Stuck on ‘Waiting For Image’ on Anydesk
As teamviewer has incessentaly complained that I am using their product for commercial usage I have now been forced to switch to another VNC application. Anydesk has been great except for connecting to a computer that does not have a monitor. When you do so you’ll find that after you try to connect you will be stuck on a screen that says ‘Waiting For Image’. The way around this is to click on the keyboard button -> ‘Ctrl + Alt + Delete’. Then once that shows up click cancel. The screen will be frozen again. Now click on the ‘Adapt Resolution’ button under the button that looks like a monitor. Everything should start working again.
To avoid this un-necessary clicking you can buy a dummy plug on amazon.
July 19, 2022
Subdomain Enumeration For Profit
I was inspired by this post: https://www.reddit.com/r/wallstreetbets/comments/p50n5p/amzn_is_up_to_something_with_afrm_obsessive_dd/
The TLDR was that people on the internet noticed that Amazon was going to implement Affirm, a pay later company, into their platform. The interesting part is that they figured it out before it was publicly announced.
Realizing that large companies have a large digital footprint it was likely that something like this will happen again. One avenue that I had not seen other people investigae was subdomains. The thought process is that companies will put developer functionatly or potential announcements on a subdomain.
Subdomain enumeration is the process of finding subdomains for a website. Unfortunaly most subdomains are not publicly availabe (unless the DNS server exposes a full DNS zone). Some would suggest using brute force, others say you can try to crawl links or searh engines to find new subdomains. I went with Anubis https://github.com/jonluca/Anubis. Anubis basically combines a whole bunch of methods.
Using bash and zapier I built something that would send me a text message whenever a new subdomain was found.
I started off with the sites: robinhood.com, amazon.com, opensea.com, coinbase.com
Bash Script
#!/bin/bash
# run the command
SITE="amazon.com"
file1="amazon.txt"
sqlite3 amazon.db "create table n (id INTEGER PRIMARY KEY,subdomain TEXT);"
while [ 1 ]; do
echo Scraping
anubis -tS amazon.com -o "$file1" # S for silent
# get rid of last line (says how long it took to complete)
sed -i '$ d' "$file1"
# get rid of top 24 line (boiler plate from anubis)
sed -i 1,24d "$file1"
sort -o "$file1"{,} # sort inline
echo "-----"
cat "$file1"
echo "-----"
while IFS= read -r line; do
printf '%s\n' "$line"
select_output=$(sqlite3 amazon.db "select * from n where subdomain='$line'")
if [ -z "$select_output" ]
then
curl -X POST -H 'http_location: amazon' --data $line https://hooks.zapier.com/hooks/catch/467498/b11111
sqlite3 amazon.db "insert into n (subdomain) values ('$line');"
else
echo "already existrs"
fi
done < "$file1"
done
July 5, 2022
How To Keep Your Project Secure When Hiring a New Remote Developer
As someone who has hired probably around 50 developers, I’d like to think that I have a good handle on the do’s and dont’s. Sometimes things go great and sometimes they don’t. There is a mountain of advice I could give like hire slow and fire fast or good communication is just as important as technical skill, etc. This post is more technical and for the people who are nervous about bringing someone onto an existing project.
For this post to make sense I am assuming that you know how to use Git or some other version control system.
My first piece of advice: Do not worry. Almost nobody is interested in stealing your precious project.
Have a contract. The cost of actually pursuing a broken contract against a person overseas is almost always greater than the benefit but sometimes it will make your RD (remote developer) think twice about their actions. Same with a NDA. Almost always not worth the headache unless they live in the same country as you.
Remove all secrets and hardcoded links. Anything that you need should be changed to an environment variable.
Reset your Git commits or create a new repo (Optional) - I have been guilty of hardcoding things when I start a new project so getting rid of all commits or just moving the project into a new one and starting a new git is an easy fix
Have staging. Ideally you should have a test staging environment and a production environment. RD should not have access to production environment and all their commits and pushes should go to the testing stage. Don’t have a staging environment? At the minimum you should make it so that RD can’t push to production.
Segregate your work if possible. I’ve started to use multiple Github repositories for different aspects of the same project. One for frontend and associated logic and one for backend. This works great for micro-service type architecture. Hiring a frontend RD? Only give them access to the frontend repository.
Define Permissions. You can both set permissions on a repository and on certain branches! Use this to your advantage.
June 15, 2022
How to come up with Good Ideas for a Business
Are you a first time entrepreneur? Never started a project before? Don’t bother reading the rest of this post. Spend 30-60 minutes thinking about something that bothers you and come up with a way to fix it. Congratulations, you came up with your first business. Is it a good business? Who knows. It doesn’t matter because the skills you learn are infinitely more valuable than whatever oyur idea was. whatever your idea was.
Dedicate time: Coming up with good ideas is a skill. It takes time and practice. You should set aside, 1-2 hours, once a month and just think. Have a piece of paper, notepad, whatever in front of you, but no phone or distractions. At the end, copy whatever you have into a journal.
Set the Scope: What kind of idea are you trying to come up with? Are you trying to build passive income, 10k MRR or a billion dollar company? These are the questions you need to be asking yourself. If you are trying to build a billion dollar company then whatever you are thinking of should be 10x better than anything else that exists out there. If you are trying to build a 10k MRR project that is good too, but realize the scope of your idea. It helps to stay motivated when you have realistic expectations. Don’t be one of those people who thinks they are going to be a billionaire off their next online form builder.
Inspiration: Should come from within. It is easy to be excited about an idea, but unless it is solving a daily pain or something you can connect deeply with, than its hard to keep the motivation. Having background knowledge about the domain of the idea is nice, but not a must have. I would argue that sometimes not having domain knowledge is an advantage.
Validation: You can write an entire book on how to validate your ideas. I will definitely have a post or two about how to do that in the future.
May 22, 2022
Update on Predict My Step Score for Step 1
It seems that Step 1 has switched to pass/fail and NBME practice tests give out a percentage that tells you whether you are going to pass or not. With these changes I feel that there really isn’t much utility to the Step 1 Score Predictor on PMSS. I don’t see why anyone would use the site when the NBME practice test pretty much tells you the same thing?
Feel free to let me know if you think otherwise but I have a feeling I’m just gonna shut down that part of the predictor.
April 27, 2022
My current setup and workflow
I’ve seen posts like these before and thought it would be cool to post my own. Spring Inventory Taking
Health:
- Sleep/HR Tracker: Oura Ring Gen 3 - Pretty accurate sleep tracker. Not a great HR tracker as it only takes HR at certain intervals
- Posture Sensor: Upright Go 2 - Works great as advertised. If you have sensitive skin get the necklace. I suspect after a year of continuous use that you probably won’t need it anymore
- Mouth Tape: Vio2 - Not necessary to sleep but there is an obvious improvement in my sleep when I use these and Oura can recognize it
- Floss: Dr. Tungs Smart Floss - PFAS & PBA free and gets gunk better than normal floss
- Toothpaste: Sensodyne - I have sensitive teeth
Workflow
- Personal Reminders: GoodTask - Worth every penny. Use it every day
- Goal Setting: Mind Node
- Net Worth Tracker: Personal Capital - They call a lot but ui is very simple. Exactly what I need it to be
- Budget & Expense Tracking: Airtable
- Note Taking: Evernote - Stuck on this too much to switch to notion
- Bookmarks: Safari Reading List - Gets the job done
Desktops
- Desktop 1
- CPU: Ryzen 3700x
- CPU Water Block: EK-Supremacy Classic RGB, Nickel/Plexi
- Storage: NVMe.M2 500gb SSD
- Ram: 16gb gskill
- Sound Card: Sound Blaster Audigy Fx
- Motherboard: B450 Tomohawk Max II
- GPU:
- RTX 3090
- EK Waterblock + Backplate
- GTX 2070S
- Keyboard: Coolermaster SK621
- Mouse: Logitech G502 Wireless
- Mousepad: Icemat I-2 (Pink)
- Monitor: 34GK950G-B
- PSU: SeaSonic X-1250XM2 ATX12V 80+ GOLD Certified Full Modular
- Case: Phanteks Enthoo Primo
- Desktop 2
- CPU: Intel I5-2500K
- GPU:
- MSI GEFORCE GTX 1080 TI ARMOR 11G OC
- GTX 1070
- Storage:
- 1TB hitachi 7200 RPM 32mb Cache
- Samsung SSD 850 EVO
- Ram: Patriot G Series Sector 8 GB (24gb) 2 for 16 GB total
- Motherboard: MSI P67AGD55_B3
- Cannot upgrade bios because the new bios only support ivy bridge and not sandy bridge
- PSU: Corsair 750W (Non-modular)
- Monitor: LG 34UM95C
- Mouse: Logitech G502 Wired
- Keyboard: Satisfaction 75 R2 + Box Navy Switches
- Mousepad: Icemat I-1
Laptops
- Microsoft Surface Pro 6
- Macbook Pro 15 inch 2018 with eGPU setup
- Mouse:
- G502 Wireless (Home)
- G903 Wireless (Traveling)
- Mousepad: Icemat I-2
- Monitor: LG 34GP83A-B
- Webcam: Logitech C922X
- GPU: AMD Radeon 5700 XT
- eGPU Connector: R43SG-TB3
- Keyboard: Rosewill Mechanical Keyboard + MX Blue
Phone
- Iphone - Upgrade about every 3-4 years
April 26, 2022
Subscribe to my newsletter to get notified of new posts