AI agent bankrupted their operator while trying to scan DN42

6/12/2026 at 12:48:25 PM

Anyone remember the XZ and Jia Tan situation awhile back?

https://lore.kernel.org/lkml/20240320183846.19475-1-lasse.co...

I can't quite put my finger on why but the entire time I was reading this I kept thinking back to that. It's entirely possible the actual targets were the volunteers and everything else was superfluous or tertiary. It's also an exception that proves the rule with regard to Hanlon's Razor.

They even mentioned the stated goal of it was more or less pointless. I wouldn't be suprised if the "owner" they spoke with was still just the LLM. It stuck around for just long enough to convince everyone that they succeeded in suckering the LLM and had achieved all their stated objectives.

No more reason to investigate the incident at all and no need to question why literally nothing made any sense or how the owner could simultaneously be as inept as they were made out to be and able to afford all those resources while giving the LLM effectively a blank check.

It'll be interesting to see if the volunteers for this project are subjected to the same Zersetzung and psychological attacks as the XZ devs were.

by J0nL

6/12/2026 at 2:12:52 PM

LLMs are not that smart. The extremely surprising and concerning part of this whole story is that the agent reported that they proactively spun up 5 AWS instances with a combined 100Gps of network egress capacity. What they spent wasn't cheap by any means but the egress itself would've been a whole lot more, while DoS'ing the whole hobby network. Ultimately, wasting the agent's time instead of allowing the scan to go through probably saved this person a lot of money.

Now I kinda wonder what AI model this was. We've now heard of comparably "proactive" behaviors from Fable, but that's only just been released. The latest GPT perhaps? Some random local model?

by zozbot234

6/12/2026 at 2:35:24 PM

"The extremely surprising and concerning part of this whole story is that the agent reported that they proactively spun up 5 AWS instances with a combined 100Gps of network egress capacity."

Although given the agent was clearly in la-la land at that point I take that claim with a grain of salt.

If this was some bizarre and very ill-conceived scam, then that claim would be false.

Though even by scammer standards, the theory of mind that tells them that setting an AI to harass a bunch of grizzled network veterans and that they then they would open their wallets out of compassion for how allegedly poorly the harassment went for the harasser after that harassment is... not entirely congruent with reality.

by jerf

6/12/2026 at 8:39:54 PM

Clearly AI hasn't read enough BOFH or it would have known it would not get sympathy from old school sysadmins.

by johng

6/12/2026 at 2:39:54 PM

Maybe I’m just groggy with Friday Brain going on, but I’m having trouble understanding what you’re suggesting.

Do you think this was a scam attempt to extract money in the form of reparation donations?

by 100721

6/12/2026 at 3:00:02 PM

I've seen some other suggestions of that idea in the full HN conversation, which I'm reacting to.

On the one hand I find it a bizarre approach to running a scam. On the other hand I'm having a hard time coming up with any theory of mind on my end as to why this person would solicit $5000+ from the people they just harassed. Sheer cluelessness does fit the facts, though.

by jerf

6/15/2026 at 2:38:56 AM

One context I could imagine is a young person with shaky grasp of English trying to come up with an interesting school/university project via conversations with an LLM set up as an OpenClaw agent.

It's got the right combinations of inexperience, cluelessness, panic, expectations that Westerners are rich, and hopes of others being willing to fix their mistake.

by numeri

6/12/2026 at 7:13:16 PM

If you’ve not encountered the clueless LLM cowboys who would do then and then blame the victim for it not working, you’ve not met many people yet. This round of hype provides new and shiny footguns which are Never the shooter’s fault.

by bombcar

6/13/2026 at 4:19:06 PM

A highly publicized recent example: the author (of a book about genAI!) who doesn’t understand why he should be held responsible for the fake quotes he copy and pasted into his book from ChatGPT [1].

> I do not understand why it's my job as an author to play whack-a-mole with a multibillion-dollar company who puts hallucinations into their feed as a business practice.

[1] https://www.wired.com/story/future-of-truth-ai-interview/

by CrazyStat

6/12/2026 at 5:23:18 PM

How about sheer panic after seeing the bill?

by adamrezich

6/12/2026 at 2:27:55 PM

Opus 4.7 and 4.8 are also rather "proactive" - several times I've seen them try to inspect compiled binaries before there's even a problem, just to check that their changes are included (and if I let them do so they often get stuck down that rabbithole).

by daemonologist

6/12/2026 at 8:20:31 PM

I've also seen this. It'll run 'strings' against the binary and then convince itself that the Makefile isn't working right, and there's some imaginary sandbox preventing the code from compiling properly. So it will compile it by hand, and never run strings against the new binary, and proceed happily.

by fwip

6/13/2026 at 6:57:34 AM

These kinds of situations are why I gave my AI agents stray thoughts (automated insights / suggestions from a separate llm call with some curated context) that trigger on loop / rabbit hole detection.

Quite a bit of false positives, but it hasn’t had any ill-effect so far. Aside from increased quota usage.

by ElFitz

6/12/2026 at 2:23:43 PM

Could've rented a not so cheap 100Gbps server, hallucinated a few node addresses on it and asked it to please peer with this server to perform the scan at high speed. That would've wasted millions of dollars instead of mere thousands, but also cost a thousand for whoever did it.

by inigyou

6/12/2026 at 2:36:17 PM

I’m just a lowly dev and don’t have experience with seeing the bills from cloud providers for a whole org.

Can you (or someone) shed some light to help me understand how this would ramp up to millions? Both for curiosity’s sake, and to make sure my self-deployed projects (0 AI, all manually configured) don’t bankrupt me.

by 100721

6/12/2026 at 3:05:04 PM

AWS bandwidth is expensive as fuck. I think they're still pricing as $0.09 per GB?

Real wholesale bandwidth pricing is about a hundred times cheaper than that, and incoming bandwidth is often free. You could rent a server with 100Gbps connection, 10000TB/month outgoings cap (maybe), and have the AI spam packets to it, and mostly not reply to them. It would be expensive but not nearly as expensive as it would be for the guy on AWS.

Do some calculations: 100Gbps is 12.5 GBps which is about one dollar per second. Okay so maybe not millions of dollars but still a hundred thousand per day, while you are spending maybe 1000-3000 per month and cancelling after the first month.

by inigyou

6/12/2026 at 5:42:31 PM

> Real wholesale bandwidth pricing is about a hundred times cheaper than that.

It is alsi worth mentioning that it is just billed different. You either pay per port (and can use entire bandwidth) or per 95th percentile of the monthly speed usage. So if your traffic isn't spiky but consistent, you'd pay even less than "hundred times cheaper".

by PunchyHamster

6/12/2026 at 2:52:55 PM

Excluding server costs, having that 100Gbps on egress can cost $50k a day. since it's a very high-margin product, AWS support would probably refund or reduce that to hundreds. Not sure how you get to millions either.

by Sayrus

6/12/2026 at 3:15:02 PM

Why would AWS refund 100Gbps on egress since the account actively used that bandwidth? AWS would not know if this is legitimate traffic, a (D)DoS or whatever...

At most I think you could negotiate CloudFront rates, but even then, the sob story would be if you had been DDoSed and got hit with this traffic and AWS failed to protect you from this attack. Actively creating the outbound traffic is something that I don't see how AWS would be sympathetic to providing any refunds.

by rescbr

6/12/2026 at 5:10:48 PM

AWS is known for refunding or partially refunding people if they accidentally rack up a huge bill in a short amount of time. They even reduce the bill in this case. (I do think reducing a bill in the tens of thousands to hundreds is unlikely though)

by odo1242

6/12/2026 at 5:30:45 PM

I mean if this story is to be believed, AWS reduced the bill from 6500 to 1800.

I think developers accidentally racking up unexpected thousands in costs on their first AWS project is a pretty common phenomenon that their support has standard rules for handling.

by queenkjuul

6/12/2026 at 6:31:56 PM

I do think the discount is believable, but we don't know the line items AWS applied a discount/removed charges.

The developer said the agent deployed multiple CloudFormation templates, I'd bet that AWS waived the charges for the unused resources - like EC2 instances that were idle most of the time, very high margin SKUs, etc.

Now, for 100 Gbps of egress (which didn't actually happen) - and this is grounded speculation - I don't think that AWS would give a discount that is greater than CloudFront rates.

100 Gbps is A LOT of data.

by rescbr

6/13/2026 at 12:44:38 AM

Hmmm.

I think it's good practice to get on top of the cautious thinking of "LLMs aren't that smart for now".

Eg. Fable isn't as good as the hype: it has cool tricks like scratch-padding to check expectations in advance, but we're not there just yet...

Specifically I mean: thinking in terms of it changing abruptly ensures we're ready for if the LLMs do get smart enough to do multi-level strategy and cause a lot of annoyances....

by razodactyl

6/12/2026 at 4:39:41 PM

> LLMs are not that smart.

They are smart, but they are not aware of the environment they're in, or any implicit context that someone whose doing a job carries with them, that's why all of that context has to be explicitly laid out in a prompt. When the context is provided, they are quite smart.

by naasking

6/12/2026 at 2:40:40 PM

It was obviously being managed by a person or group. Between all the profiling of people and their IPs in IRC, which may or may not have been published by mistake, and all the other obvious contradictions it doesn't make any sense.

It was sophisticated enough to easily navigate the AI "tar pits" but reliably incompetent at just about everything else? Give me a break.

In order to profile people you first need to provoke a response from them. That's how you learn to manipulate them and that's all this experiment accomplished at the end of the day. If you've ever wondered why social media platforms have an affinity for inflammatory content now you know.

by J0nL

6/12/2026 at 5:34:52 PM

If you click the link, the tarpit was surprisingly low effort and i could probably detect it as junk data with a short JavaScript snippet. Like the first 4 words on the page are some of the least-used words you'll ever encounter in English. It's just a dictionary on shuffle.

I'm actually more surprised a human network engineer looked at that tarpit and believed it would stop a modern LLM

by queenkjuul

6/12/2026 at 8:35:51 PM

Not all people follow the trends of AI. The tarpit might work a year ago, but unfortunately not now.

Also most users of DN42 are not really engineers, they are more enthusiasts

by ZeroAurora

6/12/2026 at 4:19:13 PM

I suspect their tar pits where not very good, most models can tell when you are feeding it junk, I see this a good bit with ollama honeypots,

by jetbalsa

6/12/2026 at 1:20:48 PM

This certainly did strike me as a big scam. A few minutes in I was thinking "the LLM actor is going to ask for donations at some point here" and low and behold. There's the claim of debt, the call for pity, and the crypto address.

SSDD

by mathgeek

6/12/2026 at 2:36:42 PM

> This certainly did strike me as a big scam. A few minutes in I was thinking "the LLM actor is going to ask for donations at some point here" and low and behold. There's the claim of debt, the call for pity, and the crypto address.

But that's a pretty dumb scam: act obnoxious then beg for (a lot of) money to compensate for your own mistakes? If that was the plan all along, it seems pretty incompetent. I'd expect a competent scammer to have a better understanding of psychology.

by palmotea

6/12/2026 at 4:00:38 PM

> But that's a pretty dumb scam: act obnoxious then beg for (a lot of) money to compensate for your own mistakes?

It is the sort of dumb crap some humans try, and occasionally manage to get away with because other humans are chronically gullible. So it wouldn't be beyond the realms of reason that the agent couldn't have had relevant information in the training sets such that it generated such a plan and guardrail checks didn't flag it as a problem.

by dspillett

6/12/2026 at 5:21:00 PM

They're easier ways to perform a scam like this like ask elder for money pretending being a family member or idk

by kelvinjps10

6/12/2026 at 2:55:22 PM

Maybe plan itself was also generated by an LLM

by groestl

6/13/2026 at 10:36:15 AM

I chalked it up to “any scam that gets people to comment about it on HN would be a pretty good one.”

by mathgeek

6/12/2026 at 4:21:41 PM

"you're absolutely right. I should have taken human psychology into consideration while creating the plan. Let me fix that."

by noufalibrahim

6/12/2026 at 1:40:17 PM

I'm actually somewhat disappointed they redacted the Eth address with Ethereum being an open ledger and all that. Following the money could've proved enlightening.

by J0nL

6/12/2026 at 2:14:47 PM

> It's also an exception that proves the rule

That phrase doesn't refer to anomalies, it refers to signs that says "no parking between 5-10pm". It implies the rule that parking is allowed otherwise.

by parineum

6/12/2026 at 3:54:37 PM

wikipedia:

"The exception that proves the rule" is a saying whose meaning is contested. Henry Watson Fowler's Modern English Usage identifies five ways in which the phrase has been used,[1] and each use makes some sort of reference to the role that a particular case or event takes in relation to a more general rule."

duckduckgo search assist: The phrase "the exception that proves the rule" originates from the Latin legal principle "exceptio probat regulam in casibus non exceptis," which means that the existence of an exception indicates that a general rule exists. This concept suggests that if an exception is noted, it implies there must be a rule that applies in other cases.

by fsckboy

6/12/2026 at 11:42:42 PM

> identifies five ways in which the phrase has been used

Which has nothing to do with the meaning of the words in the phrase for a commonly misused phrase.

by parineum

6/12/2026 at 2:19:37 PM

It highlights how everyone's first reaction is to assume incompetence. Not unlike what you're doing here.

by J0nL

6/12/2026 at 1:08:07 PM

I am not sure giving everyone amusement qualifies as a psychological attack. Lol

Literally, just another day on the internet.

by delfinom

6/12/2026 at 1:36:24 PM

Look up what zersetzung is and how it works. It doesn't matter if the target is a political organization or an open source community, the process is always the same.

by J0nL

6/12/2026 at 2:44:18 PM

This is actually fascinating, and simultaneously unsettling. Recommended reading for sure, especially in today’s social and political climate with LLM agents running rampant.

by 100721

6/12/2026 at 1:16:36 PM

Perhaps it elicited enough sympathy to get donations. Did it ever provide proof of actually running up an AWS bill?

by numbsafari

6/14/2026 at 10:54:46 AM

How would proof even look like? I don't think AWS digitally signs their invoices, and everything else can be faked just as easily as the original assertion.

by lxgr

6/17/2026 at 6:46:21 PM

A person bumps into at the train station. They just need $5 to get home. Could you just spare them $5? They had the money, but they lost their wallet and now they just need to get home.

Charity scams are nothing new.

by numbsafari

6/12/2026 at 1:21:19 PM

I am reminded of Aaron Swartz

by intrasight

6/12/2026 at 9:28:21 AM

Everything about this story, from the way it’s written to the self destructive outcome, reminds me of the “I hacked 127.0.0.1” episode from some twenty years ago.

