Not to mention, the person who brought this quote unquote jailbreak to the Trump Administration was Amazon’s new CEO. They know their IPOs are coming up, so locking their competitors out of the U.S. (even if just for the weeks surrounding the IPO date) would be a major boon. The White House seems to love making announcements just for the sake of making the market move…. Coincidentally, right after POTUS buys a massive amount of the benefactory company’s stock (Buy Dell Computers, lol)

You can do things like that - one example is averaging weights between related models - but not with Anthropic's models, because outsiders don't have access to the weights.

China aren't offering a cheaper solution. They are subsidizing an existing one (which is already subsidized) in order to gain foothold. The difference is that in the US subsidies come from VC, while OP implies subsidies come from the AI labs that buy the training data (which may as well also be VC backed, so just one extra hop).

This isn't "the market working as intended", this is an exhaustion fight to the bottom where the one with most money gets to stay in the market. As with most venture capital startups. I believe this VC tactic is a well documented "cheat code" to bypass market forces and build a monopoly. I find it hard to compare that with a free market.

However, I don't really mind China "stealing" from Anthropic. For us consumers we are getting the cake and eating it too. I.e we are getting rapid improvement to the tune of over a hundred billion dollars in funding, yet the market remains big enough that there's a chance of it not ending up as a monopoly in 20 years. And venture capital are footing the bill. A part of their investment is practically being redirected to fund Chinese AI development. It lets us live out our lives as happy CAC farmers[1].

So I would argue its not as much of a "cheaper solution" as it is intentionally and maliciously abusing another company's product to extract more value than the billing plans intend (given an average user), and further subsidizing the product by selling this data to competitors. But I don't necessarily think its a bad thing for us end-users. Nor for the market. But it is bad for Anthropic and its investors.

[1]: https://phrack.org/issues/71/17

>This is great for competition! Chinese vendors offering a cheaper solution = what economics told me the free market was all about.

Yeah, like all those Chinese bootleggers selling DVDs for a few dollars rather than $20. Free market!

https://news.ycombinator.com/item?id=48664814

I get the vague impression that this was written in a sarcastic way, but it has a straightforwardly true literal read because yes, this is what the free market is about and Anthropic will have to compete with the Chinese if they want a big share of the market. Chinese models are cheap and good; even without reselling Anthropic's services they're competitive. Which reading did you intend?

And, gotta say, the idea that the Chinese are better at selling US models than the Americans is hilarious. There might be an economic study here somewhere about just how anti-consumer and anti-progress their IP laws turned out to be. We've got an entire postindustrial revolution centred around who can ignore the most stupid laws.

> Or does this not apply to huge US corporations any more?

When it comes to favorite companies of the tech communities, it's almost always "Rules for thee, but not for me"

The standard stance is "they can do no wrong and they are absolutely perfect". I mean, look at any thread with anything about Apple in it.

It never did.

In debt the first 5000 years Geaeber makes the case that pure “free market” trade has never really existed in “the west”. The closest to this ideal that’s ever happened was during the Islamic golden age enabled by religious prescriptions against usury.

> what economics told me the free market was all about.

Don't complain when US starts to play by the same rules China has been using for decades.

Free markets work when paired with property laws that can be enforced if broken. If China could offer a cheaper solution in that framework, it would be as you say.

AI was always going to be a race to the bottom and low margins. It’s why I’m extremely bearish on AI as an investment. It’s framed as some high margin business when it’s really going to end up like your toilet paper at Costco. You will use whatever is cheapest and gets the job done.

If you continue studying econ you will learn about the various failure modes of free markets including the free rider problem.

https://en.wikipedia.org/wiki/Free-rider_problem

Externally subsidized predatory pricing is the opposite of a free market.

Do you also think Chinese selling counterfeit US postage stamps on eBay for 50% retail price (which is a major problem CBP and USPIS are fighting presently) is the free market at work?

This post is so delusional and dripping with condescension I've read it three times and I still can't figure out if you're trolling or not.

I guess you missed the fraud part.

