Tag: source code
-
Schneier on Security: Subverting LLM Coders
Source URL: https://www.schneier.com/blog/archives/2024/11/subverting-llm-coders.html Source: Schneier on Security Title: Subverting LLM Coders Feedly Summary: Really interesting research: “An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection“: Abstract: Large Language Models (LLMs) have transformed code com- pletion tasks, providing context-based suggestions to boost developer productivity in software engineering. As users often…
-
Technologies | Sovereign Tech Agency: Reproducible Builds
Source URL: https://www.sovereign.tech/tech/reproducible-builds Source: Technologies | Sovereign Tech Agency Title: Reproducible Builds Feedly Summary: AI Summary and Description: Yes Summary: The Reproducible Builds project plays a crucial role in enhancing the security of open source software supply chains by addressing vulnerabilities that arise from third-party dependencies. It aims to establish reproducible builds as a standard…
-
The Register: Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale
Source URL: https://www.theregister.com/2024/11/06/nokia_data_theft/ Source: The Register Title: Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale Feedly Summary: Data pinched from pwned outside supplier, thief says IntelBroker, a notorious peddler of stolen data, claims to have pilfered source code, private keys, and other sensitive materials belonging to Nokia.… AI Summary…
-
Schneier on Security: AIs Discovering Vulnerabilities
Source URL: https://www.schneier.com/blog/archives/2024/11/ais-discovering-vulnerabilities.html Source: Schneier on Security Title: AIs Discovering Vulnerabilities Feedly Summary: I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very…
-
Hacker News: Writing Secure Go Code
Source URL: https://jarosz.dev/article/writing-secure-go-code/ Source: Hacker News Title: Writing Secure Go Code Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text provides a comprehensive guide on best practices for writing secure Go code. It emphasizes the importance of keeping Go versions updated, utilizing static code analyzers, checking for known vulnerabilities, and implementing best practices…
-
Slashdot: New ‘Open Source AI Definition’ Criticized for Not Opening Training Data
Source URL: https://news.slashdot.org/story/24/11/03/0257241/new-open-source-ai-definition-criticized-for-not-opening-training-data?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: New ‘Open Source AI Definition’ Criticized for Not Opening Training Data Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the controversy surrounding the newly-released Open Source AI definition, which some believe undermines traditional open-source principles by allowing certain proprietary practices around training data. The concerns raised…
-
Cloud Blog: PyTorch/XLA 2.5: vLLM support and an improved developer experience
Source URL: https://cloud.google.com/blog/products/ai-machine-learning/whats-new-with-pytorchxla-2-5/ Source: Cloud Blog Title: PyTorch/XLA 2.5: vLLM support and an improved developer experience Feedly Summary: Machine learning engineers are bullish on PyTorch/XLA, a Python package that uses the XLA deep learning compiler to connect the PyTorch deep learning framework and Cloud TPUs. And now, PyTorch/XLA 2.5 is here, along with a set…
-
Cloud Blog: Cloud CISO Perspectives: 10 ways to make cyber-physical systems more resilient
Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-10-ways-to-make-cyber-physical-systems-more-resilient/ Source: Cloud Blog Title: Cloud CISO Perspectives: 10 ways to make cyber-physical systems more resilient Feedly Summary: Welcome to the second Cloud CISO Perspectives for October 2024. Today, Anton Chuvakin, senior security consultant for our Office of the CISO, offers 10 leading indicators to improve cyber-physical systems, guided by our analysis of…