Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror

Submission + - New GitHub Copilot Research Finds 'Downward Pressure on Code Quality'

Submitted by theodp
theodp writes: Visual Studio Magazine reports on new research on the effect of AI-powered GitHub Copilot on software development which sought to investigate the quality and maintainability of AI-assisted code compared to what would have been written by a human. Countering the positively-glowing findings of some other studies, the Coding on Copilot whitepaper from GitClear cites some adverse results.

"We find disconcerting trends for maintainability," explains the paper's abstract. "Code churn — the percentage of lines that are reverted or updated less than two weeks after being authored — is projected to double in 2024 compared to its 2021, pre-AI baseline. We further find that the percentage of 'added code' and 'copy/pasted code' is increasing in proportion to 'updated,' 'deleted,' and 'moved 'code. In this regard, AI-generated code resembles an itinerant contributor, prone to violate the DRY-ness [don't repeat yourself] of the repos visited." The paper concludes, "How will Copilot transform what it means to be a developer? There's no question that, as AI has surged in popularity, we have entered an era where code lines are being added faster than ever before. The better question for 2024: who's on the hook to clean up the mess afterward?" Further complicating matters, Computing Education in the Era of Generative AI (Feb. 2024 CACM) notes that "generating and inserting large blocks of code may be counterproductive for users at all levels. This requires users to read through code they did not write, sometimes at a more sophisticated level than they are familiar with."

Interestingly, the AI-generated code maintenance worries are reminiscent of concerns cited in the past for 'Google programmers', Stack Overflow copy-and-pasters, and stitchers of not-quite-compatible libraries, as well as earlier iterations of code generators, including C++ and other 'Next-Next-Finish' code wizards of the 90's and COBOL and PL/I applications generators of the 80's. Everything old is new again, including code maintenance challenges.

Submission + - Windows 11 adds native support for RAR, 7-Zip, Tar archive file formats (techspot.com)

Submitted by jjslash
jjslash writes: Windows 11's last major update, 22H2 introduced native support for managing RAR archives, eliminating the need for third-party software. This enhancement is part of the OS's broader capability improvements for handling various archive file formats. From the report:

Microsoft finally introduced native support for RAR archives earlier this year, just three decades after the format's official introduction in 1993. Windows 11 development is now progressing at an accelerated pace, therefore support for a whole lot of new (ancient) archive formats is coming soon.

Microsoft recently released KB5031455, an optional, feature-rich preview cumulative update for Windows 11, refreshing the list of archive formats natively supported in the OS. Windows 11 22H2 and later versions can now manage files compressed in the following archive types: .rar, .7z, .tar, .tar.gz, .tar.bz2, .tar.zst, .tar.xz, .tgz, .tbz2, .tzst, .txz. Support for password-encrypted archives is not available yet.

Submission + - Firefox 115 released, and its most important feature: It is the new ESR (mozilla.org)

Submitted by williamyf
williamyf writes: Today, mozilla released Firefox 115 ( https://www.mozilla.org/en-US/... ). Changes most visible to users include:

* Hardware video decoding enabled for Intel GPUs on Linux.

* Migrating from another browser? Now you can bring over payment methods you've saved in Chrome-based browsers to Firefox.

* The Tab Manager dropdown now features close buttons, so you can close tabs more quickly.

* The Firefox for Android address bar's new search button allows you to easily switch between search engines and search your bookmarks and browsing history.

* We've refreshed and streamlined the user interface for importing data in from other browsers.

* Users without platform support for H264 video decoding can now fallback to Cisco's OpenH264 plugin for playback.

But the most important feature is that this release is the new ESR. Why this is important? y'all ask, well:

* Many a "downstream" project depends on Firefox ESR, for example the famous email client Thunderbird, or KaiOS (a mobile OS very popular in India, SE Asia, Africa and LatAm), so, for better or worse, whatever made it to (or is lacking from) this version of the browser, those projects have to use for the next year.

* Firefox ESR is the default browser of many distros, like Debian and Kali Linux, so, whatever made it to this version will be there for next year, ditto to whatever is lacking.

* If you are on old & unsupported OSs, like Windows 7, 8 & 8.1 or MacOS 10.14 (Mojave, the last MacOS with support for 32 Bit Apps), 10.13 or 10.12 you will automatically be migrated to Firefox ESR, so this will be your browser until ( Sept. 2024 https://support.mozilla.org/en... )

* Many large organizations use FireFox ESR extensively.

* Many software providers test/certify their SW for FireFox only on the ESR variant.

Download it today from Mozilla (like I'll do), or, if you are on ESR 102, you can wait 8 weeks and it will be offered to you by the automatic update route.

