Something’s been bugging me about how new devs and I need to talk about it. We’re at this weird inflection point in software development. Every junior dev I talk to has Copilot or Claude or GPT running 24/7. They’re shipping code faster than ever. But when I dig deeper into their understanding of what they’re shipping? That’s where things get concerning. Sure, the code works, but ask why it works that way instead of another way? Crickets. Ask about edge cases? Blank stares. The foundational knowledge that used to come from struggling through problems is just… missing. We’re trading deep understanding for quick fixes, and while it feels great in the moment, we’re going to pay for this later.
  • NaibofTabr@infosec.pubEnglish
    10·
    4 days ago

    ever since libraries have been a thing, the majority of developers have just used the libraries without really understanding what goes on inside them. And that’s not necessarily a bad thing — the entire point of abstraction is so that developers can focus on the stuff they need to get done while ignoring the already solved problems.

    Nobody but nobody has time to know what’s in every library they might need to use. Who among us truly understands their network stack, all 8 layers?

    senior devs have to spend all their time doing code reviews and editing and refactoring codebases that nobody else understands.

    That’s OK we will just train AI to review and refactor for us! I’m sure everything will be fine.

    Vulnerable code will be with us forever. The system will always be Swiss cheese. If you think you understand common mistakes, enough that you can review other peoples’ code for them, there’s work for you in infosec for sure.