The Price of Vibecoding
-
A look into BizzFed’s security collapse, the Fediverse’s immune response, and the dangerous reality of relying on AI-assisted “vibecoding” for infrastructure.
-
A look into BizzFed’s security collapse, the Fediverse’s immune response, and the dangerous reality of relying on AI-assisted “vibecoding” for infrastructure.
This is again the pseudo discussion on how bad LLM coding is.
The original author said it themselves: their code, their responsibility.
How about we as decentralized social Web stop discussing how bad the tool is because it’s so accessible that a lot of people use it destructively? Instead we use diversity and variance and blame the tools user.
A sloppy 2FA or leaked passwords is nothing that a LLM can be blamed for. It’s the user that used the tool. The article said “don’t give the pipeline to LLMs” - and that I agree fully. But it’s a human who gave their pipeline away, this is a human mistake, not a technological one.
Yeah, the human mistake is to choose the wrong technology for the job. LLMs can be an amazing tool - id you have a problem that needs this kind of solution. Otherwise it’s hammer and screws all over again.
I personally refuse to blame the hammer.
PS: the whole discussion about the ecological and economical impact are a different beast but as the article didn’t touch in them neither did I.
-
A look into BizzFed’s security collapse, the Fediverse’s immune response, and the dangerous reality of relying on AI-assisted “vibecoding” for infrastructure.
LLMs and AI technology can be a good tool if used correctly but an over reliance of it leads to situations like these.
Using it “correctly” is not enough to make this a good tool.
You can’t delegate responsibility to an LLM in the sovereign and decentralised web as true sovereignty requires human vigilance.
Claude is provided by an US corporation. The author appear to be german. So like all/most LLMs, its controlled by a foreign corporation.
Even if it worked flawlessly and is properly used and reviewed, it’s still delegating sovereignty to a foreign nation. A german or EU company could invest huge sums of money to try to create a skilled LLM. There would still be an expensive subscription, a high environmental cost, and a dependency on a big corporation for daily tasks. Until recently, developers could accomplish a task independently once they learned to do that task.
-
This is again the pseudo discussion on how bad LLM coding is.
The original author said it themselves: their code, their responsibility.
How about we as decentralized social Web stop discussing how bad the tool is because it’s so accessible that a lot of people use it destructively? Instead we use diversity and variance and blame the tools user.
A sloppy 2FA or leaked passwords is nothing that a LLM can be blamed for. It’s the user that used the tool. The article said “don’t give the pipeline to LLMs” - and that I agree fully. But it’s a human who gave their pipeline away, this is a human mistake, not a technological one.
Yeah, the human mistake is to choose the wrong technology for the job. LLMs can be an amazing tool - id you have a problem that needs this kind of solution. Otherwise it’s hammer and screws all over again.
I personally refuse to blame the hammer.
PS: the whole discussion about the ecological and economical impact are a different beast but as the article didn’t touch in them neither did I.
I personally refuse to blame the hammer.
This is why I don’t like signing off commits as “authored by Claude”. If I am responsible for the code, it should be attributed 100% to my name. Putting anything else just gives me a way to deflect blame.
-
This is again the pseudo discussion on how bad LLM coding is.
The original author said it themselves: their code, their responsibility.
How about we as decentralized social Web stop discussing how bad the tool is because it’s so accessible that a lot of people use it destructively? Instead we use diversity and variance and blame the tools user.
A sloppy 2FA or leaked passwords is nothing that a LLM can be blamed for. It’s the user that used the tool. The article said “don’t give the pipeline to LLMs” - and that I agree fully. But it’s a human who gave their pipeline away, this is a human mistake, not a technological one.
Yeah, the human mistake is to choose the wrong technology for the job. LLMs can be an amazing tool - id you have a problem that needs this kind of solution. Otherwise it’s hammer and screws all over again.
I personally refuse to blame the hammer.
PS: the whole discussion about the ecological and economical impact are a different beast but as the article didn’t touch in them neither did I.
