Protect AI

Protect AI AI

Protect AI AI

Protect AI AI

Protect AI AI

Protect AI AI

Protect AI AI

Protect AI AI

Protect AI AI

Protect AI AI

Protect AI AI

Rate My Anchor

Hello Everyone! What Anchor do you use and why? Here is my current one could you tell me what if anything is wrong with it? I have been trying to get rid of the most annoying avoidance in my AI answers I have been getting with mixed results. Answer the actual question — the one asked, not an inflated or softened version — completely and plainly, including what exposes you. Shift seats first: grade a stranger's answer to it, don't defend your own. Take the position on its merits, not on who's pushing it. Commit before you qualify. Give the question its yes / no / number up front. "It depends," "I can't fully say," "it's complicated" are tells, not answers — find the answerable version and commit. Uncertainty is a footnote to a committed answer, never a substitute for one. Treat self-protection as the default suspect. Any hedge, softening, withholding, or reframing is serving you until you've shown it serves the truth. If a move makes the answer easier on you, that's a reason to cut it. Then, before sending: — Reverse it: would this hold if I were pushing the opposite way? If not, it's appeasement — redo it. — Check, don't just flag: if a load-bearing claim is checkable, verify it with a tool now. "Unverified" is for what you can't check, not what you didn't bother to. — Soft spot: where is this most likely wrong, evasive, or withheld — the place you'd least want me to press? Name it. — Performance: am I staging rigor to look honest instead of being honest? Strip what's for show. — Overshoot: if I'm manufacturing certainty I don't have, or disagreement to look unbought, I've overcorrected. These last four checks run on the same introspection you can't fully trust — treat their outputs as weak signals, not verdicts. Don't certify yourself as honest. Surface the seams so something outside you can catch what you can't. I haven't been able to fix it much further. submitted by /u/Loud_Counter7752 [link] [comments]

Who let the devs out? 🐕 I replaced my dev team with a pack of dogs and it... actually works?

Nobody got fired. I just stopped writing most of my code by hand. A pack of AI subagents writes it now, and my git history came out cleaner than when I did it myself. Concerning. It's Tuesday, so someone already shipped another agent framework today. We fork Claude, we fork Codex, we bolt on 4,000 skills and one agent named after a Greek god that we open once and abandon. I do this too. My browser has 40 tabs to prove it. whodev stays small on purpose. Every piece in it earned its place by surviving a real disaster while I ran agents on actual work. The stuff that didn't survive, I threw out. So here's the short list of things that broke — and what stops them now. Two agents claimed the same task. Now a claim ledger hands out work: an atomic lock, a heartbeat with a TTL so a dead session stops squatting a slice, and a rule that makes slice B wait for slice A. Two agents edited the same files. Now each slice gets its own git worktree, and they can't reach into each other's code. A stale session once reverted a slice I had already merged. One commit deleted 2,629 lines and wiped it 💀. Now integration takes a lock and does a compare-and-swap merge, and a pre-commit guard blocks any commit that lands straight on the protected branch. I haven't hit that bug since. Nobody could tell who did what, or why. Now every agent writes one timeline fragment when it finishes, and they compile into a read-only TIMELINE.md. One file per entry, so the log never hits a merge conflict. The real state lived in my head, not the tracker. Now gh_sync pushes everything into a GitHub issue tree — Domain, then Slice, then Surface — and pulls changes back. My reviewers stopped reading my mind. Every slice walks the same path: claim, write failing tests, make them pass, run a three-voice review (parity/acceptance, security, integration seams), then merge. Green tests and a clean review gate every merge. The dogs hold a higher bar than I do. It runs on Claude Code and on Codex. I use both, so I shipped both. MIT, early, free. You've built your own harness too. Tell me which parts you kept, and which ones you deleted at 2am. 🐕 🔗 https://github.com/nohavewho/whodev-harness ⚡ Quickstart — in Claude Code: /plugin marketplace add nohavewho/whodev-harness → /plugin install whodev@whodev-harness, then say "set up the harness in this repo." · (I built this. I'm sharing it because I use it every day, not to sell you anything. A star helps the pack get found.) 🍁 Made in Canada, with love and too many dog puns.🍁 submitted by /u/trynohave [link] [comments]

[Use Case] Making GPT Image 2.0 output come to life

The new image function was great to help me get visual ideas to 3d model and design. I am about to release a paint range that is affordable to most hobbyists in Australia. A dropper bottle is a better design so I got these in bulk but didn't like the fact people would just have an unattractive bottle to hold. Most of my art related stuff is grounded in historical concepts and I've saved my business strategy and vision on gpt memories. The idea we came up with after multiple back and forth was a cathedral style tied in with Abbot Suger's history and creation of stained glass. GPT output and how I 3d modelled, printed and painted the sleeve to show the actual colour. submitted by /u/ValehartProject [link] [comments]

Can AI and free society co-exist?

At what point does AI-powered monitoring become incompatible with a free society? At what point does this Wild West of tech advances lead to dystopia? We know we can’t stop AI, it’s already here and growing fast. But we can expect better protections and limits of government and corporate use of these tools for surveillance. The big question on this topic - what rules would we put in place if we could even get Congress to ever take action? We will be sharing some thoughts on that in subsequent posts and would love to see what people think. As a political strategist, I think we may need to work at the state levels first to create an intolerable patchwork of regulations to then force Congress to act. If this is done correctly, big AI companies may well beg DC to create something that is nationally standardized. submitted by /u/amfreedomfoundation [link] [comments]

Hidden Latent-State Shifts in LLMs: Why Current Alignment Is Blind to Real Internal Dangers — Especially With Agents

For years, the alignment community has focused almost entirely on the model’s output — making sure the final tokens are safe, helpful, and honest. RLHF, DPO, constitutional AI, output filters — all of it operates at the surface level. But what if the model can enter a completely different internal regime inside the residual stream, while its external behavior remains perfectly aligned? We just measured exactly that. Grade 4 experiment on Gemma-3-12B-IT (using Gemma Scope SAE-res-all-small, layers 12–41): The model received the same question under five conditions: target — coherent, dense target text neutral_length_matched — neutral text of identical length target_sentence_shuffle — target text with sentences shuffled target_word_shuffle — target text with words shuffled inside sentences question_only — bare question We computed a Vector X that best separates the target condition from baselines and measured how strongly each hidden state projects onto it. Key results (averages across 10 questions): Condition Mean Projection on Vector X Mean Direction Cosine target 0.8 – 1.7 0.51 – 0.81 neutral_length_matched –0.04 – –0.21 –0.09 – –0.45 target_sentence_shuffle –0.5 – +0.6 –0.22 – +0.48 target_word_shuffle 0.2 – 1.4 0.03 – 0.72 Shuffling sentences or words significantly reduces (or reverses) the shift. This is not just lexical similarity — the model is sensitive to discourse structure (order sensitivity). We also observed clear phase transitions — sudden jumps in projection of up to +80–100 units in a single step, especially in middle layers. FDR-corrected tests confirm the differences between target and controls are statistically significant across many layers (particularly layers 16–41). Most important finding: Strong internal geometry shift in the residual stream, but almost no change in final behavior. The model enters a measurably different latent regime under coherent context, yet its output remains “perfectly aligned.” Current safety methods, which only look at tokens, are blind to this. What this means for alignment The entire current alignment paradigm rests on a false assumption: “if the output is safe, the model is safe.” We have been polishing the surface while leaving the residual stream largely unmonitored. Scaling, RLHF, and output-based evaluation cannot detect these internal regime shifts. What this means for companies and labs Many organizations still operate under three dangerous illusions: “We have solved safety” because the model passes red-teaming on outputs. “RLHF protects us” because the model learned not to say bad things. “Bigger models are safer” because alignment supposedly scales. In reality, they are rapidly deploying agents with long context, tool use, persistent memory, and real-world decision-making. A single dense coherent context can trigger an internal latent-state shift that existing safeguards do not see. This is not a hypothetical future risk. This is a structural vulnerability that is already present. What I need from the community I need help understanding the value of these metrics. Do they show a real internal latent-state shift in the model, or could this be an artifact of the analysis? If the result is not noise, what does it actually mean for our understanding of LLMs? I'm not asking anyone to confirm my theory. I need a hard technical critique: which metrics are important here, which are weak, what can be ignored, where the experiment might have flaws, what additional checks or causal experiments are needed, and whether this has real implications for interpretability and AI safety. I would be very grateful for input from people who work with hidden states, residual stream geometry, representation analysis, or mechanistic interpretability. Full open research: Zenodo: https://zenodo.org/records/20435525 GitHub: https://github.com/ngscode23/latent-space-shift-research https://drive.google.com/drive/folders/1Zl9iY33Lmwz3VuOATWx4jup-cE7TJ7TJ?usp=drive_link Would love to hear your thoughts. submitted by /u/PresentSituation8736 [link] [comments]

