REDDIT · REDDIT// 1d agoNEWS

Geohot: Zero-days easy, incentives weak

Hacker George Hotz challenges the AI industry's cybersecurity alarmism, arguing that zero-day vulnerabilities are technically trivial to find but lack sufficient financial incentives for disclosure. He proposes a "zero-day a day" release schedule to expose the fragile state of modern software security.

// ANALYSIS

Hotz is calling the bluff on AI labs using "cybersecurity risk" as a justification for regulatory capture and closed-source models. His take is a refreshing, if aggressive, reminder that software isn't secure because of technical complexity, but because of legal and financial barriers.

–Claims finding flaws in C-based software is "so easy" that only legal threats and low bug bounties keep them from being public
–Dismisses AI's role in lowering hacking barriers as hype, noting current models only match known patterns rather than inventing new exploits
–Frames the "risk" narrative as a tactic by OpenAI and Anthropic to pull up the ladder behind them via regulation
–Highlights the toxic relationship between researchers and vendors, where lawsuits often precede patches
–Re-centers the security debate on market incentives rather than technical gatekeeping

// TAGS

geohotsecurityai-safetyregulationopen-source

DISCOVERED

1d ago

2026-04-10

PUBLISHED

1d ago

2026-04-10

RELEVANCE

7/ 10

AUTHOR

kubika7