One of the inventors of Siri, the original AI agent, wants you to “handle with care” when it comes to artificial intelligence. But are we becoming too cautious around AI in Europe and risking our future?
Agentic AI is just a buzzword for letting AI do things without human supervision. It’s absolutely a recipe for disaster. You should never let AI do anything you can’t easily undo as it’s guaranteed to screw it up at least part of the time. When all it’s screwing up is telling you that glue would make an excellent topping for pizza that’s one thing, but when it’s emailing your boss that he’s a piece of crap that’s an entirely different scenario.
Agentic AI is just a buzzword for letting AI do things without human supervision
No, it isn’t.
As per IBM https://www.ibm.com/think/topics/agentic-ai
Agentic AI is an artificial intelligence system that can accomplish a specific goal with limited supervision. It consists of AI agents—machine learning models that mimic human decision-making to solve problems in real time. In a multiagent system, each agent performs a specific subtask required to reach the goal and their efforts are coordinated through AI orchestration.
The key part being the last sentence.
Its the idea of moving away from a monolithic (for simplicity’s sake) LLM into one where each “AI” serves a specific purpose. So imagine a case where you have one “AI” to parse your input text and two or three other “AI” to run different models based upon what use case your request falls into. The result is MUCH smaller models (that can often be colocated on the same physical GPU or even CPU) that are specialized rather than an Everything model that can search the internet, fail at doing math, and tell you you look super sexy in that minecraft hat.
And… anyone who has ever done any software development (web or otherwise) can tell you: That is just (micro)services. Especially when so many of the “agents” aren’t actually LLMs and are just bare metal code or databases or what have you. Just like how any Senior engineer worth their salt can point out that isn’t fundamentally different than calling a package/library instead of rolling your own solution for every component.
The idea of supervision remains the same. Some orgs care about it. Others don’t. Just like some orgs care about making maintainable code and others don’t. And one of the bigger buzz words these days is “human in the loop” to specifically provide supervision/training data.
But yes, it is very much a buzzword.
Hat on top of a hat technology. The underlying problems with LLMs remain unchanged, and “agentic AI” is basically a marketing term to make people think those problems are solved. I realize you probably know this, I’m just kvetching.
Not really. By breaking down the problem you can adjust the models to the task. There is a lot of work going into this stuff and there are ways to turn down the randomness to get more consistent outputs for simple tasks.
there are ways to turn down the randomness to get more consistent outputs for simple tasks.
Yes: shell scripting, which we have had for half a century.
But the term “Agentic AI” sells better than “shell scripting with extra steps and shittier results.”
turn down the randomness to get more consistent outputs for simple tasks.
This is a tricky one… if you can define good success/failure criteria, then the randomness coupled with an accurate measure of success, is how “AI” like Alpha Go learns to win games, really really well.
In using AI to build computer programs and systems, if you have good tests for what “success” looks like, you’d rather have a fair amount of randomness in the algorithms trying to make things work because when they don’t and they fail, they end up stuck, out of ideas.
To play devils advocate, agentic things wouldn’t necessarily include software development. “Hey siri create me an e-commerce site” isn’t likely to happen for a long while, because like you said it’s a complex thing that doesn’t have clear success measures. But “hey siri get me a restaurant reservation at place, hire a taxi for me to get there, and let Brad know the details” can be broken down into a number of different “simple” things that have simple to define measures of success. Did a reservation get booked? Did we tell Brad the details? etc.
“Hey siri create me an e-commerce site”
You should try it. If your e-commerce site is simple with a lot of similar examples out in the wild to point at, I believe the latest agents actually can do such a thing. You’ll just have to give them access to your financial account details so the site can process payments to you, you understand? While that’s a joke, it’s also true. You need to be able to check what the AI has done to be sure it’s doing what you want.
“Hey siri create me an e-commerce site” isn’t likely to happen for a long while, because like you said it’s a complex thing that doesn’t have clear success measures.
