hacker news with inline top comments    .. more ..    1 Oct 2016 Ask
home   ask   best   3 years ago   
Ask HN: What software engineering related podcasts are you listening to?
58 points by tsaprailis  10 hours ago   23 comments top 17
OJFord 9 hours ago 1 reply      
The Bike Shed [0] is great, I think it started as a ThoughtBot podcast, but one of the two regular hosts - Sean Griffin [1] - has since left for Shopify.

I think it's great because although dominated by Ruby (Griffin is a committer on Rails, and I gather it's ThoughtBot's main language) the discussion is typically applicable to other languages, or focuses on a human element. I don't think I've ever written a line of Ruby, and I enjoy it.

There's also some Haskell discussion and more recently a lot of Rust - Griffin having created the Diesel ORM [2].

The format's great though, and as a consequence never sounds like a contrived dialogue - it typically starts as a "what have you been working on this week", and that recent real experience turns into a more general discussion around whatever it was.

I can't really recommend it enough, I only found it fairly recently, and went back through to listen to the entire catalogue of episodes.

- 0: https://thebikeshed.fm

- 1: https://githib.com/sgrif

- 2: https://github.com/diesel-rs/diesel

rgreasons 7 hours ago 1 reply      
Not all of these are "software engineering," but many of them often tie to the soft skills side of things or general development rigor.

Regular listens - shows to which I subscribe, in rough order of how excited I am to see them show up in my podcast app:

Not So Standard Deviations [0]

Immutable [1]

ShopTalk [2]

Talk Python to Me [3]

The Versioning Show [4]

Data Skeptic [5]

Occasional listens - not subscribed but regularly check for interesting guests:

Data Stories [6]

Partially Derivative [7]

I tried Software Engineering Daily last year and wasn't a big fan - based on the following here I'll have to give it another shot.

0 - https://soundcloud.com/nssd-podcast

1 - https://spec.fm/podcasts/immutable

2 - http://shoptalkshow.com/

3 - https://talkpython.fm/

4 - https://www.sitepoint.com/tag/versioning-show-episodes/

5 - http://dataskeptic.com/

6 - https://datastori.es/

7 - http://partiallyderivative.com/

no_protocol 9 hours ago 0 replies      
From my "awesome podcasts" list related to your criteria:

- Vimcasts

I have tried several tech-related podcasts, but gave up on most within a couple episodes.

One common format is a host who brings on a new guest for an hour-long interview each episode. My main gripe with these is they're too long for the amount of substance they contain.

I ended up basically scrolling the archives of these shows to pick out only the guests I was already interested in, because the random ones just weren't worth the listening time.

The podcasts I keep coming back to are concise, edited episodes of 30 minutes or less. Most of these aren't directly related to the types you're looking for, though. I'd love to know of more.

brudgers 8 hours ago 0 replies      

 StackExchange Hanselminutes SE-radio SEI podcast Cognicast Software Engineering Daily
Software Engineering Daily seems to dominate my playlist. I guess that shouldn't be a surprise.

Last year, I listened through a lot of the Changelog's back catalog. But I sort of maxxed out on it because my interest is more toward the infrastructure than the front end development tools.

billhathaway 3 hours ago 0 replies      
GoTime[0] is a Go oriented podcast that is high quality and has a new guest each week. They also touch on a lot of general topics about SWE that are relevant to a broader audience.

[0] https://changelog.com/gotime/

csixty4 9 hours ago 0 replies      
I'll start by plugging my own podcast, "The Holistic Developer" (http://theholisticdeveloper.podbean.com/). It hasn't been coming out very regularly since my son was born but I do my best to put out ~5 minute episodes every couple weeks.

Developer Tea is along the same lines, straddling between technical topics & career development.

Soft Skills Engineering is entirely focused on, well, soft skills.

Leader.team is just getting started but they seem to be a good resource for technical leads & managers.

JavaScript Jabber has great interviews.

and it's not a technical podcast, but Creating Disney Magic (Lessons in Leadership, Management, and Customer Service) with Lee Cockerell is a must-listen for me every week.

seltzered_ 9 hours ago 1 reply      
Check out the back-episodes of "this developers life" - while not too technical it dived into some human aspects of being a developer: http://thisdeveloperslife.com
definiv 9 hours ago 0 replies      
Software Engineering Daily does a good job of exploring both technical and human issues. The Changelog is a great podcast for the open source community.
williamgb 9 hours ago 0 replies      
Software Engineering Radio[0] is a useful resource for in-depth discussions on software and development practices.

Developer on Fire[1] tends to feature more personal interviews with software developers.

Software Engineering Daily[2] produces episodes at a similar rate to the previous podcast but discussion tends to be product-oriented.

Coder Radio[3] can be good fun sometimes. The hosts can sometimes be a bit over the top.

[0] http://www.se-radio.net/[1] http://developeronfire.com/[2] http://softwareengineeringdaily.com/[3] http://www.jupiterbroadcasting.com/show/coderradio/

gravypod 4 hours ago 2 replies      
This is a bit off topic but are there any funny software engineering podcasts?

Edit: funny replaced with off topic

charlesism 8 hours ago 0 replies      
Edge Cases "A weekly podcast about (mostly Apple-related) software development by Andrew Pontious and Wolf Rentzsch."


My favorite podcast because the hosts (a) are highly talented developers (b) did careful research for each episode (c) chose common Apple programming challenges as the topic for each episode.

Sadly, it died last year, and I've found nothing out there to fill its void.

alexpeattie 9 hours ago 0 replies      
It's much more niche-specific than most of the other suggestions, but I've been enjoying This Week in Machine Learning & AI (https://twimlai.com/). It feels like the field of ML is moving so quickly these days, and I think Sam Charrington does a good job of making new research accessible without dumbing things down too much (which I find most media outlets tend to do).
brickmort 9 hours ago 0 replies      
"New Rustacean" is great for anybody learning Rust. The episodes are very short (10-20 mins) and are surprisingly comprehensive, considering you're not looking at any code: http://www.newrustacean.com/
mandeepj 6 hours ago 0 replies      
I listen to DNR's latest shows as soon as I can.


kipdotcom 9 hours ago 0 replies      
A few of my favorite:1. SE Radio2. Software Engineering Daily3. Full Stack Radio
geoffroy 8 hours ago 0 replies      
The Changelog
contingencies 4 hours ago 0 replies      
Get this... none. I'm not being snarky, I'm saying I choose not to spend time filtering audio opine on untargeted areas of the profession and consider than a desirable optimization.
Can you explain the ICANN transfer?
106 points by Claudus  15 hours ago   28 comments top 10
kijeda 14 hours ago 3 replies      
In operational practice, very little will change. The staff who perform the IANA function of managing the DNS Root Zone etc. will continue to do the same job, although those staff will now work in a separate subsidiary of ICANN. One operational change will be NTIA, an agency of the Department of Commerce, will no longer be required to authorize every change to the root zone in advance.

In addition, ICANN the organization will have new accountability measures that will allow the community to challenge decisions it makes. It provides new powers like spilling its Board under certain circumstances.

One of the main drivers to change the current setup is NTIA's role above is seen as undue US government influence in what should be a purely technical operation by many. Over the years some have advocated fundamentally altering how ICANN works (like moving it to the UN) because of the US Government's influence. By transferring the primary oversight role to the multi-stakeholder community (users, business, non-profits, etc.) who have always really driven ICANN's decisions anyway, it is hoped that that criticism will go away and pressure to fundamentally alter how it works will dissipate.

jnmandal 14 hours ago 0 replies      
This transition has been in motion for over a decade now. NTIA (part of Department of Commerce) has some good material on it here: http://www.ntia.doc.gov/blog/2016/what-theyre-saying-why-its...

I think a lot of politicians (ahem Ted Cruz) are trying to frame the transition in a shadowy way to discredit the current administration, but its simply a procedural thing thats been in the works for a long while.

sp332 12 hours ago 0 replies      
Ars Technica has a pretty thorough overview. http://arstechnica.com/tech-policy/2016/09/y2k-2-0-is-the-us...

ICANN has a list of squashed conspiracy theories. https://www.icann.org/iana-stewardship-questions

textmode 12 hours ago 2 replies      
There is no "transfer" of anything. Anyone can edit the root.zone file. I use my own curated version. Great for blocking ads, etc.

But for many years no one did this, except very rarely. And the honors were left to some folks in the US, IANA/ICANN. Do not be fooled by the acronyms and the fabricated processes and formalities on the official websites. IANA was essentially one person. Bless the hearts of those who worked to create the early internet but these "organizations" derive their "authority" from nowhere. The internet is an abstraction, a term to describe different networks that cooperate.

The generally static nature of the root.zone file changed recently. It has doubled, maybe tripled in size and is now filled with TLDs such as .loans and .cologne. As well as trademarks such as .google, .microsoft, etc. These can also capture traffic from users who type strings into address bars that are not FQDNs.

ICANN charged $85K+ just to bid on these beauties; they made some very easy money. Most of them are worthless. Exit time for ICANN. :)

Now that it is filled with garbage, and perhaps anticipating some finger-pointing, it is time to acknowledge that the root.zone belongs to everyone and is managed by all countries of the world, not only the US.

The "transfer". More fabricated formalities.

The truth is that anyone can exercise control over the root.zone file, and anyone can serve it. Whether you choose to follow them or not is up to you. (Most users just let default DNS settings decide this for them.)

Similar to the early IANA, one person can do this job. I maintain and serve my own root.zone. I am the only user but there could just as well be hundreds of users. This could grow to thousands which could grow to millions which could grow to hundreds of millions which could grow to...

This is what happened with the DNS. It started out small and grew big. Believe it or not it is still not that big. I could fit all domain names in existence on consumer-sized storage media.

Thus concludes an opinion. Mildly informed.

Claudus 10 hours ago 1 reply      
I guess my concern, and as a simple question:

Right now domains like wikileaks.org and thepiratebay.se exist. Will they continue to exist in the same manner going forward? Or, in a few years, will attacks on these domains be made, and their domains seized?

I'm really concerned about this, above all.

miraj 11 hours ago 0 replies      
usually this is my 1st stop to understand current topics re: ICANN etc. ::

Milton Mueller at Internet Governance Project (1).

his latest blog post may shed some light (2).

1. http://www.internetgovernance.org

2. http://www.internetgovernance.org/2016/09/28/its-over-yestoi...

erichocean 12 hours ago 3 replies      
> "The US government has never, and has never had the ability to, set the direction of the (ICANN) communitys policy development work based on First Amendment ideas," ICANN said in a statement. "Yet that is exactly what Senator Cruz is suggesting. The US government has no decreased role. Other governments have no increased role. There is simply no change to governmental involvement in policy development work in ICANN."[0]

This is the primary issue I have with every single one of ICANN's rebuttals[1]: nothing will change (so they say), and yet, here we are, making a change.

Okay, then, here's a stupid question: why is a change being made? Ted Cruz may be an ass, but that doesn't make ICANN's position correct.

If nothing will change, they guess what? No change is necessary. If it ain't broke, don't fix it.

If something will change, then ICANN should be entirely up front about what that change exactly is. Instead, we get a bunch of denials that nothing will change, the US has no current role anyway, yadda yadda yadda, but serious you guys, we have to change this right now.

We're talking about managing the DNS system here, that's not an "insignificant" thing, as other commenters have suggested.

Yes, existing ASes can already block specific domains today. Fine. But ICANN could easily become a Title IX-type situation, where ASes are forced to block specific domain names in order to remain part of the global Internet system.[2]

It's true it doesn't police ASes that direction today, under the existing ICANN governance model, but there's (to my knowledge) no reason why that couldn't be true today (under US control), and I see no reason why adding "more stakeholders" will make the situation any less likely in the future. If anything, it makes it more likely: look at the UN. Certainly ICANN itself doesn't think it's any less likely, but here's what they don't say: with this change, it'll be extremely hard for US citizens to fix if it does come about. That's not "insignificant" to me.

[0] http://arstechnica.com/tech-policy/2016/09/y2k-2-0-is-the-us...

[1] https://www.icann.org/iana-stewardship-questions

[2] For instance, consider how the US Justice Dept. is using "Dear Colleague" letters in 2016 to force schools to adopt a less-rigorous sexual assault policy or face loss of federal funding. ICANN could apply similar pressure to ASes in the future (not funding, but zone updates or whatever).

dealthcider 7 hours ago 0 replies      
Admittedly, there is a bit of a lie by omission in the statements of ICANN. By agreeing to hand the institution over to an international stage, we are agreeing to censor access to small websites or alternate-view websites that don't conform to the standards or views of the corporation in charge of the new ICANN. In effect, we would be blocking access to small websites, limiting freedom of speech over the internet, and possibly in the future having internet access begin to mirror the same level of restrictions that television has.

Then, the international corporation would decide what websites you can access, and if the website you want to have a look at doesn't adhere to the corporation's view, it will simply become inaccessible.

There is also the question of political relevance; that is, why the urgency? Why require that this be passed during the Obama administration just before an election, and without congressional input?

To stop this? See this petition.

https://wh.gov/iMbbvWhich routes to:https://petitions.whitehouse.gov//petition/stop-icann-handov...

ALSO, an interesting side note:


pastProlog 13 hours ago 2 replies      
> What exactly is wrong with the current setup?

What exactly was wrong with the 1998 setup? ISI and Jon Postel were managing fine back then.

I also don't recall a "US control over ICANN" that could be "relinquished" being part of the original ICANN proposal. I don't think that would have gone over well with the European operators at the IETF meetings. If it had been they probably would have stuck with the CCITT's x.25 networks, Minitel and such.

erichocean 15 hours ago 1 reply      
Agreed, the blackout on HN regarding the ICANN transfer is very, very strange.
Ask HN: How to quantify that a team is overworked
8 points by ccostes  7 hours ago   4 comments top 3
FullMtlAlcoholc 1 hour ago 0 replies      
My team for essentially solved this problem by using a time tracker. I highly recommend trying out toggl
spoonie 2 hours ago 0 replies      
If you're into it, do an Agile/XP planning & estimation workflow. You can show that you are being requested to do 30 points of work per week but only achieving 20 points.
petervandijck 6 hours ago 1 reply      
Some relevant numbers could be:

- size of backlog

- overtime

- time new requests spend in queue

- cost of delays to the business

Ask HN: When are you considered a senior programmer?
207 points by lollipop25  1 day ago   148 comments top 58
misframer 1 day ago 4 replies      
I really liked this comment by @stray [0] from a similar Ask HN from a few months ago. That thread was titled "Ask HN: What makes a Senior Dev".

 Mistakes, rewrites, late nights, firefights, and deadlines. Core dumps, memory leaks, hardware faults, and plain bad luck. Big O, data flow, always learning -- or out you go. Manager metrics, schedules hectic, methodology hegelian dialectic. Taking the heat, feature creep, open office, uncomfortable seat. Holy wars, revolving doors, carpal tunnel, all you can take? There's always more. Fucking suits, random reboots, and the ever present "thousand language stare". Oh yeah, pressure -- lots of pressure. And time, time, time. Metric shitloads of time. Time, man. You gotta do your fucking time.
[0] https://news.ycombinator.com/item?id=11341567

jkingsbery 1 day ago 2 replies      
As others have said, if you're asking about the title specifically, it depends on the company. I was one of those "Senior" developers when I was in my mid twenties at a start-up, whereas for my current company it's actually pretty hard to get the title "Senior Software Development Engineer."

