AskHN Digest

1. Tell HN: SMS-based two-factor authentication is not secure

Top comment by jsnell

Your problem is not with SMS as a second factor though. (Unless you think the attacker had your password as well). It is with the use of SMS as a single recovery factor.

The very things that make SMS a uniquely good second factor make it an awful only factor. Use of SMS for account recovery should in general (or at least for important accounts) have a delay (order of days) that allows the real user to intervene.

2. In Praise of Open Source Textbooks

Top comment by jimhefferon

> thank you, thank you

You are very welcome. Glad to help. :-)

(I'll just say that the TeX Users Group is very interested in improving the PDFs that LaTeX outputs in this regard, and has projects in this direction. They are at https://www.tug.org.)

3. Ask HN: Tools you have made for yourself?

Top comment by gandalfgeek

I have a small YT channel [1] and I used to spend 30-40 mins recording and then 2-4 hrs editing to get a final 10-15 min video.

Then I fully scripted my video editing using Python+MoviePy [2]. The time savings are sweet. I just feed it my raw video and get the finished video a few minutes later. It cuts out all the dead air as well as the parts I don't want (which I indicate in-video).

In general scripting video editing is faster and more scalable compared to mousing around and making tiny cuts in a graphical video editor.

[1]: http://youtube.com/c/VivekHaldar [2]: https://youtu.be/Bdoi7BDhrWc

4. Ask HN: Post Burnout Ideas

Top comment by mzarate06

> One thing I've never really recovered is the passion I had for side projects

I know how this feels. After a few bouts of burnout over my ~20 year career, I'm not convinced we fully recover from all of it. I think each bout leaves some permanent damage, along with increased risk of subsequent bouts. I made a similar comment here: https://news.ycombinator.com/item?id=22164678

The best general advice I can give is don't push anything. If you're not feeling motivated to engage in a side project, no problem, don't pursue one right now. Give things time and see how you feel after 2-6 months. Other general advice - reduce work hours if you can, exercise regularly, and relax. Morning/evening walks combine the latter two well.

Learning something new can also help combat burnout fogginess. I've found courses in something of interest work well (search Coursera, Udacity, Udemy, etc.). What I like about these is they're smaller in scale and more self contained than an open-ended side project. They allow you to commit time and energy in small chunks and at your own pace, but still leave you with something valuable in the end. E.g. over the years I've taken courses in Vue, Svelte, TypeScript, and a couple math refreshers. All enjoyable and worth while IMO.

5. Ask HN: Books for Effective Communication

Top comment by devinplatt

How to Talk So Kids Will Listen & Listen So Kids Will Talk, by Adele Faber and Elaine Mazlish.

Stack Overflow co-founder Jeff Atwood recommends this book on his Coding Horror blog[0]. I don't have children, but his statement that a book on talking with children "improved [his] interactions with all human beings from age 2 to 99" intrigued me enough to get the book.

I feel that out of any book I've read, this is the one that's affected my actual behavior the most. The book features a lot of examples that help the reader to internalize the lessons. Also, the lessons are so broadly applicable that you can likely apply them immediately in your life.

It was honestly really amazing to read some pages of the book one night, find an opportunity to apply a lesson from it in a situation the next day, and then see immediate results when the conversation would go in positive direction that I maybe would have screwed up otherwise.

[0]: https://blog.codinghorror.com/how-to-talk-to-human-beings/

6. Ask HN: Would Spreadsheets with Lisps be much more powerful?

Top comment by davidscolgan

Dear sarvasvkulpati,

I appreciate your question! It demonstrates a curiosity about the nature of computing itself. Some will surely say that this idea is unreasonable or not practical. But, if this is an idea that speaks to you, I encourage you to try your hand at making a prototype of your idea! This is the hacker way. And being in college you have time, peers who are equally enthusiastic, energy, and the help of professors. Regardless of the practicality, all interesting progress comes from people who ask questions like this, and see what comes of trying to make something interesting.

In college I had a peer who convinced us to all use Gentoo Linux because it was the most hardcore Linux. I bricked my computer three times trying to use it and ultimately switched away from using Gentoo but learned a ton about Linux that I use to this day on a less hardcore distro. I still use Vim even though it's more complicated than other editors. I also went through a period where I tried learning every programming language I could find to see which one was "the best". I ultimately found a few I liked the most. None of these were efficient at first, but eventually led to highly cool results.

Ask for help if you get stuck. I bet something interesting will come of it, even if you just learn what doesn't work.

Something something "The reasonable man adapts himself to the world: the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man."

Your idea is really cool. Stay hungry and awesome. Cheers to you.

7. Ask HN: Handling customers that want feature previewing?

Top comment by Arubis

Most of the discussion here will be technical, especially around feature flags and friends. That’s fine, but please don’t miss out that this is a clear signal to charge these customers a lot more money.

8. Ask HN: Do you run apps bare metal?

Top comment by whalesalad

It would help to clarify some words:

"Bare metal" means that your application is running on the same OS that is also running the raw hardware (metal), aka no virtualization. Containers are not (generally) the same as virtualization.

The analog to bare metal is virtualized, where the hardware your program is seeing is not necessarily the hardware that is running on the actual host machine.

A docker container could ostensibly be considered running on bare metal. A container is really just isolation but the parent OS/kernel is in command. Here is a graphic that illustrates the differences: https://www.sdxcentral.com/wp-content/uploads/2019/05/Contai...

What you are really asking is do you need an abstraction layer or orchestration tool to manage doing this.

The short answer is that no you do not need it at all. If you can DIY this and are happy with it, that is sufficient. For example, a current deployment process for one of my clients (EC2 environment) involves stopping a custom systemd service, pulling the new binary/deps and then starting the systemd service. Really simple with a small instant of downtime, but within this environment that is not a problem.

9. Ask HN: What is your playbook for profitable SaaS without outside investment?

Top comment by jdvh

We've built a couple of saas businesses without any investment, as complete unknowns. It's doable, and today it's easier than it has ever been. You can go from 0 to revenue in less than 6 months. The big problem is that there is a ton of software out there, including free software, and people will only pay if your product is much better in some way that actually matters. If you only give yourself a few months to build a product you can only build a couple of features, so those features better be really good.

10. Ask HN: What hardware/furniture/hack greatly improved your WFH setup?

Top comment by apuchitnis

Two things:

1 - An additional monitor. Before I used to work on just my laptop. Now I have a 24" monitor on the side. I use it for offloading non-essential tabs and windows, and it makes working so much easier. I'm considering getting another monitor for the same reason.

2. Clearing and cleaning my desk at the end of the day, so it looks tidy and all non-essential things are removed. For me, a tidy desk == tidy mind :)