AI has found 50 bugs in cURL. "AI-native SASTs work well"
#HackerNews #AI #cURL #bugs #SAST #cybersecurity #technology
AI slop? Not this time – 50 real bugs in cURL found by AI tools.
Nyheter för dig som är verksam i den svenska elektronikbranschen som exempelvis tillverkare, konsult, distributör, finansiär, investerare, konstruktör eller tekniker.etn.se
Piotr Gaczkowski
in reply to Hacker News • • •daniel:// stenberg://
in reply to Piotr Gaczkowski • • •Thomas Guyot-Sionnest
in reply to daniel:// stenberg:// • • •@bagder @DoomHammerNG In any case I assume the tools are by no means a substitute for real knowledge and experience, else it's like putting a toddler in an excavator and expect good results - he might dig holes, but...
I reckon the Debian ssh-keygen bug (CVE-2008-0166) was caused by someone supposedly trying to fix a bogus Valgrind error (I say supposedly because if he limited the change to the lines triggering Valgrind that would've been the end of it, but he applied it everywhere)