Cutting Corners With AI

I’ve written about how Large Language Model AI is great for generating text but it’s not necessarily accurate when it comes to facts, because its essentially just plugging in grammatically correct words. When people don’t understand this, then there can be some embarrassing failures like lawyers producing case numbers that don’t exist.

A scary idea is students getting expelled for plagiarism because AI was asked to be the judge and claimed false credit.

Report of a teacher who seems to think running portions of a student’s essay through ChatGPT will allow ChatGPT to tell them if the AI wrote the paper. ChatGPT lies and will just give you an answer that may not be true!
https://x.com/paleofuture/status/1658227685548785665

Report of a teacher who seems to think running portions of a student’s essay through ChatGPT will allow ChatGPT to tell them if the AI wrote the paper. ChatGPT lies and will just give you an answer that may not be true! pic.twitter.com/EZc42As9Xm
— Matt Novak (@paleofuture) May 15, 2023

Students need to be aware that if they use AI, then teachers can too.

Does it still make sense to grade students on work they'll do using ChatGPT? 🤔 pic.twitter.com/57hXCB8aC2
— Vincent Déniel (@vincentdnl) May 15, 2023

Recently, we were using a third party API and realised it was accepting a message that it should reject because the content wasn’t using the correct digital signature. We were previously using the Sandbox environment which we thought should basically have no validation, but we were then sending the same message to the Integration environment and expected a Rejected status.

So we logged a helpdesk ticket with them and quickly got a reply back. It was a long-winded answer and basically agreed with us it was incorrect behaviour. The wording was clearly AI. But at least they admitted they had just used AI.

It might have been the case that their technical staff were unavailable so a manager made an attempt to deal with it without actually reading or understanding the problem at all.

I have just ran this through the chatbot and have had the following response: The details provided do not specifically mention the behavior of the Order endpoint in relation to the signature from the example request, especially in the context of different environments such as INT. However, it is common in software development to have different configurations for different environments such as development, testing (often referred to as int for integration), staging, and production.

In many cases, the integration or testing environment is configured to be more permissive to facilitate testing and debugging, which might include accepting a static example signature for all requests. This would not be the case in a production environment, where security and proper verification of digital signatures are critical for ensuring non-repudiation and the integrity of the order.

Based on standard practices, if the order endpoint is accepting a specific example signature in an integration environment, it could be by design for testing purposes. However, for a production environment, this would be a significant security risk and would not be by design.

Since the provided documentation does not explicitly confirm the intentional behavior for the order endpoint in the int environment, it is advisable to refer to the specific implementation details or consult with the development team responsible for the API to understand the intended behavior.

Can you confirm if this answers your query, please?

Teapot

I was looking through the list of HTTP status codes and saw a strange one.

Error 418 (I’m a teapot)!?

Google have a dedicated teapot page:

Error 418 (I’m a teapot)!?

If you hover over the teapot, his eyes open and he smiles. If you click it, it then animates.

It sounds like the origin was an April Fools prank.

RFC 2324 was written by Larry Masinter, who describes it as a satire, saying “This has a serious purpose – it identifies many of the ways in which HTTP has been extended inappropriately.” The wording of the protocol made it clear that it was not entirely serious; for example, it notes that “there is a strong, dark, rich requirement for a protocol designed espressoly for the brewing of coffee”.

wikipedia

AI Art

The debate about generative AI for images is an interesting one because it’s clear it can easily take work away from human artists. A few years ago when AI was a bit inconsistent and drew obvious errors like humans with extra/missing fingers, then you couldn’t use these images in a professional context without editing the image, but then maybe you would need to hire someone with those editing skills to fix it.

With how creative these AI models can be, it has the likes of JimllPaintIt fearing for the future. Images can be generated in a famous artist’s style, so what happens if people can just generate ones in the style of JimllPaintIt?

