undefined | Better HN

0 pointsdgellow12d ago0 comments

Not at all. I’m considering that the amount of vulnerable software in the wild is very, very large, with most organizations not managing their systems properly. Imagine all the small to medium size companies that do not have budgets for a dedicated, talented security team. And all the software that will never be patched. We are at the beginning of the exponential

0 comments

saghm11d ago

> I’m considering that the amount of vulnerable software in the wild is very, very large

I'd imagine this set is very similar to just "the set of software on the world". Even before the AI stuff, it was a pretty good bet at any given software had some vulnerability; it was just a question of how easy to was to find it.

dgellowOP11d ago

Yes, that’s my point. Look at how fast the Calif team tackled that macOS issue. Against the top company in the world. One week from bug to exploit. In 2-5 years things will be really wild for everybody out there. We released a technology that make it possible to design extremely complex exploits at a scale we never had to face before. What does that mean if you’re not the top company? Things will be really bad

bottlepalm11d ago

It makes you think will everything need to be rewritten from the ground up - potentially by AI itself, or AI having a very heavy hand in validating all of it.

Gigachad11d ago

There's so much much lower hanging fruit. Every job I've had has had basically everything massively out of date. Just keeping packages and framework versions up to date is a full time job and none of these companies have someone assigned to doing it.

So much out of date software with known exploits left running for years. The only reason there hasn't been total disaster is no one has tried to hack it yet.

bottlepalm11d ago

Right and with AI now we have the ability to try hacking everything all at once.

1 more reply

j / k navigate · click thread line to collapse

0 comments

saghm11d ago

> I’m considering that the amount of vulnerable software in the wild is very, very large

dgellowOP11d ago

bottlepalm11d ago

It makes you think will everything need to be rewritten from the ground up - potentially by AI itself, or AI having a very heavy hand in validating all of it.

Gigachad11d ago

So much out of date software with known exploits left running for years. The only reason there hasn't been total disaster is no one has tried to hack it yet.

bottlepalm11d ago

Right and with AI now we have the ability to try hacking everything all at once.

1 more reply

j / k navigate · click thread line to collapse