Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
OpenAI Announce a new initiative Monday is designed to help the open source community up its cybersecurity game and stave off bugs.
“Planet correction” (which is an imprecise reference to “Here’s the planet“, the famous phrase from the 1995 film Pirates) will see OpenAI collaborate with the security company Trail bits To help open source maintainers secure their projects.
OpenAI said security staff from Trail of Bits will work directly with open source maintainers to review potential code issues. OpenAI’s security tools, such as Codex Security, will be used to assist in this process.
“Many moderators are already being asked to sort through more reports, more quickly, with limited time and resources,” OpenAI said Monday. “Patch the Planet is designed to reduce this burden, not add to it: security engineers review results before they reach maintainers, work with projects to develop patches and tests, and create reusable workflows that help teams continue improving security after the first fixes.”
In other words, Trail of Bits engineers will work more or less like software EMTs — helping the open source project’s creators identify and triage potential issues, all powered by OpenAI software. It sounds like an ambitious project, and it’s a bit unclear how it will work in the long term, or how it plans to expand (if at all).
Open source projects are the digital foundation on which the commercial software industry is built, but unfortunately, due to the decentralized and poorly monitored structure of this ecosystem, much of the software is insecure. Bugs in open source projects can turn into major problems for commercial codebases. log4j disaster A few years ago – when a nasty vulnerability was discovered in a widely used open source utility – is a good example.
Much of the concern surrounding tools like Mythos (Anthropic’s much-publicized security tool) seems to stem from the fact that AI can now automatically recognize bugs within codebases and start creating exploits for them. while Cybercrime automation Nothing new, these tools undoubtedly have the potential to make them more convenient for bad actors.
OpenAI is turning this formula on its head by using artificial intelligence to help the open source community better protect itself. It’s hard not to read it as a competitive critique of Anthropic, while also acknowledging that it’s something the open source community desperately needs.
When you make a purchase through the links in our articles, We may earn a small commission. This does not affect our editorial independence.
