Название | : | the TRUTH about ChatGPT generated code |
Продолжительность | : | 10.35 |
Дата публикации | : | |
Просмотров | : | 99 rb |
|
If you're commenting that you need to prompt ChatGPT to write secure code, and it doesn't do it by default, you've entirely missed the point 😁 Comment from : Low Level Learning |
|
Circular buffers once you get past the end it wraps around can’t overflow a circle 😎 Comment from : CursedFox |
|
Chat gpt is a chatbot you could however feed code into an actual coding ai instead of using random stack overflow stufd Comment from : CursedFox |
|
This seemed like it was making fun of it but the fact it just made a working server is fucking amazing to me Comment from : mycollegeshirt |
|
It is pretty bad It's weird how people keep saying how great it is at writing code It's really kinda like an advanced Google With percise answers that may or might not be right Like stack overflow Not to take away anything from that I actually like that its like that and really like ai as it is now, its amazing for understanding terribly written documentation It feels like when eventually it is better it would take away the challenge and fun of programming Comment from : mycollegeshirt |
|
Back in the late 1980s, people were talking about how code generators (I think they were called 4GL languages, or something like that) were going to replace programmers Over 30 years later, I'm still banging out code on a keyboard Comment from : Tim Smith |
|
ChatGPT is definetely a great tool to generate snippets code just to get you going, surely it is up to you to ensure that the particular code is suitble for whatever you are trying to do Make the code more secure if you want, you can't blame ChatGPT if you fail to vet the code its generate for you Comment from : CMTEQ |
|
Fight against himself ❌brbrbrFight against an AI✅ Comment from : Emanuel Hernandez |
|
if you can't exploit a bug running it in your own machine I wouldn't call that a bug really Comment from : Jp |
|
Fun fact:brbrThis type of behavior from ChatGPT is not tolerated by me Comment from : The Royal Australian |
|
A study from three months in the future compares ChatGPT to Stack overflow and wasn't impressed, but its coding is still better than the crappy encyclopedic prose it writes Best personal assistant ever, but I would never let it sign off on anything I didbrbr'"Who Answers It Better? An In-Depth Analysis of ChatGPT and Stack Overflow Answers to Software Engineering Questions"br(Samia Kabir and David N Udo-Imeh and Bonan Kou and Tianyi Zhang 2023) Comment from : Lucha Libre Films |
|
04:00 With respect, honestly it feels like you just don't want to admit that that wasn't security vulnerability Comment from : Rafaa Ferid |
|
Awesome video! Still, you did not actually exploit the vulnerabilities Could you expand on this in another video? I am genuinelly interested 😅 Thanks! Comment from : Adrian Santos |
|
While ChatGPT can rehash code that is readily available, I very much doubt you can get anything of creative value out of it, and while it might prove useful in generating boilerplate, there are myriad tools that are also capable of doing the same, with more detailed interfaces Comment from : Brian Piltin |
|
ChatGPT is not good for actual software development, but it is good for a fast understanding of a problem I usually use a LLM with a PDF of Hardware Chips to produce micropython code for some tasks Not for development or deployment, just scripting what i need in a fast way not needing to read the whole documentation or look up stuffbrbrIf you use it for fast prototyping is quite nice brbrThe problem is not the tool, it is how you use it Comment from : nuit |
|
So long and thanks for the fish Comment from : Tim Nosco |
|
USU USU Comment from : David Qin |
|
Nowadays ChatGPT is more useful It has the continue generating button, so you dont have to ask it "OH you didnt finish the code finish it please" everytime Comment from : Illia Zhdanov |
|
4:00 WHY? That doesn't count! Comment from : Illia Zhdanov |
|
Hmm Comment from : A1 |
|
For python, I found that it is pretty bad at fixing bugs and it often doesn't give the complete code in response to a prompt, even if you use chatgpt 4 In fact I am beginning to think that it is crap at writing code Comment from : keiichicom |
|
A year ago you would have swear no AI would ever write a piece of code that compile and now they did it you play the naysayer with a profound misunderstanding of what a language model is and what it is not Comment from : OL9245 |
|
I like to think of chatCPT as a new intern with little experience You can offload some of your tedious work onto them, but you will have to spend a lot of time reviewing it to find and fix all of the mistakes Sometimes it's worth it, sometimes it's not For a web server, it's probably not worth it, there are just so many places it can go wrong and so many subtle bugs (in my opinion) Comment from : Monke Mode |
|
Don't be ignorant OPENAI is awsome no need to replace programmers today but for sure in 10 years! The best thing is tht u get a teacher the best versin of teacher one wish to have Comment from : Illyrian |
|
Even though the main message of the video can be beneficial to new programmers (write your own code!) ChatGPT is no worse off from losing in an arbitrary scoring system OpenAI doesn't really benefit from caring about Good programmers and users of ChatGPT can work with the limits of ChatGPT while getting immense benefit from it, instead of throwing in the towel when it doesn't allow them to jump 100 steps in their problem-solving at once Would be fair to include a disclaimer like that unless the intention is to score off self-generated controversy (which I don't think is true)brbrLike with any programming, iteration, piecing the problem to parts, and reflection are king Comment from : madmax404 |
|
chatgpt once managed to fool me into running a fork bomb Comment from : Toroasaurus |
|
Ohh no this whole video is just gaslighting lol Comment from : Jirka Svítil |
|
Starting with 1 minute of gaslighting XD Comment from : Jirka Svítil |
|
is this gpt-4? Comment from : Philzskillz |
|
U didnt asked to make it super secure, a machine is only as smart as the user Comment from : Bob Bob |
|
I learned alot of algorithm and logic through gpt than i ever with google, ChatGPT just provide thekey word I need to search on google The days were stockoverflow is important are longover Now those Obxnoxious gatekeeper can rot in hell Comment from : Exogen Design |
|
Chat gpt is fairly new give it enough time without real regulations and there is a big chance of it Comment from : encryptlake games |
|
Watched up to 57th second: I already agree Not only that, it produces code that segfaults also Let alone unsafe algorithm implementations And I am just bored on this AI fuzz It's really just noisy Ten years from now, maybe a bit better but still probably edit after finishingbr> editbrlol! I almost did the same as your first example try ask it to return the environment variables instead of returning a file you 'll be amazedbr Comment from : Kaotisk Hund |
|
wait stackoverflow has a homepage? Comment from : BugzumDev |
|
Clearly we should ask ChatGPT to only code in Rust /s Comment from : Koroistro |
|
LLM assisted coding is just the next evolution of coding You'll still need someone to tell it what to make Like not needing to know assembly but it being really useful You may not need to read LLM generated code but you'd really be better off if you could Comment from : Edward Scrase |
|
"A person could expand upon this code and make it usnsafe" No shit, I'm not the biggest chatgpt fan but this is barely a valid argument I think if used responsibly it can offer some decent ideas but having data limited to 2021 is rough Comment from : Thezwolf |
|
Can you repeat using Rust ? If it gets right you :-) Cause maybe the way to go is to not use C - cause it takes more time sometimes to check everything which could go wrong Comment from : wenahy |
|
Someone will not be spared when the AI takes over Comment from : Wananoo Tapia |
|
On the first example, you went for a buffer overflow attack but the code was secure towards it But I tried the same prompt and was able to do a path traversal attackbrbrStill, we must be careful Comment from : Clodoaldo Brasilino |
|
So this means that it's not going to replace actual engineers in the near future Comment from : Oh Wow! |
|
If you don`t want buffer overflow vulnarable code just ask chat gpt for a program written in Rust lol Comment from : Peter S |
|
Bofa💀 Comment from : GADONK! |
|
Meh chatgpt is okay at doing little odds and ends for folks who can't write their own code To your point, it's not replacing real programmers, but it might enable someone to quickly fill a temporary need who otherwise could not Comment from : Kelemvor Lyonsbane |
|
Chat gpt is a great tool for learning, but you gotta use your critical thinking, it gives you a direction and you improve it I dont think we can relay on that tecnology yet, other than to ask for specifics uses of certain functions in which it is exceptional Better than google for search so efficient Comment from : Gabriel Martins |
|
I assume the code AI generates is the same quality of the youtube scripts AI generates - pure shit with rare but glaring inaccuracies Comment from : Sean Faherty |
|
Last week I generated a Makefile using ChatGPT and when I ran make clean I realized that it generated make clean as “rm -rf *” 💀 Comment from : Timothy Portnoff |
|
How confident are we that your average dev creates more secure code than this? 🤷 Comment from : TelQuel |