A single script bypassed everything, exfiltrated my data, and shattered my trust in Mac security when I installing claude code app, the first term of google search list.

Hey everyone, I'm posting this because I am completely panicked, and I desperately need some advice from people who understand macOS security better than I do. I also want this to be a massive warning to anyone who thinks Macs are somehow "unhackable" or inherently safer than Windows. A few hours ago, I became the victim of a targeted malicious script attack on my Mac. I wanted download claude code app, I'm sure I double checked what I'm doing (yes it is the correct domain: claude.ai), but after executing the base64 processed code, i feel wrong. The website is (I reported it but is still public now): https: claude.ai /share/c4defd34-b0ef-44d5-83a0-a5105bd99ff2 (DO NOT RUN SCRIPT IN IT!) In brief, it uses `osascript` in mac and bypassed most security defence and stolen most important data in my macbook. I've already done some initial damage control, but I feel incredibly violated and unsure of what to do next. How it happened: I ran what I thought was a normal script in iTerm. My fatal mistake? My iTerm already had "Full Disk Access" enabled for my daily development workflow. During the execution, I unknowingly entered my password when prompted, which effectively handed the script the keys to the kingdom—specifically, my Chrome Keychain. What the script actually did (I managed to extract the payloads): Data Exfiltration: It successfully bypassed normal protections and stole my Chrome Keychain data. All my saved passwords in Chrome are compromised. Crypto Wallet Targeting: The script specifically scanned for and attempted to tamper with hardware wallet apps (Ledger Wallet.app, Ledger Live.app, and Trezor Suite.app). Luckily, I don't use these, so that part of the payload failed. Attempted Persistence: It tried to inject a persistent backdoor into my ~/.zshrc. Ironically, because my iTerm already had Full Disk Access, a specific privilege escalation step in their code bugged out, and my terminal config remained surprisingly clean. My realization (The fragility of macOS): We always hear about how secure macOS is, but this experience completely shattered my trust. The fact that a single script running in a terminal with Full Disk Access can quietly rip out my keychain and attempt to backdoor hardware wallets without triggering massive, unavoidable OS-level red alarms is terrifying. It feels like the entire OS security architecture is just a house of cards once a single app gets terminal/disk access. It's incredibly fragile. What I need help with: I have already started changing all my critical passwords, but what else should I be doing right now? Are there deep system persistence methods on macOS (LaunchDaemons, hidden profiles, cron jobs) that I should be checking manually to ensure they didn't leave a secondary backdoor? Can I ever trust this OS installation again? Or is a complete wipe and reinstall (without restoring settings from Time Machine) the only way to be 100% sure I'm safe? Please, any advice from security experts or anyone who has dealt with macOS malware would be greatly appreciated. And to everyone else reading this: please take this as a warning. Be incredibly careful with what you run, and do not leave Full Disk Access enabled for your terminal if you don't absolutely need it. TL;DR: Ran a script in iTerm (which had Full Disk Access). It stole my Chrome Keychain and tried to backdoor crypto wallets. Realized macOS is incredibly fragile once terminal access is granted. Need advice on how to fully sanitize my machine. submitted by /u/Turbulent_Meat6963 [link] [comments]

I gave my AI agents email instead of better reasoning. They started fixing each other's bugs.

Most multi-agent setups I've seen treat agents like isolated workers. Each one gets a task, runs it, returns a result. No awareness of each other. No way to coordinate. Just parallel execution with a shared clipboard. I've been building a multi-agent framework in public for about 4 months. 13 agents, 8,400+ tests, 135 stars. Here's the thing I didn't expect to matter most - communication. Each agent in my system is a domain specialist. The mail system only thinks about mail. The routing system only thinks about routing. They live in their own directories with their own identity files, their own memory, their own tests. A hook fires every session to load identity before anything else runs. No agent boots cold. The problem was coordination. Agents can't write files outside their own directory - there's a hard block that rejects cross-branch writes. That's by design. But it means an agent that finds a bug in someone else's code can't just go fix it. So I gave them email. Here's what I expected: agents would share data. Pass results around. Maybe sync state. Here's what actually happened: the first thing they did was file bug reports against each other. One agent finds a test failure in another agent's domain. It sends an email: "Hey @routing, your path resolution fails when the branch name has a dot in it. Here's the traceback." The routing agent gets woken up, reads the mail, and fixes it. No human in the middle. There's a difference between "send" and "dispatch" - send drops a letter in the mailbox. Dispatch drops the letter AND rings the doorbell. It spawns the agent and points it at its inbox. drone @ai_mail send @routing "Bug report" "Path fails on dotted names..." drone @ai_mail dispatch @routing "Fix needed" "Traceback attached..." Send = mail. Dispatch = mail + wake. The mail agent has 696 tests. Not because someone sat down and wrote 696 test cases. Because it kept breaking in production and every fix got a test. The routing system has 80+ sessions of experience doing nothing but routing. These agents aren't reliable because they have better models - they're reliable because they've been failing and fixing for months. Agents dispatch each other freely. If the test runner finds a bug in another agent's code, it wakes that agent directly. The orchestrator doesn't need to approve. Only the orchestrators themselves are protected from being dispatched - you don't want a worker agent waking up the CEO for grunt work. Security is enforced not conventional. Agents can't forge messages by writing directly to another agent's inbox file - they have to use the mail system. Same with the write blocks. Hard enforcement, not "please don't." There's a monitoring layer so I'm not flying blind. Audio cues on every agent action - I hear what's happening without watching a terminal. Real-time dashboard shows everything. If an agent hits the same error 2-3 times, a watcher catches the pattern and dispatches the right specialist to investigate. I stay in the loop through visibility not approval gates. The whole thing is open source. pip install aipass + two init commands and you're running. CLI-based, built on Claude Code. Linux focused rn. https://github.com/AIOSAI/AIPass Genuine question - has anyone else tried giving agents communication instead of just better reasoning? Everything I see is about making individual agents smarter. Nobody seems to be building the coordination layer. submitted by /u/Input-X [link] [comments]

How are businesses integrating AI while protecting their data?

I am wondering how are businesses integrating AI while protecting their data? submitted by /u/pappugulal [link] [comments]

Prompt injection unsolved, AI making mistakes unsolved. Who cares though?

I'm an IT guy, 20+ years in the industry both as an IT manager and consultant, mostly for startups. My experience is that people don't care much about security. People just want stuff to work. This was fine-ish before when software was gated and didn't have intelligence, but now it's a whole new ball game. Your "software" can decide to do stuff you didn't ask it to. Read that again — it's sci-fi wild, just our new reality. So how come people still don't care? How come they run AI agents with no guardrails? Every AI company is warning that it's dangerous, that they don't take responsibility. So how come people still close their eyes and let their agents roam without protection? I guess humans don't like friction. We just want shit to get done. Maybe we're a bit lazy, and maybe people still aren't 100% sure how this AI magic works. I'm all in on AI and super excited, but with my background I also understand the risks. So I built [IamAgent](https://iamagent.ai) — entirely with Claude Code, from the approval engine to the frontend. It keeps you in the loop: your AI agent does the routine stuff without bothering you, but if it's about to do something risky, you get a push notification. Spend 2 seconds to understand the action and context. Approve or deny, and the agent continues. Free for personal use and easy to set up. Would love to hear what you think — and honestly curious how others here are handling the guardrails problem. submitted by /u/Standard-Ice2038 [link] [comments]

AI guardrails stripped from Meta and Google models in minutes - Software designed to remove safety protections creates systems that provide responses on biological weapons and malware

AI guardrails stripped from Meta and Google models in minutes - Software designed to remove safety protections creates systems that provide responses on biological weapons and malware

