As we all know, people like to categorize things, and this extends to grouping people based on certain characteristics of when they were born. The obvious ones are: “Baby Boomers” mainly based on the fact that there was a Boom in babies during that period. “Millennials” because they were at the turn of the millennium. While other groups are stuck with their holdover name like “Gen X”, “Gen Z”, and “Gen Alpha.”

I’d like to propose that the next generation being born and raised right now, which I think is “Gen Beta” will be known as “Generation AI” (aka “Gen AI”) because of the proliferation of AI tools becoming the new search engine.

In the past there were books, and group meetings to raise kids. Then people started googling and moving online, but there was usually other people grouped up in these sites. Now, though, you can do all that with AI. Asking AI nuanced questions and getting answers is the strength of AI.

So, now we are going to start seeing kids being raised by parents that will get a vast majority of their support through AI. Now, I am not going to make any sweeping thoughts on if this will be good or bad, but I do think it is interesting. Beyond to being “raised by AI”, this next generation will also have AI all through their life, similar to how “Gen Alpha” is a post-internet generation.

Anyway, I just wanted to make this post because I don’t think I have seen anyone try to coin the term for the next generation, and I found it interesting.

Now, as it is a new concept I do expect it to continue to evolve, and the processes around it to become a bit more concrete. But I have some thoughts on some aspects and the overall concept of how it might play out.

vibe coding vs googling

Let’s start with the obvious, what this is replacing. Before vibe coding started taking off, one of the most common ways to “generate” code was to use google. You’d often end up in places like StackOverflow where you might find a snippet close to what you were trying to do. You’d then copy and paste this – and it doesn’t work! Because you still haven’t updated it to work with your actual code. You still have to do a bit of critical thinking with how the code actually works and how you need to update it to make it work for you.

In most cases, this isn’t seen negatively. You simply need a function and get a boilerplate that is 90% of the way there. You update it. And it works.

Now sometimes copied code “works” out of the box and you can straight up paste it and run it without thinking. This is what I think early vibe coding was without the AI wrapper we are seeing now. And that is usually when people start running into trouble, because they didn’t really analyze how the code works and down the line it could end up being the thorn in the lion’s paw.

What the function is doing, if it is inefficient, or could even created vulnerabilities – this wasn’t considered by the developer. But, hey, it works, so all is good! “That’s a problem for future me” is what many would say to justify this.

vibe coding vs no code solutions

Where I can see a strong use case of vibe coding is as a no-code solution. There are already many tools out there that position themselves as low-code, visual-coding or no-code - and now we can add vibe code to that mix. In all intents and purposes you may not even need to see the code when you are “truly” vibe coding, so services like https://lovable.dev/ already are pushing for this “no need to view the code” mentality. Compared to https://www.cursor.com which is more adjacent to helping you with the code, but you can still just have it make something and run with it.

My opinion here is that a blind box solution can work but only in highly scoped solutions, but the real winner will be the more open-box solutions. There still will be a need to understand some concepts of programming - but that need is getting smaller all the time.

dabbling in vibe coding at a ctf

I would be a bit amiss to not including how I’ve dabbled in the idea of vibe coding.

There was a CTF I was at recently where, as with most hacking or red-teaming, anything goes. To that effect, I wanted to focus on what commercial AI models could do when it came to some of the challenges.

If you’ve not participated in CTFs (this was my first real life event) before, they are usually a mixed game of knowledge challenges, riddles and puzzles. Usually there are clues in the name or description of the challenge on what might be the way to complete it or where the flag might be. From there it is up to you think about the approach and what exploits or vulnerabilities exist that could get you there.

Vibe coding these exercises worked extremely well with one major caveat, you still need some baseline knowledge to guide the AI to the right place or be able to discern when the AI might be going off track. Now, I’ll admit that I am still a novice with CTFs, but by shifting to include AI in a way where I directed it what I needed, tested and reworked the code with it, I was able to successfully complete quite a few challenges.

At this point, I am fairly convinced that the tooling is at a point where this tooling is able to heavily accelerate the skills of threat actors to a point that adoption is required for those on the defense. I like to think of this as part of the evolution from one threat actor with one machine, to the many threat actors each with fleets of machines, to each threat actor to now a fleet of agents on a fleet of machines.

This has brought out a new layer of resources available to threat actors that need to be considered.

dabbling in general

Additionally to trying a bit of vibe coding with the CTF, I have also found AI helpful when I need a quick script made in a language I am comfortable with, like python. I generally know what I need, how to phrase and and can review the code (yes, I am not the best vibe coder in that sense) if needed.

I have also managed to generate an, albeit janky, app built on JavaScript and html. It wasn’t anything mind blowing, but it really does show that the generalist models, like Gemini 2.5 Pro, can handle complex functions and files. However, I want to reiterate that it still required a lot of coaching and realigning the AI to get it to stay on track.

Occasionally, once it got stuck on a loop of a problem it couldn’t fix, the best option was to have it generate a new handoff prompt and spin up a “new” chat and get that instance up to the same speed. I would bet that the dedicated tooling is much better, but I have not tested them just yet.

vibe coding and security

One of the largest concerns about vibe coding is the quality of the security of the code. This is where I think a lot of the ethos misses the mark. Sure, you could just “vibe out” a cool new app, but if you aren’t considering security in either a secure-by-design (which I guess that would mean to make sure the AI agent is prompted to consider it?) nor in code reviews (which is against the core idea of vibe coding), nor implementing any security testing – then this is just a disaster waiting to happen.

There are already instances of this already happening. So, yeah, this isn’t ready for primetime at its current state. It reminds me of when someone might spin up a VPS with LAMP and maybe Wordpress and then not put in any security controls around access to the server, and then within a few days it becomes compromised. It’s not that it isn’t a secure option - it’s just that it wasn’t considered correctly.

pre-requirements to be a good vibe coder

So what makes someone a good vibe coder? Or better yet, what makes good vibe coding? I think there is still a heavy need to actually understand what you are making - even if it is just handed to you and “works.” Beyond security concerns, there is just the ability to know what the code is doing and how it could be improved and what limitations it might have at that moment.

Will we get to a point that we don’t need to look at the code? Probably, or at least close to it. But for now we should recognize the limitations, but understand the fact that this can help someone really accelerate their coding proficiency.

Design Decisions

The application itself is a bit of an opinionated look at how RSS, and other feeds in general, should be consumed. Rather than trying to capture everything and let you know what you have read, what you haven’t - it focuses on what is new now and consuming that content. This does help with having a high volume of content from your feeds where you just want to see what is happening - but if you want to keep up with a certain feed, this does not support that.

A more ephemeral RSS

At its core, this application will feed you a chronological list of your feeds. It will only update them when you open the application, and doesn’t sync between devices (by design). This means, if you don’t use the app all the time, or maybe don’t open it often on one device, you will notice a desync between your apps. This is even noted in the FAQ.

Supposing you have it installed on an iPad and your phone, and you read an article maybe a few weeks ago that you wanted to find. If you try to find it on the iPad you won’t see it in the feed. On the phone you would be able to find it, so long as you have your retention set long enough on your feed. Now, yes, you can save the article into one of the tags, like the “liked” tag, and that will sync - but I often will read items and then days later think about them and want to find them.

In my case, I can look at my phone and see about 32k total items, on the mac I see 22k and on an iPad I see 15k items. Note that in all I have set an unlimited retention. As you can see, if I want to find something I read, my best bet would be to use my phone to find it, then save it and then it will sync.

FOMO Overload Management

This does help with one thing I do struggle with a lot when it comes to RSS feeds, FOMO. When unread counters climb and I have thousands of posts just sitting there, I just want to close the app and ignore it. But by not showing unread counters and focusing on the now, I feel like I can keep up with my feeds, even if they post dozens of articles a day.

