Been outta the biz professionally for almost ten years, so honestly have no real clue what’s going on at the zero line these days. Back in the day, sharp keyboard jockeys would be careful un-zipping stuff. Now it’s in a pickle. Same shyt, different day?
Supply chain vulnerabilities are so ubiquitous and insidious it’s just amazing, to me. Am I wrong to feel like my whole career was based on a big house of cards? I find the Github issues particularly disturbing. Apart from the state-sponsored espionage world, impactful malware and cybercrime effects have traditionally been quite imminently tangible. Trying to remember around when/where it was people might have begun suspecting they were even working with a clean code-base?
FROM THE COMMENTS: Considering that AI models are black boxes generally lacking source code or documentation… It can’t be considered surprising that there’s malware lurking in some of them.
AI pervades everyday life with almost no oversight. States scramble to catch up.
