HackerTrans
TopNewTrendsCommentsPastAskShowJobs

PaybackTony

385 karmajoined 13 lat temu
Co-Founder of Slyde - FAANG Engineer.

Submissions

Show HN: Drop Flap Boards for All

dropflapboard.com
2 points·by PaybackTony·14 dni temu·0 comments

Show HN: Hacker News on a train station-style flip board

popflame.quickish.space
114 points·by PaybackTony·20 dni temu·30 comments

Show HN: Localish – Your Localhost in the Cloud

popflame.quickish.space
1 points·by PaybackTony·24 dni temu·0 comments

Show HN: Quickish – Instant HTML Hosting

quickish.website
3 points·by PaybackTony·w zeszłym miesiącu·0 comments

Cybersecurity breach at City of Portland led to $1.4m fraudulent transaction

katu.com
1 points·by PaybackTony·4 lata temu·1 comments

comments

PaybackTony
·7 dni temu·discuss
There is a reason I had to lock my better version of this (https://quickish.site) behind Google OAuth to start. Like it or not, this type of stuff is going to be more popular than it was when Netlify / Heroku was doing it a decade ago.
PaybackTony
·15 dni temu·discuss
I built this by testing a workflow for a service I started (hobby project) called quickish (https://quickish.site). You can just remix this (basically forks it and hosts it on your own space on quickish) for free. Can be public too. Can use the "Remix" button on the bottom right (just need a google account to login) or on CLI run: `npm i -g quickish && quickish remix create quickish/hn-flipboard`, there is also a quickish/flipboard that the HN one was remixed from (just a git fork behind the scenes).

You can work on it locally however you like, there is also a `quickish dev` command you can run in the site folder that starts up a local dev server with live reload. When you're happy with the changes just run `quickish . /flipboard` and it will publish it.

With all of that said, I am working on a version that is exactly what you are asking for. An editable board that lets you change the grid size, give it a unique url and password protect on top of a POST endpoint that let's you change the content via API (also all hosted on quickish) for that exact use case. I have a few more optimizations I am going through and will get that out.

I appreciate the kind words!
PaybackTony
·17 dni temu·discuss
For those finding it now: Added more realistic flap sound effects. Mobile improvements. UI tweaks with flap animations. You can remix this and make your own, change it, etc. Download the source and have some fun. Thank you all!
PaybackTony
·17 dni temu·discuss
I don't disagree at all on the AI design. I can do a bit more (I have worked as a senior UI engineer at Nike and AWS), the reality is many of the parts I wanted to focus on outside the UI of the flaps got that "Claude Designed This" feel to it.

The original drop flap board I remixed this from (also one I did as a demo) I added a couple more rows and cols. I played with a few things but felt like this was more in-line with what I wanted the result to be but it still feels like it could be better.
PaybackTony
·17 dni temu·discuss
Stand by.... I agree.
PaybackTony
·17 dni temu·discuss
Sound could be better.
PaybackTony
·17 dni temu·discuss
I tried to use a more digital sound at first, then went a step more realistic (ElevenLabs actually) but would have preferred to just record a real one.
PaybackTony
·17 dni temu·discuss
If you were to "Remix" it and have it on your own quickish page that settings dialog appears however it is simply an oversight on my part that it doesn't say that explicitly.
PaybackTony
·19 dni temu·discuss
Was CloudFlare limiting after a large burst of interest. All better. Only took a leg
PaybackTony
·19 dni temu·discuss
Was not expecting 30k visits in an hour. Patched up the mobile view and got everything running again. Oof. Thank you for checking it out!
PaybackTony
·19 dni temu·discuss
Yes, got rate limited. Didn't expect the traffic but it's back
PaybackTony
·3 lata temu·discuss
A pretty common one is jsPlumb - https://jsplumbtoolkit.com/ - might be what you're looking for. I'm sure there are others as well.
PaybackTony
·4 lata temu·discuss
My point on this isn't that you should write ugly, unmaintainable code because who cares. It's that, if you're an experienced and intelligent engineer, you're going to do just fine. There's no need to complicate it, get lost in analysis paralysis and so forth. I have seen top engineering teams make software that's hard to maintain with questionable performance as a _result_ of some of the things this article brings up. Often times too much engineering is just as bad as not enough.

Here is how I personally define good software engineering:

- Does it do the job? - Is there low cognitive load in regards to following the code? (Can you jump back in the code in 6 months and get your feet quickly... AKA: Don't over-abstract). - Is it performant? - Can you easily make changes?

If those 4 things are true, the rest doesn't matter from my experience.
PaybackTony
·4 lata temu·discuss
This is something I preach often, even at FAANG. Often engineers feel comfortable and in-the-zone when solving for a process. One saying I often delivery is: Engineers often think their job is to build things. That's not the whole story, they build things for _people_.

Nobody cares what your code looks like. Nobody cares what your architecture looks like. As engineers we should worry about creating forgettable experiences (at least in enterprise). They care that it does the job well, with low load times and an easy to use UX. That's it. If you did your job right they'll forget that software helped them do their job or complete their task faster / better because the experience was so seamless they spent the entire time focused on their own goal, and not how to navigate your software to get there. How you get there is irrelevant. Now it's your job as an experienced and intelligent engineer to make quick, thoughtful decisions on how to get your product to where it needs to be so that your _customers_ can create more impact on their own business / lives faster.
PaybackTony
·4 lata temu·discuss
Have to touch on this as it's a common theme to my response. There absolutely are regulations. However, regulations being in place, and the enforcement of these regulations are different. STIR/SHAKEN is a requirement, however it's an easy requirement for scammers to meet. (Numbers are super cheap to buy in bulk, pennies per month typically). Sooner or later they'll run out.