However, it doesn’t solve all my FOMO - there are the feeds that I do want to both see everything and know what I might have read and what I have not. Usually these are low volume, smaller blogs or sites - which usually only post a handful of articles that might have built up. This app does not help with that.

You can create filters and folders to help consolidate those feeds of interest, but because of the lack of “full” syncing and no automated way to indicated if you have read something - I find myself wanting to better track these feeds.

In short; I no longer feel overwhelmed by the number of articles, but now feel like I am missing the ones I really want to see.

Social Media Syncing (Bluesky, Mastodon, etc)

Taking a step back, I also want to touch on the types of feeds you can add.

For social media, like Bluesky and Mastodon, it does a nice job of rendering the posts. However, if you want to do more than just read them and either interact with them, view by author, or filter them - you have to do this all in the native app.

You cannot:

• Reply
• Block/Filter
• Select the author to see all posts synced
• Search based on the meta data

So unless you have a really curated home feed, you may not want to connect your account, and instead manually subscribe to posters that you really want to see in your feed. Otherwise you might get inundated with content you just don’t want to mentally sort through.

At that point, I would rather just open the social media app, or use something like OpenVibe if I want to consolidate my socials a bit more.

Youtube Feeds

With YouTube, when you log in it auto defaults to the “for you” page. There is a recent push against this and using the subscription feed instead, per Technology Connections - YouTube.com. Reeder.app can help with seeing the content chronologically and without needing to remember to select your subscriptions feed. Just like any other feed, you can add the channels and see them when they are posted.

The biggest complaint I have with the YouTube integration, is that I cannot log in and sync down my subscription feed. Ideally, I would be able to log in, select the subscriptions I want to sync, and an option to add new subscriptions automatically, so that when I am on YouTube proper I can subscribe there and it will automatically be synced (or I have the option to check it off).

Right now, I need to manually search for the channel and add it to Reeder.app in addition to possibly subscribing in YouTube.

Additionally, the way videos (regardless of source) are handled in the app could be improved;

• Videos should float to the the bottom and keep playing when you scroll, like how the podcasts work.
• When playing a video the only way to get to a scrub bar is by selecting the fullscreen button, and then you can scrub the video. But then exiting fullscreen pauses the video and you have to tap it again to continue to play it.
• Play position isn’t saved when you leave and come back. This is most likely a limitation on how the videos are handled, but it would be nice to have it remember your position.

Podcast Feeds

Similar to YouTube, you can manually subscribe to podcasts and have them in your feed. This is helpful for podcasts that might be only relevant to the current time, like News podcasts. But, if it is a series or something you want track what you have listened to - this isn’t the app to put them in.

I do like that when you are playing a podcast it adds the player to the bottom. I would like to see a way to queue up some podcasts. I often will be scrolling and see something that would be interesting and will want to listen to it next but I have to either wait for the current one to end or just stop it and move to the next one.

Filtered Feeds

This is a new feature, so I do hope it improves. But it is very limiting I feel.

• It only supports include all terms include any terms or include exact term. For example I cannot create a filter like: Must include: “Some Phrase” OR “Term”
• I cannot filter specific feeds. For example: include any terms AND include "FeedA OR FeedB"

General Nitpicks

These I just couldn’t find a spot for, so let me just run through them here:

• You cannot tap on the content’s source to then quickly jump to that feed’s view. You need to find it in your side bar and then select it. Worse still is if you connect your social media then those sources aren’t really searchable (e.g. you cannot search source:"someone@some.social")
• When adding feeds, you have to add them one at a time, you cannot queue up multiple to be added. I.e. I can search for a YouTube Channel, select the + next to them, but have to then click Add otherwise if I go back to search for another it forgets that pending subscription
• Additionally, the Add menu just feels very clunky. You seem to have to make more clicks than necessary to do something. I.e. Search for feed, tap >, tap + next to the feed, finally tap Add and then it closes! No way to “Add more” or anything.
• When searching for feeds to add you cannot tap the name of the feed to get more information. This is a bit annoying when you aren’t sure which feed is correct if multiple appear.
• It would be nice to auto-tag or label certain feeds.

