Tony
3d ago
Vibe coding boom will get many end users in trouble.
While it is a huge leap forward that allows enthusiasts to bring their ideas to life, majority of the new apps will be built in a reckless way by clueless people.
At the same time building something that does not interact with user data while improving your project is a win-win.
For example, I finally managed to automate my 3 year old project @Bitcoin Calendar and it now automatically posts historical Bitcoin events to Nostr. I know the code is bloated and ugly, I don’t know (yet) how to fix this, but automation works and that’s good enough for now.
PRs welcome 💜 https://github.com/Bitcoin-Calendar/calendar-bot
While it is a huge leap forward that allows enthusiasts to bring their ideas to life, majority of the new apps will be built in a reckless way by clueless people.
At the same time building something that does not interact with user data while improving your project is a win-win.
For example, I finally managed to automate my 3 year old project @Bitcoin Calendar and it now automatically posts historical Bitcoin events to Nostr. I know the code is bloated and ugly, I don’t know (yet) how to fix this, but automation works and that’s good enough for now.
PRs welcome 💜 https://github.com/Bitcoin-Calendar/calendar-bot
Tony
•
3d ago
Replying to @npub14q8uf
It’s high time to get into cybersecurity or at least start being extra cautious about the apps you install and share you sensitive info with.
See translation
See translation
16
13
0
0
0
Replies
Luxas
@Luxas
3d ago
Your user's account data is safe if you use Nostr login for an app 😏
See translation
0
0
0
0
0
Tony
@Tony
3d ago
That’s just a tip of an iceberg. Nostr login does not protect from man in the middle attacks, weak certification validation, excessive app permissions, and so on and so forth
See translation
0
0
0
0
0
Luxas
@Luxas
3d ago
Well, you're right. But, I was directly addressing your point about, "At the same time building something that does not interact with user data while improving your project is a win-win." Of course, things outside of that in the app/host layer is important to lockdown, as you mentioned.
See translation
0
0
0
0
0
Tony
@Tony
3d ago
I see, I probably should’ve worded it better. I felt like app permissions and bad encryption practices fall into this bucket, cause if attacker gets a hold of your server or orchestrate a MITM attack, they’ll be able to get their hands on stuff users wouldn’t want them to.
See translation
0
0
0
0
0
brito
@brito
3d ago
As rule of thumb, never store private keys in plain text and always aim to have them decodes at the client side.
Assume everything will be leaked. There is always a balance between usability and privacy.
The only thing private on NOSTR tends to be private messages and the private key.
Assume everything will be leaked. There is always a balance between usability and privacy.
The only thing private on NOSTR tends to be private messages and the private key.
See translation
0
0
0
0
0
ภ๏รtг๏ภคยt
@ภ๏รtг๏ภคยt
3d ago
We're getting to a point where anyone can make anything, if they smooth talk ai.
Alot of the things I've built are built with the help of ai. Free ones everyone knows at that....
Why would I spend hours on themes, colors, layouts, etc if I don't have to? Lol
Alot of the things I've built are built with the help of ai. Free ones everyone knows at that....
Why would I spend hours on themes, colors, layouts, etc if I don't have to? Lol
See translation
0
0
0
0
0
BarbellsAndBitcoin
@BarbellsAndBitcoin
2d ago
Honestly not even close to this for anything beyond simple projects. At this point it will empower non engineers to write horrible code that works for happy path coding. A non engineer doesn't even know what to prompt for.
Meanwhile experienced engineers can use it to make rapid progress on larger projects.
But it's a very long way from say prompting the next Unreal engine or a game like Halo. Or even a complex web platform which I use it for daily. Very helpful. No way can it reason across the entire stack in a cohesive way reliably., but brainstorming architecture patterns is amazing. And always gets you dirrctionally right if you know what you are prompting for.
Meanwhile experienced engineers can use it to make rapid progress on larger projects.
But it's a very long way from say prompting the next Unreal engine or a game like Halo. Or even a complex web platform which I use it for daily. Very helpful. No way can it reason across the entire stack in a cohesive way reliably., but brainstorming architecture patterns is amazing. And always gets you dirrctionally right if you know what you are prompting for.
See translation
0
0
0
0
0
ภ๏รtг๏ภคยt
@ภ๏รtг๏ภคยt
2d ago
Knowing what your prompting for and how it works makes a big difference.
Vibe coders will be forced to actually learn things if they want what they build to actually WORK how they envision it working.
Ai can do alot, but not everything.
Vibe coders will be forced to actually learn things if they want what they build to actually WORK how they envision it working.
Ai can do alot, but not everything.
See translation
0
0
0
0
0
Tony
@Tony
2d ago
Exactly. I’m pretty sure we’re not talking about building Unreal Engine here, but rather about simple code snippets and mini apps that improve your productivity or automate some of your project’s processes.
Prompt is the difference between a working and a broken script or app. When I started coding Bitcoin Calendar i simply talked to AI like if it was a developer. The result was a disaster. Now I spend hours on understanding and formulating what I need, studying documentation to my best ability, using AI to compress my thoughts and findings into a specification, and only then I press “go”.
Yet even now, as I have a working product, the time spent reading and understanding how AI approached the task and what came out of it, made me realize numerous pieces that I should have approached differently. I am in fact planning to redo the
Prompt is the difference between a working and a broken script or app. When I started coding Bitcoin Calendar i simply talked to AI like if it was a developer. The result was a disaster. Now I spend hours on understanding and formulating what I need, studying documentation to my best ability, using AI to compress my thoughts and findings into a specification, and only then I press “go”.
Yet even now, as I have a working product, the time spent reading and understanding how AI approached the task and what came out of it, made me realize numerous pieces that I should have approached differently. I am in fact planning to redo the
... See more
See translation
0
0
0
0
0
BarbellsAndBitcoin
@BarbellsAndBitcoin
2d ago
Agreed. Use it to become a better coder and it will become more useful in your hands.
See translation
0
0
0
0
0
Tony
@Tony
3d ago
100%
The catch is: you know what you’re doing.
The catch is: you know what you’re doing.
See translation
0
0
0
0
0
ภ๏รtг๏ภคยt
@ภ๏รtг๏ภคยt
3d ago
Kinda. I'm just learning JS dude. Lol.
Ai has been a great help.... break everything into chunks. Learn what does what and why...
Ask for this or that to happen, learn, debug, repeat.
Anyone can build anything now, or I wouldn't be able to build on nostr with my 8th grade education and heavy drug use that's thankfully behind me now. 💜🫂
Ai has been a great help.... break everything into chunks. Learn what does what and why...
Ask for this or that to happen, learn, debug, repeat.
Anyone can build anything now, or I wouldn't be able to build on nostr with my 8th grade education and heavy drug use that's thankfully behind me now. 💜🫂
See translation
0
0
0
0
0
Tony
@Tony
3d ago
Same here, and I didn’t get this excited about anything since I learned about Bitcoin.
My point is: be careful as an end user and be responsible as a developer - vibe or vibeless.
My point is: be careful as an end user and be responsible as a developer - vibe or vibeless.
See translation
0
0
0
0
0
BarbellsAndBitcoin
@BarbellsAndBitcoin
2d ago
This.
See translation
0
0
0
0
0
Dan Jones
@danjonesio
3d ago
Was thinking the same thing a few days back. A lot of this vibe coding will result in security practice failures.
See translation
0
0
0
0
0
BarbellsAndBitcoin
@BarbellsAndBitcoin
2d ago
100%
See translation
0
0
0
0
0