April 15, 2026
Mask on, brain off?
Show HN: Pseudonymizing sensitive data for LLMs without losing context
They built a “privacy mask” for AI — now devs ask if it blinds the bot
TLDR: They built a proxy that hides private details before sending alerts to an AI, but readers worry it strips away vital clues like public email signals and typo‑domains. The debate: protect privacy without dumbing down the bot—because security tools can’t help if they can’t see what matters.
A startup dropped a bold idea: a “privacy mask” that swaps real names, emails, and IPs with fake stand-ins before sending security alerts to an AI helper. The AI (Anthropic’s Claude) never sees real data, but analysts still get the truth on the way back. Sounds clean—until the community read the war stories: the bot hallucinated a user named “Sarah Kowalski” and started writing fan‑fic queries. Cue the memes and facepalms.
The thread’s lightning rod is simple: does masking protect privacy at the cost of brainpower? One commenter worried, in plain terms, that hiding clues like “free Gmail address” breaks fraud detection. If the AI can’t see that an email is obviously public or misspelled, how’s it supposed to spot scams? People clapped for the open-source release, but bristled at the idea of an AI working blindfolded.
The devs behind the project say they upgraded from clumsy text swaps to smarter, realistic fakes plus a sidekick that spots names (shoutout to spaCy). Better—yet still risky. As readers pointed out, “impossible travel” (logins from far-apart countries), typo‑domains, and internal‑vs‑external hints can vanish when everything looks generic. Privacy fans preach “don’t leak client data,” while skeptics shout “don’t lobotomize the model.”
Bottom line: the privacy‑vs‑power debate got spicy, “Sarah Kowalski” is now canon, and the crowd wants one thing—to keep secrets safe without turning the AI into a goldfish. Read the post, bring popcorn, and yes, someone already suggested just running it on‑prem instead of in the cloud.
Key Points
- •A Ghost Analyst was built on Anthropic’s Claude to triage Microsoft Sentinel/Defender incidents using Entra ID logs and KQL.
- •To protect sensitive data, the team created a DLP proxy that pseudonymizes outbound data and restores it on responses so the LLM never sees real data.
- •V1 (regex with bracketed tags) caused syntactic hallucinations and entity fragmentation, breaking queries and accuracy.
- •V2 combined regex and spaCy NER with structured, realistic pseudonyms and registered both full emails and usernames to handle partial references.
- •V2 exposed a loss of critical context (geolocation, typosquatting cues, internal vs external) that hindered security reasoning; the team plans to open-source the solution.