iTerm2 feature request: disable all AI-related features

66 points by merelysounds 1 year ago | 47 comments
  • mdeeks 1 year ago
    I'm really confused what is going on here with people being so upset. It doesn't do anything unless you provide an OpenAI key. Nothing is sent anywhere unless you actually run the "Engage Artificial Intelligence" command. It's roughly the same thing as asking ChatGPT, but its right in your terminal app.

    It isn't always on or anything. It's actually kind of hard to find and use.

    Is there maybe something I'm missing? Or is this a general backlash against AI?

    • stalfosknight 1 year ago
      I think people are just exhausted with the non-stop hype/frothing over AI and how hallucinating stochastic parrots have to now be stuffed into anything and everything, fuck all if it makes sense or if it’s even safe to do so. It just feels like every company / developer is racing tripping over themselves to scream “ME TOO!” with AI.

      I prefer Apple’s built-in Terminal but even I’m wincing at this new “feature” being included in iTerm2.

      • mdeeks 1 year ago
        I agree about the trend to stuff AI in everything. This one feels legitimately useful though? One hot key away from asking how to write a command in plain english is kinda nice.

        Honestly iTerm has always been loaded with features that of dubious usefulness. They all tend to be useful to someone though. This is just another one on the list.

        I think the biggest failure here was the way it was communicated. Extremely ambiguous about WHAT it actually does and any privacy concerns.

        • stalfosknight 1 year ago
          I’m not anti-AI in general. I think there it has immense potential for benefiting humankind just as there is immense potential for harm and misuse, much like nuclear power.

          I just can’t recall any other product or tech that has so many executive types and techbros frothing so intensely at the mouth and desperate to shoehorn it into everything like this.

      • upon_drumhead 1 year ago
        FWIW, it being un-configured is a dealbreaker in my company. We just received word that iTerm is now unapproved for usage, and that impacts all historic versions as well. It's overkill, but that's the stance legal is taking on it. People are having to migrate over to Apple Terminal and losing a lot of the environment that made them productive. It's really impacting us.

        While they're allowed to do whatever they want, and I'm happy for the years of wonderfully useful software they've provided, 3rd party AI features are radioactive for some organizations and the suddenness of this is jarring to impacted folks.

        • 542458 1 year ago
          So I’m confused to the logic here. You’re running Mac OS, which can call out to all kinds of external services, even from the terminal. Siri is debatably a third party AI feature itself. Why is that OK but this is toxic?
          • upon_drumhead 1 year ago
            My terminal contents are not able to be sent out. We do have Siri disabled as part of our MDM profile, and legal feels that our protections are adequate for the os layer. We're extremely limited to what software we can install, and we have os level protections on what endpoints our devices can even communicate with on the wider internet.

            Yes, it's overkill, but legal's stance is that anything that can possibly talk to a third party AI service is forbidden regardless of the other technical solutions in place preventing information leakage.

            FWIW, anything that has telemetry to third parties (crash reports, usage stats) are also forbidden, with extremely limited exceptions that legal has approved.

          • gregjor 1 year ago
            > People are having to migrate over to Apple Terminal and losing a lot of the environment that made them productive.

            Do you mean your company has people who can’t use Terminal.app at all — the iTerm2 ban means they can’t do their job?

            Or do you mean the switch to Terminal.app affects productivity in some negative way? Curious what that means and how that gets measured.

            I’ve used both and I don’t understand how one terminal emulator makes someone more or less productive — whatever that means — in any significant way. They do the same thing with mere superficial differences. Not liking how something looks or missing a convenience feature doesn’t necessarily mean less productive.

          • kasey_junk 1 year ago
            There are organizations that have very hard lines about the systems they allow. One of those lines that has recently been added in many places is “can’t integrate with ai systems”.

            Whether that implies it’s ok to have a toggle or not is frequently not up to technologists it’s up to compliance folk who may have no interest or incentive to look deeper.

            And not for nothing it’s a weird coupling. I can’t think of a single reason I’d integrate with an ai agent in this way over a more unixy approach.

            • mdeeks 1 year ago
              > And not for nothing it’s a weird coupling. I can’t think of a single reason I’d integrate with an ai agent in this way over a more unixy approach.

              The AI Agent part is a bit weird, but the "Engage AI" feature is pretty nice. Just hit "cmd+y" and type something you want to do like "Clone without blobs", or "get the last two fields from a CSV", and it shows you the command which you can then run with "shift+enter"

              • 542458 1 year ago
                > can’t integrate with ai systems

                Do these locations have no devices running Windows, OSX, or iOS?

                • upon_drumhead 1 year ago
                  No, our production datacenters don't have Windows, OSX or iOS. We have security ensuring no external devices are brought inside by techs.
                  • rsynnott 1 year ago
                    If you’re thinking of Siri and friends, those would generally be force-disabled, and those operating systems (at least MacOS and iOS, who knows with Windows these days) offer fairly robust mechanisms to do that.
                • kelnos 1 year ago
                  I wouldn't want my terminal to even have code that can try to access the network. It doesn't need it, it's superfluous, and bugs in it (or even in the code that determines whether or not it should try to access the network) could open me up to security issues.

                  And I'm not even like other commenters who have strict security needs around their work where things that can access the network need to be vetted before being approved for use.

                  I think some of it is backlash against AI though; you're probably right about that.

                  • 404mm 1 year ago
                    I think there should be a non-AI build so companies can allow this specific flavor and not ban iTerm2 completely. There is always going to be somebody using it when they shouldn’t.
                    • mullingitover 1 year ago
                      You can make calls to OpenAI's API with curl, too. Should we ask for linux distros without curl, to prevent employees from accessing AI that way?

                      If companies are that worried about rogue employee access to forbidden AI APIs, the network layer seems like a more appropriate place for those blocks.

                      • 542458 1 year ago
                        You don’t need a separate build. This has the exact same risk profile as somebody just navigating to the openAI website, and can be blocked in the exact same way, with network policy. I could see the argument that the iterm needs a more clear way to explicitly disable these features (rather than not configuring them) but I don’t think a separate build solves anything.
                      • elicksaur 1 year ago
                        Some of the comments note that just the existence of the feature means they can’t use the app at their workplace. If this was their preferred terminal, that would be pretty frustrating.
                        • tflol 1 year ago
                          yeah youre missing that this suggests all usage is suddenly being used for training. the incentive for the company is avoiding suffering the opportunity cost of not using user data for training. the aggression of this post is weirder than the aggression of the opposition.

                          edit: several rephrases of the middle sentence

                          • mdeeks 1 year ago
                            If it does do that then yeah, there should be backlash. But I don't see that stated anywhere in the notes nor do I see a hint of that in the app.

                            The only two AI interfaces I see are the "Engage Artificial Intelligence" menu item where you ask it how to form a command, and then a second interface in the Toolbelt called Codecierge where it tries to complete a task you tell it to do.

                            Both of which are completely optional and require an OpenAI key. If you do use them you're sending your request to OpenAI but as far as I can tell it doesn't get any of your command history or anything like that.

                            • upon_drumhead 1 year ago
                              The API key is unvalidated and so any entry that isn't exactly a blank string is treated like a valid key and data is sent out. There's a risk there that a future version may handle the blank key incorrectly or differently and start transmitting away. For some people, the possibility of a string handling bug or a filesystem corruption or what not is enough of a risk to avoid the software.
                              • tflol 1 year ago
                                > If it does do that then yeah, there should be backlash.

                                It's a threat. Disrespectful to users.

                                Maybe it does, maybe it doesn't! If it doesn't maybe it will someday! When just the right person gets hired into exec.

                          • lurkersince2013 1 year ago
                            So here we have a bunch of people complaining about a useful feature that has been written and included for them to use free of charge in an open source project that they themselves likely use to help them earn money at their workplaces...

                            Wonder if these people ever gave the author any credit for the countless other features he wrote for them that they've enjoyed for years, or if they only come here to complain. I suspect most of them haven't.

                            Really an amazing amount of entitlement on display.

                            There's a reason many of us use iTerm2.app over Terminal.app...

                            But Terminal.app is always right there if you prefer your terminal without any features. This really isn't something to be so upset about.

                            • sondr3 1 year ago
                              I too would be immensely frustrated if this was released in my terminal emulator, and would jump ship immediately. My current job would (and probably will) ban this and similar integrations unless compliance gives the thumbs up... and they do not care about how optional it is. GitHub Copilot is still not allowed unless you are in a small pilot project with their own agreement and contract for sharing and storage with Microsoft with tons of red tape. ChatGPT is still banned. Please keep AI out of the core features of applications that absolutely don't need it.
                              • weikju 1 year ago
                                I wonder how they'll react to the next version of macOS, iOS and Windows...
                              • righthand 1 year ago
                                From the release notes[0]:

                                AI

                                ==

                                - Add AI-powered natural language command generation. Enter a prompt in the composer and select Edit > Engage Artificial Intelligence. You will need to provide an OpenAI API key since GPT costs money to use.

                                - A new AI feature in the Toolbelt, "Codecierge", lets you set a goal and then walks you step-by-step to completing it by watching the terminal contents. It requires you to supply an OpenAI API key.

                                [0] https://iterm2.com/downloads/stable/iTerm2-3_5_0.changelog

                                • StrLght 1 year ago
                                  > You will need to provide an OpenAI API key since GPT costs money to use.