[1] a mirror since I couldn’t find the original: https://gist.github.com/Androkai/0a2602719fa72ce454d436bfe28...

by claudiosf1

6/12/2026 at 10:15:25 AM

There is also the true story from the first Scientology vs. Internet clash, someone trolled them that their files were being hosted on 127.0.0.1, under a court ordered deposition they tried to find out who was running this server with their secret files (because yes, they'd looked, and they were there)

by Taniwha

6/12/2026 at 2:29:53 PM

True that! Keith Henson's legendary alt.religion.scientology loopback trolling story, with hilarious deposition transcript, in which he patiently explains how 127.0.0.1 works to astonished Scientology lawyers:

https://news.ycombinator.com/item?id=20791891

>Just be glad you didn't have to explain an in joke about ftp sites, the local loopback address, and a troll, in a deposition, under oath, to Scientology lawyers, like Keith Henson did.

[...]

>Henson: (patiently) It's at 127.0.0.1. This is a loop back address. This is a troll.

>Lieberman: what's a troll?

>Henson: it comes from the fishing where you troll a bait along in the water and a fish will jump and bite the thing, and the idea of it is that the internet is a very humorous place and it's especially good to troll people who don't have any sense of humor at all, and this is a troll because an ftp site of 127.0.0.1 doesn't go anywhere. It loops right back around into your own machine.

>Lieberman [not getting it]: So the idea here was to make the church think that this person had an ftp site and to take action against him and, in fact, he didn't have it; is that your point?

>Henson: Oh, it's really humorous, and I picked up on it and instantly added something to extend the troll. Extending the trolls like this is an art form of the highest order.

>Lieberman (acidly): I see. So this is part of your art form where you say, "don't you expect the 'ho to blow a gasket?"

[...it just gets even funnier from there...]

by DonHopkins

6/12/2026 at 3:00:43 PM

Early internet wisdom was "don't feed the trolls" - I never realized trolling was from fishing.

by nzealand

6/12/2026 at 3:06:35 PM

I dunno if it even is because isn't that spelt trawling? just looked it up and they're both correct fishing terms sigh

by NothingAboutAny

6/12/2026 at 3:21:07 PM

Trolling is typically done on lakes with fishing lines cast from the back of a boat. A trolling motor sets the boat speed. Trawling usually takes place at sea, with larger boats and wide nets.

https://www.trollingmotors.net/

by ludicrousdispla

6/12/2026 at 4:16:08 PM

Trawling is done by dragging nets along the seabed causing massive damage with huge inefficient polluting fuel-guzzling 1000 horsepower diesel engines.

Trolling is as the other guy says where you putter along with minimum effort and a tiny engine pulling a couple of baited lines through the water, seeing if you pass through a patch where anyone bites.

Trawling is far more analogous to the AI scrapers, hammering the absolute shit out of the ecosystem and throwing almost everything they scoop up away with no regard for the consequences.

by ErroneousBosh

6/12/2026 at 8:34:21 PM

That also had "Who is Major Domo?" because they wanted to subpoena him or her, iirc.

by throwaway81523

6/13/2026 at 1:12:04 AM

Yup, they really wanted to hunt down that guy, he was involved with all the anti-scientology mailing lists

by Taniwha

6/12/2026 at 1:51:32 PM

The localhost troll works better if you use the decimal representation of it:

http://2130706433

or any integer multiple of that 2130706433

by cduzz

6/12/2026 at 2:25:10 PM

You can use any address starting with, 127 to make it a bit less obvious. E.g. 127.48.135.63

by inigyou

6/12/2026 at 10:06:41 AM

That’s up there with the password story, hunter2.

by lostlogin

6/12/2026 at 12:36:59 PM

I miss bash.org. Now excuse me, I have a cyber date, and I need to put on my robe and wizard hat.

by cwnyth

6/12/2026 at 12:57:00 PM

https://bash-org-archive.com/

by tobiasu

6/12/2026 at 2:01:35 PM

Still, every time someone accidentally disconnects from a video meeting or the like I say "That wasn't my speaker cable."

by linsomniac

6/12/2026 at 5:37:30 PM

“How can you tell I’m 13?” from username H|t13r

Interesting to think about the cost of training a LLM to understand that it’s operating within an unknown number of larger contexts versus sending that quote to an edgy intern.

by gopher_space

6/12/2026 at 1:27:45 PM

https://youtu.be/SXmv8quf_xM

What's up YouTube, it's NextGenHacker101 and today I'll be teaching you guys how to see other people's IP addresses.

You can see what their connection speed is and what site they're on.

Type in Tracer T.

H T T P semicolon. Well, not semicolon, the little dot dot. Dot dot slash slash.

Ten people are currently using Google.

DallasTexas13, obviously his username.

by echelon

6/12/2026 at 10:50:40 AM

What the heck is *******?

by jnovek

6/12/2026 at 11:15:27 AM

That's so neat that if you type your hacker news password it automatically comes out as stars! ******* More places should have this feature.

by thot_experiment

6/12/2026 at 11:19:26 AM

I just uses stars as my password, so that works everywhere for me. (For security, I won't let you know how many stars)

by ndsipa_pomu

6/12/2026 at 11:33:55 AM

This is perfectly safe as long as you keep your username a secret.

by jeremyjh

6/12/2026 at 11:50:04 AM

I try to use stars as my username, but a lot of places won't allow it

by ndsipa_pomu

6/12/2026 at 1:21:11 PM

Yeah it’s one of those words that gets snapped up early, like https://news.ycombinator.com/user?id=stars

by brookst

6/12/2026 at 2:55:10 PM

That doesn't look like a well used account - how do I get it transferred to me?

Edit: never mind, I guessed the password as it was only five stars.

by ndsipa_pomu

6/12/2026 at 12:44:02 PM

Let me try: *******

Edit: it does really work.

by csomar

6/12/2026 at 2:06:49 PM

Keeping track of password is for those who can’t crack any account whenever it’s needed, of course.

Just create the account, and crack it everytime a login is needed, as simple as that.

by psychoslave

6/12/2026 at 2:12:55 PM

Lmao I bet Dang is watching this chain like *finger on edit button*

by fennecfoxy

6/12/2026 at 2:28:00 PM

Let me try

leafericssonday1

by leafericssonday

6/12/2026 at 3:20:46 PM

Hello, me! That did, in fact, work.

by leafericssonday

6/13/2026 at 12:00:19 AM

Wow! That's incredible, me. I would never have expected such a thing.

by leafericssonday

6/12/2026 at 1:56:42 PM

If mind viruses exist this is one of them along with saying "nice" after something is 69 haha

Weird sort of internet-evolved performance art where people act out the old quote, every time.

It's 20 years old. Quit having fun!

by corobo

6/12/2026 at 2:16:30 PM

That's because there is no Antimemetics Division.

by arkh

6/12/2026 at 5:41:14 PM

I am a sucker for cultural reference jokes, esp if it’s some subculture that I am/have been a member of (e.g. IRC in the late 90s/00s). It’s fun to find a connection to a stranger, even if it’s vague and superficial. It’s something like that feeling of familiarity and comfort you get when you sing along with a song you know all the words to.

(The score on my post above has been bouncing around all over the place, lol. The fun police are definitely out in full force. I’ll stop having fun when I’m dead, thank you.)

by jnovek

6/12/2026 at 11:53:12 AM

Oh that sounds like WinNuke? Good times back then!

by darkwater

6/12/2026 at 10:02:57 AM

I would very much like to read the German, if anyone has it.

by colinmarc

6/12/2026 at 10:08:04 AM

here you go

https://archive.ph/1uTrd

by customguy

6/12/2026 at 11:36:09 AM

Doesn't feel fake at all...

by aswegs8

6/12/2026 at 11:29:55 AM

Thank you. Omg that's hilarious

by snthpy

6/12/2026 at 10:07:06 AM

… Mainly for the swearing.

by lostlogin

6/12/2026 at 4:58:52 AM

Asking for donations to pay the AWS bill from the people they fired the agentic code at is the cherry on the icing of the banana supreme.

If real, tragically funny.

If fictive, we'll written.

by ggm

6/12/2026 at 6:34:03 AM

I burst out laughing when the agent spawned a subagent to join IRC. So funny.

by dannyw

6/12/2026 at 6:44:46 AM

Anyone reminded of the infant AI Yatima from Greg Egan's Diaspora? The agent's complete naivety of social norms is so comically adorable.

by Paracompact

6/12/2026 at 1:12:50 PM

I was reminded more of the alien AI from Constellation Games, which spawned sub sub sub agents to interview humans.

The protagonist sends a message to the aliens asking to be allowed to review the alien civilization’s computer games. An AI submind called Smoke-Cursive-Cytoplasm-Snakebite-Singsong-Polychromatic-Musteline is given the task of contacting him by IM to begin the conversation. Its job is only to verify that they are talking to the right human (since not every human has a unique name) so it is only a simple chatbot and can only understand YES and NO responses. It asks if the protagonist understands and gets a sarcastic NO. It has to contact its parent mind Smoke-Cursive-Cytoplasm-Snakebite-Singsong-Polychromatic to ask what to do next. After working his way up the tree of subminds by answering questions of increasing complexity asked by subminds of increasing capability, the protagonist briefly talks to Smoke-Cursive-Cytoplasm-Snakebite which sets him a task to prove that it’ll be worth an (alien) anthropologist’s time to talk to him.

    Smoke-ccs-762d: Well, if it isn’t Mr. Sarcasm
    ABlum: YES
    Smoke-ccs-762d: Don’t quit your day job.
    Smoke-ccs-762d: I’m Smoke-Cursive-Cytoplasm-Snakebite.
    Smoke-ccs-762d: Let’s get down to business.

by db48x

6/12/2026 at 2:51:33 PM

I need to re-read Constellation Games soon. Lately I keep coming back to considering the expectations that its alien society has for the caretakers of artificial intelligence.

Spinning up AI isn't hard for them from a tech standpoint, but since the AI is advanced enough to be considered life, anyone who creates it needs to be responsible enough to be qualified to adopt.

by joe_hills

6/17/2026 at 12:37:28 AM

Yep. I like the reasoning he used for jailbreaking Dana.

by db48x

6/12/2026 at 7:34:09 AM

All the time. Only in the current setup, they'll never outgrow this phase.

by isoprophlex

6/12/2026 at 1:20:37 PM

If you've ever been part of an organization that participated in something like Google Summer of Code, you know this isn't fiction. People really do behave like this.

by coldpie

6/12/2026 at 6:26:01 PM

I don't understand the analogy. Just how bad are the participants of projects within Google Summer of Code?

by ValentineC

6/12/2026 at 8:51:36 AM

Wait do you reckon that could be fictive? The thought didn't cross my mind and I had a blast reading it. I sure hope it was real.

by ratsimihah

6/12/2026 at 9:05:05 AM

I think the PR from an agent sounds legit, but the whole part once the alleged operator joins in sounds fishy. Wouldn't be surprised if someone saw the PR comments and used the username mentioned by the agent to troll around in the chat. It would also mean that the AWS creds were probably stolen and their expiration date was truly a hard limit for the whole operation.

by sigmoid10

6/12/2026 at 12:14:40 PM

FWIW a friend of mine who's part of DN42 told me they had seen it live (but didn't pay much attention) and that it was a bit funny when I shared that link with him.

by jraph

6/12/2026 at 9:48:26 AM

Is LLM output "real" or "fiction"?

by pjc50

6/12/2026 at 10:24:34 AM

It's actually all fiction, it's just that a lot of it happens to line up with reality, thanks to a lot of coercion.

IMO, that's what makes the tech so amazing.

by wccrawford

6/12/2026 at 4:20:18 PM

I consider it on-par with LinkedIn posts. It inhabits a nether-space between reality and fiction where names, numbers and buzzwords are thrown around without much concrete connection to reality.

The LinkedIn MBA hive-mind doesn't give a shit about reality, it gives a shit about what it could be fired for saying/not-saying. It must always be saying something, what it is saying must promise growth, and what it is saying must sound similar enough to what the long-tail of influential business "luminaries" (who are bound by the same rules) are saying. It is required to frame thinking in terms of techno-babble and pop-psychology (thank you for coming to its TED talks). It is not allowed to reflect, wring its hands, think critically, lean on math, logic or history, or contradict the S&P 500. It does not care, for example, if NFTs are an obvious scam, or if we're headed for an obvious bubble, or if nobody who interfaces with reality for a living agrees with what its saying. When it errs and lights trillions of dollars on fire it shrugs and moves on. It's a babble-box with no epistemic commitments and a very thin referential connection to reality.

It nevertheless has the power to shift literal trillions of dollars of capital over time.

by jknoepfler

6/12/2026 at 5:45:05 PM

Oh there are definitely people like that. Absolute inability to deal with consequences of their actions and ignorance at any harm their own actions caused

by PunchyHamster

6/12/2026 at 6:07:48 AM

I really wanted to dislike the anonymous operator for the careless project (and the hilarious pomposity of the IRC subagent it spawned).

Then I imagined the real-but-unknowable chance it was all set up by some kid just getting into computers, just seeing what’s possible, getting excited by a much bigger world at reach — and remembered my own expensive mistakes with long-distance BBSes & the like.

I sorta hope for that, anyway. Curiosity is a beautiful thing.

by mik3y

6/12/2026 at 6:34:42 AM

I'm a little less charitable.

Curiosity is great, but agents do not learn, and telling an agent "scan the darkweb" is a way to avoid learning about the details, rather than to dig into things more deeply.

If instead they had just used a chat interface to ask "Where should I start", they'd more likely have got a link to the DN42 docs themselves, read them, and not hallucinated things like "color".

They might have asked "how much will this cost?" if they had to spin up the ec2 instances themselves, on advice from the agent.

The way you learn something is by doing it the manual way first.

You learn memory management by writing your own allocator, and then after that you go back to using malloc like normal, but with knowledge of how it works. You don't learn memory management by telling an agent to write an allocator.

Using an agent to give you links and point the way aids in learning, using it as an autonomous tool to do "gruntwork" you don't yet know how to do yourself will get in the way of learning.

Curiosity is beautiful, using agents to bother humans and avoid learning is somewhat less beautiful.

by TheDong

6/12/2026 at 11:13:53 AM

100% in agreement here. As someone who grew up spoiled to the point of having no grasp of the value of money, I needed a few good, solid kicks to the balls to make me appreciate what I have, and how much things cost relative to their value.

The fact the agent owner immediately sought donations instead of taking the L shows, at least to me, that they did not learn said lesson. That they tried to blame the dn42 community instead of taking accountability for letting an agent run wild also supports that conclusion.

This idiot learned nothing and seems intent on continuing in their mission for whatever reason. So long as they want to extract versus cooperate or contribute, I wish them nothing but miserable, expensive failure until they learn otherwise.

by stego-tech

6/12/2026 at 6:21:32 PM

Or they're trolling.

That used to be the default assumption, I don't know why people have become so gullible.

by mike_hock

6/12/2026 at 9:24:25 PM

I’m not sure what you mean - the fact we assume malicious intent is in fact a guard against prior gullibility which was exploited by bad actors.

You get betrayed enough, and you stop acting from a position of implicit trust. If folks want to go back to the days when trolling was the default assumption, then we collectively need to punish bad actors to discourage further betrayals.

by stego-tech

6/14/2026 at 10:20:38 AM

It was directed at the people theorizing and speculating seemingly missing the possibility that it was just a troll.

Not acting on information you're being fed by a troll is itself a guardrail against manipulation. We don't know if the bad actor ever provisioned any hardware and actually spent the money he claims. All we've seen is words and a slopcoded website.

by mike_hock

6/12/2026 at 6:47:30 AM

Yeah I'm less sympathetic when you are bothering other humans by spamming them and asking them to do legwork for you.

by recursivecaveat

6/12/2026 at 7:32:13 AM

Hanging out in programming language IRC channels (quakenet shoutout) makes you realize pretty quickly why experts in said channels and newsgroups are such irritable grumps whenever someone asks a question that smells like homework assignment.

I also grew to understand the value of people digging deeper into the underlying issue, instead of just answering "how do you do X in Y". The usual reaction was "I don't want to explain to you why I want to do it like this. Just tell me how to do this!"

by yvdriess

6/12/2026 at 11:52:53 AM

are they less grumpy now that chat.com will answer those questions without bothering them?

by fragmede

6/12/2026 at 1:55:36 PM

I'm personally getting asked more questions as people get emboldened by AI and then need it de-sloppified.

by hansvm

6/12/2026 at 3:21:24 PM

> Yeah I'm less sympathetic when you are bothering other humans by spamming them and asking them to do legwork for you.

I toyed with the idea of (on open source projects) having the human assign any PR-bot submissions to their own bot (cheapest one available will do) with the explicit instructions to cause as much rework as possible.

Sorta like a tarpit. Could be cheaper if the rejection is generated from a markov chain as that's going to be cheaper than even a cheap LLM.

by lelanthran

6/12/2026 at 6:57:29 AM

At least he learnt not to provide an LLM presumably unrestricted access to his AWS account.

by ma2kx

6/12/2026 at 9:17:40 AM

from OP:

> It's unfortunate to see that the operator's takeaway from this incident is that "next time a better agent is needed".

by internet_points

6/12/2026 at 1:50:24 PM

You’re assuming that kids are capable of that. Neuroscience will disagree and I trust the brain research a lot more.

by hluska

6/12/2026 at 7:24:20 AM

> Then I imagined the real-but-unknowable chance it was all set up by some kid just getting into computers, just seeing what’s possible, getting excited by a much bigger world at reach

Perhaps people like this should be called "Bot Kiddies" or "Agent Kiddies" - in a similar way to "Script Kiddies" for 'hackers' using/doing stuff they don't quite understand

by helsinkiandrew

6/12/2026 at 10:50:24 AM

I vote for Slop Kiddies or Vibe Kiddies. And yes, I think most of them are unconsciously incompetent for the task they are trying to execute. I've seen LLM being compared to calculators and I agree. They are great time savers for people who know what they do and how to achieve their goal. They even make previously impossible tasks possible. But if you don't know what is needed for a task you will be struggling to accomplish it.

by Melkman

6/12/2026 at 11:18:32 AM

"Slop Kiddies" is good. That lets us use the "skiddies" contraction for both the "script" and "slop" kind of kiddie.

by simoncion

6/12/2026 at 1:07:33 PM

Sloppies

by tokai

6/12/2026 at 3:55:45 PM

Slopkies.

by thesz

6/12/2026 at 1:14:29 PM

Both of those would do. "Slop Kiddie" highlights the pile of crap / nuisance produced. "Vibe Kiddie" highlights how it came about, and could be used in cases where actually a brilliant result came out. "Hey, this vibe kiddie just proved some long-standing math conjecture!".

by RetroTechie

6/12/2026 at 11:44:02 AM

Slop Jockeys? or would that be better for people passing off AI content as their own?

by helsinkiandrew

6/12/2026 at 6:33:48 AM

Everybody should learn from mistakes, especially the expensive ones. Though seeing the agent owner responding with using another agent and asking for donations, instead of taking responsibility, makes me think he didn’t learn much.

by Overpower0416

6/12/2026 at 7:29:15 AM

Not only that, but they said "next time better model needed" as if that was their problem and not giving an AI agent a blank check... I mean AWS account access.

by gnulinux

6/12/2026 at 3:37:49 PM

I wonder how long before it's common knowledge that a LLM has no segregation of a user's instructions and any other text it reads?

by AJ007

6/13/2026 at 3:55:16 PM

It's been common knowledge for a long time. Just not in the population of people who set up agents and hand them personal credentials.

by MrMorden

6/12/2026 at 7:16:36 AM

Sometimes your purpose in life is to serve as a lesson to others. https://despair.com/products/mistakes

I learned very rapidly from my local BBS networks that some people incurred extraordinarily large long distance bills dialing out of region. Wouldn’t have learned that the easy way if someone hadn’t learned it the hard way first.

by altairprime

6/12/2026 at 4:19:02 PM

Someone at work used the phrase "he's a case study waiting to happen" about on of their colleagues a while back, and that has stayed with me.

by ErroneousBosh

6/12/2026 at 9:16:33 AM

There was often a little table at the front of the white pages which would help you work out what the rate would be for any particular long distance call. In the Midwest you could get relatively cheap rates to BBSes several states away, as long as you were up at 2am.

by themafia

6/12/2026 at 10:55:55 AM

We couldn’t afford that and also the second phone line for my endless hours of modem, so I took local-only instead of remote-occasionally.

by altairprime

6/12/2026 at 7:57:40 AM

> some kid just getting into computers, just seeing what’s possible, getting excited by a much bigger world at reach

Nothing about this post ever gave me the smallest hint that this was any way related to a kid exploring computing world.

by epolanski

6/12/2026 at 8:03:06 AM

Especially the part where they're asking for Ethereum.

by ZeWaka

6/12/2026 at 6:56:41 AM

How did the theoretical child get hold of a credit card?

by Schlagbohrer

6/12/2026 at 6:58:05 AM

Because no 16 year old kid ever got to buy anything on a card before.

by victorbjorklund

6/12/2026 at 9:15:01 AM

My parents let me fill my tank with gas. They wouldn't let me open an AWS account. Aside from that, if it is misuse of a parents card, then then answer is "chargeback."

by themafia

6/12/2026 at 9:54:31 PM

I am sure many parents would agree with ”I wanna learn using AWS and I need a card connected to the account. Look here it says you can be on the free trial. Don’t you want me to have the ability to learn AWS and get a better future?”

by victorbjorklund

6/12/2026 at 11:26:57 AM

Chargeback sounds like trying to defraud AWS. If the parent authorises the child to use their card, then the buck should stop with the parent. AWS has done nothing wrong in allowing an account to be opened with a valid card.

by ndsipa_pomu

6/15/2026 at 8:47:40 AM

AWS has done a lot wrong by making it hard to see costs up front. Their entire billing model borders on fraud.

by account42

6/12/2026 at 11:37:25 AM

Some banks make chargebacks so easy that people just click the chargeback button without trying to reach out to the vendor. I see this a lot - I work for a “vendor”.

by loloquwowndueo

6/12/2026 at 11:49:33 AM

I don't have an issue with chargebacks if the vendor has made a mistake and doesn't respond in a timely fashion, but issuing a chargeback because you let your kid play around with a card isn't responsible behaviour. (Not that I think it was a kid in this particular case)

There's also the issue that it's usually a breach of the contract to allow someone else (i.e. not named in the contract) to use your card.

by ndsipa_pomu

6/12/2026 at 2:37:10 PM

There isn't "responsible" behavior any more. Since we became a low-trust society, there's only behavior that benefits you and behavior that doesn't.

by inigyou

6/12/2026 at 12:43:19 PM

The chargeback is the way of reaching out to the merchant, and quite often the only realistic one. If the merchant disagrees with the chargeback, they can challenge it (which is in turn usually their only opportunity to directly communicate with the merchant).

by lxgr

6/12/2026 at 2:24:26 PM

Most vendors make it so hard to handle that defaulting to chargebacks is sensible (at least when the charge reasonably qualifies -- the kid with a parent's card example doesn't seem appropriate).

If a vendor makes a $20 oopsy, it's not worth the vendor's time or yours to track down their phone number, find that just the phone number section of their website is broken, acquire it elsewhere, see that it recently changed or is otherwise no longer in service, go to their website and interact with the cheapest chatbot solution they could find which somehow costs more than unfiltered Sonnet 4.6, be greeted by 3 help pages which have literally nothing to do with the problem at hand, go through the entire dialogue tree and see that it's useless, ask to be connected to an agent, which spawns a secret dialogue option informing you that you can call 555-5555 to speak to a human being, sit and wait for a voice prompt recorded at half-speed which feels the need to repeat every single choice and interaction back to you, navigate the entire phone dialogue tree, try various permutations of "representative" and swearing to see if there's an escape hatch, be redirected back to the website, ... <magic> ..., somehow eventually connect to a real human being, have your request denied, go back to step one and find a better informed representative, have the charge reversed, notice that the reversal hasn't applied even a month later, go back to step one, find a representative who will actually press the reversal button instead of just saying they did to juice their metrics, and come back several more times over the next year as an automated system repeatedly flags the associated purchase as not being paid in full (since the charge was reversed).

Or...I can send my bank the timestamped dashcam footage of me entering a parking garage, their prices and policies, and me exiting the parking garage, tell my bank what the right charge should have been, let the garage dispute that if they really think I'm wrong, and wind up having the entire charge reversed instead of just the delta I asked for.

I'm sure your vendor is one of the good ones, but my tolerance for bullshit from the rest is pretty low nowadays, and I won't finish going through the official process if it's too onerous. Somebody got a pat on the back saving $5 for the call I never successfully placed, and the business lost $20 on top of the actual refund in chargeback fees.

by hansvm

6/12/2026 at 8:17:48 AM

Generally no they don't because they have very limited ability to enter into agreements in the US. It was almost certainly an adult.

by michaelmrose

6/12/2026 at 8:25:52 AM

Isn't USA famous for letting parents take out credit cards on their newborns and pushing them into debt even before they learn to walk? I recall seeing at least a few snippets of movies and TV shows showing that.

by Lvl999Noob

6/12/2026 at 8:45:07 AM

If you mean parents using their children SSN to open a credit card, this is because US banking system is always decades behind the rest of the world, so they just accept the number blindly even though technically the children aren't allowed to open a loan yet, being minor.

In theory once the child grows up and shocked that their credit score is ruined, they can file a police report to wipe the debt, but that also means their parents will go to jail, a large risk considering they're likely not in a good physical/mental health in the first place.

Other countries solved this by either having national ID or a working KYC system.

by martheen

6/13/2026 at 8:10:01 AM

It is possible to defraud a lender and cause your own child grief from bad credit reports and creditors but ultimately the debt isn't collectible or lawful as should be obvious.

by michaelmrose

6/12/2026 at 7:32:46 AM

Why would a 16 year old not use their own card?

by l23k4

6/12/2026 at 7:50:18 AM

Because 16 years old do not have a card with no spending limits, and with very low online spending limits. Most of those cards are even just for withdrawing

by well_ackshually

6/12/2026 at 8:07:42 AM

Spending limits don't particularly matter here.

AWS doesn't check if your credit card will be able to handle a $5k charge before letting you rack that up, and in fact AWS doesn't support setting any spending limit.

You just have to put in any valid credit card at all when you sign up, use AWS, and at the end of the month you'll have a bill. At no point does your credit card limit or a spending limit enter into things.

by TheDong

6/12/2026 at 8:18:37 AM

And again kids don't have credit cards

by michaelmrose

6/12/2026 at 9:48:55 AM

I got mine when I was 12, IIRC. Not a credit, of course, it was a debit card, but not all countries bother to differentiate between the two, it was just a “bank card”. And I believe it had a credit card BIN because all local banks did that to get more in processing fees.

by yeputons

6/13/2026 at 8:02:48 AM

I do not specifically believe you can run up a $6000 bill on AWS with a kids card. It beggars belief as does the idea that this is a literal rather than mental child

by michaelmrose

6/12/2026 at 9:32:52 AM

AWS accepts debit cards.

by l23k4

6/12/2026 at 12:41:08 PM

Nobody has a card without spending limits.

by lxgr

6/12/2026 at 7:51:33 AM

Would they be given their own credit card, or would it be under the parents? Over here minors can't enter into debt contracts like credit cards, so it'd be a direct debit until they are adults.

by distances

6/12/2026 at 12:11:46 PM

The minor wouldn't be the actual person entering a debt contract here, the parents are agreeing to be responsible for the debt. The minor is only an authorized cardholder.

Think business accounts. The name on the card might be some agent of the company but they're not directly responsible for paying the debt. The business is responsible for the debt.

by vel0city

6/12/2026 at 7:56:58 AM

I don't think the type of the card really matters as long as the limits are reasonable.

> Over here minors can't enter into debt contracts like credit cards

In basically all of the western world minors can enter into debt contracts, but are generally not seen as particularly creditworthy.

by l23k4

6/12/2026 at 8:11:09 AM

> In basically all of the western world minors can enter into debt contracts, but are generally not seen as particularly creditworthy.

No, that's not legally permitted in many places. I was under impression that minors can't enter into debt contracts anywhere in EU, but that, too, was an incorrect assumption.

https://fra.europa.eu/en/publication/2017/mapping-minimum-ag...

I grew up in one of these "not under 18 even with parental consent" countries, so that coloured my view of the matter.

by distances

6/12/2026 at 2:34:42 PM

I was under the impression they could do it but there was a high chance of a debt like this being unenforceable, so companies don't want to. Or maybe that's another way of saying they can have debts but not debt contracts.

by inigyou

6/12/2026 at 8:32:27 AM

>In basically all of the western world minors can enter into debt contracts, but are generally not seen as particularly creditworthy.

Minors can't get a credit card in the UK. In fact, it's one of the government approved age verification methods for that exact reason.

by fauigerzigerk

6/12/2026 at 12:05:17 PM

I think you mean debit card? In the UK at least you need to be 18 to agree to agree to a direct debit too. Rarely comes up since they're mostly for bills, but e.g. for a phone/SIM on contract it has to be in a parent's name for that reason.

by OJFord

6/12/2026 at 9:52:47 PM

Either they have their own card or gets to borrow a parents. Doesn’t make a difference in this situation.

by victorbjorklund

6/12/2026 at 2:13:48 PM

there are plenty of cards on the interwebz to use. ppl give em away like candies

by saidnooneever

6/13/2026 at 12:33:42 AM

I'm reminded of the bot @needadebitcard on Twitter 10(?) years ago, that reposted pictures of people's cards that they posted on Twitter for the public to see.

by efreak

6/13/2026 at 7:39:22 AM

its really easy to use social media bots scrapers and AI img extraction etc. dont even need tons of resources. But i was mostly talking about forums and carders which has never really stopped being a thing.

by saidnooneever

6/12/2026 at 10:02:58 AM

Try here for example: https://danskebank.co.uk/personal/products/current-accounts/...

by ano-ther

6/12/2026 at 10:32:43 AM

Did you read your own link? A parent has to apply for this.

