Hacker News Viewer

Top 20

Slightly safer vibecoding by adopting old hacker habits

by transpute on 4/3/2026, 1:53:15 AM

http://addxorrol.blogspot.com/2026/03/slightly-safer-vibecoding-by-adopting.html

Comments

by: tietjens

This is what dev.exe is great for, and it comes with Pi and its own coding agent Shelley preloaded. Also it’s incredibly fast and you can easily access the VMs from your phone.

4/8/2026, 5:54:32 AM

by: jillesvangurp

It&#x27;s a variation of sandboxing which is a great idea. Even just using a separate user account on your laptop provides some useful level of isolation (as long as you don&#x27;t give it sudo privileges). AI tools of course do some sandboxing of their own. It&#x27;s just that the constant nagging for permissions causes people to negate most of that by giving very broad access outside the sandbox.<p>The downside for me and the main reason I do use vms less than I did a few months ago is that I need my agentic coding tools to use development tools a lot. And those tools need a lot of resources. And I have those resources on my laptop. Which is a nice mac book pro with plenty of RAM and 16 CPUs. I can run vms on this thing without issues of course. But tools just run a lot faster when I run them outside those VMs. And agentic coding tools run builds all the time. We&#x27;re talking some really non trivial time savings here. Watching qemu build a thing for 10 minutes that I know should build in 45 seconds is painful. Especially if it happens over and over again.<p>The trick is doing sandboxing without performance impact. And very soon you&#x27;ll also want to be able to run local models. I&#x27;ve been toying with the latest qwen and gemma models on my laptop. I haven&#x27;t gotten around to doing coding with those just yet. But apparently they aren&#x27;t completely horrible at it. That won&#x27;t work on most cloud based vms. Unless you get a really big and expensive one. You could actually make that work if you only use them for a few minutes.

4/8/2026, 4:52:30 AM

by: codemog

I would guess OpenAI Codex and Claude Code are well into the millions subscriber range at this point. I would venture to guess the majority of them run in yolo mode. I have only seen a few horror stories on reddit. The same way any time you drive a car you can crash and die (many times through no fault of your own).<p>All that said, no way in hell I’m giving either access to production databases or environments.

4/8/2026, 4:49:47 AM

by: nzoschke

I’m building a claw &#x2F; vibe coding platform that’s business safe at <a href="https:&#x2F;&#x2F;housecat.com" rel="nofollow">https:&#x2F;&#x2F;housecat.com</a> and am also finding all the old Unix tricks working as well as ever…<p>- user and home directory for data<p>- crontab for scheduled jobs<p>- cgi for serving user space apps<p>- rsync for backups<p>We even rediscovered email patches but with agent to agent help making and applying them.<p>It’s simpler for us to operate and the agent to figure out.

4/8/2026, 5:41:21 AM

by: monksy

I&#x27;ve been successful with getting incus running with this for sandboxing the opencode session. I plan on writing a blog post on it.

4/8/2026, 5:14:36 AM

by: kstenerud

This is what yoloAI does. Automatically.<p><pre><code> # Create a new sandbox copying . as workdir (default container, but you can choose vm) yoloai new mybugfix . --isolation vm # attach to it (it has tmux already) yoloai attach mybugfix # Chat with the bot inside... # Happy with its work? Diff it to be sure yoloai diff mybugfix # Happy with the changes? Apply them to your workdir yoloai apply mybugfix # All done? Destroy the sandbox yoloai destroy mybugfix </code></pre> The agent stays isolated at all times. No access to your secrets (except what you want), no access to your workdir until you apply. You can also easily restrict network access.<p><a href="https:&#x2F;&#x2F;github.com&#x2F;kstenerud&#x2F;yoloai" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;kstenerud&#x2F;yoloai</a>

4/8/2026, 4:21:20 AM

by: trinsic2

IM new to Claude code but doesnt auth require a gui browser to authenticate the Claude session first time login?? Do you have to setup a desktop environment just for that?

4/8/2026, 4:27:00 AM

by: thwarted

Generally a good idea, but I&#x27;m not sure why you should even want to <i>fork</i> a git repo when a local clone should be sufficient. But this is probably a terminology mixup from the way github presents forks and clones.

4/8/2026, 3:21:52 AM

by: dfedbeef

the old hacker trick of using ssh

4/8/2026, 4:18:13 AM

by: VerifiedReports

&quot;Vibecoding?&quot;<p>Gotta love how someone downvoted this.

4/8/2026, 5:34:40 AM

by: hypersolo

[flagged]

4/8/2026, 4:02:05 AM