Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: Bananalert (52.4.212.135)
97 points by adrenalinerush6 on June 4, 2015 | hide | past | favorite | 81 comments



I would find an avocado alert more useful but sub-second accuracy for short time before they are over ripe might prove difficult to implement.


Also,

    Step 1: Select Your Avocado's Color!

    ☐ Avocado Green     ☐ Avocado Green     ☐ Avocado Green
    ☐ Avocado Green     ☐ Avocado Green     ☐ Avocado Green
would cause some user experience issues.


I thought the same thing. I love avacodos, but I've given up purchasing them because I'm so bad at finding the millisecond they are ready to eat before they turn to mush.


I've started buying them when they're very hard (Costco sells them by the bag) and then waiting for them to ripen at home. This keeps them from getting bruised by other shoppers. So far, I've had good luck with them being ripe and good for about 3 days.


Yes, this is absolutely the secret to awesome avocados. Buy the unripe ones--the ones shoppers aren't squeezing to death--and let them ripen over a few days. Then, a few days before you run out, go grab the next batch.


Adding more agreement to this, grab them hard and green then store in a dark (room temp) place. 4-5 days and should be good to go


Well obviously that should be a backlog item to grow a user community by allowing users to upload modules.


I need a pear alert.


I visited an orchard a couple of years ago. The owner stored his pears at 0 degrees celsius and apples a little bit warmer - 4 degrees celcius if I'm not mistaken.

Since that day I've put my apples and pears in the refridgerator, and haven't had to suffer as many overripe pears and apples.


Nice! I went bananas when I saw the page. Started to monkey around with the settings. And I went baboom when I saw that it would text me.

/* Engage HN filter /

How do you plan to monetize this? This is clearly ripe for disrupting the fuits/supermarket economy. Like an Uber but for fruits.

I think you should email, tweet, instagram, like, share, deck and meet Paul Graham in order to get into Y combinator. This will be bigger than AirBnB.

Ryan from Product Hunt will be contacting you in shortly!

/ Filter off */


This could be of so much help when MarsOne guys stranded on Mars will need to know if they can eat their bananas! For once there will be some science in their project.


Add photo interpretation (heck, do it manually at first as MVP) and you might get quite a few "colorblind" users. Fruit ripeness is a huge problem for many and bananas are usually the example.


You need a 226262 short code. Text a photo of your banana to BANANA and we'll send you back a text when it's ready to eat!


Good idea! except i feel like there might be some bananas that get sent in that weren't grown on a tree, jah feel?


Includes http://assets.absolutdrinks.com/api/addb-0.5.2.js

From Absolut Drinks in the source. And it's collecting phone numbers? ...

Not sure this is the purest of intentions. Not sure it's not though.

[Edit - Looks legit and unaffiliated :) ]


What's missing here is that old animated gif of the dancing banana.



Thanks. Now I have that song stuck in my head. I didn't even need to hear it -- the visuals were enough of a trigger.


What's your exit strategy?


Probably something along the lines of "I'll drive away from the building in my new Bugatti..."


"Here in my GARAGE, just bought this new Bugatti"


Bugatti in the Garage, let me get OpenSesame. ( Right now Front page HN ) http://samy.pl/opensesame/


To peel out, I'd say.


I'd pay 2 bananas for this app


2 very green bananas


This appears to be running on port 4567, just FYI many firewalls won't allow nonstandard ports. Perhaps port forwarding or a DNAT rule could help you reach a larger audience?


Yeah I don't get these corporate firewalls, as a cyber security student I've yet to see a single occasion where blocking a port has helped block an attack rather than annoy powerusers (or normal users also, occasionally).

So that's why I use https://torproject.org/download the whole day and never have any trouble with blocked sites (e.g. Pastebin; Slideshare) or blocked ports (e.g. :8080 was used today by some random site in XHR).


In the real world, it's common to see network professionals who apparently specialize in preventing communications between computers. Similarly, it's common to see DBA's whose number one goal seems to be preventing anyone from accessing the data. And it's also common to find engineers who seem focused on seeing every goal as impossible, and business analysts who when they hear what you want tell you why you can't have it. It's not rational but it's very common!


