If the ask is, why was the hardware like that in the first place the answer is because it can’t be fully validated.

But that’s not the question. There are two questions: Who should be responsible for patching hardware vulnerabilities? And if the answer is “the kernel” then should speculative but never demonstrated vulnerabilities be patched? Linus’ answer is the hardware manufacturer, and no.

Is this really the hardware vendor’s problem though? It’s the consumers problem.

Maybe we’re running into the ambiguity of language. If you mean to say, “Who does it cause a problem for? The consumer.” then sure. On the other hand what I mean, and what I think Linus means, is “Who’s responsible for the vulnerability existing? Hardware vendors. Who should fix it? Hardware vendors.”

If the ask is why should a speculative fix go into the Kernel […]

Depends on what you/we/they mean by “speculative”. IMO, we need to do something (microcode, kernel patches, whatever) to patch Spectre and Meltdown. Those have been demonstrated to be real vulnerabilities, even if no one has exploited them yet. But “speculative” can mean something else. I’m not going to read all the LMK emails so maybe they’re talking about something else. But I’ve seen plenty of, “Well if X, Y, and Z happen then that could be a vulnerability.” For that kind of speculative vulnerability, one that has not been demonstrated to be a real vulnerability, I am sympathetic to Linus’ position.

Who said anything about fully validating hardware? “Hardware vendors should solve their own problems” is not the same as “hardware vendors should fully validate their products”.

Of course but presumably on occasion you do work in other languages? I work in all kinds of languages and so jumping between them it’s pretty handy to bridge the gap.

If I were jumping languages a lot, I definitely think it would be helpful. But pretty much 100% of what I’ve done for the last 3-4 years is Go (mostly) or JavaScript (occasionally). I have used chatgpt the few times I needed to work in some other language, but that has been pretty rare.

I think you could definitely still get value out of generating simple stuff though, at least for me it really helps get projects done quickly without burning myself out

If simple stuff == for loops and basic boilerplate, the kind of stuff that copilot can autocomplete, I write that on autopilot and it doesn’t really register. So it doesn’t contribute to my burnout. If simple stuff == boring, boilerplate tests, I’ll admit that I don’t do nearly enough of that. But doing the ‘prompt engineering’ to get copilot to write that wasn’t any less painful that writing it myself.

For small one off scripts it makes them actually save more time than they take to write

The other day I wrote a duplicate image detector for my sister (files recovered from a dying drive). In hindsight I could have asked chatgpt to do it. But it was something I’ve never done before and an interesting problem so it was more fun to do it myself. And most of the one off stuff I’m asked to do by coworkers is tied to our code and our system and not the kind of thing chatgpt would know how to do.

func randomRGB(uid int) color.RGBA {
	b := binary.BigEndian.AppendUint64(nil, uint64(uid))
	h := sha256.Sum256(b)
	return color.RGBA{h[0], h[1], h[2], 255}
}

That took me under three minutes and half of that was remembering that RGBA is in the color package, not the image package, and uint-to-bits is in the binary package, not the math package. I have found chatgpt useful when I was working in a different language. But trying to get chatgpt or copilot to write tests or documentation for me (the kind of work that bores me to death), doing the prompt engineering to get it to spit out something useful was more work than just writing the tests/documentation myself. Except for the time when I needed to write about 100 tests that were all nearly the same. In that case, using chatgpt was worth it.

If I’ve been working in the same language for at least a year or two, I don’t have to look up any of that. Copilot might be actually helpful if I’m working in a language I’m not used to, but it’s been a long time since I’ve had to look up syntax or functions (excluding 3rd party packages) for the language I work in.

I won’t say copilot is completely useless for code. I will say that it’s near useless for me. The kind of code that it’s good at writing is the kind of code that I can write in my sleep. When I write a for-loop to iterate over an array and print it out (for example), it takes near zero brain power. I’m on autopilot, like driving to work. On the other hand, when I was trialing copilot I’d have to check each suggestion it made to verify that it wasn’t giving me garbage. Verifying copilot’s suggestions takes a lot more brain power than just writing it myself. And the difference in time is minimal. It doesn’t take me much longer to write it myself than it does to validate copilot’s work.

do a full encryption of the storage

That’s not how disk encryption works. Data in storage is always encrypted. That’s the whole point. When an app requests data, it is decrypted on the fly. Decrypted data is never stored outside of RAM.

I have to strongly disagree with you. I’ve used WSL 2 with VSCode, and I experienced waaaaaaaay more weird broken shit than I ever have running Linux. And even if it weren’t for that, it’s still not at all worth it IMO because using WSL 2 means every interaction I have with my development environment has to go through a Linux-to-Windows translation layer. I will never use Windows again for anything beyond testing unless I’m forced to.

How are you using it for data crunching? That’s an honest question, based on my experiences with AI I can’t imagine how I’d use them to crunch data.

So I always have to check it’s work to some degree.

That goes without saying. Every AI I’ve seen or heard of generates some level of garbage.

My point is that I strongly feel that the kind of “AI” we have today is much closer to bacteria than to cats on that scale. Not that an LLM belongs on the same scale as biological life, but the point stands in so far as “is this thing intelligent” as far as I’m concerned.

it’s not inconceivable it could happen in the next two generations.

I am certain that it will happen eventually. And I am not arguing that something has to be human-level intelligent to be considered intelligent. See dogs, pigs, dolphins, etc. But IMO there is a huge qualitative difference between how an LLM operates and how animal intelligence operates. I am certain we will eventually create intelligent systems but there is a massive gulf between what LLMs are capable of and abstract reasoning. And it seems extremely unlikely to me that linear algebraic models will ever achieve that type of intelligence.

Intelligence is just responding to stimuli

Bacteria respond to stimuli. Would you call them intelligent?

I don’t know, have you ever used JavaScript? I’ve run into some really fucking weird bugs. I’ve also spent hours trying to find the source of an error message only to discover the error message was lying and caused by some other error.

The only part of copilot that was actually useful to me in the month I spent with the trial was the autocomplete feature. Chatting with it was fucking useless. ChatGPT can’t integrate into my IDE to provide autocomplete.

The point is that AI stands for “artificial intelligence” and these systems are not intelligent. You can argue that AI has come to mean something else, and that’s a reasonable argument. But LLMs are nothing but a shitload of vector data and matrix math. They are no more intelligent than an insect is intelligent. I don’t particularly care about the term “AI” but I will die on the “LLMs are not intelligent” hill.

I’m the opposite. AI is best (though not great) at boring shit I don’t want to do and sucks at the stuff I love - problem solving.

Their rules have stopped me from being able to do my job. Like the time the AV software quarantined executables as I was creating them so I literally could not run my code. When security enforcement prevents me from working, something needs to change.

My comment game has gotten far better since I started doing live code reviews. Essentially I ask myself, “Would I feel the need to explain this to someone during a code review?” and if the answer is yes I add a comment.

That’s a hot take. If you want your code to be maintainable at all, it needs comments. If you’re part of a team, write comments for them. If someone else may take over your project after you move on, leave comments for them. And have you ever tried to read uncommented code you wrote a year ago? Leave comments for yourself.

The key difference is that compilers don’t fuck up, outside of the very rare compiler bug. LLMs do fuck up, quite often.

Copilot frequently produces results that need to be fixed. Compilers don’t do that. Anyone who uses copilot to generate code without understanding how that code works is a shit developer. The same is true of anyone who copies from stack overflow/etc without understanding what they’re copying.