Because of a long list of things that would only distract from the main point if I let myself get too much into them, I was at a fork in the road at the end of last year. I could either start up a new business or try to find myself a job somewhere. I was of course leaning toward the former. But also when I spoke to folks I kept hearing how horrible the job market is currently. I’m over 50 now, and particularly for folks in my age group I kept hearing that finding a good technical role is extremely difficult. Technical management not as much of a problem, but an individual contributor role would be different.

I certainly understand part of what folks see there. But I decided to go counter to the advice and at least try to find something inside an existing organization as an individual contributor.

Along the way I’ve found that many startup skills have translated insanely well to working inside a larger organization. That’s part of why I wanted to put a post together about this. For the older tech folks who maybe are having some issues, there might be a bunch of skills you have that you just need to figure out how to highlight. This is my partial list of things that surprised me in a positive direction when going into a more established company.

The set of skills around having a bias towards action work well in a number of different contexts. In the startup world when I’m working with a cofounder or talking to a potential customer I try to not just flat out say “no” to things. Interesting ideas come from all over the place. And even when something on the surface doesn’t seem workable, there’s often a core of interesting insight in the direction. I didn’t think the set of techniques I’ve built up for those interactions would be that valuable inside a bigger organization. But I’ve found the more often I apply it the smoother everything goes. I just treat everyone around me like my customers. I try to understand what they really want and not just what they’re currently asking me for. If they’re asking me for things that don’t seem to make sense I try to figure out what they’re trying to get done and how I can do something that progresses them in that direction. Everyone is my customer. The people managing the projects I’m helping with most obviously. But I found that the more I applied the idea all over, the smoother everything went. My teammates are my customers, my manager is my customer, whoever owns any of the repos I’m checking things in to is my customer. I try to find some way to make whatever I’m doing into something that helps them too. To my surprise it’s pretty easy to do after a few decades of startup life. I figured it might be hard to navigate the competing objectives in a larger organization, but I’m not feeling that part at all.

Juggling competing objectives feels almost trivial in a normal job compared to life in a startup. Sure, I have an actual task list to work my way through, with expectations that I track what I’m doing, contribute to reviews, handle a few async requests from other teams, keep an eye on what my coworkers are doing, and learn about the systems I don’t already know along the way. And I’m sure as I get more embedded in the organization the cadence of a bunch of those things is probably going to change. But I’m used to that list of concerns plus hiring a few new people, onboarding someone or getting an existing person ready for a new role they’re taking over, investor discussions, fund raising, customer onboarding, partner management, budgeting, product planning and tradeoffs, support, and some bit of legal review. Now, for the most part, I just need to get some bit of tech working. Sure, I might have to do it while the person who would normally help get it done is overloaded with other stuff. But compared to the average challenge I had to navigate before, totally doable.

And finally, the intensity is turned completely down. It’s easy to stay calm, cool, and collected when most of the problems you have are just that there’s a lot of work to get done. Sometimes it’s a bit of a scramble, and you might have to get inventive in how you stage things so that you can ship a partially working version while you figure out how to make the real version. But on my scale of intense projects that’s like a 1 or 2 out of 10. It doesn’t make it above a 7 until the current month payroll is hanging on the success or failure of the prototype you’re trying to hack together in the reception area of your next meeting. And if you can use that difference in your outlook to find a way to make the rest of the team feel more comfortable, or use your perspective to spot something that simplifies the situation for the rest of the team, you’re also getting a leveraged value from that. Helping not just keep your part of the project on track, but helping the whole team find a way through. I’m sure some of that is just from raw experience now, I’ve been doing this stuff for more than 30 years now. I should be good at it. But the startup side of the experience in particular seems to have cranked up the effectiveness of the methods I’ve ended up being comfortable with.

So for the folks out there who maybe are wrestling with the idea of what comes next. If you’ve been startuping, and you love your techie life, but it sounds like maybe you really need to get into management because it should be “the right thing to do” for someone your age. Please don’t accept that it’s what you need to do. The world still needs good technical people building things. Please don’t stop.

I’m unhappy with the way YouTube weights what shows up on my main page. I’ve subscribed to lots of channels I actually care about. I might not watch every video they put out, but I do care about what they post. If they post a few videos about things I either happen to not care much about, or maybe I already know a ton about so I don’t want to watch more, the algorithm decides I don’t want to watch them any more. They disappear. Instead I get lots of increasingly crappy videos. Shorts that are just movie clips with odd filters applied and garbage quality videos with clickbait titles and great thumbnails. I do like the serendipity of finding something new sometimes. But my main view should really tilt more toward what I’ve already said I want to watch.

