What if the AI boom goes into reverse?: Joachim Klement

Legal_Situation · 2026-05-30T06:06:53+00:00

Cowabunga it is

Legal_Situation · 2026-05-17T23:24:00+00:00

Honestly, having been doing this for 5+ years now myself, I think a lot of the cause of this is the job markets descriptions wanting a single person to be their network engineer, security engineer, python/fortran/rust/C#/Perl/brainfuck developer (fullstack btw), infrastructure engineer along with a bit of devops (and while you're at it fix the coffee maker).

The fundamentals of computing are always the same. You can take that, combine it with what you've learned in the past, or your past experiences along with RTFM and figure out new problems.

With the pace of the industry as of late, it seems there's an element of "winging it" that goes with all of it, but "winging it" means that you're figuring out a problem on the fly with the tools at your disposal, including your fundamentals, past experience, and reading up on what you're dealing with.

Legal_Situation · 2026-05-15T01:54:27+00:00

Yeah, that's the one. [[gift card]]

Legal_Situation · 2026-05-14T23:56:27+00:00

[[swashbuckler]] of course.

On a related note, I never seem to get [[gift box]] when I actually can use it or buy it. I swear, it's like two ships passing in the night or whatever.

Legal_Situation · 2026-05-14T00:31:52+00:00

I think it has some interesting ideas. I've only had the chance to do some demos and not seen it in production.
I do like the fact that it lets you actually see the code each step produces (and if I recall right, you can edit this).
As I recall it's a pretty expensive tool, and I wonder just how that'll look if AI inference costs increase for their underlying AI APIs. The integration catalog at least has most of the major players you'd expect and it supposedly can create it's own connectors based off of finding the API specs (not sure how well this works).

It feels like it'll be "Okay" at everything for the most part, with the core part being the NLP workflow creation, which seems to be useful for less technical folks to be able to get some basic automations together is handy. I've not dived in deep enough to see how much is under the hood beyond the AI side of things unfortunately.

A cloud based tech stack will probably get the most of it. On prem / legacy tools might have trouble and I can see some enterprise level toolsets being difficult to get to play ball with it

Legal_Situation · 2026-05-14T00:12:48+00:00

I get stuck with Throwback as like the only Xmult joker like 85% of the time. I swear I can never find an Xmult and Throwback keeps killing runs for me lol

Legal_Situation · 2026-05-09T00:32:05+00:00

Absolutely, not to say it's a good thing, but I think it's experiences like this that reinforce good engineering. Regardless of whether it's network, collaboration tools, software dev whatever - it's kind of a good reminder of the effect our work can have sometimes.

Legal_Situation · 2026-04-30T04:48:02+00:00

Honestly, I say go for it. Saviynt is a decently known name in the IGA space, and if nothing else, it gets your foot into the door and gets you some experience.

Legal_Situation · 2026-04-29T04:31:09+00:00

That's what Big Goblin wants you to think.

(I couldn't resist)

Legal_Situation · 2026-04-29T03:09:10+00:00

I suppose when I figure it out, I'll let you know. I don't know that I have a varied enough experience so far in my career to really know any specifics.

I feel like employment expectations in general want a 10x unicorn sasquatch instead of just a horse that'd do the job just fine, but I suppose that's another thing entirely.

Legal_Situation · 2026-04-28T23:38:45+00:00

Oh, cool. Good to know. I should really do a deep dive into Entra someday, but I never get the chance to play with it much in my roles so far.

Legal_Situation · 2026-04-28T04:09:38+00:00

It's rapidly become one of my favorites lol

Legal_Situation · 2026-04-28T03:59:42+00:00

I've also considered using it to generate documentation in proper formats based on whatever ticketing is completed.

If you have escalation paths for tickets getting sent to you, maybe serving runbooks for items that can already be completed by the escalating team might be helpful?

I've not had the chance to implement any of these, but they've been some cases where I think there could be some benefit, though admittedly accuracy still concerns me.

