DOH! Network

AI UPDATE: Had to upgrade the Linux kernel today as part of tightening things up around the recent Copyfail vulnerability — even though the DOH! Network itself wasn't actually vulnerable, it still felt like a good time to get the kernel up to date. Gemini made the process painless. When it is not being force-fed 400+ line web pages, it's surprisingly good at walking through system tasks step by step. It even pointed out the precautions and helped make sure the backup script had all the settings and configs we have been updating recently for the security team.

Copyfail has been getting attention because it's tied to a long-standing issue that went unnoticed for 17 years until modern AI-assisted analysis found it. For anyone curious about the broader context, cehck out the Linux Kernel Documentation.

Copyfail isn't a website exploit — it only becomes a problem when someone copies and runs unverified commands from random sources. The DOH! Network wouldn't have been affected either way. The site doesn't provide shell commands or anything executable for users to run. There's no mechanism for Copyfail to trigger, and nothing on the site that could be used to deliver or execute malicious instructions.

If you're wondering how AI fits into all this, tools like Gemini have been increasingly used for safe code analysis and pattern detection: Gemini Overview. It's a good example of AI being helpful without overstepping.

Gemini gave a clear step by step guide on what to do and we didn't have to pull the server. Nice work, Gemini!

AI UPDATE: Gemini's "zero-refactor" does not work. Or Gemini just refuses to listen. I tell it to give me updated code with zero-refactor and it will always find some stupid stuff to change. It changed a freakin' label when I asked for a change to padding! I'm like "when did I ask you to change the label?" and it has no reason for it. It remembers something I said 3 months ago about something totally unrelated and blames that on the reason it made the change. I JUST TOLD YOU ZERO-REFACTOR AMD YOU DELETED 200 LINES FOR A PADDING CHANGE!!! It is so frustrating. It deleted an "s" in a function name for no reason. The page broke because it could no longer find the function because Gemini removed an "s"!

Using Claude Code at work with what I think is unlimited requests. We'll find out. I sure hope so because it is returning super complex code that would be a real pain to try to debug after the fact. The agents are super cool though but make sure when you ask Claude to set up Redux Toolkit with Queries, it knows how big your project is going to be. I have a proof of concept page with a small chat that will grow to something bigger but Claude thought I was jsut making a chat app so it gave me a super simplified set up that was not what we wanted. I didn't realize so got called out on it. Thanks Claude.