←back to thread

Anthropic’s paper smells like bullshit

(djnn.sh)
1160 points vxvxvx | 1 comments | 16 Nov 25 11:32 UTC | HN request time: 0s | source

Earlier thread: Disrupting the first reported AI-orchestrated cyber espionage campaign - https://news.ycombinator.com/item?id=45918638 - Nov 2025 (281 comments)
Show context
prinny_ ◴[16 Nov 25 12:29 UTC] No.45944616[source]
The lack of evidence before attributing the attack(s) to a Chinese sponsored group makes me correlate this report with recent statements from companies in the AI space about how China is about to surpass US in the AI race. Ultimately statements and reports like these seem more like an attempt to make the US government step in and be the big investor that keeps the money flowing rather than anything else.
replies(6): >>45944676 #>>45944802 #>>45944907 #>>45946548 #>>45947425 #>>45947607 #
JKCalhoun ◴[16 Nov 25 13:01 UTC] No.45944802[source]
Do public reports like this one often go deep enough into the weeds to name names, list specific tools and techniques, URLs?

I don't doubt of course that reports intended for government agencies or security experts would have those details, but I am not surprised that a "blog post" like this one is lacking details.

I just don't see how one goes from "this is lacking public evidence" to "this is likely a political stunt".

I guess I would also ask the skeptics (a bit tangentially, I admit), do you think what Anthropic suggested happened is in fact possible with AI tools? I mean are you denying that this is could even happen or just that Anthropic's specific account was fabricated or embellished?

Because if the whole scenario is plausible that should be enough to set off alarm bells somewhere.

replies(9): >>45944911 #>>45944933 #>>45944971 #>>45945599 #>>45945972 #>>45946427 #>>45946795 #>>45947191 #>>45947193 #
1. rfoo ◴[16 Nov 25 13:25 UTC] No.45944971[source]
> Do public reports like this one often go deep enough into the weeds to name names

Yes. They often include IoCs, or at the very least, the rationale behind the attribution, like "sharing infrastructure with [name of a known APT effort here]".

For example, here is a proper decade-old report from the most unpopular country right now: https://media.kasperskycontenthub.com/wp-content/uploads/sit...

It established solid technical links between the campaign they are tracking to earlier, already attributed campaigns.

So, even our enemy got this right, ten years ago, there really is no excuse for this slop.