joernchen 1d ago

LLMs now do the busywork of finding amazing vulnerabilities for everyone willing to spend the tokens.

But hacking still isn't dead:

  • We haven't at all solved the underlying problems which come with writing and shipping code.

  • You still need to understand what you're looking at and what you are operating.

  • The LLM platforms themselves are a exquisite target for hacking^Wcreative use of the technology.

    • Now when everyone can pull a CVE or two out of thin silicon and a few kWh of electricity the art of hacking might need adopt and maybe reshape a little but at its core the mind- and skillset will stay as relevant as it always was.

    In that sense: keep hacking, keep exploring, break some stuff.

    Show threadgittaca1d ago
    @joern Can any non-cloud LLM do that "busywork" or are we talking about a vendor dependency here?
    Show threadjoernchen 1d ago
    @gittaca It doesn’t matter because enough people will do it regardless of what you or I do.
    Show threadgittaca10h ago
    @joern Vendor dependency doesn't matter? Not even when the vendors aren't profitable and the bubble pops at some point?
    Show threadjoernchen 
    @gittaca fair point. However I think that would only mean it gets more expensive. The technology will not go away just because the hype is gone.
    11:49amWeb
    Show threadgittaca2h ago
    @joern And with higher prices, local LLM running becomes more interesting, hence my initial question ;-)