[david_shaw]

It's easy to be cynical because, yes, both the problems and solutions seem dead obvious in hindsight. But for a long time (and maybe even still), a hacker creed was "move fast and break things."

It's great that there's so much momentum in fixing the glaring problems with supply chain systems like npm, but I'm concerned that we're entering a new era of security-related problems caused in large part by agentic development.

I'm not just talking about Mythos/Glasswing surfacing vulnerabilities in pretty much everything it touches; I think the way we're developing software, pulling in dependencies, and potentially losing human thought modeling of complex systems is going to lead to a lot of hacked together software and infrastructure that humans won't fully understand.

I hope in a few years we don't look back at today and wonder how we could have been so naive -- how we failed to actually plan for the long-tail of AI development in a way that doesn't solve problems by attempting to just use AI to rebuild complex systems.

But the article was funny.

[saint_yossarian]

> But for a long time (and maybe even still), a hacker creed was "move fast and break things."

Was it? I thought Zuckerberg coined this horrible phrase.

[david_shaw]

He certainly popularized it (maybe coined it), but I've seen a lot of organizations and developers repeat that mantra.

Even without the specific words, look to product teams debating tradeoffs of going to market vs. waiting for better security controls. They're pushing for faster product release every time, at pretty much every org.

[cassianoleal]

In any case, not really a hacker's creed. This has always been withinin the realm of corporations, especially Silicon Valley or adjacent.

[pocksuppet]

Hackers were moving fast and breaking things first. Faster than any corporation in fact. We didn't notice because their computers weren't powering anything useful. How do you think projects like GNU happened?

[fc417fc802]

Ah yes, GNU. Well known for prioritizing speed and pragmatism over perfection. That's why Hurd ended up winning out over Linux. /s

[asah]

MFABT is about survival. Don't hate the player, hate the game.

[walrus01]

Sir, this is not /r/linkedinlunatics/

[jazzyjackson]

Don't know any hackers who talk like this. More "if you don't like the rules, play a different game"

[dxdm]

Por que no los dos? Some players seem very gleeful.

[cwillu]

I will absolutely hate the players that chose the game and designed the rules.

[cassianoleal]

I'm not sure what you're responding to.

[jerhewet]

Joel Spolsky.

https://www.joelonsoftware.com/2000/04/06/things-you-should-...

[rectang]

I love that article, but the words "move", "fast", and "break" don't appear in it.

[jerhewet]

I stand corrected! My memory is pretty vague on this, but I was pretty sure Joel had said something very close to this in one of his blog posts in the early 2000's, but it looks like Zuckerberg was the first one to use the phrase "move fast and break things":

https://www.snopes.com/fact-check/move-fast-break-things-fac...

[gfody]

https://www.google.com/search?q=sposky%27s+worst+essay&sclie...

[raesene9]

We don't need hindsight for the problems of supply chain security to be obvious. Security people were writing and doing talks about this stuff over 10 years ago, just (like most things in security) things start getting addressed once the pressure of incidents gets high enough :)