But I mean why? Used in this way, AI systems are just another static analysis tool.
Sure, a computationally inefficient one, but if you can get the signal/noise region high enough, anything that helps you find bugs seems fair game to me.
One has to review their work, and take any fix offered by the slopmachine with a lot of care, of course.
And Anthropic is a bad company, but we are talking about detecting security vulnerabilities in Firefox by wasting Anthropic money. That seems like win-win.
The only downside (and I admit it’s big) is that Anthropic gets some publicity out of this.
But I mean why? Used in this way, AI systems are just another static analysis tool.
Sure, a computationally inefficient one, but if you can get the signal/noise region high enough, anything that helps you find bugs seems fair game to me.
One has to review their work, and take any fix offered by the slopmachine with a lot of care, of course.
And Anthropic is a bad company, but we are talking about detecting security vulnerabilities in Firefox by wasting Anthropic money. That seems like win-win.
The only downside (and I admit it’s big) is that Anthropic gets some publicity out of this.