I don't consider this a problem. Copilot was trained on public repos, so these s... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

WillDaSilva on July 5, 2021 | parent | context | favorite | on: GitHub Copilot regurgitates valid secrets

I don't consider this a problem. Copilot was trained on public repos, so these secrets had to be checked into public repos. They were already totally public, and should have been invalidated/replaced and redacted. Copilot might result in previously undiscovered published secrets being found, but that's not much worse than anyone finding one under normal circumstances.

intricatedetail on July 5, 2021 [–]

Have they produced evidence it was trained only on public repos? They should release the model and tooling so we can verify that.

treesprite82 on July 5, 2021 | [–]

The easiest way to test this would probably be to try to get it to generate code/secrets that appear only in private repos.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact