OpenAI introduced a brand new initiative on Monday designed to assist the open supply neighborhood enhance its cybersecurity sport and keep off bugs.
“Patch the Planet,” (which is a not-so-subtle allusion to “Hack the Planet,” the enduring catch phrase from the 1995 film Hackers) will see OpenAI staff up with the safety firm Path of Bits to assist open supply maintainers safe their initiatives.
OpenAI stated safety employees from Path of Bits will work instantly with open supply maintainers to evaluate potential code points. OpenAI’s safety instruments — like Codex Safety — shall be used to help within the course of.
“Many maintainers are already being requested to kind by way of extra studies, extra rapidly, with the identical restricted time and assets,” OpenAI stated Monday. “Patch the Planet is constructed to cut back that burden, not add to it: safety engineers evaluate findings earlier than they attain maintainers, work with initiatives to develop patches and exams, and construct reusable workflows that assist groups proceed bettering safety after the primary fixes land.”
In different phrases, Path of Bits engineers will perform roughly like code EMTs — there to assist open supply venture maintainers determine and triage potential points, all supported by OpenAI’s software program. It appears like an formidable venture, and it’s considerably unclear the way it will perform in the long run, or the way it plans to scale up (if in any respect).
Open supply initiatives are the digital bedrock upon which the business software program trade rests, however, sadly, because of the decentralized and poorly monitored construction of that ecosystem, a lot of the software program is insecure. Bugs in open-source initiatives can flip into main issues for business codebases. The log4j debacle from a number of years in the past — when a nasty vulnerability was found in a extensively used open supply utility — is an efficient instance.
A lot of the priority surrounding instruments like Mythos (Anthropic’s extremely publicized safety instrument) appears to stem from the truth that AI can now robotically determine present bugs inside codebases and set about creating exploits for them. Whereas the automation of cybercrime shouldn’t be new, these instruments undoubtedly have the potential to make it considerably extra handy for unhealthy actors.
OpenAI is popping that components on its head by utilizing AI to assist the open supply neighborhood higher defend itself. It’s laborious to not learn it as a aggressive swipe at Anthropic, whereas additionally recognizing that it’s one thing the open supply neighborhood desperately wants.
If you buy by way of hyperlinks in our articles, we could earn a small fee. This doesn’t have an effect on our editorial independence.
