AI Code Hallucinations Risk Security, Intel Sells Altera, SSL Certificates Shortened, Tariffs Return

AI-powered code generation tools are raising significant security concerns within the software supply chain. Recent research indicates that a notable percentage of package suggestions from both commercial and open-source models are non-existent, a phenomenon referred to as "hallucination." This issue allows malicious actors to exploit these fictitious package names by uploading harmful software to package registries, a tactic known as slop-squatting. Experts emphasize the importance of manual verification and the use of dependency scanners to mitigate these risks, highlighting that developers must rigorously test AI-generated code in isolated environments before deployment.In the tech industry, Intel has made headlines by selling a 51% stake in its programmable chip business, Altera, to private equity firm Silverlake for $4.46 billion. This decision comes after Intel's acquisition of Altera for $16.7 billion in 2015, reflecting a significant drop in valuation. The move is part of a broader strategy to sharpen focus and strengthen the company's balance sheet amid ongoing challenges in the semiconductor market. Despite retaining a minority stake in Altera, Intel's actions raise questions about its ability to compete effectively in critical areas like AI-optimized silicon.Another pressing issue is the impending reduction of the maximum lifespan for SSL and TLS certificates, which will be cut to just 47 days by 2029. This change, supported by major tech companies, aims to enhance digital security by minimizing risks associated with compromised certificates. The transition will require automated and integrated certificate management solutions to keep pace with the new renewal cycles, emphasizing the need for proactive risk management in the evolving threat landscape.Lastly, the reinstatement of tariffs on electronics, including smartphones and laptops, is set to impact the tech industry significantly. The U.S. government aims to encourage domestic manufacturing, but the unpredictability of trade policies complicates planning for businesses. As companies navigate these challenges, they must adopt flexible strategies that account for ongoing volatility in the supply chain and procurement processes, ensuring they remain responsive to changing market conditions. Four things to know today 00:00 Copy, Paste, Compromise? Why AI Code Suggestions Could Lead to Big Security Problems04:45 Altera Is Out, $8.75B Is In—But Intel’s Chip Future Is Still in Question06:46 Got 47 Days? Why Your SSL Certificates Just Got a Whole Lot Needier08:14 One More Time with Feeling: Tech Tariffs Are Back, and the Forecast Is Still Chaos  Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship https://getflexpoint.com/msp-radio/   Join Dave April 22nd to learn about Marketing in the AI Era.  Signup here:  https://hubs.la/Q03dwWqg0  All our Sponsors:   https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech