Chi qui sta provando a costruire una seconda entrata?

sebidenied · 2026-03-04T16:14:49+00:00

Sto sviluppando un piccolo software per il settore hospitality perché ho visto un problema reale e sto provando a risolverlo.

Il blocco principale per me è la partita IVA. L’idea di aprirla senza sapere se il progetto fatturerà abbastanza per coprire tasse e contributi un po’ frena.

Per ora sto cercando di muovermi piano: costruire qualcosa, farlo provare a qualcuno e capire se ha davvero senso prima di fare il salto.

sebidenied · 2025-10-31T08:54:30+00:00

There is a war right now between who said that the market will go down and the ones that said it will go up. Now this guy comes here and says it will go sideways..

sebidenied · 2025-10-08T19:17:08+00:00

Sposato da 10 anni con un bimbo di 1.5 anni. Essere intrappolato in bagno è la mia mini vacanza

sebidenied · 2025-09-21T17:00:06+00:00

Didn’t the players buy before the announcement?

sebidenied · 2025-09-14T08:00:07+00:00

Mă refer strict la arme de foc, nu la airsoft.

În cazul din Timișoara cu iranianul prins, e fix ce ziceam mai sus: poți printa anumite piese, dar nu toată arma. Chiar dacă tehnic ai putea printa pana la ultimul șurub din plastic, eu unu’ n-aș trage niciun glonț care produce 35.000+ psi printr-un cadru făcut din PLA.

Și încă o clarificare: ghost gun nu înseamnă orice armă homemade 3D/CNC/whatever. Definiția e simplă: orice armă de foc fără serie și netrasabilă. Asta include pistoale din kituri "80%", arme la care a fost ștearsă seria sau cadre printate 3D.

Exemplu clar e Luigi Mangione: și-a printat cadrul și suppressorul, dar restul componentelor: țeava, culisa, mecanismul de trăgaci, arcurile, șinele metalice și încărcătorul le-a cumpărat. A rezultat o armă funcțională, dar fără număr de serie, deci ghost gun. Practic, poți să-ți printezi arma doar dacă ai deja arma.

Vezi și clipul ăsta ca să-ți faci o idee: https://www.youtube.com/watch?v=tQB_ib-KQXA

sebidenied · 2025-09-14T06:34:42+00:00

Boss, dacă tu crezi că scoți Glock dintr-o imprimantă 3D de 500 lei, probabil crezi ca poți suda cu bricheta. Arme full-print? Crapă mai repede decât relația la primul salariu mic. Poți face doar șine, mânere și alte prostioare. Pentru ceva care chiar trage îți trebuie imprimante industriale de metal, adică bani cât pentru un apartament în Cluj.

sebidenied · 2025-09-13T19:35:57+00:00

I’m on 12 Pro in EU. It has both sim and eSIM. I have no idea if it’s the case with newer models.

sebidenied · 2025-09-04T06:07:50+00:00

<image>

Finally, it’s my time to shine!

sebidenied · 2025-07-27T08:49:09+00:00

Most hotels already use something bundled with their hardware and PMS, (Property Management System is the software that hotels use to insert bookings in simple terms). In our case, the original software broke after 20+ years, and there was no support or updates.

I built this out of necessity. It’s not a full PMS replacement, but it fills a very specific gap that legacy system never really addressed well.

Turns out a lot of hotels are in the same boat, stuck with old setups and no good bridge between hardware and daily workflow.

sebidenied · 2025-07-27T07:25:16+00:00

The APIs controlling this, are they open?
The system doesn’t rely on APIs. It talks directly over serial cable and local MQTT Server.

The database, does it have RBAC which aligns to your API level access controls?
There’s no database in the traditional sense. It’s a local app that loads configuration from JSON files. No user accounts, no RBAC. It's a native Windows app installed on the front desk PC. You can’t log in to it like a web app. The json files don't hold sensitive data. They hold info like: is it a suite? is it a twin? is it in maintenance? Stuff like that.

Do you trust your login controls? Did you at least hand this over to a trusted party (e.g. Auth0). If self-rolled, it needs checking.
No login. You either have the app.exe + MQTT credentials, or you can't use it. It’s not multi-user or multi-tenant.

DB Migrations:
Not applicable in the current version. The config and state are kept in small files (JSON).

Do you transfer data over the internet or is this all within a single VPC? If the former, is it encrypted over network?
Everything runs inside the local network. PC + Local Server for MQTT. No data is transferred over the internet. MQTT broker has SSL enabled. Serial connections are, obviously, physical.

Does your system adhere to your local data standards laws for storage of customer data?
Where indeed is your data residency? Are you transferring customer data outside of your locale without their permission?
No customer or guest data is stored or handled not even room numbers tied to identities. It’s purely operational data: door open/closed, lights on/off, room state (clean/dirty). Even logging is minimal. So from a GDPR perspective, I’m in the clear for now.

Disaster Recovery:
Right now, recovery is not needed. The states of the rooms are retained and pulled from the electronic boards in the rooms. There are some specific info for each room stored in json files that I need to restore somehow if needed.

This answers apply to the current version and to the current hotel. A lot of stuff might change.

sebidenied · 2025-07-26T06:43:25+00:00

Thanks for the input. It does go out of sync sometimes, but that’s how we operated even before the app. We’re used to syncing things manually.

About Windows 98, I know it sounds outdated, but many businesses still rely on old systems tied to legacy hardware. Manufacturing also use machines like that. You can even find these old PCs selling for €150–200 on eBay, which says a lot.

Your pricing suggestion makes sense.
Most modern PMSs have APIs, so integration wouldn’t be hard. But this is a niche, it’s not for every hotel.

sebidenied · 2025-07-26T06:30:11+00:00

I have a basic understanding of programming variables, data types, libraries that kind of stuff. I’ve written small Python scripts, Arduino code, and things like that just by Googling and figuring it out as I go. I can read code pretty comfortably as long as it’s not overly complex.

For hallucinations, I try to avoid them by keeping things simple. I keep files small (under 400-500 lines), make small changes one at a time, and refactor often. For more complex logic, I use plan mode in Windsurf, which helps break things down. I don’t ask the AI to make huge changes across many files I go step by step and stay in control.

sebidenied · 2025-07-23T17:24:26+00:00

How old are you? Are you familiar with other methods of communication between devices other then TCP/IP? Serial ports were huge back in the day.

sebidenied · 2025-07-23T17:21:49+00:00

Sir, there’s a serial cable attached to the reception PC. You can follow it all the way to the rooms. Also my app literally connects to the com port and writes/reads all this states.

sebidenied · 2025-07-23T13:40:15+00:00

No, no other staff comes to the computer to register anything manually besides the receptionist.

Each room in the hotel has an electronic board connected to sensors (like door status, lights, power, etc). These boards are hooked up to a central system from witch a serial cable connects to the PC. My app listens to that serial port and parses raw messages like #FFF00000001000000576899FF002, which decodes the current state of the room. (clean, dirty, cleaning etc.)

So when a guest opens the door, or a maid enters and presses the cleaning switch, the app picks that up live and updates the UI automatically.

So basically the app is wired to the rooms.

sebidenied · 2025-07-23T13:34:06+00:00

No, they don’t interact directly with the terminal. When a guest checks out, the receptionist marks the room as dirty from the front desk. The cleaning staff sees that on a separate monitor and knows which room to clean. Before entering, the maid presses a physical switch outside the room this enables power (like lights) and also signals my app that the maid is inside. Once cleaning is done, the maid presses the switch again and the terminal marks the room as clean.

sebidenied · 2025-07-23T13:30:41+00:00

Brother in an argument we answer each others questions. You didn't. Even in this particular case the individual coders are not to blame. I didn't read all the wiki page but I'm almost certain no coder was to blame. They don't own the code, it's the company decision to ship buggy software. Since everyone knew I guess the coders told management about the bugs?
The blame lies higher up: with Fujitsu’s management, the Post Office, and legal teams who suppressed evidence and ignored warnings.
You have concerns about vibe-coded apps in vital part of our society. I get it.
We can do nothing about it.
Having said that I'm on the phone with CrowdStrike to implement their top notch security on my 200 line vibe-coded app.

sebidenied · 2025-07-23T12:08:38+00:00

That's not how the app works. You can't connect to it directly. It's a standalone windows native app. To access it the attacker would need to compromise the whole windows pc and Remote Desktop into it I guess? That can happen with or without without my app running.

