9th September 2009 - Link Blog
Why Python Pickle is Insecure. Because pickle is essentially a stack-based interpreter, so you can put os.system on the stack and use it to execute arbitrary commands.
Recent articles
- Qwen3.6-35B-A3B on my laptop drew me a better pelican than Claude Opus 4.7 - 16th April 2026
- Meta's new model is Muse Spark, and meta.ai chat has some interesting tools - 8th April 2026
- Anthropic's Project Glasswing - restricting Claude Mythos to security researchers - sounds necessary to me - 7th April 2026