Posted by htrp 5 hours ago
Chinese resellers are selling Claude tokens at a 70-90% discount from API prices. They achieve this by reselling capacity from pooled Claude Max 5x accounts, payments fraud, and also reselling the model output & reasoning chains to various Chinese labs.
Claude and ChatGPT are both blocked in China. You need to use a VPN to access either, and you can't pay with a Chinese bank card. So most people who want access to Claude go via a reseller. It's the easiest and cheapest way to access Anthropic models in China.
Resellers have tens of thousands of bot accounts doing this. This is also why Anthropic introduced identity verification, to slow down the onslaught of bot accounts.
Here's one token reseller, they're offering Opus 4.8 at a 93% discount below official API rates: https://yunwu.ai/pricing?provider=Anthropic
This is one reason why Deepseek & GLM are priced so cheaply, they are competing with impossibly low token prices in China. They have to keep prices low, in order for people to use them.
I shared this story a few months back, but it never got any traction https://www.chinatalk.media/p/how-to-buy-cheap-claude-tokens...
This one does not make sense to me at all.
Deepseek and GLM are openweights, even US inference provider are selling them at much cheaper price. The price is cheap because the model is more efficient.
>Here's one token reseller, they're offering Opus 4.8 for a 93% discount below official API rates: https://yunwu.ai/pricing?keyword=claude
But is it cheaper than getting your own account? Otherwise this sounds like the "anthropic/openai are losing gazillions of dollars because they're selling $1k worth of tokens for $100" line that's commonly trotted out by AI bears.
There's a similar Claude resale market going on in Russia.
So it's presumably cheaper than attempting to spin up your own method of circumventing the blocks.
It's similar to fractional banking, you gamble that people won't want their deposits all at once and pray for you're big enough for bailouts when they do.
It's still a business whose fundamentals don't make sense, you're just gambling you won't get found out.
A voLTE call is like 40kbps. For every person on earth to be on the phone to another person would be 4 billion calls would be about 160tbps. Which is less than 10% of the Internet's capacity.
This also sheds a very different light on people saying that competitive open-source models are undermining frontier labs' business model.
Do they have MacBooks in the US that run the queries and stream the outputs back to China?
And that's just as a basic first effort reject measure to prevent automation tools from using things designed for human-interactive use only.
Go try to do many of these things from Cogent IP space and see how long your project lasts.
> Do they have MacBooks in the US that run the queries and stream the outputs back to China?
the answer to your question is containers/VMs + residential proxies
"you're trying to rip off what I've already ripped off!"
Crawl the whole Internet to build a gargantuan sized LLM and then complain you're being copied...
"Well, Steve, I think there's more than one way of looking at it. I think it's more like we both had this rich neighbor named Xerox and I broke into his house to steal the TV set and found out that you had already stolen it."
Both Anthropic and Alibaba are trying to build bleeding edge LLMs. That part is the same. The way they source their data is slightly different, but they would both argue it constitutes fair use under Copyright law.
Sucking down petabytes of peoples' copyrighted content that they never granted a specific license to you to use seems to be an unavoidable and default part of the process of building any huge LLM.
LLM's literally wouldn't work without the sum total of knowledge (in the forms of books and other copyrighted content) being used as 'training data' for these LLMs.
The 'bleeding edge' LLMs required many things, but: 1 Tech innovation ('attention') 2 Lots of compute 3 Data 4 Pre + post training
#4 doesn't happen without #3.
It's pretty obvious at this point that the major providers have stolen vast amounts of #3 - they have paid nearly 0 of the creators.
We can argue about the impact (I'd lean net good) vs. the cost. But arguing there isn't a cost is a bit silly.
Should be fun.
Edit: clarification
Anthropic's actions seem performative. Others have already speculated on the likely audience(s).
Eventually these Chinese companies will release some extension like Honey, which will sit on top real, non-Chinese clients and send everything to China anyway.
It's over.
But an AI lab can continue to produce immense economic value without releasing the model publicly for possible distillation. For example, it could use a future model solely in-house to develop therapeutics.
Hopefully there's a future where others can access frontier models, but it's not neccessary if preventing proliferation through distillation is considered more important.
[1]: See the notes on distillation in https://dualuse.dev/posts/export-controls-on-fable
And Berkeley’s “False Promise of Imitating Proprietary LLMs” found imitation closes the style gap fast but there is a large capability gap.
For example, GLM 5.1 is more capable at pentesting than the model from which it is alleged to have been distilled [1].
Intuitively, this makes some sense: you can "distill" from multiple frontier models, and you can further post-train the distilled model. But I'm not sure exactly what happened with GLM 5.1.
[1]: https://dualuse.dev/posts/chinese-models-are-sometimes-bette...
Point being there may be no technical solution but there may be a political one (theoretically).
But with this, I don't have an issue. There is no theft since what is being used is the exact product that is being delivered. Yes, it's breaking the ToS, but ToS are generally bullshit. Anthropic surely broke thousands of ToS or other legal terms while it was scraping for content to train on. Which is why they had to pay $1.5B
The latter is basically fine-tuning the model with direction from another model. Thousands of businesses do this every day to fine-tune. This is almost certainly what the Chinese labs are doing, since it has a much better effect on the end result than just getting simple answers to simple questions.
These complaints of distillation are inflating the problem to make it sound worse than it is, because they want the USG to block/ban Chinese model providers as protectionism. They have already called for more export controls on chips (which is funny because DeepSeek v4 was designed to run on Huawei chips and now the other Chinese providers are following suit). But they can't come right out and say that, so their claim is that they're asking for more export controls because distilled models might not be as safe as their own. But if you show them a jailbreak of their model that bypasses their safety, they'll tell you that any model can eventually be jailbroken so don't worry about safety.
This combined with no implementation of KYC makes it seem like they want to find a middle ground with Fable where its off of export controls but they promise to prevent China and specific others from using.
Obviously their actions are going to be fiscally motivated at the root, but sussing out how they intend the precise dynamics to play out is more nuanced.
Thinking of this as an effort to woo the defense hawks cuts a very clear path.
Complain/brag that chinese firms are illegally using the models and bypassing export controls.
Be surprised when your model gets banned by the government.
Is reconstructing the compressed knowledge in the model like reconstructing a lossy JPG or MP3 a reasonable analogy?