I suspect that some firms believe AI allows them to get around the "cheap, fast, good — pick two" dilemma. Especially if the definition of "good" is "works well enough" and doesn't include secure and trustworthy.
Leaving secret access keys out the open is a rookie mistake that should never make it through code review. Yet a security engineer found exactly that when they discovered their fancy high-tech bed was hackable.
I'm not saying the company in question used AI, because I can't possibly know that. But when I see reports like this, it makes me think: did a human review this? Did a human write this? What else is going unnoticed?
As AI empowers firms and inexperienced engineers to hastily slap together an app and rush it to market faster than ever, expect more hacks, data breaches, and other security woes.
Removing Jeff Bezos From My Bed ◆ Truffle Security Co.
Eight Sleep smart bed found to contain an exposed AWS key and a likely backdoor that allowed engineers to remotely access users’ beds
trufflesecurity.com
Comments are loading.
This might take a minute...