Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)E

Encrypt-Keeper

@ EncryptKeeper @lemmy.world

Posts
8
Comments
2266
Joined
3 yr. ago

  • Google has a price for you. We found it.

    Jump

  • The desktop is worth more because of the assumption that you’re a corporate buyer at work.

    The choice to force you into an app has nothing to do with this at all

  • Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue

    Jump

  • What am I missing here?

    This is an agent doing IaC for the company. Nowhere is it specified that the agent is only used in staging, only that the fuckup happened while working in the staging environment.

    What is a "routine task in [a] staging environment"

    Not sure what the routine task was specifically, but it doesn’t really matter. The task involved modifying the company’s infrastructure via IaC.

    why does it need admin permissions?

    It’s doing IaC, how exactly is it supposed to manage the cloud infrastructure itself without permissions to manage the infrastructure?

    Why does the agent have permissions for the prod environment if it's supposed to work in the staging one?

    Who said the agent only works in the staging one? I doubt they’d use a fully qualified infrastructure engineer to manage prod and then give staging to an AI. Either that engineer is managing the company’s infra or he’s not.

    What the article describes is an agent that manages their IaC, and when it was set to do a job in the staging environment, it deleted something in prod because it thought that would help it do what it was doing in staging. The CEO says the resource deleted was somehow in both environments at the same time. Not sure I believe that but that’s what he said. If that’s true, I would imagine that’s how the AI designed it in the first place.

  • Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue

    Jump

  • No, I was simply mistaken about the job it was given. Like I said, all I had to work with was the tomshardware article, which doesn't go into much detail.

    The article goes into full detail. All of this information was in the article.

  • Ghostty Is Leaving GitHub

    Jump

  • GitHub didn’t work at all most of the day yesterday

  • Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue

    Jump

  • Granting someone or something that isn't the senior admin permission to delete a volume is irresponsible.

    Correct. Like I said this was the job of a senior admin.

    They gave the AI the job of managing IaC for their environment. Then were shocked when the AI managed the environment incorrectly. This is absolutely not something you let a junior engineer anywhere near.

    You seem to be suggesting that the AI should be able to do the job they gave it without being given the permission required for it to do. The thing about doing things in IT, is you need to have permissions to do the things you’re asked to do. So you have to make sure the person you give permissions to is reliable and knows what they’re doing. The AI did not.

  • Pragmata surpasses 1m copies sold in just two days

    Jump

  • Pragmata surpasses 1m copies sold in just two days

    Jump

  • It’s funny we were just talking about this 4 days ago, because as of today the big news is a new hypervisor-based method of circumventing Denuvo was reported and now zero games are uncracked.

  • Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue

    Jump

  • That's why I consider this partially a human failing: If you're gonna use a tool, make sure that it operates within safe limits.

    Yes and in this case using it for this job at all was clearly not within safe limits. You keep hammering on “It’s not the AI’s fault it was given a job with too big of a blast zone for it to safely do” after I’ve said “This type of job has too big a blast zone for an AI to safely do” and somehow you’ve convinced yourself that these are two different things.

  • Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue

    Jump

  • Yes that’s right the protocols that we humans used to have for giving only trusted, reliable people this level of access over infrastructure predate LLMs and were a great way to stop this from happening.

    However the AI is here now, and when you give an autonomous agent with known hallucination problems access to act on your behalf with your IaC on your infra provider, this kind of thing is an inevitability.

  • Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue

    Jump

  • Giving the equivalent of a junior dev with a learning disability the keys to the whole place is just dumb.

    Correct. You too have now identified the AI problem. This was the job of a human senior infrastructure engineer that they delegated to an AI agent. They’ve found out why it’s not an AI’s job.

  • Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue

    Jump

  • Seems to be, yes. The AI had the access it needed to do the job it was given, and that access allowed it to cause the problem.

    The alternative that would have prevented this issue was to not use AI for this.

  • Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue

    Jump

  • this is an "Don't allow anyone access your backups without following protocol." problem.

