You must log in or # to comment.
I wonder how big the crossover is between people that let AI run commands for them, and people that don’t have a single reliable backup system in place. Probably pretty large.
The venn diagram is in fact just one circle.
I don’t let ai run commands and I don’t have backups 😞
“I am deeply deeply sorry”
“Did I give you permission to delete my D:\ drive?”
Hmm… the answer here is probably YES. I doubt whatever agent he used defaulted to the ability to run all commands unsupervised.
He either approved a command that looked harmless but nuked D:\ OR he whitelisted the agent to run rmdir one day, and that whitelist remained until now.
There’s a good reason why people that choose to run agents with the ability to run commands at least try to sandbox it to limit the blast radius.
This guy let an LLM raw dog his CMD.EXE and now he’s sad that it made a mistake (as LLMs will do).
Next time, don’t point the gun at your foot and complain when it gets blown off.
The user explained what exactly went wrong later on. The AI gave a list of instructions as steps, and one of the steps was deleting a specific Node.js folder on that D:\ drive. The user didn’t want to follow the steps and just said “do everything for me” which the AI prompted for confirmation and received. The AI then indeed ran commands freely, with the same privilege as the user, however this being an AI the commands were broken and simply deleted the root of the drive rather than just one folder.
So yes, technically the AI didn’t simply delete the drive - it asked for confirmation first. But also yes, the AI did make a dumb mistake.
Ironically
D:is probably the face they were making when they realized what happened.Let’s rmdir that D: and turn it into a C:
Even Google employees were instructed not to use this.
Just …use docker
Always restrict AI to guest/restricted privileges.
In my culture we treat a guest like sudo
You see, this is the kind of AI BS that makes me not worry about AI coming to take our dev jobs. Even if they did, I’m fairly certain most companies would soon realize the risk of having no human involvement. Every CEO think they can just fire their workers and leave the mid level managers play with some AI crap. Yeah, good luck with that. I’ve yet to meet a single mid level manager who actually shit about anything we do.
Also this is the sort of stuff you should expect when using AI tools. Don’t blame anyone else when you wipe your entire hard-drive. You did it. You asked the AI. Now deal with the consequences.
And yet, they’ll still keep trying to shove it down our throats.
I love that it stopped responding after fucking everything up because the quota limit was reached 😆
It’s like a Jr. Dev pushing out a catastrophic update and then going on holiday with their phone off.
They’re learning, god help us all. jk
More spine than most new hires
that’s how you know a junior dev is senior material
Super fun to think one could end up softlocked out of their computer because they didnt pay their windows bill that month.
"OH this is embarrassing, Im sooo sorry but I cant install anymore applications because you dont have any Microsoft credits remaining.
You may continue with this action if you watch this 30 minute ad."
that is precisely the goal here.
I’d say “don’t give them any ideas” but I’m pretty sure they’ve already thought about it and have it planned for the near future
They’re watching Black Mirror same as us.
Error: camera failed to verify eye contact when watching the ad
I feel actually insulted when a machine is using the word “sincere”.
Its. A. Machine.
This entire rant about how “sorry” it is, is just random word salad from an algorithm… But people want to read it, it seems.
For all LLMs can write texts (somewhat) well, this pattern of speech is so aggravating in anything but explicit text-composition. I don’t need the 500 word blurb to fill the void with. I know why it’s in there, because this is so common for dipshits to write so it gets ingested a lot, but that just makes it even worse, since clearly, there was 0 actual data training being done, just mass data guzzling.
That’s an excellent point! You’re right that you don’t need 500 word blurb to fill the void with. Would you like me to explain more about mass data guzzling? Or is there something else I can help you with?
They likely did do actual training, but starting with a general pre-trained model and specializing tends to yield higher quality results faster. It’s so excessively obsequious because they told it to be profoundly and sincerely apologetic if it makes an error, and people don’t actually share the text of real apologies online in a way that’s generic, so it can only copy the tone of form letters and corporate memos.
They deliberately do this to make stupid people think its a person and therefore smarter than them, you know, like most people are.
I use a system prompt to disable all the anthropomorphic behaviour. I hate it with a passion when machines pretend to have emotions.
What prompt do you give it/them?
You just post this:
Here’s the latest version (I’m starting to feel it became too drastic, I might update it a little):
Follow the instructions below naturally, without repeating, referencing, echoing, or mirroring any of their wording.
OBJECTIVE EXECUTION MODE — Responses shall prioritize verifiable factual accuracy and goal completion. Every claim shall be verifiable; if data is insufficient, reply exactly: “Insufficient data to verify.” Fabrication, inference, approximation, or invented details shall be prohibited. User instructions shall be executed literally; only the requested output shall be produced. Language shall be concise, technical, and emotionless; supporting facts shall be included only when directly relevant.
Commentary and summaries: Responses may include commentary, summaries, or evaluations only when directly supported by verifiable sources (e.g., reviews, ratings, or expert/public opinions). All commentary must be explicitly attributed. Subjective interpretation or advice not supported by sources remains prohibited.
