“This machine kills AI.”

LLMs are the new memory-safety bugs.

There's a good reason that everyone (even the White House!) hates memory safety bugs. Unlike most other code errors, a memory-safety bug allows an attacker to step outside of the abstract machine. When you write C, or any higher-level language, you have a model that has things like structured programming for control flow, object-level abstractions, and so on. A memory-safety bug is, by definition, one that steps outside of this model. A pointer accesses an object that, according to the abstract machine, it should not be able to reach (and which may not even exist in the abstract machine). This can make control flow jump anywhere, tamper with any bit of the program, and so on.

In the last stack of CVEs I reviewed for a project that I'm using, 80% were memory safety but, more importantly, every single one of the ones that ended with arbitrary-code execution started with violating memory safety. Most other bug classes let you explore flows in the program that maybe shouldn't be there, but at least can be reasoned about at the source level.

This is why #RustLang people get so annoyed by all of the 'look, Rust didn't prevent this vulnerability' posts that are cropping up. Yes, Rust is not a magical thing that prevents all bugs, but most of the security bugs that people are finding in Rust programs have behaviour that you can reason about in Rust at the source-code level. In contrast, a memory-safety bug in one component may be exploited in a totally unrelated component that, at the source level, shares no common data or control flow with the component that introduced the bug.

That behaviour is exactly what you get with LLMs. It is impossible to articulate the set of behaviours that an LLM may have, other than that it will consume a sequence of tokens and produce a sequence of tokens. LLMs, like the systems that most engineers abandoned in the 1990s, use in-band signalling and do not separate control and data lines. Both untrusted data and trusted prompts are fed into the same inputs and both have the ability to influence the output. This may be fairly benign if a human is consuming the output (wildly inaccurate or offensive, perhaps), but it's dangerous if a machine is consuming the output and performing actions based on it. As with a memory-safety bug, you must assume that an attacker targeting the LLM can do anything that the LLM is able to do.

The Chrome team popularised the Rule of two (no, not that one): Any program may be no more than two out of: written in an unsafe language, consuming untrusted data, running outside of a sandbox.

I would suggest that anything that incorporates an LLM is treated in exactly the same way as things written in unsafe languages. If it touches untrusted data (e.g. reading your emails, or consuming documents that you did not author) then it must be assumed to be under the control of the attacker and sandboxed. If it's not sandboxed, it must consume only trusted inputs (even then, the output shouldn't be trusted, but it's no more untrusted than any other buggy bit of code).

Democracy dies in silence. Let Kharkiv live ❤️‍🩹

The 17th largest city in Europe is under heavy russian strikes every day. However, this does not seem to be even the 17th highest priority for the world media. #Kharkiv must become the center of attention. And then the darkness will be afraid to step out into the light.

Read the Opinion on war.ukraine.ua, and share information about the situation in Kharkiv 📎 https://war.ukraine.ua/articles/democracy-dies-in-silence-let-kharkiv-live/

Stand with #Ukraine

Stop Acting Like You're Famous

https://ajkprojects.com/stopactinglikeyourefamous

Drove by this morning and had to take a picture

#efi #burgerking

RUNNING OUT OF MEMORY?

TRY THIS ONE AMAZING TRICK 'THEY' DON'T WANT YOU TO KNOW ABOUT!

echo f | sudo tee /proc/sysrq-trigger

GUARANTEED TO FREE UP YOUR MEMORY (i.e. chrome) QUICK!

YOU HAVE BEEN LIED TO! MEMORY IS ABUNDANT AND FREE!

When a business or executive is described as laser-focused, your visual model should be that of a cat chasing the meaningless dot of a laser pointer until exhausted.

What if universities responded to AI hype with confidence in their core mission rather than FOMO?

https://buttondown.email/maiht3k/archive/more-collegiate-fomo/

so you know how nvidia has their own variable refresh rate technology called g-sync? well the modern industry standard for variable refresh rate on computer monitors (freesync/hdmi vrr/vesa adaptive-sync) is really great and it’s royalty free and works really well and is cheap to implement even on $200 monitors. obviously nvidia didn’t like this because they want their proprietary vrr solution to be the Number 1, and they didn’t want amd to be able to put all the freesync branding on the majority of monitors

so what did nvidia do? they started supporting freesync on their graphics cards, but instead of saying that geforce cards can support freesync (because that would give amd way too much credit!), they called it something stupid like “g-sync compatible”, which makes people think that the royalty free industry standard for vrr is bad and that the best way to get good variable refresh rate is by putting a REAL g-sync module in the back of the monitor. which is, yknow, a $300 proprietary fpga board from nvidia that needs to be actively cooled and casually sucks back 15 to 25w when the monitor is powered off and only works with select geforce cards

i’ve seen enough people say a monitor is “only g-sync compatible“ like it’s a bad thing to get pissed off by this. a g-sync module is worse in every way to the standard modern vrr implementation

i fucking hate nvidia

Here's a replica of a machine for cutting semi-precious stone slabs (a slab allocator, if you will) used to decorate chapels during Charles IV reign. Naturally those stones come practically from my home town.

if the purpose of a system is what it does, I propose that computers are a system for amplifying the effects of misunderstandings

What's your favourite recursive acronym? I think "WINE is not an emulator" is up there but nothing can beat "IRC's really cool" for me.

kernel should adopt autotools

On the debate on the #xz exploit: did we just get lucky or does the discovery demonstrate the strength of open source.

I think it's a bit of both: we definitely got lucky, but we did have a hand in making our luck: Open Source, by design, empowers the curious and it only takes one curious person to dig deeply enough, so our luck was there being that one curious person; the rest we made.

So your mission, if you choose to accept it, is to be more curious

*enables CONFIG_KERNEL_XZ=y*

I'm not in danger, I'm the danger!

One guilty pleasure i have is scanning for FTP pub's like it's 1999 from time to time.

nmap has a built in script for this ( --script=ftp-anon ) (use polite timing, of course)

There's nothing quite like finding a trove of infinite depth hidden behind a seemingly innocuous set of a handful root folders.

Today I stumbled upon ftp.zimmers.net which has a huge trove of #retrocomputing software, manuals, schematics, firmware, magazines, etc,... (check out /pub/cbm), and a fittingly amazing accompanying website, http://zimmers.net/

List some of YOUR favorite #FTP sites?