v1stra

This was a great post, so we wanted to answer, its as close to our manifesto as we will get: What are we against? Exploitation dressed as opportunity. Surveillance sold as safety. Vendors hiding behind legal language, scam products, fake methodologies, and compliance theater. Security theater sold as transformation. Acronyms like ZTA packaged as salvation, then stapled onto broken environments because CISOs love a clean dashboard and vendors love a budget cycle. Cyber's version of big pharma: manage the symptoms, protect the revenue, never cure the damn disease. Bootcamps selling desperation to people trying to change their lives. Misinformers and scammers poisoning the well. Stalkers dressing obsession up as investigation. Clout parasites turning harm into content. Governments laundering harm through acronyms. Companies punishing researchers after those same researchers saved their customers from worse. Predators with budgets. Cowards with counsel. Institutions that break people, then invoice them for the privilege. That's the easy answer. What are we for??? that is a bit crazier and harder to explain... We are for the people who get chewed up by those systems and told it was their fault even when they tried to stand by them. For the student trying to get in without getting harvested, stuffed full of false hope, fattened on fake salary promises, and shoved into a dead-end career pipeline by bootcamp farmers with better landing pages than ethics. For the underpaid analyst burning out quietly while the vibe coded dashboard keeps blinking. For the researcher trying to help without getting punished. For treating APTs as more than animal names, spooky acronyms, and vendor-slide mythology. Behind every operation are humans: the people who built it, the people who suffered from it, the researchers who reconstructed it, and the defenders who had to clean up the wreckage. For the victims reduced to metrics, screenshots, and engagement bait by shitty accounts farming someone elses stolen data, stolen identity, lost livelihood, or death for a few dead-eyed impressions here on twitter dot com. For painting infosec as something more than dry reports, vendor PDFs, breach postmortems, and dead-eyed conference panels. There are victims, villains, ghosts, greed, obsession, betrayal, survival, and consequences in this world. There are also tales of extraordinary accomplishments, impossible missions, quiet interceptions, and breaches worth preserving. For the next generation, the current generation, and those who came before us: the hackers, artists, researchers, misfits, and feral little weirdos who deserve better than scams, silence, burn out, and corporate rot. And especially for the weirdos who found computers before they found a safe place to exist, and found friends in terminals, forums, group chats, Discord servers, and late-night DMs while the rest of the mammals never understood it and called it antisocial. For making cybersecurity feel human again. So we try to tell the story like it actually has blood in it. Harder answer... And yea unhinged af looking back at this What hard did we choose? We chose the ugly one. Tell the truth, make it catchy, give it aesthetics, hide the knives in the glitter, and let you mammals dance through the crime scene before you notice the chalk outlines.

Love this article. "I don’t fear loss of status, I almost think this is some kind of psyop to sell agents". Been saying similar for a while, this is the first time I can remember new tech being sold based on FOMO and doomsday to this level. Previously it's been optimism based. It works of course (social media proving the point), plus there are benefits to pushing FOMO to coerce people into handing over new training data.. But if the aim is mass adoption, its short sighted.

Tip: Figure out your personal ceiling for running multiple agents in parallel. We need to accept that more agents running doesn't mean more of _you_ available. The narrative is still mostly about throughput and parallelism, but almost nobody's talking about what it actually costs the human in the loop. You're holding multiple problem contexts in your head at once, making judgment calls continuously, and absorbing the anxiety of not knowing what any one agent might be quietly getting wrong. That's a new kind of cognitive labor we don't have good language for yet. I've started treating long agentic sessions the way I'd treat deep focus work: time-boxed and tighter scopes per agent dramatically change how much mental overhead each thread carries. Finding your personal ceiling with these tools is itself a skill and most of us are going to learn it the hard way before we learn it intentionally.

This article claims people in SF are addicted to maintaining AI agents. It misses that this is basically a Sims version of Senior Leadership at a large tech company… with their compensation packages replaced by dopamine. Wrapped in the illusion of productivity. You have the same constant motion and endless “near misses” of Corp Tech life. You have the same feeling that you are the one who will get lucky and hit the jackpot. But the reality is that most people probably aren’t able to even offset the cost of their token use. It’s a Sims game that you pay to play. It’s unfortunate that only a few “lucky ones” will end up exposed to forming an LLC, setting up proper business banking, handling quarterly/annual taxes, dealing with compliance, EINs, deductions, or even just basic revenue tracking for tax purposes. If more did, it might do some interesting things to society instead of just eat another generation.