> For one thing, the threat model assumes customers can build their own tools.
That's not the threat model. The threat model is that they won't have to - at some point which may not be right now. End users want to get their work done, not learn UIs and new products. If they can get their analysis/reports based on excels which are already on SharePoint (or wherever), they'd want just that. You can already see this happening.
Yes. This is also why trying to add an AI agent chat into one's product is a fool's errand - the whole point of having general-purpose conversational AI is to turn the product into just another feature.
It's an ugly truth product owners never wanted to hear, and are now being forced to: nobody wants software products or services. No one really wants another Widgetify of DoodlyD.oo.io or another basic software tool packaged into bespoke UI and trying to make itself a command center of work in their entire domain. All those products and services are just standing between the user and the thing the user actually wants. The promise of AI agents for end-users is that of having a personal secretary, that deals with all the product UI/UX bullshit so the user doesn't have to, ultimately turning these products into tool calls.
I think that's just true in general. Business users at $work are already saying that they would rather just talk to ChatGPT (with voice for some reason I, a keyboard person, doesn't understand) than deal with GUIs. They want to describe what they need and have the computer do it, not click around.
Once you've abstracted away the UI (and the training on how to use it) it will be a lot easier to just swap one SaaS for another.
Yes, except for the fact that any non-trivial saas does non-trivial stuff that an agent will be able to call (as the 'secretary') while the user still has to pay the subscription to use.
Yes, but now it's easier for other SaaS to compete on that, because they don't get to bundle individual features under common webshit UI and restrict users to whatever flows the vendor supports. There will be pressure to provide more focused features, because their combining and UI chrome will be done by, or on the other side of, the AI agent.
Also, having to retrain users to use a new shitty UI after they got used to the previous shitty UI is a major moat of many SaaS services. The user doesn't care about the web portal, they just want to get work done. Switching to a different web portal needs to be a big net positive because users will correctly complain that now they are unproductive for a while because the quirks and bugs of the previous SaaS don't match those of the new SaaS.
In a world where the interface is "you talk to the computer" you will be able to swap providers way more easily.
That's the brilliance of AI - it doesn't matter if the product actually works or not. As long as it looks like it works and flatters the user enough, you get paid.
And if you build an AI interface to your product, you can make it not work in subtly the right ways that direct more money towards you. You can take advertising money to make the AI recommend certain products. You can make it give completely wrong answers to your competitors.
>> This is also why trying to add an AI agent chat into one's product is a fool's errand - the whole point of having general-purpose conversational AI is to turn the product into just another feature
We built an AI-powered chat interface as an alternative to a fully featured search UI for a product database and it has been one of the most popular features of 2025.
Sure, but it would be even better if it was accessible by ChatGPT[0] and not some bespoke chat interface you created - because with ChatGPT, the AI has all the other tools and can actually use yours in intelligent ways as part of doing something for the user.
> No one really wants another Widgetify of DoodlyD.oo.io
I keep hearing this and seeing people buying more Widgetify of DoodlyD.oo.io. I think this is more of a defensive sales tactic and cope for SaaS losing market share.
The president of a company I work with is a youngish guy who has no technical skills, but is resourceful. He wanted updated analytic dashboards, but there’s no dev capacity for that right now. So he decided he was going to try his hand at building his own dashboard using Lovable, which is one of these AI app making outfits. I sent him a copy of the dev database and a few markdown files with explanations regarding certain trickier elements of the data structure and told him to give them to the AI, it will know what they mean. No updates yet, but I have every confidence he’ll figure it out.
Think about all the cycles this will save. The CEO codes his own dashboards. The OP has a point.
I'd argue it's not CEOs job to code his own dashboards...
This sounds like a vibe coding side project. And I'm sorry, but whatever he builds will most likely become tech debt that has to be rewritten at some point.
Or to steel-man it, it could also end up as a prototype that forced the end user to deal with decision points, and can serve as a framework for a much more specific requirements discussion.
At a certain scale the CEO's time is likely better spent dictating the dashboard they want rather than implementing it themselves. But I guess to your point, the future may allow for the dictation to be the creation.
Agree, as engineers we should be making the car easier to operate instead of making everyone a mechanic.
Focus on the simple iteration loop of "why is it so hard to understand things about our product?" maybe you cant fix it all today but climb that hill more instead of make your CEO spend some sleepless nights on a thing that you could probably build in 1/10th the time.
If you want to be a successful startup saas sw eng then engaging with the current and common business cases and being able to predict the standard cache of problems they're going to want solved turns you from "a guy" to "the guy".
