Comment by tptacek
12 hours ago
"C executables" are most of the frontier of exploit development, which is why this is a meaningful model problem.
12 hours ago
"C executables" are most of the frontier of exploit development, which is why this is a meaningful model problem.
Can we fight fire with fire, and use LLMs to rewrite all the C in Rust?
Sure, but the LLMs will just chain 14 functions instead of 7. If all C code is rewritten in Rust tomorrow that still leaves all the other bug classes. Eliminating a bug class might have made human attacks harder, but now with LLMs the "hardness" factor is purely how much token money you have.
Llms are not magic. Fixing a large class of exploits makes exploitation harder.
Usually rewriting something in Rust requires nontrivial choices on the part of the translator that I’m not sure are currently within the reach of LLMs.