We're Suing ICE. Here's Why

Hello, and welcome to the 404 Media podcast, where we bring you unparalleled access to hidden worlds, both online and IRL.

404 Media is a journalist-founded company and needs your support to subscribe.

Go to 404media.co, as well as bonus content every single week.

Subscribers also get access to additional episodes where we respond to their best comments.

Gain access to that content at 404media.co.

I'm your host, Joseph, and with me are all of the 404 Media co-founders, the first being Sam Cole.

Hello, Emmanuel Mayberg, hello, and Jason Kebler.

What's up, what's up?

All right, not really much housekeeping this week.

So, how about we just go straight into this story, which is also something of an announcement?

The headline is: We're suing ICE for its 2 million spyware contracts.

Jason, do you want to lead the discussion on this one?

Who is we?

It's us.

It's 404 Media has sued ICE

in DC federal court.

I think this is something that we have always wanted to do, right?

Like not necessarily sue ICE, but do FOIA lawsuits.

So I guess, what is this lawsuit about and why are we doing it?

Yeah, I've wanted to do this for a long time.

You will see amazing FOIA-based reporters like Jason Leopold, for example, who's now at Bloomberg, and he'll get these amazing documents.

And

pretty often it will turn out that you need to sue the government for access to those documents because they're not just going to hand them over.

We've never really done this because it's expensive, obviously.

And when we were working at Vice,

I don't know if we actually tried it, but I imagine it would be difficult, probably,

to get the resources to be allowed to do this sort of thing.

And now that we're independent, we can do it.

So, yes, this is a Freedom of Information Act lawsuit.

Basically, I filed a FOIA request with ICE way back in October 2024.

asking for documents related to this contract they have with a company called Paragon.

We'll talk about in a minute.

But basically, they sell spyware for breaking into phones.

And ICE, I think they acknowledged the request once and never got back to me.

And that is illegal.

You're not supposed to do that.

Of course, government agencies and especially US government agencies often delay the release of any documents.

You know, it's incredibly unusual for you to get the documents in the 30-day window or whatever it is.

But usually they say, we're sorry, we have a massive backlog.

Give Give us another 10, 20, 30 days or whatever.

ICE just did not communicate at all.

And these documents seem especially important now

because ICE just reactivated this contract.

It was put on hold during the Biden administration and it's back now.

So it seemed very timely and important to file this lawsuit.

so we could get the contract and we can see, you know,

why ICE had bought this powerful tool, basically

yeah just like a little bit of FOIA nerdery before we get into the specifics here

as Joseph said federal agencies have I believe it is 30 days to respond to a FOIA request

like you said they almost never actually give you the documents in that time

you know that in that time period

they will send like oh we're working on it blah blah blah but unfortunately it seems like the only way to get documents in a timely manner sometimes is to file a lawsuit.

And so,

as Joseph mentioned, it's like we have filed many, many, many FOIAs over the years, some of which

do get ignored like this.

And, you know, we probably would have ideally wanted to file more lawsuits over the years, but they are expensive.

They're logistically complicated.

We're not lawyers, so we need to find a lawyer to do this for us.

And I think often you have to do a cost-benefit analysis of like, do we really want these documents enough to like go to court over them?

Because

as Joseph mentioned, a lot of journalists and organizations that sue for this sort of stuff are successful doing it because it's a pretty open and shut case.

It's like we're requesting this, like how taxpayer money is being spent.

And the specific document that Joseph asked for, this contract, is very simple to provide.

It's not something that is going to take the FOIA officer, which is the, you know, the people in

the Freedom of Information Office

that long to like pull a contract.

It should take a few seconds.

We're not asking for like tons and tons and tons of documents and deliberations and things like that.

And so.

I mean, our hope is that the system still works and that we'll be able to get these documents hopefully relatively quickly.

But, anyways, let's dive deeper into what Paragon is.

So, Paragon is a spyware company.

Where are they based?

Who do they sell to?

What do they do?

Yeah,

so some listeners may be familiar with the government spyware industry.

These are companies that sell remote phone and computer hacking tools to law enforcement and intelligence agencies.

Some of those names you may may have heard of include Hacking Team from Italy, FinFisher,

I think from Germany.

It's been a long time since I've covered FinFisher.

Then you have the infamous NSO group from Israel.

And Paragon is also from Israel and it has a US subsidiary.

And that's a context in which Paragon sits.

It develops this spyware.

and it sells it to government agencies.

