I grew up coding. From about the ages of 10-25 that’s how I spent a
lot of my time. While other kids were playing baseball I was trying
to create computer baseball games. I was never a great programmer. I
was mostly just a hacker in the original sense of the word. I didn’t
like to plan out my code and the code I produced was rarely commented
or elegant. I did a fair amount of object oriented programming later
on (C++ & Java) but was always suspicious of objects and basically
anything except C, assembly, text files, and ever using code in my
programs I didn’t write myself. I was really turned off my the
Microsoft programming model which felt more like shopping than
creating. I mostly quit programming after doing some initial coding
on my last company, SiteAdvisor. I guess I was burnt out.

This past Thursday night after a long day of business meetings (seems
like that’s all I’ve done for the past few years) I thought I’d try
coding again – partly for fun and partly because my company (Hunch)
has an API that is central to our strategy and I felt like I needed to
use the API first hand to truly understand it. So Thurs night I made
a simple Youtube + Hunch mashup and put it on a domain I’ve been
sitting on for a while – It’s a very simple program but
taught me a lot about our API. The Hunch API is much more powerful
when you require the user to oauth (login to Hunch) but I wanted to
avoid that in the first hack. So the recommendations aren’t as good
but there is very little friction for the user – just put in a twitter
name and press go (plus you can “cross dress” as other users which is
fun). (Personally I’ve been really digging mixes when you type in
twitter name = cdixon, genre = hip hop, version = experimental).

This weekend I wanted to try some authenticated (oauth) hacks so built
two more little demos. One of them suggests people you should do
things with ( It really only works if your
Hunch account is linked to Twitter or FB and there is no error
handling so if you want to try it, login to Hunch, connect to
Twitter/FB (go to your profile, edit, services) and then try it. The
other one I wrote uses Yipit’s API (Yipit is a daily deal aggregator –
great company and founders) to find daily deals. It then cross
references the venues with your predicted hunch preferences and finds
the daily deal that day you’ll like the most. (I’m also working on
adding a feature that will suggest 5-10 friends who would also like
the deal so you could invite them along but it isn’t working yet).

In the process I had to learn about “signing” you URLs (apparently to
defend against man-in-middle attacks – not sure how common those
really are). Kind of a poor man’s SSL. See Turns out we had Python
code samples on Hunch but no PHP code samples (yes, I prefer PHP – I’m
old school). So I had to figure out my own code signing function in
PHP. Here it is :

function signUrl($url, $secret_key)
$original_url = $url;

$urlparts = parse_url($url);

// Build $params with each name/value pair
foreach (split(‘&’, $urlparts[‘query’]) as $part) {
if (strpos($part, ‘=’)) {
list($name, $value) = split(‘=’, $part, 2);
} else {
$name = $part;
$value = ”;
$params[$name] = $value;

// Sort the array by key

// Build the canonical query string
$canonical = ”;
foreach ($params as $key => $val) {
$canonical .= “$key=”.enc(utf8_encode($val)).”&”;

// Remove the trailing ampersand
$canonical = preg_replace(“/&$/”, ”, $canonical);

// Build the sign
$string_to_sign = enc($canonical) . $secret_key;

//print $string_to_sign . “

// Calculate our actual signature and base64 encode it
$signature = bin2hex(hash(‘sha1’, $string_to_sign, $secret_key));

// Finally re-build the URL with the proper string and include the Signature
$url = “{$urlparts[‘scheme’]}://{$urlparts[‘host’]}{$urlparts[‘path’]}?$canonical&auth_sig=”.rawurlencode($signature);
return $url;

We are going to add this code (most likely a prettier version) to the
Hunch API docs for PHP programmers (also need to add Ruby code). I
think we’ll also make URL signing optional as only some apps really
need it and it seems like a barrier to development.

One thing I noticed is how much more fun it is programming these days
with so many great APIs out there. YouTube’s API was a joy to use, as
was Yipit’s. Because of all these great APIs, someone with minimal
programming skills (like me) can hack together interesting stuff
really quickly. I do wish the APIs were more standardized. Having a
SQL interface for every API would be awesome. But still now that
everyone is using similar authentication, JSON, etc it is pretty easy.

People in the startup world say it’s a good practice to “dogfood” –
use your own software – and if one of your products is an API you
should use that too, which means doing some simple programming. The
stuff I hacked together over the past few days are not meant to be
real products. This is no “pivot” in Hunch’s strategy. Hunch has two
official and I think really great products coming out soon – one
web-based and one mobile. And if you think is good or bad,
just wait until you see the music recommendations we are developing
with a major music provider. Their data + our data + our algorithms =
truly incredible results.

In the meantime it’s fun and informative to hack on APIs.