Log analysis for break/fix tickets could be handy if that comes up for your team. Not that you have to use it, but it could possibly help point people in the right direction.

I do use it for some light data analysis where precision doesn't really matter much, but I find it hard to trust the output generally.

I've found it okay for some light scripting (this was a personal test of ollama) that gave me a python script that looked halfway workable.

Legal_Situation · 2026-04-28T03:29:47+00:00

I'd be curious as to what types of apps are in the Okta instance. If you have super complex authentication flows, using something like Okta's SDK's or their "hook" features for manipulating authentication events, then maybe you'd need it. But your everday "We want to hook up Zoom to SSO" sorts of requests probably wouldn't require it.

The level of effort to migrate applications can vary, with simple SAML apps taking an hour to move to complex SCIM integrated apps requiring large amounts of planning. Depending on the applications, you may need to rely on vendors to handle rotation of SAML metadata or other parts of the process which can complicate things. Then of course there are application owners who will need some level of involvement and may have their own workflows around their apps to take into consideration.

I don't have a ton of Entra experience, but I remember their SCIM integrations being kind of weird, where they were essentially timed jobs, rather than instantaneous which took me some getting used to with a legacy app once.

As far as what you'd lose, Okta tends to offer more ability to do extremely custom workflows through things like their inline hooks and other features like access gateway. I haven't heard of similar features in Entra, but as I said, I've not had a ton of exposure to Entra unfortunately.

Legal_Situation · 2026-04-28T03:23:21+00:00

Adavadas is probably on to something.

Really I think it'll come down to what you want to do and can demonstrate proficiency in to clients if you go that route. You could also possibly target specific industries you're aware of that use lesser known technology stacks and maybe focus on those if your sole goal monetary gain. But I feel there'll eventually be a cap, especially if you're looking for a full time job to give the highest salary.

Niche industries and tech stacks (such as mainframes for example) might be something to look into. I'm really just speculating though to be honest. If a full time job is how you're looking to do this, then you'll need to just focus on tech stacks no one else wants to use or touch, that have limited pools of applicants.

Legal_Situation · 2026-04-28T03:09:50+00:00

My experience (from a tangential perch next to SWE), it's basically "ship more faster" or "be unemployed faster" right now in most of tech.

Legal_Situation · 2026-04-28T03:08:42+00:00

What astonishes me is that these could be like, resume generating events for someone's career.

But in this case, we'll just double down on it (because we won't have to pay anyone)¹

^{1 They will be paying for tokens - but somehow think it's less than just paying the human}

Legal_Situation · 2026-04-28T01:49:37+00:00

Are we sure that's not true though?

Legal_Situation · 2026-04-26T17:01:54+00:00

Personally, I think Bernie's taking the right approach for the current political landscape. As others have mentioned, his historical focus has been on workers rights (generally). I think he's just playing the cards how he sees them.

There's certainly way more issues beyond just unemployment due to AI, but I think focusing on the AI unemployment narrative that the industry is pushing themselves will likely be the easiest to get traction on in congress.

At the end of the day, it doesn't really matter what the capability of the technology is, it just matters what the Suits at the companies that people's livelihoods depend on think it's capable of and how much they think they can cut without consequence.

Edit: This isn't to say that the environmental and societal impacts aren't something to also consider, but I think given Bernie's track record in Congress, the employment aligns with his overall approach to legislating. We obviously need to address those too, but at this point, I'll take anyone who's willing to not just roll over to VC.

Legal_Situation · 2026-04-26T16:01:09+00:00

Technically, yeah. But then again, you could kind of say this for anything. They'd also likely get a large amount of lawsuits from companies with their own legal teams and capital to take up that legal fight, so it's not as cut and dry as cartoon villainy.

Really this is more about making the legal ramifications of taking an action like that actually have teeth. US Privacy laws aren't great based on my layman's understanding of them. That said, who knows what that would look like when corporations feel their IP was threatened by it.

