|
|
|
|
|
|
by overfeed
91 days ago
|
|
|
> For code, I am not as certain, nowadays I don't regularly see it as an artwork or human expression, it is a technical artifact where craftsmanship can be visible. Humans are vital for non-craftsmanship reasons. Human curiosity and the ability to grok the big picture was vital in detecting the XZ backdoor attempt. If there is an wholesale AI-takeover, I don't think such attacks would have been detected 5 years in the future. AI will make future attacks much easier for several reasons: changes ostensibly by multiple personas but actually controled by the same entity. Maintainers who are open to AI-assisted contributions will accept drive-by contributions, and will likely have less time to review each contribution in depth, and will have a narrower context than the attacker on each PR. AI-generated code fucks with trust and reputation: I trust the code I generate [1] with or without AI, I trust AI-generated code by others far less than their manually generated code. I'm not aure what the repercussions are yet. 1. I am biased and likely over-optimistic about the security and number of bugs. |
|
|