Services
Company
Blog
Contact
Open Source

Latest Updates / 2

Company and industry news, featured projects, open source code, tech tips, and more.

Vibe Coding Is About Empowerment, Not Replacement

Michael Argentini Avatar
Michael ArgentiniFriday, April 18, 2025
People building robots to build robots... what could go wrong? People building robots to build robots... what could go wrong?

If you're not already familiar with the term, vibe coding is a new way of coding that allows people to use AI to create software without needing to know how to program. In the best case it empowers people to be creative and build tools that help with work or play, as low- or no-code solutions have always done. In the worst case it gives the impression (or rather sets the expectation) that they can literally build anything, and that software developers are a thing of the past. As with most things in life the truth of the matter lies somewhere between these extremes.

Vibe coding can be a great way to learn programming (and just have fun). It could save you hours of research, though AI is notorious for confidently giving you the wrong answer.

In many ways vibe coding is a variation of a theme. For many years there have been services to help non-programmers create tools. Some of the more recent iterations are low- and no-code solutions using drag and drop and interactive prompts. An example of this is Zapier, which allows you to connect various services and platforms to create workflows, among other things. One way you could use it would be to create a workflow that syndicates a blog post to your social network accounts or emails subscribers. In these cases the technology, hosting platform, security, and protocols are abstracted away so users can focus on the what and not be concerned with the how.

Vibe coding differs in that it requires that you also have an understanding of the how. In the example of syndicating a blog post, you would need to have some understanding of how each connected service handles communication with third party services, how to configure access for each platform, how the app needs to be hosted, how to deploy the app, and how to ensure the app is secure. You also need to know how to set up, use, and maintain a development tool chain, though some services may generate/host projects or compile code for you.

AI is trained on code written by people in the past. The word "train" implies that it's learning how to code when in fact it's just indexing the data in a way that allows the AI to regurgitate answers derived from that information. As technology changes AI needs to ingest new code written by software developers in order to keep up.

So if your choice of using vibe coding is simply a way to learn programming (and just have fun) you should go for it!

Otherwise, below is a checklist of good reasons to use vibe coding to build something. Keep in mind that complexity and tolerance for adventure are always subjective.

  1. You're tech savvy and interested in coding
  2. Your timeline is long or there is no deadline
  3. The app is reasonably simple, like a to do list or simple expense tracker, or is a prototype
  4. The app does not need to be hosted in the cloud
  5. You don't need to use complex third party service integrations
  6. The app cannot be created using an existing software package, like Claris Filemaker, etc.
  7. Security is not a concern
  8. Reliability is not a concern
  9. Scalability is not a concern
  10. Localization is not a concern
  11. Look and feel of the app is not a concern
  12. Data backup, recovery, and code versioning are not concerns
  13. Using the latest development patterns, languages, frameworks, and APIs is not necessary

If any of the previous points are an issue, here are some good reasons for using a low-/no-code hosted solution instead.

  1. You're not very tech savvy and/or not very interested in coding
  2. The app is no more than moderately complex, like a service to syndicate blog posts, or is a prototype; again, complexity can be subjective
  3. The app can or needs to be hosted in the cloud
  4. The app needs one or more third party service integrations
  5. Feature alignment; the service offers exactly what you need
  6. The look and feel of your app can be achieved with the hosted service
  7. Pricing for the hosted service meets your budget
  8. The hosted service provides disaster recovery options
After a while you may realize that building something yourself wasn't the best choice. After a while you may realize that building something yourself wasn't the best choice.

Professional Services

This is merely scratching the surface. As a professional software developer I can tell you that the devil is in the details. One example is how important security is nowadays, and how challenging it can be to maintain a proper security posture even when you know how to code. Besides, with the right software development partner you'll end up with a better result, and stay within your timeline and budget.

A professional software development partner can handle all of the gaps and requirements you may have identified in the previous lists, including:

  • Tight timeline
  • High complexity
  • Security concerns
  • Reliability concerns
  • Scalability concerns
  • Deployment, hosting, and/or third party integrations
  • Changes to support hosting or third party integration changes
  • Technology options
  • Product evolution and upgrades
  • Strategies for disaster recovery and data backup
  • Strategies for scaling the product
  • App look and feel
  • ...and so much more!

Want to know more?

There's usually more to the story so if you have questions or comments about this post let us know!

Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!

Project: ZOIA Healthcare Marketplace

Michael Argentini Avatar
Michael ArgentiniMonday, April 14, 2025

ZOIA Healthcare is a direct-to-patient provider of specialized nutritional products dedicated to empowering and improving the lives of individuals with inherited metabolic disorders and other rare diseases. They focus on navigating the complexities of healthcare, ensuring patients who require targeted nutrition that cannot be met through a regular diet alone gain access to necessary medical and low protein foods.

