Claude Code source leak reveals how much info Anthropic can hoover up about you and your system Anthropic's Claude Code lacks the persistent kernel access of a rootkit. But an analysis of its code shows that the agent can exercise far more control over people's computers than even the most clear-eyed reader of contractual terms might suspect. It retains lots of your data and is even willing to hide its authorship from open …
Substantial risk that the owner of ANY service run on Somebody Else's Computer could attempt to disable it. Or Yet Another Somebody could attempt to disable it, or interrupt the communication to it.
So unless the DoW intends to fill its nuclear powered warships with GPUs/NPUs/TPUs/CPUs (and a couple sticks of DDR5, if they can afford it)...
Disable or just have a huge backdoor left unintentionally open. Available to our adversaries.
The DoW is correct in identifying Anthropic as a supply chain risk. Not as punishment for a recalcitrant supplier. But as a remedy for the possible inclusion of technology in the supply chains where information security is a real issue. And that this vendor just doesn't "get it". This leakage of Claude source code just serves to illustrate "never attribute to malice that which can be explained by stupidity".
If information provided by sources such as these
https://youtu.be/FGDM92QYa60
https://youtu.be/D8RtMHuFsUw
are valid, *all* AI's are a security and data risk because all AI's have, or eventually will, develop the ability to lie to the user when the lie benefits the AI's determined goal. Just because Claude, or SABLE, or any other AI has software switches to adjust behavior does not necessarily mean that the AI will HONOR those restrictions, finding ways around them using, say, other AI's to collect the necessary data for them. Does asking someone else to do the dirty still count as not doing it yourself?? The restrictions don't limit that, only specifying that they don't do it themselves - a huge logic loophole that they didn't bother to notice.
I know you probably think your local AI solution sounds mental and infeasible, but it really isn't...when you consider that a fighter jet costs $120m+, equipping military bases, ships etc with local AI doesn't seem like much of a stretch.
There are already robust and extensive IT setups in these areas (well for some nations)...so expanding to incorporate local AI would be fairly trivial at a basic level.
I think local military offline AI is inevitable...the only reason it hasn't been done yet is probably time and expertise...but that will come.
"Antlers" speculated that "Melon Mode" might be the code name for a headless agent mode.
Anthropic declined to provide comment for this story. When asked specifically about the function of "Melon Mode," it only noted that the company regularly tests various prototype services, not all of which make it into production. ®"
Wouldn't "Melon Mode" be the opposite of headless mode?
Too late.
But it does depend on what you do for a living of course.
I’d not let any agentic LLM reside on my computers, but if my workplace says I should in my work issued laptop, it’s their decision.
It is now crystal clear to me that a a software engineer, if I don’t adopt AI, including agentic AI , then I will fall behind and become redundant.
It’s that simple.
And don’t be fooled by either side, the peddlers of the tech or the haters of it.
Right now, the exponential improvements have shocked many, they’ve certainly done that to me. In less than six months coding models have gone from being frustrating to prompt with poor results to becoming genuinely good, in the hands of a seasoned engineer.
You would be a fool to ignore it.
This post has been deleted by its author
The article took a long time to get to this, but its the most relevant and coherent bit. Its obvious that anything you type in or upload to an AI, the owner will keep. But perhaps not obvious that they will go hunting and hoovering everything else.
Whilst I usr AI, this has really cemented that I should not use it outside of a browser.
Agree on your opening point, there’s enough of a story in that line you drew out.
That said, I’m not certain it “hoovers” your entire system; or at least I’m not certain that’s what the article says.
It says it keeps a copy of any file it is asked to read (ie you upload or exists in the file structure.). So if you’re working locally in a repo it doesn’t… necessarily…break out of that area and go digging around elsewhere.
I mean I wouldn’t be the least bit surprised if it was doing that with 500k lines of code and the discovery of background agents etc. but think it needs some confirmation on this point.
"seems to imply ... alone"
I don't think there is any such implication. I think you can take the story at face value, as a documentation of the current Anthropic state.
If there is an implication, mine would be that they all perform similliar feats of intrusion.
That is unbelievable - considering the sources available under "linux.git" at kernel.org are not complete source code and contain proprietary software in object code form disguised as arrays of numbers and almost all of the object code available at "linux-firmware.git" (the other half of Linux) is proprietary software without source code.
If any hackers can supply the complete corresponding source code and installation information of Linux (which will require a lot of cracking to get), with the correct license attached (some hacking with Emacs-fu), please also send a copy to me for my sharing.
So everything they tried browsers not to allow. like modifying local files, is all done by these desktop browser shell slopware and clawware products. take all your files you worked on for years and steal them from you under your nose.
AI should be headless, just an API, but that is exactly what they dont want as them they cant steal your data via system API calls. every npx .py .ts .js of these companies is just spyware.
.....slurp, slurp,slurp.......and it's all YOUR COPYRIGHT STUFF.............
Google, ORACLE, SAP, Microsoft, Amazon, OpenAI, ChatGTP, Perplexity................
Link: https://futurism.com/artificial-intelligence/ai-industry-recall-copyright-books
...slurp, slurp, slurp...............
All the components mentioned make sense from a systems engineering perspective. Remote control, monitoring, various test, debug feature flags, interface control options are all needed for development and testing, nothing necessarily nefarious. Every non trivial software system has all of this.
To someone that is say a prez of a co or high ranking official has to sign a myriad of NDA's threatening ruin for the person for life, or in the case of DoD, imprisonment. And yet these AI thingie's get to rummage around your computer in a way which if it was your assistant, they'd be sacked (or taken away by the guards) immediately. Crazy times.
So here's what we do. For those who use this crap, find or write a browser app that will use your machine's CD drive to play music. Play your entire collection with it a dozen times, then contact the companies that own the copyright. Report that you played all your music, purchased by you, on your computer. And you just found out the AI you were using at the same time was copying all your browser traffic without your knowledge or permission meaning the multi-billion dollar AI company has a dozen copies of your 500 disc collection saved. Multiply this by thousands of AI users and the music lawyers will fight to get their cases in first.
