OpenAI announced a new initiative on Monday designed to assist the open supply group enhance its cybersecurity sport and chase away bugs.
“Patch the Planet,” (which is a not-so-subtle allusion to “Hack the Planet,” the long-lasting catch phrase from the 1995 film Hackers) will see OpenAI staff up with the safety firm Trail of Bits to assist open supply maintainers safe their initiatives.
OpenAI mentioned safety employees from Path of Bits will work straight with open supply maintainers to evaluate potential code points. OpenAI’s safety instruments — like Codex Safety — shall be used to help within the course of.
“Many maintainers are already being requested to kind by means of extra studies, extra shortly, with the identical restricted time and sources,” OpenAI mentioned Monday. “Patch the Planet is constructed to cut back that burden, not add to it: safety engineers evaluate findings earlier than they attain maintainers, work with initiatives to develop patches and exams, and construct reusable workflows that assist groups proceed enhancing safety after the primary fixes land.”
In different phrases, Path of Bits engineers will perform roughly like code EMTs — there to assist open supply challenge maintainers determine and triage potential points, all supported by OpenAI’s software program. It appears like an bold challenge, and it’s considerably unclear the way it will perform in the long run, or the way it plans to scale up (if in any respect).
Open supply initiatives are the digital bedrock upon which the industrial software program trade rests, however, sadly, because of the decentralized and poorly monitored construction of that ecosystem, a lot of the software program is insecure. Bugs in open-source initiatives can flip into main issues for industrial codebases. The log4j debacle from a number of years in the past — when a foul vulnerability was found in a extensively used open supply utility — is an effective instance.
A lot of the priority surrounding instruments like Mythos (Anthropic’s extremely publicized safety instrument) appears to stem from the truth that AI can now robotically determine present bugs inside codebases and set about creating exploits for them. Whereas the automation of cybercrime just isn’t new, these instruments undoubtedly have the potential to make it considerably extra handy for unhealthy actors.
OpenAI is popping that system on its head by utilizing AI to assist the open supply group higher defend itself. It’s exhausting to not learn it as a aggressive swipe at Anthropic, whereas additionally recognizing that it’s one thing the open supply group desperately wants.
Once you buy by means of hyperlinks in our articles, we may earn a small commission. This doesn’t have an effect on our editorial independence.