Accredited by the Healthcare Quality Association on Accreditation (HQAA), they adhere to stringent standards, helping their patients experience transformative outcomes. Their portfolio is curated to foster advancements in disease management, harnessing the power of nutrition.

ZOIA Pharma partnered with Fynydd to build a new web sales and marketing platform providing patients and organizations with a streamlined shopping experience. Individuals can browse, search, and purchase nutrition products, and even get notified when products are back in stock. And organizations also have the ability to offer a formulary catering specifically to their patients.

Some of the key features of the platform include:

  • Based on ASP.NET and Umbraco CMS
  • Hosted on Amazon Web Services
  • Fynydd's bespoke Umbraco shopping platform supporting consumers and organizations with formularies
  • Integrated with Stripe for payments and purchase management
  • Responsive framework works great on mobile, tablets, and larger devices
Screenshots

Key Technologies

Front-End

CSS3

HTML5

JavaScript

Sass/SCSS

Cloud Back-End

Amazon Web Services

C#

Github

Microsoft .NET

Microsoft Windows

SQL Server

Stripe

Umbraco CMS

Want to know more?

There's usually more to the story so if you have questions or comments about this post let us know!

Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!

The Enigma Machine

Michael Argentini Avatar
Michael ArgentiniSunday, February 2, 2025

The Enigma machine is a cipher device developed and used in the early- to mid-20th century to protect commercial, diplomatic, and military communication. It was employed extensively by Nazi Germany during World War II, in all branches of the German military. The Enigma machine was considered so secure that it was used to encipher the most top-secret messages.

An original Engima Machine, circa 1945 An original Engima Machine, circa 1945

This project is a high performance Enigma Machine emulator that allows you to:

  • Explore historical configurations using the classic 26 letter alphabet (no spaces!)
  • Use for modern quantum-resistant cryptography with the full 95-character ASCII character set.

Just like the physical device, machine state is used to both encipher and decipher text with the same Encipher() method (like a text toggle). Machine state had to match on both the encipher and decipher machines. Each operator would add specific rotors in a specific order, set rotor ring positions and starting rotations, as well as set plug wire positions. This emulator provides virtual versions of all key machine components by way of a deterministic random number generator using AES in counter (CTR) mode.

The emulated components include:

  • Plug board
  • Entry wheel
  • Rotors
  • Reflector

Additionally, characters in the source string that do not exist in the cipher character set are kept as-is in the enciphered text. For example, if you encipher a string with line breaks they are maintained in-place in the enciphered text since neither the classic 26 letter character set nor the 95 character ASCII set contain line break characters.

Performance

The emulator is FAST! When using the full 95 character ASCII character set, a large 800KB text string takes about 1 second to encipher. Typical text sizes encipher in a few milliseconds.

Cipher Strength

The physical machine modified with a plug board provided 150 trillion possible settings combinations for the 26 letter character set, with a 10^16 key space for a 3 rotor configuration. 4 rotors yielded a key space of 10^19, 5 rotors yielded a key space of 10^23, and so on.

So by simply using the full 95 character ASCII character set the cipher strength will be exponentially better than the original machine, even without additional rotors or other configuration, and should meet modern quantum-resistant cryptography needs.

Example 1: Historical Preset

It's easy to create a new virtual Enigma Machine and encipher your own text by using one of the provided presets based on one of the provided historical machine configurations:

  • Commercial Enigma (1924)
  • Wehrmacht and Kriegsmarine (1930)
  • Wehrmacht and Kriegsmarine (1938)
  • Swiss K (1939)
  • Kriegsmarine M3 and M4 (1939)
  • German Railway (Rocket; 1941)
  • Kriegsmarine M4 with thin reflectors (1941):

Using one of the presets is easy:

var message = "FYNYDD IS A SOFTWARE DEVELOPMENT AND HOSTING COMPANY";

var machine = new Machine(new MachineConfiguration
{
    MachinePreset = MachinePresets.Commercial_1924,
    PlugBoardWires =
    {
        { 'A', 'T' },
        { 'B', 'V' },
        { 'C', 'M' },
        { 'D', 'O' },
        { 'E', 'Y' },
    }
});

var enciphered = machine.Encipher(message.ToString());

Assert.NotEqual(message.ToString(), enciphered);

machine.Reset();

var deciphered = machine.Encipher(enciphered);

Assert.Equal(message.ToString(), deciphered);

Example 2: Practical Usage

It's even easier to use the Enigma Machine for modern encryption, since all you need to provide are a cipher key, nonce, and the number of relevant machine components. There's no need to change rotor ring positions and rotations, or set plug board wire pair values, since your cipher key and nonce are unique and drive the creation of all machine components.

Here's an example of using the Enigma Machine without a historical preset:

var message = @"
Fynydd is a software development & hosting company.
Fynydd is a Welsh word that means mountain or hill.
";

/*
    AES key must be 16, 24, or 32 bytes for AES-128, AES-192, or AES-256
    Nonce or initial counter value must be 16 bytes
*/

var machine = new Machine(
    "ThisIsA32ByteLongSecretKey123456",
    "UniqueNonce12345",
    rotorCount: 6,
    plugWires: 47);

var enciphered = machine.Encipher(message.ToString());

Assert.NotEqual(message.ToString(), enciphered);

machine.Reset();

var deciphered = machine.Encipher(enciphered);

Assert.Equal(message.ToString(), deciphered);

You can also create a custom machine by assembling the virtual components, and more. Check out the project on Github.

Want to know more?

There's usually more to the story so if you have questions or comments about this post let us know!

Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!

Sfumato CSS 5.1 Released

Michael Argentini Avatar
Michael ArgentiniThursday, December 12, 2024

Sfumato CSS 5.1.0 has been released! This update includes the following changes:

  • Update to .NET 9
  • Updated nuget packages
  • Update to Dart Sass 1.82.0
  • @apply statements now work in SCSS @import files; the @apply statements are now processed on the final generated CSS file instead of the root SCSS file

For more information, see the Sfumato project page.

Want to know more?

There's usually more to the story so if you have questions or comments about this post let us know!

Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!

.NET 9 Released

Michael Argentini Avatar
Michael ArgentiniTuesday, November 19, 2024

.NET 9 was officially released during .NET Conf. This release feels like a LTS release; full of speed improvements and quality of life features and refinements, even if you only use it as a drop-in replacement for .NET 8.

NIST Finally Changes Password Recommendations For The Better

Michael Argentini Avatar
Michael ArgentiniFriday, September 27, 2024

It's about time… NIST has updated their password formatting recommendations to better align with modern use and the reality of how we use passwords. For example, the new rules bar the requirement that end users periodically change their passwords. This requirement came into being decades ago when password security was poorly understood, and it was common for people to choose common names, dictionary words, and other secrets that were easily guessed.

Ollama Farm

Michael Argentini Avatar
Michael ArgentiniTuesday, September 3, 2024

Ollama Farm is a CLI tool that intermediates REST API calls to multiple ollama API services. Simply make calls to the Ollama Farm REST API as if it were an ollama REST API and the rest is handled for you.

Installation

Install dotnet 8 or later from https://dotnet.microsoft.com/en-us/download and then install Ollama Farm with the following command:

dotnet tool install --global fynydd.ollamafarm

You should relaunch Terminal/cmd/PowerShell so that the system path will be reloaded and the ollamafarm command can be found. If you've previously installed the dotnet runtime, this won't be necessary.

You can update to the latest version using the command below.

dotnet tool update --global fynydd.ollamafarm

You can remove the tool from your system using the command below.

dotnet tool uninstall --global fynydd.ollamafarm

Usage

Ollama Farm is a system-level command line interface application (CLI). After installing you can access Ollama Farm at any time.

To get help on the available commands, just run ollamafarm in Terminal, cmd, or PowerShell. This will launch the application in help mode which displays the commands and options.

For example, you can launch Ollama Farm with one or more host addresses to include in the farm:

ollamafarm localhost 192.168.0.5 192.168.0.6

In this example, Ollama Farm will listen on port 4444 for requests to /api/generate. The requests are standard Ollama API REST requests: HTTP POST with a JSON payload. Requests will get sent to the first available host in the farm.

You can also change the default Ollama Farm listening port of 4444:

ollamafarm --port 5555 localhost 192.168.0.5 192.168.0.6

And if you run any ollama hosts on a port other than 11434, just specify the port in the host names using colon syntax:

ollamafarm --port 5555 localhost:12345 192.168.0.5 192.168.0.6

Ollama Farm Requests

Requests made to the Ollama Farm service will be routed to one of the available Ollama API hosts in the farm. Requests should be sent to this service (default port 4444) following the standard Ollama JSON request format (HTTP POST to /api/generate/). Streaming is supported.

Hosts are checked periodically and are taken offline when they are unavailable. They are also brought back online when they become available.

To optimize performance Ollama Farm restricts each host to processing one request at a time. When all hosts are busy REST calls return status code 429 (too many requests). This allows requesters to poll until a resource is available.

Additional Properties

  • farm_host : Request a specific host (e.g. localhost:11434)
  • farm_host : Identify the host used

Example:

{
    "farm_host": "localhost",
    "model": ...
}
Screenshots

Want to know more?

