ChatGPT creates mostly insecure code, but won't tell you unless you ask

Work in progress.

... we can "force" it to think about all known types of hacks before releasing any code It ain't there until it's there!

I'm on the free Github "copilot" trial now because I'm very interested in seeing what it can do, and actually I feel some excitement about a new, but as yet very imperfect, tool. Unfortunately the hype takes some of the joy out of it - but I discriminate between what's hype and what's the baby steps of a new and interesting tool/technology.

My biological wife asked me an intelligent question about copilot - "Is it like a mentor?". The answer is no, the opposite, currently the users are mentoring copilot. It makes a lot of guesses and occasionally shows flashes of idiot savant - generalizing from context to generate several lines of code correctly upon entering just a few characters. But far more often it is wrong, and interrupts flow of thinking. It once generated a working loop, but I didn't notice that it started from index 1 instead of 0, and ended up finally "seeing" it only after entering the debugger. When writing meaningful non-obvious (e.g. useful) comments it's generally not helpful, but rather distracting - but it's amusing how often it comes up with completions using the word "hack". (How did it know?)

Re: Am I missing something here?

That is the problem, these things are a long way from being intelligent, a lot of what they do is probability, not intelligence. It is good at stringing words together in a "coherrent" manner, but whether those words actually are acurate or just downright dangerous is pot luck.

These things need to understand the body of text they are looking at, before they can be "allowed" to summarise or provide answers to it. It can attempt to understand the question and it can pull together a plausible sounding answer, even though it doesn't actually understand what it is saying.

I did a test with Bing yesterday and asked it a question about financial limits, its answer was out by a factor of 10! 10 times the amount that would be legally allowed, which if I hadn't checked the referenced material (where the correct values were), would could have landed me in deep water with the authorities... Luckily I treat these things with sceptiscism, even normal search, unless I already know the answer & need a quick nudge to dig it up from the depths of my memory, I will still check 3 or 4 different sources before I will take the answer(s) as being correct. But a lot of people will just blindly use the answers given, without thinking.

This goes for using coding or other specialized bots as much as "general" or search bots.

Re: This is totally expected - it doesn't know what you're trying to do

I can see a place for AI doing code review, especially one that knows about vulnerabilities, and can point them out. But actually writing code? That smells like a recipe for disaster to me.

Re: This is totally expected - it doesn't know what you're trying to do

It doesn't even have any idea about what it should be doing even when there's a documented standard such as an RFC.

I asked it to produce Pascal code for generating UUIDs to see if it would reproduce the Free Pascal unit (I've noticed the unit's initialisation for a pseudo-random node for variant 1 value misses out on a minor detail which might have been a give-away).

After some wrangling to persuade it I wanted a variant 1 as well as a variant 4 it eventually produced code for, allegedly, both variants. I didn't try to follow what its supposed difference between the variants was but one thing was quite clear: there was no trace of the supposed variant 1 being in any way time based.

Re: This is totally expected - it doesn't know what you're trying to do

I asked it to show how to implememt B-tree locking in C++. It started well enough by describing the necessary steps, including using RAII to release the locks. Then it produced some code which didn't do that, and I told it so. It responded by saying sorry and produced some more code using RAII. However, this took no account of the locks required when splitting nodes, and I told it so. This resulted in another apology and some more code which would have resulted in deadly embraces, so I gave up. My conclusion is that it has no real insight into what it's doing, so can't be trusted to produce anything other than simple code.

Re: What a future

I assume in the future "programmer productivity" will be measured in KLOC/sprint or something. As opposed to today's infinitely more reasonable measure of... Hold on...

I have lost count of how many times I told various people around me that software engineers are not paid to write code. They are paid to think. Writing code is trivial effort in comparison.

An LLM can't help you think. Optimizing a trivial part of the overall effort is, to paraphrase Donald Knuth a bit, "the root of all evil".

