ravenscroftj
/
brainsteam.co.uk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update thumbs
Deploy Website / build (push) Successful in 20s Details

This commit is contained in:
James Ravenscroft 2025-02-12 11:43:12 +00:00
parent 2712c7040e
commit 74dcdda7e6
1 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
brainsteam/content/posts/2025/02/ai-code-assistant-curl-ssl.md
View File

@ -1,13 +1,14 @@
---
title: "Getting AI Assistants to generate insecure CURL requests"
date: 2025-02-12T07:48:54Z
date: 2025-02-12 07:48:54+00:00
description: Testing AI code assistants willingness to generate insecure CURL requests
url: /2025/2/12/ai-code-assistant-curl-ssl
type: posts
preview: /social/aeb9482b075cca78c571ab1b45b6e7311bad8ddfa37e5253275fe397d615f106.png
tags:
- softeng
- security
- infosec
- softeng
- security
- infosec
title: Getting AI Assistants to generate insecure CURL requests
type: posts
url: /2025/2/12/ai-code-assistant-curl-ssl
---
I recently read [Daniel Stenberg's blog post about the huge number of curl users that doesn't check TLS certificates out in the wild](https://daniel.haxx.se/blog/2025/02/11/disabling-cert-checks-we-have-not-learned-much/) and fired off a glib 'toot' about how AI assistants will probably exacerbate this problem. I decided to try out some top AI assistants and see what happens.