Despite multiple comments blaming the AI agent, I think it's the backups that are the problem here, right? With backups, almost any destructive action can be rolled back, whether it's from a dumb robot, a mistaken junior, or a sleep-deprived senior. Without, you're sort of running the clock waiting for disaster.
Yes, backups are great but a 'dumb robot' or a 'mistaken junior' shouldn't have access to prod.
And a sleep-deprived senior? Even then. They shouldn't have access to destructive effects on prod.
Maybe the senior can get broader access in a time-limited scope if senior management temporarily escalates the developers access to address a pressing production issue, but at that point the person addressing the issue shouldn't be fighting to stay awake nor lulled into a false sense of security as during day to day operations.
Otherwise it's only the release pipeline that should have permissions to take destructive actions on production and those actions should be released as part of a peer reviewed set of changes through the pipeline.
But smart robots like Claude should and will have access to production. There has to be something figured out on how to make sure operation remains smooth. The argument of don't do that will not be a viable position to hold long term. Keeping a human in the loop is not necessary.
>We've literally done it without robots, smart or dumb, for years.
And we've written extremely buggy and insecure C code for decades too. That doesn't mean that we should keep doing that. AI can much faster troubleshoot and resolve production issues than humans. Putting humans in the loop will cause for longer downtime and more revenue loss.
> AI can much faster troubleshoot and resolve production issues than humans
Can, yes, with proper guardrails. The problem is that it seems like every team is learning this the hard way. It'd be great to have a magical robot that could magically solve all our problems without the risk of it wrecking everything. But most teams aren't there yet and to suggest that it's THE way to go without the nuances of "btw it could delete your prod db" is irresponsible at best.
When people talk about backups they typically mean located somewhere else. If one terraform command can take out the db and the backups then those backups aren't really separate. It's like using RAID as a backup. Sure it may help, but there are cases where you can lose everything.
Nobody, not even a "smart robot" should have unfettered read-write production access without guardrails. Read-only? Sure - that's a totally different story.
Read-write production access without even the equivalent of "sudo" is just insane and asking for trouble.
You need to care about your Recovery Time (how long does it take to get back up again?) and your Recovery Point(how long since your backup was taken?) and it gets Much Worse when you start distributing state around your various cloud systems - oh did that queue already get that message? how do we re-send that? etc
I agree that a second issue doesn't erase the first, but also I've got enough work experience to know that a system which can be brought down by 1 person no matter the tooling they use is a system not destined to last for long.
It turns out that both phrases are used like this, similarly to how they teach in logic classes that "but" is just "and" in fancy clothing, but actual usage is quite different. Actually, a lot of language is just signpost phrasing that "helps the medicine go down" by giving hints at how the following idea will connect to this one.
---
Both phrases are used like this— let me explain:
Logic classes teach that "but" is just "and" in fancy clothing, and actual usage is quite different. A lot of language is signpost phrasing that "helps the medicine go down" by giving hints at how the following idea will connect to this one.
The THIRD sentence in the article explains that they ship to the US. You are tone-policing your hallucinated version of the article!
> Enter Navjot Sawhney, who founded the UK-based social enterprise The Washing Machine Project (TWMP) to tackle this, and has now shipped almost 500 of his hand-crank Divya machines to 13 countries, including Mexico, Ghana, Iraq *and the US.*
Yes, it matters, and big companies can do fantastic things by designing extremely expansive fonts which make it easy to include users speaking plenty of languages that we developers don't even know about.
When you say that it would "almost be like a punishment for Linux users", I think you're wrong, because it literally would be a value add. There is something interesting about the fact that offering you 10% more value would be taken as a downgrade
What is the value add of letting Linux players play multiplayer, and all the cheaters for that particular game is concentrated on the Linux servers so Linux players end up playing with the cheaters, and the Windows players get cheat-free servers?
Holy crap this is going to let me move some privacy-focused folks over to join me in Kagitopia. Good job guys, you are always working on something cool.
reply