As expected, Lots of bad words on the site currently, album link below is not safe for work :

https://imgur.(NSFW)com/a/qa-won-R7c6EBw

Comments URL: https://news.ycombinator.com/item?id=43689484

Points: 39

# Comments: 2

All of the assets were left to rot and at the time the company was a good match for another startup of mine. So I reached out to the investors I found on crunchbase and asked if I could acquire everything. We worked out a deal and I did. The issue was the complete lack of people from the old company willing to assist and the complete lack of data for alot of things. There was 1 or 2 people who we could ping from the old company to ping who were super helpful, but the big thing was many things were just lost to time- passwords, history, code repos, etc..

Simply creating a new google apps account allowed us to get full access back to everything - We could even read old slack messages (even DMs!) by resetting each accounts password. The whole thing was shocking to say the least, but with that access we got back into literally every service they used and managed to get it up and running again within a week, which was a good thing because nearly every service it was using was threatening to shut it down every day for lack of payment.

I think the solution here is actually way simpler than most make it out to be and could easily be a startup for someone:

Create a startup that lets customers simply enter in domains. If the domain EVER goes into the "pendingDelete" status, inform the customer. The customer would be random SAAS's that want to protect against this type of attack and could simply choose to disallow access to any account that has had their domain go into that status.

Cliffnotes- This is a absolutely insane situation but matt has come out looking insanely bad imo.

>> This is the second time israel has done this https://en.wikipedia.org/wiki/Yahya_Ayyash

Wiz's valuation is insane. Most people havent even heard of them. I think it was a > 60x ARR multiple on this deal. Id actually be kinda pissed if I was a google shareholder and they went through with it.

Something very strange is going on with Wiz. My gut tells me if they ever IPO to go big on puts.

The whole thing came down like a house of cards.

https://redact.dev (my startup) makes this easy.

We @ https://redact.dev are working on a pure software mechanism for doing these optouts directly from your own device. We already have full mass deletions for over 40 social media and utilitys.

Comments URL: https://news.ycombinator.com/item?id=39792019

Points: 3

# Comments: 3

I could understand if stripe was worried about regulations or KYC, but they already do (imo) way more frisky crypto implementations like powering exchanges fiat to crypto. ( see https://stripe.com/use-cases/crypto )

Why not let my users pay in crypto all through the existing stripe interface? Do I really have to go build ANOTHER implementation for bitpay? (Already had to do one for paypal). Stripe is becoming less and less of the "payments for developers" and more and more of the "godaddy walled garden" every year.

Comments URL: https://news.ycombinator.com/item?id=39734712

Points: 1

# Comments: 1

Heres the cliffnotes of how it goes though, roughly:

* So is minimum wage ok then?

* Why cant a minimum wage person invest all their money into a startup? Why do they have to be a accredited investor?!?

* Why cant I just open up a payday loan place that charges 900% interest? Theres no other payday loan places around and poor people willingly will use it!

* What about prostitution, nobody is forcing them to do it?

* Alright then, Should we let poor people sell their organs? Again, nobody is forcing them to do it!

Cliffnotes: Just because someone will 'willingly' do something, or doesnt have any better options, doesnt make it just or moral. You setting up a 'consulting' company in bangladesh that pays people x$ a day to do something is exploiting those people, plain and simple.

Also, as to your phillipine cost- You are completely wrong. The average wage across the majority of regions in the country is under $10 per day. This is where (see my first link below) most shops get setup, obviously.

https://www.outsourceaccelerator.com/articles/average-salary...

https://www.statista.com/statistics/1048636/philippines-mont...

https://en.wikipedia.org/wiki/List_of_Asian_countries_by_ave...

That said, they could very easily have a data breach and every customers full info would then be out in the wild. Were not talking about ordinary payment details either, just full on dox - every address you have lived at, your license scan, all emails, phone numbers, its crazy. Id be willing to bet all these services are targeted quite alot as well because the people who would be willing to pay for this stuff are likely the ones with the most to lose.

I made a post lower in this thread but in general this entire model is flawed. Deletions should happen directly between your device and the service in question.

Also, its just as important to wipe the data YOU create as the data other people create about you. Just like databrokers, you can either do it manually or automated.

Check out https://redact.dev if you want to automate that part at least (I'm on the team)

I also dont trust those workers not to misuse or sell my information on the side because of the unfortunate financial situation they are in financially.

Its acutally a similar answer for why I dont pirate games or software. I dont want to support the behavior and I dont trust that something bad wont happen as a result (virus/malware/etc.)

Google yourself - See what shows up that shouldnt. Go through those sites and manually opt out. Its not too hard and you get the biggest offenders.

Yes, you can use a automated service to do this for you but I think its a really bad idea based on how most of them work.

First of all- Most of the big ones make use of extensive labor in thie phillipines and malaysia to manually type your data into opt out forms. They also have to make use of extensive proxy networks that I can only suspect are not always on the up and up. This is because the databrokers will block IP's from submitting more than a few opt outs per date. So you are supporting both shady practices for the proxys and third world labor thats semi exploited

Second of all- You are trusting yet another company with your data. When you sign up to one of these services, they obviously know everything about you. When one of these services inevitably has a data breach in the future, its going to be a disaster.

