• 0 Posts
  • 55 Comments
Joined 2 years ago
cake
Cake day: July 9th, 2023

help-circle


  • Could you let me know what sort of models you’re using? Everything I’ve tried has basically been so bad it was quicker and more reliable to to the job myself. Most of the models can barely write boilerplate code accurately and securely, let alone anything even moderately complex.

    I’ve tried to get them to analyse code too, and that’s hit and miss at best, even with small programs. I’d have no faith at all that they could handle anything larger; the answers they give would be confident and wrong, which is easy to spot with something small, but much harder to catch with a large, multi process system spread over a network. It’s hard enough for humans, who have actual context, understanding and domain knowledge, to do it well, and I’ve, personally, not seen any evidence that an LLM (which is what I’m assuming you’re referring to) could do anywhere near as well. I don’t doubt that they flag some issues, but without a comprehensive, human, review of the system architecture, implementation and code, you can’t be sure what they’ve missed, and if you’re going to do that anyway, you’ve done the job yourself!

    Having said that, I’ve no doubt that things will improve, programming languages have well defined syntaxes and so they should be some of the easiest types of text for an LLM to parse and build a context from. If that can be combined with enough domain knowledge, a description of the deployment environment and a model that’s actually trained for and tuned for code analysis and security auditing, it might be possible to get similar results to humans.


  • I’m unlikely to do a full code audit, unless something about it doesn’t pass the ‘sniff test’. I will often go over the main code flows, the issue tracker, mailing lists and comments, positive or negative, from users on other forums.

    I mean, if you’re not doing that, what are you doing, just installing it and using it??!? Where’s the fun in that? (I mean this at least semi seriously, you learn a lot about the software you’re running if you put in some effort to learn about it)


  • ‘AI’ as we currently know it, is terrible at this sort of task. It’s not capable of understanding the flow of the code in any meaningful way, and tends to raise entirely spurious issues (see the problems the curl author has with being overwhealmed for example). It also wont spot actually malicious code that’s been included with any sort of care, nor would it find intentional behaviour that would be harmful or counterproductive in the particular scenario you want to use the program.












  • It might already be packaged for whichever OS you’re running, and it comes with a utility to do the conversion. On Debian or Ubuntu it should be as simple as installing the pst-utils package and running something like readpst <path to .pst file> and it’ll leave an mbox file for you. It’s been a fair few years since I used it, so reading the documentation would probably be wise, but I remember it being pretty straightforward.

    I don’t have a Redhat machine handy right now, but it looks like the package is called libpst there. On a Mac you’d need to follow the build instructions in the git repository, but it’s not python, the main library and utils are written in C. The tarball they refer to it just a tar of the source, that you can download form the releases page. I can’t help you if your running windows, I don’t have a machine running it, and haven’t used it in many years.




  • Parks are great, but unless they’re directly outside the houses where I can keep an eye on what’s happening they’re not as safe or convenient. Being able to send the kids into the garden to run off some energy whilst I’m in the house doing something, and being reasonably confident that they’re safe is a huge benefit.

    That’s certainly not impossible with a bit of sensible planning around how housing is laid out, putting clusters of housing directly around a shared green space, but it is rather challenging to retrofit in existing conurbations, and impossible in more spread out communities. The American style of huge featureless lawns surrounding the house right up to the property boundary are pretty awful, but the more European style of a bit of lawn surrounded by flower beds and maybe trees is rather better.