IT/Software career thread: Invert binary trees for dollars.

ToeMissile · Sunday at 11:36 PM

ShakyJake said:
Fellow employees at my org barely use it besides for simple questions. Technically we're limited to Microsoft Copilot but organization-scoped. I don't use it but I'm guessing this is a gimped model? Most complain that it's not great and lump all AI with that assessment.

The default copilot w/M365 is solid for office/admin type stuff and even some basic coding. I’ve created a few little tools to help out adjacent teams. Usually just a standalone html file with embedded JS, one pulls out labels, notes and lat/lon out of .kmz/.kml files that the user reviews and manually uploads to our project management system. The other converts/bundles .heic images into PDF. Nothing fancy but it would take a couple weeks to get something like that request/built/integrated into an existing system, I did both in about a day including review with the people who would be using them

Khane · 2026-02-16T07:10:16-0500

We use copilot, which is really just chatgpt

TJT · 2026-02-16T08:11:29-0500

Copilot is by far the worst of them. We have been using both Copilot and Cursor for a year or so. The entire engineering org favors Cursor by over 60%. Myself included.

I hear Claude Code is "better" but its terminal centric design is objectively worse than Cursor's IDE based design. At least if you're competing to get Java/Python/C/etc devs working with it. I am sure its quite dope for system engineers and what have you.

Khane · 2026-02-16T09:18:02-0500

I don't have much experience with the other agents but Copilot for sure needs to be guided, its still very useful but sometimes it outputs some truly absurd nonsense.

Last week I was troubleshooting an issue with invoking an external assembly that makes a database call from within xslt (don't ask). It really didn't know how to help with that, to the point that when I kept correcting it and letting it know its output didn't solve the issue it eventually started blaming the comments in the xslt, calling them malformed (they weren't). It was hilarious but also kind of tragic because there are probably vibe coders that very literally don't know something as simple as properly formatted comment tags in xslt/xml. And they would probably trust the agent to take them down that rabbit hole.

ShakyJake · 2026-02-16T13:21:28-0500

TJT said:
Copilot is by far the worst of them. We have been using both Copilot and Cursor for a year or so. The entire engineering org favors Cursor by over 60%. Myself included.

I hear Claude Code is "better" but its terminal centric design is objectively worse than Cursor's IDE based design. At least if you're competing to get Java/Python/C/etc devs working with it. I am sure its quite dope for system engineers and what have you.

I've been using Claude Code and Codex CLI and I actually prefer them over the IDE integrations.

Deathwing · 2026-02-16T13:30:25-0500

How do you guys prevent exfiltration of proprietary code and sensitive information by AI? Assume, if you aren't already, that I'm extremely uninformed on this topic. I have a long list of negatives wrt AI, but one fuckup and oops, source code is now part of some LLM's training model makes me not want to even start experimenting.

Khane · 2026-02-16T13:33:10-0500

Deathwing said:
How do you guys prevent exfiltration of proprietary code and sensitive information by AI?

Noodleface · 2026-02-16T13:54:53-0500

I let legal deal with all that

ShakyJake · 2026-02-16T13:58:07-0500

They got us access to GitHub Copilot on the corporate tenant. All our devs use that (if at all).

Deathwing · 2026-02-16T14:01:33-0500

Noodleface said:
I let legal deal with all that

Most programmers don't understand AI enough to make this judgment(I include myself in that group). How can we expect lawyers to do so?

Furry · 2026-02-16T14:14:00-0500

Deathwing said:
How do you guys prevent exfiltration of proprietary code and sensitive information by AI? Assume, if you aren't already, that I'm extremely uninformed on this topic. I have a long list of negatives wrt AI, but one fuckup and oops, source code is now part of some LLM's training model makes me not want to even start experimenting.

Reminds me how they tell us to never ever use ai with CNSI then I go into a CNSI briefing and the computer is suggesting relevant search results with the default copilot installation. I just assume the turbo geniuses in charge know what they’re doing.

ToeMissile · 2026-02-16T14:35:44-0500

Deathwing said:
How do you guys prevent exfiltration of proprietary code and sensitive information by AI? Assume, if you aren't already, that I'm extremely uninformed on this topic. I have a long list of negatives wrt AI, but one fuckup and oops, source code is now part of some LLM's training model makes me not want to even start experimenting.

With enterprise licensing they’re supposed to segregate your company’s data and prevent it from getting out

Noodleface · 2026-02-16T14:41:55-0500

Deathwing said:
Most programmers don't understand AI enough to make this judgment(I include myself in that group). How can we expect lawyers to do so?

Don't matter to me, as long as it isn't my job lol

Khane · 2026-02-16T15:07:40-0500

We live in a world where blatant corporate malfeasance and criminal behavior go *almost* entirely unpunished. You can crash the global economy or steal your customers identities with fake accounts and the worst that will happen is you pay a small fine.

They will say the data is private
They will say everything is protected

None of it will be true, there will be a *shocking* scandal somewhere down the line and it will all play out the same way.