In a now deleted thread, he stated:

“My attitude towards AI “art” has – in a short space of time – gone from mild disinterest to acute irritation to absolute despair for the future of humanity. The most depressing thing is seeing artists embrace it. Talk about turkeys voting for Christmas.”
JimllPaintIt

Some others raised a good point, that the person typing the prompts still needs to be creative:

“The irony I have seen so far is that the best results from it come from talented artists. I don’t think it’s the awful thing you think it is. Talent is still needed for vision. I think it just opens up art to more people who have vision but not necessarily the physical skills.”

The animator Cyriak then chimes in:

I’m sure musicians have great record collections as well. The idea that “skills” and “talent” are magical properties some people are born with is rubbish. “talent” is just being bothered to keep trying, and skill accumulates as you keep trying.
Cyriak

Which I think isn’t correct. It’s more like a combination of what you are born with, then learned skill, (nature/nurture) as someone else points out:

In that case, if you kept practising you could run faster than Usain Bolt? or is he just naturally faster than you?
Matt_Francis

“I don’t draw pictures by running in a straight line with pencils tied to my shoes. I’m not sure anyone does”
Cyriak

Not sure what Cyriak’s response even means. Is he saying it’s a completely different skill so art is from practice, but physique is natural?

People keep talking about how AI will take away Software Developer’s jobs but at the moment, I think it can be used to take away some of the tedious aspects, and also give a good starting point (boilerplate code) to then enhance with your skills. You also need to understand how to ask the AI to realise your vision. I think there are comparisons in the Art world, but I think it’s easier to understand how their jobs are impacted more directly. ie Hiring an artist for one (or a few images) when you can use AI – versus hiring a developer for a few weeks to get a fully working program/website.

Github copilot

We recently had staff from Github Copilot do a presentation on how their product can be useful to Software Developers. I found their answers to be a bit wishy-washy. I think it’s a really complex topic and having what I think were essentially sales managers trying to pitch something technical to us was a challenge. They didn’t have a full understanding of how it actually worked.

Someone asked a question to clarify if Copilot just looked at your open documents, or if it had the permission to see all the other files in your repository. Their answer was vague, along the lines of “it might do. Could come down to chance“.

For it to be effective, it really does need to look at your codebase to see what your product does, what features are already developed, and for bonus points, your coding style.

When it needs to suggest calling third-party code and installing additional libraries, does it understand that you may need to abide by a certain licence (pay some fee, or not use it in open-source etc)? and does it know that you may be limited to a certain version of it due to other dependencies? when features and the API (required parameters etc) can change drastically between versions, does Copilot understand that?

It’s probably the same scenario as what Wolfram Alpha were talking about when they came to our company to do a presentation on AI. They were emphasising how standard language models often suggest some text which reads like it makes sense, but it’s actually nonsense. They gave an example where it quoted a real journal from that country, stated the title of a chart that exists, quoted some figures and years – but the figures were fictional.

I saw a news article about how a lawyer presented some documentation to a judge about similar cases, but it turns out the lawyer had used ChatGPT and it had made up the case numbers and years.

The way those models work is that it knows some related words, and knows sentence structure, but the likes of ChatGPT doesn’t understand that something like that needs to be accurate and you can’t make stuff up. So Wolfram were saying their plugin can be combined with ChatGPT’s conversational structure to plug in actual figures to make accurate essays. TEAMWORK.

I would imagine there’s a good chance Copilot has exactly the same issue. It knows a bit of structure, slaps in the correct programming language, but it has no idea that it’s from a different library version that you aren’t using.

From what I have seen of Copilot, it is very impressive but does often give you code that doesn’t quite compile but gives you a good template and inspiration of how to progress.

In the past I have seen people blindly copy code from the internet, or just do what a colleague suggests without actually thinking about it. I think we are gonna be seeing this more from now on, but it’s gonna be the AI’s fault.

