I wonder how long it will be until people's baseline assumption is that their shit is being used in this way... I genuinely don't understand how it isn't already.
My baseline assumption would be that an IDE running on my own box wouldn't be uploading my code somewhere unless it was to my own repositories. Understanding that for Copilot to work, it needs to write prompts to GPT, I'd assume it wasn't uploading anything other than the tab it was working in. Not just, like, scanning my whole drive and uploading everything. That's insane.
Maybe I rely too much on the community to red flag these things. I don't install questionable extensions. I wouldn't have tested copilot at all if it hadn't received such enthusiastic support (here, among other places). The fact that it isn't sandboxed to the document you're working on should make it an absolute malware pariah, and this is the first I'm hearing of it.
noduerme|2 years ago
Maybe I rely too much on the community to red flag these things. I don't install questionable extensions. I wouldn't have tested copilot at all if it hadn't received such enthusiastic support (here, among other places). The fact that it isn't sandboxed to the document you're working on should make it an absolute malware pariah, and this is the first I'm hearing of it.