But it’s a human who gave their pipeline away, this is a human mistake, not a technological one.
In order to be responsible/accountable for any mistake, one would first need to be declared a conscious being. Luckily for us, nor AI nor any other tool has been declared such. So, as far as I’m concerned AI should never been considered responsible for anything.
I personally refuse to blame the hammer.
But since it’s a tool it should also not be allowed to sign or to author anything under it’s so called ‘name’. Van Gogh’s paintings are signed Van Gogh, not Van Gogh + the brand of the brush maker + the brand of the pigments he used (if he did not make his own).
The question should never have been about blaming the hammer (or the flint stone, or the nuclear missile, or the AI). That’s part of their trick to make it close to impossible to critic their work: wanting us to think this is ‘just a hammer’.
The thing is that by its very design (man made) that tool is more than just a hammer,
- it’s a take on the world (the whole world, ie see how they want to be allowed to use nuclear power, all the water they can get, and all the components for the sole purpose of keeping their privately owned AI working to generate themselves more profits),
- it’s a take on the society we’re to live in (what kind of society, what kind of political model, what kind of rules for them and for us, and
- it’s a take on the population… on every single one of us and what place/role/…job we can expect to get in that new society they’re creating without asking for our consent first… also by pillaging our very own work and productions.
So, by all mean, don’t blame the hammer but also don’t just consider it a mere hammer. It’s a fatal mistake.
I mean, no hammer has ever threatened our very ability to educate our kids (and ourselves)… Because in the end, it may very well what they’re after (not the AI, that stupid high-tech hammer, but those owning selling its services to… us), making it so that being an educated individual aka, a citizen of one’s own country able to analyze by oneself any new/unexpected problem and find ways to solve it by ourselves, may not be required anymore. Why not making it optional to even be able to think and to express oneself in more than monosyllables…
Edit: clarifications. + too many typos (I’m blaming the keyboard here, the tool itself, not the human handling it: it’s a real shitty keyboard :p)
-
But it’s a human who gave their pipeline away, this is a human mistake, not a technological one.
In order to be responsible/accountable for any mistake, one would first need to be declared a conscious being. Luckily for us, nor AI nor any other tool has been declared such. So, as far as I’m concerned AI should never been considered responsible for anything.
I personally refuse to blame the hammer.
But since it’s a tool it should also not be allowed to sign or to author anything under it’s so called ‘name’. Van Gogh’s paintings are signed Van Gogh, not Van Gogh + the brand of the brush maker + the brand of the pigments he used (if he did not make his own).
The question should never have been about blaming the hammer (or the flint stone, or the nuclear missile, or the AI). That’s part of their trick to make it close to impossible to critic their work: wanting us to think this is ‘just a hammer’.
The thing is that by its very design (man made) that tool is more than just a hammer,
- it’s a take on the world (the whole world, ie see how they want to be allowed to use nuclear power, all the water they can get, and all the components for the sole purpose of keeping their privately owned AI working to generate themselves more profits),
- it’s a take on the society we’re to live in (what kind of society, what kind of political model, what kind of rules for them and for us, and
- it’s a take on the population… on every single one of us and what place/role/…job we can expect to get in that new society they’re creating without asking for our consent first… also by pillaging our very own work and productions.
So, by all mean, don’t blame the hammer but also don’t just consider it a mere hammer. It’s a fatal mistake.
I mean, no hammer has ever threatened our very ability to educate our kids (and ourselves)… Because in the end, it may very well what they’re after (not the AI, that stupid high-tech hammer, but those owning selling its services to… us), making it so that being an educated individual aka, a citizen of one’s own country able to analyze by oneself any new/unexpected problem and find ways to solve it by ourselves, may not be required anymore. Why not making it optional to even be able to think and to express oneself in more than monosyllables…
Edit: clarifications. + too many typos (I’m blaming the keyboard here, the tool itself, not the human handling it: it’s a real shitty keyboard :p)
Thanks for the thoughtful answer! I’m indeed trying to separate too strong the tool itself from its circumstances of creation and maintenance, I realize.
