174
Anthropic secretly installs spyware when you install Claude Desktop (www.thatprivacyguy.com)
submitted 6 days ago by codeinabox@programming.dev to c/security@programming.dev
18 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] Harvey656@lemmy.world 57 points 6 days ago

Once again, brave browser sucks. Use Firefox or a Firefox fork if you want any real security.

[-] keimevo@lemmy.world 36 points 6 days ago* (last edited 6 days ago)

I don't think Firefox is immune to this, just that because its architecture is different, Anthropic didn't bother coding a bridge for it (given its market share).

The main issue here is that Anthropic violated one of the most important (implicit) tenets of applications in a computer: don't touch other people's shit. Claude.app modified Brave (and others) configuration, adding an extension without user consent. An extension that, by the way, gives full control of the browser to Claude, including reading the DOM for browser tabs unrelated to Claude (for example, the one where you just entered your credit card details).

[-] refalo@programming.dev 8 points 6 days ago

I can't believe how many decades we got out of just letting all apps have full access to $HOME. In $current_year it's our own fault if we don't properly isolate our applications I guess. Android does a pretty good job of it IMO although cross-app intents probably need more protection.

[-] homesweethomeMrL@lemmy.world 4 points 6 days ago

Technically, at least as far as the author can tell, it only affects Chromium-based browsers. So Firefox would not be affected (yet).

And only on Mac so far, the app being made with ElectronOS. Not sure what Windows looks like.

[-] tinned_tomatoes@feddit.uk 10 points 6 days ago

What's Brave got to do with this? The article (that you didn't read) goes into detail about how Anthropic places these files in the directory for any Chromium-based browser.

[-] Harvey656@lemmy.world 8 points 6 days ago* (last edited 6 days ago)

While brave itself is only a minor character in this story, it is Chromium based. I was merely pointing it out. You'd be surprised how many push the brave browser on Lemmy.

[-] tinned_tomatoes@feddit.uk 4 points 6 days ago

What is it with Lemmy users posting semi-unrelated comments just to make a point?

You can't post anything in the Android or GooglePixel communities without 4 "ditch Google, use Graphene" comments.

It really doesn't make for an engaging community that one wants to partake in.

[-] Harvey656@lemmy.world 5 points 6 days ago

I'm pretty sure I do not represent the com as an individual.

[-] tinned_tomatoes@feddit.uk 2 points 6 days ago

No but you're doing a good job fuelling the stereotype ๐Ÿ˜ƒ

[-] abcdqfr@lemmy.world 4 points 5 days ago

Maybe just maybe forums are for discourse? Or maybe you're just as at fault for trying to gatekeep, bringing the "immediately on topic" comment ratio down? Be the change you want to see in world and let it go. It's easy, start by not responding now.

[-] Harvey656@lemmy.world 3 points 6 days ago

๐Ÿ‘

this post was submitted on 20 Apr 2026
174 points (100.0% liked)

Security

2061 readers
5 users here now

A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.

Rules :

  1. All instance-wide rules apply.
  2. Keep it totally legal.
  3. Remember the human, be civil.
  4. Be helpful, don't be rude.

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Vacant@programming.dev