These cases always, always make me laugh.
Because avoiding them is quite simple.
this post was submitted on 27 Apr 2026
434 points (98.2% liked)
Programmer Humor
31201 readers
1537 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 2 years ago
MODERATORS
Crane bullet points five things that need to change as the AI industry scales faster than it builds a worthwhile safety architecture. Specifics he calls for include; stricter confirmations, scopable API tokens, proper backups, simple recovery procedures, and AI agents existing within proper guardrails.
"I hooked up spicy autocomplete to our production systems and it nuked them. What have I learned from this? Here are some bullet points for how the spicy autocomplete industry needs to do better."
If I did that the first day I was hired, nobody's going to my parents for answers
To be fair, those bullet points are pretty standard security best practices that any software company should be following.
But like, at the same time, even if AI companies were doing those best practices, I still wouldn't let their products loose on production systems.
Sure, they're reasonable requests. They're things that he should have looked at before letting spicy autocomplete loose on production.
If I put a supposedly trained monkey into a tractor's cabin and had it try to do farm work, I don't think people should be listening to my ideas about what kinds of skills monkeys should be taught before they're assigned farm work. I think people should be laughing at me and calling me an idiot for assuming a monkey could do farm work.
Yes but your monkey was able to start your tractor that one time... And like, what if your neighbor starts using monkeys? He might harvest more than you. Besides, everyone will be using farming monkeys in the future, so better start letting them drive now. You wouldn't like to be known as a monkey free farm, right?
🍿
Seems like user error, I'm no programmer but even I lnow you don't give an agent access to critical things, and Claude is very insistent at asking for permission at every step.
Seems like user error, I'm no programmer but even I lnow you don't give an agent access to critical things
Yes.
But these models have (largely correctly) learned from Stack Overflow that, on average, every problem is due to not enough permissions.
Someone fully relying on an agentic AI model is essentially destined to give it full control (or close enough), eventually.
At some point, a tool like these LLMs either needs to not be marketed to that user, or needs stupid levels of safety warnings.
My money is on neither solution happening, and this kind of result continuing for the foreseeable future - until the rest of us doing cleanup instigate Dune's Butlerian Jihad to stop the damage and save our own sanity.
Thus completelly eliminating all bugs and data incorrections in Production!
That right there is the sweet smell of Victory!
Man who shit his own pants horrified that his pants are full of shit.
Demands explanation from pants vendor.
In your analogy, I would think they would demand an explanation from the food vendor.
Demands explanation from local grocery store?
I can't believe that they criticized the vendor api for not having confirmation.
It's a freaking API!!! It's designed for automation, not direct human (or LLM!) use. If you added confirmation then devs would have to code automatic acceptance, which defeats the purpose.
It doesn't make a bit of sense. Someone is passing the buck.
Everything is always somebody else's fault.
Yeah but a higher up would have to take responsibility, we can't have that
Yelling, "Who's shit is this!?"
If you are giving your codegen LLM - the model involved truly, genuinely doesn’t matter - admin access to your prod env, all I’m going to do is point and laugh.
Just to add - AND ACCESS TO THE BACKUPS!!
and having the backups stored in the same location as the primary data
Then it's not a backup, it's just duplicated data.
Just a shit show top to bottom for sure
No one should be able to delete or change backups. This infra was in any case vulnerable to a ransomware attack as any bad actor that breaks in can delete the database and encrypt the backups with a key they promise to share in return for bitcoin.
Also no prompts, ironically, for operations like "Are you sure you want to delete the production database? (y/N)"
It’s amateur hour all around lol
So what? Gen AI can build a new database and populate it with data 🤷♂️ /s
PocketOS founder blames ‘Cursor running Anthropic's flagship Claude Opus 4.6’
Fuck that. I'm blaming the PocketOS founder and every person in the chain of decisions that led to a clanker being given this level of unrestricted access to the database and the backups.
Hot take: offsite, offline backups are so cool right now.
Hotter take: do not give an LLM agent permissions you wouldn't give a recently hired junior
Actually this is how AI should be viewed. Under the right circumstances it maybe saves lots of time, but it also might destroy, so treat it like you would an intern...
Yup, follow the 3-2-1 rule or you don't have backups
They blame AI, but what if this was one of those aggressive encrypt everything malware attacks? Why are the backups accessible anytime except during a backup? I know, I know, convenience. But all of the backups?
hell I've got a better backup methodology with my fucking cat photos
load more comments
(1 replies)
Efficient, tho.
I don't understand what Railway is supposed to do here? If deleting a drive also deletes the backup, what's the point of the backup?
I save space on backups by symlinking my data in a backup directory. It’s never failed!
You obviously should do a hardlink, as this is much safer
That's the joke
I XOR all the bytes of my data and write down the resulting byte value on a post-it as our backup.
Saves tons of space, it's fully offline and I never had any problem with it.
load more comments
(2 replies)
No bro you don't understand, Claude needs access to backups so it can restore them in case something breaks because our senior dev ($50k, 2YoE) doesn't know how to do it
Damn, you got two-year-olds making 50k?
wiping a volume deletes all backups
that sounds like a wonderful backup system 😂
Fuck around and find out
If you are going to give an LLM a free pass to your whole prod database least you should do is to take weekly (or daily if plausible) offline backups of it. A hard limit against deleting stuff would be better.
This is fun to read. I hope people will have their actual intelligence activated after this.
They won't but they will continue to accidentally create content for my amusement :D
load more comments
(1 replies)
They can't go rogue, they have no agency or desire or thought. What really happened is the thing specifically designed to do whatever the Plinko line with the most chips says did it because the incompetent dickheads who deployed it didn't know how not to do that.
Its bound to happen more and more. More concerning, what is it decides to insert unknown code into backups? How are they detected? Who's guarding all if these? Another AI?
load more comments
(1 replies)
Don't blame, Credit. Credit CloudStrike.
Dance, rich. Dance and don't stop cuz I ain't a single Arnold Schwarzenegger saving your ass.
My suggestion is to not give it access to the backups, but may I'm naive that way.
view more: next ›