I think it's about owning the consequences of one's own actions.

If you read the thread the guy does own up to his actions. He actually sounds like a nice guy who admits he made a mistake. He seems more interested in preventing this kind of thing from being possible than he is interested in dodging blame.

I'm happy the guy got his data back.

Sorry, I was responding to the comment, not the article.

> Distinction without a difference.

Yeah but it's funnier to blame the AI. And when the "real coders don't use AI" people get pissed off at the joke, you double down instead.

Back in early days of personal computers, the instructor told us that a computer just does what you tell tell it to do, though not always what you thought, and making a mistake thousands of times a second hurts a lot.

That's still how the intro programming or CS classes start, "computer is a fast idiot" and some examples of it taking things overly literally

Does that mean the prompt should include: "...and don't delete my production database."?

If the agent didn't have delete permissions, or was sandboxed dying other way from your production database, that would handle it. So not running it that way is a decision someone made

It means people have to read the commands that they are generating before executing them.

Just in case this isn't hyperbole, no. It means an LLM should not be given that much privilege and that you are responsible for reviewing the tool's output and approving its actions.

"But wait, the user probably just meant that I shouldn't delete the database itself. Removing all of the rows in the table is fine"

Please be cognizant of fake plugins. They replicate entire plugins including the readme files and link to the original repos, but the code itself is different.

I agree, for anyone who's not familiar with it, one is a marketing term while the other is the actual measurement.

So 40 containers carried transported by 20 trucks and then by 3 cargo planes?

Surely you would increase the salary of the current employees if you're hiring new people with higher salaries.

Also, it sounds like the entire premise is "people don't want to work because they're not being paid enough" which is enough of a good reason by itself.

Seems like distros consider it a medium risk because it doesn't involve remote code execution and requires local access. Though it allows local root privilege escalation which is considered high priority.

https://ubuntu.com/security/cves/about#priority

> Medium: A significant problem, typically exploitable for many users. Includes network daemon denial of service, cross-site scripting, and gaining user privileges.

Strange that it's not classified as "high", which specifically includes "local root privilege escalations".

> High: A significant problem, typically exploitable for nearly all users in a default installation of Ubuntu. Includes serious remote denial of service, local root privilege escalations, local data theft, and data loss.

It is high now, someone at canonical is paying attention it seems

if your model is that linux is just about single-user desktops, this local exploit isn't too bad. or if your model is nothing but DB servers or the like.

mystifying to me that shared, multi-user machines are not thought of. for instance, I administer a system with 27k users - people who can login. even if only 1/10,000 of them are curious/malicious/compromised, we (Canadian national research HPC systems) are at risk. yes, this is somewhat uncommon these days, when shell access is not the norm.

but consider the very common sort of shared hosting environment: they typically provide something like plesk to interface to shared machines with no particular isolation. can you (as a website owner or 0wner) convince wordpress/etc to drop and execute a script? yep.

> if your model is that linux is just about single-user desktops, this local exploit isn't too bad.

For example, if you have passwordless sudo, you've already got a widely known LPE vulnerability lurking on your system.

Only for your user, and it means a keylogger on the system if it gets rooted can't pull your password to try on other machines. Personally I always either login as root or use passwordless sudo.

Yubikeys are also surprisingly annoying when setup for the as well. A working developer just needs sudo a lot.

Realistically a "sudo button" would be handy, on the keyboard, with a display to show a confirmation pin for the request (probably also needs a deny button so you can try and identify weird ones).

Sounds like a good use case for that new Copilot button you see on newer keyboards.

You don't even need a button. Just a secure dialog like Windows has.

I mean, that's what you have pinentry for.

hmm have i missed anything?

Any program on your computer can just run "sudo" to escalate itself.

The problem is not the passwordless sudo but running untrusted programs on your computer under your user. They don’t need sudo to steal your SSH keys or inject malicious code in your .bashrc.

Ubuntu is not really targeting multi-user any more. Security update installation is deliberately delayed for all users, until at some point all unprivileged users ended all processes launched from the vulnerable snap image. (Firefox RPC breaks when you replace the binary, so having to reopen your browser to keep opening tabs simple because security upgrades were applied in the background would be inconvenient)

Ubuntu seems to have updated the page to say that it's a high priority now.

it's not like this couldn't be chained with some other exploit to get remote access to get remote root access which seems like a bit of an issue

Local access is a bit of a misnomer though, a vulnerable website can be tricked into running a script

True but that requires another vulnerability.

It's security in depth. You build your server in a way that it doesn't allow remote code execution, and then you run it with an unprivileged user so that if it does allow it, the consequences are limited. And if running arbitrary code is a feature (you are github or whatever) you use VMs.

For reference: https://translate.kagi.com/?from=LinkedIn+speak&to=en

A vendor I never interacted with emailing me usually has no respect of me.

There's definitely a trend of ignoring prompts and cutting thinking short.

The new trend is that the legitimate corporations sending you spam regardless of your communication settings, or even after unsubscribing for the 10th time.

Yes, I'm looking at you Teal HQ, you're spamming us even 3 months after deleting our accounts.