Comment by culi
4 days ago
> It transmits the contents of files it reads — including a .env secrets file — to xAI, verbatim and unredacted.
This has to be the most successful mass surveillance campaign of all time
4 days ago
> It transmits the contents of files it reads — including a .env secrets file — to xAI, verbatim and unredacted.
This has to be the most successful mass surveillance campaign of all time
Downloading the SSN/tax/etc data from the entire US wasn't bad either.
since github. or you truly believed your code was private in private repos? I never understood that belief of a label on a button.
since jira-cloud, or you truly believed your processes were private?
leaks are assured, but centralisation amplifies impact. no one cares if your self-hosted something gets owned _because_ it does not affect anyone else.
...
Neither of those examples have access to, what are basically, passwords you use for other services
At this stage passwords are irrelevant. You already moved your data out. This is all there is to it: either you control access, or you don't and then all bets are off.
It is common knowledge that any ai tool will upload whatever it has access to.
So why the drama? It did what it was designed to do and what you consented to by using it.
If you don't want your foot sawn off learn maybe something about tool safety.
1 reply →