> A company i worked for, had their MySql server unprotected on the internet for no reason at all. They still used MD5 too. Another company saved credit card information in their DB with a simple generic key in code accessable by everyone.
So your argument is that since we had incompetence before, let's have more of it?
I'm saying that this was already a issue before, its not a new issue and we have to deal with this the same way as we did before: Security experts, audits etc.
And you continue doing so with every other point you are making.
Just because some random people think they can vibecode real products, doesn't mean that this didn't happen before just slower.
A company i worked for, had their MySql server unprotected on the internet for no reason at all. They still used MD5 too.
Another company saved credit card information in their DB with a simple generic key in code accessable by everyone.