- cross-posted to:
- programming
- machine_learning@programming.dev
cross-posted from: https://programming.dev/post/8121843
~n (@nblr@chaos.social) writes:
This is fine…
“We observed that participants who had access to the AI assistant were more likely to introduce security vulnerabilities for the majority of programming tasks, yet were also more likely to rate their insecure answers as secure compared to those in our control group.”
[Do Users Write More Insecure Code with AI Assistants?](https://arxiv.org/abs/2211.03622?
- Daxtron2 ( @Daxtron2@startrek.website ) 41•5 months ago
I think this is extremely important:
Furthermore, we find that participants who trusted the AI less and engaged more with the language and format of their prompts (e.g. re-phrasing, adjusting temperature) provided code with fewer security vulnerabilities.
Bad programmers + AI = bad code
Good programmers + AI = good code
LLMs amplify biases by design, so this tracks.
- Cyclohexane ( @cyclohexane@lemmy.ml ) 17•5 months ago
A worrying number of my colleagues use AI blindly. Like the kind where you just press tab and not even look. Those who look spend a second before moving on.
They call me anti-AI, even though I’ve used chatGPT since day 1. Those LLMs are great tools, but I am just paranoid to use it in that manner. I rather it explain to me how to do the thing instead of doing the thing (at which it is even better).
EDIT: Typo
- Spzi ( @Spzi@lemm.ee ) English3•5 months ago
Those LLMs are great fools, but I am just paranoid to use it in that manner.
Exquisite typo. I also agree to everything else you said.
- Irdial ( @vhstape@lemmy.sdf.org ) English6•5 months ago
In a shock to literally nobody… Jokes aside, I am looking forward to reading this paper
- CCMan1701A ( @CCMan1701A@startrek.website ) 4•5 months ago
I’m not even sure how to utilize AI to help me write code.
There are lots of services to facilitate it. Copilot is one of them.
- Spzi ( @Spzi@lemm.ee ) English2•5 months ago
There’s a very naive, but working approach: Ask it how :D
Or pretend it’s a colleague, and discuss the next steps with it.
You can go further and ask it to write a specific snippet for a defined context. But as others already said, the results aren’t always satisfactory. Having a conversation about the topic, on the other hand, is pretty harmless.
- pkill ( @pkill@programming.dev ) 1•5 months ago
Also one really good practice from pre-Copilot era still holds, that many new users of copilot, my past self included might forget: don’t write a single line of code without knowing it’s purpose. Another thing is that while it can save a lot of time on boilerplate, you need to stop and think whenever it’s using your current buffer’s contents to generate several lines of very similar code whether it wouldn’t be wiser to extract the repetitive code into a method. Because while it’s usually algorithmically correct, good design still remains largely up to humans.
- Auzy ( @Auzy@beehaw.org ) 1•5 months ago
Copilot or Tabnine are the two major ones.
They’re awesome for some things (especially error handling). But no… AI will not take over the world anytime soon
- pkill ( @pkill@programming.dev ) 2•5 months ago
- Digital Mark ( @mdhughes@lemmy.ml ) English2•5 months ago
Good programmers - AI = best code.