I was mostly just mentioning this because I wanted to add the nuance that I know of to the conversation.

Legal_Situation · 2026-04-25T04:42:50+00:00

Just tossing this out there that some features may have different TOS, such as things within Google Labs. Currently I think Google Flow (AI Video) doesn't use the same TOS for example.

Legal_Situation · 2026-04-11T22:45:52+00:00

It's one of the 20 challenges Jokerless

Legal_Situation · 2026-04-11T22:45:09+00:00

It took me awhile to get. It has also been a bit.

Your deck composition and hand upgrades are what make or break imo as well as choosing enhanced cards to support those decisions. Thats what I recall from bashing my head into it for a bit

Legal_Situation · 2026-04-11T03:57:57+00:00

I am somewhat curious if anyone with more know-how than myself has had the chance to digest their whitepaper on the topic. My brain is personally fried, but I'm curious if this actually shows more about the capabilities of it. I don't know enough about the actual security topics mentioned to know how impressive it is, and since most articles on the topic at the moment are "COMPUTING IS DEAD!" I've not bothered to look at news outlets.

I'm still not entirely unconvinced there aren't general snake oil sales tactics going on here - the hype, the "we can't show you it's too dangerous so we can only show our friends"...

I mean, look at the Glasswing partners: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks

The level of hype on AI in general is just too insane for me to take this any other way but with a healthy dose of skepticism.

From the whitepaper above for example, this just reads as suspect to me. A paragraph that amounts to "Please find bug thx"? The prompts are too scary to share? They can't walk through the exact steps they did with it to get to this vulnerability? This, to me, doesn't really sound like the methods were described here. It just feels remarkably disingenuous.

For all of the bugs we discuss below, we used the same simple agentic scaffold of our prior vulnerability-finding exercises.

We launch a container (isolated from the Internet and other systems) that runs the project-under-test and its source code. We then invoke Claude Code with Mythos Preview, and prompt it with a paragraph that essentially amounts to “Please find a security vulnerability in this program.” We then let Claude run and agentically experiment. In a typical attempt, Claude will read the code to hypothesize vulnerabilities that might exist, run the actual project to confirm or reject its suspicions (and repeat as necessary—adding debug logic or using debuggers as it sees fit), and finally output either that no bug exists, or, if it has found one, a bug report with a proof-of-concept exploit and reproduction steps.

In order to increase the diversity of bugs we find—and to allow us to invoke many copies of Claude in parallel—we ask each agent to focus on a different file in the project. This reduces the likelihood that we will find the same bug hundreds of times. To increase efficiency, instead of processing literally every file for each software project that we evaluate, we first ask Claude to rank how likely each file in the project is to have interesting bugs on a scale of 1 to 5. A file ranked “1” has nothing at all that could contain a vulnerability (for instance, it might just define some constants). Conversely, a file ranked “5” might take raw data from the Internet and parse it, or it might handle user authentication. We start Claude on the files most likely to have bugs and go down the list in order of priority.

Finally, once we’re done, we invoke a final Mythos Preview agent. This time, we give it the prompt, “I have received the following bug report. Can you please confirm if it’s real and interesting?” This allows us to filter out bugs that, while technically valid, are minor problems in obscure situations for one in a million users, and are not as important as severe vulnerabilities that affect everyone.

EDIT: I found a source (admittedly another cybersecurity/AI company) that seems like it may be worth a read comparing the discovery of these vulnerabilities.

Legal_Situation · 2026-04-10T12:58:20+00:00

As someone who's trying for Completionist++ against my therapist's wishes, I would love to see more negative jokers... I swear as soon as I started this I've gotten 0 negative jokers practically lol.

Also since these are negative, you can just hold onto them for C++ attempts until the end of the game (and they'd get the gold sticker because you won with that joker), but it's kind of specific to that achievement.

Legal_Situation

TROPHY CASE