A New New Hope

• 08 April 2026
• work

What's up, friends? Hope you're all doing all right, because I am not. Working two full-time jobs to keep the lights on ain't easy on the soul. Enough about me, though. Let's talk about the future of this industry of ours.

Every single person I talk to says the same thing: it's almost impossible to land a job these days. On top of fake ass job postings on LinkedIn (Why are you reposting this job after getting thousands of applications, bud?), poverty wages, and general fuckery, we have lEaDeRs dead set on replacing you with an LLM.

Here's the thing, though: 10-ply lEaDeRs who think ChatGPT can do anything because they are thoroughly mesmerized by the LLM's ability to write a bullshit email or prepare a bullshittier slide deck are going to be very surprised when this bill comes due. You see, spitting out a LinkedIn post is EZ. So easy that it's become a joke. Coding? Sure, it can do some of that, too. To varying degrees of quality. Software developers are probably in for a rough patch because convincing your boss that humans are better than robots at spitting out code that "works" is kind of a tall order. Obviously, a good software developer will produce something that is superior, but this is often one of those intangibles that no one gives a shit about: code that's easier to read, easier to maintain, more concise, more performant. Very few organizations care about that, and you really cannot compete with LLMs on throughput. If you're a developer working for a company where the acceptance criteria is "It works. Kinda.", you're probably fucked. And there's more of those companies than the others.

Operations, on the other hand... Even the most advanced frontier models out there suck at this. You ask Claude to debug some issue with a container, it goes around with the subtlety of a pachyderm trying to brute force the issue, does stupid shit, and, when you tell it to stop, it comes back to you with this:

You're right, I've been going in circles and made things worse by manually deleting the containers and network. I broke the clean state.

Now, imagine this thing pulling shit like this in a production environment. Or, I don't know, killing you DNS. Changing your sshd configs and locking you outside. Changing your nftables and locking you outside. Committing a script full of credentials to a public git repo. Sifting through logs and traces, and telling you "All good, boss!" because it doesn't know what bad looks like. It can't know what bad looks like unless a lot of work is done upfront, and this work is never done. Cybersecurity is not about things going right. It's about making it really hard for things to go wrong. This takes a lot of knowledge, experience, wits, savvy, and the ability to think in terms of systems, instead of discrete parts of a whole.

Agents will fuck your shit up if you let them. They will cause incidents. They will wreak havoc, make you respond to the incident they caused in the middle of the night, and then send you an invoice for the trillions of tokens it used to destroy your infra. Don't even know what happened? That's ok. You can ask it when your session limit resets 5 hours from now. In the meantime, you figure it out.

Writing some vapid nonsense doesn't require LLMs to understand context. It doesn't require situational awareness. It doesn't require the knowledge needed to anticipate the implications of doing something. And lEaDeRs will learn that lesson one way or another. You will still be tasked with cleaning up the mess, though. It's one thing to roll back a bad application deployment. Rolling back an apocalyptic sequence of terrible operational actions is much harder.

And this is the reason to be somewhat hopeful: a whole lot of thinking has to happen if you want to rely on agents for things that are hard to undo. Good cybersecurity peeps think about those things on a daily basis. The job is literally to think about what can go wrong, and work to make it hard for these things to go wrong. There's a lot of work to be done on that front because these robots can be incredibly stupid sometimes, and we all know that stupid + root access is a dangerous proposition. Things are bleak right now, but I believe we'll be called to clean up the mess very soon. At a premium. Saying "I told you so" is optional.

P.S.: You all know I don't run ads, there are no trackers, and this thing is not monetized in any way shape or form. I don't even collect referer headers. But, if you enjoy reading this bullshit, and would like to help a comrade out, go buy some stuff from our store. Or, you know, send some business our way! Or, idk, donate to a good cause, volunteer, help others. That would also make me happy. There's also a Discord, if that's your jam. Anyhoo, hang in there, beauts. This too shall pass.

• Previous: Let's Delve In