> That means my data never leaves my device I mean, if you vibecoded it you don'...

spaceman_2020 · 2026-01-23T17:03:01 1769187781

If you want to be completely watertight, you can absolutely run an on premises model. No data ever leaves your network, ever. Some pretty good models run on $5-10k hardware

Can’t do that with SaaS

Also, I’m baffled that on HN of all places, I have to actually defend the idea of rolling your own apps and protecting your data from cloud providers

bandrami · 2026-01-23T22:48:51 1769208531

Wait of course I was assuming a local model. People aren't using hosted AI on machines holding data that they care about being exfiltrated, right?

heavyset_go · 2026-01-23T23:53:18 1769212398

> People aren't using hosted AI on machines holding data that they care about being exfiltrated, right?

If only

bandrami · 2026-01-24T00:16:54 1769213814

I work in a DFARS-compliant office and I keep forgetting the world isn't like that

flexagoon · 2026-01-23T04:18:48 1769141928

Until vibecoding agents somehow develop the capability to sign up for a cloud storage API and pay for it on their own, you can probably be pretty sure about that.

bandrami · 2026-01-23T04:56:38 1769144198

An exfiltrator would have a blind upload box sitting somewhere the poisoned prompt knows about

Temporary_31337 · 2026-01-23T13:27:29 1769174849

..so they would pay so the see the blog post a little earlier thna you do? Math doesn't work out on this

bandrami · 2026-01-24T22:25:35 1769293535

They would pay to see whatever local files your settings and skills allow the agent to see (plus whatever skills they infiltrated, something you'll have zero visibility about)

fragmede · 2026-01-23T11:34:12 1769168052

vibe code manifest.xml to disallow network access. If you're really paranoid, you can use Google search to look up the permissions names instead of relying on an LLM to do it.