This morning, while taking my break, I was scrolling in my car and stumbled upon this article "Stop paying for vibe coded apps". The article warns against non-technical users using AI tools to generate apps from scratch, trying to monetize them and how dangerous it can be to hand over your credit card information to an app no one seems to be responsible for.
Who is responsible for vibe coded apps?
Well, the answer seems obvious right? The people who vibe coded it and even more the entity (private company or individual) trying to monetize it. But are those people really aware of it? As mentioned in "The fourth industrial revolution and the future of internet", genAI is bringing coding skills to anyone, which I can imagine feels awesome for the people putting their hands in it and who are now able to build apps from scratch. They are probably experiencing the developer thrill! Yes, we love our jobs because the thrill of coding your way from a blank IDE tab to a functional feature feels great!
The lie Big Tech(s) seed to lure people into AI
That is only my humble opinion, but even though genAI is absolutely mind-blowing, I don't believe in the "god" concept, the one they are calling "AGI" which is some kind of ideation of what a "super-intelligence" would be. Let's keep our feet on the ground here. What kind of level of trust would we need to ship a bank application using solely genAI? Are we really gonna vibe code sensitive applications solely using AI-generated code in the future? Without even having a human review?
Ok, not all Big Tech(s) are the same, and unfortunately the world is what it is, which is that it is hard to survive when you're a newcomer in an already well-established industry.
The problem arises when the masses don't understand the subtleties of the lies they are being served by people just trying to survive in their industry. Because these lies become goals which then become achievements. So again, do we really want to let genAI vibe code all our software? Let's assume the necessary trust for us to rely solely on genAI to vibe code even our most sensitive applications is earned tomorrow.
Who is responsible for vibe coded apps?
No, you didn't read that wrong. I'm asking the same question, but with different parameters. If tomorrow we (as a society) rely on genAI to vibe code our applications, and in our specific parallel a bank application, who is gonna be responsible when a breach occurs that drains the bank accounts of the bank's clients?
- The bank?
- The developer(s) who vibe coded the app?
- The big tech who provided the tool to vibe code the app, I mean, in the end we pay for "agent" time to think about our issues.
Well my guess is that big tech(s) will never take responsibility for providing a tool (yes, suddenly it's just gonna be a tool and not a god-like sentient intelligence), so the bank will be to blame, which then will blame the developer(s) who were rushed into vibe coding an app to meet unsustainable stakeholder's deadlines.
The developers are responsible for vibe coded apps!
Of course, it has and always will be. What is changing is not this fact, but the notion of difficulty coding an app requires. Because, anyone can just say: "hey, I also can do that". That is true and that is great. The same way I can rebuild the electrical board of my appartment by myself, even though I'd rather have a certified professional do it. Why? In case of issue, to have someone to blame for! I legally want to protect myself if the entire building is going down into flames. I can also fix my car by myself, having doing mechanics in my early age, up to changing bumper of my van and injectors on the engine. So why am I still going to the mechanic? Exactly for the same reasons.
The new legacy rescue and the shift in responsibility
I've started to experiment it myself, trying to vibe code apps in Python, and ... even if the app seems to work, there are edge cases, where the AI seems incapable of fixing my issues and where I have no choice but to step in to fix it. And it feels ... well for someone who has been doing legacy rescue for years, it feels the same. Hard work, understanding the vibe coded logic, going through code I haven't written to debug it.
But "I" wrote the code here. At least I was the orchestrator behind it. Still, I have no fracking idea of the deeper logic behind it and debugging it is the same as debugging a new project that was handed over to me and developed by other developers.
What does change here, is that I'm taking full responsibility over the code written by the AI! It is like a legacy rescue job, without the ability to rely on the previous developer(s) to mitigate my own responsibility. Here, I'm solely responsible for what the AI wrote for me and to push my code to production, I'm only left with the hard work of legacy rescue and my thorough review.
Is it worth it?
I hope it will be. Currently, the paradox developers are going through is a mix between misunderstanding and misconception, from decision makers, of what the AI tools allow us to do. And, I'm not sure there is anyone to blame for that, it's just how every big change happens, by creating a zone of chaos before everything falls back into place.
It is of course better to start a project from a legacy rescue, even more if that legacy rescue has been well orchestrated by its architect, but it is still a lot of work to architect it and own the responsibility over it. I think that for any decision maker who is not new to the tech world, the legacy rescue is a good comparison, they can then start asking themselves, how much time they would have allocated before AI for their team to take ownership over the code handed over to them. To take full responsiblity, the same amount of time, if not more, is required.