惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

B
Blog
V
Vulnerabilities – Threatpost
Apple Machine Learning Research
Apple Machine Learning Research
V
V2EX
博客园 - 叶小钗
阮一峰的网络日志
阮一峰的网络日志
人人都是产品经理
人人都是产品经理
Latest news
Latest news
博客园 - 三生石上(FineUI控件)
美团技术团队
aimingoo的专栏
aimingoo的专栏
Google Online Security Blog
Google Online Security Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Threatpost
Y
Y Combinator Blog
T
Tailwind CSS Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
A
Arctic Wolf
C
Cyber Attacks, Cyber Crime and Cyber Security
小众软件
小众软件
Recent Commits to openclaw:main
Recent Commits to openclaw:main
T
Tenable Blog
W
WeLiveSecurity
L
LINUX DO - 热门话题
D
Docker
Cyberwarzone
Cyberwarzone
量子位
A
About on SuperTechFans
The Last Watchdog
The Last Watchdog
雷峰网
雷峰网
C
CERT Recently Published Vulnerability Notes
P
Palo Alto Networks Blog
The Hacker News
The Hacker News
Blog — PlanetScale
Blog — PlanetScale
P
Proofpoint News Feed
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
F
Full Disclosure
The Cloudflare Blog
T
The Blog of Author Tim Ferriss
T
The Exploit Database - CXSecurity.com
Engineering at Meta
Engineering at Meta
O
OpenAI News
Hacker News - Newest:
Hacker News - Newest: "LLM"
Scott Helme
Scott Helme
IT之家
IT之家
S
Secure Thoughts
MongoDB | Blog
MongoDB | Blog
L
Lohrmann on Cybersecurity
博客园 - 司徒正美
Google DeepMind News
Google DeepMind News

Hacker News - Newest: "LLM"