One would hope so, but of course Someone is trying it, and it has gone as poorly as you might imagine.
Yes, but my point is that it’s a completely separate problem. Think of agentics like powershell applets. They generally only do one thing, but you can chain them together to achieve a larger goal.
You’re complaining about single applet, or a specific type of applet, while the topic is applets in general.
Yes. You’ve shared the use case where Agentic AI makes sense.
Basically, if I need more randomness than a shell script can supply, it makes sense to mix a learning model in.
The use case I think we will continue to see significant use in is (low quality) advertising in contexts where only the product matters (not the brand). The cost for failure is lower, and the reward for creativity is higher.
Even in that nearly ideal use case, many companies leveraging it are going to discover that their brand image cannot afford to be associated with sociopathic AI slop. So I think even that trend is about to peak and reduce.
I started working with AI in earnest a few weeks ago, I find myself constantly making the distinction between “deterministic” processes and AI driven things. What I’m mostly focused on is using AI to develop reliable deterministic processes (shell scripts, and more complex things) - because while it’s really super cool that I can ask an AI agent to “do a thing” and it just does what I want without being told all the details, it’s really super un-cool that the tenth time I ask it to do a very similar, even identical, thing it gets it wrong - sometimes horribly wrong: archive these files, oops I accidentally irretrievably deleted them.
You’re both right imo. LLMs and every subsequent improvement are fundamentally ruined by marketing heads like oh so many things in the history of computing, so even if agentic AI is actually an improvement, it doesn’t matter because everyone is using it to do stupid fucking things.
Yeah like stringing 5 chatgpt’s together saying “you are scientist you are product lead engineer etc” is dumb but stringing together chatgpt into a coded tool into a vision model into a specific small time LLM is an interesting new way to build workflows for complex and dynamic tasks.
The way I see Agentic AI is it’s just a dumber customer service agent that is ready and willing to be scammed and phished. Not my fault if these companies are too stupid to put in proper guardrails.
I agree with you. I don’t mind local AI searching the web for topics I’m interested in and providing me with news and interesting tidbits. I’m not OK with AI having any kind of permission to run executable code.
I think there’s a difference between letting it do somethings and letting it finish something.
It shouldn’t be the one clicking the send button because everything needs to be verified, but it’s fine to have it surf the internet or turn a request into a set number of tasks with a to-do list.
Writing an email with it is a no-go for me though, I avoid it the moment it comes to actually communicating with someone. Using AI strikes me as patronizing.
It’s Argo Workflows
Mechanical key based door lock cylinders are “Agentic AI” - they decide whether or not to allow the tumbler to turn based on the key (code) inserted. They’re out there, in their billions around the world, deciding whether or not to allow people access through doorways WITHOUT HUMAN SUPERVISION!!! They can be easily hacked, they are not to be trusted!!! Furthermore, most key-lock users have no idea how the thing really works, they just stick the key in and try to turn it.
This is just a poor analogy.
A door lock can’t buy up Amazon’s entire stock of tide pods on my credit card.
A door lock can’t turn on someone’s iot oven while they’re out of town.
A door lock can’t publish every email some journalist has ever received to xitter.
A mechanical door lock doesn’t hallucinate extra fingers, and draw them into all the family photos saved on a person’s hard drive.
A door lock can’t buy up Amazon’s entire stock of tide pods on my credit card.
But it can let in a burglar who can find your credit card inside and do the same. And why are you giving AI access to your CC#? You’d better post it here in a reply so I can keep it safe for you.
A door lock can’t turn on someone’s iot oven while they’re out of town.
But it can let in neighborhood children who will turn on your gas stove without lighting it while you’re out of town.
A door lock can’t publish every email some journalist has ever received to xitter.
True, the journalist, or his soon-to-be-ex-spouse, can “accidentally” do that themselves - and I suppose the ex-spouse who still has a copy of the key can “fool” the lock with that undisclosed copy of the key while the journalist is out having sushi with his mistress.
A mechanical door lock doesn’t hallucinate extra fingers, and draw them into all the family photos saved on a person’s hard drive.
I’ve worked with AI for a while now, it’s not going to up and hallucinate to do that - unless you ask it to do something related.
But it can let in a burglar who can find your credit card inside and do the same. And why are you giving AI access to your CC#? You’d better post it here in a reply so I can keep it safe for you.
You aren’t giving your door lock access to your credit card information. And it didn’t “let the burglar in” so much as it has a failure ceiling. Meaning that there is more of a chance that a burglar can get in than zero, but less of a chance than if you didn’t have a lock at all. An outside party is circumventing the protections you put into place to protect your credit card number. Or perhaps (possibly) you are circumventing it by accident by leaving the door lock unlocked.
However, in both those cases, the door lock is not doing anything of its own volition, and won’t be doing that outside your control. The AI LLM is doing stuff both of its own volition (perhaps within parameters you set, but more likely outside of parameters you set, but within parameters the company that makes it set and only that to a degree).
You don’t do any banking except in person? Any shopping except in person with cash? Because that’s what you’re suggesting when you say things like “why are you giving it access to your credit card”.
Microsoft is suggesting that they will run “Agentic AI” on the windows 11 computers of hundreds of millions of peoples personal devices in the background without their direct input, and that this AI may download malware or be a threat vector that malicious apps, services, etc can take advantage of. But they’re going to do it anyway.
Microsoft is not installing door locks in my house, and if they tried I’d kindly escort them off the property, by force if necessary.
the door lock is not doing anything of its own volition
Neither does an AI agent. You give it power (electricity), you give it access to your computer / phone, any cloud storage accounts you may have, local NAS, network connectivity. You do all these things just like you install a lock on a door, or don’t. Once the lock is installed and you leave the premises, you are trusting the lock to do what it does.
If you hand an AI your CC#, you get what you deserve.
If you hand an AI access to your hard drive and you store your CC# on your hard drive, you get what you deserve.
If you leave your door unlocked and the school bus lets a bunch of 14 year olds off by your house while you’re away, you get what you deserve.
If you install Microsoft Windows 11 AI edition on your PC and let these AI features run, you get what you deserve.
I have many “smart home” appliances and features. They do not: control things that make fire, control the lights on our staircase, control the house door locks. I give them such access as I trust them with. I do “overtrust” one with alarm clock features, and the morning our power went out at 4AM we overslept, just like would have happened if we used an old 1960s style electric alarm clock. You can go back to wind-up with bells, if you like, or you can accept that the modern world isn’t always more reliable than the older ways.
The AI LLM is doing stuff both of its own volition
The AI stuff I have been working with has an explicit switch: Agent mode vs Plan mode. In Agent mode it can (and frequently does) do all sorts of surprising things, some good, some bad. In Plan mode all it does is throw responses up on the screen for me to read, no modification of files on my system. I effectively ran in “Plan mode” for a few months, copy-pasting stuff by hand back and forth - it was still more useful than web-search, imperfect, annoyingly incorrect at times, but I was in “total control” over what got written to (and read from) files on my system. I’ve had Agent mode access for about 6 weeks now. All in all, Agent mode is 10x more productive. And I have never, ever, even slightly considered the thought of handing it my CC#, though I’m sure many people will, and eventually we’ll get a story about how one of these wonky agents ordered three lifetime supplies of Tide Pods on Amazon when it was asked to get some detergent.
We’re not talking about firing up chat gpt in a web browser here. Microsoft is installing “agentic AI” on windows machines regardless of whether or not customers want it. They don’t have a say in the matter except the more tech savvy of them who will find ways to edge around the restrictions on how long you can delay downloads or whether or not certain features get downloaded at all.
Saying otherwise (that it’s just consumers deciding to use this “feature”) is as disingenuous as your first bad analogy about the lock. Especially since you haven’t explained what function this AI performs. The lock performs a singular function adequately enough for the risk involved for most people. And it does it passively. The AI is not the same no matter how often or how hard you try to shoehorn it into your silly analogy.