And I wonder if they will discover that in order to interpret those numbers in a lot of cases they will need to bring in their direct reports to contextualise them.
If corporate decisions could be made purely from the data recorded then you don't need people to make those decisions. The reason you often do is that a lot of the critical information for decision making is brought in to the meeting out-of-band in people's heads.
I have also seen multiple similar use cases where non-technical users build internal tools and dashboards on top of existing data for our users (I'm building UI Bakery). This approach might feel a bit risky for some developers, but it reduces the number of iterations non-technical users need with developers to achieve what they want.
Honestly, I'm not sure what to expect. There are clearly things he can't do (e.g. to make it work in prod, it needs to be in our environment, etc. etc.) but I wouldn't be at all surprised if he makes great headway. When he first asked me about it, I started typing out all the reasons it was a bad idea - and then I paused and thought, you know, I'm not here to put barriers in his path.
The Excel holy grail. Dashboard are an abstraction, SaaS is an abstraction of an abstraction from the pov of customers suffering from a one size fits all. Shell scripts generated by LLMs that send automated a customized reports via email will make a lot of corporate heros. No need to login, learn and use the SaaS in many instances for decisions makers.
I feel that large corps have guard rails that will limit this from happening. For SMB's, this is not a new problem. Gritty IT guys have been doing this for decades. I inherit these bootstrapped reporting systems all the time. The issue is when that person leaves, it is no longer maintainable. I've yet to come across a customer who has had any sort of usable documentation. The process then repeats itself when I take over, and presumably when I'm finished. With a SaaS product, you are at least paying for some support and visibility of the processes. I'm not really trying to make a point other than this is not a new, but still intriguing problem, and not sure that LLMs will be some god answer, as the organizations have trouble determining what they even need.
Yes, back in the heyday of Visual Basic (mid-1990s) we had one business analyst who learned enough to build dashboard-like apps with charts and graphs and parameters and filters. He was quick at it and because it was outside of IT there was little in the way of process or guardrails to slow him down. Users loved what he did, but when he left there was nobody else who knew anything about it.
I'm building a TypeScript to native code compiler, via the Dotnet CLR toolchain and Native AOT. This lets you use the excellent Dotnet std library - which in addition to being faster is also much safer than the npm ecosystem. There's also a node compat library, which exposes Node APIs but with CLR underneath.
The end result will be a binary (linux and mac for now) which you can run without NodeJS. Simple programs already work, and I have web apps very nearly running.
It's ok now, at least for me. There are still challenges around theming and styling because of styling boundaries (which makes Web Components powerful, but still). A part of it is about tooling, which can be easier to improve.
In a country with dozens government supplied IDs, Aadhaar has been a godsend for the common man. It's one card to open a bank account, buy a SIM card, apply for a loan, enter an airport, or whatever.
I held out for many years due to privacy reasons. In the end, I changed my mind - its just immensely useful to the general public.
You just demonstrated first hand the point made by GP. When the supreme court ordered the Govt to cease making Aadhaar mandatory, they just responded by adding so much friction to daily life without Aadhaar that most people, including privacy conscious folks like you just gave in.
The friction already existed long before supreme court orders. No two departments agreed upon what ID they would need for doing the work. It could be rationcard, PAN, passport, driving license etc. Some organizations asked for more than one ID just in case. India just has too many IDs and it is asked for too many use cases.
Aadhar made it easier than before. It is really a quality of life improvement.
The main issue is government requiring IDs even when it is not usually needed in other countries. Mostly in the name of security. This is the root cause. Aadhar is just the symptom.
However Aadhar does enable deeper breaches into privacy due to its unified nature and the way it is validated through government owned infrastructure. There is full tracking possible on all the services that the residents used.
If Aadhar was a self sovereign ID, then having a single ID is definitely a good thing. It keeps privacy intact while usable where needed.
My point wasn't that no id was required before Aadhaar. It's that any id from a range of acceptable ids like passports, ration card, drivers license worked.
Post Aadhaar, even though all of those IDs are still legal and acceptable under law, the govt has added so much friction on the non Aadhaar path that in practice those IDs are unusable.
> It's that any id from a range of acceptable ids like passports, ration card, drivers license worked.
In reality different IDs were accepted at different departments and there was no consensus. It was really a pain. If someone took ration card as valid, others wanted another ID. In some states it was even worse.
It is true that the government has indirectly made Aadhar mandatory, contrary to the spirit of supreme court order.
I may have yielded, but that happened with the acknowledgement that it's not entirely a bad thing. Other IDs have varying levels of validity and authenticity; today I am of the opinion that countries like India shouldn't waste money and time on these. In fact, I'd say ditch the PAN card as well.
