Remix.run Logo
echoangle 3 hours ago

I disagree. Surely the newsworthiness of vulnerability writeup is a mix of the relevance and article quality.

You could submit a vulnerability report about an internal tool no HN user could ever be affected by and people could find it really interesting, and you could submit an article about a vulnerability that’s really bad and only people that really care about the affected project would be interested.

Edit: removed some irrelevant stuff because I misread the comment

tptacek 3 hours ago | parent [-]

It's possible to make a not-especially-material vulnerability HN-worthy by writing it up exceptionally well. A lot of cryptographic vulnerabilities are exactly like that! But a meaningful vulnerability is probably interesting no matter how well it's written up.

I don't care about this specific vulnerability, I just care about the knee-jerk instinct to dismiss vulnerabilities because they have AI writeups. I don't like AI writeups either, but vulnerabilities are not exactly like other stories.