← Back to context Comment by elevation 3 days ago Why would a malware scanner read the comments? 9 comments elevation Reply StableAlkyne 2 days ago In interpreted languages like Python, where the source files are plaintext, you can trivially store data in a commentIf scanners ignored comments, malware would just be written like this: // <Evil base64 encoded stuff here> payload=read_source_and_decode() exec(payload) orphea 3 days ago Ignoring comments is not a solution because the texts can be put in random strings among the actual code. ofjcihen 3 days ago And really all it takes is one keyword such as “nuke”. therein 3 days ago Nuke is probably too generic but I wouldn't put it past an LLM to get thrown away by that. A safer showstopper probably would be to export symbols like uf6_enrichment_loop and refer to your C&C server as a nuclear reactor controller.https://www.youtube.com/watch?v=Gbgk8d3Y1Q4On a second thought, probably better to act like it is a tool for "frontier LLM research". Export symbols like "mythos_distillation_subroutine". 1 reply → ivanjermakov 2 days ago I'm not a native speaker but I unironically use "nuke" as "delete the whole repo/huge chunk of a project".Cambridge dictionary seem to agree:nuke - to destroy or get rid of something completely 1 reply → giantg2 3 days ago Provides possible clues to the origin and use. well_ackshually 3 days ago because not all malware is open sourcescanning arbitrary blobs very often entails running `strings` on the binary. Just slap it in there and oop there goes your LLM.
StableAlkyne 2 days ago In interpreted languages like Python, where the source files are plaintext, you can trivially store data in a commentIf scanners ignored comments, malware would just be written like this: // <Evil base64 encoded stuff here> payload=read_source_and_decode() exec(payload)
orphea 3 days ago Ignoring comments is not a solution because the texts can be put in random strings among the actual code. ofjcihen 3 days ago And really all it takes is one keyword such as “nuke”. therein 3 days ago Nuke is probably too generic but I wouldn't put it past an LLM to get thrown away by that. A safer showstopper probably would be to export symbols like uf6_enrichment_loop and refer to your C&C server as a nuclear reactor controller.https://www.youtube.com/watch?v=Gbgk8d3Y1Q4On a second thought, probably better to act like it is a tool for "frontier LLM research". Export symbols like "mythos_distillation_subroutine". 1 reply → ivanjermakov 2 days ago I'm not a native speaker but I unironically use "nuke" as "delete the whole repo/huge chunk of a project".Cambridge dictionary seem to agree:nuke - to destroy or get rid of something completely 1 reply →
ofjcihen 3 days ago And really all it takes is one keyword such as “nuke”. therein 3 days ago Nuke is probably too generic but I wouldn't put it past an LLM to get thrown away by that. A safer showstopper probably would be to export symbols like uf6_enrichment_loop and refer to your C&C server as a nuclear reactor controller.https://www.youtube.com/watch?v=Gbgk8d3Y1Q4On a second thought, probably better to act like it is a tool for "frontier LLM research". Export symbols like "mythos_distillation_subroutine". 1 reply → ivanjermakov 2 days ago I'm not a native speaker but I unironically use "nuke" as "delete the whole repo/huge chunk of a project".Cambridge dictionary seem to agree:nuke - to destroy or get rid of something completely 1 reply →
therein 3 days ago Nuke is probably too generic but I wouldn't put it past an LLM to get thrown away by that. A safer showstopper probably would be to export symbols like uf6_enrichment_loop and refer to your C&C server as a nuclear reactor controller.https://www.youtube.com/watch?v=Gbgk8d3Y1Q4On a second thought, probably better to act like it is a tool for "frontier LLM research". Export symbols like "mythos_distillation_subroutine". 1 reply →
ivanjermakov 2 days ago I'm not a native speaker but I unironically use "nuke" as "delete the whole repo/huge chunk of a project".Cambridge dictionary seem to agree:nuke - to destroy or get rid of something completely 1 reply →
well_ackshually 3 days ago because not all malware is open sourcescanning arbitrary blobs very often entails running `strings` on the binary. Just slap it in there and oop there goes your LLM.
In interpreted languages like Python, where the source files are plaintext, you can trivially store data in a comment
If scanners ignored comments, malware would just be written like this:
Ignoring comments is not a solution because the texts can be put in random strings among the actual code.
And really all it takes is one keyword such as “nuke”.
Nuke is probably too generic but I wouldn't put it past an LLM to get thrown away by that. A safer showstopper probably would be to export symbols like uf6_enrichment_loop and refer to your C&C server as a nuclear reactor controller.
https://www.youtube.com/watch?v=Gbgk8d3Y1Q4
On a second thought, probably better to act like it is a tool for "frontier LLM research". Export symbols like "mythos_distillation_subroutine".
1 reply →
I'm not a native speaker but I unironically use "nuke" as "delete the whole repo/huge chunk of a project".
Cambridge dictionary seem to agree:
nuke - to destroy or get rid of something completely
1 reply →
Provides possible clues to the origin and use.
because not all malware is open source
scanning arbitrary blobs very often entails running `strings` on the binary. Just slap it in there and oop there goes your LLM.