*Twelve* Hackerone submissions against #curl within the last seven days.
Zero of them turned out a confirmed vulnerability.
Several of them found, reported, phrased-in-far-too-many-words and mislead by stupid word completion machines.
This entry was edited (2 weeks ago)
Robin Whittleton
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Robin Whittleton • • •Semitones
in reply to daniel:// stenberg:// • • •would you consider clarifying the last phrase? [Edited, char limit]
Me:
Several of them [the submitted vulnerabilies? were] found, reported, phrased-in-far-too-many-words, and mislead [misled? unclear] by stupid word completion machines.
Is this accurate (edited)
Several of the vulnerabilies were found, reported, phrased-in-far-too-many-words, and their reporters misled by stupid word completion machines.
Edit: clarified, thank you!
daniel:// stenberg://
in reply to Semitones • • •hisold
in reply to daniel:// stenberg:// • • •Christoph Heiss
in reply to daniel:// stenberg:// • • •Bobulous
in reply to daniel:// stenberg:// • • •What do these instances of AI-slop look like? (I tried hunting through the "Issues" and "Pull requests" in the curl/curl GitHub project, but I can't see any mention of HackerOne.)
And is this nonsense built into GitHub? I keep hearing of projects moving from GitHub to Codeberg to avoid AI harassment which is seemingly now part of the GitHub experience.
Andreas
in reply to daniel:// stenberg:// • • •Thank you for these regular reports on HackerOne.
I always get a good chuckle out of them as I read Hackerone as in Toblerone (with the swiss german pronounciation as in youtu.be/wyLXR8EgDrc?t=6) before correcting myself.
And it is hilarious and makes me think of chocolate, which is so much nicer than thinking about bug-bounties.
Schweizerdeutsch Podcast - Warum heissen Toblerone, Rivella und Co. so?
YouTube