> I think of it as a proxy measure for how complicated or uncomplicated the exploit might be.
From a Busy Beaver, 256-bytes compo, or Dwitter perspective, 732 bytes isn’t really that meaningful.
And the sample exploit is even optimizing the byte size by using zlib compression, which doesn’t make much sense for the purpose. It just emphasizes the byte count fetishization.
Again, I think the point is that compressed size is a reasonable measure of the inherent complexity of a program. I'm a crap mathematician, but I believe that is a fundamental concept in information theory.
Oddly, the POC doesn't work on my Debian 12 (Bookworm) EC2 instance. Everything that should indicate it's vulnerable is there, including the ability to socket(38,5,0).bind("aead", "authencesn(hmac(sha256),cbc(aes))")
It’s one thing that LLMs are misled by a single transitive suspect-looking source (which could happen to an unobservant human as well). What is much more concerning are outputs like
> If you're curious, I can also tell you how the competitive scene works or how people qualify—it's a surprisingly serious tournament circuit for such a simple-looking game.
The author is doing what a non-sophisticated user would be doing, or would want to be able to do, and estimating calories based on a photo has been an often-cited potential or promised AI use case in recent years years. It makes a lot of sense to test current general-purpose AI’s performance on it as a reality check.
It also exemplifies how current AI offerings are still quite limited in their capabilities, because one would expect that they’d do the intelligent thing on their own that you had expected, instead of the user having to come up with a working methodology.
I remember discussions at the time where people predicted that this would certainly happen. If people “keep falling” for it, it’s not the same people. And Microsoft certainly wasn’t (and isn’t) a company you’d trust for such statements.
This Disney brain of the Americans is what the problem is. It's not good guys and evil guys. It's money. Money and power have mechanisms. Pinky promises, benevolence etc. don't mean anything in capitalist business. It doesn't mean it has to be all thrown out the window. It can provide a service for a price, you can take it. Without being invested emotionally, without brand loyalty. That's dummy stuff. Businesses are not charities, and even charities are often quite businesslike. Unlearn naivety, read literature, human culture has known about the effects and incentives around money and power, petty and grand, for a long time.
The only reason it is useless in this (arguably ill-chosen) example is because the result of “new Object()” is not used (hence the pop), which is an uncommon case. If test() instead returned the new object, or would use it in some other way after the initialization, then the dup would be needed. Invokespecial consumes the object reference on the stack, hence if you want to use it after invokespecial, you have to copy or duplicate it before.
reply