If they're truly Chinese state-sponsored actors, does it really matter if their actions/methods are exposed? What is Anthropic going to do, send the Anthropic Police Force to China to arrest them?

I suppose I could see this argument if their methods were very unique and otherwise hard to replicate, but it sounds like they had Claude do the attack mostly autonomously.

The fact that the cops will show up to a jewelry heist after the diamonds are stolen isn’t a deterrent.

> Why not just self-host competitive-enough LLM models, and do their experiments/attacks themselves, without leaking actions and methods so much?

Why assume this hasn't already happened?

Why in this instance leak your actions and methods?

Why 'host' just to tap a few prompts in and see what happens? Worst case, you loose an account. Usually the answer has to do with people being less sophisticated than otherwise.

firewalls? anthropic surely is whitelisted.