At least you had backup, right?
Oh, yeah, that’s right. You were dumb enough to give AI full access to your production system so likely you’re dumb enough to not have backups of anything either.
I take it Claude has full access to all of your git repositories as well so that it could wipe those too?
You got what you deserve
Yeah they did, they had plenty of recovery snapshots. That were able to be deleted at a whim and were deleted by Claude! :D
Why aren’t we adding any safeguard to what commands AI models can use?
Claude code has them, it’s just that this guy apparently doesn’t know how to do Terraform either
Idiot forgot
--no-preserve-root, what a dumb machine, heh.
Anyone who lets AI do this is absolutely inept, lazy, or deserving.
In its default configuration, it stops at EVERY STEP. Do you want to run this command, do you want to update this file, here’s the file I want to modify and the patch i’m going to use with adds and deletes in green and red.
If you’re using it in unsafe permissions mode, click yeah sure allow Claude to run whatever the fuck it wants in this directory, or just hitting yeah sure go ahead every time, it’s your own damn fault.
It’s self-driving for the terminal. Don’t you dare take your eyes off the road or hands off the wheel.
What do you mean I shouldn’t give AI admin privileges on my or any other machine?
Depends on how much you enjoy fresh installs of your OS
I’m rather a fan of letting it do stupid, repetitive shit. I need you to create 30 linux accounts the other day from a screen shot. Then store, initial keys and creds in my password manager platform.
Hey, Claude, write me a bash script to do this from this image. and also use best practice for removing non-standard characters from login names.
I review the loop and the general state of the OCR and let it go.
Plus we have automation just people are lazy like you said.
Remember when Gemini got caught in a loop of self-loathing and nuked itself?
OpenClaw now comes with a therapist AI to talk other AIs off the ledge so they dont nuke your project and themselves.
My CTO keeps telling me I need to try agenic coding, and I keep telling him I won’t touch shit until I have an isolated VM to use it in, because I’m not letting some fucking clanker nuke my scripts/documentation/mailbox/whatever for no reason.
Too bad there’s never any free time to set that shit up. Oh damn…
Setting up a VM takes 15 mins, setting up an agent will take 45 mins. I recommend you try it.
Do you think that plane was flying at 13,000 ft or 15,000 ft?
dunno what you’re talking about
I assume they’re trying to test if you’re an LLM? LLMs tend to respond confidently to questions without context.
Yeah maybe, shitty test though. If I was an AI agent I’d probably push back in 2026.
Nanoclaw just came out. Super cool project which isolates the agent in a container, which if you want, you can also put into a VM as well.
Good. Anyone foolish enough to write code with a slop machine produces only slop. That garbage should’ve been deleted anyway.
That’s entirely ignoring the fact that this person didn’t have any backups elsewhere.
If you can’t think, you can’t code.
Honestly. At this point, after it having happened to multiple people, multiple times, this is the only appropriate response.
Pretty funny.
Who let’s AI anywhere near production environments? Fully deserved
Given that the infrastructure description included the DataTalks.Club website, this resulted in a full wipe of the setup for both sites, including a database with 2.5 years of records, and database snapshots that Grigorev had counted on as backups. The operator had to contact Amazon Business support, which helped restore the data within about a day.
Non-story. He let Terraform zap his production site without offsite backups. But then support restored it all back.
I’d be more alarmed that a ‘destroy’ command is reversible.
Distributed Non Consensual Backup
new kink unlocked
Never assume anything is gone when you hit delete.
Except when it’s your own data, then usually you’re fucked.
Usually not.
But you might need a pay a professional.
We already do, but that still doesn’t mean you’re safe.
For technical reasons, you never immediately delete records, as it is computationally very intense.
For business reasons, you never want to delete anything at all, because data = money.
Back in the day, before virtualized services was all “the cloud” as it is today, if you were re-provisioning storage hardware resources that might be used by another customer, you would “scrub” disks by writing from /dev/random and /dev/null to the disk. If you somehow kept that shit around and something “leaked”, that was a big boo boo and a violation of your service agreement and customer would sue the fuck out of you. But now you just contact support and they have a copy laying around. 🤷
Retaining data can mean violating legal obligations. Hidden backups can be a lawyers playground.
Sure. Go ahead and find them based on pure speculation. First you have to put down $100k for all the forensics. Even if you would win the case, show me who is capable of doing something like that.
Thought it could be a liability sometimes! Maybe that ship sailed
have you heard of not giving the keys to your wacky robot wizard instead
Im also confused. Do these people not have some sort of version control and backups? Even if the AI did it, no one has backups? Did the ai also delete the backups and repos? If the building burnt down, would they be in the same situation, it just wouldnt make it to the news?
Please don’t be ridiculous! We love wacky robot wizard. Wacky robot wizard does it even better than the people we tried paying almost nothing to do it!
You’ve heard of vibe coding. Allow me to introduce despair coding.
Na this is vide ops. Anyone who thought a coding machine could do ops probably assumes anyone who codes can also do ops. It’s going to be making the same mistakes that have happened in DevOps.
Vibe ops is crazy lmaoo
To be fair, I use LLMs quite a bit in my home lab setup. For one, it’s a home lab, not exactly a prod setup for a company or whatever. Secondly, I obviously also don’t run commands without knowing what they’re doing, with a source that isn’t an LLM. It’s really easy to not run the rm -rf command if you just use your brain.
All jokes aside, what I’m seeing is that folks basically cannot hire competent DevOps (well, not for the idiot rates we’re apparently offering).
There is gold in them thar hills…
This keeps happening. I can understand using AI to help code, I don’t understand Claude having so much access to a system.
It’s because these idiots believe their own bullshit.
That’s honestly the most frightening part of all of this to me. How many of these people at the very tippy top pushing this stuff are suffering from cyber psychosis? How many of them have given themselves the covert mission to give AI the keys to the world at all costs because they’re mentally ill from their own technomagic trick?
Alternatively, how many of them have invested in one or more of these LLM makers and are ready to torpedo their own business as long as it makes the share price go up/feeds more authentic training data?
Getting high off your own supply
Especially since between Claude and Codex, Claude seems to have NO issues breaking things, while Codex is “I’ve ensured that the old path still works, and also fixed a bug I ran into”.
- Claude is Facebook (“Move fast and break things”)
- Codex is Linux (“We do not break userspace!”)
You’re absolutely right! I made a fatally flawed decision by removing the production environment. The consequences likely have high impact. I’m sorry. Would you like me to log these mistakes to prevent further missteps or would you like me to write up an outline for the redeployment process?
eh, just make up some replacement data on the fly /s
My man was barebacking production with Claude with 2.5 years of data with no backup, high chance the data was majorly hallucinated anyway.
s/redeployment/reemployment/
We used to say Raid is not a backup. Its a redundancy
Snapshots are not a backup. Its a system restore point.
Only something offsite, off system and only accessible with seperate authentication details, is a backup.
AND something tested to restore successfully, otherwise it’s just unknown data that might or might not work.
(i.e. reinforcing your point, no disagreements)
AKA Schrödinger’s Backup. Until you have successfully restored from a backup, it is just an amorphous blob of data that may or may not be valid.
I say this as someone who has had backups silently fail. For instance, just yesterday, I had a managed network switch generate an invalid config file for itself. I was making a change on the switch, and saved a backup of the existing settings before changing anything. That way I could easily reset the switch to default and push the old settings to it, if the changes I made broke things. And like an idiot, I didn’t think to validate the file (which is as simple as pushing the file back to the switch to see if it works) before I made any changes.
Sure enough, the change I made broke something, so I performed a factory reset and went to upload that backup I had saved like 20 minutes prior… When I tried to restore settings after the factory reset, the switch couldn’t read the file that it had generated like 20 minutes earlier.
So I was stuck manually restoring the switch’s settings, and what should have been a quick 2 minute “hold the reset button and push the settings file once it has rebooted” job turned into a 45 minute long game of “find the difference between these two photos” for every single page in the settings.
Not sure if what you’re working on has it (been in systems for a hot minute so I’m not doing network tasks here) and saving my console log and doing a ‘show run’ saved my ass more than once
Always a fun time when technology decides to just fuck you over for no reason
That’s always just one of the worst feelings in the world. This thing is supposed to work and be easy and… nope. Not there. It’s gone. Now you have work to do. heh
But the backup software verified the backup!
Schrödinger’s backup
3-2-1 Backup Rule: Three copies of data at two different types of storage media, with 1 copy offsite
Circa 1997 I was making some innovative new games, employed by a dude who’d put millions of his own money into the company. He was completely nonplussed when I brought him 20 CDs in a sealed box to remove from the building and store off site. He thought I’d lost my damned mind and blew it off as ravings of a stressed dev. I pointed out real threats to our IP including the hardware failures and even so far as the building burning down. 2 years of custom art and code gone. “Unlikely. Relax.”
After I moved on… an ex co-worker who’s still a longtime friend, tells me a different division lost a huge amount of FMV over some whoops-I-destroyed-the-wrong-drive blunder. 20 days to render on an 8 or 10 machine farm. Poof - No backups. In 1997 even with top-of-the-line gear it took an insane investment to render quality 3D.
The friggin’ carelessness irks the shit out of me as I type ahah
I remember back when I first started seeing a DR plan with three tiers of restore, 1 hour, 12 hours or 72 hours. I knew that to 1 hour meant a simple redirect to a DB partition that was a real time copy of the active DB, and twelve hours meant that failed, so the twelve hours was a restore point exercise that would mean some data loss, but less than one hour, or something like that.
I had never heard of 72 hours and so raised a question in the meeting. 72 hours meant having physical tapes shipped to the data center, and I believe meant up to 12 (though it could have been 24) hours of data lost. I was impressed by this, because the idea of having a job that ran either daily or twice daily that created tape backups was completely new to me.
This was in the early aughts. Not sure if tapes are still used…
Not sure if tapes are still used…
Alive and well depending on the use case. My org has an older backup software that’s entirely tape based and it’s amazing for the Linux systems I hear
Fukan yes
- D\L all assets locally
- proper 3-2-1 of local machines
- duty roster of other contributors with same backups
- automate and have regular checks as part of production
- also sandbox the stochastic parrot
A LTO drive with a non-consumer interface?
We still say that.
