Comment by tptacek
20 days ago
"C executables" are most of the frontier of exploit development, which is why this is a meaningful model problem.
20 days ago
"C executables" are most of the frontier of exploit development, which is why this is a meaningful model problem.
Can we fight fire with fire, and use LLMs to rewrite all the C in Rust?
Usually rewriting something in Rust requires nontrivial choices on the part of the translator that I’m not sure are currently within the reach of LLMs.
I heard this before, that apparently there are things you cannot implement in Rust. Like, apparently you cannot implement certain data structures in Rust. I think this is bullshit. Rust supports raw pointers, etc. You can implement whatever you want in Rust.
5 replies →
Sure, but the LLMs will just chain 14 functions instead of 7. If all C code is rewritten in Rust tomorrow that still leaves all the other bug classes. Eliminating a bug class might have made human attacks harder, but now with LLMs the "hardness" factor is purely how much token money you have.
Llms are not magic. Fixing a large class of exploits makes exploitation harder.
1 reply →