You explained your doubling and tripling down quite adequately when you said you work in AI. It would be helpful to this conversation if you could stop drinking the flavorade for five minutes and just think about the fact that people don’t want this and Microsoft is saying that they know it’s problematic but they are forcing it on people anyway.
This conversation is over though because you want to be right more than you want to be logical and correct and so now you are neither. Have a nice life.
If you install Microsoft Windows 11 AI edition on your PC and let these AI features run, you get what you deserve.
regardless of whether or not customers want it. They don’t have a say in the matter except the more tech savvy of them who will find ways to edge around the restrictions
The tech savvy will run Linux. They all (tech savvy or not) have a say in the matter. Even my non-tech savvy wife has been using an Ubuntu laptop, purchased direct from Dell, pre-configured by the factory with Ubuntu 22.04 for the past 3 years. I recently talked her off of her Samsung fetish into the slightly less evil Pixel line of phones. It’s a purchase and use decision. Walking away from Windows isn’t all that hard for most people, if they would just do it. Most are so bloody apathetic, they get what they deserve.
(Some) corporations are going to go hard for the AI in Windows on corporate IT managed machines because “magic free productivity fairy dust…” no, they don’t know how it works, or if it will work, or if it will be a bigger waste of time than the Solitaire app, but it’s new and a lot of corporations embrace the new simply based on Fear Of Missing Out.
The lock performs a singular function adequately enough for the risk involved for most people. And it does it passively.
The AI is not the same no matter how often or how hard you try to shoehorn it into your silly analogy.
Technology marches on, the world does get more complicated. Before we had metal keys that had to be made by keysmiths, there were more simple latches that people could open but most animals couldn’t. Metal keys introduced all kinds of complexity and inter-dependencies and failure modes, but generally we have adopted them as the preferred solution over a peg through two holes.
stop drinking the flavorade for five minutes and just think about the fact that people don’t want this
A lot of people do want it, I’m not saying that people who don’t want it should be forced to use it, far from that. But people have to start standing up for themselves when it comes to what tech they do and don’t allow into their lives. Nobody is making people wear smartwatches, or have smart-speaker(microphones) in their homes, and you’re not actually forced to use any particular desktop operating system either. Maybe your job forces you to use one for work, that’s why you get the paycheck - for doing what they want.
Microsoft is saying that they know it’s problematic but they are forcing it on people anyway.
Only the people who let themselves be forced. Our local dominant grocery chain started inflating their prices radically about 7 years ago, we have plenty of other stores around town, but over half are this dominant chain. I shopped in that chain my whole life, since my grandmother pushed me around in the cart, I stocked shelves in one during college, and it was our 95%+ source of food up until about 7 years ago. I finally had enough with the price abuse when they were about 30% higher than the competition, we stopped going there. They’re over 100% higher than the competition now in most prices and people STILL shop there in droves. Nobody is forcing them to, they’re volunteering to pay double to keep using their familiar grocery store.
I hope the world of desktop operating systems is different, but it’s probably not. People who put up with intrusive agents on their PCs doing things they don’t understand: get what they deserve.
The best way to deal with Agentic AI is to ignore it until it goes away. That’s my strategy. 🙅♂️🫣😖
May I join you?
Hop on in, water’s still warm.
"People are over-trusting [AI] and taking their responses on face value without digging in and making sure that it’s not just some hallucination that’s coming up.
So very, very much this. I see people taking AI responses at face value all the time. Look at the number of lawyers that have submitted briefs containing AI hallucinated citations and been reprimanded for them, for example.
And it’s not just stupid people either. Even smart and educated people get lulled into a false sense of security by a few correct answers to easy questions.
In a way this has happened before (people trusting stuff on social media, trusting bad headlines from bad newspapers, …), but AI is this on steroids.
That’s because their bosses want them to use ai somehow. So here’s the result.
