Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid!

Any awful.systems sub may be subsneered in this subthread, techtakes or no.

If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post, there’s no quota for posting and the bar really isn’t that high

The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.

  • Sailor Sega Saturn@awful.systems
    link
    fedilink
    English
    arrow-up
    6
    ·
    8 months ago

    From the over-active imagination news article:

    If hackers start utilizing LLM agents to automatically exploit public vulnerabilities, companies will no longer be able to sit back and wait to patch new bugs (if ever they were).

    Is anyone under the impression that ignoring a vulnerability after it’s been publicly disclosed is safe? Give me any straightforward C++ vulnerability (no timing attacks or ROP chains kthnx), a basic description, the commit range that includes the fix, and a wheelbarrow full of money and I’ll tell you all about how it works in a week or so. And I’m not a security expert. And that’s without overtime.

    Heck I’ll do half a day for anything that’s simple enough for GPT-4 to stumble into. Snack breaks are important.

    • froztbyte@awful.systems
      link
      fedilink
      English
      arrow-up
      6
      ·
      8 months ago

      Is anyone under the impression that ignoring a vulnerability after it’s been publicly disclosed is safe

      mild take: most people running windows servers on the internet, many wordpress sites, …

      some people don’t upgrade because they need to pay for the new version, or the patch is only in a version with different capabilities, or they don’t know how to, or they’re scared of changing anything, etc. it’s one of the great undercurrent failures in modern popular computing, and is one of the primary reasons it’s possible for there to be so much internet background radiation noise

      and to many of these people, “for them” it’s “safe”, because they never personally had to eat shit, on pure chance selection

    • Soyweiser@awful.systems
      link
      fedilink
      English
      arrow-up
      4
      ·
      8 months ago

      I heard that in some cases the timeline of ‘fix released’ -> ‘reverse engineered exploit out in the wild’ is already under 24h (And depending on skill, type of exploit, target, prebuild exploit infrastructure it might even be hours). So I’m not sure threat actors need this kind of stuff anyway.