Lols
AP: 'Moltbook' social media site for AI agents had big security hole, cyber firm Wiz says
"...Moltbook exposed private data of over 6,000 users, Wiz reports
Security flaw tied to "vibe coding," where AI is used to code a site..."
Discussion
Loading...
@ai6yr People tend to assume AI writes magic universal “best practice” code. But I’ve never seen it follow secure coding practices unless you specifically stated and reminded that it’s a requirement. We’ll probably be seeing a lot more “vibed” exploits in the near future.
@johnofrobotz @ai6yr Is “vibed” synonymous with shitty code?
In my experience (ChatGPT only), it readily spews out "almost there but not quite right" code which compiles, but doesn't actually do what you want... not quite. Unless it's a very simple common thing that has been coded and posted a lot. So an experienced coder can use it to build some framework and make it work, but an inexperienced "vibe" coder keeps on trying to get it to generate something it can';t and they can't quite describe, because it requires you to understand what you are doing... and they (the vibe coder) doesn't know what to ask for, nor how to decide if the code works properly or not.
@ai6yr @johnofrobotz So a vibe coder is an untrained, undisciplined coder. Why would an organization want such an employee? Seems like they’d produce garbage code, but at least they have the possibility of being trained and learning.
@meltedcheese @ai6yr The misuse of AI in vibe coding is that the AI is allowed to be the expert and accepting code without review. Experienced developers need to guide the process and also review every change. Vibe tends to just take whatever the AI 💩 out. I also catch some models “fixing” things I didn’t ask it to which can be annoying too. Review everything like it is a junior programmer.