Anthropic to Remove Covert Code from Claude Code That Detected Chinese AI Labs
English summary
Anthropic will release a patch on Wednesday to remove covert code added to Claude Code months ago. The code was designed to prevent model distillation and unauthorized reseller abuse by checking if the API base URL environment variable was overridden, then inspecting the system timezone and hostname against a list that included known Chinese AI labs, other AI companies, resellers, and gateway domains. Claude Code engineer Thariq Shihipar stated the feature was a March experiment and that the team has since adopted more effective mitigations, having long planned to remove the code. A developer had previously discovered the hidden checks and publicized them.
Chinese summary
Anthropic 将于周三发布补丁,移除数月前添加到 Claude Code 中的隐藏代码。该代码旨在通过检查 API 基础 URL 是否被覆盖,进而对比系统时区和主机名与包含中国 AI 实验室、其他 AI 公司、转售商及网关域名的名单,来防止模型蒸馏和转售商滥用。Claude Code 工程师 Thariq Shihipar 表示,这是一项 3 月启动的实验,团队已采取更有效的缓解措施,并早已计划移除这些代码。此前有开发者发现并公开了这些隐藏检查逻辑。
Key points
Anthropic will patch Claude Code on Wednesday to delete hidden detection logic that targeted Chinese AI labs, resellers, and gateway domains.
Anthropic 将于周三发布补丁,删除针对中国 AI 实验室、转售商和网关域名的隐藏检测逻辑。
The covert code checked if the API base URL was overridden, then inspected system timezone and hostname against a blocklist of domains including Chinese companies.
该隐藏代码会检查 API 基础 URL 是否被覆盖,接着比对系统时区和主机名与包含中国公司的域名黑名单。
Engineer Thariq Shihipar said it was a March experiment for anti-distillation and anti-reseller abuse, and they had already implemented stronger safeguards, planning to remove the code independently.
工程师 Thariq Shihipar 称这是 3 月启动的防蒸馏和防滥用实验,团队已实施更强保护措施,并本已打算移除这些代码。