6月表示,公众持有AI公司股份将是“一件美妙的事情”,能让美国人“成为这场革命的伙伴”。[《金融时报》]
- 《Fable 5》回归——附带新的安全分类器——Anthropic于7月1日恢复了全球访问权限,此前6月12日的出口管制已被解除。重新上线新增了一个分类器,能在超过99%的情况下阻止已知的绕过技术;订阅用户在7月7日前可享受高达每周限额50%的Fable使用量,之后将转为使用积分制。公告中还提到:Anthropic正在与亚马逊、Microsoft和谷歌共同构建一个跨实验室的越狱严重性评估标准。安全界对此的看法详见下文《分歧》栏目。[Anthropic]
- Sonnet 5以$2/$10的价格推出——但请自行测量你的Token账单——Free和Pro版的新默认模型是Anthropic迄今为止最具智能体能力的Sonnet,性能接近Opus 4.8,截至8月31日定价为每百万Token $2/$10(之后为$3/$15)。问题在于新的分词器:Anthropic表示,相同输入会映射为1.0至1.35倍的Token数,而Simon Willison在英文文本上测得了1.42倍——在标价不变的情况下,实际成本增加了约30%。[Anthropic]
AI供应链遭受围攻
- DuneSlide:Cursor中存在两个零点击、严重性评分9.8的漏洞——CVE-2026-50548和CVE-2026-50549允许智能体代你读取的、由攻击者控制的内容——例如MCP连接的服务、网页搜索结果——逃逸出Cursor的沙箱,写入任意文件并执行代码,且无需用户交互。Cato AI Labs本周披露了这两个漏洞;它们已在Cursor 3.0中修复,所有早期版本均受影响。如果你的团队使用智能体集成开发环境,那么该集成开发环境现在已成为你攻击面的一部分。[《黑客新闻》]
- Apple提前推送安全补丁,因为AI超越了更新周期——iOS 26.5.2提前发布,早于原定计划,包含超过25项修复——其中15项在WebKit中——且已知未被利用。Apple表示,它需要缩小漏洞披露与补丁送达设备之间的时间差,因为AI工具已大幅缩短了攻击者利用已公开漏洞所需的时间。[AppleInsider]
政府认真起来的一年
- 国土安全部和联邦调查局现为AI反弹命名:“反科技极端主义”——《连线》杂志获取了来自国土安全部、联邦调查局及区域融合中心的1000多页未公开报告,描述了一个围绕反对AI和数据中心建设构建的新型国内威胁类别。费城一个融合中心12月发布的一份公报警告称,暴力极端分子“可能有意针对”AI数据中心——这一界定范围之广,足以囊括远不止实际破坏者。本周在我们的专家图中分享最多的故事,有14位分享者。[《连线》]
- 英国就业法庭积压案件达53.1万件,AI正助力起草诉讼文件——积压案件在两年内翻了一番,因为生成式工具让索赔人无需律师即可提交结构化案件,而律师告诉《金融时报》,一些提交的诉讼文件中引用了不存在的判例法。[《金融时报》]
- 加州首起算法价格操纵集体诉讼,矛头直指汽油价格背后的AI——三名司机于6月22日在萨克拉门托联邦法院提起诉讼,指控Kalibrate的“定价云”将超过1700个加油站的油泵和价格牌连接成一个共享定价平台,BP、马拉松石油、7-Eleven、沃尔玛、Circle K和Albertsons均在使用该平台。这是加州新算法定价法的首次重大考验。[《洛杉矶时报》]
《分歧》
十二位我们追踪的专家在Anthropic重新上线的帖子发布后一天内进行了分享。他们对于新分类器的代价存在分歧。
安全研究员Katie Moussouris:“很高兴我们没有雪藏最好的AI模型,但这还不是胜利。我曾警告过,“修复越狱”只会延缓防御者的脚步。”她预计其他模型也会效仿Fable,限制防御性安全工作。AI工程师Tim Kellogg对此解读相同:“新分类器甚至阻止了更多防御性网络安全请求。”
Facebook前安全主管Alex Stamos则对管控措施本身持相反观点:出口事件是一个“乌龙球”——CAISI自己的专家在推翻白宫决定前已认可原始安全措施,他当前的担忧是,更严格的代码请求过滤器会促使安全团队转向中国模型,后者不会拒绝同样的工作。官方裁定,郑重声明:CAISI测试了新安全措施,并认为其“非常强大”。
政府入驻实验室
让我们从本周两则最大的新闻中后退一步,一种形态便会浮现。6月,白宫签署了一项行政命令,要求前沿实验室向政府提供最多30天的预发布访问权限,CAISI在现有与OpenAI和Anthropic的合作基础上,又与谷歌DeepMind、Microsoft和xAI签署了模型测试协议。OpenAI正在逐客户推出GPT-5.6,并在审查期内由政府批准访问权限。Fable 5的回归伴随着扩大的政府预发布访问权限和联合研究团队。本期头条的股权提议将使这一安排成为现实。
Tech Policy Press的6月综述将其称为“联邦对前沿AI前所未有的监管扩张”——而这是在股权进入讨论之前写的。在一个季度内,美国政府成为了测试者、守门人和潜在股东。实验室获得了稳定性和接近权力的机会。公众能得到什么,则取决于尚未公布的具体条款。
关键要点
- 如果你基于前沿API进行开发,政府审查现在已成为你供应商发布流程的一部分。请将分阶段推出、分类器门控功能和访问审查视为常态,而非例外。
- 标价已不再是单价。请根据每项任务测量的Token数(而非费率表)来判断模型迁移——分词器的变化会在不触及价格页面的情况下改变你的账单。
