You did this with an AI and you do not understand what you're doing here
173 comments
·September 22, 2025dansmith1919
Sharlin
Unfortunately that seems to be the norm now – people literally reduce themselves to a copy-paste mechanism.
l5870uoo9y
This reads as an AI generated response as well with the; "thanks", "you're right", flawless grammar, and plenty of technical references.
rapidaneurism
I wonder if there was a human in the loop to begin with. I hope the future of CVS is not agents opening accounts and posting 'bugs'
zaphodias
I don't think there are humans involved. I've now seen countless PRs to some repos I maintain that claim to be fixing non-existent bugs, or just fixing typos. One that I got recently didn't even correctly balanced the parenthesis in the code, ugh.
I call this technique: "sprAI and prAI".
ChipopLeMoral
You're absolutely right! There are no humans involved and I apologize for that! Let me try that again and involve some humans this time, as well as correctly balancing the the parentheses. I understand your frustration and apologize for it, I am still learning as a model!
cornholio
We will quickly evolve a social contract that AI are not allowed to directly contact humans and waste their time with input that was not reviewed by other humans, and any transgression should by swiftly penalized.
It's essentially spam, automatically generated content that is profitable in large volume because it offsets the real cost to the victims, by wasting their limited attention span.
If you wantme to read your text, you should have the common courtesy to at least put in a similar work beforehand and read it yourself at least once.
henrebotha
Hey don't hate on us humans who genuinely do open random PRs to random projects to fix typos. https://github.com/pulls?q=is%3Apr+author%3Ahenrebotha+archi...
pjc50
The future of everything with a text entry box is AIs shoveling plausible looking nonsense into it. This will result in a rise of paranoia, pre-verification hoops, Cloudflare like agent-blocking, and communities "going dark" or closed to new entrants who have not been verified in person somewhere.
(The CVE system has been under strain for Linux: https://www.heise.de/en/news/Linux-Criticism-reasons-and-con... )
rjdj377dhabsn
Even with closed communities, real user accounts will get sold for use by AI.
Havoc
Makes me wonder whether the submitter even speaks english
mda
Probably yes, but not as smooth and eloquent as the AI they use.
t0lo
AI's other acronym...
akk0
You do realize English is one of India's two official languages, I hope?
unmole
The username sounds Turkish. Make what you will of it.
dansmith1919
So... nothing? Because I'm also not from an English speaking country and I speak English.
null
dansmith1919
At some point they told ChatGPT to put emoji's everywhere which is also a dead giveaway on the original report that it's AI. They're the new em dash.
listic
What was it with em dash?
Ralfp
People usually don't type embdash, just use regular dash (minus sign) they have already on the keyboard. ChatGPT uses emdash instead.
badgersnake
Some people actually do that on Github too. Absolute psychopaths.
jsheard
I think the JS/Node scene was the pioneer in spamming emojis absolutely everywhere, well before AI. Maybe that's where the models picked it up from.
raincole
It was far before ChatGPT. I remember once on a Show HN post I commented something along the line with "The number of emoji in README makes it very hard for me to take this repo seriously" and my comment got (probably righteously) downvoted to dead.
BoredPositron
It's an n8n bot without user input. If you Google the username you'll find a GitHub full of agent stuff.
listic
Who was likely to start it and for what purpose?
BoredPositron
Clout? The dude behind the username?
chinathrow
The '—' gave it away. No one types this character on purpose.
jaymzcampbell
I really loved how easy MacOS made these (option+hypen for en, with shift for em), so I used to use them all the time. I'm a bit miffed by good typography now being an AI smell.
sevg
Just because you don’t, doesn’t mean other people don’t. Plenty of real humans use emdash. You probably don’t realise that on some platforms it’s easy to type an emdash.
ulimn
Or at least not anymore since this became the number 1 sign whether a text was written with AI. Which is a bit sad imo.
ceejayoz
The AI is trained on human input. It uses the dash because humans did.
arthens
I'm skeptical this is the reason:
- Chatgpt uses mdashes in basically every answer, while on average humans don't (the average user might not even be aware it exists)
- if the preference for em dashes came from the training set, other AIs would show the same bias (gemini and Le chat don't seem to use them at all)
chinathrow
Yeah but a dash, at least on my keyboard is a '-', not the one quoted above.
kstrauser
And where did you suppose AIs learned this, if not from us?
Turns out lots of us use dashes — and semicolons! And the word “the”! — and we’re going to stuff just because others don’t like punctuation.
birjokduf
Books use it more liberally, internet writings not so much. Also some languages are much more prone to using it while some practically never use it
exe34
I'm starting to wonder if there's a real difference between the populations who use em dashes and those who think it's a sign of AI. The former are the ones who write useful stuff online, which the AIs were trained on, and the latter are the consumers who probably never paid attention to typography and only started commenting on dashes after they became a meme on LinkedIn.
yreg
I do all the time, but might have to stop. Same with `…`.
henrebotha
Don't let them win. Stand proud with your "–" and your "—" and your "…" and your "×".
johnisgood
Keep in mind that now that people know what to pay attention to: em-dash, emojis, etc. they will instruct the LLM to not use that, so yeah.
easton
Two dashes on the Mac or iOS do it unless you explicitly disable it, I think.
rpigab
"I heard you were extremely quick at math"
Me: "yes, as a matter of fact I am"
Interviewer: "Whats 14x27"
Me: "49"
Interviewer: "that's not even close"
me: "yeah, but it was fast"
jtwaleson
There should be a language that uses "Almost-In-Time" compilation. If it runs out of time, it just gives a random answer.
phinnaeus
Best I can do is a system that gives you a random answer no matter how much time you give it.
zelphirkalt
Great! 80-20, Pareto principle, we're gonna use that! We are as good as done with the task. Everyone take phinnaeus as an example. This is how you get things done. We move quickly and break things. Remember our motto.
nenenejej
The lowest latency responses in my load tests is when something went wrong!
poszlem
https://www.youtube.com/watch?v=4SI3GiPihQ4
“Is this your card?”
“No, but damn close, you’re the man I seek”
misnome
I wonder where the balance of “Actual time saved for me” vs “Everyone else's time wasted” lies in this technological “revolution”.
stahorn
You're doing it wrong: You should just feed other peoples AI-generated responses into your own AI tools and let the tool answer for you! The loop is then closed, no human time wasted, and the only effect is wasted energy to run the AI tools. It's the perfect business model to turn energy into money.
jsheard
You joke, but some companies are pushing this idea unironically by putting "use AI to expand a short message into a bloated mess" and "use AI to turn a bloated mess into a brief summary" into both sides of the same product. Good job everyone, we've invented the opposite of data compression.
gloxkiqcza
Reminded me of this - an URL lengthener: https://looooooooooooooooooooooooooooooooooooooooooooooooooo...
throwaway0236
Great cartoon with comment about this problem:
tsimionescu
The next HTTP standard should include `Transfer-Encoding: polite` for AI-enabled servers and user agents.
taneq
We could call it “bsencode.
jiqiren
that's still a huge waste of time and resources. Rather, Daniel has focused on promoting good use of AI that has yielded good results for curl: https://mastodon.social/@bagder/115241241075258997 https://joshua.hu/llm-engineer-review-sast-security-ai-tools...
dandanua
And then alien civilization will wonder how humans went extinct.
simsla
Agreed.
I've found some AI assistance to be tremendously helpful (Claude Code, Gemini Deep Research) but there needs to be a human in the loop. Even in a professional setting where you can hold people accountable, this pops up.
If you're using AI, you need to be that human, because as soon as you create a PR / hackerone report, it should stop being the AI's PR/report, it should be yours. That means the responsibility for parsing and validating it is on you.
