Comment by tantalor
3 days ago
This feels a lot like aiding & abetting a crime.
> Claude identified and tested security vulnerabilities in the target organizations’ systems by researching and writing its own exploit code
> use Claude to harvest credentials (usernames and passwords)
Are they saying they have no legal exposure here? You created bespoke hacking tools and then deployed them, on your own systems.
Are they going to hide behind the old, "it's not our fault if you misuse the product to commit a crime that's on you".
At the very minimum, this is a product liability nightmare.
Well, the product has not been built with this specific capability in mind anymore than a car has been created to run over protestors or a hammer to break a face.
"it's not our fault if you misuse the product to commit a crime that's on you"
I feel like if guns can get by with this line then Claude certainly can. Where gun manufacturers can be held liable is if they break the law then that can carry forward. So if Claude broke a law then there might be some additional liability associated with this. But providing a tool seems unlikely to be sufficient to be liable in this case.
if anthropic were selling the product and then had no further control your analogy with guns would be accurate
here they are the ones loading the gun and pulling the trigger
simply because someone asked them to do it nicely
You...do realize Claude is not just a guy sitting in Anthropic's office doing what people on the internet tell him to, right?
1 reply →
with your logic linux should have legal exposure because a lot of hackers use linux