OpenAI announced a new initiative on Monday designed to assist the open supply neighborhood enhance its cybersecurity recreation and thrust back bugs.
“Patch the Planet,” (which is a not-so-subtle allusion to “Hack the Planet,” the enduring catch phrase from the 1995 film Hackers) will see OpenAI crew up with the safety firm Trail of Bits to assist open supply maintainers safe their tasks.
OpenAI mentioned safety workers from Path of Bits will work straight with open supply maintainers to evaluate potential code points. OpenAI’s safety instruments — like Codex Safety — shall be used to help within the course of.
“Many maintainers are already being requested to kind by means of extra studies, extra rapidly, with the identical restricted time and sources,” OpenAI mentioned Monday. “Patch the Planet is constructed to scale back that burden, not add to it: safety engineers evaluate findings earlier than they attain maintainers, work with tasks to develop patches and exams, and construct reusable workflows that assist groups proceed enhancing safety after the primary fixes land.”
In different phrases, Path of Bits engineers will operate kind of like code EMTs — there to assist open supply challenge maintainers establish and triage potential points, all supported by OpenAI’s software program. It appears like an bold challenge, and it’s considerably unclear the way it will operate in the long run, or the way it plans to scale up (if in any respect).
Open supply tasks are the digital bedrock upon which the business software program trade rests, however, sadly, because of the decentralized and poorly monitored construction of that ecosystem, a lot of the software program is insecure. Bugs in open-source tasks can flip into main issues for business codebases. The log4j debacle from a number of years in the past — when a foul vulnerability was found in a extensively used open supply utility — is an efficient instance.
A lot of the priority surrounding instruments like Mythos (Anthropic’s extremely publicized safety instrument) appears to stem from the truth that AI can now routinely establish current bugs inside codebases and set about creating exploits for them. Whereas the automation of cybercrime is just not new, these instruments undoubtedly have the potential to make it considerably extra handy for unhealthy actors.
OpenAI is popping that method on its head by utilizing AI to assist the open supply neighborhood higher shield itself. It’s exhausting to not learn it as a aggressive swipe at Anthropic, whereas additionally recognizing that it’s one thing the open supply neighborhood desperately wants.
Once you buy by means of hyperlinks in our articles, we may earn a small commission. This doesn’t have an effect on our editorial independence.
