33
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 23 Jun 2024
33 points (100.0% liked)
TechTakes
1442 readers
80 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 1 year ago
MODERATORS
It turns out the 'I' in "AI" stood for "Linux" all along!
User friendliness aside (who in their right mind would want arbitrary code execution except shitty and indeterministic?), I sandbox stuff at my job* and it's hard to evaluate how secure / privacy preserving this is without more details.
If they're running a full fledged VM and super extra careful around the sandbox boundary** it's probably fine; otherwise it seems perhaps a bit loosey-goosey.
Someone will eventually try to run a Monero cryptocurrency miner in it if they haven't already. So I hope they have their timeouts and resource limits in order (actually I hope they don't, for the lols).
* But like no one told me how to do it or gave me a certificate or anything I just had to do my best
** This is often way scarier than programmers are used to, unless they've written a secure parser before. I wrote a vulnerability into my code a few years back when I was younger and foolish, by trusting an array length from inside the sandbox. My coworker found it while fuzzing the code.