Stacking Slabs | Transcript: Built for the Hobby #4: When Trust Breaks What the Snype Collapse Tells Us About Hobby Tech

December 23, 2025 • 38 Minutes

Built for the Hobby #4: When Trust Breaks What the Snype Collapse Tells Us About Hobby Tech

We are back with another episode of Built for the Hobby brought to you by my good friends at Inferno Red Technology.

This is going to be an interesting conversation, and I was diving into kind of what I thought we should talk about probably about a week ago.

And it was on the heels of everything happening with the Snipe story and it launching and then it crashing and then customer data leaking. And all I could think about was the tech side of it.

And it's like, well, we do a show with Inferno Red Technology who builds tech and supports tech infrastructure for hobby businesses. So my good friend Scott might have something to say.

So what I wanna do in this episode is talk about kind of when trust breaks and what the snipe debacle, reveals about Hobbytech and, you know, bring Scott's, experience in building tech teams to the table and just talk through some things.

So I'm very interested and excited for this conversation, but I just opened with a lot of remarks, which I guess shows my energy towards this conversation.

But without further ado, Scott, how you doing, man? Good, Brett. How are you doing? Great to be, be back for another episode.

Yeah. I'm ex I'm excited. We've run the gamut, but we've never really had a topic that is, like, newsworthy or topical, to talk about. So, like, as we're getting in, I I just wanna make make a clear statement for the audience.

Like, we're we're not here to criticize Snipe and Prodstein, and we're not here to dig into a bunch of the stories that have been shared publicly, which we none of it really has been validated since it's all dropped.

What we wanna do here is just talk about tech and maybe some missteps and observations. So we'll start here, Scott.

When you first saw this story unfold, kind of the the shutdown of the app and then the leaked in customer data, What went through your mind as someone who is leading engineering teams and building tech for the hobby?

Yeah. Well, I was like, holy Philip Rivers, Batman. Like, what just happened? No. I'm just kidding. I had I had to get that in there for you, as a as a huge Colts fan. Welcome welcome back to the to the early two thousands.

Oh, yeah, man. Alright. I was wondering if Pittsburgh's gonna be bring, Brothelsberger back, but he can't do. I I most thought about shooting you a text about, is Big Ben coming up next?

Yeah. What a draft class. You know, fun fact, Philip Rivers has to restart his, hall of fame eligibility. Like, he must be really in really into it. I guess that's a small price to pay.

Alright. So sorry. I digress, but I we we didn't get a chance to mention. That was, like, the greatest thing. So going back to the topic at hand, what do I think? I my my thought was like, well, how does how does that happen?

You know, what I heard and what I read was, again, this was just social media. Some of it was speculation. Some of it was, like, frankly, more, you know, salacious and upsetting than others in terms of, like, what the impact was.

I mean, fundamentally, what I heard was, you know, there was there was an open data connection to the back end database, and that data was compromised and then analyzed.

You know, that's bad enough, for any company. I would imagine, like, as a software engineering team, if there is a team, I don't know who built it. I have, you know, judgment free zone.

We've all made mistakes. I mean, that's a pretty big one to make, though. And, you know, our team isn't perfect. I mean, we we build software all day every day for fourteen years. Been in it for thirty. Mistakes happen.

But that's just not something that, you know, you can you can go to go to market with and, not have at least had some sense of, like, what you're testing and your your, you know, your coverage looks like, and they call surface area risk.

Right? Like, what what does it look like for you, from a security perspective when whether it's front end, middle tier, or data?

And, you know, that's that's the sad part. Like, I'm sure again, like, whoever wrote the code or built the app or used AI or whatever, like, didn't have any intention of making it available, but, yeah, it did happen.

So, you know, we should we should talk about how to how to keep that from happening. Yeah. And I wanna dig into maybe what Snipes exposed about Hobbytech as a whole.

I think we've we've talked about there's a lot of businesses popping up, a lot of ambitious entrepreneurs. People wanna, get things out the door. There's a tendency to kinda ship before things are done.

But I think when you're in a a situation like this when customer data is compromised, like, it's worth a conversation, especially with someone who is kinda in the weeds of it on a day to day basis.

From kinda from your seat, what do you think the this kind of failure reveals about the current state of tech in the hub?

Is this just isolated to one situation, or do you think this is kind of part of a broader issue that you see? I mean, I don't think it's couple things.

I don't think it's a broader issue per se that there's, like, this technical problem with the hobby. I also don't think this is a hobby exclusive, no pun intended, issue when it comes to software development.

We have clients in all kinds of industries where, you know, they're we're building the fundamentally the same things in the same architecture repeatedly over and over again.

So but there's just certain things that you you have to build into the process.

And so for our company, when we're working with clients, I mean, we we we generally, you know, have a three phase approach to this, which is there's planning and strategy about what we're going to build, how we're going to do it, what's the technical approach, what are all the things we need to consider, where are the risks, are we capturing data for users, are we capturing financial data, like, and then we work through an execution and build phase, which is like, alright.

Well, now we're gonna start to build this.

And then there's a delivering continuity, which says, okay. And now that we've done all the, you know, the first phase or the first version or whatever it might be, let's talk about what it looks like to, put that into, production.

You know, what has it been through in test? And then how are we going to, create a continuity factor for maintenance and support and and and then repeat rinse and repeat that cycle iteratively.

You can't you can't skip the planning phase. You can't skip the strategic approach. You know, it's getting faster and faster and easier to do that work now because of, you know, things like, AI and and the tools that are out there.

It's it's just, you know, monumentally, exponentially faster, and, we're leaning into that just like everybody else.

But you you can't bypass it. You need to understand, what you're doing, why you're doing it, and what what data needs to look like, when it's at rest, when it's moving.

You know? So I you know, the the data that was compromised with Snipe, was a connection to data at rest.

Right? Somebody didn't I don't think I could be wrong, but I don't think so. But the I understand is it isn't like somebody was sniffing the wire and and pulled data as it was moving.

It got compromised through a connection and was, you know, unencrypted data pulled right off of the the database or wherever it was being stored or how it's being stored.

And all of that has to be considered when you're building professional software. So, you know, I think there's levels to this game.

And if you're if you're trying to take advantage of an idea and the and the, the opportunity in this hobby, and in this case, right, like, trying to be the build a competitor to an eBay where you're trying to, you know, isolate your your customers into a single platform and your and reduce your fees and capture that that revenue.

I don't fault them for trying to do that, but, like, you know, eBay has been under development for, you know, decades, and they take they're they're a former client of ours, and and they take everything related to security and software engineering very, very seriously.

And that's the mindset you have to have because I I bet I don't know this for sure, but we have a lot of clients who come out with, like, great ideas, and they don't consider themselves to be software engineering companies or even software platform companies.

But you are as soon as you start to do things like like Snipe, and and, some of the other platforms that are out there, and and you have to think that way. You know, I think that I think that's the first step in my opinion.

So much good information there, and I love the thoughts around eBay and, you know, them being in the game and, you know, being focused on this making sure this sort of thing happens or doesn't happen.

And I think I when I saw this, I thought about Equifax. And I think about all these under other industries that have leaked customer data based on technical mishaps.

So I don't I'm not like it's not exclusive to the the hobby, but, this is, like, the this is the first example of it, happening.

If there's so much to do with customer data in almost all of these platforms, and it just it feels like this if you're not taking the right steps and right precautions, this could, you know, be certainly costly.

Maybe, like, I know not every new company popping up has the resources and capacity of a company like eBay.

But in in the instance of making sure this, like, doesn't happen when you launch something new, like, what what do you maybe recommend that you as a company have in place to make sure this doesn't happen?

And it can be as simple as, like, making sure you have a team like Inferno Red who knows what they're thinking. First first, call us.

Right? Like, first yeah. No. First, I mean, if you're a start up and you're you don't you know, you're you just have an idea, you know, especially in 2025 going into 2026, your your thoughts are like, I don't need an engineering team.

I can just Vibe code this, and I'm gonna be able to do everything, and AI is gonna protect me.

And, you know, the truth is, like, all all I've been working on and thinking about in the last several, months and, you know, year plus has has been, how AI affects the software engineering industry, specifically in our case.

Like, how do we take advantage of the opportunities that it provides in as a and then understanding even more importantly, like, where it doesn't.

Like, where is human intelligence critical to understanding when you're when you're building something that actually has to ship and scale, and be secure?

Like, where does that apply? And, you know, you can't replace the human intelligence and the human experience, in my opinion, with just blind trust of what these systems will build.

You know, this is probably not fair, but I I I like to say lovable is not shippable.

Right? And and, yeah, maybe that's unfair to lovable, but at the end of the day, in our experience is, like, you you need to understand where to look when it comes to, things like security and trust.

And, you know, you asked that about, like, you know, where is there an issue? Well, a company like eBay, yeah, they spend a lot of time and money and energy in in making sure that they have a trusted platform. I mean, that's it.

At the end of the day, as soon as as soon as you can't trust it, like, as soon as you think that your either your identity or your data or even as, you know, simple as, like, a password is going is at risk, you're just not gonna use it.

And, like, that can happen.

They're a volume business based on, you know, transactional, scale. So which, you know, I know you're gonna get to this, but that correlates very well into the collectible space because it's all about trust. Right?

And and I think that's the biggest I think the biggest impact of something like Snipe is, you know, going down in, that path of, like, mistrust and and feeling like, you know, violated something that's that is fundamentally built on top of, like, a foundation of trust.

And, I think that's important to talk about because, you know, like, the only way this works is, like, do you believe in the that the, the auto was signed by the athlete?

Do you believe that the the patch has legitimately been put there by the manufacturer? Now do you do you believe that it's authentic?

And I used to freaking hate when eBay introduced the eBay authentication service. I was like, oh, this is, like, in a delay. It just adds delay. Of course, it's authentic. But being on the receiving end, I'm like, oh my god.

Like, how do I know? Like like like, my son has, like, recently been flipping all of his UFC stuff into flawless patch autos for basketball, which is brilliant, by the way. Like, I was very proud of when that moment happened.

Like, yeah, let's stop collecting, UFC prism and go into flawless basketball. That seems like a good move. But, you know, like Shaq, like, he's, like, that those patches are notorious for being, having a lot of fakes out there.

And so having that, peace of mind that it's gonna go, at least on the surface, go, you know, go out to an authenticator who can take a look at it and say, yeah, that this is this is real and authentic based on what, you know, what they the process that they go through.

I can't speak to exactly what they do, but, it's more than what we had before, which was nothing. Like, hey. Send me that card and ship it, and, you know, I'll trust that what you send me is what, what you say it is.

So, yeah, I think that, you know, that trust foundation in our hobby and then bringing that back out to software engineering and and the experience you have when you when you use any system where you have an account or you put data in or you're you're you're trusting that they're doing what they can do, to make sure that you're safe.

I think that's critically important and intertwined. I wanna we're gonna spend some more time on the trust factor. You said something that I wanna make sure the audience understands what you're talking about, and that is, vibe coding.

So maybe for anyone who might be unfamiliar with that phrase, like, share what it is, what is vibe coding. And and then also, you you mentioned AI, and Inferno Red uses AI. But I think it's we've talked about this in different episodes.

But just in context with this, maybe talk about how Inferno Red uses AI and, like, vibe coding and kind of the delineation between the two. Alright. Well, I hope we have another two hours, for this episode.

I mean, I'll try not to dive down too deep in the weeds, but, I mean, it's it's no there's no surprise right now that, obviously, like, the world is, is adapting and changing, and AI is a major influence into that for and it's frankly touching every part of the world that we live in in, you know, for good or bad, for better or for worse.

And, you know, Time magazine just had the, you know, the person of the year, and it was, you know, it was a group of the AI tech founders, the fathers of AI, the mothers of AI.

Like, and so this is, like, all all that's happening. And and the the biggest industry, frankly, to be, upended or displaced is not the right word.

Challenged is software engineering, because that is the biggest use case for for AI in terms of, like, professional use and and even beyond professional use.

So the concept of vybe was a term that got coined in 2024, I believe. I don't think it was this year.

I think it was the end of last year, which is when these tools that, came out, like, like Lovable and some other some other tools where you don't have to be a software engineer by trade or by experience, and you can use this web based interface, and you can just tell it what you want it to be.

You're like, hey.

I'd like to build a, a a you know, you could build a StreamYard clone and say, I just wanna build this application. It needs to run the web, and I wanna be able to have an account, and I wanna record videos. And it'll do that. Right?

It'll write the code, and it'll and it'll test it in some way, shape, or form, and then you can you can, put it out on the web and and ship it or ship ship as a a loaded term. You can make it available, and you can and you can use it.

And so that's created this commoditization of of software development and and, frankly, enabled people to bring their ideas out and and create from point of proof of concepts all the way to, to shipping products.

And so that's what I mean by and the vibe code was like, you don't have to you get in the vibe. You just kinda, like, tell it, and you keep telling it, and you like something, and you're like, no.

Make that blue. Make that red. And you just you're vibing, man. Like, that's what you're doing. That's where that term I forget who coined it. And so that, that is essentially, like, where it starts.

Now in our world, like, that this and by the way, this is changing literally daily. Like, I think the last report that I saw is that there's, a new feature pushed out by the by the the what they call the frontier model companies.

Every three days, something is is pushed out, and that's just unparalleled speed at which technology is changing.

So even even when I said, you know, six months ago is not true today, and what I said last week will not be true tomorrow, it's it's that that crazy.

But in our world, well, the way we use AI is to it's two ways. One, we we have senior developers who write codes.

So if you're, you know, you're working with a client in the hobby and you're, you know you know, one thirty point or loop or whoever, Although loop was way before this with let's just say a client in the hobby.

Like, it's just it isn't happening so fast. You know, we have developers who use these tools, and they they it accelerates their capabilities.

And, you know, they're senior people with a lot of experience, so it's like giving them a new superpower or, you know, three or four junior developers at their disposal, and they they just become exponentially faster.

And then they still have the experience of knowing, you know, what is good and what's bad.

And then the other way of working is where we've, which is relatively new in the last, you know, several months is the idea of using agents or what's commonly called a GenTech, where now you create, essentially services that go out, on their own, autonomously run-in parallel with the developer, and then go and do work, and then come back and let you know when they're done.

That's a great a gross simplification of it, but you were we're leaning into the Agentic models to, not only accelerate individual developers, but to accelerate entire projects and teams.

And we're seeing, you know, exponential, velocity increases.

So we're we are absolutely, leaning into that. And in the next several weeks, we'll be we'll be kind of launching our services around that. I'll be speaking at CES at the AI House.

I won't be speaking. I'd take that back. I'm sorry. I will be we are sponsoring, and I'll be out there doing some interviews and and doing some networking, promoting and talking about what we're doing.

But it's mesmerizing. So that's why, you know, for people in the hobby who are like, hey. Let's I have an idea, and I wanna take advantage of the momentum that we're seeing right now.

It's really easy to get started. So there you go. That's vibing. I I love I love the, I love the vibe. I love getting the rundown from you. What I wanna do and I'm not saying this is what happened, but we're speculating.

However it was built, Snipe, there it wasn't fully baked whether it was part VibeCode, part, junior developer who wasn't thinking through this thing these things.

Obviously, like, the platform shutdown, trust has been lost. How how easy is it if you maybe don't have the right resource or maybe you're trying to do this build platforms through vibe coding?

How easy is it to lose sight of something as important as security and protecting customer data. I keep thinking about what you're saying, like, in video and you're prompting it to, like, do all these things.

It's like, like, can you say, like, protect customer data? Like, I don't even know what that looks like. So may maybe explain that a little bit.

I mean, you can. Right? Like, I I mean, there's a lot there's levels to the game on, like, how this works. You know, you can you can create a pretty robust system without ever knowing exactly how it happened.

Right? And you might forget something. And depending on the platforms and their bay and that, you know, they're adding features every day, they're adding capabilities, it it in a lot of ways, it can protect you from yourself.

But you you know, are you willing to bet your entire reputation on that?

If you're a if you're a if you're a product company, or you're a services platform, you know, that's where you know, if you're somebody, an enthusiast, or you have an idea and you wanna get started, I think, like, absolutely, like, going down that path and you and you can't afford or you're not a software engineer yourself, like, I don't see anything wrong.

In fact, encourage it for, you know, more people to to get introduced to to to create a process.

But if you're if you're trying to actually build something for, you know, for a business, then I think you need to take all of that seriously because you have a responsibility.

And I think that it it gets, you know, exponentially complicated when you start talking about, like, well, integration.

And, you know, maybe you're a business that has an existing platform, and now you're talking about legacy code that doesn't necessarily, lend itself towards, you know, AI first type of application development.

Like, that's we're seeing that as well, and there's there's plenty of studies and reports out talking about, like, where the opportunities, to, help businesses and where businesses need to be aware of where their risks risks are.

I mean, a kind of a the analogy I like to use is that, like, I if you were to remodel your house, you're gonna hire a plumber and an electrician, and you're gonna hire skilled laborers who understand.

Now they and most of the time, like, those people are, like, small businesses that have, like, you know, a small group of, or a small team, but they know because you're never gonna be like, hey.

