People who don't do intense security work for a living underestimate the complexity of it. This might find some vulnerabilities, but it's not really capable of producing new methods and attacks. What it replaces isn't a high quality human researcher; it replaces current static code review systems.
If AI models never had stack smashing writeups in their corpus, they'd never be able to invent stack smashing.
God bless you, the beautiful thing about computer security is that this attitude has kept us happily in business for many years.
Say more? It's really hard to navigate the antecedents of this argument.
People who don't do intense security work for a living underestimate the complexity of it. This might find some vulnerabilities, but it's not really capable of producing new methods and attacks. What it replaces isn't a high quality human researcher; it replaces current static code review systems.
If AI models never had stack smashing writeups in their corpus, they'd never be able to invent stack smashing.
2 replies →