this post was submitted on 11 Jul 2026
221 points (96.6% liked)
Technology
86249 readers
3700 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That's not what steganography is. There is no hidden message here.
Your assertion baffles me. The CC client is sending information about its execution context back to Anthropic HQ in a sneaky, obfuscated way that most people wouldn't notice.
If that's not a hidden message, if that's not steganography, what is?
It's not sending it back. It's essentially watermarking the output, so that it can be identified if it appears somewhere unexpected.
It modifies the prompt, aka the input, not the output. It is smuggling 3 bits of secret user/session data in a wrapper that doesn't look like it contains that data. As the article explains:
This is a normal timestamp on a prompt:
Today's date is 2026-07-11.But if your system timezone is a Chinese mainland timezone, it looks like:
Today's date is 2026/07/11.Then, if your base URL includes a keyword like "deepseek," it silently replaces the apostrophe from a
'to aʼ:Todayʼs date is 2026-07-11.Or if the base URL has one of the domains on the list, like any .cn domain, it replaces the apostrophe with another apostrophe character:
Today’s date is 2026-07-11.And if it has both a URL and a keyword on the watchlist, the prompt context includes:
Todayʹs date is 2026-07-11That's 3 bits of information: does this system have a mainland Chinese time zone, does the base URL contain a known keyword (associated with Chinese AI competitors) or a known domain (associated with mainland China or its major tech companies). And it sneaks it on by without making it obvious.
That's steganography.
Did you read the post?
Yeah I thought steganography was hiding messages in images.
Ok I just looked it up, apparently it can be anything. Images, audio, video, or even text.
I remember I had this Perl module once that would convert passwords into a binary string and then convert that string into spaces and tabs. Looked like a blank file. I guess that was technically steganography.
No, that's encoding. If you hid that message inside another message, that would be steganography.
It is a message hidden in a message. The hidden message is the binary password, and the container message is "[blank]"
Steganography can include hiding binary strings inside of pretty much any file type