| ▲ | charcircuit 6 hours ago |
| >there's no reason to assume the average author would magically create fewer bugs than the original OS library authors initially did Have you read this old code? It's terrible and written with no care at all to security often in C. AI is much much better at writing code. |
|
| ▲ | akoboldfrying 5 hours ago | parent [-] |
| Do you have a specific library in mind? I think it would have to be an ancient, unmaintained C library. But I think most OSS code isn't like this -- even C code born long ago, if it's still in wide use, has been hardened by now. Examples: Linux kernel, GNU userland, PostgreSQL, Python. |
| |
| ▲ | bigiain 4 hours ago | parent [-] | | > even C code born long ago, if it's still in wide use, has been hardened by now. Examples: Linux kernel There have been two LPE vulnerability and exploits in the Linux kernel announced today. After the one announced just last week. I don't think as much of the C code born long ago has been as carefully hardened as you think. (Copy Fail 2 and Dirty Frag today, and Copy Fail last week) | | |
| ▲ | seba_dos1 3 hours ago | parent | next [-] | | One. "Copy Fail 2" and "Dirty Frag" are the same thing. | | |
| ▲ | Brian_K_White 19 minutes ago | parent [-] | | And consideing the size of the kenel, I call this stupendously good. You (anyone, not you personally) write that much code yourself and let's see how well you did in comparison. |
| |
| ▲ | akoboldfrying 3 hours ago | parent | prev [-] | | Sure, I didn't mean to say that these examples are guaranteed 100% safe -- just that I trust them to be enormously more safe than software that accomplishes the same task that was hand-written by either a human or an an LLM last week. |
|
|