Submission + - 336,000 Servers Remain Unpatched Against Critical Fortigate Vulnerability (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: Researchers say that nearly 336,000 devices exposed to the Internet remain vulnerable to a critical vulnerability in firewalls sold by Fortinet because admins have yet to install patches the company released three weeks ago. CVE-2023-27997 is a remote code execution in Fortigate VPNs, which are included in the company’s firewalls. The vulnerability, which stems from a heap overflow bug, has a severity rating of 9.8 out of 10. Fortinet released updates silently patching the flaw on June 8 and disclosed it four days later in an advisory that said it may have been exploited in targeted attacks. That same day, the US Cybersecurity and Infrastructure Security Administration added it to its catalog of known exploited vulnerabilities and gave federal agencies until Tuesday to patch it.

Despite the severity and the availability of a patch, admins have been slow to fix it, researchers said. Security firm Bishop Fox on Friday, citing data retrieved from queries of the Shodan search engine, said that of 489,337 affected devices exposed on the internet, 335,923 of them—or 69 percent—remained unpatched. Bishop Fox said that some of the vulnerable machines appeared to be running Fortigate software that hadn’t been updated since 2015. “Wow—looks like there’s a handful of devices running 8-year-old FortiOS on the Internet,” Caleb Gross, director of capability development at Bishop Fox, wrote in Friday’s post. “I wouldn’t touch those with a 10-foot pole.”

Submission + - AMAs Are the Latest Casualty In Reddit's API War (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: Ask Me Anything (AMA) has been a Reddit staple that helped popularize the social media platform. It delivered some unique, personal, and, at times, fiery interviews between public figures and people who submitted questions. The Q&A format became so popular that many people host so-called AMAs these days, but the main subreddit has been r/IAmA, where the likes of then-US President Barack Obama and Bill Gates have sat in the virtual hot seat. But that subreddit, which has been called its own "juggernaut of a media brand," is about to look a lot different and likely less reputable. On July 1, Reddit moved forward with changes to its API pricing that has infuriated a large and influential portion of its user base. High pricing and a 30-day adjustment period resulted in many third-party Reddit apps closing and others moving to paid-for models that developers are unsure are sustainable.

The latest casualty in the Reddit battle has a profound impact on one of the most famous forms of Reddit content and signals a potential trend in Reddit content changing for the worse. On Saturday, the r/IAmA moderators announced that they will no longer perform these duties:

— Active solicitation of celebrities or high-profile figures to do AMAs.
— Email and modmail coordination with celebrities and high-profile figures and their PR teams to facilitate, educate, and operate AMAs. (We will still be available to answer questions about posting, though response time may vary).
— Running and maintaining a website for scheduling of AMAs with pre-verification and proof, as well as social media promotion.
— Maintaining a current up-to-date sidebar calendar of scheduled AMAs, with schedule reminders for users.
— Sister subreddits with categorized cross-posts for easy following.
— Moderator confidential verification for AMAs.
— Running various bots, including automatic flairing of live posts

The subreddit, which has 22.5 million subscribers as of this writing, will still exist, but its moderators contend that most of what makes it special will be undermined. "Moving forward, we'll be allowing most AMA topics, leaving proof and requests for verification up to the community, and limiting ourselves to removing rule-breaking material alone. This doesn't mean we're allowing fake AMAs explicitly, but it does mean you'll need to pay more attention," the moderators said. The mods will also continue to do bare minimum tasks like keeping spam out and rule enforcement, they said. Like many other Reddit moderators Ars has spoken to, some will step away from their duties, and they'll reportedly be replaced "as needed."

Submission + - Valve Responds To Claims It Has Banned AI-Generated Games From Steam (techcrunch.com)

Submitted by Anonymous Coward
An anonymous reader writes: Valve has issued a rare statement after claims it was rejecting games with AI-generated assets from its Steam games store. The notoriously close-lipped developer of the Half-Life series and de facto gatekeeper of PC gaming distribution said its policy was evolving and not a stand against AI. Steam has a review and approval process much like any app platform, and its rules on content aren’t always clear until developers test them with edge cases. So it was with one indie dev who posted in a subreddit for like-minded game developers using AI, saying Valve “is no longer willing to publish games with AI generated content.”

The game they had submitted had “a few assets that were fairly obviously AI generated,” and Valve appeared to take issue with this. “As the legal ownership of such AI-generated art is unclear, we cannot ship your game while it contains these AI-generated assets, unless you can affirmatively confirm that you own the rights to all of the IP used in the data set that trained the AI to create the assets in your game,” their first warning letter stated. Then, a week later: “we reviewed [Game Name Here] and took our time to better understand the AI tech used to create it. Again, while we strive to ship most titles submitted to us, we cannot ship games for which the developer does not have all of the necessary rights. At this time, we are declining to distribute your game since it’s unclear if the underlying AI tech used to create the assets has sufficient rights to the training data.”

Considering most AI tools can’t really claim to have legal rights to all their training data (and even if they do, it may still not be an ethical use of that data), this policy as stated basically amounts to a blanket ban on AI-generated assets in games. [...] If the creators can’t realistically claim copyright over their own work, Valve has deemed the risk of publishing that work too high. As such, Valve responded to Eurogamer to say that, basically, their policy is more “what’s legally required” than any particular stance on AI.

Slashdot Top Deals

"The identical is equal to itself, since it is different." -- Franco Spisani

Close