hacker news with inline top comments    .. more ..    12 Aug 2017 Best
home   ask   best   3 months ago   
Ad blocking is under attack adguard.com
981 points by tiagobraw  13 hours ago   515 comments top 10
anilgulecha 12 hours ago 12 replies      
It was admiral that did this:https://blog.getadmiral.com/dmca-easylist-adblock-copyright-...

They even clearly state they used the only tool available to them, DCMA. From all the current summaries on this, DMCA does not apply to a line entry in easylist. A domain can be trademarked.

This should be added back in. And if github cannot standup to DMCA abuse, then well, easylist and all other developers should be giving a clear hard though to their continued use of the github platform.

Edit: it looks like EFF has gotten in touch with easylist. Good. https://torrentfreak.com/dmca-used-to-remove-ad-server-url-f...

feelin_googley 10 hours ago 1 reply      
A quick Google search reveals the following.

"Admiral identifies audiences with ad blockers turned on, works to re-establish those users (by opting in to a lightened ad experience, say, or asking to be whitelisted) and then makes a small cut of every ad served to the reacquired audience."

Source: https://adexchanger.com/publishers/another-ad-blocking-solut...

tl;dr Admiral is a startup that measures an audience's "ad block rate". If the rate is high, they then work to "establish explicit value propositions with users and then serve them with minimal tags and tracking". It also mentions plans to try to process micropayments.

"Admiral is built for a world where ad blockers have won."

Source: Id.

tl;drUnless the founder has changed course from what is described in the 2016 article, as far as I can tell, this startup relies on widespread usage of adblockers. If users do not use adblockers, then this startup has nothing to sell.

VC: "What happens if the ad blockers block the servers that serve the ad blocker tracking image?"

Founder: "I'll send them DMCA notices."

VC: "Excellent. I'm in."


MentallyRetired 10 hours ago 2 replies      
From Admiral's responding blogpost:

> 5. We asked them 24 days ago to remove functionalclam[.]com on the original commit.

> Transparent engagement between publishers and visitors is a critical piece of that.

Umm, no? Admiral created an account that they hoped would be mistaken as an official github bot or something. And then, instead of asking, they threatened disruption of the repository.

So, in summary, they:

* Tried to hide their identity* Tried to trick people into thinking they were Github* Threatened, not asked, to remove the site from the list

Look, I'm okay with them wanting to remove a server that helps inform users that they'd like to show ads on their customers sites. At the very least, though, be honest about it.

Also, bless the EFF, man. Heading over there to donate right now.

nilved 13 hours ago 3 replies      
The DMCA only applies to the US. Fork the repo and move on. It's time to forget about American hosting.
TheKarateKid 10 hours ago 1 reply      
I hate to say it, but the ad-blocking community is handling this problem the same way governments often handle things: Reactionary instead of pro-active.

The real source of the problem with ads, is that almost every ad network allows ads to be self posted with little to no filter. This opens us all up to the abuse from ads we've been experiencing for over a decade now.

Could you imagine what would happen if you were allowed to self-post an ad on television without the network manually approving each one?

It's time to hold ad networks responsible for their own content. If a virus spreads because of their ads, THEY should be sued, just like MTV and others were when they violated FCC decency rules during the Super Bowl.

nkkollaw 12 hours ago 4 replies      
I didn't get what the hell happened.

So, Admiralan anti-adblocker companycontacted EasyList and told them to remove a domain from their list. This domain was a server they needed for their anti-adblocker platform to work.

EasyList told Admiral that they would only do it if GitHub agreed, so Admiral contacted GitHub and the domain was removed from the EasyList list after GitHub told EasyList they should comply.

The "attack" is that any company can tell lists to remove their website via using a DMCA violation, so lists become useless.

I have two questions:

1. how would a domain name on a list violate copyright

2. why aren't lists hosted anywhere else but the US so that they can't be controlled by DMCA requests.

bogomipz 10 hours ago 2 replies      
From a recent WSJ article about anti-ad blocking companies:

We really think the free internet is at risk because of ad-blocking, so these types of solutions are needed to turn the tide, said Dan Rua, CEO of ad-blocking revenue recovery company Admiral, which recently raised $2.5 million to help build its platform."[1]

It's amazing how selective the CEO's concern for the "free internet" is. Threatening community github repos with DCMA takedowns is OK though?

[1] https://www.wsj.com/articles/the-rise-of-the-anti-ad-blocker...

cft 12 hours ago 1 reply      
It's amazing that they are so uneducated about DMCA. This is called defective DMCA notice, and it should be ignored. The sender of the notice can now file a suit, since the publisher of the list is no longer under safe harbor. But they won't, since they know it is defective. And if they did, it would be thrown out with a summary judgment.
politician 8 hours ago 2 replies      
Admiral's product is so poorly designed that it requires cooperation from the browser to work? That violates rule #1 of client/server programming: never trust the client. Instead, they have to abuse the DMCA to cover for their uninformed engineering choices.

This is despicable.

"Here hold this copyrighted content in memory for me, but don't make any other copies of it because, uh, you don't have the license to make copies of it. Except for, uh, the one that we sent you? To hold in memory? Look, computers are magic.

Nevermind. DMCA!"

richardknop 13 hours ago 12 replies      
There has been a growing trend of websites that will ask me to either:

a) whitelist their site in my adblocker b) or subscribe to their monthly subscription and keep reading their site with adblocker

Disney acquires own streaming facilities, will pull Netflix content thewaltdisneycompany.com
724 points by anigbrowl  3 days ago   758 comments top 2
geff82 3 days ago 24 replies      
Maybe when I am 60, 70 or 80 the film industry will get their shi* together and finally agree on a solution that has long been found in the music business.

For a truly complete platform, I would FOR SURE pay more than the 10$ a month for Netflix. 20, maybe 30! But then I want it ALL. All films they have in storage.

I mean, it is 2017 and there are a lot of films I can't find on Netflix, Amazon Prime or, when I am in spending mood, on Apple TV. Why? I mean how silly would you want to be as studios? There is no big DVD business anymore, BlueRay never totally took off. People have a net connection and multiple streaming devices at home, thats it. Thats the big asset they could build on! Instead they let their libraries die the death of the unseen film.

Still, many keep shuffeling around harddrives with terabytes of pirated films. And why shouldn't they, as long as there is no substantial offer?

So I decided for me (and the cloud guy I am), that with my 3 services I have, I am ok. If a film is not there, I don't care. I surely won't order a DVD of some old film somewhere and I surely will not subscribe to another service. If Disneys pulls their films from Netflix: thanks Netflix for their growing self produced content that often has a quality not seen before.

Anatidae 3 days ago 46 replies      
If every studio thinks I'm going to pay them $10+ a month to stream their content, they are going to be very mistaken.

I can't imagine that a lot of people want to spend the collective hundreds of dollars to sign up for all the streaming services. It's almost asking to drive people to torrents.

Now, if Disney does something like $30/year or something really affordable - sure. I might do that on a whim. I guess it's all about volume vs. price.

Netflix, however, I'll keep paying for gladly because of the library size. For the streaming price, it is well worth the value.

Four Earth-sized planets detected orbiting the nearest sun-like star ucsc.edu
624 points by mrfusion  1 day ago   287 comments top 9
ExactoKnight 1 day ago 24 replies      
I am flabbergasted that as a society we aren't rushing to build a 100 metre wide telescope mirror large enough for us to directly image the spectra of the potentially habitable exoplanets around us.

A telescope this large could tell us whether any of these potentially habitable planets contain oxygen, and thus, biological processes.

Yet thanks to funding cuts in science the biggest telescope we have in the pipeline right now is one with a 30 metre mirror. This telescope won't be big enough, and as a result, our failure to push now for bigger sizes is almost certainly going to push back for decades humanity's ability to answer one of the most important questions we face:

Why are we here, and are we alone.

semaphoreP 1 day ago 1 reply      
This title is a bit imprecise. They detected four planets with lower bound on their masses to be down to 1.7 Earth masses. Because these planets don't transit, there are no direct measurements from their radius. They can use mass-radius relations to infer the radius of these planets, but the key finding is their masses (actually lower bounds on their masses).
kilroy123 1 day ago 2 replies      
I really really want project Starshot to become a reality. I think this is our best bet for scoping out these near by star systems. At least within our lifetime.

If we could hit 50% speed of light we could do a fly-by mission in ~25 years. Then another 12 years waiting for the data. Honestly, ~37-40 years isn't bad for an interstellar mission. Remember the Voyager programhas been going on for that long! So we already have experience with long space missions.


baron816 1 day ago 16 replies      
Ok, let's assume we find a warm, watery planet like Earth's within ~20 light years, and we figure out a way to travel >= 50% the speed of light, making it somewhat reasonable to get there. If the planet's gravity is greater than 10% different from Earth's, or its Day/Night cycle is much different from Earth's, wouldn't it still be a nightmare to live on.

Anatomically modern humans have lived on Earth for 200,000 years, and the creatures we descended from have lived on Earth for 541 million years. Stuff as dumb as the moon cycles affect us. How are we going to live somewhere that isn't exactly Earth?

deanCommie 1 day ago 4 replies      
Key line to mitigate disappointment:

"The outer two planets around tau Ceti are likely to be candidate habitable worlds, although a massive debris disc around the star probably reduces their habitability due to intensive bombardment by asteroids and comets."

deepGem 1 day ago 0 replies      
Unlike more common smaller stars, such as the red dwarf stars Proxima Centauri and Trappist-1, they are not so faint that planets would be tidally locked, showing the same side to the star at all times.

In such planets, the most habitable zone is around an equator like region where the light and dark regions kind of merge to produce a reddish sunset like hue all through the day. I think one of the planets that Kepler discovered is like that. Life would evolve to absorb these light wavelengths. So for instance plants would all look black. Nova has a great episode on these exoplanets. https://www.youtube.com/watch?v=5HZsFMqqGJo&t=793s

u801e 23 hours ago 0 replies      
I wonder if an observer 12 light-years away with similar technology to us would be able to tell the difference between Venus and Earth in terms of whether they are potentially habitable.
chrismealy 1 day ago 3 replies      
The fastest spacecraft ever built would take 4000 years to travel one light year.
frgtpsswrdlame 1 day ago 4 replies      
Is there any benefit to the planets being earth-sized? I would think the important part is that they're in the habitable zone.
The Internet Archive has digitized 25,000 78rpm Gramophone records archive.org
690 points by yurisagalov  3 days ago   97 comments top 33
indescions_2017 3 days ago 5 replies      
House of the Rising Sun. As interpreted by Josh White, advisor and confidant to F.D.R. Priceless ;)


I find myself on Internet Archive a lot during these dog days of summer. Delving into classic texts like Edgar Rice Burroughs A Princess of Mars or Aldous Huxley's The Perennial Philosophy. Discovering a forgotten H. P. Lovecraft story in the Weird Tales archive. Mining old time radio shows like Suspense for story inspiration. And using the Internet Arcade for screen grabs that can be used in retro-style game texture art. It makes me think I should do a better job of preserving my own output. You never know what future generations may find useful!

komali2 3 days ago 2 replies      
Fun to read some of these reviews, apparentl from random internet folk, like on jungle boogie - https://archive.org/details/78_jungle-boogie_the-bobby-true-...

Some guy just wanted to tell everyone some neat little facts about this thing he apparently knows a lot about. I find it fascinated how much people care to know about things like this.

EDIT: whoever this "arc-alison" character is, they're prolific - I'm finding their informational reviews all over this archive.

guyfawkes303 3 days ago 10 replies      
The records I clicked on have this notice

Digitized from a shellac record, at 78 revolutions per minute. Four stylii were used to transfer this record. They are 3.8mm truncated conical, 2.3mm truncated conical, 2.8mm truncated conical, 3.3mm truncated conical. These were recorded flat and then also equalized with NAB.

The preferred version suggested by an audio engineer at George Blood, L.P. is the equalized version recorded with the 2.3mm truncated conical stylus, and has been copied to have the more friendly filename.

I'm trying to guess but can't imagine what the reasoning for this is. I've tried A/B/C/D testing a few tracks on some crappy speakers and can't discern any difference.

While it's certainly admirable to try and digitize it as thoroughly as possible, I just can't see how a difference of 0.5mm in the stylus width is worth increasing your work load 4x times over (having to record each record 4 times rather than just once).

ShirsenduK 3 days ago 1 reply      
jonah-archive 3 days ago 0 replies      
Lots more info here for the curious: http://great78.archive.org

You can see a picture of one of the four-armed turntables here: http://great78.archive.org/preservation/

beaugunderson 2 days ago 0 replies      
They had me make a Twitter bot that's tweeting out all of the 78s (with preview audio) as well:


sushisource 3 days ago 0 replies      
More sample fodder for the EDM artists and rappers. Always a good thing.
jrowley 3 days ago 3 replies      
I have no experience with this stuff, but I wonder if they could use a laser record player to capture the record, and then replay it with different simulated stylus sizes. Not exactly kosher probably, but could be an interesting experiment. Plus scanning time could be greatly reduced I imagine.
mortalkastor 2 days ago 1 reply      
The "Bibliothque nationale de France" (national library of France) did the same kind of thing with hundreds of thousands vinyl records from their archive, including international ones published in France: http://www.bnfcollectionsonore.fr/
e12e 3 days ago 0 replies      
Certainly a bit of everything on there... :)


pier25 3 days ago 1 reply      
Any sound restoration software would greatly improve these recordings.

For example this one from 1902: https://archive.org/details/78_medley-of-emmetts-yodles_yodl...

I'm sure Izotope would give the RX license for free in exchange for a blog post (or any other audio software company).

daveheq 2 days ago 0 replies      
Imagine after World War 3, the aliens sift through the remnants of humanity, find this archive of digitized 78rpm records, and turn into mustachioed corduroy-wearing hipsters.
0xcb0 2 days ago 0 replies      
This is just great! Listening to these songs instantly sets me back to a relaxed inner state. Together with that sizzling noise of the gramophone record in the background, so calm and chilled.

I currently listen to "A Duke Ellington Panorama", just nice!

Thanks for that and keep up the awesome work!

matt_wulfeck 3 days ago 3 replies      
How would one go about removing the pops and clicks from recorded audio programmatically?

I really like some of the audio here but it needs some post processing. The only thing I can find to do it is audacity and it doesn't look very friendly to scripting.

menacingly 3 days ago 1 reply      
Very cool that they offer 24bit flac downloads. I'm sure this sentiment is shared here, but I am always impressed by the efforts of this organization
Nav_Panel 3 days ago 3 replies      
Some very very good stuff in here. I've gotten pretty into 20s thru 50s music over the past couple of years. I usually buy compilations on LP, though, so it's a treat to find these straight off the 78s. A big portion of the stuff never even makes it to digital.

Just at a glance, I'm seeing The Light Crust Doughboys[1], basically a string band supergroup. Multiple members would go on to found famous western swing bands (Bob Wills, Milton Brown). Very proto-rock-and-roll -- listen to that electric guitar -- Elvis would cover some Western Swing numbers[2] in his early days[3].

Also seeing some older stuff, including a few recordings by the (arguable) best banjo player of all time, Vess L. Ossman[4] (from 1907). Pretty cool to listen to these march numbers and then hear them evolve into jazz/ragtime only a couple years later[5] (this is a recording by Fred Van Eps, the second best banjo player of all time, from 1914).

EDITS: seeing some other personal favorites:

Hank Penny, a favorite western swing singer of mine[6]. He usually does it hot/upbeat/fun.

Blind Blake, a guitarist who could play the fretboard like a ragtime piano[7]!

Oh, and here's the WWII-era Bob Wills I was waiting for[8]. Got that classic Leon McAuliffe pedal steel playing. No Tommy Duncan vocals, unfortunately.

Neat! An old solo Art Tatum[9]! Widely considered the best pianist of all time... And another, a whole album[10]!

Really classic early electric guitar playing on a jump blues number by T-Bone Walker[11]. I actually believe he's one of the first to use the electric guitar in blues.

Great steel guitar playing on this Gene Autry cowboy number[12].

Looks like there's a lot of Django for all you gypsy jazz fans[13]. Never heard this take on Avalon before, I dig it.

Lot more to dig through and lot of obscure stuff I'd like to give a shot, but I'm out of time for now...

1: https://archive.org/details/78_pretty-little-dear_light-crus...

2: https://www.youtube.com/watch?v=4wGCTFWhoqQ

3: https://www.youtube.com/watch?v=8bSVEA0ZAVw

4: https://archive.org/details/78_policy-king-march_vess-l.-oss...

5: https://archive.org/details/78_notoriety-rag_van-eps-trio-ka...

6: https://archive.org/details/78_get-yourself-a-red-head_hank-...

7: https://archive.org/details/78_tampa-bound_blind-blake_gbia0...

8: https://archive.org/details/78_texas-playboy-rag_wills-bob-w...

9: https://archive.org/details/78_deep-purple_art-tatum-mitchel...

10: https://archive.org/details/78_art-tatum_art-tatum-james-swi...

11: https://archive.org/details/78_t-bone-blues_les-hite-and-his...

12: https://archive.org/details/78_silver-haired-daddy-of-mine_g...

13: https://archive.org/details/78_the-quintet-of-the-hot-club-o...

Finnucane 3 days ago 1 reply      
Too bad it doesn't seem to be easily searched by label--from a historical perspective, it would be cool to be able to search for say, Paramount or Gennet or Okeh.
tamersalama 3 days ago 0 replies      
Looks like there are some recordings by Sergei Rachmaninoff himself [1]

[1] https://archive.org/details/georgeblood?sort=&and[]=subject%...

hmhrex 3 days ago 2 replies      
Just curious, what's the copyright on this kind of material?
sdsk8 3 days ago 0 replies      
I don't know about everybody here, but i am listening to so much new things to me on this archive that i'll definitely donate to the archive team today, congratulations for this fantastic job!
fortyfivan 3 days ago 0 replies      
Wow, this is great! I've been a serious record collector for 20 years, but never got into 78s.

My eventual life goal is to do something similar with my Brazilian record collection... have the skeleton of such catalog at: https://www.novedos.com/collection.

vinchuco 2 days ago 0 replies      
Is there a way to stream these indefinitely on shuffle without having to pick each one manually?
orbitingpluto 2 days ago 0 replies      
This is the crowning gem from the Internet Archive (from the 78 RPMs and Cylinder Recordings collection).

Cab Calloway, The Man from Harlem


S_A_P 3 days ago 0 replies      
So the obvious win here besides archiving art is that this is out of copyright sample fodder*

*IANAL and this may not be the case for all the material but I'm sure that there is mountains of inspiration to be mined.

barking 2 days ago 0 replies      
What did they smell of?It was really unusual.Tesco, briefly, had an own brand hand soap liquid in the 1990s with exactly the same smell.
kmeade 3 days ago 1 reply      
I'm curious about something and I can't find the answer on the web site -- Why were these recordings played and digitized in stereo when the records were mono?
amelius 2 days ago 0 replies      
Is it possible to search based on genre or geographic origin?
neelkadia 2 days ago 0 replies      
New stuff for Machine Learning. GAN. Magenta.
cJ0th 3 days ago 0 replies      
thanks for the heads up. this is just amazing!
anjc 2 days ago 0 replies      
I am become The Avalanches, mixer of old songs

Very cool

uBlock Origin Maintainer on Chrome vs. Firefox WebExtensions discourse.mozilla.org
760 points by nachtigall  2 days ago   318 comments top 12
bad_user 1 day ago 8 replies      
After being a Chrome user for several years, I've switched back to Firefox for the past two years or so and I'm really, really happy with it.

Latest version does multi-processing, e10s is finally here (though it might still get disabled by usage of certain add-ons, I remember I had to force it to stay enabled).

On performance, in the past it felt sluggish, but now Firefox is fast and for my usage patterns it uses less memory than Chrome.

And one thing I really love is the Awesome Bar, which is a pain point every single time I open Chrome. I have a lot of websites I need to return to and in Chrome I end up searching on Google far more than I should. I guess that's the biggest difference between Firefox and Chrome, as Mozilla does not feel obligated to shareholders to extract ads clicks from you (although I hope that whatever they do keeps them afloat).

Also, tab management. I installed "Tab Center" from the Test Pilot and it's awesome. The experiment is now over unfortunately and the code itself for Tab Center isn't compatible with WebExtensions, but there's work going on to port it and that highlights that Firefox's WebExtensions will be more flexible than Chrome, if they aren't already.

But in the end I actually care more about trusting my browser and its maker to protect my interests. I actually trust Google more than I trust other companies, but something feels very wrong for a company to have so much leverage on me. Which is why, as long as I have a choice, I'll always prefer Firefox over Chrome, or Safari, or Edge.

AdmiralAsshat 2 days ago 2 replies      
> It baffles me that some people thinks Firefox is becoming a Chrome clone, its just not the case, its just plain silly to make such statement.

That's probably the single most reassuring statement about Firefox that I've heard in some time, coming from a serious dev who makes a popular cross-platform addon for both Firefox and Chrome.

yborg 2 days ago 9 replies      
I found this disturbing:

"Chromium-based browsers are being infested by Instart Logic tech which works around blockers and worst, around browser privacy settings (they may start infecting Firefox eventually, but that is not happening now)."

From his linked post:

"Instart Logic will detect when the developer console opens, and cleanup everything then to hide what it does"

Is this implemented via a CDN-delivered script? Why would Chromium-based browsers be more susceptible?

nachtigall 1 day ago 1 reply      
To add to the list:

* You can run the uBlock Origin on Firefox for Android: https://addons.mozilla.org/EN-US/android/addon/ublock-origin...

Afaik there's no ad-blocking extension for Chrome for Android which I find pretty telling. I'm using Firefox on Android and the ad-blocking (less traffic, less blink-blink animations and less CPU consumption) make mobile browsing a night-day difference

penpapersw 2 days ago 2 replies      
Huh. These actually sound like good arguments to switch to Firefox, arguments I've never heard before until now.
Hasknewbie 2 days ago 2 replies      
Slightly OT: is that what a 'Discourse' page looks like? It's pretty awful: it will automatically update the URL as you scroll past each post in any direction, while breaking the Back button, so good luck getting back to the original post, since neither clicking on Back nor reloading the page will get you there. Basic UX failure.
wyc 2 days ago 3 replies      
Keep in mind that it's not within Google's incentives to facilitate ad-blocking and prevention of tracking. After all, that's where the lion's share of their revenue comes from. However, Mozilla is free to actively support such efforts.
albertgoeswoof 2 days ago 5 replies      
Firefox is coming back, finally- I think their market share is at the bottom and we'll see a big uptake over the next couple of years.
kasabali 2 days ago 1 reply      
uBlock Origin on Firefox would be more powerful than uBlock Origin on Chrome, but does it mean that uBlock Origin webextension on Firefox will be as powerful as uBlock Origin "legacy" Firefox extension ?

This is a post of gorhill from the last months Firefox - Google Analytics fiasco:

> Legacy uBlock Origin can block the network request to GA.

> However webext-hybrid uBO as per Network pane in dev tools does not block it. Same for pure webext Ghostery, the network request to GA was not blocked, again as per Network pane in dev tools.

> What is concerning is that both uBO webext-hybrid and Ghostery report the network request to GA as being blocked, while it is really not as per Network pane in dev tools. It's as if the order to block/redirect the network request was silently ignored by the webRequest API, and this causes webext-based blockers to incorrectly and misleadingly report to users what is really happening internally, GA was not really blocked on about:addons, but there is no way for the webext blockers to know this and report properly to users.


jancsika 1 day ago 0 replies      
Couldn't the devtools listener shenanigans be solved merely by putting a "pause" button in the browser chrome (possibly through an extension)? Browsers are already throttling CPU usage when the tab isn't visible, so it doesn't seem like it would be too difficult to just throttle to 0 with a toggle.

Even better-- have the pause button in devtools window, "pause" by default when you open devtools, and then unpause once something gets mutated/re-layout'd.

I guess you'd still need to protect the devtools shortcut key so that any DOM shenanigans are guaranteed to get invoked after the devtools listener. But browsers already have all kinds of crazy edge-cases in the name of security (e.g., no manual triggering of <select> menu). Keeping polymorphic worms from corrupting the devtools state seems rather important by comparison.

mnarayan01 2 days ago 0 replies      
> It baffles me that some people thinks Firefox is becoming a Chrome clone, its just not the case, its just plain silly to make such statement.

If you use a much narrower definition of "clone" than is typically used in this context, then sure. If, however, you use "clone" a bit more flexibly, and note the word "becoming", then it's a different story. That's not to say that Firefox won't be better than Chrome, and it's certainly not to say that it won't have any advantages over Chrome, but it is giving up some of its major current advantages.

NormenKD 2 days ago 4 replies      
I am considering going back to FF, but it seems FIDO U2F still isn't done completely and the U2F Extension for FF is not working anymore since the WebExtension switch.

Please correct me if missed something, but i think i have to hold off for a little bit longer.

Salesforce fires red team staffers who gave Defcon talk zdnet.com
692 points by stevekillian  2 days ago   284 comments top 11
defcontalks 2 days ago 6 replies      
I was one of the people that was there when it happened. My coworkers and I were asking one of them questions after the talk. The goons were kicking us out of the rooms because it was the last talk of the day and they wanted People to leave. We were talking in the hallway and asking him questions when we ran into the other presenter there(And people were asking him questions too). Anyway few mins later I see our old executive walk to them and tell them they have to talk. They started walking and talking but it was right in the open and you could pretty much hear them. They end up stopping and looks like they were trying to defend themselves. Few mins later the executive leaves and the end up walking back to the group that was still waiting to ask them questions (including us). They had been fired effective immediately.

The executive is Jim Alkove. He is a moron and our security org has completed revamped after he "left" to join other companies. All the recent advancements in Microsoft security/Win10 were because we no longer had a leader like him.

Feel sorry for these guys.

phobeusappola 2 days ago 4 replies      
If you're close to the Silicon Valley tech community you know the Salesforce datacenter organization and recently security organization has been taken over by many ex-Microsoft executives who are fairly clueless when it comes to security.

This has left the security organization mired in internal political turmoil and has triggered the exodus of most intelligent security professionals from the organization.

This situation appears to be a case of the new and confused security executive mentioned in comments on this thread over reacting.

I say "confused" because for the presenters to get this far they obviously has gone through levels of approval for the talk and presented material internally. This talk was indeed presented before at the Chatham House Red Team Summit in SF where many tech company Red teams were present and code released to some collaborating parties. If you don't know what is going on in your own organization with your directors you are confused.

I say "over reacting" because any decent security executive knows you can't ask a team member to pull a Defcon talk on extremely short notice as it would be damaging to their personal reputation in the community. Firing them for not pulling the talk is completely idiotic as it's likely burn the organizational reputation with the security community. It was likely just a snap decision by said confused executive who did not understand the ramifications of his decision. If you fire someone after they get off the stage at Defcon you more than likely have overreacted.

Sadly these are the types of this that happen when you have poor leadership at high levels. I feel bad for the good security folks still left at Salesforce who have to tolerate this garbage. Luckily there is a massive demand for good security professionals so they should have no trouble finding other employment, hopefully with competent leadership.

kafkaesq 2 days ago 3 replies      
The unnamed Salesforce executive is said to have sent a text message to the duo half an hour before they were expected on stage to not to give the talk, but the message wasn't seen until after the talk had ended.

Which said unnamed executive should have known was patently unreasonable to expect to be received and read in time.

Sounds like a failure in basic communication, somewhere in the organization. And if someone in the C-level feels they need to intervene at the last minute to set things straight -- this very strongly suggests point source of the failure was most likely somewhere in the middle layers (or at the C-level itself) - not with the frontline engineers.

But which at Salesforce is apparently no protection against getting hung out to dry.

Especially when we read the parts about "The talk had been months in the making" and that the executive pulled the plug at the last minute "despite a publicized and widely anticipated release."

rsj_hn 2 days ago 8 replies      
I was not at the conference and have no first hand knowledge of what happened.

But before everyone gets on their high horse, please pause to reflect:

This was all company work product being presented by company employees who were on a company funded conference trip. Therefore there is an approval process for vetting presentations as well as a legal process for opensourcing code. This is standard practice at all companies.

Now what do you think is more likely: That the PR department would approve of a talk titled "meatpistol" (FIXED) (have you seen the slides?) and the legal dept would approve of open sourcing the code and then at the very last minute both groups would change their mind and try to pull the talk, or that the presenters never got the OK in the first place, the company found out at the last minute, asked them to pull the talk and they refused?

How likely is it that they would get official approval for their talk under a "Chatham's rules" meeting in February to for a presentation <strike>in August</strike>at the end of July? Isn't it more likely that they got some initial approval for a talk in February, but that PR still wanted to vet the actual slides in <strike>August</strike>July? (I'm assuming that the slides were made after February.) Which PR department gives approvals like that? What legal department works this way? In my experience, stuff like this happens at the last minute, because that's when you're finishing your slides (as well as your code), and generally PR is going to ask that you make some changes to your slides and they will want the final copy before signing off. Now maybe I'm wrong and the article is correct, but I think it's unlikely.

Moreover given that Salesforce can't talk about this matter, who do you think is the source for the article and whose side are you hearing?

The last few days have really highlighted how quick people are to pile on with outrage and self-righteous indignation before getting all the facts.

tptacek 2 days ago 1 reply      
It's probably way too early for us to know what's really happened here. If you're unfamiliar with this stuff, you should know that Salesforce has a large and relatively savvy security team, including people who have presented at offensive security conferences in the past.

There's a lot of weirdness in the reporting here; for instance, the notion that Salesforce management had a meeting with members of their own team under "Chatham House rules".

Johnny555 2 days ago 2 replies      
Seems like a bad idea for a public SaaS company that relies on trust from customers that their data is secure to piss off their own offensive security team by firing them suddenly without even a warning received.

I expect that lots new Salesforce vulnerabilities will be discovered and disclosed.

djrogers 2 days ago 0 replies      
Much of the talk on this is about wether it not SFDC has a right to do this, or if its legal. Frankly thats all immaterial - this sounds like a perfect way to either lose most of your security staff over the next 6-8 months, or get yourself fired. Not sure the exec in question was planning on either of those outcomes, but they are the most likely.
just2n 2 days ago 0 replies      
That seems like a tad bit of an overreaction on Salesforce's part. The only mismatch here was the expectation set around the availability of the tool's source? So yeah, it was clear the tool is owned by Salesforce and ultimately something like that is decided by the company, but saying you're going to "fight to have it open sourced" and advocating to have tooling you build be shared outside of your company doesn't seem like a fireable offense to me. Look at what it's done for companies like Facebook and Google.

