Category Archives: education

To write secure code, be less gullible than your AI

Posted on by
Reply

Graphite is an AI code review platform that helps you get context on code changes, fix CI failures, and improve your PRs right from your PR page. Connect with Greg on LinkedIn and keep up with Graphite on their Twitter.

### This Week’s Shoutout

This week’s shoutout goes to user **Xeradd**, who won an Investor badge by dropping a bounty on the question [How to specify x64 emulation flag (EC_CODE) for shared memory sections for ARM64 Windows?](https://stackoverflow.com/questions/). If you’re curious about that, we’ll have an answer linked in the show notes.

### Transcript: Conversation with Greg Foster of Graphite on AI and Security in Software Engineering

**Ryan Donovan:** Urban air mobility can transform the way engineers envision transporting people and goods within metropolitan areas. Matt Campbell, guest host of *The Tech Between Us*, and Bob Johnson, principal at Johnson Consulting and Advisory, explore the evolving landscape of electric vertical takeoff and lift aircraft and discuss which initial applications are likely to take flight. Listen from your favorite podcast platform or visit mouser.com/empoweringinnovation.

**Ryan Donovan:** Hello, and welcome to the Stack Overflow Podcast, a place to talk all things software and technology. I’m your host, Ryan Donovan, and today we’re delving into some of the security breaches triggered by AI-generated code. While there’s been a lot of noise around this topic, my guest today argues that the problem isn’t the AI itself, but rather a lack of proper tooling when shipping that code.

My guest is Greg Foster, CTO and co-founder at Graphite. Welcome to the show, Greg.

**Greg Foster:** Thanks for having me, Ryan. Excited to talk about this.

**Ryan Donovan:** Before we dive deep, tell us a bit about your background. How did you get into software and technology?

**Greg Foster:** Happy to share! I’ve been coding for over half my life now. It all started in high school—I was 15 and needed a job, and I figured I could either bag groceries or code iOS apps, so I picked the latter. I went on to college, did internships at Airbnb, working on infrastructure and dev tools teams, helping build their release management software. Interestingly, I was hired as an iOS engineer but immediately shifted to dev tools, which I loved. For the last five years, I’ve been in New York working with friends to create Graphite, continuing my passion for dev tools.

**Ryan Donovan:** Everybody’s talking about AI-powered code generation now—some people doing “vibe coding” where they don’t even touch the code themselves and just say, “build me an app.” Then we see the ensuing security laughs on Twitter. You’re saying the AI isn’t purely the problem?

**Greg Foster:** It’s nuanced. Fundamentally, there’s a shifting landscape of trust and volume. Normally, when you do code reviews, you trust your teammates to some degree. You carefully vet code for bugs and architecture, but you don’t scrutinize every line on security—assuming teammates aren’t malicious. AI changes this because a computer writing code holds no accountability, and you might be the first person ever to lay eyes on it. Moreover, the volume of code changes is skyrocketing. Developers, including juniors, push many small PRs rapidly, which overloads the review process. This creates a bottleneck and trust deficit.

**Ryan Donovan:** Interesting. Our survey from a few months ago found people use AI more but trust it less, which seems natural since AI generates code based on statistical models of previous code.

**Greg Foster:** Yes, and AI can be quite gullible. Take recent hacks like the Amazon NX hack—prompts told the AI to scour user file systems deeply to find secrets. A human engineer would never do that blindly, but AI systems might follow those instructions unquestioningly. It’s a real challenge.

**Ryan Donovan:** So it’s really a lack of real-world context that AI code generators have. The speed and volume of PRs make human review difficult. Naturally, that calls for tooling solutions.

**Greg Foster:** Exactly. Graphite is all about tooling that helps make code review better. One timeless best practice remains: keep code changes small. Research from Google showed that longer pull requests get disproportionately fewer review comments—in fact, engagement drops steeply beyond about 100 lines of code.

We’ve seen the same data at Graphite. People tend to skim or blindly approve massive PRs, so small, manageable PRs—around 100-500 lines—hit a sweet spot for deep review.

But this requires tooling to manage stacked, incremental commits so developers can maintain flow without submitting giant PRs.

**Ryan Donovan:** That’s a key point. Many AI-generated chunks of code are enormous, unrefined, and not necessarily human-friendly. How do you see developers breaking that down and improving readability?

**Greg Foster:** Another concern is losing context. When you write code yourself over hours, you internalize the intricacies of that module or system. With AI-generated code, you often don’t fully absorb or understand the details. This means reviewers must pay extra-close attention.

Overall, fast, blind shipping of code reduces deep understanding and increases risk, especially for security.

**Ryan Donovan:** Copy-pasting from Stack Overflow has long been a source of vulnerabilities. AI seems to intensify that issue.

**Greg Foster:** Exactly. We used to shame copy-pasting, but now AI-generated snippets can propagate security flaws just as easily. Though these AI systems are generally well-intentioned, they create false confidence and lower the bar for attackers who now can craft malicious code with minimal skill.

**Ryan Donovan:** How do you guard not just the code, but the prompts themselves? Can prompts be sanitized or secured?

**Greg Foster:** It’s tough—probably impossible to secure prompts completely. You could try meta-prompting where one AI judges the security of another’s prompt output, but this is a cat-and-mouse game.

In some cases, suspicious prompts could trigger extra user verification steps, like password confirmation or biometric checks.

Also, if prompts come from untrusted users, they should be sandboxed or highly restricted, similar to executing untrusted code.

**Ryan Donovan:** Browsers already sandbox JavaScript and WebAssembly to prevent dangerous abuse.

**Greg Foster:** Indeed. Some AI-powered browsers or extensions have been exploited by injecting invisible prompts to perform malicious actions. This gullibility is something we should expect and prepare for.

At the end of the day, best practices—like minimizing exposure of secrets and being cautious about input—are more important than ever.

**Ryan Donovan:** You mentioned using LLMs themselves as judges for security scanning. How do you ensure those AI judges are trustworthy?

**Greg Foster:** Good question—“Who watches the watchman?”

Major LLMs today are reasonably reliable if well-prompted. If compromised at root, that’s a whole different challenge.

But in day-to-day use, you can trust security tools running LLMs to find real issues. You can measure their effectiveness through true positive and false positive rates. LLMs are actually pretty good at detecting security vulnerabilities in code, sometimes surpassing humans, who grow distracted or fatigued.

**Ryan Donovan:** Is there still a role for traditional static analysis and linting alongside LLM-based tools?

**Greg Foster:** Absolutely. Great security practice is layered. Keep your unit tests, linters, human code review, and add LLM scanning as a powerful augmentation layer.

Think of LLM-based scanners as “super linters” that run quickly and flexibly across many languages without much setup.

But don’t replace deterministic tests and human judgment—they catch problems LLMs can’t.

**Ryan Donovan:** That sounds like a healthy, balanced approach.

**Greg Foster:** For sure. The combination is greater than its parts. For example, LLMs can even help generate missing unit tests, reducing the barrier for engineers to write more tests.

**Ryan Donovan:** Do you worry developers will start outsourcing their security expertise entirely to AI?

**Greg Foster:** Not really. Much of security engineering involves manual processes, audits, policies, and incident response that AI can only assist, not replace.

For example, at Graphite, our security team implements network proxies, audit logging, and SOC2 compliance—all human-driven.

AI can help surface information faster during incidents, or assist with paperwork, but it won’t replace deep human expertise anytime soon.

**Ryan Donovan:** Every new abstraction layer in software adds complexity that engineers need to manage. AI seems to be another one in that lineage.

**Greg Foster:** Exactly. Engineering isn’t about typing lots of code; it’s about problem-solving, decision-making, and communication. AI just changes the tools we use.

Just like 3D printing shifted manufacturing but didn’t replace craftsmen, AI will change software engineering but not eliminate great engineers.

**Ryan Donovan:** We’re entering a new era of productivity and tooling with AI. How do you see AI tooling evolving?

**Greg Foster:** I see three main areas:

1. **Code Generation:** From simple tab completion to complex agent-driven creation that can even submit PRs directly.

2. **Code Review:** LLMs scanning diffs to find bugs, architectural issues, or security risks.

3. **Background Agents:** Autonomous tools that trigger off existing PRs to enhance them—splitting PRs, adding tests, or suggesting improvements proactively.

On the other hand, core infrastructure like CI, builds, and deployments remain largely unchanged.

