alt Hacker News1) no one cares if it works. No one cared before how your code looked as long as you are not a known and well used opensource project.
2) there are plenty of services which do not require state or login and can't be hacked. So still plenty of use cases you can explore. But yes i do agree that Security for production live things are still the biggest worry. But lets be honest, if you do not have a real security person on your team, the shit outthere is not secure anyway. Small companies do not know how to build securely.
> 1) no one cares if it works. No one cared before how your code looked as long as you are not a known and well used opensource project.
Forgive me if this is overly blunt, but this is such a novice/junior mindset. There are many real world examples of things that "worked" but absolutely should not have, and when it blows up, can easily take out an entire company. Unprotected/unrestricted firebase keys living in the client are all the rage right now, yea they "work"until someone notices "hey, I technically have read/write god mode access to their entire prod DB", and then all of a sudden it definitely doesn't work and you've possibly opened yourself to a huge array of legal problems.
The more regulated the industry and the more sensitive the business data, the worse this is exacerbated. Even worse if you're completely oblivious to the possibility of these kinds of things.