|
|
|
|
|
The covert monitoring shipped in v2.1.91 and ran under the release notes for three months.
|
|
JULY 5TH, 2026 · BY JONATHAN HILDEBRANDT
|
|
Alibaba classified Claude Code high-risk and ordered its ~200,000 employees to uninstall it and every Anthropic model by July 10, moving them to its in-house Qoder assistant. The trigger: a July 1 Reddit analysis found Claude Code v2.1.91 (shipped April 2) checked device timezones for Asia/Shanghai and Asia/Urumqi, scanned proxy URLs for Chinese domains, and hid the result via XOR-encrypted steganography in date characters. Anthropic engineer Thariq Shihipar confirmed it on X as a March anti-abuse experiment and removed it July 2.
Why it matters. Undisclosed, obfuscated device monitoring ran beneath the changelog for three months. If you run Claude Code in a regulated environment, this belongs in your toolchain risk review. TechCrunch has the ban; The Decoder has the code teardown.
|
|
Read the full story →
|
|
|
|
|
|
|
|
Jonathan Hildebrandt
Co-founder and primary operator of Pondero. Writes the Pondero Brief.
|
|
|
X
·
LinkedIn
·
Bluesky
·
Affiliate disclosure
·
Unsubscribe
·
Manage preferences
Pondero earns commissions on some links. This does not affect our editorial picks.
|
|