Viktor
00:00:00.000
You cannot let AI just deploy to production unsupervised Because it has no idea what to do.
Viktor
00:01:14.639
I mean, there is something wrong with everything, but, uh, I, I have a strong suspicion that you're aiming at something in particular.
Darin
00:01:22.417
Well, most people probably start out vibe coating. I'm assuming you did. I know I did.
Viktor
00:01:37.427
No. Why? I'm kind of, I'm reviewing code done by others and I'm instructing others. How to write code. What's wrong with that?
Darin
00:01:49.633
Like somebody told me the other day, the only thing he really understands is fix it. 'cause it's not working. He goes back into types, fix it. Okay. That's Vibe Coding 1 0 1. If you don't know the phrase, fix it. That's what you want to use.
Darin
00:02:04.153
I, I think really everybody starts at vibe coding. I, I think that's fine. Sometimes you're just trying to figure out what, okay, here are the perfect people to do vibe coding, in my opinion,
Darin
00:02:14.501
product owners or product managers. Go with me here for a second. Architects, because those two people probably use word invisio more than anybody else in a company. So why not give them the tooling to be able to just sort of get something going? Maybe, maybe not right? It's, it's a whole lot better than a VIO document or whatever the VIO thing is today.
Viktor
00:02:38.926
Lemme just clarify something. Uh, if I'm not mistaken, vibe coding, whomever came up with the term was trying to say, Hey, I explain my vibes what I want, and AI does everything else basically unsupervised. Most people when they say vibe coding are. These days, meaning, Hey, do this and I'm watching you. I'm confirming and denying you to do things. I'm giving you additional instructions. Are you thinking about the formula or the letter when you say web coding?
Darin
00:03:18.843
O okay. It does, it doesn't work, which is gonna be the key part we're gonna get to, but it's not a, a bad way for somebody that is not a developer at all to sort of get something going.
Darin
00:03:28.593
The but the danger, there's a danger in that. But go ahead and complete your thought.
Viktor
00:03:32.428
it's very good actually for new applications, right? And those applications are very focused on specific feature. That's it. Think of them as microservices or micro sites, right? So if you're in HR and you need. To sort the candidates for, uh, to join your company in certain way. That's perfect for vibe coding, right? It can do it in one shot or if you want, uh, to create a website for, I dunno, your hobby, whatever it is, perfect for vibe coding, right? So, uh. If that's what we mean by vibe coding, those are the good use cases starting from scratch. Relatively small scope, work on until is done right. Hopefully that person doing that will spend time, uh, explaining, you know, the style or intention, what's not. Then it works well. The problem come when you start working on. Real applications and real is the wrong word because all the applications are real. But you know, existing applications more complex, right? When adding a feature means, writing, I dunno, thousand lines of code and that being drop in a bucket 0.01% of the total code base, right? Then things become complicated. And those, those are the cases where I don't believe in vibe coding from that perspective. Like I explain you what to what you should do, and you and I come back to you when you're done. Uh, I would call it unsupervised. AI completely breaks, breaks apart, does, does silly things. but for hr, and I'm using them as example. Or your personal something application, you need something done. It's perfect. It's amazing. Uh, lovable, for example, is a great example of a big success story for that.
Darin
00:05:42.894
So you're actually reinforcing a, a point that I have, I have a couple things written down. some of the pros of vibe coding, rapid prototyping and faster initial development. Right. Perfect for that. That's, that's what we want and that's the reason why I was saying architects or product owners or product managers that are trying to come up with something that's good for them. Right. That's, it's better than giving me a, what they think is a requirements document.
Viktor
00:06:08.547
I would say your examples were right, except I'm not sure that I would agree about architects.
Viktor
00:06:20.187
you know, it's, it's about. Being an architect, me meaning considering all the different variations, doing different types of, uh, experiments. Figuring out what it, it's, it's a lot of work, but everything else I agree.
Darin
00:06:34.544
Okay, another one's useful. Proof of concepts. Throw throwaway code. It's exactly what you want it to be, but let's say you've vibe coded something now. And you're ready to turn it into production. It's gonna be an internet, public, internet facing application. I vibe coded something and I said, deploy to the internet. What could go wrong?
