There are several senses to "politics". You are right in that, in the general sense, politics is any collective negotiation of what matters to the group. There are objectively optimal ways to achieve a goal, but choosing what goals to pursue, and what benefits are worth what costs, and who they will affect, that is rather subjective and the realm of politics. In that sense politics is fundamental and valuable.

But in a more concrete sense, politics also refers to our tendency to join opposing teams or tribes and fight it out, more or less literally. In that sense, "everything is political" can mean viewing everything as a fight between groups, or worse, associating everything to the conflict between the two dominant groups. That is quite toxic.

Some details from the original post for context:

They had a Railway token in an unrelated file (unclear if it was a local secret) for managing custom domains. It turns out that token has full admin access to Railway.

The AI deleted a single relevant volume by id. The author is rather vague about what exactly it asked it to do, he just says there was a “credentials mismatch” and Claude took the initiative to fix it by deleting the volume. But it’s likely that they are somewhat downplaying their culpability by being vague.

It turns out too that Railway stores backups in the same volume.

I think that OP is exaggerating with their references to “a public API that deletes your database”.

I’d say most of the blame lies with Railway here, regardless of AI, this could have happened easily due to human error or malicious intent too.

I really don’t get the value of all these VC funded high-abstraction cloud services like Railway, Vercel, Supabase… It’s markup on top of markup. Just get a single physical server in Hetzer and it will all be so much cheaper, with a similar level of complexity and danger, and less dependent on infra built with reckless growth-at-all-costs mentality.

> The author is rather vague about what exactly it asked it to do, he just says there was a “credentials mismatch” and Claude took the initiative to fix it by deleting the volume. But it’s likely that they are somewhat downplaying their culpability by being vague.

I was just talking to my girlfriend saying I've realised that I've not written a single line of code, nor have I debugged myself for at least the past 3 months.

Having said that, given what I've seen Claude do, I find it hard to believe that Claude would go from credential mismatch to delete the volume. I understand LLMs are probabilistic, but going from "credentials wrong" to "delete volume" is highly unlikely.

> Supabase

I don't know enough about the Railway/Vercel/Replit, but I can tell you Supabase adds a huge amount of value. The fact that I don't have to code half of things that I otherwise would is great to start something. If it's too expensive, I can implement things later once there is revenue to cover devs or time.

Give an agent an obstacle and it will try to find a way around it. Most of the egregious commands Ive seen it run were fundamentally due to something blocking it from accomplishing a task. So eg if you block network access for the agent, you will get all sorts of creative solutions to try and get around the problem. This is also why its nearly impossible to corral commands. Because eventually it will rot13 encode a script and run it anyways.

Paperclip maximizer!

I have had Claude go "oh, this query fails because the field I just added isn't in your sqlite database file, let me just delete it so it gets recreated". So I wouldn't rule out that Claude tries deleting a volume if it believes that will fix things and believes it isn't a production system.

That said, Claude seems to have gotten a lot more careful about these kinds of things in the last couple months

One thing AI can power nicely is the anti-SaaS movement. Being able to just boot a cheap PC and test out any of the open source packages is so infinitely easier than piling into all the random credential Bazaars.

But that won't take away the inability of the LLM from confusing whats in dev, whats in production, whats in localhost and whats remote; I've been working on getting a tools/skill for opencode that works with chrome/devtools via a linuxserver.io image. I can herd it to the right _arbitrary_ ports, but every compaction event steers it back to wanting to use the standard 9222 port and all that. I'm tempted to just revert it but there's a security and now, security-through-LLM-obscurity value in not using defaults. Defaults are where the LLM ends up being weak. It will always want to use the defaults. It'll always forget it's suppose to be working on a remote system.

Using opencode, there's no way to force the LLM into a protocols that limits their damage to a remote system or a narrow scope of tools. Yes, you can change permissions on various tools, but that's not the weakness that's exposed by these types of events. The weakness is the LLM is a averaged 'problem solver' so will always tend towards a use case that's not novel, and will tend to do whatever it saw on stackoverflow, even if what you wanted isn't the stackoverflow answer.

>But that won't take away the inability of the LLM from confusing whats in dev, whats in production, whats in localhost and whats remote

In my experience, Claude Code with Opus 4.7 tends to assume things are production unless explicitly told otherwise.

>there's no way to force the LLM into a protocols that limits their damage to a remote system or a narrow scope of tools

Might not be able to force it but prompting and context help. An AGENTS.md that explicitly calls out what is and isn't production helps (at least with Claude Code)

Not sure about OpenCode but in Claude Code, memories also help (more injected context)

AI can also make using AWS directly easier

Is there some harness that navigates AWS or are you referring to some complex clie. I've only seen their S3 clie.

