This is why you can't blindly use AI

preview_player
Показать описание
Become a YT Members to get extra perks!

My Products

Useful Links
  1. Web Dev Cody
  2. web development
  3. programming
  4. coding
  5. code
  6. learn to code
Рекомендации по теме
This Is Why 0:29:30

This Is Why You Can’t Go To Antarctica

You Can't Handle 0:02:39

You Can't Handle the Truth! - A Few Good Men (7/8) Movie CLIP (1992) HD

You Can't Touch 0:05:29

You Can't Touch Anything

You can`t Buy 0:17:52

You can`t Buy this Machine, so I Built One

Avery Wilson - 0:03:34

Avery Wilson - You Can't Win (THE WIZ - 2024 Broadway Cast Recording) [Official Music Video]

Hakan Akkus - 0:06:03

Hakan Akkus - I Can't Be (Drop G & Regard Remix)

MACKLEMORE & RYAN 0:07:04

MACKLEMORE & RYAN LEWIS - CAN'T HOLD US FEAT. RAY DALTON (OFFICIAL MUSIC VIDEO)

Why You Can't 0:13:04

Why You Can't Find Your Passion

You Can't Be 0:09:33

You Can't Be Catholic and Pro-Abortion

Why You Can’t 0:05:58

Why You Can’t Be Fired in China If You Have This Stamp

Cody Johnson - 0:03:42

Cody Johnson - 'Til You Can't (Official Music Video)

Can't Get You 0:04:05

Can't Get You out of My Head (Cover) - AnnenMayKantereit x Parcels

This is why 0:17:30

This is why we can't have nice things

MC Hammer - 0:04:16

MC Hammer - U Can't Touch This (HQ)

Flo Rida - 0:04:06

Flo Rida - Club Can't Handle Me ft. David Guetta [Official Music Video] - Step Up 3D

This is why 0:08:57

This is why you can't blindly use AI

'I'M THE REASON 0:08:00

'I'M THE REASON YOU CAN'T WIN THIS FIGHT' by CALAPM • Most Powerful Action Sound...

Why You Can’t 0:34:18

Why You Can’t Turn Your Creativity Into ANYTHING

The SPIRIT of 0:36:07

The SPIRIT of DELAY is why you can’t progress! You’re in a spiritual warfare!

Why you understand 0:07:25

Why you understand English but CAN'T speak FLUENTLY

I can't show 0:03:52

I can't show you how pink this pink is.

Tyrus: If Oprah 0:08:24

Tyrus: If Oprah can’t save you, nobody can save you

Bebe Rexha - 0:02:57

Bebe Rexha - You Can't Stop The Girl (Lyrics)

Why You Can't 0:08:03

Why You Can't Name A File CON In Windows

Комментарии
Автор

btw, someone could have also pasted in a projectId=example.com# and the # would have ignored everything past the domain they provided. They could have also doing projectId=example.com/ and it would have treated the convex .site as a sub path on their own service. Basically, sanitize your inputs. dumb mistake. shout out to the guy who emailed me the info 🙌

WebDevCody
Автор

Wow, AI is a massive security risk; who'd have thought…

seancooper
Автор

The CEO of Nvidia told me I should though.

erikslorenz
Автор

Classic client side validation error. Error here: assuming the client is always sending valid input.

Happens to the best of us. Especially when not paying attention thinking it's not a "serious" service.

Source: Nasty cascading privilege escalation exploit from said client side validation. The type of mistake you only make once.

LiveType
Автор

what a good time to do bug bounty hunting

technologic
Автор

good thing you found out about it quickly

lazyprog
Автор

Imagine hackers intentionally create huge amount of obscure codes with security hole with some seo, and AI model trained with those codes.

doc
Автор

Need a code security reviewer AI to double check our coder AI

StevenAkinyemi
Автор

I am really starting to appreciate this Cody guy. He is not afraid of being honest and going back on the hyped stuff he tries. I love that.

paulroque
Автор

NOOO, Please don't ask AI to review the code generated by AI. If you are saving your time writing the code, take your time to review the code, and do it carefully. Don't take all the AI shortcuts, the code will be crap!

alexandrecolautoneto
Автор

Finally someone is talking about it. All those people going bonkers on how they created "SaaS" with AI, never bought that crap.

ahsanmasood
Автор

Do you think it can train itself over our .env variable values? I have been thinking about this now-a-days

Steel
Автор

I think the proper way to write code with AI is pretty similar to how we write code normally.

Copy changes incrementally, test the code changes, then make changes as necessary.
I have to admit tho it's pretty tempting to just make AI do all of the unfun stuff where you're in a hurry, fell into that trap as well

mmzzzmeemee
Автор

3:35 Wait, it's a side project yet you're just trying to ship stuff? How does that work

TheJort
Автор

am I missing something or can you not have allowed origins fix this globally… edit nevermind I just saw the part for alloweddomains

aiamfree
Автор

huge props for being transparent about this. this is a super easy (and unfortunately common) type of bug, and will only be more common as AI is leaned on more and more heavily

valhalla_dev
Автор

I will say this seems more like a code review and checking issue and doesn’t really have to do with AI too much. If you had learned this GO from googling, would you have caught that it had a security issue? I’m not sure that it coming from an LLM is the major issue. All really good points and steps to follow though!

Imjoshnewton
Автор

I've just become addicted to your videos! Great one as usual. 🔥

muhammedmaher
Автор

These kind of videos are so valuable. Please make more of them!

frowin
Автор

but wait man.. that architecture is highly sketchy tho. With or without ai

randomlettersqzkebkw