undefined | Better HN

0 pointsWowfunhappy1mo ago0 comments

I agree with you but I think there's a "defense in depth" angle to this. Yes, your security shouldn't depend on noticing which files Claude has read, since you'll mess up. But hiding the information means your guaranteed to never notice! It's good for the user to have signals that something might be going wrong.

0 comments

dns_snek1mo ago

There's no defense "in depth" here, it's like putting your SSH key in your public webroot and watching the logs to see if anyone's taken your key. That's your only layer of "defense" and you don't stand any chance of enforcing it. Real defense is rooted in technical measures, imperfect as they may be, but this is just defense through wishful thinking.

WowfunhappyOP1mo ago

Obviously, don't put your SSH keys in a public webroot. But let's say you're managing a web server and have a decent security mindset. But don't you think it's better to regularly check the logs for evidence of an attack vs delete all the logs so they can't be checked?

j / k navigate · click thread line to collapse

0 pointsWowfunhappy1mo ago0 comments

0 comments

dns_snek1mo ago

WowfunhappyOP1mo ago

j / k navigate · click thread line to collapse