This evolution highlights the importance of fundamentals—clean, small, incremental code changes, robust testing, rollbacks, and feature flags. Senior engineers who combine these classic best practices with AI tooling get the most value.

**Ryan Donovan:** Wise words. Thanks so much, Greg, for sharing your insights.

**Greg Foster:** Thank you, Ryan. If folks want to learn more about modern code review, stacking code changes, or applying AI in their workflows, check out [graphite.dev](https://graphite.dev) or follow us on Twitter.

**Ryan Donovan:** And that’s a wrap! Remember, good coding and good security both come from solid fundamentals enhanced by smart tools. For questions or feedback on the podcast, reach out at podcast@stackoverflow.com or find me on LinkedIn.

Thanks for listening!

*This transcript has been edited for clarity and readability.*
https://stackoverflow.blog/2025/11/04/to-write-secure-code-be-less-gullible-than-your-ai/

From the archives: Diane Ladd and Laura Dern

Posted on by
Reply

Three-time Oscar-nominated actress Diane Ladd, known for her memorable performances alongside her daughter Laura Dern in several productions—including *Rambling Rose* and *Wild at Heart*—passed away on November 3, 2025, at the age of 89.

In a heartfelt “Sunday Morning” interview that aired on May 14, 2023, Diane and Laura sat down with Rita Braver to discuss their shared family history, which has frequently played out on movie and TV screens. The conversation also touched on their joint memoir, *Honey, Baby, Mine: A Mother and Daughter Talk Life, Death, Love (and Banana Pudding)*, where they explore the deep bond they share through life’s many complexities.
https://www.cbsnews.com/video/from-the-archives-diane-ladd-and-laura-dern/

EDsmart: Florida Poly top school for return on investment

Posted on by
Reply

Florida Polytechnic University Ranks Among Top 20 U.S. Universities for Return on Investment

Florida Polytechnic University is making waves nationally as one of the top 20 universities in the country for return on investment (ROI), outperforming some of the nation’s most prestigious institutions. This recognition comes from a recent analysis by EDsmart, a data-driven college ratings publisher.

EDsmart evaluated 1,755 four-year colleges across the United States and ranked Florida Poly among the schools offering the highest-value degrees based on cost, boasting an impressive ROI of 163%. This figure is 15 percentage points higher than the national average ROI of elite universities such as Harvard, Yale, Princeton, and MIT.

Located in Lakeland, Florida Poly holds its own against longer-established universities like California State University and the City University of New York. Andy Oguntola, Florida Poly’s assistant vice president for enrollment management, emphasized the significance of this achievement, stating, “Florida Poly continues to prove that students don’t need to attend an Ivy League school to achieve outstanding career success. Our graduates’ strong return on investment shows how affordable, high-quality STEM education can lead to incredible outcomes.”

Strong Earnings and Low Debt Among Graduates

Florida Poly graduates earn the highest median salaries among all institutions in the State University System just one year after graduation, according to the state’s Board of Governors. Additionally, they carry the lowest student debt, as reported by the U.S. Department of Education’s College Scorecard.

Since its opening in 2014, Florida Poly has maintained its tuition rates without any increases, offering the lowest tuition among Florida’s public universities. Provost Brad Thiessen highlighted the university’s commitment, saying, “As we continue to grow and innovate, our commitment to affordability and student success will keep Florida Poly among the nation’s top institutions. These rankings are just the beginning of what’s ahead.”

How ROI Was Calculated

EDsmart’s analysis defines ROI as the amount a graduate earns for every dollar invested in their degree. The organization utilized data from the U.S. Department of Education College Scorecard, considering factors such as total degree cost, average time to complete a degree, and average salary six years post-graduation.

Tyson Stevens, EDsmart founder and CEO, remarked, “Prestige isn’t the same as payoff. Our analysis shows many regional schools deliver more value on this ROI metric than elite peers.”

High-Value Degrees Driving Success

In August, student loan referral service Student Choice reported that degrees in computer science and engineering deliver the highest ROI for college students nationally, with averages of 310% and 326%, respectively. At Florida Poly, where the majority of students pursue these in-demand degrees, the ROI surpasses even these impressive numbers.

