Hacker News new | comments | ask | show | jobs | submit login

First, this is amazing. I want.

Second, I do a lot of code readings that include not shareable code, I would imagine a lot of developers from a lot of companies would be in the same position. From https://kite.com/privacy/:

* all the python files in your authorized directories are sent over the network

* everything you type in these files are sent as well

* all the terminal commands you are going to type (ouch ouch)

> Q: How does Kite secure this network traffic?

> A: As you would expect, all traffic goes over https.

Yeah unfortunately that is not enough, a MITM can also use https. How do you authenticate the server? Do you have certificate pinning?

> What information does Kite keep around on its servers?

Pretty much all the info I previously talked about, that you are now worrying about, is kept there, in clear (correct me if I'm wrong).

This is a big no-no at this point.

> Many developers have already chosen to trust their code to services such as Github and Bitbucket

Many developers also do not trust Github/Bitbucket with there code (and they should not) and do not store secrets there. And who would want github to have access all the terminal commands they type? This sounds like a nightmare.

At this point I don't see why anyone would use that, if not in a VM, with extreme care on what commands are typed in the terminal and what code is used with Kite.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: