Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

How we Rooted Copilot

⁨177⁩ ⁨likes⁩

Submitted ⁨⁨1⁩ ⁨week⁩ ago⁩ by ⁨Pro@programming.dev⁩ to ⁨technology@lemmy.world⁩

https://research.eye.security/how-we-rooted-copilot/

source

Comments

Sort:hotnewtop
  • nathan@piefed.alphapuggle.dev ⁨1⁩ ⁨week⁩ ago

    $10 says they haven't actually escaped anything and it's just hallucinating a directory structure & file contents

    source
    • communism@lemmy.ml ⁨1⁩ ⁨week⁩ ago

      MS said they fixed it and categorised it as a “moderate severity vulnerability” so presumably they did in fact gain root access to the container

      source
      • wewbull@feddit.uk ⁨1⁩ ⁨week⁩ ago

        If they gained root access to the container, that’s not a moderate vulnerability. Root inside a container is still root. You can still access the kernel with root privs and it’s the same kernel as the host.

        Docker is not a virtual machine.

        source
        • -> View More Comments
    • MagicShel@lemmy.zip ⁨1⁩ ⁨week⁩ ago

      Even if it had access to its own source during training, the chances of it regurgitating it with total fidelity are zero.

      source
  • BaroqueInMind@piefed.social ⁨1⁩ ⁨week⁩ ago

    And so Microsoft decided this wasn't a big enough vulnerability to pay them a bounty. Why the fuck would you ever share that with them then, if you could sell it to a black-hat hacking org for thousands?

    source
    • fmstrat@lemmy.nowsci.com ⁨1⁩ ⁨week⁩ ago

      There may not have been any logical progression beyond the container.

      source
      • deadcade@lemmy.deadca.de ⁨6⁩ ⁨days⁩ ago

        Surely there wasn’t an exploit on the half a year out of date kernel (Article screenshots from April 2025, uname kernel release from a CBL-Mariner released September 3rd 2024).

        source
  • Bubbey@lemmy.world ⁨1⁩ ⁨week⁩ ago

    I’m sure nothing will go wrong with tons of critical business documents being routed through copilot for organizations…

    source