Tip: Install a Chromium flavor browser (Chromite) separate from the main browser.
Disable Javascript and hardware accelerated video decoder (commonly exploited) from the flags page and enable reader mode to fix broken JS-dependent websites when browsing blogs and random sites on your personal devices, else dedicate a tablet.
Thanks for testing, we currently only tested it on Pixel 10, but there are a few people on our repo creating PR to support other devices, you can take a look here https://github.com/NebuSec/CyberMeowfia
I've been noodling with porting the kernel exploit to other devices, and the exploit is very sensitive to how the compiler happens to lay out stack frames, which varies between kernel builds. Once you figure out the right "stamp method" and offsets for a particular kernel build though, it's fairly reliable.
Runpod, digital ocean's gpu cloud, and at least a few others use Linux containers for isolation between tenants (look at Wiz's blog post about the nvidia container toolkit bug; digitalocean just puts everyone in a massive k8s cluster)
They are a security boundary. The fact that you need a vulnerability to escape them is proof of that. They just don't have a particularly high cost of escape because reachable kernel vulnerabilities are so common.
> This is the same shape as many other life-cycle bugs [...]
Claude-ism detected. IME with Claude Code an object does not have a type or definition, apparently, but rather a shape (or at least it reaches for that word before more technically-accurate ones). Problems are not of a similar class or type, but of the same shape. Functions are not defined by their signatures but by their shape. Who talks like this and how did it make its way into the training data so pervasively?
I think you're probably right that the article was AI-assisted, but (if so) it's important not to confuse that with the thing the article is about. Google wouldn't pay $90k for a hallucination.
I don't mean that as a criticism—the question of how to receive AI-processed content is chaotic right now. I'm working on a post about that here: https://news.ycombinator.com/item?id=48887149.
Btw, Nebula Sec is a YC startup in the current batch. We've been working with them on how to launch on HN, and one of the things I've been trying to explain is that the HN audience won't respond well to LLM-generated reports. The underlying work, though, is impressive. These guys know what they're doing—the OP is by no means their only significant find—and the fact that they're doing it with an agent, rather than the traditional way, is significant.
A thing that notably triggers my allergies is that if significant human effort went into something, a few paragraphs written by a human seems like a trivial additional investment; if that last touch is missing, it's really hard for me to extend the benefit of the doubt that there really is something there.
Obviously this is only one signal among many, one that can be overruled, but the ick remains regardless.
I agree to an extent, but there are many exceptions, so one can't really withhold the benefit of the doubt.
For example, non-native English speakers (as is the case with these guys IIRC) frequently use these tools. Maybe they shouldn't—as I've been telling a lot of people who email, mistakes are rapidly becoming a sign of authenticity at this point—but the belief that they need to is widespread, and this doesn't mean they didn't do significant work.
(Side note: it's a common assumption that machine-translated text is in a different category from LLM-edited text. From what we're seeing, that assumption is unfortunately completely wrong.)
Another important case is people with disabilities who find these technologies assistive. Again, one can argue that they're increasingly better off just posting their own writing in the raw, but this is a pretty obscure point to get across to people.
Beyond those cases, a lot of people just don't write easily, and/or don't feel their writing is any good. A lot of them are using LLMs to compensate for that, and this by no means implies that their work is bad. Maybe they just have a phobia about writing and/or don't express themselves well that way.
People who enjoy writing or are confident writers fail to understand how emotionally fraught writing is for many others.
Personally I'm down with the "writing is thinking" view, from which it follows that bad writing is bad thinking. But it doesn't follow that "thinking is writing" - that's a much stronger claim, from which it would follow that good thinking is good writing—and this I think is false.
Non-native speakers have learned and improved their English for decades by trial-and-error, let’s stop using that as an excuse to use LLMs. I have been there, and making mistakes is how one learns to communicate effectively in another language.
If one doesn’t put effort in their writing, I am not going to put effort to read whatever slop they put out instead. Simple as that.
What you say implies that people should "learn and improve their English" before posting their work to HN. I'm not with you on that, and here's why: we're trying to optimize for the most-intellectually-interesting site, not the most-English site: https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor..., even though people do have to post in English here.