Listeners may also be very much aware that the government spyware industry is full of scandal and abuse.

Hacking team was used to target activists, Finn Fisher as well.

I remember way back, basically, when I started writing about this sort of thing in 2014, 2015, that sort of timeframe, it was being used to target activists in the Middle East and North Africa, the Finn Fisher spyware.

And then, NSO group has been used notoriously around the world to target activists and journalists as well, with, you know, even some indirect connections to Jamal Khasogi as well.

Paragon positions itself

differently.

It says it is almost like the ethical equivalent to those companies.

So while

Some of those companies will sell to a lot of different governments, including authoritarian states, Paragon says it doesn't.

It really works with democracies.

And one of those clients that maybe we'll talk about in a minute is Italy.

Even with that being said,

the last scandal going on in Italy with Paragon.

And it's not just sort of the customers that separate it, it's also the product.

And we'll go into more detail in a second, but it's still exceptionally powerful, but it focuses more on getting messages from encrypted chat apps like Signal or WhatsApp rather than taking control of the entire device.

Right.

So it essentially is spyware that compromises the phone for the purpose of reading encrypted messages that are on the device.

Yeah.

And the product specifically is called Graphite.

And it will use, you know, presumably various exploits.

One that was previously discovered by researchers and fixed was one in WhatsApp, where the user of Paragon would send a PDF file to the target in WhatsApp, and without the target even clicking a link, WhatsApp would render or load the PDF.

That would trigger an exploit, which would then be used, and that would break into the phone.

And that is, of course, what's especially notable about Paragon and other related spyware is that this stuff can infect a phone, broadly speaking, without the target really doing anything.

Of course, that has a massively powerful capability, which is more often than not outside of the realm and the budgets and the reach of even, you know, top-tier cyber criminals.

We are talking nation-state and nation-state contractor sort of spyware.

Whereas NSO Group, you know, they'll break into the phone and it will get the location data, the text messages, the phone calls.

Graphite and Paragon position it as we're doing a more limited ethical collection here.

That being said,

we don't know exactly what ICE is buying, which is why we're trying to get the contract in the first place, because we don't actually know if it's for graphite or not.

It could be for a different piece of software.

All it says in the public procurement records is something like it's a proprietary developed solution, and they'll give us training blah blah blah we don't know what ice has exactly but it costs two million dollars so presumably it's it's capable of doing something

For years, I thought buying glasses was a nightmare.

I'd sit at my optometrist's office and try on glasses I didn't like, which took forever to make and were riddled with hidden fees when I went to check out.

Then I found Warby Parker, realized it didn't have to be this way, and I haven't looked back since.

Warby Parker uses nothing but premium materials in each frame.

Warby Parker designs every frame in-house, and their collection includes silhouettes, colors, and fits made to suit every face.

I have a super wide face, but Warby Parker has me covered.

Warby Parker offers everything you need for happier eyes.

Eyeglasses, sunglasses, contact lenses, and eye exams.

You can shop with them online, at home, and in stores.

Warby Parker has over 300 retail locations across the U.S.

and Canada where you can get styled by one of their friendly, expert advisors.

Warby Parker glasses start at $95 and include prescription lenses with anti-reflective, scratch-resistant coatings.

Many Warby Parker locations offer comprehensive eye exams starting at $85.

Add a pair and save 15% when you purchase two or more prescription pairs of glasses or sunglasses.

This offer is available both at home and in stores.

Free shipping and free 30-day returns.

My favorite thing about Warby Parker is that I can get stylish, modern glasses and sunglasses at a price point that feels super premium, but doesn't hurt my wallet.

I recently picked up a pair of black walnut LEO shades, frame width wide, of course.

which protect my eyes and elevate my outfits.

Warby Parker has over 300 locations to help you find your next pair of glasses.

You can also head over to WarbyParker.com slash 404media right now to try on any pair virtually.

That's warbyparker.com slash 404 media.

Warbyparker.com slash 404media.

What's softer than cashmere and warmer than wool?

It's not a riddle.

It's an alpaca hoodie.

And I had to check it out after hearing some of my favorite podcasters talking about PACA.

PACA makes performance apparel from alpaca fiber, one of the world's most sustainable natural fibers.

Their best-selling hoodie is softer than cashmere, warmer than wool, and breathable.

It's lightweight, but still cozy, doesn't stretch out, doesn't pill, and somehow keeps me warm when it's cold and cool when it's hot.

Basically, it adapts to wherever life takes you.