If Aadhaar makes it easier for people living near poverty to get say bank accounts, it'd trump the reservations I have. That's what made UPI possible - just about everyone today has UPI, even people begging for money sometimes have a QR code handy (at least here in Bangalore).
> today I am of the opinion that countries like India shouldn't waste money and time on these.
I agree that there are undeniable benefits from Aadhar. However, the issue is that the narrative from the govt has been that it's an either or situation. Either you have the convenience of Aadhaar, or you have privacy. This is unequivocally false. The solution isn't even technical. There are two simple, easily doable fixes which will deliver most of the benefits without significantly eroding privacy.
1. Ensure that legally valid ids other than Aadhaar are not treated as second class by any govt department. If a non Aadhaar id is refused, the reason must be given in writing. The problem is govt babus like the ease of Aadhaar and hence refuse to do the tiny bit of extra work needed on the non Aadhaar path.
2. Amend the Aadhaar act to ban the use of Aadhaar for anything except identity verification. If any personal data linked to Aadhaar is saved by a platform, then they are liable for leak of the data in the event of a breach.
Just doing these will enable the use of Aadhaar for it's original intent which was verifiable identity. The privacy degradation comes from using Aadhaar as a primary key for arbitrary storage of personal data, not from the existence of Aadhaar itself.
These are neither simple, nor easily doable. But the bigger problem is cost (time and money).
My point was that India should switch to a single card/id for everything, and get rid of everything else including the PAN card. Eventually make Aadhaar digital, and chip based so that it can hold your DL as well. It is it bad for privacy, Yes. But what a country should spend on protecting or preserving privacy is a function of where it is on the socioeconomic ladder. If a single ID helps 80% of Indians (a billion people) navigate the labyrinth of our bureaucracy, I'm ok with it, _today_.
Besides, simpler rules go a long way in reducing the power of govt departments (which we can agree on). It reduces cognitive overload for citizens, as well as for govt workers. Factor in where the rest of India stands in terms of education etc, the value of simple rules cannot be overstated.
As someone who values privacy, there are still ways to do it. You just have to invest a lot more energy and time into it though.
What you are proposing is too sweeping, it is not just privacy that suffers. Making a single ID (whose attributes can't be changed) an entire identity of a person is a very risky one. This makes it a single point of failure and in cases like an ID theft, misuse the affected person suffers gravely, and onus will be on them to prove who they are, a Kafkaesque nightmare it would be.
There are several countries which use a single ID for all government interfacing. For that matter, Aadhaar is almost there already. I am not suggesting that private companies should use it, or should be allowed to use it. But a single ID will limit babudom arbitrariness a bit.
> whose attributes can't be changed
Many IDs (outside India) have similar issues, options to change attributes, and various redressal mechanisms.
I don't know of how digital IDs are used etc. in other countries and how ubiquitous there usage is. (One ID I'm aware of is social security numbers (SSN) is U.S, but that is considered as PII data and usually companies take steps to protect/mask them). But citing that this is how it is done elsewhere is just an appeal to tradition/common practice and not necessarily addresses the points I had made.
Hmm, could you previously open a bank account, buy a SIM card, apply for a loan, or enter an airport without any of those cards? If so, I think it's plausible that the government responded by adding friction to daily life in a way that promoted Aadhaar. If not, they didn't.
My point wasn't that no id was required before Aadhaar. It's that any id from a range of acceptable ids like passports, ration card, drivers license worked.
Post Aadhaar, even though all of those IDs are still legal and acceptable under law, the govt has added so much friction on the non Aadhaar path that in practice those IDs are unusable.
India supreme court is bonkers and often known for its BS judgements devoid of logic and law.
Aadhar is "identity", it is not a "card" of any kind though Indians have inherent love for collecting various cards for fun. I have my driving license, PAN, aapar, kisan and state government health insurance cards, labor department id card. I have few more in some drawer.
Once a person gets aadhar, it acts pretty much same as OAuth. You go to a hotel to get a room, Hotel by law is required to verify that your name and face match. You give your aadhar card to them which they scan on their computer and verify that your name matches your face. Because they are a hotel they have right to only verify that.
This is much more privacy preserving than what supreme court did. Because of Supreme Court, hotels no long bother to implement this and instead demand your passport and other identification, scan it and leave it in their system forever. They also are known to sell this data to other from time to time.
The technical idea behind was aadhar was similar to UPI. Government runs the core infra with basic APIs but private companies build apps on top of it. For example, say GPay builds aadhar interface where when you walk into a hotel to reserve a room, Gpay automatically generates a new aadhar number with permissions only to show your name, photo and age. Hotel system verifies that and stores a receipt. If in future government is investigating who stayed in which room, law enforcement can convert these receipts to identification.