What the hell, Salesforce? This looks bad. There's either more to the story or this is just extreme knee jerk.

whatsmyhandle 2 days ago 1 reply      
EEK. When speaking in front of a large audience, it's generally a good idea to either mute your phone, or ditch it entirely before you get up onstage.

To get canned for not responding to a text message 30 minutes before a talk - which you were already approved for - seems terribly unfair and a decision probably made in the heat of the moment.

soft_serve 2 days ago 3 replies      
Most people at Defcon use a "burner phone" (a cheap supermarket feature-phone) while there. Nobody who is sane would turn on their work phone anywhere near the Defcon conference. I go there every year with a throwaway phone and laptop.

So nobody will see a text message in a timely manner, unless they knew the burner phone number.

0xfeeddeadbeef 2 days ago 2 replies      
Oh, the irony! Months before he was fired, in his talk [1] at QCon London 2017 (March 5-7), Josh Schwartz jokingly said: "I am going to tell some stories and hopefully I won't get fired for sharing this stuff but we'll see how it goes".

[1] How to Backdoor Invulnerable Code: https://youtu.be/EGshffkzZsY?t=680

I Fell Victim to a $1,500 Used Camera Lens Scam on Amazon petapixel.com
671 points by QUFB  8 hours ago   334 comments top 29
dingaling 8 hours ago 8 replies      
Recap as I understand it, since the blog post isn't

0. Buyer purchased item from third-party seller on Amazon

1. Seller picked a name and address in buyer's town, from an obituary, and sent parcel containing two baking mats thereto ( instead of camera lens )

2. Occupant of that address signed for it believing it to be for the deceased relative

3. USPS updated status to 'delivered' with signature and address recorded

4. However the proof of delivery shows the address from (1) and not the buyer's address

5. Buyer repeatedly appealed on the basis of (4) but Amazon only check that the parcel was signed-for IN THE SAME TOWN. Therefore requests for refunds or further action were denied.

Very clever seller, knows the system well. I wonder how many items he had to sell before striking it rich with a $1500 "lens".

mikeash 8 hours ago 26 replies      
I'm wondering more and more why Amazon hosts third-party sellers at all.

They dilute the Amazon brand to a tremendous degree. It used to be that buying from Amazon meant a certain level of quality and service. Now there are really two Amazons: the old one, and a new one that's basically a shitty version of eBay.

I have to go out of my way to avoid these crappy third-party sellers when I'm searching for stuff on Amazon. It's not a nice experience to go searching for a product and have to step through a minefield of "cheap" items that take two months to arrive, or have outrageous shipping fees, or are outright scams.

It is really worth it for Amazon to have them? I struggle to see how.

rgbrenner 8 hours ago 5 replies      
filing the chargeback is a good idea... but also, the sender made a critical mistake sending it usps.. that makes it mail fraud. Talk to the US Postal Inspection Service, it's a branch of law enforcement, and I'm sure they would be very interested with all of the evidence youve collected. They can cross state lines and arrest the sender.


ransom1538 7 hours ago 2 replies      
Why do people do mail fraud?

While mail fraud crimes often involve the use of the United States Postal Service, or USPS, you can also commit the crime when you use any interstate carrier, such as FedEx, UPS, or other delivery services. Mail fraud is super easy to prove [prints on box, cameras at fedex offices, credit cards used for materials, amazon accounts, logged ips, bank accounts involved, federal authority] and carries ridiculous sentencing: 20 years. THIS is a bad plan for $1500. Most likely this person DID THIS MORE THAN ONCE so they could face like 10 counts - it is 20 years per count. Not to mention people doing the investigation are federal officers - they are on point. With 2nd murder you at least get parole and probably wont do 20 years or charged with multiple counts. mail fraud = bad times.


toast0 8 hours ago 2 replies      
It won't get your money back, but it is worthwhile to file a fraud complaint with the USPS as well. Mail fraud for $1500 is a big deal to sweep under the rug with a charge back.
bayesian_horse 3 minutes ago 0 replies      
From my extremely limited understanding of legal matters, I'd say this should be a criminal fraud case. Maybe the police can get through the "wall" at Amazon.
_Codemonkeyism 8 hours ago 5 replies      
The only way I've got problems solved with Amazon is going to the police and let them sort it out. Worked every time.

Amazon was in now way responsive or helpful before I've got the police involved.

shiftpgdn 8 hours ago 0 replies      
This is the poison in Amazon's well. The average layman has very little grasp of sold & shipped by amazon vs amazon marketplace. Amazon needs to tighten the clamps on all of these awful third party sellers before they become a casualty like ebay.

Anecdotally my father purchased a projector recently and the seller tried the "I can't ship it unless you make payment on my offsite merchant page because Amazon is holding me hostage" scam. My father remarkably recognized this as fraud and reported it to Amazon. He said they were less than helpful in getting a refund to his credit card so he could go make a purchase from a legitimate merchant. They made him wait out the full 30 days it could have possibly taken to ship before they were willing to work with him.

davidu 8 hours ago 2 replies      
It seems like the Amazon reps weren't paying attention to the detail, or the seller was also supplying fraudulent evidence of delivery.

This blog post will likely get it resolved for the buyer, though it shouldn't have to be this way.

wolfd 5 hours ago 1 reply      
I had something similar happen about a year ago and it was a really bad time. I purchased some hard drives from a third-party seller (claimed as new, seemed reasonable in price, but huge mistake in hindsight, I know), and they arrived fine. The problem was, the hard drives were not what I ordered, and were almost certainly used (scratched up a lot).

I requested a return, and had the seller provide me a shipping label, I sent them back, and never got my money back. The tracking showed that the package was delivered, but because the seller had provided me a label that didn't require a signature, Amazon said they wouldn't give me my money back, as the seller said they hadn't received the item.

At this point, I left the seller a review saying what had happened to me, and a few days later, I visited the seller's page, and noticed that my review was gone.

Not only does Amazon provide really shoddy support for people that have been scammed, they actually help protect the scammers in a way, by allowing sellers to remove a couple bad reviews from their page every month.

deft 8 hours ago 2 replies      
These amazon emails literally look like automatic mails with a small custom message on top. He stated multiple times that what they said was WRONG yet no one bothered to listen to that part. If I was the author or if this ever happens to me, I'll go directly to disputing the charge.
amorphid 6 hours ago 0 replies      
Amazon seriously pisses me off these days.

Here's an example:

- search Amazon.com for "1 tb usb flash drive"

- the first hit (for me) is a fraudulent drive for $26.99 USD [1]

- there's no mechanism that I can find to report the drive as fraudulent, suspicious, or spam

As far as I'm concerned, Amazon is the new Best Buy. I go there to find something I want, and then buy it somewhere else (NewEgg!)

[1] https://www.amazon.com/Flash-Drive-Memory-Stick-Storage/dp/B...

poke111 8 hours ago 2 replies      
I don't get why he kept hammering on them for the fact that it was delivered to the wrong address. The bigger problem here, and a better basis for a refund, is the fact that they sent the wrong item. If they sent the wrong item to the correct address it should be eligible, right?
iamleppert 6 hours ago 0 replies      
It's a prime example of what happens when you deal with a large company with reps who are not empowered to think for themselves, and often times are incapable of doing anything other than following a very rigid process, and have extreme apathy.

I had a similar experience with NewEgg. In these cases it is sometimes helpful to use LinkedIn and contact people high-up in the company (Directors and Sr. Managers). Send them an inMail, it goes directly to their personal e-mail in many cases.

In several instances, contact like this via LinkedIn has helped me. Other than that, don't waste your time and just file a charge-back.

awinder 6 hours ago 0 replies      
I feel like either amazon, or the market, is missing an opportunity when I read stuff like this. Amazon could be:

1. Gathering intelligence about the person making the claim from public sources (twitter, LinkedIn, blogs, etc.)2. Mashing that against past purchase history (inside amazon or through browser fingerprinting across a wider pool, though they are amazon and should be pretty wide on their own)3. Ferreting out when high-trust customers are making claims against more shaky merchants

Claims like this should be the backbone of a fraud management platform. They can take high-quality customers getting screwed over and not only rectify the problem but also spare their other buyers from the embarrassment & fraud

vgprice 8 hours ago 5 replies      
I don't even buy anything that is not sold via Prime. I assume anything non-prime is of the lowest possible quality or a scam. For some reason I feel comfortable with prime thinking that the items have had some sort of quality approval. (at least getting my item as described and expected.)
maxk42 7 hours ago 2 replies      
In 2016 I made a couple hundred (yes hundred) purchases on Amazon. Of those, more than a dozen failed to ever arrive. All of the ones that failed were from third-party sellers.

Amazon Customer Service is very willing to work with you if you call directly. (I've also had a $1500 item fail to arrive.) I wouldn't trust their email support though.

Long story short: Pick up the phone.

KiDD 13 minutes ago 0 replies      
Amazon Marketplace is full of garbage sellers...
losteverything 6 hours ago 0 replies      
It was not signed for.

There are many dispositions once usps presses delivered. One is "to an individual at address" that is what i interpret - not signed.

Some other dispositions: at or by box, other or garage, office, (there are many more)

So the usps carrier pressed 4 - individual at address. He she handed it to someone.

Also, the exact gps coordinate of the initial scan is recorded. So the carrier scans the amazon box... That time&location is address knowing. In fact, the usps can turn on a feature that tells the carrier "you are more than 200(some distance) away from the address" this is used primarily when sunday newbies are delivering.

It sounds like amazon does not receive all the data collected from the carriers handheld. Also, there can be multiple dispositions for a parcel. Like "damaged" and delivered.

martin-adams 6 hours ago 0 replies      
How would this have played out if it was sent to the correct address, signed for but just had baking mats in there instead of the Lens? Would Amazon side with the seller still?

If not, why didn't the buyer just claim the items in the package was not as described?

benwilber0 47 minutes ago 0 replies      
about 3 months ago I bought some USB-C <-> USB-A [1] cables on Amazon. I plugged one into my MacBook and it immediately turned it off and banned it from the system. I started to smell electrical burning. I yanked the cord out of the wall and never touched it again. Threw away the whole pack.

The cables were made in China and re-branded by a USA company.

Don't buy cheap Chinese garbage electronics.

[1] https://www.amazon.com/gp/product/B0161GVULY/ref=oh_aui_deta...

8note 3 hours ago 0 replies      
oh hey, I work on a team that should prevent this kind of thing. This should be fun to fix.

[I'm not allowed to say more on the topic, nor do I speak for Amazon, as per the current Amazon guidelines on what we're allowed to talk about on social media. We're hiring though, and it's a fun adversarial engineering job]

MRSallee 1 hour ago 0 replies      
I don't understand why the scammer bothered to ship to an alternate address -- if Amazon is just confirming that the package was delivered and signed for, wouldn't that also occur if delivered to the buyer's address? The buyer would sign for the package before opening it and realizing the camera lens wasn't inside. (The weight difference could be made up with rocks.)
ada1981 8 hours ago 1 reply      
So glad that Jeff's assistant isn't even able to read an email. This sucks man. Appreciate you taking the time to document it and share it.
Hollow3d 1 hour ago 0 replies      
Long time lurker here. Amazon has let a lot of shady business in lately. Abuses on all sides.

Even my local USPS abuses the system for the 2 day delivery. (They marked a packages as incorrect address, and than, not available to sign... I called them, the woman said the were too heavy, so I now get it on day 3..). Now I know about the free months of prime, but I would have to get USPS to confess to Amazon what they told me. And I'm not as dedicated as the author.

And the preditory tactics they allow sellers to implement are crazy. I paid to return a dead on arrival ipod, and I had to send multiple emails to confirm I was getting my money back. (Seller stated they needed RMA or no refund, seller never provided RMA after 3 emails. Never even sent an RMA after all that, Amazon just ended agreeing to refund after multiple calls). Seller is still active with same terrible return policy.

Good article, I feel less crazy now. Hopefully more of these stories circulate.

pdq 8 hours ago 1 reply      
The correct solution to this is a 3rd party escrow service for these expensive items prone to fraud.

Amazon could physically validate the lens with pictures/weight, and verify they shipped it directly. This blocks fraud by both the customer and the seller/shipper.

Havoc 8 hours ago 2 replies      
1500 bucks purchase 2nd hand from a seller with 1 review?

10/10 bravery

soyiuz 8 hours ago 2 replies      
The A-Z guarantee is actually pretty biased towards the costumer. Something went wrong here obviously, but in part it is a side effect of too much information. There was no need to go visit your neighbors--once the wrong address is confirmed, A-Z should come into effect. Get someone on the phone if you can.

The larger problem is the integrity of the package. For example, as a seller, I've had multiple chargebacks from customers who claimed that the package they received was empty (and A-Z always ruled in their favor). I've also had customers "return" items that were not at all the same as the original purchase. In once case, the returned materials were clearly counterfeit (where I sold the originals)! A-Z ruled in customer's favor in each case. I've since stopped selling on Amazon due to prevalent fraud.

The package is pretty well tracked, how do we make sure what goes into the box corresponds to the sale or refund?

caffodian 8 hours ago 2 replies      
a similar scam has been going on for a while, with at least video games, board games, and bike gear, from what I've seen on Amazon Canada.

Third party sellers with a "real" looking name will list an item at a ridiculous discount off retail. If you buy it, you get a Chinese international tracking number. This takes forever to "arrive" and it turns out Amazon only really cares that the tracking number shows to Canada. I'm not sure what is actually in the package, since it's not possible to figure out more than just the city it went to.

Eventually, Amazon will refund you, but it's a bit annoying. It's pretty easy to spot once you get bit the first time, but you'll usually see the third party seller spike to several hundred bad reviews before the entire situation gets resolved.

This seems like Amazon CSR just failed to read the writer's complaints correctly. It should eventually get fixed, because it often does get fixed, even for hundreds of customers at a time.

DeepMind and Blizzard Open StarCraft II as an AI Research Environment deepmind.com
595 points by nijynot  2 days ago   268 comments top 20
qub1t 2 days ago 11 replies      
A lot of people here seem to be underestimating the difficulty of this problem. There are several incorrect comments saying that in SC1 AIs have already been able to beat professionals - right now they are nowhere near that level.

Go is a discrete game where the game state is 100% known at all times. Starcraft is a continuous game and the game state is not 100% known at any given time.

This alone makes it a much harder problem than go. Not to mention that the game itself is more complex, in the sense that go, despite being a very hard game for humans to master, is composed of a few very simple and well defined rules. Starcraft is much more open-ended, has many more rules, and as a result its much harder to build a representation of game state that is conducive to effective deep learning.

I do think that eventually we will get an AI that can beat humans, but it will be a non-trivial problem to solve, and it may take some time to get there. I think a big component is not really machine learning but more related to how to represent state at any given time, which will necessarily involve a lot of human-tweaking of distilling down what really are the important things that influence winning.

JefeChulo 2 days ago 8 replies      
"so agents must interact with the game within limits of human dexterity in terms of Actions Per Minute."

I am really glad they are limiting APM because otherwise things just get stupid.

dpflan 2 days ago 1 reply      
Related: Today I learned that a group of AI researchers has released a paper called: STARDATA: A StarCraft AI Research Dataset. According to one of the authors: "We're releasing a dataset of 65k StarCraft: Brood War games, 1.5b frames, 500m actions, 400GB of data. Check it out!"

> Article: https://arxiv.org/abs/1708.02139

> Github: https://github.com/TorchCraft/StarData

siegecraft 2 days ago 3 replies      
The API Blizzard is exposing is really nice. Sadly most of the advantages AI had in SC1 were just due to the fact that an automated process could micro-manage the tasks the game didn't automate for you (a lot of boring, repetitive work). SC2 got rid of a lot of that while still allowing room for innovative and overpowered tactics to be discovered (MarineKing's insane marine micro, SlayerS killing everyone with blue flame hellions, some more recent stuff I'm sure from the newest expansions). Hopefully the API lets AIs converge on optimal resource management and get to exploring new and innovative timings, transitions, army makeups, etc.
hitekker 2 days ago 7 replies      
This seems all in good fun but I wonder if it's come too late.

Starcraft 2 is at its twilight.

The biggest leagues of South Korea have disbanded. [1] The prolific progamers who transitioned to Starcraft 2 have gone back to Broodwar. [2]

Blizzard itself has scrubbed all references to Starcraft 2 on the very home page of Starcraft. [3] Except for the twitter embed, it has only only one "2" character... in the copyright statement.

My take is that the future for the Starcraft franchise will be through remastered and potential expansion packs following it.

Starcraft 2 had a good run but, with the entire RTS genre stagnating [4], I don't think Blizzard wants to bet on anything less than the top horse.

[1] https://www.kotaku.com.au/2016/10/the-end-of-an-era-for-star...

[2] http://www.espn.com/esports/story/_/id/18935988/starcraft-br...

[3] http://starcraft.com

[4]http://www.pcgamer.com/the-decline-evolution-and-future-of-t... (Aside from MOBAs)

SiempreZeus 2 days ago 2 replies      
It's a bit too bad they're having to move towards supervised learning and imitation learning.

I totally understand why they need to do that given the insane decision trees, but I was really hoping to see what the AI would learn to do without any human example, simply because it would be inhuman and interesting.

I'm really interested in particular if an unsupervised AI would use very strange building placements and permanently moving ungrouped units.

One thing that struck me in the video was the really actively weird mining techniques in one clip and then another clip where it blocked its mineral line with 3 raised depots...

arcanus 2 days ago 1 reply      
I also want to see the algorithm win on unorthodox maps. Perhaps a map they have never seen before, or one where the map is the same as before but the resources have moved.

Don't tell the player or the algorithm this, and see how both react, and adapt. This tells us a great deal about the resiliency of abilities.

ktRolster 2 days ago 5 replies      
When Watson won at Jeopardy, one of its prime advantages was the faster reaction time at pushing the buzzer. The fairness of that has already been hashed out elsewhere, but.....

We already know that computers can have superior micro and beat humans at Starcraft through that(1). Is DeepMind going to win by giving themselves a micro advantage that is beyond what reasonable humans can do?

(1)https://www.youtube.com/watch?v=IKVFZ28ybQs as one example

daemonk 2 days ago 2 replies      
Blizzard should put in an AI-assisted play mode where players are limited to X lines of code that can be launched with keyboard commands.
krasi0 1 day ago 1 reply      
The StarCraft 1 BroodWar AI scene has been thriving for a few years now: https://sscaitournament.com/ You can watch 24/7 live AI vs AI games on Twitch at: https://www.twitch.tv/sscaitSupport for voting on who to play next and even a betting system are in place, too. For those who wish to get their feet wet with BW AI development, here are the Java / C++ tutorials: https://sscaitournament.com/index.php?action=tutorial
arnioxux 2 days ago 0 replies      
Are there any known arbitrary code injection for starcraft? Like how you can use a regular controller to reprogram super mario world to play pong?



Is this how we are going to accidentally let AGI loose into the world!? /s

On a more realistic note I think this will degenerate into a game of who can fuzz test for the best game breaking glitch. Think of all the programming bugs that turned into game mechanics in BW that we haven't discovered for SC2 yet: http://www.codeofhonor.com/blog/the-starcraft-path-finding-h...

siliconc0w 2 days ago 0 replies      
The SCAI bots I've seen are more hardcoded tactics engines rather than machine learning models. They're still impressive, but their logic isn't quite 'learned' it's hand coded which is a crucial difference.
Lambent 1 day ago 0 replies      
It's not like this is going to create fantastic AI.

Keep in mind there's been an amateur AI project for broodwar for almost 7 years now. Even after such a long learning period, the games are very primitive, and the AI's still couldn't pose a threat to even a beginner human player. Sometimes the games take hours. Trying to build strategy and decision making into an AI is incredibly complicated. There have been teams working at the SSCAIT for many years now, and the product is still fairly primitive.

So what CA did was instead write up a simpler AI that mimics strategy and decision making. We all know it's not great, but I'd be really skeptical that 3rd parties would magically create an AI that can think strategically.

convefefe 1 day ago 0 replies      
I thought this was already happening. Right after AlphaGo beat Lee, I remember hearing about it. Did they give up on having their AI playing SC2? I wondered if that would work, since it seemed to take turns in Go at the same speed as a normal player, I wondered if it was trying to compute the most likely winning move each turn and the late game implications of those moves. If it tried that in a fast paced game how it would deal with the speed. It obviously would need to develop a pattern of pre-baked strategies that would win it the game. Would it play the same build every round or would it realize that changing things up each match wins it more games?
Companion 1 day ago 0 replies      
It's a bit too bad they're having to move towards supervised learning and imitation learning.

I totally understand why they need to do that given the insane decision trees, but I was really hoping to see what the AI would learn to do without any human example, simply because it would be inhuman and interesting.

I'm really interested in particular if an unsupervised AI would use very strange building placements and permanently moving ungrouped units.

One thing that struck me in the video was the really actively weird mining techniques in one clip and then another clip where it blocked its mineral line with 3 raised depots...

Havoc 2 days ago 1 reply      
That's surprising. I thought Bliz didn't want anyone near sc2 but approved of sc1 being used for this purpose.
Outrageous 1 day ago 0 replies      
Novice here: I really want to try this Starcraft API but I don't know how to start. I believe this uses more reinforcement learning and agent-based models (which honestly I am not familiar with yet) What are good papers to get started on this?
hacker_9 2 days ago 1 reply      
There's something funny about a company that is actively developing bleeding edge AI technology, but who can't design a webpage that works on mobile without crashing.
Ntrails 1 day ago 0 replies      
I'd be really interested in how differently tiered data sets (ladder rank) would work as sources for teaching.

Is it possible that training on diamond players is less effective than training on, say, silver? Is that actually even an interesting thing to look at?

ipnon 2 days ago 3 replies      
Any predictions for how long it will take for an AI to win against the world's best player?
Benchmark Capital Sues Travis Kalanick for Fraud axios.com
460 points by bobsky  1 day ago   178 comments top 22
throwawy11111 1 day ago 6 replies      
Benchmarks in a bind and at war with travis; they need to liquidate their stake in next year or two. Softbank deal to buy out their shares fell apart in part b/c no CEO. Benchmark wants safe-hands leader who will cost-cut firesale their way to quick IPO. travis + allies being more long term; blocking benchmarks CEO picks (meg). so board civil war continues with benchmarks dirty tricks like this sour grapes lawsuit and selective leaks to undercut and force mgmt's hand in cost cuts (the lease car data earlier this week)
aresant 1 day ago 2 replies      
Among the complaints of bad behavior:

"Kalanick [aquired] a self-driving startup that, according to a confidential report not disclosed to Benchmark (the "Stroz report") allegedly harbored trade secrets from a competitor . . . "

The Stroz Report was created when "Otto and Uber jointly hired an outside forensic expert Stroz Friedman. Friedman interviewed employees, including Levandowski and Lior Ron, reviewed their digital devices like mobile phones and cloud storage, and prepared a report recording the results of the investigation. . . Uber dangled a huge carrot for Levandowski to be truthful . . and agreed to indemnify him for any prior bad acts he confessed to committing. In other words, if Levandowski told Stroz what he stole, then the high priests at Uber have absolved him of his civil sins and Uber will pay for any resulting lawsuits or penalties"(1)

Maybe I'm reading between the lines, but it seems like they're saying in black & white that the Stroz report contains incriminating evidence that Levandowski DID "harbor trade secrets" from Google which will materially impact the outcome of Ubers broader legal woes . . .

EDIT - Reading further in the actual complaint ""if the contents of Stroz's interim findings had been disclosed to Benchmark at the time, they would have had a material impact on Benchmark's decision to authorize the board seats . . ." (2)

Sounds quite a bit like a smoking gun, that Benchmark probably realizes now is going to come to light.

(1) https://medium.com/@nikhilgabraham/why-anthony-levandowski-h...

(2) https://www.documentcloud.org/documents/3922911-67730336-DE-...

rmason 1 day ago 6 replies      
If actual fraud is not found what sort of message does this send to entrepreneurs that Benchmark is founder friendly?

Looks like a grudge match to me. Apparently unhappy with merely removing Travis from the CEO's chair they want to make certain he's never allowed to ever enter the building.

whack 1 day ago 2 replies      
The key point of conflict appears to be the following:

The suit revolves around the June 2016 decision to expand the size of Uber's board of voting directors from eight to 11, with Kalanick having the sole right to designate those seats. Kalanick would later name himself to one of those seats following his resignation, since his prior board seat was reserved for the company's CEO. The other two seats remain unfilled. Benchmark argues that it never would have granted Kalanick those three extra seats had it known about his "gross mismanagement and other misconduct at Uber"

I never understood this practice of investors/founders having such wide discretion when it comes to controlling board seats. It always seemed to me that board representation should be roughly proportional to equity ownership. If a founder/VC controls 30% of the equity, he should be given control over ~30% of the board seats. Such an arrangement seems like the best way to ensure that incentives are aligned, and to prevent drama/shenanigans like whatever led to this suit.

WisNorCan 1 day ago 4 replies      
It's interesting to see how all the chaos at the board and management level has affected employees. Data from LinkedIn paints a troubling picture both in terms of hiring and retention.

* Uber has 31,537 employees as of August 2017.

* New hiring is down from 1000 per month in 2016 to 500 a month in 2017. July was the lowest month since the start of LinkedIn data which is August 2015 @ 440 hires.

* There are currently 8,000 job openings. Operations and Engineering are the two largest categories.

* With every 100 people that are hired. ~80 people are departing the company.

Hiring managers I have talked to say that it is very challenging to attract strong candidates to Uber and it is demoralizing because their best people are leaving.

sillysaurus3 1 day ago 5 replies      
Stakes: Per the complaint, Kalanick currently holds around a 10% equity stake in Uber, which most recently was valued at around $70 billion. Benchmark holds approximately 13 percent.

This is interesting. I thought HNers were saying Kalanick had the biggest stake, which is why the board couldn't fire him.

How does this work? If someone only has 10% equity, why was it so difficult to remove them? This is a useful tool for founders, so it's worth understanding.

nthcolumn 1 day ago 2 replies      
Before Travis got booted some Techcrunch article or other was submitted here on an almost daily basis about him and other issues Uber were having, some days two! I thought to myself: 'Boy! Techcrunch really have it in for Uber and Travis' (mit einen kleine schadenfreude, me being no fan of either). Once he left though, the posts seemed to me to end rather abruptly even though there were still newsworthy shenanigans at Uber. Has anyone else noticed this? Why? Cui bono?
tareqak 1 day ago 0 replies      
Techmeme summary: Benchmark Capital sues Travis Kalanick for fraud, wants invalidation of the June 2016 stockholder vote to expand board, which would also remove him from board
tmh79 1 day ago 2 replies      
wonder what this means for the CEO search, softbank funding etc. My assumption is that both parties will settle quickly but I could be wrong. Also not noted in the article is that while travis owns 10% of the equity stake, he has super-voting shares, such that him, Ryan Graves, and Garret Camp as a trifecta hold controlling interest IIRC.
imsofuture 1 day ago 1 reply      
So the board agreed to create 3 new board seats over which Kalanick would explicitly have full control to appoint people. And now they're suing him because they regret that?
featherverse 19 hours ago 0 replies      
As an aside.. the dude's face on the TechCrunch article about this is heartwrenching, if you stare at it long enough.


sjg007 1 day ago 0 replies      
Uber should IPO unless they are waiting until they decimate traditional taxis but I don't see that happening in key markets. They could buy up medallions on the sly though. Economically, Amazon loses money in expansion and they have no real competitors online so I don't see why uber can't do the same.
gavanwoolery 1 day ago 1 reply      
I do not know Travis well enough to say if he is a "good" or "bad" person but playing devil's advocate for a second: is it really a crime to organize a board in your favor? I imagine this is done all the time.
zxcvvcxz 1 day ago 1 reply      
> Benchmark argues that it never would have granted Kalanick those three extra seats had it known about his "gross mismanagement and other misconduct at Uber"

Buyer's remorse! Investors think they deserve so much power because they put capital upfront and understand how to play the legal system to their benefit, while more industrious actors are busy actually building the value of the company.

Yeah and I can tell the folks at Benchmark about a bunch of guys I knew who wish they never would've gotten married. Oh well, when you take your vows... Till death do you part ;)

pfarnsworth 1 day ago 2 replies      
Who in their right mind, except for the utterly desperate, would accept money from Benchmark? Talk about letting the fox into the henhouse, you can't trust those guys whatsoever.
thebmax 1 day ago 5 replies      
Agreed. Fuck Benchmark. Travis makes each partner $1 billion personally and this is how they treat him? They should be blackballed by every great founder out there. I had respect for benchmark but not anymore. They are greedy assholes.
PhantomGremlin 1 day ago 4 replies      
In my best Nelson Muntz voice: "Ha-ha".

The VCs have done this to themselves. They put up all the money, they should have never allowed themselves to be put into this situation.

Decades ago, when I was at startups, this was 100% clear, cut and dried. The Golden Rule. People who have the gold make the rules.

I'm sure this won't be a popular opinion, since more HN readers are founders and employees than are VCs. But don't simply downvote. Explain. Articulate why, after taking billions of dollars in VC money, you feel like you're still owed control.

desireco42 1 day ago 0 replies      
I don't know about this infighting, but don't you think that someone like Meg Whitman would suck badly at being Uber CEO, not that she did wonders at HP. If anyone has opinion, I would be interested to hear.
revelation 1 day ago 1 reply      
There is nothing new here other than Benchmark Capital thinking they can choose and pick a shareholder decision to revert based on the recent Uber gates.

Seems very thin on the ground given there is no ruling in a court of law against Kalanick in any of those.

sergefaguet 14 hours ago 0 replies      
will never, ever talk with Benchmark for any fundraising again. suing the CEO who made them ~ten billion dollars. what the actual fuck.
baccheion 1 day ago 2 replies      
Uber, AirBnb, Snapchat, Dropbox, etc will all crumble. They may continue to exist, but they'll be more like Twitter than Facebook. None of them are anything special.

Maybe Dropbox will get acquired after their failed IPO. Snapchat could also get filed away in a similar fashion, but it may be too late.

I wonder why they invested so much in a taxi company. It only makes sense if all cars are replaced with Uber autonomous vehicles, but what are the odds that will happen? Uber only makes sense in larger cities.

The "brain" trust may as well get started on teleportation or something else deserving of billions in blind/naive/"stupid" faith.

Is this the mobile bubble forming and collapsing live? As suggested by historical timings (8 <= year_ipod - year_founded <= 12), IPOs for all "big bets" should technically happen within the next year. I strongly doubt it's going to be pretty.

A rising sentiment that IBMs Watson cant deliver on its promises gizmodo.com
487 points by artsandsci  1 day ago   261 comments top 37
filereaper 21 hours ago 4 replies      
I'm quite late to this thread, but I worked on Watson very briefly (not on the core development, but overall system performance improvements).

