Probably not. Which means - work phone should be entirely separate from your private device, not a dual sim.

Have your work phone forward messages etc to your private device if you must, but enforce the hard boundary yourself if IT won't won't provide you with separate device.

It was a localsend / dropbox alternative. I'll see if I can find it. I doubt it was removed... I suspect the dev didn't want to deal with the pile on and deleted it.

Anything else? Would you like to see passport and blood tests too?

"Make it my way or you're concealing something" is a wildly self entitled take.

Your computer, your rules? Fine.

The part I don't buy is "closed source = compromised author with ulterior motives" and "engineers who don't prioritize FOSS are untrustworthy." You're automatically assuming mal-intent when there are 1000 other reasons why something might be closed source.

Maybe the code is ugly and the dev is embarrassed. Maybe there are dependency licencing issues. Maybe they want to get paid without you forking their shit. Maybe they don't want to deal with support and PRs from people who paid nothing but expect everything.

"Open source it or it's suss" is not a privacy argument, it's a purity test in a trench coat. And here's what it looks like in practice - a dev ships a no-account, no-tracking, Tor-capable file sharing tool, and gets told it's "spam" and "malware" for not being open source:

https://vger.to/lemmy.dbzer0.com/comment/26565282

https://vger.to/lemmy.dbzer0.com/comment/26561235

Prefer open source? Sure. Support it? Of course. "Demand" it as some sort of fealty oath? Yeah, nah.

If you don't want to use something, don't. Maybe stop accusing others of being secret agents because you don't like their license.

Already here

https://opencode.ai/go

Well, if you're old enough to remember that, you're also old enough to remember they did create the PS3 super cluster not long thereafter.

https://www.military.com/off-duty/games/2023/02/17/air-force-built-one-of-worlds-fastest-computers-out-of-playstations.html

(Would have likely kept at it too if Sony hadn't nerfed Linux on PS3 with firmware patch)

There's usually a grain of truth to these things, IMHO. I doubt Fable was going to become the next paperclip maximizer, but obviously there's increasing risk with increasing capability.

https://cybersecuritynews.com/hacker-uses-claude-and-chatgpt-to-breach/

Could this whole thing be some admixture of truth, bullshit, PR and politics? 99.999%. Still, let's not pretend it's not an emerging issue.

That came out 25 years ago?

...

Fuck.

Are you asking a technical question or a moral question?

Pragmatically - IDGAF. If I have it on the ssd, I'll watch it there. If I need to download from torrent or usenet and then watch it, cool. If it's easier to use CloudStream (for some transient series), no problem.

I tend to keep a corpus of movies / shows on my ssd because it's always there, always reliable, always fast. I have stuff that's just not easy to find online any more and multi-tenancy / bandwidth are no issue. I can throw it in my bag and watch it wherever, even without net.

It's also agnostic. Not every pirate streaming app works on every device. OTOH, samba share / sftp pretty much does. Tonight I streamed stuff onto a OLPC X-O4...good luck getting fmhy to work with that - it can't even load YouTube directly but stream stuff off the router just fine.

I don't use JF much any more (prefer ssd plugged directly into router, accessed via NovaPlayer on android devices; files uploaded to via ftp transfer - yes, very 2010) but I think its pretty amazing. Cloudstream and fmhy are amazing too. Use what works.

Cmon now...leaving Agents.md in the repo is bush-league :)

You can bet your bottom dollar if the claude.md or agents.md hasn't been added to the gitignore, then it's -

1. intentional

2. actual slop (which you can more easily tell in 2 seconds of looking at the readme.md)

didn’t say it has to be a tag, what I had in mind was a simple disclosure in the post description explaining how you used AI

Same issue before though, be the actual disclosure a tag or a statement.

I do take issue with inexperienced developers that create privacy related software without proper knowledge of what their code actually does (AKA vibe-coding) and going around promoting it as "privacy-friendly" and "secure" while that may not be the case.

Slop is galling for sure but if we're talking about trust...well...why trust anyone based on what they say (or don't say)?

