Hung Truong: The Blog!

An Important Announcement About My Employment Status (And T-Shirts)

If you know me or if you read my blog, you know that I have been a huge fan of Threadless since I first found out about it in 2005. For a while, Threadless was pretty much the only thing I wrote about on this blog.

Last year, I developed an unofficial mobile app for browsing and sharing cool Threadless designs on the iPhone and iPad. This caught the attention of Threadless and I got to visit their sweet office!

I had the chance to visit again for the Threadless Family Reunion and an interview of sorts, and I was offered a job! I am happy to announce that I will join Threadless at the beginning of October.

I am really looking forward to making Threadless even more awesome (and now from the inside as opposed to hacking together an API for myself)!

Photo Hack Day NYC 2011 And My Hack: AllPaper

This past weekend I participated in my first NYC hackathon. The New York Hackathon is a mythical beast. They’ve been written about quite extensively, but you really need to just show up to one to know what it’s all about.

This particular hackathon (Photo Hack Day) was organized by Aviary, with sponsorships by Bing, Pepsi, PBR and others. There was plenty of food so that hackers didn’t have an excuse to leave, ever. I still ended up going home to get some sleep on Saturday night before the demo on Sunday.

I really think I picked a good first hackathon to attend, as the prizes were pretty insane. First place got $5000 and the cash prizes for second and third place were quite good as well. On top of those, there were prizes for best use of certain APIs. Face.com’s API stood out as a popular one; 500px had quite a few users as well.

I ended up working on a project I had wanted to build for a while: a custom collage creator for your iPhone wallpaper. I called it “AllPaper.” It seemed pretty catchy and I don’t think there’s a product with that name yet. I integrated Instagram into it first, then threw support for 500px, PicPlz and Facebook before calling it a hack. I also integrated the Sincerely Ship Library which lets you turn your collage into a real postcard. I’m really looking forward to trying that out!

Overall I’m pretty happy with how the hack turned out. I can probably turn it into a real app fairly easily with some tweaking here and there. As this was my first hackathon, I noticed a few interesting things about the top hacks. There was some grumbling about how many of them seemed “hardcoded.” I wonder if presentation really counts more than actual hack-worthiness these days. You could spend your time actually coding something, or you could create the facade of something that looks even better, but is not really that worthy of being called a “hack.” It seems that the presentation wins over the true hack-worthiness, as one of the cooler ones, a jailbroken iPhone that took MMS messages and uploaded them to a web service, won nothing.

Coming away empty-handed was a little damaging to the ego, especially after winning something in my last hackathon, but my ego’s not too bruised. I hate to sound like I’m complaining! Almost all of the presentations were well done, and the winners certainly did deserve to win. I’m hoping to participate in something similar again soon, as the atmosphere was really enjoyable.

Summer Update: Bebarang Launch!

It’s been a while since I’ve posted on my blog; I’ve been super busy with my startup! We finally ended up launching the latest iteration of the site, Bebarang, last week. It’s currently by no means perfect, but what site is?

We “pivoted” from a subscription model to a one time use model. Whether this will work remains to be seen, but we’re definitely learning a lot. If you are a parent or know a parent, please forward the site around and let me know what you think about the concept and the product!

Also, New York is finally cooling down a bit after a crazy hot summer. It’s starting to get really beautiful outside. Maybe we can start working in the park once we’re kicked out of our workspace at NYU…

Thoughts on Spotify

I was lucky enough to get an early invite to Spotify last week thanks to my high Klout score (I honestly think anyone with a pulse got an invite) and I’ve been playing around with it for a few days. Here’s my thoughts on the service thus far.

One thing I’ve noticed is that I’m using Spotify for listening to stuff that I don’t already have in my library. This is sort of weird because I recently switched to an SSD and none of my music is actually in my library. Yet I use Spotify for listening to stuff that’s not on my external hard drive (which I almost never have plugged in). I think this behavior might be due to the fact that Spotify is making me a fat kid in a candy store (but for music). I want to keep searching to test Spotify’s limits and see how much music it really has. So far it’s been doing really well.

Specifically, I have been using Spotify mostly to listen to music that was popular when I was in middle school (this was like, 14 years ago). This music is stuff that I’m either too embarrassed to have on my hard drive, or I simply never had. Yet it’s totally great for nostalgia’s sake. I’ve been listening to No Doubt, Toni Braxton, Weezer, Mariah Carey, etc. Stuff that brings me back to that era. It’s pretty cool.

One workflow that Spotify has replaced for me is the awkward one of going to YouTube and looking for a video of a song I want to hear. I don’t know how many times I’ve had to go to YouTube and searched for something like “Head Over Heels” by Tears For Fears just to listen to a song (it’s just a static image of the album cover). It’s much, much quicker just to search in Spotify and get super instant gratification.

Comparisons to the new hot startup, Turntable, are pretty much impossible to avoid. Turntable is really fun for interacting with people (and music discovery), but sometimes you just want to listen to what you want to listen to (and not wait for other DJs before your song comes on). I think the two services have very different use cases, and each works well for its intended use.

One thing Spotify could work on is music discovery. It’s kind of ridiculous the only music it pushes are the top albums, artists and songs. All the stuff on this list are top 20 bullshit that I really have no interest in listening to (just ignore the top 20 “bullshit” from the 90’s that I just admitted to listening to). In this day and age, it’s ridiculous for a music service to not include some kind of recommendation engine or radio feature. Browsing music on the service by genre, year or anything besides search is impossible. In terms of features, Spotify is actually kind of disappointing.

Despite the obvious shortcomings, I have a lot of high hopes for Spotify. It’s a really nice example of how consumers can enjoy getting stuff from “the cloud” without making it too complicated. I hope that it continues to improve, especially in the music discovery and browsing categories.

Banana Republic (and Gap, etc.) Stores Passwords in Plain Text

I was sitting on the subway when I got a random email from Banana Republic that contained my password in plain text. Besides the fact that I hadn’t requested it (lots of Hung Truongs think that they’re me @ gmail), I was surprised because any company that even slightly values security does not store passwords in plain text. It is quite jarring to see a password show up on my iPhone’s home screen. Here’s the email in case anyone needs proof:

The fact that BR stores passwords in plain text means that they’re probably a very nice target for a quick hack (and if they’ve got bad practices in password storage, they probably have holes elsewhere as well). Unlike the Gawker password leak, which had hashed passwords (though they could still be eventually brute-forced), the BR passwords aren’t even obfuscated (or if they are, it’s in an easily reversible way).

If you have a Banana Republic, Gap, Old Navy, Piperlime or Athela account, I highly suggest you change your password to something unique that you don’t use for any other sites (um, just like all your passwords… I totally have different passwords and two-factor security for everything).

I’d also suggest you contact Banana Republic and tell them that their security policies suck. Maybe they’ll fix it if enough people complain. That’d be sad if it took a huge hack and user info disclosure to change their ways.