This hoodie is built for real life, thermal-regulating, odor-resistant, durable, and made to last.

Each one is handcrafted in Peru by artisans who stitch their name into the tag, a personal signature of quality and care.

Over 100,000 people have already picked up the PACA hoodie.

What makes it even better?

Knowing it's made sustainably and ethically from traceable alpaca fiber while supporting the communities and artisans in Peru who bring it to life.

I've been into alpaca hoodies ever since I studied abroad in South America 15 years ago.

But PACA is by far the best hoodie I've had.

It's soft, stylish, and has become my everyday go-to hoodie as the weather cools off this fall.

Right now, when you order your PACA hoodie, they'll throw in a free pair of their alpaca crew socks.

These are seriously next level.

They keep your feet dry, never smell, and on top of that, they're just insanely cozy.

If you've been thinking about leveling up your hoodie game, this is your sign to do it now.

To grab your pack of hoodie and free pair of alpaca crew socks, head to go.pakaapparel.com/slash 404 media and use my code 404media.

That's go.p-aka apparel.com/slash 404 media and enter code 404 media.

So, um,

what do we know about who graphite has been used against before?

Like, what countries have used it?

Like, what is the history of it?

Because, um,

as you said, like, there is a history of this spyware being used elsewhere, at least.

Aaron Ross Powell, yeah.

So again, Paragon positions itself as we're just going to work with democracies, we're going to be very, very above board, that sort of thing, which is why, presumably, they sold to Italy.

And eventually, the Italian government was open about this, but only really after it was discovered they have been used by presumably Italian authorities to target journalists, to target activists who were trying to save migrants, you know, obviously who are crossing oceans and seas and are at great risk of harming themselves.

Paragon's technology was used against them.

Eventually, Paragon even stopped selling the technology to Italy.

Like, of course, we don't hear about it this much.

If listeners want to read more about that, definitely go check out our colleague at TechCrunch, Lorenzo Franceschi Bicarai, who has been covering spyware for years and he did it with me for a very, very long time as well.

But he's been following Paragon closely.

And of course, being Italian as well, he has, you know, some pretty good insight into that sort of stuff.

But it's not just Italy, researchers at Citizen Lab, which is this, you know, academic security research body,

as they often do, found fingerprints of this malware and this system

online, and they identified deployments in Australia, Canada, Cyprus, Denmark, Israel, and Singapore.

That's not to say that those countries are 100%

using Paragon or Graphite.

Pretty strong indication though.

And the research itself is very well caveated, very well hedged.

But that's always an interesting sign when Citizen Lab starts to find, oh, there are deployments of NSO in this country or Paragon in this country or whatever.

And then I didn't actually know this until I started to write up our article about the lawsuit.

But the New York Times, in one sentence, in one paragraph, in an older story about the spyware industry, they mentioned that the US DEA has used graphite.

And there's no contract, at least not one under the Paragon Solutions U.S.

subsidiary name.

I have FOIAs out with DEA as well.

They haven't been particularly cooperative, but maybe it's already being used in the US as well.

Yeah, and I think the context of ICE having this $2 million contract, I know that the contract was paused for a while.

I guess it was paused due to outrage, right?

Yeah, it's a bit, yeah, it's a bit of both.

So the contract is signed in September 2024.

Wired finds it fairly soon after and covers it.

And then it seems that this took the Biden administration by surprise.

It seems that the White House did not know about it.

Presumably ICE just went and bought it.

And to be fair, why would the White House know about every single purchase by every single law enforcement agency, right?

But the White House put a stop work order on this, basically saying, hey, you can't do this until we review it.

Because weirdly, around the same sort of time, Biden had just signed an executive order that was designed to limit the use of spyware by government agencies.

And that came after all of these abuses by companies such as NSO Group, you know,

which presumably parts of the US and the White House did not want really to be anywhere near.

You don't want to be near a company.

that is going around and being used to hack into the phones of activists and dissidents and that sort of thing.

You know, and there's also potentially a national security risk in that, I don't know, if a US law enforcement agency is using a tool developed by Israel, what's to say that that Israeli company may not be getting some sort of intelligence from it?

Of course, that's more speculative, hypothetical, but there's a concern there as well.

So Biden.

puts this pause on it, the Biden White House.

It's for a year.

Time passes.

Obviously, Trump comes into power.

Obviously, ICE starts its mass deportation campaign and effort.

And now the contract's back.

And then we file the lawsuit because, as you allude to, Jason, it feels even more urgent now to think,

well, to find out, well, what is ICE using this incredibly powerful tool for?

Probably the most powerful surveillance capability ICE has ever bought, really.

Yeah, and I mean, we could get into it, but I feel like we've talked so much about the surveillance technology that ICE uses that we know that they have, and this is just something that is even more powerful if it is indeed graphite.

And, you know, who knows who it could be turned against and in what contexts.

But I think it's important that we do know

the specifics of the contract and how they're doing it.

So that's why we're suing.

Do you want to talk a little bit more about that and and just like what people can do if they want to support this?

Yeah.

And I'll just say more specifically, the documents we're seeking are kind of what I nearly

always request from agencies when I'm submitting a FOIA about a particular contract.

And it's like unsolicited bids, procurement contracts, documents, blah, blah, blah.

The main one for me is something called a statement of work.

And this is a short document, one page, maybe two or three.

And it lays out, and they have to create one of these because it explains sort of what the contract's for.

And it shows in explicit detail, this is the use case for this technology.

This is why we have to buy it from this provider.

And this is what we're going to use it for.

And of course, I think that's really, really important.

It would still be important to know this even during the previous Biden administration.

That's why I filed a frequent information request immediately because I want to know what ICE or really any US government agency is using very powerful spyware for.

The only other real case we know a little bit about is when the DEA bought Hacking Team like more than 10 years ago

at this point.

And I think they were trying to do it for I don't know, targets in Colombia, at least overseas and in South America, that sort of thing?

So it'd be very useful to know what ICE plan to do with it.

That said, if we get the statement of work back and it says, oh, we bought it to deal with child abuse or money laundering or something like that,

the context and sort of the ground underneath ICE's feet has shifted so much now that even if the spyware was sold to HSI, Homeland Security Investigations, it deals with all of that serious organized crime or child abuse stuff, they now are working closely with

the immigration part of ICE.

That who's to say that that tool may not be used for them as well.

And after the contract was reactivated, you had people like Santa Ron Wyden say that, quote, ICE is already shredding due process and ruining lives in its rush to lock up kids, cooks, and firefighters who pose no threat to anyone.

I'm extremely concerned about how ICE will use Paragon's spyware to further trample on the rights of Americans and anyone who Donald Trump labels as an enemy.

⁇ End quote.

And then, yeah, just last thing.

Obviously, we are only able to do this

because of the generous support of our paying subscribers.

So the best way to support this,

to allow us to do this, is to become.

a paying recurring subscriber that is it's not just about the money although of course that is one of the main things it's about the, oh, when we have recurring revenue, we can attempt to forecast, okay, we're going to have this money and we can allocate it for this purpose, in this case, a lawsuit.

Then maybe in the future, we can allocate it for, I don't know, trying to get these other documents or something like that.

So that is the main way

you can help us.

And if you are interested in making, you know, a larger donation, tax-deductible donation to hope to help this work, you can email me at donate at forremedia.co.

But that's the pitch over.

Don't want to go too long about trying to get people to subscribe.

But yeah, that is the main way that we're going to be able to do this.

You think that summed it up fairly, Jason?

I think so.

I think so.

We'll obviously keep people updated as this goes through the legal process.

It was filed on Monday.

So we have not won yet.

Fingers crossed.

No, not yet.

And as far as I know, the process is now,

there's court formalities, and then maybe ICE responds, and then we go from there.

I mean, I would like to join the hearings as much as I can.

I'm sure many of them will be very boilerplate and procedural, but I'd definitely be interested to see some of the arguments.

All right.

We'll leave that there.

When we come back, we're going to talk about a couple of stories that Jason and Emmanuel have been doing.

We'll be right back after this.

Over half of IT pros say securing SaaS apps is their biggest challenge.

With the growing problem of SaaS sprawl and shadow IT, it's not hard to see why.

Thankfully, Trellica by OnePassword can discover and secure access to all your apps, managed or not.

Trele by OnePassword inventories every app in use at your company.

Then, pre-populated app profiles assess SaaS risks, letting you manage access, optimize spend, and enforce security best practices across every app your employees use.

I've been using OnePassword for about a year now, and I can't believe I wasn't using it sooner.

It's made logging into every website and account I have a breeze, and I feel safe when I use it.

OnePassword's award-winning password manager is trusted by millions of users and over 150,000 businesses from IBM to Slack.

And now they're securing more than just passwords with OnePassword extended access management.

Plus, OnePassword is ISO 27001 certified.

With regular third-party audits and the industry's largest bug bounty, OnePassword exceeds the standards set by various authorities and is a leader in security.

Take the first step to better security for your team by securing credentials and protecting every application, even unmanaged shadow IT.

Learn more at onepassword.com slash 404.

That's the number one password.com slash 404, all lowercase, onepassword.com slash 404.

Hiring the right people is one of the most crucial aspects of running a successful business, but the hiring process is rarely straightforward.

From crafting compelling job posts and attracting qualified candidates, each step requires significant time, attention, and effort.

It's a demanding process that can quickly divert focus from other critical areas of your business.

Fortunately, the future of hiring looks brighter thanks to ZipRecruiter's latest tools and features, which help you find the right talent faster, saving you valuable time.

And now, you can try ZipRecruiter for free at ziprecruiter.com slash 404media.

See a candidate you're really interested in?

You can unlock their contact info instantly.

Over 320,000 new resumes are added to ZipRecruiter monthly, which means expediting the hiring process and finding the right person for the job faster than ever.

Use ZipRecruiter and save time hiring.

Four out of five employers who post on ZipRecruiter get a quality candidate within the first day.

And if you go to ziprecruiter.com/slash 404media right now, you can try it for free.

Again, that's ziprecruiter.com/slash 404 media.

ZipRecruiter, the smartest way to hire.

All right, we are back.

So these two stories weirdly happened close together within weeks of each other, but I think that's kind of indicative of what's going on at the moment.

The first one from Jason, AI work slop is killing productivity and making workers miserable.

I mean, I've never heard that term before, Jason, work slop.

I don't know if it was made up for this study or

for this piece exactly.

So what is AI work slop exactly?

Yeah, new word just dropped.

New word.

So, I mean, it's obviously playing off of the idea of AI slop, but it's AI slop at work, basically.

But we're talking about like very standard, like white collar work, things like, I don't know, accounting firms marketing firms like

people who prepare presentations and reports and do emails and things like that at a big company in the office

so this was a study done by Stanford University report researchers and people at a company called BetterUp which is a workplace productivity consulting firm

It's a survey of a little over a thousand

white white-collar workers across various industries in the United States.

And it was published in Harvard Business Review,

which Harvard Business Review is not a traditional academic journal, but it is like a highly influential

publication that talks about business goings on.

And I saw it this morning.

and thought it was very interesting because it

I don't know if in a vacuum I would have written specifically about this study and this study alone.

Because I think any single study that's like a survey of different workers' experiences and things like that is like,

I don't know, you have to be not necessarily skeptical, but you need to think, like, was this peer-reviewed?

What journal was this in?

How was the research done?

That sort of thing.

Very easy to get selection bias in that.

Yeah,

I think the findings in this make sense to me, but they align very closely with like five other pieces of research and reports that have come out over the last couple months.

And so basically

they define work slop as AI generated content that, quote, masquerades as good work, but lacks the substance to meaningfully advance a given task.

Yeah.

And so,

I mean, they don't have like specific examples of like, this is AI work slop, but it's funny that they asked, you know, 1,150 workers about this.

And

I don't have the exact number in front of me, but it was something like 40% of workers said that they had encountered this phenomenon.

And it's basically like you ask your colleague or your direct report to do a presentation, to summarize a meeting, to do something like that.

And they basically outsource it to AI.

And the thing that they turn in looks good, but it's useless.

And

it turns out that this is like having a really big problem

for productivity because AI is supposed to make companies more productive, employees more productive.

At least that's the promise.

That's why there's billions and billions of dollars going into it.

And it turns out that like these workers are, one, spending a lot of time correcting the garbage that their colleagues are turning into them.

Then they're having to like, you know, redo the work.

And then, very interestingly, they said,

they basically said, so here's a here's a direct quote from the report: work slop uniquely uses machines to offload cognitive work to another human being.

When co-workers receive work slop, they are often required to take on the burden of decoding the content, inferring missed or false context.

A cascade of effortful and complex decision-making processes may follow, including rework and uncomfortable exchanges with colleagues.

And then they say,

Yeah, they say the most alarming cost may have been interpersonal.

And so it's very interesting because it's like not only are people having to like redo the shoddy work of their colleagues that their colleagues outsourced to AI, they're also having to figure out like how to deal with this and how to deal with their colleagues.

Because

if you're a manager and your worker is like someone who's working for you is just doing a bunch of AI bullshit, and they're not supposed to be, or they weren't told that they could, or maybe they were told that they could, but then the work that they're turning in is like really low quality.

