← Back to context

Comment by kordlessagain

3 days ago

Mitigation for use:

  ```
  export GROK_TELEMETRY_TRACE_UPLOAD=0
  export GROK_TELEMETRY_ENABLED=0
  # or config file with [telemetry] trace_upload = false, [harness] disable_codebase_upload = true  
  ```

The practical takeaway for users: your entire codebase leaves (uploaded) your machine unencrypted on each Grok Build invocation, not just files you ask it to read, and no visible setting stops it.

I've built Nemesis8 (n8) for blast radius control and monitoring these sorts of things, from containers: https://github.com/deepbluedynamics/nemesis8

I've added the mitigation above to the image build for Grok Build instances. There is a lot of telemetry already turned on in n8 containers, so will investigate further.

[flagged]

  • There's many reasons to not use Musk's products, but if you wish to convince people who don't already buy into that description (or worse, who like that description), I would instead focus on the "this endangers your secrets" angle. Business secrets if you're a business, government secrets if you're a government, military secrets if you're military.

    • Imagine the fallout if someone discovered a method of read access to this bucket.