I think there's a major misunderstanding of Watson which isn't helped by IBM's Marketing efforts. IBM Marketing has been slapping the "Cognitive" label on everything and is creating unrealistic expectations.

The Jeopardy playing Watson (DeepQA pipeline) was a landmark success at Information Retrieval, its architecture is built largely on Apache UIMA and Lucene with proprietary code for scaling out (performance) and filtering & ranking. I'm not an expert on IR so I won't comment further. This is very different from Neural Nets that are all the rage in ML today.

I'd like to point the following links from David Ferrucci [1] the original architect of Watson and this technical publication at aaai.org [2].

The DeepQA pipeline wasn't fluff, the intention was to take this question-answer pipeline and apply it to other verticals such as Law and Medicine, essentially replace the Jeopardy playing Watson's corpus of Wikipedia, Britannica etc... with Legal and Medical equivalents.

Given its runaway PR success, the Watson brand was applied to many other areas which haven't been successful but I'd like to point out what the original product was here.

[1] https://www.singularityweblog.com/david-ferrucci-on-singular...[2] https://www.aaai.org/Magazine/Watson/watson.php

ChuckMcM 1 day ago 5 replies      
When I worked at IBM I expressed concern that the television commercials depicting a HAL9000 level interactive dialog system were dangerously overselling what Watson could do.

The challenge, as I saw it, was that no matter how good the tools and products that were used to help companies with data analysis to improve their operations were, when they realize they can't talk to a cube and joke with it about misusing colloquial phrases their disappointment overshadows all the 'good' stuff it was doing for them.

No relationship works well if it starts with a lie and as this article shows, people do take those ads at face value and assume there really is a talking AI inside of IBM. Then they are hugely disappointed when they find out it doesn't exist.

tangue 1 day ago 5 replies      
Crdit Mutuel (a french bank) has adopted Watson [0] and it's not encouraging : it was supposed to help answering emails, : they had to describe manually the concepts in emails and create topics in which looks a lot like decision-trees (and reminds me of this 1985 ad for Texas Instrument's Lisp AI https://www.scientificamerican.com/media/inline/blog/File/De... scroll to see the ad)

Indeed the whole thing looks like a database with basic AI as a sales argument...

[0 - in french] http://www.silicon.fr/credit-mutuel-non-ia-watson-magique-17...

slackingoff2017 1 day ago 6 replies      
IBM is a dying giant, I've seen it languishing for years. Their massive screw up was a decade ago when they decided shareholder value was more important than having good engineers. They've since gutted their R&D departments and all that's left are duds and underpaid undereducated consultants rented from places like Accenture.

The only good thing to come out of IBM in years is their Hyperscan regex library and unsurprisingly they don't market it at all or build practical applications with it

laichzeit0 21 hours ago 0 replies      
I had problems with Watson to the effect that not even the documentation matches reality. There are some fairly basic things missing from their NERC offering. I can tell you that the functionality that is missing is so basic (e.g. negation) that without a doubt, no one in IBM has ever used this offering in practise beyond a toy example.

The idea that IBM Watson is some uniform AI in a box with a bunch of REST API's to "expose" its intelligence seems to be the sales pitch. It's not. It's just a bunch of acquired products (you can see this when e.g. Watson Knowledge Studio breaks and you see the Python scripts that glues everything together in the backend) that are poorly integrated, probably because the left hand has no idea what the right hand is doing.

Caveat emptor!


notfromhere 1 day ago 1 reply      
The dirty secret is that IBM Watson is just a brand for their army of data consultants, and their consultants aren't very good. In my experience working for a competitor in this space, IBM Watson was widely agreed to be smoke and mirrors without much going on
peteretep 1 day ago 4 replies      
A couple of years ago I was given a project that was essentially "Evaluate Watson APIs to see if there's anything there we could make use of", and came away with the distinct impression that it was largely smoke and mirrors, and there was very little that was either effective or interesting there.
blueyes 1 day ago 2 replies      
IBM has almost zero credibility in deep learning and AI. They haven't hired anyone of note. They haven't produced any novel or influential research in the field in years. And yet they air these cheesy Dylan ads and the rubes fall for it. Watson is a Theranos-scale fraud, and it's finally coming out.
throwaway_ibm 1 day ago 0 replies      
I know someone who is intimately involved with IBM Watson, they are highly educated and constantly diss the system. Calling it, 'Just a large database'. If Watson was a true breakthrough, it should be gaining marketshare throughout it's specialities but it's not. Google is leading the industry with DeepMind; Facebook and Microsoft aren't far behind. I'd encourage others to be very skeptical of the PR that IBM is pushing about their Watson problem.

disclosure: I haven't read the article but wanted to share a related story.

ams6110 1 day ago 0 replies      
What? A brand name which is just a word meaning "IBM Enterprise Products and Services" doesn't really live up to the marketing hype? I can't imagine such a thing.
strict9 1 day ago 0 replies      
Many years ago when I worked for a company that decided our existing ecommerce app was too terrible to fix and would be too much effort to rebuild, we talked to a number of vendors, including IBM. The marketing materials and salespeople made a compelling case, but deeper dives into the app itself and the support engineers behind it convinced even the most enthusiastic internal cheerleaders to look elsewhere.

In recent years as news articles heralding the future of Watson for various industries (including healthcare and supply chain), I predicted a similar path. An amazing product in a very narrow environment designed specifically for marketing and selling purposes, and not very adaptable.

FTA: And everybodys very happy to claim to work with Watson, Perlich said. So I think right now Watson is monetizing primarily on the brand perception.

This is painfully obvious, as this has been IBM for a very long time.

scottlocklin 1 day ago 1 reply      
Yeah, well, "duh."What boggles my mind is people will read this, nod sadly, and continue not to notice that a whole bunch of what they think they know about machine learning, autonomous vehicles and so on is also marketing department hype.
chisleu 15 hours ago 0 replies      
I'm late but have something to add.

Until last week I was on a 6 month contract as a senior DevOps engineer for IBM/Watson. I was responsible for one of the huge real-time data ingestion pipelines that Watson receives. I left to work elsewhere in spite of being offered an excellent position. (If you guys are reading this, hi.)

I went to IBM not expecting much more than working as a cog in a lumbering giant.

Watson is the fastest growing part of IBM. If IBM has all of those eggs in one basket, it is the Watson basket. There were lots of jokes about cognitive in the office pool.

That said, it was by far one of the best managed companies I've seen. They have some fantastic data engineers and scientists. They are backing most of the open source projects related to AI and next generation tech. Spark, VoltDB...

The ads might seem sensational, but the concept of a black box that orders preemptive maintenance for an elevator isn't far fetched...

More over, Watson had so many current customers because it is valuable. The technical advisors that but products don't put faith in ads any more than we do.

jjm 23 hours ago 0 replies      
They had so much time to contribute but instead chose marketing and pushed into areas where they didn't really have a handle on yet. As in management didn't understand.

I mean all the datasets, dozens of libraries, stunning NN demos and training sets, TPUs (multiple versions at that!) all could've come out of the company.

Think if keras and tensor flow were from IBM. Or all those cars now running Nvidia Jetson, or mega datacenters running NV100s or Google TPUs.

Shoot they even had a chance to enhance PowerPC ICs for NNs.

Alas but nope.

simonh 1 day ago 2 replies      
This just goes to show just how tragically far away we are from even beginning to build the rudiments of a strong general purpose AI. For all the fantastic achievements of systems like Watson and Alphago, and they are amazing achievements, they are radically optimised special purpose systems fine tuned to solving one extremely specific and narrow problem, and that problem only.

Watson is a case study in this, but I know Google has big plans for applying the tech behind Alphago in medicine. I wish them every success, but I'm concerned they will hit similar specialisation issues.

dpflan 1 day ago 1 reply      
I like how IBM does very elaborate marketing ploys to hype their wares: like Deep Blue competing against Kasparov and Watson competing against Jennings to showcase IBM's engineering prowess. But it does sell the idea pretty well I think, but perhaps the idea is too grand/far ahead of the present.
Probooks 1 day ago 0 replies      
Problem is deeper (and simpler). IBM does not look for clients, but rather victims. We clients end up being caught in an internal upsales fight. Nobody cares which is the best solution IBM as a whole can offer to you (their own people do not even know all their available tools!), but rather how much suboptimal stuff each salesman can load onto you. I'm on my way out of IBM...
speeder 1 day ago 2 replies      
I actually love the idea of Watson being used for healthcare...

Sadly I think it is being used wrong...

IBM is focusing on using Watson to cure very specific diseases, like certain types of cancer.

I think a far better use for Watson would be to do initial diagnosis, for example my life got massively delayed because I got hypothyroidism as teenager, but only using internet data I could self-diagnose and self-treat (because doctors are still unwilling to help, not trusting data, and before someone come berate me for self-treatment, it is working...) as adult I could finally get my life 'started' (hypothyroidism affect physical and mental development, and slows down metabolism and the brain)

During my quest I met many, many, many people on internet, that had self-diagnosed with something using the internet as a tool. All of us would have been diagnosed properly if Watson was being used on the doctors office, using its data crunching capabilities and symptoms as input to find out what problem we had. (in my case: I have Hashimoto's disease)

dislikes_IBM 1 day ago 2 replies      
IBM has a toxic culture. They are the vendor lock-in Gods. Every company I've ever worked for has cringed at the mention of IBM, never suggested them as a new solution, and always regretted whatever if anything they locked themselves into.

They are the only company that charges you to sample their API's. They are the absolute worst, an infection that needs to be cured.

ghostly_s 1 day ago 0 replies      
I overheard a good-'ol-boy businessman at a hotel bar a few months back. He bore an eerie likeness to Bosworth from Halt and Catch Fire, and was telling a younger gentleman about a project he worked on. "...so Watson comes in and they Algorithm the whole thing..."

I'm pretty sure he thought Watson was a person.

tCfD 1 day ago 1 reply      
Obvious fix is for IBM to put Watson on a blockchain /s
crsv 1 day ago 1 reply      
Replace IBM's Watson with anything branded with "AI" right now and themes in the article still hold up.
batmansmk 1 day ago 4 replies      
You can try by yourself. https://alchemy-language-demo.mybluemix.net/

Imagine analyzing product reviews to determine if it was positive or negative.Type "I like it", and see the inaccurate targeted sentiment (neutral sentiment instead of positive).

etiam 1 day ago 0 replies      
It's tempting to start whispering winter is coming, but I think one may reasonably hope that the current fashions at large have enough nuance to differentiate between this particular marketing gimmick and the broader developments in ML.

Personally I'd be happy to see the paragraphs/minutes at the beginning of far too many interviews about "intelligent" machines exchanged, from straightening out the misconception that Watson is an example of this new hot "Deep Learning" thing and one of the pinnacles of achievement in the field, for some type of more valuable type of commentary from leading researchers.

ExactoKnight 1 day ago 0 replies      
Watson's Natural Language Classifier, in particular its categorization API, is actually pretty impressive...
dboreham 1 day ago 4 replies      
Bundle up for the second AI Winter...
outside1234 1 day ago 0 replies      
You don't say! This is IBM consulting ware? Who would have guessed!
ceedan 1 day ago 1 reply      
Does IBM itself even "use" Watson?
et2o 1 day ago 1 reply      
I saw a very humorous twitter exchange between a bioinformatician and IBM Watson's twitter account. The scientist asked them to provide any peer-reviewed ML publications and the best they could do was an abstract at a regional conference no-one has heard of. And it was a terrible abstract.

It's completely marketing. IBM still has a good name among people who don't know much about technology. They're trading on this and the current saturation of 'machine learning' in the popular press.

currymj 1 day ago 0 replies      
it's just a brand name at this point, which they attach to any machine learning they develop or acquire, and they should stop trying to sell it as a distinct technology.
megamindbrian 13 hours ago 0 replies      
Everything to do with IBM is too expensive for the average user.
PaulHoule 1 day ago 0 replies      
This was my opinion when they started running these ads. My opinion has actually softened a little.

Some of the cognitive services they are offering today are not half bad; also I can say their salespeople are doing a gangbusters job in places.

diego_moita 1 day ago 1 reply      
> "In the data-science community the sense is that whatever Watson can do, you can probably get as freeware somewhere, or possibly build yourself with your own knowledge"

Any suggestions about the freeware?

moomin 1 day ago 3 replies      
Completely off topic, but didn't IBM have a system called Watson in the 1990s that was used by the police? Try as I might I can't find a reference for it anywhere.
d--b 1 day ago 0 replies      
watson's mistake is to have gone the chat bot route. promising a natural language input for all underlying problems simply discredits everything else...
riku_iki 1 day ago 0 replies      
Any first firings for choosing IBM?..
iamleppert 1 day ago 2 replies      
The real crime is in using cancer kids to sell your product. I mean, who even does that? Even if you could cure cancer for kids, I find it incredibly tacky to go around making commercials about how you can cure cancer for kids, which aren't targeted at those who actually are in the position to use the technology, and its used to market to other tangential industries where the real money is. It's just despicable and you can tell right there its smoke and mirrors.

There's a special place in hell for anyone working at IBM or involved in the Watson project who is supporting this thing. It's damaging legitimate deep learning/machine learning industry and generally making a fool out of IBM, AND giving children with cancer false hope....just so IBM can try and stay relevant and make money?

The world in which IPv6 was a good design apenwarr.ca
604 points by dbenamy  1 day ago   185 comments top 34
hueving 20 hours ago 3 replies      
>They have to be special, because an IP node has to be able to transmit them before it has an IP address, which is of course impossible, so it just fills the IP headers with essentially nonsense

Not nonsense! The global IP broadcast is specified as and is used by other protocols. The source IP address for the initial discovery is indeed, which is not intuitive, but the rest of the DHCP exchange is handled with real IP addresses like normal IP traffic. DHCP is very much an IP protocol (see DHCP relay for how it transits IP networks).

>Actually, RARP worked quite fine and did the same thing as bootp and DHCP while being much simpler, but we don't talk about that.

Ugh, come on! RARP doesn't provide you with a route to get out of the network or other extremely useful things like a DNS server.

>and DHCP, which is an IP packet but is really an ethernet protocol, and so on.

No, it's not an ethernet protocol. It's a layer-3 address assignment protocol that runs inside of IP, which is normally encapsulated in ethernet frames. You can have a remote DHCP server running any arbitrary L2 non-ethernet protocol and if it receives a relayed DHCP request it will reply with IP unicast perfectly fine with no ethernet involved.

hueving 20 hours ago 2 replies      
>In truth, that really is just complicating things. Now your operating system has to first look up the ethernet address of, find out it's 11:22:33:44:55:66, and finally generate a packet with destination ethernet address 11:22:33:44:55:66 and destination IP address is just a pointless intermediate step.

This is completely wrong, it's not pointless.

First, this can be used to easily swap out routers in a network without reconfiguring any clients or even incurring downtime. Without the intermediary gateway IP representation, this would mean you would either have to spoof the MAC on the second router or reconfigure all of the clients to point to the new gateway.

Second, ethernet addresses are a layer-2 construct and IP routes are a layer 3 construct. Your default gateway is a layer-3 route to There are protocols for exchanging layer-3 routes like BGP/RIP/etc that should not have to know anything about the layer-2 addressing scheme to provide the next-hop address.

Third, routers still need to have an IP address on the subnet anyway to originate ICMP messages (e.g. TTL expired, MTU exceeded, etc).

Fourth, ARP is still necessary even for the router itself to know how to take incoming IP traffic from the outside and actually forward it to the appropriate device on the local network. Otherwise you would have to statically configure a mapping of local IP addresses to MAC addresses on the router.

So ARP is critical for separation of concerns between L2 and L3. We don't live in an ethernet-only world.

>excessive ARP starts becoming one of your biggest nightmares. It's especially bad on wifi.

Broadcast can become a nightmare. Excessive ARP is a drop in the bucket compared to other discovery crap that computers spew onto networks.

The pattern of most computers now is to communicate with the external world (from the LAN perspective) and not much else. So on a network of 1000 computers (an already excessively large broadcast domain), your ARP traffic is going to be a couple of thousand ARP messages every few hours. If this is taking down your WiFi network, you have much bigger problems considering all of those are about a modern webpage load of traffic.

ChuckMcM 9 hours ago 0 replies      
It would be interesting to put that post into Genius and annotate its errors. At some level the premise is both true and false.

I lived the IPV6 debate, I went to IETF meetings, I worked on network services that would be affected one way or the other, I debated with others the various ways to "improve" or "replace" V4 to get a better system. And all through that time, while everyone felt there would be billions and billions of IP addresses, I was not aware of any discussion of dynamic routing such that a network endpoint could be found anywhere in the world without configuration. For everyone at the time felt network infrastructure was fixed, and network clients moved.

In that way a network client would move from one network to another, and then in that new network it would have to establish itself and then advertise somehow its new status. Everyone agreed that there would be some disruption during this change of status but things like TCP were designed to tolerate lossy networks. The network would adapt.

That pre-supposes a lot of little networks, with their own sets of rules. Except that isn't the way cellular carriers think, they have one network and your relationship to it rarely changes. If you aren't on their network you are 'roaming' and there are fixed rules in place for that. So they trade a lot of tracking and management for ease of use on the customer. And it enables some annoying things like 'header injection' in Verizon's case.

Dumb networks versus smart networks. AT&T's original switched network around the world vision versus Bob Metcalf's self organizing collection of independent nodes following a small set of rules. Architecturally its a debate that has been going on for a long long time.

Animats 22 hours ago 3 replies      
What he's really arguing for is a circuit-switched network, so that connections can be persistent over moves. He just needs a unique connection ID.

One amusing possibility would be to do this at the HTTPS layer. With HTTPS Everywhere, most HTTP connections now have a unique connection ID at the crypto layer - the session key. If you could move an HTTP connection from one IP address to another on the fly, it could be kept alive over moves. HTTPS already protects against MITM attacks, and if the transfer is botched or intercepted, that will break the connection.

I'm not recommending this, but it meets many of his criteria.

The trouble with low-level connection IDs that don't force routing is forgery. You can fake a source IP address, but that won't get you the reply traffic, so this is useful only for denial of service attacks. If you have connection IDs, you need to secure them somehow against replication, playback, etc.

hueving 20 hours ago 3 replies      
>And nowadays big data centers are basically just SDNed, and you might as well not be using IP in the data center at all, because nobody's routing the packets. It's all just one big virtual bus network.

The opposite trend is true in large data centers. L3 fabrics where everything is routed have become extremely popular because BGP (or custom SDN setups) can be used to migrate IPs and you get to utilize multiple paths (rather than the single path offered by STP convergence).

djrogers 13 hours ago 1 reply      
> In truth, that really is just complicating things. Now your operating system has to first look up the ethernet address of, find out it's 11:22:33:44:55:66, and finally generate a packet with destination ethernet address 11:22:33:44:55:66 and destination IP address is just a pointless intermediate step.

Bollocks. The abstraction allowed by using an IP address instead of a MAC address is essential, considering that IP addresses are dynamic (even when statically configures, devices can and do get replaced) and MAC adresses are set at the factory. Can you imagine updating the routing table of every device in your network because you had to replace a core router and the MAC address was different? Its the equivalent of publishing your website on an IP address instead of a DNS hostname...

* yes, I know MAC addresses can be configured by software in many devices, but thats even more of a hack than using arp to determine a MAC address.

Hikikomori 17 hours ago 0 replies      
Interesting article, but it contains some weird statements.

>It is literally and has always been the software-defined network you use for interconnecting networks that have gotten too big. But the problem is, it was always too hard to hardware accelerate, and anyway, it didn't get hardware accelerated, and configuring DHCP really is a huge pain, so network operators just learned how to bridge bigger and bigger things.

IP forwarding (longest prefix match) is more complicated than mac forwarding yes, but it has been done in hardware (ASICs, typically NPUs today) for a long time now.Operators (I assume ISPs) do not build large bridged networks as they need their networks to scale as they grow, or they will hit a breaking point where their network collapses. ISP's typically use centralised DHCP servers (as opposed to configuring their access routers) and configure their routers to use DHCP relay. DHCP server configuration is easily automated by just reading your IPAM data, it's a non-issue.

tyingq 23 hours ago 4 replies      
>One person at work put it best: "layers are only ever added, never removed."

Find this in the software world as well. Something about the java culture seems especially fascinated with multiple layers of abstraction.

Edit: Ok, some factions of the culture. "Convenient proxy factory bean superclass for proxy factory beans that create only singletons"

okket 20 hours ago 1 reply      
> Actually, RARP worked quite fine and did the same thing as bootp and DHCP while being much simpler, but we don't talk about that.

Actually, no. You can only set an IP address with RARP, not even a netmask (RARP comes from pre-CIDR age) or other important stuff like default gateway, DNS server, etc like you can with DHCP.

ktRolster 23 hours ago 2 replies      
We'll switch to IPv6, and every service will still go through port 80.
hueving 20 hours ago 0 replies      
>Network operators basically choose bridging vs routing based on how fast they want it to go and how much they hate configuring DHCP servers, which they really hate very much, which means they use bridging as much as possible and routing when they have to.

Very rarely does a network operator use bridging to avoid configuring DHCP. All modern protocols are built on IP so you still need an addressing scheme and most people want the Internet so the 169 auto addressing is out. So even in big bridged networks, you still have a DHCP server. In fact, you configure less DHCP in a big bridged network than DHCP for a ton of tiny networks.

The advantage to big bridging networks is that you have to setup very little routing (just the router to get in and out). If you routed between every port on the network, there would be an excessive amount of configuration involved to setup prefixes on every single interface.

akshayn 22 hours ago 1 reply      
"If, instead, we had identified sessions using only layer 4 data, then mobile IP would have worked perfectly."

Mobile IP can still work with the current infrastructure -- https://en.wikipedia.org/wiki/Mobile_IP

This proposal was basically a service which would host a static IP for you (similar to the LTE structure but with IP underneath instead of L2), and forward to whatever your "real" IP was using IP-in-IP encapsulation.

As the author states, layers are only ever added :)

luckydude 11 hours ago 1 reply      
This is an awesome read and hilarious if you have any historical knowledge of networking.

+1 highly recommend even if all you want is a few chuckles.

Well done.

collinmanderson 10 hours ago 0 replies      
A little off topic, but the TCP BBR Congestion Control they mention looks promising. I've been annoyed by "Bufferbloat" for over a decade and find different solutions to the problem pretty fascinating.

The nice part about this solution is that it doesn't require making changes to the individual nodes on the network (e.g. cable modem) in the way that other solutions have required (small and fair queues).

It also appears to be able to avoid the usual packet-drops of regular TCP congestion control.

noahl 13 hours ago 4 replies      
This was a very informative article for me, but there was one thing I didn't understand. At the end he made the case that mobile routing needed essentially two layers: a fixed per-device (or per session) identifier, and then a separate routing-layer address that could change as a device moved. QUIC has session identifiers, and that's great and could solve the problem.

But earlier in that very article, he already pointed out that every device already has a globally unique identifier used in layer 2 routing ... the ethernet MAC address.

Would someone please explain to me why we can't use MAC addresses as globally unique device IDs?

(Is MAC spoofing the issue?)

mjevans 23 hours ago 4 replies      
Ok, so QUIC or some other common layer 4/4+5 'Modern TCP over UDP for network compatibility' solution.

Lets just throw away the concept of 'addresses' for authentication and actually use a cryptographic authentication identifier of somekind, combined with some mux iteration ID.

therealwardo 8 hours ago 0 replies      
I gave a talk about a lot of the same concepts this piece covers - https://www.youtube.com/watch?v=g2czluHsmog

it has a more visual explanation of the OSI model and how it relates to routing and different kinds of hardware. I also tried to explain some of the interesting problems in actually building out a network in the second half of my talk.

if anyone is just trying to learn the basics of networking I'd also strongly recommend the Juniper Networking Fundamentals online class, its free at https://learningportal.juniper.net/juniper/user_activity_inf... or you can find videos of it on YouTube.

femto 22 hours ago 0 replies      
The "Internet Mobile Host Protocol" (IMHP) was written as a draft RFC in 1994. As far as I know it was never adopted, but is it still relevant, even as an inspiration for IPv6?

[1] https://www.cs.rice.edu/~dbj/pubs/draft-johnson-imhp-00.txt

Edit: Its official entry at the IETF: https://datatracker.ietf.org/doc/draft-johnson-imhp/

Hnrobert42 1 hour ago 0 replies      
The best post I've ever read on HN.
Aloha 23 hours ago 2 replies      
Part of the difficulty here - is you're not just upgrading the whole stack, you're instead layering on whatever stack is already there - its a needed part of deploying any new technology without replacing everything from the basement up. I'm not sure what this guy would do instead however - as someone with a decent networking background, I got completely lost in the end.
anilgulecha 19 hours ago 6 replies      
One big UX mistake of IPv6: it was not made backward compatible with IPv4. (v6) ==

This simple design when planning and rolling it out would have meant incrementally updating the networking stack to also support v6. Now it turns out v4 and v6 are completely different, and no one has a big enough reason to make the change until everyone else makes the change. Hard chicken-egg problem.

mirimir 17 hours ago 0 replies      
I found the piece informative and entertaining. But I'm not technical enough to comment much. I would have liked to see what he thought of MPTCP as a replacement for TCP.
fundabulousrIII 14 hours ago 0 replies      
This article was some of the most egregious nonsense I've read in a while.
peterburkimsher 21 hours ago 2 replies      
That is a beautifully-written article.

The IEEE hardware and IETF software guys have been busy adding complexity to the networks, with so many legacy protocols (when everyone just uses TCP/IP) and extra ports (when everything happens on port 80 - seriously, even email is now on cloud services).

I can't get LTE because of political problems. So I just gave up trying to be online, and started caching everything possible.

Meanwhile, storage is getting larger capacity, smaller size, and cheaper. I've got a 512GB SD card in my pocket all the time, with a backup of my laptop in case my bag gets stolen.

My phone does everything offline if possible. Offline MP3 music. Offline maps. Wikipedia. StackOverflow. Hacker News. FML. UrbanDictionary. XKCD. The few YouTube videos I actually want to see again.

The only thing I need Internet for is communication. To send a message, I walk around looking for open WiFi and type my message to them on Facebook Messenger. If they need to reach me urgently, they can just use my phone number (which keeps changing every 6 months for the same political problems).

What if access points had large caches with mirrors of the content people want? Instead of asking Google's server in the US to send me a map tile, what if I could just get it from the local WiFi AP's web server? It would be much faster, and save so much trouble with networking.

Sure, there are some things that people need the network for (e.g. new content, copyrighted material). But so much else is free of licenses, and would be possible to mirror locally everywhere.

undoware 22 hours ago 1 reply      
Easily the best technical document I've ever read. Holy heck. "Now I see with pulse serene, the heart of the machine"
marasal 21 hours ago 0 replies      
This was a great read.
davidreiss 13 hours ago 3 replies      
Is anyone else shocked at the low level of adoption of IPv6? I remember how in the late 90s people were saying we were going to run out of addresses and everyone need to migrate to IPv6 ASAP. Now, it seems that IPv4 is going to be around for a long while.
_pmf_ 17 hours ago 0 replies      
> To save on electronics, people wanted to have a "bus" network

It was also to save sanity and avoiding having to rip apart every office building for installing hundreds of cables.

gridscomputing 22 hours ago 2 replies      
tardo99 20 hours ago 2 replies      
What if the server needs to send you a packet while you're mobile but you haven't sent it a packet yet so it can update its cache? That packet will be lost in his scheme. Nice try.
killjoywashere 17 hours ago 0 replies      
betaby 9 hours ago 0 replies      
We have to stop IPv6 debate, it's already the reality.Even if you don't like it, even if you think it's ugly - doesn't matter.US IPv6 mobile traffic passed 50% some time ago https://engineering.linkedin.com/blog/2017/07/linkedin-passe...IPv6 at least on mobile is real and many of us even didn't notice it's there.
beagle3 19 hours ago 2 replies      
I am very glad IPv6 didn't catch on. The world in which it was designed was not a world in which everyone (NSA, Google, Facebook) was trying to document and correlate every tiny thing you do, whether it is related to them or not.

If IPv6 eventually becomes widespread, I hope it comes with ISPs that will let you replace your prefix, and phones/hardware that will randomize your suffix - otherwise, the internet becomes completely pseudonymous.

feelin_googley 8 hours ago 0 replies      
Suprising to see a recommendation for QUIC by someone who seems to ackowledge djb's contributions and incredible attention to detail. http://apenwarr.ca/log/?m=201103#28

Correct me if wrong, but QUIC was inspired by djb's CurveCP?

Would you rather have djb implement your trusted UDP congestion-controlled overlay or a company with 70,000+ employees who are paid from the sale of online ads?

@hashbreakerApr 15CurveCP's zero-padding (curvecp.org/messages.html) was designed years before ringroadbug.com, explicitly to stop that type of attack.



Leaking Sensitive Data in Security Protocols

What is Ring-Road?

The Ring-Road Bug is a serious vulnerability in security protocols [e.g, QUIC but not CurveCP] that leaks the length of passwords allowing attackers to bypass user authentication. The Internet Engineering Task Force for HTTP/2 led by Google is working to create a patch to protect security protocols vulnerable to Ring-Road.

Researchers a part of Purdue University identified a major security issue with Google's QUIC protocol (Quick UDP Internet Connections, pronounced quick).

SoundCloud saved by emergency funding as CEO steps aside techcrunch.com
454 points by janober  12 hours ago   189 comments top 28
WisNorCan 10 hours ago 4 replies      
I am surprised that the majority of commenters believe that this marks the end of SoundCloud. SC just secured $170M in new funding with $100M revenue run rate. They have a product that many users and creators love. The new CEO is a Harvard Business School grad with experience as CEO of Vimeo, a similar media business. He brought the COO of Vimeo with him. If SC can reduce cost (not knowing what the drivers are, it is unclear how easy that is), they might be able to reach profitability quickly. This might be the start of operating SC like a real company by a real operating team.

"The new management should provide some additional confidence. Id interviewed both Ljung and Wahlforss in the past, and neither had answers to the big questions facing SoundCloud about its product direction, business model, and the spurious copyright takedowns that have eroded its trust with musicians."

On the other hand, existing employees equity value is likely wiped out in the down round. They are underwater on strike price of options, face additional dilution from prior investors' anti-dilution provisions and now liquidation multiples/preference from investors.

thinbeige 9 hours ago 5 replies      
Slightly OT: I understand how people feel about SoundCloud. But I am surprised that most of us exactly know what went wrong. They know what mistakes the management did and where the product should have gone. They know for sure how to lead employees, in good times and in bad times. They know when you should hire and when you should fire.

I wonder how many of us who are so fast in judging have really run a mid- or late-stage startup and know what they are talking about.

