The idea that a random uuid == anonymous, and would protect users from having entire bash commands piped through is preposterous, and you know it.

▲

wswope 4 hours ago | parent [-]

Cmon now — I’m a rabid privacy nut but this is unfair given the context of:

> Prompt telemetry is opt-in and off by default. The hook asks once; if you don't answer, session-end cleanup marks it as disabled. We don't collect prompt text unless you explicitly say yes.

The UUID part is just one accessory layer, and something plenty of other players in the ecosystem don’t bother to stick to.

Feels like actually bothering to ask users for consent is what got them burned here, when I’d say it’s at least an improvement that they’re asking at all. Many products don’t, and users never bother to turn it off because they don’t know and don’t care.

I think this whole UX is deeply misguided but at least has plausibly benevolent intent.

▲

staindk 3 hours ago | parent | next [-]

But your bash history is logged to vercel by default. The amount of sensitive data (PII, secrets, ...) piped via bash makes this a big issue.

	▲	wswope 3 hours ago \| parent [-]
		Ah jeez, I was missing that detail. Yeah that’s messed up. I skimmed by the “what gets sent” table and thought the bash telemetry was gated by the prompt-related opt-in behavior. Thanks for the correction!

▲

croes 3 hours ago | parent | prev [-]

Shall I share the prompts?

No.

https://news.ycombinator.com/item?id=47357042