the root of software engineering has always been complexity. every line of code is a bug. every dependency is a liability. as the tide recedes, it will rapidly become obvious who has been swimming naked:
"we should prepare for the industrialisation of many of the constituent parts of offensive cyber security. We should start assuming that in the near future the limiting factor on a state or group’s ability to develop exploits, break into networks, escalate privileges and remain in those networks, is going to be their token throughput over time, and not the number of hackers they employ"
"I’m almost certain that you could drop the firmware from a huge number of IoT devices (routers, IP cameras, etc) into an agent based on Opus 4.5 or GPT-5.2 and get functioning exploits out the other end in less a week of work."
https://sean.heelan.io/2026/01/18/on-the-coming-industrialisation-of-exploit-generation-with-llms/
ynniv
npub12a…x6fdh
2026-01-19 22:58:27 UTC
Author Public Key
npub12akj8hpakgzk6gygf9rzlm343nulpue3pgkx8jmvyeayh86cfrus4x6fdhPublished at
2026-01-19 22:58:27 UTCEvent JSON
{
"id": "47afe75f2473509c750919574b24eccf7e38955a0a8a649ee2480ba4475139eb",
"pubkey": "576d23dc3db2056d208849462fee358cf9f0f3310a2c63cb6c267a4b9f5848f9",
"created_at": 1768863507,
"kind": 1,
"tags": [
[
"r",
"https://sean.heelan.io/2026/01/18/on-the-coming-industrialisation-of-exploit-generation-with-llms/"
]
],
"content": "the root of software engineering has always been complexity. every line of code is a bug. every dependency is a liability. as the tide recedes, it will rapidly become obvious who has been swimming naked:\n\n\"we should prepare for the industrialisation of many of the constituent parts of offensive cyber security. We should start assuming that in the near future the limiting factor on a state or group’s ability to develop exploits, break into networks, escalate privileges and remain in those networks, is going to be their token throughput over time, and not the number of hackers they employ\"\n\n\"I’m almost certain that you could drop the firmware from a huge number of IoT devices (routers, IP cameras, etc) into an agent based on Opus 4.5 or GPT-5.2 and get functioning exploits out the other end in less a week of work.\"\n\nhttps://sean.heelan.io/2026/01/18/on-the-coming-industrialisation-of-exploit-generation-with-llms/",
"sig": "c6b5510faec29dcaf7be8aca4c8d5dfdac08af0ab84c31426111ad2ba33f27bb1dec26af8e6b255f88e7c12d2eadd4738a53e217e16cc47269e08c0e4131f74d"
}