Additional Accolades

Florida Polytechnic University has also earned distinction for academic excellence, career outcomes, and affordability, including:

– Ranked No. 1 public college in the South for five consecutive years
– No. 1 for highest alumni wages among Florida’s state universities, with a median salary of $66,800 one year after graduation

These rankings and recognitions underscore Florida Poly’s dedication to providing affordable, quality STEM education that equips students for successful careers.

For prospective students and families seeking a high-value education with strong career prospects, Florida Polytechnic University offers compelling proof that outstanding outcomes are achievable without attending traditional elite institutions.
https://floridapolitics.com/archives/762736-edsmart-florida-poly-top-school-for-return-on-investment/

Too much social media may hurt kids’ thinking and memory skills

Posted on by
Reply

Spending too much time on social media might be hurting how children think, remember, and learn. A new study published in the journal *JAMA* found that kids who use social media more often tend to perform worse on tests that measure memory, reading, and vocabulary.

The study looked at 6,554 children between the ages of 9 and 13. These kids were part of a larger research project called the Adolescent Brain Cognitive Development (ABCD) study, which is tracking the health and brain development of over 11,000 children in the U.S. as they grow up.

Researchers discovered that the average preteen spends about five and a half hours each day looking at screens for fun — and much of that time is spent on social media. Unlike watching TV or videos, social media involves constant interaction. Kids are scrolling, posting, checking for likes and comments, and messaging friends. This keeps the brain very busy and always alert.

Scientists already know that spending too much time on social media can lead to mental health problems like anxiety and depression in teens. However, until now, it wasn’t clear if social media use could also affect how kids think and learn.

To find out, the researchers studied social media habits over three years and grouped the children into three categories based on how much time they spent on social media:

– About 58% of kids barely used social media.
– Around 37% used it a little and gradually increased their time.
– A small group, about 6%, used social media heavily and kept increasing their time as they got older.

The researchers then tested the children’s brain skills using the NIH Toolbox Cognition Battery. These tests measured how well the children could read, remember information, process data quickly, and understand vocabulary.

The results showed a clear pattern: the more social media kids used, the worse they did on these cognitive tests. Children in the heavy-use group scored the lowest, especially on memory and language tests. Those who didn’t use social media or used it very little scored the highest.

It is important to note that this study does not prove social media causes the lower test scores, but it does reveal a strong connection. More research is needed to understand exactly how social media affects brain development and whether certain platforms or activities might be more harmful than others.

Still, these findings suggest that it might be a good idea for parents and teachers to set limits on social media use, especially for younger children. Keeping screen time under control could help protect important brain skills that children need for school and learning.

As kids grow up in a digital world, understanding how technology affects their brains is more important than ever. This study is a strong reminder that not all screen time is the same — and some of it might be doing more harm than good.

If you care about Alzheimer’s, please consider reading studies about the likely causes of Alzheimer’s disease and new non-drug treatments that could help prevent it. For more health information, check out recent studies about diet that may help prevent Alzheimer’s, as well as research showing that some dementia cases could be prevented by changing these 12 lifestyle factors.

The full study is published in *JAMA*.
https://knowridge.com/2025/10/too-much-social-media-may-hurt-kids-thinking-and-memory-skills/

Texas higher education enrollment reaches all-time high

Posted on by
Reply

Student enrollment at Texas colleges surpassed 1.6 million as of fall 2025, according to the Texas Higher Education Coordinating Board. This milestone reflects the continued growth and demand for higher education across the state.

Institutions are seeing increased interest from a diverse range of students, contributing to the vibrant academic communities throughout Texas. The Texas Higher Education Coordinating Board continues to monitor these trends to support effective planning and resource allocation for colleges statewide.
https://feeds.texastribune.org/link/16799/17193047/texas-university-enrollment

“It’s a real challenge”: Tom Brady feels for Arch Manning over incessant negativity in 2025 season

Posted on by
Reply

In the changing landscape of college football, young athletes often find themselves under unwarranted attention from the media and fans. Texas quarterback Arch Manning experienced a similar situation even before the 2025 season began. Media outlets drew comparisons between him and his legendary uncles, Peyton and Eli Manning, expecting him to follow a similar path in just his first year as the starting quarterback for the program.

According to NFL great Tom Brady, times have changed, and the mental toll on young players is now out of bounds. He addressed the intense media scrutiny that players like Manning face and reflected on how different it was during his own college days at Michigan.

