I host other stuff, but isn’t email a pain to get working and not marked as spam?

I dont hope to find a secure email platform anymore. If i have some info i want to protect i can encrypt it myself before sending, or send it via some secure instant messaging like signal. Email is too hard to make secure, and in he end of the day, the other person youre talking to probably has a gmail or something. Its not worth the hassle imo. There are other ways to have secure communication, outside emails.

Absolutely fair! The other commits in that tree for the .cursor folder match existing contributors. This unchanged PR and this unchanged PR both contain the same structure. This tree comes from this unmerged, closed PR which also matches. This closed issue, commented on by maintainers, references this tree which corroborates the other unlinked commit tree. (Edit: I stopped because I got bored; see the other unchanged issues and PRs that show a rewrite of history)

Attribution is never 100% especially when APTs are concerned. I am confident when I say there is way more evidence here showing the files officially exist and were officially part of the tree than many of the very confident yet unconfirmed APT attributions we actively rely on.

Then do care to look for? There are PRs, there is a dev that approves changes. It’s stupid to resist agentic AIs when they boost productivity by a lot.

He’s a Wikipedia editor that abuses his power. Look him up.

Maybe they did the git stuff for some other reason. I mean the files are still there 🤷🏼‍♀️

I’m a bit tired of the Proton employee bumped into a tourist and didn’timmediately say sorry sort or posts about proton.

Just because you think calling out murderers is xenophobia doesn’t make it so, much like in this case

It’s not.

make a directory, init a git repo, start claude code in that directory, feed it a prompt (a good vibe coder will utilize another LLM to write them the prompt), then hit shift+tab a couple times, got watch youtube.

that’s vibe coding.

No the “definition” (loose term because it’s based on one guys tweet hat invented the word) of vibe coding is to don’t read the code, accept any changes and code purely of vibes.

OK Luddite

Is M$ stuff provably e2ee? Is Proton a publicly traded company? Does M$ have even close as good a track record as Proton? Are most M$ clients OSS?

Edit; Proton isn’t perfect, not by a long stretch. I’m not stanning them either way, but being alarmist and giving in to mob mentality is counterproductive.

For me they just offer the right balance of being partially OSS, strong privacy and strong security that I can pragmatically “overlook” things even as a leftist and free/libre “hardliner” (as I already mentioned: the pragmatic kind. I don’t see a point in using Linux-Libre and am ok with proprietary blobs or “tainted” packages for codecs necessary for piracy if there is no alternative and if they don’t cause active harm (as in “phoning home” or shit like that. Linux-libre is a detriment to your security BTW)

I use it with the full knowledge that they will start to track me and share my IP with Europol if they come with a warrant. (They are unable to comply with anything further, thanks to their e2e architecture)

It is part of my threat model and I use it solely for private stuff.

I couldn’t care less that the CEO had one slipup praising a Republican with a seemingly good track record (although I did not investigate that matter)

And being a Luddite about AI is really counterproductive, it has arrived in our society and if correctly utilised will be just another tool used to automate or autocomplete etc.

Basically what your IDE already does but on steroids

(Disclaimer: it’s Friday and I’m tired so there is a real – if small – chance I’m being a contrarian armed with superficial knowledge. I can’t rly tell myself 🙃)

Valid answer!

tf you mean? kill switch does work, doesn’t randomly disconnect and it doesn’t really bork it for me. skill issue? guess my distro based on my pfp

Isolating the VPN into docker + gluetun should (should) solve that particular issue.

I just use plain old openvpn configs. Once my credit runs out ill switch to mullvad. They were the best option for a time, but that changes.

Yeah that’s the idea. seems like many people are thinking that either you don’t do code reviews at all or you’re writing every line of code yourself even if AI could have done a lot of grunt work.

It is a tool… It is as good as the person using it

Yea, and people are still mad about it and somehow believe people just copy paste everything without checking

I fail to see how those two options are mutually exclusive???

This is a great example since AI isn’t taking on the role of an independent software engineer here, so there is no “Jim” and this is much less of an issue than y’all are making it out to be. You know that auto-correct is also a form of ML right? Have you considered that tools can be used responsibly and that standards for software developers still apply even when they use new tools?

It really reminds me of the Mastodon mob mentality that caused so much trouble for fosstodon :/

Genuinely most of the people against bluesky/atproto haven’t looked into it further than the blogpost by Christine lemmer-webber, and just want to be eliteist about being on the fediverse.

Proton CEO did it to the company…

Signal requires a phone number… If you don’t see an issue with that… Then you live in a better place than the rest of us. I am happy for you.

Yes, and it’s one of the most important things I do. Given the AI codegen boom we’re seeing, it’s also the skill I have that is increasing the fastest in value.

Does anyone here realize that one person using Cursor doesnt mean “tHeY’rE vIbE cOdInG aCrOsS tHe wHoLe pLaCe!”

Uh yeah? You’d be stupid not to review code, whether written by an AI or a human. I don’t trust either.

Only my own code and so far most of it has been unacceptable.

Privacy for a codebase is not the same as privacy for me. Security through obscurity would be more at odds with privacy for the end user.

Are we really shitting on companies because they have a config file for the wrong editor? Sorry, a config file for the wrong editor (excluding emacs because be as prejudiced as possible against those folk)?

Do I like “AI First” editors? Hell no. But VSCode is rapidly making that pivot and I don’t know the lineage of Cursor well enough to know if it also used to be “just any other editor”. And, from a quick google, it supports local LLMs (e.g. ollama), so the “Big AI is going to have all your code” problem is mitigated…

Also, the repo is on Github. Big AI (Microsoft) already HAS all their code. And before we have “Well you should selfhost a gitea!”: If your website is public facing, it has been scraped by “AI”. And if your open source project is hidden behind ten paywalls? I am not gonna finish that joke because people get really pedantic and pissy when you try to define “Open Source”.

At the end of the day: At a project level? If active code review by qualified developers is going on, I really don’t care how the code was written. I DO care about those individual developers and their abilities as they continue to use “AI” based tools but… that is a different discussion.

I WOULD be interested in a link to the actual offending file. I’ve been part of enough projects where it was easier to just have dotfiles for every major editor because you have a wide range of contributors and no true scotsman doesn’t have one of the local vimrc style plugins running. Whereas if it is massive instructions on how to generate code, I would get a lot more worried.

But an unsourced screenshot of a discussion thread ain’t it.

But isn’t this a public repo?

Is the privacy of their code that much of an issue in this case given its a public repo? Its going to get scraped by the bots regardless.