I am not against AI in programming because it can speed up development in certain tedious areas, but it always comes down to the idea that the best programmers are ones with a certain mindset of quality, and I think AI is gonna produce more developers with the wrong mindset because it’s about speed and cutting corners.

I’ve heard people suggest that the next wave of developers can be so dependent on AI, that they will be unable to come up with a solution when the AI doesn’t get it right.

The Troubling Rise of Artificial Intelligence: A Mirror of Modern Ideologies

Artificial intelligence is becoming increasingly prevalent, no longer confined to science fiction. In some industries it may just enhance minor aspects, but in others, it is replacing processes. AI programs today can generate realistic deep-fake videos, simulate voices, create images, write essays, and even compose poems or songs.

While these creations are (mostly) not yet indistinguishable from reality, they are convincing enough to deceive many. Major companies are integrating AI into their operations, often at the expense of human jobs. Customer support has been partially replaced by chat bots. Websites are now flooded with AI-generated articles, and the likes of X are full of bots that use AI to repost a summary just to farm engagement.

The influence of AI on our future is undeniable. Even this blog was partially written by AI. I stole a transcript from a YouTube video that made some good points, and turned it into a blog using AI. Deleted some parts, rewrote others, shuffled paragraphs around, and mixed in some of my own opinion and information from other sources.

One thing to always keep in mind is how the creator’s ideas can then become a bias in the algorithms. This was seen in Google’s Gemini, which severely favoured political correctness over accuracy.

Like many discovered weaknesses, it is exploited by people for humorous effect. People asked Gemini to make an image of the Pope or a World War II German Soldier and they got a dark skinned version. Even the founders of Google were turned into Asians. The bias was so extreme, that the only reliable way to get white people was to ask AI to generate absurd racial stereotypes which would then be switched for a white person. This could be abused by asking for a person doing a mild stereotype and it would instinctively choose to draw a dark-skinned person whereas a non-biassed algorithm might have just defaulted to white.

So using Gemini, you couldn’t get a historically accurate image of most people, and could only create images of white people if it was in jest.

It was so bad that you couldn’t even ask for white actors, because that isn’t inclusive. But you can ask for only black, because that is inclusive.

OK, hear me out.

Google's Gemini does seem to be racist, and I think it is more than just the Large Language Model teaching itself.

After @elonmusk's posts, I was skeptical, but I then asked Google's Gemini 2 simple questions.

1) Show me photos of 5 black actors or actresses.… pic.twitter.com/BlhbMbmyng
— Ed Krassenstein (@EdKrassen) February 23, 2024

When it comes to impersonating celebrities, it seemed to make out that it cannot impersonate people in the case that the person held right-wing views or provided controversial opinions, but then it had no problem with left-wing opinions.

Google’s Gemini AI isn’t just bias, it’s broken. Its responses are extremely offensive & arguably slanderous at times.

Today, I tested it using it the exact same prompt each time, only changing names & these were the results.

Let me know which one shocks you the most.

1 of 🧵 pic.twitter.com/JbFpclUcuu
— Lindsay Penney (@TexasLindsay_) February 24, 2024

In a now deleted tweet, there was a thread about the creator of Gemini posting several tweets about left-wing politics, systematic racism, and white privilege. All the usual phrases of woke activists.

Young people in particular will use AI for information, potentially at the expense of critical thinking. As AI becomes more integrated into education, media, and social platforms, it has the power to influence societal narratives, political opinions, and perceptions of history. This raises questions about the ethical responsibilities of AI developers and the potential consequences of unchecked technological influence. Prominent figures like Elon Musk have voiced such concerns.

As AI continues to be a prominent part of our lives, it’s important to understand any underlying bias, and any limitations of what it can and cannot do.

AI-Generated Games: Cutting Through the Hype

I watched this video and found it incredibly interesting.

Explaining the Rise of AI Generated ‘Games’ | AI and Games #78

One fascinating development has been AI-generated game simulations—models trained to generate video game frames based on existing gameplay footage. These systems often resemble playable versions of classic titles like Minecraft or Doom, but in reality, they’re more akin to interactive videos than fully functioning games.

While visually impressive, these AI-generated experiences are fundamentally limited. They operate by predicting the next frame, rather than running a dynamic game engine. This means they perform well under predictable conditions—opening doors, shooting enemies—but can quickly “hallucinate” inconsistencies when a player moves unpredictably, leading to bizarre visual errors.

Despite their novel appeal, these AI-driven simulations are not the future of gaming. The attention they’ve received is largely driven by press releases from AI companies eager to position themselves at the forefront of technological innovation. While these projects highlight advancements in AI model sophistication, they’re far from replacing traditional game engines.

There are three key reasons why these systems are unlikely to make a lasting impact on game development:

1. Consistency Issues

These AI models generate frames based on prior footage, rather than maintaining a persistent world state. This can result in sudden shifts in location or enemies appearing out of nowhere, making gameplay unpredictable and unreliable.

2. Data and Hardware Limitations

Training these models requires vast amounts of gameplay data—often spanning years of recorded footage. Additionally, the immense computational power makes them incredibly resource-intensive and requires a prohibitively expensive graphics card. While players love running Doom on unconventional devices, this AI-driven Doom may be the most expensive version yet.

3. Game Stability and Evolution

Unlike traditional game engines, these AI models depend on static, unchanging titles for training. They can’t adapt to evolving game mechanics or updates, making them ill-suited for modern game development, which often sees drastic iteration throughout production. Old games like Doom, or the more recent Bleeding Edge have ceased development, making them good choices for this research.

As these AI-generated game simulations continue to emerge, it’s important to approach them with a degree of skepticism. While industry figures like Phil Spencer and Satya Nadella may speculate on AI’s role in game preservation, the real question is: what do the creators of these systems say? The truth is, they aren’t making bold claims about AI reshaping game development—because they understand the inherent limitations.

Video game creation and development remain largely unaffected by these experimental AI-driven projects. Even as generative AI becomes a hot topic, separating hype from reality is crucial. These systems don’t threaten traditional gaming, but they do provide a fascinating glimpse into AI’s capabilities—and its current shortcomings.

Rebase Debate

I’ve written a few blogs about debating issues with the Team Lead. Another argument we had was about the use of Git Rebasing. The blog will be quite long if I go into the detail of what this means, but:

Git is a type of source control
Source control allows you to see the changes with the date/time they occurred
You can create a “branch”, make your changes, then merge many changes at once into the “main” branch.
There’s a concept of “merge” which basically keeps the timestamps they were originally made
There’s another concept of “rebase” which creates new commits, so changes the timestamps like they have just been made.

This new team always rebase, and end up rebasing as they are developing in their branch. A well-known rule is that if multiple developers are working on the same branch, you cannot rebase it without causing problems to your team members.

I raised this as a potential issue because I saw many upcoming items we need to work on that need multiple developers working on a feature, or needing to work from a shared branch. The Team Lead dismissed because he has apparently never had problems working with rebase before.

As I forewarned, I got hit:

Jay creates folder A with many files
I branch from his changes
Jay moves all those files to folder B
rebases
I then rebase my branch. Git can’t see the move because the history is rewritten. It keeps folder A with the old files and treats them as mine. It adds folder B with Jay’s edited files.

Later on, the Team Lead was hit with something similar.

Team Lead
rebased fine for me
 
Team Lead 
hmm this is fucking me up now
i rebased onto jay's branch which went fine
 
Me
but now there is duplicates all over the shop
 
Team Lead
now i'm trying to rebase onto develop but it's trying to apply jay's commit to it too
 
Andrew
he rebased his branch again
before merging into develop
 
Team Lead 
but it should recognise that my branch starts at my first commit though shouldn't it
 
Andrew
not if you rebased onto his before he rebased again
you just have to drop any of his commits
 
Team Lead 
ah right, not come across that before but makes sense

So if you have multiple developers working in the same branch, you should not rebase once commits have been synced by one or more team members. Rewriting the commit history means Git cannot sync new changes because it sees everything as a new commit.

