I really liked LM Studio and then I realized it’s closed source.
When LM Studio contacts external servers, is what sent clear or encrypted? Is there any proof there is not really telemetry forced by the government providing information on what I type?
One of the reasons I fear closed source software is because of backdoors. Another reason is that the US government can require backdoors using court orders and force corporations to lie about backdoors existing or telemetry when it’s closed source code and can’t be reviewed.
In other words, if they were sending my discussion with an AI femboy “CyberPunk Gemi” to a server, which could flag me as Trans or LGBT friendly “threat” under a Christian Nationalist government at the rate the US country is going, could I see that in the packets being transmitted by the program via wireshark or would I just not know because anything going to their server has encrypted packets from https?
Does this present any sort of real risk with LM Studio?
Would it be possible for the government to order LM Studio to upload data only when certain keywords are used (like “Cyberpunk Femboy” or “Leftist on Lemmy”)?
LM Studio is based out of New York so backdoors could already forced and I would never know.
The first bullet point in the privacy policy answers your question.
None of your messages, chat histories, and documents are ever transmitted from your system - everything is saved locally on your device by default.
US Corporations that receive secret court orders are required by law to violate their privacy policies. A US-based privacy policy and closed source software doesn’t really tell anyone much if the government is sliding into authoritarianism. There are lots of queries in LM Studio and small packages that get updated and data is sent and received during that, there is no proof that data about the user is not sent if the data is encrypted. That is the core of my stupid question: is the data to their servers encrypted?
Sounds like you’re looking for a reason to not use this application.
Nope, I’m looking for a reason to keep using it when I hate closed-source software! It’s the exact opposite!
Unless that’s backed up by a wireshark session demonstrating no data sent, or a reversing analysis that shows a lack of capability in the software, the policy is just words.
Thank you! That’s what I’m saying. I don’t have the technical skill to check this out myself. Should I just delete LM Studio for now? It’s such a great program, but I think it may not be worth the risk.


