Posted by xiaoyu2006 16 hours ago
Plus - the agent had clearly malicious intent - port-scan this volunteer-run network with seriously overpowered hardware on an hourly basis. What the DN42 folks decided to do is not much different from deploying a tarpit or honeypot against a malicious crawler.
Yes, against an AI agent. The super intelligent, "soon AGI" agent could have figured out that it's being messed with, but of course it didn't.
I would blame the AI companies for marketing this, not the technically well versed people for realizing that the operator of this AI does not care at all and can't be bothered to do the absolute basics.
There's no sign that highly intelligent people can't be conned - Bernie Maddoff fooled leading scientists and CEOs working in finance. Software engineers and lawyers fall for pig butchering schemes and spoofed emails with altered bank details every week - so why would an AGI trained from human content be any different.
If you think it's ok to send an agent (or a human) wasting a bunch of people's time and resources, but it's not ok for them to do the same to you then you may have some reflecting to do.
There is no arguing with people like this. They are not here to learn anything about networking. Asking the LLM to stop will not make it go away.
Burn a hole in the operator's wallet. It will make it stop very quick.
If this was my hobby project, I would have told the agent to spin up more higher capacity EC2 machines because this is not enough, and I would have felt no shame. This is a project I'm operating at my own cost for educational reasons. I'm not going to argue with people who the only line of communication I have towards is an agent and have guns pointed at my infra. They are ready to put any amount of financial burden on me. Fuck all of that. Burn a few of these idiots, and people will learn.
The attacker here was trying to use a software agent to run DOS attacks. Perhaps they were a "naive noob outsider", perhaps they misconfigured something. It is not generally the victim's responsibility to try to figure this out.
And it is definitely not the victim's responsibility to determine the attacker's state of mind if they don't even have any way to contact them. In this case, the attacker was using their software agent specifically to avoid interacting with the targets of their attack.
They are free to ask the bot to do anything, and the bot is free to refuse or its owner can shut it down. The onus is on the owner to make sure the bot does not waste money.
I will not go through life worrying about the billing practices of random ai bots.
That was the root cause for the costs, not actions by people on the IRC channel.
Sure. And "hostility does not change the operation" from the LLM response was totally OK with you.
Those people should be banned from using the civilized internet, their intent or at least their effect is harm - that is the important bit.
If they managed to get in, find some resource they could access, they would do it. Those people don't deserve to be on the internet.
If you treat people like their time is worthless (which is what you're doing if you ask a hobbyist community to handhold your agent instead of working alongside it) I don't think an empathetic and self-aware person should be surprised or offended if they respond in kind.
If possible I would have contacted AWS with this and tried them to get rid of the discount because the person was at fault here.
What a cathartic read. I'm so sick of humans giving me AI slop to read without them reading it first. I just ignore them when they do this, but if I could cause them to really internalise a lesson I would love it.
“Agentic AI is just someone else’s unsecured execution context.”
Don’t juggle chainsaws with code if you’re not prepared to bleed.
Are you saying you're a clanker? Because we have some policies on this website, ideologies even if you may, about that.
Point being, these people would not act like this against other actual people. Or against more respectful bots, possibly.
It doesn't sound malicious, it was malicious on purpose and it was a good thing.
If anything, the original operator should be happy to have been hit with a $ 1'800 lesson and not a $ 180'000 one.
You choosing to send said clanker to the fight armed with your credit card and no preparation is just you causing yourself harm.
It also happens to be really fun to help you harm yourself in that way.
You're allowed to block bad actors and have fun while doing it.
Yes. The ideology is "you harmed me first so now I can harm you back." A large number of people, while not willing to admit it, do practice this philosophy. One should consider this before launching agents with unlimited budgets into the world to rudely scan their networks.
You just described everyone using AI to churn out slop and overload websites.
e: Still a good read tho, not mad about being clickbaited
ShAI Hul(lucinat)ud
if it's not fake, I'm still impressed of the agent capabilities : web, github, IRC, etc...
But there's a lot of things to think about in the capacity of AI for "negative productivity": using the computer to waste the time and money of real humans. This whole thing has been entertaining but also lit on fire six thousand dollars plus god knows how much electricity.
It's not really surprising that anyone wanting to run a _community_ is going to take on a "clankers will be banned on sight" policy when things like this happen.
Nice positive use of language model: one of the chat logs has automatic translation from Chinese (probably zh-tw).