Claude for Chrome

(www.anthropic.com)

795 points davidbarker | 1 comments | 26 Aug 25 19:01 UTC | HN request time: 0s | source

Show context

biggestfan ◴[26 Aug 25 19:11 UTC] No.45030868[source]▶

According to their own blog post, even after mitigations, the model still has an 11% attack success rate. There's still no way I would feel comfortable giving this access to my main browser. I'm glad they're sticking to a very limited rollout for now. (Sidenote, why is this page so broken? Almost everything is hidden.)

replies(5): >>45030924 #>>45031456 #>>45031949 #>>45033353 #>>45034111 #

mark242 ◴[26 Aug 25 22:56 UTC] No.45033353[source]▶

>>45030868 #

11% success rate for what is effectively a spear-phishing attempt isn't that terrible and tbh it'll be easier to train Claude not to get tricked than it is to train eg my parents.

replies(4): >>45033380 #>>45033454 #>>45033795 #>>45039212 #

1. whatevertrevor ◴[26 Aug 25 23:55 UTC] No.45033795[source]▶

>>45033353 #

The kind of attack vector is irrelevant here, what's important is the attack surface. Not to mention this is a tool facilitating the attack, with little to no direct interaction with the user in some cases. Just because spear-phishing is old and boring doesn't mean it cannot have real consequences.

(Even if we agree with the premise that this is just "spear-phishing", which honestly a semantics argument that is irrelevant to the more pertinent question of how important it is to prevent this attack vector)

↑