> Closed source software won't receive any reports, but it will be exploited with AI
How so? AI won't have access to the source code. In some cases AI may have access to deployed binaries (if your business deploys binaries) but I am not aware that it has the same capabilities against compiled code than source code.
But in a SAAS world, all AI has access to is your API. It might be still be up to no good but surely you will be several orders of magnitude less exposed than with access to source code.
Claude is already shockingly good at reverse engineering. Try it – it's really a step change. It has infinite patience which was always the limited resource in decompiling/deobfuscating most software.
It's SaaS though. You don't have access to the binary to decompile. There's only so much you can reverse-engineer through public URLs and APIs, especially if the SaaS uses any form of automatic detection of bot traffic.
Thanks you. This is what the parent post was trying to say. Don't know why it is down-voted. AI or not, if the API end points are well secured, for example use uuid-v7, then their is little that the ai can gain from just these points.
The opposite is true. Open source barely matters to attackers, especially ones that can be automated. It mostly enables more people (or agents, or people with agents) to notice and fix your vulnerabilities. Secrecy and other asymmetries in the information landscape disproportionately benefit attackers, and the oft-repeated corporate claim that proprietary software is more secure is summarily discounted by most cybersecurity professionals, whether in industry or academic research. This is also seldom the motivation for making products proprietary, but it's more PR-friendly to claim that closing your source code is for security reasons than it is to say that it's for competitive advantage or control over your customers
Also half of these countries have frequent outages. Not sure it is much of an example for anyone else (though I frequently hear experts advocating for outages in western countries, i.e. you won't be able to run your washing machine when you need it, it will be up to how much electricity there in the grid - they call that progress).
- Greater user control how is any of the other platforms they have no problem with any different than twitter?
- Real security improvements where is end to end encryption on all the other social media? And why do they need end to end encryption to broadcast a message to the public?
- Transparent content moderation wait, the EFF is now calling for more censorship?
The first two points are clearly nonsensical, only the third one has at least some logic. Though if the EFF has turned pro-censorship, I am having bad feeling for having given them money in the past.
It doesn’t help that they do that sort of shits AND mandate a microsoft account for logging in to windows. Also how much trust can you have that if you move your business to azure they will not randomly kill it. Incompetence or malice, almost doesn’t matter to the average user.
The outcome is the same, yes. With incompetence, there is at least a glimmer of hope things will get rectified. But you are correct, trust is destroyed this way, and it doesn't look like Microsoft cares much.
Not convinced it will happen. What would prevent Saudi Arabia from retaliating and introducing a special fee on all ships coming from Iran. It's not like intercepting those massive cargo ships in a small sea is of any difficulty for a well funded military.
Saudi Arabia has something like twice as many jet fighters than France. Even if you factor incompetence, it's not hard to hit a cargo ship or an oil production facility in absence of any meaningful air defence.
Saudi Arabia needs jet fighters to patrol a very large desert and active threats all around. France doesn't have enemies on all sides, and it has nukes and a navy. There's no pressing need for France to have more planes than Saudi Arabia
Saudi Arabia has FAR more to lose. Paying $1 or its equivalent in Yuan per barrel is utterly nothing for them. Chump Change.
Unfortunately, I do not believe Israel will stand for peace on this terms, so a false-flag sabotage attack will happen as soon as they are freed from their conquest of Lebanon.
I see this claim repeated over and over. You should be aware that it is false. As far as I am aware, Israel never funded Hamas. Israel allowed Qatari money to the Gaza authority to pay for civil servants, humanitarian aid and basic services, while it was run by Hamas.
I love the idea that even on a mission to the moon the crew still needs to allocate a portion of their time to click through cookie consent banners, non skippable ads and fighting with windows update! Probably part of the effort to make the environment similar to life on earth to make the long trip more bearable.
How so? AI won't have access to the source code. In some cases AI may have access to deployed binaries (if your business deploys binaries) but I am not aware that it has the same capabilities against compiled code than source code.
But in a SAAS world, all AI has access to is your API. It might be still be up to no good but surely you will be several orders of magnitude less exposed than with access to source code.
reply