AI has found 50 bugs in cURL. "AI-native SASTs work well"

etn.se/72494

#HackerNews #AI #cURL #bugs #SAST #cybersecurity #technology

in reply to daniel:// stenberg://

@bagder @DoomHammerNG In any case I assume the tools are by no means a substitute for real knowledge and experience, else it's like putting a toddler in an excavator and expect good results - he might dig holes, but...

I reckon the Debian ssh-keygen bug (CVE-2008-0166) was caused by someone supposedly trying to fix a bogus Valgrind error (I say supposedly because if he limited the change to the lines triggering Valgrind that would've been the end of it, but he applied it everywhere)