It’s pretty easy to make a version that does exactly that with RSS, and as it turns out RSS is still available on YouTube. They even have the headers on most pages that make it easy to find the RSS feed without having to go digging around for it. So if you want to get the channels you care about from YouTube without allowing them to stop delivering the ones they don’t feel like giving to you - RSS is at least an option.

RSS reading options aren’t as numerous as they once were. But there are some good tools out there. Thunderbird has an option to add feeds into your inbox, and I believe Outlook still has something to handle feeds in a similar way. And when I looked at the App Center on my Ubuntu machine there were a few dedicated desktop feed reader apps that might work well. I wanted a project to play with recently, so instead of just picking up an existing one I made a very minimal command line reader called Feeder. It’s a command line tool that tracks feeds in a minimal SQLite database, and it just writes out an HTML page with the posts to read so I can open it in a normal browser. Works perfect for my use. I’m sure it might be too simple for others. But might be a good match for some so I figured I would share it.

One of the best places I found to get an overview is the Messari research report. As of right now (Nov 2025) that report has started to get a bit stale, but it was a great way to understand what some of the high level ideas where. There’s a bunch of pretty marketing heavy copy on the main XMTP site. The use cases and tools described on the project pages didn’t really match up to what I was seeing in the repos and code. And I never was able to figure out how to get Paragraph to send anything via XMTP.

I think this stuff is just the result of the project cycling at a pretty high frequency and working on new things. That did make it necessary to separate hype and froth from actual service though. When I saw the mini apps example showing Base and Farcaster on top of the Paragraph stuff I had run across initially I thought the project was up and running in full. I thought maybe I could get involved in some way, even though I might be late to the party. I’m not sure that’s the case though. I’m pretty sure everything is running on the testnet currently. If there is a mainnet up and going now I think it might just be getting used for some of the demo use cases. There is a mainnet ops epic on the project board, but I didn’t see any info about it in the docs. I figured maybe the mainnet stuff was tucked away behind actually funding an account, but my attempt to check out the funding portal all ran into errors or permission requests. So I assume that’s all very early stage. Which is all fine, it’s an early project.

Like when I had poked around with the Basic Attention Token initially, I just wanted to know if this was something I could just pick up and build with. I don’t think it would be for most of the uses I have in mind currently. Though I could certainly build something with it. I put the agents together to demo a simple notification setup, and it works. In order to be useful as a notification system there has to be a critical mass of people who drive their actions out of the inbox you’re delivering to. I’m not seeing that be the case. That’s mostly because of the target audience and not the technology. I’m currently thinking about some crypto tools for online content creators. Generally content creators want to lean on things that are already mass behaviors, not drive new adoption. I could be wrong there however. I could certainly see delivering a message about new content into the same wallet you use to pay for that content yielding better conversion rates for the content creator. But I assume if that was always the case the XMTP options in Paragraph would be more prominent.

I do love the idea of the project. I like the idea of interoperability by keeping the identity and inbox distinct. And messaging of some sort is a core service, even if we might have to figure out the higher value versions if there is postage in the system. I’ll likely keep poking around. Hopefully I can find a small area where I can contribute a bit while keeping an eye on how it evolves.

The Basic Attention Token is a pretty OG project. I suspect most of the folks who are interested in the project already know the broad strokes of what it was meant to do. But in case you somehow landed on this and you don’t already know about BAT, the super high level overview is that the token was meant to bring to the forefront the value exchange around attention that happens during advertising. Many of us don’t think about it, but when it comes to a lot of the business on the internet, we the users are the “product” that gets sold. It’s our attention (and the potential to divert that attention into commerce) that really drives most of the sites we use and think of as “free”. We normally aren’t aware of the big machine that’s trying to process our attention into dollars for someone else because it’s often intentionally hidden. And even when it isn’t hidden there are often so many stakeholders involved in what’s going on that it can be hard to unwind who is doing what and what data is involved. The Basic Attention Token was meant to simplify and make the value exchange explicit.

That was the high level pitch as it had existed a few years ago. And admittedly I haven’t followed it closely in the time since. I’ve tried to bring myself up to speed over the last month or so, and there might be some things I’ve missed in trying to figure out the current situation. But I’m pretty sure I’ve got the major parts right, at least as far as thinking about the token as a component of a development plan. The TL;DR is that the token itself seems to be in transition as Brave transfers to a different vision of how crypto and blockchain should fit into their overall strategy. If you’re interested in more detail than that I’ll try to lay it out.

