AI-generated code could be a disaster for the software supply chain. Here’s why.

Jump to latest Follow Reply
Status
You're currently viewing only Zncon's posts. Click here to go back to viewing the entire thread.
Muted (0)
Sort by date Sort by votes
Z

Zncon

Smack-Fu Master, in training
90
Subscriptor
  • #87
    Renx said:
    Oh, that's fascinating!

    Best quote I heard on the subject was "Why are we using AI to create new problems instead of solving old problems?" and that, of course, is the heart of the matter. LLMs do not solve old problems.

    I was wondering how the heck do you detect hallucinations, but I did not at all think of package names as an attack vector. How remarkably insidious! Of course, this has always been a problem with people dropping package names with typos and just waiting for someone to bite, but now your code copilot brings the exploit to you!

    I wouldn't even know where I'd start with coding today, since you apparently need to understand supply chain first.
    Click to expand...
    To your point about solving problems, they actually do. Just not to the extent they're being hyped to.

    They're a very useful tool for information discovery, because old-style search engines have been on their deathbed for years. SEO is making search engines useless, so it's good at LLMs came along when they did.
     
    Last edited:
    Upvote
    4 (4 / 0)
    You must log in or register to reply here.
    Status
    You're currently viewing only Zncon's posts. Click here to go back to viewing the entire thread.
    Jump to latest Follow Reply
    Jump to latest Follow Reply