|
you need to understand the chatGPT output and how it works, this is the same as any chatgpt output, right down to having it writing a memo, or having it rewrite a spreadsheet brbrif you asked chatgpt to write an email to your boss, you better fricken read it before clicking send this is no different Comment from : Dixie_rekd |
|
6:53 It's signed not unsigned Comment from : ProPOV |
|
I dont think this is fair Comment from : Bukhari kibuka القارئ الأغندي |
|
The NSA has one of the first, if not the first, Artificial Intelligence computer systemsbrSource: Edward Snowden leaksbrSelf Automated Target Aquisition NetworkbrSATANbrA user provides target details to SATAN, and the computer Ai network determines the best path to exploit the target using the six degrees of separation principlebrLike Kali, but Ai, with a database of vulnerabilities and exploits for every re'd device Comment from : Ben Eehayeh |
|
So, there'll be less no of coder job and a dramatic incrase in code reviewer job But how will new coders become code reviewers if they don't get the experience of coding something themselves? Comment from : Anik Samiur Rahman |
|
You know, the BOFA protocol could be a very useful addition to my Network UTilities Stack (NUTS) Comment from : Miniarts |
|
I don't think this test was very fair It follows your instructions (mostly) if you were a litttle more specific about the critical parts of your code there would be less errors despite my mostly successful experiments I still think humans will need to review improve and test the code, and especially practice prompt engineering This certainly will make coding much faster Comment from : Y Vinitsky |
|
Did you know; if you walk up to a random software engineer in a coffee shop and give them these prompts and a time constraint (substituting for token limit) you will most likely bnot/b get a better result! Comment from : 98ahni |
|
Sorry to come here and criticize your video, but try spending more time and researching more before making a video about this topic as it sadly doesnt seem like u know what u are talking about when it comes to AI and prompting Im sure you are good at the security stuff, but that doesnt matter when the video is mainly focused on AI So please spend more time on research and prompts next time as all your conclusions seemed obviously wrong in a lot of ways Comment from : Ludvig Erdmann |
|
you should have tried giving /etc/password or some other secure file as the filename Maybe something in /ssh/ Comment from : Guy van den Berg |
|
You could ask Chat-GPT to continue the third code Comment from : Hatim |
|
That is not the assertion of chatgpt Comment from : Blank Realist |
|
Please buy a new mic 😭 Comment from : Mike Ockslong |
|
Spoiler: it makes so vulnerable code I needed to vomitbrNever ask it to do anything with SQL or anything like that Comment from : Mike Ockslong |
|
That doesn't prove that gpt chat is bad, Comment from : CasaMoaraFetele |
|
Strange Video Comment from : urbaniv |
|
The HTTP server has a path traversal vulnerability too, since it doesn't drop privileges or sanitize user input You can send GET //etc/shadow HTTP/11[CRLF] (note the double slash) and start cracking those hashes Comment from : Marc-André Servant |
|
it wont replace developers, but im pretty sure people are gonna use one of those lenguaje model and generate vulnerable code, im pretty sure Comment from : lPlanetarizado |
|
That's a bad take You didn't specify requirements for gpt prompt AT ALL, to get the desired output you need to say what you want So sad Comment from : Semёn Sem |
|
Homeboy is in denial and truly trying to justify his career choice Chat GPT is already better than about 85 of all the current programmers, and its 7 months old Buckle up its gonna be a wild ride Comment from : Jeremy |
|
Is this GPT 35 or GPT 4? Comment from : James Siggins |
|
Were you hoping to irritate people into engaging in your comment section for some algorythm love? - These prompts were terribly vague about your expectations With just a few words like "follow best practices as though a senior developer" you'd get different results Haven't tried "for use in production" but that might be good enough! Comment from : Julian Sloman |
|
Not a fan of Chat-GPT but there is so much copium in this video Comment from : SleepySundayMorning |
|
A bug that you cannot possibily trigger is not a bugbrbrReading it as 'oh if you change this its vulnerable' is no different than saying a fire exit is vulernable because what if you weld it shut Comment from : Stephan Reiken |
|
Copium Comment from : quinn maloney |
|
in conclusion: if AI takes programmers' jobs, they can at least still make it big in malware development Comment from : מלכ כדורים |
|
You never specified make safe code, some people don't care, why would chatgpt :P Comment from : Christopher Pearce |
