[Leomuck]

Well what kind of meaning do you find in brute force? I'm not saying it's not effective. I just critisize the news that make it look like AI is the a revolutionary advance in security. It is not. It makes skills available to many more people which is cool, but it is based off of training - training on things people did. It doesn't magically find a new combination of factors that lead to a security issue, it tries things it's read about. That's not meaningless. It could even be democratizing in a way. I just hate all this talk that "this model is too scary to release in the world".

But I'm happy about any feedback or critique, I might just be wrong honestly.

[CMay]

I'm not the person who responded to you, but I think of a brute force attack as essentially translatable into brute (dumb) force (effort). No thinking, no decision making, but the process is known. Here is a pile of stones, move that pile of stones from here to over there. In the case of most brute force, you think of it like cracking passwords. You have an algorithm or you have a giant pile of passwords. Move those passwords over to try them on this hash. The processor is doing the heavy lifting on the simple task.

Philosophically you could try to differentiate between the human side of the effort versus the computer side. You could also differentiate from a really dumb model and a really smart model. A dumb model just spinning its wheels and hoping it gets lucky, versus a smart model actually trying intelligent things and collecting relevant details.

In these cases I think we're assuming a sufficiently smart model making well reasoned headway on a problem. Not sure I would fall on the side of the camp that would label this as brute force by default in all cases. That said, there may be specific scenarios where it might seem fitting even when using a smart model.