@bagder This is why you can never trust a #LLM... They dump so much #inaccurate #information or even #wrong information :(

@bagder {"error": "too many requests"}

You've hacked hackerone (remote DoS, 9.8 CVSS)

@bagder At least they redacted your name, I guess..?

@bagder “I have searched in the Bard about this vulnerability”. Right there is the problem. LLMs are not search engines. This is similar to the attorney that “searched” for case law using ChatGPT and ended up filing a legal argument full of references to made up cases.

@bagder@mastodon.social thanks for posting this, i needed a chuckle with my morning coffee!!

edit: the chuckle has worn off and now it's "oh we're doomed aren't we"

@bagder it’s all the weirder because they aren’t even trying to report a new vulnerability. Their complaint seems to be that detailed information about a “vulnerability” is public. But that’s how public disclosure works? And open source? Like are they going to start submitting blog posts of vulnerability analysis and ask curl maintainers to somehow get the posts taken down???

@bagder I have 0 doubts that this will become a more and more common occurence

@bagder Bard doing bard things - writing entertaining stories that are nothing more than myth. All it needs is a lute and a penchant for rough taverns.

@bagder I suspect the reporter's last comment in that thread was also written by an LLM

@bagder On the plus side, they pretty much started with "I asked the Bard". Imagine if that bit had not been there?