Hacker News new | past | comments | ask | show | jobs | submit
kelseyfrog | on: Is legal the same as legitimate: AI reimplementation and the erosion of copyleft
In the corporate world, we've started using reimplementation as a way to access tooling that security won't authorize.

Sec has a deny by default policy. Eng has a use-more-AI policy. Any code written in-house is accepted by default. You can see where this is going.

We've been using AI to reimplement tooling that security won't approve. The incentives conspired in the worst outcome, yet here we are. If you want a different outcome, you need to create different incentives.

kemitchell | parent
Not Invented Here's long, slow mutagenic march toward full antibiotic resistance continues apace.

There is a fundamental corpo-cognitive dissonance, to boot. If "AI" is cheap enough and good enough to implement security-relevant software from `git init` repeatedly, why isn't it also cheap enough and good enough to assess and approve the security of third-party software at pace with internal adoption? Is there some basis to believe LLMs' leverage on production differs from its leverage on analysis of existing code?