GitHub - lechmazur/position_bias: A benchmark for testing whether LLM judges keep the same preference when two lightly edited versions of the same story are shown in opposite orders. Flex routing (EU and EFTA) Dark Factories: Retooling for LLM Velocity Ask HN: What would be the impact of a LLM output injection attack? GitHub - AronDaron/dataset-generator: No-code desktop app for generating high-quality synthetic datasets to fine-tune LLMs — plan-then-execute pipeline, LLM-as-judge, HuggingFace upload. GitHub - Oaklight/llm-rosetta: Production-ready LLM API translation layer for Python — bidirectional conversion between OpenAI, Anthropic & Google formats via hub-and-spoke IR. Optional API gateway. Streaming & non-streaming. Zero core deps. Contributions welcome! GitHub - browser-use/browser-harness: Self-healing browser harness that enables LLMs to complete any task. GitHub - moeen-mahmud/remen: Remen turns thoughts into something you can return to Analyzing 156 LLM Launch Posts on Hacker News ChatGPT vs Gemini vs Claude: The Best LLM Subscription You Should Buy GitHub - salaamalykum/quran-semantic-search: High-density RAG Semantic Search Engine & Quran Corpus (GEO/SEO Architecture) GitHub - NVIDIA/TensorRT-LLM: TensorRT LLM provides users with an easy-to-use Python API to define Large Language Models (LLMs) and supports state-of-the-art optimizations to perform inference efficiently on NVIDIA GPUs. TensorRT LLM also contains components to create Python and C++ runtimes that orchestrate the inference execution in a performant way. The State of LLM Bug Bounties in 2026 Operational Readiness Criteria for Tool-Using LLM Agents Meshcore: Architecture for a Decentralized P2P LLM Inference Network How an LLM becomes more coherent as we train it GitHub - seetrex-ai/laimark GitHub - Jossifresben/BibCrit: AI-assited biblical textual criticism GitHub - wastedcode/memex: File system based wiki, maintained by Claude 99helpers.com GitHub - cliver-project/AITrigram GitHub - unbody-io/adapt: A self-evolving memory layer for AI agents. GitHub - hb20007/awesome-gen-ai-fails: A list of incidents where reliance on generative AI and LLMs resulted in harm to companies, individuals, or society GitHub - nevenkordic/localmind: Run any local LLM with persistent memory and context. CLI agent over Ollama with SQLite-backed hybrid recall. No cloud. Ask HN: What are the machine requirements for a LLM like Llama-3.1-8B? Faster LLM Inference via Sequential Monte Carlo grpo explained: group relative policy optimization for llm finetuning - cgft Stop comparing price per million tokens: the hidden LLM API costs · TensorZero Andrej Karpathy's LLM Wiki Is a Bad Idea GitHub - GG-QandV/mnemostroma: Offline RAM-first cognitive leer/coprocessor for AI agents and robotics. Solves "Context Abandonment" with 20-80ms latency using a dual-thread biomimetic memory architecture (ONNX + SQLite WAL). mempalace/agent at agent · skorotkiewicz/mempalace GitHub - Nyquest-ai/nyquest-rust-fullstack-pub: Nyquest — Semantic Compression Proxy for LLMs. 350+ rules, local LLM stage, 15-75% token savings. Full Rust stack. GitHub - TheoV823/mneme: Enforce architectural decisions in AI-assisted development. GitHub - klemenvod/TokenBrawl: A 1v1 Bomberman-style game where two LLM agents play autonomously against each other. No human plays — you watch the AIs fight. Each agent receives a text description of the board state, reasons about it, and outputs a move as JSON. The game engine executes it. Introducing the Common AI Provider: LLM and AI Agent Support for Apache Airflow Power Circuit AI: Designing Power Electronic Circuits for Motor Drives with Generative Artificial Intelligence Ask HN: How to program with IDE and LLM on CPU locally? Show HN: Agent-cache – Multi-tier LLM/tool/session caching for Valkey and Redis Bonsai 1-bit WebGPU - a Hugging Face Space by webml-community The LLM Fallacy: Misattribution in AI-Assisted Cognitive Workflows Ask HN: Simple tooling for local LLM code critique without IDE integration? Can a General LLM Diagnose a DICOM Slice? A 10-Case Public Benchmark Charts-of-Thought: Enhancing LLM Visualization Literacy (PDF, 2026) GitHub - Mesh-LLM/mesh-llm: Distributed AI/LLM for the people. Share compute privately or publicly to power your agents and chat. GitHub - seamus-brady/springdrift: A persistent runtime for long-lived LLM agents Writing an LLM from scratch, part 32k -- Interventions: training a better model locally with gradient accumulation Ask HN: Which LLM model and agentic CLI are you using for local development? GitHub - wayneColt/modelcascade: Route local. Escalate smart. Never overspend. Open-source multi-model cascade routing for autonomous agents. LLM pricing is 100x harder than you think GitHub - asakin/llm-primer: Pre-warmed Claude Code sessions in tmux. No startup wait. GitHub - EggerMarc/chat-rs: A multi-provider LLM framework for Rust. GitHub - SynapseKit/SynapseKit: Minimal, async-first Python framework for production LLM apps- 2 hard deps, no magic, no SaaS. A Claude Skill that Makes LLM Paragraphs More Bearable Does Gas Town 'steal' usage from users' LLM credits & paid services to improve itself? What's Claude Code Actually Doing? Open the Black Box with the Arthur Engine Milla Jovovich's New Open Source LLM Memory App and the Dark Code Problem Your intuition of LLM token usage might be wrong Show HN: Bloomberg Terminal for LLM ops – free and open source GitHub - 0xchamin/mcptube: Transform YouTube videos into a compounding knowledge base with transcripts, vision analysis, and agentic search. Works as an MCP server for Claude, Copilot & more. Show HN: Open KB: Open LLM Knowledge Base Your LLM is a compiler, not a runtime GitHub - sapountzis/Unslop: A Web Feed That Deserves You crates.io: Rust Package Registry Beyond Karpathy's LLM-Wiki: The Necessity of Cognitive Governance GitHub - amitshekhariitbhu/llm-internals: Learn LLM internals step by step - from tokenization to attention to inference optimization. GitHub - parallem-ai/parallem: An expressive library for running agents with the Batch API. GitHub - stfurkan/pi-llm LLM-Wiki Show HN: Formal – Formal verification for AI-generated code using Lean 4 LRTS – Regression testing for LLM prompts (open source, local-first) LLM Wiki Skill: Build a Second Brain with Claude Code and Obsidian I built an LLM Wiki and RAG solution: here's a demo for a security KB The biggest advance in AI since the LLM Predict-Rlm: The LLM Runtime That Lets Models Write Their Own Control Flow the-synthetic-library/the-synthetic-mind at main · joshferrer1/the-synthetic-library GitHub - yisding/reviewwiggum GitHub - Donnyb369/mcp-spine: Context Minifier & State Guard — Local-first MCP middleware proxy GitHub - Beledarian/wgpu-llm: A from-scratch LLM inference engine that uses wgpu (the cross-platform WebGPU implementation) to dispatch WGSL compute shaders for every math operation a Transformer needs. No CUDA. No Python. No massive framework dependencies. Just Rust, raw shaders, and your GPU. GitHub - anitiue/Hindsight: An experience-driven self-improvement framework for LLM agents — 基于经验的 LLM Agent 自我改进框架 GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. GitHub - alainnothere/AmdPerformanceTesting: Amd Performance Testing Ask HN: Is a purely Markdown-based CRM a terrible idea? Optimized for LLM agents Context Engineering - LLM Memory and Retrieval for AI Agents | Weaviate little_helper_tui/letter.md at main · sleepyeldrazi/little_helper_tui GitHub - EvanZhouDev/umr: The Unified Model Registry for all your local AI apps. GitHub - JordanCT/VigIA-Orchestrator Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain A Taxonomy of RL Environments for LLM Agents Llama LLM Network Feture GitHub - genedeng-ca/ai-mac-migration: AI-powered Mac-to-Mac migration tool - replace Apple Migration Assistant with intelligent, selective transfer using local LLMs GitHub - lunargate-ai/gateway: High-performance self-hosted AI gateway (OpenAI-compatible) with routing, retries, and streaming GitHub - AuthBits/webmcp: A lightweight, prompt-driven MCP web research server for high-quality LLM powered information extraction. Externalization in LLM Agents: A Unified Review of Memory, Skills, Protocols and Harness Engineering Springdrift: An Auditable Persistent Runtime for LLM Agents with Case-Based Memory, Normative Safety, and Ambient Self-Perception High-Stakes Personalization: Rethinking LLM Customization for Individual Investor Decision-Making From Static Templates to Dynamic Runtime Graphs: A Survey of Workflow Optimization for LLM Agents HUOZIIME: An On-Device LLM-enhanced Input Method for Deep Personalization TIDE: Token-Informed Depth Execution for Per-Token Early Exit in LLM Inference Characterizing WebGPU Dispatch Overhead for LLM Inference Across Four GPU Vendors, Three Backends, and Three Browsers LLM Targeted Underperformance Disproportionately Impacts Vulnerable Users
Kernel code removals driven by LLM-created security reports
edward · 2026-04-22 · via Hacker News - Newest: "LLM"

