[Bender]

I don't even believe that AI is real. To me it's just a predictive chat bot using LLM with big-data shoved up it's back-side. As for trust, I do not trust anyone or anything but if our choices are mass exploitation and mass patching, I will take the latter if people are not patching their own stuff especially if AI can gain access to it already. If AI can get to it so can spooks right now. There is a lot of hardware with state operated unofficial remote access and some of their companies are listed in In-Q-Tel's website. Worst case, the USA gets more control of the back-doors, lawful intercepts and such. I guess I will support that over other countries having control.

If there is a third option where companies drop everything, all hands on deck to patch all the things I would take that but it's just never been a priority. That's why I was always a big fan of ransomware separating customer data away from companies that should not have had it in the first place.

[joe_the_user]

How could some worm imposed patching work? If a piece of software is insecure and you switch the binary to secure, the insecure version would uploaded in the next update - and secure version likely treated like malware itself.

[Bender]

Turtles all the way down right? Well the way malware was used by the feds in the past was go get rid of the existing RAT and fix the vulnerability that the malware used in the first place so the machine could not be re-infected by the same vectors. These were not all inclusive patch processes, just enough to kill the RAT and its attack vectors to shut down a specific crime network so that another criminal group could not just move in and take over in it's place.