Disclosure practices aside, is it a surprise that your vibecoded anti-tankie platform fell apart after an LLM took a sideways glance at it? I’d be real glad this came to light before everything was spammed to death with CSAM
Then you can definitely not blame us for raising our voices when dbzer0 was maligned, or when your admin decided to ban en masse users who dared to call him out.
I threw an LLM at pyfedi code yesterday and it found a whole bunch of catastrophic security problems. So they had to take the server down and actually fix their shitty code. Piefed is complete amateur hour.
Ah yes, my best efforts of spending whole 5 minutes of my time showing how your codebase is a shitshow with zero consideration for security. Be thankful that I found them and published them, and it wasn’t somebody actually malicious who found them first and exploited them.
There was no valuable secret information here, literally anybody with access to an LLM could find this trivially. The fact is that your ‘devs’ didn’t bother doing even a minimal due diligence here. I guess can’t expect fascists to be competent.
When you ban everybody who disagrees with you that makes it hard to communicate with you losers. Warning people who are federating with your malware instance is a public service though.
oh look, the fed instance has spoken
Yes we’re back despite your best efforts.
Disclosure practices aside, is it a surprise that your vibecoded anti-tankie platform fell apart after an LLM took a sideways glance at it? I’d be real glad this came to light before everything was spammed to death with CSAM
The disclosure practices were kind of the whole point here so it’s a hard thing to hand wave away.
Then you can definitely not blame us for raising our voices when dbzer0 was maligned, or when your admin decided to ban en masse users who dared to call him out.
Entirely different situations.
?? What weird childish mythology about the scary tankies have you cooked up now, are we hackers?
I threw an LLM at pyfedi code yesterday and it found a whole bunch of catastrophic security problems. So they had to take the server down and actually fix their shitty code. Piefed is complete amateur hour.
https://lemmy.ml/post/47393443
https://codeberg.org/rimu/pyfedi/commit/093a466935849f27b3ecf2eab159129186320417
I’ll let diva explain it.
Huh, so the dystopian social credit instance was poorly coded? Color me shocked.
Ah yes, my best efforts of spending whole 5 minutes of my time showing how your codebase is a shitshow with zero consideration for security. Be thankful that I found them and published them, and it wasn’t somebody actually malicious who found them first and exploited them.
Usually you give the developers heads up first then release the exploit information after it’s been patched.
That’s the decent thing to do.
There was no valuable secret information here, literally anybody with access to an LLM could find this trivially. The fact is that your ‘devs’ didn’t bother doing even a minimal due diligence here. I guess can’t expect fascists to be competent.
People make mistakes but releasing it publicly like you did was a real dick move.
When you ban everybody who disagrees with you that makes it hard to communicate with you losers. Warning people who are federating with your malware instance is a public service though.
I still prefer it to lemmy and that’s the great thing about the fediverse.
flies are drawn to manure