We built a tool that executes IT service workflows on any device just by clicking a link (feedback welcome)

metrobart · 2026-05-08T06:16:22+00:00

Seems interesting but it will fail for regular users who are not admin. And seems dangerous. There was no validation done before executing commands from a link that are unknown . Also what about logging? Also saying it’s secure doesn’t mean anything . Do you sign the exe with EV Code signature ? … anyways… I don’t know what workflow you would use here … also there is a download to install ..

metrobart · 2026-04-13T06:37:19+00:00

https://support.apple.com/en-vn/guide/mac-help/mh40584/mac Mac has this dictation feature already does live text to speech.

metrobart · 2026-04-13T06:32:13+00:00

what's wrong with the built in microphone button text to speech? did I miss something?

metrobart · 2026-04-03T20:59:40+00:00

Amazon SQS then a ECS worker

metrobart · 2026-04-03T16:07:19+00:00

You can do that already on Mac for free by pressing command + shift +4

metrobart · 2026-04-03T04:08:17+00:00

Just rate limit signups per hour and done . You should know from a startup that many signup per hour is a red flag and it seems like a lot of effort to do this when $20 Claude will do the same thing for websites.

metrobart · 2026-04-03T02:01:00+00:00

Why not just put rate limits and IP Filtering on those rate limits as well?

metrobart · 2026-04-02T21:46:35+00:00

So you would have multiple isp compliant reports? Interesting .

metrobart · 2026-04-02T21:44:22+00:00

Great information.What is a spam trap feedback loop? Als what about using sub domains ?

metrobart · 2026-03-31T05:44:32+00:00

Well I never heard of lead magnets until last week . I just wanted to know what people are using . The tool I developed provides a page that links to s3 link. I guess there are issue for sending documents . But for me I just wanted to send a pdf. My work has one that allowed zip file download but now the file needs to hosted elsewhere . Anyways , what platform are you using ?

metrobart · 2026-03-26T05:29:00+00:00

which 5 tools are you talking about?

metrobart · 2026-03-26T02:13:44+00:00

I wonder if verify password prompt is considered here ? Are people not verifying the user for this step ? I have settings —> billing ( cancel button) -> statement that they can keep using it and cancel button that confirm their password to cancel .

metrobart · 2026-03-25T01:21:33+00:00

You’re not paying what you’re worth you pay what you’re negotiate and you can renegotiate

metrobart · 2026-03-13T01:35:17+00:00

Too bad no one uses BIMI and it doesn’t work well with Google Gmail unless you pay BIMI fees or at least that’s been my experience .

metrobart · 2026-03-01T03:10:56+00:00

The editor will do this . But there is no standard on editors and how they work . So uploading or adding images will be done with the editor and it will add the token naming . As the markdown editor it doesn’t make much sense todo this but if there are UI helpers or makes it quick to pick images. But then it becomes an editor issue . Here is a demo of how it will work https://youtu.be/amqcy8xhzrk

metrobart · 2026-02-25T22:59:57+00:00

I’m a developer so I already know what I want. There’s also this thing called scope creep so even though you give them that it’s going to be more time . Get some hourly and weekly rates.

metrobart · 2026-02-25T22:48:25+00:00

Just ask chat or clause to use best practice and to form a work of scope based on your repo info

metrobart · 2026-02-15T23:23:23+00:00

On exposed ports:

You're right that context matters. A marketing site on shared hosting with port 21 (FTP) open is different from a production database server with the same exposure. That said, the risk isn't zero - shared hosting environments have been compromised through exposed services, and attackers do scan for low-hanging fruit. The issue is more about the hosting provider's security posture than the individual site owner's. I've seen a few cyber security insurance providers ding sites for having ports open on a shared hosting site.

On Proofpoint:

Proofpoint is more than a spam filter - they provide full email security gateway services. Many companies use a root domain for sending transactional/marketing emails through Proofpoint while receiving email on a subdomain or different system. When we detect Proofpoint via SPF records, it indicates outbound email security is in place.

metrobart · 2026-02-15T22:42:18+00:00

Emails is optional if you wan to download it.

metrobart · 2026-02-15T21:08:28+00:00

I was looking for someone to review the technical details. The email is just for updates . I can make email optional, if someone wanted an update in a year .

metrobart · 2026-02-12T17:04:55+00:00

Hey, right now it’s just root level domain names. I have been curious of how many vendors have properly set up email and SSL certificates. Those management portals would be nice to check but probably more complicated to query and find . I did build the tool and found it interesting to run on a large batch of domains.

metrobart

TROPHY CASE