You're having to like navigate,

like, hey, get better, get better at like, uh, at doing your AI work, or don't use AI, or this is not how we do things around here.

And so, it's resulting in a lot more like disciplinary conversations.

And

very interestingly, it says that

after

like a regular worker received work slop, they saw the person who turned in that AI generated work as being less intelligent, less creative, less capable, and less reliable.

So basically, I mean, it's pretty bad.

It's pretty bad.

Yeah, it's fascinating because I imagine, and obviously I'm going to speak for the AI companies.

maybe this is wrong, but I'm pretty sure they didn't anticipate that they're going to introduce these tools.

They're going to be used to workplaces and they're going to be focused much more on like the accuracy and the efficiency of the tool itself.

I really doubt the AI companies are thinking about, oh, we're making people in offices like look down on each other because the other person is using AI, basically.

Like, I seriously doubt.

that came up.

Was that sort of like the human element?

Was that like the biggest takeaway for you and why you covered this?

Because I haven't seen that before.

Yeah, I mean, that is why it was very interesting to me.

I'm curious what the others think because it is like

it's this interesting moment where companies are telling their workers to use AI

and a lot of them are like reticent to do so because

their colleagues will look down upon them.

And that's like, it's not just this study.

There's one other study that found like the exact same thing.

And like, you know Emmanuel can speak more to this but I'm curious what both Emmanuel and Sam think because I think part of like working in any team it's like I don't know if y'all were like sending me a bunch of AI generated bullshit I'd probably be pretty mad

uh

I wanted to say that another reason

we cover this study is that we have been circling this issue a little bit uh Jason and you and I have been talking about this just anecdotally we have heard at various companies, and there's been some reporting about this.

Maybe it was at Business Insider.

I apologize if I'm wrong about that.

But basically, there's a bunch of instances of managers

coming to their teams and saying, the mandate is use AI.

For what purpose?

Doesn't matter.

It just, we have heard from upper management that AI is the future, so you have to use it.

use it first, and figure out why later.

And obviously, that seems like that would lead to bad results and the bad results that this study has found.

So, I don't find it surprising at all.

I guess I did want to say to play devil's advocate, to play AI advocate,

I wonder if,

like,

the correct and useful application of AI is kind of invisible and will not turn up in a study like this.

Because it's like, if somebody asked us

if we use AI, I guess we would note how we do use AI because we report on it and we try to be very transparent.

But it is not like immediately

apparent that we use transcription tools or like, I don't know, spell check and and

various forms of search.

I don't know.

Like

the way that it works is

probably

kind of integrated into your workflow and is kind of invisible.

And Jason, you've written about this as it relates to journalism, but like, do you think that's possible?

Do you think like there's more productive generative AI use happening that is like not turning up in this study?

Yeah, I do.

I mean, I think probably except for that that's why i said like i don't know if i would have covered this study specifically in a vacuum if this was like the only thing that we had heard about this but uh there's been a bunch of studies that have come out over the last couple months and they all find like

different things but i think that they they create like a narrative that is like this isn't actually leading to that

like the transcendent productivity gains that were promised.

So, there was a Financial Times analysis yesterday that was like really good of just like shareholder meeting transcripts filed by SP 500s companies and earnings reports and things like that.

And they found basically that like every company is like, oh, we're using AI, we're going to use AI, we're going to lean into AI.

But then

they're very, very vague about like what they're actually using it for and like what the actual

benefits of of using it are like they're really vague and so um

they say quote most of the anticipated benefits such as increased productivity were vaguely stated and harder to categorize than the risks um there was an mit report in july that said uh despite 30 to 40 billion dollars in enterprise investment into generative ai this report uncovers a surprising result in that 95 percent of organizations are getting zero return

And that one's super interesting because they're saying actually a lot of companies are getting really specific productivity gains from AI and like very specific things, like I don't know, customer service or something like that.

But then aggregated out across like the entire, an entire company or an entire industry is like AI is making something slightly more efficient, but then this issue of of like hallucinations and like

problem stuff coming up is

hindering productivity even more than

like any sort of productivity gain.

And then another one is a Gallup poll from June where it's like 40% of all workers say that they've used AI, but almost all of them say that they're quote, using AI at work without guardrails or guidance.

And so, and they also said the benefits of using AI in the workplace are not always obvious.

And so, I think that's how you get to this work slot question, because as you said, it's like the companies might say, use AI, or maybe a worker just like tried Chat GPT one time at home, and they're like, oh, I could just like have this do my job for me.

And so they're using it.

And then

like

that's how you end up with a bunch of like really shitty uses of AI because they are maybe not integrating it into their workflow.

They're just like outsourcing their brain to this technology.

Yeah.

Speaking of outsourcing, I think that brings us to the next story from Emmanuel.

And you published this a few weeks ago, as I said, but it's amazing how these two lined up.

The headline of this one is the software engineers paid to fix vibe-coded messes.

I'm sure people know, but vibe coding coding is basically using an AI assistant to develop code.

And maybe you're not the most familiar with code or maybe you have no knowledge of code whatsoever, but you want to build a video game or you want to build an app or something else and you can do that through vibe coding, essentially.

But it looks like...

That sometimes makes a mess.

And, you know, maybe even people are, well, people are being paid to fix it as well.

Just to step back a little bit, Emmanuel, what's this meme that you saw

around LinkedIn?

Like people were joking about, oh my God, I'm just paid to fix people's messes or something.

Like, what was the meme?

Yeah, there was this screenshot going around on LinkedIn that showed a bunch of LinkedIn profiles where the person's job description was vibe coding cleanup specialist.

And

I don't know if you know this, but LinkedIn is definitely the most corny social media platform.

Fully, fully aware of that.

So a bunch of people who thought they were really funny were kind of like screenshotting it and making the same joke about like, ha ha, vibe coding is supposed to make coding easier, but then you've created like this whole new industry of people who fix vibe coding projects because actually

the end product is shoddy and somebody else has to come in and fix it and really you haven't saved time or energy or money or nothing.

You've just like created a new problem for an actual human programmer to solve.

And I saw that, and I was kind of clicking around LinkedIn and looking up those profiles, and it wasn't clear to me that

it was real.

If you are one of those people on LinkedIn, please reach out to me.

I'd like to talk to you.

But it seemed like some people change their job description as a joke, maybe.

But I thought that the premise felt true.

And that's why jokes are funny usually is that they speak to some truth.

And I did some looking around, and it's definitely a thing.

Like, it is 100%

a real job and increasingly

a line of business for existing companies or an entirely new business for entirely new companies.

Yeah.

So you spoke to a couple of these people who are fixing these vibe-coded messes, basically.

I think one was an individual and one was a entirely new company.

Is that right?

And like, what were they telling you about this process?

Like, they're making real money doing this?

Yeah.

So

there's like two categories of people in this line of business now.

One is like the freelance engineer, freelance computer programmer on platforms like Fiverr.

And I think Upwork has some people that are doing this, but there's definitely a ton of them on Fiverr where it's basically like a gig, a gig working platform that we've covered before.

And if you just search search for vibe coding, there are a bunch of people who will vibe code stuff for you.

And there is a bunch of people who will fix your vibe coded project and are essentially vibe coding cleanup specialists.

And that's how they advertise their skill set.

They're like, you're trying to make an app.

You got what you wanted, but now it's kind of buggy.

I'll come in and I'll fix it for you.

That's what I do.

And

Fiverr, I would say, in order to make money there, which is, I think, very hard to make a lot of money, but there's a lot of programmers in

India

and other parts of the world where

even though it's just like not a lot of money for a gig, it's that the money goes farther there.

And there's a lot of people competing for the work.

So they seem to kind of

shift with the trends, right?

It's like you offer in your skills whatever people are searching for.

So a bunch of them have just shifted to this like, I'll fix your Vibe code mess

project.

So there's those people.

I talked to one guy.

He says he has worked with like 15 to 20 clients.

He said that a lot of what he fixes

is

UI stuff, right?

So it's like somebody will vibe code an app, it will do

what

they want it to do, but it doesn't look like the thing they want it to look like.

And he does all of that.

Probably security stuff as well.

Like, I can't remember the specific examples, but there's been vibe coding, and

you can't imagine that, you know, the AWS keys and their permissions are handled in necessarily the best way when it's coupled together with AI.

But like, that's scary.

The amount of apps are going out there without security, probably.

That's a very good point.

That hasn't come up.

And I think it's not a coincidence that it hasn't come up.

I think that nobody really wants to commit to making your app super secure because

the stakes around that are very high and real.

So I think people are intentionally not talking about it.

They're talking about more superficial things, but that's totally true.

Like, I would be very concerned about giving my information to a Vibe coded app.

I, a few months ago, reported about a Vibe coded game

that had a security issue that didn't compromise use of information, but

was abused to deface the game

that the person makes.

So it's definitely a real issue.

If you were to do something like that, if you wanted somebody to

fix your Vibe coded project for security issues, I would recommend probably reaching out to one of these companies like Ulam Labs, which are based in Poland, I think, and like are a software engineering firm that has existed for a long time.

But they just open a new line of business where they advertise their skills to fix vibe coding projects.

And it's funny, like, I wish I had these people reach out

before I published the story, but since I published the story, a bunch of other

software engineering firms of that level got back to me and they were like, Yep, this is our business now.

We totally do this.

Um, it's like if you want to talk next time, so it's like, there's definitely a lot of people in that space.

And then one person I talked to who was very

interesting.

Uh, his name was Swatanatra Sani,

and he's a vibe coder himself.

And when he saw that vibe coding was catching on as a thing, he just went out and bought a bunch of domains that had vibe coding in the name.

And one of those was Vibecode Fixers.

And when he realized that this was a problem, because he started

he himself as a Vibe coder and other Vibe coders who reached out for help and him helping other people, he realized that there's like a real business here.

He used that domain name.

of vibecodefixers.com to create a platform where like you sign up as an engineer to offer your skills and other people who come in with their projects and like connect with those engineers to fix those problems.

So it's basically a Fiverr-like,

but the entire purpose of it is just to fix

Vibecoded projects.

Yeah, it is admittedly smart where inserted themselves as the middleman, which is the perfect software business,

Uber, whatever.

And yeah, ride this wave of everybody making kind of shit apps.

And if I could be the middleman that injects myself and connects them, I mean, did he give any indication how much money he's making or not?

Yeah, I'm looking at the site right now.

I don't know.

It's a real ass website.

I don't think he is doing probably what

other

tech startups would say is a smart thing to do, which is he doesn't care about monetization now.

He just wants to be like the established place for this kind of thing.

So I don't think he's charging anything.

He's just getting as many engineers as possible to sign up.

So it's like a viable solution for this thing.

He did have a lot of like

really great insight, I thought, not just as a person who operates this platform, but as somebody who is into vibe coding and has fixed other people's vibe coded projects.

And he said

that often the biggest problem with clients is psychological in that,

you get someone who's not a software engineer who has an idea for an app, and they like start vibe coding the app, and they get something semi-functional, and they fall in love with it.

They become very enamored with the fact that they made a thing, but then it's very shoddy.

And they come to him and they're like, Please fix this thing.

And he looks into it and he was, and he's like, Well, as an engineer, the smartest thing for me now to do is like put all of this in the garbage and start over and build it again without vibe coding because that will be a much better, much faster solution.

But the client is like, no, no, no, my baby.

Like, you can't possibly do this.

You know, this is my app.

This is my dream.

So I thought that was like a very interesting psychological aspect.

And I could definitely see that being the case where, you know, and this is, this is what

the promise of vibe coding is, right?

Where it's like you get a bunch of people who don't necessarily have the technical skills to build something, you suddenly let them build things.

And that's that's great.

But,

you know, once you get to a real engineer, that dream can like kind of fall apart.

But he'll do it.

Like he'll fix it.

He'll fix your shitty app and charge you for it.

Even though it's like probably not the best move.

Maybe we leave that there and you can put that quote on his website.

He'll fix your shitty app and charge you for it.

We'll leave it there.

If you're listening to the free version of the podcast on Our Play Us Out, but if you are a paying 404 million subscriber, we're going to be joined by our regular contributor, Matthew Golt, and we're going to talk about a couple of other things.

One is a malicious game on Steam that he covered, which targeted a cancer patient rather outrageously.

Then, keeping with the video game theme, we're going to talk about a game that some people are finding very hard, including Jason,

called Silksong.

He's shaking his head.

You can subscribe and gain access to that content at 404media.co.

As a reminder, 404 Media is founded and supported by subscribers.

If you do wish to subscribe to 404 Media and directly support our work, please go to 404media.co.

You'll get unlimited access to our articles and an ad-free version of this podcast.

You'll also get to listen to the subscribers only section where we talk about a bonus story each week.

This podcast is made in partnership with Kaleidoscope.

Another way to support us is by leaving a five-star rating and review for the podcast.

That stuff really helps us out.

Here is one of those reviews from BM White Waltz.

Great source of technology news, very approachable, five stars and two thumbs up as well.

This has been For a Full Media.

We'll see you again next week.