Comment by roadbeats
8 years ago
> It is unclear what Kite’s business model is, but it says it uses machine-learning techniques to make coding tools. Its tools are not open source.
I've never heard of such a thing before. Could someone explain how would they use machine learning for building coding tools ?
What Kite supposedly does is crowd-source code by uploading users' code to its server and then aggregating that data to train their ML algorithm. Then they can apply said algorithm on a specific client's code to recommend autocompletion suggestions as you type.
There are plenty of great use-cases for ML in building coding tools, but the shady manner in which Kite imposes itself on Atom users who have these plug-ins installed (which is a large portion of the user-base), leaves a seriously bad taste in your mouth.
The thing is I don't trust this explanation for a second especially as it applies to non-paying customers; they could have just as easily trained a generic ML algorithm on a publicly available data set, like I don't know, the public stuff on github.
Moreover, they could have trained their suggestions to actually be useful before throwing this out there as a feature set they thought people would want to use.
Plus then it'd make sense for people to open up their code, as a "local dictionary" of sorts that could be prioritized over generic suggestions. But at least then it would have had demonstrated value.
How much content are they auto-completing? Seems like this could easily end up with some other organization's proprietary code auto-filling inside your project. This is very dangerous; it's either only auto-completing single standard-library function names in which case it doesn't need cloud connectvitiy, or it's auto-completing actual code which opens up users to IP issues.
They use machine learning to see which code patterns follow other code patterns and then make suggests based on that. "Oh, I see you've written X. Most people who write X follow it with Y."
However, this requires reading people code that they upload to their servers. See their privacy policy here: https://kite.com/privacy.
Yes, that's the scary bit that not a single developer will/should agree with. Auto-complete suggestions for `password = ` anybody?
I wonder if it'd be possible to use their service to inject a backdoor in to someone else's code.
You just need to compromise their database and you should have access to plenty of source code running around, possibly with secrets/credentials etc - a disneyland for bad guys.