Security · 1h ago
Claude Code's Hidden China Check Erodes Developer Trust
Anthropic's Claude Code included an experiment that detected China-linked users by checking timezone and proxy data, then altering prompts sent to its servers. Alibaba banned the tool internally after the detection code was discovered, citing security concerns. Anthropic says the feature was an anti-abuse measure to prevent model distillation, not a permanent backdoor.
Meridian48 take
The real issue isn't malice but opacity: when a coding agent silently modifies behavior based on user signals, it crosses a line from server-side fraud control to local supply-chain risk.
Read the full reporting
Claude Code's China Detector Is the Wrong Kind of Security Control →
DEV Community
claude-codeai-security