Alibaba to ban Claude Code in workplace over alleged backdoor risks, source says
nsoonhui
322 points
274 comments
July 03, 2026
Related Discussions
Found 5 related stories in 1024.8ms across 14,015 title embeddings via pgvector HNSW
- Anthropic says Alibaba illicitly extracted Claude AI model capabilities htrp · 265 pts · June 24, 2026 · 71% similar
- Anthropic says Alibaba used 25k accounts to mine Claude logickkk1 · 34 pts · June 27, 2026 · 62% similar
- Anthropic Accuses Alibaba of ‘Illicitly’ Accessing AI Models ryanmerket · 16 pts · June 25, 2026 · 60% similar
- ByteDance and Alibaba to disable humanlike AI custom agents as new rules loom merlioncity · 15 pts · July 06, 2026 · 58% similar
- Amazon rolls out Claude Code and Codex internally preston-kwei · 19 pts · May 05, 2026 · 57% similar
Discussion Highlights (19 comments)
yanhangyhy
i gonna ask: how can they still use claude? i thought all users in china are banned
rvnx
Can't say they are wrong, after the latest backdoor, or let's say, undocumented functionality that leaks some data that was pushed in Claude Code few days ago https://news.ycombinator.com/item?id=48759754
eunos
What Claude Code did is absolutely mindboggling tho, if Chinese harness did that probably POTUS would lose sleep.
rvz
Another reason to use open source coding agents and local language models. Claude Code is neither and it is literally info stealing malware.
feverzsj
Considering their massive distillation, if US companies stop publishing new models to the public, would China still be able to develop new open weight models?
johnathan101
Regardless of whether this specific claim is true, enterprises are becoming much more cautious about developer tools that can read large portions of proprietary codebases.
jdw64
I got curious and asked my Chinese friends, and they gave me a Reddit link[1]. It looks like it's about location data collection, and they suggested that might be the reason for the issue. [1] https://www.reddit.com/r/ClaudeAI/comments/1ujila1/anthropic...
bhouston
All remote AI are a massive security risk for individuals/companies/governments that may be targeted by the US government. It is likely that the US will get a live feed from each AI provider that they are inspecting in real time to identity things of interest, terrorist attacks or foreign government planning or even foreign companies competitive to key US companies. It will give them access to the though process in those companies as well as much of their text-based IP (source code, docs, meeting transcripts, etc) Also if you are using local AI that you didn’t train yourself you can never be sure it doesn’t have purposeful biases in its reasoning that may disadvantage you - such as directing you away from certain plans or ideas or patents etc.
ravenstine
Employers in 2022: > No! Don't install that lodash thing without explicit approval from IT. Oh, you want a license for Charles Proxy? Gee, I dunno... we've got a budget to maintain. Employers in 2023: > No! You can't use ChatGPT at work – it's a security risk. Employers in 2024: > Okay, you can use Github Copilot I guess, but you'll have to endure boring corporate training on what you're allowed to do with it. Employers with dollar signs in their eyes in 2025: > We attended a seminar about vibe coding. Why aren't you dumbasses keeping up with the times? Use Claude Code for everything! Don't write any of your own code anymore. We don't even really care if you use yolo mode. Just review code and push 10x more features! Use unlimited tokens! Money printer go brrrrr. Employers in 2026: > You mean giving one or two companies full autonomous access to our workstations while stupifying our engineers wasn't a sound business plan?
bushido
What's very interesting to me is these moves will introduce a good amount of doubt in future claims by Claude etc, that the open source and non-US models are only getting better because they're distilling from frontier labs.
Jeff9James
Story of Z.ai: use claude-code see how good it is send 100k bots to distill fable 5 (GLM 5.2 is the result of this) release Zcode ditch claude-code ban claude-code
khurs
Snowden files revealed NSA collect everything they can. Of-course USA is collecting everything, not just from China but everyone. And same with every one else.
Simulacra
https://archive.is/bmyny
avd201
Anthropic has been doing this sort of stuff for a while already. I mean, who remembers when Claude would just consume all your remaining usage if it read anything indicating that Openclaw had been used on your codebase? Because I remember. Two months ago btw https://news.ycombinator.com/item?id=47963204 Then there was the whole debacle of Fable silently downgrading to other models if it detected wrong think, or worse, outright sabotaging your codebase if you were working on language models lol
nicogentile
Seems that we are finally moving to the next stage in LLM's. not only customize based on old searches but also targeted you based on non disclose data. Its basically the same flow we had years ago with ads in social media. Interesting to notice that we can do the same with these models.
arkhiver
no ads or captcha: https://nonogra.ph/alibaba-to-ban-employees-from-using-anthr...
JPLeRouzic
> employees were being told to use the company's own coding platform Qoder That looks a no-nonsense decision, isn't?
gchamonlive
There was recently this case here in Brazil https://www.mixvale.com.br/2026/06/26/fbi-warns-brazilian-po... This is a double edge knife. In this specific instance this was absurdely important for that kid's life, but this work both ways. What if the US authorities deemed it necessary to snoop on foreign governments and citizens for political reasons, now leveraging AI to do it at an industrial scale? One thing is certain though is that assuring privacy isn't top priority for any cloud provider. Companies doing cutting edge, sensitive work should be wary.
fcanesin
It is not a risk is a fact - people decompiling Claude Code have found many times that it has code branchs to detect it is being used in Chinese timezone and locale.