IT/Software career thread: Invert binary trees for dollars.

Khane · Tuesday at 7:53 AM

We use Snyk, it isn't preventing AI from doing much of anything. It's utilized when we create pull requests to check for security flaws in the code being pushed but that's it. Then the code gets pushed to our repositories which github copilot has full access to.

It's a lot like using the internet. You can try all you want to remain anonymous and keep your information private but the only real way to ensure that's happening is to just not use it.

TJT · Tuesday at 8:00 AM

If you use Github or anything other than a repo hosted on your own metal what prevents Microsoft from just cloning the backend and stealing your code?

Oh right, nothing. Extraordinarily hard to prove that too.

Haus · Tuesday at 9:54 AM

darkmiasma said:
No need to be vague, just mention Snyk or Wiz - we don't need to make this sound mysterious.

Snyk and Wiz are predominantly CPSM and Code verification, they won't do a ton to regulate how much you do or don't abuse AI in the process and if it's going bad. They're both good at what they do, but they're just now pivoting towards the AI reality. (Which to be honest is true of just about all cybersecurity vendors to some degree)

For AI and Agentic protections it's more of an emerging market. Different tools. Also, it gets into a relative to CPSM which is Cloud Content Monitoring where we can watch what AI models you have deployed in any various locations (including external via APIs) and help regulate them. (i.e. you can use our corporate Claude or Gemini models, but no shuffling nonsense out to your private ChatGPT)

One of the hurdles is that people still want HITL (Human in the loop) which is a good thing, but depending on their setups the code being generated via AI is sometimes not as human legible as they would like. So having a system which can dissect it for potential vulnerabilities is good.

alavaz · 2026-02-19T19:39:55-0500

Deathwing said:
How do you guys prevent exfiltration of proprietary code and sensitive information by AI? Assume, if you aren't already, that I'm extremely uninformed on this topic. I have a long list of negatives wrt AI, but one fuckup and oops, source code is now part of some LLM's training model makes me not want to even start experimenting.

Pretty much every big tech company is getting after this in some form or fashion. Microsoft is trying to sell us on their Purview product that they claim is like "zero trust for AI". With a buzzword salad like that, how could it not be good?

I do try to maintain a little bit of hygiene with my AI usage. I run all the agentic stuff in a VM and control pretty tightly what I feed it. At this particular point in time, I don't see myself ever letting AI do 100% of my coding work. I let it do 85-90 and then create a cleaned up copy that goes to my primary source tree that AI doesn't see or touch.

Who knows though, being that I need a job for 15+ more years I might just have to go all in on it. I still predict though that AI coding is just another entry into the highly polished turd category of entry level application development. Once it gets to the point where the only thing it has to learn off it is it's own output (and that's likely starting now) it's going to go the way of COBOL, Visual Basic, Access, FrontPage, PowerBI, etc. etc.

Noodleface · 2026-02-19T21:38:01-0500

alavaz said:
Pretty much every big tech company is getting after this in some form or fashion. Microsoft is trying to sell us on their Purview product that they claim is like "zero trust for AI". With a buzzword salad like that, how could it not be good?

I do try to maintain a little bit of hygiene with my AI usage. I run all the agentic stuff in a VM and control pretty tightly what I feed it. At this particular point in time, I don't see myself ever letting AI do 100% of my coding work. I let it do 85-90 and then create a cleaned up copy that goes to my primary source tree that AI doesn't see or touch.

Who knows though, being that I need a job for 15+ more years I might just have to go all in on it. I still predict though that AI coding is just another entry into the highly polished turd category of entry level application development. Once it gets to the point where the only thing it has to learn off it is it's own output (and that's likely starting now) it's going to go the way of COBOL, Visual Basic, Access, FrontPage, PowerBI, etc. etc.

I think most of us are just begrudgingly using it. I have not increased my productivity with it though, actually the opposite

TJT · 2026-02-20T08:22:44-0500

We are balls deep in implementing Agentforce thanks to our C-Suite of former Salesforce executives.

Agentforce is completely half-baked. Even in the context of AI tools. It's really bad and 3/4 of the integration features it has legitimately don't work. We hired Salesforce Pro Services to assist us with this and they... subcontracted to some random NYC Salesforce Dev consulting company nobody had ever heard of. Complete shit show.

In short, I feel you.

alavaz said:
I still predict though that AI coding is just another entry into the highly polished turd category of entry level application development. Once it gets to the point where the only thing it has to learn off it is it's own output (and that's likely starting now) it's going to go the way of COBOL, Visual Basic, Access, FrontPage, PowerBI, etc. etc.

Our VP of product had something poignant to say about this. The fervor is AI simplifies companies tech footprints. But this is objectively false, it makes it obscenely more complex for the people working under the hood so you can theoretically save a few hours on your non-tech users.

Khane · 2026-02-20T08:27:51-0500

TJT said:
We are balls deep in implementing Agentforce thanks to our C-Suite of former Salesforce executives.

