tef1d ago

finding myself repeating "fuzzers are stochastic, with enough cpu time you will always find a bug, results are a usually demonstration of resources not algorithms"

like, hacking, along with spam and fraud are the sorts of activities where things only need to work 0.1% of the time to be successful

it isn't a demonstration of clever code or tooling but the uncompromising effectiveness of sheer brute force heh

Show thread✧✦Catherine✦✧1d ago
@tef i don't think this is correct, actually. afl (when it got introduced) has massively reduced the amount of resources because it is coverage-guided
Show threadtef1d ago

@whitequark * unless comparing to other fuzzers

like if you only have a list of bugs there's no study on the techniques

Show thread✧✦Catherine✦✧1d ago
@tef yea sure
Show threadtef1d ago
@whitequark was genuinely mulling over adding it but i shrugged as my post was already too wordy heh
Show thread✧✦Catherine✦✧1d ago
@tef i do think it's relevant. LLM-based fuzzers do seem like a significant and consequential achievement, for better or worse; not as world-changing as some fearmonger, but still something we have to take into account
Show threadtef
@whitequark oh, for sure, being a script kiddie has gotten a little bit easier while token prices are low heh
Apr 8 at 2:08pmWeb
Show thread✧✦Catherine✦✧1d ago
@tef it seems to be a pretty big help for defenders too, in a way that wasn't the case a year ago. i've been meaning to evaluate the efficiency, though haven't gotten around to it