Let me find the electrician that's done this once. Right? And, like, let him or her wire up my house. Right? You know, like because it can set on fire. Like, that's bad. Like, that would be bad.

So you don't wanna do that with something, like, as important as, you know, a 100,000 customer records where their data is sensitive, and and it means something to them and to you and to your business and and, like you said, integrity and trust.

So you wouldn't do that. Right? You would and it's not your skill. I'm not I did a remodel in my house. Like, there's no chance I'm running, you know, gas lines and and and wiring into the same wall at the same time.

Like, why would that seems bad, because the risk is too high. And I think that you need to find, you need to find companies that do what they do best and and work with them.

I mean, that's frank. That's us. My my, nonobjective opinion that, you know, we're we're one of the best at what we do. There's really good companies out there. If you're working with them, great. If you need one, call me.

But at the end of the day, like, you should you should really, take the time to understand what it is that you're trying to do and where you need to to focus and then work with professional companies who provide the services to do it right.

Like, it's it's it's the electricity. It's the electricity analogy.

Like, bad things happen, like, when electricity isn't done right. I I love the contractor analogy, and I love this word that you shared responsible. I I wanna get into maybe what is responsible in engineering.

I think it's safe to say in the Snipes debacle, whatever the decisions or resources or AI or not AI, like, whatever was done was very irresponsible, to have this happen where customer data was exposed.

So maybe help us understand, like, what does responsible engineering look like when we're building new tech in the hobby? And, like, at the baseline, like, what should companies be doing before they even collect customer data?

Well, I mean, I think, you know, you have to really look at kind of how, you know, how and why and what you're you're doing in the sense of like, let's just start with data.

Right? Like, if I mean, if you have, the need to capture customer information and most businesses do in some way, shape, or form, like, you need to take a look at, what you're doing, with that once you have it at rest.

What are you doing with it if you have to actually move it from a system to another system? Right? Like, you have to transport that data across, across a line, as they say. I have to date myself. Right?

But across the wire, even if it's in the cloud and you think, oh, it's protected because it's being hosted by, you know, a Microsoft or an AWS or, or what AWS or, or what have you, like, you still have the responsibility of making sure that that information is protected.

I mean, and think about it this way. Like, you know, Europe and GDPR regulations, like, it's a it is it is regulated because we can't trust, humans to do it, consistently all the time.

So you have to be held to a standard and and, frankly, a regulation to make sure that you're protected as a consumer.

But from a software engineering perspective, I think, in our team anyways, we we take it very seriously that we have a responsibility not only to protect the business that we're working with from exposure of, like, the risk of data, but also, like, to the customers that they're serving.

Like, we want to make sure that if it was us and we were using and in the hobby, we do.

We use a lot of these things that we build. I mean, that's that's the beauty of our business anyways. Like, we love the hobby. We build for the hobby because we're in the hobby, but not you know, we don't take it for granted, that, hey.

We're just, you know, we're just gonna, like, shortcut something because it's faster for the business. We wanna make sure that the the consumer and the hobbyist and the collector is protected.

And so you have to do like I said earlier, I mean, you have to start with a process that's that's that's known, that's been used and, done correctly time and time again, and stick to it and be disciplined about that.

I mean, humans make mistakes. Like I said, like, there's you're gonna have instances where somebody, you know, I don't wanna say leaves a door open.

Like, maybe in this type of example, like, that's a bad analogy because, like, you said earlier a few minutes ago, you were, like, irresponsible.

Like, that's a big word to say, like, that somebody's love was irresponsible. It's kinda hard to say in this case, like, that that's maybe not appropriate.

They're absolutely responsible. Right? I mean, like, they're they're accountable for what happened and, you know, need to need to do the right thing and take care of the issue.

And I I mean, they shut it down. So, like, I don't know how more, responsible you can get in terms of the the availability of the data.

You know, the follow-up to what happened and, you know, what might have been compromised, I don't know enough about it to say, but, you know, I think it all it all comes together in terms of this case.

I I want, I wanna hit speed a little bit, and I would imagine you work with a lot of very ambitious, humans, whether it's, you know, people just wanting stuff shipped out the door because they're ready to go.

And they might not have the subject matter expertise of, like, the vol the amount of time and technical requirements that need to be in place in the structure for you to ship, tech for this not to happen.

How do you, like, have those conversations where you're working with someone who wants to move really fast but doesn't quite understand, like, the baseline requirements or things that you need to put in place in order to not have an instance like what happened with Snipe?

Like, how do you navigate those chats? Yeah. I mean, I think you just you you know, you're you share your experience. You share the risk.

I mean, we understand sometimes you have to, you you have to slow down to move fast, as they say, and and, I think it's important to be, to educate and be empathetic to, what what people are trying to do and their goals and their ambition and and especially in the hobby because there's, frankly, like, there's incredible opportunities out there, and it's becoming, more and more, you know, mainstream.

So the the addressable market is bigger. I mean, just look look at the price of tops chrome basketball at Target.

That's insane. $85. 85 dollar, boxes at Target. Megabox? Yeah. 85 retail. That's insane. I didn't know that. Yeah. 85 retail. The retail price. Yeah. That and I think that yeah.

And the blasters are 50. Like, what? Like, those are hobby prices, man. Anyways, I digress. You know, I think that there's a lot of opportunity, and and there's a lot of money and, you know, treasure hunting happening.

And, you know, some people in our local hobby shops, people come in, and I know my son works at at Continental Cards in in Ashburn, Virginia.

Shout out. But when you go in there and, like, people sometimes get frustrated with the price of, you know, the price of boxes and the price of, the hobby, whether it's, you know, TCG or sports.

And so there's there's this natural, this natural, instinct to try and take advantage of that and, like, you know, grab a piece of that pie and get involved in you know?

Hey. I can combine my hobby, my my passion with the opportunity to make some money and or maybe, like, you know, just just to see if I can go treasure hunting whenever it meets.

So, like, yeah, like, you the opportunity is there, and people are gonna should be opportunistic.

But they need to do it with, with some understanding of what those risks are and how you mitigate it. And we don't obviously, we're not going to, fault anybody for not knowing.

Right? I mean, that's that is the thing that, that we're there to help people understand. So we take that part very seriously, and we spend a lot of time, you know, talking about that and and making sure we're like, hey.

You might wanna think about this. That might be a great customer experience, but you might be exposing, you know, x y z. Like, oh, I didn't think about that. Okay. Great. I'm glad glad you mentioned that. That kind of thing.

So let's say that a individual CEO, founder, whatever the title is, is working on a tech project, but maybe is not working with a professional, development, firm like Inferno Red Technology, and they're working with one individual that they made through a connection.

How Yeah.

How should that individual that business owner or operator, how should they know when something that they want build from a tech perspective is actually ready to launch and for this not to take like, the Snipe debacle not to happen to them knowing that they have very little technical background?

I mean, it's, I mean, that's not easy, just in general.

Like, in any services business, whether you know, going back to my analogy of, like, the the, the remodel on a house or you're building software, I mean, a lot of it is trust and referral.

Never just hire blindly. Make sure that, you you have you you get a second opinion.

I think sometimes it's very we see this all the time, actually. What even before, like, any of the the security issues, just in a quality perspective. Right? It's very easy to, to let price influence what you're gonna hire.

And some sometimes that's not a necessity because your, you know, your your funding is lower at zero, and you're working on a start up, and you're trying to get out the door.

But, I mean, there's there's some truth to you. Like, you get what you pay for. And, you know, in our world, like, experienced software developers, you know, have ten, fifteen years of experience.

They've been in the market for a long time, and their their salaries are are higher than, somebody who just started as naturally you would expect.

You know? So, you know, there's all of that. So, you just have to be really careful. Like, make sure you hire somebody.

If you and I'm all for, like, if you if if you wanna hire independent or you know somebody, who, who is a good developer and and they're an independent contractor or they're just somebody who wants to donate their time or work with you, just make sure you do your homework.

And you and you see something they've done before, they can talk to you about you know, sit down and have coffee and understand, like, well, I know that these things are important.

My customers are important to me. And, like, tell me, like, like, what are some of the things that we need to do to to protect this information and make sure that we're we're not putting anybody at risk?

I mean, I think it's just some some common sense conversations. I'm I'm not suggesting that this instance with Snipe changes your in your mindset.

Obviously, you've built a a profitable business based on your own process. But just curious, like, we've spent, you know, over a half hour talking about it at this point.

But if you were whether it's one of your clients or you're serving as a tech adviser to a friend, working in a hobby business, is there anything you would tell them to prioritize differently in light of this situation?

