← Back to context

Comment by firefoxd

2 days ago

Lovable is marketed to non developers, so their core users wouldn't understand a security flow if it flashed red. A lot of my non dev friends were posting their cool new apps they built on LinkedIn last year [0]. Several were made on lovable. It's not on their users to understand these flaws

The apps all look the same with a different color palette, and makes for an engaging AI post on LinkedIn. Now they are mostly abandoned, waiting for the subscription to expire... and their personal data to get exposed I guess

[0]: https://idiallo.com/blog/my-non-programmer-friends-built-app...

4 comments

firefoxd

Reply
alfiedotwtf  2 days ago

Developers with decades of experience still make basic security holes. The general public are screwed once they start hosting their own apps and serving on the Internet.

  • cube00  2 days ago

    There's something so innocent about the early days when even Microsoft thought we'd be running Personal Web Servers and hosting our own websites in a peer-to-peer fashion.

    Although cynically, in 1996 Microsoft would probably tell you anything you wanted to hear if it got you using Internet Explorer.

    The Personal Web Server is ideal for intranets, homes, schools, small business workgroups and anyone who wants to set up a personal Web server.

    https://news.microsoft.com/source/1996/10/24/microsoft-annou...

    • eddythompson80  2 days ago

      I always held the belief that we (as programmers and industry) failed the initial premise of the "distributed internet". On one hand, the core of the internet (whether its arpanet or even tcp/ip) was designed to be fully distributed, trustless, selfhostable, etc. The idea that you if you want an email you do a `pkg_add email`, want a file server, `pkg_add file-server`, want remote access, `pkg_add openssh` and you're done. But what we have today is [1].

      Securing all that got very technical and nuanced with hundreds of complex scenarios and tools and protocols. Tech companies raced to produce services the mass public can use, hiring hordes of very smart, expensive and technical developers to develop and secure, and they still get it wrong frequently. While the FOSS community adopted the "get good or gtfo" approach as in [1].

      The average person has no chance. That's why closed wall-gardened platforms like iOS and Android are winning.

      1: https://www.youtube.com/watch?v=40SnEd1RWUU

  • geraneum  2 days ago

    > Developers with decades of experience still make basic security holes.

    You see this type of template response copy pasted basically under any post/comment of this kind.

    I think at the end of the day we’ll be able to look back and see what/who fared better, based on actual data.