It's complicated. Firstly, don't love that this happens. But the fact you're not willing to provide tolerance to a commercial tool that costs maybe a few hundred bucks a month but are willing to do so for a human who probably costs thousands of bucks a month is revealing of a double standard we're all navigating.
Its like the fallout when a waymo kills a "beloved neighborhood cat". I'm not against cats, and I'm deeply saddened at the loss of any life, but if it's true that (comparable) mile for mile, waymos reduce deaths and injuries, that is a good thing - even if they don't reduce them to zero.
And to be clear, I often feel the same way - but I am wondering why and whether it's appropriate!
For me I was just pointing out some interesting and noteworthy failure modes.
And it matters. If the models struggle sometimes with basic instruction following, they're can quite possibly make insidious mistakes in large complex tasks that you might no have the wherewithal or time to review.
The thing about good abstractions is that you should be able to trust in a composable way. The simpler or more low-level the building blocks, the more reliable you should expect them to be. In LLMs you can't really make this assumption.
I mean, we typically architect systems depending on humans around an assumption of human fallibility. But when it comes to automation, randomly still doing the exact opposite even if somewhat rare is problematic and limits where and at what scale it can be safely deployed without needing ongoing human supervision.
For a coding tool it’s not as problematic as hopefully you vet the output to some degree but it still means I have don’t feel comfortable using them using them as expansively (like the mythical personal assistant doing my banking and replying to emails, etc) as they might otherwise be used with more predictable failure modes.
I’m perfectly comfortable with Waymo on the other hand, but that would probably change if I knew they were driven by even the newest and fanciest LLMs as [toddler identified | action: avoid toddler] -> turns towards toddler is a fundamentally different sort of problem.
With LLMs we're all becoming managers. Good news is we'll get more done. Bad news is that we'll have to get way better at persisting mid-state process status (I sometimes ask my LLM "could you summarize what we were talking about and why"), tracking outstanding tasks (linear for our agents) and jumping between contexts.
I am also finding work is becoming more tiring. As I'm able to delegate all the rote stuff I feel like decision fatigue is hitting harder/faster as all I spend my time doing is making the harder judgement decisions that the LLMs don't do well enough yet.
Particularly tough in generalist roles where you're doing a little bit of a wide range of things. In a week I might need to research AI tools and leadership principles, come up with facilitation exercises, envision sponsorship models, create decks, write copy, build and filter ICP lists, automate outreach, create articles, do taxes, find speakers, select a vendor for incorporation, find a tool for creating and maintaining logos, fonts and design systems and think deeply about how CTOs should engage with AI strategically. I'm usually burned pretty hard by Friday night :(
I'm convinced it's some kind of SV-induced "culture of hyper-productivity", the only apparent goal is to be _more_ productive. Endlessly. There's no goal, or end-state, or reason, other than to just be productive. Downtime? Wasted productivity time! Hobbies? Wasted time unless you can monetise them! Get an AI to do it, and be _even more_ productive!
I have been coding on and off (more off than on) for 47 years. I kinda stopped paying attention when we got past jquery and was never a fan of prototypical inheritance. Never built anything with tailwind, Next.js, etc. After spending some time writing copy, user stories and a design brief (all iterative with ChatGPT) cursor one shot my (simple) web app and I was live (once I'd spent a couple hours documenting my requirements and writing my copy) in 20 minutes of vibe coding.
I've been adding small features in a language I don't program in using libraries I'm not familiar with thhat meet my modest functional requirements in a couple minutes each. I work with an LLM to refine my prompt, put it into cursor, run the app locally, look at the diffs, commit, push and I'm live on vercel within a minute or two.
I don't have any good metrics for productivity, so I'm 100% subjective but I can say that even if I'd been building in Rails (it's been ~4 years but I coded in it for a decade) it would have taken me at least 8 hours to have an app where I was happy with both the functionality and the look and feel so a 10x improvement in productivity for that task feels about right.
And having a "buddy" I can discuss a project with makes activation energy lower allowing me to complete more.
Also, YC videos I don't have the time to watch, I get a transcript, feed into chatGTP, ask for the key take aways I could apply to my business (it's in a project where it has context on stage, industry, maturity, business goals, key challenges, etc) so I get the benefits of 90 minutes of listening plus maybe 15 minutes of summarizing, reviewing and synthesis in typically 5-6 minutes - and it'd be quicker if I built a pipeline (something I'm vibe coding next month)
How do you deal with security for web stuff? I wouldn't host anything vibe-coded publicly because I'm not enough of an expert in web/frontend to even double-check that it's not generating some giant holes.
The same way you do security for manually written code. Rigorously. But in this case, you can also have AI also do your code reviews and suggest/write unit tests. Or write out a spec and refine it. Or point it to OWASP and say, look at this codebase and make a plan to check for these OWASP top 10.
And have another AI review your unit tests and code. It's pretty amazing how much nuance they pick up. And just rinse and repeat until the AI can't find anything anymore (or you notice it going in circles with suggestions)
Yeah, some of these comments make it sound we had zero security issues pre-AI. I think the challenge is what you touched on, you have to tell the AI to handle it just like anything else you want as a requirement. I've use AI to 'vibe' code things and they have turned out pretty well. But, I absolutely leaned on my 20+ years of experience to 'work' with the AI to get what I wanted.
If you never put your personal side-project on the public web you had very few security issues resulting from your personal projects. We weren't talking about companies in this thread.
Are the frontend folks having such great results from LLMs that they're OK with "just let the LLM check for security too" for non-frontend-engineer created projects that get hosted publicly?
If you live with your parent in a double wide in a trailer park and need to work at the local Target every night since high school to make enough money to help pay for groceries for the family, you might have a harder time working 100 hour weeks on the off chance that you'll raise a round and start a company. You probably also don't know many VC's or live too close to where they hang out.
Anyone can start a billion dollar business. Anyone who does so is probably extremely smart and extremely hard working. There are some very smart, hard working folks for whom the path to starting a company is harder than for others.
If you're venture based and were expecting another round sometime soon. With higher interest rates there were more compelling alternatives for LPs than to invest in Venture, causing a trickle down chilling of the fund raising environment for venture backed companies and requiring them to come up with accelerated plans to reach profitability - including cutting staff and optimizing for survival over growth.
To :+1: this, even if it's a book - there is a central thesis - a headline and a sentence that tells you whether you want to read more. "Your pet could save your life" - The six surprising reasons that people with pets live longer than others.
Then each chapter has the same: "Getting in touch" - why stroking your cat soothes your body. Etc
You may even have sections within the chapters and each can follow the same format.
Thousands of years ago it was enough just to write down stuff you've learned, call it "Meditations" and hope people would still be reading it in the distant future.
Now if it's just "stuff I've learned about coding" or "things that make me happy" you're going to need an extremely strong hook to tie that together and build an audience.
So start with a single thesis and decompose from there. Inverted pyramids all the way down :)
He's right, but having failed a number of times, after you've put all your savings into the business, fired all your team, notified and disappointed all of your investors and customers, helped your team find new gigs, filed all the dissolution paperwork, handled all the taxes, disposed responsibly of all of the assets and you now find yourself out of work and often out of cash, occasionally you'll forget to jump through all the hoops to close down all of the SaaS accounts before you stop paying the bill personally to host the email accounts.
Of course perfect world you shut down earlier and in a more orderly fashion, but there are so many cases of companies almost failing and then not, it's hard to shutter a company when there is a chance you may go out of business - especially when you feel you're getting close to another raise or becoming default alive :(
If it stays private, not only do your existing shares appreciate (which would also happen if it was public), but as an existing investor if you have pro rata rights, you can buy more shares (vs them being sold in a public offering) increasing the number of shares you have that will appreciate.
Its like the fallout when a waymo kills a "beloved neighborhood cat". I'm not against cats, and I'm deeply saddened at the loss of any life, but if it's true that (comparable) mile for mile, waymos reduce deaths and injuries, that is a good thing - even if they don't reduce them to zero.
And to be clear, I often feel the same way - but I am wondering why and whether it's appropriate!