Comment by DanielHB
14 hours ago
LLMs can't really parse compiled code to find exploits, maybe code in scripting languages (python, js, etc) even if minified. So I don't quite agree with you, having access to the source can definitely help find exploits even in pre-LLM days.
Also, the Github enterprise code is "obfuscated" but it uses a trivially reversible method just meant to be a minor roadblock. After you get past that you get the full ruby source code, no minification or anything.
For a while the key was literally:
> This obfuscation is intended to discourage GitHub Enterprise customers from making modifications to the VM. We know this 'encryption' is easily broken.
Pretty much everyone disagrees with you, especially when you add in decompiler tools to the LLM.
how to say you haven't tried llms since 2023 without saying it, that's quite literally one of the things they excel at