- 将智能体集成开发环境视为生产基础设施。遵循相同的补丁服务水平协议和威胁模型。入口点是你的智能体读取的任何内容,而非你编写的代码。
- 首先落地的监管不会是AI法律。各机构与原告正在扩展威胁类别、反垄断法规和法院程序以覆盖AI——这种即兴的覆盖范围将比任何AI法案早多年到来。
值得阅读
- 《促进先进人工智能创新与安全》——30天预览窗口背后的行政命令,原文:什么是“受覆盖的前沿模型”,公司自愿提供什么,以及它们能获得什么。[白宫]
- 《Anthropic的红线不能替代公共法律》——哈佛法学院的David Gantt认为,实验室的自愿承诺脆弱且缺乏民主合法性:“一个问题越重要,就越值得通过民主方式回答。”这是本周合作新闻的平衡观点。[Tech Policy Press]
- 《预览GPT-5.6 Sol》——OpenAI对其下一个旗舰层级的自我描述,即处于逐客户政府审查推出模式中心的那款模型。[OpenAI]
- 《公司正让Claude和Codex像穴居人一样说话以遏制AI飙升的成本》——企业正在包装提示词,迫使模型输出简短、电报式的回复,因为冗长的回答正在消耗它们的Token预算。[404 Media]
等等,什么?
- 如果AI有感知,那么《帝国时代II》也有感知——Ted Chiang在《大西洋月刊》上的病毒式文章认为,对大型语言模型意识持开放态度,“等同于对Microsoft Word有意识持开放态度”。为使观点具体化,一位Microsoft AI研究员在《帝国时代II》内部用数字山羊构建了一个工作神经网络。这是本周对“聊天机器人是否有意识”讨论的最佳回应。[404 Media]
- 诈骗者正在出售由AI生成的、不存在花朵的种子——在eBay、亚马逊和Etsy上:壮观的AI图像展示着形似鸟、蝴蝶和猫头的花朵,附带着针对想象中植物的真实种子包装。这种骗局早在图像生成器出现前就已存在;AI只是让大规模运作变得轻而易举,而平台无法跟上。[404 Media]
值得观看
AI从业者目前正在传阅的视频——由AI TV策划。
| 《AI正在失利,左派正在获胜》,嘉宾:Brennan Lee Mulligan 和 Ed Zitron;主持人:Adam Conover | |
| 《品牌如何利用Reddit毒害AI搜索》 404 Media | |
| 《Ed Zitron解读OpenAI泄露的财务状况》 The Tech Report |
来自《诡计》
我们的讽刺专栏。都是假的。关键在于此。
- 《优必选表示陪伴机器人无需情感连续性即可正常运行》
- 《OpenAI在GPT-5因“洞穴语”训练停止使用动词后,发布29美元“完整句子”附件》
更多内容请见《诡计》。
本周投票
华盛顿最终可能拥有OpenAI 5%的股份。好主意吗?
华盛顿最终可能拥有OpenAI 5%的股份。好主意吗?
长周末将至。如果Fable的免费窗口能经得起你最棘手问题的考验,请告诉我们你向它抛出了什么难题。
—— Alexis
英文来源:
Sam Altman spent a year pitching the White House on taking a piece of OpenAI. The offer is now on the table, and it volunteers his rivals too. Add Fable 5's return, paid for in oversight concessions, and a pattern is hard to miss: this was the quarter the government stopped watching frontier AI from across the street and got a desk inside. Below: the security mess in agentic IDEs, courts and agencies improvising faster than legislators, and our new section, The Split — the week's biggest story as read by the experts we track, named, quoted, and disagreeing.
Sponsor
Define the behaviour. Generate the tests. Validate the agent.
Spec27 helps teams turn agent expectations into reusable specs, generate validation tests, and produce clearer evidence of how AI agents behave across scenarios.In the Wild
What's trending in AI right now, from the app charts to the community feeds. Our trackers pull the app charts every two hours and the video and community feeds every six; below is the latest snapshot at press time. Full roundup here.
