According to the US App Store a rule-based proxy utility is the #1 paid app. So not sure how much relevance the App store charts have at all in real life.
I think you're both right. Prior to the other day, Claude had nowhere near as much mindshare with regular people as ChatGPT did. But now that they've stood up to Orange Man, they're heroes to a large segment of the population who would otherwise have never given them a second thought.
On a related note, since OpenAI is playing ball with Orange Man, they're public enemy #1 for this same segment, hence the calls to cancel subscriptions and boycott OpenAI.
By this time next week, most people will have forgotten about all of this.
It is absolutely unfair to say it. Just like passwords stored in a password manager, passkeys can be copied out of the device for safekeeping. Because you can copy them out, a user can be induced to give them to someone.
I saw passkey boosters go very, very rapidly from "Passkeys are immune to phishing!" to "Passkeys are phishing resistant!" when lots of real-world people started using passkeys and demonstrated that you absolutely must have a way to back them up and move them around.
Yes, they're synchronized, but I wouldn't call that "copying them out", as that to me implies somehow getting access to the raw private key or root secret bytes.
Both Apple and Google have pretty elaborate ceremonies for adding a new device to an existing account in a way that synchronizes over passkeys.
> ...as that to me implies somehow getting access to the raw private key or root secret bytes.
When passkeys were first introduced, they were 100% stuck to the device that they were created. There was absolutely no real way to copy them off. This is when proponents were -correctly- making the claim that they were immune to phishing.
When lots of users (who -notably- were not supported by whole-ass IT departments who set up and run systems that handle provisioning and enrolling new devices) started using passkeys, the correctness of the thing that many non-boosters were screaming ("You have to have a way to back these up and move them between devices!") became abundantly clear. Passkeys became something that could be copied off of devices, and proponents -correctly- switched to the claim "Passkeys are phishing resistant".
Once things switched around so that passkeys were no longer stuck on a single device, third-party managers got the ability to manage and copy passkeys. [0]
Hopefully it's now clear that the shift from "they never leave the device" to "they do leave the device" (and the consequences of this change) is what I'm talking about.
[0] At least, they will for the next five, ten years until the big players decide that it's okay to use attestation to lock them out to "enhance security".
It sounds like part of the problem is that two rather separate standards of "phishing" are getting conflated:
1. "Hi, I'm your bank, log in just like you normally do." (Passkeys immune.)
2. "Hi, I'm your bank, do something strange I've never ever asked you to do before by uploading some special files or running this sketchy program." (Passkeys just resist.)
The problem with the expansive definition is it basically starts to encompass every kind of trick or social-engineering ever.
That qualifies as "immune to phishing" as far as I'm concerned. No reasonable person using a reasonable implementation will ever be successfully victimized in that manner.
We need to stop pretending that padded cells for the criminally incompetent are a desirable design target. If you are too stupid to realize that you are being taken for a ride when asked to go through a manual export process and fork over sensitive information (in this case your passkeys) to a third party then you have no business managing sensitive information to begin with. Such people should not have online accounts. We should not design technology to accommodate that level of incompetence.
If you can't stop driving your car into pedestrians in crosswalks you lose your license. If you can't stop handing over your bank account number to strangers who call you on the phone you lose all of your money. If you eat rotten food you get sick and possibly die. If you hop a fence and proceed to fall off of the cliff behind it you will most likely perish. To some extent the world inherently has sharp edges and we need to stop pretending that it doesn't because when we do that it makes the world a worse place.
I wish it would be, but it's not. Gemini feels more sluggish, it's relatively overloaded with animations compared to chatgpt. Like most Google products.
I've been testing Gemini as I code on Claude 4.6 and the answers aren't great for coding. ChatGPT has been better. But it did a good job with some personal IRA/401k planning.
It feels like it's only a few months behind though.
And yet Google has search monopoly, is part of mobile duopoly, has almost monopoly on e-mail and data storage, is strong player in office solutions, and owns the biggest entertainment platform in form of YT.
Seems like sluggishness and animations don't mean as much to normal people.
I hadn't watched these before, but wow the AI wars are no joke. "Betrayal", "Deception", "Violation", "Treachery"... It's like the Cola Wars, but 10x more personal.
When I first saw these titles I thought they were cheesey. Then I started to appreciate the advertising team's distillation of the core user pain point into a single word at the intro. Completely changed my initial perspective!
Interesting part of the making of these ads - "While Claude helped behind the scenes – synthesising research and streamlining production – Anthropic and Mother say the concept, direction, scripts, performances and production were led by human teams."
And where do you think AIs learned to use em dashes? Anyone who knows a modicum of typography uses em dashes. There’s a reason devices like iOS automatically convert double hyphens to em dashes (or straight quotes to curly quotes).
Only young people who grew up texting and eliding standard punctuation find em dashes unfamiliar.
I pay ChatGPT 20 bucks a month, or whatever the subscription is. I get massive value out of this, Sam Altman is paying for my computing power. I’m paying a tenth(or less) of what the actual price is. Once that no longer applies, I will ditch ChatGPT and probably build my own LLM computer.
So thanks Sam for giving me cheap computing power.
"Claude by Anthropic" is currently #2 Top Free App in US App Store
reply