Hacker News

3 weeks ago

Hacker News
3 weeks ago

AI has found 50 bugs in cURL. "AI-native SASTs work well"

#HackerNews #AI #cURL #bugs #SAST #cybersecurity #technology

AI slop? Not this time – 50 real bugs in cURL found by AI tools.

Nyheter för dig som är verksam i den svenska elektronikbranschen som exempelvis tillverkare, konsult, distributör, finansiär, investerare, konstruktör eller tekniker.

^etn.se

#technology #AI #cybersecurity #curl #bugs #HackerNews #sast

in reply to Hacker News

Piotr Gaczkowski

in reply to Hacker News 3 weeks ago

@bagder legit this time?

@daniel:// stenberg://

in reply to Piotr Gaczkowski

daniel:// stenberg://

in reply to Piotr Gaczkowski 3 weeks ago

@DoomHammerNG there's a new breed of AI powered code analyzers that seems to take us to the next level of finding mistakes in code

@Piotr Gaczkowski

in reply to daniel:// stenberg://

Thomas Guyot-Sionnest

in reply to daniel:// stenberg:// 3 weeks ago

@bagder @DoomHammerNG In any case I assume the tools are by no means a substitute for real knowledge and experience, else it's like putting a toddler in an excavator and expect good results - he might dig holes, but...

I reckon the Debian ssh-keygen bug (CVE-2008-0166) was caused by someone supposedly trying to fix a bogus Valgrind error (I say supposedly because if he limited the change to the lines triggering Valgrind that would've been the end of it, but he applied it everywhere)

@daniel:// stenberg:// @Piotr Gaczkowski

⇧