I don't think PoW scales, because if the bot authors get serious they'll start using native implementations that are much more efficient than the web ones real users are running. In theory maybe Anubis could start using…
I might be missing something here, but why do you assume this spike in CVEs is from bad guys? I would assume it's at least largely good guys finding and reporting vulns, not based on in-the-wild exploitation by bad guys.
I'm not sure if the parent comment was written by AI or not (you're probably right) but consistency is indeed one of the main things I think about with Android Auto. Not just consistency between cars, but also…
No, he specifically gave a proprietary OpenAI model as an example (unless you meant OpenAI models instead of open source models)
They have a similar command for the Arch Linux forum, where beginners are encouraged to ask questions
Maybe you don't drive into flood waters, but your Uber driver might, and that's what Waymo is trying to replace, not your personal driving. In that context I think comparing it to the average human driver makes a lot of…
You're probably right, but that seems like the less important part of this. At that point you've already got an out-of-bounds write. Another comment speculated that you could use PageJack as an alternative exploit path…
"static analysis" is usually deterministic rules you can e.g. put in CI. AI is also somewhat dynamic in that it can execute commands to try stuff out. The best AI vuln finding harnesses work that way, by essentially…
If static analysis could actually find these issues with a reasonable false positive rate, the companies behind them would be running them on Linux to get the publicity of having found the issues like all the AI…
No, you can grant yourself this inside an unprivileged user namespace. `unshare -Ur capsh --print` lists the capabilities inside a user namespace and demonstrates that it has both CAP_SYS_ADMIN and CAP_NET_ADMIN. Almost…
It's not like Costco told them that. Buying something because a third party misinformed you (or in this case, was only temporarily right) doesn't invalidate the transaction.
Yes, but very few people are actually doing that compared to OpenClaw. If everyone else was doing that, they'd be cracking down on it too.
Why do you think it doesn't have understanding of semantics? I think that was one of the first things to fall to LLMs, as even early models interpreted the word "crashed" differently in "I crashed my car" and "I crashed…
Why not? They're definitely not perfect security boundaries, but neither are VMs. I think containers provide a reasonable security/usability tradeoff for a lot of use cases including agents. The primary concern is…
I don't think PoW scales, because if the bot authors get serious they'll start using native implementations that are much more efficient than the web ones real users are running. In theory maybe Anubis could start using…
I might be missing something here, but why do you assume this spike in CVEs is from bad guys? I would assume it's at least largely good guys finding and reporting vulns, not based on in-the-wild exploitation by bad guys.
I'm not sure if the parent comment was written by AI or not (you're probably right) but consistency is indeed one of the main things I think about with Android Auto. Not just consistency between cars, but also…
No, he specifically gave a proprietary OpenAI model as an example (unless you meant OpenAI models instead of open source models)
They have a similar command for the Arch Linux forum, where beginners are encouraged to ask questions
Maybe you don't drive into flood waters, but your Uber driver might, and that's what Waymo is trying to replace, not your personal driving. In that context I think comparing it to the average human driver makes a lot of…
You're probably right, but that seems like the less important part of this. At that point you've already got an out-of-bounds write. Another comment speculated that you could use PageJack as an alternative exploit path…
"static analysis" is usually deterministic rules you can e.g. put in CI. AI is also somewhat dynamic in that it can execute commands to try stuff out. The best AI vuln finding harnesses work that way, by essentially…
If static analysis could actually find these issues with a reasonable false positive rate, the companies behind them would be running them on Linux to get the publicity of having found the issues like all the AI…
No, you can grant yourself this inside an unprivileged user namespace. `unshare -Ur capsh --print` lists the capabilities inside a user namespace and demonstrates that it has both CAP_SYS_ADMIN and CAP_NET_ADMIN. Almost…
It's not like Costco told them that. Buying something because a third party misinformed you (or in this case, was only temporarily right) doesn't invalidate the transaction.
Yes, but very few people are actually doing that compared to OpenClaw. If everyone else was doing that, they'd be cracking down on it too.
Why do you think it doesn't have understanding of semantics? I think that was one of the first things to fall to LLMs, as even early models interpreted the word "crashed" differently in "I crashed my car" and "I crashed…
Why not? They're definitely not perfect security boundaries, but neither are VMs. I think containers provide a reasonable security/usability tradeoff for a lot of use cases including agents. The primary concern is…