That will be a whole new level of malware attack angle.

meiraleal · 2024-11-17T15:32:00 1731857520

Every new tech is a new attack surface.

mmsc · 2024-11-17T15:26:38 1731857198

Can you expand on what you mean by this, and why?

danieldk · 2024-11-17T15:45:25 1731858325

The best vulnerability is one that is hard to detect because it looks like a bug. It's not inconceivable to train an LLM to silently slip vulnerabilities in generated code. Someone who does not have a whole lot of programming experience is unlikely to detect it.

tl;dr it takes running untrusted code to a new level.

caspg · 2024-11-17T15:51:55 1731858715

WebAssembly sandboxes might become handy.

troupo · 2024-11-17T16:22:56 1731860576

That guards against a small subset of vulnerabilities.

Since the original desire was to build any kind of personal/commercial app on an OS, the amount of potential vulnerabilities is potentially infinite.

sdesol · 2024-11-17T16:35:32 1731861332

This ultimately why I believe Microsoft and Apple will be the big winners. I suspect a lot of companies will want Microsoft and Apple to sign off on things and Microsoft and Apple are going to make sure they get their cut. We may need a new layer above existing operating systems in the future, to safeguard things.

jstummbillig · 2024-11-17T18:22:26 1731867746

Meh. Why would the model makers not be fantastic security vectors? The motivation to not be the company known to "silently slip vulnerabilities in generated code" seems fairly obvious.

People have always been able to slip in errors. I am confused why we assume that a LLM will on average not be better but worse on this front, and I suspect a lot of residual human-bias and copium.