Introduction
Whether you are new to the world of IT or an experienced developer, you may have heard of the debugging concept of the ‘programmer’s rubber duck’. For the uninitiated, the basic concept is that by speaking to an inanimate object (e.g., a rubber duck) and explaining one’s code or the problem you are facing as if you were teaching it, you can solve whatever roadblock you’ve hit. Talking to the duck may lead to a “eureka!” moment where you suddenly discover the issue that has been holding you back, or simply allow you to clarify your thoughts and potentially gain a new perspective by taking a short break.
This works because as you are “teaching” the duck, you must break down your code step by step, explaining how it works and what each part does. This careful review not only changes how you think about the described scenario but also highlights flaws you may not have otherwise identified. Since the rubber duck is an inanimate object, it will never tire or become disinterested during these conversations. Understandably, this also means that the duck cannot provide you any actual support. It won’t be able to help you summarize your ideas, offer recommendations, point out flaws in syntax or programming logic.
Enter now the tool taking the world by storm, ChatGPT. Even at its most basic tier ChatGPT offers incredible value for those who learn how to work with it. This tool combines in one package all the benefits of the rubber duck, patience, reliability, support, while also being able to offer suggestions. While it provides the patience and reliability of the classic ‘rubber duck’, ChatGPT also has the ability to offer helpful suggestions, review code snippets*, and engage in insightful dialogue.
ChatGPT has the opportunity to significantly speed up development practices and virtually eliminate any form of “coders-block” without needing any complex setup or advanced knowledge to use effectively. The tool can also remove many barriers to entry that exist in programming, effectively democratizing the entire development pipeline and opening it up to anyone with a computer. The premise of a rubber duck extends beyond the realm of programming. Individuals across various professions who require an intuitive, extensively trained AI tool can benefit from ChatGPT – this modern interpretation of the ‘rubber duck’ – in managing their day-to-day tasks.
*This is highly dependent on your use-case. You should never upload sensitive, private, or proprietary information into ChatGPT, or information that is otherwise controlled or protected.
Benefits
ChatGPT offers numerous benefits for those willing to devote the time to learning how to use it effectively. Some of its key benefits include:
- Collaborative problem-solving
- Ability to significantly reduce time spent on manual tasks
- Flexibility
- Ease of use
Drawbacks
The tool does come with a few drawbacks, however, which are worth considering before you dive into the depths of what it can offer. To begin with, the tool is heavily reliant on the user to provide a clear and effective prompt. If provided a weak or vague prompt it is highly likely that the tool will provide similar results. Another drawback that may catch its users by surprise is that not a replacement for human creativity or ingenuity. You cannot, thus far, solely rely on the tool to fully execute a program or build something entirely from scratch without the support of a human to guide and correct its output.
Suggestions
Although ChatGPT is a fantastic tool I recognize that using it can be overwhelming at first, especially if you are not used to using it. ChatGPT has so many capabilities it is often difficult to determine how best to use it. Below are a few suggestions and examples of how this tool can be used to help talk through problems or discuss ideas, regardless of whether you’re using it for programming or not.
Structure your prompt
When making any request that does not have a clearly defined scope or conclusive answer, you must construct your prompt appropriately. To help craft the perfect prompt, it can be helpful to write out what you are looking to accomplish, and what you are looking for ChatGPT to assist with before you begin writing your prompt. Using that information, you can extract the key information to form your request. You can improve the output provided by ChatGPT in a few ways, including:
- Adding as much information as you have. The more you give it, the better it will be able to assist. This may include:
- Your industry or role
- Examples of similar topics, or references you want its output to mimic
- Additional supporting information such as location, budget, age, or other relevant details
- Making your request clear, and specific.
- Refining its output as you go (e.g., asking it to expand on a topic)
Ask directly
If you know what you’re looking for, it can be helpful to directly ask ChatGPT what it needs to help you solve your problem. For example, you may structure your prompt like this:
“I need help doing . I would like you to provide guidance on completing it, as well as any suggestions you deem relevant. What information do you need from me to assist you?”
At this point, ChatGPT will give you a breakdown of what information it needs to assist you. This often comes in a well-structured list, with a sentence or two of description attached to each category to help you understand what it is looking for.
Elaborate, elaborate, elaborate
As you work through the collaborative process, it can be helpful to amend your initial ask by providing additional details or insight. At any point during the back-and-forth, you are encouraged to elaborate on your initial point, or any area you feel it is struggling. This may include giving more details on your project or problem, providing examples of what you have already tried, or asking the tool to change how it is giving you information. Occasionally you may also need to ask it to ignore previous information, or to alter the course it is taking.
Useful prompts
I’ve listed some other useful prompts below along with some use cases to give you some ideas how to use this tool.
- “I want you to act as and assist me with .”
- “Please write about improving as a .”
- “Using please .”
- “Create of suggestions, considering .”
Sample conversation
Provided prompt: Please write about ways to improve security implementation into a CI/CD pipeline**.
Response: Implementing security into a Continuous Integration/Continuous Deployment (CI/CD) pipeline can ensure that the software you deliver is free from vulnerabilities. Continuous security, often known as DevSecOps, is about infusing security practices into your DevOps process. Here are several ways to improve security implementation into a CI/CD pipeline:
- Static Application Security Testing (SAST): Use SAST tools in the CI pipeline to analyze source code for potential security vulnerabilities. These tools can help you identify issues before they become significant problems, and they’re most effective when used early in the development cycle. The process should be configured to break the build if issues of a certain severity level are discovered.
- Dynamic Application Security Testing (DAST): Use DAST tools in the CD pipeline to analyze your web applications in their running state for vulnerabilities. DAST can effectively detect issues that appear only in a running application, like injection attacks and cross-site scripting.
- Dependency Scanning: Most projects use a lot of dependencies, and it’s crucial to regularly check these for vulnerabilities. Automated dependency checkers can alert you about insecure libraries and suggest safer alternatives or updates.
**This prompt was submitted to ChatGPT 4. Its response was truncated to only list the first three recommendations.
Conclusion
From helping developers solve problems, to empowering small businesses to compete in ways they never imagined, the new age of AI-powered technology is certain to bring numerous changes to the way people and businesses operate. While this technology is certainly still in its infancy, it has astronomical potential to reimagine how we do our work. The current features offer numerous opportunities to act as a force multiplier when paired with subject matter experts, and can handle a lot of work that is currently handled manually.
Even when you can’t share specific details due to security or privacy concerns, ChatGPT and similar tools can be used to brainstorm ideas on a more generalized level. It is essential for all organizations, and individuals, to stay abreast of new technologies as they become available so that appropriate use cases can be developed and implemented. This is not to say that the tools available today are without fault, or should be relied on to the exclusion of all else, however. In the business environment, every new tool should be reviewed and approved for specific use where necessary. Individually, we must each take some responsibility for how we use technology and ensure it is employed in both an ethical and effective manner.
I encourage you to test drive the tool yourself so you can see what it can do for you, or for your business. ChatGPT can be applied to many industries and numerous topics, and is primarily limited by your own creativity. Even with its current drawbacks, this tool has the potential to become a fulcrum for us to apply the lever of human ingenuity against to reap incredible results.
The post ChatGPT, the new rubber duck appeared first on Cybersecurity Insiders.
July 16, 2023 at 09:11AM
0 comments:
Post a Comment