Comment by eqvinox
16 hours ago
I don't think the copy.fail people understood the issue they found, as is evident by the heavy focus on AF_ALG/aead_algif, which is essentially "innocent" as we're seeing here.
I think LLMs are great for vulnerability discovery, but you need to not skimp on the legwork and understanding what even you just found there.
Right but without the LLM the bug doesn't get found at all.
That's not necessarily true. Who's to say the security researchers wouldn't have found it if they'd searched the code manually?
It's an AI security firm! You might just as productively ask "why did all the other engineers who ever looked at this code not find it, and why was Theori the one to actually surface it?".
I’m hardly going to simp for LLM tools but the fact that the bug existed and no one had reported it seems proof positive no one was about to find it without them
It would have taken a LOT longer but often this kind of manual search is so tedious people just don't do it. LLMs don't get bored.
1 reply →
Safer to assume at least one of NSA, Mosad and a few others were sitting on it for years.
Yes, I agree. I'm not the GP poster.