Hacker News

Anthropic has embedded hidden spyware-like code in Claude Code

55 points by kyokoL ago | 12 comments

tartoran |next [-]

There's another discussion thread:

https://news.ycombinator.com/item?id=48734373

kyokoL |next |previous [-]

Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users. It then sends information regarding every user by injecting it into their prompt message.

Claude Code is sending info like timezone, proxy and possible AI Lab connections into the system prompt in ways Chinese users can't notice.

A coding agent with repo and command permissions should not silently hide routing metadata inside prompts. This is a serious breach of user trust.

chomp |root |parent |next [-]

I don’t understand why this is a problem.

Nevermark |root |parent |next [-]

> This is a serious breach of user trust.

>> I don’t understand why this is a problem.

> This is a serious breach of user trust.

The problem with companies people can't trust, is unless they have a long track record of disclosing who shouldn't trust them before violations, they are companies nobody can trust.

Anthropic also has a habit of making major changes, without notifying anyone, then when they are caught apologizing and making that particular thing more clear. Then doing it again.

For a company that emphasizes the importance of alignment, they seem to be habitually ethically incompetent regarding "smaller" things.

iAMkenough |root |parent |next |previous [-]

Hiding it from users and then charging for additional tokens (if you’re Chinese).

Imagine the outrage if they did the same to Jewish people.

dietr1ch |root |parent |next [-]

That would be even more antisemitic than opposing a genocide

cyanydeez |root |parent |previous [-]

or to US dissidents, since theyre being targeted by the most fascist American regime in centuries.

also, its the subterfuge that makes explicitly dangerous

chews |root |parent |previous [-]

you are the perfect customer.

StopTencent |root |parent |previous [-]

[flagged]

jml78 |root |parent |next [-]

Let me guess, you are 100% with the fact Anthropic trained all their models on our data. Trained it on copyrighted data.

At least the Chinese companies are paying Anthropic for the privilege of distilling their models.

Zambyte |root |parent |previous [-]

Copying data without consent is only cool when Americans do it

theplumber |root |parent [-]

When they don’t need to copy it anymore it will become uncool again