| ▲ | AntiUSAbah 4 hours ago | |||||||
There is always marketing involved and people should be able to put marketing into perspective. Also curl in this regard is a open source project, relativly small but critical, well known and used everywhere. Besides image libraries, tools like curl or sudo, su, passwd, etc. would also be my first try. Mythos is still not known at all what it can do. What does it mean from cost and benchmark pov to have a 10 Trillion parameter model? Nonetheless, the fact that LLMs got significant better in finding this, better than humans, started to happen half a year ago? so at one point we need to address the elefant in the room and state that today you need to do security scanning additional with LLMs. You need to take this serious. In worst case, use Anthropics marketing to state that its a must now and something changed. | ||||||||
| ▲ | u_fucking_dork 3 minutes ago | parent | next [-] | |||||||
> Mythos is still not known at all what it can do. And this is very much on purpose my friend. Think about what people already believe it can do though. | ||||||||
| ▲ | flohofwoe 3 hours ago | parent | prev [-] | |||||||
> Nonetheless, the fact that LLMs got significant better in finding this, better than humans, started to happen half a year ago? *rolls eyes* regular static analyzers also have been "better than humans" for decades, being better than a human at a specific mechanical task really doesn't mean much. The interesting new thing is the type of potential "fuzzy bugs" described in the article that LLMs are able to identify (a comment not matching the code it describes, uncommon usage of a 3rd party library, mismatch of code and a protocol it implements, or often just generally weird looking code somebody should have a closer look at... this closes a gap in the traditional debugging toolboxes, but shouldn't replace them) | ||||||||
| ||||||||