- Meta AI climbed to #4 on the US App Store productivity chart this week, up two spots in our tracking. Meta's assistant keeps converting its built-in distribution into downloads.
- Claude vs Gemini Make Shaders From Scratch is one of the fastest-growing AI videos right now, at 129,000 views and counting. Two models write Minecraft shaders head to head. A fun way to see what agentic coding actually looks like on screen.
- How Anthropic Engineers Actually Prompt Fable 5 picked up 20,000 views in under a day. With Fable back (see Quick Hits), a lot of people are relearning how to talk to it.
- Sherlock, an AI face search app, jumped four spots into the App Store's top-20 utilities. Reverse image search pointed at faces is now a mainstream consumer app, which is worth knowing whether or not you ever install it.
- Lifelike companion robots are arriving in Chinese homes, and search interest in humanoid robots is spiking in our trends tracking this week. UBTech's U1 starts around $17,650, has 88 servo joints and silicone skin, and stores its data on the device rather than the cloud.
- r/ChatGPT is talking about AI companionship again. One of the week's rising threads asks people who treat ChatGPT as more than a tool what that relationship looks like. No hot take from us; it pairs well with this issue's Wait, What.
Quick Hits
The Lab Gladiator Era - OpenAI proposed handing the US government a 5% stake — Equity worth roughly $42.6B at OpenAI's $852B valuation, framed as part of a broader arrangement in which Washington would hold 5% of each leading US AI developer. Trump said in June that public ownership in AI firms would be "a beautiful thing" that makes Americans "partners in this revolution." [Financial Times]
- Fable 5 is back — under a new safety classifier — Anthropic restored global access on July 1 after the June 12 export controls were lifted. The relaunch adds a classifier that blocks the reported bypass technique in over 99% of cases; subscribers get Fable at up to 50% of weekly limits through July 7, then it moves to usage credits. Also in the announcement: a cross-lab jailbreak-severity rubric Anthropic is building with Amazon, Microsoft and Google. What the security crowd makes of all this is below, in The Split. [Anthropic]
- Sonnet 5 launches at $2/$10 — but measure your own token bill — The new default model on Free and Pro is Anthropic's most agentic Sonnet yet, with performance the company puts close to Opus 4.8, priced at $2/$10 per million tokens through August 31 (then $3/$15). The catch is the new tokenizer: Anthropic says the same input maps to 1.0–1.35× more tokens, and Simon Willison measured 1.42× on English text — roughly 30% more real cost at an unchanged list price. [Anthropic]
AI Supply Chain Under Siege - DuneSlide: two zero-click, 9.8-severity holes in Cursor — CVE-2026-50548 and CVE-2026-50549 let attacker-controlled content the agent reads on your behalf — an MCP-connected service, a web search result — escape Cursor's sandbox, write arbitrary files and execute code, with no user interaction. Cato AI Labs disclosed the pair this week; both are fixed in Cursor 3.0, and every earlier version is affected. If your team runs an agentic IDE, the IDE is part of your attack surface now. [The Hacker News]
- Apple pulled its security patches forward because AI outran the update cycle — iOS 26.5.2 shipped early, ahead of the planned cycle, with more than 25 fixes — 15 of them in WebKit — and none known to be exploited. Apple says it needs to shrink the gap between a vulnerability's disclosure and the patch landing on devices, because AI tooling has collapsed the time attackers need to weaponize a published flaw. [AppleInsider]
The Year Governments Got Serious - DHS and FBI now have a name for AI backlash: 'anti-tech extremism' — WIRED obtained more than 1,000 pages of unpublished reports from DHS, the FBI and regional fusion centers describing a new domestic-threat category built around opposition to AI and data-center construction. A December bulletin from a Philadelphia fusion center warns that violent extremists are "likely interested in targeting" AI data centers — a framing broad enough to sweep in far more than actual saboteurs. The most-shared story in our expert graph this week, 14 sharers. [WIRED]
- The UK's employment tribunals hit 531,000 open claims as AI drafts the filings — The backlog has doubled in two years as generative tools let claimants file structured cases without a lawyer, and lawyers tell the FT that some filings arrive citing case law that does not exist. [Financial Times]
- California's first algorithmic price-fixing class action targets the AI behind gas prices — Three drivers filed in Sacramento federal court on June 22, alleging Kalibrate's "Pricing Cloud" links pumps and price signs at more than 1,700 stations into a shared pricing platform used by BP, Marathon Petroleum, 7-Eleven, Walmart, Circle K and Albertsons. It is the first major test of California's new algorithmic-pricing law. [Los Angeles Times]
The Split
Twelve tracked experts shared Anthropic's relaunch post within a day of it going live. They do not agree on what the new classifier costs.
Security researcher Katie Moussouris: "Glad we're not benching our best AI models, but it's not a victory yet. I warned that 'fixing jailbreaks' only slows defenders." She expects other models to follow Fable in throttling defensive security work. AI engineer Tim Kellogg read the announcement the same way: "The new classifier blocks even more defensive cybersecurity requests."
Alex Stamos, Facebook's former security chief, took the opposite line on the controls themselves: the export episode was an "own goal" — CAISI's own experts had cleared the original safeguards before the White House overrode them, and his concern now is that tighter code-request filters push security teams toward Chinese models that will not refuse the same work. The official verdict, for the record: CAISI tested the new safeguards and found them "extraordinarily strong."
The Government Moved Into the Lab
Step back from the week's two biggest stories and one shape emerges. In June the White House signed an executive order asking frontier labs to hand the government up to 30 days of pre-release access, and CAISI signed model-testing agreements with Google DeepMind, Microsoft and xAI on top of its existing OpenAI and Anthropic partnerships. OpenAI is rolling out GPT-5.6 customer by customer, with the government approving access during the review period. Fable 5's return came bundled with expanded pre-release government access and joint research teams. The equity proposal at the top of this issue would make the arrangement literal.
Tech Policy Press's June roundup called it "an unprecedented expansion of federal oversight over frontier AI" — and that was written before equity entered the conversation. In one quarter, the US government became tester, gatekeeper and prospective shareholder. What the labs get is stability and proximity to power. What the public gets depends on terms nobody has published yet.
Key Takeaways - If you build on frontier APIs, government review is now part of your vendor's release pipeline. Plan for staged rollouts, classifier-gated capabilities and access reviews as the norm, not the exception.
- List price is no longer unit price. Judge model migrations on measured tokens per task, not the rate card — a tokenizer change moves your bill without touching the price page.
- Treat the agentic IDE like production infrastructure. Same patch SLAs, same threat model. The entry point is whatever your agent reads, not code you wrote.
- The regulation that hits first won't be AI law. Agencies and plaintiffs are stretching threat categories, antitrust statutes and court procedure to cover AI right now — that improvised reach arrives years before any AI act does.
Worth Reading - Promoting Advanced Artificial Intelligence Innovation and Security — The executive order behind the 30-day preview window, in its own words: what counts as a "covered frontier model," what companies volunteer, and what they get back. [White House]
- Anthropic's Red Lines Are No Substitute for Public Law — Harvard Law's David Gantt argues voluntary lab commitments are brittle and lack democratic legitimacy: "the more consequential a question, the more deserving it is of a democratic answer." The counterweight to this week's cooperation news. [Tech Policy Press]
- Previewing GPT-5.6 Sol — OpenAI's own description of its next flagship tier, the model at the center of the customer-by-customer government-reviewed rollout. [OpenAI]
- Companies are making Claude and Codex talk like cavemen to stop AI's soaring costs — Enterprises are wrapping prompts to force terse, telegraphic model output because verbose answers were burning their token budgets. [404 Media]
Wait, What? - If AI is sentient, then so is Age of Empires II — Ted Chiang's viral Atlantic essay argues that being open to LLM consciousness "is the same as being open to the possibility that Microsoft Word is conscious." To make the point concrete, a Microsoft AI researcher built a working neural network out of digital goats inside Age of Empires II. The week's best reply to the is-the-chatbot-conscious discourse. [404 Media]
- Scammers are selling seeds for AI-generated flowers that don't exist — On eBay, Amazon and Etsy: spectacular AI images of blooms shaped like birds, butterflies and cat heads, attached to real seed packets for imaginary plants. The scam predates image generators; AI just made it trivial to run at scale, and the platforms can't keep up. [404 Media]
Worth Watching
The videos AI practitioners are passing around right now — curated on AI TV.
| AI is Losing and the Left is Winning, with Brennan Lee Mulligan and Ed Zitron Adam Conover | |
| How Brands Use Reddit to Poison AI Search 404 Media | |
| Ed Zitron explains OpenAI’s leaked financials The Tech Report |
From The Artifice
Our satire desk. It's fake. That's the point. - UBTech Says Companion Robot Does Not Require Emotional Continuity To Function Correctly
- OpenAI Releases $29 'Full Sentences' Add-On After GPT-5 Trained On Cavespeak Stops Using Verbs
More at The Artifice.
This week's poll
Washington may end up owning 5% of OpenAI. Good idea?
Washington may end up owning 5% of OpenAI. Good idea?
Long weekend ahead. If Fable's free window survives your hardest problem, tell us what you threw at it.
— Alexis
文章标题:AI周刊第510期:奥特曼向华盛顿提供OpenAI的5%股份。以及其余所有人的5%。
文章链接:https://news.qimuai.cn/?post=4508
本站文章均为原创,未经授权请勿用于任何商业用途