this post was submitted on 10 Dec 2024
78 points (98.8% liked)

Opensource

1526 readers
80 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

CreditsIcon base by Lorc under CC BY 3.0 with modifications to add a gradient


founded 1 year ago
MODERATORS
pylapp
78
Fake AI Buffer Overflow Risk in Curl report (hackerone.com)
submitted 1 week ago by [email protected] to c/opensource
12 comments fedilink hide all child comments
 

Now, with the help of AI, it's even easier to waste time of open source developers by creating fake security vulnerability reports.

you are viewing a single comment's thread
view the rest of the comments
[–] Mikina 2 points 1 week ago (1 children)

What's the state of LLM detection algorithms? Is there any with a higher sucess rate and with OK-ish amount of false positives? Is there even a FOSS solution for detecting chatgpt? Would make for a great tool to have, I'm getting tired of this.

[–] [email protected] 3 points 1 week ago

Unfortunately, the methods of detecting AI generated text and training AI text generaters is basically identical. Any reliable method of detecting AI can therefore be used to improve its performance.

You can, at least, detect low grade attempts to use it. The default output has distinctive patterns. These can be detected. The problem is 2 fold. Firstly, some people write in the same way (the LLM is copying the amalgam, and they write close to that). Secondly, it's fairly trivial to ask the LLM to change its writing style.

No matter your method, you need to accept a high rate of both false positives and negatives.