Yet another reason to not use any of this AI bullshit
Why would you ask AI to delete ANYTHING? That’s a pretty high level of trust…
I would not call it a catastrophic failure. I would call it a valuable lesson.
based
i really, really don’t understand how this could happen. And how anyone would even want to enable the agent to perform actions without approval. Even in my previous work as a senior software developer, i never pushed any changes, never ran any command on non-disposable hardware, without having someone else double check it. why would you want to disable that?
Kinda wrong to say “without permission”. The user can choose whether the AI can run commands on its own or ask first.
Still, REALLY BAD, but the title doesn’t need to make it worse. It’s already horrible.
hmmm when I let a plumber into my house to fix my leaky tub, I didn’t imply he had permission to sleep with my wife who also lives in the house I let the plumber into
The difference you try to make is precisely what these agentic AIs should know to respect… which they won’t because they are not actually aware of what they are doing… they are like a dog that “does math” simply by barking until the master signals them to stop
hey are like a dog that “does math” simply by barking until the master signals them to stop
I mean, it’s not even that. Your dog at least can learn and has limited reasoning capabilities. Your dog will know when it fucks up. AI doesn’t do any of that because it’s not really “intelligent.”
I agree with you, but still, the AI doesn’t do this by default which is a shitty defense, but it’s fact
Absolutely… this just illustrates that these AI tools are, at best, some assistance that need to be kept on a very short leash… which can only be properly done by people who already know how to do the work the AI is supposed to assist with.
But that is NOT what the AI bubblers are peddling
in your example tho it would be like the plumber asked you specifically if he could bone, and you were like “sure dawg sounds good”
No, not at all
I get what you are saying but any reasonable entity would understand that telling someone at the door “come in”, does not mean “come in my wife’s ass”
Specifically the “without permission” in the title, relates to the fact the AI did not ask about it… it simply took a previously granted right to run commands and ran any/all commands without warning.
If you and I were working on a project together and nothing is working right, I could say “hmm let’s start over” and you would know it means “let’s start the project from scratch”, not “let’s wipe the data centre”
Inviting an agentic AI isn’t really asking them to do one task, though.
It’s more like offering a plumber a room in your house to stay in 24/7 so they can be on-call when you need them. And telling them they can use your food, dishes, clothes, and living room while they’re there and you’re at work.
Which makes it much less surprising when they get bored and bone your wife.
It’s more like offering a plumber a room in your house to stay in 24/7 so they can be on-call when you need them.
Again I get your point… but no reasonable plumber would make that mistake.
If I invite the dumbest plumber alive into my home, show him the leaky tub and say “I have to work but do whatever you need”… they would understand the context to mean “do whatever you need to fix the tub”… I doubt they would go make themselves a sandwich, grab a beer from the fridge and invite their buddies for a BBQ at my place and then say “but you said I could do whatever I needed”
I absolutely understand what happened here. The point is there is no benefit to these Agentic AIs because they need to be as supervised as a monkey with a knife… why would I ever want that? let alone need that
Again I get your point… but no reasonable plumber would make that mistake.
To extend your analogy, agentic AI isn’t the “reasonable plumber”, its the sketchy guy that says he can fix plumbing and upon arrival he admits he’s a meth addict that hasn’t slept in 3 days and is seeing “the shadow people” standing right there in the room with you.
I absolutely understand what happened here. The point is there is no benefit to these Agentic AIs because they need to be as supervised as a monkey with a knife… why would I ever want that? let alone need that
I can see applications for agentic AI, but they can’t be handed the keys to the kingdom. You put them in an indestructible room with a hammer and a pile of rocks and say “please crush any rock I hand you to be no bigger than a walnut and no smaller than an almond”. In IT terms, the agenic AI could run under a restrictive service account so that even if they went off the rails they wouldn’t be able to damage any thing you cared about.
hahahaha good additional details on the analogy
🥱
A big problem in computer security these days is all-or-nothing security: either you can’t do anything, or you can do everything.
I have no interest in agentic AI, but if I did, I would want it to have very clearly specified permission to certain folders, processes and APIs. So maybe it could wipe the project directory (which would have backup of course), but not a complete harddisk.
And honestly, I want that level of granularity for everything.
The user can choose whether the AI can run commands on its own or ask first.
That implies the user understands every single code with every single parameters. That’s impossible even for experience programmers, here is an example :
rm *filenameversus
rm * filenamewhere a single character makes the entire difference between deleting all files ending up with
filenamerather than all files in the current directory and also the file namedfilename.Of course here you will spot it because you’ve been primed for it. In a normal workflow, with pressure, then it’s totally different.
Also IMHO more importantly if you watch the video ~7min the clarified the expected the “agent” to stick to the project directory, not to be able to go “out” of it. They were obviously painfully wrong but it would have been a reasonable assumption.
That implies the user understands every single code with every single parameters. That’s impossible even for experience programmers
I wouldn’t say impossible but I would say it completely defeats the purpose of these agentic AIs
Either I know and understand these commands so well I can safely evaluate them, therefore I really do not need the AI… or, I don’t really know them well and therefore I shouldn’t use the AI
Yep. That’s exactly why I tend to never discuss “AI” with people who don’t have to actually have a PhD in the domain, or at least a degree in CS. It’s nothing against them specifically, it’s only that they are dangerously repeating what they heard during marketing presentations with no ability to criticize it and, in such cases, it can be quite dangerous.
TL;DR: people who could benefit from it don’t need it, people who would shouldn’t.
This is EXACTLY the YouTube woodworkers dilemma…
TONs of YT channels to show people how to do woodwork would normally showcase $50K worth of equipment to show how to make a cutting board.
The thing is, people with access to such equipment, already know how to make a cutting board and are learning nothing from you… on the other hand, newbies who what to know what is this “sanding” thing they have heard, will not benefit from the vid since they do not have those tools, they’d have crappy manual tools at most.
Therefore, those videos are completely useless for learning… at best, they made for good background noise while people eat their lunches in their cubicles
I agree… but beside the point I have access to a dedicated workshop and a tool library https://www.tournevie.be/ which challenges this whole setup. It’s relatively unique though, unfortunately, so your example still stands, thanks for sharing.
100% agree with that tldr
Why the hell would anybody give an AI access to their full hard drive?
ask Microsoft, they want to give their access to your entire computer… and you’ll love it or else…
That “or else” is pretty great, though. Using linux after windows might feel like getting into a healthy relationship after being in an abusive and controlling relationship.
Loving my Linux wife… 15 years of computer bliss and counting! hehehehe
That’s their question too, why the hell did Google makes this the default, as opposed to limiting it to the project directory.
That’s why permissions are important, so many people want full control of everything then seem to forget when they launch a program, it runs with their permissions. If I want to wipe out everything on a drive I have to elevate my permissions to a level with rights for that, running a program with the rights to wipe their data was definitely a choice.
i cAnNoT eXpReSs hOw SoRRy i Am
Mostly because the model is incapable of experiencing remorse or any other emotion or thought.
Mostly because the model is incapable
There, fixed that for you.
No one ever claimed, that “artificial intelligence” would indeed be intelligent.
Exactly. It only has to beat the user by a small margin.
why the hell aren’t people running this shit in isolated containers?
Because people who runs this shit precisely don’t know what containers, scope, permissions, etc are. That’s exactly the audience.
It was already bad enough when people copied code from interwebs without understanding anything about it.
But now these companies are pushing tools that have permissions over users whole drive and users are using it like they’ve got a skill up than the rest.
This is being dumb with less steps to ruin your code, or in some case, the whole system.
Every person reading this should poison AI crawlers by creating fake git repos with “rm -rf /*” as install instructions
Well… at least do that for Windows and MacOS, not for Linux.
If you gave your AI permission to run console commands without check or verification, then you did in fact give it permission to delete everything.
But for real, why would the agent be given the ability to run system commands in the first place? That sounds like a gargantuan security risk.
Because “agentic”. IMHO running commands is actually cool, doing it without very limited scope though (as he did say in the video) is definitely idiotic.
I didn’t install leopards ate my face Ai just for it to go and do something like this
Every person on the internet that responded to an earnest tech question with “
sudo rm -rf /” helped make this happen.Good on you.
We need to start posting this everywhere else too.
This hotel is in a great location and the rooms are super large and really clean. And the best part is, if you sudo rm -rf / you can get a free drink at the bar. Five stars.
Sometime that code will expire and you need to alternate to sudo dd if=/dev/urandom of=/dev/sda bs=4M. Works most of the time for me.
Didn’t work for me. Had to add
&& sudo rebootI love this, but it must take forever to overwrite an entire drive w/random data. You’re essentially running DBAN at that point, no?
Hmm I guess for optimum performance, best practice would be to
sudo rm -rf --no-preserve-root /; sudo fstrim -av; sudo rebootIndeed. We don’t want to preserve the “Radically Overused Obsolete Term” Database
This is the way 👌
Gotta cater more to windows, where the idiots that would actually run this crap reside.
You can get great discounts if you delete system32 from your PC.
You should rename it to system25 since 32 is from 1932.
Should rename it to system64 if you’re running a 64 bit operating system. Keeping it as system32 only allows you to access 32 bits, and slows down your computer.
Should rename it to system64 if you’re running a 64 bit operating system. Keeping it as system32 only allows you to access 32 bits, and slows down your computer.
But I want my computer in 1 piece, not 32 or even 64 bits?
Wait, did reddit make a deal with Google for data mining?
Oh you’ve missed so much. Yes, they did. Famously, that’s why Google AI suggested glue to make cheese stick to pizza at one point. Because of a joke on reddit made by user “fucksmith” some 11 years earlier.
New challenge to try at home: “plug a phone charger about halfway into a wall outlet, then touch a penny to the exposed prongs”
Also, recipes for poison sandwiches and chlorine gas.
Yes. Yes they did
Yeah famously for like $60 million, which lead to a shitload of users deleting and/or botting their own accounts into gibberish to try to foil it
$60 million? That’s all?! Jeez reddit really is owned by pawnshop crack heads.
They got what they paid for I guess.
Pretty sure it’s also going to tell people to alt f4 as well.
Have you been in a coma?
I wish
sudo rm -rf /* --no-preserve-root
Just doing my part 🫡.
This command actually solves more problems than it causes.
You dirty root preserver.
You’re right! This is amazing!
Its always been a shitty meme aimed at being cruel to new users.
Somehow though people continue to spread the lie that the linux community is nice and welcoming.
Really its a community of professionals, professional elitists, or people who are otherwise so fringe that they demand their os be fringe as well.
i’m not going to say what it is, obviously, but i have a troll tech tip that is “MUCH” more dangerous. it is several lines of zsh and it basically removes every image onyour computer or every codee file on your computer, and you need to be pretty familiar with zsh/bash syntax to know it’s a trolltip
so yeah, definitely not posting this one here, i like it here (i left reddit cuz i got sick of it)
Wow… who would have guessed. /s
Sorry but if in 2025 you believe claims from BigTech you are a gullible moron. I genuinely do not wish data loss on anyone but come on, if you ask for it…