The second side of the regulation miss is that carriers have to self-report much of the time. These centers pay into the 6 figures monthly to their carriers. The carriers know exactly what kind of traffic is being sent through and many times aide these scammers in shaping the traffic to look more legit. Auto-warranty scams in the past? Huge amounts of that traffic were routed through the likes of Y-Tel and a couple others. Regulators knew this but enforcement took years to happen. It's the same right now.

Lastly is the issue of what happens once enforcement occurs? The answer is not great: The scammers change numbers and keep going. They aren't local and it's not cut and dry when it comes to continuous enforcement against foreign entities. Their carriers still support them and the fines are typically less than a month's revenue from the larger outfits (think Uber).

Better meta-data helps aide robo / scam / spam blockers. IMO, we should just shut down these carriers who knowingly aide these scammers. We know who they are, they aren't hard to find.
PaybackTony
·4 lata temu·discuss
At one point I worked on the very systems they used (dialers, PBX, internal CRMs), with the carriers that enabled it. This wasn't an opinion of mine, I was merely passing along real-world information from someone who worked in the industry (me). Many in this thread completely underestimate the volume these centers call at. We aren't talking hundreds of thousands of minutes per month per center. We're talking millions of minutes. Cost per minute is a massive cost even at 1/6 increments. The call center we ran, that was direct marketing / support typically had telecom bills well into the 6 figures every month at the height.

Their scams are purposefully asinine. It's not profitable to spend time and effort into tricking the wise into an unwise act. It's far more profitable searching for the unwise to act in kind. So when you throw your hands up asking "Who would fall for that!?" The answer is typically: Someone who'd be willing to buy a gift card or share bank account info. This contradicts your last point that a given locale is more or less likely to be scammed given the native language.

Language barriers are a part of the issue, yes, but these centers are capable of calling and speaking a number of languages. Cost and regulation are the big factors here. Just like any other business model. I got out of the business (telecom / direct marketing saas) right when EU started raising fees and coming down on some of the bad actors. Unfortunately for the US, that meant those bad actors focused even more in the US.

Also, the scams really aren't as profitable as you'd think most of the time. They generally can't afford more than a $50 CPA at best. Again, they have to turn heavy volume to get to their target market. They also rotate "offers". You hear about the big "wins" a lot (Grandma scammed for 50k+) but those are outliers. Typically it's $20 here, $100 there. Again, volume.
PaybackTony
·4 lata temu·discuss
I built telecommunications systems / software for some time. The unfortunate truth here is that telecom carriers absolutely already have everything they need to largely put a stop to it but they knowingly ignore it. It's the biggest problem in the US because because of pricing. It's expensive to run outbound campaigns in almost any other country, and very cheap in the US (fractions of a penny per minute compared to 5-10c per minute in some EU locations). Scammers need volume to make money.

The reason carriers -- from the local exchange carriers and up -- ignore it is because just a single scam operation can mean 10s of thousands of dollars in volume a month, and sometimes more. Since they have to self-report for the most part they're not very incentivized to stop it. There are a few easy to implement regulatory / technical mechanisms that could nearly axe all of it, but carriers push back hard on those regulations and they never stick.

I know from experience dealing with this that it's absolutely not ignorance that's at play on the regulatory and commercial side. It's disgusting, and as fueled with greed and red tape as you'd fear.
PaybackTony
·4 lata temu·discuss
Completely disagree here. See my comment in the main thread of this post. A startup could net anywhere from 200k/yr for a state park contract to 15m+/yr depending on the state. However, realistic cap on revenue with a healthy market share for just the park management / reservation management side is 55-75m annually.

We are actually competing but it's important to understand that companies like Booz Allen have fought (successfully much of the time) to have a number of qualifiers put in these RFP's that would prevent any start-up from being accepted. Things like "You need X years in this specific market for your proposal to be accepted". Obviously the only ones who can possibly have that are the existing vendors which virtually eliminates the possibility of fresh competition. We've successfully got a few states to change their requirements however, which is the first time that's been done in a quite some time.
PaybackTony
·4 lata temu·discuss
I attended the NASPD conference this last year (National Association of State Parks Directors). After a couple of us ex Vacasa / Nike / Amazon engineers heard from our local state that the industry is up for disruption we started working on product in our free time. After attending that conference they couldn't be more right.

Those running the parks hate their options, I don't see them as a crook here. The industry for park management software that fits the needs of a public land is stale. Fees for fees is normal. The process to become a vendor for a state is long and drawn out, and is riddled with red tape that was created in large part by the very same stale old vendors who've been in it the last 30 years.

After speaking with multiple states and now being in the proposal process for a number of them, hopefully we can be a step further in the right direction (think things like opening up 3rd party integrations, better bot prevention, etc).

Another thing I'd like to pass on from talking to a number of states including the national parks people: They are really trying to move in a more equitable direction when it comes to park access. They are very aware that many park experiences aren't as accessible (hard to get a reservation) to certain demographics and from my perspective they are making an effort to figure some of those things out.
PaybackTony
·4 lata temu·discuss
The worst (best) part is that it was only caught when they did because the attacker got greedy and tried to double dip. Would be interesting to find out how they turned a phishing attack into that.