Comment by jmbwell

It does seem like an LLM’s ability to see a constraint and just say “I’ll write a quick helper to work around it” kinda wrecks some older-world assumptions. We know how to deal with remote human attackers, remote bot attackers, and to some extent local human attackers, but local self-coding bot attackers lately needs more attention than it used to. It’s not even the same category as malware

I’ve been guilty myself of building containers where everything runs as root on the assumption that the container was the relevant domain

If LLMs are involved, I can’t tell whether OS level security is suddenly more relevant, or suddenly utterly obsolete