Overall Thoughts

After trying out this app, do I like it? Yes. I do, but it doesn’t work 100% how I want it to work. Which is okay, I can leverage it for its strengths while compensating them with another tool I might have.

For me, Reeder.app is great for “fire hose” sources that I don’t need to, or want to, retain a copy of for later reference. The best example here is News, which comes in fast. If it is worth saving the article, I need to make the conscious effort to send it to something like Readwise.

However, for feeds that I want to stay ontop of, then I think either Readwise Reader or Reeder Classic might be best. Where I can keep track of my read/unread and also have the articles automatically sync.

What now?

I’ve already started re-testing Readwise reader, but have already found that the discoverability is very difficult. It seems searching doesn’t include searching articles from your feeds, which isn’t great. And I also plan to re-test Reeder Classic.

What this has shown me is that I need the following core processes:

• “Stream Feed” - Feeds that I just want to see what is happening, where I don’t care too much about retention or revisiting.
• “Priority Feed” - Feeds that I want to review what is posted and most likely will want to retain a copy incase I want to go back. These often should be sent to my highlighter of choice. These also need to be searchable and discoverable.
• Discoverability - In general, I want to be able to find something if I had looked at it. Ideally I do like to know if I read something, or started reading it - and this should be fairly automatic.
• Highlighting - I do like to highlight, so either I have to remember to send something to Readwise or have it there in the first place.

Anyway this is mostly a ramble post, I do want to set some more time aside to work on going over my PKM processes as a whole too, that way as I work on them and maybe discuss them, there is a reference point.

Firstly, I think that the following video does a good job covering what exactly is meant by “Apple removing encryption.”

TLDW

What appears to be happening is the following;

The UK has demanded a backdoor access to Apple’s iCloud data so that they can decrypt it at will. This demand also is behind closed doors and with apparent orders not to share any information about it, so we are learning through various leaks and policy changes.

Apple had three major choices:

1. Deny the request - This would force them to either enter into a long legal battle or leave the market.
2. Accept the request - This would entail creating a backdoor that would allow the UK to be able to decrypt any data at-will, but also creating a major threat surface for bad actors to target - and eventually exploit.
3. Remove features that prevented Apple from decrypting the data upon request from the UK.

It seems, they went with option three. This has been an ability of apple, and really any provider that holds the encryption keys to your data, to do. However, they released a feature back in 2023 called Apple Advanced Data Protection.

This feature, in short, allowed iCloud users to move the decrypting private key from Apple’s Servers to their local devices. Thus Apple could no longer decrypt the data unless you provided your trusted device in the request. For reference, Apple has information here - note the services that support “Trusted Devices”.

As you might be able to see, this wouldn’t work for the third option to be viable.

Ergo Apple is rolling back this feature for all UK users - most likely this is based on your iCloud user location, and not where your device was bought or is currently located.

TLDR

What does this all mean then? Is Apple removing encryption?

No.

Apple is just disallowing full control over your encryption, and they will retain a copy of the key to decryption so that they can hand it over on requests.

What to do now?

If you are in a region that isn’t affect, you should enable the Apple Advanced Data Protection. It is still a great tool to use. But keep an eye on any changes, this can be a very slippery slope; and more countries may follow the UK’s stance.

If you are affected, then you should consider either moving your more sensitive information to another service provider that will not be accessible so easily. Or look into running local backups to avoid another policy change at the next provider.

I must preface this by stating I’m not an LLM expert; however, there is a lot of information to unpack. My aim is to highlight which aspects of Deepseek are crucial, worth considering now, and which remain unknown. I’ll try to break this down into a couple of topics; how it affects the current AI incumbents, is it safe to use, what information we could accept or should be critical of, and how this can affect things in the future.

