Hey everyone! I've been coding since I was 13 and have experience with full stack development. Lately, I've noticed two friends getting caught up in vibe coding since the rise of AI coding tools, and I'm really concerned about it. One friend is using AI to make personal tools that he doesn't share publicly, which isn't too worrisome. But my other friend has vibe coded an app meant for his company that contains internal authentication and is designed to search their dataset, and he's exposed it to the internet via a domain. While the app has authentication, it lacks brute force protection, and I have no idea what the AI-generated code looks like in terms of security. My friends dismiss my concerns, saying things like "it's just a simple thing," and act like no one will bother hacking it. I'm disappointed in them and struggling to find solid arguments to change their minds. I'm also using AI, but only as a helper, not to replace my own coding skills. Has anyone else faced this situation? I really want them to learn proper coding practices instead of relying on vibe coding.
5 Answers
Haha, I had a similar experience! My friends started a project and went all-in with vibe coding, turning it into a monster. I had to use AI just to clean up their mess and follow coding best practices. Maybe you could suggest using AI to help them see the importance of structure!
You can’t control their actions, but sharing your experiences is important. If their app gets compromised, that’ll be a wake-up call for sure. Just be ready to help them out if that happens!
True! I’ll just have to deal with their bragging about their vibe-coded stuff for now.
Honestly, you've done your part by expressing your concerns. Sometimes people have to see the repercussions of their choices to truly understand. As for the app being exposed to the internet, that’s definitely worrying. An internal app shouldn’t be accessible externally without proper security measures, and your friend is taking a big risk by ignoring that.
Exactly! I told him the same thing, but he insists that nobody will bother to break in. It's crazy how many bots are out there looking for vulnerabilities!
Your friend’s approach is a recipe for disaster in the long run. Vibe coding may seem fast and easy, but it leads to chaos down the line, especially when they need to adapt their code. They might learn the hard way if something goes wrong. It's frustrating to watch, but you can only offer your advice. At some point, it’s on them if they choose to ignore it!
Thanks for the reality check! Maybe he needs to face the consequences before he'll realize it.
I totally relate! I've had to remind my peers that if you don’t understand how to code something yourself, you won't know when the AI messes it up. AI is a tool to speed up your work, not a replacement for your knowledge. I once used AI to convert an AngularJS app to React and had to double-check everything it produced because it missed key details. Being thorough with security is vital—don't trust what you can't validate!
For real! This friend hasn’t got a clue about how the AI works. He even added a footer saying 'powered by EJS' when he doesn’t even understand the framework!
Lol, that’s a clever approach! Using AI against vibe coding could definitely show them the difference.