The flow of BAT through the system is supposed to mainly be in support of creators. The central diagram on the BAT site shows a flow of BAT from both advertisers and users to creators. And the logo itself is meant to represent the relationship between advertisers, users, and creators in the system they’re trying to create. But it seems like that relationship has broken down under the current system.

In the original whitepaper the compensation paid out to the creators was meant to be an automatic outflow. The browsers would use directly instrumented time on property to figure out how much BAT should be directed to the publisher of a piece of content, and it would happen automatically behind the scenes. This was dropped as an option a while ago. I’m certainly not going to fault them for this no longer being the system in use currently. I could see there being some huge issues with this method of distribution.

In the absence of the automated contribution I did expect there to be a effective alternative. I pictured there being decent tools for supporting creators - maybe some tools for creators to drive the process on their own. In my mind that would be things like setting up ongoing contributions to your favorite creators, maybe tools for token gating some content, options to setup automatic BAT splits between multiple creators working on a collaboration. When I was looking at this part of the market a few years ago that’s the kind of stuff the crypto-forward creators were looking at. But so far I haven’t really seen evidence of activity on the publisher side. I’ve had a really hard time trying to size the outflow of payments to creators at all. There are lots of numbers shared on the BAT site, but amount of BAT paid out to creators isn’t one of the metrics. I would consider that core if the overall plan today is the same as it was originally.

So I just did some legwork. I figured of all the folks likely to have BAT contributions enabled, the blockchain and crypto media should skew higher usage. And since their audience is other crypto enthusiasts I assumed they would get some contributions. Figuring out how much usage there is for direct contribution is admittedly kinda hard. The BAT token was on the Ethereum chain to begin with, but it got bridged over to Solana to keep the costs down. That makes sense. And there are a bunch of custodial systems that were built into the Brave wallet to make it easy to sign up for the system and get users and creators onboarded. But what I was surprised to see was that the existing mechanisms didn’t smooth over the differences. I would often find someone who did have contributions enabled, but when I went to contribute to them I wasn’t able to because they’re on Uphold. That’s just broken. You have a user with BAT in the wallet you told them to setup, and a creator who’s asking for BAT to support their efforts, but it’s not possible to complete the transaction? If that main loop in the system isn’t working consistently it was hard for me to picture that the overall health was great.

The wallet I have setup on Brave is a direct Ethereum account though, so the few times I was able to get someone who was signed up as a Brave Creator and also had the right config on their side I was able to send them some Eth. And of course I could see the account I was sending to for those donations. There had been some other technologies in the mix at one point to keep users anonymous, but in this version at least we’re able to see each other for Eth donations. My system is obviously not scientific at all, but I just wanted to get something of a feel for if publishers were getting paid out at all. And from what I’ve been able to see, no. The few accounts I was able to get a bit of a view into had very low activity. In one case, before my donation the last deposit had been almost three years ago. And that was a pretty decent account with a lot of activity that I would have expected to be a highlight.

But the BAT token itself is doing pretty well in terms of price, so what does it really matter if the publishers aren’t ending up with the token? That happens because the Brave Rewards system has the token as part of the process. So advertisers on Brave need the token to be able to reward users, that puts the token in a pretty decent place compared to lots of others that don’t have any utility at all associated with them. That’s great for the price of the token, but not so much for the health of the ecosystem. For example, one of the big selling points of Brave is that it does a lot of ad blocking and stripping unessential content by default. (It really is a great browser by the way. It’s my daily driver browser and they’re doing great work over there, I just don’t think the BAT token is working). If your browser is stripping out ads that normally makes the content creators somewhat upset, cause they don’t get paid for the views of their content. If you have an alternative way for them to get compensated there’s a great answer to the content creators concerns. But if you’re both blocking ads and not really minding how the new system could be funneling them alternative value, there could be some issues down the line.

