write.as devlog

from the engineering team

When you realize you're unqualified to tackle a problem, that's a great cue that you shouldn't tackle the problem. Instead, immediately look around you at all the other problems you know of that you're qualified to tackle. Find the rivers flowing down the mountain instead of the path that only goes higher.

Potentially rejuvenating LunchTable, now that it might have a purpose — an educational one, no less.

The second user I've heard of that's using Write.as for a class messaged me tonight about an unrelated issue, then asked if there was a way they could have others in the class comment on things that people write. I couldn't think of anything that would be a good instant solution, until I did: of course! LunchTable!

So I'm sketching out some plans right now. Would rewrite in Go, of course.

  • Probably make it open source
  • Directly integrate with Write.as (e.g. lunchtable.io/matt/anonymity)
    • Allow closing / archiving conversations, manually or by time limit
    • Open this feature to Pro Write.as users
  • Charge to create your own reserved URL integration

Anyway this has me really excited tonight.

Week started out with me seeing a Wired article about txt.fyi. I reached out to the writer and mentioned Write.as, he said he liked it, tweeted it out himself. This started because on the drive back from Tampa last weekend I decided I need to start spending more time talking to people if I'm going to achieve my personal and Write.as-related goals.

That situation going well just encouraged more that week — mostly jumping into Mastodon and Twitter conversations here and there, being helpful with some things, not asking for anything. Just getting myself out there.

On Tuesday I somehow discovered that a ton of posts with “live stream sports” links were coming in from a small group of IP addresses in the Ukraine. I blocked these IPs then went to bed. The next morning a huge flood of them came in and I spent a few hours looking for patterns (the IPs were now all over the place) and eventually added them to the spam filtering. I added filtering on our intermediary reporting server so my mail inbox wouldn't flood, and carried on with the day.

On Thursday they were mixing things up, not using that telltale phrase but still using links. All languages on posts were uk. Blocked some of these.

Interesting side-note: just found this site: http://www.workgit.co.uk/ in analytics. And it's funny because I was thinking I should try to get a job with whoever does this kind of stuff, to figure out how they work.

It is insanely hard for engineers to stop extending a design to cover more potential problems. They argue, “what if someone wants to do X?” but never ask themselves, “what is the real value of solving X?”

From “How to Design Perfect (Software) Products” — a reminder I needed.

  • Embedding YouTube videos. Why do we need to embed videos in blog posts when a simple link will do? I usually find myself clicking links to watch videos. I'll leave this feature out of the open source version.

Things almost solved

  • Hidden blog posts. This would've allowed users to create a blog post that was hidden from the blog index, so they could create a full site without listing everything on the home page. I didn't get to it in time and the customer eventually stopped paying.

I opened up some paid features to everyone for NaNoWriMo, including the option to get an extra free blog for the month. I made this by-request-only, so 1) it wouldn't be abused and 2) I wouldn't have to do much work to make it seamless to users. But so much code is tied to hard limits that lay tied to unchanging rules, i.e. subscription status.

Enabling the option to have just 2 blogs instead of 1 when a user isn't a paying customer but some other condition is true (like an entry in a new database table) has meant changing template files, backend code, and changing where the logic for the paywall lies (logic that been implemented on several levels of code, and fairly inconsistently).

Really, just adding it to the list of things to refactor — a stage I'm at now, especially with how much I've been thinking forward to open sourcing the platform.

I'm considering publishing information about posts I publicly remove from Write.as. This is really preemptive, and won't apply to many people, but might help people understand how we work. It's the not applying to many people that's leading to my indecision at the moment.

https://lumendatabase.org/notices/13860501

Today I saw a new user account created titled fifa18fixes. Remembering the influx of malware posts we saw back in March, I knew I'd have to check on them later once they'd started posting. However, they raised flags immediately as I soon got an automated email with the subject Spam post blocked. I set these emails up a while ago to send me the entire content of the post when a user encounters our Y u no write your feelings? spam page (and their post is never published). This way I can restore their work if needed and make sure the filter isn't too strict.

I kept an eye on the logs and eventually noticed a post went through for them. I checked the API to see what they'd posted, and saw they were simply explaining how to download and install a patch (without any link to the patch). The language was ru, despite being written in English.

The spam filter currently doesn't actually run on post edits, only on initial publishing — something they must've discovered as they tried various posts to get things working. Eventually they logged out, and I saw there was now a link in the two blog posts that went through.

I added the username to our list of hellbanned users.

Today we got our first bit of ISIS content on Write.as, mentioned in a tweet and by a user:

Hello, Please find à link to a ISIS content : https://write.as/pad/vtuc4x14hod8v Please can you remove it?

At first I thought it was odd, because checking the API, it showed the post only had one view. But then I saw people had been sending around this /pad/ URL, which wouldn't have increased the view count.

That way of sharing also complicates our existing ban functionality. As it stands, banned posts just show a Post not found page at their standard shareable URL, but are still accessible in the Pad, so that people don't lose work if they've been wrongly flagged. Even if I ban this post, since it's being shared by its edit URL, people won't notice a difference. I'll probably need to start checking for a valid edit_token on posts before showing them in the editor. But I also like the idea of people being able to edit others' posts locally — that'll serve as the basis for Draft.as.

Made good progress on the macOS desktop app, and started writing out the App Store page. Really not excited about giving Apple money from the sales, but at least I won't have to build anything new to take payments, and ideally the App Store will provide some more traffic.

After looking into comparable apps like iA Writer, I've decided to price the app at $7.99, and am sharing some keyboard shortcuts so it's easy for people to jump over the Write.as. I just need to figure out how I'm going to make it useful for doing more than publishing to Write.as; I know people are going to expect that it can open and save files like a normal text editor since it'll be a full desktop app that they paid for.

But for a lot of today I found myself getting really excited about the prospect of launching this app. Ever since I started doing real programming I've always wanted to make standalone, distributable software. And the potential to add it as a revenue stream, as well, is all the better.


Now I'm sitting down to tackle a minor backlog of user issues after traveling to DC over the weekend. There were actually a lot of customers on the product over the weekend. And still crazy amounts of activity during the week — consistently over 150 posts / day after it blew up a bit in Saudi Arabia the other week.

Tasks for tonight:

  • Renew Snap.as SSL certificate (using Let's Encrypt on Google Cloud Engine)
  • Respond to emails
  • Respond to sticker requests

And for bonus points, knock out post metadata editing, since customers have been asking for it for a while.

Desktop apps.

I took another stab at the native macOS app I started building a few months ago. I got rid of NSTextView's default behaviors I didn't like, set up the application menu, and added in night view.

the beginnings of a macOS app

Then the battery died (I always leave the charger at the office), so I switched computers and went ahead and built out an interface in Glade, to serve as the basis for a Linux app. I like designing the experience for native apps because each platform is unique. Desktop is my favorite, because unlike mobile where you have to put everything on the screen (or hide it in obscure gestures), you get the menu bar and keyboard shortcuts. These things combined mean a less cluttered interface and a great experience, especially as you get more powerful with the shortcuts.


I got a live chat message later (have I mentioned this was a great addition to the site?) with someone asking if we supported pages and removing the write.as branding at the bottom of every blog. I mentioned we support pages on Pro and I can manually remove the branding (it's hard-coded in the app for certain users [sadface]) — especially if they're upgrading to Pro.

So they did, and we ran into a few things that needed to change to accommodate what they wanted to. One was support for YouTube videos. There's no easy way to do this with Markdown and I didn't want to add another button to the UI. So I whitelisted iframes that include a YouTube embed URL only (all other iframes won't show up), and was pleased with the solution.

I also noticed some issues with pinned post navigation for logged in users who have blogs on custom domains. Testing is harder and I hardly have played around with it, so this was a good opportunity to get things right, and I fixed it in real-time for the user.

They also put us to exactly 50 subscribed customers! We're at $83 MRR now, which is laughable for people like the acquisition guy, but I'm damn pleased with it. Considering that number was at $5 last July and we've consistently grown almost every month, yeah. Why does everything need to be hypergrowth? Why extract as much money as possible from every passerby? Why can't you move deliberately and avoid breaking things? Fuck the haters. Most people don't care to put this much effort and detail into something, much less do it all on their own, much less do it for no money or fame. Why not be different? That's what makes the product great.

Oh yeah, and I DMed the TechCrunch dude last night but didn't hear back today. shrug