I see this quite a bit. The notion that increased bugs identified or increased PRs are inherently bad and that AI assistance is "slop". Is it really?
Bug Bounties might be dead but that is just as likely because institutions can't/wont pay for all the problems being identified.
A bug is a bug in my opinion and it is not diminished because it was identified and patched with AI assistance. Maybe those kinds of bugs are even more valuable as if Mythos can find them and humans can't then it is not like we will be able to say "Hackers, please don't exploit these kinds of bugs".
If there's no economic incentive to report bugs through normal, legal channels, won't the incentives drive vulnerability discoverers to sell them on the black market, or to shady intelligence agencies? I agree, it's futile to ask/beg Hackers to not exploit a bug or vulnerability, so we should incentivize them to do it in a way that causes improvement.
Perhaps I voiced this incorrectly. My real point is that bug bounties are valuable and that an increased velocity of bug identification and resolution is a good thing and AI should not diminish that objective.
I see this quite a bit. The notion that increased bugs identified or increased PRs are inherently bad and that AI assistance is "slop". Is it really?
Bug Bounties might be dead but that is just as likely because institutions can't/wont pay for all the problems being identified.
A bug is a bug in my opinion and it is not diminished because it was identified and patched with AI assistance. Maybe those kinds of bugs are even more valuable as if Mythos can find them and humans can't then it is not like we will be able to say "Hackers, please don't exploit these kinds of bugs".
If there's no economic incentive to report bugs through normal, legal channels, won't the incentives drive vulnerability discoverers to sell them on the black market, or to shady intelligence agencies? I agree, it's futile to ask/beg Hackers to not exploit a bug or vulnerability, so we should incentivize them to do it in a way that causes improvement.
Perhaps I voiced this incorrectly. My real point is that bug bounties are valuable and that an increased velocity of bug identification and resolution is a good thing and AI should not diminish that objective.