HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jfkimmes

no profile record

Submissions

Ask HN: Curiosity-driven Business-adjacent Podcast Recommendations like Metamuse

1 points·by jfkimmes·hace 2 años·0 comments

comments

jfkimmes
·hace 3 meses·discuss
Codex is open source and allows any model to be configured.
jfkimmes
·hace 3 meses·discuss
They hint at their AI-augmented reversing methodology, which demonstrates one of the core strengths of current LLM agents. These models, trained extensively on code, can immensely speed up the process of understanding complex system internals.

Security research historically has two difficult components that build on one another: 1. Understanding complex system internals: uncovering the inner workings hidden by abstractions or interfaces 2. Finding vulnerabilities in these uncovered mechanisms

Sometimes both steps are equally hard. But often, finding the vulnerability is trivial once the real mechanisms are uncovered, rather than relying on assumptions about inner workings.

CVE-2026-3854 is a case where the vulnerability is not plainly obvious after understanding the internals. Still, I am confident that this command injection would have been found quickly had it been exposed to a more traditional or accessible attack surface.
jfkimmes
·hace 3 meses·discuss
Do you have a source for that?

Neither the release post, nor the model card seems to indicate anything like this?
jfkimmes
·hace 3 meses·discuss
Everyone talked about the marketing stunt that was Anthropic's gated Mythos model with an 83% result on CyberGym. OpenAI just dropped GPT 5.5, which scores 82% and is open for anybody to use.

I recommend anybody in offensive/defensive cybersecurity to experiment with this. This is the real data point we needed - without the hype!

Never thought I'd say this but OpenAI is the 'open' option again.
jfkimmes
·hace 4 meses·discuss
Not the same league as McKinsey, but I like to point to this presentation to show the effects of a (vibe coded) prompt injection vulnerability:

https://media.ccc.de/v/39c3-skynet-starter-kit-from-embodied...

> [...] we also exploit the embodied AI agent in the robots, performing prompt injection and achieve root-level remote code execution.
jfkimmes
·hace 4 meses·discuss
Here's a little more context about the author's motivation: https://mathstodon.xyz/@csk/116162797629337132
jfkimmes
·hace 4 meses·discuss
Funny, I was just configuring ghostty. I finally made the jump in order to get rid of tmux as a layer of indirection.

Here's what I landed on: This config tries to emulate as much of tmux with native ghostty features (splits and tabs).

https://codeberg.org/jfkimmes/dotfiles/src/branch/master/gho...
jfkimmes
·el año pasado·discuss
This is a Google Play Services update. For GrapheneOS users without GApps wondering: A similar feature is already built-in: https://grapheneos.org/features#auto-reboot
jfkimmes
·el año pasado·discuss
And here I was, thinking I was clever for coming up with the agent smith image for an agent framework.

https://codeberg.org/jfkimmes/TinyAgentSmith