this post was submitted on 15 Sep 2024
893 points (98.1% liked)
Technology
59148 readers
2533 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I appreciate the effort you put into the comment and your kind tone, but I'm not really interested in increasing LLM presence in my life.
I said what I said, and I experienced what I experienced. Providing me an example where it works is in no way a falsification of the core of my original comment: LLMs have no place generating code for secure applications apart from human review, because they don't have a mechanism to comprehend or proof their own work.
I'd also add that, depending on the language, the ways you can shoot yourself in the foot are very subtle (cf C++/C, which are popular languages for "secure" stuff).
It's already hard to not write buggy code, but I don't think you will detect them by just reviewing LLM code, because detecting issues during code review is much harder than when you're writing code.
Oh, and I assume it'll be tough to get an LLM to follow MISRA conventions.
Definitely. That's what I was trying to drive at, but you said it well.