![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneAnd what's even harderer? Using an AI coding assistant to write secure programs.
Many, MANY times that I've written about computer insecurity issues I've said explicitly that computer security is HARD. And here we have a prime example.
It turns out that using an AI to help you write a program produces LESS secure programs! But that's not the worse part: the program is more likely to believe that they are writing MORE SECURE CODE!
This is very bad. I've used AI for hints in writing code, looking for little obscure code references that I'm not familiar with. Quite useful. I haven't used it to write entire programs for me, I'm not sure that I could. However, there are people out there paying for subscriptions to ChatGPT 4 and other engines using them heavily, and that is worrisome.
https://arxiv.org/html/2211.03622v3
https://www.schneier.com/blog/archives/2024/01/code-written-with-ai-assistants-is-less-secure.html
Many, MANY times that I've written about computer insecurity issues I've said explicitly that computer security is HARD. And here we have a prime example.
It turns out that using an AI to help you write a program produces LESS secure programs! But that's not the worse part: the program is more likely to believe that they are writing MORE SECURE CODE!
This is very bad. I've used AI for hints in writing code, looking for little obscure code references that I'm not familiar with. Quite useful. I haven't used it to write entire programs for me, I'm not sure that I could. However, there are people out there paying for subscriptions to ChatGPT 4 and other engines using them heavily, and that is worrisome.
https://arxiv.org/html/2211.03622v3
https://www.schneier.com/blog/archives/2024/01/code-written-with-ai-assistants-is-less-secure.html
