Letting inmates run the asylum: Using AI to secure AI

Comments (11)

ofjcihen · 12m ago

This has already been leading to some incredible profits for security companies like mine.

So please, don’t be too loud about how terrible it is :)

malfist · 1h ago

According to my company's senior leadership there's nothing the magic dust of AI can't solve. Even problems with AI can be solved by more AI

kelseyfrog · 33m ago

This is where it gets fun.

We're on the precipice of being able to install AI into positions of business critical processes. Hiring, billing, sales, and compliance. It's going to be great watching c-suite and VPs who are drunk on the sauce accept AI in these positions and get golden parachutes when the business ends up facing a massive external audit, fraud, and the possibility of bankruptcy.

bongodongobob · 9m ago

Pfft. The hammer will come down IT leadership, not execs.

andy99 · 5m ago

IT leadership will blame their subordinates, the ones that knew better - somehow in these things it's always the people who should be able to say "I told you so" that get the blame.

nicce · 1h ago

This reminds me about "The Emperor's New Clothes" way too much.

aurumque · 18m ago

And yet when I recommend that replacing senior leadership is one of highest ROI potentials for AI they immediately shut down the conversation.

jimt1234 · 1h ago

We must work at the same company. LOL

bink · 37m ago

I think it's funny that I don't see any findings from either Claude or DataDog that couldn't be detected using static analysis. They're pretty simple code bases and maybe that's why.

I'll pay more attention when they start finding vulnerabilities in commonly used, more complex applications.

mmsc · 1h ago

Currently living through a great litmus test of competency versus luck by company leaders

ohdeargodno · 31m ago

At this point, fuck it, do it, I'm here for the laughs now.

Let Claude run on your production servers and delete ld when something doesn't run (https://www.reddit.com/r/linux4noobs/comments/1mlveoo/help/). Let it nuke your containers and your volumes because why the fuck not (https://github.com/anthropics/claude-code/issues/5632). Let the vibecoders put out thousands of lines of shit code for their stealth B2B startup that's basically a wrapper around OpenAI and MySQL (5.7, because ChatGPT read online that MERN is a super popular stack but relational databases are gooder), then laugh at them when it inevitably gets "hacked" (the user/pw combo was admin/admin and PHPMyAdmin was open to the internet). Burn through thousands of CPU hours generating dogshit code, organising "agents" that cost you 15 cents to do a curl https://github.com/api/what-did-i-break-in/cba3df677. Have Gemini record all your meetings, then don't read the notes it made, and make another meeting with 5 different people the next week.

It will reveal a bunch of things: which companies are ran by incompetent leaders, which ones are running on incompetent engineers, which ones keep existing because some dumbass VC wants to throw money in the money burning pit.

Stand back, have a laugh. When you're thrust in a circus, don't participate in the clown show.

VC-backed company just killed my EU trademark for a small OSS project

F-Droid build servers can't build modern Android apps due to outdated CPUs

Ask HN: How do you tune your personality to get better at interviews?

Ask HN: What are your favorite obscure but brilliant C/C++ libraries?

Ask HN: What's your most valuable query to an LLM?

Ask HN: How are you scaling AI agents reliably in production?

One weird trick to making Claude Code palatable to use

Individual Bestbuy email subscription pages are apparently indexed by Google

What would you name a new programming language?

Ask HN: How is Cognition able to raise at $10B?

Ask HN: Is the rise of AI tools going to be the next 'dot com' bust?

Ask HN: How can ChatGPT serve 700M users when I can't run one GPT-4 locally?

Ask HN: What alternatives to GitHub are you using?

Ask HN: What "developer holy war" have you flip-flopped on?

Ask HN: Do you use personal AI Agents?

Ask HN: What toolchains are people using for desktop app development in 2025?

Ask HN: Is Twilio necessary and required to build text and voice agents?

Ask HN: How do you connect with other founders in your city?

Ask HN: Are there software engineering areas that are safe from LLMs invasion?

Ask HN: What's stopping Guix from building static binaries for various targets?

Ask HN: Is there an AI that can read code aloud and explain it?

Ask HN: How do you like your RSS feed?

Ask HN: Why aren't more developers using AI tools?

What is the learning curve for using generative AI effectively?

My inbox is a mess from signing up for everything. How do you handle it?

Best area of AI to focus on for a front end developer?

Ask HN: Why Is My Happiness Tied to My Productivity?

Ask HN: With all the AI hype, how are software engineers feeling?

Gemini's brutal assessment of a vibe coding session

Letting inmates run the asylum: Using AI to secure AI

Comments (11)