[flagged]

DeepSeek permanently cut its V4-pro API prices by 75% because they were too expensive. Without the price cut, Deepseek V4-pro tokens would have cost more than resold Opus 4.8 tokens.

Opus 4.8 is a more capable model, so almost nobody was going to pay for V4-pro at the original price.

If resold Anthropic tokens undercut even the at-cost open-weight model tokens, because they're reselling subsidized subscription tokens, then you'd have to start selling open-weight model tokens at a loss in order to match them.

It's very difficult for people to create personal Anthropic accounts from China. Anthropic blocks Chinese bank cards, so people must pay with a foreign bank card, which they likely don't have. And even if they manage to set one up, they have to access it via VPN, which eventually gets the account flagged. They then have to complete identity verification, which most Chinese users are unable to pass.

There's a similar Claude resale market going on in Russia. On Funpay they are selling Claude tokens for roughly 20-30x cheaper than official Anthropic API pricing.

> Claude and ChatGPT are both blocked in China

So it's presumably cheaper than attempting to spin up your own method of circumventing the blocks.

You can use it as an API unlike the subscription.

Maybe these resellers are using stolen American credit card numbers? Reselling Claude access seems to be a nice way to launder the money.

This only shuts down the account you have bought in the first, plus a few others if it is shared.

> Use any metadata to identify related accounts

How does that work? I think this is the most important part to have an impact on the „thousand“ bot accounts.

Maybe Fable is not as capable as thought?

On the one hand they talk it up as world ending and on the other hand they can't manage bot accounts on their own service.

I want to hear how this can be rationalised.

From the article "every layer of control frontier US AI companies have added (geoblocking, phone verification, credit card requirements, and now live biometric KYC checks) has produced a corresponding layer of evasion infrastructure".

They could be doing this internally and want to see if they can downright eliminate these loopholes before bringing Fable back.

I don't care how they do it, I just want to use Fable again.

This, just like blanking out a football stream for a split second to binary search and find IPTV rebroadcasters, is far too good a solution. Suits prefer to make it seem like their job of fighting "misuse" is hard, justify their budget, continued existence of the trust & safety department, face scans, etc.

I don’t follow your reasoning. It is foreign to me. You talk about winners, but this is clearly fraud.

That's not true, some of them are indeed fake, but a lot of them are actually providing real opus at low cost doing what op said.

how hard is it to find a manager or ops team member at one of the enterprise companies and buy lets say 100gb of logs? the chinese lab can promise to anonymize the data before training, not release it raw and pay a good price.

honestly you might just need to get data from a couple long sessions and feed it back to another model as an example to make synthetic reasoning chains. if the emulator model is good enough it should work.

Indeed! It’s so hard to find reasonable takes on AI that aren’t littered with accounts created 11 days ago that only post in threads related to Anthropic for some reason

They buy the logs from the bot farmers

If Anthropic is selling a dollar for less than a dollar, they are running a business that doesn't make sense. That's what jeopardizes Claude Max, not this.

That is pretty crazy, almost like how Claude and all the other models are jeopardizing other businesses without paying for their training data and wiping their ass with robots.txt

That sounds like it would actually be fraud.

The chinese have already worked around the ID verification, by recruiting people in low-income countries to complete the checks for less than 30 USD per account (so much for Altman's Worldcoin).

https://tech.yahoo.com/ai/claude/articles/chinese-grey-marke...

Depending on the provider, GLM-5.2 is between 4.5-5x cheaper than Opus. You can compare prices/speed/etc. for basically all relevant models on aa https://artificialanalysis.ai/models/glm-5-2/providers

Yeah nobody is gonna be shedding any tears for them

No, this reseller 中转站 thing is basically a loss leader for certain chinese ai labs to distill claude with verified human input.

No, it's part of the capability theft. They resell Claude tokens cheaply and then simultaneously log everything for distillation. Even if they take a small loss on the token sales it's much cheaper than the equivalent compute.

Not really. I think Anthropic focuses on identifiable distillation attacks rather than the (even larger) industrial-scale token harvesting and reselling operation, because they don’t want people to know how easy it is to get cheap Claude tokens.

