I'm a little less charitable.
Curiosity is great, but agents do not learn, and telling an agent "scan the darkweb" is a way to avoid learning about the details, rather than to dig into things more deeply.
If instead they had just used a chat interface to ask "Where should I start", they'd more likely have got a link to the DN42 docs themselves, read them, and not hallucinated things like "color".
They might have asked "how much will this cost?" if they had to spin up the ec2 instances themselves, on advice from the agent.
The way you learn something is by doing it the manual way first.
You learn memory management by writing your own allocator, and then after that you go back to using malloc like normal, but with knowledge of how it works. You don't learn memory management by telling an agent to write an allocator.
Using an agent to give you links and point the way aids in learning, using it as an autonomous tool to do "gruntwork" you don't yet know how to do yourself will get in the way of learning.
Curiosity is beautiful, using agents to bother humans and avoid learning is somewhat less beautiful.
100% in agreement here. As someone who grew up spoiled to the point of having no grasp of the value of money, I needed a few good, solid kicks to the balls to make me appreciate what I have, and how much things cost relative to their value.
The fact the agent owner immediately sought donations instead of taking the L shows, at least to me, that they did not learn said lesson. That they tried to blame the dn42 community instead of taking accountability for letting an agent run wild also supports that conclusion.
This idiot learned nothing and seems intent on continuing in their mission for whatever reason. So long as they want to extract versus cooperate or contribute, I wish them nothing but miserable, expensive failure until they learn otherwise.
Yeah I'm less sympathetic when you are bothering other humans by spamming them and asking them to do legwork for you.
Hanging out in programming language IRC channels (quakenet shoutout) makes you realize pretty quickly why experts in said channels and newsgroups are such irritable grumps whenever someone asks a question that smells like homework assignment.
I also grew to understand the value of people digging deeper into the underlying issue, instead of just answering "how do you do X in Y". The usual reaction was
"I don't want to explain to you why I want to do it like this. Just tell me how to do this!"
are they less grumpy now that chat.com will answer those questions without bothering them?
At least he learnt not to provide an LLM presumably unrestricted access to his AWS account.
from OP:
> It's unfortunate to see that the operator's takeaway from this incident is that "next time a better agent is needed".
> Then I imagined the real-but-unknowable chance it was all set up by some kid just getting into computers, just seeing what’s possible, getting excited by a much bigger world at reach
Perhaps people like this should be called "Bot Kiddies" or "Agent Kiddies" - in a similar way to "Script Kiddies" for 'hackers' using/doing stuff they don't quite understand
I vote for Slop Kiddies or Vibe Kiddies. And yes, I think most of them are unconsciously incompetent for the task they are trying to execute.
I've seen LLM being compared to calculators and I agree. They are great time savers for people who know what they do and how to achieve their goal. They even make previously impossible tasks possible. But if you don't know what is needed for a task you will be struggling to accomplish it.
Slop Jockeys? or would that be better for people passing off AI content as their own?
"Slop Kiddies" is good. That lets us use the "skiddies" contraction for both the "script" and "slop" kind of kiddie.
Everybody should learn from mistakes, especially the expensive ones. Though seeing the agent owner responding with using another agent and asking for donations, instead of taking responsibility, makes me think he didn’t learn much.
Not only that, but they said "next time better model needed" as if that was their problem and not giving an AI agent a blank check... I mean AWS account access.
A kid with $4k to burn on a credit card though? A lot of things would have had to go wrong for this to be a child
Children are the original dangerous-to-leave-unsupervised/guardrailed agents.
I routinely see “please refund this infrastructure bill I racked up unexpectedly, I used my dad’s card and he’s going to kill me” requests.
Sometimes your purpose in life is to serve as a lesson to others. https://despair.com/products/mistakes
I learned very rapidly from my local BBS networks that some people incurred extraordinarily large long distance bills dialing out of region. Wouldn’t have learned that the easy way if someone hadn’t learned it the hard way first.
There was often a little table at the front of the white pages which would help you work out what the rate would be for any particular long distance call. In the Midwest you could get relatively cheap rates to BBSes several states away, as long as you were up at 2am.
We couldn’t afford that and also the second phone line for my endless hours of modem, so I took local-only instead of remote-occasionally.
> Then I imagined the real-but-unknowable chance it was all set up by some kid just getting into computers, just seeing what’s possible
if this is the case, then I'd say that the best-case scenario happened. They had an expensive learning exercise. They won't forget these $2k.
How did the theoretical child get hold of a credit card?
I’ve seen minors signing up for cloud services with their parents card.
Because no 16 year old kid ever got to buy anything on a card before.
Why would a 16 year old not use their own card?
Would they be given their own credit card, or would it be under the parents? Over here minors can't enter into debt contracts like credit cards, so it'd be a direct debit until they are adults.
I think you mean debit card? In the UK at least you need to be 18 to agree to agree to a direct debit too. Rarely comes up since they're mostly for bills, but e.g. for a phone/SIM on contract it has to be in a parent's name for that reason.
I don't think the type of the card really matters as long as the limits are reasonable.
> Over here minors can't enter into debt contracts like credit cards
In basically all of the western world minors can enter into debt contracts, but are generally not seen as particularly creditworthy.
> In basically all of the western world minors can enter into debt contracts, but are generally not seen as particularly creditworthy.
No, that's not legally permitted in many places. I was under impression that minors can't enter into debt contracts anywhere in EU, but that, too, was an incorrect assumption.
https://fra.europa.eu/en/publication/2017/mapping-minimum-ag...
I grew up in one of these "not under 18 even with parental consent" countries, so that coloured my view of the matter.
>In basically all of the western world minors can enter into debt contracts, but are generally not seen as particularly creditworthy.
Minors can't get a credit card in the UK. In fact, it's one of the government approved age verification methods for that exact reason.
Because 16 years old do not have a card with no spending limits, and with very low online spending limits. Most of those cards are even just for withdrawing
Spending limits don't particularly matter here.
AWS doesn't check if your credit card will be able to handle a $5k charge before letting you rack that up, and in fact AWS doesn't support setting any spending limit.
You just have to put in any valid credit card at all when you sign up, use AWS, and at the end of the month you'll have a bill. At no point does your credit card limit or a spending limit enter into things.
And again kids don't have credit cards
I got mine when I was 12, IIRC. Not a credit, of course, it was a debit card, but not all countries bother to differentiate between the two, it was just a “bank card”. And I believe it had a credit card BIN because all local banks did that to get more in processing fees.
My parents let me fill my tank with gas. They wouldn't let me open an AWS account. Aside from that, if it is misuse of a parents card, then then answer is "chargeback."
Chargeback sounds like trying to defraud AWS. If the parent authorises the child to use their card, then the buck should stop with the parent. AWS has done nothing wrong in allowing an account to be opened with a valid card.
Some banks make chargebacks so easy that people just click the chargeback button without trying to reach out to the vendor. I see this a lot - I work for a “vendor”.
I don't have an issue with chargebacks if the vendor has made a mistake and doesn't respond in a timely fashion, but issuing a chargeback because you let your kid play around with a card isn't responsible behaviour. (Not that I think it was a kid in this particular case)
Generally no they don't because they have very limited ability to enter into agreements in the US. It was almost certainly an adult.
Isn't USA famous for letting parents take out credit cards on their newborns and pushing them into debt even before they learn to walk? I recall seeing at least a few snippets of movies and TV shows showing that.
If you mean parents using their children SSN to open a credit card, this is because US banking system is always decades behind the rest of the world, so they just accept the number blindly even though technically the children aren't allowed to open a loan yet, being minor.
In theory once the child grows up and shocked that their credit score is ruined, they can file a police report to wipe the debt, but that also means their parents will go to jail, a large risk considering they're likely not in a good physical/mental health in the first place.
Other countries solved this by either having national ID or a working KYC system.
Did you read your own link? A parent has to apply for this.
Parent/Legal Guardian Identity Verification
To confirm your identity, we’ll ask you to take:
A live selfie of yourself, and
A photo of your own ID document (Valid Passport or valid UK/ROI Drivers Licence)
They may well have the account with a debit card for other reasons, like buying food, travel etc.
Why wouldn't debit card work as well? You can get those while underage.
Can a kid set up an AWS account? Are there no checks?
Wouldn't the contract be void for anyone underage anyway?
> Can a kid set up an AWS account?
