top | item 43444379

(no title)

trw55 | 11 months ago

One dev allowed remote debugging which introduced a backdoor and what's really bad about it is there was no prompt that the remote debugger had been started. He said he thought it would make debugging easier. That was a wtf moment for me. Sure, introduce that feature if you know what you're doing. The devs seem really inexperienced which is concerning.

discuss

rvz|11 months ago

> One dev allowed remote debugging which introduced a backdoor and what's really bad about it is there was no prompt that the remote debugger had been started. He said he thought it would make debugging easier

This is just the start of the madness. Mistakes like this are typically from so-called JS/TS developers who ‘think’ they can maintain core browser technology.

We’ll certainly get more of these typical amateur mistakes in the AI age, and will certainly get this from vibe-coders who completely have no idea what they are doing.

This is a different league in engineering and we’re starting to realize that perhaps it is a bad idea to hire devs who have little experience in building production-grade browsers because they are too used to tolerating the clumsiness of the JS/TS ecosystem.

account-5|11 months ago

I'm not a JS/TS developer but am definitely a novice. I'm somewhat overly cautious when I deal with things that involve network programming and service, as I know my limitations around such stuff. With all that said, it seems like nothing new would happen since the pool of appropriately skilled devs is really small.

Just to note I'm not making excuses for the issue in the article.