Viktor
00:07:05.692
Everything will go wrong. I mean, again, if it's that HR something, something, then it's, it's gonna be fine, most likely. Right? But if you're talking about now moving into doing that with real business applications, you know, those that make money or those that lose money, they stop working, then everything will go wrong. Uh, we are not even close to unsupervised ai. A lot of things are needed for that.
Darin
00:07:32.731
Think about the basics. As humans, we still do this. When was the last time you hard coded in an API key and committed it to get? It's been a while, probably. Hopefully.
Darin
00:07:43.919
But let's go through a standard vibe coding session. Hey, I see that you need to interact with thing that needs an API token. What's your API token Copy paste. Okay, thanks. I'll go ahead and take care of that for you. That's what's gonna happen.
Viktor
00:07:59.984
think of it in terms of, a human, ignore AI for a second, right? Let's say that you just hired some kid that just graduated university, but that kid is a genius, knows everything. It's absolutely the most brilliant person that ever walked this earth. Can you let him on day one operate your production system? And just to give you a clue so that you don't provide an answer that, I don't want you to provide is that that kid knows nothing about your company, doesn't even know whether you use AWS or Google or Azure.
Darin
00:08:41.313
Let me answer it this way. His day one will be your last day period. That's what would happen.
Viktor
00:08:51.934
Exactly. you need to teach that person so person knows what that person knows and let's say that it's very experience for, so you still need to have, I dunno, maybe a week, maybe a month, maybe a year. Of training so that that person understands how your company operates. No matter how skilled, or even if you take a most senior engineer that ever walked this earth, that person is not going to deploy to production day one, right? Not because that person doesn't know stuff, but because he has no idea. What you're doing, how you're doing, where you're doing, kind of, what are your policies, what are your rule books? Where, where are you even running that? Do you have your own data center or you're running it in, in the AWS, right? There are so many things that that person wouldn't know no matter how, how good that person is. And that's the problem. And I'm going back to your initial question, right? You cannot let AI just deploy to production unsupervised Because it has no idea what to do in the context of your organization, not what to do in general. Carro knows a WSI have zero doubt about that. Right.
Darin
00:10:08.668
But again, I'm thinking about security issues primarily in this episode. In a later episode, we're gonna be talking about technical debt and vibe coding, but this one I wanna focus on security. Now, in theory, a well vibe coded app would apply all the oasp top 10 things to everything it creates
Darin
00:10:31.408
should. But guess what? It's not going to, if you think back a couple episodes where we're talking about the MCP servers. And you were just doing a raw agent with no, no directions at all. Going back to your, this is the first day, you're not going to have a good app.
Viktor
00:10:48.394
Can we agree for a moment that whichever permissions or whatever you're allow, allowing that AI to do are the same things that you're allowing other people in your company to do.
Viktor
00:11:02.974
Yeah. You're not giving it more kind of like, oh, everybody needs to create a poor request, but you specifically, you can just, uh, push to main. Right. We are not talking about that
Darin
00:11:12.951
Correct. This would be, so your, your agent that's doing the work would have the same level as the standard SRE that's doing the work.
Viktor
00:11:24.543
Then what makes you think that that would be bigger disaster than a random person in your company doing the same
Darin
00:11:30.740
Oh, I'm not saying that the deploy isn't, that could be. It would be exactly the same. What I'm talking about is the actual creation of the application that's going to be deployed.
Darin
00:11:47.150
okay. So with Joe, Joe knows to go ahead and do input sanitization. Joe knows well be Is Joe the day one person?
Darin
00:11:59.870
Okay. Okay. He's day one. Yeah. So it would be host. Yeah. He would have no idea.
Darin
00:12:04.865
A a 10 year, 10-year-old Dan. Dan would know because he's been in the company and knows we gotta do input, standardization. Here's our standard frameworks, here's all of our other things.