I know just one thing: Leading and managing people is a super tough job. We are not talking about leading a small team. No, it's leading a corporation and worse, managing investors who are chasing you night and day and playing power politics for years while being the nice daddy VC writing witty blog posts. And don't forget the three labels who blackmail you to death but are shareholders at the same time. Stuff nobody knows. We only know that Alex went to Burning Man and fired 173 people. So he must be a bad CEO having no clue of music, product and leadership. Of course.

It's easy to give good advice from outside. But it's so hard to understand what actually happens inside. All of us who managed just a small company know what I am talking about.

Managing machines, code or even a Kubernetes cluster is easy as pie compared to what the SC founders were going through the last years. Machines are predictable, humans are not. Just read Machiavelli's The Prince and get a notion of what people are willing and able to do to deal with other people. Backstabbing is their daily business and Game of Thrones is not that far away anymore from the life of a venture-backed CEO.

Not that I like Alex and Eric very much or what they did. Honestly, I don't care at all, I find SoundClound's products and the repetoire rather mediocre and I don't believe in online music as a healthy business model.

But I don't know any founders in Europe and in Germany who raised that big funds and could keep control for that long and the product still in an ok shape. Look what Travis is going through right now. For some who have never been in such a position, they just can't imagine how high the pressure and extreme the psychological stress is, how many ultra aggressive sharks are floating around you just waiting for one single mistake. Then, loosing control of everyhing happening in and around your organization happens quicker than you can think.

BlackjackCF 11 hours ago 7 replies      
Ooooh boy. This feels like the kiss of death for SC. So many startups hit this point and then get rescued at the 11th hour with more funding... on the condition of ushering in a new CEO and COO to try and pivot the company's direction. They completely change up the product and drive away the users, and the entire thing collapses like a house of cards.
dchichkov 10 hours ago 2 replies      
Sources from the company told us the layoffs had been planned for months, but SoundCloud still recklessly hired employees up until the last minute, with some being let go within weeks of starting. Employees told TechCrunch that the company was a shitshow with inconsistent

It's sad that the execs get free pass on ethics violations like these. And there are no consequences for these execs. And I don't understand why after such violations people still stay with the company.

forkLding 11 hours ago 1 reply      
Can't SoundCloud be the recording studio that signs on popular and promising indie artists (such as SoundCloud rappers like Lil Yachty or XXXTentacion who have to promote on their own) and provide marketing, music production connections and management for them and in turn earn a royalty/cut.

This way it doesnt alienate its users but in turn empowers and supports those that people like?

Just my two cents, I could be totally wrong or that they do this already, happy to hear any feedback on this.

dpflan 11 hours ago 4 replies      
Does SC help fledgling artists get "discovered" and get record deals (financing for their art)? Could an integration with something like Patreon help increase the value of using SC: first for creating content, then for allowing others to consume it.

Also, how has BandCamp done so well as an independent music service? Any lessons to learn there and to apply to SC?

dpflan 11 hours ago 0 replies      
Probably worthwhile to link this HN post of SC's own announcement: https://news.ycombinator.com/item?id=14991071
nihonde 11 hours ago 0 replies      
Yet another example of a great service that was killed by all the wrong kinds of licensing issues. Artists always saw the discovery potential in SoundCloud but bean counters just saw an opportunity to put the squeeze on.
bkanber 10 hours ago 1 reply      
The article alludes to $169.5M raised at a pre-money valuation of $150M. I'm not sure I've ever seen a round like this take over 50%. Who knows what the future of the company will be, but one thing is for sure: it's completely investor-controlled now.
beebmam 6 hours ago 3 replies      
Soundcloud offers an amazing service that benefits everyone that uses it. In a modern technologically competent socialist society, why can't something like this be run by the government?

The amount of art that would be lost if soundcloud actually shut down is tremendous. There's a public interest in keeping it around, in my opinion

sillysaurus3 11 hours ago 5 replies      
This is what happens when a startup fails. The problem with SoundCloud is that Spotify ate their lunch. I'm not sure this is solvable -- it's like being second place to eBay. Trainor might not be able to do much unless he pivots the company Jobs-style, which isn't an easy feat.

I have to wonder why the VC sunk more money into SoundCloud. Do they see an opportunity we don't? Or is it politicking? Hard to tell.

macrael 9 hours ago 0 replies      
What role did Chance the Rapper play in this? When they were making chooses that they would shut down he reached out to the CEO personally, I know.
myth_drannon 11 hours ago 8 replies      
Programming at work will not be same without SC. 8 hours per day of productivity boost.
supernintendo 8 hours ago 1 reply      
I've been saying this for years, SoundCloud needs some way for artists to monetize directly through the platform that doesn't involve advertising. Add a "support this creator" button to every page and take a cut like YouTube does with its Super Chat feature. I think they really missed out on this opportunity. Look at all of the podcasts that host on SoundCloud but monetize with Patreon, for example.
devmunchies 9 hours ago 2 replies      
It would be interesting if SoundCloud implemented a Patreon model, where you can pledge $1-$100/month to an artist you like, and SC takes a small cut.
koolba 11 hours ago 1 reply      
How much funding did they get and how much runway does hat provide?

I don't see it listed in either the TC article or any of the top level links.

pier25 11 hours ago 0 replies      
Does it make sense to pour money to keep a sinking ship afloat?

Just like Twitter, if the service changes too much it might lose its only asset (the community) but if it doesn't change it will sink.

swampthinker 11 hours ago 0 replies      
So SC will focus more on driving towards profitability now instead of growth. I wonder if SC will stagnate, or this cash infusion + new leadership will provide much needed stability.
nodesocket 6 hours ago 1 reply      
It's funny how German banks/VC's did not step up to make an investment in one of the most visible tech German companies. Instead a New York based firm and Singapore firm did.
exabrial 8 hours ago 0 replies      
As a future feature, it would be pretty awesome to have SC be some sort of free DAW, or tools to help the musician create tracks, rather than just hosting.

That would be a differentiator between them and uploading to youtube with a static image.

ovrdrv3 10 hours ago 1 reply      
If they do go down, I sure am going to miss that creamy react / redux front end... Amazing work by those devs!
richardknop 11 hours ago 0 replies      
I really don't like this. This looks like a death omen to me.

They will probably fire more employees, do 2 or 3 pivots to different business models and when that doesn't work out the company will die.

artursapek 10 hours ago 2 replies      
How does SoundCloud need 173 employees to operate? I mean, they laid off 40% and nothing seems to have changed so they clearly didn't. I wonder why startups tend to run so inefficiently. Has recently happened to Twitter, Etsy, etc. I imagine the companies could still be a lot more lean staff-wise than they are.
rdiddly 11 hours ago 0 replies      
"This financing means SoundCloud remains strong, independent and here to stay.

Independent? I beg to differ...

buryat 10 hours ago 0 replies      
This article would suit Washington Post better
smegel 10 hours ago 0 replies      
Wow for an in-browser music player that almost always doesn't work I am totally not shocked it is dying.
crispytx 10 hours ago 1 reply      
Here's one of their problems: Check out their advertising page (https://advertising.soundcloud.com/). You have to contact them if you want to advertise on their platform. You ought to be able to upload your 15-second ad, provide your credit card info, and starting running advertisements... $$$
Eridrus 11 hours ago 2 replies      
Does SC have ads? Would ads completely destroy the appeal? Could they not do the same free tier things as Spotify where you're largely paying to remove ads? Obviously not at $10/month, but maybe a few bucks. Could they license their content to Spotify/etc for ad-free play rolled into your existing subscription service?
Outraged about the Google diversity memo? backreaction.blogspot.com
564 points by rice_otaku  2 days ago   789 comments top 3
kromem 1 day ago 4 replies      
An interesting anecdote regarding gender bias and tech.

In the very early stage of my company, we wanted to outsource some UX work. After an exhausting review of applicants on one of the freelance sites out there, we finally settled on a Pakistani woman who had the best balance of portfolio vs cost.

At the initial Skype call, there was no video. And it turned out to be a guy speaking in a very high voice. We didn't really care and just went along with it (after a call or two he dropped his octave significantly, but everything continued with the original female name). But it was curious that this enterprising individual decided that the best way to stand out from the countless other developers with similar demographics he was competing against was to pretend to be a woman.

I do suspect that the presumed bias that women aren't actually as skilled and got where they are because of gender preference, while an uncomfortable bias for women, does make it so that a woman with equal skill to a male candidate is perceived as a greater rarity/find because "oh wow, this one is legit." (Not saying women are actually less likely to be legit, just saying the perception that is true can work to board in the opposite direction). I'd be extremely curious to see the classic "attach picture to resume/work sample" experiment done for tech with actual hiring managers. I'd be very surprised if the work with the female photo has a lower net score than the male photo across the experimental groups.

jernfrost 1 day ago 7 replies      
Great perspective. As a Northern European having dealt with American company ownership I don't think the main problem in Google's case was political correctness but rather a general American problem with how free speech is defined in the US. Freedom in America is always about government NOT doing something, while in Europe government is defined as a protector of these freedoms. This shows up clearly with respect to stating an opinion at a US company. There is no protection of free speech on private property in the US. I first encountered this when out company got bought by an American one and they i sisted that religion and politics should not be discussed at work. It surprised them that such a demand was illegal in Norway. Private property does not trumph everything else as it often seems to do in the US.

While americans are free to utter quite inflamatory speech in the public, I find that American culture seems to discourage any sort of controversial topic in polite company.

That applies to conservatives and liberals alike in the US. Discussing religion among conservatives in the US seems taboo. While liberals are not very open to having PC opinions challenged.

Const-me 1 day ago  replies      
IMO the best comment from there:

Giulio Prisco said...The results of this incident are easy to predict.

Now everyone at Google (and everyone in large tech companies, and everyone in academy) knows that they can be fired for expressing opinions that dissent from the party line.

Of course they'll shut up for fear of losing their job and the means to support their family.

But they won't change their position. If anything, their position will be radicalized. For example, from classical liberal to alt-right.

Yes, they'll stop expressing their opinion in public. But they'll express their opinion, with a vengeance, in the only place where one can do so in secrecy without fear of witch-hunting mobs: the voting booth.

Yes, that explains Trump.

The Kolmogorov option scottaaronson.com
519 points by apsec112  2 days ago   458 comments top 3
habitue 2 days ago 13 replies      
Let's say this is about the Google memo. And let's say, for the sake of argument, you're a person who thinks Damore had some good points and some bad points but you think the hysterically censorious response to him was way over the line. But you don't want to become a pariah yourself, so you stay quiet about it. The argument Damore was making was fiddly, kind of subtle and takes a long time to explain, it's not worth the trouble you're going to get into. You take the Kolmogorov option and decide to wait out this insane time period.

Only it turns out, when you don't decide to argue for that subtle and qualified defense of Damore, a bunch of alt-right internet trolls make some terrible fallacious defenses of things he didn't say. Suddenly, the original censorious instincts seem much more righteous and justified. After all, "Now there are only full-throated red-pillers arguing in Damore's defense! We were right all along!"

Now there are two sides to this issue, and they're both identity politics and brain-dead shouting. Because no one stopped and offered a third option: actually discussing his argument, acknowledging where he was right, and discussing what he got wrong.

my_first_acct 2 days ago 0 replies      
Certain topics, that otherwise might be interesting to discuss, are surrounded by minefields. One such topic is the distribution of intellectual ability within subgroups of the population. In contrast to the minefields that Kolmogorov deliberately avoided, this minefield was not put in place by a repressive government. Nor was it secretly put in place overnight by a fanatic band of social-justice zealots.

My observation, which I will offer without citation, is that this particular minefield was put in place, mine by mine, over a period of decades, through a process of fairly broad societal consensus.

To those who suggest clearing the minefield, thus permitting this topic to be discussed freely in public, I will invoke the principle of Chesterton's fence [1]: Before you talk of removing the mines, you need to show that you understand why the minefield was created in the first place, and you need to explain why now is the time to remove it.

[1] https://en.wikipedia.org/wiki/Wikipedia:Chesterton%27s_fence

tpeo 2 days ago 6 replies      
Besides ideological self-righteousness, Aaronson left out one important component of oppressive regimes, which I think is actually far more important: it takes a relatively large amount of people to topple a regime, while small groups as well as individuals do nothing but expose themselves by rebelling. So no individual with any regard for his own personal safety has any incentive to rebel, and will instead go along with the flow for as long as it's tolerable to him.

But this, on the other hand, would create an odd situation where actually the vast majority of people might actually wish for rebellion, but none of them actually acts out on that wish. Which I also think is actually much more likelier than what he's putting forward. True crusaders are rare, most of people are "just following orders".

Benefits of a Lifestyle Business bugfender.com
399 points by adchsm  2 days ago   256 comments top 35
weeksie 2 days ago 9 replies      
Sure! Lifestyle businesses are great, and so is the whole digital nomad thing (I spent all of 2016 and a good chunk of 2015 traveling around the world).

There are a ton of upsides but I wouldn't go back to it full time. For one, it's surprising how few of the digital nomad types are really that interesting, and while integrating with local populations is fun, you'll still find yourself missing the familiarity of people from your own culture (or similar, Western cultures, assuming you're a Euro or American)

Once you get used to life on the road it's grand. Still, nomad nests like Chiang Mai are insipid and full of scores of people hustling their drop ship schemes. More power to them, but it's just not my vibe.

I dunno. Go nuts, travel, see a bunch of shit, just don't assume the beach is going to be as stimulating as the (very likely) metro urban environment you're living in now.

sevensor 2 days ago 4 replies      
Your chosen lifestyle doesn't have to involve sea voyages in Southeast Asia or weeklong ski excursions. It could also be living in a medium-sized town in Flyover Country, U.S.A., working 40 hour weeks on interesting problems and spending lots of time with your spouse and children. If you've ever looked around at your Logan's Run coworkers and wondered what happens when you turn 30, here's one of your answers.
wanderings 2 days ago 3 replies      
Lifestyle business beats a startup, until it doesn't. I'm the example. Ran a category leading website for years until I was demolished by a fully focused bad ass team and thrown out of my leadership position. Ultimately, I was forced to sell out at a much lower valuation than I'd have if I were totally focused. It could vary on niche and industry. But one can't generalize it one way or the other. If you have a great position in a big sector and you don't go for the kill, someone else will and your lifestyle business would be likely chewed up by competition. If it's a business with an intrinsic moat(think a retail store in small tourist town), it's likely to sustain. Take frequent breaks while running a bad ass startup, but don't for a while think that you can let the ball drop.
AndrewKemendo 2 days ago 8 replies      
Is there some reason that people keep making the case for creating a standard business that supports one or two people? These types of posts have been pretty consistent over the years: "Take control of your life with a small business" "You don't need to make a massive company to be happy" etc...

I never see articles that encourage: "Here's why you should dedicate your life to starting a company and try to dominate an industry." It's like these posts are fighting against a boogeyman that isn't there.

I think 99% of all small businesses are "lifestyle businesses" where the founders aren't trying to build a market dominating billion dollar company. So who are these articles target to?

Is it simply the amount of press that surrounds VC and hyperscale companies that these folks are rejecting? I don't think any VC or founder has ever claimed that the only way to be happy/make money/do good is by trying to create a massive market dominating company.

k__ 2 days ago 1 reply      
Can we please stop calling regular businesses "lifestyle business", like it's some hobby for people who don't want to work in a " real" startup?!
orthoganol 2 days ago 0 replies      
From someone who's done both, they are not comparable, directly, but they have a complementary relation: The DN (digital nomad) life is absolutely an engine for the kind of creative and free thinking that engenders killer startup ideas. Startups are "the thing" you want to commit your life to, the world-changing vision that you're ready to sacrifice for; the DN/ lifestyle business/ remote gigs mode is the fertile ground, for when you lack strength of vision, you don't know what you want right now, so you slow down, gain experience, and grow your thinking.

Only ever doing one in your life without the other is unenviable, and makes it hard to fully enjoy and appreciate, or even excel at, whichever one you've chosen.

ArmandGrillet 2 days ago 2 replies      
"A good lifestyle business could even be turned into a multi-million dollar company, if thats what you want.": I've stopped reading there, I don't understand how articles that empty can arrive on top of HN. These questions (where to work? On what? How much?) get way better answers in "Ask HN" threads, articles coming from nowhere with a topbar selling me something are really not making me dream anymore.
boyce 2 days ago 2 replies      
This digital nomad thing just looks hellish to me. Maybe I'm getting old.

Can't imagine being somewhere nice but glued to a laptop, or getting anything useful done without reliable wifi etc, or being part of a team where the boss has gone on holiday but still showing up in slack etc.

I'd hate to feel like I wasn't part of the team for not getting our kids together or not wanting to holiday or spend a day off with colleagues. I'm not impressed by instagram or medium posts from perfect looking beaches giving business advice.

Not sure when a lifestyle business went from being a business that fits around your lifestyle to making the appearance of living an idealised lifestyle everybody else's business.

miheermunjal 2 days ago 3 replies      
I... I feel I can't believe the company has 1) top salary, 2) top benefits 3) unlimited travel 4) work remote 5) top enterprise clients 6) small teams 7) work as much as you want?

either someone is ridiculous at managing at all of this (kudos!) or something is slipping somewhere. Even in custom-dev it can be cutthroat, especially with large-scale projects and demanding clients.

jasonrhaas 2 days ago 0 replies      
Meh, kind of a generic article about how you should prioritize lifestyle over building a startup. I guess this is nothing new to me, I did the digital nomad thing with Remote Year for a year and change, and now I'm still working remotely in Austin, TX.

I do miss the constant travel, there is always something coming up to look forward to. When you are in one place, not constantly traveling, you have to make your own fun. Which is why I've taken up other things like riding motorcycles, brewing beer, and speaking at my local Python meetup.

All that year I was working full time as a Python Developer while traveling constantly. Every weekend was an epic adventure. It's an amazing lifestyle if you can pull it off, but its not for everyone can definitely will wear on you after a while.

buf 2 days ago 0 replies      
I own a lifestyle business and I work at a startup as the founding engineer, but I work remotely.

When you work remotely, you can treat both your lifestyle business and your gig the same, insofar as you have the freedom to take an hour off your gig to do some calls for your lifestyle business in the middle of the day, or you can test particular technologies on your lifestyle business before you commit to it in your startup.

I find them both to be healthily married.

I still have the freedom to hang out with my kid at lunch, or work from a far away place, while at the same time achieving my career goals and attaining financial independence.

Mz 2 days ago 0 replies      
Give me a break. He is playing fast and loose with terminology and it is disingenuous because he is twisting lifestyle business to be whatever he wants it to mean while dissing startups and not giving that term the same flexibility to be "anything that grows fast, even if it doesn't eat the CEO's life."

I hate the term lifestyle business and articles like this one are part of why. I have given my POV previously here:


My recollection is that Plenty of Fish was started by one guy who never took VC money, so he got to keep all the money when he sold for millions. Articles like this don't mention examples like that when justifying their biased opinion that "lifestyle business" = good and "startup" = bad. (In part because of the lack of VC money, I assume that Plenty of Fish was not a pressure cooker. Upon rereading my comment, that assumption does not seem clear.)

chatmasta 2 days ago 1 reply      
A lifestyle business seems fundamentally incompatible with a team oriented business. Let's assume the goal of a "lifestyle" business by a single founder is to automate all operations such that little to no work is required on the part of that founder.

Ok, that's all well and good. But some of that "automation" will inevitably be delegation to the founder's employees. So the employees have to work. The founder doesn't have to work. How can the founder possibly show good leadership and build a strong team if his goal is to work as little as possible?

As a founder, you are responsible for the well being of your employees. That's why they're employees, not independent contractors. If you're working four hours a week with a team of employees, there is a high chance you're shirking some responsibility toward them.

And if you decide to be a full time boss, then you're still building more than a business. You're building a team that you are responsible for. That is, you "answer" to other people - your employees. At this point, the advantages of a lifestyle business over VC funded business ("low hours," "not beholden to anyone") start to lose their luster.

If you're interested in building a team, and a lasting enterprise, then it becomes more logical to just take some seed funding so you can safely pay your employees and ensure an early growth trajectory. Whereas if you're only interested in a totally automated business to provide you and your family a stable income, then you should avoid hiring employees because you'll just end up beholden to them.

Thus the ideas of a "fully automated lifestyle business" and a "lifestyle business with a strong team" seem at odds with each other.

alissasobo 2 days ago 1 reply      
At a certain point, this blog post seemed mostly about the great traveling opportunities that this company offers its employees. That's' neat, for employees who are kid-free. But as a developer married to developer... with 2 kids under the age of three... I can tell you that those work retreats abroad actually become pretty challenging for families. At a certain point.. people want to have kids. I would find a company who made their employee perks more about realistically supporting families far more appealing.
mcone 2 days ago 1 reply      
Site seems to be down. Here's the cached article: http://archive.is/p5ZLR
swlkr 2 days ago 0 replies      
Lifestyle businesses eventually give you more of what you really want, freedom.

VC backed startups seem to just give you a new set of bosses.

tixocloud 2 days ago 1 reply      
I think what's important here is that we each have to know what our lifestyle aspirations are.

For some folks, a lifestyle business is better suited for them as they are looking to get more time out of their lives to do other things.

For others, a startup might be better because they have more control over whatever product/service they are providing.

znq 2 days ago 1 reply      
Just in case people are more interested in the details of the business we run, Indie Hackers recently ran an interview with us https://www.indiehackers.com/businesses/bugfender
thefuzz 2 days ago 6 replies      
I'm someone who is thinking of changing carriers at 30 to become a developer. I love the idea of cutting out bureaucracy and office politics and be paid decently. I'd love any thoughts and advice from more experienced people about what I should do in the next 12-24 months.
lafay 2 days ago 1 reply      
I'm all for lifestyle businesses and side hustles. But some ideas really do require a lot of up-front capital. It's hard to imagine Tesla, SpaceX, Boom, or Nest succeeding as lifestyle businesses.
josh_carterPDX 2 days ago 0 replies      
I have grown both a lifestyle business and a startup and I still don't know which I prefer. I mean, it's nice to have some flexibility, but it's also nice to find the capital that helps propel your business faster. It really depends on the business, the person, and what you'd like to get out of the venture. At the end of the day it's a preference. I don't think one beats the other.
fiatjaf 2 days ago 1 reply      
Has "lifestyle" changed its meaning? It seems to mean now that if you're "focusing on lifestyle" you are kayaking on the Pacific Ocean.
rb808 2 days ago 1 reply      
The people who I've seen who have the best lifestyle have big chunks of work followed by big chunks of time off.

They tended to work 6-12 month contracts followed by 3-6 months off. This works great in a good economy, when it turns sour its more difficult.

The other happy group worked in mines or oil rigs on a month on month off schedule. They got paid tax free and had 6 month long vacations a year to travel.

I think I prefer those options to working while travelling.

chet177 1 day ago 0 replies      
You could pretty much have the lifestyle you want wherever you are. You don't need to go anywhere really, unless you want to be snorkelling or scuba diving everyday

Most days you just want to eat well, exercise, meditate, do a good job, try'n make some money, spend time with family, and sleep well. The odd day you do feel adventurous just take off on your motorcycle or hop on a plane.

No great scenic view will make your life automatically better. The scenic view in itself is only benefit there is. That I have to agree!

lquist 2 days ago 0 replies      
Also this doesn't have to be an either/or decision that you have to make on Day 1. We started our business as a lifestyle business and as it got traction have decided to pursue a startup approach. On track to do $10M+ revenue this year :)
kornakiewicz 2 days ago 8 replies      
What does 'a lifestyle business' mean, anyway?
goodroot 2 days ago 0 replies      
Many comments in here make the dialogue feel like a roiling cauldron of over-work and burn-out. Whether you're nomadic, working in a start-up, working at a mega-corp, working at the the grocery store, balance in life is crucial.

In knowledge work, how can one really spend more than 40 hours producing quality output? It becomes an unhealthy compulsion to sate a hyper-stimulated existence instead of a strategy for creation. Whichever way you choose to work, focus on health and ample rest. The rest will take care of itself.

astrowilliam 2 days ago 0 replies      
I've been working in tech for the last 10 years. I've come to the point that I need to enjoy my life and not sit in an office 10 hours a day, coding for someone else's vision.

So I started a brand ( https://lasttrystuff.com ) of my own so I can enjoy an active lifestyle while adventuring. It doesn't quite pay as much, but the trade offs are immensely satisfying.

lazyjones 2 days ago 1 reply      
How does the business case of such a "lifestyle business" look, i.e. the numbers? I'm not sure whether operating out of a sailing boat is affordable for small companies and the $6500 MRR of bugfender can't be covering it...
matchagaucho 2 days ago 0 replies      
Not sure I'd agree with the OP's definition of Lifestyle Business, given he's operating a service company with employees, payroll, clients, and sales quotas.

That's no less hectic than a start-up.

jjmorrison 2 days ago 0 replies      
Sounds great if you want to optimize for your personal happiness. But not a feasible way to really make an impact on the world. The world needs more of the latter IMHO.
quadcore 2 days ago 1 reply      
Why does the author think one has to be happy the way he does? Lifestyle business beats a startup for some and the opposite is true for others.
sgwealti 2 days ago 0 replies      
What is a Lifestyle business? I read through the first 50% of the article and didn't see that term defined anywhere.
SirLJ 2 days ago 0 replies      
The holy grail is to automate, once done you'll be really free to enjoy life and give back to humanity
SKYRHO_ 2 days ago 3 replies      
Whoops... Did HN Crash their site?
Apple staffers reportedly rebelling against open office plan bizjournals.com
400 points by V99  3 days ago   390 comments top 23
seorphates 3 days ago 8 replies      
Working in open office plans is simply awful.

Personally I believe remote work, for any tech-enabled employer, makes the most sense. The impact on infrastructure by removing commuting alone could maybe help save the planet. And our collective sanity.

Wouldn't it be nice to have ISPs that can provide an infrastructure that could actually support that? I think so.

The hideous effects of cluster-fucking hundreds of thousands of people daily just needs to stop. Tech companies are guilty. They're huge and, humbly opined, are idiots for making it worse and not really needing to. Top that off with an open floor destination and.. damn, work is beat.

inetknght 3 days ago 10 replies      
My company only has offices for upper management. Everyone else is at a table. Tables are arranged in groups of four.

Now, I get it, some people like open office environments. Good for them.

Me? Well, I've told many coworkers that I can't work from home because I wouldn't work from home. There are too many distractions at home, so I need to be at the office to be productive.

But this open office?

There are days where I am convinced I would do more work, be more productive, and feel more satisfied if I worked from home.

I went and bought some noise cancelling headphones. They help, but definitely not enough. My table is by the main door. With a room of 40+ engineers, there's constant distracting traffic. Some people make snide comments about my choice of operating system, keyboard, language, editor, typing noise, attire, whatever. Or to chat about the games that I missed last night, something happened at the not-company-sponsored-happy-hour that I didn't get the invite to, or something about lunch that, you know, you should have been there and if only you wouldn't leave the office for lunch. Or about how your racing car is in for the shop because, well, actually I don't even care why. It's just in the shop (I know! you told me!) and you expect me to care about car parts too, and shame on me for not knowing the difference between a maserati and a miata.

On the other hand, any time I mention to my boss that I'd like at least a cubicle the response is "it's not going to happen". Thanks, boss! I'm glad you've got my productivity concerns on your plate. I'm glad they can just, you know, be heard. Not addressed, just heard. It's really helpful to be heard. All day. It's real helpful to hear everyone's discussions while I'm trying to do work.

Honestly, guys, if you like an open office environment, that's good for you. Not everyone wants one and not everyone works well in one.

Joeri 2 days ago 2 replies      
Apple has insisted in presentations to the city of Cupertino that the open floor plan designs are conducive to collaboration between teams, per Bloomberg. But the high-level executives, including Apple CEO Tim Cook, are exempt from this collaborative environment and have offices on the fourth floor of the new building.

See, this is exactly what's wrong with open plan offices in most places. If a CEO honestly believes open plan is better for collaboration, then they need to eat their own dog food. That CEO needs to be sitting right in the middle of things. If they find they can't get anything done as a consequence of the collaboration they are in the right place to take action to fix that. And if they are able to achieve productive outcomes, they are also in the right place to argue against people who say it's not possible. Letting upper management avoid all the downsides of the open plan layout causes problems with it to fester and will bring overall worker satisfaction and productivity down. In short, it is bad management to treat management in a special way.

loco5niner 3 days ago 2 replies      
Hopefully, more and more companies experience backlash from this. It is a horrific mistake to add distracting elements to most programmers environments. Even worse, in my open office plan, they put our very loud finance group right next to us. Absolutely no thought of noise management was considered, except for putting in horrible "white noise" generators that set off my tinnitus Thankfully, my direct manager is understanding and let me turn off the one directly over my head. And by directly over my head, I mean about 4 feet.
nemo44x 3 days ago 4 replies      
It all seems so backwards. Instead of having collaborative working spaces with private rooms for meetings, doesn't it make more sense to have private rooms for working and collaborative meeting spaces?
hkmurakami 3 days ago 1 reply      
It's really kind of amazing to me how in 20 years we've gone from laughing at the cacophonous, claustrophobic, diseases-transmission-inducing, open office plans of other economic regions (ex: the traditional Japanese office http://1.bp.blogspot.com/-CadIFZ3h638/T7yGtzdxVDI/AAAAAAAABe..., or the Wall Street trading floor), to precisely emulating their layouts (with better superficial aesthetic design), inheriting both their economic efficiency and productivity inefficiencies.

I'll take a cube farm with 5 feet walls any day over an open office.

chmaynard 3 days ago 3 replies      
I worked at Apple during the years when the company designed and built its first campus at 1 Infinite Loop in Cupertino. As I recall, Apple R&D employees were considered stakeholders and participated in the design of the interior spaces. Apple wisely decided to give each engineer a private office. There were open areas near the offices with comfortable furniture and whiteboards for engineers to meet and collaborate. I worked in one of these buildings from 2001-2007, and I can confirm that the work areas were beautifully designed and ideal for fostering productive work. It's sad to hear that Apple apparently abandoned this approach in its new campus.
aetherson 3 days ago 1 reply      
I am fairly close to someone who works at Apple. His team is avoiding the new spaceship building. He mentioned wanting to keep his office, but that was just one part of several different complaints, including just "it turns out that the building isn't big enough for most of the people who work at the HQ in Cupertino," and "My team would probably have to split up in awkward ways because not everyone would be able to work in the spaceship (due to space constraints)."
nashashmi 3 days ago 8 replies      
Man, I remember in college when we would be working long hours in the library on a computer lined up in a row of computers. Every one would be intensely working on what they needed to. Sometimes two would work together. This was especially true before presentations when we were trying to put our stuff together. It was neat. It was collaborative. It was fun. And we were happy.

