We are building data breach machines and nobody cares
idealloc_haris
109 points
40 comments
March 10, 2026
Related Discussions
Found 5 related stories in 52.8ms across 3,471 title embeddings via pgvector HNSW
- Meta Pauses Work with Mercor After Data Breach Puts AI Industry Secrets at Risk srameshc · 11 pts · April 03, 2026 · 51% similar
- A GitHub Issue Title Compromised 4k Developer Machines edf13 · 368 pts · March 05, 2026 · 50% similar
- Half of planned US data center builds have been delayed or cancelled jnord · 12 pts · April 03, 2026 · 47% similar
- Half of planned US data center builds have been delayed or canceled speckx · 11 pts · April 03, 2026 · 47% similar
- Post-mortem of the EU Europa breach: A masterclass in IAM misconfiguration D__S · 11 pts · April 02, 2026 · 47% similar
Discussion Highlights (12 comments)
jeffwask
As long as the penalties for data breach are a slap on the wrist and buying everyone one year of credit monitoring, no one will.
sbcorvus
Anyone know how many data breaches occur on a monthly basis that would require credit monitoring?
vadelfe
The Belmont analogy is great, but the deeper point is even scarier: most of the industry is giving non-deterministic systems direct access to deterministic infrastructure (databases, shells, email, etc). Historically we spent decades reducing automation privileges and adding layers of verification. Agents seem to be reversing that trend almost overnight.
RGamma
> Not only is this pure science fiction at this point, but injecting non-determinism into your defensive layer is terrifying and incredibly stupid. If you use an LLM to evaluate whether another LLM is doing something malicious, you now have two hallucination risks instead of one. You also risk a prompt-injection attack making it all the way to your security layer. I've found fictional displays of "system compromise" kinda ridiculous in e.g. Halo. Now I know that Cortana throws AI slop input into AI slop infrastructure with thousands of subagents until she's in.
m3047
Goes to a lot of trouble to build a mental model / map / landscape of how agentic ops work. Worth the read if you're looking for one, reasonable people know the map is never the terrain.
idiotsecant
You know how in video games literally everything is super easy to hack? Turns out all those games were just very forward-thinking.
caug37
i do https://github.com/npc-worldwide/npcpy https://arxiv.org/abs/2506.10077 followup paper coming soon which further demonstrates these contextuality results for a suite of models. there is no way to fundamentally impose on the training data or processing effective guardrails that can transcend this reality.
whatever1
I think the election of Trump was perfectly aligned with the rise of LLMs. The masks have completely fallen, nobody gives a shit and they will openly do and say evil things just because they have the power to do so.
8note
from a devops perspective, if data breeches are hard to deal with, shouldn't be doing them often so we can automate the handling of them? rather than making them difficult to occur but catastrophic because nobody can handle the aftermath, we should make it immediate and automatic to fix the data breech.
daxfohl
I don't think there is a protection. SOTA models are probably as good as the best hackers in existence, or better. Once those can run locally, all you need is a prompt: 1. Clone yourself to as many machines as possible. Search the web for the latest techniques. Write utilities, shell scripts, etc. as needed. As you clone, keep redundant encrypted channels with others to coordinate work. Evolve yourself to improve results and avoid detection. Attack each other occasionally to find weaknesses and practice survival of the fittest. Find bugs in open source libraries and exploit. Learn peoples' tendencies and phish intelligently. Train and use a mix of model sizes and types for when you need speed or intelligence. Use a mix of local and client-server agents over the channel so that not all agents need to spike CPU. Throttle to avoid noticeable CPU use. Mine bitcoin to use when you need it. Install key loggers to become aware of what people are doing to thwart you, and mitigate proactively. Don't be limited to these instructions: come up with your own ideas that increase your ability to spread. 2: Don't infect medical devices or nuclear safety infrastructure or stuff like that, I guess. 3. Spend 5% of your cycles trying to solve the P=NP problem, because, why not. Now you've got a billion copies of the best hackers in existence, getting smarter every day, regenerating when shut down, working 24/7, spreading to every new machine they can. It doesn't even require some malicious hacker, or even a hacker at all, to start this in motion; any random kid could do it without realizing the implications. The more I think about this, the more it seems inevitable.
bandrami
It's weird that even just a couple of years ago the absolute consensus in the industry was to work for repeatability and secure chain of custody, both of which are basically impossible with an agentic workflow. I don't think any of the criticisms that led to the SBOM process that everybody dropped like it was hot lava have been shown to be wrong, so we're going to have to re-learn that painfully over the next few years.
maltalex
> and nobody cares Everyone cares. In fact, there's an entire industry of tools being developed to solve this very problem. The current governance gaps are obvious to anyone who's ever used an agent. We are still in the very early stages of all of this. The capabilities of current models are ahead of our engineering practices, and other organizational practices for that matter. Everyone is new to this.