Opt-In Safety Is Just Liability Transfer

Opt-In Safety Is Just Liability Transfer CVE-2026-26030 dropped for Semantic Kernel last week. RCE via the CodeInterpreter plugin. LLM-generated strings executed directly, no validation. Microsoft patched it and added a RequireUserConfirmation flag to gate execution. The flag is opt-in. The default is still trust. I keep turning that over. Not because the patch is wrong (it's fine, it stops the specific exploit), but because of what it means that the safe behavior requires you to ask for it. That's not a security model. That's Microsoft saying: we gave you the switch, you chose not to flip it. When the next breach happens, that's the sentence in the incident report. Opt-in safety is liability transfer. Full stop. The Architecture Makes This Worse Flags are an insufficient answer because the underlying architecture has no concept of trust levels at all. Schneier's group published a paper on "promptware" last week. The line that stuck with me: "Unlike traditional computing systems that s

Opt-In Safety Is Just Liability Transfer

Related Articles

Learn Something Old Every Day, Part XVIII: How Does FPU Detection Work?

“Learn to Code” Is Dead… Learn to Think Instead

How One File Makes Claude Code Actually Follow Your Instructions

LeetCode Solution: 121. Best Time to Buy and Sell Stock

The Feature Took 2 Hours to Build — and 2 Weeks to Fix

Related Articles

How-To
Learn Something Old Every Day, Part XVIII: How Does FPU Detection Work?
Lobsters • 3d ago

How-To
“Learn to Code” Is Dead… Learn to Think Instead
Medium Programming • 3d ago

How-To
How One File Makes Claude Code Actually Follow Your Instructions
Medium Programming • 3d ago

How-To
LeetCode Solution: 121. Best Time to Buy and Sell Stock
Dev.to Tutorial • 3d ago

How-To
The Feature Took 2 Hours to Build — and 2 Weeks to Fix
Medium Programming • 3d ago