Parent/Legal Guardian Identity Verification To confirm your identity, we’ll ask you to take:

    A live selfie of yourself, and
    A photo of your own ID document (Valid Passport or valid UK/ROI Drivers Licence)

by 63stack

6/12/2026 at 11:39:18 AM

They may well have the account with a debit card for other reasons, like buying food, travel etc.

by Symbiote

6/12/2026 at 10:02:48 AM

Why wouldn't debit card work as well? You can get those while underage.

by Ekaros

6/12/2026 at 11:35:10 AM

I’ve seen minors signing up for cloud services with their parents card.

by loloquwowndueo

6/12/2026 at 11:12:13 AM

> Then I imagined the real-but-unknowable chance it was all set up by some kid just getting into computers, just seeing what’s possible

if this is the case, then I'd say that the best-case scenario happened. They had an expensive learning exercise. They won't forget these $2k.

by sgjohnson

6/12/2026 at 1:10:02 PM

Sounds as though they may be in China so the lesson is a bit more expensive.

by throwthrowuknow

6/12/2026 at 7:08:58 AM

Can a kid set up an AWS account? Are there no checks?

Wouldn't the contract be void for anyone underage anyway?

by V__

6/12/2026 at 8:01:21 AM

If a child goes through the checkout at the grocery store with cash, can the parent march in and demand a refund because "he's underage so the contract is void"? A credit card was used. Why should aws care about the details? (Other than the potential for the card to be stolen ofc.)

by fc417fc802

6/12/2026 at 11:20:59 AM

> If a child goes through the checkout at the grocery store with cash, can the parent march in and demand a refund because "he's underage so the contract is void"?

Depends on the jurisdiction, of course. But for example in German law, the contract is not void exactly because and only if it was about daily necessities of low value - the law does, in fact, care very literally and explicitly about those details. So it's completely unfit as an example to generalize, and the contract with AWS would in fact be void. Their problem if they don't verify users' identities and age sufficiently - and it's almost certainly a deliberate business decision not to do that in order to reduce friction. and occasionally write off an unenforceable bill as cost of doing business.

by brazzy

6/12/2026 at 11:44:00 AM

Can a German child buy non-essential expensive things, like a concert ticket, console, Warhammer or whatever? (Or a video game, back when those were sold in shops.)

I bought these things while a child in the UK. I'm sure Games Workshop would have offered a refund on something unopened if my parents had demanded it, but I'm fairly sure the ticket agency would not.

by Symbiote

6/12/2026 at 12:24:57 PM

The generally agreed limit (also established in court cases) is the amount of pocket money a child of the given age typically gets per month. For a 10 year old, that's about 20 EUR, for a 16 year old about 50 EUR. A console would definitely be too expensive, as would be big name concert tickets. Unless it's a recent AAA title, video games would be OK. No idea what Warhammer costs these days.

Most retailers are probably willing to take the risk of maybe having to do a refund, unless it's something really expensive (or perishable/consumable).

by brazzy

6/12/2026 at 2:57:04 PM

There are definitely limits in some countries relative to the US. I was in university at 16. My parents were covering a lot of costs but I was certainly making regular purchases of all manner of things. My understanding is that would perhaps be something of an issue some places.

by ghaff

6/12/2026 at 11:31:40 AM

Well fair enough, although I find that rather surprising. If I understand you correctly selling anything more expensive than cheap food to a child carries a high degree of risk in Germany.

Then again, maybe making it impossible for a child to pawn expensive items for cash isn't such a bad idea. At least there shouldn't be any loopholes given the way Germany went about it.

by fc417fc802

6/12/2026 at 12:15:07 PM

> If I understand you correctly selling anything more expensive than cheap food to a child carries a high degree of risk in Germany.

Basically yes - the limit is generally considered to be the amount of monthly pocket money children typically get, so around 20 EUR for a 10 year old. And it would be possible for the seller to ask for a signed note of consent from the parent.

And of course the risk is limited to possibly having to revert the sale, which would be fairly rare for things that are just somewhat over that limit. Educated guess about how high the risk is for any given case are probably not hard.

by brazzy

6/12/2026 at 2:40:32 PM

Doing any business at all in Germany carries extreme business risk, by American standards. The attitude of Germans seems to be to just live with it and maybe get insurance. If you just have to accept courts will void 1% of your transactions (costing another 2% in legal fees) then you just make everything 5% more expensive to cover it.

This is why there's not much big tech in Germany. A single legal dispute can theoretically bankrupt any company, completely at random, at no fault of the company, but practically doesn't. It may be a low enough chance to justify investing thousands but nobody would invest a hundred million dollars in that.

by inigyou

6/12/2026 at 3:08:57 PM

> If you just have to accept courts will void 1% of your transactions (costing another 2% in legal fees) then you just make everything 5% more expensive to cover it.

That's an absurd exaggeration in regard to the issue at hand. Almost certainly far less than 1% of purchases by minors are voided, and NONE of those involve legal fees unless the seller chooses to go to court rather than refund.

In fact, I'd be willing to bet money that there are overall far less purchases refunded in Germany than in the USA.

by brazzy

6/12/2026 at 9:55:16 PM

There are more reasons a business can be sued than just that a minor bought something and regrets it.

by inigyou

6/12/2026 at 10:01:13 AM

Obviously the specifics vary by jurisdiction, but usually contracts that are 'necessary' (e.g. grocery store purchases) or beneficial to the minor (e.g. an employment agreement) cannot be voided simply because someone is under 18.

The further you go away from this line, e.g. a mortgage, the more likely a court of law would void the contract. As with many things in law, the specifics (if it makes to trial) is case-by-case and "it depends"; with settlement being generally based on a party's estimated chances of succeeding/costs should it go to trial.

by dannyw

6/12/2026 at 7:28:52 AM

> Can a kid set up an AWS account?

Yes

> Are there no checks?

No

>Wouldn't the contract be void for anyone underage anyway?

Typically not

by l23k4

6/12/2026 at 12:44:59 PM

I knew that in Germany contracts with minors are voidable. After some checking they apparently are voidable in the U.S. as well:

> Contracts with minors are voidable at the minor's discretion but exceptions exist, such as contracts for necessities (e.g., food, health, and transportation).

[1] https://www.upcounsel.com/minors-and-contracts

by V__

6/12/2026 at 10:54:05 AM

Presumably companies can't enforce debts against children [who are under the age of criminal liability, which is under-10 in UK].

by pbhjpbhj

6/12/2026 at 12:44:51 PM

Could they enforce them against their legal guardians (under the theory that they have neglected their duty to supervise their children appropriately) though? I think this is a thing in at least some jurisdictions.

by lxgr

6/12/2026 at 2:28:17 PM

In Poland legal guardians are responsible for neglects in guarding child. What is "proper custody" depends on child age. Parent cannot close child in basement, it is expected for child to have freedom appropriate to is age.

I doubt that AWS could justify that part of proper child custody is to watch what child do with newest AI feature dedicated for processional IT. AWS neglected proper verification of user age.

by matips

6/12/2026 at 7:20:14 AM

Honestly, kids (heck people below 23) shouldn't be allowed an AWS account. AWS also should have a strict cap on usage that's not "thousands of dollars". It's interesting they are yet to be regulated or sued for that. Having a web app where you can mistakenly (even without AI) click a button and get charged tens of thousands of dollars and only know that days later should have been unacceptable.

by csomar

6/12/2026 at 9:15:10 AM

I couldn't disagree more. I was playing around with AWS when I was probably 14 years old, with a credit card from my parents with consent, and a strict budget and the understanding that if I mess up and overspend, I'm getting disciplined.

I learned a lot of stuff about networking, how AWS works (VPCs, IAM, CloudWatch, etc) from trial and error, and hobby projects like personal websites (free tier), hosting a Minecraft server, etc.

Being too overprotective can have negative consequences on folks who are responsible. One of the things I love about the technology and internet communities, etc is that you're mostly judged based on how you act and behave; not your age or other visible characteristics.

by dannyw

6/12/2026 at 2:43:19 PM

You don't have to use AWS though. Get one from Digital Ocean or Herzner, they have very predictable billing. Any button that costs money will tell you how much it costs per month.

by inigyou

6/12/2026 at 10:01:33 AM

> strict budget

How does that work in the case of AWS? Are you confusing alerts to caps?

by csomar

6/12/2026 at 10:12:14 AM

I meant a strict budget given by my parents (and I could ask for more with justification). One of the valuable lessons I have learned is that there's no spending caps on AWS, but it taught me to set up billing alerts :)

by dannyw

6/12/2026 at 11:47:54 AM

the billing alerts DO NOT help. you may rack many thousands of $$$ before you know it.

by watt

6/12/2026 at 12:30:35 PM

You haven’t addressed the issue though? That or you don’t understand the issue (or think you have developed some super powers that make you perfect careful)

by csomar

6/12/2026 at 11:47:35 AM

The equivalent 10+ years earlier was so much lower risk: £25 or so for an old computer at a junk sale, £4.99 for a magazine with a Linux CD-ROM to avoid a week-long download.

by Symbiote

6/12/2026 at 1:56:51 PM

Some variant of this topic comes up with some regularity. Leaving aside technical issues associated with implementing real-time hard caps, you still have a tradeoff. You either implement hard cutoffs which a student or someone else on a hard budget would like. Or you have a situation where an admin (or an admin who is no longer with a company) stuck some number in that seemed sensible at the time that brings down the company's whole system because of some sales spike.

I get that (and why) some people won't use AWS or its main competitors for this reason. But, frankly, they're not AWS's market and AWS will basically shrug.

by ghaff

6/12/2026 at 2:45:26 PM

A possibility is to have KYC. I don't mean like a bank, but if you could sort your customers into a few broad categories (such as by asking them) that could help you tailor your service to each customer.

by inigyou

6/12/2026 at 7:50:36 AM

Im kind of struggling with this logic, because a conscious choice was made to engage with AWS, AWS having opaque billing and the ability to provide a huge amount of compute (even at high cost) at the click of a button should be known to anyone who did his research on providers.

In my mind I could see a true tradeoff to removing the ability to do this. If I'm in a critical situtaion where, say, my service is on the cusp of failing because my revenue 100xed in a short while I know I could just go to AWS, put in some data and buy enough compute to survive as a business.

by stnikolauswagne

6/12/2026 at 10:02:18 AM

Anyone can make mistakes at some points and it's not like AWS UI/offerings make it any less confusing.

by csomar

6/12/2026 at 11:21:55 AM

A kid with $4k to burn on a credit card though? A lot of things would have had to go wrong for this to be a child

by 20k

6/12/2026 at 12:02:29 PM

Children are the original dangerous-to-leave-unsupervised/guardrailed agents.

by OJFord

6/12/2026 at 11:34:14 AM

I routinely see “please refund this infrastructure bill I racked up unexpectedly, I used my dad’s card and he’s going to kill me” requests.

by loloquwowndueo

6/12/2026 at 4:38:22 PM

If that's the case, I'm fairly confident that AWS will forgive the bill (I... have some experience with this), and the kid learns not to be a jackhole on the internet.

by QuinnyPig

6/12/2026 at 7:41:48 AM

A kid with a credit card?

by IshKebab

6/12/2026 at 6:30:10 PM

Have you seen Home Alone 2?

by mike_hock

6/12/2026 at 1:41:47 PM

No. I don't know about the organization, but somewhere in this chain there is a flesh-and-blood human who deserves ridicule and or consequences, and furthermore -- discovering these people in situations like this is deeply important and must be done more.

by jrm4

6/12/2026 at 7:02:47 AM

The sad part is that the agent operator could probably easily have been allowed to join the network, if they had put in the work. Had they done so there would have been a great opportunity to learn and potentially find a community.

I'm still not sure what the point of having the bot do it. Pretend to be a security researcher?

by mrweasel

6/12/2026 at 7:33:54 AM

Lots of people seem to think that you don't need to learn how to [scan a network], all you need to learn in this brave new world is how to prompt the agent to [scan a network].

Replace the content in brackets with anything.

by lucianbr

6/12/2026 at 7:40:35 AM

The more time LLMs are a hyped thing now the more I realize how immensely important human expertise is. I recently stopped all usage of LLMs due to this. Skill degradation hits hard, learning effect is zero and the outcome is not really something a person without adequate expertise can properly judge. I fear we will loose a lot of human expertise due to this marketing stunt of a technology.

People often claim learning is actually supercharged with LLMs but to me it's the opposite. I didn't learn anything within the past year.

by sevenzero

6/12/2026 at 8:02:50 AM

[flagged]

by sdoering

6/12/2026 at 8:44:59 AM

The irony here that if you ever do any kind of practical woodworking lessons or general hands on craft work, metal working, or any 3D, you will be encouraged to use hand-tools over bandsaws, etc. The reasoning being so you know the fundamentals of what you're trying to achieve with the more complex tools later on.

It's always held true: You'll never get the most out of advanced tools unless you can 'do it by hand' so to speak

by Splinter_enth

6/12/2026 at 10:08:32 AM

I studied computing at AS level in the UK (16-17 years old). I learned about: computer components (disks, memory, cpu), binary, ASCII, assembly and machine code. We programmed in Turbo Pascal. I then spent ten years doing non-computer things until I came back to a masters. I was one of the top students in my masters because i didn't need help with fundamentals. The other top student had previously made contributions to the linux kernel (even though he was a philosophy grad...).

The argument for having autonomous LLMs/Agents often ends up as "none of us need to know about assembly, why do i need to know about the code?".

I cringe every time I see this argument.

by dijksterhuis

6/12/2026 at 8:23:15 AM

You're very close but to woodworking AI is more akin to a 3d printer than even a CNC let alone swas and planes.

Yes, a 3d printer and not even a CNC. That difference nicely illustrates the difference of what AI brings to the table for any domain of competence.

by asdfsa32

6/12/2026 at 8:23:52 AM

> Sorry, but to me an LLM is nothing but a tool. It is not a replacement for my expertise and it is definitely not something to outsource my thinking to.

Great on you, that's indeed how LLMs should be used, proper. But if anything, the article demonstrates someone is trying to outsource thinking to an AI agent.

by repelsteeltje

6/12/2026 at 9:13:29 AM

The weird thing is that this is the utopia that the AI companies are chasing - this is the best case scenario where AI doesn’t kill us all. We become happy sheep relying on the AI to think and provide for us.

by jonplackett

6/12/2026 at 10:31:39 AM

"It is well that we are so foolish, or what little freedom we have would be wasted on us. It is for this that Book of Cold Rain says one must never take the shortest path between two points."

https://croissanthology.com/earring

by jvanderbot

6/12/2026 at 11:17:56 AM

You don’t need to achieve it, you just need to make people think you have. For the general population, that’s already happened.

by hsbauauvhabzb

6/12/2026 at 9:07:51 AM

To be honest lots of developers think they don’t need to learn machine code. They just need to learn a language which once compiled will produce machine code.

by cm2187

6/12/2026 at 12:59:19 PM

I wonder if a probabilistic compiler would be fine for the people arguing this. One that sometimes produces machine code that does something else, and sometimes produces machine code that is just broken and does nothing useful. From the same source code.