This was a better model which would have unlocked a lot of potential. The government failed to argue the case correctly and supreme court acted more like an activist court.
I do think both Government and Supreme Court failed to show the correct user journey here.
I’d love to see a citation for a Hotel being legally allowed access to the Aadhaar KUA system, even before the Supreme Court judgement. No hotel in India does this, because Aadhaar as implemented is a “honor based system” for the majority of usecases where a photocopy of a Aadhaar (with or without QR) is assumed to be valid.
In comparison, a Voter ID and PAN are both hologram protected and forgeries are easily detected.
W3C verifiable credentials do not require a singular identity source, they work perfectly fine with multiple issuers.
Not op,I agree that hotels doesn't do any face matching.
However for getting a new mobile connection the flow is similar to what op has mentioned. It seems one can get a mobile connection by not opting for face recognition, but the process is cumbersome. Similarly for property registrations fingerprints (atleast in some of the states) of the concerned parties is matched against the ones that are associated with their Aadhar.
Yes, because Telcos are designated as AUAs, and expected to do a full KYC under DoT regulations. Hotels are not.
I have two SIMs, and I surprisingly got the newer of them in 20 minutes at a remote village in India without an Aadhaar. Telcos do a Liveness check with their phone instead these days.
> and instead demand your passport and other identification, scan it and leave it in their system forever. They also are known to sell this data to other from time to time.
Isn't this the problem vs the Supreme court judgement? Why does the hotel need to save this data forever?
A simple fix will be to make companies liable for leaks of personal data. That alone will incentivize then to delete personal data as fast as humanly possible.
Congratulations! Your data is already sold out for Rs. 40 in black market! Also, why do you need aadhar to enter airport?
Now, the morons in charge are making it mandatory to book a gas cylinder as well. It’s like once a blind suddenly starts seeing, he wants to capture everything.
Indians have this crazy love for idiotic paperwork and nitpicking around paperwork, coupled with mostly low IQ and less educated clerks everywhere it becomes worse. I once submited my PAN and Passport to the bank who refused it claiming the spellings of both names do not match as my middle name was shortened on PAN card. I showed them that my photo is present on both and both cards belong to the same person. But nopes.
A friend then showed me that he downloaded aadhar PSD online, put a random invalid number, his photo and a non-existent address on the bank and used it everywhere where people were asking for aadhar without any need. Building and Airport security, Hotel reservation staff, Bus tickets and so on and used real aadhar only for banking and sim cards. He said this simplifies life a lot.
This is the ultimate facade of Digital Identity that UIDAI lets happen while sitting idly by. They put a circular against “Aadhaar photocopies not being valid” only to rescind it the next day because everyone made fun of them.
The truth, as you point out, is that Aadhaar in reality is a an “honour based system”, where UIDAI pretends everything is valid and authenticated as long as it gets used everywhere.
In India you have to cheat just to get things done at all due to how nonsensically strict things are, which leads to increased scrutiny due to cheating, which leads to more need for non-cheaters to cheat just to get things done, which leads to increased scrutiny due to cheating…
As for the low IQ thing no one wants to acknowledge it but check the charts and see that it’s true. Centuries of caste based inbreeding and colonial clerk education will do that to a population. The added toxins in the turmeric will finish the job.
An early version of Claude Code did a hard reset on one of my projects and force pushed it to GitHub. The pushed code was completely useless, and I lost two days of work.
It is definitely smarter now, but make sure you set up branch protection rules even for your simple non-serious projects.
I don’t let Claude touch git at all, unless I need it to specifically review the log - which is rare. I commit manually often (and fix up the history later) - this allows me to go reasonably fast without worrying too much about destructive tool use.
To me that was Windows 2000. One day in 1999, I was at the local bookstore going over computer magazines and one of them came with CD to preview Windows 2000. I was mostly a Windows 98/RedHat user at that point, so I decided to try it out.
It almost instantly won me over with the leap in stability due to the NT kernel, but the craziest thing was this feature called "Hibernate". This was the time when booting was painfully slow, and here was a feature that not just booted rapidly, but dropped me into the previous session with all apps open! It was pure magic. I switched over to Linux exclusively a few years after that, but this was the feature that prolonged that decision for a long time. I don't think Linux ever got a useable hibernate, but the feature became not as necessary due to the advent of SSDs.
There's a JS to Rust transpiler? How? If this is true, this is the most impressive part. The web server/framework almost irrelevant.
The AI generated documentation is very confusing.
reply