IETF Logo Mail Archive

Re: AI slop "contributions" to IETF working groups

Robert Moskowitz <rgm-ietf@htt-consult.com> Tue, 10 February 2026 19:07 UTC

Return-Path: <rgm-ietf@htt-consult.com>
X-Original-To: ietf@mail2.ietf.org
Delivered-To: ietf@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 1DE0AB4E2668 for <ietf@mail2.ietf.org>; Tue, 10 Feb 2026 11:07:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=htt-consult.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id INmL3OdFgHC4 for <ietf@mail2.ietf.org>; Tue, 10 Feb 2026 11:07:11 -0800 (PST)
Received: from klovia.htt-consult.com (klovia.htt-consult.com [23.123.122.149]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id F1221B4E2636 for <ietf@ietf.org>; Tue, 10 Feb 2026 11:07:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=htt-consult.com; s=mail; t=1770750429; bh=wtwmkbMOuGqACDaF5U4RX5ay1wXW5Cz9WHduGIquwBE=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=bxFrWP5Uf8cjgkRVJYanucCjbHj9Xh1mvWm6yQaA2/zuU8lgD0AdKf7uBbxXJgc3p v/ZGg97kQhtPXj7UI1TYfCl96LtR7pumaHkgWnyy1G/stoLo3UuYHEcHvU1FBgF7l0 bGbNLC0zB4dYRzq3pzWCzUEA1lMf5ojBX8FD6cmxsFyhGgp0bJv0ZHXj9aODWjM0Dp CXZklkET3PG4uHufS4Ga3IYgusGdZgj8D1dF68Xfz+xhhA1qmwXB8q1jMnaZyJhd9L d8hJ0T7H9cbNXQqNGuppBtY3C+GdIwHvT0a3OASjpgaWo7LvRaE4Q2H3yLFeWoPeeN R4ssi7NBzMy1Q==
Received: from authenticated-user (klovia.htt-consult.com [23.123.122.149]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by klovia.htt-consult.com (Postfix) with ESMTPSA id BDADE4A0373; Tue, 10 Feb 2026 14:07:09 -0500 (EST)
Content-Type: multipart/alternative; boundary="------------rh6CY0UbXENmTUFG0rk5cc2O"
Message-ID: <a90e0b48-697b-41a3-9201-3a01389a2659@htt-consult.com>
Date: Tue, 10 Feb 2026 14:07:08 -0500
MIME-Version: 1.0
Subject: Re: AI slop "contributions" to IETF working groups
Content-Language: en-US
To: Phillip Hallam-Baker <phill@hallambaker.com>, Robert Moskowitz <rgm-ietf=40htt-consult.com@dmarc.ietf.org>
References: <7b702e8f-d2be-5b08-e262-33fbed538f98@foobar.org> <460BCE12-4C45-45D0-94C8-83B8E2D45049@gmail.com> <922b6d08-1cb5-4791-974f-ff17850de25f@gmail.com> <5DCE2993-39C8-4FAC-AD91-7B8E504E996C@gmail.com> <20260208015537.8D945F5944ED@ary.qy> <cd492277-0bca-4219-a3ad-eb75ccd2ebe7@gmail.com> <m27bsk6d9c.fsf@ja.int.chopps.org> <d5bccc8e-f013-c3e5-09cc-30913983b2f0@foobar.org> <b94b3e13-ebc9-4fb1-932f-89b05c2ce3ec@joelhalpern.com> <28670ac9-159c-4830-afe7-c5df4ce354da@htt-consult.com> <CAMm+LwiDfNb1j3khkWCik8ZTziyzOFFyqEZqbVX_F9DStwx9yQ@mail.gmail.com>
From: Robert Moskowitz <rgm-ietf@htt-consult.com>
In-Reply-To: <CAMm+LwiDfNb1j3khkWCik8ZTziyzOFFyqEZqbVX_F9DStwx9yQ@mail.gmail.com>
Message-ID-Hash: JSPHX6QWZJYSTIUHIQFROSY25RE5XNJT
X-Message-ID-Hash: JSPHX6QWZJYSTIUHIQFROSY25RE5XNJT
X-MailFrom: rgm-ietf@htt-consult.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: ietf@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
List-Id: "IETF-Discussion. This is the most general IETF mailing list, intended for discussion of technical, procedural, operational, and other topics for which no dedicated mailing lists exist." <ietf.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/KeyMhxVMQVnIg4ugQRprq_dtvuw>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-owner@ietf.org>
List-Post: <mailto:ietf@ietf.org>
List-Subscribe: <mailto:ietf-join@ietf.org>
List-Unsubscribe: <mailto:ietf-leave@ietf.org>

Some of the tests were not about crashing the plane, but having ACARS 
report about non-existant planes to force wrong evasive action.  Or not 
shut down the airport radar but to report wrong positioning of 
approaching aircraft.

