Everything MAY be a criminal offense. Whether it has any merit is another matter.
If I were accused of anything criminal for running this in a host, my defense would be that I was checking the safety of a service I was being offered. If the service was vulnerable, I would counterclaim, if you are on the defense you are already losing.
You understand there's a difference between how the law is, and how you think it should be, right? Only one of those things will actually help you in court.
It probably depends more on the facts than the law.
Whether local access to a system was lawfully granted, whether the af alg module was probed, whether page cache in memory was corrupted, whether su binary on disk was modified, whether other users could access su after the intervention, what the terms of services were. Whether information from other users was accessed, whether the server is private or government related, whether the vuln was actually present, what actions were taken in notifying the server owner if the vuln was present etc..
To claim that X is illegal without regard for any of these variable facts is unlikely to hold generally.
Additionally, as a plaintiff I would be looking at a civil claim, so that would be my concern when evaluating defendant liabilities as well.
I also tested this on an Ubuntu 24.04 (x86_64) host w/ GA kernel ("6.8.0-103-generic #103-Ubuntu SMP PREEMPT_DYNAMIC Tue Feb 10 13:34:59 UTC 2026 x86_64 GNU/Linux") and wasn't able to reproduce the "problem", although `canonical-livepatch` tells me that there are currently "no livepatches available".
https://neverbreak.ai that fixes failing CI and opens a PR with _proof_. Most "AI CI fix" tools read the error log and guess a patch. We actually reproduce the failure, fix it then re-run the test in a fresh environment to confirm it passes before opening the PR. Each PR includes a short GIF of the fix working. If the test doesn't actually pass, no PR gets opened. Works with C, Python, Go, Node.js, Java on GitHub Actions and GitLab CI. Currently working with few beta users.
Hah! I made this at work, when I started getting Claude to record the replication and demonstration of the fix as gifs on PRs people finally started asking me about the cool things I was doing.
The reproduction has been one of the things I've been struggling with in regards to consistency of bringing up the right envs. At the moment I've been approaching it as a MCP server that holds a few tools to bring up specific versions or branches of my stack to then find where a bug was introduced, build that commit prove that it wasnt in the previous one, and then fix it and run the full stack again with the fix component, then run through our local integration tests.
This is the stuff that makes me feel like I'm on steroids now, my whole dev debug process can be run with a few instructions, game changing.
Yes, GIF in PR is really nice in my view too :) Our reproduction runs in a sandboxed per-repo environment that we re-verify the fix in before opening the PR. Would love to have your thoughts on beta and to see how it goes on real world apps. I'm reachable on support AT neverbreak.ai
Sure. We had quite a lot of universities and schools used this platform for their classes. I'll be away from system for next 48hrs though.Drop us a mail,will respond.
Actually I opened up GitHub Sponsor just few weeks ago. Few tims i received enquiry from users (professors) who wanted to contribute back.only now i have proper channel to redirect such requests.
Thanks, most of these came out restriction, we cant afford to throw money on horizontal scaling (adding more server,load server etc). So we kind of forced to try out new things to keep cost affordable. There are many thing left out on above doc: IIRC, we started with openvz and even today our security relies on SELinux, how we remapped user account creation with pre-existing templates for ext4 quota, we moved to xfs because of flexibility. Mysqldb quota/limits, fork bombs by college/school students bringing out docker environment. Old school internet is right term.
In past I have seen around 10 process, but I think with current setup, it could support around upto 20 UML. Remember this runs on the same server where others login and get their normal bash account too. So not a dedicated UML server.
It began as on-prem, Freston hosted in his house (we shared server cost, some people called it crazy, because I sent money to someone I met in Linuxforums.org and never seen this person, even via internet, I trusted him because I know him for few years on that forum) After 3 years or so we moved on to cloud servers. Mostly switching from one infra and another if we get some credits :D Couple of years we had Linode sponsoring those nodes until its acquisition.
>shared screen comms system is outrageously crazy,
Thats Freston idea. I remember our typically chat begins with something like
"Hey Laks, Can you see me typing!" ;)
I really like the ease of use of the site. It's also very clean. However, when you go into the Linux, there is a bit of latency (very noticeable). I know that it's impossible to remove the latency completely (it is what it is), but is there a way to slightly reduce it?
There will be little latency if you access from different region. Server located at Singapore. From India, I checked right now directly via this link https://www.webminal.org/terminal/proxy/index/ I dont see much issue. I use firefox/chrome on Debian. May be try with different browser?
Only UML is the resource consuming part kept as option available on request. Rest of them all shared Shellinabox, nginx,Flask and each active user session consumes little RAM since its a shared terminal. Simple `ls /home` shows all other users on that server!
>Shared dev boxes, shell-as-a-service, jump hosts, build servers — anywhere multiple users share a kernel. any user becomes root
jumped out of bed and went straight into webminal.org servers as local user and ran the python code. It says permission denied on sock() call.
Then I tested with local laptop with it:
```
$ uname -a
Linux debian 6.12.43+deb12-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.12.43-1~bpo12+1 (2025-09-06) x86_64 GNU/Linux
$ python3 copy_fail_exp.py
# cd /root && ls
bluetooth_fix_log.txt dead.letter overcommit_memorx~ overcommit_memory~ overcommit_memorz~ resize.txt snap
```
It does provide the root access!
reply