So let me get this straight... rsync made a *security release* fixing a bunch of CVEs, it regressed some stuff, people looked at the commit log, saw Claude sign-offs, and started a mob on the sole maintainer?

Yeah, this stuff is what gives legitimate AI criticism a bad name.

I don't like it, you may not like it either, but when people are throwing LLMs at legacy codebases and finding CVEs by the dozen, and a sole maintainer is trying to keep the house from falling apart... if you're attacking them, you're firing at the wrong person.

You know what's a bigger cancer on this world than AI? People incapable of seeing any nuance in situations. And this applies to absolutely everything. I'm absolutely exhausted of extremist takes. From every single side and point of view, in every single debate, AI related and not.

You all seriously need to touch grass, and learn to stop being outraged all the time over every single thing in this world.

Follow

@lina but there was no need to rush. Nobody is exposing unencrypted, unauth, rsync, or rsync'ing data from directed attacks

It all could have waited, been done slower, or not at all unless they got help.

It waa just a mess

@falken @lina

> Nobody is exposing unencrypted, unauth, rsync, or rsync'ing data from directed attacks

You have a far more optimistic view of people than I do. People absolutely do this. Getting at least the most critical security issues fixed quickly is pretty important.

@jannem @falken Literally Gentoo Portage is or was public unauth anon rsync. Never mind that rsync is very often set up between not mutually trusting parties, e.g. for mirror distribution.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.