Those are not the actual situations, but examples like those actually done.

But the UA had its props off so the attacker could not get it to take 
off up from the table and crash into a table across the room....

You just heard the motors spinning when they should have been off.

IMO, that was easy points.  Mavlink security is a joke.  Run it over 
UDP/DTLS.  Few do, though.  And not in the Ukraine anymore.  The 
countryside is covered with fiber optic cables and the birds are using 
the stuff to make nests.

On 2/10/26 1:34 PM, Phillip Hallam-Baker wrote:
> How is using an AI different from using fuzzing though?
>
> One of the most effective hacking tools is to simply spam the inputs 
> with garbage and see what happens. So it isn't exactly surprising that 
> when people write code in unsafe languages without null pointer and 
> array bounds checking, they can discover low hanging fruit 
> vulnerabilities faster than others.
>
> What such testing doesn't show is that the code is secure because AI 
> generated tests aren't exhaustive. Just as 'write slop, check it by 
> fuzzing' isn't a valid method for producing secure code, neither is 
> 'check with AI'.
>
>
> On Tue, Feb 10, 2026 at 11:20 AM Robert Moskowitz 
> <rgm-ietf=40htt-consult.com@dmarc.ietf.org> wrote:
>
>     Last week, one of my activities was observing an Aviation Cyber Rodeo
>     with a "Capture the Flag" activity.  Two classes of participants and
>     awards.  One for college students; one for industry people. break
>     into
>     our test systems (no actual aircraft or airports used).
>
>     One industry person who is really good at finding flaws in aviation
>     stuff and advises all over the world, spent his day ONLY using AI to
>     attack.  His goal was to mimic the attackers to better understand
>     their
>     methods and how he may then develop "Purple Teams" Strategies to
>     rally
>     the defenses, as we all know the attacks can win once they try.
>
>     He won.  He penetrated every system and technology and did it faster
>     than anyone else.  And there were two really experienced industry
>     attack
>     teams there.
>
>     At one point he joked that he was ahead of me.  He had better, as
>     I was
>     not competing.  I was there as an observer and advisor to those
>     building
>     the tests that were attacked.  ;)
>
>     Scary.  That AI-guided attacks are so effective...
>
>     Really scary, as some of these systems in real world would take
>     some $6B
>     and 10 years to replace.  Thus the need for isolation.  But is it
>     really
>     isolated?
>
>     On 2/10/26 10:35 AM, Joel Halpern wrote:
>     > I presume most folks in this discussiona re aware that we are
>     far from
>     > alone in this problem?  For example, Bruce Schneier has a nice
>     summary
>     > of some of the examples and dimensions in
>     >
>     https://www.schneier.com/blog/archives/2026/02/the-ai-generated-text-arms-race.html
>     >
>     > Yours,
>     >
>     > Joel
>     >
>     > On 2/10/2026 7:05 AM, Nick Hilliard wrote:
>     >> Christian Hopps wrote on 10/02/2026 11:37:
>     >>> So anyway, while we’re (IETF) considering requiring disclosure
>     of AI
>     >>> tool use here, I think it’s worth considering what exactly
>     we’d like
>     >>> this disclosure to accomplish. Is it a filter flag (i.e., if
>     checked
>     >>> “Yes” it get’s dropped to /dev/null by a personal email
>     filter)? Does
>     >>> it help in reviewing the document knowing that AI tools were used.
>     >> IDs and formal documents are only part of the issue. Possibly a
>     >> greater problem is a contingent of people who are issuing
>     commands like:
>     >>
>     >> "ingest {URL of I-D}, identify 3 substantial problems in the text,
>     >> write a single paragraph of concise text for each problem in a
>     format
>     >> suitable for submission to an ietf mailing list"
>     >>
>     >> then cut-n-paste the output into an email.
>     >>
>     >> Nick
>     >>
>

v2.43.4 | Report a Bug | By Email | System Status