And there are some other efforts that seem a bit odd in relation to the core flow. Brave was encouraging a memecoin called Guano that rewarded folks for locking up their BAT. And they’ve made a partnership to allow for registering a .brave domain using your BAT. These things aren’t necessarily bad, but they don’t seem to be in service to the core mechanism the token is supposed to support. The cynical side of me would say they seem like the kind of thing I would do if I needed to increase velocity of the token and provide some utility exits for BAT that was pooling with users. But instead I’ll just say that these alternative ways to use BAT just further starve out the creators. There are a few posts on the community forum from creators who had been making some BAT for a while and have seem a pretty drastic drop-off recently. I wouldn’t be surprised if that drop-off correlated with the Guano launch. Why would users donate if they can earn from their locked up BAT? Especially when actually using the BAT to donate doesn’t even work a lot of the time?

So that’s my long winded version. Brave is open source by the way, the community seems to be pretty accepting. My hope had been that I would find something useful I could do to help out for the project. I know it’s not all on Brave to solve every problem on their own. However, with the core loop of the currency looking like it has stalled, I don’t think it makes sense to try to build with it. It seems like the roll of the token now is shifting to a new model. When I see the things like their domain registration partnership and native IPFS support I think maybe there’s another story starting to emerge around evening out access to infrastructure for folks underserved by existing providers. There’s been mention on the community calls of a revised roadmap coming up, hopefully that clears some of this up. I’ll cycle back around to it when there are some updates.

This is specifically for building a web app that authenticates against Google Sign-In. The web part of the setup is super simple to get working, and there are tons of examples and tutorials. Once I got to the phase of sending the token to a backend service to validate things got a little more rocky. First thing to note is that the key to use when verifying a token is shared across all services. Cause I had mostly been following info in tutorials I didn’t realize that for a while. I was trying to figure out how to use the info from my project admin UI to validate. It was only after running across another example of verifying a Google based token that I realized there was a PEM somewhere that held the verification key.

The info on that page says the Google API Client Libraries are the suggested way to validate a token. But honestly I can’t get the Go version working for this simple case. I thought I was using the libraries properly, cause they seemed simple enough to just validate a token. I even found a Stackoverflow sample that was almost exactly the same as what I had done. But I keep getting an error out of the library that the token is invalid. I actually think there’s some other dependency in that library. The error isn’t that the token I’m providing is invalid, but that the Google API Client assumes I have some kind of identity setup (that Stackoverflow answer says to “provide your Google credentials to your application”). I didn’t really want to figure out what that was all about. And those Google API Client libs are crazy huge in their Go implementation. When I did a go get on them it downloaded almost a gig of objects. So I started trying out some alternatives.

There’s a nice clean JWT library that looks like it’s still in pretty regular use. And it does work very well. It can just be a bit tough to dig up a good RSA based example of validation. There are some convenience functions in jwt-go that make it pretty simple to setup. But there are a bunch of examples around that seem to pre-date some of the convenience functions. So even the good samples can sometimes be a bit intimidating. Plus the tokens that you get back from Google embed a key id that you need to use to lookup the right certificate from their public listing. So I put together a sample using a current version of jwt-go:

This is just a sample mind you, you don’t want to be fetching a chunk of JSON over http in the key lookup function if you’re using this in some middleware. But the ideas are all there I believe: verify that the signing method is the expected algorithm, use the key ID from the token header to find the right verification key, and uses a nice convenience function to parse the PEM from Google very simply into a form usable as the return from the key lookup.

You should be able to just go run it as a standalone, pass in the token you want to verify, and you get back the claims from the token if everything worked. If things don’t work definitely use the tokeninfo endpoint before you dig in too much. That service can really simplify basic things, like pulling out the wrong string from a web response to use as a token. Not that I would every do that, no. But I’ve heard from friends that they’ve had that problem …

Mind blown. For some reason I thought those service containers were tucked away somewhere special and not exposed directly on the runner system. What a fantastic tool to have available.

Today I added a few tools so that it’ll easily build a workable image for the Meaty Skeleton sample with very little setup required. Here’s how to do it from a clean system (with Docker already installed):

I like the way it worked out. At first the Docker image was huge cause I did the tool download, build and cleanup as different steps. Now there’s a big and kinda ugly stage in the Dockerfile to download, build, install, and then clean up all as one big chunk. But the result is a relatively trim container that makes the startup a lot simpler.

So I considered just playing around with any of this low level compiling stuff inside a Linux VM. Not fantastic, but I’m sure it would work well. But then I realized that really all I needed was an isolated toolchain, so that should be something worth setting up in Docker. The more I thought about it the more it sounded like a great idea. A great enough idea that I was sure someone had thought about it and done it already.

