Comment by ray_v
17 days ago
As my coworker succinctly put it, "nobody uses Firefox anymore."
I don't know if hundreds of millions of people is exactly, "nobody" but I personally agree that open source software is just going to crush closed source for exactly the reasons we're seeing unfold in front of us; you can audit and correct incorrect behavior for the benefits of all.
I use Firefox + uBlock Origin because it give me complete control over what I see.
Same.
For closed-source, I'd expect defenders to have a greater advantage because they can run Mythos on the source code, while attackers only get an opaque API/protocol to try messing with.
There is definitely a closed-source defender advantage where an attacker doesn't have access to the code, binary, or environment that can be instrumented (so basically, running in the cloud), but there have been several very effective technical demonstrations of LLM guided or agentic approaches to assessing the security of closed source tools, and I have had some successes personally using LLMs with tool use to manage binary analysis tools to perform reverse engineering of closed source packages.
For many attack scenarios the boundary is really if you can establish an effective canary or oracle for determining if a change in input results in a change in output, once you have that, it's simply a matter of scaling your testing or attack (for fuzzing, for blind injection, or any other number of attacks that depend on getting signal from a service).
To some extent yes, but models are good at reverse engineering such that it isn't as great advantage as you might think.
Idk Mozilla has its issues but I still primarily use Firefox and librewolf on my Linux desktop. I refuse to use chrome except in instances where necessary.