AI is Breaking Two Vulnerability Cultures

jefftk·LessWrong·community·

A week ago the Copy Fail vulnerability came out, and Hyunwoo Kim immediately realized that the fixes were insufficient, sharing a patch the same day. In doing this he followed standard procedure for Linux, especially within networking: share the security impact with a closed list of Linux security engineers, while fixing the bug quietly and efficiently in the open. His goal was that with only the raw fix public, the knowledge that a serious vulnerability existed could be "embargoed": the people ...

Read full article →

Related Articles

Dirtyfrag: Universal Linux LPE
flipped · Hacker News · 1d ago
A web page that shows you everything the browser told it without asking
mwheelz · Hacker News · 13h ago
DeepSeek 4 Flash local inference engine for Metal
tamnd · Hacker News · 1d ago
An Introduction to Meshtastic
ColinWright · Hacker News · 14h ago
Natural Language Autoencoders: Turning Claude's Thoughts into Text
instagraham · Hacker News · 1d ago