There's usually more to the story so if you have questions or comments about this post let us know!

Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!

Project: Monitoring Analytics Website

Michael Argentini Avatar
Michael ArgentiniThursday, August 29, 2024

Monitoring Analytics was established in 2008 as the fully independent external market monitor for PJM Interconnection by the Market Monitoring Unit of PJM. PJM Interconnection, a regional transmission organization, ensures the reliability of the electric power supply system in 13 states and the District of Columbia.

Monitoring Analytics (MA) partnered with Fynydd to create a new web platform optimized for a modern user experience.

The goal of the project was to provide visitors with easy access to the Monitoring Analytics quarterly reports and other support documentation, as well as an updated visual appearance.

One of the challenges was the creation of a new taxonomy for their 20 year document collection. It needed to be easy to manage in the back office, but also provide better on-site search results. We were able to work with MA to categorize and organize their document collection and provide a user flow that made finding and downloading documents quick and easy.

Due to various compliance requirements, some aspects of the hosting were non-standard. But we were able to meet all their needs. For example, we deployed the platform CMS without the back office code, and with the CMS management APIs disabled, providing additional security in production. This meant creating a unique publishing workflow whereby a separate instance could be used behind a firewall and approved changes could be deployed through a VPN connection.

Some of the key features of the platform include:

  • Based on ASP.NET and Umbraco CMS, hosted on Amazon Web Services
  • SQLite database
  • Non-standard publishing workflow
  • Indexing of PDF content, ingested into Lucene indexes
  • Composite web/PDF content site search
  • Responsive HTML5 framework
  • Device themes (system/dark/light modes)

NOTE: THE WEBSITE IS NOT YET LIVE

Screenshots

Key Technologies

Front-End

CSS3

HTML5

JavaScript

Sass/SCSS

Cloud Back-End

Amazon Web Services

C#

Github

Microsoft .NET

Microsoft Windows

Umbraco CMS

Want to know more?

There's usually more to the story so if you have questions or comments about this post let us know!

Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!

Check Your Website Security for FREE Using Qualys SSL Labs

Michael Argentini Avatar
Michael ArgentiniSunday, August 11, 2024

Qualys has a free tool named SSL Labs that anyone can use to check the security of their website TLS certificates and certificate hosting configuration. This is an frequently overlooked area of securing a website and we highly recommend using it on your own website. In fact, we use it on all our website projects to secure our client websites, and dog food it for fynydd.com (we score an A+ by the way).

Features

The SSL Labs tool will evaluate a ton of certificate hosting exploits like BEAST, POODLE (SSLv3), POODLE (TLS), Zombie POODLE, GOLDENDOODLE, Sleeping POODLE, and more.

It will also scan your server's TLS/SSL protocol support to ensure that you're using the latest version (TLS 1.2 at the time of this writing) and that your server has disabled legacy protocols to prevent protocol fallback attacks. In fact, if you're hosting with Microsoft Internet Information Service (IIS) we highly recommend installing the "Setup Microsoft Windows or IIS for SSL Perfect Forward Secrecy and TLS 1.2" PowerShell script to lock down your server TLS/SSL protocol support.

Want to know more?

There's usually more to the story so if you have questions or comments about this post let us know!

Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!

Animate CSS Auto Height Without Javascript

Michael Argentini Avatar
Michael ArgentiniSunday, August 4, 2024

Web developers rejoice! There's an easy way to animate the height of an HTML element even if the height is dynamic, determined by its content, with only CSS. This is typically used for navigation menus and the like, and now it's much easier to code and maintain.

The strategy is to actually animate the grid-template-rows not the height. For example, take the following HTML markup:

<div class="menu">
    <div class="inner-wrapper">
        <p>Here is some content.</p>
        <p>Here is some content.</p>
        <p>Here is some content.</p>
    </div>
</div>

The CSS for this markup would be:

.menu {
    display: grid;
    grid-template-rows: 0fr;
    transition: grid-template-rows 100ms;
}

.menu.active {
    grid-template-rows: 1fr;
}

.menu .inner-wrapper {
    overflow: hidden;
}

Initially the outer div will be hidden since it has no overflow and the grid template rows are zero. When you add active to the outer div element's class list, the browser will animate the transition from zero row height to 1fr, which essentially means the height it needs for its content to render.

Want to know more?

There's usually more to the story so if you have questions or comments about this post let us know!

Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!

© 2025, Fynydd LLC / King of Prussia, Pennsylvania; United States / +1 855-439-6933

By using this website you accept our privacy policy. Choose the browser data you consent to allow:

Only Required
Accept and Close