My experience is generally the people I recognize as having deserved the title don't _simply_ just code. Not only do they write code that works and delivers the feature in a timely manner, they make it so the next 3 features to come out in that area can be done quickly by junior developers. Not only do they code, but they make everyone around them better coders. Not only do they code, but they also think strategically about what the team needs to keep going two years from now. Not only do they deliver the project, they get everyone excited about delivering the project.

I once read someone say "there's a difference between having ten years of experience, and having the same year of experience ten times." Time is a factor, but it's also whether you've exposed yourself broadly and deeply to new technologies, approaches and experiences so that when you are in a new situation (technical or otherwise), you have patterns for how to deal (or the self awareness to know that you don't know how to deal). So, part of it is time, but part of it is spending that time wisely.

lmilcin 1 day ago 0 replies      
I think that people emphasize knowledge too much. I think knowledge is a by-product of making senior developer.

Senior developer is about wisdom as opposed to knowledge. Juniors may learn things quickly, but what distinguishes senior is that you can trust them to do the right thing which is not always technical problem.

I like to compare this to asking children a question that they don't know the answer to. Some children will feel they have to come up with some answer and some will say that they don't know.

Junior developers too frequently feel pressured to produce a result and they don't see how saying that they don't know something is making them closer to producing anything. Senior developers know from their experience that this is just as important to know when you don't know something as it is important to know things. They will not feel too bad about not knowing something because they know the alternative is even worse.

astdb 1 day ago 2 replies      
One aspect that would separate a 'senior' engineer from the rest would be initiative, leadership and mentoring ability. These are the engineers who go the extra mile to ensure that the team gets stuff done, and assistance and guidance is provided where required. A senior developer isn't just someone who knows a lot of stuff, but has a time-honed wisdom as well, which they can parlay into their leadership and mentoring duties.
TurboHaskal 1 day ago 4 replies      
When you are valuable and ask for a raise but they cannot give the amount expected because it's already Q4 so they give you the senior title instead.

It can happen even with two years of experience.

captn3m0 1 day ago 1 reply      
>The final stage of programmer evolution is the Finder. These folks are considered experts in their chosen domain (and are prudent about others). Writing Finder job descriptions is an exercise in futility. As my boss put it: I cant tell you the specifics of what youll be doing here because your first task will be to figure that out. A Finder will be able to anticipate problems before they happen, usually because theyve been in that situation before.

From https://rkoutnik.com/2016/04/21/implementers-solvers-and-fin..., which is a really great read.

peterkelly 1 day ago 2 replies      
It's a pretty arbitrary term, but based on what you've said, especially "I don't fancy the new and shiny. I just get things done fast and done properly", would be enough for me to label you a senior programmer.

Our industry is way too obsessed with fashion... sooner or later you realise that most of the "new" stuff is largely existing ideas re-hashed in a slightly different form. Senior programmers realise this and can pattern match to understand the role of various new technologies, and learn the details if and when necessary.

How do you get there? You already are, you just don't realise it yet.

edw519 1 day ago 3 replies      
Whatever it takes to best satisfy your customer. That's it.

No, I'm not being snarky, so hear me out...

I've met and worked with many developers over the years and lots of them have become very good with technology and user domains, but still have struggled to "crack the digital ceiling". These are brilliant people who have achieved serious things, but are still not recognized by the big decision makers as "senior", whatever that means.

Then there are a select few who always get the big gigs, big money, and big reputations. Why? Because they best satisfy their customers. There are lots of non-technical skills that help them, but I think the biggest is their ability to separate the signal from the noise and zero in of the most important things to work on and to get them done. It's almost like they have "satisfiability radar". And this rarely requires any special technical or people skills. All they really have to learn is a good grasp of the technology, a deep understanding of the customer's domain and business, and the ability to get things done through others. And how did they develop them? By good old fashioned grunt work, whether digging into the bowels of the system or getting up off their butts and relentlessly going around finding out whatever they needed to know.

Once you've figured out the best thing(s) to work on to best satisfy your customers, got them onto the decision makers' radar, and found a way to get them done one way or the other, you are no longer a dev or even a senior dev. You're now a digital rainmaker, the most senior dev of all.

jobvandervoort 1 day ago 2 replies      
At GitLab we have a formal definition for senior engineers [0] (where we accept merge requests, of course).

1. Technical Skills a. Great programmers: are able to write modular, well-tested, and maintainable code b. Know a domain really well and radiate that knowledge

2. Leadership a. Begins to show architectural perspective b. Leads the design for medium to large projects with feedback from other engineers

3. Code quality a. Leaves code in substantially beter shape than before b. Fixes bugs/regressions quickly c. Monitors overall code quality/build failures d. Creates test plans

4. Communication a. Provides thorough and timely code feedback for peers b. Able to communicate clearly on technical topics c. Keeps issues up-to-date with progress d. Helps guide other merge requests to completion e. Helps with recruiting

[0]: https://about.gitlab.com/jobs/developer/#senior-developers

scotty79 1 day ago 0 replies      
I became a "senior" when my financial expectation were higher than the maximum salary of non-senior developer at a company that tried to hire me.

They were forced to offer me position of senior developer and no other company after that dared to offer me lower position.

Steeeve 1 day ago 2 replies      
My personal definitions:

Junior: Can do it with guidance and/or clear and non-transitional specs

Developer: Takes the ball and runs with it. Can walk a customer through requirements gathering and make recommendations. Will help guide junior developers.

Senior Developer: Can architect a system well. Can communicate equally well between executives, salespeople, management, and end users. Can and will mentor lower level developers. Can explain concepts on the fly to lower level developers and walk them through the development process in terms they understand. Takes initiative at learning new technologies.

gibb0n 1 day ago 0 replies      
1) When you drop everything you are doing to mentor other developers

2) When you get asked by the business to do something you question what they are asking and the motivation, and then determine the best course of action based on their motivation rather than delivering the specific task they asked.

That's it really, it's nothing to do with your coding ability but more to do with your mentoring ability and problem solving skills. This is what is valuable to your colleagues and the business. Any answer related to coding ability is missing the point, it's important, but after a few years most people are the same programming level - it's just some people can help at the team or business level which is what makes you senior.

intellectronica 1 day ago 0 replies      
A "senior" is a someone who provides about 10X in value and earns about 2X in salary :)

More seriously, except for very big and very hierarchical orgs where tenure is overly important, people will tend to give you the senior title when your work is indispensable. To be indispensable you don't need to know by heart this technology or the other - you need to identify what are the things that bring the most value and work hard at delivering them.

jakecarpenter 1 day ago 2 replies      
To me, it is about what they are able to create independently, and the value of the end product.

Senior people have made the right mistakes, wasted weeks of time, and know what to avoid, what to embrace, and what to ignore. A senior dev can understand the requirements and figure out what is important and deliver something without a lot of external input.

robotnoises 1 day ago 2 replies      
Fun story, I just found out yesterday during my annual performance review than I am a Senior Software Engineer. No, not a promotion, but rather I have always been one. It was simply an HR mistake that my title did not reflect it and no one realized that I didn't know.

So to answer the original question: it is impossible to know.

wmu 20 hours ago 0 replies      
I like this joke: A junior programmer thinks he knows everything. An intermediate programmer thinks he knows nothing. A senior programmer hates computers.

> But I feel like I'm always a step behind the rest.

Don't look at things in this way, low self-esteem is the worst you can get. There are always people better than us, but their skills and knowledge weren't conjured up. Even extremely talented people need time to learn. And if you don't feel like learning new things may make you better, why to feel guilty? If you're not a Java programmer, why to feel bad because you don't know Spring or other details perfectly? You wrote you do things fast and correctly. So you're better than, say, 90% developers who work slow and produce crap. :)

amcrouch 1 day ago 0 replies      
To me the senior title should be applied depending on the way you approach your role and not how you code.

As others have mentioned as a senior you can be left to implement changes without guidance, you will clean up issues as you come across them instead of leaving it to others, you suggest improvements, you make time to mentor and guide more junior members of the team, you know how to relate to muggles and you act like a team captain.

Knowing lots of different hosting environments and languages comes with experience. The approach you take to your role show's your all rounded skill set.

mmirza984 1 day ago 1 reply      
Well usually companies have their own view on seniority, and it could include how many years you have been there, but for what its worth for me a senior developer is a person who has experience with all stages of application development, which should imply that she/he can: - design and understand client/server architecture, - write code using best practices that is clean and maintainable, - knows database design and programming - understands design patterns and knows how to not abuse them, - knows how to deploy application and has experience with CI. - knows how to write proper unit test.

To sum it up I will use .NET as an example, in my eyes when someone says I am a senior .NET developer I assume that she/he has: - used UMLs, - knows how to write proper OOP and understands SOLID, - can use MS SQL and some kind of ORM, - uses some of the testing frameworks (e.g. NUnit), - knows how to deploy application whether on IIS, or install it with ClickOnce for example. - know how to handle source versioning (TFS or whatever is your poison)

I probably missed a few things, but that's about it for me. If a senor doesn't have these skills I assume first that she/he has great knowledge of company business which would make her/him a valuable asset, or that she/he got lucky, or it's a crappy company :)

philbo 1 day ago 0 replies      
This is kind of tangential, but a couple of jobs ago I decided to actively purge all job titles from my CV/resum. Officially, I'm currently a senior and have been in the past, but there have also been jobs in between where there was no "Senior" prefix in the title.

My main problem with thinking about developer roles in this way is that there's obviously no standard for what constitutes seniority. It varies between and sometimes within organisations. Advertising it, glorifying it, striving to achieve it, all take the focus away from far more interesting things that you can say about yourself and aim for.

Are you working on interesting projects? Are you learning new stuff? Are you being challenged technically? Are the other people on your team good developers? Do you enjoy what you do?

Seniority as an end in itself seems like a hollow objective to me. And making a big deal about it in a recruitment context takes the focus away from more meaningful topics.

christouphair 10 hours ago 0 replies      
Assess the new and shiny technologies and learn the ones that seem promising.

1 year later new and shiny will become the standard, there will be thousand of beginners and you'll be one of the few "senior" developers on that technology.

Of course you'll already be learning the new and shiny that will become the standard 1 year later.

kasey_junk 1 day ago 0 replies      
None of those things sound like things I correlate with being a senior developer. Knowing any particular set of skills isn't what I look for anyway.

To me the things that make a senior developer are:1) you give them a project, even an ambiguous or large ones, and expect it will work out fine.2) they have been around enough different situations that they likely aren't going to be thrown for a loop by new challenges.3) they mentor their fellow less senior developers.

To get there you need 2 things:1) bare time, you just have to put in the time2) variety of projects - if all you have is a bunch of time on the same problem you are unlikely to have developed the breadth of knowledge you need.

jkot 1 day ago 1 reply      
In my experience:

- you are technically competent

- can handle design aspects of full stack (backend, persistence, frontend)

- have enough credibility and confidence to say NO to business people

- you can lead a small team of developers (2 to 5 people)

source99 1 day ago 0 replies      
Check out this recent thread: https://news.ycombinator.com/item?id=12557149
aburry 1 day ago 0 replies      
I would say it is about sphere of influence. Are you inward looking and focused on developing your own competencies? Junior. Are you mentoring people on your team? Intermediate. Are you providing direction for the company or the industry at large? Senior.
SpendBig 1 day ago 0 replies      
Being a senior developer is not just having a great skillset. You need to be able to manage your work in a way the business values it. You need to interact with all sorts of people in the company you work for and help other teammembers rwaching the same level as you.

Our senior developer is always thinking about the business value when estimates are made vs quality. He even does not do alot of softwae development, but is always asked to help out other developers, system engineers and even management to give advice.

To be able to do that in a professional way, your vision plus skillset makes you a senior imo. Not just the years of experience and amount of skills you have.

z3t4 1 day ago 1 reply      
I would consider you a senior programmer? Mainly because you know that you do not know much. While a junior or intermediate programmer think they know everything.There are of course more to it, like when you are stuck on something; you ask the senior programmer, that will probably have solved it ten times in the past. Or if you want to know what the best method is to do this, you ask the senior programmer, that have done it hundreds of times and thus found out the optimal way, with all edge cases included. So I would say it's mostly about experience, and then expertise.Also, a senior programmer should have gone though at least two paradigm shifts.
supercoder 1 day ago 0 replies      
When someone gives you the title.
BurningFrog 1 day ago 0 replies      
It's mostly just a title on a business card and/or org chart.

Some times it's given to people instead of money.

Don't worry about the title. Worry about getting good at what you do, and an asset to your team and organization.

fowlerpower 1 day ago 0 replies      
I think a senior engineer has to know a few things.

They have to have the basics we all need as engineers simply to pass the interview process. The data structures and algorithms, Big O and be able to walk through systems they have worked on in the past and the trade offs they made and why.

Then on top of the basics I look for a few more things. Usually the understanding of multi threading, multi process, asynchronous programming is very different between junior and senior folks. I dive into distributed systems and see if they have any exposure. I dive into multi paradigms and how deep their knowledge is in their respective toolset they have listed on their resume.

I don't necessarily think you need to know multi threading in and out, or distributed systems in and out, or your tool set in and out. You certainly need to know one or two of those though. You need to have some body of work you can speak very well to, this is a huge indicator of seniority. Mentorship and all the other things that go with that help differentiate as well between junior and senior.

I don't think there is a hard rule anywhere. Different folks will look for different things and at least where I work those things I listed are very important differentiators.

pastorelli 3 hours ago 0 replies      
When you can build and operate a multiple-cloud system using only assembly and gwbasic...
dvcrn 1 day ago 1 reply      
I'm also agreeing with leadership and mentoring. Be able to make unbiased technical decisions, troubleshoot systems / apps and get up to speed on new projets independently fairly fast. Have confidence in what you do and don't ask about everything.

A solid general code understanding is also needed in my opinion. This includes things like using documentation over googling everything. If I pair with a senior and he types "golang how to do x" on every problem, I probably wouldn't consider him senior. (Not saying googling is bad. Just don't be a copy-paste-from-stackoverflow engineer)

With that, I also hate the term "senior engineer". I got friends with 3 years of work experience that are now "senior" because a company hired them under a senior position (basically more salary) and the companies after that just did the same because "well he already is a senior, right"? This also generates a strong in-balance inside the team with a hierarchy that shouldn't be there. I am usually advocating for getting rid of job titles and calling everyone just "Software Engineer"

I am now 6-7 years into my career and don't consider myself senior. When people in interviews ask me what my career goal is, I usually mention I want to be able to consider myself senior as the next step.

ta998877 1 day ago 0 replies      
This is by far the best article I've ever read on the subject. http://www.kitchensoap.com/2012/10/25/on-being-a-senior-engi...
aisofteng 23 hours ago 0 replies      
Based on my experience at about five different successful companies, a senior engineer is not someone who has a title declaring them as such but is a person you go to when considering something completely new that needs to be created from scratch because you know he could do it if asked to, do it in a way that will leave something another team can pick up if necessary, and do it well.
stevesun21 1 day ago 0 replies      
I think a lot of programmers stucked into programming language/framework trap keep learn new lanaguages and new frameworks to make yourself believe you have more exp, but this just make your skill more like learn drive different brand cars. Even myself in this trap for really long time.

