I've been noticing a trend that's dividing opinions in the tech sector: the famous "Vibe Coding" - that approach where you describe what you need and AI spits out complete code.
Just yesterday I saw a "startup guru" showing off on Twitter about launching a SaaS in 48 hours using only prompts. Today? His product is down due to a massive hack. The problem? He hadn't even implemented basic authentication on critical endpoints. 🤦♂️
And this isn't an isolated case. AI-generated code is riddled with vulnerabilities that go unnoticed because those implementing it often lack the knowledge to audit it properly. Can you imagine browsing the internet knowing that 1 in 4 platforms you use were built this way? Your privacy and personal data are at the mercy of a poorly written prompt.
The democratization of development has its dark side:
- Proliferation of quick but fragile solutions that accumulate massive technical debt
- Dependence on predefined patterns that limit real innovation
- Devaluation of deep technical expertise, affecting the training of new developers
In my experience leading development teams, I've seen how the obsession with speed eventually takes its toll. AI-generated applications often collapse when they reach a certain scale because they lack the solid foundations that only an experienced developer can provide.
I'm not against AI as a support tool (I use it daily), but blind trust in these systems is eroding the quality standards that have taken us so long to establish in the industry.
What do you think? Are you seeing these problems in your environment? Or do you believe the benefits outweigh the risks?
Top comments (4)
I confess, I am an AI skeptic but I can see a role for Vibe Coding, but as highlighted in this post, not for important systems.
Our society is increasingly dependent of information technology and it has become too important a foundation of our everyday lives to put it in the hands of AI, or "prompt engineers" who have no idea of how it works.
Engineering, in all its forms, has a common concern. It is vital that professional engineers know how and why things are constructed as they are, which is why I object to the term "prompt engineer" as it affords them (and AI tools) a level of competency and understanding they seldom possess.
It is not the question of AI programming or, previously, copying some stuff from StackOverflow.
The moment when one doesnt understand the code (or what one is doing in general), the result may end up in disaster. Security is hard.
But judging from the other posts, I am afraid yours will not receive much love, even though your post is IMHO very reasonable. :)
Hi Pavel, Absolutely agree with you and I think you have highlighted the critical issue. For all the hype and protestations of AI advocates, AI systems do not understand what they are doing.
There is a layer missing I think. AI and our brains are both engaged in probabilistic pattern matching but we are constantly double checking our findings for sanity. When we are unsure we might consult a colleague or check authoritative documentation. Only the foolish and dangerous release code they have no idea how/if it really works, never mind it answering the original request.
Hi Pavel, I don't use the DEV platform very much, but I agree with you that the main reason is not understanding the code, either from AI or StackOverflow.