That user is a non-native English speaker who helped get his posts into a format that HN could appreciate. His work is obviously excellent—the community response was unambiguous. But I don't think it would have made it through without our help.
I'm sure you weren't saying that if someone can't describe their work in good English then it must be slop, but the space is larger than you make it sound. Which is unfortunate in a way—it would be easier to narrow it down, but then we'd miss posts like that one.
Pie-in-the-sky synthesis: translation is easy these days, so maybe non-english writers can and should just write in their own native language and let the readers provide their own translation. Perhaps English no longer needs to be the lingua anglais of western tech writing :p
I don’t buy it, Dan, because non-native English speakers were somehow managing to produce, publicize, and communicate before LLMs did the heavy lifting for them. Perhaps they had human assistance before, but the slop that’s so endemic today reminds us of its value.
It frankly doesn't matter how much human effort went into finding the vulnerability, it just matters if it exists, how severe it is, and how easy it is to exploit.
We apologize for the confusion. We used AI to run final grammar pass and didn't noticed it changed some wording (shape is one of them). Will be more careful in the future
It's not so widely used and it's not explained in the first couple screenfuls of TFA (which by itself is weirdly structured, taking entire paragraphs to explain when it was introduced, when it was discovered, etc. before even explaining what it actually is).
Of course the title was chosen when the article was first published on a site dedicated to security, where probably everyone knows it. This suggests that insisting on unmodified titles when republishing in HN is a poor rule.
Has anyone in infosec ever seen the term "use after free" before LLMs? Or is this basically an acronym claude invented? I say this because I see claude use this term all the time like its common knowledge but in 15+ years in tech never seen it myself. I've seen all kinds of terms used to describe memory errors: memory corruption, heap corruption, stack corruption, whatever, just never this acronym.
This is and has been a common term in any systems programming concept for decades. You can, for example, search CVEs and easily find some from over 15 years ago: https://www.cve.org/CVERecord?id=CVE-2010-1119
It was even enumerated in the first pass of CWE as CWE-416 in 2006.
Yes, it was a common attack vector in binary exploitation. Heap based attack vector like use after free, double free, heap overflows, and others are pretty neat. They force you to learn a lot about how malloc works.
There is a lot of cool work that went into making memory allocation work well; the different arenas, fast bins, chunk headers, etc. are super cool.
if you have spend any amount of time in low level c vulnerabilities you will have heard about it, it is a very common time on the low level/cybersec space.
Huh? That is a really common term. There have been even memes about it. I remember roughly 5 years ago I first heard the ironic; "Real men use after free" in a discussion about Rust's benefits as its borrowing checker would have also prevented this one.
"Use after free" is also described in most standard books about C as a thing you should never do, have you read one?
Please don't be snarky or cross into putdowns or personal attack. We're all in (let's call it) the unlucky 10,000 about something. About most things actually.
To an extent that's fair, but you do understand that "ive not heard of a vulnerability older than me" begs credulity? Especially with the fifteen years experience comment? I'm all for not being snarky (I'm not), but this was bait
There is an interesting episode of This American Life about how everyone, everyone, has weird gaps in their knowledge that eventually get filled in sometimes fun or humiliating ways. You have these too.
Hey guys - please don't do tit for tat spats on HN. I know how it feels (believe me, I know how it feels down to such a level that any hypothetical offspring would also know how it feels), but it only makes everything worse.
Hey guys - please don't do tit for tat spats on HN. I know how it feels (believe me, I know how it feels down to such a level that any hypothetical offspring would also know how it feels), but it only makes everything worse.
Two boot looped, I had to enter recovery and the other just powered off [0].
The demo modifies the wallpaper on supported Pixel devices.
[0] IonStack https://rootme.nebusec.ai
____
Tip: Install a Chromium flavor browser (Chromite) separate from the main browser.
Disable Javascript and hardware accelerated video decoder (commonly exploited) from the flags page and enable reader mode to fix broken JS-dependent websites when browsing blogs and random sites on your personal devices, else dedicate a tablet.
I'm all ears now
I would have hoped that only a few of us are so misinformed as to do that.
