Unlock the Secrets of Ethical Hacking!
Ready to dive into the world of offensive security? This course gives you the Black Hat hacker’s perspective, teaching you attack techniques to defend against malicious activity. Learn to hack Android and Windows systems, create undetectable malware and ransomware, and even master spoofing techniques. Start your first hack in just one hour!
Enroll now and gain industry-standard knowledge: Enroll Now!
- Data continues to go back to Chinese servers even with telemetry off
- Hardware and OS specs, mouse/keyboard activity and more
- Trae memory usage is 3x higher than Cursor
A developer has taken to GitHub to warn that ByteDance’s Trae AI-powered IDE has been collecting data from users and sending it to the Chinese company’s servers.
A report found extensive network activity continues despite users disabling telemetry in settings, with around 500 network calls observed in seven minutes, equating to around 26MB of data being transferred.
The data was being routed to ByteDance servers on the byteoversea[.]com domain, with a broad range of system and project information potentially at risk of being collected by the company.
ByteDance’s Trae IDE could be collecting data
According to the report, ByteDance was collecting system information like hardware specs and OS details, usage patterns, performance metrics, project and file path information, unique persistent identifiers and mouse/keyboard activity, among some other elements.
The developer also found ByteDance has the potential to enable/disable feature or modify functionality remotely without pushing updates.
Marketed as a free alternative to the likes of Cursor, Trae uses GPT-4o and Claude-3.5-Sonnet to help users boost productivity, but the app was found to use around three times as much memory as Cursor (and 6.3x VS Code).
The biggest privacy and security concerns center and data sovereignty, with major alarm bells ringing about ByteDance’s persistent collection of information even after users change their preferences. The developer was also concerned about the amount of unnecessary system information collected in those logs, and the fact that it was all being sent to Chinese infrastructure.
ByteDance customers also share transparency concerns, with the IDE failing to properly disclose the data collected and the telemetry toggle appearing to be non-functional.
TechRadar Pro has asked ByteDance to respond to these allegations, but we did not receive an immediate response.
You might also like
Unlock the Secrets of Ethical Hacking!
Ready to dive into the world of offensive security? This course gives you the Black Hat hacker’s perspective, teaching you attack techniques to defend against malicious activity. Learn to hack Android and Windows systems, create undetectable malware and ransomware, and even master spoofing techniques. Start your first hack in just one hour!
Enroll now and gain industry-standard knowledge: Enroll Now!
0 Comments