If the article is not just marketing fluff, I assume a bad actor would select Claude not because it’s good at writing attacks, instead a bad actor code would choose it because Western orgs chose Claude. Sonnet is usually the go-to on most coding copilot because the model was trained on good range of data distribution reflecting western coding patterns. If you want to find a gap or write a vulnerability, use the same tool that has ingested patterns that wrote code of the systems you’re trying to break. Or use Claude to write a phishing attack because then output is more likely similar to what our eyes would expect.
Why would someone in China not select Claude? If the people at Claude not notice then it’s a pure win. If they do notice, what are they going to do, arrest you? The worst thing they can do is block your account, then you have to make a new one with a newly issued false credit card. Whoopie doo.
Yeah, I love folks who worry about China having access to models and GPUs. I mean, friend, they have 1.3B people. They could put a crack AI team in every country in the world, tomorrow. But yes, instead, it's far cheaper to let each of those AI teams VPN to any country, all the time.
If we're talking about state funding, that's not a problem. You just send a national to live in a residential area and then a team can proxy through that connection.
Commercial VPNs are relatively easy to block, because they use known IP ranges that companies can blacklist. But it's trivial to set up a private VPN with unique IPs such that VPN blocking becomes much less straightforward and much more resource intensive, for example by using traffic pattern analysis or behavioral fingerprinting.
