Timeline for GPT on the platform: Data, actions, and outcomes
Current License: CC BY-SA 4.0
17 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Sep 17, 2023 at 16:16 | comment | added | Era | @mason I know it's hard to establish, that's my point. If it's hard to establish, then it's hard to know whether it's true. You're making claims that are difficult to evaluate either way, however the burden of proof remains on you as the person claiming something specific is happening. I agree SO has real world effects; I disagree with your asserting specifically what those effects are without any evidence. | |
| Jun 23, 2023 at 0:23 | comment | added | mason | @Era You're asking for something that's difficult to establish. I don't have the tooling and insight into past breaches to trace back the code they wrote to where they originally got it from. And you know that - what you're asking for is ridiculous. It's entirely reasonable that vulnerable code that appears on Stack Overflow will end up in apps, and that it could lead to a data breach. And that's sufficient to prove my point that the content we create on Stack Overflow or any other SE site have serious real world implications. | |
| Jun 23, 2023 at 0:15 | comment | added | Era | @mason I don't disagree with your conclusion, but you're giving examples that aren't examples in a way that tends to promote alarmism. There's no connection unless you can establish one. The fact that the Therac-25 software bug killed people in the 1980s doesn't imply that every SE user is potentially putting people's lives at risk if they make a mistake in an answer. It's still the developer's responsibility and no one else's. SE does absolutely need to maintain high quality, but not because of breaches like this specifically. (If you could establish a link...) | |
| Jun 23, 2023 at 0:06 | comment | added | mason | @Era the large companies I mentioned are to point out that despite lots of resources and pr presumably layers of protection in places, breaches causes by implementing bad code still happen. So we should do our best to keep stack Overflow clean of code that contains security flaws, instead of just trusting that something else is going to be in place to prevent a security breach. | |
| Jun 23, 2023 at 0:02 | comment | added | Era | @mason Yes, but you named specific large companies, you did not express a general concern. Do you see the difference? | |
| Jun 22, 2023 at 23:59 | comment | added | mason | @Era you've never seen anyone post cod containing a vulnerability on Stack Overflow? Recommend a NuGet package that contains a vulnerability? Suggest it's okay to keep developing on a platform that doesn't receive security updates? Sorry, I've seen it happen far too many times. Stack Overflow is people's first stop when they have a programming question. It is inevitable that people pick up vulnerabilities from there and implement them in their apps, and that it has led to breaches. It's just not all the time your postmortem traces it all the way back to SO. | |
| Jun 22, 2023 at 22:57 | comment | added | Era | @mason Your example of security breaches is just ridiculous. Unless you have any evidence that the breaches were related to specific SO answers, I invite you to retract this comment. | |
| Jun 8, 2023 at 16:02 | comment | added | zcoop98 | You worded this well, and I really like the sentiment; I think this answer is really important. I tend to agree with you that, from a CEO/ business perspective, it's probably highly tempting to see the Network as "Stack Overflow plus some", rather than a bunch of different sites with a wide variety of needs. I agree with your argument that SO has a different tolerance and level of importance for wrong answers than e.g. Acadamia.SE, and that this should absolutely be taken into account... hadn't really thought about that explicitly before, but it makes a lot of sense to me. | |
| Jun 8, 2023 at 12:48 | comment | added | markalex | @mason, and to be clear, I agree about "many other sites in the SE network", just disagreeing on specifically SO's part. | |
| Jun 8, 2023 at 12:47 | comment | added | markalex | @mason, I mean, that if bad answer from SO lead to some failure in major techproject, said bad answer is a single point in whole sequence of bad events: failed all mentioned protections, failed redundancy. Failure must overstep margin of safety of all layers. For a single person this usually is not the case. | |
| Jun 8, 2023 at 12:40 | comment | added | mason | @markalex With all those protections in place, big breaches that affect thousands or millions must never happen, right? Bank of America, Equifax, Ashley Madison - any of those names ring a bell? I'm not saying quality isn't important on Academia.SE, just pointing out that the consequences of low quality answers can be equally devastating on many other sites in the SE network. | |
| Jun 8, 2023 at 9:33 | comment | added | markalex | @mason, I tend to disagree: personal consequences are worse, specifically for people in difficult or vulnerable position. Consequences of bad code are generally less impactful, plus many layers of protection are usually in place: code-review, testing, quality-gates and so on. | |
| Jun 8, 2023 at 2:59 | comment | added | mason | Perhaps you're trying to show we (staff +community) are on the same team by saying "I'm sure you don't want bad advice to run rampant" - but I'm not sure that all the SE staff believes bad advice is a problem. Particularly at the CEO and decision making levels. If they actually cared about quality, things would look quite different. They chase quantity of users over quality of content, to the detriment of both. | |
| Jun 8, 2023 at 2:55 | comment | added | mason | Your characterization of Stack Overflow wrong answers being shrugged off with a "thanks but it didn't work" I don't think is accurate. Perhaps sometimes, but low quality answers that contain security problems or bugs that cause mass outages do have a huge impact on the well-being of the world too. An answer like that can be very dangerous if the search algorithms start favoring it. | |
| Jun 8, 2023 at 1:49 | comment | added | Levente | This needs to be seen, and I hope it will. Thank you for the beautiful delivery. | |
| Jun 8, 2023 at 1:22 | history | edited | cag51 | CC BY-SA 4.0 | deleted 282 characters in body |
| Jun 8, 2023 at 1:04 | history | answered | cag51 | CC BY-SA 4.0 |