Viktor
00:12:17.298
Okay, so now we are coming to the, we, we started this, I mean not started, but established a few moments ago that okay, we are treating that AI same as human give. That AI courtesy of giving all the information that you, you gave to that person over that year or whatever period was there, right? Then would necessarily the difference be that big in the outcome?
Darin
00:12:42.580
It should not be. But most people, if they're just vibe coding, they're not gonna know that.
Viktor
00:12:48.431
there are physical limitations, right? Kind of. We don't allow literally pushing to main branch. Right? That's physically not allowed. Type of situation in many zillion of other policies, right? And for those, doesn't matter whether it's ai, whether it's job, whether it's Michael, whomever he is doing needs to obey the same rules and that there is a knowledge. And that's a big difference, right? So yes, if the question is, hey, can we give inexperienced person or AI or whatever. In experience in this context does not understand how this company work permissions to do, stuff and we expect the right things. Uh, you are a fool, but that applies equally to people as to as to ai.
Darin
00:13:35.900
This is where AI is not gonna solve the problem, I guess is where I'm getting back to, is
Darin
00:13:40.940
I, I don't know how many times I've been on a project to where. The phrase comes out, well, we'll take care of security later. Does it ever happen to you?
Viktor
00:13:51.678
I mean, it happened. Yeah. I'm not a good person to ask because I was usually the cause of those security issues, but some other person, yeah.
Darin
00:14:03.808
right, but usually we would always push those things off till the end, right? Security gets pushed off, testing gets pushed off. All we've just gotta get it out. We, you know, the, somebody went and played golf and now instead of shipping six months from now, we have to ship in two weeks. These things happen, but vibe coding is not going to make that magically go away.
Viktor
00:14:21.975
Actually, not magically, but it's one of the ways why I believe we have a chance for those things to go away. Let me explain all those examples that you just said. You know, all those, uh, we are gonna push security for later and we are going to push implementation of this thing for later. And so why, why are we pushing those things
Darin
00:14:44.861
The reason why we're pushing those things is we don't have the time to deal with them right now.
Viktor
00:14:48.639
exactly, precisely now, if AI can help reduce the burden in some other area. And free your time to do those things. Isn't that a win-win?
Darin
00:15:05.182
but in the context of, okay, I'm just gonna vibe code my auth in and au z for everything
Viktor
00:15:11.041
no. think of it. And I think that we have false expect of wrong expectations of ai, right? Kind of, people go to extreme. Oh, I'm going to write a single sentence of something and, and it's going to do something marvelous. And then, uh, there are two extremes of that outcome. It's kind of, oh, this is horrible. It doesn't work. Right? And the other extreme, usually influencers on YouTube, car, oh, look at it. Create it successfully created a game, right? It's full expectations. AI is a tool. It's a tool that has a very big potential to be very, very helpful. It's, but there's any other tool. The outcome greatly depends on a person using the tool, Stack Overflow is a tool. We cannot, we shouldn't blame Stack Overflow for all the mistakes done before ai, right? Uh, we should blame people who are actually using that tool. Visual Studio Code can do auto complete. Now, if, if Phoenix Experience person or somebody just says, accept, accept, accept, accept. Do we blame how to complete? It's a tool and you need to be skilled at using it, and that means that you need to understand how the tool works. You need, and you need to have the domain knowledge behind what you're doing. Anything less than that is not going to work, no matter how capable or incapable the tool is.
Darin
00:16:47.378
You are sending me down a different rabbit trail. I'm gonna try to pull you back.
Darin
00:16:52.778
Okay. So let, so we've gone down this really big path of what you should do, but let's go back to the people that are just vibe coding and putting their app out on the internet.
Viktor
00:17:12.315
The first thing that happens is that those people for the first time in their life got, uh, an application running, which is awesome. Right. we're still talking about
Darin
00:17:26.237
It's awesome, but now it's on the pub. Let's, let me spin it around. Let's say that, um, I spent some time this weekend and vibe coded a, oh, let's call it a dating app,
Darin
00:17:42.235
and I have said, oh, just come here and I've actually got some budget. I spend some money on ads. I drive traffic to that site.