I've seen some people (particularly juniors) just act as a conduit between the AI and whoever is next in the chain. It's up to more senior people like me to push back hard on that kind of behaviour. AI-assisted whatever is fine, but your role is to take ownership of the code/PR/report before you send it to me.
miroljub
Wasting time for others is a net positive, meaning jobs won't be lost, since some human individual still needs to make sense out of AI generated rubbish.
ttyyzz
Over time, I've gotten a feel for what kind of content is AI-generated (e.g., images, text, and especially code...), and this text screams "AI" from top to bottom. I think badger responded very professionally; I'd be interested to see Linus Torvalds' reaction in such a situation :D
rvnx
Wrong title, as per Hackernews rules, "do not editorialize"
hermannj314
Start charging users to submit a vulnerability report.
It doesn't matter if it made by AI or a human, spammers operate by cheaply overproducing and externalizing their work onto you to validate their shit. And it works because sometimes they do deliver value by virtue of large numbers. But they are a net negative for society. Their model stops working if they have to pay for the time they wasted.
throwawayExSUSE
We should look at the cultural differences (not judging anyone). Copying things without sharing the value, and not feeling ashamed bypassing the rules (shame vs. blame culture) are prevalent and may explain at least some of the output.
https://en.wikipedia.org/wiki/Batu_(given_name)
> Batu is a common masculine Central Asian name.
https://en.wikipedia.org/wiki/Batuhan
> Batuhan is a masculine Turkish given name.
joz1-k
We will see more problems related to the attitude: "I know AI, and therefore I'm smarter than trilobites who coded this before the AI boom."
I suppose there's a reason why kids are usually banned from using calculators during their first years of school when they're learning basic math.
scosman
Spent 15 minutes the other day testing a patch I received that claimed to fix a bug (Linux UI bug, not my forte).
The “fix” was setting completely fictitious properties. Someone has plugged the GitHub issue into ChatGPT, spat out an untested answer.
What’s even the point…
thenickdude
It's all in aid of some streetsweeper being able to add "contributor to X, Y, Z projects!" to their GitHub résumé. Before LLMs were a thing I also received worthless spelling-incorrection pull requests with the same aim.
dboreham
Ultimately it's always about someone somewhere getting a bigger boat.
rsynnott
This must be _absolutely exhausting_.
zelphirkalt
Yeah, I guess if I was him, I would just close issues silently and ban the person who created them, if possible. I don't think I could be as nice as he is.
joz1-k
The problem is that AI can generate answers and code that look relevant and as if they were written by someone very competent. Since AI can generate a huge amount of code in a short time, it's difficult for the human brain to analyze it all and determine whether it's useful or just BS.
And the worst case is when AI generates great code with a tiny, hard-to-discover catch that takes hours to spot and understand.
ares623
Imagine the headline if a slop security report ends up real but the maintainer ignored it.
It’s a lose-lose situation for the maintainers
keyle
Resume hit piece, <failed/>.
What an absolute shamble of an industry we have ended up with.
ale
It's kind of depressing to read Daniel's article[1] on this issue given the rising "popularity" of these lazy attempts at cash grabbing. I hope they manage to combat the AI slop in a way that does not involve fighting fire with fire though.
[1] https://daniel.haxx.se/blog/2025/07/14/death-by-a-thousand-s...
Crazy how he doubled down by just pasting badger's answer into Chat and submitting the (hilariously obvious AI) reply:
> Thanks for the quick review. You’re right — my attached PoC does not exercise libcurl and therefore does not demonstrate a cURL bug. I retract the cookie overflow claim and apologize for the noise. Please close this report as invalid. If helpful, I can follow up separately with a minimal C reproducer that actually drives libcurl’s cookie parser (e.g., via an HTTP response with oversized Set-Cookie or using CURLOPT_COOKIELIST) and reference the exact function/line in lib/cookie.c should I find an issue.