this post was submitted on 18 May 2026

207 points (100.0% liked)

Linux

65386 readers

463 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 7 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

207

Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ (lkml.org)

submitted 2 days ago by beep@piefed.world to c/linux@lemmy.ml

20 comments fedilink hide all child comments

cross-posted from: https://piefed.world/c/tech/p/1131733/linus-torvalds-says-ai-powered-bug-hunters-have-made-linux-security-mailing-list-almost

The continued flood of AI reports has basically made the security list almost entirely unmanageable, with enormous duplication due to different people finding the same things with the same tools. People spend all their time just forwarding things to the right people or saying "that was already fixed a week/month ago" and pointing to the public discussion.

Which is all entirely pointless churn, and we're making it clear that AI detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved - and only makes that duplication worse because the reporters can't even see each other's reports.

AI tools are great, but only if they actually help, rather than cause unnecessary pain and pointless make-believe work. Feel free to use them, but use them in a way that is productive and makes for a better experience.

The documentation may be a bit less blunt than I am, but that's the core gist of it. So just to make it really clear: if you found a bug using AI tools, the chances are somebody else found it too. If you actually want to add value, read the documentation, create a patch too, and add some real value on top of what the AI did. Don't be the drive-by "send a random report with no real understanding" kind of person. Ok?

all 21 comments

sorted by: hot top controversial new old

[–] idriss@lemmy.ml 2 points 9 hours ago

I am nowhere close to be as smart as him or people like him, but I abandoned a project because of sloppy massive PRs and started refusing to put my name / approval on most PRs at work also because of the same thing, I am the tech person who stayed the most here and not gonna waste my time reviewing slop for others to take credit (just push it with Claude, dev XX will review it properly before it hits prod).

The decline started, but I will keep protecting my side in this company while I am here. I use LLMs occasionally (so I am not going against management trying to make us more productive) to type less, or extract smaller snippets, ... but the change is 100% what I had in mind and I hold myself 100% responsible for the output.

[–] magikmw@piefed.social 79 points 2 days ago (2 children)

Linus really did work on himself huh. Imagine early 2000s Torvalds responding to this.

[–] Feathercrown@lemmy.world 16 points 2 days ago

The Gordon Ramsay of mailing lists

[–] eldavi@lemmy.ml 5 points 1 day ago (1 children)

he would sound like the graphene people. lol

[–] lord_ryvan@ttrpg.network 1 points 10 hours ago

Oh, they that bad?

[–] JohnDarlen@lemmy.today 28 points 2 days ago* (last edited 2 days ago) (1 children)

I can't believe Linus is saying AI is "great" man. I mean even I know it has a few usages for very disposable things, but saying it's great... That's sad. It's very well known the dozens of issues that lies behind LLM use.

[–] AndrewZabar@lemmy.world 34 points 2 days ago (1 children)

I know you were just being glib, but I feel compelled to point out that given its context, it was only used as one might say "AI is all well and good, but...", like just using it to get to the real point, which is that in-and-of itself, without a person acting upon the AI's results, it is actually not great at all. Like any tool, it has to be used to help you accomplish something and not just set about to do your entire job for you. So he was actually saying the opposite.

[+] JohnDarlen@lemmy.today -1 points 2 days ago* (last edited 2 days ago) (1 children)

[deleted]

[–] Serinus@lemmy.world 8 points 2 days ago (2 children)

AI is useful; it just doesn't replace people.

[–] FauxLiving@lemmy.world 2 points 2 days ago

Sir, this is social media nuance has no place here.

A thing is either all bad and anybody who says anything about it is probably a nazi or it is good and nothing you say in support of it can ever be wrong no matter how irrational or toxic those beliefs.

AI is bad and so it can't be useful because only one thing can be true at once. No you can't change my mind, yes I did my own research.

[–] MangoCats@feddit.it 0 points 2 days ago* (last edited 2 days ago) (1 children)

Flamebait style: people are getting in the way of AI fixing the bugs.

Use LLMs to triage the flood of reports, and implement the fixes.

Learn to stop worrying and love the Skynet. https://en.wikipedia.org/wiki/Dr._Strangelove

An actual interesting experiment: fork the system and work toward fully automated maintenance on the fork. Sure, if you want to make it fail you can, but try to succeed and see how it competes with / compares to old-school real-life Linux.

[–] bebabalula@feddit.dk 11 points 2 days ago (2 children)

This is an extremely naive view of what the word “fail” means and of what such a “competition” would look like. Are you suggesting we just deploy increasingly critical systems onto this hypothetical fork until it predictably fails in an unpredictable way? Sorta like Calvin’s dad would rate bridges?

[–] Serinus@lemmy.world 4 points 2 days ago

Man, we all kind of had this in mind, but what an incredible reference.

Sick reference meme

[–] MangoCats@feddit.it 1 points 2 days ago

until it predictably fails in an unpredictable way?

I said it was flamebait... only trust it with trust it has earned.

[–] SocialistVibes01@lemmy.ml 20 points 2 days ago

What a shit show

[–] gary_host_laptop@lemmy.ml 11 points 2 days ago (1 children)

@yogthos@lemmy.ml, Linus agrees with you that what you did with the Feds is totally okay. lol

Which is all entirely pointless churn, and we’re making it clear that AI detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved - and only makes that duplication worse because the reporters can’t even see each other’s reports.

[–] yogthos@lemmy.ml 6 points 2 days ago

I feel very validated :)

[–] racoon@lemmy.ml 4 points 2 days ago

OpenBSD devs were right all along

[–] juipeltje@lemmy.world 5 points 2 days ago

This was to be expected i guess

[–] thingsiplay@lemmy.ml 3 points 2 days ago

Told you so...

[–] whatiswrongwithyou@lemmy.ml 1 points 2 days ago

I for one welcome our new public security mailing list!