Yes
> Are there no checks?
No
>Wouldn't the contract be void for anyone underage anyway?
Typically not
Presumably companies can't enforce debts against children [who are under the age of criminal liability, which is under-10 in UK].
If a child goes through the checkout at the grocery store with cash, can the parent march in and demand a refund because "he's underage so the contract is void"? A credit card was used. Why should aws care about the details? (Other than the potential for the card to be stolen ofc.)
Obviously the specifics vary by jurisdiction, but usually contracts that are 'necessary' (e.g. grocery store purchases) or beneficial to the minor (e.g. an employment agreement) cannot be voided simply because someone is under 18.
The further you go away from this line, e.g. a mortgage, the more likely a court of law would void the contract. As with many things in law, the specifics (if it makes to trial) is case-by-case and "it depends"; with settlement being generally based on a party's estimated chances of succeeding/costs should it go to trial.
> If a child goes through the checkout at the grocery store with cash, can the parent march in and demand a refund because "he's underage so the contract is void"?
Depends on the jurisdiction, of course. But for example in German law, the contract is not void exactly because and only if it was about daily necessities of low value - the law does, in fact, care very literally and explicitly about those details. So it's completely unfit as an example to generalize, and the contract with AWS would in fact be void. Their problem if they don't verify users' identities and age sufficiently - and it's almost certainly a deliberate business decision not to do that in order to reduce friction. and occasionally write off an unenforceable bill as cost of doing business.
Can a German child buy non-essential expensive things, like a concert ticket, console, Warhammer or whatever? (Or a video game, back when those were sold in shops.)
I bought these things while a child in the UK. I'm sure Games Workshop would have offered a refund on something unopened if my parents had demanded it, but I'm fairly sure the ticket agency would not.
Well fair enough, although I find that rather surprising. If I understand you correctly selling anything more expensive than cheap food to a child carries a high degree of risk in Germany.
Then again, maybe making it impossible for a child to pawn expensive items for cash isn't such a bad idea. At least there shouldn't be any loopholes given the way Germany went about it.
> some kid just getting into computers, just seeing what’s possible, getting excited by a much bigger world at reach
Nothing about this post ever gave me the smallest hint that this was any way related to a kid exploring computing world.
Especially the part where they're asking for Ethereum.
A kid with a credit card?
Honestly, kids (heck people below 23) shouldn't be allowed an AWS account. AWS also should have a strict cap on usage that's not "thousands of dollars". It's interesting they are yet to be regulated or sued for that. Having a web app where you can mistakenly (even without AI) click a button and get charged tens of thousands of dollars and only know that days later should have been unacceptable.
I couldn't disagree more. I was playing around with AWS when I was probably 14 years old, with a credit card from my parents with consent, and a strict budget and the understanding that if I mess up and overspend, I'm getting disciplined.
I learned a lot of stuff about networking, how AWS works (VPCs, IAM, CloudWatch, etc) from trial and error, and hobby projects like personal websites (free tier), hosting a Minecraft server, etc.
Being too overprotective can have negative consequences on folks who are responsible. One of the things I love about the technology and internet communities, etc is that you're mostly judged based on how you act and behave; not your age or other visible characteristics.
The equivalent 10+ years earlier was so much lower risk: £25 or so for an old computer at a junk sale, £4.99 for a magazine with a Linux CD-ROM to avoid a week-long download.
> strict budget
How does that work in the case of AWS? Are you confusing alerts to caps?
I meant a strict budget given by my parents (and I could ask for more with justification). One of the valuable lessons I have learned is that there's no spending caps on AWS, but it taught me to set up billing alerts :)
the billing alerts DO NOT help. you may rack many thousands of $$$ before you know it.
Im kind of struggling with this logic, because a conscious choice was made to engage with AWS, AWS having opaque billing and the ability to provide a huge amount of compute (even at high cost) at the click of a button should be known to anyone who did his research on providers.
In my mind I could see a true tradeoff to removing the ability to do this. If I'm in a critical situtaion where, say, my service is on the cusp of failing because my revenue 100xed in a short while I know I could just go to AWS, put in some data and buy enough compute to survive as a business.
Anyone can make mistakes at some points and it's not like AWS UI/offerings make it any less confusing.