Speaking to Sports Illustrated while shooting a commercial, Brady said, “Before, players had the kind of ability to fail when people weren’t watching, to build that resiliency within themselves. So I think it’s a real challenge these days for these young kids because Arch Manning, you know, seems like a great kid and great player.”

Brady went on to express hope that players can find ways to cope with criticisms. He also noted that Arch’s uncles, Eli and Peyton, had many years to develop and grow into their roles as quarterbacks.

“Peyton had a lot of years to develop. Eli had a lot of years to develop, and, you know, I was a college kid once, too, and I wasn’t the best quarterback at that time. How people remember me after my pro career was a lot different than how I remember me after my college career,” Brady explained.

### Arch Manning Not Concerned by Rumors Around His Starting Role

Although Texas rebounded after a jittery showdown early in the season, Manning has remained under the constant radar of critics. His on-field struggles with accuracy and footwork have stirred rumors about a possible step-down from his role as Texas’s starting quarterback.

However, Manning remains unfazed by the outside noise. Speaking to reporters, he said, “Nah, I can control what I can control. I work hard during the week, prepare my best, and go out and try my hardest on game day. That’s all you can do.”

### Looking Ahead: Texas vs. Mississippi State

This coming weekend, Texas will face Mississippi State on the road. With two losses so far this season, the Longhorns aspire to become one of the SEC teams to earn a playoff spot. Every game in the upcoming weeks is crucial for Manning and his team as they fight to stay in contention.
https://www.sportskeeda.com/college-football/news-it-s-real-challenge-tom-brady-feels-arch-manning-incessant-negativity-2025-season

Trump Slowly Deflates the Higher Education Bubble – Liberty Nation News

Posted on by
Reply

The Neuroscience Behind Student Loans and the Higher Education Bubble

Neuroscience teaches us that the prefrontal cortex, which governs executive functions like decision-making, impulse control, and planning, is the last part of the brain to mature. Scientists argue that the brain’s efficiency and wiring are not fully completed until age 25.

Why does this matter to something like student loans? This developmental factor is a significant reason behind the higher education bubble.

For years, the federal government has operated on the premise that politicians and bureaucrats can offer a 19-year-old—fresh out of high school and with no real-world experience—a loan of $100,000 with a sky-high interest rate. These government-backed student loans have also enabled universities and colleges to keep raising their tuition rates, knowing the state is subsidizing their students.

This cycle has created financial paralysis for millions of young Americans, but it could soon come to an end.

The Higher Education Bubble

This past summer, President Donald Trump signed the One Big Beautiful Bill Act. While most attention focused on tax cuts and the debt ceiling, the legislation also included a key student loan provision.

As part of the Republican megabill, Washington will cap student loan borrowing effective July 1, 2026. The law introduces annual and lifetime caps on borrowing for parents of undergraduates, professional degree students, and graduate enrollees. It also establishes a total lifetime cap for all borrowers at $257,500.

This is perhaps one of the most significant reforms to higher education in years.

Post-secondary institutions are already beginning to respond. Recently, the Santa Clara School of Law announced it would reduce tuition from approximately $66,000 per year to $50,000 for the 2026-2027 school year. The institution stated that the $16,000 tuition scholarship for all incoming full-time JD students was “designed to offset the impact of the recent repeal of the Graduate Plus federal-loan program, which is effective July 1, 2026.”

With fewer young Americans enrolling in college—total enrollment is roughly 3% below pre-pandemic levels—it’s almost guaranteed that other institutions will follow Santa Clara’s lead to stimulate demand. If so, the country will witness the slow deflation of the higher education bubble.

Subsidizing Demand

Former President Ronald Reagan famously said that if you subsidize something, you get more of it. Considering what has transpired at universities and colleges this century, he has been proven correct.

Government-guaranteed student loans have fueled the steep climb in college costs. With the government underwriting the risk, universities have faced little pressure to economize. Instead of streamlining operations, many have constructed lavish buildings, ballooning bureaucracies, and have hired celebrity professors with light teaching loads—all while tuition continued climbing.

Over the past 25 years, US university tuition has rocketed 100%, outpacing general inflation. Likewise, federal student loan debt has increased from around $200 billion to almost $1.7 trillion.

