Please elaborate, how are LLMs going to provide a "more sophisticated" class of automated attacks, and how are toy countermeasures like ZIP bombs going to defend against these "sophisticated" attacks?
I could believe you if you said that ZIP bombs are perhaps mildly effective against script kiddies using ChatGPT to generate a naive, simplistic automated scanners that are susceptible to being "zip bombed". The other way around? Not so much.
These zip bombs are trivial to defend against as an attacker, e.g. by inspecting the payload while you're decompressing it to see if it matches some expected output (an <html> tag, for example) or by aborting after the decompressed size exceeds some limit (10 MB is way more HTML than you'd typically expect, for example).
I could believe you if you said that ZIP bombs are perhaps mildly effective against script kiddies using ChatGPT to generate a naive, simplistic automated scanners that are susceptible to being "zip bombed". The other way around? Not so much.
These zip bombs are trivial to defend against as an attacker, e.g. by inspecting the payload while you're decompressing it to see if it matches some expected output (an <html> tag, for example) or by aborting after the decompressed size exceeds some limit (10 MB is way more HTML than you'd typically expect, for example).