Today is the 10 year anniversary of the first time I ever pwned anything! My first exploit was a simple stack smash, overwrite return ptr, jump to admin function. This was an in internal recruiting CTF by @gaasedelen for the RPISEC Before that day I had never even considered computer security and was primarily doing robotics. You never know when a buffer overflow may change the very course of your life!

@faustianneko I regret to inform you that Elara Voss has died due to a tragic VR gaming accident 😔

@Sauers_ But they don't have an api yet...

@itseieio @aidenybai Or ` ⟋ ` Mathematical Rising Diagonal U+27CB, the italics make it a bit hard to tell

@voooooogel I reverse-engineered the binaries a little bit and sadly they look pretty mundane, just a selection of the test functions, which seem low complexity

@AndrewCurran_ Do any other models use all caps for intense emphasis? For example if you describe yourself getting scammed by a phone call, Claude will “yell” in all caps to hang up the phone

@alexjplaskett I was going to say yes, but then realized that the class I took using that book was ~10 years ago now...

@NathanJClement @AnthropicAI Same with base64 and other encodings used for benign data all the time

@faustianneko @lefthanddraft Ofc chrome is here after almost 2 decades of security hardening, Anthropic and all other AI model companies have a long way to go in their hardening journey. It doesn’t help that it’s an entirely new field of security and so essentially no existing mitigations work

@emollick It does seem to trigger on encoded text (base64) no matter what the content actually is. For example Claude generated a base64 image url and that caused the prompt to get blocked

Oh I'm excited for future mechanized proofs, even with the specification problem. I suppose if most of the code is coming from a single entity (bad ending?) they may be inclined to use that form of security verification, as it may scale better than automated auditing. However if the vast majority of the code is coming from a myriad of autonomous agents and humans alike, I would imagine only a subset of them apply that level of scrutiny...

@ObserverSuns @DavidSHolz but what % of exploitable security bugs will have been generated in the last 18 months👀 >90%??

@Dorialexander It doesn’t seem like it from the info we can gather via token counts

@__morse @lefthanddraft @deliprao @nearcyan That is not the tokenizer that claude uses here. There is no public tokenizer for claude yet, the best we can do is based on the token counting API and having claude repeat it back 1 token at a time. It appears that the num tokens actually DO NOT have spaces attached...

@splitbycomma GPT-4 definitely uses more than GPT-4o, certainly a much larger, denser model

@vikhyatk Have a LLM generate a realistic response to anything the exploit scanners try to request :)

RT @REverseConf: Our 2025 RE//verse talk schedule is now live! Talks start Friday, but don't forget to check the Thursday schedule and arri…