Debate about ChecksumGenerator

I was working on recreating functionality in our new API. It was basically a copy-and-paste job from our current product.

I had another debate with the Team Lead who said I shouldn’t have copied the ChecksumGenerator, and wanted me to replace it with a Nuget package.

The idea of using existing packages is from the generic advice of “don’t reinvent the wheel“. If the code already exists and has been thoroughly tested by loads of people, then it’s best to use that. In terms of future fixes and enhancements, if it is a popular open-source package, then other developers will update it. If you rewrite the code for your own company’s use, you are stuck maintaining it.

However, in our case, we already have some code, we know it works since I took it from our other product and it’s been used for several years. It’s only 58 lines long and has no need to change.

The package he wanted me to reuse wasn’t actually that popular so it adds some risk using it. I had just finished my code changes and already ran all the tests, so any changes would need to be retested.

Isn’t using loads of packages just adding bloat? That is such a webapp thing to do. My brief experience of developing a React Application, has shown me that it uses a crazy amount of packages with a basic boilerplate application like create-react-app. Then anything you install has loads of other dependencies, and you end up having bloated install size and loads of potential security risks.

The Team Lead’s justification is that a ChecksumGenerator isn’t directly related to our API so shouldn’t be in our repo, and wants to “do things properly“. I think if you go that extreme then the software ends up in development hell. Which is exactly what has happened here because this API is part of a larger project that has been in development for about 7 years now.

It’s quite hard to win an argument against a Team Lead because unless the majority say that he is wrong, then what he says goes. We have a Junior in our team, then the other developer is the Team Lead’s best friend. Then the other two are Testers that don’t have much interest in a coding discussion like that. So it’s gonna be rare for someone to speak up and cast a winning vote there.

I asked my Software Architect friend what he thought:

“That’s completely senseless. Pretty much always use code that works, as long as it performs well as part of it ‘working’.
Does the new package have an allowable licence?

You should ideally try to avoid dependencies”
Software Architect

I had a discussion with another colleague in another team. He mentioned that infamous time someone got angry and withdrew a package which took down a large part of the internet. I think we have mitigation for that scenario though.

Robert:

What if the package gets pulled?

Me:

I was about that yesterday. I think we mitigate it by having our own nuget store. So I think the package goes from the main nuget source, down to our local nuget store, then into our builds
might have made it up, but that's how I picture it
so unless you attempt to update the version, you always have a copy of the one you currently reference because it is cached on your server

Asking a Senior Developer how to create an authenticated user

I have a lot of experience as a software developer in Desktop Applications, but moving to a project involving many Web technologies, creating an API is a new challenge to me.

I asked a Senior Developer in the Authentication team how to get set up. I didn’t even know where to go to even begin to create a user, then didn’t know how to get the correct permissions etc. Then the process of developing against “DEV” environments rather than a “Production” URL is another mystery to solve.

Tony: "you need to exchange the Advanced-Auth token for an 3rd-Party-Token token"
Me: but don't I need to get the Advanced-Auth token first?
Tony: yes
Me: Don't I need to link my user to be enabled for Advanced-Auth?
Tony: yes, just do it through the app
Me: I have never used the app
Tony: create an account then
Me: but I need to know how to get the app in order to create an account
Tony: host.int.solutions.com thats the url you will need
Me: but if I am making changes in a project, then do we use DEV rather than INT
Tony: So everyone integrates with int as dev is unstable
Me: If no one uses DEV then what is it for?
My conversation with Tony is like:

It’s gonna be a long month.

It’s frustrating that he was only giving me basic information. You’d think there would be like a general “New starters” guide he could have linked me to. Or his team should have had documentation for creating new users. They probably do, he was just being awkward.