It's easier to beg for forgiveness than ask for permission and all that. Why wouldn't the same kind of unfettered greed exist in these AI companies when they know they won't really get punished?

In other words, why should I care? I hate the company I work for anyway.

Cad · 2026-02-16T15:21:57-0500

Deathwing said:
Most programmers don't understand AI enough to make this judgment(I include myself in that group). How can we expect lawyers to do so?

The lawyers are just taking what you guys (you guys being the tech experts) say about how it works technically and applying that to the data security provisions in contracts/statutes/regulations. They have absolutely no idea how it works under the hood.

Control · 2026-02-16T18:26:26-0500

I mean, kind of the same as anything in the cloud. The company says "yup, it's secure!" and you either believe them or not. Everything is only actually as secure as your security guys are good and to the extent that the execs allow/prioritize it. Everybody wants to think they prioritize security, but some salesman offers them a 10% discount to host everything on another guy's computer, and they're all like:

If they really cared, they could do ai in-house, but there's no sales team pushing that.

Deathwing · 2026-02-16T19:08:28-0500

Khane said:
We live in a world where blatant corporate malfeasance and criminal behavior go *almost* entirely unpunished. You can crash the global economy or steal your customers identities with fake accounts and the worst that will happen is you pay a small fine.

They will say the data is private
They will say everything is protected

None of it will be true, there will be a *shocking* scandal somewhere down the line and it will all play out the same way.

It's easier to beg for forgiveness than ask for permission and all that. Why wouldn't the same kind of unfettered greed exist in these AI companies when they know they won't really get punished?

In other words, why should I care? I hate the company I work for anyway.

I care to the extent that it might come back to me and risk my job.

FWIW, I pretty much agree with everything you're saying. But that also doesn't prevent higher ups from using you as a scapegoat.

I'm in a weird spot where almost the entire company is open source, so who gives a fuck if code leaks. My unit is the only one with proprietary code.

Khane · 2026-02-16T19:15:29-0500

Deathwing said:
I care to the extent that it might come back to me and risk my job.

FWIW, I pretty much agree with everything you're saying. But that also doesn't prevent higher ups from using you as a scapegoat.

I'm in a weird spot where almost the entire company is open source, so who gives a fuck if code leaks. My unit is the only one with proprietary code.

Well, how would sponsored/approved use of AI agents come back on you? Unless you mean your company isn't paying for any AI agents/tooling and you'd be using public/free resources.

Most of us are working at companies that are very literally shoving AI down our throats and even taking steps to essentially force us to use it. So thats very much a company problem, not a me problem.

Like noodle said, let legal deal with that

Haus · 2026-02-16T23:11:52-0500

Deathwing said:
How do you guys prevent exfiltration of proprietary code and sensitive information by AI? Assume, if you aren't already, that I'm extremely uninformed on this topic. I have a long list of negatives wrt AI, but one fuckup and oops, source code is now part of some LLM's training model makes me not want to even start experimenting.

Guy who works in Cybersecurity here....

There are tools for this, we sell a set of them. We refer to it as "Code to Cloud" security. To go everywhere from code generation, to securing workloads in prod environments. This includes data used in conjunction with AI, and identifying which AI tools are and aren't being used, and has the capability to intercept/block unauthorized stuff.

With most customers I deal with the management still has no f-ing clue whatsoever about securing AI usage, and barely enough clue about data in motion DLP to be able to define what can and can't be sent to systems outside the company. And even a smaller subset think about securing code while it's being developed. They think it's black magic when we can "automagically" catch a developer hard coding credentials into systems and flag it to be corrected.

darkmiasma · 2026-02-17T00:23:28-0500

Haus said:
Guy who works in Cybersecurity here....

There are tools for this, we sell a set of them. We refer to it as "Code to Cloud" security. To go everywhere from code generation, to securing workloads in prod environments. This includes data used in conjunction with AI, and identifying which AI tools are and aren't being used, and has the capability to intercept/block unauthorized stuff.

With most customers I deal with the management still has no f-ing clue whatsoever about securing AI usage, and barely enough clue about data in motion DLP to be able to define what can and can't be sent to systems outside the company. And even a smaller subset think about securing code while it's being developed. They think it's black magic when we can "automagically" catch a developer hard coding credentials into systems and flag it to be corrected.

No need to be vague, just mention Snyk or Wiz - we don't need to make this sound mysterious.

Search

IT/Software career thread: Invert binary trees for dollars.

ToeMissile

Pronouns: zie/zhem/zer

Khane

Got something right about marriage

TJT

Mr. Poopybutthole

Khane

Got something right about marriage

ShakyJake

Deathwing

Khane

Got something right about marriage

Noodleface

A Mod Real Quick

ShakyJake

Deathwing

Furry

Email Loading Please Wait

ToeMissile

Pronouns: zie/zhem/zer

Noodleface

A Mod Real Quick

Khane

Got something right about marriage

Sheriff Cad

scientia potentia est

Control

Golden Baronet of the Realm

Deathwing

Khane

Got something right about marriage

Haus

I am Big Balls!

darkmiasma

Blackwing Lair Raider