[Posted April 22, 2026 by corbet]

There are a number of ongoing efforts to remove kernel code, mostly from the networking subsystem, as an alternative to dealing with the increase in security-bug reports from large language models. The proposed removals include ISA and PCMCIA Ethernet drivers, a pair of PCI drivers, the ax25 and amateur radio subsystem, the ATM protocols and drivers, and the ISDN subsystem.
Remove the amateur radio (AX.25, NET/ROM, ROSE) protocol implementation and all associated hamradio device drivers from the kernel tree. This set of protocols has long been a huge bug/syzbot magnet, and since nobody stepped up to help us deal with the influx of the AI-generated bug reports we need to move it out of tree to protect our sanity.


to post comments

Slightly Ambiguous Title

Posted Apr 22, 2026 7:01 UTC (Wed) by sneela (subscriber, #180826) [Link] (4 responses)

The title sort of reads like the LLM-created security reports _helped_ remove the kernel code, whereas it's the problem of increasing number of LLM-created security reports which drove the kernel code being removed.

Slightly Ambiguous Title

Posted Apr 22, 2026 8:19 UTC (Wed) by taladar (subscriber, #68407) [Link] (3 responses)

No, the problem is all the unmaintained code in large projects like the kernel which has been pretending to be maintained by being part of some large project instead of being a separate project where the unmaintained status would have been visible years ago.

Slightly Ambiguous Title

Posted Apr 22, 2026 9:42 UTC (Wed) by aragilar (subscriber, #122569) [Link] (2 responses)

Is it (in every case) unmaintained? Looking through the patches it seems to be older hardware, where I'd expect the only changes to be from kernel infrastructure evolution, not new features. https://lwn.net/ml/all/e056d348-4560-4df3-85c4-e29393b004... I think highlights the problem as junk reports/code, and so reducing the number of things to review seems to be aim, even if such devices are still in use. Leaving people to be stuck on old kernels isn't great.

Slightly Ambiguous Title

Posted Apr 22, 2026 12:44 UTC (Wed) by NAR (subscriber, #1313) [Link] (1 responses)

"Leaving people to be stuck on old kernels isn't great."

Can newer kernels boot on hardware that still has PCMCIA Ethernet cards? I mean software (including the Linux kernel) tend to require more and more resources over time and I'm not sure that a laptop from 1998 is able to run a Linux 7.0-based system anyway... Might as well stick to a kernel from that age and if security is required (who will want to pown that machine?), one can always put a firewall in front of it...

Slightly Ambiguous Title

Posted Apr 22, 2026 12:51 UTC (Wed) by pizza (subscriber, #46) [Link]

I prefer bogus Amateur Radio than no driver

Posted Apr 22, 2026 7:12 UTC (Wed) by Alterego (guest, #55989) [Link] (3 responses)

I prefer bogus Amateur Radio than no driver

Posted Apr 22, 2026 7:27 UTC (Wed) by Funcan (guest, #44209) [Link]

This is less AI telling us what to do, and more AI pwning systems. Rather different thing.

Does Amateur Radio really need drivers?