Deepseek and the Incumbents

This is most likely where most have initially heard of Deepseek, that it is a new Chinese built LLM that is comparable to the most powerful, available, models from places like OpenAI. Benchmarks are available to analyze how different models compare. However, many people simply want to know whether it’s good, and in that regard, yes, it is.

A new model being better than an older one isn’t really news worthy in of itself, but it is more so the cases of how it was made, where it was made and its availability.

Starting with how it was made; this was a side project from a Chinese investment firm which was able to make this model with around $6 Million dollars worth of investment. It is important to be critical of this number for various reasons, but we should not overly focus on it. Even if it cost $100 Million, it would still be significantly less than what it has cost to create the models it is competing with.

The next key fact of its creation is that China is under an embargo from getting the latest computer hardware, e.g. chips. Meaning this model was trained on older hardware. Again, it should be noted there is a consideration of “standing on the shoulders of giants,” in that some research and development has already been done, and they were potentially leveraging other available models to support the training of this model. Regardless, they proved that it was relatively cheap to create this model.

Lastly, the model was made under an open license: meaning (1) the model is free to use and modify; (2) you can use their website or app and run the model on their servers; (3) you can also download the model and run it locally. Essentially, this means that you now have the ability to run a model on par with the best available from OpenAI for a fraction of the cost.

So in short, this was made extremely cheaply, provided freely with the ability for others to modify it for their needs - showing that maybe the incumbents with their access to powerful hardware may not be as untouchable as initially thought. Thus confidence fell, causing the stock market to react.

Is it safe?

With that being said, is it safe to use? Well, it depends.

Starting with the hosted version, from their website or app. When it first came out I was wary of it, mostly because it is a new SaaS tool and hasn’t really been reviewed or tested. So use at your own risk, and maybe don’t ask it (read provide it) anything personal or private. That wariness proved to be warranted as security researchers have already found a fully accessible database that they were using to chats and logs.

Additionally, Italy has begun pressuring them to review and adhere to various data processing laws. They did something similar with OpenAI’s ChatGPT when it first came out, and was later sufficiently reviewed and approved. However, with Deepseek, they have taken the stance that they only seem to fall under Chinese data laws; as that is where their servers and company are located.

So, is it safe to use the app and website? I would say no, not until they start adhering to and proving that they are handling data securely. Now, I do also think that when you use ChatGPT, Google Gemini or any of the other hosted AIs, you should always take care to avoid providing more information than you feel comfortable with being used and stored by them.

Consider using DeepSeek locally instead. Running a large language model (LLM) locally, without an internet connection, should offer more privacy since you control the computer processing the requests and have full control over it.

Being Critical

There is a point of contention on the model’s training data and censorship. The gist is, this model has censorships on things like the Tiananmen Square and other topics. Now, I think the topic of censorship is beyond this post, but I do want to say that all models are censored in some way; they will all have bias and you should always consider who built the model.

Furthermore, there are concerns about models being trained to provide seemingly harmless but actually malicious information. This is theoretically possible. It is important to carefully examine the information provided by any model before taking action.

I have often taken the stance that you should treat an AI like an Intern, where they have a lot of time to get you answers on things or confirm things, but they can get things wrong. And they are heavily dependent on how you ask them to do something. In short, use them to augment and not replace you processes.

The future

In summary, DeepSeek has demonstrated that creating a powerful large language model (LLM) doesn’t require massive hardware investments like OpenAI and others have made. This opens up the possibility of more players entering the field. However, it also highlights the importance of not blindly trusting new SaaS offerings with sensitive information until they have been thoroughly vetted.

For now, it might be prudent to avoid using the app until it has passed regulatory scrutiny in both the EU and US. Although these regions have their own biases, a consensus of reviews can help establish a baseline level of security.

We will probably see more models come out that are based on Deepseek, or trained in similar ways. This also applies to the big players, who should also benefit from this information to optimize their own training on top of having the most compute power to do even more.

Time will tell if this pushes to more availability of LLM models, or if the most powerful will still be closed behind big technology players.