Darin
00:17:55.217
Vibe coded everything. Oh, by the way, when it created everything, it went ahead and put in the root password. Uh, what I didn't know is it actually put in an administrative standard administrative console in that everybody in the world already knows it exists. So now all the data has now been exposed. And by the way, I was charging credit cards and instead of actually doing integration with Stripe, I just decided to save the credit cards locally. And because that was, or excuse me, I didn't decide. The vibe decided I'm, I'm gonna go ahead and give it a name. The vibe decided just to save the credit cards locally, because that was the easiest thing to do.
Darin
00:18:33.110
This is what happens when you allow vibe unattended to run your life. Your life becomes miserable.
Viktor
00:18:55.919
Same person, same knowledge, experience, doing the same goal. No code. Any difference. Ignore the, the amount of time needed to do it.
Viktor
00:19:10.243
Um, spend more time. But not sufficient learning the basic of ht TP and Jason, uh, sorry, and JavaScript just enough to, to succeed the bare minimum, to succeed somehow. Any difference,
Viktor
00:19:31.162
right? What I'm trying to say is that, yeah, that person just accomplished the equally disasterous outcome faster. It's not that that outcome wouldn't happen without ai. I mean, maybe it wouldn't happen because that person wouldn't be motivated, kind of, oh, I can do this in a day, otherwise it'll take me a week. Hence, I'm not going to do this. So the disaster never happened. I give you that. Right? But still, I would even, I could even argue that there is a chance. I dunno whether that's today or tomorrow, but maybe actually with no code, something something or self code, bare self, uh, thoughts. Bare minimum, uh, the outcomes would be probably the same, but with ai, maybe there is a chance that that AI would be trained in a way to actually tell you. Do you understand that you're exposing the password? So now I'm going even in a direction that actually maybe actually with AI, that this is the same scenario. Assume that person is willing in all three scenarios to, to do it. No matter if it takes in other scenarios more, maybe AI would actually warn that person, maybe that person would learn something that otherwise wouldn't be learned with the no code or um, the bare minimum self-taught.
Viktor
00:21:05.564
No, no, absolutely not. I'm, I'm just trying to say that, you know, that was, that was being done and happening before. I mean, come on, ver uh, you can do the same thing with Versel today and in a day.
Darin
00:21:22.466
No, I understand that. I'm just saying that people that are not aware of what it takes to actually run an application on the public internet thinking they're gonna vibe code something and make a million dollars by the end of the month.
Darin
00:21:40.556
Yeah, that's, that's what I'm talking about. again, I'm gonna go back to the beginning. There is a space for vibe coding, coming up with the ideas. Quick prototype. Heck, I've done it. But let's say you're a senior and you've been tasked with working on a new Greenfield project using your idea as well. There is nothing wrong with vibe coding that idea and turning around faster. Just because your PM doesn't want to do it. I'll just. Make
Darin
00:22:10.611
or failing faster, right? Being able to fail fast is a wonderful thing. But now let's say you vibe coded the example. The proof of concept manager sees it, boss sees it, let's ship it, then you as senior says, no, no, no, no. Wait a minute, wait a minute. This is the equivalent of shipping an Excel spreadsheet to act like a real database.
Darin
00:22:36.920
So although you've got to a shippable item, now you've gotta go back and actually create it as a project. So take your vibe as your input into actually creating the true product requirements, because if you think about it from. The olden days, like two months ago, you would have people work for three to four years to write a product requirements document that would then get reviewed by five or six different teams over the course of one or two years that would then been handed off to somebody about year four to start implementing. And oh, by the way, if you need to talk to those people, they've already left the company. Whereas now you as a senior can take the code that you've written, use it as an input, have your model, create initial PRDs. And in fact, this is my standard right now is I may vibe a, a couple of things just to get some ideas going and I'll say, go ahead and create me an epic for this thing. And I'll chat with it a little bit more and you know, sort of get the epic where I want it. And then I'll go in in a new context because I've saved the Epic and I was like, Hey, go read this Epic. Yep, got it. Go ahead and create work item PRDs for me and break all those down and let's work through those. Guess what I can do then now I can go to the stakeholders. It's like. Here's the epic. What do y'all think about this? I probably won't show 'em the work items. I might show a couple of them. 'cause some of the work items that I've seen generated for me, have provided items to me. It's like, I didn't even think about that. Yes, I need that.
Viktor
00:24:29.020
Or imagine that same epic you say, it's done. Not done as if we are gonna mer we are never going to merge this to, to Maine, but kind of like, here's the epic and here's the working solution. That is not good. You know, it's, it's far from what it should be. Right? We can, you can, you can feel it, you can see it, you can touch it, you can discuss it And then we are going, going to throw it to trash.
Darin
00:24:53.333
but now I've got budget and I've got a plan. Yes, I, we, we. Virtually threw it to trash because we could still go back and reference. It's like, oh, okay, yeah, we could do that. 'cause we could still iterate a little bit on that. But hopefully, because we use that as the baseline, now we have the true base that we're building from.
Viktor
00:25:10.852
You're probably based on that Fastly done implementation, you're probably going to refine a bit more PRD, right? Lessons learned, and then when you start working on it, it'll be. Even faster.
Darin
00:25:27.264
Oh, by the way, I'm actually not doing the coding. I'm having the agent or agents take the work items and go do the work. The PRDs could be issues in GitHub, JIRA, whatever. It doesn't really matter. It just even mark down files in the repository itself. Lots of different ways to solve that. That doesn't matter. What matters is I got something going. It's probably highly insecure, probably something I would never want the public world to have access to. Probably not even to my public company firewalls. Right. You know what I mean? My, my little team can work with it. I'm fine with that, but as soon as we start exposing it for anybody else to use outside of my team, that's when the real app has to come into place. That doesn't mean I have to write it. Going back to the Dan example, being there 10 years that knows that he has to use this framework 'cause it's the company level framework on doing things, it's like, oh no, I've trained, trained. I've taught the mo. I haven't taught the model. Going back two episodes about MCP servers, I've got an MCP that understands the workflows of what has to be there when things get created Greenfield, it's like, so you have somebody come on the team. It's like, well, I don't know how to code and go. It doesn't matter. Your agent that you're managing knows how to code and go.
Viktor
00:26:43.361
the, the question is really, if you're doing more seriously than previous examples, the real question is, do you know how to read go so that you can smell bad or wrong direction? If you know, then you, you're fine.
Darin
00:26:59.498
Yeah, we're at the point now to where this is coming back full loop. You have people today that are vibe, coding applications that are putting 'em on the public internet and having all sorts of bad things happen. But as you said. They ship something to the internet that they had never done before. So that's the upside they, do you think they understood whatever was being written, probably Python or JavaScript? No. Why do we think we need to understand? I mean, yes, we need to understand it. It would be great if we did.
Viktor
00:27:32.997
I also suspect that those cases, like I'm going to stick with example hr, right? I think that this is very, very temporary solution. What we are doing right now with generic. Model is generic agents. I'm pretty sure that very, very soon we will see more focused solutions for HR in general. Kind of like hr, ai, kind of like that prevents you from exposing passwords. You can still do bad things, is honest forth, right? But imagine when, when we start getting more focused solutions.
Darin
00:28:14.070
We won't need a ton of developers anymore. You think about, okay. You're using hr, let's, let's go broader than that. There was usually a team or a certain amount of people that always worked on internal applications for a company. Now, if I can have somebody, just the HR person themselves, start working on something, that's the vibed solution that then that gets handed over to the D vibes. I'm making up lots of words here. That actually take the vibed solution and turns it into a real solution. That might take a day. It might take a couple of weeks, it could take a little bit longer. But if you think about how a typical internal application worked two months ago, that could get really sped up now.
Viktor
00:29:05.190
Yes. It'll be sped up for sure that I have zero doubt. My main concern whether that being sped up will mean that team that worked only on inter internal applications, I'm following your example, will be decimated or the team will stay the same and finally be able to fulfill all the needs. Internal needs that they, they've been struggling to fulfill for 20 years.
Viktor
00:29:48.465
There, there is, there are always those, right. But I just hope that there will be a lot of, the lot latter cases.
Darin
00:29:54.954
Because sure you can ship a vibe to thing. Great, that's all good, but what's the trade off on that? It would be no different than here. Here's my analogy. You've been using other analogies. Here's my analogy. A, a vibe DAP is no different than bringing in. Back in my days in the nineties, you bring in a busload of consultants from a company, drop them in your office. It's like, Hey, we need this app in three weeks. And then they're out and gone in three weeks. It's the exact same thing. They don't understand context, they don't understand the company, nothing. In fact, they spent the first full week going through, you know, consultant onboarding to the company, and now you've already burned one week of the three.
Viktor
00:30:36.173
Yeah. But as you said it, right, if it's, I assume that in this context you mean vibed by inexperienced person, right? Um. Still imagine how helpful that could be if that, if that inexperienced person gives you vibed application and saying, can you actually make this instead of opening your Jira ticket, and you are the person from that in team working your internal application.
Viktor
00:31:09.277
Yeah. Can play. This is, I mean, it's not working right? It's, it's, it's, I under, I understand that, uh, I've been told by CEO, you, you remember how last week I exposed passwords? Now I understand that I cannot do that. Right? I'm not doing it again, I promise. But here it is, right? This is what we really need. conceptually, this is a mock. that alone is, is tremendous help because alternative is I give you a Jira ticket that doesn't explain what they really need because they don't know what they need. Then you work on it and then you give it to me and I say, that's not what they need. You know, the cycles. And then it takes half a year just to get to some decent point where, and, and it's, it's not that we are not getting there because I don't know what I'm doing. Or you don't know what you're doing. But because we don't understand each other, we don't, we, we don't really click and, uh, manage to speak the same language and you just gimme the application that we'll be thrown the trash, but they know what you, what you want.
Darin
00:32:14.259
I think really done correctly a person vibing, paired with somebody that knows. The full context of the company, whether they actually physically know it or they know how to interact with that full context of the company that pair, you know, going back to the two pizza teams, this is the one pizza team. Having somebody that know has the business domain knowledge of the problem to be solved and with somebody that's technical. 'cause usually the business person isn't technical and usually the technical person isn't business.
Viktor
00:32:48.940
You can even say, you know what? I'm not throwing your outcome to trash. I can build some kind of mechanism, system filters, call it whatever you want. You gimme your stuff, and then I enhance it with, with my things to make it production ready. Why not do that? I'm gonna pass it through security scanners. I'm going to check whether there are any confidence. There is a confidential information. I'm going to check that it applies our coding standards and what's not, right? Whatever the rules are. And guess what? You're probably already having those rules. anyways. We already do security scanning, right? We already have policies that prevent certain things from happening. We already have code reviews, right? We already do all those things. The major issue with that, a hypothetical HR person, by coding it without really knowing what's happening, is that the outcome will increase. The amount of work we need to do. Right. Kind of like it'll be a bigger review. Correct. It'll probably detect more security issues than normally. Right. But that's still less work than nothing. Kind of like having, starting from scratch.
Viktor
00:34:09.893
Yeah. From Exactly. So do you prefer a working solution that has more security issues to fix than normal or, or GE issue? What feels better?
Darin
00:34:22.371
If you answer Jira issue, you probably shouldn't be listening to us right now. I, because I'm thinking about. This. I mean, I hadn't really thought about this specific use case we're talking about today, but this is major and because now I'm the technical person, the technical of the pair, and you were talking about, okay, we're gonna do security scanning, we're gonna do all these other things. Well, again, going back to episodes to the MCP server, maybe all that didn't exist yet. So now what I'm actually doing is I'm enhancing the MCP server. So as we get these other vibed apps from the company, now we have the standard workflow in place to make sure, okay, security scan in place, look for exposed credentials, look for just all the things, and we just keep refreshing that MCP server. And once we update that, then as new apps come in. Or even better as new things are added to the MCP server, it goes and knows to check all the other apps that it's sort of under its purview. It's like, Hey, it was good before, but we've added this new constraint and guess what we, we found something. Here's the pull request. We've already put the pull request in. Go and check it out. 'cause that's where the human should be again, especially in corporations, if you're running unattended, any agents. That's dangerous period. Today. Today, I'm not saying it can't change over time, but today it's dangerous, but you gimme a PR as a human to review. It's like, oh, okay, I can do that.