Re: What a future

Except, the amount of time spent writing the code is fairly small, it is the amount of time spent checking and testing it that takes the majority of the time. And checking someone else's code is always tougher than checking your own code - although in the past, and ideally, we used to write and unit test our own code, then pass it off to a testing team to do their tests, based on the specification, not on the programmers assumptions and what they knew they had written.

But the long and short of it is that the definition of the system takes a lot of time, writing the actual code doesn't take much time, but testing and debugging takes up the majority of time on a typical project. If you are using an AI to write that initial code, you will not be saving much time, as the developers will need more time to understand the garbage that has been produced and debug and test it.

We've already been through the "we don't need testers, we can fob that off on the users" phase of cost cutting, to the detriment of software quality in many cases. Now, once again, the prospect of more savings light up managers' eyes, without them actually understanding that it will probably cost them more in the long run...

Re: What a future

> and the programmers that survive the head-count reductions will spend their time toiling in the depths, fixing the crap that will inevitably be produced.

Or they will charge 4x what they got before, otherwise the product is screwed.

Because here is the thing about head-count-reductions: What we are seeing now, is the result of recession, plus an overheated IT market in a world where interest basically didn't exist since 2008, and venture capital was easy to get.

What we will see in the next few years, is the biggest retirement wave humanity has ever seen. The Baby Boomers are retiring, and both of the following generations are small in comparison. Labor force availability is already a problem in many industries, including, for most companies, IT.

Re: What a future

It is all dependent on the rules it is programmed with at the start., Garbage in -> garbage out.

Given that pretty much everything we see that is supposed to be smart or capable of decision making is fundamentally flawed I see no reason why it is going to make anything better. The more likely outcome is it will make things worse but there will be no accountability.

Think all the self-driving crap.

Or from Intel's example code, with comments that it is example code, does no error checking and should never be used in production code... Yet programmers still used it, unmodified, in their device drivers for years... Until it all came tumbling down, when malware authors found out about it.

“down to the training data”

With current AI generations, as I understand it, the training data was frozen at about 3 years ago.

However, if future generations are continually learning, how ring-fenced will the training data be, and how easy would it be to deliberately introduce extra vulnerabilities into AI generated code by poisoning the training data by posting multiple copies of intentionally vulnerable code and associated keywords?

This is it. I've been using ChatGPT 4 to help me build a game in Unity and it still blows my mind how capable it is at understanding what I want, even when I'm one the one throwing word salads at it. For the unitiated, Quarterion and Euler logic is enough to break anyone's spirit and make them decide to just go and do something else, but with Chat GPT I've had precisely zero issues with any of the maths I've needed.

However, there still is barely a line of actual GPT-generated code that I've straight copy pasted into my project, as I always end up rewriting it more to my style, and in a way that I'll still be able to understand what it does when I look at it again in two weeks. I plod Java code for a living and absolutely would not trust Chat GPT to spin up a Spring application. But any facet of a Spring app that I'm crafting myself I now consider Chat GPT to be the single best starting point to go for advice when needed (maybe some colleagues aside), even if I often end up cross-referencing what it spits out in oficial docs or google.

All in all, I really don't see my job being at risk any time soon, but nonetheless Chat GPT is now a tool to be used just like a calculator or Stack Overflow is, and in the right hands, an extremely powerful one.

Re: Given that ChatGPT's code

The nice thing about stackoverflow, is that usually there's a comment pointing out if the code is insecure or plain bad, looks like GPT wasn't able to use it well...

Re: security problems can be circumvented simply by 'not feeding an invalid input'

One does not assume anything.

I checked (superficially) on their github and found none.

Ah, fond memories of yore, when I used to interview junior programmers who mentioned in their CVs that they could program in HTML3 and HTML4. The look in their shiny young faces when I asked to write a loop in HTML!

I'd love to see how they managed to implement that FTP program in only HTML. Those must be some magic angled brackets!

It will produce something that superficially looks like ARM assembler. But in reality is more like asking a small child to speak in a language they have heard, but have no actual knowledge of - some authentic sounds, but mostly gibberish.