this post was submitted on 30 May 2026
518 points (99.2% liked)

Fuck AI

7212 readers
2219 users here now

"We did it, Patrick! We made a technological breakthrough!"

A place for all those who loathe AI to discuss things, post articles, and ridicule the AI hype. Proud supporter of working people. And proud booer of SXSW 2024.

AI, in this case, refers to LLMs, GPT technology, and anything listed as "AI" meant to increase market valuations.

founded 2 years ago
MODERATORS
VerbFlow@lemmy.world
MrMcGasion@lemmy.world
TootSweet@lemmy.world
BigMikeInAustin@lemmy.world
cynar@lemmy.world
drmeanfeel@lemmy.world
pavnilschanda@lemmy.world
CriticalMedicine@lemmy.world
WonderfulWanderer@lemmy.world
Communist@lemmy.ml
eatCasserole@lemmy.world
SpaceNoodle@lemmy.world
NutWrench@lemmy.world
Soup@lemmy.cafe
iAvicenna@lemmy.world
Tinks@lemmy.world
wizblizz@lemmy.world
corus_kt@lemmy.world
Prandom_returns@lemm.ee
JimSamtanko@lemm.ee
TrickDacy@lemmy.world
TheFriar@lemm.ee
ArmokGoB@lemmy.dbzer0.com
HawlSera@lemm.ee
andrew_bidlaw@sh.itjust.works
MeDuViNoX@sh.itjust.works
33550336@lemmy.world
Nougat@fedia.io
Lost_My_Mind@lemmy.world
Quill7513@slrpnk.net
glowing_hans@sopuli.xyz
e8d79@discuss.tchncs.de
ThefuzzyFurryComrade@pawb.social
518
Dev Says He’s Getting Threats After Leaving a Booby Trap for Vibe Coders (gizmodo.com)
submitted 2 days ago by resipsaloquitur@lemmy.cafe to c/fuck_ai@lemmy.world
119 comments fedilink hide all child comments
 

cross-posted from: https://infosec.pub/post/47200357

One critic called the move “petulance beyond measure.”

you are viewing a single comment's thread
view the rest of the comments
[–] boonhet@sopuli.xyz 8 points 1 day ago* (last edited 1 day ago)

It's an issue of how insanely insecure giving an agent a blank check for everything is.

I've tested, Claude Code, Codex and Mistral Vibe. They all prompt you for any writes or actions and any other tool calls that could be destructive, as well as any reads from outside of the current working directory scope. By default.

But then if you have to answer "yes" to everything you want to allow, you have to be at the keyboard! Such horrible! Let's give the agent permission to do "bash *" and "python *" and "rm *" and....

I'm blaming this one on the users, not the frameworks. Anyone using such a tool should know that they're non-deterministic and giving them full access to everything can be incredibly destructive.

Incidentally that's why we're not all completely replaced by non-technical people vibe coding entire applications just yet, even if Opus with xhigh/max thinking settings can outperform a lot of developers. It's because if you let a non-technical person give all this power to an agent or even just hit yes without reading the commands being prompted for, it's gonna bite the entire company in the ass hard.