Mastodon Feed: Posts

glyph ("Glyph") wrote:

@aredridel

> Are you measuring your guardrails?

Of course not. Nobody is. The resources do not exist in the software industry, let alone in volunteer open source, to do this adequately. Which is why we rely on good faith.

> do you require any unsafe practice to be labeled? Or just LLMs?

Just LLMs. First, because LLMs are novel and unique.

Second, here we're not even talking about a labeling *requirement* yet, we're talking about *active deception*.

Boosted by jwz:
fasterandworse@hci.social ("Stephen Farrugia") wrote:

@misty also note that Apple have dark-patterned this update below the fold that doesn't appear to be there

Attachments:

• video: video screen recording of ios software update screen showing a full height update for IOS 26 and a non-obvious extra scroll reveals an "also available" update for the ios 18.7.7 security update

aredridel@kolektiva.social ("Mx. Aria Stewart") wrote:

@glyph Right. Are you measuring your guardrails?

And: do you require any unsafe practice to be labeled? Or just LLMs?

That's the thing. My fundamental argument here is that _these are tools_. Sometimes that's relevant, sometimes that's not.

glyph ("Glyph") wrote:

@aredridel This is the same logic as "if you don't want to have segfaults in your C code, just check more carefully. why did you put the bugs in, if you don't want bugs?"

No process is perfect, nothing can catch everything. Guard rails are important but you aren't supposed to start *driving on the guard rails* all the time. Step zero here is honest and accurate labeling of one's methods. Which is what this thread is about: inherent, structural, software-supported dishonesty

aredridel@kolektiva.social ("Mx. Aria Stewart") wrote:

@glyph Right. So _if the PR is bad, reject it_.

If it's not, don't.

And if you didn't check WHY NOT?

aredridel@kolektiva.social ("Mx. Aria Stewart") wrote:

@glyph Yep. _but relying on implicit things is tricky_. Acknowledging it explicitly is a start, but now we need to look at the system.

aredridel@kolektiva.social ("Mx. Aria Stewart") wrote:

@glyph Yes, though I disagree with parts of it: it's changed the system and now we're dealing with the bottlenecks appearing in new places. Not always good ones!

But I don't think this is a change in kind. It's moved the problem in _really familiar_ ways to me, actually. It's what happens when you unleash people on a codebase who don't care for others, who offload work. You can rein that in, but you need feedback in the system to do it.

glyph ("Glyph") wrote:

@aredridel The human being sitting there typing the code out with their fingers was an *implied* initial check on the process—arguably the largest one by far—which you've now thrown out in favor of someone hitting '1 1 1 1 2' in a Claude Code loop, putting a _far_ more load-bearing role onto the existing CI and the code reviewer. More importantly, in this context, it has been thrown out *implicitly* by an Anthropic employee testing a *beta* version of the model

baldur@toot.cafe ("Baldur Bjarnason") wrote:

RE: https://toot.cafe/@baldur/116330178975566449

I'm doing both a sale and an experiment.

Boosted by jwz:
straphanger@urbanists.social ("𝚃𝚊𝚛𝚊𝚜 𝙶𝚛𝚎𝚜𝚌𝚘𝚎 🚇") wrote:

"I hope gas goes up to eight bucks a gallon!"

It's 2026, and I've turned into Calvin's Dad.

There are worse fates, I guess...

Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
philpem@digipres.club ("Phil M0OFX") wrote:

@realtegan @soatok The optimist in me wants to say the thought probably hadn't occurred to them. The cynical bit says they don't want to have the CEO in their face about raising awareness of what happens at the sales conference...

Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
ariarhythmic@ohai.social ("Aria <3 :blobcattrans:") wrote:

@erincandescent @notthatdelta @soatok @FurryBeta It's a fucking job what the fuck

glyph ("Glyph") wrote:

@aredridel Here we have an established "engineering" process, i.e. code review and continuous integration, designed for catching defects and process failures from a good-faith production of code from humans with an understanding of the system under development. That process is then subjected to a new type of code generation, where a machine that *maximizes plausibility while minimizing effort*, is throwing much larger volumes of code against the same mechanism. That's not the same process!

glyph ("Glyph") wrote:

@aredridel There are scales where differences in degree _become_ differences in kind.

Consider a more closely related phenomenon. There are many tools to check C/C++ code for memory safety errors. And, unsafe Rust code may exhibit exactly the same unsafe behaviors. Yet, C/C++ code and Rust code are categorically different in terms of the level of memory safety one may expect them to provide.

aredridel@kolektiva.social ("Mx. Aria Stewart") wrote:

@glyph I'm specifically arguing that it's the _exact same phenomenon writ larger_ (which is a meaningful difference!)

But it's a difference in amount not kind.

