Our report seeks to answer some of our questions for seven of the most popular agentic code editors and plugins. By intercepting and analysing their network flows across a set of standardised tasks, we aim to gain insight into the behaviour, privacy implications, and telemetry patterns of these tools in real-world scenarios. Incidentally, a side-effect was running into OWASP LLM07:2025 System Prompt Leakage for three of the chosen coding agents. You can see the system prompts in the appendix.
Exactly the same happened with me. Picking up the phone and responding to email (in weeks, not hours or days) didn't lower my bills. This sort of marketing is perhaps deflection.
• Google's CRLs from the same intermediate CA (same public key) have different URLs and different content when pulled from different hosts (google.com, youtube.com).
• DigiCert has sharded according to 'assurance' class, algorithm, year and acquisition's name.
• Sectigo also has sharded according to 'assurance' class [1].
• GlobalSign has sharded by the yearly quarter presumably.
• HTTP Cache-Control maxage (or s-maxage), 'Expires' and 'Next Update' within the CRL file are not in sync.
• Some CAs other than Let's Encrypt also do not publish CRL URLs in the leaf certificates.
TLS 1.3 and ESNI (now called Encrypted Client Hello - ECH) are separate standards, although you'll see ECH only enabled in bleeding edge stacks. In fact, ECH is still in IETF draft phase [1].
It can be disabled if an organisation wishes to. I wrote about how to do this in Chrome [2,3], and will write about Firefox when I get a chance.
Stay near a transport hub so you can connect with your prospects and customers regularly, by travelling. Working along side other founders in the B2B space would be extremely beneficial too.
Wait till they get to the part where it can be easily bypassed. I spoke about it [1] at the fwd:cloudsec conference [2] in July 2022. Others have raised concerns about discovery of these bypasses too [3].
My interest in Framework is the DIY repairability. Not interested in modular upgrades but hot swappable ports on the side and should something need replacing, can be done in a relatively shorter and more predictable timespan than with ThinkPads and EliteBooks these days. Have had terrible experience with those in the last few years.