> Could a rogue agent theoretically run a destructive command? Sure. Have I seen it happen in weeks of usage? Never.
I've been in cybersecurity over a decade, and this still blows my mind. It’s classic cognitive dissonance or just normalized deviance. People get used to doing unsafe things until the system breaks.
Best analogy I use: seatbelts. In the U.S., wearing a seatbelt is automatic. Zero thought. In other parts of the world, not so much. Ask why, and you’ll hear: “I’m a good driver. Never had an accident. Don’t need it.” That’s not logic. That’s luck confused with safety.
The difference? Conditioning. Risk comprehension. Cultural defaults.
Same thing happens in software. No amount of UI warnings will stop people from doing dumb things. Running as root, disabling SELinux, exposing prod databases to the open internet. Happens constantly.
Anthropic gave a user the ability to do something they know is risky. Anthropic understands "LLM Trifecta" vulns. This person has no idea.
Strap in, we're in for a wild ride.
bearjaws · 4h ago
Claude Code must be Anthropics halo product.
I went from API only, to $100 a month, to $200 a month Max plan, after only 2 weeks.
The cycle of Plan -> Generate code -> test -> commit works incredibly well, and being able to parallel code front end and back end changes is wild. Add in the fact it can run tests and MCP for SQL... It's really starting to show promise.
Claude Code was the first time I thought CRUD programmers are actually in trouble.
I've been doing a lot of work on Moodle recently, for those who aren't familiar Moodle is a 20 year old PHP learning management system. With all the code combined for frontend and backend its near a million LOC. Claude Code handles it perfectly now.
I've been in cybersecurity over a decade, and this still blows my mind. It’s classic cognitive dissonance or just normalized deviance. People get used to doing unsafe things until the system breaks.
Best analogy I use: seatbelts. In the U.S., wearing a seatbelt is automatic. Zero thought. In other parts of the world, not so much. Ask why, and you’ll hear: “I’m a good driver. Never had an accident. Don’t need it.” That’s not logic. That’s luck confused with safety.
The difference? Conditioning. Risk comprehension. Cultural defaults.
Same thing happens in software. No amount of UI warnings will stop people from doing dumb things. Running as root, disabling SELinux, exposing prod databases to the open internet. Happens constantly.
Anthropic gave a user the ability to do something they know is risky. Anthropic understands "LLM Trifecta" vulns. This person has no idea.
Strap in, we're in for a wild ride.
I went from API only, to $100 a month, to $200 a month Max plan, after only 2 weeks.
The cycle of Plan -> Generate code -> test -> commit works incredibly well, and being able to parallel code front end and back end changes is wild. Add in the fact it can run tests and MCP for SQL... It's really starting to show promise.
Claude Code was the first time I thought CRUD programmers are actually in trouble.
I've been doing a lot of work on Moodle recently, for those who aren't familiar Moodle is a 20 year old PHP learning management system. With all the code combined for frontend and backend its near a million LOC. Claude Code handles it perfectly now.