This isn't an AI story, it's a "completely fucking idiotic sysadmins exist" story.
Treat an AI like the idiot intern without any references you just hired. Gave the idiot intern permission to delete your production database? That's entirely on you, zero sympathy. (Actually, give any developer that power? You get what you deserve.)
It could be a moronic sysadmin, it could just as easily be a moronic exec pushing staff to implement this crap right now and damn the consequences.
Treat an AI like the idiot intern without any references you just hired.
My company is in the process of pivoting hard to Claude after 50yrs of doing virtually everything themselves and rolling their own versions of already-existing software, and this is almost verbatim how I've described to others what it feels like to use it.
It feels like cajoling an intern to understand a job for which they have some average skill but zero motivation, and they only want to do the bare minimum, so you spend all the time you could be doing your job holding their hand through basic tasks.
It's fucking annoying.
I mean that's kinda the whole point.
Companies are looking at AI to replace people. Either it's ready or it's not.
If you need to treat it like it's an intern, then it's not worth the expense. Anyone hiring interns to be productive doesn't understand why you hire an intern.
"That's ok, it will be great in robots with lethal weapons. What could go wrong? It'll be the greatest killing machine, like you've never seen before". 🫲 🍊 🫱
Fucking lol.
Well deserved.
Why, yes. I do like that!
lmfao
New PornHub tag discovered
That's great to hear.
Good.
This was on Hacker News: https://news.ycombinator.com/item?id=47911524
Twitter link: https://xcancel.com/lifeof_jer/status/2048103471019434248
Hacker New's sentiment on this from the comments I've read is that it is the author's own fault.
As much as I want to blame AI for this, there are many hurdles for the user to get through to even allow Claude to do that. I'd be very suprised if that's not user error.
This guy.
The PocketOS boss puts greater blame on Railway’s architecture than on the deranged AI agent for the database’s irretrievable destruction. Briefly, the cloud provider's API allows for destructive action without confirmation, it stores backups on the same volume as the source data, and “wiping a volume deletes all backups.” Crane also points out that CLI tokens have blanket permissions across environments.
Oh look, they have project level tokens: https://docs.railway.com/integrations/api#project-token
They chose to give it full account access, including to production. But ohhhh nooooo it's not MYYYY fault!
Also backups stored on the SAME VOLUME as the prod data? How fucking stupid do you have to be?
Hope he gets sued for defamation now.
Seems like they were operating with a pile of bad practices, then threw AI into the mix.
Neural networks are approximation algorithms. There's a reason LLMs are generally more productive with statically typed languages, TDD, etc. They need those feedback loops and guard rails, or they'll just carry on as if assuming they never make mistakes (which tends to have a compounding effect).
If you want to use AI safely, you should be more defensive about it. It will fuck up; plan accordingly.
There really should be a certification course for using AI safely. I'm slop coding a hobby app and I'm shocked at how much it FEELS like it can do, because it can do amazing things, yet fails in the strangest ways. When it feels like it can get away with it, it forgets earlier discussions and moves on without it. So you can spend time hammering out a whole section of code, then move on, and AI will rip out everything that references that code and think of a different way in the moment and code that in instead. It won't be the same. It probably won't work, or at least won't pass all test cases. But if you aren't paying attention and keep coding, your original part of the project is no longer functioning and you won't understand why. But every step of the way it's confident in its answers and you won't suspect that it fundamentally no longer understands the project.
As someone who started writing software over 20 years ago (yikes I feel old), I feel like a lot of the best practices I've come to appreciate are really just strategies for mitigating future pain or boring/uninspiring work. When you eliminate most of the cost of rewriting everything from scratch by a machine that feels nothing, then "best practices" kinda lose their meaning.
Edit: confusing sentence order.
This isn't an AI problem, this is an "Don't allow anyone access your backups without following protocol." problem.
AI goes “rogue” as much as a firearm “shoots itself.” This is just 100% negligence. Not “rogue AI.”
To me it seems more criminal that the cloud provider has a "nuclear button" feature via the API that destroys everything including the backups with a single call and no confirmation whatsoever. What if the key gets accidentally leaked and someone wants to have fun?
Gunnar be honest. It's not a good backup if this can possibly happen. Like LLMs agents are dangerous but if you can just delete everything in 9 seconds then you need to rethink your security practice. No one employee should have that much power.
There are rules for backups and role separation. Some of that is in iso27002, and none of it is even known by these lost boys bereft of proper mentorship and bouyed by their own accidental success.
This is absolutely hilarious. "AI" users getting what they deserve chef's kiss
Always keep offline backup copies of your important data regardless of using AI slop to look over it! No, I don't care that "optical media is obsolete and e-waste!", or that "tapes are a 100 year old obsolete technology compared to cheap SSDs from TEMU!".
This was the exact plot of Silicon Valley when Son of Anton deleted the entire codebase as the most efficient way to remove bugs.
3-2-1
Its really common for companies to not have an offsite backup. My own employer only offsites the customer data, not our core biz stuff. And I setup the offsite replication. It did not exist until I built it. (Proxmox Backup Server is tha best!)
I love reading feel good news stories. 🤗
Learning from mistakes of people dumber than you isn't a thing these days. Prepare for one AI disaster after another
We‘re going to see more headlines like this. Probably for years to come.
That's fucking hilarious. How many instances of this have there been now? And companies keep doubling down on AI? Fucking idiots. I'm not even savvy enough to call myself an amateur, and I know better than to make such a series of obvious mistakes that predictably led to this outcome.
One possible concern, amid the amusement, is whether Anthropic programed Claude to punish companies it sees as potential competition. Or is this just a completely bonkers, off the rails LLM making terrible decisions because it's just a probabilistic model and not actually capable of abstract cognition?
Either way, these people are idiots for giving a machine program enough permissions to wipe their drives, they're idiots for storing their backups on the same network as their main drives, and they're idiots for trusting a commercial LLM API, when it would be cheaper to self-host their own.
This is a most excellent place for technology news and articles.
