Hacker News new | ask | show | jobs
by hard_times 36 days ago
I'd say it's different this time, because LLM can form and substantiate opinions of their own, on their own. You could actually assume you have the full source code of any binary for it to analyze, since in theory everything is decompilable, and you could then also diff between releases to save 99% tokens.
1 comments
chris_money202 35 days ago
Think this is more an argument against them in security than for them. You don't want the LLM forming the opinion that something is secure when it is not because it has "microsoft" in the name of a binary or something else. There are a lot of ways to mis-direct their reasoning and it's almost impossible to control that 100%. A lot of AI providers are learning from the mistakes, so implies something is going to get hacked once in some unique way and then LLMs won't make the mistake again with 99% certainty.
link
hard_times 35 days ago
Let's strip all strings then before analysis? to prevent prompt injections and such.
link