| ▲ | j2kun 6 hours ago |
| > Luckily AI can speed up defenders as well as attackers here, allowing embargoes that would previously have been uselessly short. This is an important facet of the problem space: security risks turning into an arms race for who wants to spend more tokens. |
|
| ▲ | nicce 5 hours ago | parent [-] |
| One interesting thing is that this makes closed source code even greater asset for the defenders. Attacker cannot spend tokens for it, but defenders can spend tokens for hardening based on source code, while attacker is stuck with blackbox testing. |
| |
| ▲ | watusername 3 hours ago | parent | next [-] | | You would be surprised how adept SOTA models are at reverse engineering with IDA/Ghidra or even plain old objdump. Opus basically knows IDAPython on the back of its hand. | | |
| ▲ | nicce 3 hours ago | parent [-] | | They can be, but the most interesting parts (backend code, deployment confs) are not usually available. Reversing clients can help to understand a bit, but not with equal level. | | |
| ▲ | kardos an hour ago | parent [-] | | On the other hand, any source code leak could be catastrophic |
|
| |
| ▲ | j2kun 4 hours ago | parent | prev [-] | | Decompilation is quite good these days as well |
|
