Today in InfoSec Job Security News:

kwayk42

@da_667 @GossiTheDog took me a while but I finally thought of something :

Who says AI hasn't generated any real value? It's doing wonders for the threat actors

funnymonkey

@GossiTheDog

OMFG.

Sassinake! - ⊃∪∩⪽

@GossiTheDog

fuck.

Dave

@GossiTheDog I'm anti-AI. I used program generators long ago - they didn't work. They aren't maintainable. Major updates required complete rewrites.

Now there's AI. It's a manager's wet dream...until it isn't.

...but look how productive AI is. It can whip out code as fast as a gossip can spread noise. Sure, there will be glitches, but they'll be fixed when found.

What about the $$$$$ liability of glitches that are not found?

Eric Likness

@funnymonkey @GossiTheDog

We don't need Skynet becoming sentient to trigger the End o' Days.

We got Claude, happily vibing/making 2.1M commits while we were asleep.

Eric Likness

@funnymonkey @GossiTheDog Insert Mickey Mouse as the Sorcerer's Apprentice, and all those animated mops carrying pails of water...

Sassinake! - ⊃∪∩⪽

@carpetbomberz @funnymonkey @GossiTheDog

this. Exactly this.

Gerhard D.

@GossiTheDog That #claude #AI has been created to solve the „we have too much electricity“ problem.

John Breen

@GossiTheDog It's almost like, maybe, only humans should program computers. Computers should not be submitting and merging their own PRs, am I right ?

John Breen

@GossiTheDog "AI" is the cryptocurrency of IT.

vlkr

@GossiTheDog https://github.com/claude right now showing "Something went wrong, please refresh the page to try again." Yeah, dude.

encrypted.vvhispers 💫

@GossiTheDog i keep waiting for a scandal to break out about this, but it never comes

C64Whiz

@GossiTheDog

Makes me wonder if this is a effort by "closed source" to disrupt/poison/discredit open source?

Azuaron

@draeath @nihkeys @DJGummikuh @GossiTheDog If it was an accident, or incompetence, then it would be rapidly corrected.

If it's not rapidly corrected, then it is the purpose.

Mal 甄/kalessin/Peri

@GossiTheDog @deliberately_me oh goodie. Our global repository has been compromised by a worm.

synlogic4242

@GossiTheDog loltears. ie. fools suffer consequences of being fools, but at scale

Eddy Jansson

@GossiTheDog Fortunately, I can choose to not engage.

Todd Knarr

@GossiTheDog I think @timbray might be interested in that too.

Atomic Orbitals

@GossiTheDog Not just bad vibes, but the *same* bad vibes repeated endlessly!

Kiernian

@c64whiz @GossiTheDog
This was honestly my first thought.

The vast majority of the tv-news-watching public barely understands computers as it is through no real fault of their own as they have been spoonfed "magic and mystery" since the dialup days.

The distinction of "open source = MORE dangerous than big company software" would be very easy for a front of united major media outlets owned by a handful rich folks to spread and most people will not be equipped to tell facts from misinformation.

How well have those open source legal protections been working against the "smart TV" industry? I'd bet every TV holding shelf I hit at Wal-Mart will be stocked with misappropriated GPL code and no source distribution.

This is the same tactic major corps use to obtain IP for themselves.

Lock up the originator in tedious, costly busywork (typically legal, claiming infringement to start a costly time-consuming trial, for most corps) and then when the originator can't handle it and collapse under the weight of it all, the corps take the product as their own.

Tying up repos with vulnerabilities that might not get noticed just might work out well for the major software outfits in the long run.

It's reprehensible and a little more haphazard, but it sure looks awfully familiar.