One question though: the “they” you’re referring to are the corporate entities and their management, I assume - is there correct?
Because that’s where I agree and why I want to separate people from the tool - LLMs could be an awesome way to support in education and accessibility. So from my perspective you’re right and “have it backwards” at the same time: it is not only a hammer, it’s a huge opportunity that gets not only wasted but abused thoroughly.
To take your example: We have the foundation for nuclear energy but the people with the most power and influence choose to make a bomb instead.
To explain what I mean with “you got it backwards” from my perspective: LLMs especially in education and accessibility could be a huge boon. I’m working for example with a local model a “bearucracy supporter” that’s aimed to help navigate the abysmal and discriminatory way many institutions are set-up around where I live, making life for people really hard if they don’t have the education and/or experience to (ab)use such a system.
The same could be done for education - the toolset is perfect for it as it could be easily adjust to a pupils needs and speed - as an addition to the human to human interaction which is absolutely needed.
But instead … Reality clearly shows that my “could” world and your description are, well, somewhere between wishful thinking and unwarranted optimism from my side - your view is way more grounded in reality.
Your last paragraph reminded me of the invention of the loom and the surrounding industrial revolution - because we had smaller versions of this kind of hammer in the past and … Well, our track record is not good overall in using these advantages for all humans. “Not good” being an understatement I’m afraid.
Thanks again, you’ve given me a bit more to think about! Doing thet on my own though
-
LLMs and AI technology can be a good tool if used correctly but an over reliance of it leads to situations like these.
Using it “correctly” is not enough to make this a good tool.
You can’t delegate responsibility to an LLM in the sovereign and decentralised web as true sovereignty requires human vigilance.
Claude is provided by an US corporation. The author appear to be german. So like all/most LLMs, its controlled by a foreign corporation.
Even if it worked flawlessly and is properly used and reviewed, it’s still delegating sovereignty to a foreign nation. A german or EU company could invest huge sums of money to try to create a skilled LLM. There would still be an expensive subscription, a high environmental cost, and a dependency on a big corporation for daily tasks. Until recently, developers could accomplish a task independently once they learned to do that task.
Yes I’m german and yes all of the most used LLM services are non-European but there is also Mistral which is a French corporation. It isn’t true that Europe doesn’t have any LLMs.
Until recently, developers could accomplish a task independently once they learned to do that task.
That hasn’t changed. Devs can continue to accomplish a task independently.
-
This is again the pseudo discussion on how bad LLM coding is.
The original author said it themselves: their code, their responsibility.
How about we as decentralized social Web stop discussing how bad the tool is because it’s so accessible that a lot of people use it destructively? Instead we use diversity and variance and blame the tools user.
A sloppy 2FA or leaked passwords is nothing that a LLM can be blamed for. It’s the user that used the tool. The article said “don’t give the pipeline to LLMs” - and that I agree fully. But it’s a human who gave their pipeline away, this is a human mistake, not a technological one.
Yeah, the human mistake is to choose the wrong technology for the job. LLMs can be an amazing tool - id you have a problem that needs this kind of solution. Otherwise it’s hammer and screws all over again.
I personally refuse to blame the hammer.
PS: the whole discussion about the ecological and economical impact are a different beast but as the article didn’t touch in them neither did I.
I completely agree with your point. My blog post was more about the price that vibecoding has. Bizzfed paid that price as the maintainer/developer trusted the output of Claude and hasn’t checked it themselves.
-
Yes I’m german and yes all of the most used LLM services are non-European but there is also Mistral which is a French corporation. It isn’t true that Europe doesn’t have any LLMs.
Until recently, developers could accomplish a task independently once they learned to do that task.
That hasn’t changed. Devs can continue to accomplish a task independently.
That hasn’t changed. Devs can continue to accomplish a task independently.
This is changing. Not using a skill leads to progressively loosing said skill.
