@HackingLZ The mitigations are already largely available, mostly the UX and "this is the default now" pieces need to align.
English
InsanityBit
19.4K posts
InsanityBit
@InsanityBit
Software Engineer @tines_hq Previously: SWE @Datadog CEO/ Founder of @graplsec SecEng @Dropbox SWE @Rapid7
New York Joined Haziran 2012
506 Following2.3K Followers
@HackingLZ Yeah, Blackhole etc was an insane time. New 0-click 0-days daily. Chrome changed that almost overnight with mitigations. It'll be the same story.
Weak targets like shitty CI pipelines were already weak and shitty. Apply mitigations and suddenly cost is 100x.
English
Weird how InfoSec collectively forgot there was a time that browser exploits were just in Metasploit. That Java applets were abused into oblivion until the default behavior had to change.
LLMs accelerating vuln discovery isn't unprecedented. The ecosystem adapted before. It'll adapt again just not without pain.
English
lwn.net/Articles/10656…
"people will finally understand that security bugs are bugs"
Linux will literally never improve
English
I do have to "uhhhh no, no no no" a fair bit with models.
Halvar Flake@halvarflake
Example scenarios where Claude was extremely stupid in the last days: 1) Arguing that a change that moved work into multiple Python processes made GIL contention worse because the total number of CPU-seconds spent waiting for the GIL had gone up.
English
I don't really understand how twitter works anymore because it's been years. Why is DHH on my "Following" timeline? No one seems to have retweeted him and I don't follow him.
This site seem so much worse. Everything feels broken.
English
@anton_chuvakin @unpromptedconf @gadievron I take it seriously. But I'm not panicking. I'm implementing mitigations. I think mitigations, when adopted, outpace attacks. They always have, people just don't use them.
English
@anton_chuvakin @unpromptedconf @gadievron People who care are already hedging by hardening. People who don't care wouldn't care anyways. Same old, right?
English
So why nobody (well, maybe <1%) care about the coming AI-powered vulnerability apocalypse? (ref @unpromptedconf vs #RSAC discussions, cc @gadievron ) #question
English
@AnnaCiaunica Perhaps I'll manage to find time for that this weekend. I'm very skeptical here that the commitment of co-embodiment is somehow more parsimonious than the numerous explanations for qualia under physicalism, but I suppose I'll just have to read!
English
@InsanityBit That’s actually the title of my PhD : Physicalism and qualia 🤪
English
Before you retweet this you should read it. It dismisses physicalism and functionalism without meaningful consideration and then poses a form of idealism. I think this is quite a serious commitment, even if you agree with the conclusion.
Anna Ciaunica PhD @annaciaunica.bsky.social@AnnaCiaunica
Short answer : NO Longer answer here : arxiv.org/abs/2601.21016 @erikjbekkers
English
@AnnaCiaunica Ah, a mere glimpse at your paper answers my two questions. I will indeed read this. Thank you.
English
@AnnaCiaunica I'll do so. The implication of your paper seems straightforward, however - it ties moral permissibility of termination to autopoietic status and rejects the property cognitive status. I think the conclusion simply follows.
I'll read more carefully if you disagree.
English
Essentially, under this framework, if you accept a fetus as a distinct autopoietic system, abortion is morally impermissible. This simply follows, but the authors dodge it every so slightly.
Read the words.
English
That is, their entire "it's wrong to do this to a being that conforms to X" trivially applies to a fetus. They explicitly reject cognitive capacity as a qualifier.
IMO this is just smuggling in anti-abortion without saying it, but perhaps the author would reject that.
English
I'll take this opportunity to remind you that `cargo-vet` is a thing, and it's amazing. You can literally say "Google, Mozilla, etc, have checked that this dependency is legit".
github.com/mozilla/cargo-…
I have this + a Skill to review any exceptions.
English
Lack of mutation testing in Rust has always been a bummer (tbh it is such a rare treat in any language).
Could be huge, excited to check this out. Mutation testing + property testing are just orders of magnitude more effective than industry standard.
Trail of Bits@trailofbits
MuTON and mewt introduce bugs, run tests, and find what coverage misses. MuTON supports TON languages, built in collaboration with @ton_blockchain. mewt covers Solidity, Rust, and more. blog.trailofbits.com/2026/04/01/mut…
English