Hacker News: hermanb

New comment by hermanb in "The smelly baby problem"

hermanb — Sat, 02 May 2026 00:19:25 +0000

Our baby was capable of sending these signals when she was a few weeks. So most pees she does hanging above the sink. This saves so many diapers, crazy. And much more comfortable for her to never have a wet butt, not even a minute. Would recommend!

I think within the next few months we can actually get her to go to the potty by herself. She’s 15 months now.

This industry wasn’t just good. It did destroy babies sensitivity to soiling.

New comment by hermanb in "Vouch"

hermanb — Sun, 08 Feb 2026 20:51:59 +0000

I had this idea / pet project once where I did exactly this for email. Emails would immediately bounce with payment link and explanation. If you paid you get credit on a ledger per email address. Only then the mail goes through.

You can also integrate it in clients by adding payment/reward claim headers.

New comment by hermanb in "Kargo, a multi-stage application lifecycle orchestrator"

hermanb — Mon, 18 Sep 2023 17:58:02 +0000

If Kargo requires R/W access to GitHub, and auto updates charts/images, isn’t that asking for your production environment to be infected by a change prepared and cultured in your dev environment and then auto updating / hiding itself into prod freight?

We disallow writing back to GitHub to avoid this issue, and manage stages through branches, combined with directories for overlays. Things can get out of sync, but comparing branches is easily automated.

New comment by hermanb in "Microsoft government email compromised (and quietly fixed)"

hermanb — Wed, 12 Jul 2023 20:27:07 +0000

It would be pretty interesting if they shared some more detail on this indeed. I was wondering the same when I read “forged” elsewhere.

How can you forge a token? Did they use quantum machinery to retrieve a JWT Private Key? Did they factor RSA keys?

But no, they used a bug/weakness to exchange a token.

New comment by hermanb in "Hardware microphone disconnect (2021)"

hermanb — Tue, 07 Mar 2023 20:11:53 +0000

It is not disconnected by “a chip”. It is disconnected by something that closely resembles a physical switch.

This is the point of the article. There is no software involved. It can’t be hacked.

New comment by hermanb in "Germany opposes EU plans for client-side scanning"

hermanb — Thu, 02 Mar 2023 22:32:11 +0000

If the image doesn’t leave the device and only the hash does… What is stopping one from uploading existing public images, banning a whole lot of innocent people?

New comment by hermanb in "Analysis on Docker Hub malicious images: Attacks through public container images"

hermanb — Wed, 23 Nov 2022 17:53:42 +0000

Honestly, this seems like little. We should be wary of the source we try to pull, but given how easy it is to upload something malicious you’d expect thousands of images of this kind. Maybe DockerHub is already detecting and deleting these packages?

Or why aren’t more people interested in this?

Not sure, but maybe injecting into commonly used libraries via subdependencies is seen as a more effective method, getting more focus. Would be interesting to have a broader analysis of malicious artifacts!

New comment by hermanb in "Circadian lighting with Home Assistant: Like f.lux, but for your house"

hermanb — Mon, 07 Nov 2022 21:36:24 +0000

https://hueblog.com/2022/07/16/natural-light-new-function-no...

New comment by hermanb in "Circadian lighting with Home Assistant: Like f.lux, but for your house"

hermanb — Mon, 07 Nov 2022 21:35:44 +0000

It is a feature of the Hue bulbs being worked upon, see: https://hueblog.com/2022/07/16/natural-light-new-function-no...

New comment by hermanb in "Flutter 3"

hermanb — Wed, 11 May 2022 21:41:55 +0000

Philips Hue is fully Flutter since a while now (v4). There were issues with (pre-rendering of) animations but those have been resolved in Flutter.

New comment by hermanb in "Implementing a Merkle Tree for an Immutable Verifiable Log"

hermanb — Fri, 06 May 2022 19:55:05 +0000

I’ve been wondering about this too and always used full sha’s until now. But recently I’ve made an action myself: You actually need to publish the action to the marketplace with each tag manually. It feels like there might be more going on.

Is GitHub storing those published tags and avoiding tampering by only letting you use those tags once? Are they warning or blocking runs if you tamper? …

I’m really curious because it seems like SUCH a giant risk otherwise.

New comment by hermanb in "Subdomain Takeovers"

hermanb — Wed, 27 Apr 2022 12:02:23 +0000

Happens with GitHub Pages too. You can crawl for repos with CNAME file and if any of those repos is removed or CNAME is removed, you can takeover.

I believe this is now hardened a bit by setting the CNAME to a GitHub domain with the user/org as subdomain.

New comment by hermanb in "Show HN: FlyCode – Git-Based Copy and Translations Editor for Web Apps"

hermanb — Tue, 26 Apr 2022 18:55:59 +0000

Really sounds like an awesome tool. Fits right into the serverless / JAMStack kind of systems too. Just like Netlify CMS.

I was actually in the process of tweaking Netlify CMS to be more easily hostable yourself without depending on the Netlify Pro plans as much. Basically involves hosting a combination of Netlify Identity and Git Gateway compliant backends in GCP CloudRun or AWS Lambda. Maybe even making it easy to configure a build pipeline on CloudBuild.

I wanted to use this for small business websites, but also configuration management and translations for projects at work. Sounds like FlyCode is a great (not self-built) alternative I can recommend. Great business model as well. Almost no databases needed (auth only?) and easy to host stateless on serverless offerings. Scales linearly

New comment by hermanb in "'Freeze-thaw battery' stores electricity long-term for seasonal release"

hermanb — Thu, 07 Apr 2022 04:21:16 +0000

Original article is a good read too:

https://www.cell.com/cell-reports-physical-science/pdf/S2666...

New comment by hermanb in "Software Architecture Patterns: 5 minute read"

hermanb — Fri, 29 Oct 2021 20:34:02 +0000

Interesting architecture and I really would like to understand better the virtualized part: how does that scale?

If processing units store all data in memory, it doesn’t scale linearly. Maybe sharing is assumed?

I’d like to see some better examples of this if anyone has any!

New comment by hermanb in "Making Sense of Redis’ Scan Cursor"

hermanb — Tue, 16 Jul 2019 14:03:17 +0000

And here is my friend-link: https://medium.com/q42-engineering/redis-scan-cursor-e5dc303...

New comment by hermanb in "Debugging data flows in reactive programs"

hermanb — Sat, 30 Jun 2018 12:08:03 +0000

It would work, and actually that is a great idea for the situations where applications are actually deployed and running in production, if it can be enabled on demand.

The advantages of RxFiddle above Zipkin-likes are: - the means to extract the right information. The tool integrates with RxJS, and the format is universal accross Rx’s of other languages. - the visualization which is a better fit, compared to trace spans. I didn’t use Zipkin in practice though, does it have other visualizations than spans?

Of course RxFiddle is nothing like zipkin in terms of how polished it is and how much it is carried by the community. RxFiddle so far has been my research result and while it is open source, I’ve not received contributions, so feel free to share more insights or efforts!