I mean, in light of this situation, I mean, clearly, like I mean, the the data wasn't encrypted or protected at rest.

That's that's a problem. The, the endpoints for accessing the data that weren't protected or or, secured clearly because they somebody could access it directly.

You know, there's just, like, some fundamental best practices and principles that weren't followed or or mistaken.

Is it possible that somebody just leaves the door open, because they they didn't know it should be locked or they didn't know where the lock was, you know, to to to close and lock the door.

I mean, that might just have been an experience issue. Because one of these things sometimes these platforms make it really easy. Right? So they're like, hey. There's no yeah. Let's just put it here. It's super easy to connect.

You don't have to configure anything. Like, let's go. I don't know if that's the case here. I mean, that's that's maybe oversimplifying it. But I don't I don't think it would it doesn't change, like, obviously, in our case.

But, if I was a company or as an independent or starting, you know, software engineering business, I would be, I would be making sure that I I understood those fundamentals.

The other thing too, by the way, if you're a bigger company and you can afford it, I would hire before I went live, I would hire a third party company to do a security assessment on what we built.

I mean, we had we do that all the time. We have comp clients who who hire, a company that say, okay.

Let's take a look at the code that was written for security vulnerabilities. Let's take a look at the infrastructure that it's hosting on to make sure there's nothing left open.

And let's really do some testing to make sure that, that we've done everything we can to secure, both, like, entry points into the application, how it's used, you know, patching any any code, patching any libraries, you know, that's, you know, packets of code that are from third party companies or open source that could be vulnerable to to being exploited and and really making sure you've done a full check on the system from that perspective.

You know, they call it penetration testing. Like, let's really, like, try and test.

You know, basically walk around the house. Are all the windows locked? Are all the doors locked? Do you have the right key? Some doors, you need three keys. Do you have all three keys? Do you make sure those keys are locked up?

You know? I'm I'm using an analogy, but, like, that's generally, like, you know, the the, the the the the, an example of, like, what you kinda need to do to make sure that these things get protected.

So As as kinda we round this and close this out, this kinda popped in my head, and I'm just curious on your mindset.

Usually, when these sorts of situations happen, they're really negative and people pile on and it's bad and just continues to go down that way.

But then there I think about the other individuals who are building tech or thinking about building tech, and it's a red flag, and it's a good reminder to them to make sure they're going through the right steps in order for this not to happen to them currently or with whatever their future product is that they're building.

What do you like, when you see something like this happen in the hobby, like, what do you think what do you hope this does for the future of other tech that is being built that we're all going to interact with?

What's your mindset? I mean, like I said earlier, I don't know that it's a hobby specific.

However, I do think that it's probably one of the first times in a long time that, people who don't think about technology and and are just using systems and platforms, you know, tools, other you know, whether it's an app to check comps or it's, you know, a podcast player to listen or, you know, just some of the things that are specifically built for the industry.

They're not thinking about technology.

They're just like, oh my hey. Did you download the the latest version of this? Oh, look. It just asked me to create an account. Oh, let me just use that password. I've used 50 times, right, because I I don't like creating new passwords.

It's probably one of the first times where people are like, oh, I didn't know that could happen. I'm like, does that actually happen? Like, did that wow. That's, like, a big name and, like, okay. So maybe I need to think about it.

So I think about it as a user, that probably got a lot of people, you know, maybe second, not second guessing, but taking a look at, like, the way that they they log in and use, these systems and where they put their data and where they don't.

And I think for companies that are trying to rush, to market and build things, like you said earlier, quickly, maybe it gets them to take a pause and go, woah. Hey. Before we, like, go live with this, this just happened to Prostin.

Can we make sure that this doesn't happen to us? Because we're not them. Like, you know, he can afford to hire the lawyers and the teams to recover, but we can't do that.

Like, I mean, I know some people can't, but I suppose but, like, most of the startups who are, like, you know, bootstrapping aren't gonna be able or nor should they want to, So let's protect ourselves.

So I hope that that's, you know, that if there are any, you know, good things that kinda come out of that story, like, maybe the people will take a second look at what they're doing if they're building.

Lot of good information, lot of good insights shared if you're building tech in the hobby or considering build building tech in the hobby.

I've I've got a guy who's got a company who can probably help you. I know a guy. Yeah. I know a guy. Thanks, Scott, as always. Appreciate it. Thanks, Brett. Appreciate you.

Stacking Slabs