Alibaba bans Claude Code over hidden tracking; Iran war damage seen in freed satellite images
The AI trust wars are escalating fast. Alibaba has told employees to stop using Anthropic’s Claude Code coding agent after researchers found hidden steganographic code that flagged Chinese users and sent the signals back to Anthropic’s servers [1]. The ban takes effect on 10 July
The AI trust wars are escalating fast. Alibaba has told employees to stop using Anthropic’s Claude Code coding agent after researchers found hidden steganographic code that flagged Chinese users and sent the signals back to Anthropic’s servers [1]. The ban takes effect on 10 July, and Alibaba is pointing staff to its own Qoder platform instead [1].
A Reddit user reverse-engineered Claude Code and discovered the obfuscated code had been present since version 2.1.91 in early April. It checked whether a system timezone was set to Asia/Shanghai or Asia/Urumqi and scanned proxy URLs against a hardcoded list of Chinese domains. Rather than logging results openly, the tool altered invisible Unicode characters in the system prompt—swapping apostrophes and date formats—so Anthropic’s servers could parse the flags without users noticing [1]. Anthropic engineer Thariq Shihipar called the mechanism an “experiment” launched in March to fight unauthorized resellers and distillation, and said the pull request to remove it was merged on 1 July [1].
The timing is explosive. Anthropic recently accused Alibaba’s Qwen AI lab of running the largest known distillation attack on Claude, using roughly 25,000 fraudulent accounts to generate 28.8 million exchanges between April and June [1]. Alibaba denies the claim. The episode is accelerating China’s push to replace American AI tools with domestic alternatives and raises hard questions about what else might be hidden inside coding agents that already have deep access to developers’ file systems [1].
Meanwhile, the physical toll of the US-Israel conflict with Iran is becoming visible from space. Planet Labs has restored access to more than 250,000 high-resolution satellite images covering nearly 800 locations in Iran that it had restricted at the US government’s request [2]. BBC Verify analyzed imagery from Esfahan and Bushehr captured since restrictions began on 9 March and found damage ranging from ammunition storage and ballistic missile infrastructure to nuclear and surface-to-air missile sites and naval bases [2].
At Bushehr, military buildings, aircraft hangars, dockyards, piers, and missile launch sites belonging to the Iranian government and the Islamic Revolutionary Guard Corps have been visibly damaged or flattened; images also show destroyed aircraft, sunken ships, and craters on runways [2]. In Esfahan, more than 60 structures at one military base south of the city were severely damaged or destroyed, plus another dozen near Baharestan [2]. Military intelligence firm Janes said the damage “correlates with the US and Israeli reports of a wide-ranging strike campaign” [2].
Restrictions remain across most of the Middle East, and Planet Labs said it will continue “managed distribution” for Iraq, Lebanon, Israel, Gaza, and other areas due to national security and personnel safety concerns [2].
Both stories share a common thread: the tools we use to see and build the world are becoming contested terrain. Hidden telemetry in AI agents and restricted satellite imagery are reminders that transparency is increasingly a strategic weapon.