Shellphish, a team of hackers from Arizona State University, the University of California at Santa Barbara, and Purdue University, is one of about 40 contestants in the competition. The team has been working on the project in a rental house in Orange County, using their AI-enhanced programs to improve millions of lines of real code. The team, which has been around for 20 years, is hoping to make it to the finals of the competition, where the winner will receive $2 million in 2025. Regardless of the outcome, their AI-aided code will be released as open-source for others to build upon, improving security for everyone.
Key takeaways:
- The Defense Advanced Research Projects Agency (DARPA) is sponsoring a two-year contest where hackers are tasked with writing a program that can scan millions of lines of open-source code, identify security flaws and fix them, all without human intervention.
- Open-source software, which is used in everything from websites to power stations, is seen as one of the country's biggest security risks due to a lack of skilled engineers testing it.
- Team Shellphish, one of about 40 contestants in the competition, is using AI to find vulnerabilities and patch them. The team is also using AI to debate the best fixes and to catch hallucinations.
- Under the terms of the DARPA contest, all finalists must release their programs as open source, so that software vendors and consumers will be able to run them, improving security for everyone.