Comment Re: Not with this administration (Score 1) 43
Until you discover that there's no middle class left and the bubble collapses.
Until you discover that there's no middle class left and the bubble collapses.
Have they tried to debloat?
Windows is just a glorified program loader.
Suppose the question is 'high quality'.
It absolutely floods the field with false positives.
However, depending on the context, you can still see some issues a human is likely to miss. It's an idiot with crazy attention to detail.
So you can't count on it to catch things a human would and in many scenarios it will fire off more false positives than anything vaguely right, but it does represent a value in a more manageable haystack to catch certain issues.
But go back to a reasonable level of skepticism about suggested fixes, and ensure even if you agree with the LLM on an issue, that you understand it well enough to not get screwed over by the LLM suggestion...
Note that even if it is motivated by dubious ways, even if it is propaganda, that doesn't *necessarily* mean it is disinfirmation.
As they say, the best propaganda is true.
Looks like the same method, but the dump has been slow enough to not look like a dump, just slowly wear down the competition. And with few competitors it's possible to raise the prices.
It's not sufficient, and it has a lot of false positives, but it can help get a smaller haystack with some of the needles that a human review can miss.
Code review for quality and security is something the LLMs can help without much inherent downside, so long as you do not trust the review but use it instead as an additional pass and make sure you follow up and understand any 'finding'. It *is* a risk if you take it as replacing the need for carefully considered human review, but with discipline you can have the best of both worlds: actually intelligent human review and the detailed coverage an LLM tends to get.
I've found that it's usually wrong, but a fair amount of time despite being wrong, understanding the area it was wrong about yields an a real problem it didn't catch. Then of course, upon occasion it is simply correct.
I would be extra wary of suggested remediations just like other generated code, but I would look into things it flags as somehow tricky.
What if...
Someone (say someone who was familiar with doxygen and GCC) developed number of comment types, where some stipulated preconditions that must be true for the function to run correctly, postconditions that must be true once the function has run, kernel facilities that the function definitely needs, and kernel facilities that the function definitely doesn't need. These would all be optional for any given function.
A static checker could then validate if the code meets the behaviour expected by the programmer. This is precisely what is done in SPARK, a fork of Ada for high-reliability code. Combined with existing static checker capabilities, this would greatly increase the number of bugs that could be caught with all kinds of tools, AI included.
It could ALSO build a full fine-grained mapping for any fine-grained mandatory access controls system. You'd also want includes that you could import for precompiled libraries. This would allow someone to verify if the code was making unanticipated/undesirable calls but would also make SELinux possible to develop for at the application level.
It would not be trivial. If it was trivial, it would have been done simply because it already IS done in other languages and that makes it "obvious" to anyone who has been programming for a while. However, it should not be massively complicated, simply because you can use AI as the static checker. Once it has a definite set of bounda that must be satisfied, it should be much more capable of knowing what paths would violate those bounds. Which means that the checker stage essentially is trivial today, leaving only the markup stage.
I work with people, not tools.
But what about when the people *are* tools?
AI is today already scanning the receipts at my workspace and it sucks because it is a hit and miss if it scans the sums correctly or not and I always have to double-check the sums that were correctly scanned and it's an 80% risk that it's not properly done.
You mean "Pump and Dump"
YouTube may win one battle but lose the arms race eventually because it becomes too expensive.
Those making adblockers do that as a means to preserve sanity, not many of them makes money from it.
I'd say 90% of the ad money is down the drain.
That's because they need to splice a different set of ads into each stream based on their "customer profiling".
Given that Microsoft are having their fingers the deepest into corporate information using Copilot.
The University of California Statistics Department; where mean is normal, and deviation standard.