OpenAI announced a new initiative on Monday designed to assist the open supply neighborhood enhance its cybersecurity sport and push back bugs.
“Patch the Planet” (which is a not-so-subtle allusion to “Hack the Planet,” the enduring catchphrase from the 1995 film “Hackers”) will see OpenAI staff up with the safety firm Trail of Bits to assist open supply maintainers safe their initiatives.
OpenAI mentioned safety workers from Path of Bits will work immediately with open supply maintainers to evaluation potential code points. OpenAI’s safety instruments — like Codex Safety — can be used to help within the course of.
“Many maintainers are already being requested to kind via extra reviews, extra rapidly, with the identical restricted time and sources,” OpenAI mentioned Monday. “Patch the Planet is constructed to scale back that burden, not add to it: safety engineers evaluation findings earlier than they attain maintainers, work with initiatives to develop patches and assessments, and construct reusable workflows that assist groups proceed enhancing safety after the primary fixes land.”
In different phrases, Path of Bits engineers will perform kind of like code EMTs — there to assist open supply undertaking maintainers establish and triage potential points, all supported by OpenAI’s software program. It appears like an bold undertaking, and it’s considerably unclear the way it will perform in the long run, or the way it plans to scale up (if in any respect).
Open supply initiatives are the digital bedrock upon which the industrial software program business rests, however, sadly, as a result of decentralized and poorly monitored construction of that ecosystem, a lot of the software program is insecure. Bugs in open supply initiatives can flip into main issues for industrial codebases. The log4j debacle from a number of years in the past — when a nasty vulnerability was found in a broadly used open supply utility — is an effective instance.
A lot of the priority surrounding instruments like Mythos (Anthropic’s extremely publicized safety software) appears to stem from the truth that AI can now robotically establish current bugs inside codebases and set about creating exploits for them. Whereas the automation of cybercrime just isn’t new, these instruments undoubtedly have the potential to make it considerably extra handy for dangerous actors.
OpenAI is popping that components on its head through the use of AI to assist the open supply neighborhood higher defend itself. It’s laborious to not learn it as a aggressive swipe at Anthropic, whereas additionally recognizing that it’s one thing the open supply neighborhood desperately wants.
Whenever you buy via hyperlinks in our articles, we might earn a small fee. This doesn’t have an effect on our editorial independence.