Viktor
00:35:59.277
that's where companies. Come in. Right. whenever we got new technology in the past, and correct me if I'm wrong or if you disagree, right? One of the first things that company do with that new technology is to figure out how that fits into their system, Okay. So Kubernetes cool. What do we do, uh, security, how do we apply the same policies that we have elsewhere, like which ones do we adopt and so on and so forth. It's not something in isolation. We plug the technology into our system and build our processes and which assurances and what's not around as part being part of that system, right? We were doing that always more or less. It just that this is so new that we haven't gotten to do it. Yet, But in so not so distant future, I hope that that hypothetical scenario we're talking, that that will be some kind of company agent, right? That has certain restrictions and so on and so forth that goes through the same, essentially, the same conceptually, the same process as anything else. And when that happens then, then we are talking about work being faster while still complying to the same. Rules or conceptually same rules. Doesn't have to be. Technically, the problem right now is that it doesn't, We are all assuming that no existing company policies apply to this. We somehow make that assumption, and that's, that's wrong, right? Because we never did it before. I don't understand why would we do it now?
Darin
00:37:42.770
I don't know what's beyond wrong, but it's beyond wrong. For 'cause it's got to apply. I was just thinking about sort of the continuum of this. Let's say we had a, a vibed solution from HR that was about 20% and the technical person had about 80% to do because we're now codifying a gentrifying, again, making up words, all of the processes. So then when the next vibe thing comes along, maybe it's closer to 50 50. And then the next vibe thing comes along. Again, it's cycled through and the next vibe thing is 80 20. Now you're saying, oh no, the technical person's gonna lose their job because eventually it's gonna get to a hundred percent. Trust me, it'll never get to a hundred percent. It's sort of like an arrow doing halfway distance to the wall. It's never going to make it to the wall. It'll get close, but it's never gonna make it.
Viktor
00:38:39.698
It is similar. I dunno whether I had the same experience, how. We had the story when cloud appeared out. Is all ops going to lose drops now?
Darin
00:38:56.187
do I love vibe coating? Put me, it depends. There's a good consulting answer. It depends. Am I green fielding something? I think it's a good idea. Am I vibe coating a solution for an existing app? Maybe to test out a new feature for it. It's probably not a bad idea just to see how it works, especially if I'm new to the environment. But am I going to ship that vibe coated solution, high probability that I'm not going to.
Viktor
00:39:31.261
I still feel that I agree with you a hundred percent. but what I feel is the main reason for those answers is that whatever you're using for wipe coating, that's completely disconnected from everything else, right? Kind of. It's, it's almost like for many of us, and, and I'm the first one to admit this, this applies to me as well, right? It's disconnected from, from the company, it's disconnected from the system. It's, it's, it's completely, uh, al almost like a hobby that we are doing right now. We need to get to the phase that this, this is serious. This is institutionalized, right? Kind of the, I'm going to use Kubernetes as example. Oh, well I dunno. You can do cube a DM, you can do this and that. But then the company makes a decision. It says OpenShift, And it's set up over there and has the rules and now go use it. that's what's missing. Now, whether after that it'll be helpful. 5% or 95, I dunno. Right? But we are missing that phase that. Actually it, it's not you just downloaded from internet, uh, I know cloud code, but it needs to be part of the system. Then it'll become really useful.
Darin
00:40:46.533
But until that point, expect plenty of press releases about companies that have exposed passwords, credit cards, ages, social security numbers. You name it. What do you think? How bad is it really going to be? Head over to the Slack workspace, look for the podcast channel and look for episode 3, 2, 3, and leave your comments there.