logoalt Hacker News

Claude Code is steganographically marking requests

1150 pointsby kirushiktoday at 3:44 PM296 commentsview on HN

Comments

ductsurprisetoday at 4:41 PM

Is it just a minified localization(l10n) function maybe?

SaaShack26today at 5:03 PM

I use its too

827atoday at 5:00 PM

This seems really, really stupid. Similar to the weird Zig runtime signature thing from a few months ago ago, it was bound to be discovered, quickly, and all the resellers have to do is find a new domain name that (checks notes) doesn't have the word DEEPSEEK in it. Like, seriously? Your goal was to identify resellers by checking if the proxy has the corporate name of one of your competitors in it? Is this amateur hour?

All Anthropic has done is reduce trust, once again, with legitimate customers, while doing nothing to stop illegitimate customers. They need to get adults into key leadership roles, quickly.

show 1 reply
phendrenad2today at 4:55 PM

Non-hugged: https://archive.is/Wdhp0

ajrosstoday at 4:38 PM

Headline is, frankly, awful. This isn't the AI secretly doing stuff and hiding it. This is the very human Anthropic engineers trying to detect Chinese scraping via some frankly hamfisted and unimaginative URL trickery.

show 4 replies
ZappoMantoday at 6:02 PM

One more example of "I thought Anthropic was supposed to be the good guys."

theplumbertoday at 4:06 PM

The more I learn about Anthropic the more they disgust me. Finger crossed for all the companies from their “ban list”

show 2 replies
bibimsztoday at 5:36 PM

this is the one they wanted us to find

wolttamtoday at 4:18 PM

I used Claude Code for a month because my boss gifted me a sub and wanted me to try it.

I used that month to complete a work project and then beef up my personal harness so I'd never have to deal with Anthropic (and these sorts of shenanigans) again.

show 7 replies
bitladtoday at 5:05 PM

Silicon valley season 6 was on point.

grayhattertoday at 4:14 PM

Here's the sha of the prompt I submitted... no I don't know why there are no saved prompts with that sha.

What do you mean you don't know where the bug is coming from?

No, I absolutely didn't make it up, how could you accuse me of that?

Does anyone know when this regex isn't working? I double checked it 27 times, I even asked the LLM. They all say this regex should be finding these dates.

Weird, suddenly all the conversations are breaking when I feed them into this other tool? Something about UTF-8 errors, but I'm sure I'm only using ASCII?

I do try to take care to make sure the things I build can be used by other people even when they care about different things. I care about understandably, determinism (as it relates to computing), and repeatability (because I want to be able to trust the systems I use).

If y'all would be willing to try to account for use cases of others, and try not to break them... that would be nice.

Please note: that generally when you modify something that belongs to someone else without telling them... things should be expected to break.

gmziventoday at 7:27 PM

[dead]

maxothextoday at 4:01 PM

[flagged]

docprooftoday at 7:05 PM

[dead]

123sereusernametoday at 4:14 PM

[dead]

saddlerustletoday at 4:09 PM

[flagged]

show 3 replies
midtaketoday at 4:08 PM

[flagged]

show 5 replies
atonsetoday at 4:09 PM

[flagged]

show 6 replies
felipelallitoday at 4:59 PM

Ridiculous.

love0972today at 4:16 PM

Is that really how it is? How will this affect our future?

teravortoday at 6:13 PM

the Chinese they are trying to catch must be amateurs, first thing you should do is construct a sandbox which looks indistinguishable from a common user. second thing is to put it behind a residential proxy.