[conductr]

This is a contrived situation. Most of the apps in discussion see little to no use and go dead soon after launch. The vast majority are collecting little data of negligible risk.

If a user is confident enough about a no name company that they give them enough info to make identity theft a possibility, it was only a matter of time before a spammer/phishing attack gets them anyway

[Capricorn2481]

> Most of the apps in discussion see little to no use and go dead soon after launch

That's not convincing. Of the apps that do get used, the vibe-coded ones will likely be unsafe.

> If a user is confident enough about a no name company that they give them enough info to make identity theft a possibility

That's completely unrelated. You can give a company very little information. Any of it being leaked is unacceptable. You can find a lot from an email, or a phone number.

People are taught, by CNBC, by suits, by hacks, that you can trust the apps on your commercials and it will be fine. It likely won't be, and your response is exactly why. Many of you are apathetic to the idea of doing right by people.

So people are manipulated, and some of them are elderly and don't even understand how computers work. This is reason enough to care about what they are exposed to, not say "let's burn it all down with shitty vibe-coding because users are dumb anyway."

We're supposed to be better than this.

[conductr]

> Of the apps that do get used, the vibe-coded ones will likely be unsafe.

What's the threat though. As in, what's at risk. A leaked email address? Probably. Enough info to have your identity stolen as prior commenter had mentioned. Probably not.

> That's completely unrelated.

Umm, no, it's related due to the prior commenter claiming that was the risk in their contrived situation from prior post mentioning identity theft.

> Any of it being leaked is unacceptable. You can find a lot from an email, or a phone number.

Everyone's email has already been leaked somewhere. It's not private data. This is like saying your bank account number is confidential financial information and ignoring the fact it's printed on every check you write.

> Many of you are apathetic to the idea of doing right by people.

> We're supposed to be better than this.

I object by simply saying I'm just being realistic. Data leaks somewhere, everywhere, sometimes, always. You're choosing to live in a fantasy land where this doesn't happen as if it wasn't the very true state of the world long before vibe coding came along. Sure, it's not my ideal state. But it is the actual state of things. Get real.

[somebehemoth]

Vibe coded apps are by definition less secure. The more vibe coded apps, the more risk to users' data. Nothing you've said changes these facts.

That you think vibe coded apps may not collect PII, or that all PII has already been leaked is not at all realistic.

[conductr]

This is the same thinking that PHP is unsafe thus can't use PHP. Meanwhile, PHP is running countless billions of commerce just fine every day. Sure, vibe coding has most likely not gone through some common sense checks for security. SQL injection is likely higher risk, XSS risks, etc. But I just don't believe your assertation of risk is realistic either. There's always a risk.

[Capricorn2481]

I use AI and PHP, so I'm not someone unfamiliar with either.

> This is the same thinking that PHP is unsafe thus can't use PHP.

No, it's not the same because you code in a programming language. You don't code with vibe code, you let something else tell you there's code and you don't look at it. It's different on every level. Unless you're copy-pasting without understanding the code, which, as far as I'm concerned, is just as bad.

> Meanwhile, PHP is running countless billions of commerce just fine every day.

It is famously *NOT* running just fine. It *CAN* run just fine. But the freedom of what you can do in PHP and the low barrier to entry has led to Frankenstein apps with higher than average security issues. I work in legacy software, lots of PHP apps.

You seem to be under the impression that people are saying all apps were secure before vibe coding. That is not the case. But the scale of risk is far greater. Programming safely requires diligence. Instead you're saying "well maybe if we pay even less attention to what we're writing, it will be just as safe." That's irresponsible.

> There's always a risk.

There's a risk of me dying in a car accident. That doesn't mean I'm going to let my toddler drive for me.