Hacker News new | past | comments | ask | show | jobs | submit login

I am worried about a lot of common functionality in VSCode/Atom, from keyboard bindings to support for more languages, being implemented by 3rd party plugins. They are updated independently, without verification, and have full code execution and network access (and things like independent telemetry).

Am I alone in this? Are there security features that I'm missing to guarantee that my code editor isn't leaking information in 20 different directions?

I noticed in the privacy instructions that MS gives a setting to disable telemetry, but only on per project. So every time you open up a new project, it will be reporting on you until you (remember to) disable it.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact