[sillysaurus3]

True, though all the code was doing was collecting a list of installed packages and a list of file extensions you've edited. Judging by the reactions here, you'd think they were uploading your entire ~/ directory.

I'm curious how Kite got the telemetry into that extension if it's unaffiliated. https://github.com/titoBouzout seems like a fairly standard github account, though it's strange he had no commits for six months until this incident.

[eropple]

They paid him, I do believe (saw this asserted by folks who'd know and saw no contesting it).

[hsod]

> True, though all the code was doing was collecting a list of installed packages and a list of file extensions you've edited. Judging by the reactions here, you'd think they were uploading your entire ~/ directory.

OK, so you acknowledge that this was an unacceptable privacy breach, you're just a little less upset about it than some other people here. Damning with faint praise, I guess.

> I'm curious how Kite got the telemetry into that extension if it's unaffiliated.

They probably paid him.

[sillysaurus3]

It's not a privacy breach to collect the file extensions you've edited bucketed by time. (Collecting the list of installed packages is debatable.) The unacceptable breach of trust was that they tried to hide the fact that they were doing it. It was incredibly stupid to hide it, since few people would've cared if they were just honest. Now they're in the same category as paid spyware marketers.

I'd rather look like a fool and get to the truth than stay silent and let a story go half told. At least people are clear about what precisely was being collected.

[eropple]

FWIW I think that's cool and gracious of you. People don't mea culpa often.

[sillysaurus3]

Thanks for the level headed analysis. It was appreciated.