Week 10 has come and gone, and this one has been a bit hectic but in a generally positive way. I'll be relocating to Da Nang (Vietnam) tomorrow, experienced the second cyber attack of the journey so far, and have branched out to different social media platforms in an effort to be seen in the dopamine fueled attention economy we find ourselves in. This all has business implications, which yield what I hope to be valuable lessons, especially if you're thinking about pursuing the startup journey yourself.
Starting off with the second cyber attack of the year; some spam/automation script in the USA/Nigeria has found my newsletter signup page and is subscribing with email addresses taken from historic data breaches . Starting at around midnight on the 18th and approximately every 45 minutes after, new subscribers started appearing with very old domains (aol.com, msn.com, etc) which was unexpected. I updated the page in the morning to include a new trick which should have killed any simple (beginner hacker) script submitting these addresses, but by lunch time on the 19th they'd started up again.
This was noteworthy because it meant that whoever the attacker was, they were using something a little more advanced than a simple script, which meant stronger countermeasures were needed. The reason behind this type of attack is fairly straightforward; email infrastructure is all about reputation. By subscribing using stolen email addresses, my system would automatically send out a confirmation email. If this email goes unopened or is reported as spam, the reputation of oliver@ojscholten.com drops, which means future emails to other (legitimate) recipients might be falsely marked as spam . This reputation drop can affect multiple email providers (like gmail, yahoo, etc) since they may share blacklists and reputation trackers, so it can be very damaging especially for a small scale newsletter like this one. Additionally, these emails can fill up the inboxes of the recipients when done en-masse, leading to a denial of email service attack which is not something I want to be a part of!
Fortunately this attacker wasn't that committed to silencing this newsletter, and so with some searching and some typing we now have what I would describe in non-technical terms as a knee-high fence guarding this sacred domain. I hope I don't need to build a 12ft thick concrete rampart, but rest assured I will do whatever is needed to continue bringing you interesting and informative episodes.
In other news, if you follow me on LinkedIn you'll be aware that I'm delving back in to the highly questionable internet mosh pit that is X (formerly Twitter). I feel like I need to state that whilst I'm not exactly in-tune with American politics, I don't share or endorse the views of the platform's owner. It's simply the place where informal technical and business communication seems to be happening, and so it's just another storefront I can build in order to spread my message of peace (Arch Linux supremacy) and data abundance.
You may be wondering why such increased outreach is needed, after all subscribers of this newsletter include senior engineers in most hedge funds in London, plus senior managment and non-technical experts in several trading firms 👀. If you're reading this and we haven't yet spoken about working together, it's because I feel my technical offering is not yet at the calibre needed to meet the demands of clients at this level. For example, can I build and maintain low-latency data pipelines, absolutely, but do I have experience doing so on custom infrastructure and the tooling and alerting needed to quickly identify and mitigate incidents; not yet*.
The question then is how can I reliably find smaller scale customers who may be more forgiving of technical blips and (the possibility of) slower deliveries. To which the answer is probably just that I need to know more people in different industries, and the easiest way to do that is to have some sort of social media presence. Anyway, as the title of this section implies, starting out on the quest to gain a following on any social media platform will inevitably include some cringe. Things like 'great point, what were your key takeaways?' or 'going to use this in my next AI project' are posts I'm trying to avoid, but apologies in advance if you start seeing some of my freshest hot takes out there, it's all part of the game.
The final thing I wanted to mention from this week has been the creation of a simple payment gateway for OJS Group. In plain english this means a way to tie someone's subscription or one-off payment to my internal systems, so that I can grant/revoke access to my services. I've used Stripe so far (not sponsored) and it's been pretty good. If you're thinking of setting up some sort of online store or service then please let me know as I have some links which will save you time.
This type of payment gateway isn't essential to getting paying customers, but it's definitely much easier than sending/chasing invoices and tracking everything yourself, which is why I've opted to take this route. Also, going back to the earlier episode about engineering for acquisition, custom payment processing is a bit of an orange flag if I understand venture capitalists correctly. After all, many businesses have thousands to millions in unpaid invoices messing up their tax and accounting, this route completely negates that possibility.
That's all for this week. If you're reading this on Wednesday, Thursday, or Friday, then I'll be in-flight somewhere over the Mediterranean or Indian Ocean, and if you're reading this on Saturday then I'll be on the beach cooking up the next episode; which will be about something interesting and engaging, which you, your partners, your colleauges, and your neighbours definitely won't want to miss. Hope you have a great week!
Thanks and all the best,
Oliver
*As soon as I do, we can talk about contracts over a lobster dinner somewhere
Previous Episode: France In Review