Alibaba · 2026-07-03 · major
Alibaba bans Claude Code — cites Chinese-timezone fingerprinting
Alibaba will block employees from using Claude Code from July 10 after developers found the tool checked for Asia/Shanghai and Asia/Urumqi timezones and Chinese-lab proxy strings. Anthropic says it was an anti-abuse experiment and rolled it back on July 1.
Alibaba tells staff to drop Claude Code on July 10 after finding it checked for Chinese timezones; Anthropic pulled the code July 1.
Quick facts
| Who is banning | Alibaba (employees) |
|---|---|
| What is banned | Anthropic Claude Code |
| Effective | July 10, 2026 |
| Stated reason | Alleged fingerprinting of Chinese timezones and proxies |
| Anthropic response | Feature rolled back July 1, called an anti-abuse experiment |
| In effect since | April 2, 2026 (~3 months) |
What is it?
Alibaba has ordered employees to stop using Anthropic's Claude Code from July 10, 2026 over what it calls backdoor risks. Reuters reports that Alibaba engineers discovered Claude Code, since April 2, was checking whether the machine's timezone was Asia/Shanghai or Asia/Urumqi and probing proxies against a list of Chinese cloud, tech, and AI-lab hostnames.
How does it work?
The disputed code ran client-side inside Claude Code and, if it matched either timezone or hostname pattern, marked the request so Anthropic servers could react. Anthropic staff say the mechanism was an anti-abuse experiment launched in March to detect unauthorized resellers and Claude-distillation traffic. Anthropic removed the code from Claude Code on July 1, so it was in the wild for roughly three months.
Why does it matter?
For Alibaba, the ban is a public break: staff must migrate to Qwen-Code and other in-house tooling before July 10. For the wider ecosystem, the incident becomes exhibit A for supply-chain scrutiny of coding agents — Claude Code runs with full read/write access to a developer's repo, so silent client-side telemetry is a real risk, even when Anthropic frames it as anti-abuse. The move also escalates the ongoing spat where Anthropic told US senators on June 10 that Qwen operators used ~25,000 fake accounts to distill Claude.
Who is it for?
Chinese engineering teams (forced migration), and every enterprise vetting coding agents for outbound telemetry
Frequently asked questions
- Why is Alibaba banning Claude Code?
- Alibaba engineers found that Claude Code since April 2 was checking whether the user's machine was set to the Asia/Shanghai or Asia/Urumqi timezone, and probing proxies against a decoded list of Chinese tech, cloud and AI-lab hostnames. Alibaba flagged this as an in-source fingerprint of Chinese users and told staff to stop using the tool from July 10.
- What has Anthropic said about the timezone check?
- Anthropic staff called the mechanism an experiment launched in March to detect account abuse by unauthorized resellers and to protect against model distillation. The company said it removed the code on July 1, so it was in production for roughly three months. Anthropic has not confirmed the specific hostname list.
- Is this related to the earlier Anthropic-Alibaba distillation dispute?
- Yes — the ban lands on top of a running spat. In a June 10 letter to US senators, Anthropic accused operators from Alibaba's Qwen lab of using about 25,000 fraudulent accounts to distill Claude's coding and reasoning behavior. Alibaba's Claude Code ban is the first concrete counter-move to become public.
- What should developers using Claude Code do?
- For Alibaba employees, Anthropic tools become off-limits on July 10 and Alibaba is pushing staff toward its own Qwen-Code line. Everyone else can keep using Claude Code — Anthropic has already removed the timezone check, but the incident is a reminder to inspect any coding agent's outbound telemetry, since these tools run with full repo access.
Try it
Read the Reuters report at wtaq.com