CraftDev — Protection First. Then Deploy.

Curated incidents for AI-assisted coding · outbound links only · no on-site article bodies

2 posts on this page · 2 total · newest first

Thumbnail: Your CPU Is Lying to You

Your CPU Is Lying to You

· muratkarslioglu.com

Research from Google, Meta, and industry papers shows “mercurial” CPU cores can silently return wrong results at roughly one affected machine per thousand, while storage-layer checksums (e.g., ZFS, object-store shard ha…

Lesson learned

Treat every CPU boundary as untrusted: use strong cryptographic verification at ingest and between processing stages, cross-check distributed replicas (e.g., gradient hashes), and design storage and AI pipelines for end-to-end integrity rather than disk-only guarantees.

infrastructure reliability architecture
Read at source
Thumbnail: AI-generated code poses new security challenges for SAST vendors and training companies

AI-generated code poses new security challenges for SAST vendors and training companies

· www.linkedin.com

David Lindner argues legacy SAST vendors and security training assume a human writes, understands, and acts on findings about code, but many teams now prompt and accept AI suggestions with limited modification. High acc…

Lesson learned

Treat AI-generated codebases as a different risk model: pair traditional shift-left tooling with strong runtime detection and governance, and reset expectations for review capacity and accountability.

security ai-safety architecture devops
Read at source