Comment by hypfer
2 days ago
People do realize that if they're doing this, they're not feeding "just" code into some probably logging cloud API but literally anything (including, as mentioned here, bank statements), right?
Right?
RIGHT??????
Are you sure that you need to grant the cloud full access to your desktop + all of its content to sort elements alphabetically?
Some do, some don't.
The reality is there are some of us who truly just don't care. The convenience outweighs the negative. Yesterday I told an agent, "here's my api key and my root password - do it for me". Privacy has long since been dead, but at least for myself opsec for personal work is too.
> Privacy has long since been dead, but at least for myself opsec for personal work is too.
Hacker News in 2026.
Paranoia is justified if it actually serves some purpose. Staying paralyzed and not doing anything because Someone Is Reading Your Data is not serving much of anything. Hint: those Someones have better things to do. LLM vendors really don't care about your bank statements, and if they were ever in a position to look, they'd prefer not to have them, as it just creates legal and reputational risks for them.
12 replies →
> The convenience outweighs the negative. Yesterday I told an agent, "here's my api key and my root password - do it for me".
Does the security team at your company know you're doing this?
Security as a whole is inconvenient. That doesn't mean we should ignore it.
So are you proud of yourself? Or why are you advertising your negligence?
"Move fast and break things"
I could spend an extra 5 minutes doing it "right" or I can get what I need done and have a 0.001% chance of there ever being a problem (since there are other security measure in place, like firewalls, api key rotation, etc.)
Even when security gaps are exploited, the fallout tends to be minimal. Companies that had their entire database of very sensitive information leaked are still growing users and at worst paid a tiny fine.
5 replies →
HN is now where I get my daily does[1] of apathetic indifference/go with the flow attitude.
[1] * dose
Sometimes I wonder how we got here. Data breaches everywhere, my 64gb of ram i7 workstation slowing to a crawl when opening a file browser, online privacy getting increasingly more impossible. Then I read HN and it all makes sense.
This keeps getting worse everyday, people are now bragging that they don't care about privacy. I know HN is supposed to for wannabe Founders, but you would still expect them to have some guardrails. No wonder everyday we hear about Data leaks.
[dead]
Is there a place where you get things that are greater and more noble than apathetic indifference/go with the flow attitude?
1 reply →
> Privacy has long since been dead, but at least for myself opsec for personal work is too.
This is such an incredibly loser attitude and is why we can't have nice things.
I mean eventually, some adversarial entity will use this complete lack of defenses to hurt even the most privileged people in some way, so.
Unless of course they too turn to apathy and stop caring about being adversarial, but given the massive differences in quality of life between the west and the rest of the world, I'm not so sure about this.
That is of course a purely probabilistic thing and with that hard to grasp on an emotional level. It also might not happen during ones own lifetime, but that's where children would usually come in. Though, yeah, yeah, it's HN. I know I know.
> The reality is there are some of us who truly just don't care.
I would challenge that, with the same challenge I've heard about how Microsoft and Google reading your email. The challenge is "ok, so can you please log me in to your mailbox and let me read through it?"
It's not that people don't care, it's most that they've been led, or convinced, or manipulated, into failing to notice and realize this state of affairs.
That’s just sad.
When choosing between convenience and privacy, most people seem to choose convenience
Obviously. Those who chose otherwise have all died out long ago, starving to death in their own apartments, afraid that someone might see them if they ever went outside.
Nice rage baiting there bro
> When choosing between convenience and privacy, most people seem to choose convenience
But they wish it would have been convenient to choose privacy.
For many, it may be rational to give away privacy for convenience. But many recognize the current decision space as suboptimal.
Remember smoke-infused restaurants? Opting out meant not going in at all. It was an experience that came home with you. And lingered. It took a tipping point to "flip" the default. [1]
[1]: The Public Demand for Smoking Bans https://econpapers.repec.org/article/kappubcho/v_3a88_3ay_3a... "Because smoking bans shift ownership of scarce resources, they are also hypothesized to transfer income from one party (smokers) to another party (nonsmokers)."
I have my bank statements on a drive on a cloud. We are way past that phase.
I send my bank statements to Gemini to analyze. It's not like bank statements contain anything too sensitive.
Some of them stupidly print the account number on them. I mean, we do had out our account and routing number to people on checks, but we don’t give checks to the entire Internet.
What! How can you be so insecure with your data?! You’re willing to upload a file you downloaded from a cloud service to a different cloud service? The horror!!
This is exactly what I expect out of…
Sorry, got interrupted by an email saying my bank was involved in a security incident.
WTF. I have a separate computer solely for personal finance, domain registration, DNS management, and the associated email account. If I didn't use multiple computers this way, I'd go back to using Qubes OS.
There has to be a way to set permissions right? The demo video they provided doesn't even need permission to read file contents, just read the file titles and sort them into folders based on that. It would be a win-win anyways, less tokens going into Claude -> lower bill for customer, more privacy, and more compute available to Anthropic to process more heavy workloads.
But I don't want alphabetical. Alphabetical is just a known sort order so I can find the file I want. How about it sorts by "this is the file you're looking for"?
Have you ever used any Anthropic AI product? You cannot literally do anything without big permissions, warnings, or annoying always-on popup warning you about safety.
Claude code has a YOLO mode, and from what I've seen a lot of heavy users, use it.
Fundamentally any security mechanism which relies on users to read and intelligently respond to approval prompts is doomed to fail over time, even if the prompts are well designed. Approval fatigue will kick in and people will just start either clicking through without reading, or prefer systems that let them disable the warnings (just as YOLO mode is a thing in Claude code)
Yes it basically does! My point was that I really doubt Anthropic will miss making it clear to users that this is manipulating their computer
1 reply →
No, of course not. Well.. apart from their API. That is a useful thing.
But you're missing the point. It is doing all this stuff with user consent, yes. It's just that the user fundamentally cannot provide informed consent as they seem to be out of their minds.
So yeah, technically, all those compliance checkboxes are ticked. That's just entirely irrelevant to the point I am making.
> It's just that the user fundamentally cannot provide informed consent
The user is an adult. They are capable of consenting to whatever they want, no matter how irrational it may look to you.
4 replies →
Ship has sailed. I have my deepest secrets in Gmail and Docs. We need big tech to make this secure as possible from threats. Scammers and nations alike.
I pray for whoever has to review the slop I've generated.