Some predictions on 2030 AI capabilities. But I think it's too pessimistic in its implications: if AI bug-finding is easy, then *the devs themselves* could use it to strip out bugs first.

Average code has 15-50 bugs per 1000 lines; if consumer bug-finders could catch 99%, then quite a few apps could become bug-free.

1k lines is a lot: four apps that I wrote for personal use and regularly use (findable on https://github.com/vbuterin ) are a total of 919 lines of code.

I feel like people forget too much that the "endgame" of cybersecurity (what happens if defense *and* offense become ultrasophisticated) is quite defense-favoring.

Game Director / Tokenomics Team @AnimocaBrands. Previously: Star Wars, Far Cry 6. Member @WolvesDAO

This is just the basics of cryptography: encryption and signatures are easy to produce, exponentially hard to break.

The by-far-biggest reason this asymmetry isn't reflected in real life is gaps between intent and written code (aka bugs).

Would love to know more about the game theory that suggests defense favouring, given that defence by nature is on the back foot.

Keen to read more in this field

I suspect if you sum up across all applications, "my share" of that code would be less than 919 lines, so "if everyone chipped in" that could be secured with the same tools.

Problem is of course that it's a public goods problem.

Yeah but those 919 lines of code run on top of a complex stack of software, hardware, networking protocols, etc. Even if the code itself becomes bug free there is still a high likelihood of bugs in "other" code introducing vulnerabilities. Case in point: Heartbleed.