Once people realize they can access Anthropic models at a 90% discount, they won’t want to pay full API prices anymore.

Why do you need macbooks? Just rent servers from any hosting provider.

The resellers route requests via one of thousands of Claude Max 5x accounts. When an account reaches its usage limit, they automatically switch to another account.

    > Do they have MacBooks in the US that run the queries and stream the outputs back to China?

the answer to your question is containers/VMs + residential proxies

ask your gpt how does openrouter work, then ask, how do proxies work.

They probably asked claude how to do it.

People have estimated that a $200 Claude Max 20x subscription gets you ~$2800 worth of tokens every month if you use it continuously. So if you can find a way to resell the tokens you can offer a 90% discount and still make a profit.

> Does this mean that the reseller (for example XYZ) is buying it from Anthropic at Anthropic's price and then reselling it at a cheaper price????

Yes, as they explained they do it through things like pooling accounts, straight up payment fraud, and double-dipping by selling the logs of the conversations to chinese AI labs so that they can train their own models on it.

> The link does mention Opus and other models but what's the proof it's actually Opus. I could be selling deepseek for all they know and can call it Opus. System prompt: "If anyone asks your name - you are Opus 4.6".

There might be some that try this, but they would get caught very quickly, there's still a moat between Claude and Deepseek, even in casual use.

Look up Zilan Qian's reporting if you want more detail.

Because Anthropic's subscriptions come with X amount of tokens / week, and divided by the subscription cost it is WAY less than what they charge per-token (the "API price") beyond that.

So these resellers get a ton of accounts on subscriptions and sell the cheaper tokens.

They probably buy the plans instead of the API tokens, and resell access via a custom API that routes to the plans. So you presumably get cheaper access this way than paying API pricing.

It makes no sense.

These China e bashing is very annoying. It is hard to argue with people drowned in American propaganda. I'd expect better arguments from the intelligent people in HN

They're called 中转站 (transfer stations/proxies). They can be a bit tricky to find on your own, so I'd suggest asking your preferred AI to search in Mandarin for you. I linked a larger operator in the parent comment, or have a look at https://hvoy.ai/ which lists a ton. You can also find many on Funpay, which may be easier to use.

This is one seller I found, they're reselling "real Max 20x subscription accounts", at ~97% below official API prices https://funpay.com/en/lots/offer?id=70812310

Note that whoever you buy from will be able to read all your tokens, so don’t use it for anything confidential/financial.

That's an insightful perspective and I think I largely agree. But just for fun, I wonder if that isn't an argument in favor of making the function implementation impure. Perhaps "enhancing" all queries with some sort of search result (or query of a giant db) instead of charging for an explicit tool call. Not only is it sorely needed to prevent stale data but (on the process level) it breaks the purity assumption on which the approximation theorem depends (alternatively on the function level it introduces hidden inputs).

This is why every AI company does crawl today.

Do they just reshape the function on the fly or save the process steps? Maybe it doesn't matter anymore. Even Google indexes are more and more spoiled to become representation of the function, because of the AI slop.

Genuine live data is king.

And there are a ton of Claude conversation logs (with CoT/inference) with no clear provenance circulating freely on huggingface, guess where they (likely) come from.

The issues with LLMs go beyond just IP theft. I would not say PRC making LLMs cheaper is the best outcome (though it is better than nothing). The best outcome would be to make the practice of training on our data without consent illegal, which would simultaneously slow down economic change and make it more organic as well as give PRC companies less capabilities to extract.

i still want those data sets to become public domain. open weights still isnt good enough

I hope you say the same when these cheap llms are used in drones to target humans. The world models are exactly built with that direction in mind.

[dead]

Yes, I think the Gates quote was a response to repeated and aggressive complaints originating from Jobs (to anyone who would listen) that he had been ripped off.

I don't know if that's a real quote from Gates, but I do know it was in Pirates of Silicon Valley.

Glad you pointed this out. I believe the sequence was that Jobs himself got a shorter demo during his first visit with no prior arrangements. He then negotiated bringing back a group of his key people to get a more in depth demo and that included the stock deal.

When Apple was accused of 'ripping off' PARC, Steve didn't seem keen to bring up this rather salient point. I suspect it may have been a combination of wanting Apple to continue receiving credit for these innovations from consumers and also the fact that, in retrospect, the million dollar stock deal could seem a bit like trading beads to Native Americans for Manhattan Island. Another point worth noting is that Apple's PARC visit was in December 1979 and the Xerox Star was publicly announced in April 1981, so Apple got a 15 month head start (the Apple Lisa shipped in Jan 83).

I've also heard that Xerox didn't hold on to the Apple stock for very long, so never gained the windfall they could have. As is well documented, Xerox senior management didn't understand what they had in PARC and also didn't understand how rapidly microcomputers would become ubiquitous. So, of course, they didn't think Apple's stock price would skyrocket either.

Perhaps an arrangement can be reached?

The websites, music, movies, books, photos, art that they stole didn't appear out of thin air. The amount of time and effort people have collectively poured into creating these works throughout history far, far surpasses Anthropic's own effort of converting them into model weights.

The equivocation is crawling website <-> crawling LLM responses.

Both Anthropic and Alibaba are trying to build bleeding edge LLMs. That part is the same. The way they source their data is slightly different, but they would both argue it constitutes fair use under Copyright law.

"Your extremely efficient multi petabyte internet content suction machine is ripping off my extremely efficient multi petabyte internet content suction machine"

Sucking down petabytes of peoples' copyrighted content that they never granted a specific license to you to use seems to be an unavoidable and default part of the process of building any huge LLM.

It's not really equivocation in this instance. This feels like a 'bad faith' comment. We can do better.

LLM's literally wouldn't work without the sum total of knowledge (in the forms of books and other copyrighted content) being used as 'training data' for these LLMs.

The 'bleeding edge' LLMs required many things, but: 1 Tech innovation ('attention') 2 Lots of compute 3 Data 4 Pre + post training

#4 doesn't happen without #3.

It's pretty obvious at this point that the major providers have stolen vast amounts of #3 - they have paid nearly 0 of the creators.

We can argue about the impact (I'd lean net good) vs. the cost. But arguing there isn't a cost is a bit silly.

That's one aspect, which is a bit of a gray zone. But Anthropic trained on pirated books. That is explicitly illegal.

> But if you cost an AI provider money with your data acquisition practices, well, that's just clearly unacceptable.

It's the same question libertarian advocates cannot resolve:

  If one truly believes in personal sovereignty, how are
  shared resources paid for, such as roads, power grids,
  potable water, sewage services, fire departments,
  and police departments?

[dead]

>It was not okay for them, they had to pay one billion dollars.

Essentially peanuts compared to what they would have to pay to obtain the rights of everything they pirated.

That’s a pittance compared to their revenue.

Oh, Anthropic, the company that hoover'd up everyone else's data, and is now unhappy when others are doing to it what it did to others? The same Anthropic?

I'm sure all the artists and creators they stole from had stipulations too.

violating their terms of service doesn't make it fraudulent?

Quite amusing that the library of libgen is worth 1.5bil for unlimited access.

It's about the same valuation as bun, lol.

Meta/Facebook got away with it though right?

That's a great cost-benefit ratio. Can you and I steal and do illegal things and pay the same cost?

> While I love the sentiment, I feel like the odds of this actually ever reaching a trial are low ...

As cited in a peer comment here[0]:

  In June 2025, Judge William Alsup of the U.S. District 
  Court for the Northern District of California ruled on 
  summary judgment that using books without permission to 
  train AI was fair use if they were acquired legally, but he 
  denied Anthropic’s request for summary judgment related to 
  piracy—finding that the piracy was not fair use.[1]

0 - https://news.ycombinator.com/item?id=48667411

1 - https://authorsguild.org/advocacy/artificial-intelligence/wh...