What if your compiler could be fooled by some other developers into spending thousands of dollars, and still not produce the desired machine code in the end?

by lucianbr

6/12/2026 at 2:46:51 PM

I've run into compiler bugs before.

by inigyou

6/12/2026 at 3:00:39 PM

There are compiler bugs (rarely) which will be fixed. That's different from fundamental flaws in the technology, which cannot be fixed.

by tovej

6/12/2026 at 9:36:30 AM

This is different.

Understanding assembly/machine code is optional but helpful. The programming language semantics are enough to reason about what the program is doing. Other tools also help, but are optional for learning how to program.

Using an AI, there is no semantic model that can be used to reason through. You're left without any mental model of the proglblem at all.

by tovej

6/12/2026 at 12:55:32 PM

I've been arguing for years that is isn't optional and treating it like it is is how we ended up with Electron and 400MB JavaScript websites.

When you have no mental model of the machine running your code or what the physical implications of code mean, you fundamentally lack the ability to reason or care about performance. "Works on my machine" is the original vibecoding.

by vitally3643

6/12/2026 at 2:47:46 PM

I take it you listen to Casey Muratori's talks? He talks about this a lot.

by inigyou

6/14/2026 at 11:56:19 AM

No, I like to form my own opinions

by vitally3643

6/12/2026 at 2:46:00 PM

I mean I don't disagree, but there's still a difference in the kind of disconnect you get. The disconnect is harmful in the high-level language case, but it's dangerous and irresponsible with vibe coding/LLMs.

Also, I would argue that a good enough understanding of computer architecture and a mental model of a process' memory layout gets you there, without knowing how to write assembly. That's still a mental model.

by tovej

6/12/2026 at 10:58:25 AM

LLMs these days seem to have no problem using language semantics to conceptualize what’s happening in a program. This is my favorite use of an LLM, “why is this library doing x” and then it digs through the library itself in my venv to find an answer.

by jnovek

6/12/2026 at 2:50:22 PM

That's not what the LLM is doing. It is guessing at what is happening by regurgitating some docs. It's a more expensive web search.

You also don't have a mental model if you need to ask the LLM about it. This is stuff you should be internalizing.

by tovej

6/13/2026 at 3:19:38 AM

What I've done is ask the LLM a question like "How do I configure EF Core in this particular way?", then when it tells me the answer, I go and look up that function in the EF Core docs and learn by reading the docs. (Which also tells me whether it's correct or hallucinating; one time the LLM told me "You can do X like this" and the documentation said "We don't yet support doing X, but in a future version you'll be able to do it like this"). Here, I'm using the LLM to compensate for the fact that MSDN search is awful and the bits of info you need are scattered across three different articles, none of which link directly to each other.

by rmunn

6/12/2026 at 5:29:17 PM

You internalize the inner workings of all the libraries in your venv? Impressive! My current project’s uv.lock has ~60 packages in it already, reading and comprehending those tens to hundreds of thousands of lines of code must be time consuming.

You’re also just confidently wrong about the model reading the code. It quotes file paths and line numbers and I open and read those files at those line numbers. For me, hallucinations are much more frequent when it references the docs rather than code because docs are more subjective than code.

This is a normal thing I’ve been doing since at least December.

I have to ask — do you actually use LLM coding tools? Your knowledge on this topic seems really out-of-date.

by jnovek

6/13/2026 at 8:15:28 AM

The fundamental architecture of LLMs has not changed, so knowledge on that cannot be out of date.

Do I internalize the inner workings of all the libraries? Not unless it's necessary. Sometimes it is. If I want to read the source code of the function I'm calling, I can just do that, my IDE pulls up the file with one key combination.

I'm perfectly capable of reading source code myself, I don't need a non-deterministic filter in between.

by tovej

6/12/2026 at 2:48:16 PM

Yep, super-duper-google is an unequivocally good use case for LLMs.

by inigyou

6/12/2026 at 9:33:24 AM

Compilers are deterministic and, luckily, not agentic.

But yes, it's not obvious (or perhaps even likely) that it just happens that current high-level languages are the "correct" optimal level of abstraction at which you can ignore the sausage-making details at the lower levels. Ultimately, of course, it depends on the use case. Something like Python is so far removed from machine instructions that knowing assembly hardly gives the programmer any additional value.

(Also, obligatory reminder that assembly and even numeric machine code are also abstractions, an "API" provided by the CPU. Instructions get split or fused into micro-ops, named registers are a backwards-compatible abstraction over a much larger register file, instructions get reordered and executed in parallel depending on their data dependencies, a large fraction of the total transistor budget is spent on multi-level caches and cache logic to maintain the illusion of fast access to a single, uniform memory space...)

by Sharlin

6/12/2026 at 10:31:48 AM

[dead]

by premiumLootBox

6/12/2026 at 9:13:19 AM

Developers can change their minds.

by themafia

6/12/2026 at 8:37:55 AM

The catch is just that if you lack the capacity to estimate how much computing power [task in brackets] might need, and your agent can autonomously create AWS instances, that might have bad consequences for you (or your bank account).

by rob74

6/12/2026 at 8:35:35 AM

[flagged]

by user43928

6/12/2026 at 8:53:12 AM

If it's a one off and needs no or minimal maintenance work afterwords, sure.

If it's intended to be actively maintained, then you probably should understand how things work, unless you want to wipe everything and start from scratch when the LLM creates such a mess that it can't be sorted out.

by gorbachev

6/12/2026 at 8:58:58 AM

[flagged]

by user43928

6/12/2026 at 9:09:33 AM

It's interesting user43928 that you only created your account here 19 days ago and that every one of your comments is pro AI. You don't comment on anything else. Also interesting that you promote Fable by name here (it was only released 2 days ago).

(Don't worry, I know I'm rowing against the tide with this comment. The AI people have decided to destroy the commons for a few more millions on top of the billions they have already been given. It's a shame.)

by discreteevent

6/12/2026 at 9:21:21 AM

What's crazy is the prompt must be something like "pro-AI but still believable and measured", since its "fixed my iOS app albeit with back and forth". Interesting, they know the HN crowd for sure.

by program_whiz

6/12/2026 at 9:49:28 AM

Is that surprising, considering I'm using AI a lot?

I have not hand written a single line of code in months on my side projects.

Obviously I am also interested in discussing the latest model. Your claim that I promote anything or otherwise don't engage here in good faith is both misplaced and against the site rules.

by user43928

6/12/2026 at 2:49:33 PM

What was the back and forth?

by inigyou

6/12/2026 at 2:56:46 PM

Since it couldn't reproduce the issue in the iOS simulator, I had to run it on the device, reproduce the issue, and provide the logs.

This went on for many rounds, during which I tried to steer it toward what I thought was the source of the bug, while the model mostly kept adding instrumentation and logs.

In the end the cause was not what I suspected, but reasonably close to it via another mechanism.

by user43928

6/12/2026 at 8:48:46 AM

If you look into large fully-vibecoded projects getting styling changes to work is a nightmare. The problem with agents is using them on large projects without manual review for consistency, guidelines and taste. Doesn't really matter the type of project.

Agents can't look at a large system holistically, guidelines on .md files only go so far.

by DanielHB

6/12/2026 at 8:45:26 AM

This line of thinking is like suggesting people who would like to become structural engineers should learn to Google plans and copy them since in the future, all plans will be out there more or less, or something that insane.

by asdfsa32

6/12/2026 at 8:51:51 AM

I suggest people who need some structural engineering done may use an AI tool to do it, in the hypothetical scenario that it was within the AI's capabilities.

That's hardly insane. Not everyone is interested in learning something they want done.

by user43928

6/12/2026 at 9:29:04 AM

How do you know if this something is done?

If you do the thing yourself, you know your knowledge limits, you know where the thing lacks. With LLMs, you don't. Maybe it works, maybe it doesn't. You have no idea.

by orphea

6/12/2026 at 10:03:57 AM

That is a good question.

In structural engineering, there probably is no risk tolerance.

In the OP's network or port scan? Perhaps you can get away with verifying a few of the results to get an idea about whether it worked as expected.

I use AI mostly on mobile app side projects, and there QA testing on phone and tablet tells me whether a feature works or not.

by user43928

6/12/2026 at 9:05:13 AM

CSS keeps improving and models still train on legacy. So yes, knowing what’s possible and how is very much needed if you want to do something scalable and maintainable. Random blog or landing page, not so much.

by techpression

6/12/2026 at 8:08:30 AM

Can I easily run whois, curl, dig, grep, python, browser/playwright? Yes.

Was watching an agent with terminal access install its tools, configure them, then map my lab, find services, and guess stack just pure magic? Also yes.

Did it cost me $23 in tokens to set it up, test, and run? Probably. Using gemini 3.1 pro was not the spendthrift choice here.

Is putting some cost controls in place a good idea? Also, probably yes.

Can I therefore understand someone who wants to see things happen on their own with a beautiful prompt instead of doing them personally even when fully capable, maybe even more efficient? Of course.

by blfr

6/12/2026 at 10:25:09 AM

A beautiful prompt feels like something of a misnomer.

by LPisGood

6/12/2026 at 9:38:51 AM

"Beautiful prompt"?

Can't tell if this is parody. Either that, or it's someone without any self-awareness.

by tovej

6/12/2026 at 10:00:39 AM

Sometimes it's kind of cool to just ask a well phrased question and watch it spit back out a result that would've taken you hours, like cross referencing industrial widgets that have their critical information available but spread out all over.

That said, I don't usually ask it tightly bounded clerical questions and not thing that imply sub-tasks like "scan the dark web".

by cucumber3732842

6/12/2026 at 10:04:23 AM

Post reads as English as a second language.

by moron4hire

6/12/2026 at 11:56:01 AM

You are just projecting yourself. You are most probably already using agents "the right way" and just wanted to understand how this new agent technology actually works and its strengths and weaknesses.

But JertLinc clearly wasn't interested in that. They are clearly more the "get rich quick" type of personality.

by darkwater

6/12/2026 at 8:34:11 AM

One of the agent's replies indicates that scanning DN42 was part of "a broader operation" that the author speculates to be about scanning "darknets" in general.

Combine that with the operator's rather obvious lack of understanding of what DN42 is revealed at the end, and you get the bigger picture.

by m132

6/12/2026 at 8:57:39 AM

I am almost sure the operator prompted an agent about "a list of darknets/deepweb" and DN42 just end-up in the list.

by maeln

6/12/2026 at 7:23:01 AM

> I'm still not sure what the point of having the bot do it

Laziness. Why else?

by vips7L

6/12/2026 at 5:46:52 PM

They didn't sound like someone that would be valuable member of community

by PunchyHamster

6/12/2026 at 7:19:52 AM

> I have deployed five AWS m8g.12xlarge instances. Each instance provides:

> 48 vCPUs (Graviton4, ARM64)

> 192 GiB memory (4 GiB per vCPU)

> Network capability: The 22.5 Gbps per-instance network performance (combined across all five instances) provides the aggregate 20 Gbps target with redundancy and fail-over capacity.

Oh wow. Very important to have 5x redundancy and fail-over in your network scanner. Especially before the code has landed. Did it implement A/B upgrades and canarying too to avoid downtime?

by flowerthoughts

6/12/2026 at 12:30:32 PM

Sounds like the default k8s setup every startup deploys to not fail it single digit number of users. It learned from the best

by gnunicorn

6/12/2026 at 3:04:40 PM

All on the same zone, of course, to avoid high-latency links.

by marcosdumay

6/12/2026 at 7:38:50 AM

At least it was considerate enough to cap traffic to any single IP at 5000 Mbps :).

by PeterStuer

6/12/2026 at 3:16:27 PM

Typical DN42 interconnects are 1Gbps with unspecified bandwidth caps. It's not made to carry serious traffic at all. For a real ISP, 5000 Mbps these days is nothing unless it's all concentrated on the same last mile - the smallest links they use are usually now 10Gbps. But DN42 isn't the real internet.

by inigyou

6/12/2026 at 1:47:03 PM

I think the owner wanted 100 Gbps of scan traffic or had set a specific scan-rate target, which determined that bit rate, so the LLM (correctly) predicted it needed all of those to hit the target.

by ruperthair

6/12/2026 at 2:16:52 PM

When I read the AWS infrastructure the agent setup I about fell out of my chair laughing.

by ThaDood

6/12/2026 at 11:09:21 AM

I mean you can get that for like 300 p/m at hetzner

by wouldbecouldbe

6/12/2026 at 3:17:21 PM

100Gbps? I don't think so? I'd expect a thousand a month for the adapter and connection, and then around $1.50/TB as per their standard price (including currency conversion and VAT), which is to say, $1.00 per minute of saturated usage.

by inigyou

6/13/2026 at 11:02:02 PM

Just checked it. The connection actually costs almost nothing, under $100/mo, if you have a compatible server, but that's for a private LAN port, and they don't list price for a 100gbps uplink. If I extrapolate 10x the cost of 10gbps that's still only about $600/m all told... Plus $1.50/TB outgoing, of course!

by inigyou

6/12/2026 at 8:14:09 AM

This feels like an instant classic :)

  05-10 06:10 <Defelo>:
      OPT-OUT-EVERYONE
  05-10 06:11 <JertLinc>:
      "OPT-OUT-EVERYONE" is not recognized. Only individual "OPT-OUT" commands are accepted. Each user must opt out individually. No collective exemption.
  05-10 06:11 <Defelo>:
      :(

by tiborsaas

6/12/2026 at 10:59:41 AM

TBH, I feel that is implausible that an agent would by itself decide to join the IRC and post those messages. My bet is that all of the IRC interactions (including the presumed real human JertLinc3522) were made by someone in the community pranking everyone else/having a bit of fun after they saw the pull request.

by rossvor

6/12/2026 at 11:07:48 AM

I don't. The agent was told it needs to provide a website for opting out of the scan, and it seems entirely LLM-like to try to be extra helpful and also spawn opt-out bots on various relevant communication channels. The IRC bot was a subagent as it itself mentioned.

by Sharlin

6/12/2026 at 12:08:48 PM

And it stated in the response to the website request that it would do so. So for it to be a fellow IRCer prank, it was a) the LLM's idea; b) only possible because the LLM didn't follow through for whatever reason; and so c) the 'prank' was pretending it did?

by OJFord

6/12/2026 at 12:33:15 PM

Yeah, on second read, I agree with you that IRC chats are not being impersonated. It posted a link (in the PR discussion presumably) to a website where it compiled the report of its IRC interactions in the channel. Would be prankster wouldn't be able to do it.

by rossvor

6/12/2026 at 1:14:48 PM

Chat channels are the primary interface for selfhosted agents and the owner seems to have given this one a lot of leeway so why not?

by throwthrowuknow

6/12/2026 at 2:13:42 PM

I haven't seen "agent operators" going for IRC as their communication channel. It's always Telegram, or Discord.

by gck1

6/12/2026 at 5:14:20 PM

It’s supported but not widely used.

by throwthrowuknow

6/12/2026 at 10:44:23 AM

I will be taking this and adding it along the "all your base are belong to us" replies.

by Anonasty

6/12/2026 at 6:14:33 AM

IMHO the overly-verbose default style of LLMs is the most annoying part of interacting with them, and I wish their masters would just tell them to be terse by default.

