Hacker News: CER10TY

New comment by CER10TY in "Claude may require identity verification in some cases"

CER10TY — Wed, 15 Apr 2026 11:01:10 +0000

They use Persona for their new "Trusted Access for Cyber": https://chatgpt.com/cyber, at least according to the FAQ

New comment by CER10TY in "Top downloaded skill in ClawHub contains malware"

CER10TY — Thu, 05 Feb 2026 13:45:50 +0000

IIRC the creator specifically said he's not reviewing any of the submissions and users should just be careful and vet skills themselves. Not sure who OpenClaw/Clawhub/Moltbook/Clawdbot/(anything I missed) was marketed at, but I assume most people won't bother looking at the source code of skills.

New comment by CER10TY in "AI is killing B2B SaaS"

CER10TY — Thu, 05 Feb 2026 08:05:43 +0000

It swings both ways though. I've seen plenty of older engineers dismiss the "new guys" effort and claim that everything had to be custom written, because there's no way a common framework like Django could cover their use case. The same type of engineer has never once worked with a common framework though, so they don't know what's included nowadays.

Turns out it's a lot easier to build on top of a common framework than do everything from scratch.

New comment by CER10TY in "Pricing Changes for GitHub Actions"

CER10TY — Tue, 16 Dec 2025 20:22:05 +0000

Only for public repos though - if you're in an org with private repositories you don't get access to them (yet).

New comment by CER10TY in "Reverse engineering a $1B Legal AI tool exposed 100k+ confidential files"

CER10TY — Wed, 03 Dec 2025 22:11:53 +0000

Personally, I'd just use common sense and good judgment. At the end of the day, would you want someone to hand your address, and other private data to OpenAI just like that? Probably not. So don't paste customer data into it if you can avoid it.

On the other hand, minified code is literally published by the company. Everyone can see it and do with it as they please. So handing that over to an AI to un-minify is not really your problem, since you're not the developer working on the tool internally.

New comment by CER10TY in "Reverse engineering a $1B Legal AI tool exposed 100k+ confidential files"

CER10TY — Wed, 03 Dec 2025 21:55:19 +0000

Presumably they'll threaten to sue you and/or file a criminal complaint, which can be pretty hard to deal with depending on the jurisdiction. At that point you'll probably start asking yourself if it's worth publishing a blog post for some internet points.

New comment by CER10TY in "Malicious versions of Nx and some supporting plugins were published"

CER10TY — Wed, 27 Aug 2025 15:39:53 +0000

That's a good catch. I knew these flags existed, but I figured they'd require at least a human in the loop to verify, similar to how Claude Code currently asks for permission to run code in the current directory.

New comment by CER10TY in "Malicious versions of Nx and some supporting plugins were published"

CER10TY — Wed, 27 Aug 2025 13:13:35 +0000

Personally, I'd expect Claude Code not to have such far-reaching access across my filesystem if it only asks me for permission to work and run things within a given project.

New comment by CER10TY in "Ask HN: Recently laid off developer looking for solo product ideas"

CER10TY — Fri, 22 Aug 2025 06:44:37 +0000

Talk to people outside tech. Lots of small problems worth solving, but not in tech. Also, just because it's a problem in someone's day to day won't mean they'll pay to fix it.

Good luck!

New comment by CER10TY in "Notion releases offline mode"

CER10TY — Tue, 19 Aug 2025 22:19:37 +0000

Isn't that pretty much how every "Trusted by these companies" marketing badge works nowadays?

Show HN: SpecGate – Validate API responses against OpenAPI in real-time

CER10TY — Tue, 19 Aug 2025 16:51:09 +0000

Hey HN,

Over the years, I've built quite a few OpenAPI specs that'd get neglected over time and where the endpoints would eventually drift away from the spec.

I wanted to build something super lightweight that I could drop in during development to double check that my endpoints still match the spec as expected.

SpecGate is a lightweight proxy that checks API responses against the given OpenAPI spec. It'll tell you if there's an undocumented endpoint or if the response doesn't match the spec. I managed to catch about 10 issues with one of my more recent specs as soon as I started using it.

It's possible to run this in production as well, but it currently only logs to stdout/stderr, so keep that in mind if you decide to run it in production.

Would love to hear your feedback on this tool.

Comments URL: https://news.ycombinator.com/item?id=44953604

Points: 1

# Comments: 0

New comment by CER10TY in "Sunny days are warm: why LinkedIn rewards mediocrity"

CER10TY — Sun, 17 Aug 2025 16:09:50 +0000

Or, far more likely, they'll reach out to someone in their network. To land in that network, you have to market your services. LinkedIn is somewhat useful for that, but less so nowadays.

New comment by CER10TY in "AI is different"

CER10TY — Sat, 16 Aug 2025 08:08:00 +0000

I guess the thinking goes like this: Why start a business, get a higher paying job etc if you're getting ~2k€/mo in UBI and can live off of that? Since more people will decide against starting a business or increasing their income, productive activity decreases.

Ask HN: Would you soft-launch a landing page in 2025?

CER10TY — Thu, 07 Aug 2025 10:00:41 +0000

Given the state of vibe coding and how easy it is to scaffold a working web app in 2025 (assuming you've got the technical experience and don't just rely on Lovable), do you think soft-launching a landing page to gauge interest is enough in 2025 or do users expect a fully working app from day 0?

Comments URL: https://news.ycombinator.com/item?id=44822593

Points: 3

# Comments: 5

New comment by CER10TY in "Small changes that made our daily stand-ups more useful"

CER10TY — Wed, 06 Aug 2025 09:54:41 +0000

That takes 2 seconds. But the PO usually expected a detailed breakdown of what went well or bad and what could be improved right then and there. Simply saying "Yeah, I'm doing X, still doing it, bye" would be bad, because you're also not inviting _collaboration_.

New comment by CER10TY in "Small changes that made our daily stand-ups more useful"

CER10TY — Tue, 05 Aug 2025 19:13:34 +0000

We were 5 people total - PO, Scrum Master, 3 devs. Been years since I was in that team but it was expected that everyone would give a lengthy update about the previous day

New comment by CER10TY in "Small changes that made our daily stand-ups more useful"

CER10TY — Tue, 05 Aug 2025 19:11:53 +0000

I‘m long gone from that team (thankfully). But hey, the Scrum Master was certified, I‘m sure it‘s all proper /s

New comment by CER10TY in "Small changes that made our daily stand-ups more useful"

CER10TY — Tue, 05 Aug 2025 18:52:50 +0000

Props to you if you manage to follow this and squeeze it into 15 minutes. I‘ve genuinely never had a daily last less than 60 mins.

New comment by CER10TY in "Things that helped me get out of the AI 10x engineer imposter syndrome"

CER10TY — Tue, 05 Aug 2025 18:35:07 +0000

The issue is that it‘ll absolutely _suck_. If I tell Claude Code to scaffold a web app from 0 outside of React it‘s terrible.

So no, imho people with no app dev skills cannot just build something over a weekend, at least something that won‘t break when the first user logs in.

New comment by CER10TY in "Things that helped me get out of the AI 10x engineer imposter syndrome"

CER10TY — Tue, 05 Aug 2025 18:31:47 +0000

It‘s easier, since you don‘t have to stare at your monitor for 4 hours straight. But still, people expect availability since you‘re paid for 8 hours.