That's it. I've had it. I'm putting my foot down on this craziness. 我受够了。我必须阻止这种疯狂的行为了。

  1. Every reporter submitting security reports on #Hackerone for #curl now needs to answer this question: "Did you use an AI to find the problem or generate this submission?" (and if they do select it, they can expect a stream of proof of actual intelligence follow-up questions) 现在,每一个在 #Hackerone 上提交关于 #curl 的安全报告的提交者,都需要回答这个问题:“你是否使用了 AI 来发现问题或生成这个提交?”(如果他们选择了“是”,他们将会面临一连串需要证明他们真实智力的后续问题)。

  2. We now ban every reporter INSTANTLY who submits reports we deem AI slop. A threshold has been reached. We are effectively being DDoSed. If we could, we would charge them for this waste of our time. We still have not seen a single valid security report done with AI help. 对于任何我们认为是由 AI 生成的垃圾报告的提交者,我们现在会立即禁止其提交报告。已经达到临界点了。我们实际上正在遭受 DDoS 攻击。如果可以的话,我们会向他们收取浪费我们时间的费用。我们仍然没有看到任何由 AI 辅助生成的有效安全报告。