The I in LLM stands for intelligence

On how people now use AI to submit security reports on #curl.

https://daniel.haxx.se/blog/2024/01/02/the-i-in-llm-stands-for-intelligence/

@manchicken @bagder LLMs makes these fake reports easier to produce in large quantities. Even if it only work 0.01% of the time, if you can cheaply generate thousands of reports, and just one or two of them get you a reward, it can be worth doing.
This is already how it works for email scams. They send thousands of them, but they win if just one person falls for it.

@bagder

"Sometimes reporters use AIs or other tools to help them phrase themselves or translate what they want to say."

English education in my country (Hungary) is shit, and my biggest contribution to the local community arguably was to provide opportunities to discuss IT-security in our native tongue. I also find this a huge mistake, creating a local bubble and disincentivizing people from learning to communicate internationally.

So while I greatly admire your intentions here, as a non-native speaker my opinion is that this approach is counter-productive from the reporters standpoint. Also, LLM's are not translator programs, and they hide semantic translation errors just as easily as technical non-sense.

Based on this I think banning LLMs altogether would be a reasonable choice.

Once again, thanks for your work and the great post!

@bagder Understood. My point is that such a use-case shouldn't be a argument against a general ban. But that's just my 2cents.