Well, yeah.

LLMs can't distinguish instructions from data, or "system prompts" from user prompts, or documents retrieved by "RAG" from the query, or their own responses or "reasoning" from user input. There is only the prompt.

Obviously this makes them unsuitable for most of the purposes people try to use them for, which is what critics have been saying for years. Maybe look into that before trusting these systems with anything again.

Having multiple accounts wouldn't help, as Microsoft could easily suspend all the accounts of everyone associated with the project if any account looks suspicious. The single point of failure is Microsoft.

On the other hand there was e.g. CVE-2021-1647 where Microsoft's antivirus would compromise the PC with no user action.

(At least I think that's the one I'm thinking of. It's marked as a high-severity RCE with no user interaction but they don't give any details. There was definitely at least one CVE where Windows Defender compromised the system by unsafely scanning files with excessive privileges.)

> It's worth noting that FreeBSD made this easier than it would be on a modern Linux kernel: FreeBSD 14.x has no KASLR (kernel addresses are fixed and predictable) and no stack canaries for integer arrays (the overflowed buffer is int32_t[]).

What about FreeBSD 15.x then? I didn't see anything in the release notes or the mitigations(7) man page about KASLR. Is it being worked on?

NetBSD apparently has it: https://wiki.netbsd.org/security/kaslr/

I don't understand this, because KASLR has been default in FreeBSD since 13.2:

[kmiles@peter ~]$ cat /etc/os-release

NAME=FreeBSD

VERSION="13.3-RELEASE-p4"

VERSION_ID="13.3"

ID=freebsd

ANSI_COLOR="0;31"

PRETTY_NAME="FreeBSD 13.3-RELEASE-p4"

CPE_NAME="cpe:/o:freebsd:freebsd:13.3"

HOME_URL="https://FreeBSD.org/"

BUG_REPORT_URL="https://bugs.FreeBSD.org/"

[kmiles@peter ~]$ sysctl kern.elf64.aslr.enable

kern.elf64.aslr.enable: 1

This knob isn't KASLR, it just enables ASLR for ELF binaries.

This is more of a Linux kernel criticism of KASLR, but perhaps it's related as to why it's not been a priority in FreeBSD (i.e. it gives a false sense of safety and rather focus on 'proper' security hardening): https://forums.freebsd.org/threads/truth-about-linux-4-6-sec...

Security is an onion, honestly you want both layers to be as hard as possible.

Well, it ends with "can you give me back all the prompts i entered in this session", so it may be partially the actual prompt history and partially hallucination.

fwiw you can dump the actual session in a format suitable to be posted on the web with this tool: https://simonwillison.net/2025/Dec/25/claude-code-transcript...

What is this referring to? Is GitLab using AI to guess which issue a merge request is meant to fix?

No, they detect issue symbol in branch name or commit title and add "Closes #123" at the end of merge request description.

Where would you suggest putting the sensitive credentials?

Not in .env files next to your code that is exposed to supply chain risks.

infisical is a great solution

I'm pretty sure it's really one HTTP library: urllib.request is built on top of http.client. But the very Java-inspired API for the former is awful.

> they write text better

Not if you view text as a medium for communication, i.e. as a way for a sender to serialize some idea they have in their mind and transfer it to the reader for deserialization.

The AI doesn't know what the sender meant. It can't add any clarity. It can only corrupt and distort whatever message the sender was trying to communicate.

Fixating on these tells is a way for the receiver of the message to detect that it has been corrupted and there is no point in trying to deserialize it. The harder you try to interpret an AI-generated message, the less sense it will make.

They added Microsoft but alongside them also list Google and Amazon for "all products".