undefined | Better HN

0 pointspoincaredisk1y ago0 comments

Still waiting for the first one. I'm not holding my breath - just like fuzzing found a lot of vulnerabilities in low-level software, I expect novel automated analysis approaches will yield some vulnerabilities - but that won't be a catastrophic event just like fuzzing wasn't.

0 comments

ComplexSystems1y ago

Why don't you think that AI models will, perhaps rather soon, surpass human capabilities in finding security vulnerabilities? Because an AI that's even equally competent would be a fairly catastrophic event.

criddell1y ago

It's rumored that the NSA has 600 mathematicians working for them. If they are the ones finding the exploits you will probably never hear about them until they are independently discovered by someone who can publish.

throwaway2404031y ago

Hope that's true. Really mucks up the world a bit if not.

sqeaky1y ago

I hope it doesn't find a new class of bug. Find another thing like Spectre could be problematic.

EDIT - I hope if that new class of bug exists that it is found. I hope that new class of bug doesn't exist.

j / k navigate · click thread line to collapse