Woodrow Kiang

@Zinny_Edmund No, I insult the screen instead.

99% of debugging is staring at the screen like it insulted your family.

@DevanshuXi Delete Rust from the planet.

Okay, settling the debate. The only languages that now remain are. Typescript, Go, and Rust. That's it.

@r0ktech Looks like Hong Kong.

Finally.. The GitHub bathroom

@dramaricic There's a difference between Chanel making a lo-fi-like documentary of how their leathersmiths craft a bag, vs a misled leathersmith posting "lo-fi videos" of all the nasty process of how a bag is made. The former is calculated guerilla marketing, latter is business suicide.

Question for builders: Do you think building in public and sharing your product fails and bugs, can do more bad than good?

The bear case on AI is NOT that "AI doesn’t work". It clearly does. The bear case is this: Silicon Valley in recent years has an extremely poor record of understanding how humans actually use tech. In the past five years: Bitcoin as payments, NFTs as art, the metaverse, VR headsets. Every time the tech "worked". But mass adoption did not happen. In retrospect, it seems obvious that people wouldn't want to use bitcoin to buy stuff in the metaverse. But as recently as 2021 many people earnestly believed it. Here's the bigger problem. Bitcoin, metaverse etc were consumer products. Relatively simple. By contrast, a big part of AI is targeted at businesses. These are WAY more difficult to understand. Businesses are the aggregation of thousands of different people, all doing things that even people within the business don't understand. This makes prediction way more difficult. Then you get the question of whether AI adoption is actually profitable. Again, no one actually has a clue. So far companies are spending loads on AI inference. Costs are rising. But there are VERY few instances of companies seeing higher profits as a result of AI use. The notion that "once AI is good enough, profitable adoption at scale will follow" is a MASSIVE bet with trillions of dollars riding on it.

@aakashgupta That’s how I treat my toddlers when they toy with kid stuff. Some can’t succeed in corps because they give too much respect to people as grown-ups, the diligence to the tasks. At some point you’ve gotta accept your kids’ scribbles can only be as sophisticated as their age, right?

Chanel makes newly hired senior leaders sit silent for 90 days. No decisions. No fixes. No "here's how we did it at my last company." Just listening. The most rational onboarding policy in luxury, and almost nobody copies it. The instinct that got someone promoted is the same instinct that breaks them as a leader. They were the best at the job. They saw problems fast. They fixed them faster. That pattern recognition is what got noticed. Then they get the title. And every problem that crosses their desk now triggers the same instinct: I see it, I know the answer, I can solve this in an hour. So they do. And the people who report to them learn three things in the first month. Don't bring problems, bring solved problems. Don't think out loud, you'll get overruled. Don't develop judgment, the boss already has it. You've trained your team to be your hands. Six months later you wonder why nobody on the team has an original idea, why every decision still routes through you, why you're working 70-hour weeks doing the same job you had before plus a calendar full of 1:1s. The 90 days of silence at Chanel is a forcing function. You can't fix what you don't yet understand, and the act of waiting until you understand is the actual work. Most companies skip this step because the new hire's salary creates pressure to "show value" immediately. Chanel absorbs 90 days of zero output in exchange for a leader who actually leads instead of one who out-executes their team. The trade most managers refuse to make: short-term throughput for long-term capacity. Watching someone struggle toward an answer you already have, and choosing to let them find it themselves, is the entire job. Everything else is just being a senior IC with a bigger inbox.

@Carbarain22 @S_N_SH_E_ That's when you get fired rather than resigning, right? Here in Europe most of the time after you say resign they can't/won't 'fire' you.

@S_N_SH_E_ LOL I can assure you bro its even more bad in US tech companies. Laptop access locked before final termination. Not even a call, just an email that you are fired. Mass firing via zoom calls. Really nightmare fuel

When you resign US: All the best, buddy. Keep in touch. UK: Gives a warm goodbye. India: Access removed in 5 minutes. Treated like a traitor. Manager won’t even look at you.

@MakadiaHarsh In small companies where everyone is incentivised correctly, yes. In big corps, 100 employees doing creative and strategic human work means getting absolute mediocre result plus chaos.

The ROI of automation isn't in the software. It's in the 3 employees who finally have time to do the creative, strategic, human work they were hired for instead of drowning in tasks a machine should've owned years ago.

In my Swedish town there are so many pizza shops. They’re all doing fine. When I visited a Vietnamese smallish town last year, there was only one in town: it was always empty. Owner was a white guy who probably think the locals can’t make good pizza and he’ll monopolise the market. I asked a locals. They said not many people like just some cheese and stuff on bread.

Founders find competitors and panic. In my market research, finding competition is one of the best signals you can get. No competitors usually means no market, not a blue ocean. The question isn't "is anyone else doing this?" It's "why are they failing to do it well?" That gap is your opportunity.

@weswinder @safwanmalikkk And also, thread/async shit interacting with all of the CRDT/OT crap! I can talk about how hellish these stuff are for days.

Sync, offline, and collab. None of the open source stuff really works out of box unless the app is really minimalistic. ‘Modern’ CRDT only sounds good on paper, but very hard to scale (performance) in practice especially when things aren’t as ‘pure’ as the theorists make it look like (and AWS etc is so expensive). Traditional Operational Transform sucks much less in deployment and database perspective but you almost need some PhD mathematicians to get that right. I’m one myself, but still it’s mathematically tricky for me. Most extreme case I even needed math like ‘centralizer of a group’ etc to prove it right when I need to integrate OT with other existing ‘syncy’ systems. Implementing these stuff sucks so bad and AI aren’t helping neither.

why has nobody made open source notion?

Yes, Java is more secure than Node.js in all aspects. With Java, one department using another department’s libraries doesn’t mean giving out source code. You can guardrail code without data going through microservices, network and logs etc. In JS, a vulnerability can spread easily, say, one prototype pollution is enough to compromise the whole system by chaining more. JVM isolates the impact of most compromises because other classes’ private stuff can’t be touched without reflection (and there’s no dynamic import so hackers are stuck with toying with the business logic of that one compromises class). In JS, limiting the scope of RCE is done at OS/docker level; most companies have gigantic mess of unmanageable deployments nowadays. With Java, bytecode can be run sandboxed with clarity of what an RCE can compromise at most. Even if there’s no sandbox, Node.js libs often link to C libs. Most application devs have absolutely no idea what those C compiler flags mean, let alone knowing what the default is for the one in a docker apt-get or something. One accidental -fast-math flag, you’re done. Fortran is even worse and wide spread. Java doesn’t tend to contain such dangerous things to begin with. Say you have a Linux Docker and a math library from an rpm uses OpenBLAS, then one uses OpenMP with Fortran. Then a third that uses the previous two. Now OpenBLAS isn’t thread safe by default unless compiled with specific flags and run in specific env variables: is your application thread-safe? Nobody knows; I’ve personally seen such problem in CentOS. In Java, all your libraries tend to be Java so you’re much safer. In JS, supply chain attack vector is the default. Not so in Java. JS libraries may have better defaults when it comes to web stuff like CSRF and XSS, while Java’s XML culture can be less secure by default. But the web-facing part is never fool-proof anyway. In fintech, having devs who won’t litter code with basic CSRF and IDOR etc is table stakes. But all the other stuff I mentioned aren’t things that everyone usually think about daily.

Way too much research has shown that corporate executives are extremely irrationally risk-averse. Some blame politics and bad incentives, etc. I say only the risk-averse types stick around for a decade and actually make it to executive level.

@shl Before only engineers can f*ck it up (in a semi-professional way). Now everyone can…

Before, only engineers could contribute to a codebase Now, everyone can

@itsankitakar That’s a bit pessimistic isn’t it? A poor person can still code by hand. Time to market usually isn’t why people fail, especially when it comes to the solo type who can’t afford the tokens.

AI was supposed to remove the barriers to building. Honestly, it just moved them. Before : you needed skills and time. Now : you need credits, subscriptions, and token limits. Same game, different rules. It’s no longer “Can you build this?” It’s “Can you afford to keep going?” That’s the real constraint now.

@koustubh018 @Anas_founder Exactly this. Many first timers tend to expect that revenue will come in a few months if done right. Typically a couple months is only enough for Google to understand that you’re a legit business.

@Anas_founder losing the patience over initial setbacks and not doing distribution properly if there's product market fit...

Which one kills most startups? -no demand -poor marketing

As a founder, if all your code is Uncle-bob clean, you’re most likely prioritising the wrong thing.

US Bipartisan “Parents Decide Act” (H.R. 8250) demands all OSes to implement parental controls at setup—imagine a world where government can force my text mode server FreeBSD to phone home my birthday. Also the state has the power to stop anyone who wants to upload their indie DIY OS for others to play with just for fun unless there’s age verification. What a time we’re living in. congress.gov/bill/119th-con…