10 thoughts on “coding

  1. chris dixon says:

    Oh, here’s what the “do stuff with people hack” suggest for me:Hi chrisYou’ve been working too much. Here are some people you should do stuff with.spend more free time together:jaxelrod Josh Guttman Josh Reznick Eric Arnold David Sacks Steve Rosenbaum Samuel Lessin Danny Moon Rand Fishkin Viva Chu Michael Boyle Ben Kessler Jon Pierce Evan Cohen Seth Goldstein Gil Elbaz Nicolas Grasset Scott Raymond Dan Frommer danny oh David Sze Brian Stein Heather Harde Brad Burnham Josh Elman Robert Stavis David Frankel Gennady Borukhovich exchange food & restaurant recommendations:jaxelrod Steve Rosenbaum Samuel Lessin Josh Guttman Yaron Galai Eric Arnold Jeff Barrett mini chris David Sacks Gil Elbaz Danny Moon Jon Pierce Brian Stein Joshua Auerbach Viva Chu Mark Crowther Josh Stylman David Frankel Robert Stavis Matt Mireles Eric Wiesen Mark Suster Josh Reznick Grant Barrett Doug Wyatt Seth Goldstein Charles Duhigg Scott Edward Walker Jonah Peretti talk about cultural issues:jaxelrod BillGuard Steve Rosenbaum Samuel Lessin Josh Reznick Joshua Auerbach Danny Moon Josh Guttman Eric Arnold Gil Elbaz David Frankel Viva Chu Charles Duhigg Michael Boyle Brian Stein Dan Frommer Tim Shey Morten Lund Seth Goldstein Mark Suster Jon Steinberg David Sze Eric Paley Cindy Gallop Mathieu Nouzareth Jon Pierce Corey Henderson Yaron Galai Jonah Peretti Rand Fishkin exchange entertainment & media recommendations:Steve Rosenbaum Bill Tai Josh Stylman David Frankel Thomas Loverro fredwilson Erick Schonfeld jaxelrod Robert Goodman Hari Ravichandran Brian Stein Grant Barrett Daniel Scholnick maricela morales Viva Chu Charles Duhigg Rufus James Cham Dave Winer Phil Andrus Gil Elbaz Jo Garrett Jason Rapp Ofer Adler Chini Krishnan Mark Crowther Guy Vidra Yaron Galai Iri Amirav Mark Suster

  2. Joe Lazarus says:

    Yahoo’s YQL is pretty close to your concept for a “SQL interface for every API”… map other API’s to YQL, which then appear as “tables” that other people can query.

  3. chris dixon says:

    thanks – i’ll check it out. but i worry about depending on anything at yahoo these days since bartz seems bent on outsourcing/sunsetting everything good.

  4. Joe Lazarus says:

    That’s true. Hopefully, some other company will take the SQL API idea and run with it. Nice job on your hacks, by the way.

  5. Gennady Borukhovich says:

    Hey Chris, well it says we should spend some free time together!! I’d love grab a coffee some time!

  6. Joe Lazarus says:

    Could you explain which Hunch API call you used to identify recommendations for a Twitter user name without using oauth (like you did with your first hack)? Without oauth, I only see how to get my own recommendations or recommendations for my friends (using the get-recommendations method). Can you show an example of the call you made for the first hack?

  7. chris dixon says:

    hey joe – i put the full code here if you are interested. (excuse crappiness of coding style!!)for unauthed calls you can just do:…and insert any twitter name where cdixon is (and any other other topic for topic_ids etc). we could do this for fb too but don’t allow it for privacy reasons (even though we are just showing predictions so even if we did it wouldn’t be a privacy violation but we want to be super careful not to be creepy).

  8. Joe Lazarus says:

    Thanks Chris! I was missing the user_id parameter. It might help to show that field in the API console. I didn’t realize you could query by Twitter name without oauth till I saw this post. For what it’s worth, I bet you would get a lot more developer usage with some simple changes to the API docs. In addition to the user_id field not being visible, I had a hard time making sense of a few of the other parameters and calls. For example, I couldn’t find a lookup table for the “sites” parameter, so I’m not sure if there are other values than fb or hn… the two shown in the console help tip. I should probably mention, though, that I’m not a developer. I just play around with API’s from time to time to better understand them from a product / marketing perspective. It’s entirely possible that I’m just missing some things that are obvious to more technical folks. I love what you all are working on. Recommendations are the next big thing for the web and you all are doing some of the most interesting work in that area. Keep up the awesome work!

  9. Richard Metzler says:
  10. Hrishi Mittal says:

    How interesting! Please tell me the upcoming music recommendations idea was totally inspired by my tweet @ you –!/hrishimittal/status/81244531038765056

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: