Bret Piatt

Looking to discuss cybersecurity or AI with an expert? I've blocked off a few slots per month where I'm doing 30 minutes for $30. Bring your topic or issue and we'll dive right in, if there's a bit to read beforehand, send and I'll make an effort to go through things. Need an NDA? There's one in the scheduling process, it's optional. You can click on my profile, and then follow the Calendly link (circled in red on the profile photo in this post).

@mitchellh There's certainly a bell curve happening on software development going from "no AI" to "AI I don't know what an IDE is, is that for my AI?" In the middle there is, "MTTR ship and fix" to "humans do all the PR reviews". You'll never notice the good AI use, the bad makes HN.

I strongly believe there are entire companies right now under heavy AI psychosis and its impossible to have rational conversations about it with them. I can't name any specific people because they include personal friends I deeply respect, but I worry about how this plays out. I lived through the great MTBF vs MTTR (mean-time-between-failure vs. mean-time-to-recovery) reckoning of infrastructure during the transition to cloud and cloud automation. All those arguments are rearing their ugly heads again but now its... the whole software development industry (maybe the whole world, really). It's frightening, because the psychosis folks operate under an almost absolute "MTTR is all you need" mentality: "its fine to ship bugs because the agents will fix them so quickly and at a scale humans can't do!" We learned in infrastructure that MTTR is great but you can't yeet resilient systems entirely. The main issue is I don't even know how to bring this up to people I know personally, because bringing this topic up leads to immediately dismissals like "no no, it has full test coverage" or "bug reports are going down" or something, which just don't paint the whole picture. We already learned this lesson once in infrastructure: you can automate yourself into a very resilient catastrophe machine. Systems can appear healthy by local metrics while globally becoming incomprehensible. Bug reports can go down while latent risk explodes. Test coverage can rise while semantic understanding falls. Changes happens so fast that nobody notices the underlying architecture decaying. I worry.

I took 1.7 million photos over 6 days to catch this photo of a commercial jet in front of the sun. The moment it happened, TWO floating prominences were visible, making this not just my best aircraft transit photo, but one of the luckiest of my career! Videos of the transit 👇

@TheStalwart This is a terrible metric, it is very easy to use tokens, while(1) { prompt, "[string that uses lots of tokens]" }. Quality KPIs that are measurable in a timely manner is hard, very hard. For AI usage I personally think about tokens per shipped feature, the lower the better.

The FT says that Amazon employees are doing random unnecessary task automations to consume tokens and to show their bosses that they're using AI more ft.com/content/8ee0d3…

1: Are you building rich content sites with perfect performance scores? 2: I can't, I'm using an AI coding tool. 1: You're using the AI tool or it is using you?

@zeeg @ThePrimeagen I'm not handwriting code, I am trying to figure out how to be a great senior engineer / dev manager to coach it to write great code rather than going in to fix myself. I find it is likely slower at times but faster overall as I continue to tweak the ruleset & learn to manage it.

@ThePrimeagen i havent handwritten code in almost a year but i would also not claim that its without flaw. some of my shit is def buggy, and a lot takes more effort than it should because of this forced constraint and we all certainly have recognized how unstable claude code is

I just read a PM's post about automating their workflows with AI, so let me share some takes: 1. You can automate documentation all you want. You'll still spend 3 hours a week explaining it to people who won't read it anyway. 2. The biggest time sink in product management isn't creating artifacts. It's convincing others your idea was actually their idea all along. 3. I've seen PMs automate their entire PRD process. They still spend 80% of their time in meetings where nobody references the PRD. 4. AI can write your user stories in seconds. Getting alignment on those stories will still take 4 meetings, 12 Slack threads, and one awkward hallway conversation. 5. Most PMs spend more time writing angry Slack messages and then deleting them than they spend on actual product strategy. This is the emotional labor nobody talks about. 6. Every PM job description mentions "data-driven decision making." In reality, you spend most of your time cleaning up decisions your predecessor made based on vibes and executive opinions. 7. The irony of AI automation tools for PMs: They optimize the 20% of your job that's already efficient. The other 80% - managing up, sideways, and down - remains stubbornly human. 8. You know what takes the most time? Re-explaining the same strategy to different stakeholders who all think they're hearing it for the first time. 9. I automated my entire data analysis workflow last year. Now I spend that saved time defending the data to people who don't like what it says. 10. The best PMs I know aren't great at creating artifacts. They're great at navigating organizational dysfunction without losing their minds. 11. Here's the pattern I see: Junior PMs obsess over perfecting their templates. Senior PMs obsess over reducing the number of meetings where those templates get ignored. 12. You want to know where PMs really spend time? Writing diplomatic versions of "this is a terrible idea" in 15 different ways until one lands. 13. AI can generate a roadmap in minutes. Getting everyone to stop trying to add their pet feature to it is a quarterly battle. 14. The cruel joke: By the time you've automated your PM workflows, you'll probably be promoted to a role where none of those automations matter anymore. 15. If AI could automate stakeholder alignment, that would be the real revolution. Instead, we're automating the creation of documents that prove alignment never existed. Product management is 20% building products and 80% managing the humans who make building products complicated.

@jimkaskade It is gone already as of today for at least one person and I get the feeling I'm not alone. x.com/bpiatt/status/…

If Claude Code is going away for Pro users, I can't recommend Claude anymore bit.ly/4w690H5

@gabor I read it all the time, am I doing something wrong? I spend more time reading planning docs than I do code but I'm reading code every day I build.

Does anyone even read code anymore?

@tastybits @claudeai Trying Codex with gpt-5.5 on high first. Haven't used GPT deeply since 2025, Claude was crushing it in my workflow style. So far Codex feels like February Claude before all of the hiding of the work, unsure about the pace, will take a few days to see productivity.

@bpiatt @claudeai What are you moving on to?

So many decisions in April that made the product worse with no version pinning or ability to avoid the regression releases. Bye @claudeai, if you ever return to your March 2026 self maybe we can be together again.

@Austen It is a 1+1=3 situation right now, will be interested to see how long that's the case. Product managers can build MVPs now but if you want a long term architecture you still need an engineer driving the architecture.

@jmitch Look.. Opus 4.7.

Anthropic is really gonna mess this up aren't they?

What are you the best in the world at?

@_robyn_smith @LukeParkerDev How about 60? fortune.com/2024/11/12/jen…

@LukeParkerDev There is no reason to have that many people expecting you

I operate in a world where everyone responds to me within minutes, and I can't believe people still think it's ok to wait a whole day to respond to people when they pick up their phones 100+ times/day

That's a team! #GoSpursGo

@tastybits @OpenAI I'm not using @OpenAI directly for anything paid & I'm not aware of any clients doing so, unsure how OpenAI gets paid by Microsoft. I'm seeing a lot of Copilot usage, incumbency is magical. Seems like OpenAI needs to figure out B2C revenue model ASAP while they have the users.

This isn’t a collapse, but it is a generational fumble by @OpenAI. People underestimate how damaging dysfunction on the executive team can be.

@signulll I use Gemini Pro for audits, reviews of development plans, and red teaming solutions to problems. For writing greenfield code, or even doing full bug fixes, I've struggled to figure out how to make it successful.

not a single person i have ever spoken to uses gemini for coding. this is still very very weird. why is gemini so bad at coding when google has scoured the web full of code for decades?

@bindureddy Anthropic rolled me back to Opus 4.6 today. I didn't do anything differently, launched shells, typed in 'claude', fixed some things, saw commit message signed 'Opus 4.6'. Ouch.

The vibes are off with Opus 4.7 This is Google’s big opportunity to close the gap Time for Gemini Flash to level up to Opus quality 🚀

Had an interview with a “crypto” recruiter. We talked for about 40 minutes, and then they asked me to look at some code. Their first instruction was to clone the repo. I didn’t. They seemed surprised, so I told them I wanted a moment to check whether it was safe first. I ran a quick analysis with Claude. Turns out the code had a backdoor. It would copy my environment variables and send them to a remote server. The recruiter went speechless and ended the call pretty quickly. Be careful who you talk to. Scammers are real.

Sundar Pichai announced at Google Cloud Next 2026 that 75% of all new code created inside Google is now generated by AI and reviewed by human engineers. That is up from 50% last fall. However, I also want to point out to the back and forth between @Steve_Yegge and @Google on the AI usage inside Google. At this point, take the Google numbers with a pinch of salt as there is no way to verify if it is marketing or true numbers. Assuming it is true, I am continuing this analysis. Google is using Gemini models and internal agents for code generation. The company said agent-assisted workflows completed a complex code migration six times faster than a year ago. Google is now factoring AI adoption goals into some engineers' performance reviews and allowing select teams to use third-party tools including Claude Code. The 50% to 75% jump in six months is the number to focus on. If AI-generated code at Google is growing at that rate, the trajectory points toward 90%+ within the next year. But "generated" and "written" are different things. Human engineers still review and ship the code. The question is whether review becomes a bottleneck. If one engineer can review AI-generated code at 3x the pace of writing it, the math works. If review requires the same cognitive load as writing, the productivity gain is smaller than the headline suggests. Connect this to yesterday's GitHub Copilot story and today's SpaceX-Cursor deal. Google, Microsoft, and SpaceX/xAI are all racing to own the AI coding workflow. Google is doing it internally with Gemini. Microsoft is charging for it with Copilot. SpaceX is buying its way in with Cursor. The fact that Google allows some teams to use Claude Code is worth noting. It means even the company with the largest internal AI coding deployment does not think its own models are always the best tool. That is a signal about the state of AI coding models that no marketing claim can override.