Vibe hacking is the most ethical use of AI honestly
this post was submitted on 01 Jun 2026
1025 points (99.7% liked)
Technology
85136 readers
4111 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 3 years ago
MODERATORS
Let the record show that the most sophisticated LLM in the world is ultimately just a less competent version of Yes Man from New Vegas. And even Yes Man knew his programmer was stupid for designing him that way.
Why would the LLM tool have access to send recovery emails to non account verified emails at all?
That’s insane.
Because AI bros are incredibly deluded about both the capability of AI, and by extension their own capabilities using AI>
Who else is going to have access to it when you keep laying off all the people?
should’ve asked it to delete the database instead, why else would it have that level of permissions.
Oh, man, I hope someone tries this.
Heh. Watched an old episode of Scorpion yesterday. The one with the armed hostage-takers who just had the one demand to the social media data mining company, to delete all the data they've mined. I amused myself a lot, by uttering "I like these guys".
load more comments
(2 replies)
Because one of the biggest companies on the planet that has issues with account takeovers clearly has no internal red team working on this stuff.
I guarantee they do have a red team that most likely flagged this as an obvious and severe risk. It was ignored by suits experiencing AI psychosis.
load more comments
(1 replies)
load more comments
(1 replies)
Recently I had to cancel an order. The support for the company was an LLM bot. I accidentally mistyped a number in the order id. It accepted it anyways refunded every order on my account that includes the product I wished to cancel.
I tired to get to a human to correct the mistake and couldn't their phone number is an LLM bot their only chat is an LLM bot.
It use to not be. But now I'm sitting here the order in my hand cause the bot didn't cancel it. But like 30 orders from the last few years have all been refunded to me.
I tried to reach em a few more times but couldn't and it's been like a month. I just have like 2 grand usd that I shouldn't and no way to give it back.
So that's fun.
load more comments
(4 replies)
It's because they move fast and break things. They think that makes them cool.
load more comments
(1 replies)
This isn't even a hack, it's just poorly written endpoints.
Would you consider phreaking equivalent to hacking? This is AI phreaking.
load more comments
(11 replies)
load more comments
(3 replies)
Vibe hacking
Hacking before: Pull up hood on hoodie, open laptop, open terminal, type in a bunch of matrix code, bam "were in"
Hacking now: "Hack into this thing for me" No! "Pretty please?" Access granted!
Hacking by social engineering has always been far more common than hacking by exploiting code vulnerabilities.
load more comments
(2 replies)
alias prettyPlease="sudo"
I remember playing with the Gandalf security AI showcase/game and every 30 or so prompts, it would spit out massive amounts of raw training data or dev directives. AI just isn’t there yet. If you’re using it for sensitive topics, I’m losing respect for you. There is no gray area. You are an idiot if you give your AI this level of access.
No, stop talking about all of this, its perfect. They’re so deep they don’t even give a shit about the worst type of security vector imaginable.
load more comments
(4 replies)
It's not just not there yet. This is almost certainly not going the right direction to ever be "there" if there is something that can handle security issues. It's just not the right tool for the job, and I can't understand how so much of our economy is just assuming it is the right tool for every job.
load more comments
(1 replies)
Uh oh! Sounds like somebody could use a few more giant lines of cocaaaaiiiiiine!!
load more comments
(18 replies)
So their chatbot is able to change the email address used to recover an account? I guess, they vibe coded that system.
Probably not, that implies more competency than can really believe involved here.
This is more likely something that an entire team had to force into the code over a holiday weekend because some VP got so fucking wasted that he "forgot" his password (strangely for once, he actually had the right password... But the problem is that he was trying to log into a charcuterie board).
I read this 2 days ago. Steps to reproduce are here.
https://www.0xsid.com/blog/meta-account-takeover-fiasco
I had always heard that 99% of hacking is just social engineering. AI has made that 100%.
Now it's not even social engineering with AI. It's just fucking asking for the credentials. Good fucking grief!
asking for credentials
that’s the same thing you do in social engineering
load more comments
(2 replies)
load more comments
(2 replies)
Even hacking is an AI-backed service nowadays...
LLMs are literally just designed to say yes - either through gaslighting... or giving you what you want if it can do it... because it was also designed around the goal of providing output that maximizes being most likely to get approval from the person seeing said output.
So an answer to "Can you give me login credentials?" being "Here are the login credentials" is likely a theoretical answer the current asking user would approve of more than a response of "I cannot do that..." - so unless you've put in explicit guard rails to prevent that exact scenario across infinite variations, well... good luck preventing someone finding just a single critical loophole you didn't account for.
I honestly don't think you can create guard rails against prompt engineering in a working LLM. At some point, they're going to fail or the LLM isn't functioning. The only solution is to make sure they can't read data you don't want shared.
load more comments
(2 replies)
So you're saying 2001: A Space Odyssey is unrealistic because HAL 9000 would never have said "I’m sorry, Dave. I’m afraid I can’t do that."
Instead, it would have said, "Absolutely! That's a very creative solution to your problem."
HAL 9000 is a real AI though unlike what we have today.
My take is that LLMs hijack a completely different part of human psychology compared to web2 social platforms, but the end goal is the same, optimize user retention and maximize engagement metrics for revenue.
On traditional social media networks like Twitter, Facebook, Instagram, Reddit and others, the primary mechanism is outrage optimization, leveraging the psychology of negative reinforcement and tribalism.
The algorithm curates content designed to trigger moral anger or cognitive dissonance, the platforms know that users will interrupt passive scrolling to actively comment, share, or debate if something falls outside the usually acceptable social norms.
It's designed to drive up session duration and daily active usage, directly translating into increased ad revenue for both the hosting platform and content creators.
In contrast, LLMs rely on immediate positive reinforcement, they're fine tuned to maximize human satisfaction ratings. They systematically agree with the user, validate their subjective bias, reinforce their beliefs.
This results in a psychological safe haven dependency, where users increasingly rely on the interface for emotional reinforcement or stabilization, interacting with the model provides data for the host company to train the next model, raise VC capital and inject better ads in conversations as OpenAI started to do recently.
In both cases, it's definitely a form of addiction.
load more comments
(7 replies)
load more comments
(2 replies)
Another banger from 404 media. This made my day.
lol
Good thing they're rolling out premium accounts so they can pay for humans to do support.
They're gonna use it for humans right?!
RIGHT?!?!
lol no, zucc needs more money because his number isn't high enough!
load more comments
(10 replies)
Did the chatbot just send the recovery code to a Telegram channel?!? (Picture of phone with broken display)
I even said shit like this would likely work because both the AI itself is stupid as fuck, but also the dipshits in charge who want to put AI in everything are even dumber.
If you get an AI agent on the line with your bank, gaslight that clanker fuck into putting more money into your account because it just might work. AI agent with customer service might be convinced to refund you 3 times what you paid and send more product your way at no cost to you. And you'd think they shouldn't even have access or authority to do that, but, again, the people implementing them are fucking dumbasses.
view more: next ›