Tales from the jar side: Good enough answers, GitHub Copilot, #infosecbikini and other tweets
My wife says I'm adorable, but I'm not including a picture of me in a bikini. You're welcome.
Welcome, jarheads, to Tales from the jar side, the Kousen IT newsletter, for the week of June 27 - July 4, 2021. This week I taught a class called Upgrade to Modern Java as an NFJS Virtual Workshop, which focused on streams, lambdas, and method references.
On Medium: Good Enough Answers
I published another article in the Pragmatic Programmers publication on Medium based on content from my new book Help Your Boss Help You (HYBHY). The article is called Answering the Unanswerable: Good Enough Answers, and is all about how to generate answers to open-ended questions in a way that is both responsive and disrupts your life as little as possible.
The basic idea is that if you get a question you can’t answer from your boss, you don’t want to either ignore it because you don’t know what to say or put aside real work to spend time digging into the question. Instead, I recommend you set a timer for about 20 minutes, and follow this template:
Start with “I don’t know, but ….” and add any necessary caveats.
Add the parts you’re sure about: “Here’s what I know…”.
Add what you believe: “Here’s what I think…”.
Give a rough cost estimate by showing what to do next: “Here’s what I would do to solve the problem…”.
Then ask the magic question: “Do you want me to look into it?”
The beautiful part is, the response to this will almost certainly be, “That’s all I needed. That’s for replying so quickly.” You responded right away, you expressed both what you knew and what you didn’t, you gave a rough estimate of what it would take to actually do the job, and, most importantly, you left it to your boss to decide what additional effort is needed. In other words, both sides win, which is great for building a constructive loyalty relationship.
Take a look at the article for details, including an example and a discussion of how the Game of Business differs from the Game of School. Of course, the entire article is based on the chapter in HYBHY entitled, Giving Good Enough Answers.
I’ll also mention here that I received the layout for the book, glanced at it and said, basically, “yeah, whatever,” and now it goes to the printer. I’ll let you know when I have an actual publication date, but it can’t be long now.
For the record, Amazon still lists the book as being open for pre-orders, but not expected until October. That should get updated very soon. It also only shows it in paperback, which is also not true. On the other hand, I was able to take five of the praise quotes included in the book and add them to the Amazon page (five is the limit allowed, for some odd reason). Scroll down to the Editorial Reviews section to see them.
The Mixed Blessing That Is GitHub Copilot
GitHub made waves in the software development world this week by announcing a new product called GitHub Copilot. They describe it as “Your AI pair programmer.” The idea is that if you add a plugin to the Visual Studio Code development editor, whenever you type a comment, Copilot will try to write the needed code for you.
Seriously. You just add comments, and the plugin generates all the code. It does this using a neural network that has been trained on all the public repositories on GitHub. Here’s a picture from their site, which doesn’t really tell you much of anything:
I spent time working with neural networks back in the 90s, before it became cool again, and I can tell you that they are really good at detecting common patterns in data. Of course, so are lots of statistical algorithms, but they don’t get the same press. The subject known as machine learning (ML) is a specialization of artificial intelligence (AI) where the neural network trains itself based on repeatedly running through a set of training data (unsupervised learning), making it better able to see relationships that might not be obvious by other means. ML has had some notable successes, especially in areas like natural language processing and image searches, but it really all comes down to seeing patterns in data.
This YouTube video has a great demonstration of the system in action:
Right now the project is free, but that’s because it is in “technical preview,” which isn’t going to last. Microsoft, who acquired GitHub, promises a commercial product soon, which raises issues related to fair use and copyright.
Is the code that Copilot generates free? The preview page says yes, but what if Copilot generates code that duplicates code that was written under open source licenses that cover derivative products? Also, a lot of the public repositories in GitHub were created by developers who specifically wanted to share code in an open fashion. What does it mean if a commercial product then re-uses it?
There are more subtle issues as well. The whole process assumes that most of a developer’s job is to do the same task repeatedly, which can then be automated by reproducing what most people already do. Is that true? Are we automating ourselves out of a job?