Either you build processes to check things ("do engineering") or you don't (“vibes”)

glyph ("Glyph") wrote:

@aredridel you are technically correct here (and indeed any automated tool with repeated human interaction my provoke _some_ measure of vigilance decay, one could argue that "flaky tests" cause it too) but I feel like you're talking past the actual argument here.

aredridel@kolektiva.social ("Mx. Aria Stewart") wrote:

@glyph Actually search and replace _does_ do that and in fact I was bit by vigilance decay in a search and replace problem literally yesterday. the comparison was intended.

glyph ("Glyph") wrote:

@aredridel "search and replace" is not a fair comparison because search and replace does *not* cause vigilance decay, or risk of unknowing copyright infringement, etc. in the same way that "raw milk" and "grass fed" are just like… completely different disclosures with different consequential implications

glyph ("Glyph") wrote:

@aredridel "raw milk" isn't ingredients either, the difference is one of process, which is why I used it as an example. Raw milk contamination is more likely because the processes to keep it safe are harder to follow, require more continuous diligence on the part of the operators of that process, and thus contribute to more frequent failures. LLM output is exactly the same: it provokes vigilance decay.

aredridel@kolektiva.social ("Mx. Aria Stewart") wrote:

@glyph Yeah, I disagree. Code isn't ingredients and it's not “contamination" any more than you should label “I used search and replace on this”

What you want to know is whether it was well engineered or not.

And in fact, this is almost entirely orthogonal to "safety”. This is an engineering product. The safety comes from processes and whether or not _anyone checked the work done was right_, not the inputs.

glyph ("Glyph") wrote:

@aredridel @aral I really can’t agree with this, because it’s a question of accurate labeling not of “responsibility” or “authorship”. co-authored-by is perhaps the wrong method for labeling such things, but consider raw milk. ultimately, it is indeed the producer’s responsibility to ensure their product is free of contamination. but disclosure of its method of production is explicitly the kind of requirement that allows consumers of said product to make safe choices

Boosted by glyph ("Glyph"):
aral@mastodon.ar.al ("Aral Balkan") wrote:

So Anthropic employees are using Claude Code to contribute AI-generated code to open source repositories and hiding the fact using their own internal “undercover mode”.

Totally trustworthy people.

(Any open source project that at the very least requires disclosure of AI-authored contributions should immediately ban Anthropic employees on principle.)

#AI #Anthropic #ClaudeCode #subterfuge

dysfun@treehouse.systems ("gaytabase") wrote:

i know people have gotten defeatist and like to think you can't do a decent job putting out believable-looking bollocks without an LLM,, but i'm here to tell you you can.

Boosted by glyph ("Glyph"):
Kaliah@dragonscave.space wrote:

Your friendly reminder, since it's April Fools Day. It is only a joke if you, *and* the person you're joking with, find it funny. If only you find it funny, that is not a joke. That is you being a jerk under the excuse of joking. Please do not try to pull "jokes" that could actually hurt someone. And yes, emotionally hurt does count as hurting someone. Not everything has to become something you play with, and there are likely many things you should absolutely not play with. Take care of yourselves and those around you. Have a good rest of your day. This is not a subpost, I just tend to see people pulling things on April fools that are far from funny to all parties and I feel this needs to be said.

dysfun@treehouse.systems ("gaytabase") wrote:

boolean, boolean, i'm begging of you please don't take my man

zkat@toot.cat ("Katerina Marchán") wrote:

OK yeah 430 boosts means my mentions are annoying and it’s time to delete

Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
realtegan@wandering.shop ("Laura "Tegan" Gjovaag ⛈ 🐸") wrote:

@riley @soatok
I've noticed that furries tend to figure out a lot of things first. They do seem to be ahead of the crowd in lots of ways.

Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
realtegan@wandering.shop ("Laura "Tegan" Gjovaag ⛈ 🐸") wrote:

@soatok
My god, this is such a good idea! For any convention - not just fan ones. Offering STI testing is simply an awesome thing that makes perfect sense when large groups of people get together for a weekend/days of fun and mingling. Why doesn't every convention offer it?

Oh right. Puritan moral values among the American public. Bleh.

Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
notthatdelta@furry.engineer ("Delta Sierra") wrote:

@soatok @ariarhythmic @FurryBeta Yeah, I meant hotel rooms. It's nice to not have to worry about post-coital towel/sheet laundry for once, I get that. Plus it feels pretty decadent to order room service and eat/drink in bed!

And also yeah, ALWAYS tip your hotel staff, even if they don't turn over the room daily they still have to clean everything up at the end of your stay. It's also not bad form to leave any (unopened!) leftover snacks, drinks, booze out in plain sight. Never know what might help someone. Plus a bit of pre-cleaning (get all your trash in one spot, towels in one pile, flush the goddamn toilet, etc).

Boosted by baldur@toot.cafe ("Baldur Bjarnason"):
harpaa01 ("Aaron") wrote:

@getajobmike I worked at GitHub for six years starting in 2019. There's this persistent rumor that after the MSFT acquisition they got pushed onto a bunch of Microsoft infra.

For the entire time I was there github.com continued running primarily on bare metal. Newer stuff like Actions and Copilot do use Azure, and there are some new enterprise cloud offerings that run in Azure.

What has changed and made a bigger contribution to this instability is that GitHub traffic grew by hundreds of %.