Posts
452
Following
101
Followers
4808
repeated

You don't see people from the frontier models brag about how many vulnerabilities they FIXED, only how many they FOUND.

6
18
1
repeated

“Very few companies are so good at shipping software that they can afford the extra risk profile.” (of )

From:

https://hermit-tech.com/blog/ai-mania-is-eviscerating-global-decisionmaking

0
5
0
repeated

Thorsten Leemhuis (acct. 1/4)

Edited 4 days ago

Linus once more states that AI is just a tool:

https://lore.kernel.org/all/CAHk-%3Dwi4zC%2BZe8e%2Bp3tMv8TtG_80KzsZ1syL9anBtmEh5Z40vg@mail.gmail.com/

"" [the ] is not one of those anti-AI projects, and if somebody has issues with that, they can do the open-source thing and fork it.

Or just walk away.

AI is a tool, just like other tools we use. And it's clearly a useful one.

It may not have been that "clearly" even just a year ago, but it's no longer in question today.

There are other questions around AI (like what the economy of it will actually look like in the end), but "is it useful" is no longer one of those questions. […]""

5
9
1
repeated

Thorsten Leemhuis (acct. 1/4)

Edited 8 days ago

from Tytso in reply to a backporting request to various older longterm series:

""[…] And this is why the patches have not been backported. It requires work, and an AI generated request doesn't change the reality that *someone* has to do that work,

I invite you to figure out a way to figure out an AI mediated tool that can attempt the backport, and then run the moral equivalent of "gce-xfstests -c ext4.all -g auto" to verify that the backport doesn't result in any regressions. (Some previous attempts to backport to older LTS kernels have resulted in the kernels crashing as a result.)

Otherwise, I recommend that most users consider switching to a newer LTS kernel, or if they can't to pay $$$ to an enterprise Linux distribution that pays engineers to do that hard work.""

https://lore.kernel.org/all/alDWUmORy7fTnorX@mit.edu/

Side note, regarding the "switching to a newer LTS kernel" aspect: running at least the latest longterm is what most users should do anyway, as explained by this post from @gregkh:

http://www.kroah.com/log/blog/2018/08/24/what-stable-kernel-should-i-use/

1
3
1

CVE issue stats for the first 6 months of the year, by vendor, sorted by quantity:

   2308 "vendor": "Linux",
   1752 "vendor": "Google",
   1308 "vendor": "n/a",
    843 "vendor": "Microsoft",
    495 "vendor": "OpenClaw",
    445 "vendor": "Oracle Corporation",
    395 "vendor": "Adobe",
    340 "vendor": "Red Hat",
    310 "vendor": "Apache Software Foundation",
    284 "vendor": "Apple",

I gotta change my talk where I say “we are #2” as that’s not the case by far anymore. Hopefully the other vendors get their act together and start properly reporting all CVEs to the system, not just the ones that they feel like submitting…

And the numbers for OpenClaw is quite impressive, nice to see someone take responsibility there :)

2
17
50
repeated

"You're a commercial user of libcurl who use it for free and you ask a volunteer to fix your problem on his spare time?"

Sometimes I need to say it.

6
10
1
repeated

'Untrusted data in Linux — How Rust is going to save us' by Greg Kroah-Hartman at RustWeek 2026!
https://www.youtube.com/watch?v=Nzmj7K0FNRY&list=PL8Q1w7Ff68DBpmF38rcIAf8Z9Gj2TnlgM&index=11

0
4
0
repeated
Edited 24 days ago

As every year, Kernel Recipes is running its charity auctions!

This year, we wanted to shine again a spotlight on the work of the @conservancy. @bkuhn will be speaking on the topic on September 22nd, right before the auctions kick off.

Registration for the conference is now open: https://www.billetweb.fr/kernel-recipes-2026

0
3
1
repeated

The project will not accept or otherwise handle any vulnerability reports during the month of July 2026. We call it the curl summer of bliss.

https://daniel.haxx.se/blog/2026/06/15/curl-summer-of-bliss/

13
34
1
repeated

We are honored to announce the @netdevconf 0x1A keynote speaker @gregkh !

@gregkh will discuss the ongoing LLM challenges and the kernel security process.
Come hear and learn and interact to provide feedback to @gregkh

https://netdevconf.info/0x1A/sessions/keynote/llms-and-the-kernel-security-process.html

1
1
1
repeated

Assisted-by: GNU sed 4.9 <sed@gnu.org>

1
22
3
repeated

New live episode of Rust in Production and it's a special one! 🥁

Recorded on stage at Rust Week in Utrecht with two people shaping the future of the Linux kernel:

🐧 Greg Kroah-Hartman (@gregkh ), Linux Foundation Fellow
⚙️ Alice Ryhl, core maintainer of Tokio, Rust for Linux at Google

▶️ https://corrode.dev/podcast/s06e04-rust4linux/

Huge thanks to the Rust Week crew for hosting this one. You're awesome! 🦀

1
3
1
repeated

First talk of the day with Greg @gregkh KH to talk about Untrusted data in in Linux : How Rust is going to save us.

1
1
0
repeated

I'm at the recording for the Rust In Production podcast on "Oxidizing the Linux Kernel" with Greg @gregkh KH, Alice Rhyl and Matthias @mre Endler.

2
2
0
Will be on the "Rust in Production" live podcast in a few hours here at RustWeek:

https://2026.rustweek.org/schedule/tuesday/

Live streams of the conference:
https://www.youtube.com/@rustnederlandrustnl/streams

I think the podcast might be streamed here as well:
https://www.youtube.com/playlist?list=PLbWDhxwM_45lkJfL95zELDgO01mnrRQ6t
but don't really know...
0
5
19
New desktop addition, a "big button" to do a kernel release. Would have come in handy earlier today when I had to do a bunch of them ...
2
21
76
repeated

More stable kernels with partial Dirty Frag fixes

https://lwn.net/Articles/1071483/

1
3
0
repeated

"If Linux can be maintained by sending patches to an email mailing list, 'doesn’t work at scale' arguments are skill issues."
https://dbushell.com/2026/04/29/github-is-sinking/

0
2
1
repeated

Hoshino Lina (星乃リナ) 🩵 3D Yuri Wedding 2026!!!

Edited 2 months ago

Typical ML argument: "If I can read something legally, why can't I train an LLM on it?"

Humans are capable of reading things and later writing a similar thing that is still a copyright violation. If I go and write a book that follows the plot line of Star Wars, that's still a copyright violation, even if no text is literally the same. If I play the melody to a song on my piano and release it without the appropriate mechanical cover license, that's also a copyright violation.

The reason this does not happen often is that, as humans, we are aware that that's plagiarism and there are rules. Sometimes it happens by accident, and people still get sued and lose.

LLMs have no such awareness and routinely output things which are blatant copyright violations when appropriately prompted. That means the model weights encode that work, and therefore, are themselves a derivative work.

Your brain encodes a massive amount of copyrighted information. You are not a walking copyright violation because humans aren't data, can't be copied and distributed en masse, have human rights, etc. This is why "mind reading machines" are a classic dystopian plot point (monetizing your thoughts etc).

An LLM is not a human, does not have human rights, nor human privileges. It is data, and if it encodes copyrighted information, that's a derivative work. If you aren't following the license of the training data, that's a copyright violation.

6
9
2
Show older