Some numbers, however shaky, that AI-written code is secure.
It could become that way, but thus far no evidence has been presented for it. The best we have right now is that you can spend $20 in tokens to write a patch and then $20K to find a vulnerability in it. First, that's not measuring the same thing. Second, it's not very impressive.
50 years is a long, long time, so I wouldn't bet against it. But I agree that we don't have evidence for it yet.
Unlike fusion, driverless cars are already a reality, there are just have a few kinks to work out. LLMs are also pretty close to AGI already. 50 years are more than enough to figure it out.
Oh there's plenty of evidence. Because a lot of these people have been committing to repos in public for over a decade. Wouldn't take much to show the world just how fallible human coders really are.
What evidence would you expect to see if that was the case?
Some numbers, however shaky, that AI-written code is secure.
It could become that way, but thus far no evidence has been presented for it. The best we have right now is that you can spend $20 in tokens to write a patch and then $20K to find a vulnerability in it. First, that's not measuring the same thing. Second, it's not very impressive.
50 years is a long, long time, so I wouldn't bet against it. But I agree that we don't have evidence for it yet.
What are the numbers on how secure is human written code? We should have something to compare AI numbers to.
It seems more likely to me that you could spend $20 to find a vulnerability in a piece of software that costed you $20k in human labor.
2 replies →
The rapid progress in the last few years in this regard is pretty strong evidence in my opinion.
https://news.ycombinator.com/item?id=48225426
there is a difference between a stunt and a viable product. diverless cars and agi are the fusion of Silicon Valley.
Unlike fusion, driverless cars are already a reality, there are just have a few kinks to work out. LLMs are also pretty close to AGI already. 50 years are more than enough to figure it out.
Oh there's plenty of evidence. Because a lot of these people have been committing to repos in public for over a decade. Wouldn't take much to show the world just how fallible human coders really are.