☆ Yσɠƚԋσʂ ☆@lemmy.ml to Technology@lemmy.mlEnglish · 4 days agoChina Has Matched Anthropic in Cybersecurity, Resetting AI Racewww.wsj.comexternal-linkmessage-square52fedilinkarrow-up140arrow-down12file-text
arrow-up138arrow-down1external-linkChina Has Matched Anthropic in Cybersecurity, Resetting AI Racewww.wsj.com☆ Yσɠƚԋσʂ ☆@lemmy.ml to Technology@lemmy.mlEnglish · 4 days agomessage-square52fedilinkfile-text
minus-square☆ Yσɠƚԋσʂ ☆@lemmy.mlOPlinkfedilinkarrow-up3arrow-down1·2 days agoThe context here is obviously software exploits given that we’re talking about LLM finding them.
minus-squareTrippinMallard@lemmy.mllinkfedilinkarrow-up2·edit-22 days agoThat was not obvious to me. LLMs have been used for finding hardware, firmware, RF, software, and social exploits. RAM side-channel attacks are a good example of software exploits that are harder to exploit than find the vulnerability.
minus-square☆ Yσɠƚԋσʂ ☆@lemmy.mlOPlinkfedilinkarrow-up3arrow-down1·2 days agoSure, you can do all that as well, but the context is an article about cyber security.
minus-squareTrippinMallard@lemmy.mllinkfedilinkarrow-up1·2 days agoCybersecurity includes finding hardware, firmware, RF, software, and social exploits.
minus-square☆ Yσɠƚԋσʂ ☆@lemmy.mlOPlinkfedilinkarrow-up2arrow-down1·2 days agoAgain, I’m not disagreeing that you can use LLMs to audit all these things. All I’m saying is that software is by far the easiest place to apply models and actually try out exploits end to end.
minus-squareTrippinMallard@lemmy.mllinkfedilinkarrow-up2·2 days agoYour original comment was: Finding them is a prerequisite to exploiting them, and by far the hardest part. Once you know what the exploit is, abusing it is not difficult.
minus-square☆ Yσɠƚԋσʂ ☆@lemmy.mlOPlinkfedilinkarrow-up2arrow-down1·2 days agoYes, and as I’ve repeatedly clarified here, I was making that statment in the context of software.
minus-squareTrippinMallard@lemmy.mllinkfedilinkarrow-up1·1 day agoThat context was not paired with the original comment.
minus-square☆ Yσɠƚԋσʂ ☆@lemmy.mlOPlinkfedilinkarrow-up2arrow-down2·1 day agoAnd then it’s been clarified to you over and over in this thread.
The context here is obviously software exploits given that we’re talking about LLM finding them.
That was not obvious to me. LLMs have been used for finding hardware, firmware, RF, software, and social exploits.
RAM side-channel attacks are a good example of software exploits that are harder to exploit than find the vulnerability.
Sure, you can do all that as well, but the context is an article about cyber security.
Cybersecurity includes finding hardware, firmware, RF, software, and social exploits.
Again, I’m not disagreeing that you can use LLMs to audit all these things. All I’m saying is that software is by far the easiest place to apply models and actually try out exploits end to end.
Your original comment was:
Yes, and as I’ve repeatedly clarified here, I was making that statment in the context of software.
That context was not paired with the original comment.
And then it’s been clarified to you over and over in this thread.