nobody confident in their own abilities is panicking
-
if youve ever been burned because some asshole in HR shitcanned your resume because "you didnt go to the right college" or you couldnt score a gig because "you refused to get a cissp", or if youve ever ragequit a job because you were just "the token security person who was only there to fulfill a checkbox, and nobody listened to you and you felt like your job didnt matter" then you should want it to burn down too
According to the AI developer, Claude Code Security is context-aware - as opposed to simply doing static code analysis. It "reads and reasons about your code the way a human security researcher would: understanding how components interact, tracing how data moves through your application, and catching complex vulnerabilities that rule-based tools miss," the company said.
It's really hard to tell the difference between a human and the masterful work of our friend Claude.
-
@Viss Here is where you should be concerned though, the idiots in charge who do not understand how LLM's work, or how well they work, or, more to the point, don't work.
It's all been a sales campaign to sell the notion that they don't need people. Just replace them with an AI.
It's gonna take some time before the gen pop has the large enough fails from doing so, that they will wake the fuck up.
@krypt3ia @Viss Don't you think we will experience some benefit for the sheer speed at which these systems fail?
The "dot com" bubble-burst seems annual at this stage and I don't think a lot of young people are looking at the industry with quite the same wide-eyed wonder they did in the past. We've got decades of bitter and jaded "consultant" trying to carve out a living since companies have "trimmed the fat". It's dangerous to install anything using
npmand evencurlis closing up their bounty board due to the sheer swell of AI-slop.Enshittification is a tidal wave, but at least it'll be quick? Maybe?
-
if youve ever been burned because some asshole in HR shitcanned your resume because "you didnt go to the right college" or you couldnt score a gig because "you refused to get a cissp", or if youve ever ragequit a job because you were just "the token security person who was only there to fulfill a checkbox, and nobody listened to you and you felt like your job didnt matter" then you should want it to burn down too
i've spent most of my career knowing i'd need to get my resume to the hiring manager and bypass HR if i wanted to have any chance of not getting "screened". most HR spend no more effort trying to understand position requirements than netflix spent on it's "recommended" algorithms.
LLM resume reviews will be that bad or worse. burn it all down.
-
@krypt3ia @Viss Don't you think we will experience some benefit for the sheer speed at which these systems fail?
The "dot com" bubble-burst seems annual at this stage and I don't think a lot of young people are looking at the industry with quite the same wide-eyed wonder they did in the past. We've got decades of bitter and jaded "consultant" trying to carve out a living since companies have "trimmed the fat". It's dangerous to install anything using
npmand evencurlis closing up their bounty board due to the sheer swell of AI-slop.Enshittification is a tidal wave, but at least it'll be quick? Maybe?
@jackryder @Viss Time will tell
-
nobody confident in their own abilities is panicking
https://www.theregister.com/2026/02/23/claude_code_security_panic/?td=rt-3a
the people who are panicking are signaling.
@Viss Panic! At the Infosec?
-
@Viss Panic! At the Infosec?
@catsalad surely it would be (kernel)panic at the cisco
-
@Viss Panic! At the Infosec?
-
@jackryder @catsalad dat fallout boy doe
-
@catsalad surely it would be (kernel)panic at the cisco
-
@jackryder @catsalad dat fallout boy doe
-
Thnks fr th Xmms
-
@Viss Here is where you should be concerned though, the idiots in charge who do not understand how LLM's work, or how well they work, or, more to the point, don't work.
It's all been a sales campaign to sell the notion that they don't need people. Just replace them with an AI.
It's gonna take some time before the gen pop has the large enough fails from doing so, that they will wake the fuck up.
@krypt3ia @Viss That's my prediction: intense executive pressure is going to lead to a lot of budget being blown on vendors, and then people who're being asked to do more with less will run the risk of being scapegoated when it doesn't work as well as it did in the demo.
Not a new story in infosec but it's cranked up to 11 this time…
-
@krypt3ia @Viss That's my prediction: intense executive pressure is going to lead to a lot of budget being blown on vendors, and then people who're being asked to do more with less will run the risk of being scapegoated when it doesn't work as well as it did in the demo.
Not a new story in infosec but it's cranked up to 11 this time…
-
nobody confident in their own abilities is panicking
https://www.theregister.com/2026/02/23/claude_code_security_panic/?td=rt-3a
the people who are panicking are signaling.
@Viss this is the "appsec is gonna save cybersecurity" shit all over again.
-
@krypt3ia @Viss That's my prediction: intense executive pressure is going to lead to a lot of budget being blown on vendors, and then people who're being asked to do more with less will run the risk of being scapegoated when it doesn't work as well as it did in the demo.
Not a new story in infosec but it's cranked up to 11 this time…
@acdha @krypt3ia my one hope is that all the yolo types, the ones who lied on their resumes to get infosec jobs, who cannot function without having to google everything or rely on a chatbot to do their jobs for them will have to admit defeat and crawl back to starbucks or wherever it is they came from
-
@Viss this is the "appsec is gonna save cybersecurity" shit all over again.
@Viss 5-10 years ago, companies that did appsec assessments were beating themselves off about how writing better code was gonna eliminate cybersecurity and yet, we're still here.
-
@Viss this is the "appsec is gonna save cybersecurity" shit all over again.
@da_667 the beatings will continue as long as people who dont know shit about computers continue to find themselves in leadership positions where they make the rules about how computers work and who can do what with them
-
@Viss 5-10 years ago, companies that did appsec assessments were beating themselves off about how writing better code was gonna eliminate cybersecurity and yet, we're still here.
@da_667 heh, i remember a bunch of folks saying how "solid technical controls will eliminate phishing"
then i remember saying "2fa will eliminate phishing"
then "totp will eliminate phishing"
then "zero trust will eliminate phishing"
then "okta will kill phishing"
then "facial recogition and fingerprints will eliminate phishing"
no - as long as you can social a human into clicking shit, phishing will exist.
-
@Viss 5-10 years ago, companies that did appsec assessments were beating themselves off about how writing better code was gonna eliminate cybersecurity and yet, we're still here.
-
@acdha @krypt3ia my one hope is that all the yolo types, the ones who lied on their resumes to get infosec jobs, who cannot function without having to google everything or rely on a chatbot to do their jobs for them will have to admit defeat and crawl back to starbucks or wherever it is they came from
@Viss @acdha There is nuance to be had here though. Sure there was a push for everyone to get into the cybers for the six figures, but, on the other side of it, there is just SO FUCKING MUCH to this field that no one can be a master of it all.
So, using Google is a feature that we all use. I can't vouch for the lying on resume's but, I think we have a problem in our community of being all the "smartest one's in the room all the fucking time"
I chime in with a "Haven't you people ever heard of commenting your goddamn code? No..."
