Action-reaction Force Pairs

Zachary O'Neill

Apr 3, 2024 • 5 min read

I wanted to take some time to write about my observations given the current climate and this whole opinion that AI will solve competency and productivity issues. This is not meant to be an in the weeds post where I dive into every facet or provide reverse engineering on package dependencies for opensource libraries. However, given the fact that myself and countless others have existed in the industry for quite some time and often wear multiple hats at a given company or provider, it's safe to say... we've seen some s***. This is a very opinionated post where I'm going to share my perspective in an unfiltered fashion as well as some personal bias on information security.

AI is simply a search and productivity tool within the enterprise at this point in time. But, that's not to say it won't replace junior roles in tech within the next decade... What I find interesting is how consumer AI has lead to very substantial shift in little time. Machine learning as a construct has been around since 1943. If I were to compare the current AI trend to past examples, ledgers come to mind. Hilarious to think about now, though there are still viable uses for the technology we found ourselves at a crossroad quite some time ago. Ledgers are great... but offer no reversal method should things hit the fan. Data simply persists within one for the span of it's existence. The legal and privacy complications that result from leveraging ledgers eventually ruled it as an invalid option for most enterprise or corporate consumption. Databases of many flavors continued to be the flavors of choice. Given how the sentiment continued to change over time for various "use cases" the most apparent one was cool pictures that were considered 1 of 1's... Incredible way to move the goal post society. This in turn resulted in quite an increase in the number of rug pulls and money laundering schemes... Nobody had to write their own crypto or create their own coin. They could just leverage opensource projects, split layers into directories and generate unique photos to sell in exchange for a currency which could ultimately be traded to someone else for goods, mixed to obfuscate, or sold for monetary value.

You may be asking... what's your point? Think about AI infrastructure operations and programming. We've had quite a bit of fear circle the tech industry this year. Employees have become fearful of their positions. Job postings are often posted as corporate strategy to position and trick employees into thinking help is on the way... We couldn't be further away from stability in the market. Tech as a whole became a way for people to work from home without restriction during the pandemic, it became apparent as companies scaled they often times weren't capable of properly vetting who they brought in. As we continue to hear terms such as right-sizing keep that in mind. AI as of the past year or so has only accelerated decision making and corporate efforts to run as lean as possible. I don't want to talk about delegation or cultural complications, but they'll continue to exist as we ride out this wave on the habitual hurricane.

So let's talk about AI and the future waves we'll ride as a result. As privacy policies continue to be rewritten on an annual basis, it's safe to say winds are picking up. Data collection, telemetry and user tracking are incredibly profitable markets... Take a look at what Meta just sold to Netflix! Do you think when you delete that ChatGPT thread it's simply gone forever? If so kudos to your optimism and perspective, I envy you. When you consider the moves within Microsoft and the copilot program what intellectual property do you think they're collecting? How do their systems perceive you from a professional perspective? Is it up to you to justify your existence to a sub set of cloud services? Personally I welcome our robot overlords with open arms, hell this site has been scrubbed and knocked on by threat actors since inception what's one more method of collection! This brings me to an interesting pivot, these models are trained using what we've contributed to the internet often times with no respect to privacy policies or terms of use. That said these AI models as of today are often trained for consumer level consumption. Opensource will continue to run rampant and malicious activity will increase as junior developers and tech professionals who don't understand what they're deploying continue using the new version of stack overflow... github copilot... to copy pasta processes while "programming".

It's important to convey that these tools aren't conscious or capable of independent thought, it's simply a tool in your arsenal. Sure you can train something by sourcing the data... Sure you can cover the 101 of something and leverage it research or personal progression. However, viable experience and expertise in a given skill-set will continue to prove more valuable than ever in the years ahead. Dependencies will always be a bad thing... Not only within society but from a pure tech perspective as well. As someone who's enjoyed running other people's code to benefit from the simplicity it provides. There's an obvious constraint in regards to opensource. As professionals continue to build their solutions they'll continue to bootstrap and rely on existing libraries, this behavior won't change anytime soon. There's quite a bit of research which discusses dependencies and their affects on the human mind, as most of us know dependencies and addiction go hand in hand. However, this isn't a psychology class. When considering recent supply chain attacks xz (CVE-2024-3094) is worth bringing up and not only as sales snake oil (*cough* l4j). My apologies, supply chain attacks and development are both areas which will continue to require talented humans. Opensource as a construct whether SCA or 3rd party libraries requires more attention now than ever. The ability to decipher and reverse what's being leveraged is critical to the security of consumer privacy, infrastructure, and intellectual property.

I've read some rather cold take as of late about how opensource projects should leverage some sort of development framework or standard. These perspectives have been entertaining to say the least, cool high castle you live in there Bob. What's funny is most people passionate enough to share their work already contribute a vast amount of time to improving and maintaining there code for public consumption at no cost. My point is even if a standard or requirement were put in place you'd just see people find a new way around the rules. Most developers are anarchist in nature. Regardless of the risks, I just wanted to say thanks for anyone who contributes anything to opensource. For me, it's played a huge part in who I am professionally and contributed greatly to the exposure I've had throughout the entirety of my career thus far.

As I attempt to wrap up the thought dump posted here. There are a few last takes I'd like to make in summary. Programming isn't going anywhere... Devin and Copilot might be seen as scary concepts to some. But like all things, we'll be dealing with the repercussions at a later point in time. As corporate greed continues to justify layoffs while using AI as the justification, it's sure to continue to be an interesting time for the industry. It's my belief that AI won't resolve issues with human comprehension anytime soon. However, choosing a craft in which to specialize should be treated with an increased level of urgency. If you've made it this far congratulations on maintaining some level of reading comprehension. It's 2024 after all, you should be proud. This post was written without AI assistance and is therefore hallucination free.

Sign up for more like this.