Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Uehreka 4 hours ago

> how can they even enforce this?

Many ways, and they’re under no obligation to play fair and tell you which way they’re using at any given time. They’ve said what the rules are, they’ve said they’ll ban you if they catch you.

So let’s say they enforce it by adding an extra nonstandard challenge-response handshake at the beginning of the exchange, which generates a token which they’ll expect on all requests going forward. You decompile the minified JS code, figure out the protocol, try it from your own code but accidentally mess up a small detail (you didn’t realize the nonce has a special suffix). Detected. Banned.

You’ll need a new credit card to open a new account and try again. Better get the protocol right on the first try this time, because debugging is going to get expensive.

Let’s say you get frustrated and post on Twitter about what you know so far. If you share info, they’ll probably see it eventually and change their method. They’ll probably change it once a month anyway and see who they catch that way (and presumably add a minimum Claude Code version needed to reach their servers).

They’ve got hundreds of super smart coders and one of the most powerful AI models, they can do this all day.

slopinthebag 4 hours ago | parent | next [-]

the internet has hundreds of thousands of super smart coders with the most powerful ai models as well, I think it's a bit harder than you're assuming.

you just need to inspect the network traffic with Claude code and mimic that

planckscnst 2 hours ago | parent | next [-]

When they blocked OpenCode, I was in the middle of adding a feature. I don't think it's possible to mimic CC in an undetectable way and have the feature work.

The feature allows the LLM to edit the context. For example, you can "compact" just portions of the conversation and replace it with a summary. Anthropic can see that the conversation suddenly doesn't share the same history as previous API calls.

In fact, I ported the feature to Claude Code using tweakcc, so it literally _is_ Claude Code. After a couple days they started blocking that with the same message that they send when they block third party tools.

Uehreka 3 hours ago | parent | prev | next [-]

OK sure, but you’d better hope Claude Code gets it right on the first try, or that’s $200 down the drain. Also, what if the detection mechanism involves a challenge-response that happens once a week? Or randomly a couple times a month? Or after 15 minutes of use from a new public IP? Or arbitrarily if you ask it to code something with a particular topic?

There are lots of ways they could be doing this. And remember again, if they get you, they don’t have to tell you how they got you (so you might not be able to even glean information in return for the $200 you’d be losing).

Sure the internet has hundreds of thousands of super smart coders, but the subset who are willing to throw money and credit cards down the drain in order to maintain a circumvention strategy for something like this is pretty low. I’m sure a few people will figure it out, but they won’t want to tell anyone lest Anthropic nerf their workaround, so I doubt that exploits of this will become widespread.

And if you’re Anthropic, that’s probably good enough.

johnfn 2 hours ago | parent [-]

Then just run Claude Code in a PTY and proxy requests in and out?

Imustaskforhelp 2 hours ago | parent [-]

> Then just run Claude Code in a PTY and proxy requests in and out?

Exactly something I said too. There are projects which can do this and hook natively to opencode and even its sdk/api.

https://news.ycombinator.com/item?id=47069299#47070204 (I list a project which does this)

I really don't know how anthropic can somehow detect something like this.

raincole 4 hours ago | parent | prev [-]

If your service's traffic is literally indistinguishable from Claude Code, then all it can do is what Claude Code does. Then why are the users going to choose your service instead of Claude Code?

slopinthebag 3 hours ago | parent [-]

Maybe because the UI doesn't flicker? There's a lot you can do to improve the UI for starters, and then the harness around the agent could also be improved upon, as long as the prompts are the same.

stanguc 3 hours ago | parent | prev | next [-]

easily "bypassable", trust me :)

Imustaskforhelp 2 hours ago | parent | prev [-]

see my comment here but I think instead of worrying about the decompile minified JS code etc., you can just essentially use claude code in the background and still do it even using opencode/its SDK thus giving sort of API access over CC subscription https://news.ycombinator.com/item?id=47069299#47070204

I am not sure how they can detect this. I can be wrong, I usually am but I think its still possible to use CC etc. even after this change if you really wanted to

But at this point, to me the question of GP that is that is it even worth it is definitely what I am thinking?

I think not. There are better options out there, they mentioned mistral and codex and I think kimi also supports maybe GLM/z.ai as well