5 comments

[ 6.9 ms ] story [ 26.1 ms ] thread
Maybe I’m missing something but because of this kind of risk, an old fashioned virtual machine feels like a more robust security boundary.
It feels like AI is speeding up bug discovery faster than security can keep up. Curious if this is temporary or just the new normal.
> faster than security can keep up

What does that even mean? Bugs are finite, at some point they'll just all be patched and you'll be left with bug-free software.

AI bug discovery getting better is an incredible advantage for defenders.

> Bugs are finite, at some point they'll just all be patched and you'll be left with bug-free software

From "The Tao of programming": "The highest sounds are hardest to hear. Going forward is a way to retreat. Great talent shows itself late in life. Even a perfect program still has bugs. "

FYI: I had tried this exploit with rootless podman containers to write to read-only mounts, but the exploit failed. I am not sure if the default container runtime in Podman is resistant against these attacks or if it assumes Docker running containers with higher privileges, but at least it was a pleasant observation. (kernel 6.18)