请问HN:在Mythos之后,如何处理桌面应用程序的安全问题?
最近,有人声称安全性是一个比对方花费更多代币的问题: https://news.ycombinator.com/item?id=47769089
不论这种说法是否成立,您会如何处理现代桌面应用程序的版权保护?我特别担心攻击者能够将一个前沿的语言模型指向一个闭源的二进制文件并说“破解它”,而这在过去通常需要几个月的努力。假设条件:
1) 该应用程序必须是本地的,出于延迟考虑,不能是SaaS(软件即服务)。
2) 攻击者只需成功一次。
3) 目标是机器锁定的许可证,未经明确停用不能转让。
4) 激活(例如,在安装过程中)可以在线进行,但应用程序需要在离线状态下具备全部功能。这意味着在运行时不能通过回拨服务器进行检查。
查看原文
Recently, there are claims that security is a matter of spending more tokens than the other side: https://news.ycombinator.com/item?id=47769089<p>Regardless of validity, how would you handle copy protection for a modern desktop app? I'm especially concerned about the attacker being able to point a frontier LLM at a closed source binary and saying "crack it", when it used to be a months-long effort. Assumptions:<p>1) The app has to be native for latency reasons and cannot be a SaaS.<p>2) The attacker only has to win once.<p>3) The goal is machine-locked licenses that cannot be transferred without explicit deactivation.<p>4) Activation (e.g. during installation) can be online, but the app needs it's entire functionality available offline. This means no checks by phoning back to a server during runtime.