"Trust but verify" means I still verify. If the thing is mission critical or important to you, then you SHOULD verify, always. Hell, if the threat profile is high, sandbox it and sniff the packets it sends.

Personally, I think you having to look at the porn I look at is sufficient punishment for snooping on me :)

Some of this is social engineering. "I have nothing I want to show" works even better when I literally can't (because X isn't on my phone or Y doesn't run on my PC)

Maybe there are better ways to go about this though, which is partly why I created this post.

I think so.

Beyond the obvious slop (which is exceedingly obvious), you're going to waste a lot of cognitive bandwidth trying to sniff out AI.

May as well assume AI is used by default and then do the due diligence on the privacy aspects that are of concern to you.

That holds true whether the project is hand coded or AI assisted. If it's important, poke it.

Assume all software is "guilty until proven innocent"

But please don't fall into the FuckAI mindset because llm=bad.

Most devs aren't going to perform contrition for AI use to appease vocal minority. They're just not. There's no up side for them and it reads desperate.

I'm happy to tell you if asked because IDGAF if you use my shit or not. If I'm sharing it, it's free, open source and shared out of love. I have no brand or portfolio I'm trying to boost. If you can't see the USP, it's probably not for you - and that's fine.

It also usually means I made it for me first, so I'm probably not out to steal bitcoin or nudes. Still, do your own due diligence and poke it. I would.

OK, seeing you asked for pushback.

TL;DR: Tool disclosure is a poor proxy for doing your own due diligence.

"Forced disclosure about AI use in projects" sits sorta funny for a privacy based group, doesn't it? Kinda "Papers, please". Smells bad.

How would you even verify "did this project use an LLM" anyway? If I don't disclose, what's the back up, pistols at dawn? Read the code (if available), or get a third party checker...like an LLM? Do you have capacity to audit? Or is it just "trust me, bro" (which if you're actually concerned about due diligence, isn't enough).

More to the point: disclosure tag doesn't change whether the code is accurate, safe or good. Shitty code is shitty either way, so the tag doesn't touch the actual harm you're concerned about.

What it does do is create two classes: labeled projects get extra scrutiny, unlabeled ones get a free pass, "no disclosure, must be hand-written, must be fine." Backwards. Honest disclosure gets tarnished as slop, staying quiet gets rewarded. (Go check self hosted right now for such an occurrence).

Better footing: assume ALL software in 2026 has had AI assistance, and review it on its merits.

There are better quality signals than hand on bible "are you now or have you ever been" oaths or performative humiliation for the FuckAI crowd.

For what it's worth, I use an LLM to write code because I've got osteoarthritis and typing all day isn't free. But if you think that means logging into Claude and telling it "make this for me, no mistakes", you couldn't be more wrong.

I define the project, I pseudo code it with pen and paper (hurts my hands less) I scope every ticket (yes, I make the llm go thru 3 stage ticket review), I review outputs, I smoke test and I even call in outside reviewers to spot check sometimes. I'm an absolute bastard to it in QA. I do that because when I'm done, I can stand in front of it and honestly tell you I made this, even if my fingers didn't type most of it. And if it's fucked, that's on me, not "hallucinations".

So, what box do I tick - "AI-assisted"? "Vibe slop"?

That tells you nothing about who's accountable or how it was made. It carries no nuance and silently resolves to "ignore this one, a robot wrote it," ... which is backwards for projects where the human did more QA than most "fully human" teams ever do.

As always, ICBW and YMMV.

Worth pointing out the OAI is US based too. And Mechahitler. And Google. All at the whims of US govt

Use em if you must (the OAI honeymoon deal - with generous Codex use being included on basic subscription - is hard to beat) but remember...the cloud is someone elses computer...and you especially don't want mission critical shit on someone elses AMERICAN computer.

OpenCode is probably the best serious cloud competition to the big 4. $10 month.

Latest versions of GLM, MiMO, Deepseek, Kimi ain't nothing to sneeze at

https://thomas-wiegold.com/blog/opencode-go-review/

https://opencode.ai/go

If someone knows better cloud deal, speak up. Else, local Qwen uber alles.