C J SilverioHorrible elitist opinion: most programmers aren't very good, and we’ve just cranked their blast radii up ten times or so.
Mx. Aria Stewart@ceejbot Not wrong.
@ceejbot But also: _this is why we design processes and contexts to minimize harms_.
Unfortunately that means now _re_designing a bunch of them.
Glyph@aredridel @ceejbot fundamentally this _is_ the difference between a good programmer and a bad programmer.
a good programmer will think "I am not a good programmer. because of this, I will design for safety, because I will make mistakes."
a bad programmer thinks that they can try a little harder and be safe that way
Frederic Thevenet"Always has been", quite literally.
I went to one of those reputed to be wise [...] and when I considered him and conversed with him, men of Athens, I was affected something like this: it seemed to me that this man seemed to be wise, both to many other human beings and most of all to himself, but that he was not.[...]
For my part, as I went away, I reasoned with regard to myself: “I am wiser than this human being. For probably neither of us knows anything noble and good, but he supposes he knows something when he does not know, while I, just as I do not know, do not even suppose that I do. I am likely to be a little bit wiser than he in this very thing: that whatever I do not know, I do not even suppose I know.
An excerpt from Plato's Apology of Socrates, written over 2400 years ago.
@fred @glyph @aredridel wait wait wait Marc Andressen just assured me that we only invented introspection around 400 years ago; this can't be true…
(easy dunk is easy, yet satisfying)
Jan D@glyph @aredridel It’s so interesting to watch the differences in reactions among people to these tools, and the differences in *how* people adapt to their use. The amount of thought and creativity in the reaction is showing in the quality of the results. This is regardless of where the person is on the experience curve. (Though obvs people far along on the experience curve know *what* to push for more than do less-experienced people)
@ceejbot @aredridel personally I can’t really cosign that particular take, because there are a lot of people quite far along on the experience curve who are taking mind-bogglingly reckless risks and seemingly accumulating cognitive damage that makes them more comfortable with recklessness as their exposure increases. for example, witness the vigilance decay among even very experienced lawyers simply vibe-briefing their way to bar sanctions
@ceejbot @aredridel github and AWS accumulating historic levels of outages, etc. there is definitely some variance in individual performance at particular moments in time but the trend lines point in a very troubling direction.
John@glyph @ceejbot @aredridel Covid-induced cognitive impairment might also be a factor there. I wonder how many people are keenly grabbing onto AI assistance because it lets them feel 'productive' after getting Covid 'brain fog'?
@semanticist Some I'm sure but I really don't think that's the mode or anything near it.
(It actually does make lots of people more capable!)
dreid@glyph @aredridel @ceejbot I think a lot of people are working on the assumption that mistakes aren't as costly anymore.
You won't have to live with the consequences very long and you can just rewrite everything if the technical decisions you make end up being wrong.
This doesn't hold for genuine safety issues, like things affecting the privacy and security of your users, but industry was already caring about those things pretty reluctantly.
@dreid @aredridel @ceejbot I have the *subjective* impression that things were improving for a long time and in the last few years there has been a catastrophic regression to a previous decade's lack of concern, but it's hard to put any real numbers to that
@glyph @aredridel @ceejbot given the choice of being out competed by someone using AI and losing all your customers data because you used AI the choice if obvious.
There are provably no consequences for the latter.
You can calculate exactly how much a year of free credit monitoring for all your users will cost.
ShadSterling@ShadSterling @dreid @glyph @[email protected] they do. It’s worth one "trying to keep us from getting sued”. That's who it has value for.
@aredridel @dreid @glyph trying to, sure, but does it have enough value for the recipients to have that effect? I’ve started unsubscribing from some of them because I really don’t need a dozen alerts every time I make a student loan payment and my debt balance changes; the only value they have to me is the negative value of letting them pretend the breaches don’t matter, and that makes me more interested in suing, not less
@ShadSterling Yeah, dunno. It sure seems to. It changes it from "you didn't do anything" to "you didn’t do enough” which is a different ~~class action lawsuit~~ flood of arbitrations
@glyph @dreid @aredridel At some companies there's huge pressure from fairly ignorant/credulous leadership -- or worse, leadership with a financial incentive to promote use of tech that doesn't really work-- to pump out lines of code with these things. This has predictable outcomes.
Microsoft/GitHub has a history of doing this, but this time the bad tech speeds up the bad code production instead of getting in the way and slowing people down.
I don't know how to express online with its context collapse problem exactly how mixed my opinion is about all this. Writing software is changed forever AND using these tools has a real place in your workflow if you learn how AND it's a horrible mess because capitalism has its usual incentives.
@ceejbot @dreid @aredridel gathering my opinions about this is apparently a months-long project here so I will have to get back to putting that on the blog
@ceejbot @glyph @aredridel there is the assumption that they won't make bad code forever so we'll just use them to replace the bad code with better code later.
Also we can put the person who committed the bad code on a PIP while ignoring the organizational defects that prevented putting any safety procedures into place.
On paper there is lots of interesting stuff happening. But in practice I can't figure out a way to use it without enriching the worst fucking people.
Ita Ryan@aredridel @ceejbot The word 'we' is doing a lot of work there.
@aredridel @itaryan Yeah, same. It's a major concern I have in $dayjob.