Have you noticed how every LinkedIn bro is talking about their vibe coding workflows, but no one is showing what they’ve made with vibe coding?
Sometimes a post on LinkedIn will have a link to a “finished” product. But 99% of the time there is a comment that says, “Hey, your API endpoints aren’t protected.”
99% of the time it’s just a basic todo list
The 1 percent being AudioNoise?
It’s literally a single small python file.
But not a ToDo list right?
Unless you consider computer instructions as ToDo items, in which case, all executables would be ToDo lists.
In a recent post on HackerNews, someone said that there is no burden of proof that it works. The purest form of “trust me bro.”
I prefer the other posts of vibe coders complaining about data loss because their llm didn’t tell them how to prevent xss or SQL injection.
Or because their agent wiped all the data on production
Yea, that was a good story.
Like all the other content grifters and their tutorials or get rich quick scams.
I remember there being a CORS problem in a team project.
Perhaps I should ask the webdev at the time whether they had made that thing with AI or they really just made the whole thing themselves and somehow overlooked CORS.Cors was usually not part of any tutorials. To new people it was more of an afterthought, just set policy to get you page to work.
Hehe yeah, security in general has been an afterthought in the computing space.
And it makes sense. You first make something possible, then restrict it for whatever cases you don’t want it happening. The latter is supposed to be easier.
And to think all those times I cursed CORS under my breath. Doing God’s work.
Slightly off topic, buddy of mine decided to switch to Debian and A.i his way through everything, waiting for the day his system fails to boot because of some obscure command it tells him to run.
Idk. I think using ai to learn Linux as you switch to it is fair ground. In the end they’re free from Microsoft. It’s a win. Just make sure they have data backups.
As the great Linus Torvald said:
It’s why I strongly want this to be that “just a tool”.
The problem I’ve seen is the lack of knowledge retention when AI feeds you stuff, buddy wouldn’t even bother to read nor memorize what it’s telling him and just copy-paste commands thinking it’ll fix whatever obscure issue he is encountering.
I’ve been using Debian for the last ~3ish years now relying on documentation from others so I’ve seen how fragile it can get.
In terms of usage of AI, I’m thinking “doing something a million people already know how to do” is probably on more secure footing than trying to go out and pioneer something new. When you’re in the realm of copying and maybe remixing things for which there are lots of examples and lots of documentation (presumably in the training data), I’d bet large language models stay within a normal framework.
