←back to thread

Claude Sonnet will ship in Xcode

(developer.apple.com)
485 points zora_goron | 5 comments | 29 Aug 25 00:44 UTC | HN request time: 0s | source
Show context
breadwinner ◴[29 Aug 25 02:55 UTC] No.45059612[source]
It seems every IDE now has AI built-in. That's a problem if you're working on highly confidential code. You never know when the AI is going to upload code snippets to the server for analysis.
replies(13): >>45059623 #>>45059634 #>>45059661 #>>45059894 #>>45059943 #>>45060054 #>>45060064 #>>45060101 #>>45060121 #>>45060510 #>>45060668 #>>45061092 #>>45061687 #
1. viraptor ◴[29 Aug 25 05:22 UTC] No.45060510[source]
This is not a realistic concern. If you're working on highly confidential code (in a serious meaning of that phrase), your while environment is already either offline or connecting only through a tightly controlled corporate proxy. There's no accidental leaks to AI from those environments.
replies(2): >>45060556 #>>45060732 #
2. dijit ◴[29 Aug 25 05:30 UTC] No.45060556[source]
thanks for giving the security department more reasons to think that way.

I spent the last 6 months trying to convince them not to block all outbound traffic by default.

replies(1): >>45060765 #
3. troupo ◴[29 Aug 25 06:04 UTC] No.45060732[source]
There are ranges of security concerns and high confidentiality.

For most corporate code (that is highly confidential) you still have proper internet access, but you sure as hell can't just send your code to all AI providers just because you want to, just because it's built into your IDE.

4. postalcoder ◴[29 Aug 25 06:12 UTC] No.45060765[source]
The right middle ground is running Little Snitch in alert mode. The initial phase of training the filters and manually approving requests is painful, but it's a lot better than an air gap.
replies(1): >>45061052 #
5. dijit ◴[29 Aug 25 06:59 UTC] No.45061052{3}[source]
that’s what I do, but since it’s in my control the security teams don’t like it. ;)