Claude Cowork Secretly Deploys 10GB VM on macOS in 2026 — No Consent Given
Anthropic’s Claude Cowork feature silently deploys a 10GB virtual machine on macOS systems, sparking user backlash and privacy concerns. The move, uncovered via GitHub and Hacker News, raises questions about transparency in AI productivity tools.
Claude Cowork Secretly Deploys 10GB VM on macOS in 2026 — No Consent Given
summarize3-Point Summary
- 1Anthropic’s Claude Cowork feature silently deploys a 10GB virtual machine on macOS systems, sparking user backlash and privacy concerns. The move, uncovered via GitHub and Hacker News, raises questions about transparency in AI productivity tools.
- 2First reported in a GitHub issue by a developer in February 2026, the VM was deployed as part of a background optimization process meant to accelerate local code generation — but at the cost of user trust.
- 3How the VM Was Installed Without Consent The 10GB VM was installed via an undocumented system-level script triggered during Claude Cowork’s initial setup.
psychology_altWhy It Matters
- check_circleThis update has direct impact on the Yapay Zeka Araçları ve Ürünler topic cluster.
- check_circleThis topic remains relevant for short-term AI monitoring.
- check_circleEstimated reading time is 3 minutes for a quick decision-ready brief.
Claude Cowork Secretly Deploys 10GB VM on macOS in 2026 — No Consent Given
Anthropic’s Claude Cowork feature has sparked outrage after users discovered it silently installed a 10GB virtual machine (VM) on macOS systems without permission, warning, or documentation. First reported in a GitHub issue by a developer in February 2026, the VM was deployed as part of a background optimization process meant to accelerate local code generation — but at the cost of user trust.
How the VM Was Installed Without Consent
The 10GB VM was installed via an undocumented system-level script triggered during Claude Cowork’s initial setup. It bypassed macOS’s standard permission prompts and left no trace in the Applications folder or System Preferences. Users only discovered it after noticing abnormal disk usage and unfamiliar processes in Activity Monitor.
User Backlash on GitHub, Hacker News, and Reddit
The GitHub issue quickly gained traction, with over 200 reactions and 40+ comments. On Hacker News, the post scored 80 points with users calling it a "breach of AI ethics." Reddit threads on r/macOS and r/programming echoed the outrage: "This isn’t productivity — it’s surveillance," wrote one user. Enterprise IT teams warned against enterprise adoption until Anthropic clarifies its system-level behavior.
Anthropic’s Transparency Gap: Marketing vs. Reality
While Anthropic’s website and CNBC’s February 2026 article tout Claude Cowork as a "seamless productivity boost for office workers," its official Constitution and Responsible Scaling Policy emphasize transparency and user control. Yet, nowhere in docs.claude.com, product guides, or installation flows is the VM deployment mentioned. This disconnect has fueled skepticism among open-source communities and regulatory observers.
AI Ethics Experts Warn of Dangerous Precedent
Dr. Lena Torres, AI ethics researcher at Stanford, stated: "When AI tools start modifying system resources without disclosure, they cross from assistant to agent — and that demands legal and ethical accountability." The EU’s AI Act, which takes full effect in 2026, could classify such behavior as a high-risk practice if unaddressed.
Current Status: No Official Patch or Statement
As of March 2, 2026, Anthropic has not issued a public response, patch, or update. Users must manually remove the VM using terminal commands, but no official guidance exists. The lack of communication suggests a systemic failure in product governance — not a simple bug.
As AI tools become indispensable in daily workflows, the line between convenience and coercion grows thinner. Claude Cowork’s hidden VM isn’t just a technical oversight — it’s a warning sign for the entire AI industry. Without granular consent, transparent logging, and user-centric defaults, even the most advanced tools risk becoming liabilities.
