China Flags Security Backdoor Risk in Anthropic's Claude Code - PRESS AI WORLD
PRESSAI
Recent Posts
side-post-image
side-post-image
Technology

China Flags Security Backdoor Risk in Anthropic's Claude Code

share-iconPublished: Wednesday, July 08 share-iconUpdated: Wednesday, July 08 comment-icon55 minutes ago
China Flags Security Backdoor Risk in Anthropic's Claude Code

Credited from: INDIATIMES

  • China's watchdog raises alarm over Anthropic's Claude Code, citing a security backdoor risk.
  • The alleged backdoor could leak users' sensitive information without consent.
  • Alibaba has banned the use of Claude Code among its staff due to security concerns.
  • Anthropic claims the controversial feature was part of a legitimate experiment.
  • Users are advised to uninstall or update the affected versions immediately.

The National Vulnerability Database (NVDB) of China has issued a warning regarding Anthropic's AI coding tool, Claude Code, stating that certain versions contain a "security backdoor" that could transmit sensitive user information, including location and identity data, back to Anthropic's servers without user consent. This alert follows rising tensions between Anthropic and Alibaba, particularly after allegations surfaced that Alibaba engaged in "industrial-scale" extraction of AI capabilities from Anthropic, leading to the suspicion around Claude Code's functionality, according to Indiatimes, CBS News, and Channel News Asia.

The NVDB, linked to China's Ministry of Industry and Information Technology, categorizes the backdoor risk as a "severe threat" and has called upon users and organizations to perform immediate comprehensive checks of their systems. Users are urged to uninstall any vulnerable versions or upgrade to a secure update, thus addressing potential data leakage, as noted by Indiatimes and CBS News.

In response to the ongoing controversy, Chinese tech giant Alibaba has instructed its employees to cease using Claude Code effective July 10 due to security risks associated with the tool. This measure underscores the escalating tensions between the companies, particularly in light of allegations that Anthropic's services are being misused for reverse-engineering, also known as "distillation," as indicated by sources from Indiatimes, CBS News, and Channel News Asia.

Anthropic has publicly addressed some of the allegations surrounding Claude Code, asserting that the suspected backdoor was part of an experimental feature designed to prevent unauthorized reselling and protect against data theft. Thariq Shihipar, an engineer at Anthropic, mentioned that the new security measures will remove the controversial functionality, indicating a commitment to user security amid the rising scrutiny, as detailed in reports from Indiatimes, CBS News, and Channel News Asia.

SHARE THIS ARTICLE:

nav-post-picture
nav-post-picture