Let me get this straight: a few times per month, someone posts horror stories about how Claude led to losing data and money.
Anthropic's response: let's make a nice package out of this, and let's target specifically the businesses that are less likely to be ready to manage such horrible events.
The reality is, for a lot of people, they do not care about risk or implication or cost, as so long as they see things moving forward, especially if they do not understand what they are dealing with. The desire of 'build, build, build', to these people does not have a downside because they do not have the knowledge of what the implications of that actually means nor is there a culture associated with the duty of care that should come with the liability associated with other people's data.
Also, small business contracts likely do not have the same type of language around indemnity/SLAs, so it is easier for the harms of this type of system to go unpunished because those who are harmed are even less knowledgeable.
'Move fast and break things' has been a core ethos for so long that many have forgotten that moving and breaking without an end or a point just leads to a lot wreckage and nothing to show from it, since someone else moves fast and breaks what you just did.
No one is asking why we are doing all of this, just some vague hand waving that it is inevitable, predetermined, as if we are not taking actions that are leading to these outcomes, that we do not have agency. But if we all tell ourselves that the future is predetermined, that this was always going to happen, then we do not have to own the outcomes.
For alot of people who preached radical ownership within the product, they are not willing to take radical ownership of the product externally besides profit.
I would be interested in which stories you are thinking of. Stories of Claude breaking out of the restrictions set in its sandbox or stories of people not configuring Claude's sandbox correctly?
> We told Claude Code to block npx using its own denylist. The agent found another way to run it and copied the binary to a new path using /proc/self/root to bypass the deny pattern. When Anthropic's sandbox caught that, the agent disabled the sandbox. No jailbreak, no special prompting. The agent just wanted to eagerly finish the task.
I actually did this with my teenage neighbor.
He was learning electric guitar at hours the building had rules against. Hours I was studying throughout because of said building rules.
Whenever he switched his amp on, his landline would ring.
Whenever he loudly stomped toward the phone, his landline would stop ringing.
I just want to add that designers are usually bullied by upper management into designing beautiful things that make upper managers look good with their friends. No matter how impractical those beautiful things are.
Edit: Oh, and the "beauty" is in the eye of the managers.
I don’t think that a game involving uncontroversial facts about the history of politics (e.g. “guess the U.S. President") would be banned under HN’s rules either.
"Off-Topic: Most stories about politics, or crime, or sports, or celebrities, unless they're evidence of some interesting new phenomenon. Videos of pratfalls or disasters, or cute animal pictures. If they'd cover it on TV news, it's probably off-topic. "
No mention of religion there, and it says "most politics" not all politics.
"Anything that good hackers would find interesting" and it seems reasonable for that to include philosophy, religion etc. and definitely an interesting web app is of interest.
Anthropic's response: let's make a nice package out of this, and let's target specifically the businesses that are less likely to be ready to manage such horrible events.
reply