Comment by mirekrusin
8 years ago
wtf are those guys doing, uploading source code without consent feels criminal, source code with app configs/secrets has ultra sensitive information.
anybody has a list of infected packages so others can quickly remove with `apm uninstall ...`?
Well technically you did consent by clicking "Enable Kite". I'm not familiar with Kite but the linked image has a line that says, "Click here to learn more.". I'd wager that it eventually links to a page that explains that all your source will be uploaded to their servers.
Now that doesn't make it any less shady though...
I don't really want to defend Kite, but when it says "Kite achieves this by analyzing your code in the cloud" I would assume that my code is uploaded to the cloud.
Which code is "my code" here?
My assumption from that dialog box would be that at most, the code I currently have open in my editor would be uploaded. Not all the source code on my computer.
3 replies →
This plugin helps for sites like Kite:
https://chrome.google.com/webstore/detail/cloud-to-butt-plus...
If you're going to upload potentially private code from your user's computer to your servers, you better warn him with big fat red letters before you upload a single byte.
If you don't want to defend Kite, why bother defending Kite?
1 reply →
Hiding a detail like this into a "read more" is uber-shady. They deserve all the backlash they're getting.
Funny how I now read this as Uber-shady.
This is why some data protection and privacy laws are starting to require active, informed consent before taking some actions, instead of merely specifying "consent".
Even without that, basic contract law in many places requires a degree of mutual understanding for the contract to be valid in the first place. You can't just bury a surprising term with a huge effect deep inside a long legalese document and expect it to actually stand up in court, and if you're doing something dubious and relying on that as your defence then you might be in for some disappointment.
What they did is figuratively a felony (literally a "indictable offense") here in Canada. These guys are going to go to prison. Courts have ruled time and time again that hiding unreasonable or otherwise illegal actions in ToS does not absolve liability or criminality.
Just out of curiosity, what part of this is considered illegal? Not defending Kite here, but it seems that even though they are using some shady tactics to gain users, none of their product/ToS seems illegal.
16 replies →
Makes me imagine some angry and equally shady person might contribute to some open source projects that Kite uses internally. With a ToS addition giving them access to all available data on the company network if you are Kite.
Obviously this would a be a terrible thing to do and no one should.
It does not just feel criminal, it probably is. On top of that it might make you liable for reproducing some company code without permission. Very very bad idea.