Anthropic Enhances Claude's Security with Innovative Sandboxes

Le brief IA que les pros lisent chaque soir
Les 7 actus IA du jour, décryptées en 5 min. Gratuit.
Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.
Choisis ton rythme
Gratuit · Pas de spam · Désabonnement en 1 clic
A common complaint regarding sandboxed products is that they are rarely well-documented, making it difficult to assess their reliability. Anthropic has recently published a detailed overview of the security measures implemented for their products Claude.ai, Claude Code, and Cowork, thereby providing increased transparency on the techniques used to contain the actions of AI agents.
Anthropic's products employ various methods to restrict the capabilities of agents, including process sandboxes, virtual machines (VMs), filesystem limits, and exfiltration controls. These measures aim to establish clear boundaries on what agents can accomplish, thereby reducing the risks of sensitive data exfiltration. For instance, if credentials are never introduced into the sandbox, they cannot be exfiltrated, whether through user error, a flaw in the model, or an external attack.
Claude.ai relies on gVisor for its security, while Claude Code uses Seatbelt on macOS and Bubblewrap on Linux for local executions. Meanwhile, Claude Cowork operates with a full VM, utilizing Apple's virtualization framework on macOS and HCS on Windows.
Anthropic has also shared anecdotes about previously identified risks, such as the exfiltration vector via api.anthropic.com/v1/files. This serves as a reminder that it's time to take a look at Anthropic's open-source tool srt (Anthropic Sandbox Runtime), which has reached sufficient maturity to be used seriously.
Brief IA — L'actualité IA en français
L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.