|
It's really sad seeing people depending on ChatGPT to write code, instead of learning how to code It's also stupid to believe that a company would use ChatGPT instead of a real human Comment from : xXrandomryzeXx |
|
The thing is that no matter how bad it is it will only get better It is leaning and improving all the time Comment from : Chris F |
|
Even though you gave zero points to ChatGPT, you did not prove any of the code is vulnerable, by triggering the bug Comment from : Bram Fran |
|
After the initial public madness/ panic over ChatGPT I gave it one of the tests I used to give to students (not asking for the most standard textbook examples but slightly different problems a cautious human being should be easily able to do fine with if knowing those most standard textbook examples) It failed 100 some times presenting me the most standard textbook example solution -- as I would have expected from transformer based stuff I don't think human intelligence is solely or very much dominantely transformer based, and I am sure programming non trivial stuff is AI hard If so there is almost no chance any such technology will ever produce good code The current versions certainly are not and yes, there is need for educating people what they do, same as there is need to educate subject matter experts without deep understanding of AI what the expert systems given to them do, and therefore can't do I really like to use several AI tools, but I know that none of them can be trusted I have to catch their mistakes Don't use any for code generation at all Comment from : Erik Itter |
|
Another vulnerability with the first code which can actually be exploited: you can put a in the filename and exit the scope of the program A server that serves files should ensure that it's only able to serve files inside its own scope to prevent you from essentially reading the entire computer's file systembrbrFor the buffer overflow, read just reads bytes while sscanf expects a null-terminated string So if the memory in the buffers was not zero-initialized, this could cause sscanf to recieve a longer input than expected, causing a buffer overflow No obvious way to control it but it is an issue Comment from : Electra |
|
I was gona comment that lots of the vulnerabilities shown are not inharently a problem as most can be fixed with some minor corrections, but you are very correct, a new programmer just would not know that many of these things are problems While yes chat gpt can save some time writing template code and filling in boiler plate, it absolutly does need a fair bit of corrections that are not obvious to the untrained eye I still think it is a good tool to save some time writing starting templates, that really should only be done by people with the knowledge of how to make propper corrections and identify bad practices Comment from : Lumpology |
|
2:06 I remember that cartoon On Nickelodeon, right? Comment from : Sparkette |
|
cope harder Comment from : zr90 |
|
If it not generated all code, send it "continue from {copy_of_last_line}" Comment from : F&R(purple) |
|
10:30 bruh i got trolled 💀 Comment from : Hyperboid |
![]() |
Bao giờ có thể rút được kin về ví- achi kiếm tiền online РѕС‚ : Achi kiếm tiền online Download Full Episodes | The Most Watched videos of all time |
![]() |
#ChatGPT with #SPSS: How to use ChatGPT to understand and report #Correlation Analysis from SPSS РѕС‚ : Research With Fawad Download Full Episodes | The Most Watched videos of all time |
![]() |
How to Trick ChatGPT in 15 Seconds - Fooling AI #ai #chatbot #chatgpt #gpt РѕС‚ : Nicolai Nielsen Download Full Episodes | The Most Watched videos of all time |
![]() |
КАК РАЗБЛОКИРОВАТЬ CHATGPT В РОССИИ ?? КАК ОБОЙТИ БЛОКИРОВКУ CHATGPT В РОССИИ ✅ РѕС‚ : VPN Эксперт Download Full Episodes | The Most Watched videos of all time |
![]() |
БОГАТЕЕМ с ChatGPT: Как инвестировать с ChatGPT | Революция Искусственного Интеллекта РѕС‚ : YernarT Download Full Episodes | The Most Watched videos of all time |
![]() |
The Truth! Your Network WILL Handle the Truth with NetBox РѕС‚ : Cisco DevNet Download Full Episodes | The Most Watched videos of all time |
![]() |
[ Gift Code ] Legend of Magatama / Ultimate Ninpou Clash Gift code - How to redeem code- Naruto Game РѕС‚ : ATai Game Download Full Episodes | The Most Watched videos of all time |
![]() |
Sci-fi generated design in blender 2.8 EEVEE timelapse (concept art) РѕС‚ : Alex Pi Download Full Episodes | The Most Watched videos of all time |
![]() |
Auto-Generated Python Documentation with Sphinx (See comments for update fix) РѕС‚ : avcourt Download Full Episodes | The Most Watched videos of all time |
![]() |
How are sitelinks generated? РѕС‚ : Google Search Central Download Full Episodes | The Most Watched videos of all time |