this post was submitted on 17 Mar 2025
1254 points (99.8% liked)

Programmer Humor

34426 readers
1074 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 58 points 1 day ago (5 children)

Is the implication that he made a super insecure program and left the token for his AI thing in the code as well? Or is he actually being hacked because others are coping?

[–] [email protected] 150 points 1 day ago (3 children)

Nobody knows. Literally nobody, including him, because he doesn't understand the code!

[–] [email protected] 45 points 1 day ago (2 children)

Nah the people doing the pro bono pen testing know. At least for the frontend side and maybe some of the backend.

[–] [email protected] 14 points 1 day ago (1 children)

But the things doing the testing could be bots instead of human actors, so it may very well be that no human does in fact know.

[–] [email protected] 22 points 1 day ago* (last edited 1 day ago) (1 children)

Thought so too, but nah. Unless that bot is very intelligent and can read and humorously respond to social media posts by settings its fake domain.

[–] [email protected] 4 points 1 day ago

Good point! Thanks for pointing that out.

[–] [email protected] 8 points 1 day ago (1 children)

I'm stealing "pro bono pen testing."

[–] [email protected] 4 points 1 day ago

Cant steal it, if it is already pro bono :D

[–] [email protected] 5 points 1 day ago

That's fucking hilarious then.

[–] [email protected] 25 points 1 day ago (1 children)

AI writes shitty code that's full of security holes, and Leo here has probably taken zero steps to further secure his code. He broadcasts his AI written software and its open season for hackers.

[–] [email protected] 9 points 1 day ago

Not just, but he literally advertised himself as not being technical. That seems to be just asking for an open season.

[–] [email protected] 9 points 1 day ago

Potentially both, but you don't really have to ask to be hacked. Just put something into the public internet and automated scanning tools will start checking your service for popular vulnerabilities.

[–] [email protected] 7 points 1 day ago

He told them which AI he used to make the entire codebase. I'd bet it's way easier to RE the "make a full SaaS suite" prompt than it is to RE the code itself once it's compiled.

Someone probably poked around with the AI until they found a way to abuse his SaaS

[–] [email protected] 3 points 1 day ago

Doesn't really matter. The important bit is he has no idea either. (It's likely the former and he's blaming the weirdos trying to get in)