Linux

13023 readers

716 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev

Linux kernel maintainer says Al has suddenly become useful for devs: 'We can't ignore this stuff. It's coming up, and it's getting better" (www.pcgamer.com)

submitted 13 hours ago by Sunshine@piefed.ca to c/linux@programming.dev

27 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Vincent@feddit.nl 5 points 4 hours ago (1 children)

If these tools are indeed finding security issues, then ignoring them means someone else will find those issues - and abuse them.

[–] artyom@piefed.social 1 points 4 hours ago* (last edited 4 hours ago) (1 children)

Doesn't matter if they find security issues (they won't) if they're buried in a veritable haystack of false reports.

[–] Vincent@feddit.nl 2 points 1 hour ago

That's true. If they're not, though, or if they're easy to generate yourself, then you are kinda forced to pay attention though, if you care about the security of your project.

I don't have the expertise or experience to say whether that is true. But GregKH seems to think so, and other prolific projects seem to be coming to the same conclusions.

I get that it's attractive to think that AI isn't capable of it. But it's important that what you believe to be true is, and stays, based on reality rather than on what I wish is true. And it's especially important to be wary of when you really want something to be true.