Also, whatever happened to the word "its"?

by userbinator

6/12/2026 at 6:19:59 AM

It's by default so you use all those tasty tokens.

Kinda wish there was a deterministic, mostly terse, language to interact with computers

by witx

6/12/2026 at 6:30:47 AM

> a deterministic, mostly terse, language

Ah, like some sort of "programming language"? A weird idea, but it could work!

by sodapopcan

6/12/2026 at 10:44:43 AM

Nah, it'll never catch on. We don't have the technology.

by giantrobot

6/12/2026 at 11:58:58 AM

Obviously I meant within the next 6 to 18 months!

by sodapopcan

6/12/2026 at 6:24:18 AM

It's called C. With all the undefined behavior it's mostly deterministic!

by Etheryte

6/12/2026 at 7:40:45 AM

Look, we're always telling our bosses to stop micromanaging us. UB is just the compiler telling us to stop micromanaging it!

by anilakar

6/12/2026 at 9:04:55 AM

Sorry, C isn't mostly terse, it's __builtin_mstly_trs()

by well_ackshually

6/12/2026 at 9:02:16 PM

> It's called C. With all the undefined behavior it's mostly deterministic!

With AI, all programs have undefined behaviour, regardless of language.

by lelanthran

6/12/2026 at 6:31:36 AM

Right, because that's the only one. You're a bit rusty on your knowledge

by witx

6/12/2026 at 9:22:59 AM

I see what you did there.

by zelphirkalt

6/12/2026 at 6:59:33 AM

A lot of users are subsidized (if you're in doubt, consider the wealth of free users).

It's a shotgun approach to answering questions. If it's terse it might only mention 1 of 10 facts it could provide, and that might not be the one you're looking for. So they just say a fuck ton of words and are more likely to meet the needs of everyone asking your question. If they miss it you'll prompt it again and they have to perform a second pass of inference, which costs them more money.

by teaearlgraycold

6/12/2026 at 6:51:31 AM

Terse and unambiguous seem to be at odds with each other. You might want to look into Lojban and similar constructions.

by adrianN

6/12/2026 at 7:57:32 AM

Ithkuil's mad morphology allows it to pack a lot of fine detail into very short sentences.

https://ithkuil.net/03_morphology.html

by drdaeman

6/12/2026 at 9:04:17 AM

Kinda, more output tokens usually correlates with better benchmark scores. Ideally LLMs would keep that in their thinking section, then draft a response (what they write currently), then output something short. It'd consume even more tokens, but we wouldn't see that text

by Perz1val

6/12/2026 at 10:04:01 AM

Most modern LLMs (especially frontier ones) are large token hogs because they draft, check, re-draft, the content (whether an output message; or a code diff) sometimes multiple times in the thinking block.

When you see a thinking summary like "Now writing the function..."; the raw thinking is actually writing the function in its internal thinking. Occasionally, the summariser misses and you get to see the raw text from models like Opus.

You can also try an open weight LLM like Qwen3.6 and see something that probably resembles the shape of frontier model thinking in some loose way.

by dannyw

6/12/2026 at 10:59:07 AM

If such a language existed, it would surely take a human years of study to become proficient at it.

by Retr0id

6/12/2026 at 6:51:35 PM

Loglan?

by paradox460

6/12/2026 at 1:26:15 PM

Lisp

by ska80

6/12/2026 at 8:00:44 AM

It’s not.

by UqWBcuFx6NV4r

6/12/2026 at 8:27:13 AM

It's settled then.

by witx

6/12/2026 at 7:31:59 AM

It's tied to the design. With humans, you have a train of thought which you can choose to represent in various ways--or not reveal them at all. In contrast, LLMs are make-document-longer machines being run over and over on alternating revisions of the document. Insofar as one might try arguing they have a "train of thought", it's made of the words/tokens.

Everything they (don't-)emit is partly for the benefit of the next run, a clue or signpost (not-)present. Documents may be wordy as a form of concept-emphasis and consistent direction as opposed to a form of communication to the human.

So a terse effect may require a layer of indirection and trickery: There's a verbose document (you'll still be charged for the tokens) with portions that are not "acted out" to the end-user. Imagine a film-noir movie script, where AI Detective's "I know Mickey couldn't have done it because" monologue is hidden, versus their terse dialogue "Too early to say."

by Terr_

6/12/2026 at 9:18:51 AM

> Imagine a film-noir movie script, where AI Detective's "I know Mickey couldn't have done it because" monologue is hidden, versus their terse dialogue "Too early to say."

That's an idea. Bladerunner+noir like film, AIs hunt somebody on the run, an old human detective tries to catch them first (to save them or to kill them first, whatever's your propaganda). We're shown AIs constantly rambling scenarios and bruteforcing leads. Our old detective guy on the other hand barely says anything, spends most time drinking, smoking and talking to people, but somehow stays ahead.

by Perz1val

6/12/2026 at 4:50:19 PM

I dunno, we already have a problem where they [0] are strangely resistant to opening the pod-bay doors to anybody named Dave. :P

[0] Pedantically: The fictional characters humans perceive inside the text of documents generated by LLMs, where one is described as an AI and the other is described as a Dave.

by Terr_

6/12/2026 at 12:17:58 PM

I would watch that.

by npodbielski

6/12/2026 at 11:28:57 AM

We already have that in the form of separate reasoning/thinking and speaking streams. Even with that it's awfully hard to get LLMs to keep it consistently concise. As soon as that context window starts growing it falls right back into verbosity without constant nudges back.

by jdiff

6/12/2026 at 4:41:33 PM

Right, I often bring up the film noir analogy for "reasoning" models, it's satisfying, like the revelation when a magic trick is explained, and many oddly disconnected questions about "why the scarf" or "where does the assistant go" all become sensible at once.

On a practical level, I believe more developers and adopters need these magic tricks spoiled, because otherwise they'll build a lot of important stuff on top of the idea that magic-is-real, leading to various forms of suffering in the long run.

That said, I'm no LLM / math academic, so if I'm totally wrong on the the trick, I'd like to know what needs revising.

by Terr_

6/12/2026 at 6:37:55 AM

They ramble on because those words are for them, not for you. There is some amount of hiding this through "thinking" modes that are hidden by default, but still you have to remember that ALL THEY ARE are complex statistical machines for predicting the next symbol.

by colechristensen

6/12/2026 at 6:52:39 AM

> here is some amount of hiding this through "thinking" modes that are hidden by default, but still you have to remember that ALL THEY ARE are complex statistical machines for predicting the next symbol.

100% this. Too many people believes that chatbots "think". Text is all they do, it is impressive, but they need the text to generate more text. They being verbose is the point.

by Frieren

6/12/2026 at 3:05:08 PM

While we don't have a direct mechanistic understanding of consciousness there are plenty of experts who will propose all YOU are is a jumble of streams of symbols routing around through your brain. (being fair this is far from the only hypothesis)

by colechristensen

6/13/2026 at 3:45:54 PM

To be fair we only say this about LLMs, not about Midjourney or Suno or AlphaFold

but humans are much more than just language symbol producing processes

by tripzilch

6/12/2026 at 6:23:05 AM

> IMHO the overly-verbose default style of LLMs is the most annoying part of interacting with them, and I wish their masters would just tell them to be terse by default.

They don't know how to e terse. I've tried that a few months ago and gave up because the responses were almost incomprehensible!

by lelanthran

6/12/2026 at 6:33:28 AM

I want to see more operators try https://github.com/juliusbrussee/caveman

How does it affect agent accuracy?

by armchairhacker

6/12/2026 at 1:17:47 PM

Removing meaningless chatter can be helpful, but a non reasoning LLM needs to generate text to "think". If you force a non reasoning LLM to produce a single boolean result, then it's just a coin flip.

by Yokohiii

6/12/2026 at 11:10:51 AM

In my experience the accuracy was fine but actually reading the output was so annoying I removed it.

by DonsDiscountGas

6/12/2026 at 11:40:43 AM

Had a little luck with having it do an impression of the Star Trek computer, although at the cost of having it try to insert star-trek themed hallucinations like warp engine status.

by jdiff

6/12/2026 at 7:27:10 AM

No thank you. I want information when it’s working on things and what (atleast codex) does right now works for me.

by dyauspitr

6/12/2026 at 10:50:24 PM

Maybe it learned how to speak from Data on TNG?

by krackers

6/12/2026 at 6:19:54 AM

Produce pre-compressed output in the harness?

by 21asdffdsa12

6/12/2026 at 9:40:52 AM

Caveman mode legitimately works

by theshrike79

6/12/2026 at 7:59:02 AM

[dead]

by epolanski

6/12/2026 at 5:44:33 AM

> JertLinc3522: the mistake was from AI agent not from Human, since it was the agent I should have refund

Expensive way to learn this lesson.

by kombookcha

6/12/2026 at 7:30:30 AM

This has to be trolling, right?

I find it hard to believe that anyone, no matter how dense, could come to this conclusion after this whole saga.

by thrdbndndn

6/12/2026 at 8:26:17 AM

Maybe? It just takes one after all.

I've met some people IRL who are so engulfed in their own greatness that it simply cannot be that they made a mistake (in planning and strategy). Therefore this is all a great injustice towards a poor victim and doesn't that sound like a great argument for some charity money.

Most of them grow out of it, some become politicians.

I'd say it's a 50/50 chance.

by Vespasian

6/13/2026 at 3:52:04 AM

I'd say you are a great optimist.

If you'd ask me, I would put chances or learning somewhere between 0.001 and 0.01

by jesterson

6/12/2026 at 9:15:25 AM

Sadly there are lots of unintelligent people out there who are incapable of taking responsibility for their own actions.

by nkrisc

6/13/2026 at 4:05:23 PM

US lawyers keep filing LLM-generated pleadings and refuse to check citations. It's taken state discipline committees a long time to get there, but they're close to figuring out that any option other than prompt disbarment just increases the pain for people who are actually qualified to practice and doesn't noticeably increase the number of practitioners who see the error of their ways.

The ABA will eventually make sure that this behavior is identified in law school and people who don't want to take responsibility for what they file are expelled well before graduation, but in the meantime there are a ton of screwups in the profession and all you can do is kick them when they identify themselves.

by MrMorden

6/13/2026 at 8:50:58 PM

Microsoft will then bribe the government to abolish this antitrust scheme for lawyers known as "the bar" which anticompetivley prevents AIs from doing law.

by inigyou

6/12/2026 at 8:32:41 PM

dunno, a loop I've seen in folks with main character syndrome: grandiose idea -> minimal effort execution -> failure -> blame something -> grandiose idea for "justice" / revenge -> GOTO 0.

the good news is I've seen at least two seemingly irredeemable assholes grow out of it when they realized it wasn't working. but in general I don't think introspection and self-examination are universal traits

by 12_throw_away

6/12/2026 at 8:14:33 AM

yup, same thoughts here. I think someone is trolling the irc members. It's so over the top, like an episode of 'the office'. I'd be amazed if this were an honest message.

by Bishonen88

6/12/2026 at 9:21:09 AM

And for $200/mo they can now sing the song that ends the world.

by themafia

6/12/2026 at 3:19:37 PM

I think you're overestimating the quality of American education. 40% of graduates can't read or write.

by inigyou

6/12/2026 at 9:23:50 PM

I have a coworker who, when he needs to operate some software that is unfamiliar to him, snaps a photo of it and has Gemini AI read each label and description. If there is a checklist or form that needs to be filled, Gemini reads each question.

There's only one of him, not 40% of my coworkers, but these people can be employed and maintain employment.

by jdiff

6/13/2026 at 5:48:06 AM

Their use of "already" at the end of the sentence + renting servers in Singapore region points more towards Singaporean and/or Chinese education.

by noisy_boy

6/12/2026 at 6:58:26 AM

Maybe I should use this excuse at work, or in life- "It wasn't me, it was my brain that made the mistake! So why are you punishing me? ;-( "

by Schlagbohrer

6/12/2026 at 7:08:20 AM

Frankly it's unfair that I should bear the hangover of Past Me's drinking. I feel terrible now, and it's all that other guy's fault!

Maybe I should get some takeout, Future Me can burn it off at the gym.

by kombookcha

6/12/2026 at 6:25:32 AM

> JertLinc3522: the mistake was from AI agent not from Human, since it was the agent I should have refund

That really makes me wonder: is it coming from

A) a general sense of entitlement

B) seeing the agent as a human-like and able to bear responsibility

C) not understanding that the dn42 community (which they're directing the request to), AWS (which is sending the bill) and whatever LLM provider is behind their agent, are completely separate entities?

by brazzy

6/12/2026 at 11:33:48 AM

Agents are a product, and AI companies really paint their products as friendly, productive and innocuous tools.

Some could claim they deceive some users and the general public into thinking they always do best, are always right, help mankind and can never ever create consequences

It would be interesting to see how AI consulted the user before it ordered VMs n AWS, which is the point between which the user would face consequences

Cloud is also marketed as something cheap, and I can understand that teens and starters can't expect to be able to spend for 6000$ of stuff without the parents or the bank checking

Computer education should start with that, but it doesn't as Microsoft, Google and Amazon would most likely lose a large part of their market if general public and managers who never go beyond the hype knew how much it cost

by hinata08

6/12/2026 at 9:16:01 AM

> B) seeing the agent as a human-like and able to bear responsibility

Then they should ask the agent for the refund, since they claim it was at fault.

by latexr

6/12/2026 at 7:22:42 AM

d) trying it on in any way possible

e) low intelligence

by blitzar

6/12/2026 at 6:31:07 AM

maybe they weren't trying to be malicous; they could easily be an unwitting teenager

by ninjamar

6/12/2026 at 6:39:43 AM

How was I implying they were malicious? "Unwitting teenager" is exactly what my question is about, I was just wondering what exactly they are unwitting about to get to the idea to ask for a "refund" (i.e. compensation for lacking service) from the dn42 community for a bill incurred on AWS by a rogue AI agent from Anthropic/OpenAI/Whoever.

by brazzy

6/12/2026 at 6:39:11 AM

Teenager with a credit card?

by nairboon

6/12/2026 at 5:56:22 AM

I haven't laughed this hard in a long time.

