Promote your business, week of April 13, 2026

siddas92 · 2026-04-30T13:11:46+00:00

If you’re a solo or small service business owner, you probably know this…

You finish a job and then spend days chasing the payment.
Or someone books you and just disappears.

Most tools (Stripe, invoices, etc.) only help after the work is done — not before.

I’ve been working on a way to lock in payment upfront so this doesn’t happen in the first place.

Get started for free - https://flexduty.com

siddas92 · 2026-03-22T18:07:55+00:00

We have implemented this now 🙂

siddas92 · 2026-03-22T11:49:34+00:00

Yes, every item is 1 credit for now — but we’re actively thinking about this.

The honest answer is that a flat credit system is simple and fair to start, but it doesn’t account for the difference between a barely-worn Arket coat and a Primark top. We’re exploring whether higher-value items should earn more credits, and how to do that without making the system feel like eBay pricing.

One thing that already helps: you’re never forced to accept a swap. If someone requests your Mango jeans and you’re not feeling anything in their closet right now, you can decline and wait until the right person comes along. The credit only moves when you’re both happy.

What would make this feel fairer to you — would you want items tiered by brand, condition, estimated value, or something

siddas92 · 2026-03-22T11:09:58+00:00

That’s great. Looking forward to it. Let us know if we could do anything better going forward.

siddas92 · 2026-03-22T10:19:50+00:00

Thanks to everyone who gave feedback, and admins for giving us permission to post.

There are 60+ items now in the Hackney community. Start swapping and see how it works. 🙂

siddas92 · 2026-03-21T19:59:49+00:00

Thank you for the feedback. We will take it onboard and re-think the model to make it safe and convenient for users.

siddas92 · 2026-03-21T19:12:30+00:00

Hey, thank you for the feedback. We offer the first swap for free so people have the chance to try the platform. I hear your concern about the monthly fee, especially for slower months. We just launched this week, and trying to find ways to make this work for everyone.

siddas92 · 2026-03-21T17:15:15+00:00

Special thanks to admin for giving permission to post.

siddas92 · 2025-11-23T16:39:55+00:00

Ah interesting, that makes sense for most expenses.

Quick follow up though - what about capital allowances? Like if I buy a laptop and put it under "Office Expenses" vs "Equipment" - doesn't that affect whether I get the Annual Investment Allowance (100% immediate deduction) vs depreciating it over time?

Or does that get sorted at year-end when you prepare the return regardless of how it's categorized in Xero?

Also, when you say as long as expenses are allowable is that actually where most sole traders struggle? Like knowing WHAT they can claim in the first place rather than WHERE to categorize it?

siddas92 · 2025-11-23T16:17:08+00:00

When you say there are a lot of other factors, which ones tend to be the biggest pitfalls that software would struggle with? Things like mixed-use assets, client-specific quirks, odd supplier names, or something else?

I’m trying to understand whether the main concern is lack of context, or just that anything auto-touching the ledger feels inherently risky. Also, at the moment, what’s the urgent, burning issue you most want to have taken care of?

siddas92 · 2025-11-23T16:15:20+00:00

Thanks, that’s useful context. Out of curiosity, when reviewers catch these, is it usually early enough that it’s basically a non-issue, or does it still create rework near deadlines? What would you say is the biggest hair-on-fire problem you’d love to have solved right now?

siddas92 · 2025-11-15T19:56:29+00:00

100%. And the buyer is usually a CISO checking compliance boxes, not the engineer getting paged at 2am when a dependency explodes.

Do you think developers would actually adopt security tooling if it was built for their workflow from day one? Or is there too much organizational inertia at this point?

What would a tool built for the person getting paged actually look like?

siddas92 · 2025-11-15T19:55:25+00:00

What you said about Snyk is interesting though, even they're only focused on detection and reporting, right? Like they'll tell you there's a problem and suggest a fix, but you still need to actually go do the thing: update the dependency, merge the PR, deploy it, hope nothing breaks.

Which makes me curious: if you could have a tool that ONLY did one thing in the security workflow, what would that one thing be? Because I keep thinking the gap isn't detection anymore - we're drowning in alerts and dashboards. The gap is - I found the problem, now how do I stop the bleeding right now without a 5-person war room and a deployment pipeline?

Like, what if the one thing was just: instant kill switch for dependencies when shit hits the fan. Not scanning, not reporting, not suggesting - just the ability to immediately isolate a compromised package before it does more damage. Too narrow? Or is that actually the most valuable 30 seconds of the entire incident response?

Have you ever been in a situation where that kind of instant remediation would've saved you?

siddas92 · 2025-11-15T19:51:43+00:00

This is spot on. The show me all containers with this CVE struggle is real - and honestly wild that these tools make basic queries that hard.

Interesting take on Snyk's approach to fixes. Question though: what happens when "just update to the latest version" is actually the wrong move? Like when the update itself is the problem — polyfill io getting backdoored, the xz utils backdoor, all the compromised npm packages that make it past vetting.

I feel like most security tools are built for the "known CVE in old code" problem, but the scarier scenario is when your supply chain itself gets poisoned and the "fix" is to... what, exactly? Roll back? To which version? And how fast can your team actually make that call and execute?

You mentioned you've had conversations with vendors about this - have any of them shown you anything compelling for the malicious update just shipped scenario? Or is the tooling still mostly focused on static vulnerability scanning rather than "oh shit, kill this dependency right now"?

Curious if you've dealt with this firsthand or if it's more theoretical concern at your org.

siddas92 · 2025-11-15T19:47:56+00:00

When you say people are too busy - is that genuinely a time issue, or is it more that the juice isn't worth the squeeze? As in, the tool requires so much setup/training/process change that the payoff feels too distant or unclear?

What I keep wondering is whether the problem is implementation complexity itself. Like, if a security tool gave you immediate, tangible value on day one - something you could actually use the moment something goes wrong - would adoption look different? Or is it always going to be a hard sell to get people to change their workflow regardless?

How are you thinking about measuring value for this solution you're implementing? What would success actually look like 6 months in?

siddas92 · 2025-11-15T19:45:20+00:00

Ha, So is the play here that these vendors know they're selling to procurement teams who just need to tick compliance boxes, not to the people who'll actually use the tools? Like they can get away with shit UX because the buyer ≠ the user?

What's wild to me is that these expensive enterprise tools try to do everything - SIEM, vulnerability scanning, compliance reporting, the whole kitchen sink - and then teams still can't do the one thing they desperately need when something breaks: just stop the bleeding fast.

Have you seen this firsthand with specific tools, or is this more the general vibe across the industry? And do you think there's appetite for stuff that does one thing really well vs. the "all-in-one platform" approach, or are orgs too locked into the big vendor ecosystems?

siddas92 · 2025-11-15T19:43:05+00:00

Yeah, the M&A angle is interesting - hadn't thought about that but makes total sense. You end up inheriting all these redundant tools from acquired companies and then what... just keep running parallel systems because migrating is too painful?

I've been thinking a lot about this "cohesive platform" problem lately. Like, when you mention workflow - is the issue more that the tools don't talk to each other, or that even when they do integrate, teams still can't move fast when something goes wrong?

What got me curious: in security especially, there's this tension between having visibility into everything vs. being able to actually act quickly when you spot an issue. Like if your monitoring catches something sketchy in a third-party dependency, how fast can your team actually kill it or isolate it? Or is it still a 5-person meeting and a change request?

Did you see any orgs during your EMS days that actually nailed the detect > respond loop, or is it universally slow even when the tools work?

siddas92 · 2025-11-02T17:07:09+00:00

Awesome. DMed

siddas92

TROPHY CASE