rich1.0Jameson Lopp (npub17u…wt4tp)https://nostr.ae/npub17u5dneh8qjp43ecfxr6u5e9sjamsmxyuekrg2nlxrrk6nj9rsyrqywt4tpnjumphttps://nostr.aeHoly shit, the latest OpenSSL release patches 12 zero-day vulnerabilities, all of which were discovered by AI agents. The really crazy thing is that 3 of the bugs had been present since 2000, for over a quarter century having been missed by intense machine and human effort alike. One predated OpenSSL itself, inherited from Eric Young’s original SSLeay implementation in the 1990s. All of this in a codebase that has been fuzzed for millions of CPU-hours and audited extensively for over two decades by teams including Google's. It's pretty scary to realize that fundamental aspects of everyday internet security have been vulnerable for decades. I can only imagine that AI is going to unearth many more vulnerabilities in the coming years.