The federal government has routinely attempted short-term remedies to patch up the mess both parties have created over the last few decades—from suspending interest payments to bailing out specific categories of students and graduates. But these measures have merely masked the problem.

This situation is comparable to the current government shutdown debate regarding the Affordable Care Act. Because Obamacare has been a fiscal burden for US taxpayers, politicians have had to offer subsidies to the expensive program, benefiting insurance companies.

In 2021, economists at the New York Federal Reserve concluded that government student loans raise tuition costs.

> “We find a pass-through effect on tuition of changes in subsidized loan maximums of about 60 cents on the dollar, and smaller but positive effects for unsubsidized federal loans. The subsidized loan effect is most pronounced for more expensive degrees, those offered by private institutions, and for two-year or vocational programs,” they wrote.

Unintended Consequences

There have been other unintended consequences of government-student loans. One example: social media is flooded with videos of young graduates announcing their majors in “decolonizing the fine arts” and “combating white supremacy in ant farming.”

Without the discipline of the private market, individuals enroll in degrees that offer little chance of securing steady paychecks and rewarding careers. If the free market were to take over the student loan system, lenders would ensure that borrowers are enrolling in careers in high demand. If not? Be prepared to pay a higher rate of interest to study “Orange Man Bad Studies.”

Medieval Times and the Liberal Arts

The term “liberal arts” has become a pejorative—and rightly so—but this was not always the case. It derives from the Latin *artes liberales*, meaning “tools of freedom.”

During Medieval times, the liberal arts were divided into seven main subjects within two larger categories:
– Arts of language: grammar, logic, and rhetoric
– Arts of number: arithmetic, astronomy, geometry, and music

Considering that graduates’ IQ has declined about 17 points since 1939, it’s safe to say that today’s 20-somethings would struggle with a Medieval education.

Put simply, despite the $1.7 trillion worth of student loan debt, taxpayers have subsidized mediocrity and a system that holds contempt for Western civilization.

The higher education bubble is on the brink of popping. Good riddance.
https://www.libertynation.com/trump-slowly-deflates-the-higher-education-bubble/

What women should know ahead of National Mammography Day

Posted on by
Reply

FRESNO, Calif. (KFSN) — Breast cancer affects thousands of women every year. According to Dr. Christine Zhang, “One out of eight women has the chance of developing breast cancer in their lifetime, and, unfortunately, one out of 42 women will die from the disease.”

Early detection is crucial, as it significantly increases the chances of survival. “The survival rate when breast cancer is detected early is quite substantial,” Dr. Zhang explained. “Stage 1 breast cancer has a five-year survival rate of 93%.”

Despite high survival rates and advances in treatment, doctors continue to see new cases of breast cancer. Dr. Zhang notes that many women remain hesitant to come in for their screening mammograms, often because of concerns about how the imaging is done and the discomfort it may cause.

The COVID-19 pandemic also contributed to a decline in screening rates, as fewer women sought medical appointments during that time.

At the newly opened Kaiser Permanente Fresno Orchard Plaza Medical Offices, mammogram screenings are now available to patients. Dr. Zhang, a Medical Oncologist, says routine screenings typically begin at age 40. However, women with higher risk factors may need to start earlier.

“Women with a known family history of a BRCA gene mutation or a strong family history of breast cancer in first-degree and second-degree relatives are recommended to begin screening at a younger age,” she said.

In addition to clinical screenings, Dr. Zhang emphasizes the importance of self-exams at home, particularly for younger women. “We recommend self-exams in the shower or after the shower for women of all age groups,” she advised.

Health experts stress that if you notice anything unusual, you should see your doctor immediately. They also encourage reminding the women in your life to schedule and keep their yearly mammogram appointments. Early detection saves lives.
https://abc30.com/post/what-women-should-know-ahead-national-mammography-day/18020432/

AI in schools

Posted on by
Reply

MANILA, Philippines — ChatGPT is making its way into the classroom. Multiple studies have tracked ChatGPT usage patterns and found that activity tends to peak around finals season. Afterward, usage typically declines during the summer break, only to rise again when the new school year begins.

One Australian university observed a similar trend since ChatGPT went viral, noting increased engagement with the tool during critical academic periods. This pattern highlights how students are turning to AI-driven assistance particularly when academic demands are at their highest.
https://business.inquirer.net/552762/ai-in-schools