Linux

65097 readers

944 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 7 years ago

MODERATORS

nooter692@lemmy.ml

AgreeableLandscape@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Dirty Frag: Universal Linux LPE - allows any unprivileged local user to gain root access on a vulnerable Linux system - no patch available (github.com)

submitted 8 hours ago by rabber@lemmy.ca to c/linux@lemmy.ml

33 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] wampus@lemmy.ca 1 points 2 hours ago

With AI enabled bug hunting, you're likely to see a blitz of vulnerabilities, followed by a significant reduction in vulnerabilities.

Yes, malicious folks are usin em -- heck, Kali's had AI integrations for a while on a bunch of its tools even, for pen testing. But devs writing code get em too, and those are the people we need to see using these sorts of workflows as it lets them clip a bunch of zero days.

I think Mozilla, as an example, had a recent patch that cleaned up something like 271 zero days? Anthropic taking their Mythos stuff to banks/govt was largely just a publicity thing to try and shut people up who were mocking claudes code, but also potentially because it'd found govt-placed backdoors that they wanted the gov to know were about to be exposed / patched. The USA's alleged ability to "shut off" tech assets during raids in Venezuela and Iran, gets trickier if AI is exposing their back doors. Likely also why the US Administration is now saying they want to review AIs before they get released. Mythos definitely isn't the only game in town for this sort of stuff -- but the general idea that the dev teams will be shifting to using these tools for QA / writing more secure apps in the near future, is fairly valid. So I wouldn't go too tinfoil hat-y on that front... though it is a period where we'll see a need to patch aggressively, and to double check security configs etc.