Claude Code cracks FreeBSD within four hours

loveydovey · 2026-04-05T09:46:13+0100

For about four hours, Nicholas Carlini worked on FreeBSD supported by Anthropic’s Claude. Carlini states that Claude performed a large part of the work autonomously, from identifying the vulnerability to the finished exploit.

https://www.notebookcheck.net/Claude-Code-cracks-FreeBSD-within-four-hours.1266232.0.html

eternal_noob · 2026-04-05T10:02:08+0100

And at the same time, ChatGPT can’t even deduplicate a list of duplicates. It’s really great that this is now supposed to be used in autonomous weapon systems.

Alain De Vos · 2026-04-05T11:05:07+0100

And that's why i use SCSI & not NFS

kpedersen · 2026-04-05T11:14:42+0100

I found NFSv4 and Kerberos way too complex with too many moving parts to possibly be secure. Looks like my assumptions have been verified when even AI can find a flaw:

https://www.forbes.com/sites/amirhu...-of-the-worlds-most-secure-operating-systems/

NTFv4 is not enabled by default, so many servers are fine. Though nothing like NFS should be exposed publicly to the internet.

Note: I believe the CVE was public, way before the AI was tested against it. This means that the info was already in the AI's training data.

T-Aoki · 2026-04-05T12:31:09+0100

FYI: FreeBSD-SA-26:08.rpcsec_gss

Quoting from my toot on Mastodon:

IMHO, introducing AI-generated codes is too stupid at least for now.
Even putting so-called "AI-slop" aside, AI-generated codes are legally unclear with the copyright "of the data sources used for learning". Who takes the responsibility? International laws first!
And AI-generated codes needs to be reviewed by "natural human who can take responsibility (better if skilled, talented and experienced)" before submitting.
And merge related (depending on each other) portions into single PR not to make human reviewers / committers too tired. It should be clearly the responsibility of natural human submitter to understand what the diff is going to do.

OTOH, reviews by AI before submitting a human-written codes could (hopefully) help polishing up the quality. I think this is the relatively safe (in copyrights management) usage of AI for now.

fjdlr · 2026-04-05T13:27:54+0100

NFS and formerly Yellow Pages (NIS) have exhibited certain vulnerabilities.
Not Claude's tests on the Microsoft family?...

atax1a · 2026-04-05T18:04:57+0100

unreliable narrator paired with lying chatbot makes extreme claims

yawn

atax1a · 2026-04-05T18:08:38+0100

https://neuromatch.social/@jonny/116328988554490524 like, the only reason any of this works is due to a dogshit tornado of crapped-out garbage. if you believe any of this is good you're a rube.

Alain De Vos · 2026-04-05T18:08:53+0100

We can not ignore stuff like IPX or NFS contains "old code".
Once i tried to build freebsd kernel/world without NFS , it would let not me do it. It was in the build system. [ Must try again to be able to be exact]

T-Aoki · 2026-04-05T19:03:57+0100

atax1a said:
https://neuromatch.social/@jonny/116328988554490524 like, the only reason any of this works is due to a dogshit tornado of crapped-out garbage. if you believe any of this is good you're a rube.

Determining the output from AIs as garbages or not should be done locally at submitters' side, and anything well understood, considered (by the natural human submitter) correct and useful and integrated to be meaningful alone should be submitted upstream not to bother upstream reviewers.

atax1a · 2026-04-05T19:08:41+0100

what you're saying is "the future of programming is sifting through the raw sewage output of slop machines in order to pull out the tasty corn kernels embedded within". cringe.

drhowarddrfine · 2026-04-05T23:59:50+0100

Claude Code cracks FreeBSD within four hours

No it didn't. It wrote code to exploit a known CVE given to it within four hours. This was talked about on HN a few days ago.

atax1a · 2026-04-06T00:07:35+0100

drhowarddrfine said:
It wrote code

we'd dispute that it even did that. granting it agency is contributing to the smoke and mirrors.

MG · 2026-04-06T00:29:10+0100

eternal_noob said:
And at the same time, ChatGPT can’t even deduplicate a list of duplicates. It’s really great that this is now supposed to be used in autonomous weapon systems.

Is it true? I personally wouldn't expect that computers of any weapon system have non-transparent decision-making components.
I think this is part of the AI glorification that's starting to get desperate. They are in their own conflict: if you generate valuable information and give it away, there's minimal profit and others can copy it, but if you fake the value of information everybody will notice that your results are useless and leave.

eternal_noob · 2026-04-06T00:51:37+0100

It's true. I gave it a file with C++ includes of which some were duplicates. The resulting file missed a bunch completely.

And for the weapons: The pentagon asked Anthropic first but they refused:

In a statement published on its website, QuitGPT says: "On February 27, ChatGPT competitor Anthropic refused to give the Pentagon unrestricted access to its AI for mass surveillance of Americans or producing AI weapons that kill without human oversight."

Boycott AI: Should you quit ChatGPT after its Pentagon deal?

A growing protest movement is encouraging people to cancel their subscriptions to the popular AI chatbot.

www.euronews.com

atax1a · 2026-04-06T00:55:48+0100

that is because it does not, in any sense, understand what you are "asking" it. the only thing it does is produce a plausibly-shaped response to the input, and everything else it "does" is postprocessing layers on top of that. you remember that quote attributed to charles babbage about how people would ask him if putting wrong figures into the machine would produce correct answers, and he couldn't understand how people could have such a confusion of ideas?

Alain De Vos · 2026-04-06T01:24:50+0100

The top layer, programmed in python , thinks , you program in python. Lets focus on that.

Alain De Vos · 2026-04-06T01:28:26+0100

Shit in , shit out (sorry for the wording)

atax1a · 2026-04-06T02:13:32+0100

there's a reason everyone calls it slop

hedwards · 2026-04-06T03:38:24+0100

atax1a said:
unreliable narrator paired with lying chatbot makes extreme claims

yawn

What scares me more than anything else is that these bots don't necessarily just admit when they don't know or have a wrong answer. I've seen chatgpt get a wrong answer, then refuse to admit that it was wrong, then you give it the correct form to work with at which point it claims that it's nonstandard.

I knew what the right answer was supposed to be, so it wasn't that much of an issue, but I have to wonder about all the people out there that wouldn't know things and just use the broken output, or who are given less time than needed to do the task, so they don't check, because the bot was supposed to save time, even though often times checking takes more time than just doing it correctly.

atax1a · 2026-04-06T03:49:43+0100

when we say this thing is a misinformation machine we are not fucking joking, turns out

drsnx60 · 2026-04-06T08:33:46+0100

looks like the victim system needs to be setup with secure GSSAPI for this bug to be activated .
My Kernel was updated 3 days ago so issue was already patched on my laptop.

doul · 2026-04-06T08:50:00+0100

I won't even read the article based on the title alone; I'm more than fed up with these clickbait titles.

loveydovey · 2026-04-06T10:07:38+0100

doul said:
I won't even read the article based on the title alone; I'm more than fed up with these clickbait titles.

It's not clickbait. Here's the info from the

T-Aoki said:
FreeBSD-SA-26:08.rpcsec_gss

"Credits: Nicholas Carlini using Claude, Anthropic"

drhowarddrfine · 2026-04-06T10:41:10+0100

loveydovey said:
It's not clickbait. Here's the info from the

"Credits: Nicholas Carlini using Claude, Anthropic"

It's clickbait because it's not true but implies that it is. As I said in my previous comment,

No it didn't. It wrote code to exploit a known CVE given to it within four hours.

It did not "crack" FreeBSD.