[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] The AI chatgpt writes insecure code
From:       Travis Biehn <tbiehn () gmail ! com>
Date:       2023-06-20 22:06:15
Message-ID: CAKtE3zecEsfMQKjnAcdVwUCTfXKOZ4_UXV_KvgA=ZL6PG3jZ_A () mail ! gmail ! com
[Download RAW message or body]


On Tue, Jun 20, 2023 at 16:47 Alan Coopersmith <alan.coopersmith@oracle.com>
wrote:

> On 6/20/23 09:22, Georgi Guninski wrote:
> > chatgpt is an AI language model and it can write code.
> >
> > As expected, it was trained on insecure code and it writes
> > insecure code.
>
> Also as previously reported:
>
> https://www.theregister.com/2023/04/21/chatgpt_insecure_code/
> https://arxiv.org/abs/2304.09655
>
> --
>          -Alan Coopersmith-                 alan.coopersmith@oracle.com
>           Oracle Solaris Engineering - https://blogs.oracle.com/solaris
>
>
ChatGPT will indeed generate ‘average' quality code. That's absolutely
ending up on GitHub and in dependency repositories. IMO, the situation
hasn't changed for us, more code than ever before growing super-linearly
and tools that produce a bunch of noise.
On the other side - future coding buddies will be able to use Retrieval
Augmented Generation for policy following to generate high quality code
with more reliability.

-Travis

-- 
Twitter <https://twitter.com/tbiehn> | LinkedIn
<http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn>
| TravisBiehn.com <http://www.travisbiehn.com>


[prev in list] [next in list] [prev in thread] [next in thread]