Comment by mrkeen
4 hours ago
Daniel Stenberg has been vocal the last few months on Mastodon about being overwhelmed by false security issues submitted to the curl project.
So much so that he had to eventually close the bug bounty program.
https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-b...
We're discussing a project led by actual vulnerability researchers, not random people in Indonesia hoping to score $50 by cajoling maintainers about atyle nits.
Vulnerability researches with a vested interest in making LLMs valuable. The difference isn't meaningful
I don't even understand how that claim makes sense.
8 replies →
I'm not sure the gap between the two is all that wide
Then you're telling on yourself.
[dead]
Daniel is a smart man. He's been frustrated by slop, but he has equally accepted [0] AI-derived bug submissions from people who know what they are doing.
I would imagine Anthropic are the latter type of individual.
[0]: https://mastodon.social/@bagder/115241241075258997
Not only that, he's very enthusiastic about AI analyzers such as ZeroPath and AISLE.
He's written about it here: https://daniel.haxx.se/blog/2025/10/10/a-new-breed-of-analyz... and talked about it in his keynote at FOSDEM - which I attended - last Sunday (https://fosdem.org/2026/schedule/event/B7YKQ7-oss-in-spite-o...).