xeroxed
Emmanuele BassiNew rule: if you have the money to run an LLM as a glorified fuzzer with a markdown output generator in order to file security issues, then you're on the hook for everything: from scripts to logs, from requesting a CVE to providing *at least* a band-aid patch. Otherwise off into the bin you go, because you're just wasting people time.
This is actually my revised rule for issues coming from companies and systematised/sponsored efforts: if you get paid for doing security analysis, you are also on the hook for a fix. Shitting the bed and then leaving it to an unpaid maid is how sociopaths behave.
Vladimir Chicken@ebassi Could not agree more!!!!!!
The Doctor@ebassi May I quote you on that?