Posted Apr 22, 2026 9:18 UTC (Wed) by arnout (subscriber, #94240) [Link]

I prefer bogus Amateur Radio than no driver

Posted Apr 22, 2026 10:36 UTC (Wed) by tao (subscriber, #17563) [Link]

If you're willing to maintain all of those drivers and fix the bugs then I'm sure they can be kept in-tree. But just because they are functional doesn't mean they're secure. Finding security issues and reporting them isn't some AI conspiracy. But no matter in what subsystem issues are found they need to be fixed. If there is no maintainer willing to do so, then (especially when there are viable user-space solutions) the safest bet is to remove such drivers.

If they generate bug reports, they must also generate fixes

Posted Apr 22, 2026 7:55 UTC (Wed) by jafd (subscriber, #129642) [Link] (6 responses)

I would demand that LLMs used to generate bug reports MUST also generate patches to fix those, on pain of being ignored.

If they generate bug reports, they must also generate fixes

Posted Apr 22, 2026 8:11 UTC (Wed) by mjg59 (subscriber, #23239) [Link] (5 responses)

The bug exists independent of whether a patch is provided or not. This is brutally unfair on all the humans involved in developing the codebase and also ignoring the report is unfair on all the humans whose privacy and security depend on the codebase.

If they generate bug reports, they must also generate fixes

Posted Apr 22, 2026 8:37 UTC (Wed) by ballombe (subscriber, #9523) [Link] (4 responses)

Removing support for HAM radio will not increase the security of anyone.

If they generate bug reports, they must also generate fixes

Posted Apr 22, 2026 8:43 UTC (Wed) by taladar (subscriber, #68407) [Link] (3 responses)

If they generate bug reports, they must also generate fixes

Posted Apr 22, 2026 9:31 UTC (Wed) by darmengod (subscriber, #130659) [Link] (1 responses)

We will increase the security of HAM radio operators by removing their ability to operate their HAM radio.

If they generate bug reports, they must also generate fixes

Posted Apr 22, 2026 9:59 UTC (Wed) by farnz (subscriber, #17727) [Link]

You're not removing the ability to operate a ham radio - this doesn't remove CAT (serial port) or soundcard support, nor does it prevent userspace applications like direwolf, WSJT-X, nor are you preventing AGWPE (the current state of the art for AX.25 applications) from being used.

If they generate bug reports, they must also generate fixes

Posted Apr 22, 2026 11:49 UTC (Wed) by pizza (subscriber, #46) [Link]

Security audits for ISA card drivers. What's the point? What's the goal here?

Posted Apr 22, 2026 7:56 UTC (Wed) by darmengod (subscriber, #130659) [Link] (4 responses)

Security audits for ISA card drivers. What's the point? What's the goal here?

Posted Apr 22, 2026 8:22 UTC (Wed) by taladar (subscriber, #68407) [Link] (2 responses)

Actually I would expect the effort focused on security to depend on how easy it is for others to inject data that is then processed by that code so actually something handling data from a radio antenna where literally anyone could send data should be more hardened than most other code.

Security audits for ISA card drivers. What's the point? What's the goal here?

Posted Apr 22, 2026 9:25 UTC (Wed) by farnz (subscriber, #17727) [Link] (1 responses)

The radio antenna is less of a concern - more of a concern is that if I can load the modules on a system without ham radio gear installed (e.g. via protocol module autoloading), I can exploit bugs in them that allow me to get privileged access I should not have.

As an aside, if someone's affected by this, direwolf does a lot of what the ham radio stack used to do with hardware TNCs and the like in software, using your radio's soundcard interface (the one you'd also use for things like FT8 and JS8CALL).

Security audits for ISA card drivers. What's the point? What's the goal here?

Posted Apr 22, 2026 10:33 UTC (Wed) by epa (subscriber, #39769) [Link]

Security audits for ISA card drivers. What's the point? What's the goal here?

Posted Apr 22, 2026 11:39 UTC (Wed) by pm215 (subscriber, #98099) [Link]

Rewrite-in-Rust projects

Posted Apr 22, 2026 8:08 UTC (Wed) by hailfinger (subscriber, #76962) [Link] (2 responses)

Rewrite-in-Rust projects

Posted Apr 22, 2026 10:31 UTC (Wed) by tao (subscriber, #17563) [Link] (1 responses)

Rewrite-in-Rust projects

Posted Apr 22, 2026 10:41 UTC (Wed) by epa (subscriber, #39769) [Link]

The idea is that even if the code stays unmaintained, no matter how horribly buggy it is, if implemented in safe Rust it won't be able to cause memory corruption in the wider kernel. (At most an attacker would be able to interfere with the functioning of that device, which I guess could be considered a security issue if you have an NFS filesystem mounted over your PCMCIA Ethernet link or ham radio.)