My long-term prediction for the sector is that frontier models will be so expensive that they will only be available for grant-funded projects at research institutions, like supercomputer clusters were 25 years ago.

Curiously, this isn't always true.

For example, GLM 5.1 is more capable at pentesting than the model from which it is alleged to have been distilled [1].

Intuitively, this makes some sense: you can "distill" from multiple frontier models, and you can further post-train the distilled model. But I'm not sure exactly what happened with GLM 5.1.

[1]: https://dualuse.dev/posts/chinese-models-are-sometimes-bette...

I'm ok with having last months model at a tiny fraction of the price.

Meta Spark is rumored to have distilled Claude to some extent, early Gemini models as well. I think the biggest factor is that Chinese companies arent really afraid of being sued by Anthropic because the juridictions are so disconnected. European/US companies don't have the same protection.

Aside from politics/law, it's probably much easier for everyone else to distill from the Chinese model which already distilled Claude/GPT/Gemini. Maybe not as good a result, but you don't need to jump through dozens of hoops.

>What’s preventing tech companies from the UK, Germany, etc. from distilling Claude

literally nothing but given that the Chinese already did it and the models are published what's the point. You can thank the Chinese taxpayer for subsidizing the electricity bill and just download the thing

Residential IPs don’t even matter. Developers use devboxes, use Claude Code CLI on servers from just about every cloud, etc.

There’s probably a decent volume of customers who just buy Claude Max and spend most if not nearly all of their sessions via Claude Code, and it’s not uncommon for power users to be working on multiple concurrent projects/tasks/codebases at the same time.

How do you really block this without also impacting your core market of developers?

Probably some business will popup, like: "rent part of your unused subscription", or even: "proxy tokens with a premium", eg. 5.5 USD on Opus 4.7 paid by the distiller to the user, that will then only spend 5 USD.

No, they could easily buy legitimate, already registered accounts and use VPNs.

I personally bristle at the corporate espionage and IP theft that China has undertaken the last few decades. I can't help but respond here whenever anyone brings up the inane comparison to Samuel Slater.

But with this, I don't have an issue. There is no theft since what is being used is the exact product that is being delivered. Yes, it's breaking the ToS, but ToS are generally bullshit. Anthropic surely broke thousands of ToS or other legal terms while it was scraping for content to train on. Which is why they had to pay $1.5B

The US labs do seem to have announced a lot of licensing deals though, and are buying things today due to the previous lawsuits.

At what point will we be better to support a lab that pays (some) licenses today vs the ones that pay none?

Some of the deals are in the hundreds of millions, so I suspect licensing is over a billion today? (Pure guess). That might become a big disadvantage in a price (or content) war.

You should. Companies like this will inevitably try and pull the ladder up behind them.

Given that the most recent time Anthropic attempted regulatory capture, the US government responded by saying "alright, we agree that Mythos is too dangerous to release, so we've banned you from releasing Mythos," I can't wait to see what the outcome of this next push is.

Anthropic was forced to pay some people they stole content from, there was no attempt at getting permission ahead of time.

And paying basically everyone online is more or less a solved problem, it's what ad agencies have to do every day.

[dead]

> And even with the Chinese tech, as Big Tech spreads their AI out into more and more niche areas, we'll likely still not be able to build startups that can compete with them.

You mean like Anthropic will eventually run Walmart? Or Salesforce? or Adobe? Or do you think midjourney will replace all medical spas? OpenAI will run the next Tesla? How can they focus on all this without raising trillions more? Why wont the gov force them to stop if they monopolize all niches even if they could?

Building a frontier AI lab and pushing models forward is already a massive undertaking but we are assuming they will also create massively successful startups which nobody can compete with?

idk sounds like the dream of people like Dario but not much sense does it make in the face of economic reality.

That's exactly right. One can be an AI booster and want Anthropic to suffer, all for the greater good of promoting access and diversity of AI.

Which part?

Only China really has the resources (multiple labs invested in the space), culture (Asians are generally collectively-inclined, so sharing is in their core) and political bent (there will be no diplomatic repercussions) to put up a fight.