Not anytime soon. As in certainly not in the next 50 years. The little problem is that current AI is exclusively "weak AI". and that is the AI without intelligence. All it can do is statistical classification and that is not enough. So for the foreseeable future, the only thing that can make code secure is competent coders. "Pay peanuts, get monkeys" is the main problem that causes insecure code.
Ah, yes. Python, the language that pretty much requires its users to know what they are doing. Just like C, come tho think of it. All the hate against these languages comes from one corner only: Those that cannot hack it.
And then there are the cases where programs can access things and the security requirement is that they must not misuse them. Which is pretty much the most important case these days and most of it cannot be solved by MAC. You miss about 90% of the problem with your statement.
That will go well. Especially as Rust is nowhere near the "silver bullet" it is claimed to be. No. Just no.
The actual fix is to hire competent coders. Incompetent ones will make their code just as insecure in Rust as they do in C. Sure, the insecurities will be different ones, but that is it. Software quality never has been a question of the language used. The only influence the language used has is how long coding takes. Software quality (and in particular security) is solely a question of the skills of the coders used and the time they are given.
My take is that this is just another cretin that mistakes "new" for "good" and "old" for "bad".
I have stopped listening when people claim things can be done that are actually impossible. In all cases, they are just full of it, usually by misstating the border conditions or not actually understanding what they claim to understand or, surprise!, buy suddenly claiming something else than they did initially. Waste of my time. And you are too, so I will now stop answering.
That is because I got a pretty good education on crypto 25 years ago and I have kept current in the meantime. I do not need to look this stuff up, it is covered by the basics. You apparently have not bothered finding out even said basics or you are too mentally limited to understand them.
Quite in line with my assessment of you being a moron. Or more exactly a Dunning-Kruger far left-side sample, i.e. big, big ego and really small skills.
Not credible and does not match published research. Oh, sure, they are using the limitations of what is possible to do marketing by giving it a positive spin, but the limitations are real.
Well, the evidence points to you being a moron, as you apparently do not even know about a standard-attack against cryptographic signatures, yet claim they solve the issue. You are similar to your idol Poettering in that, I guess.
And more cluelessness. Crypto-signing done locally with everything only stored locally afterwards is worthless. Again, some actual understanding of what crypto can and cannot do is required. You are completely clueless and incompetent. It is painful to watch you disgracing yourself again and again.
No, it's both. There was a valid problem: sysvinit was decrepit and unsuitable for modern systems, as seen by the fact that every other Unix system out there has abandoned it and has something that resembles systemd in some way (Solaris has SMF, MacOSX has something else).
That is clueless nonsense. For most situations, sysVinit works just fine. SMF, incidentally, has its own problems and many Solaris admins really hate it, but it can deal with unmodified sysVinit scripts.
One of the reasons my employer will stay away from systemd and, if that becomes unworkable on Linux, will move to one of the xBSDs. Replacing things that work well with complex crap is just not acceptable at all. It does not speak well for the current state of the Linux community that an incompetent cretin can engineer a hostile takeover of this size.
And that is the core problem. This moron cannot recognize what is important and what is not. Add the fanatic followers he has and that whole thing becomes extremely dangerous.
Funny. The level of your cluelessness is staggering. This is about enterprise computing, and of course logs get transferred out to protect them. There may be some revision-proof storage at the end somewhere, but there always is a network connection first. You can deride and ridicule all you want, people with an actual clue will see you for the cretin you are.
An AI is only as good as the people that have taught it.
Humans don't "teach" it. It learns directly from raw data.
And fail. For these application you can only do supervised learning, and that means exactly that humans "teach" it. Unsupervised learning is only useful for identifying clusters, but not for what they mean. Hence learning from "raw data" is completely worthless here.
Retraining is subject to pretty strongly diminishing returns. Also, the human experts spend only a small part of their time on the simple things, because they see at a glance what is going on. They do spend most of their time on the tricky stuff and that is not accessible to weak AI anytime soon, if ever. And strong AI is not even on the very distant horizon, and may never become available.
Don't worry. I recently had a chance to talk to some Watson people from IBM, and while they see excellent potential for supporting experts in diverse fields, the answer as to replacing experts was "not in the next 50 years". That is pretty extreme, as they really know what the state-of-the-art is.
And nobody honest claims that they can. For example, the Watson people from IBM say "will not replace experts in the next 50 years". The state of the art in AI gets massively overestimated all the time. Actual fact is that the only thing available is "weak AI", and that one does not have any actual intelligence and is restricted to library look-up and statistical classificators. Very useful, but not even remotely doing what a smart and experienced human being can do. These algorithms do not have insight or understanding and they cannot get it. It is not a question of computing power either.
Not anytime soon. As in certainly not in the next 50 years. The little problem is that current AI is exclusively "weak AI". and that is the AI without intelligence. All it can do is statistical classification and that is not enough. So for the foreseeable future, the only thing that can make code secure is competent coders. "Pay peanuts, get monkeys" is the main problem that causes insecure code.
Ah, yes. Python, the language that pretty much requires its users to know what they are doing. Just like C, come tho think of it. All the hate against these languages comes from one corner only: Those that cannot hack it.
And then there are the cases where programs can access things and the security requirement is that they must not misuse them. Which is pretty much the most important case these days and most of it cannot be solved by MAC. You miss about 90% of the problem with your statement.
That will go well. Especially as Rust is nowhere near the "silver bullet" it is claimed to be. No. Just no.
The actual fix is to hire competent coders. Incompetent ones will make their code just as insecure in Rust as they do in C. Sure, the insecurities will be different ones, but that is it. Software quality never has been a question of the language used. The only influence the language used has is how long coding takes. Software quality (and in particular security) is solely a question of the skills of the coders used and the time they are given.
My take is that this is just another cretin that mistakes "new" for "good" and "old" for "bad".
No. And for obvious reasons. That "comeback" just means you have run out of arguments.
You seriously want to claim that after-the-fact labeling of the clusters by experts is "learning from the raw data" and not "learning from humans"?
I have stopped listening when people claim things can be done that are actually impossible. In all cases, they are just full of it, usually by misstating the border conditions or not actually understanding what they claim to understand or, surprise!, buy suddenly claiming something else than they did initially. Waste of my time. And you are too, so I will now stop answering.
That is because I got a pretty good education on crypto 25 years ago and I have kept current in the meantime. I do not need to look this stuff up, it is covered by the basics. You apparently have not bothered finding out even said basics or you are too mentally limited to understand them.
Quite in line with my assessment of you being a moron. Or more exactly a Dunning-Kruger far left-side sample, i.e. big, big ego and really small skills.
Not credible and does not match published research. Oh, sure, they are using the limitations of what is possible to do marketing by giving it a positive spin, but the limitations are real.
Well, the evidence points to you being a moron, as you apparently do not even know about a standard-attack against cryptographic signatures, yet claim they solve the issue. You are similar to your idol Poettering in that, I guess.
And more cluelessness. Crypto-signing done locally with everything only stored locally afterwards is worthless. Again, some actual understanding of what crypto can and cannot do is required. You are completely clueless and incompetent. It is painful to watch you disgracing yourself again and again.
No, it's both. There was a valid problem: sysvinit was decrepit and unsuitable for modern systems, as seen by the fact that every other Unix system out there has abandoned it and has something that resembles systemd in some way (Solaris has SMF, MacOSX has something else).
That is clueless nonsense. For most situations, sysVinit works just fine. SMF, incidentally, has its own problems and many Solaris admins really hate it, but it can deal with unmodified sysVinit scripts.
Indeed. Linus is an excellent kernel architect, but he fails pretty seriously on the system level.
One of the reasons my employer will stay away from systemd and, if that becomes unworkable on Linux, will move to one of the xBSDs. Replacing things that work well with complex crap is just not acceptable at all. It does not speak well for the current state of the Linux community that an incompetent cretin can engineer a hostile takeover of this size.
And that is the core problem. This moron cannot recognize what is important and what is not. Add the fanatic followers he has and that whole thing becomes extremely dangerous.
Funny. The level of your cluelessness is staggering. This is about enterprise computing, and of course logs get transferred out to protect them. There may be some revision-proof storage at the end somewhere, but there always is a network connection first. You can deride and ridicule all you want, people with an actual clue will see you for the cretin you are.
That is complete nonsense. Locally kept logs can always be manipulated. Takes some actual understanding to see that though.
That seems to be accurate. He and his team also are lacking quite a bit of other insights, for example into what this pesky "Unix philosophy" is.
Indeed. That is the main problem with it. On wonders whether this is an indicator of plain incompetence?
No. Emacs works well, given enough resources.
An AI is only as good as the people that have taught it.
Humans don't "teach" it. It learns directly from raw data.
And fail. For these application you can only do supervised learning, and that means exactly that humans "teach" it. Unsupervised learning is only useful for identifying clusters, but not for what they mean. Hence learning from "raw data" is completely worthless here.
Retraining is subject to pretty strongly diminishing returns. Also, the human experts spend only a small part of their time on the simple things, because they see at a glance what is going on. They do spend most of their time on the tricky stuff and that is not accessible to weak AI anytime soon, if ever. And strong AI is not even on the very distant horizon, and may never become available.
Don't worry. I recently had a chance to talk to some Watson people from IBM, and while they see excellent potential for supporting experts in diverse fields, the answer as to replacing experts was "not in the next 50 years". That is pretty extreme, as they really know what the state-of-the-art is.
It is. Sort of. But it is weak AI (the "AI" without actual intelligence) and far, far removed from what a radiologist does.
And nobody honest claims that they can. For example, the Watson people from IBM say "will not replace experts in the next 50 years". The state of the art in AI gets massively overestimated all the time. Actual fact is that the only thing available is "weak AI", and that one does not have any actual intelligence and is restricted to library look-up and statistical classificators. Very useful, but not even remotely doing what a smart and experienced human being can do. These algorithms do not have insight or understanding and they cannot get it. It is not a question of computing power either.