https://www.strix.ai/blog/cal-com-is-closing-its-code-due-to-ai-threats
Article
-
Cal.com closed its source citing AI-automated vulnerability discovery as the threat
-
Strix (a security firm) argues closing source doesn’t shrink the attack surface
-
AI should be integrated into CI/CD pipelines to defend, not used as excuse to close
-
Security through obscurity is a tradeoff, not a real strategy
Discussion
-
Most commenters agree the AI security rationale is a convenient excuse for a hard OSS business
-
Real concern: AI scales vulnerability scanning infinitely, overwhelming small maintainer fix capacity
-
simonw not present; dom96 raises sharper risk: LLMs can relicense-bypass by rewriting your OSS in another language
-
Article flagged as self-serving content marketing by Strix, who profits regardless of open/closed source
Discuss on HN