On Friday the 17th, I attended my first Startup Weekend.
Startup Weekend is a 54-hour event that has founders pitch their ideas, find people to help work on them, and launch their idea into the marketplace. At the end of the weekend, the startup is pitched to a panel of judges with extensive experience.
I was originally going to just find a pitched idea that appealed to me and could make use of my tech knowledge. I’ve built simple web apps before, and have some knowledge of a lot of useful tools that can quickly launch a prototype.
I ended up pitching an idea. I wanted to start a service where small or medium businesses can get a suite of useful off-the-shelf products to launch their businesses (or even revamp them) safely. From what I understand, many of these businesses don’t have dedicated IT staff, nor have the resources to hire someone to constantly check the security of their systems.
Me pitching my idea
This leads to unpatched systems, weak passwords, and poor security practices. This is why WannaCry was so successful. Ransomware is wreaking havoc on small businesses especially because most business owners have no idea on how to protect themselves. Many of their systems use the default configurations, making them easy targets. By selling a suite of services, perhaps as a subscription SaaS product, best practice can be automatically applied to each service. There could be a quick onboarding process where they pick a few systems (website, e-commerce, database, payroll, etc.), and have them automatically configured for use.
By having a single login (which would be enforced with a strong password policy) and using randomly generated passwords for each service, the effect of a single service failing will (ideally) have little effect on the other services. Of course, the single login failing will wreak havoc on a business. But this is the same as a password manager.
But no-one wanted to work on my idea. I got a lot of votes for my idea, but converting those votes into people who wanted to work on it with me failed.
So I decided to work on a venue-finder for quiet spots. Originally, the idea was to create a service that would allow introverts to find quiet venues and extroverts to find lively venues. Over the weekend, the fine points of that idea changed numerous times.
I worked on the tech side (which I’ll be focusing on; the other elements of a startup scare and confuse me). I created a simple web scraper using the populartimes Python library to pull historic venue popularity data from venues in a small geographic area. I ended up with information from 159 bars, cafes, restaurants, and nightclubs. This info included the name, address, rating, and historic popularity for each hour of the day during the week.
The scraper:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
import populartimes, json # Google Places API key API_KEY = 'GetYourOwnApiKeyYouBoob' # Types of venues to search for TYPES = ["bar", "cafe", "night_club", "restaurant"] # Lower lat/long bound of area to search LOWER_BOUND = (-27.461099, 153.026582) # SW corner # Upper lat/long bound of area to search UPPER_BOUND = (-27.449799, 153.045914) # NE corner # Output file OUTPUT_FILE = 'venues.json' # Get info on venues in area try: query = populartimes.get(API_KEY, TYPES, LOWER_BOUND, UPPER_BOUND) except Exception as e: print("Error: "+e) exit() # Number of venues found venues_number = len(query) # Write info to file if venues_number > 0: print("Found "+str(venues_number)+" venues") output_file = open(OUTPUT_FILE, 'w') # Dump as JSON with formatting json.dump(query, output_file, indent=4, sort_keys=True) else: print("No venues found") |
An example of the data that’s scraped:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 |
{ "address": "Ann St, Fortitude Valley QLD 4006, Australia", "coordinates": { "lat": -27.459063, "lng": 153.03399 }, "id": "ChIJl07dlvNZkWsRgiNEvGDhS6k", "international_phone_number": "+61 7 3252 8872", "name": "Golden Palace Chinese Restaurant", "populartimes": [ { "data": [ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 12, 28, 33, 22, 0, 0, 7, 12, 14, 8, 3, 0, 0 ], "name": "Monday" }, { "data": [ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 12, 22, 19, 8, 0, 0, 10, 14, 14, 10, 8, 0, 0 ], "name": "Tuesday" }, { "data": [ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 12, 28, 24, 8, 0, 0, 3, 10, 12, 5, 3, 0, 0 ], "name": "Wednesday" }, { "data": [ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 10, 17, 10, 3, 0, 0, 10, 12, 7, 3, 0, 0, 0 ], "name": "Thursday" }, { "data": [ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 15, 24, 19, 7, 0, 0, 17, 24, 28, 26, 19, 12, 0 ], "name": "Friday" }, { "data": [ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 8, 24, 38, 29, 12, 0, 0, 19, 28, 28, 22, 17, 10, 0 ], "name": "Saturday" }, { "data": [ 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 40, 87, 100, 57, 17, 0, 0, 7, 12, 14, 8, 3, 0, 0 ], "name": "Sunday" } ], "rating": 3.0, "rating_n": 55, "searchterm": "Golden Palace Chinese Restaurant Ann St, Fortitude Valley QLD 4006, Australia", "types": [ "restaurant", "food", "point_of_interest", "establishment" ] } |
Using this data, I adapted a Google Map service I had already built for my work to display this information graphically. Each venue was a colour-coded pin based on the average popularity during business hours. A user could filter by quiet, semi-popular, and popular (based on figures I pulled out of my ass). I should really set up a public repo with all of the code I used. Maybe.
Using the Google Maps JavaScript API, in my opinion, was a nightmare. It’s an asynchronous clusterfuck. When I originally built the map for work, it took me tens of hours before it finally clicked how callback functions worked. When you go to code it, you end up with layers upon layers of callback functions. It disgusts me. I ended up signing up for the Google Cloud $300 trial to run it, simply because I hit the 1,000 request daily cap testing my scraper. So now I’ve got access to a cloud server for 12 months. Might come in handy.
Our startup didn’t get much traction because we pivoted (changed direction with what our startup wanted to do) too many times before we could effectively start advertising. However, our pitch was quite solid. It was a great experience and I learnt alot.
Anyway, maybe I’ll have my home lab set up sometime this week (there’ll be a blog on that) and hopefully christen it with a CTF (there’ll be another blog on that).