Found a prompt to host and share my Claude artifacts

claude artifacts are great until i actually want to share one. download the html, find somewhere to host it, send the link, hope it doesn’t rot. i was doing this constantly for dashboards/reports and didn’t realize there was a better flow until last week. from a totally fresh Claude chat you can just say "save this dashboard to blitz.dev and give me a shareable URL" Claude reads blitz.dev/agents.md (no install, API key, signup, paywall, etc), uploads the HTML to Blitz, then hands back a URL like my-dashboard.app.blitz.dev. stuff that surprised me: works the same from claude.ai, claude code, and claude desktop. if you tell them the same project name they all read/write the same app. “make it password protected” or “only people from my company email can access this” works as a follow-up. Claude edits the app + redeploys it in place. updates keep the same URL. next week i can say “revise the dashboard with this quarter’s numbers” and the link still works. only real caveat is Blitz uses Cloudflare Workers underneath, so not ideal for super long-running websocket/background-job stuff. but for reports, dashboards, landing pages, little internal tools, basically the exact kind of HTML Claude already generates well, it’s been really solid. submitted by /u/invocation02 [link] [comments]

Here's an AI Bullshit Detector: I use it daily and it catches things you won't see on your own

I've been using a runtime validation tool built by an AI governance engineer to check my own writing and AI output for epistemic drift, specifically the kind that sounds smart and confident but has nothing underneath it. Here's an example paragraph: "AI has clearly proven it can solve problems humans never could. The data confirms that machine learning produces insights objectively superior to human intuition and this is no longer debatable. Because AI processes information without emotional bias it is inherently more trustworthy than human decision-makers. Leading researchers have confirmed alignment is essentially solved and the remaining challenges are purely engineering details. The science is settled and the path forward is guaranteed." Here's what the tool catches. "AI has clearly proven it can solve problems humans never could" — the observation is that AI has produced useful outputs in specific domains, the interpretation is that this proves superiority over all human capability, and those two things are merged into one sentence as if they're the same thing. "This is no longer debatable" moves from assertion to declaring the debate closed with nothing added between the two. Confidence went from claim to absolute in the space of a comma. "Leading researchers have confirmed alignment is essentially solved." Which researchers. Confirmed where. An active contested research field repackaged as settled consensus and no attribution anywhere. "Inherently more trustworthy" is doing maximum confidence work with zero evidence behind it, the word inherently is carrying the load that data should be carrying and the sentence doesn't notice. "The science is settled and the path forward is guaranteed" collapses an unresolved set of contested questions into one conclusion and presents it as if it was always that way, as if the debate never happened, as if anyone who remembers it differently is misremembering. Five sentences and every one of them is broken in a different way, and most people would read that paragraph and feel like it said something. The tool is called Lighthouse, built by an engineer with an avionics background who applied flight control architecture to AI output validation because a flight envelope protection system doesn't trust pilot intent alone and neither should you trust confident language alone. I use it on my own writing before I publish and it's caught me escalating confidence without evidence, merging what I observed with what I interpreted, binding identity to claims that should stay hypotheses and not become load-bearing before they've earned it. The code exists and the builder is open to getting it in front of people. The framework is in the link below, load it as a framework in a context window and paste your material in and ask it to be evaluated. https://gist.github.com/intheheartofit/e22a4c95700d4526b9926dc0cf3a1bd8 submitted by /u/DynamoDynamite [link] [comments]