Honestly, I’m not too worried about that, because if there’s one thing I’ve learned about statistics (mostly from good baseball analysts like Joe Sheehan), is that there’s a big difference between data and insight. Just because you can generate code doesn’t mean it’s the right code in the right place at the right time. In fact, there have been code generators for decades, all trying to automate the easy parts, and yet the number of developers keeps going up.
Finally, I’m reminded of the old cliche that most professions try to eliminate the need for themselves. Successful doctors reduce the need for doctors. Software developers write code that reduces the need for developers. But while one lawyer in a town will starve, two get rich. :)
I liked this take, though, in a Twitter thread:
Somehow I doubt Microsoft will take him up on his challenge.
Totally unrelated side issue: the section of the preview page that says “Speaks all the languages you love” includes this:
GitHub Copilot works with a broad set of frameworks and languages. The technical preview does especially well for Python, JavaScript, TypeScript, Ruby, and Go, but it understands dozens of languages and can help you find your way around almost anything.
I’ve written books on Java, Groovy, and Kotlin, and while I presume all of them are understood by Copilot, funny how none of them made that list, as if I needed more proof I’m no longer working in the hottest areas of software development. I will say, however, that since my JavaScript, HTML, and CSS skills are mediocre at best, Copilot may really help me there. The danger is that I’ll just accept its recommendations without judgement, since those aren’t my best areas.
For the record, I signed up for the Copilot preview, because of course I did. If I get access, I’ll say more about it in future newsletters.
Polywork? What the heck is that?
One of the people whose newsletter I read is Stephanie Morillo. Her website says she “helps software developers become better communicators and content creators,” and while I already consider myself pretty knowledgeable in that area, there is always more to learn. Besides, it’s clear to me from her site that her background is very different from mine, so she’s worth a follow just to learn from her perspective.
Last week she sent a link to her page on a new site called Polywork. The idea behind the site is to collect all the activities done by a person into a single page. That way you can find everything, from appearing on a podcast, to writing a newsletter, to posting a project on GitHub, all on a single site. She was kind enough to share her “VIP” code with her newsletter subscribers, so I now have a similar page here. I don’t have much on it yet, but I’ll see if I can maintain it and whether it’s worth doing or not. Updates as they appear.
Btw, I can get some invites, so if you want one, let me know.
Meme Watch: #infosecbikini
Sometimes the response to harassment is awesome. As explained in this article,
Cybersecurity professionals have come together on Twitter to show their support for an infosec worker who was trolled after posting a bikini pic.
Coleen Shane, a software developer specializing in information security, was attacked by some idiot troll after she posted a picture of herself in a bikini. Her response was:
That generated tons of supporting pictures from bikini-clad women (and men, and at least one dog) under the Twitter hashtag #infosecbikini. Check out that hashtag on Twitter if you’re interested.
I’m not sure what to say about it other than be grateful I’m not in information security, because a picture of me in anything resembling a bikini would do serious damage to any viewer’s eyes. So no, I’m not going to participate directly; I’ll just mention it here. You’re welcome.
Apropos of Nothing
These are called rainbow roses. I saw them on twitter and ordered them for my wife. Here they are after a full week:
Nice. It didn’t occur to me that I ordered them during Pride Month, but that’s cool too.
Speaking of Pride Month:
Oof. This Dad Joke is better:
Finally, this is a good setup and delivery:
One does not simply walk into Mordor, but maybe you can shuffle forward awkwardly calling for brains…
As a reminder, you can see all my upcoming training courses on the O’Reilly Learning Platform here and all the upcoming NFJS Virtual Workshops here.
Last week:
Upgrade to Modern Java, an NFJS Virtual Workshop
This week:
No classes or conferences, which is the last time that’s going to happen until December
Record more chapters for the audiobook version of HYBHY
Prepare for the 25th annual Bradley Open, my first live, over-the-board chess tournament since 1998, when I played in the 3rd annual Bradley Open. Whoa.