this post was submitted on 31 May 2025
57 points (89.0% liked)

Technology

39185 readers
80 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 3 years ago
MODERATORS
remington@beehaw.org
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
coldredlight@beehaw.org
SemioticStandard@beehaw.org
57
ChatGPT's o3 Model Found Remote Zeroday in Linux Kernel Code (linuxiac.com)
submitted 2 weeks ago by Kissaki@beehaw.org to c/technology@beehaw.org
35 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] FozzyOsbourne@lemm.ee 26 points 2 weeks ago (1 children)

Searching for answers and creating maps are both completely unrelated to scanning source code for vulnerabilities. What is the point of this comment?

[–] ChairmanMeow@programming.dev 10 points 2 weeks ago (2 children)

I think the point is that even if LLMs suck at task A, they might be really good at task B. Just because code written by LLMs is often riddled with security flaws, doesn't mean LLMs also suck at identifying those flaws.

[–] SkyNTP@lemmy.ml 12 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

A broken clock is right twice a day. Inventions are only good when they reliably work for all the intended solutions.

[–] AndrasKrigare@beehaw.org -1 points 2 weeks ago (1 children)

No? I have a pair of shoes that advertise as being great for running and walking. I love walking in them, but they suck for running. Are you saying the shoes suck and I shouldn't use them at all, even though I like walking in them?

Tools don't care about intent, and neither should you. Only things that work and things that don't. And if it doesn't work, you should use a different tool.

[–] Initiateofthevoid@lemmy.dbzer0.com 5 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

If they are advertised as being great for running and walking, but they are objectively terrible for running?

You can use them all you like, but the company that sold them to you mislead you. That's false advertising. If you call them running shoes, they're bad running shoes.

[–] AndrasKrigare@beehaw.org -2 points 2 weeks ago (1 children)

Sure, but false advertising has nothing to do with how good an invention is, that's a marketing problem.

[–] shnizmuffin@lemmy.inbutts.lol 2 points 2 weeks ago (1 children)

I bought a thing that said it was good for A and B but it's only good for B. Marketing problem! I didn't make a bad decision! I wasn't tricked! I'm a smart boy!

[–] AndrasKrigare@beehaw.org -1 points 2 weeks ago

Alternate take: I want something that does B, so I research methods of doing B and find one that's good. Good thing I'm a smart boy that doesn't make purchasing decisions based on what the marketing department says things do.

There's plenty of good reasons to criticize or be concerned about LLMs. You don't need to make up dumb ones.

[–] FozzyOsbourne@lemm.ee 2 points 2 weeks ago

Yeah exactly, a code scan is completely unrelated to generative AI, the only thing that even connects them is that someone used the chatbot as an interface to start the scan