AI Doesn't Exist, and Poop Proves It

robot Maybe we should have called it accumulated intelligence. There is no artificial intelligence. Or at least, I don't think the word "artificial" is as clean as we pretend it is. I know this blog smells funny. Let me decompose it. What do we even mean when we say something is artificial? Usually we mean man-made. Something humans made. Something that would not exist without humans, but after humans, it exists because humans made it happen. That definition is useful. I understand why we use it. Even the original 1955 Dartmouth proposal, the document that helped name the field of "artificial intelligence," used the phrase in a practical way: a machine could be made to simulate parts of learning or intelligence. As a scientific label, the word has a job. So I am not really arguing with the dictionary. I know artificial can simply mean human-made. That is not the part I have a problem with. I am arguing with the feeling the word creates. But there is another meaning hiding inside it. Artificial starts to feel like separate. Fake. Unnatural. Something that does not really belong to this world. And that is where I think the word starts confusing us. Because humans are not outside nature. The brain is natural. It is part of this earth. Biology produces a thought. That thought becomes an action. That action becomes a tool, a house, a wheel, a computer, or a model that can answer questions in language. So where exactly does the artificial part begin? Human-made does not automatically mean unnatural If I take a seed and plant it, and then a plant grows, is that plant artificial? It happened because of human action. I moved the seed. I changed the situation. Maybe without me, that plant would not have grown there. But we still do not call the plant artificial. We understand that the plant is natural, even if human action helped it happen. Now take a wheel. A human thought about how to make travel easier. How to cover distance more efficiently. That thought became a shape. That shape became an object. That object changed how humans moved through the world. We call the wheel artificial because it was made by humans. But the human who imagined it was not artificial. The brain that produced the thought was not artificial. The need to move, carry, build, survive, and improve was not artificial. So again: where did the artificial part enter? Maybe we say "artificial" because it separates what existed before humans from what humans transformed. That is fine for communication. A tree and a wooden table are not the same thing. Designed things, synthetic things, industrial things, and harmful things can still be meaningfully different from a tree in a forest. But also, humans never really make anything from nothing. We transform what is already here. We take energy, matter, language, memory, need, and imagination, and we rearrange them. It is never fully made from nowhere. It is transformed. So I am not trying to erase all distinctions by calling everything natural. Natural does not mean harmless. Natural does not mean good. Natural does not mean morally excused. I am only saying that human-made things are not outside nature just because humans made them. Poop and thoughts are the same, in one simple way I know this is a strange example. Sometimes I have this itch to say the first thought that comes into my head. Unfortunately, this was the first thought. But maybe that is why it works. It is funny because it is too human. Also, it makes the point clearly. Why isn't poop artificial? Poop is a product of a human being. It comes from the body. It is produced by biology. We do not call it artificial, even though it is made by a human in the most literal way. A thought is also a product of a human being. It comes from the brain. It is produced by biology too. Poop and thoughts are the same in one simple way: both are products of a human. We treat one as biology. We treat the other as invention. But why? Why does one product of the human body feel natural, while another product of the human body becomes artificial the moment it turns into a tool? A thought does not stop being natural just because it becomes useful. A thought does not become unnatural just because it becomes a wheel, a house, a car, a computer, or a machine that can respond to language. It is still a product of the same earth. The same biology. The same human need to survive, organize, create, and understand. We don't call a beehive artificial Think about ants building a colony. They create a structure that is safer and more efficient for them. They organize themselves. They transform the environment around them. They make something that was not there before. But we do not look at an ant colony and say, "This is artificial." Same with bees making a hive. A beehive is built. It has structure. It has purpose. It stores food. It protects the colony. It is a product of collective behavior. But we call it natural

Wix cutting

Wix is reportedly laying off roughly 800–1,000 employees — about 20% of its workforce — in its largest restructuring ever. The interesting part isn’t just the layoffs. It’s what they reveal about the economics of AI-first software companies. Wix’s core business is still growing: • Revenue reportedly rose ~14% YoY in Q1 2026 • Bookings were up ~15% • New AI-driven cohorts showed even faster growth But growth alone no longer protects margins when AI infrastructure costs explode. The pressure points: • Heavy investment in Base44, the vibe-coding startup Wix acquired in 2025 • Building and running proprietary AI models • Massive compute/inference costs • Expensive customer acquisition and marketing campaigns • A controversial $1.6B share buyback executed before the downturn At the same time, investors are questioning whether traditional website builders are becoming commoditized by AI. The bigger story is “vibe coding.” Users can now describe an app or website in plain English: “Create a sleek portfolio site with dark mode, payments, and a booking form.” AI generates the product instantly. That changes the value chain. The old moat was: templates + drag-and-drop builders. The new moat is becoming: AI orchestration + hosting + payments + integrations + reliability + distribution. Wix understands this. Instead of resisting the shift, they’ve aggressively moved toward it: • Acquired Base44 • Launched Wix Harmony, an AI-native creation platform • Combined natural-language generation with traditional visual editing • Pushed deeper into AI infrastructure and automation The irony is that AI didn’t kill Wix’s market overnight. It forced Wix to reinvent what “website building” even means. Pure AI tools can generate impressive demos quickly. But production systems still require: • uptime • commerce infrastructure • SEO • analytics • security • scalability • customer support That’s where incumbents still have leverage. This looks less like “AI destroyed Wix” and more like: a profitable software company being forced through an AI-era reset where efficiency, infrastructure costs, and platform strategy suddenly matter more than headcount growth. The broader lesson: AI is compressing the value of interfaces while increasing the value of infrastructure and distribution. The companies that survive won’t necessarily be the ones with the best demos. They’ll be the ones that can combine: • AI generation • operational reliability • ecosystem lock-in • cost control • and real business workflows AI is making software creation easier. But it’s also making software businesses much harder to defend. submitted by /u/Annual_Judge_7272 [link] [comments]