Check out the dockcross project for a fantastic example of a cross compile toolchain in a Docker container. They have a bunch of supported target systems and a nice wrapper script that makes it easy to call the toolchain as if it was running locally. I used the dockcross/linux-x86 image to compile the examples from Alex Parker’s blog posts. I’m still running nasm locally, but the compile and link are done using the tools from the docker image. Slightly different command line, but I think that’s just caused by different defaults. I haven’t fully gone through all the options, so I can’t vouch for them being correct for all cases. But they leave you with a running boot sector that loads a routine from C++:

I was excited to see that Richard Burgess has a site up with the source and a PDF of the book. And the site encourages folks to share and contribute, so there’s a copy up on GitHub that’s a bit patched up and includes some binary images. Yay!

I believe it has been just over 20 years since I used MMURTL. So I wanted to just boot the thing up and refresh my memory before I dug in too much. Best place to start I figured was one of the floppy disk images that the grue was nice enough to publish in his repo. I created a new DOS machine in VirtualBox and attached the floppy image, and I did get the MMURTL monitor kinda up. But partially cause I didn’t remember how things worked and partially cause of some quirks in the setup it took a few tries.

If you’re trying to do the same thing and run into issues using the images with VirtualBox there are two gotchas to keep in mind. First off, if you create a machine in VirtualBox and attach a new disk image to it for the hard drive, that hard drive image is completely uninitialized. MMURTL doesn’t handle that well. So at first I was having a problem where MMURTL would start up and scan through devices, but fail while it was setting up the hard drives. A quick scan through the source made it obvious that the setup was failing cause there was no partition table. So I removed the hard disk image. But then the setup was failing cause there was no hard drive. What I ended up doing was attaching the blank hard disk image to a Linux VM I already had configured and using that to partition the drive. Then I reattached it to the MMURTL VM and it finished booting up. Yay!

But when it booted up it just sat there. That wasn’t what I remembered from when I had been experimenting years ago. It wasn’t completely obvious from what was on the screen what was going on. When MMURTL first boots up it’s in a monitor program (described in chapter 11 of the book, starting on page 142) and you need to use one of the function keys to get it to display some info or launch into a CLI. The F1 key launches the CLI, which started up fine for me and dropped me where I expected to end up!

Now that I think about it, I believe I had just configured the default job file for my monitor to launch into a CLI automatically all those years ago. So the behavior from the image posted is probably totally reasonable. Still, in case you’re coming into this fresh I figured this could be a useful tip.

I have no idea what I’ll end up doing with this. I have been doing some 6502 single board hackery. And that did get me a bit fired up again for doing some low level work. Not sure if I’m fired up enough to get myself fully back into proper Linux kernel dev. But maybe hacking around a smaller system like this would be some fun.

While I know it definitely isn’t the only 6510 related project on Github, I have to assume it’s one of a very small number of CBM Basic programs. It’s a 6510 assembler written in Basic. The Commodore 64 was the machine I had when I started to really get into programming. When the thing booted up it had Basic burned into ROM, which was a fantastic way to get things going. But I knew what was really going on underneath was all machine language, and that the real programmers wrote in assembly. The Commodore 64 didn’t come with a built in assembler or machine monitor, like some of the other 8 bit systems at the time did. And we didn’t have a ton of money, so getting one of the commercial assemblers at the time wasn’t really an option. So I figured I would write my own.

I actually spent tons of time manually compiling instructions and poking them into memory back then, which was insanely educational. I forgot how close we were to the hardware all the time back then. And trying to work out how to build an assembler on my own was probably a fantastic set of experience to have built up. I ended up getting my hands on a commercial assembler eventually though, and never really finished up my own version.

Like most programming problems, the issue wasn’t really with the code, it was with the data abstractions. The program was actually functional as it was, it was just kinda buggy, and relatively convoluted cause it was trying to parse the operands to figure out which instruction to use. I wanted to get the program working, but I didn’t want it to take me too long either. So I ended up cheating and used non-standard mnemonics for the instructions to pack info about addressing mode and index registers into the opcode instead. For instance instead of using “cmp ($1a,x)” for indirect indexed addressing I swapped to using “cmpix $1a”. The expressiveness is the same, it just means I can pull in a token at at time without any need to apply logic. The thing really becomes just a lookup table.

So in a grand total of about 45 minutes, including the time to figure out how to use the VICE emulator and load Basic programs into it without having to type it into the emulator, I had a working program that was able to run the example code I had been trying out 29 years ago. I think if 9 year old Miker could see that 45 minutes of hacking and the result he would be pretty impressed.