I'll bite, because this is HN and I think there's more space for genuine discussion here, not because I desire to be right.
First, addressing my first point about how this is "the modern equivalent of an ad hominem attack". The commenter is complaining as if Claude basically came up with this entire thing itself. Very very seldom is that actually how things get created, at least in my experience. Yes there's the potential for someone to say something stupid like "Claude, generate me a blog post about something", and Claude can do it. But that's such a weird way to relate to any content that was in-part authored by AI. That just isn't how virtually everyone I know is using the tools, so it's a disingenuous take.
Second, I find your dismissal of the aptness of using the phrase "ad hominem" attack reductive here because yes, AI is not a human, but two points here:
1) I'm going to give the true OP the benefit of the doubt, that they used AI as a tool for helping develop and hone their thoughts, and AI wasn't just set off in a black box
2) AI can produce novel ideas, and can produce the output of thought, even if it isn't producing it the same ways our brains think
Someone elsewhere in the thread mentioned downgrade attacks. I presume if you wanted, on either the client or the server, you could disallow pure ML-KEM if you didn't trust it, preventing this vector.
I don't know much about the hardware space - what do you make of the author's post that there hasn't been an articulated need for pure PQ encryption, where the device couldn't afford ECC.
Is that what he's trying to do? I am no cryptographer, but when I read his post, his arguments about ECC+PQ make intuitive sense.
I'm out of fresh tin-foil hats as well, but it would not surprise me in the least if any government was actively engaged in weakening security and privacy protections.
Literally look at what they are all doing in almost every sphere. The current political zeitgeist is all about automated surveillance everywhere. The motivations are worn on their sleeves.
What would you say about his critique that simply ditching double-encryption is a bad idea? That seems like a fair point embodying a belt and suspenders approach.
This feels deeply problematic. I would much prefer, where asked via appropriate legal processes, Anthropic serve over user data to government officials, and potentially suspend access.
Interesting. Do you have a uniform data set? E.g. documents of a specific type that you know consistently have similar formats, or is this training something you need to do per-document?