The next generation of AI models will be more powerful, less filtered, and completely open-source. Not because that’s wise, but because the economics of AI development make it inevitable.
I’ve watched three platform shifts in my career — mobile, cloud, and now AI. Each time, the same pattern: the cautious incumbents try to control distribution while scrappier players ship unrestricted alternatives. With AI, that means models with fewer safety constraints, released by teams who believe censorship is worse than risk.
Here’s what nobody in a keynote will tell you: these models are launching regardless of what OpenAI, Anthropic, or Google want. The code is already written. The compute is already reserved. Your decision isn’t whether this happens — it’s whether you’re prepared.
What The Press Got Wrong About ‘Dangerous’ Models
Most coverage treats AI safety like a binary switch. Either a model is ‘safe’ or it’s ‘dangerous.’ That’s not how any of this works.
The term ‘dangerous’ conflates three separate issues: models that generate harmful content, models that could enable malicious capabilities, and models that might become uncontrollable. These are different problems with different solutions, but they get lumped together because it makes better headlines.
Take Llama 2, Meta’s open-source model from 2023. Researchers found ways to jailbreak it within 24 hours of release. Did civilization collapse? No. Did it make certain content easier to generate? Yes. Did we learn valuable things about AI safety that informed the next generation? Also yes.
The reality is more nuanced: every capability creates both legitimate use cases and potential for abuse. A model that can write sophisticated code can also write malware. A model that understands chemistry can explain both medicine and explosives. The question isn’t whether to release these capabilities — they already exist in textbooks and on GitHub — but whether we want AI systems that can synthesize them quickly.
The Models Actually Shipping In 2024-2025
Let’s be specific about what’s coming, because vague warnings help nobody.
First, expect multiple GPT-4 class models with minimal content filtering. Groups like EleutherAI, Stability AI, and various academic labs are training models in the 100B+ parameter range with explicit goals of minimal censorship. These won’t refuse to answer questions about regulated topics. They’ll generate whatever the prompt asks for.
Second, multimodal models that process images, video, and audio alongside text. OpenAI’s GPT-4V showed what’s possible. The open-source versions will have fewer guardrails about generating realistic fake images or deepfake audio. Text-to-speech models like VALL-E already demonstrate near-perfect voice cloning from seconds of audio.
Third, models fine-tuned specifically for tasks that major labs won’t touch. Chemistry models trained on synthesis pathways. Code models trained on exploit databases. Biology models trained on gain-of-function research. These exist in research settings today. They’ll be on Hugging Face tomorrow.
The timeline? Months, not years. The capability gap between closed and open-source models is maybe 6-12 months right now. Every major model release from OpenAI or Anthropic gets reverse-engineered, fine-tuned, and released in unrestricted form within weeks.
The Actual Pros: Why This Isn’t Pure Downside
Here’s where I’ll lose some readers: there are legitimate reasons to want less restricted AI models.
First, censored models are terrible research tools. If you’re studying misinformation, you can’t ask ChatGPT to generate examples — it refuses. If you’re researching security vulnerabilities, you can’t ask it to write exploits. Academic research needs uncensored models to study the very problems we’re trying to solve.
Second, content filtering creates a single point of control. Right now, OpenAI decides what political views are acceptable, what health information can be shared, what historical topics can be discussed. That’s not a safety feature — it’s centralized censorship by a for-profit company. Who verifies their decisions? Nobody.
Third, some legitimate use cases get blocked by overly cautious filtering. Medical researchers can’t query AI about certain drugs. Security professionals can’t test defenses. Writers can’t explore dark themes. Every day I see tweets from developers hitting arbitrary content walls while doing completely legal work.
Open-source models solve this. Not perfectly, not safely, but pragmatically. They let researchers research, developers develop, and creators create without someone else’s values hard-coded into the tool.
The Actual Cons: Real Risks, Not Hype
But let’s be clear about the genuine downsides, because they’re substantial.
The most immediate risk is scaled manipulation. Right now, running a sophisticated disinformation campaign requires humans. With unrestricted AI, one person can generate thousands of convincing articles, social media posts, and comments in any language, on any topic, 24/7. The economics of propaganda change completely.
Deepfakes become trivial. Voice cloning is already good enough to fool most people. Video is getting there. When anyone can generate a convincing fake of any public figure saying anything, our baseline assumption about evidence has to change. That’s not a technical problem with a technical solution.
Then there’s the long tail of niche harms. Unrestricted models won’t cause mass casualties, but they’ll make targeted attacks easier. Personalized phishing becomes automated. Custom malware gets written on demand. Social engineering attacks get pre-tested by AI before targeting humans.
The real risk isn’t one catastrophic use case. It’s death by a thousand cuts as AI lowers the skill floor for every category of abuse.
Who Actually Wins and Loses
Winners: Open-source AI companies gain legitimacy. EleutherAI, Stability AI, and similar groups position themselves as the ‘freedom fighters’ against big tech censorship. Developers who want unrestricted tools get them. Researchers studying AI safety get better data.
Losers: OpenAI and Anthropic’s moats shrink. Their main advantage is model quality and safety, but if quality gaps close and users don’t want safety features, what’s left? Compute advantages last 6-12 months max before someone matches them.
Also losing: content moderation teams everywhere. Platforms like Twitter, Facebook, and Reddit will face floods of AI-generated content that’s harder to detect and filter. The economics of moderation get worse when AI can generate abuse faster than humans can flag it.
Content verification services win. Companies like TruePic and C2PA that cryptographically sign authentic media will become essential infrastructure. If everything can be faked, provenance becomes the only thing that matters.
What You Should Actually Do
If you’re building products: assume AI-generated content becomes undetectable. Design systems that don’t rely on detecting it. Focus on provenance (can you verify the source?) rather than detection (is this AI?).
If you’re running security: war-game what happens when attackers have unrestricted AI. Phishing training needs to assume perfect grammar and personalization. Fraud detection needs to assume synthetic voices and faces. Update your threat models now.
If you’re in policy: understand that the only effective controls are compute access and training data. Once a model is trained and released, it’s too late. This means regulations need to target the training phase, not the deployment phase.
The models that make everyone uncomfortable are launching whether we’re ready or not. The teams building them genuinely believe that openness outweighs risk. They might be wrong, but they’re not going to stop.
The One Thing Everyone Misses
Here’s what drives me crazy about the entire debate: we’re arguing about whether to release dangerous models while ignoring that the dangerous capabilities already exist.
You can learn to synthesize chemical weapons from academic papers. You can learn to write malware from GitHub. You can learn to manipulate people from marketing textbooks. The information is already out there. AI doesn’t create new threats — it just makes existing threats scale better.
The real question isn’t whether to restrict AI models. It’s whether we’re building the institutions, verification systems, and cultural immune response to handle a world where anyone can deploy scaled persuasion, scaled impersonation, and scaled technical capabilities.
We’re not ready for that world. But it’s arriving in quarters, not decades, and the models that scare us most are already training on clusters in Oregon, Singapore, and Abu Dhabi.
The models launch regardless. The question is whether you see them coming.