Claude-ism detected. IME with Claude Code an object does not have a type or definition, apparently, but rather a shape (or at least it reaches for that word before more technically-accurate ones). Problems are not of a similar class or type, but of the same shape. Functions are not defined by their signatures but by their shape. Who talks like this and how did it make its way into the training data so pervasively?
I don't mean that as a criticism—the question of how to receive AI-processed content is chaotic right now. I'm working on a post about that here: https://news.ycombinator.com/item?id=48887149.
Btw, Nebula Sec is a YC startup in the current batch. We've been working with them on how to launch on HN, and one of the things I've been trying to explain is that the HN audience won't respond well to LLM-generated reports. The underlying work, though, is impressive. These guys know what they're doing—the OP is by no means their only significant find—and the fact that they're doing it with an agent, rather than the traditional way, is significant.
Obviously this is only one signal among many, one that can be overruled, but the ick remains regardless.
For example, non-native English speakers (as is the case with these guys IIRC) frequently use these tools. Maybe they shouldn't—as I've been telling a lot of people who email, mistakes are rapidly becoming a sign of authenticity at this point—but the belief that they need to is widespread, and this doesn't mean they didn't do significant work.
(Side note: it's a common assumption that machine-translated text is in a different category from LLM-edited text. From what we're seeing, that assumption is unfortunately completely wrong.)
Another important case is people with disabilities who find these technologies assistive. Again, one can argue that they're increasingly better off just posting their own writing in the raw, but this is a pretty obscure point to get across to people.
Beyond those cases, a lot of people just don't write easily, and/or don't feel their writing is any good. A lot of them are using LLMs to compensate for that, and this by no means implies that their work is bad. Maybe they just have a phobia about writing and/or don't express themselves well that way.
People who enjoy writing or are confident writers fail to understand how emotionally fraught writing is for many others.
Personally I'm down with the "writing is thinking" view, from which it follows that bad writing is bad thinking. But it doesn't follow that "thinking is writing" - that's a much stronger claim, from which it would follow that good thinking is good writing—and this I think is false.
If one doesn’t put effort in their writing, I am not going to put effort to read whatever slop they put out instead. Simple as that.
That may sound like too fine a distinction, but it isn't. Here's an example: Show HN: Getting GLM 5.2 running on my slow computer - https://news.ycombinator.com/item?id=48842459, which was the #1 thread on HN a couple days ago (https://news.ycombinator.com/front?day=2026-07-09).
That user is a non-native English speaker who helped get his posts into a format that HN could appreciate. His work is obviously excellent—the community response was unambiguous. But I don't think it would have made it through without our help.
I'm sure you weren't saying that if someone can't describe their work in good English then it must be slop, but the space is larger than you make it sound. Which is unfortunate in a way—it would be easier to narrow it down, but then we'd miss posts like that one.
https://blog.jle.im/entry/functors-to-monads-a-story-of-shap...
It's not so widely used and it's not explained in the first couple screenfuls of TFA (which by itself is weirdly structured, taking entire paragraphs to explain when it was introduced, when it was discovered, etc. before even explaining what it actually is).
Of course the title was chosen when the article was first published on a site dedicated to security, where probably everyone knows it. This suggests that insisting on unmodified titles when republishing in HN is a poor rule.
It was even enumerated in the first pass of CWE as CWE-416 in 2006.
There is a lot of cool work that went into making memory allocation work well; the different arenas, fast bins, chunk headers, etc. are super cool.
"Use after free" is also described in most standard books about C as a thing you should never do, have you read one?
The idea that Claude came up with it is ridiculous.
2025: https://redis.io/blog/security-advisory-cve-2025-49844/ 2023: https://seclists.org/oss-sec/2023/q2/133 2022: https://www.zerodayinitiative.com/advisories/ZDI-22-1690/ 2014: https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_o...
It's an issue as old as time, or thereabouts.
https://news.ycombinator.com/newsguidelines.html
These are the times we make.
https://news.ycombinator.com/newsguidelines.html
https://news.ycombinator.com/newsguidelines.html
https://news.ycombinator.com/newsguidelines.html