Title: Hiqh-Quality Chaos - on finding flaws in code with AI
Abstract:
Back in the Artisenal era it took significant amounts of skill, time and
effort to find security problems in software. With the rise of powerful AI
tools used for this purpose, we have transitioned through a period with
aggressive halucinations into a time of high-volumne, high-quality security
reports flooding all Open Source projects. A vulnapocalypse.
Based on his experiences in the curl project, one of the world's most widely
used software components, Daniel describes the current reality, backed by
real-world numbers. This isn't a corporate pitch or a sanitized marketing
deck. Just the cold truth, viewed from one Open Source developer's point of
view. Daniel offers a candid look at the signal-to-noise crisis facing modern
software developers.
"No company mumbo-jumbo. No sales speak. Just the reality of Open Source
security from a person living it."
Biography:
Daniel Stenberg is a Swedish Internet protocol expert and developer who has participated in and worked with Open Source for thirty years. Perhaps most known for being the founder and lead developer of the curl project, one of the world's most widely used software components. He participates in protocol development within the IETF and has authored books on curl, Open Source, HTTP/2, HTTP/3 and is a frequent public speaker. Daniel is the president of the European Open Source Academy and a three-time medal receiver for his Open
Source work. Employed by wolfSSL.
