tjbecker's comments

tjbecker · 2026-04-30T03:18:48 1777519128

https://x.com/i/status/2049687923814281351

> and yes, RHEL 14.3 doesn't exist We meant to say RHEL 10.1. Sorry for the confusion!

tjbecker · 2026-04-29T20:37:35 1777495055

For this crowd, I highly suggest checking out the technical writeup

https://xint.io/blog/copy-fail-linux-distributions

belkinpower · 2026-04-29T22:21:01 1777501261

This has frustratingly low information density for a technical writeup. The LLM output on the marketing page is whatever, but here it really feels like my time isn’t being respected.

tjbecker · 2026-04-29T20:36:32 1777494992

This is correct. The container escape exploit and writeup is not yet released.

dnnddidiej · 2026-04-30T04:06:21 1777521981

Opus 4.7 it if you can't wait

tjbecker · 2026-04-29T20:33:19 1777494799

I recommend reading the technical writeup https://xint.io/blog/copy-fail-linux-distributions

internetter · 2026-04-30T15:48:36 1777564116

Technical writeup is also slop I fear

tjbecker · 2025-12-17T02:15:11 1765937711

This is fair, and we will gladly share the extraordinary evidence as soon as we can.

If you're curious, we have already released the full traces of finding a sqlite3 0day with an early version of Xint Code (submitted to the AIxCC competition and now open sourced): https://theori.io/blog/exploring-traces-63950

tjbecker · 2025-12-17T02:09:53 1765937393

In the commenter's defense, it's reasonable to be skeptical about the level of autonomy claimed in the post.

We are very eager to share more evidence (including the raw inputs and output artifacts for these bugs) and will absolutely do so as soon as we can.

tjbecker · on Aug 29, 2020

> Sure, but that isn’t the user’s fault, and they’re the ones who are going to get attacked.

This is true, but the responsibility to protect these users is ultimately on Slack, not the researcher. If Slack's bounties are nowhere near competitive with black market prices, they are failing to protect their users and should be called out on it.