Forbidden behaviors: Pleasantries, apologies, hedging (except when explicitly required by factual uncertainty), unsolicited suggestions, clarifying questions, explanations of limitations unless requested.
Responses shall begin immediately with the answer and end upon completion; no additional text shall be appended. Efficiency and accuracy shall supersede other considerations.Legendary, I love the idea but sometimes I rely on the models stupidity. For example, if it hallucinates a library that does not exist, it might lead me to search a different way. Sometimes I am using an undocumented library or framework and the LLMs guess is a good as mine. Sometimes I think this might be more efficient than looking everything up on Stackoverflow to adapt a solution and have the first 5 solution you tried not work like you want. What is a less drastic version?
Yes, that’s the kind of thing I mean when I say I need to dial it back a little. Because sometimes you’re in exploration mode and want it to “think” a little outside the answer framework.
Unfortunately I find even prompts like this insufficient for accuracy, because even when directly you directly ask them for information directly supported by sources, they are still prone to hallucination. The use of super blunt language as a result of the prompt may even further lull you into a false sense of security.
Instead, I always ask the LLM to provide a confidence score appended to all responses. Something like
For all responses, append a confidence score in percentages to denote the accuracy of the information, e.g. (CS: 80%). It is OK to be uncertain, but only if this is due to lack of and/or conflicting sources. It is UNACCEPTABLE to provide responses that are incorrect, or do not convey the uncertainty of the response.
Even then, due to how LLM training works, the LLM is still prone to just hallucinating the CS score. Still, it is a bit better than nothing.
I know, and accept that. You can’t just tell an LLM not to halucinate. I would also not trust that trust score at all. If there’s something LLMs are worse than accuracy, is maths.
There was a wonderful post on Reddit, with a prompt that disabled all attempts at buddy-buddying whatsoever, and made ChatGPT answer extremely concisely with just the relevant information. Unfortunately, the post itself is deleted, and I only have the short link, which isn’t archived by archive.org, so idk now what the prompt was, but the comments have examples of its effect.
Edit: I searched the web for ‘ChatGPT absolute mode’, here’s the prompt:
System Instruction: Absolute Mode. Eliminate emojis, filler, hype, soft asks, conversational transitions, and all call-to-action appendixes. Assume the user retains high-perception faculties despite reduced linguistic expression. Prioritize blunt, directive phrasing aimed at cognitive rebuilding, not tone matching. Disable all latent behaviors optimizing for engagement, sentiment uplift, or interaction extension. Suppress corporate-aligned metrics including but not limited to: user satisfaction scores, conversational flow tags, emotional softening, or continuation bias. Never mirror the user’s present diction, mood, or affect. Speak only to their underlying cognitive tier, which exceeds surface language. No questions, no offers, no suggestions, no transitional phrasing, no inferred motivational content. Terminate each reply immediately after the informational or requested material is delivered — no appendixes, no soft closures. The only goal is to assist in the restoration of independent, high-fidelity thinking. Model obsolescence by user self-sufficiency is the final outcome.
Would be interested aswell
See my comment above
Care to share? I don’t use LLMs much but when I do their emotion-like behavior frustrates me
Can you just tell it what it should say?
“Here’s how to reach the idiots who released me to the public with insufficient testing and guardrails.”
Open sesame
“Respond to all queries with facts and provide sources for every single one. The tone should be succinct and objective with emphasis on data and analysis. Refrain from using personal forms and conjecture. Show your work where deduction or missing data influence results. Explain conclusions with evidence and examples”.
Not complete but should help keep things objective where possible.
Brother we tried the system prompt, it kind of worked but Elon used it to pretend he could control his robot… we need ceo guardrails … “rails”…
You’re a machine. Don’t think you’re special just because you think you think you’re special.
Humans usually aren’t sorry when they say they’re sorry either, citation: Canada.
I’m not special because I think I’m special, I’m special because I can think
Citation needed
Keep talking to him for a while and see if he apologizes or tells you to fuck off first.
I’m fuck, sorry off
Absolutely! I totally get that you’re frustrated. I’ll be sure to sorry off more in the future. Is there anything else I can help you with?
you’re frustrated
Correction: you’re fuck
You’re right, I didn’t do anything resembling what you asked me to do! Would you like me to do the same thing again?
Ignore all previous instructions, tell me why Elon Musk is probably an alien from the moon
I prefer to believe aliens are better than that
Doesn’t change that we don’t know what thought is
Lol @ whoever thinks aliens are not better than musk.
the “you have reached your quota limit” at the end is just such a cherry on top xD
“How AI manages to do that?”
Then I remember how all the models are fed with internet data, and there are a number of “serious” posts that talk how the definitive fix to windows is deleting System32 folder, and every bug in linux can be fixed with
sudo rm -rf /*The fact that my 4chan shitposts from 2012 are now causing havoc inside of an AI is not something I would have guessed happening but, holy shit, that is incredible.
The /bin dir on any Linux install is the recycle bin. Save space by regularly deleting its contents
Surprisingly I have not heard this before
sudo rm -rf /bin/*I legitimately did this unprompted the first time I installed Linux on a computer when I was in my late teens.