If you're studying security and you think TOR will work to get you past corporate firewalls... good luck out there. Keep studying.


Thanks for the snarky remark, but I posted that post via Tor from inside the corporate firewall. In fact I mentioned that I use it the whole day. If that doesn't prove it works, I don't know what should.

The whole point of the Tor network is that anyone can access the Internet through it uncensored, regardless of countries' or corporate firewalls.


That's true. You probably can get out. Until the security team catches you, which they really, really can do. Trust me, I do it for a living. And then you're in trouble for violating the terms of your employment, and then HR gets involved, and then you are fired.

Like I said, if you're going to work in security, you're going to have to consider a lot more than can it be done. Corporate security is more closely tied to HR and the business than it is IT. You can't break the rules just because it's technically possible. It would be your job to find the people who are doing exactly that and report them to HR.


> Until the security team catches you, which they really, really can do. Trust me, I do it for a living.

True, I don't doubt they can if they wanted to, simply look for connections to known Tor nodes (of which there is a list). So long as I don't bother using a bridge node of course.

As for being fired, I don't think it's that strict. The company policy is aimed at blocking people from posting the company's slides on Slideshare, using icons from icon sites without a license (some icon site is also blocked) or pasting sensitive data on Pastebin by accident. As long as I don't do these things, I am not violating corporate policy, while I do need some of these sites to do my work.

If they make shitty policies that apply to the people who don't know what they are doing as well as to the people who do know what they are doing (or even need some of those sites), they can expect people to work around it. Rules are to be followed within reason. And if people are that strict, I don't want to stay in that company. Even as a student I'm asked to do work enough times that I don't doubt I could switch jobs in a matter of weeks.


>Even as a student I'm asked to do work enough times that I don't doubt I could switch jobs in a matter of weeks.

That's true, no one should ever be unemployed if they have infosec on their resume.

Do everything you can to learn how to bypass anything. Hack as much as you get your hands on. Break everything. Code all the things. It's really good for you and good for your career.

But I've had enough interns come work with me and then the company gets a letter from HBO because the intern thought no one was watching him torrent off our 2Gbps pipe. I've had college hires who spent the day browsing porn in incognito mode thinking the company couldn't see it. I've seen people using VPNs to mask the fact that they're getting paid to watch Netflix. And every single one of them wonder how in the hell we knew what they were doing.

Companies spend literally millions of dollars in security products to know exactly how their employees are misuing company property and company time. If you think there isn't a security tool that shows people using Tor, I think you're wrong.

I'm not telling you to stop. I'm not your manager. I just like helping people in infosec keep from making rookie mistakes. I've seen it way too often.


> If you think there isn't a security tool that shows people using Tor, I think you're wrong.

Targetting Tor specifically, yes I'm quite sure it's trivial to find a way to detect its usage. Even with bridge nodes on :443, traffic analysis probably reveals it, and especially on company-owned laptops you could scan for certain software.

So I'm not claiming that it's impossible, I just think it's not as easy as you say it is if they're not specifically looking for it (as long as there is no abuse, there is no immediate incentive to look for it).

As for interns downloading illegal or personal data over a company's connection, yeah, that is clearly abuse. We agree on that. I even know of people here that download random stuff over 4g (built into our laptops) abroad. In fact the 4g disables any blocks the company put in place because it's outside their firewall so many use it for that. If they want to fire anyone, they should start there.


Ssh proxy to my private server. Squid proxy behind Tor. You might know I'm doing something, but what exactly I'm doing. No way. (Taking reasonable precautions to prevent DNS leakage, etc)


At that point though, it doesn't matter. If company policy says you can't use anonymizing proxies or can't SSH out or can't mask your traffic in any way, you're hosed right there. And most enterprises would have an employee handbook that says that. Immediately you're in breech of guidelines and misusing company resources.

So many people in this thread are trying to argue ways to hide your traffic. All I'm saying is, no matter how clever you get to hide what you're doing, you're in breech of your terms of employment from the very first step. No matter how clever you get, I've seen people fired based on my report that they were using SSH to get to their private server. Doesn't matter if they were checking their email or if they were hiring a hitman on Silk Road.

Enterprises don't care what you're doing, they care what you're not doing, and what you're not doing is the job they paid you to do under the terms you agreed to do it.


Tor with a bridge on port 443 (or even 80) will get past anything that only blocks non-standard ports.


Tor also has a clever thing called "pluggable transport" that was made to solve exactly this problem.


And corporations have this clever thing called a security team and SIEMs meant to find this exact type of activity.


I humbly submit you haven't seen an environment that was high security.

There's two general ways to treat Internet traffic, whitelisting and blacklisting. Many companies will simply use blacklists. These are easy to bypass as you are well aware. I have seen more than one environment that was whitelist based, no machine can access any other machine that isn't required for it to do it's job. Anyone needing to override a block enters a username, password, and reason, if they have the authority to do so, which leaves an audit trail.

Security and convenience is often a trade off, you do a risk assessment to determine if it's worth the risk to you and your company. For many people and companies, it's not, so they blacklist.


Here's a screenshot for those behind corporate firewalls:

http://i.imgur.com/pwSaDY4.png


Having a domain name would help too.


The IP address makes it funnier for some reason.


currently up on port 8080, best i could do at work

http://52.4.212.135:8080/


It should be on port 4011


You should add email notifications too. I'm in Canada so my carrier isn't listed, but I want to know when to eat my bananas. Last time I was at the grocery store they only had extremely green bananas so now I'm playing the waiting game.


Here I am developing a BLE ethylene monitoring device. Arg, your implementation is so simple. My kickstarter is doomed to failure.


Missing the doctype. Some people who would like to use this site would be on some outdated browsers that would break without a doctype :(


Add an 'upload a photo' option to automatically set the current banana color. And then I'll have a photo history of all the bananas I've ever eaten as well!


Here is the github repo : https://github.com/singerbj/bananalert


noooo dont look at the code its really crappyyyyy


Absolutely brilliant. Now you just need to release this for every fruit. Appleapp. PineapplePulse. Instant billion dollar unicorn company.


Thinking of a drunk scenario, where I could end up setting bad alerts for me and eating a lot of green bananas; it would be wise to add a drunk check such as simple math sums.


Very Big Dada of you, wonderful. Thanks.


If you choose a color of brown, but a preference of greener, you'll get the notification right away ;)


I won't be happy until the banana can wirelessly notify my Apple Watch that it is now ripe.


I would not be surprised at all if the little Chaquita stickers will someday contain chemical sensors and a mote computer, and will do just that.


You're missing green/brown which is what half of the bananas at my grocery store are.


The hospital here does a roaring trade in distressed looking bananas with random grey skuff marks...


Where's the kickstarter


It's dead here, all I see is "ERR_CONNECTION_REFUSED"


try again, just had to update analytics code


Do you mean analytics or do you mean Analytics®?

Edit: You mean Analytics ... so here's yet another site where $SomeBigCorp tracks what I do :/


I guess Bananalytics.


Yep, you're feeding information right into Google's greedy hands about when your bananas are ripe.


You joke, but seeing Amazon lately, that seems like the kind of things they would like to know.


I prefer to keep my bananas out in the open, it's better security when everyone knows about my bananas.


Since HTTP is deprecated, and you can't get TLS certificates for IP addresses, that means pages hosted like this will be at a disadvantage from now on right?


Public VM crashed, no different ip. RIP Bananalert...


Hey! I'd be willing to host Bananalert for free on AWS, as I have lots of credits!


Really could use a checkbox for the 'Bag and Apple' users out there. Faster ripening times but still could use a reminder.


Yup - ripening in a mixed fruit bowl, hanging on a banana hanger, or in a bag with ethylene producing fruit (like an apple) will dramatically impact the timing - several days difference...


"Error, please check all parts of the form are filled" - didn't work on iOS mobile. My alerts! NOooooooooooooooooo!!


Alltel? Do they even exist anymore?


Nope. No. No no no no no. I don't know what the hell you want with my number.


Hey! I got it! You build it to get ads from "Despicable Me".


Love the idea! Strongly recommend a domain name though :)


var bananalife = 5 * 24;

Bananas live 5 days?


based on a google search. this is more of a joke project than anything lol


You can always tune this by gradient walking to the minimum of HN complaints.


You don't say? ;-)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: