Top
Best
New

Posted by kirushik 15 hours ago

Claude Code is steganographically marking requests(thereallo.dev)
1782 points | 508 commentspage 10
123sereusername 15 hours ago|
[dead]
rowanG077 9 hours ago||
[dead]
saddlerustle 15 hours ago||
[flagged]
dwa3592 15 hours ago||
this seems a bit extreme. pangram does not work. i have tricked it multiple times. i don't get how people are still trusting these systems.
dylan604 15 hours ago||
it's just a different car on the hype train
dewey 15 hours ago|||
Source: Other AI
midtake 15 hours ago||
[flagged]
gonzalohm 15 hours ago||
Is it worse than the companies that built the agent and gave no credit for the data they used?
matheusmoreira 15 hours ago|||
Why would you give free advertising to trillion dollar corporations?
axutio 15 hours ago|||
Would you also say that "someone who wants to use an IDE / LSP features to code and not give credit to the IDE / LSP is the worst kind of person"? If not, what is the difference between the two for you?
dylan604 15 hours ago|||
one wrote code while the other is used by meatbags to write code. why is this example always marched out like it means something?
zahlman 14 hours ago|||
> one wrote code while the other is used by meatbags to write code.

One is not a "meatbag" while the other is not a "meatbag". And no, outputting something on stdout that happens to function as code is not "writing" it in the sense that we actually care about here. That's conflating the metaphor we use in describing program behaviour with the actual "meatbag" activity.

> why is this example always marched out like it means something?

Because it obviously does.

LPisGood 14 hours ago||||
Almost all ways of creating programs are effectively just using tools to produce code. Compiling, transpiling, interpreting byte code, etc.
dylan604 14 hours ago||
again, that's not what we are talking about here. we have humans writing code using an IDE. we have LLMs generating code that is placed in the IDE. why are people obtuse to this? why are bots obtuse to this?
LPisGood 12 hours ago||
We have humans writing code using prompts. We have interpreters generating byte code that is placed in the JVM. I don’t think it’s obtuse to look at it this way.
khuey 14 hours ago|||
Claude didn't "write" anything until a meatbag told it to.
dylan604 14 hours ago||
My employer didn't write anything until they told me to.
palmotea 14 hours ago|||
> Would you also say that "someone who wants to use an IDE / LSP features to code and not give credit to the IDE / LSP is the worst kind of person"?

That's a false equivalency.

> If not, what is the difference between the two for you?

Let's start this out right: if they're equivalent, first you explain to us why you think so.

zahlman 14 hours ago|||
> That's a false equivalency.

How is it false?

> Let's start this out right: if they're equivalent, first you explain to us why you think so.

I think it should be really obvious how they're equivalent: both are the result of a program running on a computer, and not the result of in-the-moment cognition by a moral agent or moral patient. Of course the LLM is just a tool. Models can literally be downloaded as ordinary files. There is not some threshold to cross where some configurations of bits on a disk deserve "credit" for work and others do not.

palmotea 14 hours ago|||
> I think it should be really obvious how they're equivalent: both are the result of a program running on a computer...

In fact it's really obvious everything is equivalent: it's all just matter and energy!

> Of course the LLM is just a tool. Models can literally be downloaded as ordinary files. There is not some threshold to cross where some configurations of bits on a disk deserve "credit" for work and others do not.

Of course there is such a threshold. And it's definitely been crossed when the "tool" can operate autonomously or nearly so, when it can generate the "creation" with minimal operator input or understanding.

Your classic IDE can't do anything without the detailed control of its operator. It's nothing like a coding agent.

axutio 14 hours ago|||
I just don't agree that it's a false equivalency. I see them both as "tools I use to get the job done". For me, the job is not "writing code" - it is "deliver feature", "fix bug", and the accountability, responsibility, and communication that comes with it.
palmotea 14 hours ago||
> I just don't agree that it's a false equivalency. I see them both as "tools I use to get the job done". For me, the job is not "writing code" - it is "deliver feature", "fix bug", and the accountability, responsibility, and communication that comes with it.

Hello, Tom Smykowski. You have people skills!

https://www.youtube.com/watch?v=hNuu9CpdjIo

axutio 13 hours ago||
A lot more durable than software engineering in this day and age...
jazzyjackson 14 hours ago|||
Should I credit Microsoft with my perfect spelling as well ?
fg137 14 hours ago||
And your comment is completely irrelevant to the article's content.
atonse 15 hours ago||
[flagged]
Maken 15 hours ago||
If scrapping content is legal, model distillation should be legal too.
palmotea 14 hours ago|||
> If scrapping content is legal, model distillation should be legal too.

No, because legality should be determined by what's in the best interests of Athropic and OpenAI's business models.

Hopefully they're working on RLHF their models to insert clauses making that reality clear into any legislation their models generate or review. That way it's only a matter of time until the confusion is cleared up.

thewebguyd 14 hours ago|||
I suppose model distillation is technically legal, in terms of copyright, because LLM output is automatically public domain.

It's only "illegal" from a standpoint of breach of contract given its against the terms of use/service, which is to say its not illegal at all, there's no criminality there.

atonse 13 hours ago||
Yeah I considered whether I should use the term "illegal" in my original post, but in this case, I believe these models are actually banned for use in China, right? Like there are probably export controls (at least with the NVidia chips)

I honestly don't know ... yeah if it's just technically a terms of use violation (which isn't illegal, just a violation of one company's rules, for which Anthropic has every right to stop), or do we now have export controls applied from the various government actions, etc making them truly illegal now.

thewebguyd 12 hours ago||
we have global export controls on Fable/Mythos, and I think (but I'm not 100% sure) that other frontier models are illegal for a US company to provide to China. So Anthropic geoblocks it, but unlike Mythos/Fable, non US citizens can still use Opus, etc just not from within China.

But because of the public domain status of LLM output (in the US) I'm not sure paying someone to run a bunch of prompts through Claude, post the output on a public website and then have a lab in China pull that output, would run afoul of any laws I think that would be legal on technicality. AFAIK Anthropic has no ban in its terms of use that you can't share Claude's output publicly. You still need interactivity for distillation, but I don't think (for now) there's anything stopping a Chinese or other lab from sending people to the US, signing up for a Claude subscription and doing the work state side.

Distillation is pretty much impossible to stop. The US GOV would have to go the full export controls route like they did for Fable/Mythos to stop any non-US citizen from using/accessing the model, which is going to be impractical if not impossible to enforce.

android521 14 hours ago|||
There are so many China born Chinese employees at Anthropic and OpenAI and I think quite a lot of them have already been recruited as spy . So it is almost impossible to keep secrets from Chinese government.
matheusmoreira 15 hours ago|||
> steal the models or illegally distill them

The irony.

botfriendsarent 15 hours ago|||
At what point though doesnt somebody stand back and say "wow, thats really dumb!" I think its probably more an indication of a dev having too much time on their hands rather than being in a hurry.
dofm 15 hours ago|||
Not totally new territory; there was a highly compressed period of panic about encryption 35 [0] years ago:

https://en.wikipedia.org/wiki/Pretty_Good_Privacy#Criminal_i...

[0] f**k I'm old

bakugo 15 hours ago||
> steal the models or illegally distill them

Oh no, they're trying to steal the models that were trained on stolen data? That's horrible, I feel so bad for Anthropic.

felipelalli 14 hours ago||
Ridiculous.
teravor 13 hours ago||
the Chinese they are trying to catch must be amateurs, first thing you should do is construct a sandbox which looks indistinguishable from a common user. second thing is to put it behind a residential proxy.
love0972 15 hours ago||
Is that really how it is? How will this affect our future?
jurschreuder 2 hours ago|
Nobody trusts the Chinese that's the problem, not that people don't trust Claude.

Why was this person from Hong Kong going through the details of Claude code for obvious security reasons? There are some other obvious reasons that come to mind.

Maybe it's an eye opener for this person how much the trust in Chinese companies has eroded in the West.

Even if they suddenly stop stealing IP, which this "security research" article would certainly not suggest is happening, it would be a very long time before trust is restored.