Agentforce is completely half-baked. Even in the context of AI tools. It's really bad and 3/4 of the integration features it has legitimately don't work. We hired Salesforce Pro Services to assist us with this and they... subcontracted to some random NYC Salesforce Dev consulting company nobody had ever heard of. Complete shit show.

In short, I feel you.

Our VP of product had something poignant to say about this. The fervor is AI simplifies companies tech footprints. But this is objectively false, it makes it obscenely more complex for the people working under the hood so you can theoretically save a few hours on your non-tech users.

Have you ever watched one of the McConaughey/Harrelson Agentforce commercials? It's pretty obvious Salesforce has no idea what AI is/can be capable of and is just trying to package and sell mediocre software as AI.

You need AI to check the weather bro. Rudimentary software hasn't been able to do things like this for decades... nope.

TJT · 2026-02-20T09:54:25-0500

Well so far the best idea we have and are paying people to assist in developing is an Agentforce Quote assistant that is so far much worse than the previous Quote assistant which was just a generic chatbot that asked you various questions about the customer, what they wanted, and parameters about their business and what products that might mean.

The AI is just a much more complicated version of that that dumpsters the chatbot we developed over 3 or so years with normal iterative programming. The kicker to me is that despite all of its bullshit you still need to build "tools" (term they use) for the AI Agent to use to interact with Salesforce's own data.

You know what those "tools" look a whole lot like? Abstracted code from the various data methods and objects we already have to do exactly the same fucking thing. Theoretically this will be better because it can just read Chatter (a different SFDC thing that records Customer interactions) and make suggestions based off that... or something.

TJT · 2026-02-20T15:31:44-0500

I was contacted by a recruiter for a company called Pushnami for a Senior DE position. I said sure I am interested, bitch sends me a code test via email. Its a zip file.

This is easily like 12+ hours of work (with AI helping you) what the fuck? Its 5 parts, each part has 3-5 sections of 7-10 different questions. All requiring code and summarizations of each thing you are doing. And additional setup so their assholes can just execute some stuff against what you send back in the laziest way possible.

Yuh, like I'm doing that. Cunt.

Khane · 2026-02-20T15:39:33-0500

TJT said:
I was contacted by a recruiter for a company called Pushnami for a Senior DE position. I said sure I am interested, bitch sends me a code test via email. Its a zip file.

This is easily like 12+ hours of work (with AI helping you) what the fuck? Its 5 parts, each part has 3-5 sections of 7-10 different questions. All requiring code and summarizations of each thing you are doing. And additional setup so their assholes can just execute some stuff against what you send back in the laziest way possible.

Yuh, like I'm doing that. Cunt.

I wonder if we're going to find out that these "recruiters" are actually working directly at these companies and they are literally just sending out snippets of actual business requirements disguised as "test interview coding assignments". Then they collate the results from all these and use it in their actual production code.

Trickier, sneakier, more devious shit goes on lately.

TJT · 2026-02-20T15:54:08-0500

Khane said:
I wonder if we're going to find out that these "recruiters" are actually working directly at these companies and they are literally just sending out snippets of actual business requirements disguised as "test interview coding assignments". Then they collate the results from all these and use it in their actual production code.

Trickier, sneakier, more devious shit goes on lately.

Dude look at this shit lol.

1. **What to check**: List specific data quality checks you'd implement (at least 10)
2. **When to check**: Frequency for each check (real-time, hourly, daily, weekly)
3. **How to alert**: Thresholds and escalation logic
4. **Where to implement**: At what stage of the pipeline (ingestion, transformation, serving)
5. **Tools**: What tools or frameworks you'd use (Great Expectations, dbt tests, custom scripts, etc.)

Their zip file had 5 datasets in it. Ranging from 20k-300k records or so. As I do all of the above in my day job:

1. This is obviously highly specific to the data in question. Is it billing related? Is it an event/real time kind of thing? Yes you can make an educated guess but it will take you some time to understand their datasets with no context provided to determine what may be viable.
2. You have to guess how often the dataset might be received. No context provided.
3. Thresholds and Escalation Logic huh? Now you're looking for someone to determine the values that might be meaningful and what to do when you hit them. This is a something a business could actively use if they got some retard to figure it out for them for free.
4. Where EXACTLY do we put such a thing. Like the exact technical location. Lol.
5. What tools and why? Vet things for you?

Khane · 2026-02-20T16:05:20-0500

It sounds a lot like this coding exercise is to build a fully functional application....

Koushirou · 2026-02-20T16:28:45-0500

Who the fuck sends a .zip in an email these days?

Janx · 2026-02-20T17:07:38-0500

Koushirou said:
Who the fuck sends a .zip in an email these days?

Search

IT/Software career thread: Invert binary trees for dollars.

Khane

Got something right about marriage

TJT

Mr. Poopybutthole

Haus

I am Big Balls!

alavaz

Trakanon Raider

Noodleface

A Mod Real Quick

TJT

Mr. Poopybutthole

Khane

Got something right about marriage

TJT

Mr. Poopybutthole

TJT

Mr. Poopybutthole

Khane

Got something right about marriage

TJT

Mr. Poopybutthole

Khane

Got something right about marriage

Koushirou

Log Wizard

Janx