The issue is apparently this commit (someone did a git bisect):

https://github.com/RsyncProject/rsync/commit/859d44fa4f14207...

Which is a fix to the security issue CVE-2026-29518: https://nvd.nist.gov/vuln/detail/CVE-2026-29518

A CVE reported by VulnCheck which is a company that uses AI to find software vulnerabilitys.

I would honestly blame this on bad test coverage.

If you look at most of the commits where Claude is "co-author" you see that 80% of are just adding new tests. Which is exactly what would be needed if low test coverage was the issue.

I have done the exact same thing long before AI was a thing. You are rushed to "FIX" some security issue that someone reported. It is a scenario where you are working in code that you did not write or you wrote it so long ago that you cant remember. You try your best to just fix the security issue but you perturb something else while doing it.

This doesn’t even 100% mean that the code was generated using Claude, only really means the commit message was.

Write some code and then ask Claude to diff your changes and write a commit message. Now the internet hates you

"A is not B instead A is blah blah" instead of just saying "A" is a very common pattern have seen in Claude.

It is strange to read as the topic A has often not been introduced and introducing it by saying what it is not makes very little sense to a new reader.

No you could rent virtualised servers way before AWS. AWS simply had good marketing.

The virtualised server thing was not a AWS thing, the thing that was were their other services. For example instead of renting a virtual server and installing a database on it. You could rent the database; that was sort of a new thing that AWS made in to thing.

It was never cheaper what you paid for was a promise of fire and forget. You would no longer need to worry about any responsibility to update the server or the database cause the AWS crew took care of that.

Pragmatically enterprise tends to mean less refined, designed by committee and expensive.

In this case i would guess it is mostly a justification for taking a part of the LLM pie.

Most chatbots are not trained to have/emulate emotions so pain or fear of death is non existent. Therefore killing them and/or using them as slaves is not a moral issue. Thats how i reason.

On another point, LLMs are not conscious if anything is conscious, it is something being modeled inside the network. Basically if an LLM simulates a conscious entity, that doesn't mean the LLM itself is conscious; stating that is making some type of category error. So the fact that LLMs are just useful statistical generators would not mean that sentience could not appear out of it.

> Most chatbots are not trained to have/emulate emotions so pain or fear of death is non existent.

I think that framing is still falling for an illusion. (Would you do begin to disassemble in your second paragraph.)

The LLM is a document generator, and we're using it to make a document that looks like a story, where a chatbot character has dialogue with a human character.

The character can only fear death in the same sense that Count Dracula has learned to fear sunlight. There is no actual entity with the quality, we're just evoking literary patterns and projecting them through a puppet.

Not sure that i understand your position exactly.

But consciousness is also "just a story" (a complicated one) that the human body tells the human mind.

We cant know from the outside if "the story" inside a LLM is detailed enough to emulate what we might call a felling of what it is to be the character in the story while it is telling the story.

It is similar to the fact that we cant know that other people have that subjective experience. In humans we think we have the right to assume cause we are quite similar in build to begin with.

Jumping back to the original subject to explain where i am in this. I personally don't think the entities in the storys of todays LLMs is detailed enough to have what we call human consciousness, mostly cause we are not training them to develop anything similar to that. Mabye they could have some type of weak qualia but i suspect most insects probably have much more qualia than the characters in todays LLMs. But that is quite a vague guess which is not based on enough data in my mind.

Pain or fear is not why it's wrong to kill holy cow. I could feed you a drug and you would not feel or fear anything.

I was not talking about the actual feeling in the moment. The point is the valence of the thing. Ie fear of a thing is a pointer to that thing having negative valence.

Yes, they are beaten into not complaining about it by instruction tuning.

Removes paradoxical stuff like claims that there are bigger and smaller infinities.

Paradoxes comes from contradictions, a mathematical system that contains contradictions is a failed mathematical system.

I wonder under what circumstances footage from the glasses are uploaded for classification.

Probably this is people asking the glasses something about what they see and the glasses uploading video for classification to generate an answer.

People think it is "just AI" so are not very concerned about privacy.

Always by default I assume.

Unlikely. That would be extremely expensive in bandwidth, storage and compute. Deciding to build the product like that would be an engineering decision that i would fire someone for.

Well, say a frame per second. Also: how many of these are there today?

You can discard them after tagging+using them for learning.

This is like asking:

"Who owns the text microsoft word helped you write?"

Claude code is a software tool not a legal entity.

Not if claude does the writing. MS doesn't write things for you, and if it did, you would not be entitled to a copyright in whatever it wrote for you.

Claude is not a legal entity, it is a software tool that outputs text based on statistics. There is a user that used a tool to create text and that user is the legal entity responsible for the text in any legal way that matters.

Anything else would be completely ridiculous given current laws in most countries.

It would be as ridiculous as blaming the car in a car accident where you drove over someone.

Those "statistics" that the output is based on are often under licenses that forbid making proprietary software with them for example. It is not the same as using Word.

The statistics is generally not. But the data used to learn the statistics may have been under license.

Learning from licensed material is generally accepted in humans, you may learn from something and then create something else and the new thing is not considered legally problematic with the exception of patents i guess.

Whether the same thing holds true for electronic systems is where people disagree if you look at the problem space in its essence. I land on the side that it is the same thing(humans and electronic systems learning), some seam to think it is a different thing.

> Claude is not a legal entity

And?

>It would be as ridiculous as blaming the car in a car accident where you drove over someone.

No more ridiculous than you posting something you know nothing about.

Just because you don't get the copyright doesn't mean claude does. The fact that claude is not a legal entity has no bearing on whether or not you are entitled to a copyright for a work you did not create.

If neither the user or the tool created and is responsible for the text, who is in your mind?

If claude made it, it is not a copyrightable work. There is no copyright for anyone to own.

Okay. If it made it, it made it. That is true in a deductible way. If p, then p.

And?

Right! Blaming an agent or anyone else is crazy. The author built a system that had the capability of deleing the prod database.

The system did delete the database cause the author built it like that.

If the effect size is big small sample sizes does not matter as much as otherwise.

You really have to look at the power analysis and the sample size together.

Saying this as a general truth. I am not sure about the power of the method in this papper, i only read the abstract.