Comment by ehnto
4 months ago
> AI is unlocking computers for people who have never written a line of code in their life.
I don't think I can dispute the claim, but it feels more like someone who can't build a house being able to do it now that they have YouTube tutorials. Unless the person was already quite smart and competent, the house will probably have significant structural issues.
Is that a bad thing? For housing, governments the world over seem to agree that it is. But coding has never had a real attempt at regulation. You're going to end up with "vibe coded" production code handling people's personal and financial information, and that is genuinely a bad idea. A novice will not spot security issues, and AI will happily produce them.
I disagree that coding doesn’t have regulation. If you have never developed code in a professionally regulated industry such as Airworthiness then you haven’t been exposed yet to an area that requires rigorous process. There are regulated areas where software is regulated.
I have DIY’d an addition onto my house with professionally architected blueprints and engineering seal. During various stages, I would call the City who would send code inspection officials to incrementally sign off on my project’s progress. Other than pouring a new slab of concrete and electrical, I built it all myself to code. I followed YouTube tutorials.
My point is that DIY isn’t the issue - lack of oversight is. With standards, expert input, and review processes, even non-experts can safely build. AI-assisted coding needs the same approach.
All true but tell the average programmer that you think their industry should be regulated and they should potentially be held liable for their code.
This is not a popular opinion on software development circles - unless you're already in one of those regulated fields, like where a software engineer (a literal accredited engineer) is required.
But it's been an increasingly common talking point from a lot of experts. Bruce Schneier writes about it a lot - he convinced me long ago that our industry is pretty pathetic when it comes to holding corporations liable for massive security failures, for example.
We have to mature as an industry. Things like not staying up to date on third party dependencies, not including cybersecurity as part of the build pipeline, lack of static and dynamic analysis, not encrypting at rest secrets, etc
It is already costing millions of dollars and it’s just accepted.
I couldn’t build a house, but I did learn a lot of smaller skills I would have otherwise called a pro in over. Turns out changing a toilet is pretty much putting it in place and screwing on the pipe, and you can program keys to my Xterra by toggling certain controls in a certain order.
I wouldn’t expect a vibe coder to build a full featured app on vibes alone and produce a quality codebase, but for smaller tasks and apps it is just fine.