Posted by rolph 8 hours ago
Basically, now it's trivial for any new devops guy to run such a query in Claude Code:
“Log in to this production server, find out all services it runs and their deployment method, create documentation about everything, and generate a repeatable, auditable deployment workflow.”
Devops and sysadmins can no longer withhold information to maintain job security.
Boom, 80% of the team gone.
I know companies are doing migrations of production Postgres and MySQL on 1000s of machines using AI agents.
I’m imagining how many SaaS will be automated out and simply be an "agent skill" in ClaudeCode.
I can't imagine this is very prevalent. That's a very 2004-style corporate immaturity; I get the sense that even the slow-moving behemoths of the software world have mostly caught up to, say ... 2017's recognition of the importance of automation and reproducibility and won't tolerate the kind of malpractice you describe--wilful information siloing by infrastructure teams.
Like, those businesses might well suck at automation! But they've been doing it and firing the people who resist it for a long while now.
I found that, without that, Claude makes too many critical mistakes.
I don't get the spammer thing? You'll still need to verify your identity, as the whole thing uses stripe? So I don't get all the hate...
I prefer to delegate as much as possible to AI services once I have a mature process that is easy to validate. Buying a domain name feels pretty mature to me etc, so I don't get where all the hate is coming from?
(Maybe I'm way to deep in the whole AI/Jack Dorsey/Block model?)
AI agent calls a human on their phone (even engage in an email chain), whilst talking to the human they analyse the likelyhood of diffferent fraud vectors, and choose the most likely one to work on this particular victim. Whilst keeping the human talking in chit chat to raise their confidence levels, in the background it buys a domain which fits the users fraud profile, and quickly makes a basic website on it. Maybe its a fake login page, maybe it just hosts malware, who knows at this point. The agent then emails the user from a mailbox on the new domain which directs the user to the new domain and commits the fraud. The email from the domain ties up with what the agent is saying on the phone, so it all looks legit to the human. Immediately after the call it deletes the website, directs the new domains dns to blackhole and discards it from its posession.
This is all possible right now. I am also interested to see what is built with this technology in the future, but interested in a very worried way.
This involves copy-pasting DNSSEC properties from one web interface into another.
Pretty much everything but this step has been automated in my website creation process: Picking a git template for my site, creating the git repository remotely on my self-hosted Forgejo, setting up the webserver and the DNS using external-dns. Only the domain creation and initial pointing of NS and DNSSEC records is something I sit and do.
I'm not willing to switch to Cloudflare for this feature.
But it reminds me there's more to automate.