AI as advanced fuzz-testing is ridiculously helpful though - hardly any bug you can in this sort of advanced system is a specification logic bug. It's low-level security-based stuff, finding ways to DDOS a local process, or work around OS-level security restrictions, etc.
replyI'm kind of doubtful that AI is all that great at fuzz testing. Putting that aside though, we are talking about web browsers here. Security issues from bad specification or misunderstanding the specification is relatively common.
replyRe-read the thread you are replying to.
replyEach of the last 4 comments in your thread (including yours) are conflating what they mean by AI.
You must be lost.
replyWell, yes, agreed - that is the essential domain complexity.
replyBut my argument is that we can work to minimize the time we spend on verifying the code-level accidental complexity.
Sure, but that is what we've been doing since the early 2000s (e.g. aslr, read only stacks, static analysis, etc).
replyAnd we've had some succeses, but i wouldn't expect any game changing breakthroughs any time soon.