Novel security risks from generated code. Insecurity as a form of AI safety.
April 6, 2023•545 words
Problem
Security problems in application development can be subtle. Generative ML for code leads to novel problems in application security.
First, code generation reduces developer understanding. Even when the developer has a deep understanding of their system they are likely to miss vulnerabilities. The use of generation means the developer will not have to pay attention to the meaning of default choices and will have a lesser mastery.
Second, greater ease of generation will reduce the need...
Read post