Hacker News is venture capital firm Y Combinator’s site for aspiring startup founders — or, to be less generous, for temporarily embarrassed billionaires. The AI hype runs thick and fast.

An AI “agent” is supposed to be a system that will take a prompt and action it for you. We don’t have any of these. Real-world systems marketed as “agents” are either LLMs that generate a to-do list for a human to check before actioning — you can’t trust it, because LLMs aren’t deterministic — or just chatbots.

HN user nomad-nigiri asks: Are there any real examples of AI agents doing work? [Hacker News]

The answer turns out to be: no.

What do AI’s most ardent pumpers, keen to monetize the future of spicy autocomplete, present as their best possible answers? 

Workflow generators — to-do lists.Workflow automation, but you can’t trust it. Tutorials. Demos. Descriptions of what an agent might be and how cool it certainly could be. 

“Unfortunately,” says one commenter, “I’m one of those who haven’t working stuff but hopefully will have one soon enough.” That’s great, thanks.

We’re reminded of a similar query on Hacker News from 2020: “Are there any substantial examples of blockchain solving a real problem?” That didn’t turn up any substantive examples other than cryptocurrency solving problems you only have because you used cryptocurrency. But the responders were pretty sure that “bitcoin is like the early internet.” [Hacker News]

Salesforce is all in on AI “agents” — whatever that means. CEO Marc Benioff said in December: [Salesforce Ben]

We’re not adding any more software engineers next year because we have increased the productivity this year with Agentforce and with other AI technology that we’re using for engineering teams by more than 30% — to the point where our engineering velocity is incredible.

We couldn’t find evidence that Salesforce has seen a 30% increase in anything from “AI technology.” Benioff’s claim reads as a promise to shareholders to keep an expensive and fussy class of employees firmly on the leash.

Benioff seems to be covering for an engineering hiring freeze at Salesforce since the January 2023 layoff round of 10% of staff.

Salesforce has several ads for engineers on Indeed — but these appear to be “ghost” jobs just to collect resumes or pretend there are no US applicants for positions they want a cheap H1B for.

So what’s this new miracle system Agentforce, released in December, which Benioff talks up at every opportunity? It’s a chatbot-based help system.

Reviews suggest Agentforce was released before it was ready — so, a normal experience for chatbots forced into production: [Salesforce Ben]

Asking, “How do I reset my password”, returned instructions for API Community Manager (ACM), Marketing Cloud Engagement, Anypoint Platform, and B2C Commerce, but not for the core platform, such as Sales Cloud or Service Cloud.

Benioff is sure Agentforce is still wonderful compared to Microsoft’s Copilot, which he calls a “huge disaster.” [Analytics India]

Salesforce was previously into NFTs.

Members of an underground criminal community that hack massive companies, steal swathes of cryptocurrency, and even commission robberies or shootings against members of the public or one another have an unusual method for digging up personal information on a target: the truck and trailer rental company U-Haul. With access to U-Haul employee accounts, hackers can lookup a U-Haul customer’s personal data, and with that try to social engineer their way into the target’s online accounts. Or potentially target them with violence too.

The news shows how members of the community, known as the Com and composed of potentially a thousand people who coalesce on Telegram and Discord, use essentially any information available to them to dox or hack people, no matter how obscure. It also provides context as to why U-Haul may have been targeted repeatedly in recent years, with the company previously disclosing multiple data breaches. 

“U-Haul has lots of information, it can be used for all sorts of stuff. One of the primary cases is for doxing targs [targets] since they [seem] to have information not found online and ofc U-Haul has confirmed this info with the person prior,” Pontifex, the administrator of a phishing tool which advertises the ability to harvest U-Haul logins, told 404 Media in an online chat. The tool, called Suite, also advertises phishing pages for Gmail, Coinbase, and the major U.S. carriers T-Mobile, AT&T, and Verizon.

Specifically, Pontifex said the U-Haul phishing page is a clone of the official point-of-sale (POS) login page, which is used by U-Haul workers. Once inside, hackers can “look up customer info from an email and it gives back their name, address, phone number and last 4 billing,” Pontifex said. This information can be used to then socially engineer access to major ISP emails such as Comcast, Pontifex added.

“There is a ton of stuff you can actually do from the POS panel,” they said.

Multiple people have advertised harvested U-Haul logins in fraud and hacking focused Telegram groups, according to a 404 Media review of those channels. 

“U-HAUL POS LOGIN. Allows you to easily dox emails and phone numbers,” one message reads.

These advertisements are in channels associated with the Com, a nebulous network of hackers, fraudsters, gamers, people who hang out on Discord, and girls who are sometimes groomed by other participants. Activities include SIM swapping, stealing cryptocurrency, and hacking corporations. There is some overlap with the nexus of activity dubbed Scattered Spider, which is linked to the hack of MGM Resorts last year. To stay one step ahead of other criminals who want to rob or harm them, some members “Airbnb hop,” which involves booking Airbnbs under false identities and regularly moving from location to location, 404 Media previously reported.

U-Haul did not respond to multiple requests for comment from 404 Media, the first being in September. 

In September 2022, U-Haul announced a hacker broke into the company’s systems and used an internal tool to lookup customer contracts. In February 2024, U-Haul provided information on another recent breach in which a hacker used “legitimate credentials” to access a system U-Haul dealers use to track reservations and view customer records, The Record reported.

In another example of how the Com sources data, 404 Media previously reported on the complex supply chain that starts with people giving their addresses to credit card companies, and ends with bots on Telegram able to dox essentially anyone in America for $15.

After an avalanche of lawsuits over scraping everyone’s copyrighted works for their LLMs to regurgitate, OpenAI promised in May 2024 to develop a “Media Manager” tool to let creators opt their works out of training. OpenAI said this would be in place “by 2025.” [OpenAI, archive]

You’ll be utterly unsurprised to hear that Media Manager is not in place as of 2025. You might even think this was all a PR stunt they had no intention of delivering on. [TechCrunch]

“I don’t think it was a priority,” one former OpenAI employee told TechCrunch. “To be honest, I don’t remember anyone working on it.”

It’s unclear how a Media Manager as OpenAI describes it could ever have worked in the first place. LLMs are lossy compression for text. The source texts are fed in and set as weights in the LLM.

You can’t go in and cleanly delete the weights from that source text and not other source texts without retraining the whole LLM afresh.

It’s like making soup then saying you can just delete the garlic.

To see how hard it is in practice to remove text from LLMs, look at the kludged solutions to removing defamatory output — the companies put a crude filter on, and maybe add new text with updated information.

In any case, opt-out isn’t how copyright law works. All works are born copyrighted. If you want to use a work, you have to license it beforehand, not tell the owner to opt out of your use after the fact.