On Wed, May 20, 2026 at 4:24 PM Andy Smith <[email protected]> wrote:
>
> On Wed, May 20, 2026 at 03:55:00PM -0000, CGS wrote:
> > I saw that Linus had complained on the kernel mailing list that there
> > were multiple bug reports for the same vulnerability because people
> > were using AI and deriving the same results.
>
> Some thoughts on that.
>
> Everyone who has access to one of the commercial LLMs has the ability to
> find those security bugs.
>
> There's no way to un-invent the LLMs or restrict access to them.
>
> I'd rather the security issues be reported multiple times than no times.
>
> I'm pretty sure that Linus and most other kernel developers agree with that.
>
> I think the rate of discoveries will slow down soon, only to increase
> again shortly after each release of an improved LLM.
>
> We need to worry about the time between private LLM advances and their
> public release, because that's when people have access to lots of "zero
> day" security bugs.
The folks at Anthropic predict a surge in 0-days, vulnerabilities and
loss of coordinated disclosures (like on the oss-security mailing
list) as the initial wave of bugs are uncovered. Then Anthropic
expects it to drop off and find a new equilibrium as security
researchers catch up with the use of the tools. From [0]:
Most security tooling has historically benefitted defenders more than
attackers. When the first software fuzzers were deployed at large
scale, there were concerns they might enable attackers to identify
vulnerabilities at an increased rate. And they did. But modern fuzzers
like AFL are now a critical component of the security ecosystem:
projects like OSS-Fuzz dedicate significant resources to help secure
key open source software.
We believe the same will hold true here too—eventually. Once the
security landscape has reached a new equilibrium, we believe that
powerful language models will benefit defenders more than attackers,
increasing the overall security of the software ecosystem. The
advantage will belong to the side that can get the most out of these
tools. In the short term, this could be attackers, if frontier labs
aren’t careful about how they release these models. In the long term,
we expect it will be defenders who will more efficiently direct
resources and use these models to fix bugs before new code ever ships.
But the transitional period may be tumultuous regardless. By releasing
this model initially to a limited group of critical industry partners
and open source developers with Project Glasswing, we aim to enable
defenders to begin securing the most important systems before models
with similar capabilities become broadly available.
The scarier thing (to me) is Anthropic recommends a future where AI
locates the bug, and then performs the initial triage for the fixes.
Again from [0]:
Think beyond vulnerability finding. Frontier models can also accelerate
defensive work in many other ways. For example, they can:
* Provide a first-round triage to evaluate the correctness and
severity of bug reports;
* De-duplicate bug reports and otherwise help with the triage
processes;
* Assist in writing reproduction steps for vulnerability reports;
* Write initial patch proposals for bug reports;
* Analyze cloud environments for misconfigurations;
* Aid engineers in reviewing pull requests for security bugs;
* Accelerate migrations from legacy systems to more secure ones;
AI finding and then autonomously fixing bugs. What could go wrong?
[0] <https://red.anthropic.com/2026/mythos-preview/>.
[1] <https://www.anthropic.com/coordinated-vulnerability-disclosure>
Jeff