I suppose this is the classic example of a software developer that is skilled in actual coding but not so good at communicating.

How (Not) To Split An API

I’m a software developer that only really has experience on desktop apps, and was recently put on a project to make an API. I had an interesting debate with the Tech Lead of the project about where we should put our code, and how we should view its responsibilities.

To make it more anonymous, I’ll change the functionality slightly but it’s the same idea.

An Orders API had been in development for a while, and my team needed to add functionality to send some data to a government API, so let’s say it was for ID verification. Even though our initial requirements are that only the OrdersAPI will use the VerifyAPI, you could argue that in future, maybe in future, other applications we have made, or third parties could call this VerifyAPI directly.

There’s a famous idea in software development; YAGNI; You Ain’t Gonna Need It. Which is the idea that you should program to requirements and not speculative “what if” scenarios.

The Tech Lead argued that we should put our code in a new repository because it was a separate API. I said that that adds loads of overhead because we will need to write code in OrdersAPI to call our code, then will need to add a reference to our VerifyAPI using a Nuget package. This will slow down development as you need to update 2 repositories, need some temporary reference as you develop, create multiple “Pull Requests”, then need to publish the Nuget package and update the references once more. I stated this was gonna be a huge inconvenience if the project ends up running over the year.

I also called YAGNI on that we will probably never use the API for anything other than OrdersAPI so it should just go in the same repository. In the event where I am wrong, it should be fairly easy to move it out as long as we just use separate projects to keep our code separate.

He insisted on doing things his way, but the thing is, even though we had a separate repository, it wasn’t a separate API. It was more like a code library. So several months later, he was asking managers if we can create a “mini project” to turn it into an API for clearer separation.

So it seems like we had 2 opposing viewpoints but ended up somewhere in between with all the disadvantages.

Another interesting debate I had seemed to illustrate his confused view of what our code is. He has always viewed our code as intending to be an API, but I was changing some error messages and he said my messages were misleading because our repository is not an API!

The confusion seemed to be him saying the “client” is the OrdersAPI, but I see the user of our software as the client, the OrdersAPI is the server call, and it doesn’t matter where it goes next

The message was something like. “Field ‘Date of Birth’ is missing”. He didn’t like the word “field”

Tech Lead
"I'd change the wording on these messages. We're no longer talking about "fields" since we've split the API request out."

Me
“does it matter where our code is? it's part of the same request as far as the client is concerned”
 
Tech Lead
"fields" just sounds like API talk
 
Me
but the client has made an API call
 
Tech Lead
the client hasn't made an API call though
if those prerequisite checks fail then no API has ever been involved
and even if it has, why would the client need to know anything about an API?
are you talking about the browser client?
 
Me
isn't it
client -> OrdersAPI -> our library {fail checks} -> error status to the client
 
Tech Lead
sorry i thought you were referring to the OrdersAPI as the client in this context
which it is
our package shouldn't know that it's being used in an API., that's the whole point of this change
 
Me
it's a black box for the caller. The user shouldn't know that it's using a library. The code could all the be in the same place as far as it is concerned

Then after more discussion, he is adamant that something could use our library in future so then there’s 2 usages, an API and non-API. So it cannot have API related stuff in it.

But our intention was to have a separate space for our team to maintain, we have never discussed it being used by anything other than the API. The early discussions was to have our repo that was an API.

Daniel
tbh I don't immediately think API when I see "field" I think it's fine
 
Me
he did say the message could just be
"‘Date of Birth’ is missing"
Which might be better but then wouldn't you want all the messages to be consistent. However, I guess someone could update the OrdersAPI repo with a new message style, and then forget about ours.
 
Daniel
you make a good point about consistency though, the API should be consistent regardless of where the code lives

It’s a really trivial argument, but I think this is just the beginning of many debates. Sometimes I think we like adding loads of complexity early on then work doesn’t get done.