Had an interesting situation where AI coding helped make something more secure.
I was writing a tool to connect to Azure AI, which requires an auth key. Some example code had this coming from an environment variable, which is a super common practice. So I asked AI if there was a way to make this more secure.
I was using Cursor, so it recommended (and implemented) a version where it securely prompted for the string at first launch and then stored the secret via keyring (Credential Manager on Windows).
Storing in keyring is far more secure, but realistically most people wouldn't do it by hand because the environment variable approach is "good enough." But because AI made it so easy, it actually got done.
=> More informations about this toot | More toots from Lee_Holmes@infosec.exchange
@Lee_Holmes I feel like this is a great use of the technology! Far better than trying to replace a customer service team with ChatGPT. #ai
=> More informations about this toot | More toots from scottwilson@infosec.exchange
@Lee_Holmes interesting, I'm also using Azure AI (Foundry) but using the environment variable approach 😅 . Eventually I want to set up Keyvault...
=> More informations about this toot | More toots from rony@novaparis.art.br
@rony Perfect example :) Well, here's how to do it in Rust if you're interested! All of this was AI written - https://github.com/LeeHolmes/ai/blob/main/src/main.rs#L134
=> More informations about this toot | More toots from Lee_Holmes@infosec.exchange This content has been proxied by September (3851b).Proxy Information
text/gemini