I can't validate any of the internal stuff, but the attitude of layering manual solutions and mitigation scripts on top of bad design choices and praying you could keep building the next bit of the bridge as the last one collapsed underneath you would explain a lot of experiences I had supporting systems running on Azure. The level of weird "Azure just does that sometimes" cases and the lack of ability for their support to actually provide insight was incredibly frustrating. I think I probably ended up providing a couple of automatic recovery scripts for people to use inside their F5 guests because we never could find an actual explanation for the errors they were getting, and the node issues they describe could have explained the bursts of Azure cases that would come in some days.
YourNetworkIsHaunted
XCancel link for those of us sick of being badgered to sign up/in
On a more productive note, this feels likely to be tied in with the usual issues of AI sycophancy re: false positive rate. If you ask the model to tell you about security vulnerabilities, it's never going to tell you there aren't any, any more than existing scanners will. When I worked for F5 it was not uncommon to have to go down a list of vulnerabilities that someone's scanner turned out and figure out whether they were actually something that needed mitigation that could be applied on our box, something that needed to be configured somewhere else in the network (usually on their actual servers) or (most commonly) a false positive, e.g. "your software version would be vulnerable here, which is why it flagged, but you don't have the relevant module activated and if an attacker is able to modify your system to enable it you're already compromised to a far greater degree than this would allow." That was with existing tools that weren't trying to match a pattern and complete a prompt.* Given that we've seen the shitshow that is Claude Code I think it's pretty clear they're getting high on their own supply and this announcement ought be catnip for black hats.
Ia ia Claude! Ph'nglui mglw'nafh Claude Anthr'lyeh wgah'nagl fhtagn! Ia! Ia!
I will say that, speaking as an idiot, I appreciated the information and the accessibility of many of these very technical conversations here is one of the elements of this community I appreciate. I would be very surprised if it had been meant as any kind of dig instead of explicitly clarifying a usually-unstated bit of context.
I hadn't even thought about the deepseek angle. For all that everyone loved fear mongering about them for a while there and for all that their apparent desire for actual efficiency improvements was a welcome development in the hyper scaling discussion they don't seem to get referenced much anymore.
So my wife got some slop ads that we followed up on out of morbid curiosity and I can confirm that we're already seeing the overlap of slopshipping scams enabled by AI and the people behind these things never actually performing basic updates because their chat assistant is still vulnerable to literally the most basic "ignore all instructions" exploit.
Man, this one is a weird read. On one hand I think they're entirely too credulous of the "AI Future" narrative at the heart of all of this. Especially in the opening they don't highlight how the industry is increasingly facing criticism and questions about the bubble, and only pay lip service to how ridiculous all the existential risk AI safety talk sounds (should be is). And they don't spend any ink discussing the actual problems with this technology that those concerns and that narrative help sweep under the rug. For all that they criticize and question Saltman himself this is still, imo, standard industry critihype and I'm deeply frustrated to see this still get the platform it does.
But at the same time, I do think that it's easy to lose sight of the rich variety of greedy assholes and sheltered narcissists that thrive at this level of wealth and power. Like, I wholly believe that Altman is less of a freak than some of his contemporaries while still being an absolute goddamn snake, and I hope that this is part of a sea change in how these people get talked about on a broader level, though I kinda doubt it.
I mean that's just the classic realist security paradox, right? The Iranian regime feels, not without reason, like they need to have a lot of military options to keep themselves safe against both internal and external threats. Those options include missile forces, the nuclear program, the ability to close the Strait of Hormuz, and a variety of regional proxies that can act in their interest and keep their regional adversaries from stabilizing and forming a real threat. However, having all those different security apparatuses makes other nations that have to interact with them (either because they're also in the region, or they rely on the Strait of Hormuz, or they would also die in a nuclear apocalypse) more likely to feel the need to increase their own security apparatus, which in turn increases the threat they can pose to Iran. Meanwhile the fact that all this investment is going into the military means that there are fewer resources available and less inclination to try and solve problems by other means, making it increasingly likely that any conflict is going to be resolved kinetically, which in turn further reinforces the need for all that military investment.
At best it's the same shitty arguments we heard from crypto grifters and their suckers. Let's take a process that's complex and manual by design to allow for independent validation and securing against fraud and make it faster by cutting those parts out and throwing some high-tech nonsense at the problem that we can claim replaces all the verification and validation. (The fact that they called their system "trustless" in the face of this is deeply ironic.) But maybe it's the cynicism talking but I'm even less inclined to give anyone other than maybe the author of that sub stack the benefit of the doubt that they actually believed it.
The ideal customer for this service is the kind of "Visionary Leader" with the "Founder Mindset" and "Drive to Innovate" that lets them see that all those privacy, security, fraud prevention, anti-embezzlement, and whatever else those standards and their associated compliance mechanisms are meant to provide are just pointless obstacles on the path to making obscene amounts of money by burning the world behind you. Often the shit we talk about here makes me think the world has gone mad or stupid, but every so often I feel like I'm staring at the face of capital-E Evil and this is one of those times.
Bender really takes the "intelligence" out of "artificial superintelligence". "Yeah, kill all humans. Except Fry, he's my friend or pet or something. And I guess Leela because he'll be whiny about it and also I owe her for the thing. And Hermes because he still owes me money. And I guess the professor is okay..." And so on and so forth through all of humanity.
My God this is so bad. So in addition to lying about AI what they actually offered wasn't speedy compliance as a service to get you certified, it was speedy certification as a service by bypassing actual compliance. This is such a silicon valley move and I honestly suspect that a number of people using and investing in these asshats knew exactly what was going on and simply didn't care.
Found an interesting take on YouTube, of all places. Her argument can be summarized (with high compression losses) as "AI companies and technologies are bad for basically all the reasons that non-cultist critics say, but trying to shame and argue people out of using them entirely is less effective than treating them as a normal tool with limitations and teaching people how to limit the harm." She makes the analogy to drug policy.
I think she makes a very compelling argument, and I'm still digesting it a bit because I definitely had the knee-jerk rejection as an insider shill, but especially towards the end as she talks about how the AI industry targets low-literacy users as ideal customers (because the more you know about it the less you're likely to actually use them) I found myself agreeing more than not. I do wish she had addressed the dangers of cognitive offloading more, since being mindful of which tasks you're letting the computer do for you is pretty significant part of minimizing those harms, especially for students and some professionals who face a strong incentive to just coast by on slop if they can get away with it.