Remix clone Hacker News

new | show | ask | jobs Github

	▲	ajdude a day ago
		`> I am issuing this limited, non‑technical disclosure: > No exploit code, proof‑of‑concept, or reproduction steps are included here.` Then why bother? I feel a bit cynical here, but if the goal is to get this fixed, they're not going to care unless it becomes a zero day and is given to the masses, otherwise it's going to quietly be exploitable by the few unsavory groups who know of it and will never be patched. Isn't the whole point of responsible disclosures to give them a time clock to get this situated before actual publication? Forgive me if I'm wrong, I haven't been in that field in a long time.
	▲	tptacek a day ago \| parent \| next [-]
		This is the security equivalent of getting Google support by getting something to the top of HN. The real audience for this post is OpenAI, not you.
	▲	lyu07282 a day ago \| parent \| prev [-]
		It adds some pressure, we know now what the bug is about so we can guess which endpoints to poke at, then it's only a matter of time before it leaks. It would be unethical for the researcher to just publish it.