Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There's no more "eyes" though, it's all models, and they are all converging pretty damn fast.


If true then logically it will be sufficient to run this "master model" once before any code release for the level playing field to be restored. After all, even open-source software is private until it is released.


> If true then logically it will be sufficient to run this "master model" once before any code release for the level playing field to be restored.

I'm struggling to see how it is a level playing field:

1. Closed-source: defender runs llms to check the sources for vulns, runs llms on each PR, runs llm on deployment of the compiled output. Attacker runs llm only on compiled output.

2. Open-source: both attacker and defender runs llms on source, on PRs and on compiled output.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: