undefined | Better HN

0 pointsgiantrobot11mo ago0 comments

> We technical people always underestimate how fast things change when non-technical users can finally get things done without opening the hood.

This is good and bad. Non-technical users throwing up a prototype quickly is good. Non-technical users pushing that prototype into production with its security holes and non-obvious bugs is bad. It's easy for non-technical users to get a false sense of confidence if the thing they make looks good. This has been true since the RAD days of Delphi and VisualBasic.

0 comments

sally_glance11mo ago

Knowing the industry I'm pretty sure they will all push those AI prototypes to production - because they did the same with non-AI prototypes before. Now the question is once they inevitably pull in experienced folk for maintenance, refactoring and debugging, will it be easier or harder than working with that retired solo devs spaghetti codebase?

giantrobotOP11mo ago

From looking at "vibe coding" tools their output is about the quality of bad body shop contractors. It's entirely possible for experienced devs to come in and fix it.

I think there's going to be the same problems as there are fixing bad body shop code. The companies that pushed their "vibe code" for a few dollars worth of AI tokens will expect people to work for pennies and/or have unreasonable time demands. There's also no ability to interview the original authors to figure out what they were thinking.

Meanwhile their customers are getting screwed over with data leaks if not outright hacks (depending on the app).

It's not a whole new issue, shitty contractors have existed for decades, but AI is pushing down the value of actual expertise.

sally_glance11mo ago

Yeah, the current trend has lots of parallels to the low code/no code trend we had a couple of years back and the workflow engine trend we had about 15 years back... I'm curious why you think it would push down the value of engineering hours though, that didn't even happen in the past.

nyarlathotep_11mo ago

> From looking at "vibe coding" tools their output is about the quality of bad body shop contractors.

Genuinely, it's a lot better.

namaria11mo ago

I think this is just another correction. The software market is worth several trillion dollars now. Enterprise is pushing against the rise in labor costs. It will backfire as it did every single time and in a few years competent developers will be worth their weight in platinum.

For nearly 50 years now, software causes disruption, demand drives labor costs, enterprise responds with some silver bullet, haircuts in expensive suits collect bonuses, their masters pocket capital gains, and the chicken come home to roost with a cycle of disruption and labor cost increases. LLMs are being sold as disruption but it's actually another generation of enterprise tech. Hence the confusion. Vibe coding is just PR. Karpathy knows what he's doing.

1 more reply

yieldcrv11mo ago

I don't think its bad enough

Even us entrepreneurially minded technical devs cut corners on our personal projects that we just want to through a Stripe integration or Solana Wallet connect on

And large companies with FTC and DOJ involved data breaches just wind up offering credits to users as compensation

so for non-technical creators to get into the mix, this just expands how many projects there are that get big enough to need dedicated UX and engineers

kangaroozach11mo ago

This suggests a strong need for AI powered code security review and patching as a compliment to Agentic coding platforms. Ideally, in parallel to your coding, it could scan your GitHub and output specific tasks for the Agentic AI to perform for you.

sebastiennight11mo ago

> Non-technical users pushing that prototype into production with its security holes and non-obvious bugs is bad.

I beg to differ. Non-technical users pushing anything into production is GREAT!

For many, that's the only way they can get their internal tool done.

For many others, that's the only way they might get enough buyers and capital to hire a "real" developer to get rid of the security holes and non-obvious bugs.

I mean, it's not like every "senior developer" is immune from having obvious-in-retrospect security holes. Wasn't there a huge dating app recently with a glaring issue where you could list and access every photo and conversation ever shared, because nobody on their professional tech team secured the endpoints against enumeration of IDs?

somebehemoth11mo ago

What about users who sign up for these insecure apps and have their data and possibly their identity stolen due to the misplaced trust? That this already happens is no excuse to encourage even less security by encouraging novices to believe they are experts.

I agree it is great that more people can build software, but let's not pretend there are zero downsides.

conductr11mo ago

This is a contrived situation. Most of the apps in discussion see little to no use and go dead soon after launch. The vast majority are collecting little data of negligible risk.

If a user is confident enough about a no name company that they give them enough info to make identity theft a possibility, it was only a matter of time before a spammer/phishing attack gets them anyway

1 more reply

sebastiennight11mo ago

My feeling is that this is similar to saying, "non-professional AirBnB hosts are a terrible security nightmare, and the fact that people are not much safer in regulated hotels is no excuse to encourage even less security by encouraging novices to play in the hospitality business".

I agree with you on the downsides.

1 more reply

j / k navigate · click thread line to collapse

0 comments

sally_glance11mo ago

giantrobotOP11mo ago

From looking at "vibe coding" tools their output is about the quality of bad body shop contractors. It's entirely possible for experienced devs to come in and fix it.

Meanwhile their customers are getting screwed over with data leaks if not outright hacks (depending on the app).

It's not a whole new issue, shitty contractors have existed for decades, but AI is pushing down the value of actual expertise.

sally_glance11mo ago

nyarlathotep_11mo ago

> From looking at "vibe coding" tools their output is about the quality of bad body shop contractors.

Genuinely, it's a lot better.

namaria11mo ago

1 more reply

yieldcrv11mo ago

I don't think its bad enough

Even us entrepreneurially minded technical devs cut corners on our personal projects that we just want to through a Stripe integration or Solana Wallet connect on

And large companies with FTC and DOJ involved data breaches just wind up offering credits to users as compensation

so for non-technical creators to get into the mix, this just expands how many projects there are that get big enough to need dedicated UX and engineers

kangaroozach11mo ago

sebastiennight11mo ago

> Non-technical users pushing that prototype into production with its security holes and non-obvious bugs is bad.

I beg to differ. Non-technical users pushing anything into production is GREAT!

For many, that's the only way they can get their internal tool done.

For many others, that's the only way they might get enough buyers and capital to hire a "real" developer to get rid of the security holes and non-obvious bugs.

somebehemoth11mo ago

I agree it is great that more people can build software, but let's not pretend there are zero downsides.

conductr11mo ago

This is a contrived situation. Most of the apps in discussion see little to no use and go dead soon after launch. The vast majority are collecting little data of negligible risk.

1 more reply

sebastiennight11mo ago

I agree with you on the downsides.

1 more reply

j / k navigate · click thread line to collapse