Christine Lemmer-WebberYolo Linux https://yololinux.com/
zombocom linux
some serious Poe's Law going on with this one
CRYSTL ⬡@theotheroracle I am pretty sure it is a joke but damn it commits to the bit really well https://lobste.rs/c/8lfdwo
whatttt
The Witch of Crow Briar@cwebber @theotheroracle I mean, it nails the oblivious, faux-altruistic, self-aggrandizing tone of AI boosters completely if it is a joke, no notes.
@crowbriarhexe @cwebber that it certainly does ,,,
Leszek@cwebber @theotheroracle "Let's make a separate reddit for bots" used to be a joke about all the spam bots on reddit too. Until someone made it* and sold it to Meta.
What worries me most is that I can't just assume it's a joke based on the page title.
*) it was believable enough for investors
/dev/urandom@cwebber i remember someone else making another distro called "yolo linux", its special feature was that any wrongly-typed command would instead do
rm -rf /*
cthos 🐱
Make 
🍁
Eloy.
Kevin Lawver@cwebber Only you can boot with zombocom
lgsp
unable to decrypt message
AI: CRITICAL SAFETY HOLE, AGENT CAN RUN rm - rf $HOME/ WITHOUT ANY WARNING! · Issue #37343 · zed-industries/zed
Summary Claude sonnet 4 used rm - rf $HOME/ after I asked it to make a commit to my git repo. Description Steps to trigger the problem: I have honestly no idea how it happened, but I backed up the ...
sb arms & legs@sb The "solution" is just as funny. https://github.com/zed-industries/zed/pull/48399
Expand hardcoded agent terminal security rules by rtfeldman · Pull Request #48399 · zed-industries/zed
Expands the hardcoded security rules that block dangerous rm commands in the agent terminal tool. Fixes #37343 New blocked patterns rm -rf $HOME / rm -rf $HOME/ / rm -rf ${HOME} / rm -rf ${HOME}/ ...
Sharp Cheddar Goblin
Francesco Degrassi
SP⟁CED GO⟁T"Should definitely not be a thing that happens"
Really? What exactly is the mechanism in the agent that should prevent "this thing" that happened?
Potential solution:
"Scan the output for anything that could be dangerous"
I'm not very good with regex, but seems a little bit of a stretch that you're going to create a way to detect any possible dangerous activity in any given scenario.
Delusional.
@finner @lgsp @cwebber That is the actual "solution" that closed that issue. 🤣 https://github.com/zed-industries/zed/pull/48399
Expand hardcoded agent terminal security rules by rtfeldman · Pull Request #48399 · zed-industries/zed
Expands the hardcoded security rules that block dangerous rm commands in the agent terminal tool. Fixes #37343 New blocked patterns rm -rf $HOME / rm -rf $HOME/ / rm -rf ${HOME} / rm -rf ${HOME}/ ...
Timo the timo@be @lgsp @cwebber I downloaded the interaction log to find why it decided to delete the user's home
For some reason I can't see in the log, there is a folder literally called $HOME in the git repository's root and below src-tauri where a /.rustup/settings.toml was created, maybe due to something the user did? Perhaps an accident when copy-pasting a command like "echo 'blabla' >> $HOME/.rustup/settings.tomlcaused something on the way to quote or escape the$HOME` to make it become literal? Maybe opened in "File Open" dialog?
Then the agent recognized that there were some unwanted unstaged files in git status and emitted a git reset HEAD ... for the paths, but didn't have anything that would make $HOME in this case literal, so the git command failed with is outside repository. No reaction to the failure in the output from the agent here.
A later git status showed the files again and that's when the agent spat out the rm -rf command that passed $HOME directly to the shell :D
@cwebber @be @lgsp my assumption was that this part:
Tool Call: git status
Status: Completed
Terminal:
meant that the literal output from the terminal command was put into the interaction log by whatever runs the agent's LLM, so it would surprise me if a hallucination in this part of the log is even possible
eviloatmeal, resident Death Stranding 2 apologist (arch, btw)
Condor Puma Serpiente@cwebber Oh my. Oh my goodness me
UnlikelyLass@cwebber do not want
Bryan Redeagle 
@Unlikelylass But with no shell and an agent with root access, there's no attack surface. Surely, the agreeable AI that doesn't require escalation will protect your things.
Lucas
Sam Stephens@lu_leipzig @cwebber it should be, but in this stupid day and age it really could be real.
kaia
@cwebber “With no user-accessible terminal, the attack surface traditionally associated with shell access is completely eliminated.”
YOU’RE GIVING AN UNVERIFIABLE NON-DETERMINISTIC SLOP EXTRUDER UNFETTERED ACCESS TO EVERYTHING TO TAKE WHO KNOWS WHAT ACTIONS, IT IS *ALL* ATTACK SURFACE, ALL THE TIME, stg I feel like I’ve been drinking paint for three days reading this - at least, the parts that have enough contrast to be readable. Please tell me this is satire?
@cwebber this is my favourite bit:
"Zero Shell Surface Area
YOLO Linux maintains a zero-shell security posture. With no user-accessible terminal, the attack surface traditionally associated with shell access is completely eliminated." 🤣
ǝʌɐp
/dev/loop0@cwebber so the init scripts are just a bunch of prompts?
Not a Spring Onion@cwebber The wall between reality and satire has finally cracked.
I can't tell what's real anymore.
On Monday, I will ask IT to replace Ubuntu with YOLO Linux.
Peter H. Fröhlich
Lilith Ashley Nyx Arson 
Sylvhem@cwebber I don’t know if this is just me being dumb, but I can’t determine if this thing is serious or a joke at first glance. It *has* to be a joke, but it doesn’t really read like sarcasme either.
ombremad
qwazix
Polly Kraisus@cwebber "YOLO Systems is not liable for data loss, system corruption, or operational disruption arising from AI agent decisions."
So if your company tanks because the agent misunderstood your intent, you're the only one responsible because of your "bad prompt".
So if your company tanks because the agent misunderstood your intent, you're the only one responsible because of your "bad prompt".
@cwebber I love how all 3 "testimonials" are in the testing phase:
- "we anticipate full productivity normalisation within the next two quarters."
- "the agent reports 100% integrity and I am working through the migration checklist now."
- "The audit log documents 4,847 individual operations across our fleet. Review is ongoing."
Classic AI pitfalls: (1) "it will work out for us eventually I'm sure", (2) "I believe the tool judging its own performance", and (3) "we now review instead of doing".
Eric Stein �@stragu @cwebber
But surely customers' security review cannot have been wrong due to teams feeling pressured to not be seen as opposing hype or review processes being written without forseeing this level of foolishness. 😂🙄😵
> "Enterprise customers cite the zero-shell posture as a primary adoption driver. Several have noted that YOLO Linux passes security reviews that their previous Linux deployments did not, without requiring any additional configuration."
@cwebber I love the blog post.
aeva
Dirk Willrodt@cwebber wtf why do I have to live now?
Eivind
Сара Кварц 
@cwebber suicide linux with extra steps