Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Do You Trust Grammarly?
69 points by hubraumhugo 4 months ago | hide | past | favorite | 98 comments
I just received an email from them with many stats about my writing over the last week. It's pretty scary to see how much tracking they are doing. Do you trust Grammarly? Are there any good alternatives?



I'm not entirely sure I can eloquently put it into words, but I cannot see how Grammarly could possibly be trustable or even how trust should play a role in the decision to use it.

I mean it's a service that basically tracks every word you write, and does so for what I consider a very small benefit. Even if you can trust Grammarly to be completely ethical today and in the future, no service can claim that it's completely secure from hacking.

All OSes have what is essentially the same service as Grammarly, without having to stream every word you type to a third-party service.


Maybe for you, I am dyslexic and my writing sucks. Even in my mother tongue, let alone English. If I need to give a good impression, I rely heavily on Grammarly because it can reformulate sentences in a way I never could.

Yet for sure, I do not use it for anything sensitive or for work purposes. I do not really trust them.


Can you not use a desktop software to correct your spellings, fix your grammar and reformulate sentences? I think even something like Microsoft Word is going to be a good bargain for this. If you want a free tooling Emacs with some plugins can be great. A quick search gave me https://simpleit.rocks/lisp/emacs/writing-in-emacs-checking-... Exploring this space may give more results for free tooling that runs your desktop and sends your data to noone.


Pretty sure the grammar / spelling correct is still miles away from grammarly (at least last time I tried it)


Grammarly is easier to use than Emacs.


Came here to say exactly that. No reputation could be stirling enough and no security practices tight enough to convince me that ANY entity should be receiving EVERY SINGLE KEY STROKE that I make in my browser.

I would not send all that data to the Red Cross, much less a fucking fly-by-night browser extension company that has no choice but to monetize it.


>All OSes have what is essentially the same service as Grammarly

Not all of them! Excluding Ubuntu, and stuff like package management management and heartbeat is-the-internet-up pings, Linux doesn't phone home about anything, let alo--

>without having to stream every word you type to a third-party service

Oh, you mean the spellcheck part. Right, right, yeah.


> All OSes have what is essentially the same service as Grammarly, without having to stream every word you type to a third-party service.

Starting with Windows 10 Microsoft has been keylogging for the same reason and saving the data for themselves to use for whatever they want. I'd consider that a 3rd party personally.

http://www.renegadetribune.com/windows-10-quietly-logging-ev...


All automated "writing & style" tools are for people who can't write and have no style. If that's you, great -- better to use the tool than not.

Otherwise, everything -- from Word's style tips, to these online tools are the death of authorial voice.

I mean to write precisely what I say. Not "to write what I say" because that's "more concise and easier for the reader". Precisely what I say, because that's more evocative of my frustration.


They also help a lot for people whose native language isn't English.


I think that’s a major use case.

Even if you are a native speaker, these style and grammar tools can be educational and and improve your writing confidence (and catch small mistakes we all make).

Of course, accepting all the suggestions isn’t the right way to use language tools. The rules are applied mechanically, without taking intent into account.


I am not a native speaker, and I use Grammarly to ensure what I want to say is at least grammatically correct to the reader that I want to impress.

And I would say even for native speaker, not only a tool like this is for educational and improve one's own confident, but also demonstrated you care about your reader. I have lost counts on how many typo/grammartical mistakes I noticed when I read company internal wiki written by native speakers.


just put this sentence through a few grammar apps for comparison.

grammarly:

> And I would say even for a native speaker, not only a tool like this is for education and to improve one's confidence, but also demonstrated you care about your reader.

languagetool (didn't recommend any changes)

> And I would say even for native speaker, not only a tool like this is for educational and improve one's own confident, but also demonstrated you care about your reader.

quillbot:

> And I would say even for native speakers, a tool like this is for educational and improving one's own confidence, but it also demonstrates you care about your reader.

gramara (an app I made):

> And I would say even for a native speaker, a tool like this is not only meant to educate and improve one's own confidence, but also demonstrate that you care about your readers.


I think that might have been the original use-case for Grammarly. The original developers are Ukrainian.


> All automated "writing & style" tools are for people who can't write and have no style.

The target market for these tools is professionals writing english as a second language.

A tool that can spot and let you fix minor 'it sounds wrong' issues ("big orange cat" vs "orange big cat") can be a confidence-booster if you're e.g. working at Google's Poland office, but doing all your professional work in english.


That's not the only market for Grammarly. Their incessant Youtube adverts are targeted at native speakers who just want to write tighter prose. I definitely think it could help with that, though I agree it would be more useful for non-native speakers.


Huh. I find editing to be almost as important to my writing as my writing itself.

I don’t just want my voice to be communicated, I want it to be understood. Sometimes that means automated grammar checkers.


You're assuming a oot about the people who use these programs. If you wanna hate on the program itself, sure, be my guest. But, please, don't insult their users. It achieves absolutely nothing, and only makes you come off as rude and presumptuous.

A large audience for these types of tools is people for whome English is not their first language (this includes me, so please forgive any spelling/grammar mistakes you may find). This audience may be very eloquent and stylistic in their native language, but learning languages (especially when you have passed your teens) is hard, and sounding professional and sleek requires a lot more effort than you might think.

Here's where Grammarly comes in. It reformats your sentences to be more consistent with your projected attitude, removing a ton of work for some people.


I'm sorry but I agree with the essence of the TP on this. The best way to learn grammar and style is to develop your own. Regardless if you're writing in your first language or not, getting a good command of a language is going to come from personal effort, not relying on some piece of software to correct you.


It really depends on how one uses the software. If it's used as a learning aid to reinforce certain patterns (eg. "I went to office" -> "I went to the office"), it's fine in my opinion. After all, everyone started as a beginner.

If it's used to fix whatever ESL word salad one writes, without using the corrections as a hint to improve one's command of the language, then I agree with you.


I found the comment slightly witty, not insulting. I mean, you have to be able to take (or get) a joke!

I know plenty of people for whom the tool is really useful -- my foreign-born wife for example. But were she to limit her native expression with the same kind of "simplifying" that the tool offers, I am sure she would not be perceived as having any kind of personality at all.

For me, when I write -- and I like to write -- I choose to break convention often. The tool frustrates me and wastes my time. Sure there is an audience for this, but I don't want to sound like everybody else. That's MY attitude.

...and reading the comments does make it sound like a key-logger ... so no, I can't say I trust the extension.


> All automated "writing & style" tools are for people who can't write and have no style.

I haven't used Grammarly but this strikes me as class HN "I don't make mistakes" hubris. Have you never used a thesaurus?

> I mean to write precisely what I say.

I assume you were making up that suggestion but "I mean to write what I say." is would be a good improvement, and it's only a suggestion anyway.


Something of a nit, but wouldn't it be both more accurate and "precise" to say:

   I write what I mean to say
Rather than:

   I mean to write what I say
The former implies that one is expressing themselves as they wish, while the latter implies that one wishes to do so but may or may not be doing that.

As I said, it's something of a nit I'm picking, but the meanings are pretty different IMHO, even if most folks would assume that both mean the same thing.


If you think

> I mean to write what I say

is an improvement over,

> I mean to write precisely what I say

Then you haven't understood everything I meant to say. The mood in which I write is part of what I write. To remove it is to communicate less.


> Have you never used a thesaurus?

I'm not sure exactly what you're implying with this rhetorical question but, for the record, I wouldn't expect a well-educated native speaker to use a thesaurus.


Really? I am a native speaker of French, well educated, with top marks in French and Philosophy (our "advanced French courses"), taught French abroad, member of a jury in the French Language Olympics, ... what have I forgotten, ah yes, father of two who was forcing them under torture to write, read and speak proper and varied French.

And yet I do use a thesaurus from time to time, as well as a dictionary of antonyms.

And a simple dictionary as well.

Maybe your language is simpler, or you have a better memory/education.


That's a very strange opinion. This sure sounds like "I'm smart enough to do it without any assistance!" ego wanking.

I see it all the time on here about IDE features like autocompletion. "Why would I need that? I'm smart. I just memorise the entire codebase, don't you? Your intellect is laughable."


It's not an opinion; I'm simply stating a fact about the cultural background from which I come (British middle class). It will sound snobbish/arrogant. I make no apologies for that - I'm just offering it as a data point in case it's helpful to the conversation.

In British middle class society, where people have attended "good" universities, you don't use a thesaurus. It would be looked-down upon.

Incidentally, what do you use a thesaurus for? Is it when you've forgotten a word, or when you want to discover new words that might be apt?


Someone who is a very good speller benefits from a spell checker, because he or she isn't necessarily a perfect typist. Even if you make one typo in 20,000 words, and the spell checker finds it, there is value in that.

Grammer checking is just extended spell checking. You could have great style, but gaffe something; use some combination of words because you were tired or distracted, or you made some bad edit, half of which was scrolled off the screen or whatever.

You could ignore most of the tips, but once in a while it could be that the suggestion you get from the software is exactly the words you wanted to write, but somehow fumbled. That's clearly valuable, and in a way that isn't dictating style to you.

Sometimes spelling errors cause grammar errors. So unless you're a perfect speller and typist, a grammar checking tool might be the one which actually catches your typo. This is because a typo can produce a dictionary word, or words.


https://languagetool.org for sure. Europe-based, can host your own server. Plus, it's the only one that doesn't seem to eat my Mac's battery.

Some (might be all, actually?) parts are open source as well.


Their cookie consent form already breaks a bunch of rules by being very much opt-out first instead of opt-in for alle the marketing and tracking cookies.

This doesn't give me a good feeling that they are focused on privacy.


>https://languagetool.org for sure. Europe-based, can host your own server. Plus, it's the only one that doesn't seem to eat my Mac's battery.

>Some (might be all, actually?) parts are open source as well.

I was pretty impressed with languagetool and set up my own server (as I'm not interested in sharing with random strangers).

I used it for a while (local server, Firefox addon), but haven't used it for a while.

Yesterday I noted that the Firefox addon was chewing a goodly portion of CPU (perhaps because the local server is down?).

As such, I removed the addon and won't be going back -- not because languagetool is bad, it works quite well actually -- but because it didn't add enough value to me (note that only applies to me) to make the CPU load worthwhile.

That said, I heartily recommend self-hosted implementations of languagetool!


That looks good, thanks for sharing! Haven't heard of it. Intentionally never used Grammarly because it feels sketchy to run some keylogger.


Found them on HN randomly a year ago. I'm surprised Grammarly is still tolerated in most companies with their data collection policy.

A big bonus that LanguageTool has, is the seamless language switching. I can mix Czech and English texts and get right corrections for both.


Might be worth submitting separately on HN :)


LanguageTool is useful, I self-host it in Docker and use the VS Code extension to integrate with it, since I do most of my writing in markdown (including Dendron for my note-taking).

Even with a degree in technical writing, I still find it helps. I overuse passive voice and unnecessary words, and LanguageTool flagging them as I write is useful.


Is it possible to use languagetool in any application, such as grammarly?


How can you run it on your own server?


Either what dewey said in his comment, or more direct link https://dev.languagetool.org/http-server


Just before you fall into the same trap I did of setting a self hosted version be aware:

The free self-hosted version you can download from https://languagetool.org/download/ lacks all the premium rules (several thousand rules for English, German, French, Spanish and Dutch) and AI-based rules.[1]

My suspicion is the basic self-hosted version may no better then what you would already get in something like LibreOffice.

[1]: https://github.com/languagetool-org/languagetool/issues/6750


> My suspicion is the basic self-hosted version may no better then what you would already get in something like LibreOffice.

The free rules are pretty good IMO, I never used Premium and free was already on Grammarly’s level when I switched many years ago.


Ah okay, so... either you get a simplified version or you have to put up with the same issues as Grammarly?


For developers who already have Docker running on their machine. I can strongly recommend running it locally with e.g. Docker Compose.

Safes effort with maintaining an installation and keeping the background process running. Plus, it also works when network connectivity drops.

https://github.com/Erikvl87/docker-languagetool/blob/master/...



Grammarly suggested that I change "object-oriented programming" to "thing-oriented programming." How competent do you think their data team really is?


It also repeatedly changes Smart Contracts to Intelligent Contracts.

I wish this were true.


would unintelligent contracts be better? (I kid I kid) :)


significantly better, depending on context


Gosh, unless 'object' is actually incorrect, there is no context in which 'thing' is better...


Maybe if you have a few "objects" in the sentence already


Hahah hilarous


No, I don't trust Grammarly one bit. I think there was even a question in their FAQ asking "are you a keylogger?". The answer went along the lines of "No! Absolutely not! But also yes."

My team still uses it despite my attempts to get them to do otherwise.


The way IT security has been (mis)handled by firms large and small, it’s just a matter of time till Grammarly announces a system breach and uses corporatese to hide the true impact and what was lost. When companies in highly regulated industries (like finance) get away with hardly any punishment, I’m not sure what kind of actions or threats of actions would even be effective against an unregulated company. Yes, reputation matters, but I’ve seen that cost is the main concern for many companies.

I wouldn’t trust any company with sending every keystroke (almost) to the company’s servers. That’s why on iOS I don’t use any custom keyboards, and even if I try any, I don’t give them “Full Access” (which means it can send the keystrokes over the network).


I'm wondering if anyone has done a GDPR data request against them to find out exactly how much personal data they are keeping long term.


You could almost view it as something close to a keylogger for one's own consciousness. I wouldn't trust them with my half collected thoughts, doesn't matter where their intentions lie with regards to selling said thoughts to advertisers. That's not even the worst thing that could happen with such a trove of data.


I work at Grammarly. The weekly insights are meant for our users to see their writing improvements over time. These calculations (such as the number of words written) remain linked to your account, but the text you write does not (unless it's a document you've saved in the Grammarly Editor). This calculation is updated continuously throughout the week as you write more text with Grammarly. Users can see all the data that Grammarly has stored on them by submitting a personal data request from their account hub (https://account.grammarly.com) under "Security."

I also want to note that we don't make money by selling user data (never have and never will), which some of the messages here seem to imply — we do it by selling subscriptions to Grammarly Premium and Grammarly Business. We process text to be able to provide the service. More here: https://www.grammarly.com/trust


See, the issue isn’t what Grammarly stores, that’s a sensibility defined policy. It’s what I would send to Grammarly that prevents me ever using it or any service like it.

I don’t care how little data you’re storing. I type passwords into my browser and as a software developer I will never be sufficiently confident that you aren’t accidentally getting sent username and password box text even if you tried your damnedest to avoid it. The problem is you’re a keylogger. Ostensibly one with a positive reason your customers install you, but you fundamentally are a keylogger.

I cannot trust such an application… ever.


Our product is blocked from accessing text fields like password and credit card number fields (you can see this because Grammarly clearly does not activate in those fields). You can see what Grammarly is processing by the presence of the Grammarly widget, and you can turn Grammarly off at any time if you don’t want it to check a particular piece of text. It works where you want it to work to provide writing suggestions to you, which I understand just may not be for you (and that's OK).


My point is more that since even my password manager occasionally has trouble identifying a password field to let me automatically fill in the passwords I have stored (this being representative of the challenge of correctly identifying such fields) … I can’t necessarily trust Grammarly to always correctly identify a text box as a username or password field or credit card field no matter how hard you’re trying to avoid this sort of thing, the only safe way would be manually activation and deactivation. Or explicit selection of text to be sent to Grammarly. But regardless of that, when my Operating System has a safe one I can trust is (for now at least) running locally (macOS) it’s hard to justify the risk of accidental exposure of sensitive information to Grammarly such as Personally Identifying Information about clients and other such business and legal risks which goes way beyond a simple matter of passwords.

Grammarly is a security risk, and while I’m sure you’re all working hard to mitigate this as best as you can, you cannot eliminate certain fundamental security risks that are inherent in sending blocks of text to a third party, even manually sending a block of text contains a small level of risk that it could contain information you forgot (for a large block like a document) or included by accident without noticing (for a small block) and so it just cannot be eliminated.


Absolutely not. There was a point in my career where I was paid (pretty well) to be a writer. Grammarly was routinely off the mark, often hilariously so.

Grammarly has difficulty correcting even basic grammar mistakes. I would never trust for anything beyond being a basic spellcheck and last minute hygiene check before you hit publish.


Grammarly is banned by my employer and plenty others I imagine. I’ll let that speak for itself


It is essentially a keylogger, seems like most places with any security concerns at all would ban it


Yeah - at my job as well, not to be trusted it seems


The best alternative is a copy of Strunk & White and/or a colleague who has one. It is really quick to read cover-to-cover and understand, and it will make you a much better writer of everything.

No, I don't trust grammarly. On top of the surveillance, it often makes grammar mistakes!


Well its a great tool for non native English speakers. It helps them on correcting a lot of basics and build confidence once you get feedback.

But I am not sure of the correctness in the advanced stages.


We permit use of Grammarly only using the stand-alone app or website, and only for content that doesn't contain any personal data & isn't security critical, e.g. blog posts, etc.

As others have said, the browser extension is an unmanageable security risk and we prevent its use and installation.


If you dont mind me asking, what tools are you using to control browser extensions for your users?


We're mandating use of Google Chrome across the org and use the Chrome Enterprise features to force installing (ad blocker, 1Password) and block (Grammarly amongst others) extensions: https://support.google.com/chrome/a/answer/9296680?hl=en

I'm not entirely sure if it's a feature that only comes with Google Workplace, but as part of the Workplace admin interface we get a nice UI for managing all of this.


Think of an adversary government (e.g China), and then ask your self that same question if Grammarly were headquartered there.

... then ask yourself why you think country of origin even matters when it comes to your privacy given the past 20 years of both government and corporate surveillance.


I don't trust any cloud provider I don't pay, and those I do pay I don't trust either.


NEVER. I would happily pick bad grammar over using Grammarly.

Where do you write that doesn't have the grammar correction built in from the OS? If I ever want to check my grammar or language (this is quite rare), I just write it out and then put it in some online grammar checker like QuillBot. Works well for me. I have trust issues

EDIT : I would happily try out some self hosted ones though. I will keep going through the thread here.


I've been thinking about this problem and this is my thought process:

1. A tool like grammarly is super helpful for the majority of non-english speaking population. So, this is not something like Facebook that we can just ignore and boycott. This is a truly useful category of tooling.

2. But, sending everything that the user types over wire and predicting with a heavy model that can only run on massive servers is evil.

3. The only viable alternative is either come up with a tech that encrypts data over wire, such that sentences cannot be decontstructed back at the server, but knows what indices in the client string. should be replaced - I'm not even sure if something like this is possible.

4. Just ship the entire model to the edge, so that no data gets transferred. Google has managed to ship a light-weight model to its Picel devices, apparently but I'm not sure effective this could be: https://ai.googleblog.com/2021/10/grammar-correction-as-you-...


No, I wouldn't trust it to not log everything I type. I also think that there is value in practicing your writing skills.

I know this will sound very entitled, but it also sort-of bothers me how such tools might make everyone's writing, even with poor writing skills, look uniform so that it is harder to read between the lines and know what kind of person you're dealing with...


I have no experience with the company beyond the by now likely 1000 highly irritating ad videos they have thrown at me, making it unlikely I ever would want to have anything to do with them. I also fail to see how a glorified spell checker adds anything of substance or real style to ones writing, so I'm happy sticking to my locally installed spell checker.


I feel like a good alternative is regular old spell check and some humility in understanding we all make grammar mistakes and are here to learn. We were fine without a network connected snooping “grammar” bot. Consider not using stuff like this.


Recent (5 months ago) HN discussion (293 comments) about Grammarly here:

Is Grammarly a keylogger? What can you do about it?

https://news.ycombinator.com/item?id=30470457


I've never even looked into Grammarly but I just assumed that they'd store everything I type. Not even worth looking into for the sake of my security.


It is very obviously some intelligence agency op.


No. I only ever use it as a last resort when I need some non-sensitive text double-checked. And by “use” I mean that it’s installed as a keyboard app on my smartphone (where I believe I can keep its possible logging activity to a minimum), but not used as an actual keyboard, only as a grammar checker to be activated whenever and wherever I need it.


Absolutely nope. Giving Google (smartphone) and Microsoft (work laptop) total access to anything I type on my keyboard is already difficult to swallow.

Also, because I developed some sort of gag reflex when I see anything related to them after being forced to watch their ads repeatedly for months.


> Do you trust Grammarly?

Replace 'Grammarly' with 'a keylogger'.

Would you trust it now?

Are you absolutely sure that it would not 'spell check' your master password and send it over to their servers without someone else looking at them and what website, field you were typing it on?

Now would you trust it even more?


It's just such an incredible tool that I have to trust it. The vscode plugins is such a time saver from writing docs or LaTeX. Still wouldn't use it for really confidential stuff. Their terms of use are also a bit... suboptimal.


They have way to many online ads for a reputable service. Like that fake adblocker (which must be fake, because why would an Adblocker advertise on the very medium it's working against?) and all those VPNs.


Yes. The only stuff it really sees is what I write on HN/Reddit/RyanMercer.com and papers I'm writing for class. 95%+ of what it sees me write is already public domain.


If I may suggest, there is a solid tool called "Antidote" that does French and English, has a dedicated app and a chrome extension. It got me through my master.


No.

Consider buying a copy of The Elements of Style by EB White and William Strunk Jr. It's a tiny book that you can read cover-to-cover over a weekend.

Apply the concepts in the book.

You're all set.


No, I switched to https://languagetool.org/


I always think of them as a helpful key logger. /s


I trust it more than I trust myself to spot issues.


I use them, but I don’t trust them.


I feel that trusting Grammarly is like trusting GitHub will not leak your code in private repository.


How so?

It’s in the interest of GitHub’s business not to leak private repositories. People give them money for the product.

Grammarly is a keylogger masquerading as a free writing aid. Fundamentally fishy.


It's Free-mium, not just free, just like Github. They actually have a business model, and that includes a stripped-down version that they let anyone use for free to tempt them into paying for better stuff.

So it's also in their best interest not to anger their paying customers.

Edit: That doesn't mean they won't, or that they should be trusted, just that they have similar motivations to Github.


One of my first introductions to tech was installing a keylogger to see how it works

I've been avoidant of anything that does similar since, it really shaped my view of privacy instantly seeing (all my own) passwords, private messages, heck even delete and tab key presses, everything being dumped to a log file in real-time.

Imagine if they got hacked.

tldr: too creepy for me


no I donut.


of course not!


no.


I trust them to send themselves a copy of everything I type.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: