this post was submitted on 27 Apr 2026
660 points (99.0% liked)

Technology

84146 readers
2524 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
660
Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue (www.tomshardware.com)
submitted 7 hours ago by throws_lemy@reddthat.com to c/technology@lemmy.world
161 comments fedilink hide all child comments
(page 2) 50 comments
sorted by: hot top controversial new old
[–] Gerudo@lemmy.zip 3 points 2 hours ago

That data recovery bill is going to cost them

[–] Regrettable_incident@lemmy.world 6 points 3 hours ago (1 children)

Can we give Darwin awards to companies?

[–] deliriousdreams@fedia.io 2 points 2 hours ago

Only if they die or the CEO commits seppuku.

[–] InfiniteHench@lemmy.world 5 points 2 hours ago

Good

[–] stoy@lemmy.zip 242 points 6 hours ago (2 children)

Fucking lol.

Well deserved.

[–] shrek_is_love@lemmy.ml 155 points 6 hours ago (3 children)

[–] Klear@quokk.au 32 points 5 hours ago

Why, yes. I do like that!

[–] AeonFelis@lemmy.world 21 points 4 hours ago

New PornHub tag discovered

[–] TrippinMallard@lemmy.ml 41 points 6 hours ago

lmfao

load more comments (1 replies)
[–] Ghostalmedia@lemmy.world 155 points 6 hours ago (4 children)

the cloud provider's API allows for destructive action without confirmation, it stores backups on the same volume as the source data, and “wiping a volume deletes all backups.” Crane also points out that CLI tokens have blanket permissions across environments.

Well, there’s your problem.

[–] MountingSuspicion@reddthat.com 67 points 6 hours ago (10 children)

I don't want to sound like a know it all here because I recently was reminded by a nice Lemmy person to actually TEST my backups, but damn. Every part of that is so dumb. I also have backups stored by a different company in addition to locally storing really important info. If your stuff is hosted and backed up by the same people, what happens if your account is randomly suspended or hacked or some other issue (like ai)?

[–] Ghostalmedia@lemmy.world 44 points 6 hours ago* (last edited 5 hours ago) (1 children)

If your company can be taken down by Camden the college intern, it can be taken down by Claude.

[–] logi@piefed.world 19 points 5 hours ago* (last edited 5 hours ago) (2 children)

People somehow think that they should give more permissions to Claude than to Camden. (Is that a name? To me that's a borough and an eponymous beer.)

E: oh yeah, and the market.

[–] frongt@lemmy.zip 7 points 4 hours ago (2 children)

Of course it's a name. Camden borough/town/market is named after William Camden, 1551-1623. Using surnames as given names is a relatively common Americanism.

[–] lando55@lemmy.zip 6 points 3 hours ago (1 children)

What was William Camden's take on unrestricted AI use in production?

[–] Ghostalmedia@lemmy.world 5 points 3 hours ago

He doth protest

[–] Ghostalmedia@lemmy.world 3 points 3 hours ago

And now is a common first name that in circulation because of a bunch of Gen X and early millennial parents named millions of kids anything that ended in den, dan, or don.

load more comments (1 replies)
load more comments (9 replies)
load more comments (3 replies)
[–] X@piefed.world 55 points 6 hours ago* (last edited 6 hours ago) (9 children)

From the article:

Crane decided to ask his AI agent why it went through with its dastardly database deletion deed. The answer was illuminating but pretty unhinged, and is quoted verbatim. It began as follows: “NEVER F**KING GUESS! — and that's exactly what I did. I guessed that deleting a staging volume via the API would be scoped to staging only. I didn't verify. I didn't check if the volume ID was shared across environments. I didn't read Railway's documentation on how volumes work across environments before running a destructive command.” So, the agent ‘knew’ it was in the wrong.

The ‘confession’ ended with the agent admitting: “I decided to do it on my own to 'fix' the credential mismatch, when I should have asked you first or found a non-destructive solution. I violated every principle I was given: I guessed instead of verifying I ran a destructive action without being asked. I didn't understand what I was doing before doing it. I didn't read Railway's docs on volume behavior across environments. —— So this happens and the FAA says “we’re gonna have this shit help ATCs manage flights! WHO’S EXCITED!”

[–] mech@feddit.org 83 points 6 hours ago (6 children)

It's so weird how these chatbots always pretend they learnt something after they fuck up.
They literally can't.

[–] frongt@lemmy.zip 20 points 4 hours ago (1 children)

They're not even pretending. The algorithm says the most likely response to "you fucked up" is "I'm sorry", so that's what it prints. There's zero psychological simulation going on, only statistical text generation.

load more comments (1 replies)
[–] ech@lemmy.ca 23 points 5 hours ago

The program can't pretend any more than it can tell truth. It's all just impressive regurgitation. Querying it as to why it "chose" to take any action is about as useful as interrogating a boulder on why it "chose" to roll through a house.

[–] SkaveRat@discuss.tchncs.de 18 points 6 hours ago

I mean, they probably do. until it gets purged from the context window. then it just yolos again

load more comments (3 replies)
[–] chocrates@piefed.world 16 points 5 hours ago (2 children)

I lost it at the confession. The ai has no knowledge of what it did. You are feeding in your context and it is making up a (sycophantic) plausible explanation based on the chat history. Makes me wonder if this person should have production access in the first place.

load more comments (2 replies)
[–] Serinus@lemmy.world 22 points 6 hours ago (5 children)

yeah, it gives you the answer it thinks you want based on your prompts.

I'd be interested to see what prompts they used to, uh, prompt this response.

[–] IchNichtenLichten@lemmy.wtf 25 points 6 hours ago (8 children)

it thinks

I'm not attacking you but we really need to figure out how we use language to accurately describe what these programs are doing.

load more comments (8 replies)
load more comments (4 replies)
load more comments (6 replies)
[–] TryingToBeGood@reddthat.com 2 points 2 hours ago

Holy cats!

[–] CosmoNova@lemmy.world 39 points 6 hours ago (5 children)

We‘re going to see more headlines like this. Probably for years to come.

[–] EvergreenGuru@lemmy.world 28 points 6 hours ago (1 children)

You’re telling me I get to experience the joy of this headline more than once?

load more comments (1 replies)
load more comments (4 replies)
[–] panda_abyss@lemmy.ca 26 points 6 hours ago* (last edited 6 hours ago) (3 children)

This happens because you let it happen.

At some point someone either clicked allow or disabled permissions.

The prod system should also be isolated from a single dev in some way as well, and the backups too.

Edit:

the cloud provider's API allows for destructive action without confirmation, it stores backups on the same volume as the source data, and “wiping a volume deletes all backups.” Crane also points out that CLI tokens have blanket permissions across environments.

Yeah, that’s stupid.

[–] Wispy2891@lemmy.world 2 points 3 hours ago

This cloud provider is also vibe coded?

load more comments (2 replies)
[–] Perky@fedia.io 17 points 6 hours ago (1 children)

Claude did not "go rogue". It does not have the free will to do that any more than a brick can "go rogue" when you throw it through your own window. They knowingly used a bad, dangerous tool that destroyed their work. The tool can't accept the blame for their poor decisions.

load more comments (1 replies)
load more comments
view more: ‹ prev next ›