That’s how we get apps leaking passwords in plaintext, databases exposed to the public, and backends that collapse under their users pressure. Let’s talk about why it’s getting worse, and how we can make it better.
Juniors, AI, and the Lost Art of Thinking
The tech industry is in a weird spot. Over the last decade, a flood of junior developers, many from bootcamps or non-traditional paths, joined the workforce. That’s not a bad thing - everyone needs to start somehow and there are brilliant ones among them. But here’s the problem: too many of them never had the chance to learn real algorithmic and architectural thinking. They often build by assembling (previously from stack overflow, today with usage of Copilots and ChatGTPs), not by designing. And the need of the market was such big, that many of them dropped studies to start their career in commercial companies.
Especially now we can see AI-generated code powering production systems. Sounds "future", right? Except that research (like Apple’s research on reasoning models) shows these models don’t really "reason." They mimic patterns. They copy. On challenging (non-standard) problems, their accuracy collapses significantly. Essentially, if your app can be constructed from hundreds of lines of code that were scrapped from thousands of projects, it will work. However, if it require additional “magic,” it will not. Imagine attempting to explain your ingenious idea for a novel type of UI or algorithm to an AI assistant. Are you daring enough to try?
So now we’ve got juniors pasting in code they don’t fully understand, some of it generated by AIs that don’t understand it either.
The Startup Trap: Speed Kills (Your Architecture)
Every founder is chasing the "next big thing." Investors want traction, fast. AI has only turned up the heat. Everyone’s building faster, and faster means skipping steps.
We see this all the time:
- Security? "We’ll add it later."
- Architecture? "Let’s just get the MVP out."
- Code quality? "We’ll rewrite it when we raise."
Spoiler: Later rarely comes, and when it does, it is accompanied by pain and tears.
Instead, teams end up with brutal backends, unscalable APIs, and cauliflower infrastructure held together by duct tape. When you build fast and dirty, you pay the price eventually, in downtime, lost trust, and data breaches.
When Quick-and-Dirty Turns Into Danger
Let’s look at a few real-world examples:
- Yoojo: A European gig platform accidentally exposed 14.5 million files, including passports and personal data, via a misconfigured cloud bucket. Just a simple setting forgotten in the rush.
- Meta: Yes, that Meta. For years, they stored user passwords in plaintext, visible to thousands of internal engineers. It wasn’t a hack. Just bad internal practices that nobody questioned for years.
- Uber, Capital One, Equifax... pick your favorite breach. Most weren’t caused by advanced hackers, but by sloppy design choices: unpatched libraries, hardcoded credentials, missing firewall rules.
This isn’t rare. It’s more common than You think. With AI accelerating code production, we’re generating more code, but not necessarily of higher quality. This leads to the repetition of functionality, duplication of code, inconsistent architecture, chaotic data flows, and unsupervised dependencies.
So... What’s the Fix?
The great news is that this can all be avoided. And no, the answer isn’t “slow down.” It’s start smarter. Trust me, this will save you a lot of time. I mean, A LOT.
1. Design Before You Build
Map out what the app needs to do. Identify sensitive data flows. Think about users, permissions, and worst-case scenarios. A little time in Figma, Miro, or even on paper can save months of rework later. Use good design patterns and think before writing code.
2. Build With Security in Mind
Security isn’t something you add at the end. It should be built into your system from the start. Use end-to-end encryption, role-based access, and secure defaults. If you’re working with sensitive data, frameworks like our PrivMX platform make privacy-by-design easier.
3. Don’t Blindly Trust AI
AI tools like Copilot or ChatGPT can speed things up, but they also make mistakes, sometimes dangerous ones. One study found 40% of Copilot’s code suggestions contained vulnerabilities. Use AI as an assistant, not an authority.
4. Choose Smart Foundations
Don’t reinvent the wheel. Use frameworks and platforms that prioritize compliance, scalability, and security. If you’re integrating AI into your app, check out tools like DeepFellow, which help you build AI features which works responsibly and transparently.
5. Refactor as a Habit
Treat technical debt like financial debt: manageable in small amounts, deadly when ignored. Set aside time each sprint for cleanup. Document decisions. Keep your stack healthy.
Summary
Building fast isn’t bad. Building thoughtlessly is. We need to stop treating app development like a weekend hackathon and start acting like it matters, because it does.
Data breaches aren’t just bad PR. They’re business killers. And the best way to prevent them isn’t a better firewall, it’s a better plan.
Think. Plan. Design. Secure. Build. Then ship.
Please, no more apps on napkins.
Author
Błażej Zyglarski
With more than 20 years of professional experience as an academic lecturer, fullstack/mobile developer and founder of IT companies and foundations operating in the EU market, Błażej has always put data protection, encryption and security first. In his private time, Bałżej is passionate about smart home systems, 3D printing and board games.