iio7 on Hacker News

Browser Ktrace Browsing (opens in new tab)

(flak.tedunangst.com)

1iio711mo ago0

Ask HN: What are some of your favorite most UNDERRATED YouTube channels?

Wanted to post a 2025 version of this classic HN question, but with a focus on underrated channels.

Ask HN: PHP password_hash exits on null byte character

For some reason the documentation does not mention this, but if you succeed in sending the null byte character to password_hash with the default Bcrypt algortihm, PHP with exit the application with a ValueError.

Normally the browser will encode the input, but you can force the issue using e.g. cURL:

printf "password=foo\0bar" | curl -X POST --data-binary @- https://example.com -H "Content-Type: application/x-www-form-urlencoded"

How do you deal with this issue?

Do you replace null byte characters or use e.g. the Argon2id algorithm to get around this problem?

2iio71y ago3

Ask HN: Can a SaaS survive on a donation-based model?

We're a couple of guys who have build a SaaS (B2C) that provides a very customizable news aggregate with deep consideration for privacy and anonymity.

As such we have a lot of problems receiving payments because of VAT (we located in EU and have customers both in EU and outside as well). We do not require customers to sign up by name, address, etc.

We're thinking about switching to a donation-based model, but are worried about whether we can actually survive on that.

So, can a SaaS survive on a donation-based model or will people just generally free-load?

3iio72y ago7

Browser Ktrace Browsing (opens in new tab)

(flak.tedunangst.com)

1iio711mo ago0

Ask HN: What are some of your favorite most UNDERRATED YouTube channels?

Wanted to post a 2025 version of this classic HN question, but with a focus on underrated channels.

8iio71y ago9

Ask HN: PHP password_hash exits on null byte character

Normally the browser will encode the input, but you can force the issue using e.g. cURL:

printf "password=foo\0bar" | curl -X POST --data-binary @- https://example.com -H "Content-Type: application/x-www-form-urlencoded"

How do you deal with this issue?

Do you replace null byte characters or use e.g. the Argon2id algorithm to get around this problem?

2iio71y ago3

Ask HN: Can a SaaS survive on a donation-based model?

We're a couple of guys who have build a SaaS (B2C) that provides a very customizable news aggregate with deep consideration for privacy and anonymity.

As such we have a lot of problems receiving payments because of VAT (we located in EU and have customers both in EU and outside as well). We do not require customers to sign up by name, address, etc.

We're thinking about switching to a donation-based model, but are worried about whether we can actually survive on that.

So, can a SaaS survive on a donation-based model or will people just generally free-load?

3iio72y ago7

iio7

Recent submissions

Linus Tech Tips – Kioxia Factory Tour – LC9 245TB SSD [video] (opens in new tab)

Politeness to ChatGPT raises OpenAI's operational costs (opens in new tab)

Google is baking Gemini AI into Chrome (opens in new tab)

Nanoplastics readily adsorb heavy metal ions (opens in new tab)

Memory leak proof every C program (opens in new tab)

Browser Ktrace Browsing (opens in new tab)

The Fall of the Open Source Initiative (OSI) (opens in new tab)

Animation vs. Coding [video] (opens in new tab)

What if one of your online friends dies unexpectedly? (opens in new tab)

Ask HN: What are some of your favorite most UNDERRATED YouTube channels?

Ask HN: Share your experience with storing lots of binary data in the database

EC cuts funding support for Free Software projects (opens in new tab)

Ask HN: What is the biggest size of a SQLite database you have worked with?

Ask HN: PHP password_hash exits on null byte character

Ask HN: Can a SaaS survive on a donation-based model?

Recent submissions

Linus Tech Tips – Kioxia Factory Tour – LC9 245TB SSD [video] (opens in new tab)

Politeness to ChatGPT raises OpenAI's operational costs (opens in new tab)

Google is baking Gemini AI into Chrome (opens in new tab)

Nanoplastics readily adsorb heavy metal ions (opens in new tab)

Memory leak proof every C program (opens in new tab)

Browser Ktrace Browsing (opens in new tab)

The Fall of the Open Source Initiative (OSI) (opens in new tab)

Animation vs. Coding [video] (opens in new tab)

What if one of your online friends dies unexpectedly? (opens in new tab)

Ask HN: What are some of your favorite most UNDERRATED YouTube channels?

Ask HN: Share your experience with storing lots of binary data in the database

EC cuts funding support for Free Software projects (opens in new tab)

Ask HN: What is the biggest size of a SQLite database you have worked with?

Ask HN: PHP password_hash exits on null byte character

Ask HN: Can a SaaS survive on a donation-based model?