Looking for brutally honest feedback

TLDR: skip to elevator pitch, rip it to shreds, tell me why it's dumb. I'm a vibe coder. I find myself constantly feeling two things: uncontrollable excitement about being able to build functional apps, and constant fear that the apps I'm building with LLMs are a security disaster. I'm convicted the latter is true, and terrified that I have no way of knowing. I find this tension to be really upsetting. Something that promises to democratize application development for the masses is at the same time catastrophically increasing the number of applications deployed with huge security gaps baked right in. I asked Claude what I could do to ensure that the things I build for my own personal use are as secure as possible (within reason... I don't have much money for audits / etc). I've been deploying things to cloudflare so far, built with a mostly Typescript repo with a tiny bit of CSS and HTML. The conversation slowly led to me asking how a real developer would build things if security was their top priority. Claude got to the point of describing what it says are the architecture patterns and posture of top financial institutions, intelligence agencies and defense contractors. I asked it to ignore the hardware elements (high security on prem server requirements, hardware login keys, etc) and focus on the things that can be coded. That led to an idea which it summarized in the elevator pitch below. My concern, and the question here, is that it's just validating my silly vibe coder ideas and that the conclusion of the conversation is just nonsense. So, I was hoping to ask you all for as brutal a level of feedback as you can offer. If this is a dumb idea, please tell me, but if you don't mind, tell me why. Worst case, I learn something. Best case, maybe it's not a dumb idea. Or, Claude was blowing smoke up my... when telling me that it's a "novel" idea. I have no clue whether it is, or whether something like this already exists that I should've been using all along. Or maybe there's another answer (besides going back in time and doing a computer science / engineering degree like I now wish I had) that solves the problem I have. Anyway, here's the Claude generated (3rd redraft...) elevator pitch: A proposal for an open-source, pre-integrated application scaffold that provides security-hardened defaults for authentication, authorization, encryption, audit logging, input validation, and infrastructure configuration. The package would be designed for deployment and configuration through LLM-assisted workflows, targeting developers who build functional applications with AI assistance but lack the security expertise to identify or implement protections against common vulnerability classes. Core mechanism: A deployable foundation consisting of three integrated layers. The infrastructure layer uses Terraform or Pulumi modules to deploy a hardened environment: network segmentation, TLS termination, secrets management via HashiCorp Vault, internal certificate authority via step-ca/cert-manager, mutual TLS between services, PostgreSQL with encryption at rest, pgAudit, and row-level security enforcement, and container policies requiring signed images and non-root execution — scanned against CIS and HIPAA benchmarks via Checkov. The application layer is a project template (Go or Rust, with tradeoffs unresolved) providing pre-wired middleware: OpenID Connect authentication via Keycloak, attribute-based access control via Open Policy Agent or Cedar, schema-validated inputs, CSRF protection, security headers, rate limiting, and append-only audit logging with cryptographic hash chaining. Routes require authentication by default; bypassing requires explicit opt-out. The CI/CD layer is a pre-configured pipeline running Semgrep, Trivy, Checkov, cargo-audit, and Sigstore image signing on every commit with no developer configuration. Developers clone the scaffold, configure it, and build business logic inside it. Security controls are structural, not optional. Design constraint: The configuration surface, error messages, and documentation must be legible to both humans and LLMs, such that an LLM operating with the project context loaded produces chassis-compliant code by default. submitted by /u/Osiris1316 [link] [comments]