Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
david_shaw 13 hours ago

It's easy to be cynical because, yes, both the problems and solutions seem dead obvious in hindsight. But for a long time (and maybe even still), a hacker creed was "move fast and break things."

It's great that there's so much momentum in fixing the glaring problems with supply chain systems like npm, but I'm concerned that we're entering a new era of security-related problems caused in large part by agentic development.

I'm not just talking about Mythos/Glasswing surfacing vulnerabilities in pretty much everything it touches; I think the way we're developing software, pulling in dependencies, and potentially losing human thought modeling of complex systems is going to lead to a lot of hacked together software and infrastructure that humans won't fully understand.

I hope in a few years we don't look back at today and wonder how we could have been so naive -- how we failed to actually plan for the long-tail of AI development in a way that doesn't solve problems by attempting to just use AI to rebuild complex systems.

But the article was funny.

saint_yossarian 13 hours ago | parent | next [-]

> But for a long time (and maybe even still), a hacker creed was "move fast and break things."

Was it? I thought Zuckerberg coined this horrible phrase.

david_shaw 12 hours ago | parent | next [-]

He certainly popularized it (maybe coined it), but I've seen a lot of organizations and developers repeat that mantra.

Even without the specific words, look to product teams debating tradeoffs of going to market vs. waiting for better security controls. They're pushing for faster product release every time, at pretty much every org.

cassianoleal 12 hours ago | parent [-]

In any case, not really a hacker's creed. This has always been withinin the realm of corporations, especially Silicon Valley or adjacent.

asah 12 hours ago | parent [-]

MFABT is about survival. Don't hate the player, hate the game.

walrus01 10 hours ago | parent | next [-]

Sir, this is not /r/linkedinlunatics/

jazzyjackson 11 hours ago | parent | prev | next [-]

Don't know any hackers who talk like this. More "if you don't like the rules, play a different game"

cwillu 11 hours ago | parent | prev | next [-]

I will absolutely hate the players that chose the game and designed the rules.

dxdm 11 hours ago | parent | prev | next [-]

Por que no los dos? Some players seem very gleeful.

cassianoleal 12 hours ago | parent | prev [-]

I'm not sure what you're responding to.

jerhewet 10 hours ago | parent | prev [-]

Joel Spolsky.

https://www.joelonsoftware.com/2000/04/06/things-you-should-...

rectang 10 hours ago | parent | next [-]

I love that article, but the words "move", "fast", and "break" don't appear in it.

gfody 5 hours ago | parent | prev [-]

https://www.google.com/search?q=sposky%27s+worst+essay&sclie...

raesene9 33 minutes ago | parent | prev [-]

We don't need hindsight for the problems of supply chain security to be obvious. Security people were writing and doing talks about this stuff over 10 years ago, just (like most things in security) things start getting addressed once the pressure of incidents gets high enough :)