AI slop attacks on the curl project - Daniel Stenberg

Daniel
Stenberg
August 16, 2025
AI slop attacks on the curl
project

Daniel Stenberg
@bagder
@mastodon.social

https:?Ddaniel.haxx.se

Daniel Stenberg

Traces back to November 1996
From 100 to 180,000 lines of code
Written by 1,400 authors - one full-time employee
20 - 25 commit authors per month
Totally 3,500 named people have helped out
a small project with large impact
Daniel Stenberg

curl runs in these things

Modern digital infrastructure is to a large degree
built on layers and layers of Open Source
Daniel Stenberg

All modern software
Custom code and logic
component 4component 2 component 3component 1
component 7component 6component 5 component 10component 9component 8
component 13component 12component 11
open
Daniel Stenberg

Daniel Stenberg

When digital infrastructure relies on your code,
security becomes a top priority
Daniel Stenberg

Security issues in the project trump all other
activities and demand immediate attention
Daniel Stenberg

Maintaining Open Source
Most projects have a single maintainer
Many projects are run primarily as a spare time hobby
Many projects are underfunded
Most projects have outstanding tasks
Many maintainers struggle with burnout
Daniel Stenberg

Making Open Source secure
Sound software infrastructure
Easy-to-read code
Code reviews
Lots of tests
Lots of good tools
Bug-bounty
Daniel Stenberg

Rewards for conﬁrmed security vulnerabilities
The reward truly motivates
Finding and ﬁxing security problems is a good
Bug bounty
Daniel Stenberg

Receives two - three submissions per week
Each report takes a few man hours to deal with
Rubbish reports used to be quick to dismiss
curl’s bug bounty
Daniel Stenberg

enter AI
Daniel Stenberg

Pays up to 10,000 USD per vulnerability
Has paid over 92,000 USD so far
For 81 conﬁrmed security vulnerabilities
Over the last six years
Sponsored by the Internet Bug-Bounty (IBB)
curl’s bug bounty
Daniel Stenberg

Daniel Stenberg

hey chat, show me a security problem in curl,
make it sound alarming
Daniel Stenberg

your friendly AI chat always provides an answer
Daniel Stenberg

hey chat... hey chat... hey chat... hey chat... hey chat... hey chat...
hey chat...
Distributed denial of service slop attacks (DDoSSA)
hey chat... hey chat... hey chat... hey chat... hey chat...
Daniel Stenberg

The reported issue is either not a problem or it
does not exist
Daniel Stenberg

Not always easy to do, because...
(too) polite
perfect English without typos
Mixed Case To Make It Seem Serious
mdash use
(too) long (already at ﬁrst shot)
bullet point bonanza
Recognizing AI language
Daniel Stenberg

When asked a follow-up question...
overly polite and friendly
apologizes a lot
easily loses track and takes off in another direction
follow-up replies tend to be (too) long as well
AI conversations
Daniel Stenberg

The human involved is just a copy-and-paste proxy
Daniel Stenberg

Daniel Stenberg

Maintaining is doing many things
Security work
Release
management
Website admin
Mailing list admin
PR reviews
User support
Blogging &
information
People
management
Debugging
PR merging
CI maintenance
Find sponsors
Write
documentation
Event planning
Getting stickers
Doing talks
Feature
development
Daniel Stenberg

An Open Source maintainer’s day
Security workRelease managementWebsite adminMailing list adminPR reviewsUser supportBlogging & informationPeople managementDebuggingPR mergingCI maintenanceFind sponsorsWrite documentationEvent planningGetting stickersDoing talks Feature development
Sleep Life
24 hours
Daniel Stenberg

A less ﬁne Open Source maintainer’s day
Security work
Release managementWebsite adminMailing list adminPR reviewsUser supportBlogging & informationPeople managementDebuggingPR mergingCI maintenance
Sleep Life
24 hours
Daniel Stenberg

An AI example
Daniel Stenberg

LIES
The mentioned bad function does not exist
The gdb session is made up
The crash does not happen
The shown register contents are made up
Nothing in this report is relevant
Daniel Stenberg

Daniel Stenberg

A total waste of time and energy
Daniel Stenberg

TV shows use better “hacks”
Daniel Stenberg
Mr Robot
Silk Road Hackad
Tschugger

“git repository found”
“information disclosure for... “ (something in the git repo)
“arbitrary ﬁle read via ﬁle://”
this tool told me [this] is a problem
Stupidity is not AI exclusive
Daniel Stenberg

Reduced activity elsewhere
Risks us rejecting real reports
Risks impacting sleep, life and mental health
May impact project quality
Which can become a supply chain issue
What does the DDoS attack lead to?
Daniel Stenberg

Daniel Stenberg
Picture by Adam Leventhai

The money
Many reporters think they actually have a case
Some people believe AIs can actually do this
Why?
Daniel Stenberg

Too often
20-40% of submissions right now
Exact rate is hard to assess
Did not happen at all two years ago
How often does it happen?
Daniel Stenberg

Ban the reporter instantly
Report to HackerOne
Require upfront notiﬁcation about AI use
We want to remain approachable and open
We want “everyone” to be able to report issues
What we do
Daniel Stenberg

Put prompt injections in comments
Use AI to detect AI
add a honey pot
charge $XX for the right to submit
run the thing in a temporary VM to verify
What we don’t do
Daniel Stenberg

Wasting time is a violation of the terms of use
Reputation systems don’t work
Require proof of work/knowledge/intelligence
Only allow users above [something] to submit
Take this problem more seriously
What should the service providers do?
Daniel Stenberg

Not really about AI, but the abuse
AI makes it easy
AI marketing mislead people
Users cannot discern AI lies from truths
Human created slop is also a problem
Abuse
Daniel Stenberg

Possibly
We don’t see much proof of that
But sure, it will happen
Can AI be used for good?
Daniel Stenberg

The AI scraper bots overload our websites
Meanwhile...
Daniel Stenberg

curl.se bandwidth a normal month
Daniel Stenberg
serves over 65 terabytes/month
averages over 4000 requests/second
tarball downloads are < 0.01% of the requests

Maybe AIs will improve?
AI companies will continue selling the myths
Humans will most likely not improve
curl might close down its bug-bounty program
Add friction and requirements for submissions
Whatever it takes
Future
Daniel Stenberg

https://daniel.haxx.se/ai-slop
Daniel Stenberg

Open Source survives
Daniel Stenberg

License
This presentation and its contents are
licensed under the Creative Commons
Attribution 4.0 license:
http://creativecommons.org/licenses/by/4.0/

AI slop attacks on the curl project - Daniel Stenberg

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

AI slop attacks on the curl project - Daniel Stenberg

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Slide 50

Slide 51

Slide 53

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx