Hi! I am Creesch, also creesch on other platforms :)

  • 0 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: July 2nd, 2023

help-circle

  • Well, the problem is you don’t know what you don’t know.

    This is true, even recognized in the paper. People that spend more time on writing prompts (probably knowing that this is important) actually did manage to do reasonably well. Which is exactly what I in the previous reply was hinting at.

    Because, let’s be honest, this statement is true for everything where someone starts out new. In the past (and probably still) you had people blindly copying code blocks from stackoverflow not understanding what the code or realizing how outdated the answer might be.

    So the key is still education of people and making them aware of their limitations. You can try to block the usage of tools like this, some companies actively do so. But people will be people and as long as the tools are available they will try to use them. So the more realistic approach, in my opinion, is to educate them in the usage of these tools.


  • For LLM training I do wonder if they assigned a weight, but I doubt it.

    Given my experience with models I think they might actually do assign a weight. Otherwise, I would get a lot more bogus results. It also isn’t as if it is that difficult to implement some basic, naive, weighing based on the amount of stars/forks/etc.

    Of course it might differ per model and how they are trained.

    Having said that, I wouldn’t trust the output from an LLM to write secure code either. For me it is a very valuable tool on the end of helping me debug issues on the scale of being a slightly more intelligent rubber ducky. But when you ask most models to create anything more than basic functions/methods you damn well make sure it actually does what it needs it to do.

    I suppose there is some role there for seniors to train juniors in how to properly use this new set of tooling. In the end it is very similar to having to deal with people who copy paste answers directly from stack overflow expecting it to magically fix their problem as well.

    The fact that you not only need your code/tool to work but also understand why and how it works is also something I am constantly trying to teach to juniors at my place. What I often end up asking them is something along the lines of “Do you want to have learned a trick that might be obsolete in a few years? Or do you want to have mastered a set of skills and understanding which allows you to tackle new challenges when they arrive?”.


  • Most code on GitHub either is unsecure, or it was written without needing to be secure.

    That is a bit of a stretch imho. There are myriads of open source projects hosted on github that do need to be secure in the context where they are used. I am curious how you came to that conclusion.

    I’m already getting pull requests from juniors trying to sneak in AI generated code without actually reading it.

    That is worrysome though. I assume these people have had some background/education in the field before they were hired?




  • Creesch@beehaw.orgtoProgramming@beehaw.orgEmail is Dead
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    As is often the case there is more nuance to this. As others have pointed out, it is still possible to run your own mailserver if you really want to.

    But, there are also other options that aren’t google, microsoft or any other service.

    I personally have registered my own domain and have my mail hosted by mailbox.org. If I am ever dissatisfied with them I can simply pick a different mail hosting provider and move my domain there. Other privacy minded providers can be found here: https://www.privacytools.io/privacy-email

    And there are also more options if you just want reliable mail and care slightly less about overall privacy. Fastmail for example is a popular choice.

    Yes, these are not free. But neither is hosting it yourself as that costs you the VPS/container to host it and a bunch more time and effort.

    What it does provide you with is the ability to no longer use big tech while allowing you to mail with people still having their mail hosted there.