Daisy LeighWith the power of AI, you too can take your startup from “fucking around” to “finding out” in as little as two days!
Mighty Orbot@daisy His postmortem is fun to read — he left his API keys exposed and allowed users to bypass the subscription process by editing their own data, then wrote it all off as a learning experience because he would STILL rather use an LLM than an experienced developer. The next security mistake he makes he won’t even see coming.
Reminds me of how my brother asked me last year if I could help him build a secure software system for his fantasy startup — on an old computer in his basement.
I had to tell him (1) that’s not what I specialize in, and (2) if you really want that stuff secure, then pay a web host who already knows how to do it right. A repurposed PC in your basement might be okay for a static website, but not for anything you really need to protect.