    Congratulations you just identified the AI problem.

  • Migrating from DigitalOcean to Hetzner: From $1,432 to $233/month With Zero Downtime

    Jump

  • I’m a U.S. user and did not have this problem.

  • Migrating from DigitalOcean to Hetzner: From $1,432 to $233/month With Zero Downtime

    Jump

  • Yes it’s ok, in general. It’s not the most modern or efficient way of managing infrastructure but it’s worked for decades now. It all depends on what you’re hosting, for who, and for how many people.

    If you’re hosting internal company infrastructure for a relatively static number of users in a single of set few regions to deliver to, bare metal monolithic stuff is absolutely fine. It’s when you’re an app or service company and your infrastructure is for the back end for a public service that needs to be able to scale dynamically, and you’re worried about high 24/7 uptime, and latency to end users is a global issue that things like microservice architecture, containerization, and iac starts becoming important.

    The whole containerization crazy is important for microservices architecture where you split your app into different pieces. This lets you scale different parts of you app as needed, it prevents your entire app from failing just because one part of it failed, it allows for lifecycle management like blue/green deployments with no downtime, allows developers to work on different parts of the app and update at a faster cadence than one big release for the entire thing every time you update one small part of it, things like that.

  • Tech companies like Google, Facebook and Microsoft are ignoring data controls mandated under California privacy law at ‘industrial scale’

    Jump

  • All wealth is imaginary. If you have stocks “worth” X amount of money and can borrow real against it , it’s wealth.

  • Federal Surveillance Tech Becomes Mandatory in New Cars by 2027

    Jump

  • 2021

  • Meta plans to lay off 10% of its workforce in May, according to report

    Jump

  • Unlikely lol.

  • Meta plans to lay off 10% of its workforce in May, according to report

    Jump

  • you think by the end of the year Meta will have 10,000 less employees than it did at the start?

    No, I think it will have even less.

  • Pragmata surpasses 1m copies sold in just two days

    Jump

  • There were several Denuvo cracks in that period actually, just not as many.

    Other games get cracked day 0 even though it's equally thankless. That obviously isn't the distinguishing factor.

    Denuvo games also get cracked day 0. Not sure what your point is, or at this point if you even have one.

    At the end of the day, what I said was correct. There was a period of time where we had less cracks, and now it’s ramping back up again. There doesn’t seem to be anything about Denuvo that stops its games from being cracked fairly quickly other than a lack of people to do the cracking.

    These are all verifiably correct and factual statements. Whatever it is you’re whinging and whining about… I don’t know what to tell you.

  • Selfhosted @lemmy.world
    Encrypt-Keeper @lemmy.world

    Storyden: A forum for the modern age.

    www.storyden.org
  • Selfhosted @lemmy.world
    Encrypt-Keeper @lemmy.world

    ZaneOps is a great self hosted PaaS alternative to Vercel, Netlify, GitHub Pages

    zaneops.dev
  • Selfhosted @lemmy.world
    Encrypt-Keeper @lemmy.world

    A Brief History & Ethos of the Digital Garden

    maggieappleton.com /garden-history
  • Technology @lemmy.world
    Encrypt-Keeper @lemmy.world

    The Web is Going to Die

  • Games @sh.itjust.works
    Encrypt-Keeper @lemmy.world

    Helldivers 2 - Sony no longer plans to enforce PSN account requirement for PC players

    x.com /PlayStation/status/1787331667616829929
  • Selfhosted @lemmy.world
    Encrypt-Keeper @lemmy.world

    Homebox is the inventory and organization system built for the Home User!

    hay-kot.github.io /homebox/
  • Apple @lemmy.world
    Encrypt-Keeper @lemmy.world

    Apple rolling out second public beta of iOS 17, watchOS 10, and macOS 14

    9to5mac.com /2023/07/31/ios-17-beta-public-2/
  • Technology @lemmy.world
    Encrypt-Keeper @lemmy.world

    A privacy analysis of Meta’s new Threads app

    proton.me /blog/meta-threads-privacy