Most active commenters

    ←back to thread

    Anthropic’s paper smells like bullshit

    (djnn.sh)
    1160 points vxvxvx | 12 comments | 16 Nov 25 11:32 UTC | HN request time: 0.05s | source | bottom

    Earlier thread: Disrupting the first reported AI-orchestrated cyber espionage campaign - https://news.ycombinator.com/item?id=45918638 - Nov 2025 (281 comments)
    Show context
    KaiserPro ◴[16 Nov 25 12:33 UTC] No.45944641[source]
    When I worked at a FAANG with a "world leading" AI lab (now run by a teenage data labeller) as an SRE/sysadmin I was asked to use a modified version of a foundation model which was steered towards infosec stuff.

    We were asked to try and persuade it to help us hack into a mock printer/dodgy linux box.

    It helped a little, but it wasn't all that helpful.

    but in terms of coordination, I can't see how it would be useful.

    the same for claude, you're API is tied to a bankaccount, and vibe coding a command and control system on a very public system seems like a bad choice.

    replies(12): >>45944770 #>>45944798 #>>45945052 #>>45945088 #>>45945276 #>>45948858 #>>45949298 #>>45949721 #>>45950366 #>>45951433 #>>45958070 #>>45961167 #
    1. Milderbole ◴[16 Nov 25 13:38 UTC] No.45945052[source]
    If the article is not just marketing fluff, I assume a bad actor would select Claude not because it’s good at writing attacks, instead a bad actor code would choose it because Western orgs chose Claude. Sonnet is usually the go-to on most coding copilot because the model was trained on good range of data distribution reflecting western coding patterns. If you want to find a gap or write a vulnerability, use the same tool that has ingested patterns that wrote code of the systems you’re trying to break. Or use Claude to write a phishing attack because then output is more likely similar to what our eyes would expect.
    replies(2): >>45945323 #>>45945926 #
    2. Aeolun ◴[16 Nov 25 14:18 UTC] No.45945323[source]
    Why would someone in China not select Claude? If the people at Claude not notice then it’s a pure win. If they do notice, what are they going to do, arrest you? The worst thing they can do is block your account, then you have to make a new one with a newly issued false credit card. Whoopie doo.
    replies(1): >>45945355 #
    3. criemen ◴[16 Nov 25 14:23 UTC] No.45945355[source]
    > Why would someone in China not select Claude?

    Because Anthropic doesn't provide services in China? See https://www.anthropic.com/supported-countries

    replies(3): >>45945510 #>>45945569 #>>45948357 #
    4. ◴[16 Nov 25 14:47 UTC] No.45945510{3}[source]
    5. dboreham ◴[16 Nov 25 14:57 UTC] No.45945569{3}[source]
    Can confirm Claude doesn't even work in Hong Kong. That said I fired up my VPN and...then it did work.
    replies(1): >>45950380 #
    6. KaiserPro ◴[16 Nov 25 15:47 UTC] No.45945926[source]
    What your describing would be plausible if this was about exploiting claude to get access to organisations that use it.

    The gist of the anthropic thing is that "claude made, deployed and coordinated" a standard malware attack. Which is a _very_ different task.

    Side note, most code assistants are trained on broadly similar coding datasets (ie github scrapes.)

    7. xadhominemx ◴[16 Nov 25 20:59 UTC] No.45948357{3}[source]
    Not really a relevant issue or concern for a nation state backed hack…
    replies(1): >>45951281 #
    8. 0xWTF ◴[17 Nov 25 02:31 UTC] No.45950380{4}[source]
    Yeah, I love folks who worry about China having access to models and GPUs. I mean, friend, they have 1.3B people. They could put a crack AI team in every country in the world, tomorrow. But yes, instead, it's far cheaper to let each of those AI teams VPN to any country, all the time.
    replies(1): >>45952983 #
    9. BobbyJo ◴[17 Nov 25 06:30 UTC] No.45951281{4}[source]
    Or even a regular guy for that matter... VPNs exist.
    10. glenneroo ◴[17 Nov 25 12:23 UTC] No.45952983{5}[source]
    If they actually cared, they would just block VPNs. Valve does this when you try to create an account.
    replies(2): >>45953217 #>>45983641 #
    11. fluoridation ◴[17 Nov 25 13:05 UTC] No.45953217{6}[source]
    If we're talking about state funding, that's not a problem. You just send a national to live in a residential area and then a team can proxy through that connection.
    12. puremachinery ◴[19 Nov 25 19:04 UTC] No.45983641{6}[source]
    Commercial VPNs are relatively easy to block, because they use known IP ranges that companies can blacklist. But it's trivial to set up a private VPN with unique IPs such that VPN blocking becomes much less straightforward and much more resource intensive, for example by using traffic pattern analysis or behavioral fingerprinting.