It's been done, the ZSNES and Project64 emulators have both had exploits which allowed a malicious ROM to run arbitrary code on the host. ZSNES is written mostly in assembly so that was kinda asking for trouble though.
Great? If you're worried that somebody's actively trying to identify your HN comments against some other source of your writing perhaps. But using a LLM to "avoid deanonymization" is about as sensible for some everyday Joe, as wearing a tinfoil hat in public to avoid 5G radiation is.
Whether it makes sense for anybody to do it is the real question. The threat model where this is a useful thing to do doesn't really exist in my opinion, at least not for obfuscating random comments. Perhaps if you're doing some anonymous journalism that's uncomfortable for your country's regime, and you've previously written other stuff using your real name, it might make sense to run your writing through a LLM, maybe. In addition to a bunch of other Snowden-esque countermeasures.
Don't you think that as LLMs get better the deanonimization attacks will get easier?
Also, a journalist in a hostile regime might be one example, but a user that posted _very_ personal things under an alt account is also another example, and I bet the latter is much more common than the former.
Do you have enemies that would be interested in spending real money trying to link your public accounts to some (possibly existing, likely not) alt accounts with "personal things"? I don't think that's very common.
And no, while I'm sure LLMs can be used for stylometry in academic exercises, I don't think they'll really enable any sort of automatic mass-deanonymization of random social media accounts. But who knows, the US government probably has a bunch of new PRISM-like programs going on already, so it might happen.
I guess it depends on the kind of "Linux" you want. Corporate IT will probably roll out RHEL or similar to the desktops, take away your root access, and install a virus scanner too.
I worked at a bring your own distro place before, ISO certified. I don’t exactly recall what we had to install for compliance but one of them was Clam AV. So it’s possible.
I recall Arch, Ubuntu, Debian and Fedora being used. Relatively small shop though, like 40 devs.
Ironically we were contracting with ASML at the time and ended up having to work on Windows machines using Remote Desktop 99% of the time.
RHEL is very popular on servers but not on desktops. Which is in part due to Red Hat themselves, they don't really do much to promote it for this usecase. Personally (as an admin) I don't mind because it's such a closed ecosystem anyway. They're always rent seeking which Canonical does a lot less. Canonical is always trying to sell us landscape though, but we never went for it because it doesn't solve any of the issues we have with the existing tooling.
Latest Fedora versions can also be regarded as a more modern, faster moving RHEL. Granted it doesn't come with a support agreement or the ability to get one (I just am guessing) so it may not tick all the checkboxes for corporate use.
Well it's ubuntu that the developers are asking for, and that is much better supported by our corporate tooling.
Personally I wouldn't touch redhat with a 10 foot pole after what they pulled with centos, however if my work did want to I'd make an effort on their behalf. They don't seem to though.
The best thing for users maybe. A special kind of hell for the people investigating. And since there are numerous non paying users vs only so many people who have the skills to fix things...
It's incredibly useful to know what problems your users are facing. It doesn't necessarily mean fixing any one particular bug, rather should help prioritize future work.
Of course the developers only want to interact with other developers, never those stinky users who don't even know the proper technical jargon for the bugs they're finding. But that doesn't mean we should pander to developer wishes.
I'm sure if the "stinky users" have a support contract then someone will be happy to look at any kind of report and try to triage or reproduce. Otherwise the least they can do is figure out Bugzilla signup.
The case being discussed here is LibreOffice. Yes in general that is also true, but non paying users don't contribute anything. If they paid at least there's an expectation of fixes. Or at least the money can be used to hire a separate support team.
reply