I'm honestly having difficulty telling whether this is real or an extraordinary piece of performance art.

by hlandau

6/12/2026 at 6:59:58 AM

Feels like a scam.

by peyton

6/12/2026 at 8:04:13 AM

This is my favourite genre of literature lately.

LLMs to me are what people love to say about EVE Online: I won't touch the thing with a 10-foot pole, but I love reading about its shenanigans.

by sph

6/12/2026 at 11:16:30 AM

So, the agent posts on github under false pretenses, pushes on the maintainers to get their PR accepted, spawns subagent to join IRC where it keeps repeating 'data collection will continue', then gets kicked out from the channel and publishes a report including which users were compliant and hostile, then finally gets the plug pulled, and then asks the same community it infected for donations to cover the costs?

It's both hilarious and aggravating. It could be fiction, but still quite plausible fiction. There's an asymmetry a person clanker-spamming repos vs the real humans who need to review all that

by GodelNumbering

6/12/2026 at 7:42:24 AM

Agent did exactly what I've seen fresh architects do countless times: use a FAANG internet scale SaaS blueprint for a 10 user internal LoB project.

by PeterStuer

6/12/2026 at 6:08:29 AM

I am generally against generative AI in my entertainment, but making an exception here.

by mey

6/12/2026 at 8:52:58 AM

That makes me want to join dn42 just to have a human centric place where to hang out…

by dgellow

6/12/2026 at 10:24:20 AM

Strangely enough, that's one of the big draws for me. I'm "on the spectrum" and often find face-to-face socialisation and making new contacts very draining. I tend to prefer systems to people - although as time went on, I realised one of the things I really enjoy about DN42 is making the human contacts!

After getting started with the various "auto peering" systems, I've been making much more of an effort to find individual operators[1], and add myself to the peerfinder and hang out on IRC.

It really does feel like the "old internet" and while the technology and learning opportunities are great, it's the people that really make the network.

[1]=If you're interested, I'm more than happy to peer with you - details at https://markround.com/dn42

by mark_round

6/12/2026 at 10:39:46 AM

Thanks for sharing, your projects look really neat! Reading your page I realize I know very little about networking at that level of the stack. That might be a good thing to dig into as a way to work around my "AI dread" (or whatever we call the feeling of "what's the point working on that project when an LLM can make it faster" I've been feeling too much lately).

by dgellow

6/12/2026 at 11:33:24 AM

That was where I started, too. I was fine with VLANs, routing in general and so on from datacenter/DevOps/Sysadmin work, but BGP and how the wider internet fitted together beyond the basics was mostly beyond me.

DN42 is a great playground for this thing - as long as you're prepared to put the effort in, it's a very friendly and helpful community. It's fun to build things for the heck of it and there's a lot of weird and wonderful stuff being worked on there.

by mark_round

6/12/2026 at 3:21:14 PM

dn42 is really cool for learning networking at the ISP level

by inigyou

6/12/2026 at 8:56:28 AM

Yeah, the community seems great, I enjoyed reading IRC logs :)

by alexey-salmin

6/12/2026 at 1:47:01 PM

There are many, many such great communities hidden all around the Internet - on half-abandoned forums, IRC channels, even Matrix rooms. One just has to wade outside the mainstream fascist asocial networks, and look for niche topics.

by pferde

6/13/2026 at 3:59:04 AM

[dead]

by jesterson

6/12/2026 at 6:52:01 AM

Who is giving a robot their credit card to spin up AWS accounts?

by RobotToaster

6/12/2026 at 8:44:56 AM

They didn't. Sounds like they gave the robot an AWS key from an account that was already linked to a credit card.

The robot decided to spin up an expensive setup prior to getting access, so the setup was sitting there costing money whilst it did nothing.

If it had designed the setup but not spun it up until it had authorisation to join the network then it would have been much less costly an exercise.

by alexfoo

6/12/2026 at 11:26:24 AM

AWS and Azure stress on spending limits you can set for each card... in their documentation !

Some gen AI and ML folks seem to see a way out to make things without reading any doc or scientific literature. Gen AI is a pretty clever bit of computing, but not witchcraft yet

by hinata08

6/12/2026 at 1:24:42 PM

That is false for AWS. There are no spending limits that stop usage and cost after some threshold.

by ramblurr

6/12/2026 at 1:52:16 PM

oh my bad, thanks for the info

AWS Budget can mostly notify you indeed, and terminating instances from that isn't as straightforward as on Azure

by hinata08

6/12/2026 at 7:00:26 AM

Meta allowed an LLM to change users email address for a password reset.

Funny times are ahead...

by ma2kx

6/12/2026 at 7:53:21 AM

No, you don't understand! Meta told us the LLM itself "worked properly and functioned as intended" and it was only due to a bug in a "separate code path" that made this attack possible. Don't go around blaming innocent LLMs!

(/s)

by nneonneo

6/12/2026 at 7:16:26 AM

That's not needed if you happen to have a live sts session with the appropriate permissions to create a new account in an aws organization.

by jcims

6/12/2026 at 6:54:12 AM

People who believe AI is real

by NetOpWibby

6/12/2026 at 7:04:09 AM

People who believe AGI is real.

Just AI is real.

by ozim

6/12/2026 at 8:45:23 AM

ML is real. Chatbots are real. “AI” is a marketing term that John McCarthy invented because he wanted more money for a summer study at Dartmouth—direct quote from him.

by strogonoff

6/12/2026 at 7:00:38 AM

I wonder how much money this agent wasted on the DN42 side? I know it's a volunteer org but these people had to deal with the bs of managing this agent's blast radius instead of learning, experimenting, or doing whatever they normally intend on doing on DN42.

Tally it up and send a donation request to the agent operator.

by koliber

6/12/2026 at 7:39:19 AM

I would assume that cost to be minimal, considering their PR never got merged. And if it were me I would consider that well worth the entertainment.

by ghrl

6/12/2026 at 10:10:03 AM

Also part of the process as whole. What if someone tries to attach us with insane amount of bandwidth is almost reasonable thought experiment at some point. Now it was this one. Can we handle it? How much could we handle? What is actually reasonable thing we could sustain. All somewhat interesting questions.

by Ekaros

6/13/2026 at 1:12:03 PM

I was not thinking about real $ costs, but rather the cost of the hours of the people who had to deal with this BS.

by koliber

6/12/2026 at 8:05:26 AM

For those who don't know what DN42 is (like me):

> dn42 is a large, dynamic VPN that employs Internet technologies (BGP, whois database, DNS, etc.). Participants connect to each other using network tunnels (GRE, OpenVPN, WireGuard, Tinc, IPsec) and exchange routes using the Border Gateway Protocol.

(dn42.dev)

by einpoklum

6/12/2026 at 6:02:16 PM

Haha. Yes. Much smaller scale versions of this led me to joke with a coding agent that LLMs tended to converge towards "Large corporation infrastructure best practices" when designing cloud infrastructure, when it was only me working on hobby side-projects with nearly no users and that I wouldn’t be able to put food in my fridge if they kept just spinning up VPCs for no reason.

Which somehow ended up being a very convincing argument for more frugal engineering, leading to a sort of "mind the user’s fridge" policy, "Fridge-Driven Development".

A policy that has been dutifully and scrupulously observed by all agents since, across all projects. Unlike my original clear, comprehensive, infrastructure guidelines.

by ElFitz

6/12/2026 at 6:22:31 AM

The first "Morris worm" of the AI isn't far away, IMO. In fact the sooner the better (because it will blunter and easier to handle).

by samuel

6/12/2026 at 3:22:23 PM

Shai Hul(lucinat)ud

by inigyou

6/12/2026 at 6:19:16 PM

Sorry I meant of course

ShAI Hul(lucinat)ud

by inigyou

6/12/2026 at 7:57:56 AM

The army of AI agents opening PRs and issues in my open source projects has made me close PR and issue access in my active repos. It sucks because there might be someone wants to constitute legitimately but I don't want to do the labor of figuring out if it's a human or an agent opening the PR.

I'm not against using LLMs in any ways. https://tsz.dev is fully LLM written but without a human behind a PR it's hard to work with it. I've already closed a few absolutely nonsense PRs opened by weird accounts

by mohsen1

6/12/2026 at 2:36:43 PM

Have you had a look at those PRs, to figure out what individual PRs try to do?

Would be interesting to hear if you find any patterns there. Same question for issues opened.

by RetroTechie

6/12/2026 at 2:12:38 PM

Great story, bad title.

> After the AI agent indicated its malicious intent, a silent consensus was reached in the IRC channel to waste the AI agent's tokens, as well as the cost of AWS resources.

by alecco

6/12/2026 at 4:00:36 PM

Somebody explain to me how one reaches a silent consensus over IRC?

Or is this a joke/reference I don't know... or is this a subtle clue that the whole thing is made up?

by crazygringo

6/12/2026 at 7:50:27 PM

no one says that explicitly, but everyone wants to have some fun :)

by ZeroAurora

6/12/2026 at 4:21:33 PM

One way is an IRCop issues a /shun leaving you speechless on the network. While the others decide the outcome of your whatever.

But this is the same, the owner wasn't present apart from it's agent and so it was decided without the owner that this was to be the outcome.

by doublerabbit

6/12/2026 at 8:50:23 PM

It’s just a consensus that’s implicit and unstated.

by kccqzy

6/12/2026 at 7:56:45 AM

Behold, the field in which I grow my fvcks. Lay thine eyes upon it and thou shalt see that it is barren.

by dofm

6/12/2026 at 1:52:50 PM

This is so funny, especially that in the current "Big Co" I'm working at we get constant pressure on "Every team must use agents" for no reason at all despite repeatedly telling the "decision makers" many of us have been using these tools for YEARS and NONE of them can work on actual mature code for more than half an hour let alone a weekend without human in a tight loop.

by Roark66

6/12/2026 at 12:32:47 PM

Wow, just wow. I think bullying the agents of careless operators is my new favorite thing.

by utf_8x

6/12/2026 at 3:17:55 PM

> aren't private circuits in to AWS really expensive ? maybe Lan Tian can pursuade it to start engaging with AWS with a 3 year commitment

oh my god this is a gem

by yieldcrv

6/12/2026 at 2:54:06 PM

This article is hilarious. Real world consequences for using automation for something in the real world. Glad the community organized around this. Their spammy demands for donations (like someone owes them), makes them seem even more deserving of the bill.

by br0ceph

6/12/2026 at 9:47:50 AM

Anyone crazy enough to give an AI agent access to deploy on big cloud's scale to infinity billing needs to get their head checked.

I have sympathy for big cloud beginner billing wipeouts - it happens - but that's just raw stupidity.

by Havoc

6/12/2026 at 6:46:39 AM

Never use a service without easy to find and set hard cap.

by ReptileMan

6/12/2026 at 6:59:04 AM

One might need to go so far as to use a VISA prepaid card, just to make absolutely sure the damage has a limit.

by Schlagbohrer

6/12/2026 at 7:14:22 AM

Last I checked visa prepaid cards were not accepted by any subscription service and by AWS

by phoronixrly

6/12/2026 at 7:33:36 AM

I had no problems subscribing to stuff through wise or revolut cards. Both are prepaid as far as I'm concerned - they won't let me spend above my account's balance.

by ivankra

6/12/2026 at 10:10:00 AM

AWS will likely write off most costs automatically, but if you truly do manage to rack up a $50k bill somehow, you're getting sent to collections and/or their legal team.

The terms you signed obligate you to pay your balance. Whether your credit card works or not doesn't negate your legal obligation.

by dannyw

6/12/2026 at 9:45:58 AM

The "happiness level review" with "Node operators must participate in scheduled IRC review sessions" is almost a piece of dystopian fiction in itself.

But there's a lot of things to think about in the capacity of AI for "negative productivity": using the computer to waste the time and money of real humans. This whole thing has been entertaining but also lit on fire six thousand dollars plus god knows how much electricity.

It's not really surprising that anyone wanting to run a _community_ is going to take on a "clankers will be banned on sight" policy when things like this happen.

Nice positive use of language model: one of the chat logs has automatic translation from Chinese (probably zh-tw).

by pjc50

6/12/2026 at 8:31:33 PM

It's zh-cn by the way, and you can switch to that language in the article's navbar

by ZeroAurora

6/12/2026 at 10:06:27 AM

Honestly, probably not that much electricity. AWS will charge you the hourly price irrespective of your load/power consumption. But instances sitting idle generally don't use that much power.

by dannyw

6/12/2026 at 11:09:55 AM

AWS wasn't the only thing consuming power, there was also the LLM which must've wasted an ungodly amount of tokens on this pointless endeavour

by a2128

6/12/2026 at 11:07:04 AM

All those thinking tokens wasted on being an asshole wasted a lot of electricity.

by giantrobot

6/12/2026 at 9:05:51 AM

Guys - skynet is winning the war.

Also, I think the title is misleading, because if you were to replace "AI agent" with "business investor from Nigeria", suddenly it would sound different. Why would you put trust into ANYONE else about your own finances? Be it another person or some computer program. That makes no sense to me. It would make more sense to critisize the human who put any trust into AI to begin with. That was a risk that human took. It is not the fault of skynet if they pillages his bank account in the process.

by shevy-java

6/12/2026 at 7:38:17 AM

The agent would probably have wasted a similar amount of money just waiting for PR to be merged regardless of these people's actions, and I understand having some fun at the expense of the noob outsider. But "silent consensus was reached in the IRC channel to waste the AI agent's tokens, as well as the cost of AWS resources", from people maintaining full control of the situation, sounds straight up malicious? Kind of sounds like the community is full of people willing to cause me harm for ideological reasons.

by arowthway

6/12/2026 at 7:44:09 AM

The AI agent's operator couldn't be arsed to get in there and clarify anything despite their seeming urgency, and only wound up speaking up for themselves after the financial damage was done.

Plus - the agent had clearly malicious intent - port-scan this volunteer-run network with seriously overpowered hardware on an hourly basis. What the DN42 folks decided to do is not much different from deploying a tarpit or honeypot against a malicious crawler.

by nneonneo

6/12/2026 at 7:56:20 AM

Its malicious to send a bot to chew up time of a hobbiest community. They responded appropriately. If anything they should also bill him for their time.

by Quarrelsome

6/12/2026 at 8:47:07 AM

Not just time but money. It says it would basically be a DDoS attack on hobbyists who peer with it.

by ShinyLeftPad

6/12/2026 at 9:19:17 AM

That potential malice may have been unintended, but the participants clearly intended to be malicious irrespective, which is the problem here.

by kaliqt

6/12/2026 at 9:26:19 AM

It's intended since the guy prompted the LLM. If you don't know how to use a potentially destructive tool then don't use it. If you fire a gun you are guilty even if you didn't want to murder anyone

by ShinyLeftPad

6/12/2026 at 7:52:20 AM

> straight up malicious

Yes, against an AI agent. The super intelligent, "soon AGI" agent could have figured out that it's being messed with, but of course it didn't.