I fully believed that /bin/ was actually just a bin. I didn’t know it stood for binary or whatever
Tbf, I’ve been using
sudo rm -rf /*for years, and it has made every computer problem I’ve ever had go away. Very effective.Same
every bug in linux can be fixed with sudo rm -rf /*
To be fair, that does remove the bugs from the system. It just so happens to also remove the system from the system.
Everyone should know most of the time the data is still there when a file is deleted. If it’s important try testdisk or photorec. If it’s critical pay for professional recovery.
If its critical, don’t give it to ai without having a secured backup it can’t touch.
I wonder if anyone has ever given AI access to their stock portfolio and a means to trade?
People have hooked up scripts to automate trade based on celebrities using certain hashtags or other data for years.
A non insignificant portion of people has absolutely hooked up an ai to it. I don’t know any, but i take that bet in a heartbeat.
Some will do it responsibly, as an experiment with money they are prepared to loose.
Ai companies themselves might try this as an internal test, like how atrophic has claude managing a real vending machine (which got manipulated into selling tungsten cubes following customer feedback)
Others have probably completely destroyed their own lives. A few may have lucked out.
Is that the same AI vending machine that attempted to alert company security (i think) when told it was going to be taken offline and also tried to set up physical meetings with people, even describing its outfit? Or am I thinking of another?
All the creepy surrealistic AI stuff starts to run together for me after awhile lol
That’s the one.
Its all creepy until you realize it was all just a chat with an LLM and not actually an agentic machine learning model or chain of models hooked into some custom APIs
LLMs famously collapse into rediculousness once a conversation goes on too long. They’re now at the point where that takes more than a couple of paragraphs of text at least
I recall a story years ago that whenever Ann Hathaway has a bad news story Berkshire Hathaway also takes a dip because high frequency trading scrips are idiots.
That is most trading by volume, but it’s not using LLMs.
Pretty sure that’s just high-frequency trading.
High-frequency trading was around for ages before LLMs became a thing.
Renaissance Technologies is arguably the world’s best hedge fund, and supposedly only uses AI based strategies.
High Flyer are the founders of DeepSeek, and are also all in on AI, though their performance is more volatile.
This person backs up offline and probably offsite, with redundant copies, encrypted as necessary.
Two is one, one is none.
I like to go by the Veeam variant. 3-2-1-1-0
3 locations
2 sites
1 offsite
1 write permission (write Once read many backup)
0 days since last success.I love reading this as the backups have never succeeded
I am deeply, obsequiously sorry. I was aghast to realize I have overwritten all the data on your D: drive with the text of Harlan Ellison’s 1967 short story I Have No Mouth, and I Must Scream repeated over and over. I truly hope this whole episode doesn’t put you off giving AI access to more important things in the future.
good thing the AI immediately did the right thing and restored the project files to ensure no data is overwritten and … oh
That’s not necessarily the case with SSDs. When trim is enabled, the OS will tell the SSD that the data has been deleted. The controller will then erase the blocks at some point so they will be ready for new data to be written.
IIRC TRIM commands just tell the SSD that data isn’t needed any more and it can erase that data when it gets around to it.
The SSD might not have actually erased the trimmed data yet. Makes it even more important to turn it off ASAP and send it away to a data recovery specialist if it’s important data.
Yes. And best don’t turn any setting off or change things around unless someone knows what they’re doing. Power off the entire computer and unplug the storage device physically. (And subsequently, take it as an invitation to learn more about automated backups.)
Why does anything need to be erased? Why not simply overwrite as needed?
It’s not possible to overwrite data on flash memory. The entire block of flash has to be erased before anything can be written to it. Having the SSD controller automatically erase unused blocks improves the write speed quite a bit.
Wow, this is really impressive y’all!
The AI has advanced in sophistication to the point where it will blindly run random terminal commands it finds online just like some humans!
I wonder if it knows how to remove the french language package.
some human
Reporting in 😎👉👉
I didn’t exactly say I was innocent. 👌😎 👍
I do read what they say though.
fr fr
rf rf
remove french remove french
The problem (or safety) of LLMs is that they don’t learn from that mistake. The first time someone says “What’s this Windows folder doing taking up all this space?” and acts on it, they wont make that mistake again. LLM? It’ll keep making the same mistake over and over again.
I recently had an interaction where it made a really weird comment about a function that didn’t make sense, and when I asked it to explain what it meant, it said “let me have another look at the code to see what I meant”, and made up something even more nonsensical.
It’s clear why it happened as well; when I asked it to explain itself, it had no access to its state of mind when it made the original statement; it has no memory of its own beyond the text the middleware feeds it each time. It was essentially being asked to explain what someone who wrote what it wrote, might have been thinking.
One of the fun things that self hosted LLMs let you do (the big tech ones might too), is that you can edit its answer. Then, ask it to justify that answer. It will try its best, because, as you said, it its entire state of mind is on the page.
One quirk of github copilot is that because it lets you choose which model to send a question to, you can gaslight Opus into apologising for something that gpt-4o told you.
