People building robots to build robots... what could go wrong?
If you're not already familiar with the term, vibe coding is a new way of coding that allows people to use AI to create software without needing to know how to program. In the best case it empowers people to be creative and build tools that help with work or play, as low- or no-code solutions have always done. In the worst case it gives the impression (or rather sets the expectation) that they can literally build anything, and that software developers are a thing of the past. As with most things in life the truth of the matter lies somewhere between these extremes.
Vibe coding can be a great way to learn programming (and just have fun). It could save you hours of research, though AI is notorious for confidently giving you the wrong answer.
In many ways vibe coding is a variation of a theme. For many years there have been services to help non-programmers create tools. Some of the more recent iterations are low- and no-code solutions using drag and drop and interactive prompts. An example of this is Zapier, which allows you to connect various services and platforms to create workflows, among other things. One way you could use it would be to create a workflow that syndicates a blog post to your social network accounts or emails subscribers. In these cases the technology, hosting platform, security, and protocols are abstracted away so users can focus on the what and not be concerned with the how.
Vibe coding differs in that it requires that you also have an understanding of the how. In the example of syndicating a blog post, you would need to have some understanding of how each connected service handles communication with third party services, how to configure access for each platform, how the app needs to be hosted, how to deploy the app, and how to ensure the app is secure. You also need to know how to set up, use, and maintain a development tool chain, though some services may generate/host projects or compile code for you.
AI is trained on code written by people in the past. The word "train" implies that it's learning how to code when in fact it's just indexing the data in a way that allows the AI to regurgitate answers derived from that information. As technology changes AI needs to ingest new code written by software developers in order to keep up.
So if your choice of using vibe coding is simply a way to learn programming (and just have fun) you should go for it!
Otherwise, below is a checklist of good reasons to use vibe coding to build something. Keep in mind that complexity and tolerance for adventure are always subjective.
If any of the previous points are an issue, here are some good reasons for using a low-/no-code hosted solution instead.
After a while you may realize that building something yourself wasn't the best choice.
This is merely scratching the surface. As a professional software developer I can tell you that the devil is in the details. One example is how important security is nowadays, and how challenging it can be to maintain a proper security posture even when you know how to code. Besides, with the right software development partner you'll end up with a better result, and stay within your timeline and budget.
A professional software development partner can handle all of the gaps and requirements you may have identified in the previous lists, including:
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
ZOIA Healthcare is a direct-to-patient provider of specialized nutritional products dedicated to empowering and improving the lives of individuals with inherited metabolic disorders and other rare diseases. They focus on navigating the complexities of healthcare, ensuring patients who require targeted nutrition that cannot be met through a regular diet alone gain access to necessary medical and low protein foods.
Accredited by the Healthcare Quality Association on Accreditation (HQAA), they adhere to stringent standards, helping their patients experience transformative outcomes. Their portfolio is curated to foster advancements in disease management, harnessing the power of nutrition.
ZOIA Pharma partnered with Fynydd to build a new web sales and marketing platform providing patients and organizations with a streamlined shopping experience. Individuals can browse, search, and purchase nutrition products, and even get notified when products are back in stock. And organizations also have the ability to offer a formulary catering specifically to their patients.
Some of the key features of the platform include:
CSS3
HTML5
JavaScript
Sass/SCSS
Amazon Web Services
C#
Github
Microsoft .NET
Microsoft Windows
SQL Server
Stripe
Umbraco CMS
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
The Enigma machine is a cipher device developed and used in the early- to mid-20th century to protect commercial, diplomatic, and military communication. It was employed extensively by Nazi Germany during World War II, in all branches of the German military. The Enigma machine was considered so secure that it was used to encipher the most top-secret messages.
An original Engima Machine, circa 1945
This project is a high performance Enigma Machine emulator that allows you to:
Just like the physical device, machine state is used to both encipher and decipher text with the same Encipher() method (like a text toggle). Machine state had to match on both the encipher and decipher machines. Each operator would add specific rotors in a specific order, set rotor ring positions and starting rotations, as well as set plug wire positions. This emulator provides virtual versions of all key machine components by way of a deterministic random number generator using AES in counter (CTR) mode.
The emulated components include:
Additionally, characters in the source string that do not exist in the cipher character set are kept as-is in the enciphered text. For example, if you encipher a string with line breaks they are maintained in-place in the enciphered text since neither the classic 26 letter character set nor the 95 character ASCII set contain line break characters.
The emulator is FAST! When using the full 95 character ASCII character set, a large 800KB text string takes about 1 second to encipher. Typical text sizes encipher in a few milliseconds.
The physical machine modified with a plug board provided 150 trillion possible settings combinations for the 26 letter character set, with a 10^16 key space for a 3 rotor configuration. 4 rotors yielded a key space of 10^19, 5 rotors yielded a key space of 10^23, and so on.
So by simply using the full 95 character ASCII character set the cipher strength will be exponentially better than the original machine, even without additional rotors or other configuration, and should meet modern quantum-resistant cryptography needs.
It's easy to create a new virtual Enigma Machine and encipher your own text by using one of the provided presets based on one of the provided historical machine configurations:
Using one of the presets is easy:
It's even easier to use the Enigma Machine for modern encryption, since all you need to provide are a cipher key, nonce, and the number of relevant machine components. There's no need to change rotor ring positions and rotations, or set plug board wire pair values, since your cipher key and nonce are unique and drive the creation of all machine components.