Just having it use the AWS CLI if you're careful about what creds you give it

> It turns out too that Railway stores backups in the same volume.

That's probably not quite correct. I'd guess the snapshots are synchronized elsewhere (e.g. object storage). But the snapshots are logically owned by the volume resource, and deleting the volume deletes the associated snapshots as well. I think AWS EBS volumes behave like that as well.

I see the value in Heroku, even though everyone on HN keeps saying it's bad now. Skeptical of other newer things. Firebase defaults have also been insane from the start.

It would make sense to have an official default async runtime in the standard library while keeping the door open to use any other runtime, just like we already have for the heap allocator or reference counting garbage collection.

There are issues in particular with core traits for IO or Stream being defined in third-party libraries like tokio, futures or its variants. I've seen many cases where libraries have to reexport such types, but they are pinned to the version they have, so you can end up with multiple versions of basic async types in the same codebase that have the same name and are incompatible.

GDP is also an amalgam of various indicators of general economic activity: Consumption + Investment + Government Spending + (Exports - Imports). It might be all in dollars, but it is kinda like adding $X of Apples with $Y of Oranges.

Its good as a rough score to do relative comparisons between countries (and actually Debt/GDP is useful in that sense too), but as an absolute amount it doesn't mean all that much.

What matters is how much the debt servicing costs versus government revenues. Also how much that debt is growing (deficit) and/or what it would cost to reduce it.

But there's not much of a consensus around what is too much or too little.

I suppose 100% Debt/GDP is a good arbitrary number to raise the alarm, but it doesn't mean much on its own.

Quite reminiscent of the "Four Seasons Total Landscaping" debacle :)

That was like living out and episode of Arrested Development in real time. I have a hard time recalling it without mentally casting Jeffrey Tambor as Rudy Giuliani.

Wow! Yes it does sound exactly like that. Reality really can be stranger than fiction

Link: https://en.wikipedia.org/wiki/Four_Seasons_Total_Landscaping...

Thanks, I hadn't heard of that.

Much like the gym, meditation seems to me like an artificial alternative to an actually healthy lifestyle. Perhaps it is necessary to have such explicit and focused "exercising" to really get what you need nowadays, there may be merit to that.

But why not just go for a nice walk with no headphones?

Depending on who you ask, that is a form of meditation (or at the very least, a meditative activity).

And like the gym, it isn't necessarily orthogonal to a healthy lifestyle; sometimes, it’s just a way of focusing efforts toward a specific goal.

Some people get so much stimulation even when walking normally that it breaks the kind of focus they’re looking for (or they don't live in a zone particularly conducive to walking.) It is what it is

It's likely that there have been bottlenecks, where a single written version became the main common ancestor to copy from. Long after the oral tradition died down and other written versions were lost. Or because some patron decided to fund the dissemination of a particular copy, like Guttemberg or King James, or the Toledo School of Translators. Or because a particular heir of the oral tradition wrote it down, like Homer.

It doesn't necessarily mean that the story was stable, it's just the version that got to us.

What you are saying is generally true (and certainly true for many Indian texts), but the oral tradition of the Vedas really is old. Having been brought up in the West I only learned enough for daily and occasional rituals. My guru taught me without looking at a book and although I have such books now I bought them for curiosity only; if I had a question about recitation it would not occur to me to consult them. My son has learned the same way.

Could be but all across different regions across the subcontinent where the Vedas are orally recited, except for some technical tones and notes (which is the mechanical part of Vedic Sanskrit) there is little difference.

There are serious attempts made to write down the vedas. The thing is, historically, very few people learned all 4 vedas by heart; Instead different families recited very small part and passed the recitation as heirloom.

If you meet all those families and compile their recitation, it exactly matches to what we have from different earlier efforts of canonisation.

> For orders, messages, and real-time coordination, Nowhere uses Nostr relays as communication infrastructure. Relays see only encrypted data they cannot read, arriving from ephemeral keys they cannot trace, sent from a nowhere site they cannot identify.

Is that the meaning of “Third World”? As in East/West/Other?

I always thought it was more about Developed/Developing/Undeveloped, mostly in terms of the industrial transition.

But, if we are being honest, it’s used a lot more as “third class”.

I suppose indeed that it is not really a well defined “thing”, like the Silk Road.

When originally coined (circa 1950 around the Korean War), the First World was the US aligned block of countries, the Second World was the USSR aligned block of countries, and the Third World was all of the countries not part of either. Egypt, India, Yugoslavia, Ghana and Indonesia viewed themselves as leaders of the broader political movement during the 1960's and 1970's.

Even into the 1960's there were few industrialized nations outside of those two main blocks, so "Third World" quickly lost its explicitly political meaning and became more a description of the level of capital investment and worker productivity.