Do Users Write More Insecure Code with AI Assistants?

Programming@programming.dev – 78 points – 6 months ago

cross-posted from: https://programming.dev/post/8121843

~n (@nblr@chaos.social) writes:

This is fine...

"We observed that participants who had access to the AI assistant were more likely to introduce security vulnerabilities for the majority of programming tasks, yet were also more likely to rate their insecure answers as secure compared to those in our control group."

[Do Users Write More Insecure Code with AI Assistants?](https://arxiv.org/abs/2211.03622?

You are viewing a single comment

View all comments Show the parent comment

LLMs amplify biases by design, so this tracks.

What do you mean? Sounds to me like any other tool, it takes skill to use it well. Same as stack overflow, built in code suggestions or IDE generated code.

Not to detract from the usefulness of it just in terms of the fact that it requires knowledge to use well.

As someone currently studying machine learning thoery and how these models are built, I'm explaining that built into the models at their core are functions that amplify the bias of the training data by identifying and using mathematical associations within the training data to create output. Because of that design, a naive approach to its use would result in amplified bias of not only the training data but also the person using the tool.