|
|
|
|
|
|
by firer
41 days ago
|
|
|
From what I understand, the copy fail bug was found by researcher who noticed something weird and then using AI to scan the codebase for instances where that becomes a problem. I bet that with a slightly looser prompt/harness, the LLM could have found these twin bugs too. Yet at the same time, I also think that if the human researcher had manually scanned the code, he'd have noticed these bugs too. FWIW I do think LLMs are great tools for finding vulnerabilities in general. Just that they were visibly not optimally applied in this case. |
|
|