Hacker News new | past | comments | ask | show | jobs | submit login

Be careful that's it's only open-source if you build it yourself or if you use VS-Codium (https://github.com/VSCodium/vscodium).

The VS-Code that everyone uses is under a Microsoft License and includes close source Microsoft telemetry (spyware?) and user data collection :

https://code.visualstudio.com/License/




Not sure why you're downvoted. This is a concern. In my company, I downloaded VS Code to use it with F# for a toy project. But when I saw you cannot disable all data collection, I pretty much uninstalled it.

Most likely there is no IP risk, but I did not want to go through the trouble of finding out precisely what data is collected, and/or cross check with our legal department.

Plenty of people at the company do use VSCode, so I'm sure eventually IT will simply provide it to us through their own software repository (as they do for Visual Studio).


I work on VS Code. You can disable VS Code telemetry and even disable all built-in online services if you like. This is documented on the website [1]

However VS Code cannot block the extensions that you install from collecting their own telemetry. Even if use a version of VS Code built from source, an extension that you install could still collect telemetry of its own. Same applies to most software that allows third party plugins (unless they do some serious sandboxing/capability restriction, or only allow installing specifically vetted plugins)

[1]: https://code.visualstudio.com/docs/supporting/faq#_how-to-di...


It would be nicer if they made it clearer when they inform you during the installation. All I saw was that they collect, and I can turn the setting off, but it wouldn't turn off all collections.

Anyway, thanks for the info.


I recently contributed VSCodium windows support, and IMO it's not too big of a different from the binaries that MS provides. The only few differences are the telemetry endpoints that are in the normal binary, that can be disabled through the setting, and some other MS specific branding


They state in the license that :

"You may opt-out of many of these scenarios, but not all, as described in the product documentation."

So it seems that not everything can be disabled in the settings ?

Maybe in practice they're not collecting too much sensitive data, but they could just distribute the FLOSS binary with a "Do you want to send telemetry data to Microsoft -Yes ? -No ?" at 1st lunch and if we say no then we have the guarantee nothing will be ever sent to them.

As far as I now this is what is done in Atom and I find it more clear and honest than a special license where "you can opt out but we still send data anyway".

I'm sure there no necessarily evil intentions, but still there this feeling that for once Microsoft is doing a great & successful Open Source software, they must find a way to put their own terms on it and collect user data.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: