The workshop event about open code from the OPENness at TU Graz series
In the talk from Roman Kern about Open Source and Large Language Models an interesting paper was recommended:
Harnessing the Power of LLMs in Practice: A Survey on ChatGPT and Beyond by Yang, J., Jin, H., Tang, R., Han, X., Feng, Q., Jiang, H., … & Hu, X. (2023) https://dl.acm.org/doi/10.1145/3649506
In an inspiring workshop session with Wolfgang Slany, he told a story from a cyber security congress where a live coding demo took place in front of many experts. What seemed like a small improvement would have actually been a backdoor – because the complexity of the code and the speaker’s thought process were insidious, so the live code review by the large audience didn’t initially recognize the threat. The discussion about trust in open source projects was more topical than ever, two weeks later an urgent security announcement with the highest CVSS score of 10.0 XZ Utils. More details: https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
A paper recommendation on the topic of trust by Wolfgang Slany:
Reflections on trusting trust by Ken Thompson (1984) https://doi.org/10.1145/358198.358210