The reason that the big services have difficult with the biggest services that are listed in this article is because they: Use captchas, use cloudflare and do email confirmations. They also do things where they show you multiple pieces of data and you have to pick which one is yours, but some of the data is blurred and presented as a image. ( ie- Is this email yours? tee***@gmail.com )

So, what to do if you want to stay on this? Well- Im creating a solution with my team to do what all the big players should have done- Do the optouts from your own device. They of course want you to do it from their servers because its a nice zero friction experience where you just type your info in and they handle most stuff. But as we see, the biggest offenders for databrokers are NOT handled because they are tricky.

So, at our startup https://redact.dev we already built out a ton of tech for this, but targeting social media and messengers. We are now building all of that out for data brokers. And because its ran directly on your own machine there are a TON of advantages:

1: No limit to how often you can scan for new databroker leaks. Most of the players now limit you to once every 30-45 days

2: No limit to adding friends/family to scan/opt them out also.

3: No use of third partys to process your removals. This one is self explanatory. The deletions happen direclty between your device and the databroker- no third world workers involved.

4: Handles the 'hard to delete from' sites listed in the article. Our built in IMAP system can handle email confirmations no problem. Because its running from your own IP, you have no issues with getting blocked there either. Cloudflare/captchas are also no issue

5: Most importantly, you dont have to trust another company with your most personal information. All your data like address/names/phone stay on your device and are only sent to the sites you need to opt out from. Believe it or not, a bunch of these databroker remover sites will just bulk email a bunch of databrokers right now saying "hey, if joe smith @ 123 main street is in your DB, remove him!"

The big drawback is that you need to have a device open that can do the work for you. With other services you can just pay and shut off your PC or phone. You need to keep our solution open for 5 minutes while it does its work. I think thats a definitely good tradeoff for the security you get AND the fact that it instantly removes you from many of these sites. Alot of the players as I mentioned just do emails so it could take weeks or months before they remove you. If you use the databroker sites automated forms, it can be removed instantly or within days or hours.

If they do have a way to enforce 'authentic' devices, the only step after that for beeper to take will be to ask users to purchase the cheapest iphone that still works for imessage and to extract its serial/key/whatever to import into the android client.

Maybe I can simplify it for you with this question:

Does Google have the ability to legally compel you to only use chrome?

Im guessing you would say no- Antitrust and whatnot. So the next followup is, Does Google have the ability to tell blind people they cannot use screen readers? Or that people on linux cant browse the site in lynx?

Again, I am guessing the answer is no- Theres anti competitive, antitrust and 230c reasons why. Legally, ad blocking is fine to do. Heres a great article going over it : https://scholarlycommons.law.wlu.edu/cgi/viewcontent.cgi?art...

HOWEVER- I disagree with the premise that Youtube cant try to stop adblockers- They just need to do so in a way that doesnt target specifically target a user. Twitch did a system where they would not send the video stream to you until the advertisement was done playing (which was embedded in the feed itself)- So if you blocked the ad somehow, you would just look at a black screen for 15-30 seconds. This, in my opinion would be completely compliant.

Years ago, Skype was the de-facto solution for video calls and video meetings. There was no zoom, there was no google meet. Skype was so known for video chat that it was a verb. 'Skype me'

Skype absolutely and completely fell asleep at the wheel and wholesale abandoned the public market to Zoom, Discord and Google. Its not like it happened overnight either. Skype had the ability to respond to these guys but instead did almost nothing after a redesign to 'skype 8' in 2018.

I cant exclaim how astronomical a failure it is to go from being the defacto verb for video calls and instant messaging to not even having 5% of the end-user consumer market anymore. It would be like if people stopped using google for search, or youtube for videos. You dont get to say "Yeah well google got reworked into gsuite which has 300m users" - Its still a failure of biblical proportions.

They should have been capable of creating a enterprise product and keeping their consumer offering going.

--

Just to be clear, I understand teams is large and doing well. Its also a enterprise product and it has nothing to do with what im talking about above. Discord (~20b valuation) only exists because Skype did zero updates or innovation for years.

I dont disagree Mints revenue is not enough currently, but thats the issue. Mint has 3.6 million MAU. Maybe I need to be more explicit, but the value of a financial services user is high, not just in immediate revenue but also in referred revenue. Mint has never done a good job at pricing their product. Ive used it for 15 years and have never paid them a dollar. Thats a failure on their part, as I would have gladly paid monthly or yearly for the past 15 years. Even if I didnt, there were tons of products I would have IAP'd for that could have been seamlessly integrated into mint. Instead they seem entirely focused on trying to get me to sign up for credit cards or to switch bank accounts. What a lost opportunity.

As for the how much it costs to operate mint, thats true we dont know exactly what it is. But I am not a ostrich with my head in the sand. I can infer that the cost is going to be magnitudes less than the revenue it brings in, even in its current sad state. This isnt a chatgpt startup thats using insane resources on metal or developers to offer a product. Its a application suite that processes and coorelates data provided by plaid.com - Mint doesnt even do any of the heavy lifting anymore.