Want to create an interactive transcript for this episode?
Podcast: Business of Tech: Daily 10-Minute IT Services Insights
Episode: AI Code Hallucinations Risk Security, Intel Sells Altera, SSL Certificates Shortened, Tariffs Return
Description: AI-powered code generation tools are raising significant security concerns within the software supply chain. Recent research indicates that a notable percentage of package suggestions from both commercial and open-source models are non-existent, a phenomenon referred to as "hallucination." This issue allows malicious actors to exploit these fictitious package names by uploading harmful software to package registries, a tactic known as slop-squatting. Experts emphasize the importance of manual verification and the use of dependency scanners to mitigate these risks, highlighting that developers must rigorously test AI-generated code in isolated environments before deployment.In the tech industry, Intel has...