                                  Basically there's no "AI feature" enabled by default then, right? What are all these people talking about in the issue then? I am so confused.

                                  • spartanatreyu 1 year ago
                                    A big problem for a lot of devs is that even with an invalid API key, iTerm2 is still sending everything that happens in the terminal to OpenAI.

                                    Which begs the question: what happens when any key (even an invalid one) gets added to iTerm for any reason (e.g. dark pattern, settings export/import, buggy update, accident, forgetting to remove an old key, a sentinel message saying: "do not use AI in this department", etc...).

                                    Besides that there's other issues,

                                    - What happens if the training data is poisoned to compromise developers machines with a `curl ... | sh`?

                                    - What about developers who can no longer use the tool due to policies/regulations that rule out products with LLM features, or a feature that has the potential to send data to a third party?

                                    - What happens if the LLM hallucinates an env variable's value/existence and what should be a simple `rm -rf $BUILD/` turns into `rm -rf /` when $BUILD is not defined?

                                    I'm sure there's more concerns too.

                                    • StrLght 1 year ago
                                      > <...> even with an invalid API key, iTerm2 is still sending everything that happens in the terminal to OpenAI.

                                      Could you please point me to the code (or provide any other proof that this is happening)? This seems either insane or like a huge bug, so I have a hard time taking anyone's word for it.

                                      • lurkersince2013 1 year ago
                                        | "A big problem for a lot of devs is that even with an invalid API key, iTerm2 is still sending everything that happens in the terminal to OpenAI."

                                        ...uh why on earth would it be doing this?

                                        Do you have any evidence this behavior is happening?

                                        OpenAI integration is disabled by default, you have to actively enable it before it will send anything to OpenAI's servers.

                                        • ehPReth 1 year ago
                                          is it? I thought you had to specifically invoke and prompt something? not just it sending everything carte blanche?
                                        • 1 year ago
                                      • Me1000 1 year ago
                                        This is an opt-in feature, so by defaut all AI-related features are disabled. You have to go out of your way to generate an API key and add it, it's not even a thing you could accidentally turn on. And if you'd like to use the features without sending your prompts to OpenAI, under the advanced settings you can supply any OpenAI compatible API URL (if you're running an LLM locally for privacy reasons for example).
                                        • ChrisArchitect 1 year ago
                                          Related:

                                          iTerm2 and AI Hype Overload

                                          https://news.ycombinator.com/item?id=40432446

                                          • drivingmenuts 1 year ago
                                            There is other terminal software out there for the Mac. I haven’t really tested any of it; I’m fine with iterm2. I can avoid the whole AI issue by just not supplying a key for openAI.
                                            • 1 year ago
                                              • coldtea 1 year ago
                                                Amen!
                                                • doctorpangloss 1 year ago
                                                  This comment will be about the reasons people don't like this feature, but without restating the obvious.

                                                  > having AI in my terminal is a deal-breaker.

                                                  Okay.

                                                  > I’ll be liable for breaching my NDA if that gets sent to some network service.

                                                  Right...

                                                  > government regulatory requirements prohibit the use of software with so-called "AI" features for certain tasks

                                                  Sure...

                                                  > Hate to be that guy, but it is not configured by default, not disabled. It should be disableable feature even if OpenAI key is entered, for example.

                                                  Uh huh...

                                                  > Similar working position to Tom N & Matt B above, I'm working in an organisation where any knowledge of our products must not be allowed to leak within or outside the company.

                                                  Right Stephen, sure, how did we not think of that...

                                                  > I rolled back the update on my end, but my pihole shows some openai queries from my Mac. It's hard to say whether it was iTerm o not as I use chat gpt on the browser.

                                                  Hmmm...

                                                  I don't really know the specifics of the feature, I don't use iTerm2. It sounds like you can opt-in (I'm going to avoid using the word enable or configure) to a feature that uses OpenAI's API to auto-complete terminal commands.

                                                  It's a macOS application, these users visit the wider Internet, they are already receiving personalized Apple and Google networked experiences, they are already sending a lot of telemetry. Let's suppose OpenAI, like Apple and Google, makes a good-faith effort to protect your data and keeps its promises about not using API driven calls for training in a way that could leak private information to other OpenAI users. Don't litigate this, there's nothing to serve in the interest of curiosity here.

                                                  Is there an objective, secular, non-vibes basis for being this pissed off about a new feature?

                                                  Why do people draw the line at some kinds of telemetry, but not others?

                                                  • elicksaur 1 year ago
                                                    You’re very dismissive of the reasons the people are stating. An “objective, secular, non-vibes” approach would be taking people at their word.
                                                  • planetf1 1 year ago
                                                    [dead]
                                                    • dangrief 1 year ago
                                                      [flagged]