Comment by darkwater
11 hours ago
I don't want to do the easy finger-pointing and scapegoating but honestly, what should happen to the Context.ai employee that thought it was a good idea to play games in their work machine and, on top of that, install cheats which are by definition of dubious provenance? I know defense in depth, security layers etc etc but there is also some personal responsibility at play here. We can chalk up the Vercel's employee mistake to a defense in depth failure that's on the whole company and management, but installing a cheat...
Let’s just say that OpSec at companies adopting AI is low across the board because security just isn’t a deciding feature at the moment. See McDonalds breach 2 years ago
As somebody who tried selling cybersecurity software: Cyber-related OpSec is bad in most companies, AI or not. If effort and budget is allocated to it at all it's usually to a box-checking exercise that is about optics, liability and staying eligible for insurance payouts
good joob
Right, and adding the shifting sands of AI security just makes it worse. AI isn't a technology that's improving security.
2 replies →
Do we actually know the employee downloaded it on their work machine? At least this article doesn't say that (and I couldn't find it in other sources as well). Plenty of companies allow you to VPN into corporate network, or log into certain internal systems from the public Internet. Not saying they should, but it is much more common than you think.
For reference, look at how Disney got hacked. One employee downloaded compromised software on a personal computer. One thing led to another and boom. IT in many companies are much more incompetent than you think. I have seen that first hand.
Actually, you are right to question this. TFA mentions a MicroTrend report [1] as his source, but that report doesn't mention Roblox cheats and more interestingly says that Context.ai employee machine was compromised 22 months ago, in 2024! While TFA says February 2026. This details makes me doubt about the whole article
[1] https://www.trendmicro.com/en_us/research/26/d/vercel-breach...
TrendMicro, not MicroTrend ^^;;
It might be the opposite - they logged into their work gmail account on their home machine to check their email.
I'd instead blame the IT department that let users install arbitrary software.
Or how it is possible to grant broad permissions to their Google workspace account. That doesn't happen where I work. Only a handful of approved applications can connect.
I totally agree with your post.
> ... what should happen to the Context.ai employee that thought it was a good idea to play games in their work machine ...
And if we think just a tiny, tiny, bit about this the entire concept of a laptop that's both used at work and outside work for non-work related things is already quite a stretch.
I could name one company that is top 10 in market cap in the world where engineers had, on their desk (or below it), a work computer that was not connected to the Internet (but fully connected to an internal network) and a second computer, on another network, that was connected to the Internet. They may still have that setup today: don't know.
FWIW my main "workstation" (it doesn't have ECC memory and, weirdly enough, the actual workstation here is... a Proxmox server) doesn't even have sound.
No sound.
Ask yourself this: can you work without your main work computer even have the ability to emit any sound? For most people it's yes.
And I'm no luddite: countless NUCs, Pi's (got a tower of stacked Raspberry Pi's), laptops, etc.
But I don't need to watch Youtube vids on my main work computer. And I certainly don't need to play games on it.
Conf call? There are laptops for that.
Youtube vids? Just watched several from Clojure/Conj 2025 these last days. From one of the laptops.
The very idea that you game on the laptop that you bring to the coffee shop that you bring at work is what brought down Vercel. And shall take down many others.
That’s one among a dozen factors at play here. Yes that’s bad, but also the security of other systems should never depend on your work laptop never getting hacked or having spyware installed. If that’s the only defense, you’re going to have problems.
I know and understand, but still, if the claim is factually true - and now I'm doubting, that's basic security hygiene that everyone working in a software company should be required to know before getting hired.
Right? This isn't "A Roblox cheat and an AI tool", this is a failure of basic basic basic opsec across two organisations.
One for which the Context.ai employee needs to have their arse booted up and down the car park for.
What about the context.ai security team?
You can blame individuals, but security is a property of the system.
I doubt they had one. Context.ai got acquihired by OpenAI when it was still a very small company. I think they were winding down the original business, so it's unlikely that it grew after that.
It’s a very fine line. How do you check if people adhere to policies and at the same time don’t monitor them permanently?
4 replies →
The bootings will continue until the fuckups improve.
[dead]