this post was submitted on 23 Apr 2026
361 points (97.6% liked)

Technology

84043 readers
8960 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
361
Researcher claims Claude Desktop installs “spyware” on macOS (www.malwarebytes.com)
submitted 1 day ago by throws_lemy@reddthat.com to c/technology@lemmy.world
59 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Epzillon@lemmy.world 1 points 4 hours ago (2 children)

Even if this was an opt-in feature the implementation is still terrible and a massive security hole. If id wanted the desktop app entirely and solely for this purpose i still would not expect my browser extension to have full access to my computer. I understand the app does, not the browser extension.

No matter how you twist and turn this situation Anthtopic has still introduced a major security issue in their application. It might be a bit far to call it malware immediately but it sure does open up a massive attack vector to take advantage of.

The fact that the end user is not even informed or have a choice about this makes it all the more problematic and Anthropic not commenting on it makes me think its either intentional or at the very least already known.

[–] terabyterex@lemmy.world 4 points 3 hours ago (1 children)

The security issue, as the blog says, is that it trusts any extension with the id. So if you can spoof the extension you have access.

What i was saying is that its not spyware. Which is a different issue.

[–] Epzillon@lemmy.world 1 points 2 hours ago (1 children)

Your comment seems very dismissive in the way you phrase this as intended behaviour. A security flaw like this can impossibly be intended behaviour.

In my previous comment i also say thats calling it malware is a bit far-fetched but the security issues are absolutely there and should not be dismissed as "intended behaviour". Especially not by a company like Anthropic.

I am not well versed in extension development but is there anything stopping me from making an open source extension and just defining the ID as one of the three in the article? It most likely couldnt be released via the chrome addon store but if it is installed outside of thar? And how are these IDs read after install, could it potentially be altered by something from the outside?

I immediately see so many flaws with this implementation it is worrying that a company the size of Anthropic does this.

[–] terabyterex@lemmy.world 1 points 30 minutes ago

There are many flaws. I am in no way cintradicting it or dismissing it.

[–] CanIFishHere@lemmy.ca 0 points 2 hours ago (1 children)

Now you're just making stuff up.

[–] Epzillon@lemmy.world 1 points 2 hours ago

Excuse me if im misunderstanding something but what exactly am i making up?