Also on this topic I want to make a shout out to slint.dev !
(I've fiddled with it, and the syntax is extremely easy to grasp - very react-ish). Can use Rust/C as a binding language, and you can even choose the rendering engine (for example QT).
slintpad.com uses the wasm port to run on a browser and is not the same as when using Slint to build a "native" app, especially on mobile.
Slint does support decent text input and IME. Including text selection with the native handle. As a demo for android you can try the demo from https://material.slint.dev/ ("Download APK")
+1 for Slint! I worked with it for a while and enjoyed it quite a lot. Florian was working on a more glossy compinent library, not sure what has been made of it.
The DSL was pleasant but still had some rough edges. I think they made some nice QoL improvements in the latest releases, but I've not kept up with it. The compile times were quite something, though you can use the previewer tool to prototype faster.
Definitely worth giving Slint a shot, they learnt a lot from QML imo
I’m not sure if this is just an “on mobile” thing, but I can’t find any reference to ISO 27001 or SOC2 at that datacentres URL. Taking your word for it being there previously, this seems like a major red flag! Faking these certs is no joke, and silently removing references to that after being called out would be even more of a bad look.
@ybceo you seemed to represent this org based on your previous comments, is the parent commenter missing something here?
You're right, we shouldn't have had those certifications listed. They've been removed. We're a new company, made a mistake, and we're fixing it. Appreciate you calling it out.
Sorry for continuing on this thread, but now I got more questions:
How do you monitor and enforce your uptime SLA? You state 99.9%, which is less than 9 hours downtime per year; what happens if you breach this guarantee?
Any other types of SLA's? What happens if you get breached/ your networks gets breached, or hardware failure, and my "anonymous" data is lost.
Besides that you make some claims, but are they real, or are they vaporwave?
like:
"All our datacenters maintain the highest security standards with 24/7 on-site security, biometric access controls, and CCTV surveillance.
Each facility features N+1 power redundancy with UPS systems and diesel generators, ensuring your services remain online even during extended power outages."
What is the definition of wasting developer time? If a developer takes a 2 hours break to recover mental power and avoid burnout, is it considered time wasted?
You built it because you wanted to share passwords:
And your flow is: I encrypt my password; I upload the encrypted password to your server.
And I share the password to the encrypted password as plain text.
Why do I have to upload the encrypted password to your server, and not just use signal disapearing messages, or telegram secure channel disappearing messages to share the encrypted password there.
And I can use any other side channel to share the second password, like whatsapp, or regular plain mail.
It feels to me that you made a two step process into a one step process but increased the risk by adding you in the middle.
Why would I offload my trust to you instead of doing the second step?
Your skepticism is valid and if your flow already includes: A secure messaging tool (e.g. Signal), a GPG workflow or local encryption or a team that uses shared password vaults. Then to be fair Stasher might not be better.
I built Stasher for me. I wanted an easy, CLI-first way to share one-time secrets without worrying about accounts, apps, or trust. If Signal or GPG works better for you that’s totally cool.
Stasher exists to make casual, secure sharing simpler not to replace tools you already trust.
Security-focused backend/devops engineer with experience in regulated industries. Served as CISO for two startups that were acquired (IBM + Dataminr buyers). Built secure infrastructure, compliance automation, and ISMS/BCP systems that helped land enterprise clients including BCG, Palo Alto Networks. I speak both code and risk, and I thrive where technical architecture meets business requirements.
Looking for high-leverage contract work, virtual or fractional CISO roles, or backend-heavy infrastructure projects in industries where trust and uptime matter.
Note: Email alias via SimpleLogin. Replies go straight to me.
