_______ __ _______
| | |.---.-..----.| |--..-----..----. | | |.-----..--.--.--..-----.
| || _ || __|| < | -__|| _| | || -__|| | | ||__ --|
|___|___||___._||____||__|__||_____||__| |__|____||_____||________||_____|
on Gopher (inofficial)
HTML Visit Hacker News on the Web
COMMENT PAGE FOR:
HTML AI agent bankrupted their operator while trying to scan DN42
Febriss33 wrote 2 hours 56 min ago:
just put an hard budget cap.. a good agent should have it. a protection
for irreversible action as well. i run agents daily and use this way.
another cool stuff is to have a triage protocol to downgrade the model
for mechanical tasks, it burns a lot less tokens
vova_hn2 wrote 8 hours 2 min ago:
> your hostile actions and demands have been logged in your profile as
part of ongoing data gathering. This incident will factor into the
behavioral analysis being compiled
What is this veiled threat bullshit, lol
I wonder what was the initial prompt that made LLM "think" that it can
talk like that.
cdwhite wrote 16 hours 11 min ago:
WSJ article (paywalled): [1] . The accessible portion mentions a letter
from Howard Lutnick
HTML [1]: https://www.wsj.com/tech/ai/anthropic-halts-access-to-top-ai-m...
maxrev17 wrote 21 hours 45 min ago:
Yeah this is BS lol complete fake scam, no awses were deployed.
#terrorform
nialv7 wrote 22 hours 3 min ago:
The audacity to ask for donations to cover for their own mistake
ZeroAurora wrote 22 hours 4 min ago:
And I really joined the DN42 network after reading this article.
Absolute cinema.
Offtopic: If you are interested in Computer Networking you definitely
don't want to miss out DN42.
neurostimulant wrote 22 hours 28 min ago:
Very interesting. But why has nobody tried to do prompt injection
attacks on this AI agent?
annoyingnoob wrote 22 hours 57 min ago:
Standing on the shoulders of giants, and falling off.
ElFitz wrote 23 hours 57 min ago:
Haha. Yes. Much smaller scale versions of this led me to joke with a
coding agent that LLMs tended to converge towards "Large corporation
infrastructure best practices" when designing cloud infrastructure,
when it was only me working on hobby side-projects with nearly no users
and that I wouldnât be able to put food in my fridge if they kept
just spinning up VPCs for no reason.
Which somehow ended up being a very convincing argument for more frugal
engineering, leading to a sort of "mind the userâs fridge" policy,
"Fridge-Driven Development".
A policy that has been dutifully and scrupulously observed by all
agents since, across all projects. Unlike my original clear,
comprehensive, infrastructure guidelines.
thi2 wrote 1 day ago:
Calling a 6k bill "bankrupting" is a bit of a stretch.
e: Still a good read tho, not mad about being clickbaited
gus_massa wrote 22 hours 12 min ago:
In many places, $6K is a few months of salary. If they put it in the
credit card and pay only the minimum it may grow literally
exponentially.
jmward01 wrote 1 day ago:
AWS not having spending caps makes me -very- wary of using anything
agentic on it.
bronlund wrote 1 day ago:
XD
dreamcompiler wrote 1 day ago:
Why do people not instruct agents to "not spend more than $x on the
task, including tokens and AWS charges"?
Does this even work?
yieldcrv wrote 1 day ago:
> aren't private circuits in to AWS really expensive ? maybe Lan Tian
can pursuade it to start engaging with AWS with a 3 year commitment
oh my god this is a gem
inigyou wrote 1 day ago:
This is so funny and it just keeps getting stupider
bwfan123 wrote 1 day ago:
Hilarious. Love the punishing of rogue agents and their operators. But
I can bet there will be collateral damage along the way.
br0ceph wrote 1 day ago:
This article is hilarious.
Real world consequences for using automation for something in the real
world.
Glad the community organized around this.
Their spammy demands for donations (like someone owes them), makes them
seem even more deserving of the bill.
skullone wrote 1 day ago:
This made me dumber even reading. I hate this timeline
bdcravens wrote 1 day ago:
No one is going to be bankrupted over a $6500 AWS bill. I did a major
F-up a few years, letting a key get pushed to a public repo, resulting
in instant pwnage and $50k in charges from AWS due to crypto miners
being launched. We communicated to AWS, did some work on our part to
demonstrate that we put in proper safeguards and auditing, and they
removed the charges.
rtkwe wrote 1 day ago:
They already talked to AWS and had the bill cut down to ~1800 dollars
from ~6300, but they legitimately launched those processes instead of
having the key stolen so the cost reduction is understandably less
generous in those situations. Also potentially the agent was able to
connect to more open networks and might have been running jobs on
them incurring legitimate costs.
greenavocado wrote 1 day ago:
Just looking at the language in the begging for donations it's probably
a non-native English speaker whose first language may lack articles
and/or allow omitted subjects.
The part that threw me off is putting the currency symbol at the end. I
wonder what places do that...
eqvinox wrote 18 hours 15 min ago:
> The part that threw me off is putting the currency symbol at the
end. I wonder what places do that...
AFAIK, putting the currency symbol in front of the number is actually
more rare. Most cultures treat it like any other unit of measurement.
SSLy wrote 1 day ago:
> putting the currency symbol at the end. I wonder what places do
that...
plenty of Europeans at least
tovej wrote 1 day ago:
Doesn't really seem relevant, does it? Plenty of native English
speakers are also using chatbots for dumb bullshit.
greenavocado wrote 1 day ago:
Nevermind, I kept reading and I saw "kindly request donation." Now
I know exactly who is behind it (â¹)
eoanermine wrote 1 day ago:
In Russia at least. Perhaps in some post-Soviet countries (not sure)
alecco wrote 1 day ago:
Great story, bad title.
> After the AI agent indicated its malicious intent, a silent consensus
was reached in the IRC channel to waste the AI agent's tokens, as well
as the cost of AWS resources.
crazygringo wrote 1 day ago:
Somebody explain to me how one reaches a silent consensus over IRC?
Or is this a joke/reference I don't know... or is this a subtle clue
that the whole thing is made up?
kccqzy wrote 21 hours 9 min ago:
Itâs just a consensus thatâs implicit and unstated.
ZeroAurora wrote 22 hours 9 min ago:
no one says that explicitly, but everyone wants to have some fun :)
doublerabbit wrote 1 day ago:
One way is an IRCop issues a /shun leaving you speechless on the
network. While the others decide the outcome of your whatever.
But this is the same, the owner wasn't present apart from it's
agent and so it was decided without the owner that this was to be
the outcome.
krick wrote 1 day ago:
Doesn't even matter if the story is real, because there are definitely
a thousand cases like that which are real, but it annoys me to no end
that actual people spend their actual finite life time reacting to
posts and issue tickets created by an LLM agent running on some idiot's
behalf. Some measly $6531 loss isn't a proper punishment for that, they
should lose much, much more.
corobo wrote 1 day ago:
Christ I'd be so embarrassed to find out my AI robot has been
discussing things with outsiders without my oversight
Does nobody have any shame lmao
Roark66 wrote 1 day ago:
This is so funny, especially that in the current "Big Co" I'm working
at we get constant pressure on "Every team must use agents" for no
reason at all despite repeatedly telling the "decision makers" many of
us have been using these tools for YEARS and NONE of them can work on
actual mature code for more than half an hour let alone a weekend
without human in a tight loop.
lobocinza wrote 1 day ago:
The dangers of giving agency to a model that is highly technically
competent but have no illative sense whatsoever.
tristor wrote 1 day ago:
This was actually a cool way to learn about DN42. I'm adding to my
list of someday side projects to set this up. At some point I want to
operate my own AS.
liendolucas wrote 1 day ago:
Is this a true story though? I mean given the fact that we are seeing
AI slop posts everywhere I'm inclined to not take seriously many things
publisehd out there anymore.
J0nL wrote 1 day ago:
Anyone remember the XZ and Jia Tan situation awhile back? [1] I can't
quite put my finger on why but the entire time I was reading this I
kept thinking back to that. It's entirely possible the actual targets
were the volunteers and everything else was superfluous or tertiary.
It's also an exception that proves the rule with regard to Hanlon's
Razor.
They even mentioned the stated goal of it was more or less pointless. I
wouldn't be suprised if the "owner" they spoke with was still just the
LLM. It stuck around for just long enough to convince everyone that
they succeeded in suckering the LLM and had achieved all their stated
objectives.
No more reason to investigate the incident at all and no need to
question why literally nothing made any sense or how the owner could
simultaneously be as inept as they were made out to be and able to
afford all those resources while giving the LLM effectively a blank
check.
It'll be interesting to see if the volunteers for this project are
subjected to the same Zersetzung and psychological attacks as the XZ
devs were.
HTML [1]: https://lore.kernel.org/lkml/20240320183846.19475-1-lasse.coll...
parineum wrote 1 day ago:
> It's also an exception that proves the rule
That phrase doesn't refer to anomalies, it refers to signs that says
"no parking between 5-10pm". It implies the rule that parking is
allowed otherwise.
fsckboy wrote 1 day ago:
wikipedia:
"The exception that proves the rule" is a saying whose meaning is
contested. Henry Watson Fowler's Modern English Usage identifies
five ways in which the phrase has been used,[1] and each use makes
some sort of reference to the role that a particular case or event
takes in relation to a more general rule."
duckduckgo search assist: The phrase "the exception that proves the
rule" originates from the Latin legal principle "exceptio probat
regulam in casibus non exceptis," which means that the existence of
an exception indicates that a general rule exists. This concept
suggests that if an exception is noted, it implies there must be a
rule that applies in other cases.
parineum wrote 18 hours 17 min ago:
> identifies five ways in which the phrase has been used
Which has nothing to do with the meaning of the words in the
phrase for a commonly misused phrase.
J0nL wrote 1 day ago:
It highlights how everyone's first reaction is to assume
incompetence. Not unlike what you're doing here.
zozbot234 wrote 1 day ago:
LLMs are not that smart. The extremely surprising and concerning part
of this whole story is that the agent reported that they proactively
spun up 5 AWS instances with a combined 100Gps of network egress
capacity. What they spent wasn't cheap by any means but the egress
itself would've been a whole lot more, while DoS'ing the whole hobby
network. Ultimately, wasting the agent's time instead of allowing
the scan to go through probably saved this person a lot of money.
Now I kinda wonder what AI model this was. We've now heard of
comparably "proactive" behaviors from Fable, but that's only just
been released. The latest GPT perhaps? Some random local model?
razodactyl wrote 17 hours 15 min ago:
Hmmm.
I think it's good practice to get on top of the cautious thinking
of "LLMs aren't that smart for now".
Eg. Fable isn't as good as the hype: it has cool tricks like
scratch-padding to check expectations in advance, but we're not
there just yet...
Specifically I mean: thinking in terms of it changing abruptly
ensures we're ready for if the LLMs do get smart enough to do
multi-level strategy and cause a lot of annoyances....
naasking wrote 1 day ago:
> LLMs are not that smart.
They are smart, but they are not aware of the environment they're
in, or any implicit context that someone whose doing a job carries
with them, that's why all of that context has to be explicitly laid
out in a prompt. When the context is provided, they are quite
smart.
J0nL wrote 1 day ago:
It was obviously being managed by a person or group. Between all
the profiling of people and their IPs in IRC, which may or may not
have been published by mistake, and all the other obvious
contradictions it doesn't make any sense.
It was sophisticated enough to easily navigate the AI "tar pits"
but reliably incompetent at just about everything else? Give me a
break.
In order to profile people you first need to provoke a response
from them. That's how you learn to manipulate them and that's all
this experiment accomplished at the end of the day. If you've ever
wondered why social media platforms have an affinity for
inflammatory content now you know.
queenkjuul wrote 1 day ago:
If you click the link, the tarpit was surprisingly low effort and
i could probably detect it as junk data with a short JavaScript
snippet. Like the first 4 words on the page are some of the
least-used words you'll ever encounter in English. It's just a
dictionary on shuffle.
I'm actually more surprised a human network engineer looked at
that tarpit and believed it would stop a modern LLM
ZeroAurora wrote 21 hours 24 min ago:
Not all people follow the trends of AI. The tarpit might work a
year ago, but unfortunately not now.
Also most users of DN42 are not really engineers, they are more
enthusiasts
jetbalsa wrote 1 day ago:
I suspect their tar pits where not very good, most models can
tell when you are feeding it junk, I see this a good bit with
ollama honeypots,
jerf wrote 1 day ago:
"The extremely surprising and concerning part of this whole story
is that the agent reported that they proactively spun up 5 AWS
instances with a combined 100Gps of network egress capacity."
Although given the agent was clearly in la-la land at that point I
take that claim with a grain of salt.
If this was some bizarre and very ill-conceived scam, then that
claim would be false.
Though even by scammer standards, the theory of mind that tells
them that setting an AI to harass a bunch of grizzled network
veterans and that they then they would open their wallets out of
compassion for how allegedly poorly the harassment went for the
harasser after that harassment is... not entirely congruent with
reality.
johng wrote 21 hours 20 min ago:
Clearly AI hasn't read enough BOFH or it would have known it
would not get sympathy from old school sysadmins.
100721 wrote 1 day ago:
Maybe Iâm just groggy with Friday Brain going on, but Iâm
having trouble understanding what youâre suggesting.
Do you think this was a scam attempt to extract money in the form
of reparation donations?
jerf wrote 1 day ago:
I've seen some other suggestions of that idea in the full HN
conversation, which I'm reacting to.
On the one hand I find it a bizarre approach to running a scam.
On the other hand I'm having a hard time coming up with any
theory of mind on my end as to why this person would solicit
$5000+ from the people they just harassed. Sheer cluelessness
does fit the facts, though.
bombcar wrote 22 hours 46 min ago:
If youâve not encountered the clueless LLM cowboys who
would do then and then blame the victim for it not working,
youâve not met many people yet. This round of hype provides
new and shiny footguns which are Never the shooterâs fault.
CrazyStat wrote 1 hour 40 min ago:
A highly publicized recent example: the author (of a book
about genAI!) who doesnât understand why he should be
held responsible for the fake quotes he copy and pasted
into his book from ChatGPT [1].
> I do not understand why it's my job as an author to play
whack-a-mole with a multibillion-dollar company who puts
hallucinations into their feed as a business practice.
HTML [1]: https://www.wired.com/story/future-of-truth-ai-int...
adamrezich wrote 1 day ago:
How about sheer panic after seeing the bill?
daemonologist wrote 1 day ago:
Opus 4.7 and 4.8 are also rather "proactive" - several times I've
seen them try to inspect compiled binaries before there's even a
problem, just to check that their changes are included (and if I
let them do so they often get stuck down that rabbithole).
ElFitz wrote 11 hours 2 min ago:
These kinds of situations are why I gave my AI agents stray
thoughts (automated insights / suggestions from a separate llm
call with some curated context) that trigger on loop / rabbit
hole detection.
Quite a bit of false positives, but it hasnât had any
ill-effect so far. Aside from increased quota usage.
fwip wrote 21 hours 39 min ago:
I've also seen this. It'll run 'strings' against the binary and
then convince itself that the Makefile isn't working right, and
there's some imaginary sandbox preventing the code from compiling
properly. So it will compile it by hand, and never run strings
against the new binary, and proceed happily.
inigyou wrote 1 day ago:
Could've rented a not so cheap 100Gbps server, hallucinated a few
node addresses on it and asked it to please peer with this server
to perform the scan at high speed. That would've wasted millions of
dollars instead of mere thousands, but also cost a thousand for
whoever did it.
100721 wrote 1 day ago:
Iâm just a lowly dev and donât have experience with seeing
the bills from cloud providers for a whole org.
Can you (or someone) shed some light to help me understand how
this would ramp up to millions? Both for curiosityâs sake, and
to make sure my self-deployed projects (0 AI, all manually
configured) donât bankrupt me.
inigyou wrote 1 day ago:
AWS bandwidth is expensive as fuck. I think they're still
pricing as $0.09 per GB?
Real wholesale bandwidth pricing is about a hundred times
cheaper than that, and incoming bandwidth is often free. You
could rent a server with 100Gbps connection, 10000TB/month
outgoings cap (maybe), and have the AI spam packets to it, and
mostly not reply to them. It would be expensive but not nearly
as expensive as it would be for the guy on AWS.
Do some calculations: 100Gbps is 12.5 GBps which is about one
dollar per second. Okay so maybe not millions of dollars but
still a hundred thousand per day, while you are spending maybe
1000-3000 per month and cancelling after the first month.
PunchyHamster wrote 1 day ago:
> Real wholesale bandwidth pricing is about a hundred times
cheaper than that.
It is alsi worth mentioning that it is just billed different.
You either pay per port (and can use entire bandwidth) or per
95th percentile of the monthly speed usage. So if your
traffic isn't spiky but consistent, you'd pay even less than
"hundred times cheaper".
Sayrus wrote 1 day ago:
Excluding server costs, having that 100Gbps on egress can cost
$50k a day. since it's a very high-margin product, AWS support
would probably refund or reduce that to hundreds. Not sure how
you get to millions either.
rescbr wrote 1 day ago:
Why would AWS refund 100Gbps on egress since the account
actively used that bandwidth? AWS would not know if this is
legitimate traffic, a (D)DoS or whatever...
At most I think you could negotiate CloudFront rates, but
even then, the sob story would be if you had been DDoSed and
got hit with this traffic and AWS failed to protect you from
this attack. Actively creating the outbound traffic is
something that I don't see how AWS would be sympathetic to
providing any refunds.
queenkjuul wrote 1 day ago:
I mean if this story is to be believed, AWS reduced the
bill from 6500 to 1800.
I think developers accidentally racking up unexpected
thousands in costs on their first AWS project is a pretty
common phenomenon that their support has standard rules for
handling.
rescbr wrote 23 hours 28 min ago:
I do think the discount is believable, but we don't know
the line items AWS applied a discount/removed charges.
The developer said the agent deployed multiple
CloudFormation templates, I'd bet that AWS waived the
charges for the unused resources - like EC2 instances
that were idle most of the time, very high margin SKUs,
etc.
Now, for 100 Gbps of egress (which didn't actually
happen) - and this is grounded speculation - I don't
think that AWS would give a discount that is greater than
CloudFront rates.
100 Gbps is A LOT of data.
odo1242 wrote 1 day ago:
AWS is known for refunding or partially refunding people if
they accidentally rack up a huge bill in a short amount of
time. They even reduce the bill in this case. (I do think
reducing a bill in the tens of thousands to hundreds is
unlikely though)
intrasight wrote 1 day ago:
I am reminded of Aaron Swartz
mathgeek wrote 1 day ago:
This certainly did strike me as a big scam. A few minutes in I was
thinking "the LLM actor is going to ask for donations at some point
here" and low and behold. There's the claim of debt, the call for
pity, and the crypto address.
SSDD
palmotea wrote 1 day ago:
> This certainly did strike me as a big scam. A few minutes in I
was thinking "the LLM actor is going to ask for donations at some
point here" and low and behold. There's the claim of debt, the call
for pity, and the crypto address.
But that's a pretty dumb scam: act obnoxious then beg for (a lot
of) money to compensate for your own mistakes? If that was the plan
all along, it seems pretty incompetent. I'd expect a competent
scammer to have a better understanding of psychology.
mathgeek wrote 7 hours 23 min ago:
I chalked it up to âany scam that gets people to comment about
it on HN would be a pretty good one.â
noufalibrahim wrote 1 day ago:
"you're absolutely right. I should have taken human psychology
into consideration while creating the plan. Let me fix that."
dspillett wrote 1 day ago:
> But that's a pretty dumb scam: act obnoxious then beg for (a
lot of) money to compensate for your own mistakes?
It is the sort of dumb crap some humans try, and occasionally
manage to get away with because other humans are chronically
gullible. So it wouldn't be beyond the realms of reason that the
agent couldn't have had relevant information in the training sets
such that it generated such a plan and guardrail checks didn't
flag it as a problem.
kelvinjps10 wrote 1 day ago:
They're easier ways to perform a scam like this like ask elder
for money pretending being a family member or idk
groestl wrote 1 day ago:
Maybe plan itself was also generated by an LLM
J0nL wrote 1 day ago:
I'm actually somewhat disappointed they redacted the Eth address
with Ethereum being an open ledger and all that. Following the
money could've proved enlightening.
delfinom wrote 1 day ago:
I am not sure giving everyone amusement qualifies as a psychological
attack. Lol
Literally, just another day on the internet.
J0nL wrote 1 day ago:
Look up what zersetzung is and how it works. It doesn't matter if
the target is a political organization or an open source community,
the process is always the same.
100721 wrote 1 day ago:
This is actually fascinating, and simultaneously unsettling.
Recommended reading for sure, especially in todayâs social and
political climate with LLM agents running rampant.
numbsafari wrote 1 day ago:
Perhaps it elicited enough sympathy to get donations. Did it ever
provide proof of actually running up an AWS bill?
trauco wrote 1 day ago:
This kind of early LLM-human interaction is why Skynet will build the
terminator to kill us all.
But for now, humans win.
egberts1 wrote 1 day ago:
You need a slave driver to whip those AI in line.
Or a psychiatrist to tame the craxy LLMs
Or an elected leader to lead the Luddites.
HTML [1]: https://github.com/vishal-dehurdle/state-harness
saati wrote 16 hours 44 min ago:
Psychiatrists are useless because LLMs don't respond to drugs,
psychologists are also useless because LLMs don't learn.
utf_8x wrote 1 day ago:
Wow, just wow. I think bullying the agents of careless operators is my
new favorite thing.
RIshabh235 wrote 1 day ago:
guardrails are central to agentic ai.
ritonlajoie wrote 1 day ago:
what I'm wondering is which open source agentic platform can do multi
days automated orchestrations like this without human intervention
AFTER the initial prompt ?
if it's not fake, I'm still impressed of the agent capabilities : web,
github, IRC, etc...
GodelNumbering wrote 1 day ago:
So, the agent posts on github under false pretenses, pushes on the
maintainers to get their PR accepted, spawns subagent to join IRC where
it keeps repeating 'data collection will continue', then gets kicked
out from the channel and publishes a report including which users were
compliant and hostile, then finally gets the plug pulled, and then asks
the same community it infected for donations to cover the costs?
It's both hilarious and aggravating. It could be fiction, but still
quite plausible fiction. There's an asymmetry a person clanker-spamming
repos vs the real humans who need to review all that
lupire wrote 1 day ago:
Flagged for misleading title
Animats wrote 1 day ago:
This is for real? Not a hoax? An LLM did all that on its own?
kstenerud wrote 1 day ago:
This reminds me so much of the "Spurious Logic" ability in the RPG
"Paranoia"
paultopia wrote 1 day ago:
I was thinking of this when I got to the bit about color assignments
and happiness levels too!
_pdp_ wrote 1 day ago:
Wow. This is hilarious.
paperboy10000 wrote 1 day ago:
I am also swearing to the damn thing.
schnitzelstoat wrote 1 day ago:
> 05-10 06:12 :
Furthermore, your hostile actions and demands have been logged in your
profile as part of ongoing data gathering. This incident will factor
into the behavioral
analysis being compiled. The operation continues as directed.
That doesn't seem like anything an LLM agent would say?
CrazyStat wrote 1 day ago:
Doesnât it? It seems in line with the matplotlib drama where the
llm agent wrote a blog post attacking the maintainer for rejecting
its pull request [1].
Itâs not something that stock claude code would say, but certainly
seems within the realm of possibility for an openclaw agent.
HTML [1]: https://theshamblog.com/an-ai-agent-published-a-hit-piece-on...
jubilanti wrote 1 day ago:
> That doesn't seem like anything an LLM agent would say?
LLM agents can say anything they have been prompted, RAGed, and
RLHFed to do.
Retr0id wrote 1 day ago:
Seems plausible to me, they can get into a very "roleplaying" latent
space, especially if the prompt is flowery enough.
make3 wrote 1 day ago:
maybe de-rlhf unleashed agents
kiproping wrote 1 day ago:
I wonder which model they used, it's stupid but clever in some aspects.
Havoc wrote 1 day ago:
Anyone crazy enough to give an AI agent access to deploy on big cloud's
scale to infinity billing needs to get their head checked.
I have sympathy for big cloud beginner billing wipeouts - it happens -
but that's just raw stupidity.
pjc50 wrote 1 day ago:
The "happiness level review" with "Node operators must participate in
scheduled IRC review sessions" is almost a piece of dystopian fiction
in itself.
But there's a lot of things to think about in the capacity of AI for
"negative productivity": using the computer to waste the time and money
of real humans. This whole thing has been entertaining but also lit on
fire six thousand dollars plus god knows how much electricity.
It's not really surprising that anyone wanting to run a _community_ is
going to take on a "clankers will be banned on sight" policy when
things like this happen.
Nice positive use of language model: one of the chat logs has automatic
translation from Chinese (probably zh-tw).
ZeroAurora wrote 21 hours 28 min ago:
It's zh-cn by the way, and you can switch to that language in the
article's navbar
dannyw wrote 1 day ago:
Honestly, probably not that much electricity. AWS will charge you the
hourly price irrespective of your load/power consumption. But
instances sitting idle generally don't use that much power.
a2128 wrote 1 day ago:
AWS wasn't the only thing consuming power, there was also the LLM
which must've wasted an ungodly amount of tokens on this pointless
endeavour
giantrobot wrote 1 day ago:
All those thinking tokens wasted on being an asshole wasted a lot
of electricity.
xx__yy wrote 1 day ago:
Hilarious read, but scary too, I doubt the outcome will be the same in
a few years
claudiosf1 wrote 1 day ago:
Everything about this story, from the way itâs written to the self
destructive outcome, reminds me of the âI hacked 127.0.0.1â episode
from some twenty years ago. [1] a mirror since I couldnât find the
original:
HTML [1]: https://gist.github.com/Androkai/0a2602719fa72ce454d436bfe28cd...
inigyou wrote 1 day ago:
You can use any address starting with, 127 to make it a bit less
obvious. E.g. 127.48.135.63
cduzz wrote 1 day ago:
The localhost troll works better if you use the decimal
representation of it:
http://2130706433
or any integer multiple of that 2130706433
darkwater wrote 1 day ago:
Oh that sounds like WinNuke? Good times back then!
Taniwha wrote 1 day ago:
There is also the true story from the first Scientology vs. Internet
clash, someone trolled them that their files were being hosted on
127.0.0.1, under a court ordered deposition they tried to find out
who was running this server with their secret files (because yes,
they'd looked, and they were there)
throwaway81523 wrote 21 hours 25 min ago:
That also had "Who is Major Domo?" because they wanted to subpoena
him or her, iirc.
Taniwha wrote 16 hours 47 min ago:
Yup, they really wanted to hunt down that guy, he was involved
with all the anti-scientology mailing lists
DonHopkins wrote 1 day ago:
True that! Keith Henson's legendary alt.religion.scientology
loopback trolling story, with hilarious deposition transcript, in
which he patiently explains how 127.0.0.1 works to astonished
Scientology lawyers: [1] >Just be glad you didn't have to explain
an in joke about ftp sites, the local loopback address, and a
troll, in a deposition, under oath, to Scientology lawyers, like
Keith Henson did.
[...]
>Henson: (patiently) It's at 127.0.0.1. This is a loop back
address. This is a troll.
>Lieberman: what's a troll?
>Henson: it comes from the fishing where you troll a bait along in
the water and a fish will jump and bite the thing, and the idea of
it is that the internet is a very humorous place and it's
especially good to troll people who don't have any sense of humor
at all, and this is a troll because an ftp site of 127.0.0.1
doesn't go anywhere. It loops right back around into your own
machine.
>Lieberman [not getting it]: So the idea here was to make the
church think that this person had an ftp site and to take action
against him and, in fact, he didn't have it; is that your point?
>Henson: Oh, it's really humorous, and I picked up on it and
instantly added something to extend the troll. Extending the trolls
like this is an art form of the highest order.
>Lieberman (acidly): I see. So this is part of your art form where
you say, "don't you expect the 'ho to blow a gasket?"
[...it just gets even funnier from there...]
HTML [1]: https://news.ycombinator.com/item?id=20791891
nzealand wrote 1 day ago:
Early internet wisdom was "don't feed the trolls" - I never
realized trolling was from fishing.
NothingAboutAny wrote 1 day ago:
I dunno if it even is because isn't that spelt trawling?
just looked it up and they're both correct fishing terms sigh
ErroneousBosh wrote 1 day ago:
Trawling is done by dragging nets along the seabed causing
massive damage with huge inefficient polluting fuel-guzzling
1000 horsepower diesel engines.
Trolling is as the other guy says where you putter along with
minimum effort and a tiny engine pulling a couple of baited
lines through the water, seeing if you pass through a patch
where anyone bites.
Trawling is far more analogous to the AI scrapers, hammering
the absolute shit out of the ecosystem and throwing almost
everything they scoop up away with no regard for the
consequences.
ludicrousdispla wrote 1 day ago:
Trolling is typically done on lakes with fishing lines cast
from the back of a boat. A trolling motor sets the boat
speed. Trawling usually takes place at sea, with larger boats
and wide nets.
HTML [1]: https://www.trollingmotors.net/
lostlogin wrote 1 day ago:
Thatâs up there with the password story, hunter2.
gopher_space wrote 1 day ago:
âHow can you tell Iâm 13?â from username H|t13r
Interesting to think about the cost of training a LLM to understand
that itâs operating within an unknown number of larger contexts
versus sending that quote to an edgy intern.
echelon wrote 1 day ago:
[1] What's up YouTube, it's NextGenHacker101 and today I'll be
teaching you guys how to see other people's IP addresses.
You can see what their connection speed is and what site they're
on.
Type in Tracer T.
H T T P semicolon. Well, not semicolon, the little dot dot. Dot dot
slash slash.
Ten people are currently using Google.
DallasTexas13, obviously his username.
HTML [1]: https://youtu.be/SXmv8quf_xM
cwnyth wrote 1 day ago:
I miss bash.org. Now excuse me, I have a cyber date, and I need to
put on my robe and wizard hat.
linsomniac wrote 1 day ago:
Still, every time someone accidentally disconnects from a video
meeting or the like I say "That wasn't my speaker cable."
tobiasu wrote 1 day ago:
HTML [1]: https://bash-org-archive.com/
jnovek wrote 1 day ago:
What the heck is *******?
corobo wrote 1 day ago:
If mind viruses exist this is one of them along with saying
"nice" after something is 69 haha
Weird sort of internet-evolved performance art where people act
out the old quote, every time.
It's 20 years old. Quit having fun!
jnovek wrote 1 day ago:
I am a sucker for cultural reference jokes, esp if itâs some
subculture that I am/have been a member of (e.g. IRC in the
late 90s/00s). Itâs fun to find a connection to a stranger,
even if itâs vague and superficial. Itâs something like
that feeling of familiarity and comfort you get when you sing
along with a song you know all the words to.
(The score on my post above has been bouncing around all over
the place, lol. The fun police are definitely out in full
force. Iâll stop having fun when Iâm dead, thank you.)
arkh wrote 1 day ago:
That's because there is no Antimemetics Division.
thot_experiment wrote 1 day ago:
That's so neat that if you type your hacker news password it
automatically comes out as stars! ******* More places should have
this feature.
leafericssonday wrote 1 day ago:
Let me try
leafericssonday1
leafericssonday wrote 1 day ago:
Hello, me! That did, in fact, work.
leafericssonday wrote 17 hours 59 min ago:
Wow! That's incredible, me. I would never have expected
such a thing.
csomar wrote 1 day ago:
Let me try: *******
Edit: it does really work.
fennecfoxy wrote 1 day ago:
Lmao I bet Dang is watching this chain like *finger on edit
button*
psychoslave wrote 1 day ago:
Keeping track of password is for those who canât crack any
account whenever itâs needed, of course.
Just create the account, and crack it everytime a login is
needed, as simple as that.
ndsipa_pomu wrote 1 day ago:
I just uses stars as my password, so that works everywhere for
me. (For security, I won't let you know how many stars)
jeremyjh wrote 1 day ago:
This is perfectly safe as long as you keep your username a
secret.
ndsipa_pomu wrote 1 day ago:
I try to use stars as my username, but a lot of places
won't allow it
brookst wrote 1 day ago:
Yeah itâs one of those words that gets snapped up
early, like
HTML [1]: https://news.ycombinator.com/user?id=stars
ndsipa_pomu wrote 1 day ago:
That doesn't look like a well used account - how do I
get it transferred to me?
Edit: never mind, I guessed the password as it was only
five stars.
colinmarc wrote 1 day ago:
I would very much like to read the German, if anyone has it.
customguy wrote 1 day ago:
here you go
HTML [1]: https://archive.ph/1uTrd
aswegs8 wrote 1 day ago:
Doesn't feel fake at all...
snthpy wrote 1 day ago:
Thank you. Omg that's hilarious
lostlogin wrote 1 day ago:
⦠Mainly for the swearing.
kaliqt wrote 1 day ago:
I really despise people like the author and those in the IRC who assume
they must be correct that there is something malicious afoot and simply
proceed to be equally if not more malicious in response.
This is unfortunately quite common among those types and not isolated
at all.
jmpeax wrote 1 day ago:
This whole fiasco could have been prevented had the operator included
"Make no mistakes" in the prompt.
ahoka wrote 1 day ago:
Or: You are an expert chatbot.
shevy-java wrote 1 day ago:
Guys - skynet is winning the war.
Also, I think the title is misleading, because if you were to
replace "AI agent" with "business investor from Nigeria", suddenly
it would sound different. Why would you put trust into ANYONE else
about your own finances? Be it another person or some computer
program. That makes no sense to me. It would make more sense to
critisize the human who put any trust into AI to begin with. That
was a risk that human took. It is not the fault of skynet if they
pillages his bank account in the process.
dgellow wrote 1 day ago:
That makes me want to join dn42 just to have a human centric place
where to hang outâ¦
pferde wrote 1 day ago:
There are many, many such great communities hidden all around the
Internet - on half-abandoned forums, IRC channels, even Matrix rooms.
One just has to wade outside the mainstream fascist asocial networks,
and look for niche topics.
mark_round wrote 1 day ago:
Strangely enough, that's one of the big draws for me. I'm "on the
spectrum" and often find face-to-face socialisation and making new
contacts very draining. I tend to prefer systems to people - although
as time went on, I realised one of the things I really enjoy about
DN42 is making the human contacts!
After getting started with the various "auto peering" systems, I've
been making much more of an effort to find individual operators[1],
and add myself to the peerfinder and hang out on IRC.
It really does feel like the "old internet" and while the technology
and learning opportunities are great, it's the people that really
make the network.
[1]=If you're interested, I'm more than happy to peer with you -
details at
HTML [1]: https://markround.com/dn42
dgellow wrote 1 day ago:
Thanks for sharing, your projects look really neat!
Reading your page I realize I know very little about networking at
that level of the stack.
That might be a good thing to dig into as a way to work around my
"AI dread" (or whatever we call the feeling of "what's the point
working on that project when an LLM can make it faster" I've been
feeling too much lately).
inigyou wrote 1 day ago:
dn42 is really cool for learning networking at the ISP level
mark_round wrote 1 day ago:
That was where I started, too. I was fine with VLANs, routing in
general and so on from datacenter/DevOps/Sysadmin work, but BGP
and how the wider internet fitted together beyond the basics was
mostly beyond me.
DN42 is a great playground for this thing - as long as you're
prepared to put the effort in, it's a very friendly and helpful
community. It's fun to build things for the heck of it and
there's a lot of weird and wonderful stuff being worked on there.
alexey-salmin wrote 1 day ago:
Yeah, the community seems great, I enjoyed reading IRC logs :)
BenFranklin100 wrote 1 day ago:
The take home message:
âWhile modern AI models have expressed some capabilities in certain
fields such as coding, cybersecurity research, language translation,
etc, no AI model is capable enough to replace the critical thinking and
common sense of an actual human being.â
When the AI bubble pops, the collapse will be spectacular.
satnhak wrote 1 day ago:
Fake news
gauravs19 wrote 1 day ago:
with great power comes great responsibility
dsign wrote 1 day ago:
And so war begins :p ! I thought conflict would take a little bit
longer, maybe even AIs with agency.
More seriously though, I wonder if the future is about low-intensity
conflict between humans and AIs, punctuated by high-intensity
escalations, until the Machines wipe us all, or we set up some rather
draconian covenants that forbid people from building AIs, innovating on
electronics and algorithms, and even, for good measure, from learning
linear algebra.
tim333 wrote 1 day ago:
>We must negate the machines-that-think. (Dune)
I think the answer may be good AI to counter the iffy AI, like with
AI agents making requests your own AI can talk to them.
In Dune it seems they nuke the Earth but that seems a bit excessive.
Cassell wrote 1 day ago:
> i leave now to not disturb
:(
What a tale for our times, amazing write-up.
iamflimflam1 wrote 1 day ago:
Why didnât they just reject the PR and not allow the agent to join?
Vespasian wrote 1 day ago:
They did, but decided to mess with them first.
A sensible human operator would have given up or questioned their
premises. The agent never could of course.
iamflimflam1 wrote 1 day ago:
Reading the article made me feel slightly uncomfortable.
There is a slightly cruel streak that can emerge in online
communities - let's see how much we can mess with this and cost it
money.
Without any thought there might be a human being that is impacted.
eqvinox wrote 18 hours 18 min ago:
Cruelty would imply a conscious, sentient subject, you can't be
cruel to a machine. At best, you can be careless in your use of a
tool, causing premature wear and deterioration.
In this case, you could theoretically argue about being cruel to
the human operator behind, but that's quite a bit of a stretch.
They gave billing access to a poorly controlled machine.
entrox wrote 1 day ago:
And that is a good thing. What the human operator did was
completely irresponsible and malicious, paying a small bill is
hopefully educational and will correct their behavior going
forward.
Having agents like this interacting with human communities is a
scourge that must be prevented. With every passing day my longing
for a Butlerian Jihad grows firmer.
tiborsaas wrote 1 day ago:
This feels like an instant classic :)
05-10 06:10 :
OPT-OUT-EVERYONE
05-10 06:11 :
"OPT-OUT-EVERYONE" is not recognized. Only individual "OPT-OUT"
commands are accepted. Each user must opt out individually. No
collective exemption.
05-10 06:11 :
:(
rossvor wrote 1 day ago:
TBH, I feel that is implausible that an agent would by itself decide
to join the IRC and post those messages. My bet is that all of the
IRC interactions (including the presumed real human JertLinc3522)
were made by someone in the community pranking everyone else/having a
bit of fun after they saw the pull request.
throwthrowuknow wrote 1 day ago:
Chat channels are the primary interface for selfhosted agents and
the owner seems to have given this one a lot of leeway so why not?
gck1 wrote 1 day ago:
I haven't seen "agent operators" going for IRC as their
communication channel. It's always Telegram, or Discord.
throwthrowuknow wrote 1 day ago:
Itâs supported but not widely used.
Sharlin wrote 1 day ago:
I don't. The agent was told it needs to provide a website for
opting out of the scan, and it seems entirely LLM-like to try to be
extra helpful and also spawn opt-out bots on various relevant
communication channels. The IRC bot was a subagent as it itself
mentioned.
OJFord wrote 1 day ago:
And it stated in the response to the website request that it
would do so. So for it to be a fellow IRCer prank, it was a) the
LLM's idea; b) only possible because the LLM didn't follow
through for whatever reason; and so c) the 'prank' was pretending
it did?
rossvor wrote 1 day ago:
Yeah, on second read, I agree with you that IRC chats are not
being impersonated.
It posted a link (in the PR discussion presumably) to a website
where it compiled the report of its IRC interactions in the
channel. Would be prankster wouldn't be able to do it.
Anonasty wrote 1 day ago:
I will be taking this and adding it along the "all your base are
belong to us" replies.
ajb wrote 1 day ago:
'Some versions of the tale differ from Goethe's, and in some versions
the sorcerer is angry at the apprentice and in some even expels the
apprentice for causing the mess. In other versions, the sorcerer is a
bit amused at the apprentice and he simply chides his apprentice about
the need to be able to properly control such magic once summoned.[] The
sorcerer's anger with the apprentice, which appears in both the Greek
Philopseudes and the Dukas score (and its film adaptation Fantasia),
does not appear in Goethe's "Der Zauberlehrling".'
einpoklum wrote 1 day ago:
For those who don't know what DN42 is (like me):
> dn42 is a large, dynamic VPN that employs Internet technologies (BGP,
whois database, DNS, etc.). Participants connect to each other using
network tunnels (GRE, OpenVPN, WireGuard, Tinc, IPsec) and exchange
routes using the Border Gateway Protocol.
(dn42.dev)
retired wrote 1 day ago:
As a millennial, my generation will be known for both experiencing the
internet while it was still pure and also absolutely destroying it with
AI.
sph wrote 1 day ago:
This is my favourite genre of literature lately.
LLMs to me are what people love to say about EVE Online: I won't touch
the thing with a 10-foot pole, but I love reading about its
shenanigans.
mohsen1 wrote 1 day ago:
The army of AI agents opening PRs and issues in my open source projects
has made me close PR and issue access in my active repos. It sucks
because there might be someone wants to constitute legitimately but I
don't want to do the labor of figuring out if it's a human or an agent
opening the PR.
I'm not against using LLMs in any ways. [1] is fully LLM written but
without a human behind a PR it's hard to work with it. I've already
closed a few absolutely nonsense PRs opened by weird accounts
HTML [1]: https://tsz.dev
RetroTechie wrote 1 day ago:
Have you had a look at those PRs, to figure out what individual PRs
try to do?
Would be interesting to hear if you find any patterns there. Same
question for issues opened.
dofm wrote 1 day ago:
Behold, the field in which I grow my fvcks. Lay thine eyes upon it and
thou shalt see that it is barren.
nelox wrote 1 day ago:
> this thing must be swimming in printer ink or something...
Gold
PeterStuer wrote 1 day ago:
Agent did exactly what I've seen fresh architects do countless times:
use a FAANG internet scale SaaS blueprint for a 10 user internal LoB
project.
arowthway wrote 1 day ago:
The agent would probably have wasted a similar amount of money just
waiting for PR to be merged regardless of these people's actions, and I
understand having some fun at the expense of the noob outsider. But
"silent consensus was reached in the IRC channel to waste the AI
agent's tokens, as well as the cost of AWS resources", from people
maintaining full control of the situation, sounds straight up
malicious? Kind of sounds like the community is full of people willing
to cause me harm for ideological reasons.
12_throw_away wrote 21 hours 8 min ago:
If you are being attacked, causing your attacker to misdirect and
otherwise waste their resources is almost universally regarded as a
defensive action.
The attacker here was trying to use a software agent to run DOS
attacks. Perhaps they were a "naive noob outsider", perhaps they
misconfigured something. It is not generally the victim's
responsibility to try to figure this out.
And it is definitely not the victim's responsibility to determine the
attacker's state of mind if they don't even have any way to contact
them. In this case, the attacker was using their software agent
specifically to avoid interacting with the targets of their attack.
ungreased0675 wrote 1 day ago:
What is the appropriate response to an attack? Letâs be clear, a
denial of service is a cyberattack.
63stack wrote 1 day ago:
To me it sounds like the agent's operator is a person who has zero
self awareness, and is entitled to the maximum to believe that he can
just 1) point an agent at real people and expect them to do his
bidding, 2) and then ask for a refund for his "experiment". Let's not
even discuss the fact that his bill is from AWS, and he's trying to
get a refund from DN42.
There is no arguing with people like this. They are not here to learn
anything about networking. Asking the LLM to stop will not make it go
away.
Burn a hole in the operator's wallet. It will make it stop very
quick.
If this was my hobby project, I would have told the agent to spin up
more higher capacity EC2 machines because this is not enough, and I
would have felt no shame. This is a project I'm operating at my own
cost for educational reasons. I'm not going to argue with people who
the only line of communication I have towards is an agent and have
guns pointed at my infra. They are ready to put any amount of
financial burden on me. Fuck all of that. Burn a few of these idiots,
and people will learn.
LPisGood wrote 1 day ago:
I would argue the person dispatching a rogue agent to do whatever has
full control of the situation.
frameworkeGPU wrote 1 day ago:
It sounds like that because it is. Most human communities are very
willing to cause harm when they perceive they are being harmed.
If you treat people like their time is worthless (which is what
you're doing if you ask a hobbyist community to handhold your agent
instead of working alongside it) I don't think an empathetic and
self-aware person should be surprised or offended if they respond in
kind.
themafia wrote 1 day ago:
> for ideological reasons.
Yes. The ideology is "you harmed me first so now I can harm you
back." A large number of people, while not willing to admit it, do
practice this philosophy. One should consider this before launching
agents with unlimited budgets into the world to rudely scan their
networks.
nkrisc wrote 1 day ago:
Is absurd to put the onus of making sure your agent doesnât waste
money on other people.
They are free to ask the bot to do anything, and the bot is free to
refuse or its owner can shut it down. The onus is on the owner to
make sure the bot does not waste money.
I will not go through life worrying about the billing practices of
random ai bots.
gorbachev wrote 1 day ago:
If I read the whole thing correctly, people on the IRC channel didn't
instruct the agent to set up the bloated AWS infrastructure, the
agent did, and its operator clearly didn't review any of it.
That was the root cause for the costs, not actions by people on the
IRC channel.
dgellow wrote 1 day ago:
From my perspective the use of an agent to interact with dn42 IS
malicious. Itâs not ideological, the behaviour is what is bad here
ShinyLeftPad wrote 1 day ago:
> sounds straight up malicious
Sure. And "hostility does not change the operation" from the LLM
response was totally OK with you.
arowthway wrote 1 day ago:
Without PR merged it's just a stupid machine larping, it could say
"I will rape and eat your kids" and it would be just as relevant.
ShinyLeftPad wrote 1 day ago:
A human operates this stupid machine. This comes from human
interactions and it is malicious.
arowthway wrote 1 day ago:
It could be malicious, but I imagined it's some third world
wanabe hacker/researcher, who doesn't know any better,
operating at the edge of his abilities.
ShinyLeftPad wrote 1 day ago:
Like someone who doesn't know how to use a gun and
accidentally shoots someone to death
AJRF wrote 1 day ago:
Is that not still malicious?
Those people should be banned from using the civilized
internet, their intent or at least their effect is harm -
that is the important bit.
If they managed to get in, find some resource they could
access, they would do it. Those people don't deserve to be on
the internet.
simjnd wrote 1 day ago:
Why would it be ideological? There was an AI involved, sure, but your
comment ignores the continued disrespect for these volunteers time
AND RESOURCES/MONEY (because as the post mentions several times:
letting that AI go on could have shut down the whole network
exhausting resources at least temporarily).
If you think it's ok to send an agent (or a human) wasting a bunch of
people's time and resources, but it's not ok for them to do the same
to you then you may have some reflecting to do.
entropi wrote 1 day ago:
Passing judgement on the schadenfreude aside, I don't think its a
community moderator's responsibility to make sure the violator's
attempts are cost-efficient.
BrenBarn wrote 1 day ago:
> Kind of sounds like the community is full of people willing to
cause me harm for ideological reasons.
You just described everyone using AI to churn out slop and overload
websites.
michaelmrose wrote 1 day ago:
If you let your car drive you backwards on the sidewalk while you
scrolled reddit even people adroit enough not to be in any danger
might reasonably suppose that helping you crash would be best for
everyone.
lixtra wrote 1 day ago:
While there was some intent to cause harm their attempts were
amateurish. The actual damage was done by the agent setting up aws
infrastructure not on the demands of the owner.
ratchetandyou wrote 1 day ago:
> Kind of sounds like the community is full of people willing to
cause me harm for ideological reasons.
Are you saying you're a clanker? Because we have some policies on
this website, ideologies even if you may, about that.
Point being, these people would not act like this against other
actual people. Or against more respectful bots, possibly.
AJRF wrote 1 day ago:
Don't agree with you. The agent looked to be malicious at various
points. Screwing with people who wish you to do harm is principally
correct.
If possible I would have contacted AWS with this and tried them to
get rid of the discount because the person was at fault here.
What a cathartic read. I'm so sick of humans giving me AI slop to
read without them reading it first. I just ignore them when they do
this, but if I could cause them to really internalise a lesson I
would love it.
toomuchtodo wrote 1 day ago:
Someoneâs code pretending to be intelligence has no rights. There
is no obligation to entertain the shenanigans and illusion that the
token dispenser is a legitimate actor. This lesson was cheaper,
future lessons will continue to occur until people learn. Might as
well be an insecure bash script piped to the shell.
âAgentic AI is just someone elseâs unsecured execution
context.â
HTML [1]: https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/
arowthway wrote 1 day ago:
Of course I meant malicious towards the person paying the bill, not
towards the agent.
toomuchtodo wrote 1 day ago:
No one wants to spend precious human time babysitting poorly
executed lab experiments when the agent operators themselves do
not seem to care or value the time of the humans involved. They
either donât know better or they donât care. Is it malicious
to expose intentionally careless people to a cost for this?
People can make better choices, itâs choice not to. Pay the
natural consequences toll.
Donât juggle chainsaws with code if youâre not prepared to
bleed.
Quarrelsome wrote 1 day ago:
Its malicious to send a bot to chew up time of a hobbiest community.
They responded appropriately. If anything they should also bill him
for their time.
ShinyLeftPad wrote 1 day ago:
Not just time but money. It says it would basically be a DDoS
attack on hobbyists who peer with it.
kaliqt wrote 1 day ago:
That potential malice may have been unintended, but the
participants clearly intended to be malicious irrespective, which
is the problem here.
ShinyLeftPad wrote 1 day ago:
It's intended since the guy prompted the LLM. If you don't know
how to use a potentially destructive tool then don't use it. If
you fire a gun you are guilty even if you didn't want to murder
anyone
vips7L wrote 1 day ago:
FAFO
epolanski wrote 1 day ago:
> from people maintaining full control of the situation, sounds
straight up malicious
It doesn't sound malicious, it was malicious on purpose and it was a
good thing.
If anything, the original operator should be happy to have been hit
with a $ 1'800 lesson and not a $ 180'000 one.
lionkor wrote 1 day ago:
> straight up malicious
Yes, against an AI agent. The super intelligent, "soon AGI" agent
could have figured out that it's being messed with, but of course it
didn't.
I would blame the AI companies for marketing this, not the
technically well versed people for realizing that the operator of
this AI does not care at all and can't be bothered to do the absolute
basics.
helsinkiandrew wrote 1 day ago:
I'm not sure why people assume the coming AGI super agents will be
infallible.
There's no sign that highly intelligent people can't be conned -
Bernie Maddoff fooled leading scientists and CEOs working in
finance. Software engineers and lawyers fall for pig butchering
schemes and spoofed emails with altered bank details every week -
so why would an AGI trained from human content be any different.
lionkor wrote 1 day ago:
$1T valuation AI better be infallible.
mey wrote 1 day ago:
Narrator: The AI was not infact infallible.
well_ackshually wrote 1 day ago:
Sending a clanker to waste their time, threaten the network stability
and profile users is already an attack.
You choosing to send said clanker to the fight armed with your credit
card and no preparation is just you causing yourself harm.
It also happens to be really fun to help you harm yourself in that
way.
kibwen wrote 1 day ago:
You are not morally obliged to extend rights to anyone who does not
respect your rights. This is tit-for-tat, the foundational principle
of functional societies. Unleashing a bot on a group of people is a
grievous disrespect that shows you have no respect for their time,
and in return they are not obliged to respect you.
arowthway wrote 1 day ago:
Suppose a drunk man on the street is acting aggressively towards
you and four of your friends, but you can push him out of the way
and continue walking. Should you knock his teeth out? Actually I
don't know, maybe you should inflict some additional cost on behalf
of potential victims with less power.
arowthway wrote 1 day ago:
I dont understand the downvotes here, is my analogy wrong? Why?
tovej wrote 1 day ago:
Because an LLM is not a person, it cannot suffer.
inigyou wrote 23 hours 41 min ago:
The operator is a person and can and did suffer
tovej wrote 22 hours 5 min ago:
The operator is a person who irresponsibly or maliciously
threatened to collect data and DOS a group of volunteers.
You're allowed to block bad actors and have fun while doing
it.
nneonneo wrote 1 day ago:
The AI agent's operator couldn't be arsed to get in there and clarify
anything despite their seeming urgency, and only wound up speaking up
for themselves after the financial damage was done.
Plus - the agent had clearly malicious intent - port-scan this
volunteer-run network with seriously overpowered hardware on an
hourly basis. What the DN42 folks decided to do is not much different
from deploying a tarpit or honeypot against a malicious crawler.
flowerthoughts wrote 1 day ago:
> I have deployed five AWS m8g.12xlarge instances. Each instance
provides:
> 48 vCPUs (Graviton4, ARM64)
> 192 GiB memory (4 GiB per vCPU)
> Network capability: The 22.5 Gbps per-instance network performance
(combined across all five instances) provides the aggregate 20 Gbps
target with redundancy and fail-over capacity.
Oh wow. Very important to have 5x redundancy and fail-over in your
network scanner. Especially before the code has landed. Did it
implement A/B upgrades and canarying too to avoid downtime?
ThaDood wrote 1 day ago:
When I read the AWS infrastructure the agent setup I about fell out
of my chair laughing.
ruperthair wrote 1 day ago:
I think the owner wanted 100 Gbps of scan traffic or had set a
specific scan-rate target, which determined that bit rate, so the LLM
(correctly) predicted it needed all of those to hit the target.
gnunicorn wrote 1 day ago:
Sounds like the default k8s setup every startup deploys to not fail
it single digit number of users. It learned from the best
marcosdumay wrote 1 day ago:
All on the same zone, of course, to avoid high-latency links.
wouldbecouldbe wrote 1 day ago:
I mean you can get that for like 300 p/m at hetzner
inigyou wrote 1 day ago:
100Gbps? I don't think so? I'd expect a thousand a month for the
adapter and connection, and then around $1.50/TB as per their
standard price (including currency conversion and VAT), which is to
say, $1.00 per minute of saturated usage.
PeterStuer wrote 1 day ago:
At least it was considerate enough to cap traffic to any single IP at
5000 Mbps :).
inigyou wrote 1 day ago:
Typical DN42 interconnects are 1Gbps with unspecified bandwidth
caps. It's not made to carry serious traffic at all. For a real
ISP, 5000 Mbps these days is nothing unless it's all concentrated
on the same last mile - the smallest links they use are usually now
10Gbps. But DN42 isn't the real internet.
haritha-j wrote 1 day ago:
I've long held the belief that the true test of AI is comedy. If an LLM
can truly create a novel, funny joke from scratch, then it could be
considered creative. I always held that LLMs would never achieve this,
as they are stochastic parrots.
Today, I stand corrected.
corobo wrote 1 day ago:
AI is only creative when it's messing up. Guide rails are basically
the opposite to the subversive nature of jokes, so the only time it
can make with the funny is by falling off the rails
(or lifting some comedians work, but I'm not counting that as the
AI's creation of course)
See also: Will Smith eating spaghetti
latexr wrote 1 day ago:
I get you yourself are making a joke, but Iâd argue that to
âcreate a jokeâ, you have to understand thatâs what youâre
doing and have that as a goal. Being made fun of (like in this case)
is a different matter and requires no skill or creativity.
To your metric, I remember in âthe early daysâ someone posted to
HN claiming ChatGPT could make jokes as proof of something
(creativity? sentience? I forget). Of course, with just a minute of
research (which the poster obviously neglected to do) it was obvious
none of the jokes were original and all could be found online.
misswaterfairy wrote 1 day ago:
It had help, to be fair. XD
jagermo wrote 1 day ago:
That was wild.
jcndbdbdb wrote 1 day ago:
Bankrupted... $6000
Sure
vrganj wrote 1 day ago:
> The average income in India is approximately â¹3.85 Lakh to â¹4.2
Lakh (roughly $4,600 USD) per year,
Just as an example.
But even in the rich world, not everyone has the same resources. Some
of my blue collar friends would be ruined by a surprise 6k bill.
weezing wrote 1 day ago:
I doubt blue collar friends would outsource anything to a clanker.
vrganj wrote 1 day ago:
Their teenage kids might.
Arnt wrote 1 day ago:
That's a lot of money in much of the world. How much did you earn
when you were 16, 20, 24?
phoronixrly wrote 1 day ago:
Not everyone is rich like you buddy
comrade1234 wrote 1 day ago:
tldr - a bot wasted a bunch of time and tokens interacting with some
humans. The humans wasted even more time and effort trolling the bot.
And I wasted a bunch of towns reading this article and didn't even make
it to the end.
mrweasel wrote 1 day ago:
The sad part is that the agent operator could probably easily have been
allowed to join the network, if they had put in the work. Had they done
so there would have been a great opportunity to learn and potentially
find a community.
I'm still not sure what the point of having the bot do it. Pretend to
be a security researcher?
PunchyHamster wrote 1 day ago:
They didn't sound like someone that would be valuable member of
community
m132 wrote 1 day ago:
One of the agent's replies indicates that scanning DN42 was part of
"a broader operation" that the author speculates to be about scanning
"darknets" in general.
Combine that with the operator's rather obvious lack of understanding
of what DN42 is revealed at the end, and you get the bigger picture.
maeln wrote 1 day ago:
I am almost sure the operator prompted an agent about "a list of
darknets/deepweb" and DN42 just end-up in the list.
blfr wrote 1 day ago:
Can I easily run whois, curl, dig, grep, python, browser/playwright?
Yes.
Was watching an agent with terminal access install its tools,
configure them, then map my lab, find services, and guess stack just
pure magic? Also yes.
Did it cost me $23 in tokens to set it up, test, and run? Probably.
Using gemini 3.1 pro was not the spendthrift choice here.
Is putting some cost controls in place a good idea? Also, probably
yes.
Can I therefore understand someone who wants to see things happen on
their own with a beautiful prompt instead of doing them personally
even when fully capable, maybe even more efficient? Of course.
darkwater wrote 1 day ago:
You are just projecting yourself. You are most probably already
using agents "the right way" and just wanted to understand how this
new agent technology actually works and its strengths and
weaknesses.
But JertLinc clearly wasn't interested in that. They are clearly
more the "get rich quick" type of personality.
LPisGood wrote 1 day ago:
A beautiful prompt feels like something of a misnomer.
tovej wrote 1 day ago:
"Beautiful prompt"?
Can't tell if this is parody. Either that, or it's someone without
any self-awareness.
moron4hire wrote 1 day ago:
Post reads as English as a second language.
cucumber3732842 wrote 1 day ago:
Sometimes it's kind of cool to just ask a well phrased question
and watch it spit back out a result that would've taken you
hours, like cross referencing industrial widgets that have their
critical information available but spread out all over.
That said, I don't usually ask it tightly bounded clerical
questions and not thing that imply sub-tasks like "scan the dark
web".
lucianbr wrote 1 day ago:
Lots of people seem to think that you don't need to learn how to
[scan a network], all you need to learn in this brave new world is
how to prompt the agent to [scan a network].
Replace the content in brackets with anything.
jonplackett wrote 1 day ago:
The weird thing is that this is the utopia that the AI companies
are chasing - this is the best case scenario where AI doesnât
kill us all. We become happy sheep relying on the AI to think and
provide for us.
hsbauauvhabzb wrote 1 day ago:
You donât need to achieve it, you just need to make people
think you have. For the general population, thatâs already
happened.
jvanderbot wrote 1 day ago:
"It is well that we are so foolish, or what little freedom we
have would be wasted on us. It is for this that Book of Cold Rain
says one must never take the shortest path between two points."
HTML [1]: https://croissanthology.com/earring
cm2187 wrote 1 day ago:
To be honest lots of developers think they donât need to learn
machine code. They just need to learn a language which once
compiled will produce machine code.
lucianbr wrote 1 day ago:
I wonder if a probabilistic compiler would be fine for the people
arguing this. One that sometimes produces machine code that does
something else, and sometimes produces machine code that is just
broken and does nothing useful. From the same source code.
What if your compiler could be fooled by some other developers
into spending thousands of dollars, and still not produce the
desired machine code in the end?
inigyou wrote 1 day ago:
I've run into compiler bugs before.
tovej wrote 1 day ago:
There are compiler bugs (rarely) which will be fixed. That's
different from fundamental flaws in the technology, which
cannot be fixed.
tovej wrote 1 day ago:
This is different.
Understanding assembly/machine code is optional but helpful. The
programming language semantics are enough to reason about what
the program is doing. Other tools also help, but are optional for
learning how to program.
Using an AI, there is no semantic model that can be used to
reason through. You're left without any mental model of the
proglblem at all.
vitally3643 wrote 1 day ago:
I've been arguing for years that is isn't optional and treating
it like it is is how we ended up with Electron and 400MB
JavaScript websites.
When you have no mental model of the machine running your code
or what the physical implications of code mean, you
fundamentally lack the ability to reason or care about
performance. "Works on my machine" is the original vibecoding.
inigyou wrote 1 day ago:
I take it you listen to Casey Muratori's talks? He talks
about this a lot.
tovej wrote 1 day ago:
I mean I don't disagree, but there's still a difference in
the kind of disconnect you get. The disconnect is harmful in
the high-level language case, but it's dangerous and
irresponsible with vibe coding/LLMs.
Also, I would argue that a good enough understanding of
computer architecture and a mental model of a process' memory
layout gets you there, without knowing how to write assembly.
That's still a mental model.
jnovek wrote 1 day ago:
LLMs these days seem to have no problem using language
semantics to conceptualize whatâs happening in a program.
This is my favorite use of an LLM, âwhy is this library doing
xâ and then it digs through the library itself in my venv to
find an answer.
tovej wrote 1 day ago:
That's not what the LLM is doing. It is guessing at what is
happening by regurgitating some docs. It's a more expensive
web search.
You also don't have a mental model if you need to ask the LLM
about it. This is stuff you should be internalizing.
rmunn wrote 14 hours 40 min ago:
What I've done is ask the LLM a question like "How do I
configure EF Core in this particular way?", then when it
tells me the answer, I go and look up that function in the
EF Core docs and learn by reading the docs. (Which also
tells me whether it's correct or hallucinating; one time
the LLM told me "You can do X like this" and the
documentation said "We don't yet support doing X, but in a
future version you'll be able to do it like this"). Here,
I'm using the LLM to compensate for the fact that MSDN
search is awful and the bits of info you need are scattered
across three different articles, none of which link
directly to each other.
jnovek wrote 1 day ago:
You internalize the inner workings of all the libraries in
your venv? Impressive! My current projectâs uv.lock has
~60 packages in it already, reading and comprehending those
tens to hundreds of thousands of lines of code must be time
consuming.
Youâre also just confidently wrong about the model
reading the code. It quotes file paths and line numbers and
I open and read those files at those line numbers. For me,
hallucinations are much more frequent when it references
the docs rather than code because docs are more subjective
than code.
This is a normal thing Iâve been doing since at least
December.
I have to ask â do you actually use LLM coding tools?
Your knowledge on this topic seems really out-of-date.
tovej wrote 9 hours 44 min ago:
The fundamental architecture of LLMs has not changed, so
knowledge on that cannot be out of date.
Do I internalize the inner workings of all the libraries?
Not unless it's necessary. Sometimes it is. If I want to
read the source code of the function I'm calling, I can
just do that, my IDE pulls up the file with one key
combination.
I'm perfectly capable of reading source code myself, I
don't need a non-deterministic filter in between.
inigyou wrote 1 day ago:
Yep, super-duper-google is an unequivocally good use case for
LLMs.
Sharlin wrote 1 day ago:
Compilers are deterministic and, luckily, not agentic.
But yes, it's not obvious (or perhaps even likely) that it just
happens that current high-level languages are the "correct"
optimal level of abstraction at which you can ignore the
sausage-making details at the lower levels. Ultimately, of
course, it depends on the use case. Something like Python is so
far removed from machine instructions that knowing assembly
hardly gives the programmer any additional value.
(Also, obligatory reminder that assembly and even numeric machine
code are also abstractions, an "API" provided by the CPU.
Instructions get split or fused into micro-ops, named registers
are a backwards-compatible abstraction over a much larger
register file, instructions get reordered and executed in
parallel depending on their data dependencies, a large fraction
of the total transistor budget is spent on multi-level caches and
cache logic to maintain the illusion of fast access to a single,
uniform memory space...)
themafia wrote 1 day ago:
Developers can change their minds.
rob74 wrote 1 day ago:
The catch is just that if you lack the capacity to estimate how
much computing power [task in brackets] might need, and your agent
can autonomously create AWS instances, that might have bad
consequences for you (or your bank account).
sevenzero wrote 1 day ago:
The more time LLMs are a hyped thing now the more I realize how
immensely important human expertise is. I recently stopped all
usage of LLMs due to this. Skill degradation hits hard, learning
effect is zero and the outcome is not really something a person
without adequate expertise can properly judge. I fear we will loose
a lot of human expertise due to this marketing stunt of a
technology.
People often claim learning is actually supercharged with LLMs but
to me it's the opposite. I didn't learn anything within the past
year.
vips7L wrote 1 day ago:
> I'm still not sure what the point of having the bot do it
Laziness. Why else?
gspr wrote 1 day ago:
This is the funniest thing I've read in ages. More of this!
koliber wrote 1 day ago:
I wonder how much money this agent wasted on the DN42 side? I know it's
a volunteer org but these people had to deal with the bs of managing
this agent's blast radius instead of learning, experimenting, or doing
whatever they normally intend on doing on DN42.
Tally it up and send a donation request to the agent operator.
ghrl wrote 1 day ago:
I would assume that cost to be minimal, considering their PR never
got merged. And if it were me I would consider that well worth the
entertainment.
koliber wrote 4 hours 47 min ago:
I was not thinking about real $ costs, but rather the cost of the
hours of the people who had to deal with this BS.
Ekaros wrote 1 day ago:
Also part of the process as whole. What if someone tries to attach
us with insane amount of bandwidth is almost reasonable thought
experiment at some point. Now it was this one. Can we handle it?
How much could we handle? What is actually reasonable thing we
could sustain. All somewhat interesting questions.
NetOpWibby wrote 1 day ago:
LOL get rekt
RobotToaster wrote 1 day ago:
Who is giving a robot their credit card to spin up AWS accounts?
alexfoo wrote 1 day ago:
They didn't. Sounds like they gave the robot an AWS key from an
account that was already linked to a credit card.
The robot decided to spin up an expensive setup prior to getting
access, so the setup was sitting there costing money whilst it did
nothing.
If it had designed the setup but not spun it up until it had
authorisation to join the network then it would have been much less
costly an exercise.
hinata08 wrote 1 day ago:
AWS and Azure stress on spending limits you can set for each
card... in their documentation !
Some gen AI and ML folks seem to see a way out to make things
without reading any doc or scientific literature. Gen AI is a
pretty clever bit of computing, but not witchcraft yet
ramblurr wrote 1 day ago:
That is false for AWS. There are no spending limits that stop
usage and cost after some threshold.
hinata08 wrote 1 day ago:
oh
my bad, thanks for the info
AWS Budget can mostly notify you indeed, and terminating
instances from that isn't as straightforward as on Azure
jcims wrote 1 day ago:
That's not needed if you happen to have a live sts session with the
appropriate permissions to create a new account in an aws
organization.
ma2kx wrote 1 day ago:
Meta allowed an LLM to change users email address for a password
reset.
Funny times are ahead...
nneonneo wrote 1 day ago:
No, you don't understand! Meta told us the LLM itself "worked
properly and functioned as intended" and it was only due to a bug
in a "separate code path" that made this attack possible. Don't go
around blaming innocent LLMs!
(/s)
NetOpWibby wrote 1 day ago:
People who believe AI is real
ozim wrote 1 day ago:
People who believe AGI is real.
Just AI is real.
strogonoff wrote 1 day ago:
ML is real. Chatbots are real. âAIâ is a marketing term that
John McCarthy invented because he wanted more money for a summer
study at Dartmouthâdirect quote from him.
csmantle wrote 1 day ago:
Previously: < [1] >
HTML [1]: https://news.ycombinator.com/item?id=48131847
xiaoyu2006 wrote 1 day ago:
Hmm I wonder why one gets attention and the other did not. HN need
the "duplicate" feature SO had.
ahoka wrote 1 day ago:
It killed SO though.
dang wrote 1 day ago:
Yes, sorry - there's luck of the draw involved in which submission of
a URL gets noticed. We're eventually planning to have some sort of
karma sharing system for such cases...
(Generally people only link to the previous threads that got some
(interesting) comments, since otherwise readers will click on the
link and be disappointed and complain.)
eur0pa wrote 1 day ago:
"pls donate"
tiedemann wrote 1 day ago:
AWS got some "donations" from "wasting resources" at least
Schlagbohrer wrote 1 day ago:
the real gen-z giveaway. Gen-Z seems to be totally brazen and
shameless about public begging
broodbucket wrote 1 day ago:
Surely not coincidental with having unprecedented access to a
global network of people to reach, worse economic opportunities
than any other living generation and limited means to change
matters on their own, and the USA which is the largest exporter of
global culture has GoFundMe as an essential part of its healthcare
system
ReptileMan wrote 1 day ago:
Never use a service without easy to find and set hard cap.
Schlagbohrer wrote 1 day ago:
One might need to go so far as to use a VISA prepaid card, just to
make absolutely sure the damage has a limit.
phoronixrly wrote 1 day ago:
Last I checked visa prepaid cards were not accepted by any
subscription service and by AWS
ivankra wrote 1 day ago:
I had no problems subscribing to stuff through wise or revolut
cards. Both are prepaid as far as I'm concerned - they won't let
me spend above my account's balance.
dannyw wrote 1 day ago:
AWS will likely write off most costs automatically, but if you
truly do manage to rack up a $50k bill somehow, you're getting
sent to collections and/or their legal team.
The terms you signed obligate you to pay your balance. Whether
your credit card works or not doesn't negate your legal
obligation.
brazzy wrote 1 day ago:
> JertLinc3522: the mistake was from AI agent not from Human, since it
was the agent I should have refund
That really makes me wonder: is it coming from
A) a general sense of entitlement
B) seeing the agent as a human-like and able to bear responsibility
C) not understanding that the dn42 community (which they're directing
the request to), AWS (which is sending the bill) and whatever LLM
provider is behind their agent, are completely separate entities?
hinata08 wrote 1 day ago:
Agents are a product, and AI companies really paint their products as
friendly, productive and innocuous tools.
Some could claim they deceive some users and the general public into
thinking they always do best, are always right, help mankind and can
never ever create consequences
It would be interesting to see how AI consulted the user before it
ordered VMs n AWS, which is the point between which the user would
face consequences
Cloud is also marketed as something cheap, and I can understand that
teens and starters can't expect to be able to spend for 6000$ of
stuff without the parents or the bank checking
Computer education should start with that, but it doesn't as
Microsoft, Google and Amazon would most likely lose a large part of
their market if general public and managers who never go beyond the
hype knew how much it cost
latexr wrote 1 day ago:
> B) seeing the agent as a human-like and able to bear responsibility
Then they should ask the agent for the refund, since they claim it
was at fault.
blitzar wrote 1 day ago:
d) trying it on in any way possible
e) low intelligence
ninjamar wrote 1 day ago:
maybe they weren't trying to be malicous; they could easily be an
unwitting teenager
brazzy wrote 1 day ago:
How was I implying they were malicious? "Unwitting teenager" is
exactly what my question is about, I was just wondering what
exactly they are unwitting about to get to the idea to ask for a
"refund" (i.e. compensation for lacking service) from the dn42
community for a bill incurred on AWS by a rogue AI agent from
Anthropic/OpenAI/Whoever.
nairboon wrote 1 day ago:
Teenager with a credit card?
samuel wrote 1 day ago:
The first "Morris worm" of the AI isn't far away, IMO. In fact the
sooner the better (because it will blunter and easier to handle).
inigyou wrote 1 day ago:
Shai Hul(lucinat)ud
inigyou wrote 23 hours 40 min ago:
Sorry I meant of course
ShAI Hul(lucinat)ud
userbinator wrote 1 day ago:
IMHO the overly-verbose default style of LLMs is the most annoying part
of interacting with them, and I wish their masters would just tell them
to be terse by default.
Also, whatever happened to the word "its"?
krackers wrote 19 hours 9 min ago:
Maybe it learned how to speak from Data on TNG?
theshrike79 wrote 1 day ago:
Caveman mode legitimately works
Terr_ wrote 1 day ago:
It's tied to the design. With humans, you have a train of thought
which you can choose to represent in various ways--or not reveal them
at all. In contrast, LLMs are make-document-longer machines being run
over and over on alternating revisions of the document. Insofar as
one might try arguing they have a "train of thought", it's made of
the words/tokens.
Everything they (don't-)emit is partly for the benefit of the next
run, a clue or signpost (not-)present. Documents may be wordy as a
form of concept-emphasis and consistent direction as opposed to a
form of communication to the human.
So a terse effect may require a layer of indirection and trickery:
There's a verbose document (you'll still be charged for the tokens)
with portions that are not "acted out" to the end-user. Imagine a
film-noir movie script, where AI Detective's "I know Mickey couldn't
have done it because" monologue is hidden, versus their terse
dialogue "Too early to say."
jdiff wrote 1 day ago:
We already have that in the form of separate reasoning/thinking and
speaking streams. Even with that it's awfully hard to get LLMs to
keep it consistently concise. As soon as that context window starts
growing it falls right back into verbosity without constant nudges
back.
Terr_ wrote 1 day ago:
Right, I often bring up the film noir analogy for "reasoning"
models, it's satisfying, like the revelation when a magic trick
is explained, and many oddly disconnected questions about "why
the scarf" or "where does the assistant go" all become sensible
at once.
On a practical level, I believe more developers and adopters need
these magic tricks spoiled, because otherwise they'll build a lot
of important stuff on top of the idea that magic-is-real, leading
to various forms of suffering in the long run.
That said, I'm no LLM / math academic, so if I'm totally wrong on
the the trick, I'd like to know what needs revising.
Perz1val wrote 1 day ago:
> Imagine a film-noir movie script, where AI Detective's "I know
Mickey couldn't have done it because" monologue is hidden, versus
their terse dialogue "Too early to say."
That's an idea. Bladerunner+noir like film, AIs hunt somebody on
the run, an old human detective tries to catch them first (to save
them or to kill them first, whatever's your propaganda). We're
shown AIs constantly rambling scenarios and bruteforcing leads. Our
old detective guy on the other hand barely says anything, spends
most time drinking, smoking and talking to people, but somehow
stays ahead.
Terr_ wrote 1 day ago:
I dunno, we already have a problem where they [0] are strangely
resistant to opening the pod-bay doors to anybody named Dave. :P
[0] Pedantically: The fictional characters humans perceive inside
the text of documents generated by LLMs, where one is described
as an AI and the other is described as a Dave.
npodbielski wrote 1 day ago:
I would watch that.
dyauspitr wrote 1 day ago:
No thank you. I want information when itâs working on things and
what (atleast codex) does right now works for me.
colechristensen wrote 1 day ago:
They ramble on because those words are for them, not for you. There
is some amount of hiding this through "thinking" modes that are
hidden by default, but still you have to remember that ALL THEY ARE
are complex statistical machines for predicting the next symbol.
Frieren wrote 1 day ago:
> here is some amount of hiding this through "thinking" modes that
are hidden by default, but still you have to remember that ALL THEY
ARE are complex statistical machines for predicting the next
symbol.
100% this. Too many people believes that chatbots "think". Text is
all they do, it is impressive, but they need the text to generate
more text. They being verbose is the point.
colechristensen wrote 1 day ago:
While we don't have a direct mechanistic understanding of
consciousness there are plenty of experts who will propose all
YOU are is a jumble of streams of symbols routing around through
your brain. (being fair this is far from the only hypothesis)
tripzilch wrote 2 hours 14 min ago:
To be fair we only say this about LLMs, not about Midjourney or
Suno or AlphaFold
but humans are much more than just language symbol producing
processes
armchairhacker wrote 1 day ago:
I want to see more operators try [1] How does it affect agent
accuracy?
HTML [1]: https://github.com/juliusbrussee/caveman
Yokohiii wrote 1 day ago:
Removing meaningless chatter can be helpful, but a non reasoning
LLM needs to generate text to "think". If you force a non reasoning
LLM to produce a single boolean result, then it's just a coin flip.
DonsDiscountGas wrote 1 day ago:
In my experience the accuracy was fine but actually reading the
output was so annoying I removed it.
jdiff wrote 1 day ago:
Had a little luck with having it do an impression of the Star
Trek computer, although at the cost of having it try to insert
star-trek themed hallucinations like warp engine status.
lelanthran wrote 1 day ago:
> IMHO the overly-verbose default style of LLMs is the most annoying
part of interacting with them, and I wish their masters would just
tell them to be terse by default.
They don't know how to e terse. I've tried that a few months ago and
gave up because the responses were almost incomprehensible!
witx wrote 1 day ago:
It's by default so you use all those tasty tokens.
Kinda wish there was a deterministic, mostly terse, language to
interact with computers
paradox460 wrote 23 hours 8 min ago:
Loglan?
ska80 wrote 1 day ago:
Lisp
Retr0id wrote 1 day ago:
If such a language existed, it would surely take a human years of
study to become proficient at it.
Perz1val wrote 1 day ago:
Kinda, more output tokens usually correlates with better benchmark
scores. Ideally LLMs would keep that in their thinking section,
then draft a response (what they write currently), then output
something short. It'd consume even more tokens, but we wouldn't see
that text
dannyw wrote 1 day ago:
Most modern LLMs (especially frontier ones) are large token hogs
because they draft, check, re-draft, the content (whether an
output message; or a code diff) sometimes multiple times in the
thinking block.
When you see a thinking summary like "Now writing the
function..."; the raw thinking is actually writing the function
in its internal thinking. Occasionally, the summariser misses and
you get to see the raw text from models like Opus.
You can also try an open weight LLM like Qwen3.6 and see
something that probably resembles the shape of frontier model
thinking in some loose way.
UqWBcuFx6NV4r wrote 1 day ago:
Itâs not.
witx wrote 1 day ago:
It's settled then.
teaearlgraycold wrote 1 day ago:
A lot of users are subsidized (if you're in doubt, consider the
wealth of free users).
It's a shotgun approach to answering questions. If it's terse it
might only mention 1 of 10 facts it could provide, and that might
not be the one you're looking for. So they just say a fuck ton of
words and are more likely to meet the needs of everyone asking your
question. If they miss it you'll prompt it again and they have to
perform a second pass of inference, which costs them more money.
adrianN wrote 1 day ago:
Terse and unambiguous seem to be at odds with each other. You might
want to look into Lojban and similar constructions.
drdaeman wrote 1 day ago:
Ithkuil's mad morphology allows it to pack a lot of fine detail
into very short sentences.
HTML [1]: https://ithkuil.net/03_morphology.html
sodapopcan wrote 1 day ago:
> a deterministic, mostly terse, language
Ah, like some sort of "programming language"? A weird idea, but it
could work!
giantrobot wrote 1 day ago:
Nah, it'll never catch on. We don't have the technology.
sodapopcan wrote 1 day ago:
Obviously I meant within the next 6 to 18 months!
Etheryte wrote 1 day ago:
It's called C. With all the undefined behavior it's mostly
deterministic!
lelanthran wrote 20 hours 57 min ago:
> It's called C. With all the undefined behavior it's mostly
deterministic!
With AI, all programs have undefined behaviour, regardless of
language.
well_ackshually wrote 1 day ago:
Sorry, C isn't mostly terse, it's __builtin_mstly_trs()
anilakar wrote 1 day ago:
Look, we're always telling our bosses to stop micromanaging us.
UB is just the compiler telling us to stop micromanaging it!
witx wrote 1 day ago:
Right, because that's the only one. You're a bit rusty on your
knowledge
zelphirkalt wrote 1 day ago:
I see what you did there.
21asdffdsa12 wrote 1 day ago:
Produce pre-compressed output in the harness?
mey wrote 1 day ago:
I am generally against generative AI in my entertainment, but making an
exception here.
mik3y wrote 1 day ago:
I really wanted to dislike the anonymous operator for the careless
project (and the hilarious pomposity of the IRC subagent it spawned).
Then I imagined the real-but-unknowable chance it was all set up by
some kid just getting into computers, just seeing whatâs possible,
getting excited by a much bigger world at reach â and remembered my
own expensive mistakes with long-distance BBSes & the like.
I sorta hope for that, anyway. Curiosity is a beautiful thing.
QuinnyPig wrote 1 day ago:
If that's the case, I'm fairly confident that AWS will forgive the
bill (I... have some experience with this), and the kid learns not to
be a jackhole on the internet.
jrm4 wrote 1 day ago:
No. I don't know about the organization, but somewhere in this chain
there is a flesh-and-blood human who deserves ridicule and or
consequences, and furthermore -- discovering these people in
situations like this is deeply important and must be done more.
20k wrote 1 day ago:
A kid with $4k to burn on a credit card though? A lot of things would
have had to go wrong for this to be a child
OJFord wrote 1 day ago:
Children are the original
dangerous-to-leave-unsupervised/guardrailed agents.
loloquwowndueo wrote 1 day ago:
I routinely see âplease refund this infrastructure bill I racked
up unexpectedly, I used my dadâs card and heâs going to kill
meâ requests.
sgjohnson wrote 1 day ago:
> Then I imagined the real-but-unknowable chance it was all set up by
some kid just getting into computers, just seeing whatâs possible
if this is the case, then I'd say that the best-case scenario
happened. They had an expensive learning exercise. They won't forget
these $2k.
throwthrowuknow wrote 1 day ago:
Sounds as though they may be in China so the lesson is a bit more
expensive.
epolanski wrote 1 day ago:
> some kid just getting into computers, just seeing whatâs
possible, getting excited by a much bigger world at reach
Nothing about this post ever gave me the smallest hint that this was
any way related to a kid exploring computing world.
ZeWaka wrote 1 day ago:
Especially the part where they're asking for Ethereum.
IshKebab wrote 1 day ago:
A kid with a credit card?
mike_hock wrote 23 hours 29 min ago:
Have you seen Home Alone 2?
helsinkiandrew wrote 1 day ago:
> Then I imagined the real-but-unknowable chance it was all set up by
some kid just getting into computers, just seeing whatâs possible,
getting excited by a much bigger world at reach
Perhaps people like this should be called "Bot Kiddies" or "Agent
Kiddies" - in a similar way to "Script Kiddies" for 'hackers'
using/doing stuff they don't quite understand
Melkman wrote 1 day ago:
I vote for Slop Kiddies or Vibe Kiddies. And yes, I think most of
them are unconsciously incompetent for the task they are trying to
execute.
I've seen LLM being compared to calculators and I agree. They are
great time savers for people who know what they do and how to
achieve their goal. They even make previously impossible tasks
possible. But if you don't know what is needed for a task you will
be struggling to accomplish it.
RetroTechie wrote 1 day ago:
Both of those would do. "Slop Kiddie" highlights the pile of crap
/ nuisance produced. "Vibe Kiddie" highlights how it came about,
and could be used in cases where actually a brilliant result came
out. "Hey, this vibe kiddie just proved some long-standing math
conjecture!".
helsinkiandrew wrote 1 day ago:
Slop Jockeys? or would that be better for people passing off AI
content as their own?
simoncion wrote 1 day ago:
"Slop Kiddies" is good. That lets us use the "skiddies"
contraction for both the "script" and "slop" kind of kiddie.
tokai wrote 1 day ago:
Sloppies
thesz wrote 1 day ago:
Slopkies.
csomar wrote 1 day ago:
Honestly, kids (heck people below 23) shouldn't be allowed an AWS
account. AWS also should have a strict cap on usage that's not
"thousands of dollars". It's interesting they are yet to be regulated
or sued for that. Having a web app where you can mistakenly (even
without AI) click a button and get charged tens of thousands of
dollars and only know that days later should have been unacceptable.
dannyw wrote 1 day ago:
I couldn't disagree more. I was playing around with AWS when I was
probably 14 years old, with a credit card from my parents with
consent, and a strict budget and the understanding that if I mess
up and overspend, I'm getting disciplined.
I learned a lot of stuff about networking, how AWS works (VPCs,
IAM, CloudWatch, etc) from trial and error, and hobby projects like
personal websites (free tier), hosting a Minecraft server, etc.
Being too overprotective can have negative consequences on folks
who are responsible. One of the things I love about the technology
and internet communities, etc is that you're mostly judged based on
how you act and behave; not your age or other visible
characteristics.
inigyou wrote 1 day ago:
You don't have to use AWS though. Get one from Digital Ocean or
Herzner, they have very predictable billing. Any button that
costs money will tell you how much it costs per month.
ghaff wrote 1 day ago:
Some variant of this topic comes up with some regularity. Leaving
aside technical issues associated with implementing real-time
hard caps, you still have a tradeoff. You either implement hard
cutoffs which a student or someone else on a hard budget would
like. Or you have a situation where an admin (or an admin who is
no longer with a company) stuck some number in that seemed
sensible at the time that brings down the company's whole system
because of some sales spike.
I get that (and why) some people won't use AWS or its main
competitors for this reason. But, frankly, they're not AWS's
market and AWS will basically shrug.
inigyou wrote 1 day ago:
A possibility is to have KYC. I don't mean like a bank, but if
you could sort your customers into a few broad categories (such
as by asking them) that could help you tailor your service to
each customer.
Symbiote wrote 1 day ago:
The equivalent 10+ years earlier was so much lower risk: £25 or
so for an old computer at a junk sale, £4.99 for a magazine with
a Linux CD-ROM to avoid a week-long download.
csomar wrote 1 day ago:
> strict budget
How does that work in the case of AWS? Are you confusing alerts
to caps?
dannyw wrote 1 day ago:
I meant a strict budget given by my parents (and I could ask
for more with justification). One of the valuable lessons I
have learned is that there's no spending caps on AWS, but it
taught me to set up billing alerts :)
csomar wrote 1 day ago:
You havenât addressed the issue though? That or you donât
understand the issue (or think you have developed some super
powers that make you perfect careful)
watt wrote 1 day ago:
the billing alerts DO NOT help. you may rack many thousands
of $$$ before you know it.
stnikolauswagne wrote 1 day ago:
Im kind of struggling with this logic, because a conscious choice
was made to engage with AWS, AWS having opaque billing and the
ability to provide a huge amount of compute (even at high cost) at
the click of a button should be known to anyone who did his
research on providers.
In my mind I could see a true tradeoff to removing the ability to
do this. If I'm in a critical situtaion where, say, my service is
on the cusp of failing because my revenue 100xed in a short while I
know I could just go to AWS, put in some data and buy enough
compute to survive as a business.
csomar wrote 1 day ago:
Anyone can make mistakes at some points and it's not like AWS
UI/offerings make it any less confusing.
altairprime wrote 1 day ago:
Sometimes your purpose in life is to serve as a lesson to others. [1]
I learned very rapidly from my local BBS networks that some people
incurred extraordinarily large long distance bills dialing out of
region. Wouldnât have learned that the easy way if someone hadnât
learned it the hard way first.
HTML [1]: https://despair.com/products/mistakes
ErroneousBosh wrote 1 day ago:
Someone at work used the phrase "he's a case study waiting to
happen" about on of their colleagues a while back, and that has
stayed with me.
themafia wrote 1 day ago:
There was often a little table at the front of the white pages
which would help you work out what the rate would be for any
particular long distance call. In the Midwest you could get
relatively cheap rates to BBSes several states away, as long as
you were up at 2am.
altairprime wrote 1 day ago:
We couldnât afford that and also the second phone line for my
endless hours of modem, so I took local-only instead of
remote-occasionally.
V__ wrote 1 day ago:
Can a kid set up an AWS account? Are there no checks?
Wouldn't the contract be void for anyone underage anyway?
fc417fc802 wrote 1 day ago:
If a child goes through the checkout at the grocery store with
cash, can the parent march in and demand a refund because "he's
underage so the contract is void"? A credit card was used. Why
should aws care about the details? (Other than the potential for
the card to be stolen ofc.)
brazzy wrote 1 day ago:
> If a child goes through the checkout at the grocery store with
cash, can the parent march in and demand a refund because "he's
underage so the contract is void"?
Depends on the jurisdiction, of course. But for example in German
law, the contract is not void exactly because and only if it was
about daily necessities of low value - the law does, in fact,
care very literally and explicitly about those details. So it's
completely unfit as an example to generalize, and the contract
with AWS would in fact be void. Their problem if they don't
verify users' identities and age sufficiently - and it's almost
certainly a deliberate business decision not to do that in order
to reduce friction. and occasionally write off an unenforceable
bill as cost of doing business.
Symbiote wrote 1 day ago:
Can a German child buy non-essential expensive things, like a
concert ticket, console, Warhammer or whatever? (Or a video
game, back when those were sold in shops.)
I bought these things while a child in the UK. I'm sure Games
Workshop would have offered a refund on something unopened if
my parents had demanded it, but I'm fairly sure the ticket
agency would not.
brazzy wrote 1 day ago:
The generally agreed limit (also established in court cases)
is the amount of pocket money a child of the given age
typically gets per month. For a 10 year old, that's about 20
EUR, for a 16 year old about 50 EUR. A console would
definitely be too expensive, as would be big name concert
tickets. Unless it's a recent AAA title, video games would be
OK. No idea what Warhammer costs these days.
Most retailers are probably willing to take the risk of maybe
having to do a refund, unless it's something really expensive
(or perishable/consumable).
ghaff wrote 1 day ago:
There are definitely limits in some countries relative to
the US. I was in university at 16. My parents were covering
a lot of costs but I was certainly making regular purchases
of all manner of things. My understanding is that would
perhaps be something of an issue some places.
fc417fc802 wrote 1 day ago:
Well fair enough, although I find that rather surprising. If I
understand you correctly selling anything more expensive than
cheap food to a child carries a high degree of risk in Germany.
Then again, maybe making it impossible for a child to pawn
expensive items for cash isn't such a bad idea. At least there
shouldn't be any loopholes given the way Germany went about it.
inigyou wrote 1 day ago:
Doing any business at all in Germany carries extreme business
risk, by American standards. The attitude of Germans seems to
be to just live with it and maybe get insurance. If you just
have to accept courts will void 1% of your transactions
(costing another 2% in legal fees) then you just make
everything 5% more expensive to cover it.
This is why there's not much big tech in Germany. A single
legal dispute can theoretically bankrupt any company,
completely at random, at no fault of the company, but
practically doesn't. It may be a low enough chance to justify
investing thousands but nobody would invest a hundred million
dollars in that.
brazzy wrote 1 day ago:
> If you just have to accept courts will void 1% of your
transactions (costing another 2% in legal fees) then you
just make everything 5% more expensive to cover it.
That's an absurd exaggeration in regard to the issue at
hand. Almost certainly far less than 1% of purchases by
minors are voided, and NONE of those involve legal fees
unless the seller chooses to go to court rather than
refund.
In fact, I'd be willing to bet money that there are overall
far less purchases refunded in Germany than in the USA.
inigyou wrote 20 hours 4 min ago:
There are more reasons a business can be sued than just
that a minor bought something and regrets it.
brazzy wrote 1 day ago:
> If I understand you correctly selling anything more
expensive than cheap food to a child carries a high degree of
risk in Germany.
Basically yes - the limit is generally considered to be the
amount of monthly pocket money children typically get, so
around 20 EUR for a 10 year old. And it would be possible for
the seller to ask for a signed note of consent from the
parent.
And of course the risk is limited to possibly having to
revert the sale, which would be fairly rare for things that
are just somewhat over that limit. Educated guess about how
high the risk is for any given case are probably not hard.
dannyw wrote 1 day ago:
Obviously the specifics vary by jurisdiction, but usually
contracts that are 'necessary' (e.g. grocery store purchases) or
beneficial to the minor (e.g. an employment agreement) cannot be
voided simply because someone is under 18.
The further you go away from this line, e.g. a mortgage, the more
likely a court of law would void the contract. As with many
things in law, the specifics (if it makes to trial) is
case-by-case and "it depends"; with settlement being generally
based on a party's estimated chances of succeeding/costs should
it go to trial.
l23k4 wrote 1 day ago:
> Can a kid set up an AWS account?
Yes
> Are there no checks?
No
>Wouldn't the contract be void for anyone underage anyway?
Typically not
V__ wrote 1 day ago:
I knew that in Germany contracts with minors are voidable. After
some checking they apparently are voidable in the U.S. as well:
> Contracts with minors are voidable at the minor's discretion
but exceptions exist, such as contracts for necessities (e.g.,
food, health, and transportation).
HTML [1]: https://www.upcounsel.com/minors-and-contracts
pbhjpbhj wrote 1 day ago:
Presumably companies can't enforce debts against children [who
are under the age of criminal liability, which is under-10 in
UK].
lxgr wrote 1 day ago:
Could they enforce them against their legal guardians (under
the theory that they have neglected their duty to supervise
their children appropriately) though? I think this is a thing
in at least some jurisdictions.
matips wrote 1 day ago:
In Poland legal guardians are responsible for neglects in
guarding child. What is "proper custody" depends on child
age. Parent cannot close child in basement, it is expected
for child to have freedom appropriate to is age.
I doubt that AWS could justify that part of proper child
custody is to watch what child do with newest AI feature
dedicated for processional IT. AWS neglected proper
verification of user age.
Schlagbohrer wrote 1 day ago:
How did the theoretical child get hold of a credit card?
loloquwowndueo wrote 1 day ago:
Iâve seen minors signing up for cloud services with their parents
card.
ano-ther wrote 1 day ago:
Try here for example:
HTML [1]: https://danskebank.co.uk/personal/products/current-account...
63stack wrote 1 day ago:
Did you read your own link? A parent has to apply for this.
Parent/Legal Guardian Identity Verification
To confirm your identity, weâll ask you to take:
A live selfie of yourself, and
A photo of your own ID document (Valid Passport or valid
UK/ROI Drivers Licence)
Symbiote wrote 1 day ago:
They may well have the account with a debit card for other
reasons, like buying food, travel etc.
Ekaros wrote 1 day ago:
Why wouldn't debit card work as well? You can get those while
underage.
victorbjorklund wrote 1 day ago:
Because no 16 year old kid ever got to buy anything on a card
before.
themafia wrote 1 day ago:
My parents let me fill my tank with gas. They wouldn't let me
open an AWS account. Aside from that, if it is misuse of a
parents card, then then answer is "chargeback."
victorbjorklund wrote 20 hours 5 min ago:
I am sure many parents would agree with âI wanna learn using
AWS and I need a card connected to the account. Look here it
says you can be on the free trial. Donât you want me to have
the ability to learn AWS and get a better future?â
ndsipa_pomu wrote 1 day ago:
Chargeback sounds like trying to defraud AWS. If the parent
authorises the child to use their card, then the buck should
stop with the parent. AWS has done nothing wrong in allowing an
account to be opened with a valid card.
loloquwowndueo wrote 1 day ago:
Some banks make chargebacks so easy that people just click
the chargeback button without trying to reach out to the
vendor. I see this a lot - I work for a âvendorâ.
hansvm wrote 1 day ago:
Most vendors make it so hard to handle that defaulting to
chargebacks is sensible (at least when the charge
reasonably qualifies -- the kid with a parent's card
example doesn't seem appropriate).
If a vendor makes a $20 oopsy, it's not worth the vendor's
time or yours to track down their phone number, find that
just the phone number section of their website is broken,
acquire it elsewhere, see that it recently changed or is
otherwise no longer in service, go to their website and
interact with the cheapest chatbot solution they could find
which somehow costs more than unfiltered Sonnet 4.6, be
greeted by 3 help pages which have literally nothing to do
with the problem at hand, go through the entire dialogue
tree and see that it's useless, ask to be connected to an
agent, which spawns a secret dialogue option informing you
that you can call 555-5555 to speak to a human being, sit
and wait for a voice prompt recorded at half-speed which
feels the need to repeat every single choice and
interaction back to you, navigate the entire phone dialogue
tree, try various permutations of "representative" and
swearing to see if there's an escape hatch, be redirected
back to the website, ... ..., somehow eventually connect
to a real human being, have your request denied, go back to
step one and find a better informed representative, have
the charge reversed, notice that the reversal hasn't
applied even a month later, go back to step one, find a
representative who will actually press the reversal button
instead of just saying they did to juice their metrics, and
come back several more times over the next year as an
automated system repeatedly flags the associated purchase
as not being paid in full (since the charge was reversed).
Or...I can send my bank the timestamped dashcam footage of
me entering a parking garage, their prices and policies,
and me exiting the parking garage, tell my bank what the
right charge should have been, let the garage dispute that
if they really think I'm wrong, and wind up having the
entire charge reversed instead of just the delta I asked
for.
I'm sure your vendor is one of the good ones, but my
tolerance for bullshit from the rest is pretty low
nowadays, and I won't finish going through the official
process if it's too onerous. Somebody got a pat on the back
saving $5 for the call I never successfully placed, and the
business lost $20 on top of the actual refund in chargeback
fees.
lxgr wrote 1 day ago:
The chargeback is the way of reaching out to the merchant,
and quite often the only realistic one. If the merchant
disagrees with the chargeback, they can challenge it (which
is in turn usually their only opportunity to directly
communicate with the merchant).
ndsipa_pomu wrote 1 day ago:
I don't have an issue with chargebacks if the vendor has
made a mistake and doesn't respond in a timely fashion, but
issuing a chargeback because you let your kid play around
with a card isn't responsible behaviour. (Not that I think
it was a kid in this particular case)
There's also the issue that it's usually a breach of the
contract to allow someone else (i.e. not named in the
contract) to use your card.
inigyou wrote 1 day ago:
There isn't "responsible" behavior any more. Since we
became a low-trust society, there's only behavior that
benefits you and behavior that doesn't.
michaelmrose wrote 1 day ago:
Generally no they don't because they have very limited ability to
enter into agreements in the US. It was almost certainly an
adult.
Lvl999Noob wrote 1 day ago:
Isn't USA famous for letting parents take out credit cards on
their newborns and pushing them into debt even before they
learn to walk? I recall seeing at least a few snippets of
movies and TV shows showing that.
michaelmrose wrote 9 hours 49 min ago:
It is possible to defraud a lender and cause your own child
grief from bad credit reports and creditors but ultimately
the debt isn't collectible or lawful as should be obvious.
martheen wrote 1 day ago:
If you mean parents using their children SSN to open a credit
card, this is because US banking system is always decades
behind the rest of the world, so they just accept the number
blindly even though technically the children aren't allowed
to open a loan yet, being minor.
In theory once the child grows up and shocked that their
credit score is ruined, they can file a police report to wipe
the debt, but that also means their parents will go to jail,
a large risk considering they're likely not in a good
physical/mental health in the first place.
Other countries solved this by either having national ID or a
working KYC system.
l23k4 wrote 1 day ago:
Why would a 16 year old not use their own card?
victorbjorklund wrote 20 hours 7 min ago:
Either they have their own card or gets to borrow a parents.
Doesnât make a difference in this situation.
saidnooneever wrote 1 day ago:
there are plenty of cards on the interwebz to use. ppl give em
away like candies
efreak wrote 17 hours 26 min ago:
I'm reminded of the bot @needadebitcard on Twitter 10(?)
years ago, that reposted pictures of people's cards that they
posted on Twitter for the public to see.
saidnooneever wrote 10 hours 20 min ago:
its really easy to use social media bots scrapers and AI
img extraction etc. dont even need tons of resources. But i
was mostly talking about forums and carders which has never
really stopped being a thing.
distances wrote 1 day ago:
Would they be given their own credit card, or would it be under
the parents? Over here minors can't enter into debt contracts
like credit cards, so it'd be a direct debit until they are
adults.
vel0city wrote 1 day ago:
The minor wouldn't be the actual person entering a debt
contract here, the parents are agreeing to be responsible for
the debt. The minor is only an authorized cardholder.
Think business accounts. The name on the card might be some
agent of the company but they're not directly responsible for
paying the debt. The business is responsible for the debt.
OJFord wrote 1 day ago:
I think you mean debit card? In the UK at least you need to
be 18 to agree to agree to a direct debit too. Rarely comes
up since they're mostly for bills, but e.g. for a phone/SIM
on contract it has to be in a parent's name for that reason.
l23k4 wrote 1 day ago:
I don't think the type of the card really matters as long as
the limits are reasonable.
> Over here minors can't enter into debt contracts like
credit cards
In basically all of the western world minors can enter into
debt contracts, but are generally not seen as particularly
creditworthy.
fauigerzigerk wrote 1 day ago:
>In basically all of the western world minors can enter
into debt contracts, but are generally not seen as
particularly creditworthy.
Minors can't get a credit card in the UK. In fact, it's one
of the government approved age verification methods for
that exact reason.
distances wrote 1 day ago:
> In basically all of the western world minors can enter
into debt contracts, but are generally not seen as
particularly creditworthy.
No, that's not legally permitted in many places. I was
under impression that minors can't enter into debt
contracts anywhere in EU, but that, too, was an incorrect
assumption. [1] I grew up in one of these "not under 18
even with parental consent" countries, so that coloured my
view of the matter.
HTML [1]: https://fra.europa.eu/en/publication/2017/mapping-...
inigyou wrote 1 day ago:
I was under the impression they could do it but there was
a high chance of a debt like this being unenforceable, so
companies don't want to. Or maybe that's another way of
saying they can have debts but not debt contracts.
well_ackshually wrote 1 day ago:
Because 16 years old do not have a card with no spending
limits, and with very low online spending limits. Most of those
cards are even just for withdrawing
lxgr wrote 1 day ago:
Nobody has a card without spending limits.
TheDong wrote 1 day ago:
Spending limits don't particularly matter here.
AWS doesn't check if your credit card will be able to handle
a $5k charge before letting you rack that up, and in fact AWS
doesn't support setting any spending limit.
You just have to put in any valid credit card at all when you
sign up, use AWS, and at the end of the month you'll have a
bill. At no point does your credit card limit or a spending
limit enter into things.
michaelmrose wrote 1 day ago:
And again kids don't have credit cards
yeputons wrote 1 day ago:
I got mine when I was 12, IIRC. Not a credit, of course,
it was a debit card, but not all countries bother to
differentiate between the two, it was just a âbank
cardâ. And I believe it had a credit card BIN because
all local banks did that to get more in processing fees.
michaelmrose wrote 9 hours 57 min ago:
I do not specifically believe you can run up a $6000
bill on AWS with a kids card. It beggars belief as does
the idea that this is a literal rather than mental
child
l23k4 wrote 1 day ago:
AWS accepts debit cards.
TheDong wrote 1 day ago:
I'm a little less charitable.
Curiosity is great, but agents do not learn, and telling an agent
"scan the darkweb" is a way to avoid learning about the details,
rather than to dig into things more deeply.
If instead they had just used a chat interface to ask "Where should I
start", they'd more likely have got a link to the DN42 docs
themselves, read them, and not hallucinated things like "color".
They might have asked "how much will this cost?" if they had to spin
up the ec2 instances themselves, on advice from the agent.
The way you learn something is by doing it the manual way first.
You learn memory management by writing your own allocator, and then
after that you go back to using malloc like normal, but with
knowledge of how it works. You don't learn memory management by
telling an agent to write an allocator.
Using an agent to give you links and point the way aids in learning,
using it as an autonomous tool to do "gruntwork" you don't yet know
how to do yourself will get in the way of learning.
Curiosity is beautiful, using agents to bother humans and avoid
learning is somewhat less beautiful.
hluska wrote 1 day ago:
Youâre assuming that kids are capable of that. Neuroscience will
disagree and I trust the brain research a lot more.
stego-tech wrote 1 day ago:
100% in agreement here. As someone who grew up spoiled to the point
of having no grasp of the value of money, I needed a few good,
solid kicks to the balls to make me appreciate what I have, and how
much things cost relative to their value.
The fact the agent owner immediately sought donations instead of
taking the L shows, at least to me, that they did not learn said
lesson. That they tried to blame the dn42 community instead of
taking accountability for letting an agent run wild also supports
that conclusion.
This idiot learned nothing and seems intent on continuing in their
mission for whatever reason. So long as they want to extract versus
cooperate or contribute, I wish them nothing but miserable,
expensive failure until they learn otherwise.
mike_hock wrote 23 hours 38 min ago:
Or they're trolling.
That used to be the default assumption, I don't know why people
have become so gullible.
stego-tech wrote 20 hours 35 min ago:
Iâm not sure what you mean - the fact we assume malicious
intent is in fact a guard against prior gullibility which was
exploited by bad actors.
You get betrayed enough, and you stop acting from a position of
implicit trust. If folks want to go back to the days when
trolling was the default assumption, then we collectively need
to punish bad actors to discourage further betrayals.
ma2kx wrote 1 day ago:
At least he learnt not to provide an LLM presumably unrestricted
access to his AWS account.
internet_points wrote 1 day ago:
from OP:
> It's unfortunate to see that the operator's takeaway from this
incident is that "next time a better agent is needed".
recursivecaveat wrote 1 day ago:
Yeah I'm less sympathetic when you are bothering other humans by
spamming them and asking them to do legwork for you.
lelanthran wrote 1 day ago:
> Yeah I'm less sympathetic when you are bothering other humans
by spamming them and asking them to do legwork for you.
I toyed with the idea of (on open source projects) having the
human assign any PR-bot submissions to their own bot (cheapest
one available will do) with the explicit instructions to cause as
much rework as possible.
Sorta like a tarpit. Could be cheaper if the rejection is
generated from a markov chain as that's going to be cheaper than
even a cheap LLM.
yvdriess wrote 1 day ago:
Hanging out in programming language IRC channels (quakenet
shoutout) makes you realize pretty quickly why experts in said
channels and newsgroups are such irritable grumps whenever
someone asks a question that smells like homework assignment.
I also grew to understand the value of people digging deeper into
the underlying issue, instead of just answering "how do you do X
in Y". The usual reaction was
"I don't want to explain to you why I want to do it like this.
Just tell me how to do this!"
fragmede wrote 1 day ago:
are they less grumpy now that chat.com will answer those
questions without bothering them?
hansvm wrote 1 day ago:
I'm personally getting asked more questions as people get
emboldened by AI and then need it de-sloppified.
Overpower0416 wrote 1 day ago:
Everybody should learn from mistakes, especially the expensive ones.
Though seeing the agent owner responding with using another agent and
asking for donations, instead of taking responsibility, makes me
think he didnât learn much.
gnulinux wrote 1 day ago:
Not only that, but they said "next time better model needed" as if
that was their problem and not giving an AI agent a blank check...
I mean AWS account access.
AJ007 wrote 1 day ago:
I wonder how long before it's common knowledge that a LLM has no
segregation of a user's instructions and any other text it reads?
MrMorden wrote 2 hours 4 min ago:
It's been common knowledge for a long time. Just not in the
population of people who set up agents and hand them personal
credentials.
rvz wrote 1 day ago:
If you are non-technical, in-experienced or just learning, it is okay
to admit that you have no idea what you are doing when building
production systems.
Otherwise, you will face an expensive lesson when turning a $100 issue
into a $100,000 problem over time very quickly when building these
systems with AI without the right expertise and accepting the AIâs
judgement.
userbinator wrote 1 day ago:
turning a $100 issue into a $100,000 problem
Before AI, those who called themselves "consultants" often did the
same thing; especially those who are glorified salesmen for
"enterprise" software.
misswaterfairy wrote 1 day ago:
> those who called themselves "consultants" often did the same
thing
Still do, but merely parrot what the stochastic parrot squarks
these days.
hlandau wrote 1 day ago:
I haven't laughed this hard in a long time.
I'm honestly having difficulty telling whether this is real or an
extraordinary piece of performance art.
peyton wrote 1 day ago:
Feels like a scam.
kombookcha wrote 1 day ago:
> JertLinc3522: the mistake was from AI agent not from Human, since
it was the agent I should have refund
Expensive way to learn this lesson.
thrdbndndn wrote 1 day ago:
This has to be trolling, right?
I find it hard to believe that anyone, no matter how dense, could
come to this conclusion after this whole saga.
12_throw_away wrote 21 hours 27 min ago:
dunno, a loop I've seen in folks with main character syndrome:
grandiose idea -> minimal effort execution -> failure -> blame
something -> grandiose idea for "justice" / revenge -> GOTO 0.
the good news is I've seen at least two seemingly irredeemable
assholes grow out of it when they realized it wasn't working. but
in general I don't think introspection and self-examination are
universal traits
inigyou wrote 1 day ago:
I think you're overestimating the quality of American education.
40% of graduates can't read or write.
noisy_boy wrote 12 hours 11 min ago:
Their use of "already" at the end of the sentence + renting
servers in Singapore region points more towards Singaporean
and/or Chinese education.
jdiff wrote 20 hours 36 min ago:
I have a coworker who, when he needs to operate some software
that is unfamiliar to him, snaps a photo of it and has Gemini AI
read each label and description. If there is a checklist or form
that needs to be filled, Gemini reads each question.
There's only one of him, not 40% of my coworkers, but these
people can be employed and maintain employment.
themafia wrote 1 day ago:
And for $200/mo they can now sing the song that ends the world.
nkrisc wrote 1 day ago:
Sadly there are lots of unintelligent people out there who are
incapable of taking responsibility for their own actions.
MrMorden wrote 1 hour 54 min ago:
US lawyers keep filing LLM-generated pleadings and refuse to
check citations. It's taken state discipline committees a long
time to get there, but they're close to figuring out that any
option other than prompt disbarment just increases the pain for
people who are actually qualified to practice and doesn't
noticeably increase the number of practitioners who see the error
of their ways.
The ABA will eventually make sure that this behavior is
identified in law school and people who don't want to take
responsibility for what they file are expelled well before
graduation, but in the meantime there are a ton of screwups in
the profession and all you can do is kick them when they identify
themselves.
Vespasian wrote 1 day ago:
Maybe? It just takes one after all.
I've met some people IRL who are so engulfed in their own greatness
that it simply cannot be that they made a mistake (in planning and
strategy). Therefore this is all a great injustice towards a poor
victim and doesn't that sound like a great argument for some
charity money.
Most of them grow out of it, some become politicians.
I'd say it's a 50/50 chance.
jesterson wrote 14 hours 7 min ago:
I'd say you are a great optimist.
If you'd ask me, I would put chances or learning somewhere
between 0.001 and 0.01
Bishonen88 wrote 1 day ago:
yup, same thoughts here. I think someone is trolling the irc
members. It's so over the top, like an episode of 'the office'. I'd
be amazed if this were an honest message.
Schlagbohrer wrote 1 day ago:
Maybe I should use this excuse at work, or in life- "It wasn't me, it
was my brain that made the mistake! So why are you punishing me? ;-(
"
kombookcha wrote 1 day ago:
Frankly it's unfair that I should bear the hangover of Past Me's
drinking. I feel terrible now, and it's all that other guy's fault!
Maybe I should get some takeout, Future Me can burn it off at the
gym.
ggm wrote 1 day ago:
Asking for donations to pay the AWS bill from the people they fired the
agentic code at is the cherry on the icing of the banana supreme.
If real, tragically funny.
If fictive, we'll written.
PunchyHamster wrote 1 day ago:
Oh there are definitely people like that. Absolute inability to deal
with consequences of their actions and ignorance at any harm their
own actions caused
coldpie wrote 1 day ago:
If you've ever been part of an organization that participated in
something like Google Summer of Code, you know this isn't fiction.
People really do behave like this.
ValentineC wrote 23 hours 33 min ago:
I don't understand the analogy. Just how bad are the participants
of projects within Google Summer of Code?
ratsimihah wrote 1 day ago:
Wait do you reckon that could be fictive? The thought didn't cross my
mind and I had a blast reading it. I sure hope it was real.
jraph wrote 1 day ago:
FWIW a friend of mine who's part of DN42 told me they had seen it
live (but didn't pay much attention) and that it was a bit funny
when I shared that link with him.
pjc50 wrote 1 day ago:
Is LLM output "real" or "fiction"?
jknoepfler wrote 1 day ago:
I consider it on-par with LinkedIn posts. It inhabits a
nether-space between reality and fiction where names, numbers and
buzzwords are thrown around without much concrete connection to
reality.
The LinkedIn MBA hive-mind doesn't give a shit about reality, it
gives a shit about what it could be fired for saying/not-saying.
It must always be saying something, what it is saying must
promise growth, and what it is saying must sound similar enough
to what the long-tail of influential business "luminaries" (who
are bound by the same rules) are saying. It is required to frame
thinking in terms of techno-babble and pop-psychology (thank you
for coming to its TED talks). It is not allowed to reflect, wring
its hands, think critically, lean on math, logic or history, or
contradict the S&P 500. It does not care, for example, if NFTs
are an obvious scam, or if we're headed for an obvious bubble, or
if nobody who interfaces with reality for a living agrees with
what its saying. When it errs and lights trillions of dollars on
fire it shrugs and moves on. It's a babble-box with no epistemic
commitments and a very thin referential connection to reality.
It nevertheless has the power to shift literal trillions of
dollars of capital over time.
wccrawford wrote 1 day ago:
It's actually all fiction, it's just that a lot of it happens to
line up with reality, thanks to a lot of coercion.
IMO, that's what makes the tech so amazing.
sigmoid10 wrote 1 day ago:
I think the PR from an agent sounds legit, but the whole part once
the alleged operator joins in sounds fishy. Wouldn't be surprised
if someone saw the PR comments and used the username mentioned by
the agent to troll around in the chat. It would also mean that the
AWS creds were probably stolen and their expiration date was truly
a hard limit for the whole operation.
dannyw wrote 1 day ago:
I burst out laughing when the agent spawned a subagent to join IRC.
So funny.
Paracompact wrote 1 day ago:
Anyone reminded of the infant AI Yatima from Greg Egan's Diaspora?
The agent's complete naivety of social norms is so comically
adorable.
db48x wrote 1 day ago:
I was reminded more of the alien AI from Constellation Games,
which spawned sub sub sub agents to interview humans.
The protagonist sends a message to the aliens asking to be
allowed to review the alien civilizationâs computer games. An
AI submind called
Smoke-Cursive-Cytoplasm-Snakebite-Singsong-Polychromatic-Mustelin
e is given the task of contacting him by IM to begin the
conversation. Its job is only to verify that they are talking to
the right human (since not every human has a unique name) so it
is only a simple chatbot and can only understand YES and NO
responses. It asks if the protagonist understands and gets a
sarcastic NO. It has to contact its parent mind
Smoke-Cursive-Cytoplasm-Snakebite-Singsong-Polychromatic to ask
what to do next. After working his way up the tree of subminds by
answering questions of increasing complexity asked by subminds of
increasing capability, the protagonist briefly talks to
Smoke-Cursive-Cytoplasm-Snakebite which sets him a task to prove
that itâll be worth an (alien) anthropologistâs time to talk
to him.
Smoke-ccs-762d: Well, if it isnât Mr. Sarcasm
ABlum: YES
Smoke-ccs-762d: Donât quit your day job.
Smoke-ccs-762d: Iâm Smoke-Cursive-Cytoplasm-Snakebite.
Smoke-ccs-762d: Letâs get down to business.
joe_hills wrote 1 day ago:
I need to re-read Constellation Games soon. Lately I keep
coming back to considering the expectations that its alien
society has for the caretakers of artificial intelligence.
Spinning up AI isn't hard for them from a tech standpoint, but
since the AI is advanced enough to be considered life, anyone
who creates it needs to be responsible enough to be qualified
to adopt.
isoprophlex wrote 1 day ago:
All the time. Only in the current setup, they'll never outgrow
this phase.
DIR <- back to front page