-
Notifications
You must be signed in to change notification settings - Fork 569
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
question: Could you explain how you treat cluster data? #139
Comments
Thank you, this is an important question.
This connects to the Kubernetes API server and only looks at Conditions and Status messages on objects.
This still will forward an aggregate parcel of information which may have personally identifiable information in it e.g. If you have any doubts or worries I would not recommend using As for the I hope this helps. |
I see. Thank you for clarifying it! Regarding the OpenAI data retention policy, it comes to my mind to apply some kind of data anonymization before sending it to them. It could be very cool to implement it or to allow a plugin to do so. From my point of view it's not about trusting OpenAI or not, but about preventing them from using that sensitive data for their future trainings. |
I think this could be a game changer, I know that Google has "Data loss prevention API" in GCP. |
I've been playing with ChatGPT, providing some outputs from k8sgpt and asking for a Go script to automatically detect sensitive data and transform it into random chars while respecting the same word/sentence structure. I based the detection on word entropy but I realize it's not the way to go (works better for detecting random char strings, usually used in passwords and tokens). Is it possible for you to provide examples of each message the k8sgpt could output so we can then feed ChatGPT with better training data for the detection? |
Just to round out this issue, we will add a task to clarify this in the documentation. As for examples, here are some but none of my workloads directly expose PII in their error strings:
|
Signed-off-by: Aris Boutselis <arisboutselis08@gmail.com> Co-authored-by: Aris Boutselis <arisboutselis08@gmail.com>
Checklist:
Subject of the issue
I would like to know how my private cluster-data is treated. I would not like to disclose any personal info to GTP/OpenAI. I miss some information about this topic in the README.
Is the collected data anonymized before sending it to GPT? Which data is collected? Are my private and sensible clusters going to keep safe? Why? Is this tools GDPR compliant? Etc...
The text was updated successfully, but these errors were encountered: