Of course they are… that’s what CVEs are all about!
Comment score: 10. Impact: An unhandled double meaning can lead to remote laugh initiation.
I'm very torn on Mozilla collaborating with not only slop conductors, but crypto bros as well.
I get the issues with image generation and using text generation in scams etc. but as a professional coding tool (not just vibe coding slop) AI can be extremely helpful certain tasks, and this use case, where organizations just don't have the resources to have a security expert pore through millions of lines of code for bugs, is a net positive.
I think this is a case of "don't throw the baby out with the bathwater" we can absolutely still criticize the industry and specific companies for IP, societal, and environmental concerns but lets not turn away a win just because they're causing harm elsewhere.
admitting to intentionally deskilling yourself has to be humiliating. Ouch.
So you code strictly in assembly? If you do, good for you. If you don't, the I can't believe you would intentional deskill yourself.
This is a bad-faith argument and an invalid comparison to boot.
That's why Servo and Ladybird need to be vastly built up
bad news, ladybird is all in on slop too
but servo should be fine, in fact right now they have an explicit anti-ai policy!
Why is it slop? “This was human-directed, not autonomous code generation.” can’t you read the entire post before calling this instance of AI-assisted code slop? Every programmer and their mother uses code assisting tools since their very first iterations, AI is just another tool for us, if we implement it responsibly and deliberately and not just “vibe” code it, then it’s a perfectly fair use of AI without having to add the term slop to it.
"Human directed" is a euphamism for someone pushing a button to generate a result. Huh, sounds people vibe coding.
"If" is doing a lot of heavy lifting in your statement. What makes you think vibe coders will use their new drug responsibly?
The AI will exist either way, and people who use that AI will discover these exploits with it. I'd rather it be Mozilla.
AI bros love to normalize their fascist technology by saying that it's inevitable.
No? Things just will exist once they are discovered. Once nuclear warheads were discovered, there was no going back. Once the internet was established, it was going to be around. Same goes for a million other things. And now it applies to AI as well. Even if every big tech fascist stopped making AI, it is still going to be around, and it will be used maliciously. Our best bet is to use it defensibly before it can be used against us.
principled technologists would of course say that the guillotine and beheadings are also technological inevitabilities, so why resist?
I think the difference here is, at least we can use the tech I mentioned defensively. However, using genAI and LLMs is always adding to Jensen Huangs bottom line only, and its a loss to everyone else. You don't happen to be a direct relative? Because otherwise you must feel really ridiculous to do free marketing for him
Thing is inevitable because... Different thing? Brilliant rhetoric!
Same goes for cryptocurrency. Same goes for NFTs. Same goes for Metaverse. Hell, why not say same goes for fascism? We must embrace them all, because other thing!
I'd love to hear your plan to stop AI.
Facedeer, can we at least agree it's a bad look for Mozilla to promote a company that helped kill Iranian children and desperately wants to build weapons to kill more?
That's without even touching on whether your "inevitability" claim is total BS or not.
As part of our continued collaboration with Anthropic
Anthropic is literally the one that refused to let them make autonomous weapons with their AI. There is a whole wikipedia page about it. They explicitly don't want their AI used for weapons. Of course, that wouldn't stop governments/militaries from doing so anyway. It would be different if Mozilla was working with OpenAI, but of the two Anthropic is currently the better one.
And yes, the AI is out of the box. Just like once nuclear warheads were created, there is no going back.
They explicitly don't want their AI used for weapons.
This is a blatant lie, unsupported by your source. Because they explicitly do. In Dario's own bloodthirsty words:
Our strong preference is to continue to serve the Department and our warfighters.
Don't believe and regurgitate these lies about "red lines" when they are worse than meaningless.
Dario practically salivates with the desire to build weapons with their AI. They provided the AI for bombing Venezuelan boats, they provided the AI for killing Iranian children. Your own article says he works with Palantir. He is a child murderer and you don't need to whitewash him.
I like to think of it as exploit mining or smarter fuzzing and auto chaining. Unlike most of the bullshit uses for AI a high false positive rate really doesn't matter. A shell is a shell and sorting through a haystack is easier than baling it then sorting through it.
Only the dead have seen the end of zero-days.
If you're interested in a counter argumentation/expert analysis of previous posts, The Boy That Cried Mythos: Verification is Collapsing Trust in Anthropic is very critical about the whole press and marketing around Anthropic's Mythos. (lemmy post link)
Sure. Thanks.
I guess, future will tell. The author is very focussed on the system card. Maybe, we get a CVE list in a few weeks. Who knows...
The Firefox test is not Firefox. It’s a SpiderMonkey JavaScript engine shell in a container, with “a testing harness mimicking a Firefox 147 content process, but without the browser’s process sandbox and other defense-in-depth mitigations.”
I'm for sure not an expert in this field, but I recently saw videos Form LiveOverflow about FireFox bug bounties and I think, it was the same setup. Finding a bug in one of the components was enough for them to take it very serious.
This is uplifting news
This is a most excellent place for technology news and articles.
