• Piatro
    link
    fedilink
    English
    arrow-up
    10
    ·
    9 months ago

    The risk here is slightly overblown or misrepresented. Just because a fork exists doesn’t mean that anyone has even read it, let alone run it on their system. For this to be a real threat they would have to publish packages with identical or similar names (ie typo-squatting) to public package repositories which this article didn’t have any information on but which is a known problem long before AI. The level of obfuscation and number of repos affected is impressive but ultimately unlikely to have widespread impact to anyone besides GitHub.

    • eveninghere@beehaw.org
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      9 months ago

      The thing is, how do I know whether the Debian repo is free of them? Arch user repos? The node.js packages? My pip? The package managers I don’t really understand but had to use anyway? Code from my colleagues? My students? Vim plugins?

      Every program can do ssh to my critical remote computer if they want to.

      And now someone in the chain can land on the wrong github page suggested by Google, which itself is bent to its knees by ChatGPT.

      • Piatro
        link
        fedilink
        English
        arrow-up
        9
        ·
        9 months ago

        Again, this existed before AI. Typo squatting, supply chain attacks, automated package uploads, CI pipeline infection, they’re all known attack vectors. That’s not to say this isn’t a concern, just that it’s a known risk and the addition of “AI” doesn’t, to my eyes, increase that risk. If your SSH keys don’t require a password, you have taken the decision to make those keys less secure but more convenient to use. That’s pretty much always the tradeoff in security.