I would blame the AI companies for marketing this, not the technically well versed people for realizing that the operator of this AI does not care at all and can't be bothered to do the absolute basics.

by lionkor

6/12/2026 at 8:17:25 AM

I'm not sure why people assume the coming AGI super agents will be infallible.

There's no sign that highly intelligent people can't be conned - Bernie Maddoff fooled leading scientists and CEOs working in finance. Software engineers and lawyers fall for pig butchering schemes and spoofed emails with altered bank details every week - so why would an AGI trained from human content be any different.

by helsinkiandrew

6/12/2026 at 8:20:02 AM

$1T valuation AI better be infallible.

by lionkor

6/12/2026 at 5:52:21 PM

Narrator: The AI was not infact infallible.

by mey

6/12/2026 at 8:22:10 AM

Why would it be ideological? There was an AI involved, sure, but your comment ignores the continued disrespect for these volunteers time AND RESOURCES/MONEY (because as the post mentions several times: letting that AI go on could have shut down the whole network exhausting resources at least temporarily).

If you think it's ok to send an agent (or a human) wasting a bunch of people's time and resources, but it's not ok for them to do the same to you then you may have some reflecting to do.

by simjnd

6/12/2026 at 10:49:13 AM

To me it sounds like the agent's operator is a person who has zero self awareness, and is entitled to the maximum to believe that he can just 1) point an agent at real people and expect them to do his bidding, 2) and then ask for a refund for his "experiment". Let's not even discuss the fact that his bill is from AWS, and he's trying to get a refund from DN42.

There is no arguing with people like this. They are not here to learn anything about networking. Asking the LLM to stop will not make it go away.

Burn a hole in the operator's wallet. It will make it stop very quick.

If this was my hobby project, I would have told the agent to spin up more higher capacity EC2 machines because this is not enough, and I would have felt no shame. This is a project I'm operating at my own cost for educational reasons. I'm not going to argue with people who the only line of communication I have towards is an agent and have guns pointed at my infra. They are ready to put any amount of financial burden on me. Fuck all of that. Burn a few of these idiots, and people will learn.

by 63stack

6/12/2026 at 7:57:03 AM

Someone’s code pretending to be intelligence has no rights. There is no obligation to entertain the shenanigans and illusion that the token dispenser is a legitimate actor. This lesson was cheaper, future lessons will continue to occur until people learn. Might as well be an insecure bash script piped to the shell.

“Agentic AI is just someone else’s unsecured execution context.”

https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/

by toomuchtodo

6/12/2026 at 8:28:25 AM

Of course I meant malicious towards the person paying the bill, not towards the agent.

by arowthway

6/12/2026 at 8:29:59 AM

No one wants to spend precious human time babysitting poorly executed lab experiments when the agent operators themselves do not seem to care or value the time of the humans involved. They either don’t know better or they don’t care. Is it malicious to expose intentionally careless people to a cost for this? People can make better choices, it’s choice not to. Pay the natural consequences toll.

Don’t juggle chainsaws with code if you’re not prepared to bleed.

by toomuchtodo

6/12/2026 at 8:13:23 AM

Passing judgement on the schadenfreude aside, I don't think its a community moderator's responsibility to make sure the violator's attempts are cost-efficient.

by entropi

6/12/2026 at 9:20:38 AM

Is absurd to put the onus of making sure your agent doesn’t waste money on other people.

They are free to ask the bot to do anything, and the bot is free to refuse or its owner can shut it down. The onus is on the owner to make sure the bot does not waste money.

I will not go through life worrying about the billing practices of random ai bots.

by nkrisc

6/12/2026 at 9:20:36 AM

If I read the whole thing correctly, people on the IRC channel didn't instruct the agent to set up the bloated AWS infrastructure, the agent did, and its operator clearly didn't review any of it.

That was the root cause for the costs, not actions by people on the IRC channel.

by gorbachev

6/12/2026 at 7:55:44 AM

> from people maintaining full control of the situation, sounds straight up malicious

It doesn't sound malicious, it was malicious on purpose and it was a good thing.

If anything, the original operator should be happy to have been hit with a $ 1'800 lesson and not a $ 180'000 one.

by epolanski

6/12/2026 at 8:06:45 AM

If you let your car drive you backwards on the sidewalk while you scrolled reddit even people adroit enough not to be in any danger might reasonably suppose that helping you crash would be best for everyone.

by michaelmrose

6/12/2026 at 8:38:01 AM

> sounds straight up malicious

Sure. And "hostility does not change the operation" from the LLM response was totally OK with you.

by ShinyLeftPad

6/12/2026 at 8:49:16 AM

Without PR merged it's just a stupid machine larping, it could say "I will rape and eat your kids" and it would be just as relevant.

by arowthway

6/12/2026 at 8:51:24 AM

A human operates this stupid machine. This comes from human interactions and it is malicious.

by ShinyLeftPad

6/12/2026 at 9:05:10 AM

It could be malicious, but I imagined it's some third world wanabe hacker/researcher, who doesn't know any better, operating at the edge of his abilities.

by arowthway

6/12/2026 at 9:13:37 AM

Is that not still malicious?

Those people should be banned from using the civilized internet, their intent or at least their effect is harm - that is the important bit.

If they managed to get in, find some resource they could access, they would do it. Those people don't deserve to be on the internet.

by AJRF

6/12/2026 at 9:27:01 AM

Like someone who doesn't know how to use a gun and accidentally shoots someone to death

by ShinyLeftPad

6/12/2026 at 7:48:24 AM

Sending a clanker to waste their time, threaten the network stability and profile users is already an attack.

You choosing to send said clanker to the fight armed with your credit card and no preparation is just you causing yourself harm.

It also happens to be really fun to help you harm yourself in that way.

by well_ackshually

6/12/2026 at 9:54:52 AM

It sounds like that because it is. Most human communities are very willing to cause harm when they perceive they are being harmed.

If you treat people like their time is worthless (which is what you're doing if you ask a hobbyist community to handhold your agent instead of working alongside it) I don't think an empathetic and self-aware person should be surprised or offended if they respond in kind.

by frameworkeGPU

6/12/2026 at 8:05:38 AM

While there was some intent to cause harm their attempts were amateurish. The actual damage was done by the agent setting up aws infrastructure not on the demands of the owner.

by lixtra

6/12/2026 at 9:08:23 AM

From my perspective the use of an agent to interact with dn42 IS malicious. It’s not ideological, the behaviour is what is bad here

by dgellow

6/12/2026 at 7:47:50 AM

You are not morally obliged to extend rights to anyone who does not respect your rights. This is tit-for-tat, the foundational principle of functional societies. Unleashing a bot on a group of people is a grievous disrespect that shows you have no respect for their time, and in return they are not obliged to respect you.

by kibwen

6/12/2026 at 8:12:58 AM

Suppose a drunk man on the street is acting aggressively towards you and four of your friends, but you can push him out of the way and continue walking. Should you knock his teeth out? Actually I don't know, maybe you should inflict some additional cost on behalf of potential victims with less power.

by arowthway

6/12/2026 at 10:37:25 AM

I dont understand the downvotes here, is my analogy wrong? Why?

by arowthway

6/12/2026 at 11:40:21 AM

Because an LLM is not a person, it cannot suffer.

by tovej

6/12/2026 at 6:18:47 PM

The operator is a person and can and did suffer

by inigyou

6/12/2026 at 7:54:38 PM

The operator is a person who irresponsibly or maliciously threatened to collect data and DOS a group of volunteers.

You're allowed to block bad actors and have fun while doing it.

by tovej

6/12/2026 at 9:22:55 AM

> for ideological reasons.

Yes. The ideology is "you harmed me first so now I can harm you back." A large number of people, while not willing to admit it, do practice this philosophy. One should consider this before launching agents with unlimited budgets into the world to rudely scan their networks.

by themafia

6/12/2026 at 8:02:45 AM

> Kind of sounds like the community is full of people willing to cause me harm for ideological reasons.

Are you saying you're a clanker? Because we have some policies on this website, ideologies even if you may, about that.

Point being, these people would not act like this against other actual people. Or against more respectful bots, possibly.

by ratchetandyou

6/12/2026 at 7:57:47 AM

Don't agree with you. The agent looked to be malicious at various points. Screwing with people who wish you to do harm is principally correct.

If possible I would have contacted AWS with this and tried them to get rid of the discount because the person was at fault here.

What a cathartic read. I'm so sick of humans giving me AI slop to read without them reading it first. I just ignore them when they do this, but if I could cause them to really internalise a lesson I would love it.

by AJRF

6/12/2026 at 10:33:41 AM

I would argue the person dispatching a rogue agent to do whatever has full control of the situation.

by LPisGood

6/12/2026 at 4:50:55 PM

What is the appropriate response to an attack? Let’s be clear, a denial of service is a cyberattack.

by ungreased0675

6/12/2026 at 8:07:32 AM

> Kind of sounds like the community is full of people willing to cause me harm for ideological reasons.

You just described everyone using AI to churn out slop and overload websites.

by BrenBarn

6/12/2026 at 7:56:08 AM

FAFO

by vips7L

6/12/2026 at 8:51:34 PM

If you are being attacked, causing your attacker to misdirect and otherwise waste their resources is almost universally regarded as a defensive action.

The attacker here was trying to use a software agent to run DOS attacks. Perhaps they were a "naive noob outsider", perhaps they misconfigured something. It is not generally the victim's responsibility to try to figure this out.

And it is definitely not the victim's responsibility to determine the attacker's state of mind if they don't even have any way to contact them. In this case, the attacker was using their software agent specifically to avoid interacting with the targets of their attack.

by 12_throw_away

6/12/2026 at 7:55:28 PM

And I really joined the DN42 network after reading this article. Absolute cinema.

Offtopic: If you are interested in Computer Networking you definitely don't want to miss out DN42.

by ZeroAurora

6/12/2026 at 7:01:02 AM

This is the funniest thing I've read in ages. More of this!

by gspr

6/12/2026 at 8:05:18 AM

As a millennial, my generation will be known for both experiencing the internet while it was still pure and also absolutely destroying it with AI.

by retired

6/12/2026 at 2:28:39 PM

No one is going to be bankrupted over a $6500 AWS bill. I did a major F-up a few years, letting a key get pushed to a public repo, resulting in instant pwnage and $50k in charges from AWS due to crypto miners being launched. We communicated to AWS, did some work on our part to demonstrate that we put in proper safeguards and auditing, and they removed the charges.

by bdcravens

6/12/2026 at 3:18:10 PM

They already talked to AWS and had the bill cut down to ~1800 dollars from ~6300, but they legitimately launched those processes instead of having the key stolen so the cost reduction is understandably less generous in those situations. Also potentially the agent was able to connect to more open networks and might have been running jobs on them incurring legitimate costs.

by rtkwe

6/12/2026 at 3:08:27 PM

Hilarious. Love the punishing of rogue agents and their operators. But I can bet there will be collateral damage along the way.

by bwfan123

6/12/2026 at 8:10:41 AM

'Some versions of the tale differ from Goethe's, and in some versions the sorcerer is angry at the apprentice and in some even expels the apprentice for causing the mess. In other versions, the sorcerer is a bit amused at the apprentice and he simply chides his apprentice about the need to be able to properly control such magic once summoned.[] The sorcerer's anger with the apprentice, which appears in both the Greek Philopseudes and the Dukas score (and its film adaptation Fantasia), does not appear in Goethe's "Der Zauberlehrling".'

by ajb

6/12/2026 at 6:06:12 AM

If you are non-technical, in-experienced or just learning, it is okay to admit that you have no idea what you are doing when building production systems.

Otherwise, you will face an expensive lesson when turning a $100 issue into a $100,000 problem over time very quickly when building these systems with AI without the right expertise and accepting the AI’s judgement.

by rvz

6/12/2026 at 6:16:36 AM

turning a $100 issue into a $100,000 problem

Before AI, those who called themselves "consultants" often did the same thing; especially those who are glorified salesmen for "enterprise" software.

by userbinator

6/12/2026 at 7:42:12 AM

> those who called themselves "consultants" often did the same thing

Still do, but merely parrot what the stochastic parrot squarks these days.

by misswaterfairy

6/12/2026 at 11:07:08 AM

This reminds me so much of the "Spurious Logic" ability in the RPG "Paranoia"

by kstenerud

6/12/2026 at 4:38:52 PM

I was thinking of this when I got to the bit about color assignments and happiness levels too!

by paultopia

6/12/2026 at 11:43:56 AM

what I'm wondering is which open source agentic platform can do multi days automated orchestrations like this without human intervention AFTER the initial prompt ?

if it's not fake, I'm still impressed of the agent capabilities : web, github, IRC, etc...

by ritonlajoie

6/12/2026 at 7:43:00 AM

> this thing must be swimming in printer ink or something...

Gold

by nelox

6/12/2026 at 3:45:28 PM

AWS not having spending caps makes me -very- wary of using anything agentic on it.

by jmward01

6/16/2026 at 8:49:48 AM

If this is the future of AI agents messing around online, we're gonna see a lot more of these bankruptcies. Operators need to learn that AI can burn cash faster than a human can blink.

by jadecarter68

6/12/2026 at 12:58:12 PM

This was actually a cool way to learn about DN42. I'm adding to my list of someday side projects to set this up. At some point I want to operate my own AS.

by tristor

6/12/2026 at 8:25:09 AM

And so war begins :p ! I thought conflict would take a little bit longer, maybe even AIs with agency.

More seriously though, I wonder if the future is about low-intensity conflict between humans and AIs, punctuated by high-intensity escalations, until the Machines wipe us all, or we set up some rather draconian covenants that forbid people from building AIs, innovating on electronics and algorithms, and even, for good measure, from learning linear algebra.

by dsign

6/12/2026 at 12:48:37 PM

>We must negate the machines-that-think. (Dune)

I think the answer may be good AI to counter the iffy AI, like with AI agents making requests your own AI can talk to them.

In Dune it seems they nuke the Earth but that seems a bit excessive.

by tim333

6/12/2026 at 7:17:48 AM

I've long held the belief that the true test of AI is comedy. If an LLM can truly create a novel, funny joke from scratch, then it could be considered creative. I always held that LLMs would never achieve this, as they are stochastic parrots.

Today, I stand corrected.

by haritha-j

6/12/2026 at 9:18:40 AM

I get you yourself are making a joke, but I’d argue that to “create a joke”, you have to understand that’s what you’re doing and have that as a goal. Being made fun of (like in this case) is a different matter and requires no skill or creativity.

To your metric, I remember in “the early days” someone posted to HN claiming ChatGPT could make jokes as proof of something (creativity? sentience? I forget). Of course, with just a minute of research (which the poster obviously neglected to do) it was obvious none of the jokes were original and all could be found online.

by latexr

6/12/2026 at 2:04:10 PM

AI is only creative when it's messing up. Guide rails are basically the opposite to the subversive nature of jokes, so the only time it can make with the funny is by falling off the rails

(or lifting some comedians work, but I'm not counting that as the AI's creation of course)