Here's an example of using the Enigma Machine without a historical preset:
You can also create a custom machine by assembling the virtual components, and more. Check out the project on Github.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Sfumato CSS 5.1.0 has been released! This update includes the following changes:
For more information, see the Sfumato project page.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
.NET 9 was officially released during .NET Conf. This release feels like a LTS release; full of speed improvements and quality of life features and refinements, even if you only use it as a drop-in replacement for .NET 8.
It's about time… NIST has updated their password formatting recommendations to better align with modern use and the reality of how we use passwords. For example, the new rules bar the requirement that end users periodically change their passwords. This requirement came into being decades ago when password security was poorly understood, and it was common for people to choose common names, dictionary words, and other secrets that were easily guessed.
Ollama Farm is a CLI tool that intermediates REST API calls to multiple ollama API services. Simply make calls to the Ollama Farm REST API as if it were an ollama REST API and the rest is handled for you.
Install dotnet 8 or later from https://dotnet.microsoft.com/en-us/download and then install Ollama Farm with the following command:
You should relaunch Terminal/cmd/PowerShell so that the system path will be reloaded and the ollamafarm command can be found. If you've previously installed the dotnet runtime, this won't be necessary.
You can update to the latest version using the command below.
You can remove the tool from your system using the command below.
Ollama Farm is a system-level command line interface application (CLI). After installing you can access Ollama Farm at any time.
To get help on the available commands, just run ollamafarm in Terminal, cmd, or PowerShell. This will launch the application in help mode which displays the commands and options.
For example, you can launch Ollama Farm with one or more host addresses to include in the farm:
In this example, Ollama Farm will listen on port 4444 for requests to /api/generate. The requests are standard Ollama API REST requests: HTTP POST with a JSON payload. Requests will get sent to the first available host in the farm.
You can also change the default Ollama Farm listening port of 4444:
And if you run any ollama hosts on a port other than 11434, just specify the port in the host names using colon syntax:
Requests made to the Ollama Farm service will be routed to one of the available Ollama API hosts in the farm. Requests should be sent to this service (default port 4444) following the standard Ollama JSON request format (HTTP POST to /api/generate/). Streaming is supported.
Hosts are checked periodically and are taken offline when they are unavailable. They are also brought back online when they become available.
To optimize performance Ollama Farm restricts each host to processing one request at a time. When all hosts are busy REST calls return status code 429 (too many requests). This allows requesters to poll until a resource is available.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Monitoring Analytics was established in 2008 as the fully independent external market monitor for PJM Interconnection by the Market Monitoring Unit of PJM. PJM Interconnection, a regional transmission organization, ensures the reliability of the electric power supply system in 13 states and the District of Columbia.
Monitoring Analytics (MA) partnered with Fynydd to create a new web platform optimized for a modern user experience.
The goal of the project was to provide visitors with easy access to the Monitoring Analytics quarterly reports and other support documentation, as well as an updated visual appearance.
One of the challenges was the creation of a new taxonomy for their 20 year document collection. It needed to be easy to manage in the back office, but also provide better on-site search results. We were able to work with MA to categorize and organize their document collection and provide a user flow that made finding and downloading documents quick and easy.
Due to various compliance requirements, some aspects of the hosting were non-standard. But we were able to meet all their needs. For example, we deployed the platform CMS without the back office code, and with the CMS management APIs disabled, providing additional security in production. This meant creating a unique publishing workflow whereby a separate instance could be used behind a firewall and approved changes could be deployed through a VPN connection.
Some of the key features of the platform include:
NOTE: THE WEBSITE IS NOT YET LIVE
CSS3
HTML5
JavaScript
Sass/SCSS
Amazon Web Services
C#
Github
Microsoft .NET
Microsoft Windows
Umbraco CMS
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Qualys has a free tool named SSL Labs that anyone can use to check the security of their website TLS certificates and certificate hosting configuration. This is an frequently overlooked area of securing a website and we highly recommend using it on your own website. In fact, we use it on all our website projects to secure our client websites, and dog food it for fynydd.com (we score an A+ by the way).
The SSL Labs tool will evaluate a ton of certificate hosting exploits like BEAST, POODLE (SSLv3), POODLE (TLS), Zombie POODLE, GOLDENDOODLE, Sleeping POODLE, and more.
It will also scan your server's TLS/SSL protocol support to ensure that you're using the latest version (TLS 1.2 at the time of this writing) and that your server has disabled legacy protocols to prevent protocol fallback attacks. In fact, if you're hosting with Microsoft Internet Information Service (IIS) we highly recommend installing the "Setup Microsoft Windows or IIS for SSL Perfect Forward Secrecy and TLS 1.2" PowerShell script to lock down your server TLS/SSL protocol support.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
Web developers rejoice! There's an easy way to animate the height of an HTML element even if the height is dynamic, determined by its content, with only CSS. This is typically used for navigation menus and the like, and now it's much easier to code and maintain.
The strategy is to actually animate the grid-template-rows not the height. For example, take the following HTML markup:
The CSS for this markup would be:
Initially the outer div will be hidden since it has no overflow and the grid template rows are zero. When you add active to the outer div element's class list, the browser will animate the transition from zero row height to 1fr, which essentially means the height it needs for its content to render.
There's usually more to the story so if you have questions or comments about this post let us know!
Do you need a new software development partner for an upcoming project? We would love to work with you! From websites and mobile apps to cloud services and custom software, we can help!
