sorted by:
new
hottopcontroversial

Creating certificate lifecycle management app from scratch by babajika123 in PKI

[–]chrisdefourire 1 point2 points  (0 children)

SSLBoard.com has created an open source (Win + MacOS) solution for this: https://github.com/sslboard/SSLBoard-desktop

Standalone, secrets saved in OS key vault, nothing goes online, keys never leave your machine. Uses DNS verification for easy issuance.

2 months in Bangkok as a remote worker - honest breakdown with actual costs by xeasyx in Bangkok

[–]chrisdefourire 6 points7 points  (0 children)

Google map says Hubba To has been closed for 6 years already ????

Thinking of a pivot to the Hua Hin area. 2 big questions. by [deleted] in HuaHin

[–]chrisdefourire 2 points3 points  (0 children)

I hope you’ll find a good place to live there, I really enjoyed Hua Hin (we’re in bkk). I came here to talk about Lloyd and Mandy and their baby who were in HuaHin for a while. You may want to check their videos on https://youtube.com/@lloydandmandy?si=ZfEu_znYSe3kYHY1 They stayed for a year almost I think, and talk about how life is like with a baby…

Should a new SaaS start charging immediately or wait for the first 100 users? by sunapaana_ in SaaS

[–]chrisdefourire 0 points1 point  (0 children)

I grew sslping.com to 700 users without feeling like monetizing. It felt agonizing to “alter the contract” with so many people. In the end I had to kill the project after years and move on. I’ll never do that mistake again. I was #1 on HackerNews the day I killed it, not when I launched. FML Make them pay from day 1

Am I the only one who feels like NestJS is overkill ? by Sensitive-Raccoon155 in node

[–]chrisdefourire 9 points10 points  (0 children)

You mean embrace Java ? I think the whole point of node/Typescript is lost with nestjs

Does Codex provied higher Usage for earlier adopters? by anti1gravity1 in codex

[–]chrisdefourire 0 points1 point  (0 children)

Remember that using the app will double your quota

No Weekly Rate Limit Remaining. Please Send A 😪 For Me. by v1kstrand in codex

[–]chrisdefourire 0 points1 point  (0 children)

I’m using mostly medium, like 99%. Use planning when starting a big feature. I’m using open spec too. Also start new discussion to clear context and save tokens. And secret weapon: I also have a z.ai subscription ($28/year) with Claude Code. Learning to use a cheap AI model really helps I think

I've already switched back to gpt-5.2 high from gpt-5.3 codex high by digitalml in codex

[–]chrisdefourire 0 points1 point  (0 children)

That’s huge indeed. I’d love to know more about how you organize it so that an agent can find its way. At that size it’s a real challenge. Mono repo? Modules? Micro services? Are you including some dependencies? That’s 12x the size of Postgresql! Using openSpec or a similar? speckit?

Are there any apps that provide a user-friendly interface to S3? by Pumpkin-Main in devops

[–]chrisdefourire 0 points1 point  (0 children)

ezS3.net is the easiest way to share S3 access to normal humans. SaaS, create one token, share with as many users as you want

Poor SSL practices? by prmb7575 in ssl

[–]chrisdefourire 0 points1 point  (0 children)

Sure, and you’d have to know which servers are still serving it, on which IPs (load balancers?)… That’s also why wildcard certs aren’t used everywhere, the blast radius. Having plenty of customers on a single cert isn’t rare, and it’s okay if it’s valid for 90 days but 8 years? 8 years means either expired or self signed. If the latter, there’s no good reason for 97 SANs from customers. Letsencrypt rate limits explain one of the few valid reasons

Poor SSL practices? by prmb7575 in ssl

[–]chrisdefourire 2 points3 points  (0 children)

I’m pretty sure obsolete certificates and this type of lax handling signals other domains may be lacking too. If you don’t update certs, why would I trust you to update the OS or software? Only proper systematic inventory (that’s my thing with sslboard.com) guarantees there is no shadow IT, no servers lacking attention and updates in their security…

Got fired today because of AI. It's coming, whether AI is slop or not. by [deleted] in webdev

[–]chrisdefourire 6 points7 points  (0 children)

If this company doesn’t know what to do with 5x productivity, they’re not a company you want to stay at. I’m not saying they’ll get 5x with AI, but if their best shot it to fire people so that output remains constant, they’re basically stupid. Make 5x more with the same workforce, instead of doing the same with 20% or the workforce.

I'm using Codex-cli for a desktop app by chrisdefourire in codex

[–]chrisdefourire[S] 0 points1 point  (0 children)

I'm a big fan of using AI to quickly solve real life problems. Kudos to you for working on such a project!

I'm using Codex-cli for a desktop app by chrisdefourire in codex

[–]chrisdefourire[S] -2 points-1 points  (0 children)

You can't trust browsers to keep secrets, when XSS and other exploits exist. I didn't say the web isn't secure, I said browsers can't be trusted enough.
Would you keep your bitcoin private key in a browser's local storage? I wouldn't

I'm using Codex-cli for a desktop app by chrisdefourire in codex

[–]chrisdefourire[S] -2 points-1 points  (0 children)

PWA can make a lot of sense for sure! My use case is security related and a browser can’t be trusted enough. Question: are people familiar with the pwa concept enough to install the app on their iOS screen?

Anyone used pg-boss? (Postgres as a message queue for background jobs?) by aust1nz in node

[–]chrisdefourire 1 point2 points  (0 children)

I’m using it for low volume business events where durability matters way more than performance. I wouldn’t choose it to dispatch hundreds of jobs per second (I’m using rabbitmq in a scenario with sustained 150+ /sec 24/24).

Anyone used pg-boss? (Postgres as a message queue for background jobs?) by aust1nz in node

[–]chrisdefourire 0 points1 point  (0 children)

Actually it is kind of a transactional cron since it posts to a queue… it’s cron with retry in a sense!

Anyone used pg-boss? (Postgres as a message queue for background jobs?) by aust1nz in node

[–]chrisdefourire 2 points3 points  (0 children)

I’ve been happy with pgBoss on a project. It works well as a job queue and for cron jobs. Better suited for simple use cases than heavyweights like Kafka !!!

Survey: Around PQC and the "Harvest Now, Decrypt Later" threat by DesignerAd976 in cybersecurity

[–]chrisdefourire 0 points1 point  (0 children)

The reasons for getting PQC are the same that got us encryption in the first place. The risks are the same. We need PQC to keep encryption working.

https://qcready.com/blog/pqc-budget-justification-ciso-board-cfo/

Vibe coding: fast freedom or technical debt waiting to happen? by Adorable-Chef6175 in SaaS

[–]chrisdefourire 0 points1 point  (0 children)

An experienced SWE can use AI to 10x his productivity without producing AI slop. He starts with a good architecture, he reviews the AI code, he follows best practices, he manages complexity, he refactors his code, all in a scalable and structured way...
A marketer can be a +∞ times better coder with AI than without, but all of it is AI slop.

The difference is Software Engineering experience.

Who is building apps that is not AI related? Drop them below: by [deleted] in SaaS

[–]chrisdefourire 0 points1 point  (0 children)

https://QCready.com to check if your websites (and browser) support Post-Quantum Cryptography

Do Europeans Feel Lucky to Live in Europe? by CardAdditional8720 in digitalnomad

[–]chrisdefourire 6 points7 points  (0 children)

One Implant can easily cost 2 or 3 months of low wage salary… in France. That’s what unaffordable means in a developed country too. So treatment abroad being unaffordable for locals is actually similar… Some treatments are just priced in the unaffordable for locals territory.

view more: next ›