That's what they are actually doing. I think quite opposite, agents need to come... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		TZubiri 3 months ago \| parent \| context \| favorite \| on: IBM AI ('Bob') Downloads and Executes Malware That's what they are actually doing. I think quite opposite, agents need to come with all permissions possible, highlighting that it's actually the OS responsibility to constrain it. It's kind of dumb to except a process to constrain itself.

VTimofeenko 3 months ago [–]

A non-deterministic process at that. Coding agents are basically "curl into sh" pattern on steroids

Terr_ 3 months ago | [–]

Even worse, the sh portion is recursive.

So the attacker doesn't need to send an evil-bit over the network, if they can trigger the system into dreaming up the evil-bit indirectly as its own output at some point.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact