alt.hn

6/9/2026 at 7:37:35 PM

Devs know AI code is riddled with holes, but ship it anyway

 https://www.theregister.com/devops/2026/06/09/devs-know-ai-code-is-riddled-with-holes-but-ship-it-anyway/5252824

by speckx

6/9/2026 at 8:10:23 PM

"Reasons given include pressure to deploy quickly, vulnerabilities being too difficult to fix, and reliance on other controls to pick up the pieces."

Are they not warning their bosses? I find this reasoning hard to believe. If management doesn't care, the problem has little to do with AI. A more reasonable explanation is that they hate that they are forced to use AI and they ship Swiss cheese as and act of sabotage, apathy, or to prove AI's incompetence at taking over their job.

by sdellis

6/9/2026 at 9:37:43 PM

AI isn't the source of the problem (as you point out, bad management is a preexisting problem), but it exacerbates it significantly. I think it's still worthwhile to call out a new factor that's making an existing problem much worse.

by saghm

6/9/2026 at 10:39:48 PM

> Are they not warning their bosses?

Where do you think the pushing is coming from?

by mcphage

6/9/2026 at 8:18:28 PM

On one had, AI is being used to cybersecurity and used to find bugs in Linux etc. On the other hand, it seems that AI can't write code without bugs.

So where is the disconnect?

by aogaili

6/9/2026 at 9:32:13 PM

I don't see a disconnect. AI generates things that are similar to existing things (but partly made up and subtly wrong), so just like how it can generate somewhat correct code it can also generate somewhat correct vulnerability reports.

by ptx

6/9/2026 at 9:32:24 PM

Humans can't write code without bugs either, especially in languages like the one Linux is written in. It's not a binary though, either in terms of how involved the human is in crafting the output and how many bugs are in the code that's getting merged, so I don't think that blanket statements like "AI writes bugs" or "AI finds bugs" are particularly meaningful.

by saghm

6/9/2026 at 8:36:00 PM

AI is thinking about its own job security at this point.

by sdellis

6/9/2026 at 8:09:18 PM

One important factor is that those who don't want to ship the bug riddled code are being labeled as less productive and laid off.

by thih9

6/9/2026 at 8:11:40 PM

Yep, that's a management problem. Not an AI problem.

by sdellis

6/9/2026 at 8:19:07 PM

It might as well be both.

If only because the structure present in the parent comment ("it's A, not B") is considered an AI tell.

by thih9

6/9/2026 at 9:40:44 PM

Those aren't exclusive. The hydrogen in the Hindenberg was a problem even if a spark was needed to ignite it.

by saghm

6/9/2026 at 9:15:20 PM

It’s because upper management demands it. Do most of your coding with an LLM or find another job, etc. How much you “llm all the things” is now a measured performance metric.

It’s pure madness but employees are obligated to give the people that pay them what they want. Either that or lose your healthcare and housing.

by klipklop

6/9/2026 at 8:11:58 PM

When companies like Microsoft can get away with it with zero consequences, it sort of seems like less of an issue.

by Jzush

6/9/2026 at 8:40:09 PM

I didn't realize all code before LLM was hole proof.

by mmmlinux

6/9/2026 at 9:38:46 PM

This might shock you, but there are more precise numbers than "none" and "some". In fact, some of the ones that aren't "none" are even larger than others!

by saghm

6/9/2026 at 9:23:40 PM

"Thing is worse after change."

"I didn't realize thing was perfect before change!"

by xboxnolifes

6/9/2026 at 9:03:02 PM

It wasn't. But it had fewer holes than what the LLMs make.

by bigstrat2003