hacker news with inline top comments    .. more ..    26 Sep 2016 Ask
home   ask   best   9 months ago   
1
Ask HN: How do you pass on your work when you die?
21 points by PascLeRasc  10 hours ago   15 comments top 13
1
rabboRubble 7 hours ago 0 replies      
Everything depends on having a person that you can trust. Along with my will and estate plan, I have a technical handover plan ("THP"). The THP for is 2 pages long with the core accounts needed for recreating my technical life. Page 1 is a technical recovery document with instructions that assumes complete loss of all my hardware, for example in a fire. Page 2 lists 1Password vault password key, hardware inventory, cloud accounts, and offsite data back up. For each item, I list some combination of password, ID, license key, two factor recovery key, and where I get a two factor code from. These documents are on file in a trusted person's fire proof safe and with an attorney.

In addition to this documentation, for Gmail and Facebook, I have completed the "I'm dead, do this with my account" sections of my account profiles. Gmail, after 90 days of inactivity, my brother gets an email and gains access to the Gmail account.

2
mattbgates 1 hour ago 0 replies      
Kind of an interesting thing, but nothing is guaranteed. The only things that are probably guaranteed are the websites with boards, major social media networks, with CEOs who make sure that they get passed on. Apple is a pretty good example. I currently run a popular website, http://www.confessionsoftheprofessions.com and I have hundreds of companies and individuals that rely on me every year to publish their articles. The thought always crosses my mind to know what would they do if something would happen to me.. sure, the site would die and they would probably just find somewhere else to publish their new articles, but I would certainly love to know it would continue without me, but its a blog that I know how to run and I've not really taught anyone else how to "process" articles, so I suppose it will go with me. I have mentioned it to my fiancee and left her with the username and passwords, and even if she doesn't process any new articles, I would hope that she at least pays to keep the server and hosting going! At least Google and the Internet archive might do something with it.
3
p333347 5 hours ago 0 replies      
There are these two stackexchange qna threads [0] [1] that I had bookmarked a while back. I came across another one [2] that mentions something called "bus factor"[3], which I found quite amusing, though this question is about freelancing. I think there is enough material in all these combined and the links they point to to sufficiently address your concerns.

[0] http://programmers.stackexchange.com/questions/125656/softwa...

[1] http://workplace.stackexchange.com/questions/9128/how-can-i-...

[2] http://freelancing.stackexchange.com/questions/126/how-can-w...

[3] https://en.wikipedia.org/wiki/Bus_factor

4
Canada 3 hours ago 0 replies      
Do you have a will? Issues such as who will inherit copyright ownership of your work should be handled there.

As for passwords, keys and so on, you can put all that into a single archive. (eg. regularly export your password manager, put any private keys you want to pass on, instructions for how to use them, etc)

Encrypt the tarball/zip file with a symmetric key.

Then you can use Shamir's Secret Sharing Scheme to split up the key so that a certain threshold of key holders is required to access the data (eg. Any 2 of 4): http://point-at-infinity.org/ssss/

Distribute the parts of the key to your heirs.

Leave instructions in your will so your heirs can locate the encrypted file when the time comes.

5
danso 10 hours ago 0 replies      
Set up access control. I believe Google Cloud applications can be assigned to multiple users, in the same way that a Google Document can. Create a couple of superuser accounts. As long as one person is alive, someone has the proper access to change things if needed.
6
pseudozach 1 hour ago 0 replies      
google has a mechanism for such things in place it's called "account inactivity". Basically you setup a contact person to whom your account will be handed over after a certain time has passed and you haven't logged in.
7
kennu 4 hours ago 0 replies      
Isn't the real answer to this to start a company (or some other form of organization)? Then the accounts and other ownerships are no longer tied to a single individual but to a virtual entity that can be controlled by other individuals when needed.
8
ng-user 9 hours ago 0 replies      
One thing I've considered too as I begin to work with more and more developers on larger projects is the good ole 'Bus Factor [0]. In short, it's determining whether or not your project can be sustained should the major contributor or 'main brain' behind the project get hit by a bus. The entire objective is to reduce the number of places the project can fail, simply by having one member pass unexpectedly. Should you steer clear of avoiding a single point of failure? Absolutely. Is it always avoidable? Absolutely not.

[0] - https://en.wikipedia.org/wiki/Bus_factor

9
kawera 7 hours ago 0 replies      
A bit tangential but this may be part of the solution: https://www.deadmansswitch.net/
10
ChoHag 49 minutes ago 0 replies      
That's what children are for.
11
a3n 9 hours ago 0 replies      
I asked about this years ago, I think it was PairNic. They said file a legal document and send them a copy.

So, there's the technical route, whoever has the passwords wins.

But if it matters, and you don't want your technical heirs to be fighting each other, you should probably establish ownership and succession with a lawyer.

12
aaron695 6 hours ago 1 reply      
Don't.

Concentrate on living a healthier/safer life and keep it going longer.

13
Raed667 38 minutes ago 0 replies      
Why would you care? You'd be dead.
2
Ask HN: What are the best practises for using SSH keys?
287 points by TheCustardKing  1 day ago   101 comments top 25
1
dsl 1 day ago 3 replies      
From my experince as an attacker --

 - Is it better to use a different passphrase on each key, or does using the same one not matter much? - How much less secure is it to not use a passphrase on a key? - Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
None of these things really matter that much. Make sure you use full disk encryption and never stand up from your machine without locking it, and make sure you keep your local machine patched. If I get code execution on your machine, I am going to use whatever keys are loaded in your ssh-agent to pivot, hijack your existing open sessions, or modify your ssh client to dump the keys I need.

 - Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
Key length is a protection against the future, and against state level actors. Right now, key length doesn't matter much to me because I'm more focused on just stealing your keys from you regardless of length.

2
daurnimator 1 day ago 4 replies      
I consider best practice to be using a hardware token.

My favoured solution is to use a yubikey via gpg: with this method you use your gpg subkey as an ssh key.The yubikey 4 supports RSA 4096 bit keys, if you need NFC then the Yubikey Neo supports max RSA 2048 bit keys.

3
regularfry 22 hours ago 0 replies      
The first rule: never share a private keys between physical devices. Apart from reducing the opportunities for it to go walkies in transit, or accidentally get left on a USB stick, it allows you to revoke a single credential if you lose (control over) that device.

From that, we get:

 - you're not sharing passphrases between keys, you're sharing them between devices, and whether that's safe depends how likely it is that a compromised passphrase on one device can be transferred by an attacker to another. - Similarly, whether a blank passphrase is a good idea or not depends on what other measures are protecting access to that private key. - If a private key ever turns up on the wrong machine, you *know* the key and both source and destination machines have been compromised.

4
facetube 19 hours ago 0 replies      
If you have a lot of machines, SSH certificates are supported in OpenSSH 5.6+ and are awesome: https://www.digitalocean.com/community/tutorials/how-to-crea.... They allow for centralized management of authentication/authorization without having to touch each machine (beyond an initial trust relationship setup).
5
mlonkibjuyhv 18 hours ago 3 replies      
This is probably the wrong forum, but I have a question or two that I see as related.

I have setup a VPS, disabled passwords, and setup a key with a passphrase to gain access. At this point my greatest worry is losing this private key, as that means I can't access the server.

What is a reasonable way to backup my private key?

Encode it as something similar to a QR-code, print it, and store it in a hole in the wall? Copy it to an USB-stick and hide that somewhere safe?

Alternatively, I have access to more than one computer, so I could also authorize a couple of other keys to access the server. So I would transfer the public key to the authorized machine, and add them to the authorizedkeys from there?

How to deal with the possibility of death? Do I trust someone with my keys and passphrases?

6
zimbatm 1 day ago 5 replies      
If you use fail2ban make sure to pin the right key to the right host. Otherwise ssh will try all the keys and get you banned from your own host. The easiest way is to use the ~/.ssh/config:

 Host myhost IdentityFile ~/.ssh/myhost

7
mynameislegion 21 hours ago 0 replies      
The classical document about this:

http://lackof.org/taggart/hacking/ssh/

8
daenney 23 hours ago 0 replies      
> - How much less secure is it to not use a passphrase on a key?

This is a question of layers. If you don't have a passphrase on your key, what stops someone from gaining access to it? Just your account password? If they steal your device, is there some form of storage encryption involved?

> - Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

I have different keys for different purposes per client device. This is mostly because sometimes I need to login to places that are ancient enough I need to use a weaker key than I would like to use in other places or vice-versa, there's places I can only login with ed25519 keys.

Though having different keys per purpose isn't necessary it allows me to keep certain identities separate. I have a different one for GitHub for example, mainly because GitHub exposes my public key and therefor allows for clever tricks like tying the key to an established identity should I use that key to authenticate in other places.

I would also recommend configuring SSH so that it doesn't send over any/all keys by default. Take a look at the IdentitiesOnly option in ssh_config.

9
Normal_gaussian 1 day ago 1 reply      
- Is it better to use a different passphrase on each key, or does using the same one not matter much?

Yep in an ideal world, though I suspect in practice it doesn't matter much.

- How much less secure is it to not use a passphrase on a key?

You are relying completely on the security of your disk, against either physical or cyber. Use a passphrase, use an agent to manage it.

- Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

Per client device. This is the device that can be compromised and cause invalidation to be required, so this is the one which should be seperate. For convenience you can maintain all your devices public keys concatenated together and hand them out like that - comment each with hostname and date created for ease of identification.

- Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?

Up to a point. RSA in 8 bits is trivial. Go for a highish key length, different key types have different recommended lengths. Note some machines dont support higher lengths.

- How/Where should private keys be stored on a device using them?

In $home/.ssh

Permissions should be set for only you to read with no writing. Even better if your home drive is encrypted as it is only vulnerable whilst you are logged in.

- What are some of the pros and cons from a security standpoint, and how may doing different things affect the usability of a key?

If you hop machines a lot key per client can be problematic. In this case a portable secure drive is useful. Of course one leak can be fatal here.

Try not to fall back on passwords, they have nothing like the same security.

Most usability issues are caused by the people running the servers not reacting in a timely fashion to key updates.

10
mixmastamyk 8 hours ago 0 replies      
I upgraded to ed209 the other day as well.

Two questions came up, how many iterations to use via "-a ", and should I add the private key to my home folder repo in version control? I don't want to lose it in a disk crash, but don't want to give it to bithub either.

11
po1nter 1 day ago 1 reply      
> - Is it better to use a different passphrase on each key, or does using the same one not matter much?

It is better to use a different passphrase for each key but it is also less convenient unless you're using a password manager (personally, I'm using KeePass)

> - How much less secure is it to not use a passphrase on a key?

That depends on the security of the computer where the keys are. I remember a Firefox vulnerability where one site exploiting it was looking for ssh keys on the local file system. So I'd say that a passphrase is very important.

> - Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

Personally I'm using a key per account per host.

> - Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?

Yes up until 2048 where the returns of increasing the amount of bits will start diminishing.[1]

 [1]: https://www.gnupg.org/faq/gnupg-faq.html#no_default_of_rsa4096

12
asdfaoeu 1 day ago 1 reply      
Some general advice based on most requirements.

- Is it better to use a different passphrase on each key, or does using the same one not matter much?

If they are being used on different device then different passphrases makes sense otherwise no.

- How much less secure is it to not use a passphrase on a key?

10? Not sure you can really quantify an answer. I'd recommend a passphrase if you aren't already using disk encryption with that it's probably less of a concern however with agents there's not much issue with not having one.

- Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

Use a different key per client device but you don't need a different key for logging into different servers unless you care about people correlating those users.

- Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?

Use more than 2048bit for RSA/DSA beyond that it doesn't matter.

- How/Where should private keys be stored on a device using them?

~/.ssh on some local filesystem.

13
jijojv 15 hours ago 0 replies      
From a pragmatic end-user perspective.

1) Disable passwords and only allow keys even for root with PermitRootLogin without-password

2) public-key authentication has somewhat unexpected side effect of preventing MITM per this security consulting firm http://www.gremwell.com/ssh-mitm-public-key-authentication

14
zimbatm 1 day ago 1 reply      
> How much less secure is it to not use a passphrase on a key?

It's better to think about specific attack scenarios. If your keys get exfiltrated because of some local exploit (like a browser vulnerability, a malware download or physical access) then the attacker has access to your servers.

15
benkaiser 10 hours ago 0 replies      
Relevant xkcd: https://xkcd.com/538/
16
steventhedev 21 hours ago 0 replies      
It depends heavily on your threat model. Just about any key is an improvement over using passwords to authenticate. If you want protection from state-level actors, you need to be really careful and consistent.

Regarding key types:

- DSA keys (ssh-dss) suffer from several issues (fewer bits, bad RNGs in Debian, other issues), and modern versions of OpenSSH deprecate it.

- RSA is pretty standard, and generally speaking is fairly secure for key lengths >=2048. RSA-2048 is the default for ssh-keygen, and is compatible with just about everything.

- ECDSA is largely considered compromised because the constants NIST chose for the cryptosystem weren't well documented how they got them, and the assumption is that the NSA chose them to provide a "backdoor" (so it would provide the same security for a general attacker, but significantly easier for them). This was confirmed as being theoretically possible, and there is of course concern that the NSA could potentially leak those constants, instantly breaking the security of this cryptosystem.

- ED25519 is more or less the same as ECDSA, but was put together by DJB. The big advantage here is speed. EC crypto is much faster to sign, slightly slower to verify, and equivalent security can be achieved with fewer key bits.

- Notes for the future: both RSA and ED25519 become insecure against quantum computing (integer factorization and discrete log are both in BQP).

Generally, use RSA if you work with older servers that only support it, or ED25519 if you like shiny things. Otherwise it's a bit of a tossup.

Regarding using separate keys:

- I follow the philosophy that a private key should never leave the host it was generated on. If you aren't sharing keys between machines, you remove the risk that you'll accidentally share it publicly.

- Beyond that, I'd recommend at a minimum having separate work/personal keys. Keeping separate keys for each user/host you want to log into is a tad excessive, but can be useful for key revocation/rotation.

Regarding passphrases on keys:

- Yes. FDE is sometimes trivial to bypass, and you want to be protected in case someone sets your ~/.ssh folder to be synced to dropbox/samba/etc. You can use an agent to keep the decrypted keys in memory, but I'd avoid using agent forwarding.

Regarding bastion hosts:

- You didn't ask about this, but it is essential for a "best practice" setup.

- Bastion hosts are small VPS hosts that basically run sshd and have a static IP. You disallow any ssh traffic except from your bastion hosts to your servers.

- You'll want to have at least 2 bastion hosts with different hosting services, in case one isn't available.

- Run sshd on your bastion host on a port other than 22. Not for security, but for reducing log volume.

- Run fail2ban on your bastion host, even if you've disabled password authn. Again, not for security, but for reducing log volume.

- Set up fail2ban to alert when a new IP successfully logs in.

Other stuff:

- SSH can use certificates for authentication, and this can make the key distribution problem much easier to solve. I have a script that makes this easier.

- Push for everyone in your organization to use SSH keys, and only SSH keys.

- Defense in depth. All it takes is skipping one step and you expose yourself. Assume that something that was exposed has been compromised. An attacker only needs to succeed once.

tl;dr - the defaults are fine and password protect your keys.

17
gupi 20 hours ago 1 reply      
I would also recommend using two-factor authentication (see services like Duo or Twilio's Authy) along with password-protected keys.
18
Tharkun 22 hours ago 0 replies      
If you use multiple identities, and want to reduce the odds of accidentally using the wrong one, then having different passwords is a good idea.
19
jamiesonbecker 18 hours ago 0 replies      
> Is it better to use a different passphrase on each key, or does using the same one not matter much?

Using a passphrase is highly recommended except for server-to-server accounts, which should be locked down (and specify the specific command that server can execute in the authorized_keys file - Userify[1] supports this).

You should definitely use a different passphrase for keys stored on separate computers, and it's not a bad idea to use a different passphrase for separate keys stored on the same computer, especially if they have different servers they can access. However, practically speaking, if your computer was compromised (ie keylogger etc) then it's game over anyway.

> Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?

Yes, it does make a difference, depending on what you mean by "real-world". Anyone less than a state-level actor will probably be unable to cost-effectively attack even a 1024 bit key, but that won't be true for long. We suggest 2048 bit keys if you are using RSA, with 4096 if you prefer extra security and don't mind slight latency during a connection, or ED25519 for keys on systems that support it. Generally the defaults are pretty good. We have a HOWTO for different OS's here: https://userify.com/docs/generating-ssh-keys-on-ec2/

> How much less secure is it to not use a passphrase on a key?

From the server's perspective, it's EXACTLY the same, but from the client (your laptop's) side, it's completely different. While it's possible that your laptop could still contain your decrypted key in its key manager's RAM or suspended state (ie unencrypted swap file etc), the use of a passphrase even on (actually, ESPECIALLY on) a non-full-disk encrypted system will raise the level of effort to access your key to near-impossibility levels, especially from non-state actors, whereas a key that has NO passphrase is a piece of cake. Use a passphrase EVEN WITH full disk encryption (for example, the evil maid attack)

> Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

If you're using a different key and storing them on different computers, you should probably use a different passphrase on each key. The passphrase (or even if one exists) is not visible to remote servers (or Userify[1] - we provide a free-text field that becomes your authorized_keys on remote servers.)

You don't need to use a different key per user account, although you can. You also should not use a different key per server.. that will turn into a management nightmare. It's perfectly ok to use one key everywhere, but you should probably use a different key on your laptop and desktop, or if the keys have different levels of access (Userify[1] can automate that for you too).

> How/Where should private keys be stored on a device using them?

Ideally on a device using full-disk encryption, including swap and laptop suspend space, to prevent access to a decrypted key in RAM (you are using a passphrase, right?). However, FDE does not protect you from other compromises on your system (i.e., another user that gains escalation to root and installs a key logger), and does not protect against a compromise of your BIOS (i.e., Intel UEFI) or boot process (evil maid attack again).

> What are some of the pros and cons from a security standpoint, and how may doing different things affect the usability of a key?

Keys are safer than certificates because there are less moving parts and no outside requirements for your internal CA or dependency on a CA that might go down. Keys can be a management nightmare at scale, but there is software to manage them (ie Userify[1], ManageEngine[2], BeyondTrust[3], ssh universal key manager[4], keybox[5] (free/open source), etc). If you are doing a small project with few team members, you can also do management with Chef, Puppet, etc, or just by hand.

In terms of usability, a real key solution that manages keys across entire groups of servers with a few clicks can be really helpful... you can do all of the regular SSH things like tunneling (replace stun/sslwrap, etc), proxying all of your other traffic (SOCKS5), keep SSH connection alive (autossh etc), smart ban based on failed attempts (fail2ban, deny hosts), forward encrypted X11 or VNC connections, forward SSH itself (tunnel SSH within itself), and so much more.

We're going to start blogging about all the awesome things you can do with SSH soon, since it's really an amazing and deep protocol.

1. Userify https://userify.com Free cloud and on-premises versions available; full disclosure: I work there

2. ManageEngine: https://www.manageengine.com/

3. BeyondTrust: https://www.beyondtrust.com/

4. SSH Universal Key Manager: http://www.ssh.com/ (no TLS?)

5. Keybox http://sshkeybox.com/

20
xaduha 23 hours ago 1 reply      
https://github.com/philipWendland/IsoApplet + some blank java cards + card reader. Something about Yubico rubs me the wrong way.
21
anonymousDan 1 day ago 1 reply      
What about for the host key of the server (assuming ssh2)?
22
sztwiorok 23 hours ago 0 replies      
Most important is - keep it safe

Passphrase is strongly advised

23
yellowapple 11 hours ago 0 replies      

 Is it better to use a different passphrase on each key, or does using the same one not matter much?
If the keys are for the same thing (i.e. your personal `id_rsa` and `id_ed25519`), then I'd personally be comfortable with the same passphrase. Different passphrases should be used for different purposes (e.g. you shouldn't use your personal passphrase on work-specific keys).

 How much less secure is it to not use a passphrase on a key?
Depends on the situation. I personally err on the side of caution and use a passphrase on all keys unless it's not physically possible.

If you expect to be moving your SSH keys across machines (e.g. to use your same personal key on both your laptop and your desktop), then they should absolutely be passphrase-protected, even if they're only transferred via encrypted media.

 Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
There's not really a right or wrong answer to this besides "don't reuse the same key everywhere". I personally maintain one key (really two: one RSA, one ED25519) for all of my personal devices, and maintain a strict policy of full-disk encryption on such devices. I've occasionally maintained separate work keys so that I'm not ever in a position where I need to make my personal keys available to an employer.

Meanwhile, for situations where a server needs to connect to another machine via SSH, each such server gets its own key. That way, if a server is compromised or decommissioned, I can revoke access by key.

 Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
It makes a significant difference. More bits exponentially more attempts required to brute-force it.

 How/Where should private keys be stored on a device using them?
Depends on the device.

A reasonable balance between security and practicality is for any portable media (including portable devices, like laptops/tablets/phones) to be encrypted (in addition to the key itself being passphrase-protected). Better security would be to extend this to non-portable media and machines as well (but this is painful to enforce on servers unless you have physical access).

The directory in which keys are stored should only be accessible to the OS user actually using those keys (so, for example, `~/.ssh` should have permissions `drwx------` when viewing with `ls -la`).

Basically, server SSH keys should be treated like you'd treat your SSL/TLS keys.

 What are some of the pros and cons from a security standpoint
...of?

 and how may doing different things affect the usability of a key?
Pretty much everything involves security v. convenience tradeoffs. Generally, the more secure, the less convenient, and vice versa. While absolute security is ideal, a lack of convenience makes it more difficult to effectively enforce (e.g. as part of a company-wide security policy) unless you're willing to put in the work to build up an effective workflow around it.

24
sztwiorok 1 day ago 1 reply      
I agree with following comment.i was wrong. Thanks asdfaoeu for it.
25
gregorygraf 23 hours ago 0 replies      
i can recommend this link:

Upgrade your SSH keys!https://blog.g3rt.nl/upgrade-your-ssh-keys.html?_utm_source=...

3
Ask HN: What is that one deciding factor that makes a website successful?
26 points by ziggystardust  16 hours ago   23 comments top 20
1
afarrell 14 hours ago 1 reply      
This is like asking "what is that one deciding factor that makes a small business successful?"

It is too broad and so there is no one deciding factor. You don't even have a clear definition of success. Is http://lawcomic.net/ successful? It has a loyal following, but it doesn't update that much, or earn much money for its creator.

2
id122015 15 hours ago 0 replies      
Niche is one of the main one.Most people have limited time and limited memory and wont use more than a dozen sites every day. Even though I use to bookmark thousands of websites, when Im bored I dont find it easy to remember more than 5 sites that I'm interested in.
3
unimpressive 16 hours ago 0 replies      
From what I've observed of my own behavior, the way to get me to consistently check back on a blog is to let me know the blog exists, be in my general category of interest, and then consistently update with impressively good content.

I first got hooked on slatestarcodex (http://slatestarcodex.com/) when the author hit a five post homerun streak and he was just too good to not check in with.

When I'm evaluating whether to follow a tumblr I can see the process unfold in real time, where I scroll down and finally think to follow after I see several really good posts at once. The moment I stopped and saw myself doing that I realized if I ever wanted to get followers on tumblr my blog would probably need to have the same kind of five-post punch to get people interested.

So.

1. Update often.

2. Make it easy to find your new stuff, or display your archive proudly and live off the interest.

3. Keep a high quality bar. It might even be useful to take your absolute best and put it in one place so you can show people your better side.

4. Market aggressively or be prepared to wait a while.

4
armini 12 hours ago 0 replies      
Like everything else, I look at nature for guidance. In this case the Epidemiologic Triad (https://onlinecourses.science.psu.edu/stat507/node/25).

My understanding (feel free to correct me if I'm wrong) of it in the context of good websites is

Host: You need a great host/site, something stable & something people want to use

Agent: I consider agents as internal factors like technical, sales & marketing, They help you grow & the ensure stability.

Environment: Environment is pretty much your jurisdiction, you need to make sure that your solution is legal & your environment is supporting of you growing. Another fascinating theory to study around that is the Overton window (https://en.wikipedia.org/wiki/Overton_window).

Vector: A vector, an organism which transmits infection by conveying the pathogen from one host to another, with the most powerful agent been word of mouth.

I guess if you have these 4 components structure well, then you have a pretty good chance of having a successful website according to the Epidemiologic Triad.

Now if you're question is more around business models, then heres also another good resource to look into by HBR(https://hbr.org/2016/10/the-transformative-business-model)

5
emilyfm 13 hours ago 1 reply      
The one factor: meet a need.

If you're selling something, make it something that people want at the right price and make it easy for them to buy.

If you're selling advertising (you're a decade late on that one...), give people a reason to come back to the site - make the site sticky or have network effects.

Scaling comes later (assuming your initial design isn't a complete resource hog). It literally follows the money.

6
WheelsAtLarge 16 hours ago 0 replies      
Very generally speaking, fill people's needs.. Look at maslow's hierarchy of needs, https://en.wikipedia.org/wiki/Maslow%27s_hierarchy_of_needs.

You'll get some ideas.

More to the point, making sure people know about it and the site is easy to use. Beautiful design is nice but if it gets in the way people will admire it once, twice... and finally give up. Don't let content get stale.

7
prawn 14 hours ago 0 replies      
I would've thought that scaling was a fair way down the list. Don't scale prematurely is one mantra commonly mentioned.

It's also question that needs to be better defined. What sort of site? What definition of success?

For many sites, the biggest pieces are having something that people want or need, then consistently providing it. Of that pairing, having something people want is the absolute core.

8
threesixandnine 3 hours ago 0 replies      
The deciding factor that makes a website successful is offering info or tools that people look for and need.
9
z3t4 14 hours ago 0 replies      
Content is king, don't worry about design or scalability. Just look at HN <grin>
10
adamqureshi 9 hours ago 0 replies      
What is the one deciding factor that makes a business successful? Swap out website for business. Revenue. If your business makes money therefore it's successful. Swap out users if your website / business earns ad rev.
11
timehastoldme 10 hours ago 0 replies      
The site owners not expecting there to be one deciding factor that would make it successful.
12
hasanzuav 8 hours ago 0 replies      
Kind of the YCombinator mantra: "make something people want". Talk to potential/existing users often and use that information to be laser focused on product building.
13
xapata 13 hours ago 0 replies      
That's like asking what the one deciding factor for cancer is.
14
lgas 14 hours ago 0 replies      
Having a good mix of other factors.
15
erikpukinskis 9 hours ago 0 replies      
Does what it says.
16
atultherajput 13 hours ago 0 replies      
Its all about marketing strategy.
17
Mz 15 hours ago 0 replies      
I think you need to specify here what you mean by success. It sounds to me like you mean something like "made someone rich," which is a far cry from what I was thinking when I came here intending to try to articulate something only to realize it is almost certainly wholly unrelated to what you are talking about.
18
estefan 13 hours ago 0 replies      
Satisfying a need.
19
Gustomaximus 12 hours ago 0 replies      
Profit.
20
gcatalfamo 14 hours ago 0 replies      
Speed.
4
Ask HN: Learn while doing, or do and learn?
4 points by nullundefined  5 hours ago   1 comment top
1
weitzj 4 hours ago 0 replies      
I start off skimming through a book/tutorials/how-to vetting if my idea of using XYZ holds and I ( hopefully) will not run into corner stones.

Then I would do "doing and learning" along the way.

This approach works for me, but sometimes I get a feeling of missing out something.

So I got me this new Haskell book: http://haskellbook.com for further enlightenment and want to first work through the book before applying it to project XYZ.

SoI guess to get work done I rely on the "doing and learning" approach. To challenge my brain/learn a new way of thinking, I rely on reading the books without skimming.

5
Ask HN: Someone uses stock trading as passive income?
7 points by 00taffe  14 hours ago   5 comments top 3
1
baccredited 39 minutes ago 0 replies      
Half a question, so I'll provide half an answer. $93,917 for 2015. But it ain't "trading" it is "holding".

https://news.ycombinator.com/item?id=10880869

2
larrykubin 13 hours ago 1 reply      
I get passive income from stock dividends. Most people who trade for a living spend a lot of time looking at charts (if into technical analysis) or doing research (if investing based on fundamentals). I wouldn't call stock trading passive unless you have a fully automated system. I've seen plenty of people lose more money doing this through paying transaction fees and regular income tax over and over again, rather than just holding the S&P 500 for a couple decades.
3
pesfandiar 13 hours ago 1 reply      
What do you mean by trading? The index funds that I blindly buy every month give me almost absolutely passive income in the form of dividends and some capital gain. I wouldn't call anything more involved passive.
6
Ask HN: What TLD do you use for local development?
38 points by Sevrene  9 hours ago   51 comments top 23
1
guessmyname 8 hours ago 4 replies      
I use ".test" to respect RFC-6761 [1] which reserves four TLDs: .example, .invalid, .localhost, and .test; as many of us already know ".dev" is owned by Google [2] and both ".local" [3] and ".app" [4] are reserved for the root zone so it doesn't makes any sense to use any of them for local development. So I use ".test" for my personal projects and ".[company]" for projects related with my job.

[1] https://tools.ietf.org/html/rfc6761

[2] https://icannwiki.com/.dev

[3] https://tools.ietf.org/html/rfc6762

[4] https://icannwiki.com/.app

2
ryanlm 8 hours ago 1 reply      
I use a subdomain of a domain I own, such as internal.example.com

I can then run a BIND instance with internal.example.com as a root, then map all my services to their own domain if need be.

This is a little overkill for a one man shop, but it's a nice little home development setup.

The one thing you need to configure, if you want it to work out of the box is that your DHCP server needs to send back the IP address of your local BIND service for DNS, else it won't work right and you'll need to manually configure it every time.

An example of where this worked well for me was when I was using one nginx instance to run snapshots of all my clients websites. With nginx, you can set up "virtual hosts" which map a hostname to a configuration block. You could also just edit your /etc/hosts file to accomplish the same thing I guess.

3
nstart 46 minutes ago 0 replies      
I use a subdomain and run it in the form of dev.<myactualdomain>.com . I add a record to my /etc/hosts file to redirect it to 127.0.0.1. This also means for https stuff I have a valid certificate to use as well. One more note. I almost never run anything on any port other than port 80/443. Any application I work on generally has nginx sitting in front of it with a simple proxy_pass rule.
4
tdy721 6 hours ago 1 reply      
I use .dev of course! I realize that .test is the sensible choice, but there's some odd WordPress/Serialization benefit to keeping the TLD length the same.

Google bought it up, and I've never seen it in the wild, so it works well for me.

5
giancarlostoro 7 hours ago 0 replies      
I edit my host file and use .dev for specific domains, if you configure a web server to said domains it'll route you to the right folder as well (edit: Virtual Host). Though I typically use Vagrant or VirtualBox to test my environments off a 'remote' server.
6
dmlittle 6 hours ago 2 replies      
You can modify your /etc/hosts to point to localhost and that does the trick without having to go through a TLD or care if the domain is taken.

Contents of /etc/hosts:

127.0.0.1 domain.com

127.0.0.1 subdomain1.domain.com

127.0.0.1 subdomain2.domain.com

7
bigiain 8 hours ago 1 reply      
I remember a tile back in early the 2000s when we had a quite nice setup of local dns servers that had internal only zonefiles that resolved names like service.company.local to the internal/dev versions of service.company.com.

Worked quite nicely until the Mac users upgraded to a version of OS X which included Bonjour...

There days Mac OS X does a pretty nice job here all on it's own - this machine I'm typing on here happily answers as Iain.local to the internal network... (For some not-worth-my-time-to-debug reason, our Netgear NAS is a whole lot less reliable with it's Bonjour/zeroconf .local name...)

8
laurencei 7 hours ago 1 reply      
I personally use ".vm"

I run a vagrant box on my Windows machine - so ".vm" describes what I do very well.

And unless a new country is formed, there will never be new 2 letter TLDs.

9
SimeVidas 7 hours ago 4 replies      
Are there any issues with just using something like `localhost:3000`?
10
voycey 5 hours ago 0 replies      
I still use .dev for the majority of sites, I'm pretty pissed that Google was allowed to appropriate it! It has so far bitten me on the ass once when a CDN was involved (the CDN resolved it to Googles servers so the failure wasn't detected - causing numerous invisible problems).

I think I will probably go along the route of assigning a domain to my local network

11
healthnutter 5 hours ago 1 reply      
One trick is to use non-routable (e.g. 192.168.0.0/16) IP addresses with DNS records for subdomains of your company's domain name, e.g. devserver123.mycompany.com routes to 192.168.100.123
12
claydiffrient 6 hours ago 0 replies      
I use .docker because I use dinghy for all my development (https://github.com/codekitchen/dinghy#dns)
13
fiddlerwoaroof 9 hours ago 1 reply      
I just use a subdomain of a domain I own
14
kalleboo 5 hours ago 0 replies      
local.<domain of site i'm working on> set in my hosts file

Or just "localhost" if it's a personal project with no domain

15
na85 8 hours ago 0 replies      
I use .lan
16
reustle 3 hours ago 0 replies      
I use dev.projectname.com
17
chrisabrams 6 hours ago 0 replies      
.bingo has been great.
18
beilabs 6 hours ago 0 replies      
I use whatever domain I like + .lvh.me -> 127.0.0.1
19
bdcravens 6 hours ago 1 reply      
lvh.me for non-public addresses where I want to test subdomains

ngrok.io when it needs to be public

(yeah, I know those aren't TLDs, but I rarely use any when developing TBH)

20
smt88 7 hours ago 2 replies      
It doesn't matter. Use anything fake/non-public.
21
avitzurel 8 hours ago 0 replies      
local.<mydomain> set it in my hosts file.
22
crisopolis 6 hours ago 0 replies      
lvh.me
23
jay_kyburz 7 hours ago 1 reply      
192.168.1.2 FTW!
7
Ask HN: What's the best way to learn about the blockchain?
250 points by m52go  1 day ago   66 comments top 35
1
lhnz 1 day ago 5 replies      
Building the minimum viable block chain: https://www.igvita.com/2014/05/05/minimum-viable-block-chain...

That's where I would start.

2
shp0ngle 1 day ago 4 replies      
Everything in Bitcoinlandia is fairly superficial, since everyone is trying to sell Bitcoin and make himself rich. So it's like reading multi-level-marketing books.

That being said. What's actually kind of good (with actual technical specifications) is Bitcoin wiki, even when it's slightly outdated; then official bitcoin website; and sometimes bitcoin stack exchange website (but that can become outdated too).

I don't think Blockchain can be disconnected from Bitcoin, and if you do, it's very general and not that specific.

3
justinpobrien 1 day ago 1 reply      
Highly recommend the Princeton book and Coursera course as a starting point.

And if you want a compiled list of resources for learning:https://drive.google.com/file/d/0B6CKmAqa1_nzRGVicnlHY1BaaUk...

4
daveguy 1 day ago 2 replies      
I assume you have read the the original Nakamoto paper on bitcoin. I will put it here for reference purposes. It is a seminal paper on blockchain and fairly accessible.

https://bitcoin.org/bitcoin.pdf

5
zmanian 1 day ago 1 reply      
I highly recommend the Princeton book and associated video lectures as a place to get started. It does a great job of framing things in the context of the wider fields of cryptography and distribute systems research.

http://bitcoinbook.cs.princeton.edu/

6
daniel-cussen 1 day ago 1 reply      
My understanding of how the blockchain works:

Someone tells a joke based on a prompt. This would be your Genesis block. Then everyone else competes to tell the funniest joke based on only that and the new prompts from the audience.

Repeat until you have an ongoing, hilarious comedy routine that cannot be edited after the fact without being found out because that would ruin the whole routine. It just wouldn't be as funny.

7
fode 1 day ago 0 replies      
This has been a great resource for me, especially Andreas's video at the end:

Inserting metadata into the blockchain.https://medium.com/@bkawk/inserting-metadata-into-the-blockc...

Andreas M. Antonopoulos: "Consensus Algorithms, Blockchain Technology and Bitcoin" [UCL]https://www.youtube.com/watch?v=sE7998qfjgk

8
wslh 1 day ago 0 replies      
I think a good unorthodox start is skimming/looking at Q&A sorted by votes on [1] and [2]. A good book but oriented towards bitcoin is [3]. My company also made an spreadsheet comparing different blockchain approaches [4] to have a high level understanding (e.g. blocks speed, security vulnerabilities)

I work in the field and the most difficult thing is to separate the noise from the signal. On talks with financial institutions and the government, they say they want to use the blockchain but when you ask about how many nodes they are planning to run they came up with one, or doesn't understand the question. Also, there are a lot of use cases that are not realistic because they depend on oracles or there is no way to enforce the smart contract in the real world.

[1] http://bitcoin.stackexchange.com/questions?sort=votes

[2] http://ethereum.stackexchange.com/questions?sort=votes

[3] https://www.amazon.com/Mastering-Bitcoin-Unlocking-Digital-C...

[4] https://docs.google.com/spreadsheets/d/1DQ770nGnHfJOoRSqTLmI...

9
fitzwatermellow 1 day ago 0 replies      
Stanford CS 251: Cryptocurrencies, blockchains, and smart contracts

https://crypto.stanford.edu/cs251/syllabus.html

10
gregoryrueda 1 day ago 0 replies      
21 has some fun tutorials.https://21.co/learn/

The intro to bitcoin concepts is great place to learn about blockchain.

https://21.co/learn/introduction-to-bitcoin-concepts/#introd...

11
umutisik 1 day ago 1 reply      
Probably too basic for original poster but this post by Michael Nielsen helped me with the basics of the bitcoin protocol. http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-a...
12
elorant 1 day ago 1 reply      
I would suggest the book Mastering Bitcoin from OReilly. I dont have extensive experience on the issue but what really worked for me is that the book provides code examples (in Python and C++) that help get a better grasp of the technology.
13
jloughry 1 day ago 0 replies      
Set up a full node at home and run it for a while. Turn on logging and watch the messages there.

You'll need (at present) about 80 GB of disk space to hold the blockchain. The full node client will download it for you or you can torrent a recent snapshot of the blockchain and then synchronise from there (quicker).

The software you can obtain from here:

https://bitcoin.org/en/full-node

Or you can use git to pull the source code from GitHub and compile it yourself. I've done both, and found the developers on GitHub friendly and responsive to pull requests, even helpful to a newbie submitting a first pull request.

Beware that running a full node will try to eat all your upstream bandwidth. It takes a few days for the Bitcoin network to notice the existence of your new full node, but the number of connections will grow (others asking you for pieces of the blockchain, as well as transaction verifications). You can learn a lot about the Bitcoin ecology this way.

14
aerovistae 1 day ago 1 reply      
This book is insidiously useful. I went from not getting it at all to getting it more or less completely. Includes code interacting with the blockchain in a wide variety of ways.

http://chimera.labs.oreilly.com/books/1234000001802

15
blockchain 1 day ago 0 replies      
Read the original Bitcoin paper, it should take no more than two hours even if you're not technical; http://genius.com/Satoshi-nakamoto-bitcoin-a-peer-to-peer-el..., once you understand what a blockchain does you'll probably want to know more about smart contracts http://about.smartcontract.com/#defining-a-smart-contract, since their decentralized data/transaction storage capabilities enable the decentralized computation which has the capacity to replace 90%+ of computable contracts (http://www3.weforum.org/docs/WEF_GAC15_Technological_Tipping...) which are currently in silos, much like what we had with various data before the internet
16
anatoly 1 day ago 0 replies      
I liked this for a technical introduction:http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-a...
17
scott_ci 1 day ago 1 reply      
I've found that getting a wallet and sending some Bitcoin is a great first step. This course introduces Bitcoin and also surveys an array of other decentralized, blockchain projects: https://www.pluralsight.com/courses/bitcoin-decentralized-te... (caveats: self-promotion, pay-walled, but the free trial allows you to watch 95% of it).

Bear in mind that the word "blockchain" is an evolving word; almost every definition I've read differs. Some see it as barely different than a distributed database that doesn't allow deletions. Many others see it as paradigm shifting.

18
Razengan 1 day ago 2 replies      
Newb question: Why do people refer to it (these?) as "the" blockchain?
19
bitcointutoring 1 day ago 1 reply      
Hi m52go,

I have a blockchain/bitcoin tutoring service at www.blockchaintutoring.com. I did a Show HN but didn't get a single comment :(

I'm a programmer myself, but my target market is not the typical HN user. I'm looking to teach more business types and people in the law profession, for example. I'm preparing a small course plan to help people get from 0 to knowledgeable. The course will certainly be a bit technical, but I would not cover for example the pros and cons of the blocksize debate unless someone asks for that information.

I invite you to contact me, either through my website's contact form or the email address there provided. We can chat, and then if you ever choose to use the service, it's going to be at a discount for HN users. Your questions will definitely help me tailor my offering.

20
jeffrestore 1 day ago 0 replies      
Capability-based Financial Instruments:http://www.erights.org/elib/capability/ode/index.html

Although this paper does not directly address the blockchain, I believe it and the thesis below are at the root of the concept. (If you want to go down the rabbit hole, check out the references page of the above paper). Fair warning, the above paper is from 1999/2000 so obviously much has changed, but still worth reading.

Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control by Mark Samuel Miller:

http://www.erights.org/talks/thesis/

21
udayj 1 day ago 0 replies      
Annotated Bitcoin paper (which also talks about Blockchain) - http://genius.com/2683791Digital Currency MOOC http://digitalcurrency.unic.ac.cy/free-introductory-mooc/
22
izqui 1 day ago 0 replies      
If you are interested in the technical implementation of it, I did a very basic version of a Blockchain in Go a while ago.

https://github.com/izqui/blockchain

23
hendzen 1 day ago 0 replies      
Honestly your best bet is to read everything Gregory Maxwell has ever written.
25
benev 1 day ago 0 replies      
I wrote a piece for Linux Voice on how bitcoin works a couple of years ago. It's obviously focused on this particular blockchain, not the principal in general and it's a couple of years old now. I tried to give a good overview for techincal people : https://www.linuxvoice.com/bitcoin/
26
ftlio 1 day ago 0 replies      
http://www.righto.com/2014/02/bitcoins-hard-way-using-raw-bi...

^ Following along with this helped me a lot. Bitcoin is a rather large onion, but, as others are saying, implementing parts of it is the only way to go.

27
brudgers 1 day ago 0 replies      
I found the various interviews on Software Engineering Daily informative. There's probably more than revealed by a naive search, but it's a start:

http://softwareengineeringdaily.com/?s=blockchain

28
adamqureshi 1 day ago 0 replies      
I was working on this service. Teaching blockchain bootcamp courses online. I found a few instructors. Just need go figure out the MVP. Are you in NYC? Check the landing pagehttp://studioblockchain.com/
29
kapauldo 16 hours ago 0 replies      
Read the Greek guys open source book.
30
Everhusk 1 day ago 0 replies      
If you enjoy more of a hands on approach, try getting a miner setup for some new coin. You'll learn a ton in the process.
31
kobeya 1 day ago 0 replies      
32
ttam 1 day ago 0 replies      
as others have mentioned, the princeton course videos + _homework exercises_ are a great entry point. also read satoshi's paper and then other resources
34
Nano2rad 1 day ago 0 replies      
Learn elliptic curves.
35
brighton36 1 day ago 1 reply      
Blockchains are just databases rebranded to be something interesting when cryptography is applied. There's no magic to keeping transactions in 'folders'. Database journaling, and message signing has been performed since the 80's (or older)
8
Ask HN: What do you wish someone would build?
173 points by prmph  2 days ago   482 comments top 97
1
tajen 2 days ago 12 replies      
A paid Linux.

To get stunning UX design, upstream bugfixing and excellent marketing.

Let me explain myself. I love the levels of ergonomy and polish of Mac OS X. But it's closed-source software. If I use (and pay) Ubuntu, then great patches are sent upstream, which I can use in Debian on my servers and Arduinos. It becomes useful to everyone. With Mac OS X, we're not advancing the world. But when I used Ubuntu for work, I was impaired compared to my colleagues. Blame it on a lack of seniority, but a steep learning curve for my OS is the last thing I want at work. So no Ubuntu, no elementary.io, nothing that has rough edges.

What allows Apple to hire UX designers and do bugfixing is the revenue. Which in turns gets them a good marketing team, which persuades the world of adopting their software. Linux misses advocates towards B2B, B2C and B2Gov. If we want adoption, we need a stable income, to improve UX patterns, bugfixing and marketing.

The FSF says it's ok to sell open-source software, but you just can't prevent people from redistributing. So it's possible to design a system that requires a yearly fee to access the upgrade repositories. Of course hackers will find ways around, publish a torrent, or choose not to upgrade. But the majority of people want a system that "just works" and have money to put down for this service. Businesses, programmer shops, owners of Teslas and iMacs don't want to download their OS from an unsecure source: They want the top-of-the-art, official, upgraded releases.

My own threshold is 200 per year for my work computer. We pay that much of IntelliJ. The OS is the most important service in our stack, it deserves paid workers. My parents' threshold would probably be 50/yr.

I think OSS volunteers will feel cheated at first sight, but the software should really push changes upstream and show the value in having a much bigger Linux community.

NB: For those curious, this comment has 18 points so far (10:43 GMT).

2
zevv 2 days ago 12 replies      
A slim, networked, pocked sized computer with a physical keyboard, running android or Linux.

These used to exist - albeit disguised as phones - but the marketing department decided we don't need no friggin keyboards, and remove everything but the touchscreen and call it a tablet. The result is a consume-only device, on which it is all but impossible to input large amounts of text.

Nokia N900, Motorola Droid 3/4, HTC Desire-Z. These were the last of their species.

3
lunaru 2 days ago 2 replies      
I hypothesize that the list of ideas that will be posted here will make for great examples of what not to build if you're considering commercial value. Developers and the HN crowd make for a very small market and are very hard to monetize.

In that vein, I wish someone would build a list of things that regular, everyday folks actually would want and use. The middle manager working at BigCorp; the teenager; the stay-at-home mom; the retired; people who actually want to spend money to solve their problems.

4
sssilver 2 days ago 11 replies      
A single IM platform through which everyone can talk to everyone regardless of their IM service, and I mean I wanna be able to send a message to someone's iMessage from my Battle.net account, and then receive someone's Facebook message on my Slack or something. Obviously IDK how this would be possible, but IM is now broken beyond repair by companies that tried to "fix" it. The list of IM apps on my iPhone keeps growing, I got Slack, Hangouts, Telegram, FB Messenger, iOS Messages, HipChat, and Skype, and whenever I need to search for a message I never know which one to look in, and whenever I need to message someone I never know which channel is the best to use, and it's just a freaking mess. I hate state of IM in 2016, and I hate the parties that were involved in getting it to where it is now.
5
neilsharma 2 days ago 7 replies      
1) More high quality news analysis content. Think NASA Earth Observatory, The Information, or the best articles you've ever read, and put them behind a paywall. Consistently making top notch content is hard, but I suspect it can be easier if writers are paid good wages to explore their interests and the news industry decouples itself from advertising. I'd pay for it, and I suspect that over time, enough people would.

2) A personalized learning resource. None of this AI adaptive learning nor passive MOOC lecture watching. Get people who know what I want to know (usually job-related skills) and have them sit down and teach me things 2-3x a month. I want structured, supportive, long-lasting mentorship from people who genuinely want to see me grow.

3) A doctor that proactively cares about my health. I hurt my shoulder, but aside from a 30 min physical therapy appointment once every other month, I'm on my own. My posture sucks despite having a split keyboard, standing desk, and doing exercises to fix weak muscles. I need someone to make me diligent about my own well being, day after day. I want workout buddies. I want someone who will pick up yoga just so I'd have someone to do it with. I can get more health benefits from a concerned friend than a licensed medical professional.

4) Life training. Working in tech makes me feel detached from humanity. I want to be a more loving person (I am one, but the culture distorts things and makes me think about my skills/career/startups/work/money too much and life too little). I want someone to help me take 8 weeks off a year to spend time with family and go on vacations. I want someone to help me be a better parent when I have kids (my parents aren't great role models). I want someone to remind me to appreciate all the things I have in my life.

What products I use, how I store my data, etc are just sweating the small stuff. Health, education, happiness, sense of community, etc -- fix my big, recurring problems that truly matter to me as a human. Go above and beyond to do so and pay way more attention to detail than most software products do today. Relentlessly follow up on everything. Keep it human and personal.

These are probably not the answers you wanted to hear, but these are needs that grow bigger and are usually unaddressed over time.

6
elihu 2 days ago 4 replies      
An operating system with an interface that's a substantial improvement over POSIX. I'd like to see statically typed files and pipes, and a built-in file conversion solver so that if I have, say, a postscript file and I want it in pdf format, I can just tell the OS to use any conversion utility with a matching type signature and I don't have to remember what it's called.

I'd like a process/thread to be able to have multiple current-working-directories at the same time, so that a library can change the directory without effecting the rest of the program.

Similarly, I'd like processes to be able to operate on behalf of multiple users at the same time.

I'd like stricter security policies that deny network access, file system access, etc.. unless they've been explicitly turned on (like Android or IOS).

I'd like transactional semantics for filesystem updates. No process should be able to see changes made by another process until that process does a "commit".

I'd like to have a general command-line undo. I'd like to be able to do "rm -rf /*" and then undo the operation and have everything be restored.

I'd like to have something like proc files, but for user space applications.

My full wish list is quite a bit longer, but that's good enough for now.

7
GFischer 2 days ago 4 replies      
Sports (and events) Netflix/live streaming. That would kill cable for sure.

A curated "channel-like" experience for Netflix/YouTube shows. There's a LOT of good content out there, but it's hard to filter. And the "channel" experience of surfing and switching between programs has been kind of lost.

A different kind of smartphone, with actual buttons. Or maybe even what one manufacturer (Samsung?) tried to do, splitting the phone experience from the smart experience, with one ergonomically good device for calls, and another for messages and browsing. I also very often want to be looking at my screen while on a call (check mail, google stuff, look at maps).

I also miss the experience of the slide-to-answer on my old Nokia n86, or flip-to-answer like the Motorola Razr. I could also make calls without looking.

8
Arete314 1 day ago 2 replies      
A great-looking, affordable, modular home kit. We did it 100 years ago with the Sears houses -- imagine what we could do nowadays with mass production and 3-d printing? Imagine if you could order a home kit and save half of what a traditional builder would charge you? How would that change opportunities for the middle class?

In a similar, Maslow's-Hierarchy-of-Needs vein, it would be great to have an app that crowdsources data about healthcare costs and other data points in your city. I'd like to know which hospital charges least for an M.R.I., which hospital has the highest rate of MRSA infections, which doctors are highest-rated by their patients, which insurance policy is the best in my location. Right now there's little-to-no transparency and, just like in Vegas, the House always wins.

In general, I would love to see tech take on disruption and increased affordability in the areas of true life needs -- affordable education, housing, medical care, healthy food -- and focus less on gaining tiny efficiencies in tools and workflows.

TL;DR -- I need an affordable home, not a refrigerator that sends text messages to my blender.

9
crdb 2 days ago 9 replies      
A way to use Mechanical Turk from outside the US. I've needed it with every client I ever worked with, and I need it now and know a dozen companies who do.

CrowdFlower has a de facto monopoly on the outside of the US supply and charges an enormous premium for it - enough to turn off most of them. I certainly don't want to pay several thousand a month for the right to submit jobs, although I was ok with the 25% premium in the old days.

If it's an alternative marketplace, it has to have excellent automation via API. I'm not going to use this for questionnaires, I'll be submitting thousands of jobs automatically.

If you have built this already, please email me.

10
cromulent 2 days ago 9 replies      
A non-cloud off-site backup appliance.

This is what I want (I know there are alternatives, but this is what I want):

A device that I buy, and can plug at least one hard drive in to. I give it some sort of passphrase. I then place it in a friend's house and connect it to their internet connection.

I can then access it remotely from my house. I can easily backup my stuff to it. My backups are encrypted, both over the wire and on the drive.

When my house burns down, I can drive over there and get all my photos and records and stuff, instantly.

I don't pay a monthly fee. I buy the device and then it is mine.

I know I can build this myself. I don't have time. If I could buy this I would.

It would be nice if it was easy to use the other way around, e.g. buy one for your parents and keep it at your house and automate their backups somehow.

11
psadauskas 2 days ago 5 replies      
A stack for building web applications in the browser. HTML and CSS are pretty good for documents, but terrible for in-browser GUI apps that we're all building, its just piles of hacks upon hacks.

I want someone, probably Google since they own both a major browser and some of the most popular web applications, to re-invent the entire stack. Steal ideas from GUI-focused languages and toolkits, like QML, Swift, AppKit, etc. Lets pull in a superior scripting language like Lua and widget-layout framework like Qt, and support it natively and securely in the browser, building on everything we've learned in the last 20 years of creating web applications.

12
webwanderings 2 days ago 2 replies      
Instead of building, strengthen the independent pipe which is responsible for flowing the data/information across the Internet. I am talking about RSS. I wish more technical and policy people would consider supporting, or reviving, the RSS. RSS is practically not owned by anyone (like how email flows from one platform to another without ownership restrictions). The modern API world has proliferated silos and boundaries, which is ridiculous.
13
phycodurus 2 days ago 4 replies      
I wish someone would build an interactive teaching AI, (perhaps in a mathematical context at first). For example, the user might start with a goal such as, "I'd like to understand singular value decomposition." The AI would interactively assess the user's level of background and begin instruction at the appropriate level, leading to the desired goal.
14
x0x0 2 days ago 2 replies      
A gmail clone with privacy monetized via charging me $50 or so a year. I'm currently a fastmail subscriber, and it is nowhere near as good as gmail.

Fastmail specifically is deficient in several ways:

* gmail conversations. it is threads done correctly. Fastmail half-does this but the seams peek through all over the place. Eg you don't have labels, you have actual folders and those two aren't the same at all.

* fastmail search is still mediocre, and is clearly intended to be used via their graphical menu rather than typing folder/label restrictions or other modifiers in the search box.

* A gmail style iphone + android app that works offline

* better polish throughout the app (eg: if something is incorrectly assigned as spam, when you say not spam, message routing rules don't apply to it. If you create a filter, you have no option to apply to existing messages. I could go on and on.)

* spam detection that works way better

Fastmail may eventually be what I want however. They've definitely improved over the last 2 years. Eg they used to use 2fa as a monetization source (10c or so per text message!) and have recently made gmail style 2fa free. They've also turned their settings UI from appallingly bad (it looked and felt like a very junior developer's first js project) to pretty good. Similarly with their rules routing engine.

15
emmabruns 2 days ago 1 reply      
Maybe not so technical but as a curious person i feel i collect so many articles in instapaper but never take the time to reread them.

I do read though, mostly offline. Books, newspapers and articles. My focus is better offline.

Combining data mining and my offline focus, it would be great if you could make a tool that categorizes my instapaper articles and converts it to theme numbers (big data, health care, artificial intelligence, food, etc) that can be downloaded in pdf.

Would be so cool! Thanks for asking the question.

16
pjungwir 2 days ago 4 replies      
I would like a vi for spreadsheets. It should run in the terminal, and be able to read/save csv/xls/xlsx/ods files. It should understand formulas. I should let me navigate with vi-style keys, and have a separate mode for editing a cell's contents (with escape to go back to navigation mode). It should perform well even for very large documents (many rows or many columns, but especially many rows). I propose that it be called `vc`. :-)
17
jakobegger 2 days ago 3 replies      
A people-focussed email client.

Pretty much all email clients are message/thread based.

I'd rather have them people-based: A sidebar that shows a list of people who I have recently interacted with; and clicking on them shows all messages I've exchanged with them.

I don't really care about threads, because people just don't know how to use them. But even if they do, it often isn't clear when to start a new thread vs. continue an old thread.

Basically I want email to work more like an instant messenger app.

18
jagermo 2 days ago 5 replies      
A smart bank account:

I want to set up rules like "take 19 percent of every incoming transaction and save it to virtual account 'taxes'. Use this, account to pay invoices by $financialAgency"

Banking hasn't produced any innovation since online banking, it seems

19
MrZongle2 2 days ago 2 replies      
Simple, user-serviceable appliances.

Not a fridge with an UHD screen, not a washer with Bluetooth support, not a toaster that talks to the cloud.

Just functional appliances with a level of efficiency that existed 25-30 years ago and can be repaired, rather than thrown away because subcomponents are sealed black boxes with little regard to durability.

And after that, the really hard work: doing the same with printers.

20
olalonde 2 days ago 2 replies      
An ebook reader/protocol that would let me write or read comments left by other readers or the author(s). It would also be nice to be able chat with other people currently reading the book, especially for more technical books. Basically, make ebooks a bit more like MOOCs.
21
hitsurume 2 days ago 1 reply      
I want Jarvis, literally the AI in the Iron Man movie. I want him to converse banter and operate my computers / servers with whatever I need, and do it FAST. Siri and Google are doing good things, but I want something I can host myself so its quick, responsive and feels like i'm talking to a real person.
22
carsongross 2 days ago 5 replies      
- A legitimate successor to the original FJ40 Toyota Landcruiser, possibly electric

- A version of this watch (maybe even a smart watch) that didn't cost $25,000: https://ressencewatches.com/watches/type-3

23
NotUsingLinux 2 days ago 1 reply      
Implement wikipedia as a Web 3.0 aka decentralized service using technologies like IPFS.

To show that this kind of setup can be cheaper than what they are running on today.

24
eterps 2 days ago 1 reply      
An app that trains you to recognize logical fallacies and cognitive biases with suggestions on how to improve your thought process per case.
25
modeless 2 days ago 2 replies      
A social media, messaging, and news aggregator that screen-scrapes or otherwise accesses FB, Twitter, Instagram, FB Messenger, WhatsApp, iMessage, Hangouts, GMail, HN, Reddit, etc, and integrates them all into one unified interface.

This of course would violate ToS agreements and various services would try to block it. But if it ran as a local app instead of in the cloud, and it was regularly updated, it would be very difficult to block with either technical or legal means.

26
jkroso 2 days ago 1 reply      
An operating system built around IPFS. This would make the browser/native dichotomy irrelevant by offering the best of both worlds and then some.

AFAIK the reason web apps have become so popular is because they load quickly and don't require the user to manage installation and updating. IPFS would achieve the speed through caching and the installing/updating process with its namespaces feature.

27
cm2187 2 days ago 1 reply      
A better and more modern VBA. Empowering non programmer office workers to automate their tasks easily, and become more than click-drag drop-copy paste factory workers.
28
basch 2 days ago 3 replies      
a news aggregator that works. one where each person using it fills it with all sorts of metadata regarding why they liked/disliked a post/comment/embed etc, and then lets me use all the tagged metadata around content to sort it, possibly with some AI to help me.

slashdot seemed like it was on the right track, then the simplicity of the like/upvote threw complex out the window. buzzfeed came back with wtf/lol, but its not the same.

29
qznc 2 days ago 0 replies      
I want more apps for http://apps.sandstorm.io:

Accounting like Gnucash but multi-user

Issue tracker (maybe just port Bugzilla or something)

Spaced repetition like Anki but for lecture/class room use

Meeting management (prepare Agenda, live minute writing)

Hosting roleplaying sessions like roll20.net

Virtual money prediction market

Q&A Hosting like Stackoverflow

Somewhat meta for Sandstorm: Sell hosting in Europe, so european privacy laws apply.

30
cm2187 2 days ago 1 reply      
A butler robot. Which will cook, wash clothes, iron, clean the house, fetch and prepare a drink, take deliveries, etc.
31
mrsteveman1 2 days ago 4 replies      
Something web or smartphone based that can automate the process of examining various health/exercise/diet event data points over time, and learn from them until it can highlight patterns and events that may be related.
32
Razengan 2 days ago 1 reply      
Fantasy Tourism [1].

A VR app or game that lets me explore (or live in) fictional cities and places from popular works or standalone art. Like Hobbiton, Coruscant, the torus-city of Sigil from Planescape, or the Venice-on-Mars from the Aria manga/anime.

[1]: https://medium.com/@Razengan/virtual-reality-fantasy-tourism...

33
gcb0 2 days ago 2 replies      
A decent portable computer.

Obscenely large, replaceable battery.

small screen (1080p or 720p at 10~13in) that i can actually slide up when open so i don't have to look down and kill my neck/back.

decent mechanical keyboard at least 90% size (like the eeepc1000)

it can be low on CPU but should have the most connectivity it can. It can weight a little more than a 15" gaming laptop weights today.

34
bbcbasic 2 days ago 2 replies      
A programming language with the easyness of dealing with state and effects of a mainstream language and with the guarantees you get from a pure functional language
35
tommynicholas 2 days ago 4 replies      
API for sports data. If you want to build a great product based on sporting data, it is crazy hard to get. I think someone that made the pipes to all sports data (stats, schedules, lines, etc) could facilitate a lot of good innovation and build a solid business.

Not sure if this is a VC scale business, but I think it should exist and I'd love to be a user if someone built it.

36
nickjackson 2 days ago 0 replies      
A good open source alternative to Google Apps. Secure by default, amazing UI, spam filtering and tools that will configure the thing properly so not to get blacklisted.
37
swalsh 2 days ago 5 replies      
I have a backup cam on my car, I want a little wiper on it, like my windshield. Every time it rains I have to get out of my car and wipe it off with my thumb.
38
enzolovesbacon 2 days ago 2 replies      
An operating system which is a mix of OSX UI, Linux flexibility, FreeBSD network stack, and OpenBSD security.

It doesn't need NetBSD compatibility nor anything from Windows.

:)

39
samblr 2 days ago 1 reply      
Editor's code completion based on deep learning.
40
amelius 2 days ago 2 replies      
1. A worthy Google search competitor. Preferably open, open-source, federated, respecting privacy.

2. A platform where scientists can discuss publications. It should be a "home" for every paper. Of course, also open, run by a nonprofit organization, or perhaps even federated.

3. A good open (xkcd-927-defying) standard for chat that everybody will use. (Why can we have this for email, but not for chat?)

41
cm2187 2 days ago 1 reply      
A thin, laptop friendly, RJ45 replacement. Wifi sucks...
42
slake 2 days ago 5 replies      
A fully open source business workflow engine, pre-built with a great UI for the users to execute the workflow. Mobile friendly is a definite plus.

Almost all government software are essentially workflow engines. This would instantaneously solve loads of problems.

43
vinchuco 2 days ago 1 reply      
Just noting that many answers here are of the type "an aggregator for x" to unify something (news, messaging, sports data, storage across devices, ...).

Perhaps interesting would be to find these themes that make good idea-builders.

44
infinityplus1 2 days ago 1 reply      
A big, high resolution eBook reader with fast refresh rate. And it should be extremely cheap.A phone/tablet with replaceable/attachable screen, to add an e-ink screen when I want to.
45
ericae 1 day ago 0 replies      
OKC for child care. Families are different. Right now there is no way, outside of super-expensive agencies, to find a good nanny/family match.

Currently, THE website to find childcare is care.com . But when hiring families sign on, usually they auto-generate a profile using check boxes such as "We like arts and crafts!" or "Playing outdoors". So there is absolutely nothing to distinguish one family from another. (Hint: All parents say their kids like crafts and playing outdoors)

On the childcare provider side, since there is no good way to find the best match, the safe route is to also be generic. Maybe I could teach your kids to code and spin wool (true), but unless I'm willing to wait a long time for the right family to find me then I have to downplay (or just hide) many of the interesting things about me that very specific families would love.

Some families don't allow their kids to watch hardly any TV. Some allow them to play hours of video games. Some families want you to refer to dinosaurs as "dragons" because they are Young Earth Creationists. Some families want you to sing Mormon songs. Some families are fine with an LGBTQ+ nanny. Some would fire you if they knew.

I have worked for all of those families.

If that information could be gathered, and you could get a list of the best matches for your family (or vice versa), then the huge Russian Roulette risk of getting a new nanny/babysitter or finding a new job could be ameliorated.

46
kyriakos 2 days ago 3 replies      
An automated ironing appliance. Drop unsorted clothes in, they come out ironed on the other side.
47
tracker1 2 days ago 3 replies      
I wish someone would build "Thunderbird" as a chrome application... Right now, there's not really a good multi-site email applciation... even if it were limited to IMAP, or on-server. Not sure what the limits on localStorage or indexedDB are for chrome apps. Would be happy if it stored the credentials online somehow allowing me to use it wherever.

That's what I'd like to see, though I get most of what I need with webmail a cross-platform, portable email app would be really nice, where I control the data, not stored on someone else's platform, or from a party that doesn't control the platform. Though I do think if dropbox made such an app that used my dropbox for storage space I'd consider it.

---

For that matter hosted/paid web apps... You buy an account on the platform with X compute and Y storage for $Z/month, could be built as a shim over DigitalOcean or the like... that just loads whatever apps you pay for, and/or free apps on the platform... you login, use your apps and they stay there, for you to access at-will.

48
thescribe 2 days ago 1 reply      
A system for allowing all the devices on me to mount each other's storage seamless and make use of each other's various radios.

It drives me cray that I can have a phone with a 4G antenna, a laptop with wireless, and a kindle all three speaking bluetooth, and yet they don't transparently for my 'personal lan'.

49
dnautics 2 days ago 1 reply      
Disclaimer: I sort of tried to do this but keep running into problems- an Android app that registers an intent that intercepts Facebook's messenger play store nag and uses injected js in a WebView to reformat desktop fb messaging to fit my phone. If you want to collaborate let me know.
50
vinchuco 2 days ago 2 replies      
Using Google's reverse image search for naming a folder containing pictures downloaded from the internet.

Removing watermarks or finding better resolutions if possible.

51
endriju 2 days ago 1 reply      
I'm in desperate need of scalable Apache Spark cluster available through API that would make it easy to submit jobs that could process arbitrary size datasets but would let me abstract away the scaling part of the problem. I don't understand how there's nothing like that already considering popularity of Spark.
52
vinchuco 2 days ago 1 reply      
Something that classifies all my open tabs (or articles saved for later) by similarity.

Edit: or PDF files!

53
jessriedel 2 days ago 1 reply      
Better reviews of everything. Solve (or ameliorate) the trust and incentivisation problem. It's stunning that something simple and non-optimal like Wirecutter is such an improvement, at least in the area of consumer electronics.
54
xuejie 2 days ago 1 reply      
I wish we could have a web assembly backend for tcc. Emscripten is awesome indeed, but having a lightweight C compiler allows for many possibilities, such as online compilation within the browser.

If only I had enought time I would try doing that myself :(

55
fwdbureau 2 days ago 4 replies      
Something that kills proprietary feed algorithms on popular social websites, and lets you browse data chronogically
56
joshontheweb 2 days ago 1 reply      
A simple plug and play referral program to let your saas customers get a recurring kickback when referring others.

It should integrate with stripe and let you configure behavior like adjusting payout percentages after a certain amount of time has passed.

Ideally it would have an admin panel for each referrer so they can see their performance.

It also needs to have pricing that scales from nothing so pre-revenue companies can set it up and only pay when they are making money. Ambassador wants an upfront fee of 5 - 20k plus they have mandatory "success coaching" that is like $200/mo extra. Not a lot if you are already in a successful business but rules them out for me while Im pre-revenue.

57
aargh_aargh 1 day ago 1 reply      
A PowerPoint replacement:

* multiplatform editor

* portable output in HTML/CSS/JS

* zooming and rotating la Prezi (in addition to silly classic frame transitions that I never use)

* native support for SVG

don't make me export to a bitmap

no need for a native editor (SmartArt) when it can't beat Inkscape

* clipart, image and template library (drag&drop)

both a free one like openclipart.org

and a subscription-based professional one

58
contingencies 2 days ago 0 replies      
A vending machine that produces hot, customized meals from fresh ingredients on demand. http://8-food.com/
59
ollifi 2 days ago 0 replies      
I'd like for someone to bring "social graph" in to center of computing. Now we have good tools for manipulating files/data but communication with others seems like an afterthought. Which it of course is because of historical reasons. To reach others I need to go through various platforms, which are self-contained with their own tools for text manipulation and image manipulation etc. Communication could be the starting point for new OS design.
60
slyall 2 days ago 3 replies      
A service that provides a URL for a song. Right now if I write a tweet or a blog post that links to a song there is at least a 10% chance (even if to is an official post by the artist) that a few weeks from now the URL will be bad.

Some official service that the label can update when it decides to change it's "official streaming partner" would be great.

Perhaps it can be done without the cooperating of the artists/label. There are only some 100 million songs out there.

61
mamcx 2 days ago 0 replies      
I have the dream of revival of the xbase spirit. This lead me to the idea of build a relational language (http://lambda-the-ultimate.org/node/5353), and it lead me to the idea of build a better relational database, where the LOG is a first-class citizen (so, like built-in event sourcing), the db is fully relational and other nice ideas.
62
BatFastard 2 days ago 3 replies      
Cross browser, cross platform, bookmark manager.

Bookmarks feels like the live in the 90s still! Please tell me there is something decent out there.

63
alex5092 2 days ago 1 reply      
A lockbox for real estate agents that has a built-in video camera and microphone+speaker.

I mean something like Ring (1) plus MasterLock 5400D (2) plus embedded 4G mobile connectivity. It must not be a permanent installation (like Ring) and it should not require visitors to be pre-registered (like Supra Keys (3)) in order to access the property (for example contractors, repair staff, delivery personnel, etc)

If something like this already exists, please let me know.

(1) http://www.ring.com (2) http://www.masterlock.com/personal-use/product/5400D(3) http://www.supraekey.com/Products/Pages/Products.aspx

* edits: fixed typos

64
firewalkwithme 2 days ago 2 replies      
A thing that removes thought loops from the brain
65
r3boots 1 day ago 1 reply      
Good FOSS 3+ axis CAM software, preferably OS-agnostic.

There's a quiet FOSS revolution happening in machine tool motion control: several usable CAD packages (FreeCAD, LibreCAD, SolveSpace, to name a few), a powerful motion controller (LinuxCNC), even a few open embedded servo drives. But flexible, powerful CAM to glue these parts together seems to be the type of tough niche problem, requiring a lot of domain knowledge, where anybody capable of taking it on wants to get paid for their work. A lot like the EDA field before KiCad gathered some momentum.

Not to ignore the work put into PyCAM and other small efforts in this space. It's definitely a start.

66
bilch 2 days ago 1 reply      
A platform to connect information / stories / images / video / audio to locations. There are thousands of small, mostly subsidized one-off projects but no general platform for everyone to upload material connected to places and create, say, a personal guided tour of their hometown.
67
tmad4000 2 days ago 0 replies      
A way to find other people who think along similar lines to me/have related ideas
68
known 2 days ago 0 replies      
69
Lutzb 2 days ago 0 replies      
New devices in the sub palm top class. Something like the psion 5mx, but with current hardware.
70
maga 2 days ago 0 replies      
Under 8" phablet with x86 processor and Thunderbolt for external graphics.
71
jomamaxx 2 days ago 0 replies      
A robot to clean my bathroom, clean the floors, tidy up, do my laundry.
72
ashbrahma 2 days ago 3 replies      
A gmail application that would parse through your email (old and new) and collect all contact information without having to do this manually. Especially helpful if this can be done for older backed up email.
73
hkmurakami 2 days ago 2 replies      
A LinkedIn that's not super awkward to use wrt personal relationships.
74
whamlastxmas 1 day ago 0 replies      
Adblock filter list that filtered entire websites for annoying features (full screen modals asking for email).
75
samat 2 days ago 1 reply      
I would love and use a fastlane-like tool for google apps. Tired or setting up google groups for mailing lists and adding users to them manually. I've wrote bunch of scripts some years ago, but I'd love more complete and "proper" solution.
76
psyc 1 day ago 2 replies      
A large p2p network for arbitrary content that's encrypted and anonymous by default. If only people cared as much about freedom of speech as they do about watching movies and playing video games for free.
77
DdCb7Qlk2lyaw 2 days ago 1 reply      
An operating system which would run all modern games and be good enough for development such like the Linux is (i.e. being posix compliant-ish and have all the open source tools helps).I think open source MS Windows with all the spyware removed would be nice.
78
minikomi 2 days ago 1 reply      
A decent solution for adding to / viewing Org-mode files on iOS.

MobileOrg is abandoned and was super clunky for editing. Currently I use IFTTT do note to append to a txt file in Dropbox which is re-filed later using a python script, but it's hacky..

79
tmad4000 2 days ago 0 replies      
Good personal note taking software that allows me to easily connect related notes
80
JBlue42 2 days ago 1 reply      
Better humans
81
m1sta_ 2 days ago 1 reply      
A usb-c wall charger with inbuilt hdmi and usb-a. Single device with prongs and ports.
82
prmejc 2 days ago 1 reply      
Who is this app. You take a picture of a person and app looks through your fb and LinkedIn contacts and gives you short description if you know this person and their interests.
83
rianjs 2 days ago 2 replies      
MoneyGuidePro for individuals, instead of just financial advisors.
84
mynameisbahaa 1 day ago 0 replies      
A computer monitor that has 0 backlight bleed, 0 uniformity problems, support wide viewing angle, factory calibrated, and AFFORDABLE.
85
p0nce 2 days ago 1 reply      
1/ Better laptop stands, that don't make the problem worse.2/ Computer that lets me walk and ride a bicycle while working.
86
WA 1 day ago 1 reply      
Fully automated German tax reports for stocks, ETFs, dividends.

Right now, ETFs and their various taxes can be a pain in the ass.

87
apapli 2 days ago 1 reply      
A way for me to get what is in my head on paper without having to write it. Or 30 hours in a single day, whichever is easier :)
88
x1798DE 1 day ago 0 replies      
I would like a practical heads up display, powered by a local, open platform, not a cloud-based walled garden.
89
soulbadguy 1 day ago 0 replies      
A good native gui based profiler. Essentially an affordable version of intel Vtune.
90
mrgleeco 2 days ago 1 reply      
so this may be real: http://atmotube.com/atmotube_user_manual.pdf

If every urban commuter biker had this w/ phone+gps app, the dataset over time would become very interesting on many levels. Think local governments, real estate, state tranpo authorities etc.

91
vinchuco 2 days ago 0 replies      
Game: Something between overthrown.io and ingress.

Even greater would be if battles had to be waged in real-life like sports events.

92
tboyd47 1 day ago 0 replies      
This is more of a re-engineering of modern society. I want a drone that carries babies and small children and follows you around. It can follow your car or follow you into large stores like Target and Walmart. That way I can go about my day with my kids effortlessly hovering around at all times.
93
gravypod 1 day ago 0 replies      
A webtorrent-backed youtube, soundcloud, and social network.
94
johanneskanybal 2 days ago 1 reply      
A good vive vr game
95
blizkreeg 2 days ago 1 reply      
An aerial personal transportation vehicle.
96
cm2187 2 days ago 0 replies      
An iphone 7 with an audio jack
97
qaq 1 day ago 0 replies      
openSolaris based desktop OS with OS X style GUI
9
Ask HN: Have you ever visited example.com?
10 points by glaberficken  1 day ago   6 comments top 6
1
guessmyname 22 hours ago 0 replies      
Also note that example.com has no MX records [1]:

 When an address such as username@example.com is used to demonstrate the sign-up process on a website, it directs the user to enter an actual email address at which they receive mail. Example.com is used in a generic and vendor-neutral manner.
The list of reserved TLDs is quite short actually [2] but thanks to this page I understood that ".dev" is a bad TLD that people enjoy(ed?) using for their test/local websites [3]. I have been using ".test" for all my offline projects for a couple of years now, and ".local" was specifically very helpful when I had to build a fake DNS server for a DNS manager that I was maintaining.

[1] https://en.wikipedia.org/wiki/Example.com

[2] https://en.wikipedia.org/wiki/Top-level_domain#Reserved_doma...

[3] https://iyware.com/dont-use-dev-for-development/

2
ytjohn 19 hours ago 0 replies      
I always use the example.net/example.com domains for my documentation. It drives me crazy when I see a tutorial using something they just made up like "myfakewebsite.com". Almost always, these lead to an actually registered domain like what OP was expecting to encounter.
3
frantzmiccoli 1 day ago 0 replies      
Some domains are not to be sold, to avoid domain squatting and the kind of spammy websites you were expecting.
4
SamReidHughes 19 hours ago 0 replies      
I use it as a non-HTTPS site that I can use to log in to Starbucks Wifi.
5
danso 1 day ago 0 replies      
Yes, I use it as an example URL for tutorials or for testing out any HTTP-request-making code.
6
atsaloli 18 hours ago 0 replies      
Sure. Example.com is an Internet standard. See http://www.rfc-editor.org/rfc/rfc2606.txt
10
Ask HN: How to sell and idea?
12 points by hacknat  20 hours ago   15 comments top 10
1
panorama 13 minutes ago 0 replies      
I don't really understand the negativity. Ideas, like advice, have intrinsic value. People are caught up with the notion of an "idea" (like 'Uber for X') and don't realize OP is discussing a market opportunity. It's very possible OP has an idea that can generate value for an obscure niche that's slow to adapt. This happens all the time - the wheel is constantly being reinvented in different industries and markets and plenty of people make a decent living doing stuff like this.

Anyway, my advice is because everyone is caught up in stigmatizing "ideas", it's likely you will not find an adequate market available to sell your idea or get paid enough for it. You're better off discussing it with people you know. Frame it like "There is an opportunity in market X that is not being pursued, likely because of reason Y. I understand this market/problem very well and could explain it to you in great detail. If you decide to pursue it, I'd like modest [advisor shares/dividends/etc.] in return" or something to that effect.

2
codegeek 16 hours ago 1 reply      
To put it bluntly, you want to "sell an idea" that has no validation, no product, no customers, no reputation, no branding. No one is going to pay for that Idea. That is the honest truth and you know it already.

If you do want to validate the idea, you have to put something together. If you can write code, build a working prototype. Show it a few people.

I will tell you a secret. Ideas are worthless but a working prototype can be worth something. I know a close friend who built a tool and had no clue how to market it BUT he was able to find a buyer for a good amount. Not an actual business yet but he has offered 6 figures for that tool.

3
lpellegr 19 hours ago 1 reply      
I love the sentence "I just can't justify (to myself) wasting that much time on a problem I don't find interesting (even if it made me 10k/month recurring profit..."

If you can't justify to yourself, how can you hope selling such an idea to someone? oh, maybe you are a commercial actor :D

4
Nomentatus 14 hours ago 0 replies      
There are those who do. Even without patents. They leverage the internet/publicity/rpost etc to deter intellectual theft and also learn who to talk to and how at companies, leaping over those barriers. There's a book reference here I'd like to drop but I don't have it handy.

Few ideas are easily patent protected, plus it's easier to improve execution than the quality of one's ideas - so you're always advised to do what's easier. (First off, at least.)

Note too that "Execution" is often a way of saying "patentable ideas that you can hide instead of patenting them" - which is to say, trade secrets (always more valuable than patents, not least because they don't expire.) Intel was built on just such an invisible trade secret (akin to annealing) that made their memory (this is pre-cpu days) far more reliable than competitor's. So a lot of those who expound about "execution" actually mean "ideas", just non-public ideas.

The other thing that prioritizing execution says, is that people tend to have part of an idea, and not realize how much more thinking (and further patentable ideas) are necessary to make it work. Having a necessary-but-not-sufficient patent (such as Wang's 2D iron-core memory patent, back in the day) is not as valuable as a necessary-and-sufficient series of patents, or far more complex patent.

Also the system (laws for sale) is tilted so that corporations can appropriate the ideas of individuals, in many ways. They are put in a position to patent-and-execute; and individuals are short-sheeted.

5
caseymarquis 12 hours ago 0 replies      
If you're willing to spend a little bit, contract someone to build a site that offers the service and looks good, but only actually allows people to sign up for the future service or something along those lines. If you get people who are willing to sign up, then perhaps you could persuade someone to invest in the business and finish building the actual service via contract with someone else's money? At that point you could maybe leverage some sort of sale/investment where you end up being very hands off? Even if you were going to build it yourself, just making the site to confirm interest would probably be a good move. Reading "The Lean Startup" with a coworker right now. It advocates a lot for experimental validation before investing any engineering effort.
6
dangrossman 19 hours ago 1 reply      
To summarize: you have an idea which would take 6-12 months to execute on, and would not generate enough revenue to build a real business around. You want someone to pay you for this idea. Sound right?
7
marcc 17 hours ago 1 reply      
The best way I can think of to sell an idea is to build it (at least a prototype), prove the idea, and then try to sell it. You aren't going to be able to sell just an idea. You can recruit a partner to work on it with you; you don't have to build it yourself.

If it's not worth this amount of effort, then I don't expect someone will pay you money for an unproven idea that doesn't have enough value to spend your own time on.

8
sharemywin 8 hours ago 0 replies      
How do you know once you prove it can be profitable lots of other people won't jump in an compete driving down the profits.
9
Gustomaximus 12 hours ago 0 replies      
Put you money where your mouth is. Find someone else that can build it and put them on contract for 6-months, or less given this was only going to be built in spare time.
10
Mz 14 hours ago 0 replies      
The reason we have sayings like "Ideas are worthless, execution is everything" is partly because execution often contains or reveals a great deal more information and unstated assumptions than your nutshell explanation.

There is a great scene in The Hudsucker Proxy where he shows a circle and then a line as his diagram of his idea. This turns out to be the hula hoop and is wildly successful. The scene basically repeats -- drawing of a circle for top view, line for side view -- but the idea is now the frisbee.

Effectively communicating ideas in any kind of meaningful, meaty way is incredibly hard. This is part of why demos are so useful.

To sell an idea you must effectively communicate it. People sell ideas all the time, though perhaps not in the sense you mean. For example, people trying to get funding for a movie routinely have to sell the idea. This is where you get expressions like "it's Uber for X." This is an attempt at getting across a density of information succinctly.

Effectively conveying a dense amount of information in a small package is an art form in its own right. People often pay to have that done or to get help with it. It's a very separate skill from seeing a solution in context because of having done work that exposed you to certain experiences.

11
Ask HN: How do you get the initial traction for your web side-project?
49 points by thakobyan  2 days ago   11 comments top 8
1
00taffe 4 hours ago 0 replies      
The problem is the target of the project. If friends on Twitter and Facebook fall within the target, then send your project to try.

But if the project solve a problem away from you, try to think the best channel through which sponsor your project. You study your competitor and find which channel they use because it's better choose a different channel.

2
csallen 2 days ago 1 reply      
My site https://IndieHackers.com has in-depth interviews with lots of developers who've launched their side projects. There's definitely some good information there!

I also wrote a post about my experience launching Indie Hackers itself: https://www.indiehackers.com/blog/launching-to-300000-pagevi...

To answer your question more directly, I think it really depends on what you're building! If your project does a good job appealing to a niche and, ideally, solving a prickly pain point of theres, that makes it easier. The next step is to find places where those people hang out online, and then learn the rules of those communities so you can respectfully introduce what you've built.

3
sharemywin 2 days ago 0 replies      
Here's a good list of sites to submit to:

https://news.ycombinator.com/item?id=6488822

4
soboleiv 1 day ago 1 reply      
Here's a good article on Traction (which promotes the book with the same title and the book is Amazing!)https://medium.com/swlh/the-19-channels-you-can-use-to-get-t...

Also it depends on which kind of project is that, are you targeting specific people? Can you tell a bit more about it?

5
xiaoma 20 hours ago 0 replies      
The options depend pretty heavily on the price point, how much you can invest per user and how much traction you need to fund future growth.
6
siquick 20 hours ago 0 replies      
If its B2C then you can't go wrong with some highly-targeted FB ads to validate your idea, and gain some initial interest.
7
sharemywin 2 days ago 0 replies      
8
sharemywin 2 days ago 0 replies      
find bloggers to give a free trial to. also, blogging yourself.
12
What are the FLOSS community's answers to Siri and AI?
16 points by jernst  1 day ago   8 comments top 3
1
grizzles 6 hours ago 0 replies      
I'm working on something open source / maybe disruptive in this space but I'm not ready to announce anything yet. I'm always looking for collaborators though. I think there are easy solutions to all the problems you mention. For example, if you need data, go to youtube.
2
Finnucane 1 day ago 1 reply      
"Speaking to an Amazon Echo-like device while sitting on my couch makes a lot more sense than using a web browser. Will we ever be able to do that without going through somebodys proprietary silo like Amazons or Apples?"

Depends. Since the whole point of these systems seems to be precisely to filter your needs through those silos, so they can feed you 'content' and stuff, there'd have to be some compelling use case for an open-source alternative.

3
johnhenry 1 day ago 2 replies      
I don't know of any specific efforts to create an open alternative to Siri, but there are a number of speech-to-text translators and natural-language processors that could be combined to do something similar.

There are a number of sites dedicated to aggregating making data openly available on github (https://github.com/caesar0301/awesome-public-datasets), but projects such as Academic Torrents (http://academictorrents.com/) and Dat (http://dat-data.com/) are also making strides in openly sharing data.

Scaling is probably the biggest issue that you've pointed out, but efforts like BIONIC (http://boinc.berkeley.edu/) allow community members to donate their computing power to projects that they wish to support. Ethereum (https://www.ethereum.org/) also has potential in this area, but given that the network is mostly centered around distributed consensus, it would be more efficient to use a normal computer in this area.

13
Ask HN: Is Riak a viable alternative to Cassandra?
5 points by nvarsj  1 day ago   2 comments top 2
1
bewo001 2 hours ago 0 replies      
Hm, when we evaluated Cassandra not long ago, a simple full disk error managed to get it into an unusable state, and even external experts couldn't recover it. I know it is used extensively by many companies, but this was not exactly encouraging.
2
soboleiv 17 hours ago 0 replies      
I've used C* (36 nodes/20Tb) and it was pleasure to manage it even in the early versions. At the time of picking the db (3 years ago) Riak was slower as they only had http available so C* won by a large margin.

One case I thought Riak can be a good choice for is for quick prototyping / interacting directly from web clients (as it has neat http API).

14
Cloud 9 Online IDE Hacked (c9.io)
16 points by TeamMCS  2 days ago   1 comment top
1
freestockoption 1 day ago 0 replies      
I love Cloud9 for the web based dev environment. I mostly use the noncloud version on my own dev box (which I can only get into with VPN). I do it mainly because I don't want to pay $10/mo for an ide. I hope people's code are OK.
15
Ask HN: If you were paid to learn, 8 hours a day, what would be your routine?
43 points by TbobbyZ  3 days ago   26 comments top 12
1
new_hackers 3 days ago 6 replies      

 6:00 am - wakeup 6:10 am - jog 6:30 am - nutritious breakfast including fruit, carbs, protein and water 7:00 am - shower 7:30 am - coffee (limited) and classical music 8:00 am - review learning list and choose focus 8:30 am - focus and learn 10:00 am - stretching, situps, pushups followed by water 10:15 am - focus and learn 11:45 am - evaluate learning, update learning list noon - nutritious lunch (limited) with water 12:30 pm - bike ride 1:00 pm - review learning list and choose focus 1:30 pm - focus and learn 3:00 pm - weightlifting followed by water 3:30 pm - focus and learn 5:00 pm - evaluate learning, update learning list 5:30 pm - dinner (limited) 6:00 pm - your time 9:00 pm - bedtime
When I was unemployed, this is the routine I followed. I was able to pick up quite a few technologies that helped me in my current job. Notice that quite a bit of the routine is focused on YOU. If you feel good, and confident about yourself, you can learn a lot.

2
GoToRO 2 days ago 1 reply      
Like most situations, you will get the wrong answer until you find the right way to ask the question. If the goal is to maximize time spent, then what you have to do is learn how your body works. And your body works in a certain way, you just have to comply. If you fight it, you will get worse results. I'm saying all this because from the question one might believe that you can -choose- your routine. What I've found is that you have to discover it, you have to discover how your body works.

Wake up with the Sun.

Eat.

Internet 1 hour, or other activity that will warm up your brain. (~8:30 am in the summer)

Learn, 2-3 hours for real, maximum 4 hours for the whole activity.

Gym 1 hour.

Shower.

Eat.

Go outside.

Eat, before 18:00 ideally, before 19:00 in practice. Food will keep you awake during the night and you won't be able to wake up with the Sun!

Sleep (~23:00, ~8 hours). You have to choose your bed time depending on when the Sun rises.

Source: 5 years of searching for this + 2 years of doing this, without being paid :|

3
me_not_brucelee 2 days ago 0 replies      
I would divide my moments into

1. meta learning

2. learning from multi perspectives

3. retention

Meta Learning

Ask yourself, "why are you learning this?", "what pre-knowledge I need to learn this material?", "Is there anyway to learn this faster?", "Why am I getting stuck on this?", "Do i need to update a previous assumption?". Metacognition, or the awareness of own thinking, is a very powerful method to improve thinking skill on any domain.

Learning

Use The Feynman Technique. The idea is any jargon used in particular domain can expressed with more common day to day words. This not the same as using analogy, avoid analogies. In feynman technique you are thinking below the word, using more simpler word to describe things. Once you have understood an idea, then subscribe to the jargon for that idea.Another way is to build a semantic tree of the things you learn, essentially build a huge graph where ideas are connected. Dont make disconnected clusters of ideas.

Retention

You can learn as much as you want but there is no point if you remember nothing.Use a mind map, reorganize according to your work. Just because a book has its own index, doesnt mean you can't reorganize the information according to your thoughts.Bookmark high quality links and resource, ditch meager resouces/links.Write code, practice what you have learned!Teach others! Teaching is the most effective retention method, because it challenges your own understanding.

Edit:Your prove of learning can be shown using everything you use to retain the knowledge.

4
pedrodelfino 1 day ago 0 replies      
Cool question and some great answers.

I would try the following:

- 8-9 hours of sleep per day;

- 1 hour of some physical activity everyday;

- 7/8 meals through out the day (3-to-3 hours interval);

- 8 pomodoro sprints per day.Each pomodoro sprint as a 45 minutes focus session. While studying focus on the process not the result. This reduces anxiety;

- at the end of every day: make a brief self-assessment session, writing a paragraph about what you have accomplished. Now the focus is on the result.

- use Rescue Time to track what you do, be aware of the distractions and try to limit them;

- do not work on Sundays. Work on Saturdays as a regular day.

5
opendomain 3 days ago 0 replies      
Here is my suggestion: Learn how to learn

Find what techniques work for you - keep on trying different methods.GTD by Pomodoro or Task TrackingLearn by reading, videos, doing, instructing othersVary intensity: some days are 10 hours of studying, while some are dreaming days

I would LOVE to be able to spend more time learning - I have a website about NoSQL that I want to train on BigData, but I am always too busy working

6
convolvatron 3 days ago 0 replies      
- take on aggressive project. a distributed operating system, a novel static optimization technique, some kind of concurrency model, a lower bound for an unsolved problem

- find good resources to work with, or at least to give regular input so I don't end up wandering off into the weeds

- try to take it as far as I can, until its obviously going to fail

- start with another

7
tmaly 3 days ago 0 replies      
I would first tackle the mindset needed for peak learning.

Josh Waitzkin has some good coverage in his book The Art of Learning.

How to Solve it by Polya has some good strategies on how to solve math problems that are applicable to broader problems and learning.

Thinking as a Science by Henry Hazlitt covers a broad approach to learning anything.

I would probably read these books and try to find a few others to really get my mind in a state where it needs to be to learn.

8
csallen 3 days ago 1 reply      
I'd follow the advice from this guy who finished four years of MIT CS classes in one year: http://calnewport.com/blog/2012/10/26/mastering-linear-algeb...
9
xkcd-sucks 3 days ago 0 replies      
It sounds like the users are being paid to produce proof of learning weekly, not learn.

So probably: Plagiarize a bunch of stuff, sign up with a bunch of names/get unemployed crusty friends to make class presentations, and milk it for money as long as possible.

10
JSeymourATL 2 days ago 0 replies      
> how you would maximize your time spent...

I would try to have 1:1 (paid) consulting sessions with established experts in the field. Huge insights and breakthroughs come from individual conversations.

11
DrNuke 2 days ago 0 replies      
In learning mode as an adult you should really spend 12-14 hours a day thinking and tinkering, 2-3 months max. It has to be both a challenge and a boost.
12
bbcbasic 3 days ago 1 reply      
First order of business would be to crack open the champagne
16
Ask HN: Know how transfer as a freelancer
5 points by patatino  1 day ago   5 comments top 2
1
wccrawford 1 day ago 3 replies      
My advice is not to bring it up. Most of them aren't even going to consider it. They'll think that just having the code will be enough.

Of course, you should document things when appropriate, and your code should be good, clean, and maintainable. It's what they're paying you for.

2
oomathias 20 hours ago 0 replies      
The code should be self-explanatory for a developer, if not add documentation inside the code.

I like to document anything the client will have at some point to touch.Deployment and configuration must be documented.

There are two different things to consider: - Your client beeing able to deploy or use what you give them. - Your client beeing able to modify or add features to the existing code.

Always do the first one. I always discuss this kind of things before starting a project with the client. And everything discussed is mentioned inside the contract.

17
English rules of thumb with grep
23 points by piedradura  3 days ago   4 comments top 3
1
theophrastus 3 days ago 1 reply      
"help you use words correctly" how exactly? This is an interesting bit of etymology, to be sure; but is just one example of a whole library of similar relations. For example, there are entire books devoted to the historical transitions between Germanic languages ('d', 'v') to English ('th', 'f'). That is, you'll see even more impressive numbers with this approach: grep -c -i "^th" british-english
2
geeio 3 days ago 0 replies      
You should listen to the http://historyofenglishpodcast.com/.

He goes into great detail about how the Proto-Germanic languages evolved via sound changes (e.g. Grimm's law).

Also see https://en.wikipedia.org/wiki/Grimm%27s_law

3
dfsegoat 3 days ago 0 replies      
This is cool. We have particular problems with English vs. British spelling for medical terminologies. We have a lookup table for these and other synonyms:

e.g.: "Haemorrhage" vs. "Hemorrhage" etc

18
YC application Winter Batch
5 points by cubinho  1 day ago   1 comment top
1
wirddin 13 hours ago 0 replies      
Is this from the email we all have received for a 10-day reminder? I guess by that they meant that you can apply with the same idea (updated content). You won't get to see your last application or update your last application, you have to start afresh (or copy paste from wherever you had backed it up last time). Good luck!
19
Ask HN: Opensource alternatives to tcpdump?
4 points by txutxu  2 days ago   11 comments top 5
1
brynet 1 day ago 1 reply      
OpenBSD's tcpdump(1) is fork of tcpdump.org, a lot of early work went into adding security features to bpf to facilitate implementation of privilege dropping/separation in bpf programs.

In 2003, the first parts were added, bpf write filters and descriptor locking, this considerably limits the scope of access to bpf writers and byte packet parsers.

http://marc.info/?l=openbsd-cvs&m=106684834031056&w=2

By 2004, initial privilege separation support was already committed to tcpdump(1) by Can E. Acar and Otto Moerbeek.

http://marc.info/?l=openbsd-cvs&m=107531986114887&w=2

With the introduction of pledge in 2015; the privilege separation work had been further refined, with the packet parser limited to now just stdio operations, unable to read/write files or open network connections.

http://marc.info/?l=openbsd-cvs&m=144383352229927&w=2

http://marc.info/?l=openbsd-cvs&m=146908579408853&w=2

So, tcpdump is a fine network security analysis tool.. on OpenBSD today.

2
JoachimSchipper 1 day ago 1 reply      
Wireshark offers a different query language.

As an alternative, just open a raw socket directly (or use any of the ringbuffer-ish alternatives - look at what tcpdump=libpcap does for your OS). Working directly with raw sockets can make perfect sense, but you may still want to use libpcap to compile your BPF (i.e. traffic filters).

3
atsaloli 1 day ago 1 reply      
Between tcpdump and Wireshark, my network analysis needs as a sysadmin are covered.

When I used Solaris, I used "snoop" which is now open source through illumos.

4
brudgers 1 day ago 1 reply      
Just to clarify the context, TCPdump is open source: http://www.tcpdump.org/#source

I misread the question as implying that it was not open source.

5
superflit 1 day ago 1 reply      
libPCAP?

:>

20
How to Create More Women and Minority Tech Founders
10 points by andrewpierno  2 days ago   19 comments top 7
1
matttheatheist 1 day ago 1 reply      
We minorities have always made top engineers.For example, here's my latest product: www.enrad.io (and no, we don't want your money.)

If you really want diversity in the startup ecosystem, simply fund and hire minorities...and stop merely talking about it. Seriously, stop moving your lips and just hire some people. We're everywhere. And we're very good.

2
Chos89 21 hours ago 0 replies      
Not sure how to feel about this, are there any laws that prevent minorities and women to become tech founders?Just don't discriminate people and that should be enough.As accepting only white males into certain programs would be considered racist, so is this IMO.
3
codeonfire 1 day ago 0 replies      
Just a few questions. Are you doing this because of white guilt? Do you come from a wealthy white background? Do you/did you have a trust fund? What about the tens of millions of dirt poor non-minorities in the country? Do you think there should be more women and minority tech founders than the proportion of their respective population?
4
bbcbasic 1 day ago 0 replies      
Invest in startups in foreign countries, particularly 'non-western' countries.

Find a way to help funnel some of that Silicon Valley investment money over to other countries. Whether that is your own money or other funds. Also politically - make other countries create a good startup environment. One thing that springs to mind is the tax treatment of startups should be special.

5
imaginenore 2 days ago 3 replies      
If you're selecting projects based on the gender/race of the owner instead of the merits of the project and the team's skills / compatibility, you're going to lose in long term.
6
Tan__ 2 days ago 1 reply      
I'm not a founder, but I am a minority/female developer in New York. I have a couple of ideas for web apps, but I don't know the first thing about business. Anyway, if I could be of any assistance feel free to let me know. www.tanwill.nyc

Good luck to you!

7
awareBrah 2 days ago 0 replies      
I don't think it's a worthwhile effort in the slightest. You don't see people as individuals, rather as categories. "I'm making an impact by helping minority/women""I'm white"Nothing will get better by doing this. Instead, judge each human by their unique characteristics. People don't want to be recognized because of these attributes, but instead because they really accomplished something worthwhile, or did something extraordinary. Not be born with X genatalia or Y skin colour.
21
Ask HN: Recommended platform for small discussion lists?
5 points by Mz  1 day ago   2 comments top
1
amirathi 1 day ago 1 reply      
Google groups.
22
Ask HN: How to secure your internet activity (eg.emailing) when traveling?
5 points by questionr  2 days ago   2 comments top
1
NickHaileyEvans 1 day ago 1 reply      
Standard procedure for various large security-related companies when traveling abroad is to provide the employee with a temporary device with only files that are required for the trip. The device can be cleaned/analyzed/destroyed on return.

Although this is more or less the only way, it might not be practical. I'm not security expect and do not have the resources to do the above, but I take various precautions when traveling:

* Make use of a Cellular Data Plan.

* Make use of VPN (Roll your own, or have a look at the VPN Comparison Chart https://news.ycombinator.com/item?id=11294064)

* Do not keep devices unattended. Especially not in a hotel room.

* Use 2FA and other standard security practices (firewall, identify phishing, have most recent updates installed).

23
Ask HN: Any bad experiences going through YC Program?
9 points by BIackSwan  2 days ago   3 comments top 3
1
wwalser 1 day ago 0 replies      
I've heard from a few sources that they didn't feel that YC was as good for B2B SaaS as it was for other types of businesses. It seems like their attention is more focused on B2C and if you are B2B it better have some sort of innovation on the businesses model or customer acquisition (think Zenefits). All up this doesn't seem to be something I could be critical of them for. Of course you want to work with people who have an unfair advantage and of all the advantages to have, a user acquisition advantage may be the highest leverage.

My company is B2B SaaS and will be applying despite this caution that other's have raised. While we're always iterating & investigating to find distribution channels for our marketing & product, I wouldn't say we've found anything truly innovative. Just grinding on execution.

2
Rainymood 1 day ago 0 replies      
I wonder how much companies are going to, if it really occured to them, badmouth YC ... on the YC forums. Even if they had a bad experience, they can still use the network.
3
byoung2 2 days ago 0 replies      
I remember reading one story about getting kicked out of YC [1] before it started.

1. https://news.ycombinator.com/item?id=2208155

24
Ask HN: Do you subvocalize when reading code?
7 points by anderspitman  2 days ago   6 comments top 6
1
p333347 2 days ago 0 replies      
We read code in order to understand it, and I believe one must read code with whatever technique that lets them understand it best (I know nothing of this subvocalizing thing; I came here to see what it was). For me, reading code is a deliberate activity, in that one must spend some time with it and not whiz past it. Further, speed reading seems irrelevant, not to mention counter productive, when dealing with code.
2
pluma 1 day ago 0 replies      
Considering the drawbacks of speed-reading (it's not just "reading, but faster") are really counter-productive in programming, I don't think actual speed-reading techniques are helpful when reading code.

I certainly do find myself "skimming" code in larger code bases but then I'm also not speed-reading but simply looking at the visual structure (which is where consistent formatting matters) and looking at words in fixed locations (e.g. names in function definitions).

When you actually have to read code (rather than just skim it by looking at structure and words in fixed locations) that usually means you need to focus and carefully follow each expression -- the bottleneck in this case is comprehension, not reading speed (unless you have to keep track of each character, such as when dealing with short and confusing variable names or intentionally obfuscated code).

3
soboleiv 1 day ago 0 replies      
I visualize graphs sometimes or draw them on paper for particularly tricky pieces of code.

I was subvocalizing things to remember to do before learning to use task tracking software for that.

You might want to benchmark yourself e.g. with http://www.readingsoft.com/ (I ranked 398 wpm and I know my bottleneck is eye movements)

Also I think code reading speed is only a part of a larger process (e.g. code review or making a fix). For both of these external tools are available making reading speed not as important (iterative development / unit tests for fixing + static code analysis tools for reviews)

4
baccheion 2 days ago 0 replies      
I'm not conscious of doing so, though I often subvocalize when reading. You can try humming (vibrating/pulsing the voice box area) or listening to brainwave entrainment audio to lower the amount of subvocalization. Brainwave entrainment audio should also help you better concentrate/focus and relax.
5
Cozumel 2 days ago 0 replies      
Interesting question. With code I don't unless it's 'complex' and I'm trying to work something out and I just realised I don't with music either, but I definitely wouldn't consider myself a speed reader either.
6
psyc 2 days ago 0 replies      
By the strict definition of subvocalize, definitely yes. I don't move my lips, though. Also, it's nothing at all like reading English. I'm trained to read logic directly as logic.
25
Ask HN: Customer demanding $2400 for dirt marks on driveway, how to handle this?
10 points by ChrisDutrow  2 days ago   12 comments top 9
1
oblib 18 hours ago 0 replies      
Here's the thing... It's a "driveway" and it's unreasonable to expect no wear or discoloration on untreated concrete (ask any concrete company if that is reasonable and they will tell you "No").

If he was concerned about that he should have moved his car to a place on his property where this could not occur.

If he did not tell you that was a concern before you started, and especially if he parked the car there and told you to clean it there, I don't see how he has a case.

I would check to see if he's done this kind of thing before (and I'd be surprised if he hasn't) because that is evidence that he purposely set you up. If he has bring those records to court with you there's a good chance a judge would toss his case.

2
JSeymourATL 2 days ago 0 replies      
> Now he is demanding that we pay $2400 to have the driveway re-surfaced or he'll sue us.

Work to turn an instance of conflict, into a collaboration. Take the emotion out of the conversation. But do try to talk this out first.

On this subject, Stuart Diamond is brilliant > https://vimeo.com/43817099

3
sharemywin 2 days ago 0 replies      
Sounds like you need to add some kind of arbitration clause to your service contract. Also, If you've been paying premiums for 10 years I don't see why you would at least talk to your agent.
4
AnimalMuppet 2 days ago 0 replies      
Do not take legal advice from HN (or anyone else on the internet). Ask your business's lawyer (and your insurance company).
5
mrfusion 2 days ago 0 replies      
What about bleach or hydrogen peroxide? No idea if that would work?
6
angersock 2 days ago 3 replies      
Consider it 2400 spent on learning how not to fuck up a driveway--just make them sign an agreement say "Hey, after this, you forfeit further claims to compensation".

And now, in the future, you know to put down a tarp or whatever to keep this from happening.

7
DrScump 2 days ago 0 replies      
If your usage of chemical solvents was not legal (given that the waste going down a driveway would generally flow to a storm drain in most driveway scenarios) you may have other vulnerabilities here.
9
mchannon 1 day ago 0 replies      
An engineer's solution:

One can of white spray paint.

26
Ask HN: Why are humanity's large systems failing?
10 points by alistproducer2  2 days ago   4 comments top 2
1
internaut 2 days ago 1 reply      
Read the Collapse of Complex Societies by Joseph Tainter. It is the Bible on this topic.
2
smt88 2 days ago 0 replies      
I think it's a big stretch to say that large systems are failing. We're still in the longest stretch of human advancement ever -- before the Renaissance, society would go into a "dark age" from time to time.

Unnecessary death, disease, and war are also at a low point for human history.

Just because there are existential threats doesn't mean the systems are failing.

27
Ask HN: Current state of cellular automata research?
9 points by siavosh  3 days ago   1 comment top
1
vnglst 1 day ago 0 replies      
Great question, I've been wondering about this too with all the attention for AI lately.
28
Ask HN: What do you guys use to help organize daily tasks and things to do?
11 points by gallonofmilk  2 days ago   25 comments top 13
1
andwaal 15 hours ago 0 replies      
I use mind maps in Freemind. Every project has a root node with project name and date last updated. I then try to go through all projects at least once per day, look for any follow ups I have forgotten and then update the date. This combined with use of appropriate icons gives me confidence I have not forgotten anything. On each project I note everything, last contact with client, meeting summaries, progress, remaining todos, specs. Basically everything of importants.
2
qwertyuiop924 2 days ago 2 replies      
A pencil and a piece of paper, or an organizer from Staples. :-D

If you're an Emacs user, org-mode is very powerful and quite useful as well. It's what I would be using, if I actually had a computer with me everywhere I go that could run it. http://orgmode.org/

If you aren't an emacs user, or are looking for an alternative, Taskwarrior is a quite popular CLI todo list management app, which has a similar (although not as extensive: org is frankly massive) featureset. It has a companion, Timewarrior, which is designed for tracking time and displaying reports. IIRC, this is an org feature as well. Both have significantly better mobile support than Org, so take that as you will. Either way, if you are going to support mobile, you have need to host the files yourself, or use dropbox. https://taskwarrior.org/

Pomodoro and GTD are both popular methodologies, which you can look into if you're interested in that sort of thing (I'm not, but I've heard good things about them both from people who are). They are applicable to just about any tool, including any of the above (yes, that means pencil and paper).

But ultimately, the only wrong way to organize yourself is one that doesn't work for you. So if anything I've listed works, and you want to use it, do. If it doesn't work, throw it away.

It doesn't matter what tools you use, just so long as they help you Get Shit Done (TM).

3
sharmi 1 day ago 0 replies      
I use the zim notebook wiki. Physical Notebooks are great in that you can dump all your thoughts in it. So you can go into your next task clear headed. Unfortunately, I tend to misplace notebooks a lot.

Zim is quite flexible as in it can be used as a wiki or a to-do list. Bonus points for allowing nesting of tasks. I sync between laptops using Dropbox. I doubt it has a mobile option. This is the option closest to a notebook.

Zim or physical notebook, The most difficult thing is that we have to use the tool diligently to reap the benefits. One can often let the practice slide due to time/work pressure. If done properly, you realize how much of your cognitive processes are actually devoted to just remembering the list of things to do

4
Jugurtha 2 days ago 1 reply      
Did you take a look at Wunderlist? The common problems everyone faces at the beginning are:

* Putting todo list items on the same system.

* Making it a habit. Discipline and consistency are areas I'm always trying to work on personally (these will cause my end). The few times I was consistent, I just demolished whatever I was trying to do and felt like a 20GW laser pulverizing a problem.

https://www.wunderlist.com/

5
Jtsummers 2 days ago 2 replies      
For daily tasks, at work, the first thing I do is fire up Outlook and emacs.

Outlook has my calendar (very MS heavy corporate environment) so it displays every task, meeting, appointment easily. Mails that come in get put away (ok, not great with the zero-inbox thing, but I try).

In emacs I have a "daily activity log", it's the second thing I open each day. I create an entry for the day, tagging it with the project(s) I'm working on (these get added through the day as things come up, or at the start if I know it's on my agenda). I usually know what I'll work on that day so I'll create an entry for it, and open the linked org file for the project itself. So an entry might look like:

 ** <<2016-09-23>> :foo: *** TODO [[file:foo.org][foo]] [0/2] - [ ] Deal with PR-128 - [ ] Build and install image
(NB: <<STRING>> in a headline in org-mode makes it a target for links like [[STRING]] or [[file:foo.org::STRING]])

Those bulleted tasks are what I intend to work on that day. If they don't get checked off, I can't mark the project's work as DONE, and I'll refile them later. I should probably automate this somehow, perhaps collect all incomplete tasks at the top of the log file for easier refiling. Presently `C-c / t` does the trick for finding them. foo.org will have a more detailed description of what I'm doing, possibly linking to other things. The bullets vary in detail by the end of the day, and may have several sub-bullets and links. Sometimes project boundaries are fuzzy, I just pick something or create more levels:

 *** TODO Related projects **** TODO foo **** TODO bar

6
pedrodelfino 1 day ago 0 replies      
I use a physical notebook. Like the ones kids use at school. I like to scratch the tasks after they are done. I have been using this method since 2012. It is funny to see the old notebooks. It also works as an unstructured and bad written diary.
7
citruspi 2 days ago 0 replies      
Related discussion from earlier this week - https://news.ycombinator.com/item?id=12548656
8
smartmic 2 days ago 1 reply      
Honestly, for logging and tracking my daily business tasks, I use a plain old notebook where I write notes or draw sketches with a pen. It is the fastest and and most comprehensive solution. It accompanies me throughout the day and has more style than an electronic solution like a tablet. Of course searching is not easy but I can remember topics based on approximate dates, that works well for me.

For higher level "management" of longer-term and recurring tasks I also use taskwarrior.

9
Tiksi 2 days ago 0 replies      
Kinda related but does anyone know of some sort of software like Jira that isn't oriented towards software devs? I've tried Trello and Taiga but neither have a way to build a dependency chain (issue a requires issues b and c which require...) like you can in Jira. However I don't really wanna push Jira onto non-technical people and tell them to ignore half of what's on the screen.
10
tedmiston 2 days ago 0 replies      
I'm a big fan of FoldingText / TaskPaper (the underlying engine is the same).

http://www.foldingtext.com/

You can tag and add contexts arbitrarily.

 Some Project.todo - my task #foo @due(2017-01-01) @blocked - another

11
soboleiv 1 day ago 0 replies      
asana.com + GTD methodology

here's productivity forum on setups people use (it's in Russian so you'll have to pipe it through google translate but instrument names are in english + screenshots kinda self-explanatory)http://forum.mnogosdelal.ru/viewforum.php?f=7&sid=28fdcb21c9...

12
tmaly 2 days ago 1 reply      
Trello is nice if you have access to it.

If you have Jira or other task/bug system you can also use that.

I personally think a TODO.txt file is easier than both.

A nice paper sketch book is also good, but if you lose it, your out of luck.

13
cauterized 2 days ago 0 replies      
Asana, with a loosely GTD workflow
29
Ask HN: What happened to Myra?
2 points by heinrichf  2 days ago   1 comment top
1
brudgers 1 day ago 0 replies      
It might make sense to contact the developer and express your interest.
30
Ask HN: Do you support the United States' disengagement from ICANN?
6 points by ibejoeb  3 days ago   3 comments top 3
1
auganov 3 days ago 0 replies      
The whole rationale behind it is [0] to thwart attempts at creating a U.N.-run IANA or countries creating their own IANAs. Most seem to believe that governments or government-influenced entities won't really gain any significant, disconcerting powers. If so - is it reasonable to believe that in the long term it will have the desired political result?

I don't feel like I fully understand what's going to happen. So I'd definitely feel more assured if we went for a probationary period as suggested here https://www.lawfareblog.com/icann-and-iana-transition-procee...

[0] is it?

2
AnimalMuppet 3 days ago 0 replies      
Do I trust the US? Sadly, no, I don't, not any more.

Do I trust somebody like the UN? Absolutely not. Do I trust a "Global Multistakeholder Community" to not become the UN? No.

So the US running ICANN seems to me to be likely to end up less badly than having somebody multinational run it.

3
DKnoll 3 days ago 0 replies      
<canuck>Definitely, who wouldn't?</canuck>
       cached 26 September 2016 12:05:03 GMT