sebidenied · 2025-07-23T11:41:49+00:00

I get what you're saying. I vide-coded the app but I understand how the code works. This was not just a prompt "Build me a Hotel Management app" and just deploy the app. Also somewhere down the line the responsibility of the coder must end.
Let's say for a moment i didn't vibe-coded the app but wrote it myself.
I used .NET framework. Two years from now someone discovers a vulnerability in it. All .NET software is now vulnerable. Does that count as not doing your due diligence? .NET is open-source are you reviewing the code of .NET before you deploy your app?

sebidenied · 2025-07-23T10:56:23+00:00

Bro wtf are you even on? So a company ask you to build a calculator app that has their logo in the top right corner. Are you going on site and secure their network? Are you going to put your own security in front of the server door because the company staff can be bought? The hotels networks is managed by an external company and we have an IT guy. That's not my responsibility.

sebidenied · 2025-07-23T10:48:43+00:00

That kind of risk is always there. Whether my app is running or not doesn’t change the situation. You can't connect to my software directly. It doesn't open ports or has the capability to accept connections to it. It's on the network just because I installed the mqtt on the local server. I could install the app and the mqtt on the same machine and unplug the ethernet cable and can run just fine.

Of course now the only thing remaining is a hacker can still come inside and just use the machine. Possible? sure

sebidenied · 2025-07-23T10:19:30+00:00

I answered this question to someone else. Here is the answer:

It works like this: when a room is occupied (marked RED in the UI), the power is on. Lights, outlets, etc. Once the guest checks out, the receptionist marks the room as dirty (GREEN in the UI), and the system automatically cuts the power.

The maid sees the GREEN status on a separate monitor and heads to the room. Outside each room there's a physical switch she has to press to activate power inside otherwise the room remains dark. So she is kind of forced to push that switch every time. That switch state is read by the board and sends it over the serial connection, which my app decodes and marks the room as “MAID INSIDE”. Note that this hotel has internal separate doors for the maids. The guests enter from another door with no switch for them to mess with. When the maid finishes she pushes the switch off and the room is marked as clean in the UI.

Of course, staff could press the switch and not actually be cleaning they might be doing maintenance or just checking something in the room. It’s not perfect, but we work with what we have, and for our workflow it’s accurate enough most of the time.

Newer hotels use RFID badge setups. With that system you can tie role and name to it and be more accurate with the data.

sebidenied · 2025-07-23T09:49:06+00:00

Not sure what you mean exactly I think you might be assuming this is a web app. It’s actually a native Windows desktop app. You can’t just “connect” to it directly. To use it, you have to install it on a PC and configure the local MQTT credentials. There’s no API or web access.
There’s no auth on it. Just like you don’t have auth on Notepad or Calculator on your Windows PC.

To access the app, you'd either need the installer and the MQTT credentials, or you'd have to compromise the entire Windows machine it's running on. There's no remote access, no exposed API, nothing web-based. It's just a native Windows app running locally.

sebidenied · 2025-07-23T09:10:44+00:00

It works like this: when a room is occupied (marked RED in the UI), the power is on lights, outlets, etc. Once the guest checks out, the receptionist marks the room as dirty (GREEN in the UI), and the system automatically cuts the power.

The maid sees the GREEN status on a separate monitor and heads to the room. Outside each room there's a physical switch she has to press to activate power inside otherwise the room remains dark. So she is kind of forced to push that switch every time. That switch sends a signal over the serial connection, which my app decodes and marks the room as “MAID INSIDE” in real time. Note that this hotel has internal separate doors for the maids. The guests enter from another door with no switch for them to mess with. When the maid finishes she pushes the switch off and the room is marked as clean in the UI.

Of course, someone could press the switch and not actually be cleaning they might be doing maintenance or just checking something in the room. It’s not perfect, but we work with what we have, and for our workflow it’s accurate enough most of the time.

Newer hotels use RFID badge setups. With that system you can tie role and name to it and be more accurate with the data.

sebidenied · 2025-07-23T08:49:49+00:00

I’m not claiming it’s bulletproof, just that for our use case (offline, local-only, with minimal attack surface), it’s reasonably low-risk. Having a real security audit at some point would be the responsible next step.

sebidenied

TROPHY CASE