Open floor plan is reminiscent of those days, but it isn't working. And I cannot figure out why. What's missing? Intensity? Work? Stress? Team building therapy? Or just trust? Whatever it is I hope we figure it out.

sidlls 3 days ago 2 replies      
Open offices diminish workers to cattle status. Most work, even the kind many developers would not think of as being so, in tech companies requires thoughtfulness often and collaboration less often. I consider open office plans to be disrespectful and an indicator of second-class status.
minwcnt5 3 days ago 0 replies      
Headphones are a poor solution to the noise problem in open offices. I find it uncomfortable to wear them for 8 hours at a time, and it means I can't overhear the conversations I do want to overhear. Sitting elsewhere only works if I have a task I can do on a laptop; for serious development work I need a lot of screen real estate. That solution also has the same problem as headphones where I might miss important conversations because I'm too busy hiding from noise created by people doing work completely unrelated to mine.

There's a pretty happy medium, 2-10 person offices (with 4-5 being the most common size) with glass walls. Google used to have a lot of these before completely open plans became en vogue, and it was very rare to hear complaints. They allow frequent interaction with your most common collaborators while blocking out conversations from distant teams. They reduce visual distraction while still allowing in lots of natural light and inviting conversation. Doors were usually left open, so it was pretty comfortable to walk into another office and start up a conversation.

With the giant, open, chicken-farm style floorplans, people feel too self-conscious about dozens of people overhearing to have small 2-3 person conversations near their desks, which means more formal meetings with all the associated overhead, and fewer impromptu questions like "hey does anyone know of a tool to do X?" And then you're still more distracted anyway due to all the typing, people walking by, large groups being loud when gathering to eat lunch or go to a meeting together or whatever.

I only see two advantages of completely open floors: slightly cheaper (glass offices can be made almost as dense, but not quite, and I guess the glass partitions aren't free), and better circulation to dissipate bad odors more quickly.

kevinburke 3 days ago 1 reply      
One solution to this problem would be for Apple employees to form a union and collectively bargain for better working conditions. Probably just threatening to do this would lead to significant concessions.

Any Apple employees interested in this should contact Maciej Ceglowski on Signal at +1415-610-0231.

knorker 3 days ago 1 reply      
I recently watched the movie Office Space.

Oh, such a wonderful working environment. To have the privacy and isolation from distractions and interruptions that a cubicle gives. What I wouldn't give to work in such a great office space.

chank 3 days ago 1 reply      
My company recently switched to an open floor plan. It's done nothing but increase distractions and office gossip. Everyone I know tries to get away from their desk as often as possible. Ducking into side rooms, attempting to work from home, and just plain using any excuse to escape the zoo.

Management loves open plans because it's the cheapest seating arrangement. They claim that it will increase collaboration while exempting themselves from having to deal with the environment. The truth is that just being able to see someone without walking over to their desk isn't going to magically make you communicate with them more or make your output higher. Some people like open floor plans but it's been my experience most people don't and just grin and bear it while slowly dying inside.

borplk 3 days ago 0 replies      
> open floor plan designs are conducive to collaboration between teams

This is just an overused cover-up story to avoid stating the real reasons which is cutting costs and monitoring employees.

They use "collaboration" so that you can't voice your opposition to it easily.

If you do that they will beat you with the "not a team player" and "not a culture fit" sticks.

Then in reality unhappy employees sit next to each other with noise cancelling headphones whose job has been unnecessarily harder than it already is because now a part of their mental focus and capacity is actively going towards ignoring distractions.

synicalx 3 days ago 1 reply      
We're going one step better at my work with our new/future office, "Activity Based Working". All the trappings of "open plan" but with even more features to make Government work more soul-crushing and complicated.

One office, with desks for 80% of the staff (because the other 20% need to take the hint and resign). Each desk only has one monitor, keyboard, and a mouse. If you've got certain ergonomic requirements, or need a colour accurate monitor, or a large monitor, or several monitors then you're just a naysayer who is obviously not productive enough to understand the ways of the future.

No one 'has' a desk, instead you grab your laptop out of your locker each morning and go find one. Or you might be allocated a desk via a morning raffle, not sure on this one yet. At the end of each day you clean every surface with alcohol wipes, which you then queue up to place in the singular bin that services the 300ish staff. Anyone who sits at the same desk twice will have to complete "Activity Based Working" training, in much the same way intoxicated road users may attend a DUI class.

There will also be no car parks for staff, who are being encouraged to use public transport. The fact that this public transport doesn't actually exist yet is just a "growth opportunity", but who's growth we're referring to here is not yet clear.

This might all sound like a joke, but the sad thing is it's 100% serious. Literally all of the above has been set in stone by minister that our department reports to.

pimmen 2 days ago 0 replies      
"But the high-level executives, including Apple CEO Tim Cook, are exempt from this collaborative environment and have offices on the fourth floor of the new building."

Because private offices offers control over your working environment; if you need to collaborate, use a conference room, if you need a quick discussion, call them up on Slack.

I'm not going to touch wether or not the CEO has earned the best working environment, but let's bring attention to the fact that the CEO is promoting less control over your working environment for his employees and claim open-office plans offers all kinds of benefits, while the C-level management chooses to opt out. Either that's very noble of them to sacrifice all the benefits of open-office, or they're being a bit disingenuous about why almost everyone else gets an open-office plan.

a3n 3 days ago 1 reply      
In (almost) all open office environments, people above a certain level have private offices.


Why don't they want to be as productive and collaborative as their reports? Conference rooms and phone rooms are just as available to them as they are to the rest. They can probably even afford much better head phones than the rest.

I just don't see enough of a difference to justify it.

pasbesoin 3 days ago 0 replies      
Apple has the money to afford whatever it wants. If it's like any other place I've seen, I expect there's longstanding communication of one or another sort from high performers that they want distraction-free environments.

From what I've observed of such high performers, they are not anti-social nor anti-collaborative, nor are they "crippled" in either respect. Rather, many of them are the most capable in these areas, because they actually pay attention and focus on getting things done -- and done as well as time and resources allow.

The fact that Apple, like many workplaces I've observed, chooses to ignore this and push a paradigm that increases their stress and decreases their effectiveness and efficiency?

Well, as I learned in my own experience, over the years: This is just a fundamental level of dis-respect.

I don't know anything about Apple work internals, specifically; the last time I intersected with those peripherally was in the early '90's.

But when you blatantly disregard what employees tell you -- and in this case, "professional" employees who have a high degree of training and awareness about the tooling they need, including their work environments, to be most effective. Well, that's just disrespect.

And employers who persistently engage in such, deserve what they get. I hope -- because at some point, this counter-productive... "ideology" needs to die.

P.S. Those employees that want cubicles or open-space? Fine, give it to them. I don't want to dictate environment, either way.

Trust your employees to select what works best for them.

And measure the results. Objectively, not in the typical performance review ex post facto rationalization and justification.

In my own experience, top performers cautiously (politics) leapt at the chance to work from home and otherwise gain undistracted blocks of time to adequately focus on complex problems and program management.

Those who embraced the cycle of endless meetings, interruptions -- including environmental -- and superficially-addressed delegation? They faced the same problems, month after month, cycle after cycle.

nupertino 3 days ago 0 replies      
I wonder if anyone will make a claim about necessary workplace accommodations under the Americans with Disabilities Act for ADD/ADHD. I already take medication which makes it almost OK for me to share an office - a recent change for me after 20 years. But I'm still freaked out by someone literally 3 feet away from me. My social anxiety and borderline asperger's really make me seize up until I can be alone in the late afternoon / evening.

When I had my own office, I was able to do things like coordinate health care, talk to my wife, and eventually the divorce lawyers, but with the knowledge that I could close my door and have privacy - now I have to escape to a staircase to have a private conversation.

Plus, I'm terribly annoying to be around. From my mechanical clicky keyboard to a desk overflowing with artifacts and fidgets of various ilk, sharing a workspace means subjecting everyone else to my idiosyncrasies, mumblings and offensive body oder.

norea-armozel 3 days ago 0 replies      
I'll never understand the fascination with firms repeatedly going for the open office plan. I remember seeing pictures from the early 20th century where such offices existed full of people typing away. I don't know how they handled the noise or the fact they couldn't isolate themselves to do their work whether it was repetitive or novel in nature. It just seems like firms think of labor as a singular mechanical process and not as something that's done in an irregular and discoordinated fashion (as I've seen in my personal experience from working in factories and currently working in software development). I really think managerial practices need to update with the facts instead of forcing the facts to fit with their expectations.
skc 3 days ago 0 replies      
Every article I've read about this building in the past has gone to great pains to point out the artistry, elegance and taste that was applied in building it.

I now find it highly amusing that at Apple, form over function won out yet again.

brudgers 3 days ago 1 reply      
Good architecture does not come from curved glass and 1mm joints between materials. It comes from human habitability. Why build a building that makes people unhappy? It seems to miss the point.
Ask HN: Projects that don't make you money but you're doing it out of sheer joy?
445 points by superasn  1 day ago   540 comments top 64
yourduskquibble 1 day ago 8 replies      
I just saw this thread, and honestly it is probably too late to get noticed by many, but I'm attempting to 'unsuck the web' with my project[0] by pinning "sticky" website elements where they belong - i.e. the website header shouldn't steal your screen real estate and scroll down the page with you.

My project/uBO filter list removes the "annoying" elements noted above as well as other "features" of websites (e.g. social share bars, cookie notices, etc) through a filter list that works with uBlock Origin.

I update the list often, and admittedly am probably entering into an arms race but I'm just really sick of websites hijacking (what I think) the web was built for (information).

Feel free to subscribe to the filter list by pasting the URL below[1] into the 'Custom' section under the '3rd-party filters' tab of uBlock Origin.

This filter list also works on mobile Firefox for Android with uBlock Origin installed.

[0] Project Homepage https://github.com/yourduskquibbles/webannoyances

[1] https://raw.githubusercontent.com/yourduskquibbles/webannoya...

StavrosK 1 day ago 11 replies      
Oh man, that describes all of them.

http://ipfessay.stavros.io/ - Publish uncensorable essays on IPFS

https://www.eternum.io/ - Pin IPFS files with a nice interface

https://www.pastery.net/ - The best pastebin

https://spa.mnesty.com/ - Fuck with spammers

https://www.timetaco.com/ - Easily make nice-looking countdowns

And this is just the last two months or so? Also, lots of hardware stuff:


dmuth 1 day ago 6 replies      
I built a website which offers real-time statistics for Philadelphia's Regional Rail train system: https://www.septastats.com/

This lets public transit passengers answer questions like:

- "My train is getting later and later, is it actually moving?"

- "My train is getting later and later, has it actually STARTED its journey?" (sometimes the answer is "no", sadly)

- "Is it just my train, or are many trains running late?"

- "What was the on-time performance of this train like yesterday? 2 days ago? 7 days ago?" (Some trains tend to be chronically late)

It may come as a surprise that the backend of the system is actually not a database, but Splunk (http://www.splunk.com). DBs are nice, but Splunk is fantastic when it comes to data analytics and reporting.

I'm currently waiting for Splunk to make some of their machine learning modules available for free so that I can start pulling in weather data, train the machine learning component against both that and the train data, and use that to predict the likelihood of any given train becoming late.

jimhefferon 1 day ago 3 replies      
I write math texts that are Free. It is my creative outlet. My Linear Algebra (http://joshua.smcvt.edu/linearalgebra) has gotten some traction (and I get a small amount of money from Amazon). I also have an Introduction to Proofs: an Inquiry-Based Approach (http://joshua.smcvt.edu/proofs) that I find helps my students, but is in quite a niche area. And I'm working on a Theory of Computation.

If I didn't have some creative work I would be much less happy.

superasn 1 day ago 3 replies      
The reason I'm asking this question is because I realized something recently. I've been a programmer all my life. I used to love programming in Delphi, VB :P, Perl, PHP, Javascript, etc since school. I created all sorts of stupid things like Winamp plugins[1], Graphics software[2], Games, etc. It was programming just because i liked making the computer do things for me.

But then somewhere along the line my projects started making me money and then I start reading all these marketing books and my perception changed. Now if I'm creating a site I'm usually more focused on SEO, list building and crippling my software so that I can extract more money from my users. I am making more money but the joy of doing it is gone. I feel bored writing software and generally browse HN and reddit and generally force myself to work.

Maybe it's time to go back to the basics and work on stuff just for sheer joy of doing it :D

[1] https://techcrunch.com/2008/09/27/songrefernce-turns-your-mp...

[2] http://www.makeuseof.com/tag/extreme-article-marketing-conve...

raphlinus 1 day ago 2 replies      
I have a largish open-source portfolio, including a markdown parser, a regex engine, some music synthesis, and some more researchy stuff like a font renderer and a prototype of concurrent text editing using CRDT's. I'm lucky to be working at Google where I get paid 20% time to work on this, but the motivation is definitely not money.

The biggest item in my portfolio is xi-editor, and I confess I'm wrestling with some of the questions raised in this thread. I think it has the potential to be a serious player in the editor space, with extremely high performance goals (including fast startup and low RAM usage) yet a modern feel. It also has a great little open-source community around it who have been contributing significant features.

Yet it's at the point where it's _almost_ done enough to use for day-to-day editing, and I'm hesitating a bit before pushing it over the line. I think I'm scared of having lots of users. It's also the case that I'm very interested in the engine and the core of the UX, but the complete product needs a plugin ecosystem and along with that ways to discover, upgrade, and curate the plugins (including making sure they are trustworthy, lately a fairly significant concern). That's potentially a huge amount of work, and it doesn't really line up with my interests.

I'm wondering if it's possible to focus on the parts I care about and try to foster the community to take care of the rest, but I'm not quite sure how that would work.

If this were a business and I had some way of making a few coins from every user, then my incentives would be lined up to make the best overall product possible, including the less fun parts. But that's off the table; among other things, there are a number of good free editors out there, and the niche for a better but non-free editor is also well occupied.

Maybe the HN crowd has some ideas?

ztravis 1 day ago 1 reply      

I've always wanted a good Arabic root-based dictionary with vowelling, plurals, etc (basically Hans Wehr online). I also wanted the structured dataset for some linguistic "research".

It was a fun project - I built out a web interface for reviewing and updating entries and put in a lot of hours of manual correction (just to get all the entries to validate - I still have a lot more corrections/fixes to make...). I'm a little burnt out on it at the moment, but I plan on:

- fixing those mistakes and a few other bugs

- cleaning up the UI/display

- moving onto a "real" server framework

- writing up some blog posts about those short linguistic investigations I'd like to do now that I have the structured data

- making an API?

Notably lacking is any plan to promote it... I posted it on reddit and I'd love it if people stumble upon it and find it useful, but I did it mostly as a labor of love and something that I personally find useful!

grecy 1 day ago 0 replies      
I created, run and maintain http://wikioverland.org, the community encyclopedia of overland travel

It's a wiki of all the info you need to drive your own vehicle around a country, continent or the world.

Border crossings, paperwork, insurance, gas prices, camping, drinking water, safety... it's all in there for a massive number of countries in the world.

I'm driving around myself, and it occured to me there is so much info out there but it all slides off the front pages of blogs and forums or is buried in facebook posts. Every three months people re-write and re-post the same stuff because they couldn't find it in the first place. The idea is not for WikiOverland to contain all the info, but at least link directly to it.

CM30 1 day ago 2 replies      
Wario Forums and absolutely anything else associated with it:


Yeah, I know it's not particularly fancy, nor does it involve any clever coding tricks or interesting features. However, it's literally the only community on the internet dedicated to the series, and one I've decided to run for a minimum of two decades to make sure said franchise finally builds a decent fanbase.

Is it going to make money?

Probably not, given how the franchise it's based on sells about 2 million copies worldwide at most, and hasn't gotten a new game since either 2013 (WarioWare) or 2008 (Wario Land).

But it's one with a passionate audience that up until recently had nowhere online to discuss the series nor anywhere specifically dedicated to their favourite franchise. So I decided to change that by setting up and promoting a community based on it, with the guarantee I'd keep it open for decades in the hope that eventually a community at least the size of the Earthbound one comes about here. With the hope that eventually I won't need to run the forum because there'll be enough sites about it to sustain a decent fandom.

weddpros 1 day ago 3 replies      
I built https://sslping.com/ to help monitor website TLS/SSL security and certificates. It has 300 users and checks almost 7000 servers every day for TLS problems.

It's a little like SSLlabs server test, only much faster (5 seconds instead of 2 minutes), plus the tests are recurring every day, and you receive the diff if any.

It's always been a joy to receive thank you emails from users, or adding new features for users.

SSLping also allowed me to learn React and Redux. I'm still working on it, adding new features and refactoring what I don't like.

If I ever have to stop hosting it, I'll open source the whole thing. Or maybe I'll open source it anyway. If I could find a deal with a security company, I would work on it fulltime.

I consider it's a success, even if the numbers are not as high as I'd like.

t0mek 1 day ago 1 reply      
Yet another Game Boy Color emulator, written in Java:


It's quite compatible and brought me a lot of fun. Blog post describing it:


purescript 1 day ago 3 replies      
I work on the PureScript (http://purescript.org) compiler, tools, libraries and book in my spare time (along with many other unpaid contributors), because it's the programming language I wished had existed when I started creating it. It's still the closest thing to a perfect environment for web development, at least as far as I'm concerned :)
tomcam 1 day ago 1 reply      
Hope I don't get flagged or anything. I am astounded by the generosity of the amazing people on this page and have been upvoting like a madman. I probably look like a bot at this point
jconcilio 11 hours ago 0 replies      
http://www.penginsforeveryone.com - giving away stuffed penguins. Just because we can. (Hoping to actually register this as a nonprofit, but right now it's basically a completely unprofitable business venture.)

ETA: On the development end this has been a pretty great project for my fiance and I. He built (and I'm learning from his efforts) a database for processing requests, filtering by priority, etc., and then an integration that allows those we want to send to be exported to a file we can pull into our stamps.com account, and that creates drafts of the Wordpress posts that power our map of sent friends. The database is pretty big (we're sitting at about 21K requests right now on a shared hosting platform) so some of the work has been to load the requests asynchronously so you're not waiting for 21,000 rows before you can manage requests...

xeo84 1 day ago 0 replies      
Touchboard: http://www.timelabs.io/touchboard Open source app for iPad to send keys to your pc / mac. I use it for gaming, I really find it useful, here is a video of it: https://www.youtube.com/watch?v=s1KOUj9SK_c

I've also made CbrConverter: https://github.com/timefrancesco/cbr-converter

Coverts pdf to cbr and vice versa.

And then there are a bunch of other small projects like:

- Ebay Search Scheduler (schedule Ebay searches with custom parameters)

- Twitter Time Machine (download and browse your twitter timeline) https://itunes.apple.com/us/app/tweet-time-machine-2/id83212... - windows version also available

- Autosleep (put the windows down for good) https://github.com/timefrancesco/autosleep

And many others I really enjoyed making and using.

m52go 1 day ago 2 replies      
100 Million Books -- mission is to promote intellectual diversity.

It's a Chrome extension/homepage that shows you a new book every time you open a new tab, plus a special hand-picked idea that teaches you a new perspective/fact/concept.

I'm evaluating a couple different paths to make it profitable, but it's not currently making anything since Amazon cut me off its affiliate program.


snickerbockers 1 day ago 2 replies      
For almost a year, I've been writing a SEGA Dreamcast emulator called WashingtonDC. It's slow and it doesn't play any games yet, but it can boot the firmware menu and display the animated "spiral swirl" logo. https://github.com/washingtondc-emu/washingtondc
gadgetoid 1 day ago 3 replies      

A somewhat interactive GPIO pinout for the Raspberry Pi.

Not so much out of sheer joy, but because I needed it.

It started as a basic way to explore each pin and its available alt-functions.

Listings of add-on board pinouts were added later for people who want to use multiple boards- or perhaps connect them to a different host.

martin_drapeau 15 hours ago 0 replies      
Been working on https://www.findyourtennis.com since 2011. Amateur tennis league/tournament management. 3 leagues have been using it recurrently for 3 years here in Montreal. The managers, volunteers, save dozens of hours every season.

Started off as a 'find a tennis partner' forum however getting traction was difficult. Chicken and egg problem. Slowly migrating to solving problems of league and tournament management. Will drop the forum one day. Long transition to do part time.

Now working on a mobile version with cordova. Testing it on the league I am managing. Saves us a lot of time since it automates lots of tasks and avoids the use of Excel.

I don't expect to make money. Market is small and problem is tough to solve. UX intensive. However fun to do on spare time.

My objective is to launch on the app store in 2018. Then I hope lots of leagues around tue world will use to simplify their lives.

apancik 21 hours ago 1 reply      
I made Plain Email [0] just because I couldn't find any email client with clean work flow without distractions. I use it pretty much every day. Thinking about open sourcing it - just can't find the time to refractor it nicely.

I also built news aggregator 10HN [1] with throttling (ten best articles every morning and every evening). I use it daily and it helped to fight my procrastination a lot. It's also interesting to watch the data how stories evolve and get popularity.

[0] http://www.plainemail.com/[1] http://10hn.pancik.com

teapot7 21 hours ago 1 reply      
I guess I do ask for money for this, but it's pretty overengineered and I wrote it knowing that nobody wanted or needed it:

Long ago, when Sun workstations were new and exciting, I wrote a simple Roman numeral digital clock, which just showed the time in Roman numerals.

My friend, instead of admiring my cleverness, said "But that's not how the Romans told the time" - which is true. The Roman day started at dawn and finished at sunset, which meant that day and night length were different every single day, as well as in cities at different latitudes.

Several decades later I did something about it, and wrote it up as a mobile app which showed either the modern time or optionally the Roman time.

Then I made it use the Roman calendar, where you don't have individually numbered days of the month, but count instead how many days until the next Kalends (start of the month), Nones (fifth or seventh day) or Nones (thirteenth or fifteenth day), even if it occurs in the next month.

Then I thought I might as well go all the way, and spent more money than I would ever earn from it on having the help text translated into Latin, just in case any ancient Roman time travellers wanted to use it.

A waste of time and money, but one which made me happy.


codeplea 1 day ago 0 replies      
I have a lot of projects like that!

https://f5bot.com - Social media monitoring. It can email you when your keyword (e.g. company name) appears on Hacker News or Reddit. I don't have any plans to monetize it. I just made it as a small fun project.

Also, like many here, I've made a bunch of open source software for no reason other than the joy of it. Don't ever see that changing. https://github.com/codepleahttps://github.com/tulipcharts

cknight 1 day ago 1 reply      
I built https://suitocracy.com very slowly over the last few years. It is for collating information on the ethical conduct of large corporations, as well as rating and ranking them on various criteria.

It'll never make money, but it has been a good project for me to modernise my web development skills which had gone rusty over the preceding decade. I also took the opportunity to learn NGINX and a few other things that I hadn't really been exposed to beforehand.

rayalez 1 day ago 1 reply      
I occasionally create digital art:


and make video tutorials about it:


Computer graphics is still by far the most fun hobby I've ever had, I absolutely love it, it's like the most engaging computer game you can imagine times 100.

There's not much profit in making art(unless you want to do it professionally), but it's an awesome way to spend my free time, and sometimes it generates some ideas I like to share on youtube.

If you want to get into it, I highly recommend checking out SideFX Houdini. It's a bit technical, but extremely powerful and well designed 3D software, kinda like emacs of CG applications.

chubot 1 day ago 2 replies      
I'm building a new Unix shell called Oil: http://www.oilshell.org/

It's definitely not making me any money. I would say the motivation is a little bit "joy" / learning, but also frustration that shells are so old, unintuitive, and work so poorly.

I've been going for about 16 months and it's still fun, so that's good. I think that seeing progress is what make things fun.

neya 21 hours ago 1 reply      
This is my current project: https://news.ycombinator.com/item?id=14785209. It's too long to describe in a sentence, but, it's essentially what I call it the mother of all software (internally). I created it out of pure annoyance towards many of the popular services such as Wordpress, MailChimp, Hubspot, Shopify, Unbounce who had screwed up some aspect of their tools. So, in essence this is a combination of all those softwares under one roof.

Here are some things you can do with this software:

1) Research your market, find out your target audience

2) Integrate with analytics tools and understand your users

3) Automate your marketing strategies

4) Maintain a central data warehouse

5) Maintain multi-domain content properties such as blogs, websites, news portals, etc.

6) Host online trainings, build a student list

7) Etc. (read the link: https://news.ycombinator.com/item?id=14785209)

I've been working on it over 3 years now, while trying to jump from one web framework to another. Finally, I've settled down on Phoenix. This project alone has helped me learn so many programming languages and also helped me gain more experience as a programmer in general, while simultaneously being able to integrate new tools and platforms into my pipeline - This is how I learned React, VueJS, Brunch, Google Cloud, etc.

At the moment, I've built this only for myself, just to support and test out my startup ideas. I am thinking of open-sourcing it at some point, at least the core functionality.

But as of now, there's nothing else I enjoy doing on a weekend than working on this project :) (also why I'm still single)

dogas 1 day ago 1 reply      
I built + maintain todolist[1] which is a GTD-style task management app for the command line. It's getting a bit of traction now which is pretty fun. It got a ton of upvotes on Product Hunt which was really cool to see[2].

I have very loose plans to monetize via a paid subscription for syncing with other devices / phones, but there will always bee a free / open source version as well.

[1]: http://todolist.site

[2]: https://www.producthunt.com/posts/todolist

aroc 23 hours ago 1 reply      

A way to motivate people (including myself) to exercise with a chat bot that tracks your progress.

Originally built it to track how often I worked out, and if I didn't, what the reason was and have that reported back to me regularly. Now I have a bunch of people using it, but as you can imagine, makes me zero dollars. Well, technically it costs me money so it makes me negative dollars.

vanderZwan 1 day ago 2 replies      
It doesn't have to be a full project, right? Do random drive-by PR-requests to open-source projects count?

A few months ago I ended up scratching an optimisation itch for weeks, trying to figure out ways to make the lz-string[0][1] library faster and smaller. Near the end I went a bit nuts with trying out what works, methinks (nested trees built out of arrays and such), but I had a lot of fun.

It's not even my library, nor did my PR request get accepted/rejected yet. It did however make the compression up to 2x to 10x faster, depending on how well the data compresses.

And hey, I now have an intuitive understanding of LZ compression that I never thought I'd have!

Since a few days I've been working on writing a component for idyll[2] that lets you embed p5js sketches[3]. Progress here[4][5].

[0] http://pieroxy.net/blog/pages/lz-string/index.html

[1] https://github.com/pieroxy/lz-string/pull/98

[2] https://idyll-lang.github.io/

[3] https://p5js.org/

[4] https://github.com/idyll-lang/idyll/issues/117

[5] https://jobleonard.github.io/idyll-p5/

apankrat 1 day ago 0 replies      
A networking IO abstraction library in C - https://github.com/apankrat/tcp-striper

Based around an idea of IO pipes with minimal semantics (duplex, reliable, ordered) that they can then extend to implement other traits like IO buffering, atomic send, packetization, compression, encryption, etc. [1]

This then allows merging together pipes of different types (by attaching the output of one to the input of another), which combines their traits and yields, for example, a reliable datagram carrier with in-flight compression.

With this it also becomes possible to write a simple IO bridge [2] that relays both data _and_ operational state between two pipes. The bridge in turn can be used to implement all sorts of interesting things, e.g. proper TCP relay, SSL tunneling proxy, TCP trunking proxy, etc.

[1] https://github.com/apankrat/tcp-striper/blob/master/src/io/i...

[2] https://github.com/apankrat/tcp-striper/blob/master/src/io/i...

nfriedly 1 day ago 1 reply      
Everything to do with cryptocurrency! I wrote trading bot that was actually making a small profit - and then the exchange got hacked and took all of my coins & dollars with it :(

I've started to get into Ethereum and Solidity recently, but mining even a few coins just to have gas money costs more in electricity than they're worth. I'm letting my desktop mine anyways, but when I reach my pools payout threshold in a week or two (it's got a 3-year-old GPU), I'll probably kill the mining. (I know I could just buy some ETH with USD, but that's probably even more expensive and somehow feels different.)

(To be fair it hasn't been all negative - I bought a copy of the game Portal with the first bitcoin I ever earned, and a Kindle with the second bitcoin. But looking at it from a strictly money perspective, I'm definitely in the hole. In theory, it will be positive eventually.. but I'm still not sure exactly how.)

TamDenholm 1 day ago 4 replies      
I'm grumpy, i dont like christmas: http://whychristmasisbullshit.com/
jtruk 1 day ago 3 replies      
130 Story - a daily microfiction challenge.


I started this as a Twitter game a few years ago; it felt like a compact idea with a good hook. Earlier this year I automated it- so it picks its own words and collates the stories on the website itself (mostly successfully).

It doesn't have a big following, but the people who play are passionate about it. Some people play every day, and the most prolific author has written ~650 of them.

I've seen people get better as writers, some experimental stuff (like an improvised longform story built over many daily prompts), and occasionally I see a microstory that knocks it out the park. That makes it worthwhile.

beilabs 23 hours ago 1 reply      
Late arrival to this thread. One of my projects involve working with local female co-operatives in Nepal and help them sell their hand made products around the world. Paypal doesn't operate here, merchant services for international cards are impossible to get. They don't understand technology in any way and there is a lot of hand holding.

The site is https://www.pasatrade.com

We make no money off of this, I operate it at a loss, but each and every sale gets more money back to the women who really need it; a few extra dollars here and there can really make a huge difference in Nepal. The interesting part is they make more money on each sale through us than they do locally or selling through Fair Trade channels.

jjjensen90 1 day ago 1 reply      
I run/develop/manage a private MMOARPG game server for a dead game called Hellgate: London that we call London 2038. You can see more about it here http://london2038.com

Not only do I not make money on the project, it actually costs me money! :)

I have seemingly undying motivation to work on it, knock out bugs, release patches, catch cheaters, etc. The community being so active and excited helps keep me going. I probably spend 30-40 hours of week on the project.

Edit: grammar

dzenos 14 hours ago 0 replies      
Building https://tuiqo.com to try and solve a document versioning problem. We realized that even though we created a new way to do document version control and avoid "v1.doc, v2.doc, final_final.doc" problem; people won't switch to it because of lack of options such as formatting tools or any other pure editor features. We are thinking of possible pivots we could try out and we obviously don't have a product-market fit.
nikivi 1 day ago 1 reply      
I am working on a community curated search engine to learn anything most optimally :


Everything is open source and is MIT licensed, both the search engine and the entire database it searches over.

There are however many things that we can still do to take this idea further. Hopefully more people join to help us with that. :)

anfractuosity 1 day ago 2 replies      
A few of mine:

https://www.anfractuosity.com/projects/painting-a-christmas-... - 'painting' the LEDs on my christmas tree.

https://www.anfractuosity.com/projects/optical-magnetic-stri... - optically decoding data from magnetic stripe cards.

https://www.anfractuosity.com/projects/zymeter-simple/ - a rather unsuccessful attempt at measuring specific gravity.

https://github.com/anfractuosity/musicplayer - playing .wav files via RF emissions from a laptop.

edhelas 16 hours ago 0 replies      
Movim, a social network project built on XMPP https://movim.eu/. I'm working on it for 9 years already and starting to have a nice little community using it daily.

I'm really enjoying developing Movim on my free time because I'm still motivated to show the world that we can have decent social-networks and IM solutions by using existing standard protocols (and not proprietary silos like today).

domainkiller 1 day ago 3 replies      
Nomie! https://nomie.io The easiest way to track any aspect of your life.
yogthos 1 day ago 2 replies      
reagent 1 day ago 1 reply      
I built this dead-simple "image enhancing" app (http://en.hance.me) to focus in on potentially embarrassing details in photos. It allows you to specify a zoom area and create a 4-panel stacked image that progressively "zooms in" on your target area.
overcast 1 day ago 2 replies      

Sharing funny kid quotes.

Been going for years, not a whole lot of traffic, but the family loves it (that was the intention). Recently migrated from a severely aging kohana/mysql backend to express/rethinkdb.

cozuya 1 day ago 2 replies      
My web adaptation of the social deduction board game Secret Hitler: https://secrethitler.io

Pretty fun, don't get to do much back end stuff so its a learning process. Its creative commons so can't make $ off it but the $10/month digital ocean box is doing fine. About 100 players on at peak and always games going.

albahk 1 day ago 0 replies      
Free OpenStreetMap Data extracts (be kind, it is a rushed POC at the moment)


I have created a free site containing extracts from OpenStreetMap data. Unlike the metro extracts sites (Geofabrik, Mapzen), my goal is to extract specific datasets such as buildings, schools, hospitals, fast food restaurants etc from OSM rather than standard map/gis data.

My overall goal is to make the extracts available, and then to encourage people who use them and get value to actively update OSM to improve the quality of the data they are interested in. By doing this, the overall quality and coverage of data in OSM should (in theory) be improved.

expertentipp 1 day ago 0 replies      
Dead simple personal website in Python and plain JavaScript with contact form, URL shortener, private bookmarks, etc. It's my own territory and I do what I want! fuck unit tests, fuck linters, fuck commit messages length limit, fuck your newest web framework, fuck transpilers, fuck pull requests.
mimming 1 day ago 0 replies      

I fill out those 'other comments' on order forms with a request for a dinosaur drawing.

lawrencewu 1 day ago 1 reply      
I created Juicebox, which lets you listen to youtube/soundcloud songs with other people: https://www.juicebox.dj/

I have made no money off of this. In fact, I've probably paid hundreds in hosting/domain fees. But I love what I've built so far and use it everyday with my friends. Please check it out, I'd love to hear any feedback!

monkey_slap 23 hours ago 0 replies      
Working on a GitHub iOS app to make managing GitHub projects easier. Fun part is now that it's shipped I'm using it to manage itself.


Turning this into more of a social experiment now, seeing where he community wants to take this. Publishing download reports and stuff.

Even made a landing page.


jesses 1 day ago 1 reply      
https://gigalixir.com After falling in love with Elixir, Phoenix, Ecto, etc I built this to help increase Elixir adoption by solving the biggest pain point I saw: deploying.
laktak 22 hours ago 1 reply      
I started http://hjson.org as a JSON for humans interface but I constantly run into the "I love it but I'll wait until it's used by more people" problem.
dumbfounder 1 day ago 1 reply      
Twicsy (Twitter picture search) still gets around 1.5 million visitors per month, but nets no money. But I wouldn't call it sheer joy though, maybe sheer stubbornness?


GenKali 21 hours ago 1 reply      
NextTrain: https://www.nextrain.co.za

We have a fledgling train system in the Gauteng area of South Africa (this area includes Johannesburg and Pretoria). However, the only way to see train schedules is via a PDF (2MB) buried deep on their website.

This was a quick weekend hack to show when the next train is for each of the stations, and some additional info.

preinheimer 1 day ago 1 reply      
Global Ping Statistics - https://wondernetwork.com/pingsWe have ~240 servers world wide, we get them all to ping each other every hour, and record the results.

We've been generating them for years, they're a pain to store, we've made $0 with it. But I really like the data we're getting. We recently moved a lot of the legacy data into S3 to save our own backup & restore process ( https://wonderproxy.com/blog/moving-ping-data-to-s3/ )

jonberk218 11 hours ago 0 replies      
This is probably going to be buried but YES, my weekly newsletter The Random Roundup(https://tinyletter.com/randomroundup)Granted, down the line I may be able to leverage the audience for something but right now sharing the gems I find while hitch hiking the internet is so awesome I'd probably even pay to do it.
jetti 1 day ago 0 replies      
All of my Elixir open source projects:

 * Plsm - https://github.com/jhartwell/Plsm - which is an Ecto model generator based on existing schemas * Taex - https://github.com/jhartwell/Taex - A technical Analysis library for Elixir. 
I'm also in the process of writing a GDAX (https://gdax.com) Elixir library but won't open source that until it is more complete. I'm using that and Taex in a cryptocurrency algo trading platform I'm developing.

abhisuri97 13 hours ago 0 replies      
A chrome extension to help visually impaired individuals see images http://abhinavsuri.com/aat
jakobegger 7 hours ago 0 replies      

It's a database of roman stone monuments. We have 50000 photos of 27000 stones. The content is collected by two retired archaeologists who travel Europe in their Volkswagen bus driving from museum to museum. After funding for the project dried up, I volunteered to make the new website.

The page is in german, but the pictures speak for themselves. For example, have a look at this query for my favorite mythical hero:http://lupa.at/queries/691886695

kadirayk 1 day ago 1 reply      
http://apimockery.com/ - API Mocking as a Service

I built it to learn React and brush up my Go skills. I occasionally add new features.

It makes $0 now, but I plan to earn 10$ a month before my amazon free tier expires :)

CiPHPerCoder 1 day ago 0 replies      
Virtually everything in the paragonie namespace on Packagist generates zero revenue, but we built and maintain them because we want to make the PHP ecosystem more secure by default.


luked22 8 hours ago 0 replies      
Well i'm hoping to turn them into money making projects but I enjoy just building in general so here is my list:


Nothing special in these but I use it mainly to learn new languages and frameworks, especially in the backend

epx 1 day ago 1 reply      
Morse code player: https://epxx.co/morse

Koch method to learn Morse: https://epxx.co/morse/koch.html

jrm2k6 1 day ago 2 replies      
I started working on iparklikeadumbass.com. The idea is for me to upload pictures of people parking like idiots, blur the license plate and just have it out there. I know I wont make any money of it but it is a good way of preventing road/parking raging.
JavaScript for People Who Hate JavaScript zachholman.com
420 points by ingve  2 days ago   324 comments top 30
cel1ne 2 days ago 14 replies      
Background: I learned Javascript 1997 and kept up.

I have extensive experience in ES6/React for the browser and Java/Kotlin for Server-, Desktop- and Mobile-Apps.

A week ago I switched a fairly new project from the usual setup (react/babel/webpack) to Kotlin-code only. My IDE compiles the Kotlin to JS now and webpack serves it as usual.

Writing the react-bindings took me an hour, after that my productivity went up by about 10.000%.It's finally on par with my productivity on server and desktop. No type errors, fast refactoring, no "undefined" errors and all the goodies (extensions) of Kotlin.

Removing the complex eslint settings and babel-setup from webpack and package.json felt triumphant.

My JSX looks like this now and is completely typesafe:

 val LieferungenList: (props: ListProps) -> ReactElement = { Datagrid { div { className = "..." ... } TextField { source = "date" } TextField { source = "produktname" } EditButton { } } }
I even get compiler-errors when I nest HTML-tags the wrong way (h1 inside h1) or so.

I couldn't be happier. I'll never touch plain ES6 again.

sametmax 2 days ago 7 replies      
TL;DR: JS with a ton of make up and tooling to not write JS is not as horrible as it used to be.

Well. That doesn't make it awesome either.

You just traded some problems for others.

Like the damn source map never working correctly, the build time being longer and longer, and the never ending list of plugins you expend every day after stumbling on yet another small-minuscule-not-that-important-I-swear detail.

The tool chain you spend more and more time on, despite all the "5-minutes" bundles provided by facebook or on githubs.

Explaining things to new comers has never been as difficult as it is now. Teaching is a pain.

Choosing your stack is a dangerous bet, and the odds and steaks are changing all the time.

If you opt-in for a flux architecture, you will soon write Java-as-in-the-90 on the frontend instead of Javascript, with so many adapters and design patterns as layers you will become angry.

If you don't (you-totally-don't-need-redux-to-use-react-guys) then most documentations and tutorials will not answer your questions, and you are own your own solving every single problems. Even the simplest ones, like redirecting on a route after data changes and closing a panel at the same time.

"Libs, not framework" means you need to relearn everything, rewrite a lot of code, tests and doc and renew maintenance for each new project. Meanwhile nobody agree on what a the proper stack is.

JS, despite all the paint on the rust, still has the old gotchas. This is still weird. ";" is still auto inserted. "==" still compares like nothing else. Errors come in different so many different forms it's not funny. Basic maths assumptions like commutativity are out of scope. Still no namespaces, but instead we use monstrosity like webpack and incompatible import systems to encapsulate things. Stdlib still doesn't have essential things like hashing, string/date formatting or encoding. Even basic operation like removing an element from an array using an index is a pain.

No, I'm sorry, JS has not become awesome. We just arrived to a point were we accepted we have everything to built with it and agree to pay the huge price for it. That's all.

Projects like vue.js makes me think there is still hope we end up with elegant tools from people who care. But right now I just embrace the madness and make money with it: all those poor customers don't realize the trap the current mindset lead them to, and I have so many solutions to the problem they should never have had to sell them.

pmlnr 2 days ago 4 replies      
Don't compare JS (or any language) to any other language - or any language to another language. People wrote a lot about it (Your language sucks because... - type things). JS is just another language.

The JS ecosystem is wild and moving way too fast, but even that is not really the trouble with it: it's that it's being overused.

He mentions DHTML at the beginning, which was the perfect example of using too much of something: mouse trailing bouncy balls with falling snow, my, I don't really miss those days.

Yet we're here in 2017 and React & Co. is crippling the web. Plain simple news or a blog site rendering with JS? AMP, loading megabytes of Javascript, claiming to speed up the web? When your product is text, how about you serve text and maybe only boost it or do analytics with JS? I know it's not fancy, but for a lot of sites out there, JS based rendering is completely unneeded.

In case of web apps... A little while ago I listened to a talk of front end colleagues, claiming that we'll speed up the site by async calling some blocks, so the initial content will get down fast and the less important ones will follow. When I asked if we're measuring the very end render time - the one that heats the CPUs, because you offload the rendering to the client, which can get quite stressful - the answer was 'no', mostly because nobody knows how to do it. I also asked about how screenreaders will work with this, and they thought I'm talking about mobile, which is extremely sad, and no, I'm unaware of any screenreader-friendly JS based app. (Screenreaders are the programs literally reading out the text for visually impaired.)

Google and FB offers fallback, HTML-only solutions to their services, because the realised their things don't work on slow connections and/or slow devices. Maybe this should be taken as a sign.

twii 2 days ago 8 replies      
Omg, so this guy thinks he knows why I'm hating Javascript? Well, it's definitely not because of the lack of types, or because without Prettier my code looks shit, neither would it be the lack of E6/ES7 features since I'm using Coffeescript 2. No, I hate Javascript especially for it's conitnuously changing ecosystem being forced upon you. You named Dan Abramov? Ah, the guy who deprecated almost all flux in favor of his own idea (Redux), or by deprecating React Mixins, because he thinks Mixins are bad, Higher Order Components is the new holy grail?

If I am looking for a job as a Javasript developer at the moment it is not about my coding skills, it is about my willingness to adopt all those hyped technologies, and the author of this article is just making it worse.

I also hate Javascript for all those people reading this that think I don't understand it yet, and are going to explain me how great ES6/ES7, Promises, and/or Typescript are. Please don't.

pbowyer 2 days ago 6 replies      
I've gone through the same experience this year, having picked up modern JavaScript, Angular2, TypeScript and RxJS for a project.

For me it was TypeScript that did it. I came to appreciate strong typing. And ES6, fixing the 'this' scope problems and with a conventional class syntax (I understand prototype inheritance is clever, but it's not the way I've been trained to think). I didn't get to use async/await for various reasons, but that looks to remove my third pain point (callback hell/promises/observables).

RxJS remains a mystery (I swear the API wasn't designed for humans) I use and hope it works, and combining code that use Observables with those that use Promises still wakes me up in a cold sweat.

But now going back to old territory (PHP, Symfony) I miss it. Yesterday's miss was union types. TypeScript has spoiled me.

golergka 2 days ago 1 reply      
It looks like the author didn't mention the main reason many of us hate Javascript: weak typing.

Weak typing is great for small-scoped project without a lot of business logic. But when there's a lot of data, a lot of assumptions about it, and, most importantly, these assumptions change A LOT during development - which happens all the time in game development, for example - strong typing is a godsend.

When I make a change in a strong-typed language, I deliberately make it in such a way that the code won't compile unless I complete it. If I can make something a compile-time instead of a run-time error, I do it (and that's why I dream of switching to Rust one day - on some game engine two generations from now, unfortunately). When I refactor something, I know that compiler will let me know if I forget to change it somewhere.

Compiler is my dearest friend. Compilation errors are his gentle hints that make my code better and prepare it from failing in user's hands. Without it, I feel lost and always on my toes. I have to write tests instead. I have to launch the project (which, when it uses a lot of resources, always has overhead) and test everything by hand. When I write a big project in Javascript, I feel like a minefield, unsure of what's broken and what's not.

I can't understand how people write serious, big projects in weak-typed languages.

agentultra 2 days ago 1 reply      
I was a Python developer for about 10 years before joining a startup that works almost exclusively in Javascript. I had to swallow my pride and make the best of it. I had a huge, smug chip in my shoulder.

ES6 has made the language tolerable. Enjoyable even. It has even been a decent medium for mentoring more junior developers who haven't had any exposure to functional programming in school. I can show them combinators, functors, applicatives without all of the usual ceremony in a more pure language. For that JS has been quite nice.

However for my own projects I just use GHCJS or Bucklescript and compile down to JS. Google Closure and Webpack are fine tools for shaking out the unused code and bundling everything up.

TazeTSchnitzel 2 days ago 3 replies      
I disliked JavaScript, but then I read JavaScript: The Good Parts, and I saw that with a bit of discipline* there's something quite pleasant underneath. It's a book that, rather than being focussed on telling you what not to use, instead shows you various approaches to programming with what you should use. If nothing else it'll give you food for thought and unlearn you of your worst beginner habits. Mind you, it's a dated book and ES6 added a lot to the language.

*don't listen to every suggestion of Crockford though; e.g. having to hoist your variable declarations is as obnoxious an idea in JavaScript as it is in C

eecc 2 days ago 2 replies      
Meh, all I got from this article is that this guy is writing a calendar app.

Perhaps that's the whole point of this post. ;)

mhd 2 days ago 0 replies      
My problem with the current Javascript culture (which definitely includes the React infospace) is basically the inverse how I felt about C++ back in the day. Then, in the early years of the second age, I felt that the libraries and frameworks I was using should use more of the then-current standard, like the STL, RTTI or whatever was hip and promosing back then.

These days, it seems that every feature that is semi-supported in at least one transpiler isn't just used (in various ways) but in fact begets a whole slew of libraries. Especially when we're talking about ways to circumvent the async-hole.

Other transpiled languages will either have the equivalent features, use lots of inline JS or ditch large parts of the ecosystem. While the latter would be possible if NewLangs standard library is big and good enough, I'm not feeling particularly optimistic about that.

Quite likely that C++ history will repeat itself: Just use the core language and a minimal library and do everything yourself (back then that was e.g. C++/Win32/ATL, not sure what it'll be for my future browser-based projects. Modula-3, I miss thee.).

GeneralMaximus 2 days ago 1 reply      
I primarily built frontend applications, so JavaScript is pretty much the only programming language I use on a daily basis. I'm not in love with it (although post-ES6 JS is quite pleasant to write), but I don't mind it as much anymore.

The reason? I feel like JavaScript is heading in the same direction as Java. The core language is highly flawed, which has resulted in the community developing build-time tooling and editor niceties to keep things sane.

In the future I expect to see more tools like Flow and Prettier, and existing tools and editors becoming smarter. I'm excited for improvements to JS as a language, but these days I'm more excited for new tooling.

kreetx 2 days ago 4 replies      
This probably comes off as said from an ivory tower, but I don't think it's the people from other untyped languages who hate JavaScript nowdays. ES6+ looks pretty good compared to Python/Ruby/PHP perspective, and it works in the browser!
inopinatus 2 days ago 0 replies      
I've gone through a similar experience with Rails 5.1 which has, having ditched jquery, gained support for webpack, babel, yarn, and vue.js (& react) instead; and thereby made writing JavaScript an order-of-magnitude less painful for me.

I feel that ES6 is a palace built on the ruins of a garbage dump and an odd stink still leaks through from time to time, but like the author, I can work with it now without loathing what I'm doing.

skocznymroczny 2 days ago 2 replies      
I switched to Dart few months ago, it actually makes JavaScript bearable. I never get to see the actual generated JS code.
manx 1 day ago 0 replies      
I also started learning JS in the DHTML era and wrote small games and toys for IE4. I did PHP stuff for almost 10 years and it was my main programming language. But at some point I stopped doing webdev, since the whole thing was a big mess and didn't seem to get better. I hated it. After a long break I decided to do another web project again and worked with Scala in the backend and Angular and ES6 in the frontend (about 2.5yrs ago). At first it seemed to be a lot better, but we ended up with another working but unmaintainable SPA. Adding new features required a lot of knowledge and was a pain. In this project I tried and failed to implement a solid Graph Library in JS. This motivated me to look at ScalaJS and write this library part of the app in Scala. It worked very well and I was amazed by the JS interop. From this point on I develop new web-apps with Scala in the full stack and am very happy with it. I suggest to try it yourself for the frontend, since it has a very similar syntax to JS.The type safety avoids most runtime errors and therefore painful debugging time. Compile times became a lot better recently.


The real power comes when you share your data structures and algorithms with the backend, get a type safe REST API and macro-based high performance json/binary serialization.

sAbakumoff 2 days ago 1 reply      
I really enjoyed the writing style of the article - "hottest shit on the street", "Its just a yarn install away", "DHTML was totally rad, like how the Budweiser frogs were rad."...just brilliant! Also gave me a good nostalgic feeling about DHTML..
simonlc 2 days ago 0 replies      
Lots of people relate ES2015 to giving us a better javascript, but the core language remains the same; the changes are just additions.

Building a tool chain can be an extreme pain in the ass because everyone is still experimenting, and trying to make the web better. Things like web workers, hot module reloading, and code splitting are relatively new, and don't have mature tools or patterns. Yes it's hard to learn, and yes it takes a lot of time, but once you learn a few tools you can keep using them over and over. I've been using gulp and browserify since 2011, and recently switched to gulp+webpack for code splitting, and HMR, and the switch couldn't have been easier.

finchisko 2 days ago 2 replies      
I'am huge fan of JavaScript and personally don't like both Ruby and Python, but would never write an article titled: "Ruby/Python for People Who Hate Ruby/Python". I just don't use them. Writing such a article is IMO arrogant and bad for your karma. I understand some programmers are forced to use JS against their will (because there is not other person for the job), but if you hate JS and you're not forced to use it, please just don't use it and then you don't have to write such a negative and opinionated articles.
DonHopkins 2 days ago 0 replies      
The best way to truly hate something is to know it very well.
mr_ali3n 2 days ago 0 replies      
Sorry, not trying to be a d*ck here but I don't get the point.

You said you don't like the NodeJS eco system as you need to install thousands of packages to get your work done whereas on the other hand, your find CRA which uses tons of NodeJS packages to get the work done.

Secondly, code splitting, Babel, bundling has nothing to do with CRA, they are just standalone packages which works well together.

Third, "Whats more, updates are great. Its just a yarn install away.", Isn't this something which NPM does as well?

Syntax - Again, nothing to do with ReactJS, it's babel which comes with polyfills.

So am just curious here to understand that how exactly CRA changed your mind where 90% of what you are doing is pure JS and has nothing to do with ReactJS?

rcarmo 2 days ago 1 reply      
I've been using Node 8 again after a few years of staunchly avoiding it, and the pain of selecting the right kind of libraries to use async/await sanely without having to massage promises (and .then()) is still there - in that sense, I feel very much like that cat with the strawberry beret on the article heading...
tchaffee 2 days ago 0 replies      
One thing I like about the more quirky languages like JavaScript and PHP, or even the far less quirky but still dangerous C language, is that they force you to write good tests. You don't get the false sense of confidence some other languages give you. I'm still not positive if static types are a poor man's test suite, or if a test suite is a poor man's static types, but I find tests are far more flexible and great at describing intent.
vmware513 2 days ago 1 reply      
Interesting, because Create React App is fairly new tool, however Ember CLI gives you the same thing for years now... so JavaScript World was always cool, at least for Ember.js developers. ;)
swlkr 2 days ago 0 replies      
The latest js tooling is certainly light years ahead of where it was last decade, but it's a double edged sword, because now it takes a lot more effort to get something going.

Indie hackers like myself are still better served by vanilla rails + turbolinks, it gets you something that feels fast wtih a lot less effort.

tambourine_man 2 days ago 1 reply      
This guy's got a great sense of humor. I pissed my pents with the linked[1] 1x1.gif article.

Or maybe I'm just as old as he is.

[0] https://zachholman.com/posts/only-90s-developers/

peterbe 2 days ago 0 replies      
lopatin 2 days ago 0 replies      
> [Prettier] Its basically like gofmt for JavaScript.

Gotta mention jsfmt, which is actual gofmt for JavaScript. Awesome tool, hasn't been updated in a while though. RIP Rdio.


vitomd 2 days ago 0 replies      
If React or Vue.js dont click for you try Riot.js https://github.com/riot/riot Its a minimalistic js library with a lot to offer.I made a tutorial some time ago, I think it could give you a glimpse about what you can do http://vitomd.com/blog/coding/hello-riot-js-quick-tutorial-a...
davidreiss 2 days ago 0 replies      
People either hate javascript with a passion or they love it with religious zeal.

Maybe it has to do with the fact that it's used mostly for web programming? But geez, there seems to be no middle ground when it comes to javascript.

But it doesn't come close the division over Perl. Yikes.

dmitriid 2 days ago 4 replies      
Javascript is only going to get worse. Much worse. TC39 proposal "process" is driven by a never-ending self-congratulatory circle-jerk. Any concerns are dismissed with "people on TC39 discussed it, they know better, how dare you question their wisdom".

While there's still time, escape to TypeScript (though it will be flooded by crap from TC39 soon enough), ClojureScript, Kotlin, Scala.js, Elm, Purescript

The Google memo isnt sexist or anti-diversity, its science theglobeandmail.com
585 points by 20100thibault  2 days ago   627 comments top
Ajedi32 2 days ago 11 replies      
Not much new here. This article is essentially just re-affirming all the scientific statements that were already made in the original memo, backed by links to scientific studies.

Only difference being that the author of this article has a PhD in sexual neuroscience (so people might have a harder time accusing her of not knowing what she's talking about) and is female (so some people might have a harder time of accusing her of sexism).

Why GitHub Can't Host the Linux Kernel Community ffwll.ch
382 points by okket  2 days ago   230 comments top 22
clarkevans 2 days ago 3 replies      
As I understand, Daniel Vetter is proposing a "monotree" as a source code control pattern where a monorepo (and its branches) is not the primary place where development is done, but is rather where works are integrated from subordinate repositories. In particular, he's asking for GitHub to support coordination (issues and pull requests) spanning upstream repositories that are indicated by a particular change request.

I was hoping to see discussion of the merits of this proposal here on HN... not a regurgitation of Torvalds' positions and personal demeanor. What other projects use a monotree? does it work well? How do those projects coordinate changes across subordinate repositories?

jacquesm 2 days ago 3 replies      
I'm fine with that. Github is 'too large to fail' already, adding the Linux kernel to the pile and forcing the kernel team into Github's workflow are two big negatives. It would be great for Github but bad for everybody else.
snakeanus 2 days ago 6 replies      
I can't really see the obsession that everyone has with centralised and closed services like github. We need to start moving away from them, not move more projects to them. Mailing lists and NNTP make decentralisation quite easy while being open standards and without having the need to have any account in any centralised service, why drop all these features away?
mi100hael 2 days ago 4 replies      
There's also Linus's personal aversion to how GitHub implements many opinionated workflows.

 > I don't do github pull requests. > > github throws away all the relevant information, like having even a > valid email address for the person asking me to pull. The diffstat is > also deficient and useless. > > Git comes with a nice pull-request generation module, but github > instead decided to replace it with their own totally inferior version. > As a result, I consider github useless for these kinds of things. It's > fine for hosting, but the pull requests and the online commit > editing, are just pure garbage. > > I've told github people about my concerns, they didn't think they > mattered, so I gave up. Feel free to make a bugreport to github.

mmagin 2 days ago 3 replies      
I imagine after the Bitkeeper fiasco, Linus and others are disinclined to become dependent on a proprietary service.
liaukovv 2 days ago 5 replies      
This font gave me a headacheWhy not write with white on white? It would be so stylish
mpd 2 days ago 0 replies      
Frankly, I think the Linux kernel is too important to even consider subjecting itself to the Github T&C, community guidelines, etc.
monorepoman 2 days ago 2 replies      
Lost me at "And lots of people learned that monorepos are really painful, because past a certain size they just stop scaling." Plenty of counterexamples of monorepo projects much larger than Linux kernel.
ericfrederich 2 days ago 2 replies      
Someone desperately needs to come up with an open source replacement for GitHub that is completely decentralized. Sure GitLab exists and the repo is decentralized since it's Git, but issues, merge requests, comments, etc aren't Git based (though they could be)
hyperion2010 2 days ago 0 replies      
Here is another overview of how the kernel uses git and why no emails is simply not possible (or sensible). https://www.youtube.com/watch?v=vyenmLqJQjs
tomschlick 2 days ago 1 reply      
The kernel seems better suited to something like Phabricator instead of Github. Keep Github simple and clean for our "normal" projects.
taeric 2 days ago 1 reply      
I actually really like the MAINTAINERS file. Keeps the metadata literally in the repository and doesn't rely on an external system.
shmerl 2 days ago 0 replies      
Is there some similar reason why Debian doesn't use more convenient bug tracking system that would allow a Web frontend?

I don't mind periodically using reportbug, but using something like Bugzilla is way more convenient.

vbernat 2 days ago 0 replies      
Not mentioned in the article, but work is also coordinated by maintainers with the use of patchwork. For example, for the network subsystem: http://patchwork.ozlabs.org/project/netdev/list/. This enables tracking the status of a patch and not loose them.
TheChosen 1 day ago 0 replies      
I love using GitHub, but there is an established process and home for the kernel that works and I see no reason to change it.
IceDane 2 days ago 0 replies      
This website is completely fucking unreadable on mobile. But hey, at least it's stylish or something.
web007 2 days ago 1 reply      
> Please support pull requests and issue tracking spanning different repos of a monotree.

Issue tracking you can already file against one or more repos and link them together. It's not ideal, but it'll do the job.

Is "pr against different repos of a monotree" not what submodules let you do? Update whatever things you want in whatever repos, and pull the submodule pointer update(s) as a single change in your monotree repo.

feelin_googley 2 days ago 1 reply      

Why does this blog need to be whitelisted with Adblock Plus? See data-adblockkey in HTML source. Are there any ads in this page? (Maybe owner wants revenue from domain parking?)

Why is this blog not working with simple user agents that do not process javascript (e.g., curl, etc.)?

mcs_ 1 day ago 0 replies      
> Like pull requests, issues can be relevant for multiple repos, and might need to be moved around

Not sure about the Linux kernel (no enough experience) but same issue across multiple projects looks something necessary...

Boothroid 2 days ago 0 replies      
Ugh that font is unreadable on my phone.
linkmotif 2 days ago 1 reply      
Oh wow, the MAINTAINERS file is a work of art: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/lin...
hgdsraj 2 days ago 0 replies      
Can we get a trade on this font, gosh it's bad. Color and weight both need to be increased. Seriously #00000 on #FFFFF makes life easy with a font weight of at least 400
Americans Are Dying Younger, Saving Corporations Billions bloomberg.com
311 points by mcone  2 days ago   306 comments top 15
buserror 2 days ago 14 replies      
I've been saying that for years. Here in europe, the reason the life expectancy is high is that it's based on people who die today at ripe old age, many of them having been retired 30 years, sometimes more... They are 85+, and they drag the mean age of death thru the roof.

When THAT lucky generation is gone, I think statisticians will realise that their children are /nowhere/ near as lucky, and I'm pretty sure the life expectancy number will fall off a cliff.

I don't have anything to back it up mind you, but raising the age of retirement, more stress related to job stability, whatever, you name it; it's just empirical but I've seen a lot of people in my environment die in their 60's -- many of them who had a perfectly 'sane' way of life.I know what you are thinking, many more people will die at 60 then will die at 90, but I'm still pretty sure there's some underlying pattern here.

Also, I do have a vague impression that making access to the NHS more difficult PLUS raising age of retirement EQUAL MOAR PROFITS for someone, somewhere.

Mahn 2 days ago 6 replies      
I have this theory that in a couple decades or three most of the developed world will enter a health crisis, as everyone will suddenly realize that we've been eating and drinking like shit for a long time. Almost 3/4 of what you can find in your average grocery store today has unnecessary amounts of sugar, salt and/or chemicals added and no one seems to care. Someday we'll look at the food we eat now like the way we see tobacco today.
gthtjtkt 2 days ago 0 replies      
Reminds me of this article from The Atlantic last year:

> For the last several months, social scientists have been debating the striking findings of a study by the economists Anne Case and Angus Deaton. Between 1998 and 2013, Case and Deaton argue, white Americans across multiple age groups experienced large spikes in suicide and fatalities related to alcohol and drug abusespikes that were so large that, for whites aged 45 to 54, they overwhelmed the dependable modern trend of steadily improving life expectancy. While critics have challenged the magnitude and timing of the rise in middle-age deaths (particularly for men), they and the studys authors alike seem to agree on some basic points: Problems of mental health and addiction have taken a terrible toll on whites in Americathough seemingly not in other wealthy nationsand the least educated among them have fared the worst.


sddfd 2 days ago 2 replies      
The absurdity is that life insurance/pension companies assume live expectancy is actually rising.

The company providing my pension fund estimates my life expectancy to 114 years - a fantasy number, albeit one that /increases/ my monthly payment and /decreases/ my expected pension.

bmc7505 2 days ago 1 reply      
But wait, there's good news: If you don't die quickly enough, they'll help!

Taking too long to die: Some 'terminal' patients can lose hospice benefits: http://www.news-press.com/story/news/2017/07/28/too-long-die...

twoquestions 2 days ago 9 replies      
Now I'm imagining our economy like some cruel volcano god, demanding blood in exchange for temporary safety. "People's lives are getting worse, look how much money that's making us!"

It's as if people exist only to make money, actually making people's lives better be damned. I doubt people will tolerate such a vampiric system for much longer, especially if it doesn't feel the need to conceal it's fangs anymore, and what comes afterward keeps me up at night.

joosters 2 days ago 1 reply      
I don't get it. The article does not say that life expectancies are decreasing. It says that they are still increasing, just not as fast as they were a few years ago. But the article (and most of the comments) seem to think it means that people are dying younger. That's not what the data is saying.
albertgoeswoof 2 days ago 1 reply      
It's difficult to predict mortality rates. Advanced healthcare techniques (e.g. CRISPR) could completely eradicate entire classes of diseases (kind of like how anti-biotics and vaccinations changed healthcare completely), or they could lead to nothing.

So we might find that the average age of death jumps up by 20+ years in the next 50-60 years (just like it did after WW2).

Nuclear war aside we almost certainly won't see a drop in the average age.

SamBoogieNYC 2 days ago 1 reply      
This headline is mindbogglingly dystopic and crass
emodendroket 2 days ago 2 replies      
Good news, everyone.
maaaats 2 days ago 4 replies      
How does the pension system in USA work? Do the companies pay you a small salary after you retire? It reads like that. In that case, what about the place you worked until you were 40, are they still on the hook? What if the company closes down?
swah 2 days ago 6 replies      
I never understood why everyone is against smoking if it saves those corps money in the long run.
Chardok 2 days ago 2 replies      
Its not hard to see why exactly Americans are dying younger. Hell, just look at the headline here.

When you have increased wealth concentration flowing upwards and more involvement of profit machines in people's lives (healthcare, correctional facilities, food, environment), people on average are working harder for less pay with increased cost of living. This means less recreational time to blow stress off, less time for doctor visits (not to mention the fun games our federal government is playing with healthcare), and less time/money/emphasis to treat yourself spiritually/psychologically. I am hardly surprised this equates to higher mortality rates.

America has a huge problem spending money on the betterment of its citizens, and it is starting to show.

mathattack 2 days ago 0 replies      
Looking at the chart, it seems like they're reading an awful lot into 1 or 2 data points. It's very noisy data.
Shivetya 2 days ago 2 replies      
purely anecdotal, but when my Doctor tells me he cannot tell fat people to diet because bad surveys affect the reviews of Doctors and their hospital; surveys from both government and insurance companies; it should be a clear indicator we are doing something wrong. He cannot connect their diabetes to their weight, only suggest what foods would help manage their diabetes without crossing the line into mentioning weight management.

what are people's actual expectations for how long they should or can live? I am at the age where I am not seeing relatives who I grew up learning from passing on, I am even having coworkers pass on. Perhaps I notice it more when people younger than I go.

Critical security updates for Git, Subversion and Mercurial marc.info
348 points by mnw21cam  19 hours ago   122 comments top 20
jjnoakes 14 hours ago 2 replies      
It's interesting to me that the fix was pattern matching the ssh hostname and banning a starting hyphen, rather than (say) passing "--" to ssh to signal the end of the intentional options so a hostname of "-oProxyCommand=whatever" is interpreted by ssh properly (as a hostname which can't be reached, instead of as a rogue argument).

I thought this was a fairly well known way to pass arbitrary strings to commands and ensure they aren't interpreted as options (for commands which honor "--", like ssh does).

icc97 16 hours ago 7 replies      
Kudos to Chocolatey on Windows, they immediately updated their Git package [0] to v2.14.1, so a simple `choco upgrade -y git` gets me up to date. If only life on Windows had always been this hassle free.

[0]: https://chocolatey.org/packages/git

skj 15 hours ago 0 replies      
Report from the person who discovered the vulnerability: http://blog.recurity-labs.com/2017-08-10/scm-vulns
innocenat 16 hours ago 1 reply      
Just a note for everyone on Ubuntu, the fixed version for Ubuntu 16.04 is git v2.7.4-0ubuntu1.2 [0].

[0]: https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2...

jomar 15 hours ago 2 replies      
A "ssh://..." URL can result in a "ssh" command line with a hostname that begins with a dash "-", which would cause the "ssh" command to instead (mis)treat it as an option.

It's a shame, because the Git dispatching code ought to be able to invoke the ssh command via

 ssh -p 22 -etc -etc -- <hostname>
to prevent interpreting options in <hostname>, thus defusing the in-band signalling causing this. But I suppose it can't depend on every ssh implementation understanding this "--" POSIX utility syntax guideline.

bburky 15 hours ago 0 replies      
Wow, git's url bugs always seem to become easily exploitable due to .gitmodules.

I found CVE-2015-7545 a few years ago, a malicious URL using the ext:: scheme could cause code execution. It was only easily exploitable because you can ask the client to fetch any URL you want via git submodules. (This vulneriblity was fixed, and since then the entire ext url scheme was disabled by default.)

aroberge 14 hours ago 0 replies      
This may be of interest to people using git on Windows and have malwarebytes installed.

I tried to install a new version and found I could not as there was another version that was present. Git did not appear anywhere as a program to uninstall. I tried to delete it (from an admin account) and it failed with an access denied - and no other information.

The solution was to use LockHunter (https://lockhunter.com/) which informed me that malwarebytes was the program preventing me from deleting it. Using LockHunter, I removed the lock and successfully removed the old version of git.

rubayeet 16 hours ago 1 reply      
At the time of writing this, no official binary release for Mac[0], you have to build from source.

[0]: https://git-scm.com/download/mac

megous 6 hours ago 0 replies      
A lot of the time people use git to get source code to build and run on their computers. You can probably hide a nefarious code in many places, where it would be less noticeable, too, like pre-generated configure/Makefile.in scripts. I don't think anyone reads those. Another reason to welcome those new simpler configure/build systems like meson/ninja.
chungy 10 hours ago 0 replies      
> * In the same spirit, a repository name that begins with a dash "-" is also forbidden now.

This will negatively affect https://github.com/nasser/---

HeadlessChild 15 hours ago 0 replies      
Fix has landed for Debian Jessie/Stretch in the security repo


captn3m0 16 hours ago 0 replies      
Arch Linux has the new package in testing: https://www.archlinux.org/packages/testing/i686/git/
cyphar 16 hours ago 0 replies      
This was already submitted earlier today (https://news.ycombinator.com/item?id=14984044).

It's actually quite easy to reproduce (the RCE aspect comes from the ProxyCommand and LocalCommand SSH options that you can set from the SSH command-line).

avivo 10 hours ago 2 replies      
Is there any site where as security vulnerabilities are disclosed, you can see each what platform/contexts are affected, which have updated, and how to do that update?
djstein 13 hours ago 0 replies      
For MacOS users simply use:`brew install git`Then restart terminal instance.
ing33k 15 hours ago 2 replies      
VrEdxxx 13 hours ago 1 reply      
I wonder how can I do it on OSX without brew or port?
the_common_man 9 hours ago 0 replies      
FYI, Cloudron has pushed out updates for Gitlab, Gogs (from their slack).
numbsafari 14 hours ago 1 reply      
I wonder how many "git client libraries" in various languages are also impacted by this.
diegoperini 15 hours ago 2 replies      
How can I do it on OSX without brew or port?
VPN Report Reviews of the top VPNs vpnreport.org
310 points by mobitar  2 days ago   219 comments top 68
kelnos 1 day ago 4 replies      
What's the intended audience for this? As a tech-savvy person, reading his commentary on TunnelBear completely discredited his site in my eyes. He talks about things that are completely irrelevant and are incredibly silly to even remotely care about from a VPN provider.

Despite his listed criteria at the top, the star ratings and rank order seem to be based on how the provider made him feel, and has nothing to do with actually how secure and privacy-protecting the provider is. (To be fair, though, without inside knowledge, it's hard to evaluate how up-and-up they are.) Based on his own metrics, PIA should be listed as #1, not #8; it's the only one that hits all nine of his "Important" list.

I'm completely baffled as to why this list was constructed as it is.

On a side note:

"First, I'm upset at Private Internet Access because I had to modify this site's CSS just for their needlessly long name."

Are you kidding me? Really?

abstractbeliefs 2 days ago 5 replies      
Regardless of how you feel about _why_ PIA sponsor the organisations they do, it is surprising to see someone claiming they "perhaps put [their money] to better use" given their record of supporting foss and digital/online rights [1].

Additionally, the characterization as being extremely focused on the tech illiterate I feel isn't really the case either, they have lots of docs about how to use OpenVPN [2].

Thirdly, while there's no online free trial, at DEFCON and other events they do liberally hand out free trial cards.

The above points, as well as reading the commentary, leads me to believe that the author hasn't spent much time at all using or understanding the various product offerings, and the written review and star-score seem to clash with the high feature based score listed above. I can't speak at all for the other providers, but I don't feel like PIA at least has been well researched.

[1] https://www.privateinternetaccess.com/pages/companies-we-spo...

[2] https://www.privateinternetaccess.com/pages/client-support/

As full disclosure, I'm a unpaid volunteer for a non-profit PIA has contributed to.I have used in the past, but do not currently use, PIA VPN.

sp00ls 1 day ago 5 replies      
Lol this site is a joke, how much is TunnelBear paying him for the top spot? They're the only VPN provider I see consistently spending money on marketing and sponsoring YouTube videos. 'Fun to use'..what? I don't care if my VPN is 'fun', I want it to protect my privacy.

He mentions that 2 of the VPNs are 'uninspired'. Sorry, I didn't realize that tunneling traffic to protect privacy was an art project and not a technical one.

FWIW I've used PIA for 2 years now with no issues. A TON of torrenting has gone through them and they don't care in the least. In addition when their Russian servers were seized I received an email immediately letting me know their current situation and about their key changes due to the event. Plus they no longer do business in that location due to it. Pretty top notch company in my eyes even if their site does look 15 years old.

joshstrange 2 days ago 3 replies      
Private Internet Access

> A pretty boring company. Extremely transactional. You get in and get out. It delivers its experience the way a utility company would. Sometimes, that may be a good thing. But in this case, since I have choice, I'd rather give my money to a company who would appreciate it a little more perhaps put it to better use.

PIA might be very "transactional" but I like them and I've never had any issues with their service. I'm surprised it didn't get a better rating. I don't need a flashy VPN, a utility is exactly what I'm looking for.

tptacek 2 days ago 8 replies      
To steal (and paraphrase) what is basically the perfect summary of this from @SwiftOnSecurity:

Commercial VPNs: for when you want all the security of Ukrainian coffee-house wifi from the comfort of your own home.

Taylor Swift isn't wrong about this. Use something like Algo to run your own VPN if you have to. If you must use a commercial VPN to get to Netflix or whatever, do it from inside a virtual machine that you use for nothing but that.

LeoPanthera 2 days ago 2 replies      
This guy has been reviewing VPN services for a while and has put together an incredibly comprehensive table as well as a selection of more detailed reviews, selected from the list at random so as to remain impartial. Recommended.


For example, TunnelBear scores highly on security, but poorly on ethics.

revanx_ 1 day ago 1 reply      
"The following VPNs were not reviewed due to their website experience being poorly designed. This can mean heavy use of stock photos, utter disregard for detail, difficult navigation, excessive and hard to follow text, non-defaulting to HTTPS, and overall poor usability. "

And apparently that applies to AirVPN? Lol, this guy lost all credibility, this is just another "honest and totally not payed for online review", thats why tunnelbear is righ there at the top (you see their commercials everywhere) and he even says it's his favorite VPN.


mathgenius 2 days ago 1 reply      
> PIA, Somewhat boring company.

I fail to see how being a boring company has anything to do with the service they offer. If anything, being boring is a very good thing.

wepple 2 days ago 1 reply      
> Extremely bland, stock-photo website. I felt uncomfortable giving them my email address, let alone my payment info.

That's not valuable information.

> A heavily marketed product lacking inspiration which I ultimately couldn't get to work properly.

At this point you've given up even trying. It's not a useful comparison any longer.

kevinr 2 days ago 3 replies      
lololol. Half of these VPN vendors show up on Kenn White's VPN Hall of Shame for offering unsafe configurations:


For anything actually sensitive, you're better off not using a VPN than using a VPN which provides an unsafe configuration.

If you'd rather not do your own pager duty for something like Algo, here's a recommendation I put together a while ago:


Raphmedia 1 day ago 0 replies      
I strongly recommend using That One Privacy Site's detailed VPN comparison charts. There is a lot more information in there.


Edit: Link to his charts as a Google Document https://docs.google.com/spreadsheets/d/1L72gHJ5bTq0Djljz0P-N... for a much better usability than the widget on the website itself.

chairmanwow 2 days ago 1 reply      
As someone living in China, a VPN provider that doesn't provide direct download links to their Android client is completely useless. The only way for me to install an app from Google Play store is to flash a custom ROM and install the Google Play Store, install another VPN (?!!) to access the Play Store, and then download the app in question.

Furthermore, the fact that Apple has just pulled VPN apps from its App Store and the unfortunate fact that you can't sideload apps makes iOS an untenable OS choice.

bitskits 2 days ago 1 reply      
Sad to see AirVPN excluded. While their website isn't the most elegant I've seen, it's not user hostile enough to abandon altogether, IMO.

It also seems a bit odd to rate VPNs on their specific technical merits and features, and then disqualify for their homepage UI or sign up flow. I'd venture most VPN customers would tolerate a lot of ugliness for a truly private, secure, and reliable service. I would.

anglebracket 2 days ago 1 reply      
> The screenshot of their app on the iOS App Store shows a bunch of credible logos of their mentions, but then quotes "VyperVPN is the best service on the market" as coming from a reddit comment by a random user. Questionable tactic.

That's referring to reddit the company, and it was quoting one of reddit's sysadmins: https://www.goldenfrog.com/blog/reddit-gives-every-employee-...

vacri 2 days ago 0 replies      
> The speeds were good and the apps work but are kind of boring

... isn't the point of a VPN do just do its job and stay out of sight? Why is 'boring' even remotely relevant to the VPN equation?

cgtyoder 2 days ago 1 reply      
Pretty surprised F-Secure Freedome wasn't mentioned - they're a major player and well-respected.
jk2323 1 day ago 0 replies      
"The only thing harder than finding a VPN provider is finding an honest VPN review website."

100% true since the "best VPN" likely has the highest affiliate commission.

In fact, websites that claim honesty and transparency like BestVPN and VPNMentor actually display pop-up alerts advertising their highest rated VPN.

"I built this website because I wanted to finally get to the bottom of the question: which VPN providers are trying to build an honest long-term brand while also delivering an exceptional product experience?"

This is a fair metric. Unfortunately useless for most VPN users but this is another question. And to give him credit: He does not use affiliate links.

I suspect that he knows little about VPNs and why many users have to use them. By the way, I suspect most of these VPNs to fail in China!

Astrill.com is good for China.

vcp.ovpn.to has a good reputation regarding privacy.

mcrocop 1 day ago 0 replies      
Reading his reviews I felt the author was looking for that warm feeling a toddler feels when being coddled by his mother. Take a look at his comments on PIA, "Extremely transactional. You get in and get out. It delivers its experience the way a utility company would. Sometimes, that may be a good thing. But in this case, I'd rather give my money to a company who might put it to better use."

What? Extremely transactional? You're in and out? When using my VPN I want to click 'connect' to connect, choose US if I want my connection for the US, and 'disconnect' to disconnect... No fancy website or pretty colors needed.

abalone 2 days ago 0 replies      
Interesting this showed up on HN the same day as the expos on Facebook's Onavo VPN logging its users activity.[1] I'm guessing Onavo should be put on that list and given zero stars.

[1] https://news.ycombinator.com/item?id=14972125

lalos 2 days ago 0 replies      
PIA has a kill switch on its client. That makes it for me. Lose the VPN connection and you lose the internet connection.
deadlyllama 1 day ago 1 reply      
I'm disappointed that Mo flat out disregards options "due to their website experience being poorly designed." A slick website means that money was spent on the website.

I've been using EarthVPN[1], one of his unreviewed options, for several years, and am very happy. It's cheap and cheerful, but yes, the website isn't great. The company is registered in Cyprus, and at USD40/year with three concurrent connections (from the same IP) and servers in many, many countries, it's a great way to bypass geoblocked websites.

[1] https://www.earthvpn.com/billing/aff.php?aff=1378

Cozumel 2 days ago 0 replies      
>'It's just so much fun to use'

Given that one of the criteria the VPNs were measured on was 'fun' makes me inclined to dismiss the whole thing.

VPNs are to stop the secret police from coming and killing your family and taking you away, 'fun' is coding, not playing with your life.

kevindong 1 day ago 0 replies      
Are you really prioritizing "fun" over an objectively better (by your own metrics) service (picking TunnelBear rather than OVPN)?


You also seem to be prioritizing aesthetic appeal over function. Is there a reason for that?

> TunnelBear has somehow figured out how to make VPNs fun.

> Extremely transactional. You get in and get out.

> Heavy use of stock photos, fake customer service agent profiles, and sensational marketing copy.

> Extremely bland, stock-photo website. I felt uncomfortable giving them my email address, let alone my payment info.

> But I sort of like it when companies show more humility.

> First, I'm upset at Private Internet Access because I had to modify this site's CSS just for their needlessly long name.

gmac 1 day ago 1 reply      
I've been considering setting up a slightly different VPN service one that provides each user their own dedicated VPN server (based on my IKEv2 config script, https://github.com/jawj/IKEv2-setup).

100% vapourware web presence here: http://digitalsnorkel.net/


mstaoru 1 day ago 1 reply      
I'm still looking for a reliable provider that would support openconnect and / or wireguard. Alas, here in China OpenVPN-based VPNs are getting more and more flaky, with talks of shutting down completely soon (not talking about the fake Bloomberg article). IPSec and Socks5 never really worked. Streisand only really works on AWS and having an AWS public IP means no Google most of the time (they block whole IP ranges), annoying Cloudflare captchas and other quirks.
toomanybeersies 2 days ago 2 replies      
Obviously not ideal for non-technical users, but I found it really easy to spin up a VPN on Digital Ocean.

I'm sure it wouldn't be hard to make it almost a turnkey operation, just run the script and you're good to go, and then it would be a viable option for non-technical people.

Of course, not ideal for anonymity, but a perfectly fine solution for if you want the security benefits of a VPN, or to get around geoblocking (I originally spun up my VPN to watch something that was geoblocked, now I keep it for when using open wifi connections).

mtmail 2 days ago 1 reply      
Too be honest despite your reassurance I still expected that there would be affiliate links, purchase cookies or other tracking somewhere (I checked, all good). Thanks for sharing your reviews!
evancaine 1 day ago 0 replies      
This site seems to me an imitation of sitebuilderreport which was featured on indiehackers recently [1]. The design and copywriting are similar. OP, was your site inspired by sitebuilderreport or are you connected with that site?

[1] https://www.indiehackers.com/businesses/site-builder-report

fishywang 2 days ago 0 replies      
From the one line summaries, OP seems to prefer native apps vs. open protocols (e.g. OpenVPN/L2TP/etc.), why is that?

I looked at the Chrome extension of TunnelBear and it requires some ridiculous permissions [1], much more than just "change your proxy settings". This doesn't seem right.

[1] http://imgur.com/3PuH0tE

jiggunjer 1 day ago 0 replies      
How do you not get IP vanish to work? it's literally just a windows installer & reboot. You can manually add a server on Android too using their guides (they have step-by-step pictures!). O.m.g. I chose IPVanish over NordVPN because the later required me to upload a photo of my passport (to a third party) when paying! Who does that?!
gerdesj 2 days ago 4 replies      
I'm (British) getting the impression that VPNs are becoming rather important to Americans (int al). Please bear in mind that us foreigners don't always get the memo about the current flavour of the day in all countries. I'm well aware that citizens of CN and many others really need privacy but it seems that there is a reasonably recent strange US fetish with VPNs.

Could someone please explain?

captaindoe 1 day ago 2 replies      
Founder of OVPN.com here. Im happy to answer any questions regarding our infrastructure, policies or tech stack.
abavatar 1 day ago 0 replies      
"Facebook uses an internal database to track rivals, including young startups performing unusually well, people familiar with the system say. The database stems from Facebooks 2013 acquisition of a Tel Aviv-based startup, Onavo, which had built an app that secures users privacy by routing their traffic through private servers. The app gives Facebook an unusually detailed look at what users collectively do on their phones, these people say.

The tool shaped Facebooks decision to buy WhatsApp and informed its live-video strategy, they say. Facebook used Onavo to build its early-bird tool that tips it off to promising services and that helped Facebook home in on Houseparty."

via https://www.wsj.com/articles/the-new-copycats-how-facebook-s...

bitexploder 2 days ago 1 reply      
TunnelBear claims to be secure but all they offer is an opaque app. Uhh, no thanks. I prefer to run my own VPN client that doesn't have potential spyware in it. I am surprised this was so highly rated by someone reviewing VPNs.

edit: I know you can't make everyone happy, but there are a LOT of VPN options out there and only the very best should be making it through.

reflexing 1 day ago 0 replies      
I'll just leave it here: https://torrentfreak.com/vpn-services-anonymous-review-2017-...

The scene guys know their stuff.

parito 1 day ago 1 reply      
What this review really lacks is the additional features VPN's can provide, such as malware and fishing protection, location diversity, scale, jurisdiction, protocols supported, etc etc.

I am a happy user of NordVPN with all of the above points adressed by them really well. BTW the latest feature, CyberSEC also blocks ads which is a major plus for me, making the VPN that much faster.

[1] https://nordvpn.com/blog/security-feature-cybersec/

thinkMOAR 1 day ago 0 replies      
I kind of expected network based tests as reviews.

E.g. throughput, latency, connection setup, encryption strengths, fixed ip address etc etc. This is just a feature compare, where one trusts the vpn provider on their blue eyes, e.g. "No logging or tracking"

I cannot imagine a sane service provider that doesn't have some kind of logging, not of your (in vpn case,) browsing activity itself, but when you connected, what accounts are getting brute forced, etc etc. This is logging too.

rocky1138 2 days ago 1 reply      
I use KeepSolid. I've been really impressed. I think his review has done them a disservice. They have a really helpful app on all platforms and their staff are friendly, too.

Disclaimer: none. I have no affiliation other than I am a customer.

linkmotif 2 days ago 0 replies      
"Honest" is such peacock language. Unsettling seeing it like this.
blubb-fish 1 day ago 0 replies      
Any opinions on ProtonVPN? I use it now more or less everywhere. No problems with it - it's fast enough (though definitely slows down my connection from about 12 to 16Mb/s to about 5 to 10 Mb/s.

I chose it b/c the organization behind it seems trustworthy. I don't know what the author has in mind when he labels the billing practice "shady".

MBCook 2 days ago 2 replies      
Both iOS and macOS (I don't know about windows, I havent used it recently) have built-in VPN clients so what would be the advantage to using a client from the VPN provider?
mcrocop 1 day ago 0 replies      
How did this make the front page? People voting this story up must not have read his actual analysis. Pathetic.
mcrocop 1 day ago 0 replies      
He doesn't like PIA, a company that sponsors dozens of security companies/projects/etc because he would rather the company he chooses put their money to better use.... Like make bear graphics so his VPN is 'fun' to use.

Again - how did this make the front page... Embarrassing for HN.

welder 2 days ago 1 reply      
Could use a breakdown of which criteria each provider supported, because just a colored circle doesn't show which of those criteria are supported or not.
jk2323 1 day ago 0 replies      
Questions, any advise/help appreciated:

1. oVPN.to Does it work in China? (Support not helpful but I still like them)

2. Does Softether https://www.softether.org/ work in China?

mirimir 2 days ago 0 replies      
I'm not impressed with this review. The author doesn't even mention the need to prevent leaks with firewall rules.

Edit: As others note, he doesn't include AirVPN, which is one of the best activist-focused services around. And his comments about IVPN are bizarre. It is expensive. But it has no affiliate program, and its apps are among the best. In particular, for being leak free.

Proof 1 day ago 0 replies      
Horrible article. If he tried the services he didn't like the websites for (fucking childish excuse btw), he would realise that airvpn offers all the services he was treating as a pro. This is a dissapointing read, and even more disgusting it made its way up to the top of this great website.
bamboozled 2 days ago 0 replies      
Thanks for this! It's pretty cool and it's nice to have something to pass on to friends who are interested in subscribing to a VPN service.
mobilio 2 days ago 0 replies      
mk89 1 day ago 0 replies      
All this article is missing is the referral links - then I don't see any difference with other websites, which the author wants to distinguish from. Actually, there are some good websites around - it just takes a lot of patience to search...
darkblackcorner 1 day ago 0 replies      
I think you're better off with this for a proper technical feature-set... https://thatoneprivacysite.net/vpn-section/
belorn 1 day ago 0 replies      
A Nice-to-have would be static IP address so that you can run a private home server. Pity that the site don't include this since only a few vpn providers have an option for that.
Izmaki 1 day ago 0 replies      
Has the world forgotten about iPredator? The VPN service spawning from the legal issues with The Pirate Bay. One would assume that a VPN "by crime riders, for crime riders" would fulfil all the requirements and many more.
GTP 1 day ago 0 replies      
I think that https://thatoneprivacysite.net/ has a much better VPN comparison.
newbear 2 days ago 1 reply      
If I just don't like the feeling of being logged on some ISP , is paying for a VPN something for me? Any free options for privacy ? Or is it more for torrents and stuff?
scottmcdot 2 days ago 1 reply      
Is the TunnelBear "Vigilant" feature like a kill switch? So if the VPN drops out, it doesn't revert to downloading via non-VPN?
jianshi 2 days ago 0 replies      
Can you try https://cypherpunk.com/ and add it to the list?
theprop 2 days ago 0 replies      
We don't know if IPSec or L2TP is compromised...could be either or both. So why is using Ikev2 with IPSec secure??
sly010 1 day ago 0 replies      
What's up with all these VPN review websites? Are the affilite fees that good?
Mefis 2 days ago 1 reply      
This seems like a good thread to ask this.

I'm about to move to China. What vpn set up is best?

I use and android phone and Mac laptop.


MachinShinn- 1 day ago 0 replies      
Surprised few people picked up on this... this site is 100% Bullshit. The "ratings" are purely driven by which server is offering the author a commission per sign up.

How do I know this? I do the same thing with my sites.

gambiting 1 day ago 0 replies      
Why is private Internet access so low? It ticks almost all boxes, has a native client for windows/Linux/Mac/android/iOS and I have used it on a 300Mbps connection with no degradation of speed. Yet here it gets 2/5 stars? Why??
WhiteSource1 1 day ago 0 replies      
You know the VPN providers paid for the ranking.
wyclif 1 day ago 1 reply      
He didn't review OpenVPN, or even mention it.
k734730 1 day ago 0 replies      
If they don't test cryptostorm this review is pretty worthless. They are one of the best options out there.
nerdynerd 1 day ago 0 replies      
shill detected how does this tripe get so high on HN? is this reddit?
rubatuga 2 days ago 1 reply      
I hate to sound like I'm advertising, but I've found blackvpn quite good. It's based in Hong Kong.
dbg31415 1 day ago 0 replies      
I use PIA, and it's great. I don't know why they listed it as low stars.
Filecoin Suspends ICO After Raising $186M in One Hour financemagnates.com
270 points by ianopolous  17 hours ago   341 comments top 6
joeblau 17 hours ago 7 replies      
I listened to this YC podcast[1] twice with Juan Benet. Listening to Juan talk about a lot of historical information and the correlations he drew was fascinating. When he tried to explain the need for Filecoin to Dalton, I just didn't hear it. Dalton kept asking him over and over what the point was and he kept giving non-answers (at least in my opinion which doesn't mean much to be honest). I understand the goal of the protocol and the incentive structure behind the protocol, but I don't see a clear vision with the product.

[1] - https://blog.ycombinator.com/ipfs-coinlist-and-the-filecoin-...

dpiers 10 hours ago 8 replies      
Can we stop describing ICO raises in USD? They raised ethereum tokens (ETH). The value of those tokens is specious, as there is no liquidity for the volume of ETH raised.

Based on current ETH/USD rates, the USD figure given translates to ~614K ETH. The value of 614K ETH has ranged from 92MM USD to 240MM USD in the last two months, and has been as low as 4.3MM USD since the beginning of the year.

sktrdie 15 hours ago 10 replies      
What's important to note about ICOs is not necessarily whether the idea is actually practical and that it will work.

What matters right now is whether the idea can stir our intellect and get the crowds excited.

This is because behind the idea there's a new token which value is completely driven by the excitement of the crowds (it's pure speculation).

If I invest N amount of money in a token which gets people excited, I will surely get back N + <crowd excitement>.

So it's sort of like a snake that bites its own tail, and we see these crazy prices specifically for this reason. People are not investing hoping for the project to be developed - they're investing because they know others will as well, which will drive the prices up.

ICOs are a new breed in economy where people can speculate, anonymously, using tokens that are distributed to the crowds in various ways (PoW, initial distribution, etc.). What does this mean for our future economy? I'm not sure, but it surely looks exciting (even though most projects behind ICOs are complete crap).

If our future economies will be driven by these tokens, we might think back at this period of time, looking at perhaps the people who will be the %1 of the future.

Torai 17 hours ago 3 replies      
So much people with much money trying to find new ways to make money out of money. That says much about the current state of the economy.
wscott 16 hours ago 2 replies      
I decided not to invest after reading this:https://medium.com/token-economy/the-analysis-filecoin-doesn...
prepend 16 hours ago 6 replies      
I don't understand why they would do the coin offering now. The network is inoperable and won't be for quite a while.

The main advantage to me seems to be a more of a community-driven storage approach. S3 is really cheap and really reliable and really old. A distributed file store would be cool, but as a community/free network like P2P. The $200M seems really high for a community project.

Timescale, an open-source time-series SQL database for PostgreSQL timescale.com
339 points by pbowyer  1 day ago   92 comments top 26
daurnimator 1 day ago 2 replies      
Could you contrast this with the approaches mentioned in the series of blog posts starting here: https://grisha.org/blog/2015/09/23/storing-time-series-in-po...

That blog post grew to be tgres http://github.com/tgres/tgreshttps://grisha.org/blog/2017/03/22/tgres-0-dot-10-dot-0b-tim...

mnutt 1 day ago 2 replies      
A project I work on has time series stats in postgres--it's essentially an interval, a period, a number of fields that make up the key, and the value. There's a compound index that includes most of the fields except for the value. It works surprisingly well, for tens of thousands of upserts per second on a single postgres instance. Easy app integration and joins are a huge plus. I'm really curious to check this out and see how it performs in comparison.
buremba 1 day ago 1 reply      
Why do you usually advertise the write performance? Let's say that I have "100+ billion rows (the number in your landing page)", how much time it takes to run a simple GROUP BY query?

The benchmark repo doesn't actually include the performance comparison between Timescale and Postgres: https://github.com/timescale/benchmark-postgres#benchmark-qu...

This blog post (https://blog.timescale.com/timescaledb-vs-6a696248104e) has some query benchmarks and the main benefit it that the hypertable will partition the data smoothly and if we query the table by filtering with timestamp column, it will be fast since Timescale uses partitioning as an indexing method.

craigkerstiens 1 day ago 2 replies      
Great to see what you all are doing.

Are there any plans to move timescale to be an extension as opposed to a fork? We've found ourselves at Citus that maintaining an extension lets us more easily stay up to date with current releases. Would love to see the same applied to timescale.

Edit: Looks like it is already one, just was unclear in the docs on the setup steps to me. Well done all.

MightySCollins 1 day ago 1 reply      
Please stop tormenting me. This looks like exactly what we need (I was looking into manually partitioning the other day) it's just so annoying there is not yet Amazon RDS support.
joaodlf 21 hours ago 1 reply      
I've come to rely heavily on Cassandra, but I miss good old SQL and adhoc functionality. Systems like Cassandra bring orher requirements when you need flexible data (Spark, for example), technical debt is always a worry for me.

I want to give this a go for sure!

lurker456 19 hours ago 1 reply      
further evidence of how postgreSQL is eating noSQL. Every good concept first implemented in a custom noSQL solution eventually becomes an extension in postgres.
koffiezet 16 hours ago 2 replies      
While nice, it suffers from the same problem storing timeseries in any sql database: you have to predefine your tables. For a fixed and known set of metrics, that's all fine, but if you look at the possible outputs of for example Telegraf, things become a bit more tricky to pre-create all tables/schemas...
orion138 9 hours ago 1 reply      
Great work! I was curious about a few things:

1) Are you planning on using citus for clustering? Or will you have your own clustering implementation separate from Citus?

2) Can you still use barman, wal-e, etc for backups?

3) What are you guys using to generate docs.timescale.com? :)

4) Do you use any sort of custom on disk format?

5) Do you plan on implementing any sort of delta compression?

6) Is there/do you plan to have support for creating roll up/aggregation tables?


Throaway786 1 day ago 2 replies      
We have a requirement of saving 100million data points every 5 mins. What options should we explore for real time system for last 15 days of data and archival system for last 3 years of data?
overcast 1 day ago 0 replies      
Alright, I'm excited to check this out. Been teetering on InfluxDB for a while, but not something I wanted to just introduce into corporate. Great work guys!
atemerev 19 hours ago 0 replies      
Whoa, fantastic!

I have managed to design a vanilla PostgreSQL solution, with partitions and BRIN indices, but there are too many hops to jump. I am excited to check if it will work out of the box. 100 billion rows per server sounds exciting!

Tostino 1 day ago 1 reply      
This is something i've been meaning to look into for a personal project that has a lot of time series data. It'll be interesting to see what they eventually come up with to make time series data not take quite as much space.
_Codemonkeyism 19 hours ago 0 replies      
We have been using Postgres for a smaller event time series database (millions of rows) with good success.Tables are partitioned.

Some user reports (aggregations) are ~5secs so we batch-pre generate them currently.

Eeager to look into this to replace generation of reports with real time reports.

odammit 1 day ago 1 reply      
This looks cool. I love things that get rid of extra dependencies. Influxdb is nice but then I have to support it, get stuff into it and get stuff out of it.

Timescale isn't currently supported by RDS/Aurora though, so it looks like more influx for me wooohooooo!

anemic 23 hours ago 1 reply      
Can this be queried with Grafana or some other visualization tool?
hof 1 day ago 1 reply      
How would this work together with something like Stolon? https://github.com/sorintlab/stolon
shady-lady 19 hours ago 1 reply      
What is the extra size on disk as a result of using this?I'm guessing there's some overhead?
ericb 1 day ago 1 reply      
Is the business model to charge for the clustering release?
hotwagon 1 day ago 1 reply      
At a higher level, is this the same concept as Datomic?
continuations 1 day ago 1 reply      
So this is based on Postgresql. How does it compared to other solutions that are written from scratch to be a time series DB like influxDB?
riku_iki 1 day ago 1 reply      
How timescale fits postgres maintenance patterns(replication, backup)?
gaius 14 hours ago 0 replies      
How does this compare to Vertica?
dpen2016 19 hours ago 0 replies      
Why no redirect to https here?
freestockoption 1 day ago 1 reply      
Any support for RDS? :)
manigandham 1 day ago 1 reply      
Any SQL database can do time-series well with more functionality then the specialized stuff like influxdb which doesn't really have much reason to exist at this point.

Citus is a another good alternative and SQL Server and MemSQL also have in-memory and columnstores if you need the performance and scalability.

UX brutalism uxbrutalism.com
327 points by takinola  22 hours ago   169 comments top 34
SwellJoe 19 hours ago 18 replies      
This is funny, but I think also misses the point of Brutalism entirely.

Brutalist architecture is functional first (but often beautiful, too). The examples of Brutalist web design almost entirely miss out on being functional by being hard to read, abstract (not merely containing abstract elements, but abstract at its core), and lacking in the clean hard lines commonly seen in Brutalism.

There are some examples in the linked gallery (http://brutalistwebsites.com/) that I think can be fairly compared to Brutalist architecture, but nowhere near the majority of them. Most are just ugly and gimmicky. Brutalism may have been ugly and gimmicky at times, but it wasn't the core motivating force for any Brutalist work of note.

whack 14 hours ago 1 reply      
Ironically enough, WaPo has an entire article about the brutalist trend in web-design, and the very first example they give is Hacker News.


JackC 15 hours ago 3 replies      
I like brutalist websites because they remind me of those weird passion projects you find on the web from time to time ...

Netochka Nezvanova [1]

Ted's Caving Page, with the story of his discovery in a local cave [2]

TempleOS [3]

Jon Bois' Future of Football [4]

They have the vibe of one person with a keyboard and a strange dream, and that's what I love about the web.

I feel weird about a UX design shop critiquing this aesthetic, because they're such different worlds, and I don't want the professionalized web shutting down the personal web. But maybe that's the point: web brutalism is a cool, freeing thing in projects that really are personal, but risks becoming selfish or self-indulgent when applied to the wrong project.

[1] http://web.archive.org/web/20121023110850/http://www.salon.c...[2] http://www.angelfire.com/trek/caver/page1.html[3] http://www.templeos.org/[4] https://www.sbnation.com/a/17776-football

deepakkarki 18 hours ago 5 replies      
Heh, it took me a while to figure out that this class of design was called "brutalist" by the design folk. I had seen such designs before and wanted to make a similar themed webpage for my side project. I was frantically searching the web for "minimalist design", "black and white design", "newspaper/magazine like web design" etc.

Web link for those interested https://discoverdev.io

have_faith 19 hours ago 6 replies      
What comes after brutalism in web design? romanticism? new-sincerity? Button labels like "I would appreciate it if you clicked me because I generate ad revenue".
gandutraveler 18 hours ago 1 reply      
Reddit or HN are best examples of Brutalism.
omnimus 4 hours ago 0 replies      
Most of the websites labeled as "brutalist" are actually extremely over designed and are made by very good graphic designers. They are "elite" bored/over with mainstream view of what is currently considered pretty and they try to push it further. It's about destroying conservative views.

It's like some sort of experimental technology. Design like this is needed because thats how inovation and new ideas come back to mainstream design. So it is not exactly for mainstream audience but for the second wave of designers liking those unusual ideas, taking pieces of it and putting it back into mainstream.

I guess it's same process as in music or in computer sciences.

The fact that for past few years this kind of design started to be popular among the "elite" means that in next few years we might start to see more websites like reddit and craigslist :)

bane 15 hours ago 1 reply      
It's interesting how the site really reminds me of the GUI design of late 80s early 90s professional software.




Numberwang 18 hours ago 1 reply      
I don't understand the need for this. Material Design is the pinnacle of human creation. Everything should be Material Design forever.
JoshMnem 10 hours ago 0 replies      
It's much better than the accessibility problems (animation, color) that are fundamentally baked into ideas like Material Design.
geff82 18 hours ago 0 replies      
Brutalism is meant to expose the function in a "brute" way, not necessarily to hurt the eye (yet it does not care). Bad user design might be brutal, but not Brutalism.

I think "UX/WEB brutalism" should be based on the minimalism that has spread through the western style web, then taking away some of the beautifying/graphical elements, yet adding "brutally clear" navigation/interaction elements (and not hiding them in a hamburger menu, for example). It should be a pure focus on what is presented (from a content perspective) and how you can use it. Any form of beauty for beauty's sake (like nice background pictures, too much graphics, fancy effects...) should be avoided.

chris__butters 17 hours ago 0 replies      
You can see brutalism in a lot of late modernist graphic design, which to me is quite ironic seen as it is usually applied to architecture to be function first rather than "lets just make this look brutal" - as with everything this comes down to the audience.

Brutalism among graphic design is (from my perspective) mainly targeted at the graphic design elite although when used digitally is targeted at the same as well as those who can see past the prettiness to achieve what they are looking to without any issues.

artur_makly 16 hours ago 0 replies      
what goe around comes around i guess. Myspace i feel was the epitome of ths so-called "brutalism". worked wonders for them in terms of product differentiation at a time when the first semblemnce of coherent UX design standards were appearing on the web.

its great for fringe underground magazines, gamers, music aficionados, and artists of all kinds.

personally i hope it trends as the general web has become mind numbingly boring / predictable as fuk.

jansho 15 hours ago 1 reply      
I adore UX brutalism.

It's a weird paradox that I enjoy design, but at the same time feel that MOST (caps necessary here) of them are actually faff and pretentious. I keep coming back to brutalist style, as the one I feel the least uncomfortable with, and I'm so glad it's now officially recognised.

(Or maybe give it two years before I start complaining again.)

nkkollaw 18 hours ago 0 replies      
This sums it up perfectly: "framework for designing brutalist experiences that your design peers will love".

This style is made for other designers, not users. I often hit the back button because besides Bloombergafter they tweaked it to be less extremebrutalist websites are absolutely unusable and a nightmare to use. Also, they just seem broken and that reflect bad on the company.

Designers should design for users, not themselves.

calebm 9 hours ago 0 replies      
Reminds me of a website that seems in this aesthetic, though I would categorize it as more "David Lynch-esque": http://northernground.com/
jccalhoun 13 hours ago 2 replies      
Funny. I just ran across the Brutalist Framework the other day http://www.brutalistframework.com/I still can't tell if it is a joke or not.
retube 17 hours ago 0 replies      
Way better than material
Bromskloss 15 hours ago 0 replies      
If only brutalism would have confined itself to website design, I would be satisfied.
d--b 10 hours ago 0 replies      
The OP assimilates raw aesthetics with neglecting design.

Brutalism is as careful as design can be, only with as little aesthetic tricks as possible.

muzani 15 hours ago 0 replies      
After a career of developing MVPs, this really clicks with me on a deep level. This site isn't it though. I do think websites and apps need to be built really fast and easily, but they still have to look better.
tmaly 15 hours ago 0 replies      
I liked how the site gave me the feeling that it is like a learn startup type method of design.

I signed up for the newsletter to just see, and plenty of the previous content they make available seems intriguing.

pc86 13 hours ago 0 replies      
> The secret to great brutalist UX is contrast.

Said on a page with dark grey text on a light grey background.

rch 10 hours ago 0 replies      
If more sites looked like this we probably wouldn't need amp.
werber 14 hours ago 0 replies      
"UX brutalism is a relatively new concept, and we don't expect it to last too long."
mhz 14 hours ago 0 replies      
That website had 18 JS warnings on load :/Isn't it supposed to be highly functional?
thefuzz 14 hours ago 0 replies      
Would you say https://www.technologyreview.com/ is brutalist design?

If so, I'd say it's one of my favourite brutalist websites!

werber 16 hours ago 0 replies      
This reminds me of Butt magazines aesthetic
digitalengineer 17 hours ago 1 reply      
>The brutalist persona document aggregates all the assumptions you have about your users into a single place.

This can't be serious right? Assumptions? What about data & research?

frik 15 hours ago 0 replies      
UX and UI brutalism meets in MetroUI/ModernUI of Win8/10, ugly as hell color schemes and designs. It reminds me of ugly brutalism/"modern architecture" that was so common in 1960s (prefab buildings).

The Win3x/9x/XP/Vista/7, iOS6 & current macOS/iOS, Android 5+ UI and UX are so nice.

hatsunearu 14 hours ago 0 replies      
some (all?) of it isn't brutalism, it seems postmodernist.
pesto88 11 hours ago 0 replies      
It would be nice if they used CSS for all the examples
stillhere 14 hours ago 0 replies      
Regarding brutalism: I think Prince Charles said it best, "You have to give this much to the Luftwaffe. When it knocked down our buildings, it didn't replace them with anything more offensive than rubble."
ianyang 17 hours ago 2 replies      
I can't think of anything I hate more.
Monsanto Was Its Own Ghostwriter for Some Safety Reviews bloomberg.com
297 points by Red_Tarsius  2 days ago   42 comments top 10
rubatuga 2 days ago 8 replies      
You should realize how important money is in research today. The main job nowadays of principal investigators (PI) for research labs is to write applications for grants and fundings. These labs are usually underfunded and will accept any private funding if necessary. For example, the PI for my nutrition lab received funding from a Canadian agricultural company for a study on Canola oil. When the test results of the study were investigated (which I don't exactly recall), they were not in favour of Canola oil. The PI therefore "voluntarily" decided not to publish the results. I asked her why, and she said that if she published the results she would not be likely to ever receive funding from the company again.

My point is that a lot of research conducted today is funded by ulterior motives, be it political, private interest, or a company like Monsanto. I fully expected a company like Monsanto to be engaged in this behaviour. The days of pure/basic research are dead, especially with funding from the public sector drying up.

edit: oops i meant to write principal investigator (PI)

pella 2 days ago 0 replies      
1 week ago:

"Monsanto leaks suggest it tried to kill cancer research about weed killer (baumhedlundlaw.com"


jaclaz 2 days ago 0 replies      
The actual "news" are IMHO only that this can proven as they have been caught with their hands in the cookie jar.

I often dream of some news like "Independent research actually found to be independent".

unclebucknasty 2 days ago 0 replies      
Interesting timing for me. I just yesterday read an Atlantic article titled "How America Lost Its Mind" [0].

The tldr; of that article is that Americans have had an increasing tendency to create our own realities and to believe anything we choose. This includes conspiracy theories like the government is purposely allowing cancer treatments to be withheld, as well as the idea that vaccines cause autism, etc. The article then goes on to suggest that choosing what to believe is part of being American. I don't necessarily agree, as I think the article was woefully inadequate in assessing the damage that financial interests play in willfully misleading people and creating a post-truth world.

Here on HN, I've had "debates" with people who nearly suggested that glyphosate is the greatest thing that ever happened to mankind. When I cautioned about safety concerns due to overuse, I got the standard pointer to the studies, etc. If you question the studies, then you find yourself being painted as some sort of anti-science conspiracy-theorist. This, when we essentially all know how research is done and the degree of rampant regulatory capture that exists.

I guess my point is that when many of the institutions we're supposed to trust are largely captured and firms that have direct financial incentive to mislead are allowed to decide what's real, then it is an assault on truth and reason. When we ignore this fact and encourage blind-belief in these institutions (worse, allowing them to act as proxies for "the ultimate truth of science"), then we are aiding in the creation of the very post-fact world we claim to abhor.

[0] https://www.theatlantic.com/magazine/archive/2017/09/how-ame...

shapiromatron 2 days ago 1 reply      

> The Expert Panel Members recruitment and evaluation of the data was organized and conducted by Intertek Scientific & Regulatory Consultancy (Intertek). The Expert Panelists were engaged by, and acted as consultants to, Intertek, and were not directly contacted by the Monsanto Company. Funding for this evaluation was provided to Intertek by the Monsanto Company which is a primary producer of glyphosate and products containing this active ingredient. Neither any Monsanto company employees nor any attorneys reviewed any of the Expert Panel's manuscripts prior to submission to the journal.

Seems misleading.

exabrial 2 days ago 0 replies      
"every company" was accidently misspelt as "Monsanto" in the title.

I'm not trying to jump to their defense, but can you think of a situation where the opposite would happen? Think about it, any company that funds research is going to be a subject area in their market.

Unless there was a specific ethical issue here, this isn't "news", this is a thorn in the side of the [otherwise wonderful] free market.

Cryptogocrazy 2 days ago 0 replies      
I don't know the legality of what they did, but it's pretty clearly a reason to favor government involvement in fringe cases like this. Sounds like what they did was fraud.
cryoshon 2 days ago 1 reply      
so, where are the HN commentators who were defending monsanto left right and center during the recent safety debates?
throwawaymanbot 2 days ago 1 reply      
Yet again, American style Capitalism giving regular ole Capitalism a bad rep.
londons_explore 2 days ago 5 replies      
I don't really see anything wrong with using a ghostwriter, as long as the person/organisation whose name is on any document fully read and agreed with the contents, and would stand by them as their own.
HyperCard On The Archive archive.org
311 points by dogecoinbase  1 day ago   105 comments top 27
rhencke 1 day ago 7 replies      
Hypercard is largely responsible for my love of programming. As a kid, I would work with my sisters on making games in it. It was a beautiful combination of half painting program, half drag'n'drop GUI creation that we used to make adventure games. Each card represented a room, and my sisters would draw on it using the paint tools, and I would follow up after and add invisible buttons over doors and the like to allow for 'moving' through rooms. We'd then use the built-in MacInTalk speech stuff to make characters say things, too. Granted, they were silly little games without much point to them, but... as a kid, man. It was like magic, learning you could have computers do this.

I was sad when Hypercard fell out of general distribution with the Mac, but I'm happy to see it here.

tedmiston 1 day ago 2 replies      
Hypercard in a lot of ways is what the Web could have been.

If never became as easy to create high quality freeform sites and apps as it was multimedia Hypercard decks and games. Hypercard changed my life in childhood, even without learning about its scripting features.

HyperStudio was pretty good too. We used that in school quite a bit.

jamestnz 22 hours ago 4 replies      
In addition to echoing all the dev-related stories in this thread, I have very fond memories from my childhood of playing a 1988 HyperCard-based game called The Manhole (on our SE/30, and later Power Mac 8100).

It was an immersive and extensive visual world, where the main point was just to explore. It was implemented as a series of linked HyperCard stacks, each sized to fit on a floppy disk. You'd come to remember the exact points of the game that would throw up a modal dialog prompting the insertion of the next required disk.

And, it happens to have been made by the brothers Rand and Robyn Miller, who later went on to create Myst (which itself is very reminiscent of The Manhole).


Unrelatedly, I wonder if anyone in this thread remembers SuperCard, a third-party knock-off of HyperCard that offered such amazing innovations as color graphics. (I also seem to recall some kind of hack where you could use ResEdit to get colour images into HyperCard stacks even though it wasn't officially supported, but the details are fuzzy).

pmarreck 1 day ago 4 replies      
Bill Atkinson apparently kicks himself for not being the first to realize that simply making the stacks work over a network could potentially have been the first "web browser" (or at least, internet hypertext engine)

HyperCard was totally awesome at the time.

CaliforniaKarl 1 day ago 5 replies      
HyperTalk was the first programming language I ever learned. Now I understand how each card was an object that I was manipulating.

It was so good! It's too bad it never became more popular and disappeared.

dustingetz 1 day ago 0 replies      
My project is a bit of a spiritual successor to HyperCard: https://github.com/hyperfiddle/hypercrud.browser
sthielen 22 hours ago 0 replies      
Hypercard was before my time; I heard about it recently when someone compared it to what we're building with Metaverse [0].

When you so dramatically reduce the friction required to create that anyone, especially non-technical folks, can do it, all kinds of amazing things happen. I watched an 11 year old build the "Not Hot Dog" app from Silicon Valley, using Google's Vision API, in ten minutes (from never having seen the Metaverse Studio to having her app deployed on device, cross-platform, and sending it to her friends; this is how creation SHOULD be for 99% of people!).

[0] - http://gometa.io (also check out how easy it is to create apps that integrate with IoT devices: https://www.youtube.com/watch?v=SPrBLPG3Smk -- Hypercard for the modern age!)

zopf 1 day ago 0 replies      
HyperTalk was my first programming language!

I helped a friend build a choose-your-own-adventure murder mystery game called Blood Hotel, and found myself obsessed with the feeling of inventive power that programming enabled.

I ended up building an animated space invaders game, and even tried my hand at writing a "virus" in HyperTalk that would infect other stacks with its code.

Ah, the good old days. Lovely to see this at the top of HN!

chairmanmow 11 hours ago 0 replies      
Hypercard was the best - I messed with it nearly constantly from when I was 13-15. Remember being stuck in the computer lab for study halls and whipping up animations that would mock teachers at the school.

The hardest thing I made at that time was a wack-a-mole style game where the cards flipped randomly with a button/graphic to wack the thing. I couldn't figure out how to make it click a button while it was in the loop, but eventually I figured out how to break it to click the button. I still remember the code : 'if the click then click the click lock'

good times

brentjanderson 1 day ago 0 replies      
HyperCard was my first foray into programming at the Christa McAuliffe Space Education Center - Apparently Starfleet runs on HyperCard, [here's a video][1] showing the program in action. Most of the software in the video is built in HyperCard.

[1]: https://www.youtube.com/watch?v=XG2lSb1xrNM "Four Hours: A Space Trip"

jandrese 9 hours ago 1 reply      
Holy shit, one of the old stacks I wrote in high school and uploaded to AOL shows up on the first page of that list! Right near all of the eyebrow raising "What exactly are the sex laws in my state, asking for a friend..." type stacks.
kylestlb 22 hours ago 0 replies      
My 7th grade 'computers' class was basically a HyperCard course. It was amazing and I made a cool choose-your-own-adventure game.
bsclifton 21 hours ago 1 reply      
HyperCard was amazing. My first online experience was with AOL in 1993 and they had a HyperCard section where you could upload/download your stacks. I racked up huge bills hanging out in that area (pay by the minute)
setori88 1 day ago 0 replies      
My project http://www.fractalide.com is looking to build out a new hypercard type environmont
coldcode 1 day ago 1 reply      
I loved Hypercard for prototyping UI back then. UI designers didn't really exist and programmers like me typically designed stuff, don't laugh, having artists involved was a web era thing for the most part. Being able to prototype and animate quickly was incredibly useful for explaining an idea to a product manager, or showing another programmer what you had in mind. Today there are great tools but they are clearly meant for a different audience.
oso2k 21 hours ago 0 replies      
I love the stuff the Archive keeps coming up with. I'm glad I finally started donating to their cause last year.
hsivonen 23 hours ago 0 replies      
I did my first programming in HyperTalk, which I learned from the HyperCard 2.0 manual.

Back then, software came with well-written paper manuals, and the translation quality (into Finnish in my case) was very good, too. I feel like Apple manuals peaked with HyperCard 2.0.

eligundry 12 hours ago 0 replies      
Justin Falcone has a fantastic talk about the importance of HyperCard. He did all the slides in HyperCard and he gets super into it.


ontouchstart 1 day ago 2 replies      
I can even play it on iPhone:


Moving cursor with touch is kind of challenging though.

twsted 20 hours ago 1 reply      
I loved HyperCard.

As an Amiga user, I remember a good clone named CanDo. It was really interesting.

jacquesm 1 day ago 3 replies      
So, who will do a hypercard for the web? Or better still: a hypercard based alternative to the web?
samgranieri 1 day ago 2 replies      
I loved hypercard and wish it was still around. I learned how to code in that an in TI-Basic
smegel 1 day ago 0 replies      
They are some really nice web based emulators. It's almost certainly 100% nostalgia but there is a certain charm to these early Mac games...simple but somehow deeply detailed monochrome graphics...easy to use point and click interface...it's great to see them spring back to life in a web browser.
spiderjerusalem 19 hours ago 2 replies      
Any oldies here who can recount why exactly Hypercard was killed? Seems like such a wonderful piece of software.
watersb 1 day ago 2 replies      
I will dig up some old projects...

Does anyone know if XCMDs are supported?

Kristine1975 21 hours ago 0 replies      
Fun fact: The game Myst was created in HyperCard (at least the original Mac version was).
poisonarena 1 day ago 2 replies      
if you are a real sicko you can actually emulate it on basilisk and keep making stacks..
Principles of Sharding for Relational Databases citusdata.com
287 points by tikhon  2 days ago   47 comments top 5
AznHisoka 2 days ago 9 replies      
I find the "you don't want to shard" camp quite annoying. Of course, I don't want to shard! Who does?! It adds complexity, both implementation-wise and operational.

But if you got 5 TB of data, that needs to be in a SSD drive, then please tell me how I can get that into 1 single physical database.

ozgune 2 days ago 3 replies      
Hey everyone, it's Ozgun. When I first wrote this blog post, it was much longer. Based on initial feedback, I edited out parts of it to keep the post focused.

If you have any questions that aren't covered in the post, happy to answer them here!

dcosson 1 day ago 0 replies      
Interesting that sharding by customer for a sass business is the example of the best use of sharding. That can also go very wrong - what if you get a huge customer that's as big as everyone else combined? You're effectively maxed out at 2 shards.

Definitely depends on the workload, but often the "micro service" approach (whether or not it's a true micro service in its own runtime) of sharding just one type of data/small set of related tables that you can shard by a primary key or user id or something seems like the only reasonable option for sharding. If your data is becoming unwieldy there's often a bottleneck data set that's bigger than everything else so you don't necessarily have to share everything all at once.

megamindbrian 2 days ago 1 reply      
I laugh every time I read that word.
0xc001 2 days ago 0 replies      
She shard on a turtle!
Swift 5: start your engines swift.org
272 points by mpweiher  2 days ago   175 comments top 17
protomyth 2 days ago 5 replies      
One of the problems I find with Swift is that Apple doesn't go back and properly update their sample code at developer.apple.com. They have examples that will not build. If you search you can find folks that have patch sets, but they really need to fix the examples.
ssijak 2 days ago 11 replies      
And just today I was contemplating writing my first native iOS and macOS app... I was looking at the options and decided to go native with Swift. I have never written Objective-C app and never used x-code for dev. But I have ~10 years of dev experience, mostly Java and Python on the backend and front end dev exp mostly with Angular. Some Android, and a little from <input_random_tech_here> because I like to experiment.

So, my question is. How hard and enjoyable is for someone like me to write not very complex native iOS/macOS app in Swift starting from scratch? Best resource to start with?

ainar-g 2 days ago 7 replies      
Maybe someone will explain this to me. Does Swift use this confusing "rapid release" versioning? Does Swift 4 break backwards compatibility with Swift 3?

In my company people are looking for a language to rewrite some legacy Objective-C to. Swift is often discarded as "unstable" because of these major version bumps. Compare this to Go, which, seven or so years after the initial release is still 1.x and still doesn't break code.

I just don't get breaking the language so often. Do people enjoy rewriting code?

__sr__ 2 days ago 6 replies      
I wish more effort were being made to make it a first class citizen on non-Apple platforms. With the popularity it has enjoyed, it could easily challenge the likes of Go, Python or even Java for server side programming.
jswny 2 days ago 8 replies      
Can someone with Swift experience comment on the status of Swift on non-Apple platforms? Is it being used outside of the Apple ecosystem? How is the tooling, deployment, availability/support, etc.
tambourine_man 2 days ago 1 reply      
Since things at Tesla haven't worked out, I hope Lattner eventually returns to Apple.

Not that the Swift team is in a bad shape without him, it's just that it's nice to have an amazingly smart guy behind an open source language that many of us use (and that number that will probably only grow).

jorgemf 2 days ago 2 replies      
Swift developers, how is the evolution of the programming language now? does it still have backwards compatibility issues or things are more stable now (and will be with this new proposals)?
bsaul 2 days ago 5 replies      
About concurrency : does anyone know of a language that would let you tag portions of a codebase in some way, and declare something like "all those methods should execute in the same thread". Those declarations would then be checked by the compiler.

That would be a first step toward agent like concurrency, but it would be general enough to apply to other types of concurrency models.

Jack4E4B 2 days ago 1 reply      
Concurrency finally, it has taken forever. Is there any built-in support now? Server side Swift is lacking this big time.
apple4ever 12 hours ago 0 replies      
I'm sticking with Objective-C. A much better language than Swift, even at version 5.
real-hacker 1 day ago 0 replies      
The only complaint about swift programming is: they keep changing the programming interfaces, so if I import a third-party code file written with earlier versions of Swift, I have to go through the errors of 'obsolete APIs', updating the function signatures. The changes are automated by Xcode, but it is still a hassle.

I am totally OK with introducing new features of Swift language. But changing the API function signatures (even multiple times) seems totally unnecessary, and reflects the API designers' obsession of naming conventions.

geodel 1 day ago 0 replies      
> the Core Team felt that we could strike a balance with not diluting attention from ABI stability while still enabling a broader range of proposals compared to Swift 4 by requiring that all proposals have an implementation before they are officially reviewed by the Core Team.

Good. They are effectively saying 'Talk is cheap, show me the code'

martijn_himself 1 day ago 0 replies      
Tangential question- I'm in the UK and I am keen to become a iOS developer (I'm currently a senior .NET developer in a large firm). Are there enough opportunities remaining in iOS development as a contractor / creator of ('enterprise') apps to make a living? I would be very grateful if anyone could share any advice / personal experience.
the_common_man 2 days ago 0 replies      
seekler 1 day ago 0 replies      
Anyone else doing what swift will do: Inlines the standard library, but distributes it separately. Does not makes sense to me at all.
legulere 1 day ago 0 replies      
Fixing the ABI might be interesting for interoperation with other programming languages
RocketSyntax 2 days ago 0 replies      
I'd rather build hybrid apps. Fix your IDE.
       cached 12 August 2017 04:11:01 GMT