The true power to make you senior is how you train your brain to think and abstract. This will boost your capability of design rather than just coding

jwaldrip 1 day ago 0 replies      
A senior developer doesn't say things like "I don't know how", they simply figure it out and do it. A true senior developer is fearless, but also pragmatic.
chx 1 day ago 0 replies      
Sr can tell to jr: I have already made the mistake you are about to make.
mping 1 day ago 0 replies      
Depends if its senior with a specific technology (ex: senior rails programmer) or generally senior programmer.

I consider senior someone who:- knows how to mentor juniors- knows his way around tech, even if he never used a particular product- most important, can communicate effectively with stakeholders and devs.

The best "senior" is the one who nags everyone to get stuff moving forward. Doesnt mind getting his hands dirty and going by people's desks to make sure the team delivers.

You may need to brush up your marketing skills in order to promote yourself as senior. Don't get impressed by people that know stuff.

ghuntley 1 day ago 0 replies      
Leadership and mentoring. When they can write great documentation (without prompting) and http://softwareleadweekly.com/ becomes their favourite weekly read. When they come to you with improvements outside of the technical domain on how to improve shop and even better when it's just a side chat about what they have already improved and what went well, what didn't and what they learned (self-awareness). When they stop treating promotions like mechanical checkboxes.
jjn2009 1 day ago 0 replies      
I read some where the definition to be as a software engineer who's primary role is to reduce risk. This sounds like a solid benchmark to me since this usually entails that although you may not have a lot of knowledge about the latest JavaScript framework but instead have deep cs fundamentals knowledge which would allow you to mitigate software risks in most environments.
k__ 1 day ago 0 replies      
In Germany this isn't a thing, but when applying for a few jobs in the UK most employers considered me senior after that interview. Still didn't get the jobs, because I failed their programming tests.

Since I started programming my work-behaviour changed from asking people all the time when I don't know what's happening to reading their code.

I think developers are considered senior if they can work on their own.

Like, if you get all the engineering practices of designing, implementing and maintenance done without much help.

Prad 1 day ago 0 replies      
Senior developer is just very difficult to define. You could define it based on the amount of time worked at a certain job, your skills, your ability to mentor. The definition could be different for various businesses and their employees.
vassilevsky 1 day ago 1 reply      
When you learn Erlang.
noonespecial 1 day ago 0 replies      
Skill is knowing how to operate Amazon, "senior" is knowing when you probably shouldn't.
_Codemonkeyism 1 day ago 0 replies      
As a CTO or team lead senior programmers to me were those who understood the business and the businesss side of things and could make trade offs (beside the technical experience).

Another aspect that seperates seniors is their ability to talk and present to senior or top management.

sakopov 1 day ago 0 replies      
In my experience a senior developer is someone with 10+ years of experience in architecture and development and a pretty vast amount of accumulated knowledge. There are exceptions of course, but this seems to be fairly standard in my market in the Midwest.
DracheZahn 10 hours ago 0 replies      
When you salary demand exceeds the threshold of a standard programmer.
chrisseaton 1 day ago 0 replies      
My very first developer job after graduating was a 'senior member of technical staff' so who really knows.
Nursie 1 day ago 0 replies      
When you have to talk to a customer.

Seriously, I worked for a place where thay was the rule.

Titles are somewhat meaningless. Apparently I'm a consultant these days...

ohgh1ieD 1 day ago 0 replies      
I guess ... Once you realise that you don't want to be a senior or a developer at all.
sigi45 1 day ago 0 replies      
You have seen a few projects and different teams. A few years of practical experience is necessary.
ilaksh 1 day ago 0 replies      
When they have to pay you more than the junior devs. Note that isn't necessarily because of skills or knowledge.
balabaster 1 day ago 0 replies      
You will never have enough time to learn everything and be all things to everyone. Get this idea out of your head right now or you will never find happiness.

Senior is the difference between keeping your eye on the big picture and helping to move your team forward to the objective in a timely manner to achieve the business objectives that drive the company forward. It's the ability to step up and lead your team when called for. It's the ability to make decisions balanced between what's technically right in the short and longer term without losing sight of the end goal.

Never forget that you're not paid to deliver software just to deliver amazing software. The software you deliver is a tool, a means to an end. That may be to cut costs, it may be to increase profits, it may be the lifeblood that your company's stock price hangs on.

A junior developer may be amazing with the tools provided and may have some good architectural sense. They may need some, or a lot of hand holding. A junior developer generally has their head in the code most of the time and may but probably shouldn't be expected to understand or care about the objectives of the business as a whole. You give them a feature to develop and can largely expect that they will need all of the dependencies to hand. They may have a good handle on debugging and unit, integration and functional testing or this may be something they need to learn. This is OK.

An intermediate developer can be given objectives regarding code and architecture and left to their own devices and trusted to deliver on their objectives in a timely manner. By this time, you should expect to at least understand the business objectives and be able to think critically about the code they're providing in order to meet those objectives. I would expect an intermediate developer to have enough of a clue about architecture that handed a feature requirement and some architectural direction for how to integrate it, they could architect it competently and integrate it and know where to go to ensure any dependencies are satisfied. They will have a good handle on debugging and at least unit and integration testing. They may have a good handle on functional testing and debugging production code.

A senior developer is someone in my mind who who can be trusted with the business objectives, can chase down architectural advice, from an architect or UX input or whatever else they need to get the job done; they can communicate effectively with stakeholders and the business; they can be expected to dig in and fill any gaps that would prevent delivery or cause problems in production. They can delegate pieces appropriately and deliver what is expected in the allotted time frame. They may be someone that can step up as team lead/team manager, or lead from the back and be the glue that gives the team cohesion. They can be expected to have the discipline to take care of things properly when nobody is watching. They can be expected to help debug production issues and be among the first to muck in when the shit hits the fan to help resolve production issues.

So you see, the difference between junior, intermediate and senior doesn't have an awful lot to do with code or tools. You will expected to either be or become a master of your tools whether junior, intermediate or senior. You will be expected to do this on the fly, on the job, regardless of everything else that is going on around you. This is part of being in this industry. You will be expected to keep up with the codebase and dig in and understand it at whatever level you're at. These are all prerequisites for your job as a developer, they are not a prerequisite for your title. There's a big difference.

If you want to make the jump from junior to senior quickly, here's my advice: Find the most gnarly difficult problems your company is having and dig in and help solve them consistently. When you've put yourself through the wringer; when you've suffered the late nights, the stress, the anguish about whether or not you've got what it takes to do this job. Do this until you get to a point where you think you've seen every last problem that could possibly occur, and despite that, something else hits you out of left field and knocks you clean off your feet. Do this until when this happens, you just get back up and keep going. When you get knocked down and get back up when everyone else would say fuck it, when you can be trusted to make shit happen when everyone else would say fuck it - this is when you can call yourself a senior developer.

"Out of the 39 000 men and women that make up the United States Coast Guard there are only 280 rescue swimmers. This is because we are the Coast Guard's elite. We are the best of the best. When storms shut down entire ports, we go out. When hurricanes ground the United States Navy, we go out. And when the holy Lord himself reaches down from heaven and destroys his good work with winds that rip houses off the ground, We. Go. Out." - Ben Randall, The Guardian

Live by example.

gambiting 1 day ago 1 reply      
I work at a major games company. For us, a "senior" is someone who can, on their own, design, implement, document and maintain a feature. An "intermediate" is someone who can do the above but with mentor help from a senior.

Above that, it depends what you want to do. If you fancy managing people, you can be a team/tech lead, or if you don't, then there is the title of "expert"(only a handful of programmers who worked here 10+ years have those).

squozzer 1 day ago 0 replies      
Senior = most senior dev in the building.AKA Designated Survivor.
known 1 day ago 0 replies      
Depends on % of code you reuse.
partycoder 1 day ago 0 replies      
Engineer seniority has a lot of variance.Some do it based on years of experience, ranging from 5 to 10 years and that would differ from company to company.

In my understanding, a senior engineer is an engineer that can contribute without the need for technical supervision.

Now, not requiring supervision is different to leadership. A senior engineer is often an individual contributor, not necessarily a team technical leader.

anonymoose321 1 day ago 0 replies      
After 60?
navyad 1 day ago 2 replies      
sometimes these title can be dangerous.
Ask HN: What is your favorite Google chrome extension?
61 points by ne01  21 hours ago   99 comments top 62
joshschreuder 18 hours ago 1 reply      
captn3m0 18 hours ago 0 replies      
- Markdown Here - Lets me write emails in markdown (http://markdown-here.com/)

- HTTPS Everywhere - by EFF, works alongside the HSTS preload list to improve HTTPS coverage (https://www.eff.org/https-everywhere)

- Privacy Badger - By EFF again. Blocks scripts. (https://www.eff.org/privacybadger)

- Send to kindle - Sends articles directly to my kindle (https://www.amazon.com/gp/sendtokindle/chrome)

- iReader - Quick and easy readability extension that lets you read badly formatted extensions. (https://chrome.google.com/webstore/detail/ireader/ppelffpjgk...)

codegeek 13 hours ago 0 replies      
mod 12 hours ago 0 replies      
One I didn't see mentioned already: I use something called EditThisCookie.

I'm sure it has many features, but I just use it to quickly delete cookies for one site, primarily on my development sites.

I use it a couple of times a day, probably.

Most common use case: I switch rails projects, and being on the same localhost:port address, it tries to use my other cookies and causes problems. I delete them in 2 seconds.

joelg 20 hours ago 4 replies      
Papier - replace your new tab page with a markdown scratchpad. Dead-simple, local, and beautiful.


Visual History - augment back/forward with tree-like hierarchy navigation (disclaimer; made this one)


arnvald 20 hours ago 3 replies      
Vimium - I can't imagine using my browser without it anymore. I use it to:

* move around the page

* click on links

* opening new page from browsing history

* refresh page

Basically the only time I need to use mouse or trackpad are pages that have incorrectly marked links (they just add some on-click behaviour without marking element as link)

spenvo 20 hours ago 0 replies      
Kiwi Conversations - checks for HN, Reddit conversations based on the URL you're on (manual research mode by default, but auto-check is available) - also checks Product Hunt and Google News. https://chrome.google.com/webstore/detail/kiwi-conversations...
pentium10 19 hours ago 0 replies      
Lazarus: Form Recovery - Autosaves everything you type so you can easily recover from form-killing timeouts, crashes and network errors. https://chrome.google.com/webstore/detail/lazarus-form-recov...
garygaspar 19 hours ago 1 reply      
Completely new screenshot tool =>

Marker - https://getmarker.io .

This Chrome extension allows you to capture a screenshot, annotate it and create a GitHub issue, a JIRA issue or a Trello Card without leaving your page

It's pretty powerful for bug reporting.

Disclosure: I'm the founder :)

lucd 12 hours ago 0 replies      
Switchy OmegaProxy switcher with autoswitch ability (according to url) https://chrome.google.com/webstore/detail/proxy-switchyomega...

ScreencastifyVideo capture from desktop/tab/webcamhttps://chrome.google.com/webstore/detail/screencastify-scre...

The Great SuspenderAutomatically suspends unused tabs to free up system resourceshttps://chrome.google.com/webstore/detail/the-great-suspende...

Open ScreenshotCan capture an entire page, even if bigger than screenhttps://chrome.google.com/webstore/detail/open-screenshot/ak...

henry_flower 19 hours ago 2 replies      
I generally try not to use any, because for some reason I can't force myself to trust an extension w/o looking into its code--the process that eats too much time.

So I have only 5 of them installed.

From chrome web store:

* blank ntp (shows a blank page, rather than the chrome default)

* ublock origin (duh)

Not from the web store (I "trust" them, for I wrote them):

* copy_anchor_text

* dereferrer

* hn-dweller

sigvef 8 hours ago 1 reply      
Shameless plug: Zombocam. It adds filters and effects to any webcam stream on any page! We just launched: https://www.zombocam.com
citeguised 19 hours ago 0 replies      
BKMRKS - Simple New-Tab-Page for displaying Chrome-Bookmarkshttps://chrome.google.com/webstore/detail/bkmrks/fdlkakjjmff...

Full Page Screen Capturehttps://chrome.google.com/webstore/detail/full-page-screen-c...

harman28 17 hours ago 0 replies      
- Session Buddy (https://chrome.google.com/webstore/detail/session-buddy/edac...) - What you need to recommend to all your friends who have 50 tabs open and a fear of losing them.

- Pocket (https://getpocket.com/chrome/) - To read something later.

- Pushbullet (https://www.pushbullet.com) - Less wonderful since they make Universal Clipboard a premium feature, but still the most graceful way to get content across from phone to laptop and back.

- Better History (http://better-history.com/) - Because let's face it, Chrome history sucks.

- Any.do (https://chrome.google.com/webstore/detail/anydo-extension/kd...) - I've stopped using the app on my phone for most part, but this extension is still easier to use than adding things to your calendar.

no_protocol 21 hours ago 1 reply      
uBlock Origin

Without it, the web is a totally different place.

cdvonstinkpot 9 hours ago 0 replies      
The iGive button [1], it automatically donates $ to the charity of my choosing when I shop online.

[1] https://chrome.google.com/webstore/detail/igive-button/igcjd...

hawski 19 hours ago 2 replies      
All my extensions are like a handicapped version of Firefox feature or extension.

Dynamite [1] - right click on anything than Dynamite / Hide element or selection and it removes a DOM element that was under cursor. Sometimes you have to to this several times to remove something. Firefox has Nuke Anything Enhanced [2]. It allows me to:

- get behind obnoxious popups with no visible close button

- get through dumb subscribe-wall

- remove annoying floating navigation bars (really handy if you like to resize browser windows like me)

The Great Suspender [3] - it unloads tabs unused for specified time and allows to reload them on click. I forgot which one I used on Firefox.

FooTab [4] - blocks loading of tabs on startup - it would be great if The Great Suspender would do this (Firefox do this by default).

I use uBlock Origin and HTTPS Everywhere, but that's just baseline.

[1] https://chrome.google.com/webstore/detail/dynamite/djoedchmh...

[2] https://addons.mozilla.org/en-US/firefox/addon/nuke-anything...

[3] https://chrome.google.com/webstore/detail/the-great-suspende...

[4] https://chrome.google.com/webstore/detail/footab/anbodogikfb...

bartligthart 19 hours ago 1 reply      
I like the Momentum extension.

Each time you open a new tab you see a nice picture.


ivan_ah 15 hours ago 0 replies      
Video Speed Controller: https://chrome.google.com/webstore/detail/video-speed-contro...

After installing this, you can adjust the playback speed by 0.1 increments on any HTML5 video element. Works great for lectures and talks. I often watch some videos at 1.5x, 2x, and sometimes even 3x for exceptionally slow speakers.

vsax 13 hours ago 0 replies      
https://www.opentest.co/ - for recording videos, audio

http://www.gettoby.com/ - for saving bookmarks easily.

http://www.unwander.com - for saving places from Trip Advisor, Yelp etc directly to a Trello type board.

xeniak 19 hours ago 0 replies      
Auto Copy: Automatically copy selected text to the clipboard. Has options for copying as plain text; including the URL in the copied text; etc.


Tab Snooze: Close unnecessary tabs and make them magically reappear when you need them.


rkeene2 14 hours ago 0 replies      
CACKey ;-)

Trying out Falcon, keeping the exclusion list updated has been slighty more work than originally estimated.

Proxy Switcher, to access some sites though an SSH proxy automatically

alexmorenodev 12 hours ago 0 replies      
Livestyle: https://chrome.google.com/webstore/detail/emmet-livestyle/di...

A little buggy, but saves a lot of time while developing a new site.

guitarbill 19 hours ago 1 reply      
h264ify - force youtube to use h264 instead of the VP8/VP9 codecs. Unlike h264, which can benefit from hardware decoding, VP8/VP9 are completely done by the CPU, so they eat battery like crazy on laptops.
afarnoosh 19 hours ago 0 replies      
SurfingKeys - "...keyboard-based navigation and control of the web in the spirit of the VIM editor."


hs86 18 hours ago 0 replies      
Tabs Outliner: https://chrome.google.com/webstore/detail/tabs-outliner/eggk...

Something like Tree Style Tab but TO shows a single tree for your entire browsing session instead of just the current window. Its cloud backup allows me to sync my tree hierarchy across my devices.

wingerlang 20 hours ago 1 reply      
Google dictionary - double tap anything and it shows definition or translation.

"Click to remove element" - Remove any html element.

"Fix fixed" - remove sticky headers

And various adblockers I guess.

DYZT 18 hours ago 0 replies      
BriefTube - It's a chrome extension that provides TLDR; for long videos. It works well on Youtube, Coursera, Edx etc.


note: I'm the proud developer of BriefTube.

Eduard 19 hours ago 1 reply      
Postman and its Http interceptor. fiddle with http requests, manipulate which headers are sent. even intercept Http requests and change values on the flight
andyjohnson0 19 hours ago 0 replies      
Strict Workflow [1].

Allows my monkey brain to actually get some code written when I'm connected to the chasm of infinite distraction that is the internet.

[1] https://chrome.google.com/webstore/detail/strict-workflow/cg...

jesperht 19 hours ago 0 replies      
Tabby Cat - beautiful cat illustrations/animations each time you open a tab: https://chrome.google.com/webstore/detail/tabby-cat/mefhakmg...
aorth 19 hours ago 1 reply      
UTM Stripper removes tracking tokens from URL query parameters before sending network request. Uses an internal 307 redirect before requesting the resource.


ladino 18 hours ago 0 replies      
parkhmp7 20 hours ago 0 replies      
Liner - Highlight and save your favorite texthttps://chrome.google.com/webstore/detail/the-only-webpdf-hi...
ohadron 20 hours ago 0 replies      
aurora72 19 hours ago 0 replies      
When angular.js first came out, a chrome extension was released which displayed popular hacker quotes like "ship it" " when new tabs were opened. What was the name of that extension? I can't remember that after I sold my Mac mini, but that was my favorite.
dutts303 19 hours ago 1 reply      
http://www.nomorvom.co.uk is indispensable if you order takeaway from just-eat. it adds UK food hygiene scores to the search results.

Full disclosure: I wrote it, but it is open source and totally free.

_some_guy 19 hours ago 1 reply      
Anyone could recommend any good gestures extensions? That's the only thing keeping me on the Firefox right now. I tried a bunch of the most popular ones, but rocker gestures (prev/next tab) almost never works as intended :(
agnivade 18 hours ago 0 replies      
Along with all the excellent options posted here, just wanted to recommend - "Ink for Google". It gives a material design look and feel for all google related sites.

Its Pretty good. Especially on youtube.

kungfudoi 13 hours ago 0 replies      
HTTPS Everywhere, Privacy Badger, uBlock Origin
viraptor 20 hours ago 0 replies      
HackerTagger - Lets you tag people on HN if they're interesting in some way. I've also got tags for anyone who mentioned they're founder of X, for future context in comments.
messWasTaken 16 hours ago 0 replies      
Boomerang for gmail: Allows you to schedule messages to be sent or returned at a later date. https://chrome.google.com/webstore/detail/boomerang-for-gmai...
cezary 18 hours ago 0 replies      
uBlock Origin, TabAttack and The Great Suspender.

Another is one I wrote and use to read articles without seeing paywalls. It got pulled off the chrome web store as it started to pick up users, but you can still install and run it in developer mode: https://github.com/cezary/bypass

du_bing 19 hours ago 0 replies      
SwithyOmega: to break the Great Firewall

Lightshot: to capture some part of the page as png

Google Transalte: to understand others

Adblock Pro: to block ads cruelly

RexM 19 hours ago 1 reply      
Georgify - alternate CSS for hacker news.
mattnumbe 20 hours ago 0 replies      
AdBlock is a given but I really like rikaikun which translates Japanese kanji on hover.
duiker101 19 hours ago 0 replies      
Papaly.com it's a bookmark dashboard it's very fast and comfortable.
tajen 19 hours ago 0 replies      
Awesome Screenshot Minus What does everyone else use to make nice screenshots?
waqasaday 20 hours ago 0 replies      
rasz_pl 18 hours ago 1 reply      
-ContentBlockHelper (instead of uBlock/Ghostery)


jbverschoor 19 hours ago 0 replies      
adblock plus

adblock for youtube

the great suspender

quick javascript switcher

joesmo 13 hours ago 0 replies      
Quick Javascript Switcher (turn off JS by default and only enable for the few sites needed).
Oras 14 hours ago 0 replies      
- AdBlocker

- Pocket

- Any.Do

- ProductHunt

- FlickrTab

hoers 18 hours ago 0 replies      
- uBlock (of course)

- Vimium

- YouTube Ratings Preview

- Remove Google Redirection

- TrackMeNot (sends random queries to search engines)

- uMatrix

- HTTP Headers

- Vanilla Cookie Manager

- Project Naphta (on the fly OCR for images)

abrootzi 18 hours ago 0 replies      
I use Brieftube to skim through long youtube/coursera videos or to pinpoint to a specific memorable frame in a video I once watched (e.g. obama laughing at bernie at white house gathering). Brieftube runs fast, and creates a nice table of contents which also allows easy searching in the sub titles

(currently, extension seems to work only for videos accompanied with english subtitles)


I Am Sam Altman, President of YC Group. AMA
336 points by sama  3 days ago   431 comments top 136
kriro 2 days ago 3 replies      
Could you outline the exact reasoning why YC still believes SV is the place to be for a startup. I've never heard any explanation that went deeper than "well investors are there and network duh"

It seems very broken that IT specifically should be bound to a physical place. Are there any plans to innovate in this regard or any research YC is doing?

mieko 3 days ago 3 replies      
I've been running an east-coast-but-middle-of-nowhere startup, primarily implemented by myself, and self-funded, with the occasional with help of random one-off contractors in the hospitality/IoT space for two years now. Basically during off-hours from a (pretty successful) day job in a non-tech company I started years ago.

My choke point has always been finding another technical-minded parter that gets the industry. Every time I've seen the YC application season roll around, I've thought it'd be a perfect fit for applying to YC, with the connections and clout that come with it. What's stopped me, even at my half-assed pace, was the chance of the huge ego/momentum hit of getting rejected, considering it's still a labor of love (although profitable).

I have a handful of customers that are already paying monthly for "The Vision Lite" at discounted prices: just enough for me to continue development. But larger competitors are sure to move more aggressively into the area over the next year or so, before my current trajectory can deliver on the "this is Star Trek-level shit" experience I've got planned. I'm sure I can grow my customer base at a moderate rate, but I'm not sure I can keep up once the field gets serious against better-funded competitors.

Where do you think the tipping point is between the Basecamp-style "Just get profitable, stay profitable, and move forward" model vs. "Take VC money and turn a two-year schedule into a six months, and get entrenched while you can?" (Fred Brooks notwithstanding)

davemel37 2 days ago 1 reply      
It seems half these questions are from Single Founders. Considering YC's interest in experimenting with who and what they fund...

Has YC ever considered a class of only single founders and trying to solve the problems YC anticipates with single founder startups (i.e. emotional support, etc...)

It seems to me that the demand is there, and the potential for single founders to succeed is certainly possible... why not experiment putting together a track that "fills in the blanks" for singe founders much the way YC does with legal and accounting for startups to get started.

Edit: I recognize the signaling issue of not being able to convince a cofounder to join, etc... but sometimes signals are just noise.

leroy_masochist 3 days ago 2 replies      
Do you plan to allow future YC teams to attend the program remotely, or with a greatly reduced expectation of spending time in Mountain View?

I get that SV is a great place to start a startup, all things being equal. But there are a lot of great opportunities that are 8-12 time zones away. And leaving your customers alone for 3 months -- especially if you are trying to grow rapidly during those 3 months -- sounds very risky. Additionally, the money spent living in SV for three months could otherwise be spent on working capital; this is extra true in developing markets where costs are lower.

In the absence of a formal policy change re: moving to SV for 3 months, would you be willing to extend a bit more leeway for founders who really want to get their companies into YC but don't want to spend too much time away from the customers they're trying to please?

watermoose 3 days ago 2 replies      
Sam, thanks for taking the time to talk with us. I hope it's ok, but I've got a few questions about something not directly related to YC applications.

As a middle-aged developer, I've seen a lot in my lifetime, but I believe that right now, even though in some ways I'm much more hopeful for the future than I've ever been, I feel like there are many huge time-bombs out there in the world that make focusing on a startup just to have a chance to become financially successful a petty and, for some, a possibly futile ordeal.

For example: political divisiveness/change/chaos, scary world leaders and potential world leaders discussing/threatening/testing nuclear weapons, wars for and against religions involving terror, causing mass death, spawning racism and restricted freedoms, other random shootings/acts of violence, discord and violence between people that are racially targeted and those who want to serve the public to protect people regardless of their race, terrible diseases/epidemics some without cures or growing resistance to cures that we've long depended on, weather related natural disasters, economic troubles, etc. The list goes on and on.

Given the climate of the world today and all of our problems, what things do you want to see- not just in the startups that you and/or YC as a whole want to help, but across the board? And what do you say to those that think that just don't feel safe enough to invest the time, money, and effort on a startup which has a greater chance of failure than success when they could just be working a stable job to try to save enough to survive what is ahead?

kinkora 3 days ago 2 replies      
You (and by extension YC) always seem to mostly focus on the success stories of the alumni/group. Have you or will you consider talking about the failures? If you can't do it, is there a reason why?
allenleein 3 days ago 5 replies      
Hi Sam, in interview with Elon Musk, you asked him 'Do you think people that want to be useful today should get PhDs?' Elon: Mostly not.

Here are my questions:

1. Do you think people need to get a PhD degree to become useful research scientist in AI industry?

2. Do you think people need to get a PhD degree to become Member of Technical Staff (Machine Learning) in Open AI?

Thank you.

40acres 2 days ago 0 replies      
Have founders successfully applied to YC with just an idea? A "hey I think this would be cool, here's some data with respect to the market but I don't have a product"?

If not, what would you need to see from an application with no product to be accepted into YC?

If so, what was about that application that made you believe in them so much?

bfrog 3 days ago 1 reply      
My hardest decision in the past has often been when to decide a startup has failed and its time to move on. Having seen many startups both succeed and fail you're in a unique position to perhaps give some strong opinions on this. Do you have any sort of timelines/guidelines you like to look at as a gauge of success and when it's time to double down or dump it off the side and try again?
anexprogrammer 3 days ago 2 replies      
Two related questions.

It's known YC prefers teams. Do you have a preferred shape or size for the team (2 tech, 1 marketing, or 1 tech, 1 web, 1 marketing and business etc); is any combination shown to be more likely to succeed within YC?

How do you view teams too heavy on tech? It's common for a group of tech people to have the idea, but as a team have some gaps on say the marketing side, and probably other areas.

A startup I was involved in, years ago, lacked much depth in sales and marketing. Filling that gap was a nightmare. Candidates would happily talk out of their hat, claim allsorts they didn't have, and those we trialled failed hard then invent no end of "reasons" why it's working perfectly. Suddenly recruiting programmers was easy!

Even people we've known in this area suffered from at least some of these habits, sometimes meaning it's a case of "nice guy, don't trust him as co founder". Made it hard to resolve, so the least worst techie got stuck with site copy etc.

No surprise, I've learnt much more about online marketing since those days. :)

tmatthewj 3 days ago 3 replies      
Most recent startups from India backed by YC seem to be solving problems within the country. Examples - Razorpay - Stripe for India, Kisan Network - Online Agriculture marketplace in India, Innov8 - Co-working spaces for Indian startups. Is that relevant when YC looks at an application that comes from an Indian startup / co-founders? We could generalise the question by replacing India with developing economies with good infrastructural problems to solve.

How would an Indian startup trying to build a global product primarily for the U.S / Europe market fit into the scheme of things?

cannabis_sam 3 days ago 1 reply      
What is your view on income inequality?

Do you think the start-up structure of running a business could increase or decrease income inequality (and what do you consider beneficial?)

EGreg 3 days ago 0 replies      
We applied many times in the last 5 years, since launching our company (Qbix). Every time we go through the application process, it seems we've grown. Our main app is now about to break 4 million downloads and we've tripled our revenue this year and talking to VCs.

Does it make sense to keep applying to YC, given our size now? From what I understand, we got rejected every time because our equity split is around 80-20, which makes us more like a single-founder company. We would have liked to be part of YC but if YC strongly prefers not to consider single-founder companies then we would save time and not apply.

pfarnsworth 2 days ago 1 reply      
What is the oldest age for a founder that you have accepted for YC?
hashnsalt 3 days ago 1 reply      
What visa do international founders apply for when they are selected to join YC?And those who decide to stay in the US and establish their startup here after the 3-month time period, what immigration options do they have?
stevens32 3 days ago 1 reply      
You've mentioned that you look for solo founders to show above all that they're effective - what would be a good metric for that? Is being able to push out an MVP and getting the first handful of users seen as being effective? Is the bar a lot higher?
ikeboy 3 days ago 1 reply      
I'm a solo founder, technical but my prototype website was built by someone else. The main part of my idea isn't technical (in the sense that Amazon wasn't technical when it first started).

What should I know about applying based on that?

Also, for the competitors question, should I put a list of 15-20 names I made, or choose the top 3 or so?

Finally: I may be able to launch within the next few days. Should I try to launch and wait to apply until I have launch data, or should I apply now? (The nature of the startup is consumer facing and I think I can gain some traction within the first week.)

hindsightbias 3 days ago 3 replies      
Does the YC Group provide any psychological counseling/guidance/referals for attendees? Does it feel any responsibility to?
r0naa 3 days ago 1 reply      
Why are you primarily looking for >billion dollars startups?

I would wager that if you take a look at an accurate distribution of markets according to potential you would find a magnitude more small/average markets (that are untapped) than billion dollars ones. And similarly, I suspect that the success rate for those "boring" ventures is much higher than the exciting shiny rising stars.

Question: Why not optimize for companies that are certainly not going to become Airbnbs but will capture the full value of an averagely sized market (say between 50 and 300 millions)? And if my guess is correct and they end-up eating a lot less resources than the soon-to-be-unicorns, you could even optimise for volume.

Is the pay-off (wrt. to the energy spent and success rate) for unicorns really worth it?

danielonco 2 days ago 1 reply      
How important is for YC founders to be ethical in a world that cares mostly about financial success, profit margins, exponential growth, etc? Think Theranos, Zenefits et al.
xzion 3 days ago 3 replies      
Any tips/examples on trying to sell a product that provides ethical/moral benefits but very little/nothing financially?

Some friends and I were throwing around ideas on how to eliminate scalping, a practice we get bitten by. We came up with some solutions that might work, but they don't provide any financial gain for event organisers so I couldn't see them going for it.

ne01 3 days ago 0 replies      
What do you think about bootstrapped startups like Basecamp, Wildbit and Campaign Monitor?
nabiha_zahra 3 days ago 1 reply      
Let's say someone is a fresh college dropout and wants to focus on learning programming and start a startup, and apply to YC Summer 2017 in March. What advice do you have on how to go about that?
rexreed 3 days ago 1 reply      
Given YC's increasing more social and larger-world problem solving focus, is being Silicon Valley-centric still a core goal of YC? Are you planning on coming back to the East Coast?
konas 3 days ago 1 reply      
What order do you look at an application -- is the video last?
davidw 3 days ago 1 reply      
How much investment money is simply "transferred" to local landlords in the bay area?

Any ideas how your 'YC cities' thing is going to look?

zeeshanm 3 days ago 1 reply      
Does the likelihood of getting into YC increases after you have been rejected five times consecutively?

serious question

aestetix 3 days ago 0 replies      
I see a lot of companies being advised to focus exclusively on user growth, but many have no business model and must eventually make serious compromises, often at their users' expense, to succeed. How often would you say companies are able to tack on a profitable business model after the fact without making such compromises?

Twitter seems to be the example du jou, but there are many.

nabiha_zahra 3 days ago 1 reply      
What do you look for/like to see in a solo founder application? What makes you believe that someone could be successful as a solo founder?
fernandillo 2 days ago 0 replies      
Redomestication. We're based in spain with some public help in form of soft-debt (very common in spanish startups). That makes slower the process of redomestication, typically around 4 months. If chosen for YC, Is it possible to create a parent company in US to give the x% for the YC investment? Tnx!
cjhanks 3 days ago 1 reply      
How important is technical defensibility? On one extreme I could have a technically sophisticated product with a poor user experience. On the other, an off the shelf software catalog with great user experience. Ideally you have both... Realistically it is difficult given time constraints. Where does one settle for success?
ttam 3 days ago 1 reply      
What is your opinion today on cryptocurrencies and how big was the decline in Bitcoin/Ethereum startup applications?

Do you feel the YC partners are mainly bullish or bearish irt cryptocurrencies?

spynxic 3 days ago 1 reply      
Do individuals have the opportunity to participate in funding start-ups via YC? If so, what type of minimum requirements exist for getting started?

If not then how quickly can the [unrelated] problem below be solved, algorithmically

Unrelated Problem: Given a set of numbers of length n, find a single rule that can map each item x to the corresponding item x+1

marlonmisra 3 days ago 0 replies      
Do you plan to release more details about common visa/immigration issues and how Y Combinator helps with them?
foobarqux 3 days ago 1 reply      
Without mentioning what was actually discussed, do you think the Bilderberg conference results in significant actions/effects in the real world?
ne01 3 days ago 1 reply      
I don't want to sound too arrogant but why should I apply if I think I can succeed on my own?
annerajb 3 days ago 1 reply      

are the odds stacked against us if we have 5 founders? (EE, ME, EE, SW, Sales/Business)

Also does a startup that can help reduce carbon emissions/move from something that generates lots of emission classify under the energy section of request for startup?

wcchandler 3 days ago 2 replies      
I want to be a farmer.

Is there a place for me in YCombinator?

(p.s. I have several other follow up questions I'd love to ask if you entertain me with a response)

polmersgh 3 days ago 1 reply      
Will you fund a startup that has no idea about monetizing, like AI research companies?
BillionaireBear 3 days ago 1 reply      
Hey. We received an email saying to reapply because we were in the top 10% for the last cycle. In this case, what order do you look at the application? How useful are alumni recommendations?
LifeOfRio 3 days ago 1 reply      
What will be included in the Startup Class MOOC? How will the MOOC differ from the previous Start-Up Class?
mazeway 3 days ago 1 reply      
How do you evaluate more technical startups like the one you mentioned: Rigetti Quantum Computing. I assume one needs some theoretical quantum physics knowledge to evaluate it.
draghu_1 2 days ago 0 replies      
1. Where do you think the jobs in the software field will be after 10 years?Currently, we can say that the jobs are in the web developer and mobile app developers categories.Like that what would be the major category in software?And what would be the future of web and mobile app developers if they know nothing about machine learning now.

2. In the competition of web vs mobile? What would be their state after 10 years?Will there be more native mobile apps or websites?


CN7R 3 days ago 1 reply      
How does a college freshman get into startup culture without technical skills learned in upper division classes?

Is working at a start up a viable path for college graduates or is it recommended starting at a more established company?

Do you see Silicon Valley maintaining its dominance as a tech capital in future decades or will there be better entrepreneur ecosystems?

Which industries are ripe for entrepreneurship? Like the automobile industry at the moment has innovations of self-driving and electric energy source.


GFischer 3 days ago 1 reply      
Are you planning on another project to fill the void left by the YC Fellowship? Especially on the "a little funding" part, and the "remote" part.

I understand you have limited resources and that YC's core is focused on fast growing companies, but some early-stage ideas/prototypes need a little help before becoming something YC would accept (and, it looks to me, the bar is higher every year).

The MOOC fills one part of the gap, but, will it enable promising students to get some sort of funding?

tonyabram 3 days ago 1 reply      
And thank you for the Playbook. This, along with cs183, is among main materials of my life so far.
dietbacon 3 days ago 1 reply      
Hi Sam,

My cofounder and I don't live in the same country so we're each recording half the video separately and then editing the pieces together. Does this affect us negatively in any way?

Jd 3 days ago 1 reply      
Do you really think that financially incentivizing voting will create good downstream effects? Almost all ideas of civic duty are historically drawn from non-financial incentives and the idea of attaching some financial incentive to them potentially seems to further exacerbate a "pay to play" atmosphere that is one of the reasons people (like myself) don't find it particularly stimulating to participate in the present political climate.
tima101 3 days ago 1 reply      
Sam, thank you for working on a new online course. I think it will have a huge impact.

For how many companies per batch, YC is a second accelerator?How many companies have raised Seed round?

KeatonDunsford 3 days ago 1 reply      
Hey Sam. I'm considering applying with my nonprofit edtech startup (a new crowdsourced education system that's peer-to-peer and mobile -- built around software, like Watsi). I'm a solo-founder still currently building the MVP.

Quick question 1: Is there a "Delaware C Corp" equivalent for the incorporation process/legal structures of nonprofits by state, or does it not matter?

Real question: Is there something to be said about founders waiting until they have users and initial growth to then use the YC opportunity to transition towards growing their company? In other words, if a startup is only getting one shot to go through YC, generally is finding initial product-market fit harder, or is growing the company?

Granted, the latter can't happen without the former happening first. But it would seem that for some founders that have genuine insights into real big problems, it would suck to waste the opportuniy of YC just "checking the boxes" of building their MVP, which they could know how to do already from PG's essays/YC's blog/Startup Class -- whereas they could be getting genuine advice on problems unique to their specific domain problem if they just waited and applied later.

thekevinsu 3 days ago 1 reply      
what is YC's stance on cannabis related startups that take the plant?
jondubois 3 days ago 1 reply      
Does YC ever plan to open a new office/branch in another country (not the US)?
Det_Jacobian 2 days ago 2 replies      
I'm 27 and I've cofounded only one company in a lifestyle industry (video games). Despite being nearish the top of my particular field, I don't have a PhD in a relevant field like AI. Games are hard in that they are very competitive, but we're not exactly curing cancer.

How behind am I, assuming my primary goal is maximizing positive impact on the world?

pan_w 3 days ago 1 reply      
I'm working on a startup that provides live remote video assistant as a service and we piggy backs off of existing technology platforms (FaceTime, Hangouts, Skype) rather than building the tech ourselves for the meantime.

Do you prefer that companies have their own technology or is it okay that a company utilizes existing platforms in the beginning?

My team consist of CS and ME/EE.

It's PokeBin.com if you wanted more information.

nodesocket 3 days ago 0 replies      
Sam... Do you think bootstrapped companies, where founders want to build a "lifestyle" business and not raise capital can compete and be successful in SF and the valley?

Put in another way, would there ever be a case where you'd recommend a bootstrapped company not take investment (assuming the terms were good) in the bay area?

Yinka_Adepoju 3 days ago 1 reply      
What do you think about younger people under 18 applying to YCombinator?
ckehoe 3 days ago 1 reply      
If one of our 3 co-founders (CTO), is in a different state right now, should we still include him in our application video?
carapace 3 days ago 1 reply      
Have you read Christopher Alexander? (Pattern Language, et. al.)
brianbreslin 2 days ago 0 replies      
How do teams deal with families? I'm curious how many founders can uproot their entire families for 3 months to relocate, or do they just try to make long distance work for the 3 months while the spouses/kids stay back home?
310BrownGuy 3 days ago 1 reply      
Hi Sam. Can you explain the process for considering a Non-Profit a little bit more? A friend and I naturally think that we have a significant value proposition in the non-profit sector with everything other than the technical part flushed out thus far.

EDIT: Particularly if there is potential synergy with a business component as well?

rojobuffalo 3 days ago 1 reply      
How many applications are you guys expecting this year and what percentage do you expect to invite to interview?
mrhektor 2 days ago 1 reply      
What is an ideal stage for a company to apply to YC?We've gotten together an excellent team and partners, and are just starting to build out the value prop. However, we don't have any customers / traction yet. Should we wait to apply, or apply right now?
soneca 3 days ago 3 replies      
Is this thread being punished by a flaming war trigger? It is not on front page, not even the first Ask HN page.
marauder016 2 days ago 1 reply      
Hi Sam seems like 'Science' was removed as a category in RFS. Can you comment on this?
ta11 3 days ago 4 replies      
I have applied many times . I now have a patent for a technology that I believe is a disruptor of enormous proportion. I have asked repeatedly to get a few minutes with someone to discuss this technology, because your application process doesn't seem to work for this.
kfish15 3 days ago 1 reply      
If you were in early 20's, what 5 things would you deem most important to work on to help the world?
Lordarminius 3 days ago 0 replies      
A delegation from YC was recently in Lagos, Nigeria. What data and/or considerations did you take into account that kindled your interest in Africa (instead of say, Brazil ?)

Do you have any particular industries in mind to invest in? where do you see the most potential?

jondubois 3 days ago 1 reply      
How can an engineer become employee #1 or #2 of a fast-growing YC startup? How important is networking (knowing the right people) vs simply having the right credentials/experience?

What sort of advice does YC offer founders when it comes to hiring early employees?

h4nkoslo 3 days ago 0 replies      
Do you stand by your statements calling for government supervision and control of machine learning research? Is it likely that machine learning will become a highly regulated industry roughly on par with nuclear power plant development?
nabiha_zahra 3 days ago 1 reply      
The application for YC has recently changed. You no longer ask the question about what is a person's greatest achievement, which was previously said to be the most telling question on the app. Where are you now getting that info on the new app?
rojobuffalo 3 days ago 1 reply      
I noticed you guys added Food and Farming to the RFS. How did that decision come about?
lizziepika 3 days ago 1 reply      
What do you think of the women in tech movement, and other diversity initiatives?
soneca 3 days ago 1 reply      
How well suited is YC for a company that only expect to have YC itself as investor?

i.e. might have no interest in presenting at demo day or pursue any further fundraising, but instead look for profitability and self-investment as the path to growth.

bazsouthafrica 2 days ago 1 reply      
Hi Sam, I would like to apply for Winter 2017. If we are not accepted for this batch, would it hurt our future chances (i.e. could we apply again for the next batch without being negatively affected).
ENadyr 2 days ago 0 replies      
Hi, I know you started accepting hardware startups recently, I also realize you value teams that can iterate quickly. Having spent 18 months working to show that what the complex hardware product is feasible, my worry is that we would be seen as "slow" because in the software world , where I came from, 18 months is a lifetime. So my question is, do you treat hardware and software startups the same in terms of iteration speed?Cheers!
diziet 3 days ago 1 reply      
If you went back in time and did Loopt again, what would you differently?
toocute2care 3 days ago 1 reply      
Thanks for doing this AMA, a quick question...

1. What's the possibility of YC companies doing biz dev with LargeCorp during the 3 month bootcamp? Is this something that YC can help with due to it's large network etc.

afchavez40 3 days ago 1 reply      
Do you prefer international companies that don't have U.S as a market?
rnc 2 days ago 0 replies      
Sam, you started Loopt when you were 19 and figured things out very quickly along the way. Could you give us some insights on how to increase the speed at which we learn stuff? Many people here(myself included) rely on books to learn about something or solve theirproblems, and that doesn't seem to be the case with you and other top founders(Collison brothers, Drew Houston, etc.)
jmcmahon443 3 days ago 0 replies      
Can you make the application autosave?
arodceo 3 days ago 1 reply      
What do you look for in a single founder (non-tech) when they apply with their company being very early stage. What helps you determine they'll be a good company even if they are early?
stansedberry 2 days ago 1 reply      
Sam, thank you so much for taking the time to add so much value to all of the applicants of YC. I have learned so much.

For emerging industries like our's in the virtual reality space, there is so much money driving the industry into gaming and the desires of the bigger players like Facebook and Oculus. Is it more valuable to align with these bigger players and play along with their game, or disrupt the industry but risk being outcasted?

Thanks!Stan SedberryVidi VR

imkeean 3 days ago 1 reply      
What startup stage would you recommend a company be in when applying?
davidlee1435 3 days ago 1 reply      
You've been very outspoken about AI, but tangentially related to AI are intelligent chatbots and more general conversational interfaces. What are your thoughts on chatbots?
tomrod 3 days ago 1 reply      
Sam, I greatly respect the positive impact YC and you are having on society.

This question is unrelated to YC. How often do you go with your gut in decision making, and how well does it turn out?

ifemide06 2 days ago 0 replies      
Sam, what would you say to a bootstrapped fast-food delivery startup, cash positive, little overhead and 10,000's of customers applying to YC?
rbloughlin 2 days ago 1 reply      
If we edit our application after we submit it, then are you notified? Or is there a chance you read our application before we edit it and you miss our edits?
charlesyost 3 days ago 2 replies      
My partner and I think search engines will look and feel completely different in the future, thus we're working on this next generation.

Do you agree with this? How do see these evolving?

VaedaStrike 2 days ago 0 replies      
Is someone's creds on 'getting things done' largely based on visible projects? Or are other things considered?

For example becoming a self taught programmer? Quadrupling one's income? Doing all that while starting a new family? I feel like I'm becoming significantly more formidable. But the side project that pulled me into becoming a programmer, itself, is still lacking clearly visible progress.

mangeletti 3 days ago 0 replies      
What are your thoughts on Zcash[1] (either the product OR the company behind it)?

1. https://z.cash/

hellojebus 3 days ago 0 replies      
I want to transform the way we use checkins and turn them into awesome real world experiences.

I have the idea, a v1 design, portion of the API, and incomplete web app prototype... all built by me. I lack the business plan in paper however have pretty cool ideas on how I can eventually generate income.

Is this enough to be considered? Have companies come to you with less while still being accepted?

andy_ppp 3 days ago 1 reply      
Can you be clearer about minimum requirements? I have an incomplete prototype but I get the impression you want more? It'll probably have a few security issues right now that I need to iron out too.

When to put this on the Internet to show you guys and how much should I have.

Working on this in my spare time is very difficult to get to a point I'm happy with. Maybe I should quit my job?

Be good to be super clear on this...

konas 3 days ago 1 reply      
We happen to match up with your RFS for city-related to startups. Do we need to tie this into your RFS beyond checking the box on the application?
nswanberg 3 days ago 0 replies      
You've said it's important for founders to be able to communicate and persuade, both in public and one on one. I think in that same talk you claimed to not be a very good public speaker but that you were much better in person. There are lots of examples for learning better public communication. How do you learn to be better one on one?
peter_retief 2 days ago 0 replies      
Inventors and innovators in Africa have a really hard time getting access to international markets and funding. Can you help?
a13n 3 days ago 1 reply      
Would you consider negotiating the equity percentage for startups that stand out in terms of team/traction? If not, why not?
shams93 3 days ago 0 replies      
Have you seen any patterns in terms of idea generation, do successful startups come up with the idea for the business in the same way, or is it basically extremely diverse, I'm wondering if people are tending to use any analytic methods to find low hanging fruit to get started or whether its largely "scratching an itch."
mbaha 3 days ago 1 reply      
Do you think we'll be seeing more and more XaaS-like businesses growing ? Or do you think we'll move away from selling APIs ?
tonyabram 3 days ago 0 replies      
Sam, I have several pet projects, but I know YC loves teams severely committed to a single project. Is there a reasonable chance not just to get the interview, but to join the batch if I send multiple applications but most of them won't have this "three months of growth of KPI" kind of traction?
santoshimz 3 days ago 2 replies      
With so many companies like General Assembly offering part time bootcamps without one leaving the job can't YC follow the same approach where one can work on a startup without having to leave the job. This will bring in more ideas and products by people who don't want to quit their day-to-day job.
imkeean 3 days ago 1 reply      
Do you favour companies on your request for startup list? Such as a pharm/biotech company > a software startup?
pr5k 2 days ago 2 replies      
Has there been any graphic designer co-founders accepted into YC? If so, has there been anything noticeably different about that dynamic compared to usual co-founder teams of hackers? If not, are applicants that include graphic designer co-founders at all desirable at YC?
dave1619 2 days ago 1 reply      
How involved are you and Elon in OpenAI? What are your roles specifically, both for you and Elon?
freese 3 days ago 0 replies      
What are some examples of adding value to a company that's already raised a good seed round ($2-4M)?
partycoder 3 days ago 0 replies      
What do you think of South America?
palakz 3 days ago 1 reply      
What are the chances of a Subsidiary in getting accepted to YC? Have you had any case like this previously?

P.S.: I'm talking about a case where only the subsidiary has applied for YC and that subsidiary is making a different product than what the parent company is making.

davemel37 2 days ago 0 replies      
Two Questions:

1. Would YC consider a media/publishing company that is not really a tech startup short of leveraging tech to reach a broader audience. (it's more like investigative journalism to arm buyers with info. needed to negotiate better deals.)

2. The info. in these reports can capture value by being sold right away, but giving the info. away for free is more in line with the mission of eliminating information asymmetry (by selling we are just replacing one inbalance, with another)...so is it better to capture initial value...or try to build trust to the point of people going straight to you to research purchases...and monetize later on or with add-ons (i.e. outsourced negotiation.) or eventually becoming the defacto source for consumer research (which is bound to be monetizable one way or another)?

oli5679 2 days ago 0 replies      
You have said that the best founders believe their success is inevitable, yet YC (understandably) has a really high failure rate.

Do you think it helps, as a founder and in life, to be optimistic rather than realistic?

no_protocol 3 days ago 0 replies      
Do you prefer startups from a certain level on Maslow's hierarchy of needs?
twelvedigits 3 days ago 1 reply      
Are applications confidential?
marknadal 3 days ago 1 reply      
Can you be too far along? We already raised from billionaires Tim Draper and Marc Benioff of Salesforce. Is this still okay to apply? And how much does being a solo founder reduce chances of getting in?
econnors 3 days ago 2 replies      
What are the best ways for hardware startups to show traction pre-launch? We feel like we have a compelling prototype, but are worried that a lack of pre-sales/press/etc. will be a red flag.
du_bing 3 days ago 1 reply      
Hi, Sam, how do you think about the opportunity of technology in China, do you think China a good place for investing and developing? What the difference between the China market and USA market?
avi0103 3 days ago 2 replies      
What is the minimum stage the product should be in to be selected in yc ?
afar 3 days ago 1 reply      
What do you think is the biggest blind spot or most limiting aspect of YC Group and how do you plan to fix it? Asked another way, what are YC's weaknesses, in your opinion?
nabiha_zahra 3 days ago 1 reply      
How do you identify small but fast-growing markets?

Is it a good/bad idea to found a startup in a market that is no longer saturated but also has big players (such as social media?

tinbad 3 days ago 0 replies      
What companies have you seen/interacted with lately that have a good chance of taking IoT to mass adoption that are worth watching for?
mdeligoz 3 days ago 1 reply      
When interviewing, what key points are you looking for?
LifeOfRio 3 days ago 0 replies      
Are there any books on Start-Up Market-Research a.k.a Talking to users? If not, what are the top mistakes startups make when talking to users?
Xcelerate 3 days ago 0 replies      
What are your thoughts on quantum computing?
tmaly 2 days ago 1 reply      
I watched your startup course that was done at Stanford.

Have you ever considered writing a startup book?

wwwdonohue 3 days ago 0 replies      
How important do you think blog posts/videos/other forms of content are for startups coming out of YC?
ttam 3 days ago 0 replies      
a question about anything else:

what's you opinion on product managers and when/do you think a startup should hire one?

michaelbarton 3 days ago 0 replies      
Are there ways to apply to HARC, or demo at HARC for people who have ideas that might fit within its remit?
neom 3 days ago 0 replies      
Bunch of folks in the city world keep asking me how your city stuff is going. How's the city stuff going?
imkeean 3 days ago 1 reply      
What universities stand out to you in particular, if any, when gauging talent from institutions across the world?
Jd 3 days ago 1 reply      
Have you ever invested in a band or music production company or considered doing that?
dietbacon 3 days ago 0 replies      
How do you assess the "quality" of founders that have no startup track record?
bourneliu 2 days ago 0 replies      
On average, how much time will you spend on handling 1 application ?
wishdock 2 days ago 0 replies      
Why didn't I see this earlier :(
bourneliu 2 days ago 0 replies      
Will you come to China? When?
kgc 2 days ago 1 reply      
Do you secretly have a Japanese nickname that goes something like Sama-sama?
internaut 1 day ago 0 replies      
sama, a big picture question, what is your take on the Stagnation Hypothesis?

I know you know a bunch of people who are concerned about technological stagnation and I was curious about your personal take on it.


scinering 2 days ago 0 replies      
When you want to start a startup and you don't have any kind of job experience in tech industry, do you think that is necessary to be intern in some tech company, or just to focus first on coding skills, and to build stuff?
ternbot 3 days ago 0 replies      
How do you make a product that is profitable while serving an underserved poor market? i.e. if a market is massive but has no money to spend - is the business model different?
ali30 3 days ago 0 replies      
Sam whst mean the word hustling to you??
Ask HN: How to decide who should be CEO?
3 points by ryanmccullagh  7 hours ago   9 comments top 3
alain94040 3 hours ago 0 replies      
The CEO should be the one who is pushing the other. The one who goes the extra mile to do all the millions of little, insignificant things that a startup requires.

source: long experience with co-founder teams

hoodoof 6 hours ago 1 reply      
If the two of you cannot easily answer this question then your journey is going to be a troubled one.
ohstopitu 7 hours ago 1 reply      
I don't have an answer to the question...but a follow up question.

If you are a 1 person startup (and don't want to be a CEO), how would you decide on the CEO as and when that may be? (say you decide you want to be a CTO / COO)

Ask HN: Should I include final year projects in CV out of college?
8 points by zump  20 hours ago   7 comments top 6
JamesBarney 11 hours ago 0 replies      
CVs have two purposes.

The first is to get past H.R. gatekeepers to get you to an interviewer. This involved having the right years of experiences, keywords, school, gpa, etc...

The second is to have interesting things to talk about with an interviewer. Putting your school project on your resume won't heart the 1st one. But if it's and interesting project and you would look good talking about it. Then heck yeah put it on your resume.

After 4 years though if it's not a really awesome project you might want to remove it. It could be perceived like you haven't accomplished anything noteworthy recently.

drrob 20 hours ago 1 reply      
Prior to having any "real world" experience on there I'd say yes: bung it on. Once you've clocked up some actual solid work experience I'd remove it though.
brudgers 11 hours ago 0 replies      
I think it depends a great deal on the local culture and the industry segment and the particular company: for example an employment listing with emphasis on academic attainment, a government position, or a culture where multi-page CV's are expected.

Going further, it's worth doing a minimum amount of research for any position you want and to CV/resume tune for it.

Good luck.

msh 15 hours ago 0 replies      
Absolutely, after 2 years you would properly not have that many work projects.

Especially if it can be related to the job you are applying for.

debacle 15 hours ago 0 replies      
Is it worth discussing during an interview or relevant work experience? If not, then no.
Prad 17 hours ago 0 replies      
I personally wouldn't have school projects if you have been out for two years. I'd have personal projects you have worked on in your spare time. I think these are much more interesting to see.
Ask HN: No mechanical escape key in new Macbook Pros?
19 points by mattnedrich  1 day ago   58 comments top 11
weinzierl 1 day ago 6 replies      
I'm in the market for the new MacBok Pro and the OLED row makes me excited, but as a Vim user the lack of an physical escape key would be problem for me.

I have Caps Lock mapped to Ctrl and I'm glad that MacOS provides this option out of the box, but Caps Lock as Esc is not an option for me. I hope there will be an out of the box way to map Escape to something sensible.I'd trade ~ for Esc anytime, as long as ~ and ` are accessible via the OLED strip.

stevep001 14 hours ago 1 reply      
I ended up with a ThinkPad X1 Carbon gen 2 -- it has a five row physical keyboard, with the top row as a virtual keyboard.

It was constantly registering touches on the top row when I didn't want them. With a laptop, I commonly rest my hand on the keyboard and touch -- but don't depress -- keys.

Today it's only used in a desktop configuration with an external keyboard.

I'm not the only one who felt this way -- see, for example, this Ars review of the gen 3, which said of the gen 2 keyboard:

"...the keyboard shed its top row of function keys, replacing them with a software-controlled touchable strip, and used a peculiar arrangement for buttons including home, insert, backspace, and delete. The result wasn't better; it was awkward."


gamedna 1 day ago 2 replies      
Back when the iPad was released, I ran a 6 month experiment to see if I could live as a developer using only the iPad and the cloud. My initial findings were quite positive, and the first few weeks were exciting and new.

As time progressed, task switching and copy/paste were obvious shortcomings due to limitations with iOS, but the experience was mostly bearable but not awful.

Towards the end it became unbearable as the escape key was so engrossed with all things unix/linux that i gave up a month early.

If the escape key is actually vanishing, I am completely confused. macOS is a unix derivative and apple has a boatload of developers. Why would they want to alienate us?

busterarm 1 day ago 4 replies      
I've been using an external keyboard (Realforce 87U at work. A 104 w/ Cherry Blues at home).

Other than the coffee-shop crowd, how many of you would say you're exclusively a laptop-keyboard user? Not a dig, just wondering.

If Apple offered an iPad Pro, running OSX with USB ports (or a thunderbolt port usb hub) for a physical keyboard, I would switch over in a heartbeat.

snowwrestler 1 day ago 1 reply      
Apple could easily persist an ESC virtual button in the same spot. Or provide a user setting to do so.
1_2__3 1 day ago 3 replies      
It's really hard not to see this as just a continuous and perpetual dumbing-down by Apple of all its products, to the point of uselessness for essentially anyone who isn't an 80 year old grandmother who's never used a computer before and needs to use skype.
taurath 1 day ago 1 reply      
I think they'll just replace the tilde key with the escape key if the photo is a new MBP.

I press escape OFTEN, but tildes rarely. For the most part its to get into consoles in games or other dev functions - I could see myself losing it and not being too sad.

a-no-n 1 day ago 0 replies      
If there's no hackable non-Retina-like model with user-upgradable to 16 GiB of memory and dual SSDs, the MacBook Pro (13-inch, Mid 2012) MD101LL/A will be the last MBP I buy. Overpriced, soldered-on memory is BS.
meidan 1 day ago 1 reply      
I use VIM. I will not be upgrading to the newest apple products. I think I'll phase them out instead.
sboselli 1 day ago 2 replies      
What about the up and down arrows? There's only key there in your first image..
stuaxo 1 day ago 0 replies      
Hm, how long until there are Linux drivers for this ?
Ask HN: How about a free copywriting audit?
2 points by luxpir  15 hours ago   2 comments top 2
luxpir 15 hours ago 0 replies      
luxpir 15 hours ago 0 replies      
PS - if you've taken a look and decided it's not actually what you want, I'd like your feedback if you had a second!

PPS - Just 2 spots left now, if you'd like to take part.

Ask HN: Where to learn advanced concepts in Functional Programming
6 points by jaybosamiya  1 day ago   6 comments top 3
bbcbasic 1 day ago 0 replies      
The best way to learn monads is to ignore the IO one for now, and learn what >>= and return does for each "pure" one individually. E.g. Maybe, List, Either etc. With enough examples understand you will understand the pattern. At various points you may want to check you understand what the type system is doing in the implementation.
dozzie 1 day ago 1 reply      

All those concepts don't matter if you don't have where to apply them, and ifyou do have use for them, you'll learn them soon enough. It was quite visiblewith a nice paradigm of aspect-oriented programming dozen years ago(from imperative programming field); it looked like a good idea, but there wasnowhere to put that into use sensibly, and AOP eventually died.

Ask HN: What do you use for remote access?
56 points by elwebmaster  4 days ago   56 comments top 27
viraptor 3 days ago 2 replies      
Zerotier - https://www.zerotier.com/

Create a network with automatic IPv6 addresses and start the management access service (likely ssh) on the zt0 interface. then it "just works", regardless of NAT in between.

This is a completely userland solution however. You probably don't want to put real service traffic on it if you care about throughput. It's perfect for management however. (or just test it, maybe you can saturate your link anyway)

This works either by using the public servers for discovery, or you can set up your own dedicated endpoint(s). Either way, the traffic takes the direct route through the NATs, or within the local netowrk if possible.

Jimidy 3 days ago 1 reply      
For VNC-style full desktop access, Teamviewer just works...it runs on Windows and Linux, is very fast, and (usually) doesn't need any special firewall/NAT rules set up. I believe on Windows at least, it can be used to establish a VPN as well.

Might be overkill if you just need to reach one particular service (e.g. HTTP(S)) though, in which case you could consider setting up a reverse proxy (e.g. using nginx) on a DMZ'd server?

stuxnet79 3 days ago 3 replies      
I tunnel everything through ssh (both local and remote port forwarding) and in some cases for the exact use-case you have mentioned (web server running on a raspberry pi that is behind a NAT). It works for me.

I've never set up a VPN and I'm not too knowledgable about them. Should I set one up? I don't know. Toyed with the idea a few weeks ago up until I read this post on StackOverflow (http://serverfault.com/questions/653211/ssh-tunneling-is-fas...) - TLDR (VPNs are slow)

mbreese 3 days ago 0 replies      
The easiest to setup should be port-forwarding on the router. If you trust putting your server on the internet, then that's the way to go.

But it really depends on the use-case. HTTP from behind NAT - that's easy, just port-forward. If you're talking about SSH access, then you have a few more options that you might want to explore (port forward, or tunneling to an external host). If you're talking more than one host behind the NAT, then you have another set of possible solutions (reverse-proxy HTTP servers, SSH gateways, etc...).

Care to give us more information?

stevekemp 3 days ago 2 replies      
IPv6. This allows my hosts to be accessible to the internet, even though they're behind routers/NAT devices.
tbronchain 3 days ago 0 replies      
I was using a combination of a VPN and NAT rules to do so.Basically, machine A (the machine behind the firewall I want to connect to) would connect to machine B (a VPS or AWS instance - free tier micro instances are awesome for that matter!) using a VPN connection (pptp or openvpn or l2tp or whatever - pptp has the advantage of being super easy to setup and working out of the box on most linux distros. Not the most secured though, but to run SSH on it, it's good enough). I had a script to periodically check (every 1 minute or so) if the VPN connection was up and if not, try to reconnect.Then, I had some iptables NAT forwarding rules on machine B (let's call it gateway) to send all TCP traffic on a defined port to the machine A, port 22, using the VPN interface.

It had the advantage of being quite easy to setup for me as I'm quite used to setup VPNs and NAT forwarding rules (for having living in China, bypassing firewalls is almost an everyday routine exercise :)Also, it worked perfectly well and the performances were reasonable. I could access my server at home, in Beijing, behind a NAT, a dynamic IP and the country's firewall, from anywhere in the world. I was happy!

There are surely other (better?) ways to do it though, and the autossh/reverse tunnels option looks very interesting.

xarope 3 days ago 0 replies      
Use case is important, to determine what resources+tools you have access to/can deploy.

However, assuming this device/VM runs "unix", and to K.I.S.S., use reverse SSH tunnelling. Once an SSH tunnel is established on your side, you can do whatever you want... e.g. tunnel VNC through for GUI.

You can of course add more layers of security e.g. non-standard SSH port, dedicated VM/server for the SSH entry point, refresh SSH keys regularly etc.

JoachimSchipper 3 days ago 1 reply      
The semi-standard solution is a VPN, e.g. OpenVPN or IPsec, to an external server.
ahhyes 2 days ago 0 replies      
I use GateOne (https://github.com/liftoff/GateOne) running on a vps (served with https and htaccess). Sometimes all I have is web access (even SSH is blocked) and so I can login to anything from here. Works great on any device too.
notacoward 3 days ago 0 replies      
When I'm on the road, I use tinc from the server in my home office out to a bastion server I have in the cloud. Separate keys and passphrases, no ssh-agent to keep the passphrases around for anyone who gets their hands on my laptop. Super simple to set up, and hasn't failed me once in several years. I guess you could argue that tinc isn't the most secure option, but I'm not too concerned about somebody managing to be in the middle of that path. The bastion's the thing that has to be most hardened against attack.
theCodeStig 3 days ago 0 replies      
All you need is SSH and SSH config. There are a lot of tutorials out there, but I find many of them are based on older versions of SSH which lack a bit more sugar around proxying.

Essentially you will add a directive to SSH config for the NAT host, and the host that you want to access. In the directive for the host to access, you will specify that you're proxying through the NAT host.

You can then leave out all of the port forwarding options when connecting to the target host, SSH will pick that up from the config file.

guan 3 days ago 0 replies      
I usually use sshuttle. It requires you to be able to SSH into a box with Python thats behind the NAT, which is usually the router or something already exposed through port forwarding. On the client, it then uses iptables or pf to tunnel TCP and UDP through an SSH tunnel. No complicated network setup is required and it is easy to set up limited subnets for tunneling, for example.
joefarish 3 days ago 0 replies      
A very "low-tech" solution but Chrome Remote Desktop is very easy to setup and works well if you want to use an Android Phone/Tablet to connect to the device/VM.


gamedna 3 days ago 0 replies      
probably tmi but any / all of the following: - SSH (direct or tunnels)- VNC (usually over ssh or VPN)- RDP (usually over ssh or VPN)- VPN (openvpn or ipsec)- MicroTik Router at home with site-to-site VPN to my DC and Office- Mobile Hotspot (always a must when traveling)- Last resort: Dial direct with 56.6kbps modem to DC when there is an internet uplink failure or DDoS attack.
jimmaswell 3 days ago 1 reply      
SSH for Linux or TeamViewer for Windows, there's also Hamachi for Linux which worked when I needed to use it once
santa_boy 3 days ago 0 replies      
I access through http/https using [Wetty](https://github.com/krishnasrinivas/wetty) within a electron shell and it works perfectly!
notatoad 3 days ago 1 reply      
vacri 3 days ago 0 replies      
OpenVPN on the bastion host, and ssh over the VPN. If you don't control the bastion, then you need something that 'phones out' (could use a reverse ssh session for small scale stuff)
andrewchambers 3 days ago 1 reply      
perakojotgenije 3 days ago 0 replies      
SSHreach.me - https://sshreach.me/
whisk3rs 3 days ago 1 reply      
tor hidden services. slow, but secure!
ilaksh 3 days ago 0 replies      
In the past I have used ssh port forwarding, LogMeIn Hamachi, and tinc. All seem to work ok.
mynameislegion 3 days ago 1 reply      
Port forwarding, reverse SSH tunnel or Tor onion service. All three for more reliability.
codemac 3 days ago 0 replies      
I use tinc + mosh/ssh, and it's wonderful. I highly recommend it.
nzjrs 3 days ago 0 replies      
Zerotier one
NetStrikeForce 3 days ago 0 replies      
Glad you're asking!

I built Wormhole Network https://wormhole.network with the idea of making remote access very easy and as secure as possible.

Disclosure: This is SaaS and I've built it.

Wormhole builds an overlay network where you can run any L3 protocol really. By default we provide DHCP for IPv4 within the (yes, just a /24 by default as it suits most users, it can be customised or even disabled under request). We have chosen this address space to increase the chances of non-overlapping with your own networks.

The advantage of running an overlay network like Wormhole are:

- No need to open ports anywhere or do any inbound NAT or PAT. All traffic is outgoing. By default UDP, but the protocol would fall back to 443/TCP if needed.

- The above means it works pretty much anywhere with an Internet connection that lets you browse the web.

- Your devices' IP addresses inside Wormhole could be always the same, regardless of where they are. Think of migrating your servers to a new hosting? Keep the same IP. Do you team mates move frequently, work from home at times or even from their favourite coffee place? No problems, they'll keep the same IP address.

- Full access between devices inside the network. It works like a real LAN. No need to open ports to reach out to your development server nor leave any other services reachable from the internet. You could lock down all inbound access from Internet to your servers and still reach them through Wormhole.

- All traffic is encrypted. Note: We don't roll our own crypto. We rely on SoftEther's (see below).

- No need to configure a VPN with your cloud/hosting provider, provision VPN hardware nor anything like that.

- Multiplatorm Linux, Windows and macOS.

- It all runs on free, open source software: SoftEther https://www.softether.org so you can audit the software (and it's not ours, people are using it all over the world for VPN)

The architecture is based on central servers that route the traffic among the peers in your network, hence why full connectivity can be accomplished always with only outbound connections. It is important to choose in which server you want to create your connection, so the latency is as low as possible.

Learn more about us in our documentation section: https://wormhole.network/docs/

We currently have a few hundred users and are looking into making the product better by listening to your feedback. We have a free tier without time or traffic limits, available in three regions (US East, Netherlands and Singapore); it just has user limits. No credit card needed to use it.

I'll be extremely happy to receive criticism, suggestions and any other feedback in general here or directed to pedro /at/ wormhole.network

Ask HN: Build a deep learning box from scratch or just buy one?
10 points by misiti3780  1 day ago   6 comments top 4
lovelearning 19 hours ago 0 replies      
Adrian Rosebrock of PyImageSearch explained his rationale for purchasing a pre-configured Nvidia box in [1] and talked about other build considerations in [2] (I'm not affiliated in any way; just a subscriber of his blog who thinks you may find the info there useful).

[1]: http://www.pyimagesearch.com/2016/06/06/hands-on-with-the-nv...

[2]: http://www.pyimagesearch.com/2016/06/13/considerations-when-...

brudgers 1 day ago 0 replies      
I'm not exactly sure what a 'deep learning box' is, but if I wanted a box to stuff some GPU's on a budget I'd start with a used Dell Precision 7xxx series off of ebay for a couple of hundred dollars as a platform.

These machines have two graphics x16 PCIe slots wired as x16 and two more x16 wired as x8 powered by an 1100 watt power supply. New, a similar power supply would cost more than the what a whole system will go for including a Xeon CPU, some Ram and possibly a disk and perhaps a Windows license.

The downside is that the Precision 7xxx's are big and heavy and a bit power hungry and only come in Oakland Raiders black with silver.

The Precisions are also certified for various flavors of Linux when new, so there's unlikely to be any driver problems regarding their hardware. They're stupid easy to open up and in and around...a similar new case would also probably cost more than a complete used system. I've found them very reliable.

From there, it would just a be matter of how much money there is for GPU/graphics cards, more RAM, and SSD's and how it gets spread around based on the anticipated workload: a $50 SSD and a $50 GPU might be enough for fooling around and developing a toolchain. After that, it's just a matter of how far you can fall when sitting on your wallet.

sprobertson 1 day ago 2 replies      
To build mine I took an existing Linux server (nothing special, 16G RAM and a 3.something CPU) and squeezed a GTX 980 into its tiny frame. The speed up for basic image processing was about 31x over CPU alone.

I don't know anything about pre packaged solutions but maybe a gaming rig would be appropriate.

Ask HN: What are the best practises for using SSH keys?
305 points by TheCustardKing  5 days ago   110 comments top 25
dsl 5 days ago 3 replies      
From my experince as an attacker --

 - Is it better to use a different passphrase on each key, or does using the same one not matter much? - How much less secure is it to not use a passphrase on a key? - Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
None of these things really matter that much. Make sure you use full disk encryption and never stand up from your machine without locking it, and make sure you keep your local machine patched. If I get code execution on your machine, I am going to use whatever keys are loaded in your ssh-agent to pivot, hijack your existing open sessions, or modify your ssh client to dump the keys I need.

 - Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
Key length is a protection against the future, and against state level actors. Right now, key length doesn't matter much to me because I'm more focused on just stealing your keys from you regardless of length.

daurnimator 5 days ago 4 replies      
I consider best practice to be using a hardware token.

My favoured solution is to use a yubikey via gpg: with this method you use your gpg subkey as an ssh key.The yubikey 4 supports RSA 4096 bit keys, if you need NFC then the Yubikey Neo supports max RSA 2048 bit keys.

regularfry 5 days ago 1 reply      
The first rule: never share a private keys between physical devices. Apart from reducing the opportunities for it to go walkies in transit, or accidentally get left on a USB stick, it allows you to revoke a single credential if you lose (control over) that device.

From that, we get:

 - you're not sharing passphrases between keys, you're sharing them between devices, and whether that's safe depends how likely it is that a compromised passphrase on one device can be transferred by an attacker to another. - Similarly, whether a blank passphrase is a good idea or not depends on what other measures are protecting access to that private key. - If a private key ever turns up on the wrong machine, you *know* the key and both source and destination machines have been compromised.

facetube 5 days ago 1 reply      
If you have a lot of machines, SSH certificates are supported in OpenSSH 5.6+ and are awesome: https://www.digitalocean.com/community/tutorials/how-to-crea.... They allow for centralized management of authentication/authorization without having to touch each machine (beyond an initial trust relationship setup).
mlonkibjuyhv 5 days ago 3 replies      
This is probably the wrong forum, but I have a question or two that I see as related.

I have setup a VPS, disabled passwords, and setup a key with a passphrase to gain access. At this point my greatest worry is losing this private key, as that means I can't access the server.

What is a reasonable way to backup my private key?

Encode it as something similar to a QR-code, print it, and store it in a hole in the wall? Copy it to an USB-stick and hide that somewhere safe?

Alternatively, I have access to more than one computer, so I could also authorize a couple of other keys to access the server. So I would transfer the public key to the authorized machine, and add them to the authorizedkeys from there?

How to deal with the possibility of death? Do I trust someone with my keys and passphrases?

zimbatm 5 days ago 5 replies      
If you use fail2ban make sure to pin the right key to the right host. Otherwise ssh will try all the keys and get you banned from your own host. The easiest way is to use the ~/.ssh/config:

 Host myhost IdentityFile ~/.ssh/myhost

mynameislegion 5 days ago 0 replies      
The classical document about this:


daenney 5 days ago 0 replies      
> - How much less secure is it to not use a passphrase on a key?

This is a question of layers. If you don't have a passphrase on your key, what stops someone from gaining access to it? Just your account password? If they steal your device, is there some form of storage encryption involved?

> - Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

I have different keys for different purposes per client device. This is mostly because sometimes I need to login to places that are ancient enough I need to use a weaker key than I would like to use in other places or vice-versa, there's places I can only login with ed25519 keys.

Though having different keys per purpose isn't necessary it allows me to keep certain identities separate. I have a different one for GitHub for example, mainly because GitHub exposes my public key and therefor allows for clever tricks like tying the key to an established identity should I use that key to authenticate in other places.

I would also recommend configuring SSH so that it doesn't send over any/all keys by default. Take a look at the IdentitiesOnly option in ssh_config.

Normal_gaussian 5 days ago 1 reply      
- Is it better to use a different passphrase on each key, or does using the same one not matter much?

Yep in an ideal world, though I suspect in practice it doesn't matter much.

- How much less secure is it to not use a passphrase on a key?

You are relying completely on the security of your disk, against either physical or cyber. Use a passphrase, use an agent to manage it.

- Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

Per client device. This is the device that can be compromised and cause invalidation to be required, so this is the one which should be seperate. For convenience you can maintain all your devices public keys concatenated together and hand them out like that - comment each with hostname and date created for ease of identification.

- Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?

Up to a point. RSA in 8 bits is trivial. Go for a highish key length, different key types have different recommended lengths. Note some machines dont support higher lengths.

- How/Where should private keys be stored on a device using them?

In $home/.ssh

Permissions should be set for only you to read with no writing. Even better if your home drive is encrypted as it is only vulnerable whilst you are logged in.

- What are some of the pros and cons from a security standpoint, and how may doing different things affect the usability of a key?

If you hop machines a lot key per client can be problematic. In this case a portable secure drive is useful. Of course one leak can be fatal here.

Try not to fall back on passwords, they have nothing like the same security.

Most usability issues are caused by the people running the servers not reacting in a timely fashion to key updates.

asdfaoeu 5 days ago 1 reply      
Some general advice based on most requirements.

- Is it better to use a different passphrase on each key, or does using the same one not matter much?

If they are being used on different device then different passphrases makes sense otherwise no.

- How much less secure is it to not use a passphrase on a key?

10? Not sure you can really quantify an answer. I'd recommend a passphrase if you aren't already using disk encryption with that it's probably less of a concern however with agents there's not much issue with not having one.

- Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

Use a different key per client device but you don't need a different key for logging into different servers unless you care about people correlating those users.

- Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?

Use more than 2048bit for RSA/DSA beyond that it doesn't matter.

- How/Where should private keys be stored on a device using them?

~/.ssh on some local filesystem.

po1nter 5 days ago 1 reply      
> - Is it better to use a different passphrase on each key, or does using the same one not matter much?

It is better to use a different passphrase for each key but it is also less convenient unless you're using a password manager (personally, I'm using KeePass)

> - How much less secure is it to not use a passphrase on a key?

That depends on the security of the computer where the keys are. I remember a Firefox vulnerability where one site exploiting it was looking for ssh keys on the local file system. So I'd say that a passphrase is very important.

> - Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

Personally I'm using a key per account per host.

> - Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?

Yes up until 2048 where the returns of increasing the amount of bits will start diminishing.[1]

 [1]: https://www.gnupg.org/faq/gnupg-faq.html#no_default_of_rsa4096

zimbatm 5 days ago 1 reply      
> How much less secure is it to not use a passphrase on a key?

It's better to think about specific attack scenarios. If your keys get exfiltrated because of some local exploit (like a browser vulnerability, a malware download or physical access) then the attacker has access to your servers.

jijojv 5 days ago 0 replies      
From a pragmatic end-user perspective.

1) Disable passwords and only allow keys even for root with PermitRootLogin without-password

2) public-key authentication has somewhat unexpected side effect of preventing MITM per this security consulting firm http://www.gremwell.com/ssh-mitm-public-key-authentication

steventhedev 5 days ago 0 replies      
It depends heavily on your threat model. Just about any key is an improvement over using passwords to authenticate. If you want protection from state-level actors, you need to be really careful and consistent.

Regarding key types:

- DSA keys (ssh-dss) suffer from several issues (fewer bits, bad RNGs in Debian, other issues), and modern versions of OpenSSH deprecate it.

- RSA is pretty standard, and generally speaking is fairly secure for key lengths >=2048. RSA-2048 is the default for ssh-keygen, and is compatible with just about everything.

- ECDSA is largely considered compromised because the constants NIST chose for the cryptosystem weren't well documented how they got them, and the assumption is that the NSA chose them to provide a "backdoor" (so it would provide the same security for a general attacker, but significantly easier for them). This was confirmed as being theoretically possible, and there is of course concern that the NSA could potentially leak those constants, instantly breaking the security of this cryptosystem.

- ED25519 is more or less the same as ECDSA, but was put together by DJB. The big advantage here is speed. EC crypto is much faster to sign, slightly slower to verify, and equivalent security can be achieved with fewer key bits.

- Notes for the future: both RSA and ED25519 become insecure against quantum computing (integer factorization and discrete log are both in BQP).

Generally, use RSA if you work with older servers that only support it, or ED25519 if you like shiny things. Otherwise it's a bit of a tossup.

Regarding using separate keys:

- I follow the philosophy that a private key should never leave the host it was generated on. If you aren't sharing keys between machines, you remove the risk that you'll accidentally share it publicly.

- Beyond that, I'd recommend at a minimum having separate work/personal keys. Keeping separate keys for each user/host you want to log into is a tad excessive, but can be useful for key revocation/rotation.

Regarding passphrases on keys:

- Yes. FDE is sometimes trivial to bypass, and you want to be protected in case someone sets your ~/.ssh folder to be synced to dropbox/samba/etc. You can use an agent to keep the decrypted keys in memory, but I'd avoid using agent forwarding.

Regarding bastion hosts:

- You didn't ask about this, but it is essential for a "best practice" setup.

- Bastion hosts are small VPS hosts that basically run sshd and have a static IP. You disallow any ssh traffic except from your bastion hosts to your servers.

- You'll want to have at least 2 bastion hosts with different hosting services, in case one isn't available.

- Run sshd on your bastion host on a port other than 22. Not for security, but for reducing log volume.

- Run fail2ban on your bastion host, even if you've disabled password authn. Again, not for security, but for reducing log volume.

- Set up fail2ban to alert when a new IP successfully logs in.

Other stuff:

- SSH can use certificates for authentication, and this can make the key distribution problem much easier to solve. I have a script that makes this easier.

- Push for everyone in your organization to use SSH keys, and only SSH keys.

- Defense in depth. All it takes is skipping one step and you expose yourself. Assume that something that was exposed has been compromised. An attacker only needs to succeed once.

tl;dr - the defaults are fine and password protect your keys.

mixmastamyk 5 days ago 0 replies      
I upgraded to ed209 the other day as well.

Two questions came up, how many iterations to use via "-a ", and should I add the private key to my home folder repo in version control? I don't want to lose it in a disk crash, but don't want to give it to bithub either.

benkaiser 5 days ago 0 replies      
Relevant xkcd: https://xkcd.com/538/
Tharkun 5 days ago 0 replies      
If you use multiple identities, and want to reduce the odds of accidentally using the wrong one, then having different passwords is a good idea.
gupi 5 days ago 1 reply      
I would also recommend using two-factor authentication (see services like Duo or Twilio's Authy) along with password-protected keys.
jamiesonbecker 5 days ago 0 replies      
> Is it better to use a different passphrase on each key, or does using the same one not matter much?

Using a passphrase is highly recommended except for server-to-server accounts, which should be locked down (and specify the specific command that server can execute in the authorized_keys file - Userify[1] supports this).

You should definitely use a different passphrase for keys stored on separate computers, and it's not a bad idea to use a different passphrase for separate keys stored on the same computer, especially if they have different servers they can access. However, practically speaking, if your computer was compromised (ie keylogger etc) then it's game over anyway.

> Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?

Yes, it does make a difference, depending on what you mean by "real-world". Anyone less than a state-level actor will probably be unable to cost-effectively attack even a 1024 bit key, but that won't be true for long. We suggest 2048 bit keys if you are using RSA, with 4096 if you prefer extra security and don't mind slight latency during a connection, or ED25519 for keys on systems that support it. Generally the defaults are pretty good. We have a HOWTO for different OS's here: https://userify.com/docs/generating-ssh-keys-on-ec2/

> How much less secure is it to not use a passphrase on a key?

From the server's perspective, it's EXACTLY the same, but from the client (your laptop's) side, it's completely different. While it's possible that your laptop could still contain your decrypted key in its key manager's RAM or suspended state (ie unencrypted swap file etc), the use of a passphrase even on (actually, ESPECIALLY on) a non-full-disk encrypted system will raise the level of effort to access your key to near-impossibility levels, especially from non-state actors, whereas a key that has NO passphrase is a piece of cake. Use a passphrase EVEN WITH full disk encryption (for example, the evil maid attack)

> Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?

If you're using a different key and storing them on different computers, you should probably use a different passphrase on each key. The passphrase (or even if one exists) is not visible to remote servers (or Userify[1] - we provide a free-text field that becomes your authorized_keys on remote servers.)

You don't need to use a different key per user account, although you can. You also should not use a different key per server.. that will turn into a management nightmare. It's perfectly ok to use one key everywhere, but you should probably use a different key on your laptop and desktop, or if the keys have different levels of access (Userify[1] can automate that for you too).

> How/Where should private keys be stored on a device using them?

Ideally on a device using full-disk encryption, including swap and laptop suspend space, to prevent access to a decrypted key in RAM (you are using a passphrase, right?). However, FDE does not protect you from other compromises on your system (i.e., another user that gains escalation to root and installs a key logger), and does not protect against a compromise of your BIOS (i.e., Intel UEFI) or boot process (evil maid attack again).

> What are some of the pros and cons from a security standpoint, and how may doing different things affect the usability of a key?

Keys are safer than certificates because there are less moving parts and no outside requirements for your internal CA or dependency on a CA that might go down. Keys can be a management nightmare at scale, but there is software to manage them (ie Userify[1], ManageEngine[2], BeyondTrust[3], ssh universal key manager[4], keybox[5] (free/open source), etc). If you are doing a small project with few team members, you can also do management with Chef, Puppet, etc, or just by hand.

In terms of usability, a real key solution that manages keys across entire groups of servers with a few clicks can be really helpful... you can do all of the regular SSH things like tunneling (replace stun/sslwrap, etc), proxying all of your other traffic (SOCKS5), keep SSH connection alive (autossh etc), smart ban based on failed attempts (fail2ban, deny hosts), forward encrypted X11 or VNC connections, forward SSH itself (tunnel SSH within itself), and so much more.

We're going to start blogging about all the awesome things you can do with SSH soon, since it's really an amazing and deep protocol.

1. Userify https://userify.com Free cloud and on-premises versions available; full disclosure: I work there

2. ManageEngine: https://www.manageengine.com/

3. BeyondTrust: https://www.beyondtrust.com/

4. SSH Universal Key Manager: http://www.ssh.com/ (no TLS?)

5. Keybox http://sshkeybox.com/

xaduha 5 days ago 1 reply      
https://github.com/philipWendland/IsoApplet + some blank java cards + card reader. Something about Yubico rubs me the wrong way.
anonymousDan 5 days ago 1 reply      
What about for the host key of the server (assuming ssh2)?
sztwiorok 5 days ago 0 replies      
Most important is - keep it safe

Passphrase is strongly advised

yellowapple 5 days ago 0 replies      

 Is it better to use a different passphrase on each key, or does using the same one not matter much?
If the keys are for the same thing (i.e. your personal `id_rsa` and `id_ed25519`), then I'd personally be comfortable with the same passphrase. Different passphrases should be used for different purposes (e.g. you shouldn't use your personal passphrase on work-specific keys).

 How much less secure is it to not use a passphrase on a key?
Depends on the situation. I personally err on the side of caution and use a passphrase on all keys unless it's not physically possible.

If you expect to be moving your SSH keys across machines (e.g. to use your same personal key on both your laptop and your desktop), then they should absolutely be passphrase-protected, even if they're only transferred via encrypted media.

 Should you use a different key per user account, per server, or per use-case (i.e. personal or work)?
There's not really a right or wrong answer to this besides "don't reuse the same key everywhere". I personally maintain one key (really two: one RSA, one ED25519) for all of my personal devices, and maintain a strict policy of full-disk encryption on such devices. I've occasionally maintained separate work keys so that I'm not ever in a position where I need to make my personal keys available to an employer.

Meanwhile, for situations where a server needs to connect to another machine via SSH, each such server gets its own key. That way, if a server is compromised or decommissioned, I can revoke access by key.

 Does increasing the amount of bits in a key really have an effect on the security of the key, or does it not make much difference in a real-world use?
It makes a significant difference. More bits exponentially more attempts required to brute-force it.

 How/Where should private keys be stored on a device using them?
Depends on the device.

A reasonable balance between security and practicality is for any portable media (including portable devices, like laptops/tablets/phones) to be encrypted (in addition to the key itself being passphrase-protected). Better security would be to extend this to non-portable media and machines as well (but this is painful to enforce on servers unless you have physical access).

The directory in which keys are stored should only be accessible to the OS user actually using those keys (so, for example, `~/.ssh` should have permissions `drwx------` when viewing with `ls -la`).

Basically, server SSH keys should be treated like you'd treat your SSL/TLS keys.

 What are some of the pros and cons from a security standpoint

 and how may doing different things affect the usability of a key?
Pretty much everything involves security v. convenience tradeoffs. Generally, the more secure, the less convenient, and vice versa. While absolute security is ideal, a lack of convenience makes it more difficult to effectively enforce (e.g. as part of a company-wide security policy) unless you're willing to put in the work to build up an effective workflow around it.

sztwiorok 5 days ago 1 reply      
I agree with following comment.i was wrong. Thanks asdfaoeu for it.
gregorygraf 5 days ago 0 replies      
i can recommend this link:

Upgrade your SSH keys!https://blog.g3rt.nl/upgrade-your-ssh-keys.html?_utm_source=...

Ask HN: Sites for Practicing Object Oriented Design
5 points by antoaravinth  1 day ago   2 comments top
wwalser 1 day ago 1 reply      
I know this isn't a great answer to your question, feel free to ignore it :).

You may find that books are under rated. With all of the free resources available I find that I often underestimate the value of someone having spent several hundred hours preparing material specific to a subject that I want to learn more about.


Ask HN: What to do with 3K visitors a month?
47 points by SpendBig  3 days ago   37 comments top 22
philsnow 3 days ago 1 reply      
What to do with them ? Do right by them. Try to figure out why they are using your site instead of some other one (slack comes to mind), figure out who your audience is, talk to them to try to find out who they are (not necessarily "what they want", because people will tell you all kinds of things), and give them what they need.

If, at the end of all this, you don't have a clearer idea about how to help these people to happily give you their time / money / eyeballs, then maybe just leave it be and enjoy $30 worth of beer each month or something.

vblord 3 days ago 1 reply      
$30/month is pretty good for 3k in visitors i think. I get about 10k visitors and only make $25 off adsense. What's your website address? I'd love to see where your ad placement is at. Maybe it has to do with the amount of time the users are on the site.

In terms of getting more $, affiliate income makes lots of money. In the old days when we used to run sites with adsense and affiliates, the affiliate income accounted for about 70% of the revenue. If you had a good place on your site for it, I'd start by looking in to the amazon associates program. FYI. The amazon affiliate pays out from 4% - 10% of the sale of the product.

jayzalowitz 3 days ago 2 replies      

We haven't monetized hackernoon.com at all and have instead focused on good content and we are now well into the millions of monthly uniques. Its not worth the time to monitize 3k visitors

SpendBig 3 days ago 2 replies      
Very nice, thanks for the feedback. To give it a bit more context.

The reason I'm not sharing the url is because the code is somewhat outdated and may be insecure. In my spare time I'm working on a new version which matches some of the recent security 'standards'. The website started as a project just for learning how to develop a basic website with interaction between users. So about seven years ago I tried becoming new instance of \Zuckerberg. I started chatting the website all over de chat-places. I added a twitter account, following (by hand :)) all those singles and lonely people out there hoping they follow back. Greeting them every day and helping other twitter addicts keeping their following list clean with new tools also presented within a backoffice on the same website.

My situation only allows me to work just a couple of hours a week on a side project. The reason I'm looking for some new ideas to monetize the project a bit more is because I want to buy a new house, like within a year or so. Just need a 100K in euros additionally to buy a nice place to give my son the full experience of life as much as possible in the way me and my wife dream about it. I can't just switch jobs, because the company I work for did alot for me. And I am a very loyal person when it comes to people/businesses helping me out with stuff.

Now, for the chat service, its more like a lonely-chat-service. About 100 visitors a day, saying "Hi, is there anyone around here?" or something like that. Then, the silence is killing them at which point they probably start clicking those ads :) So as I removed the usefull stuff from the website, people started clicking more on ads, to just get away.

When I read the feedback, I think I should just add some sort of feedback button or create a popup with a textarea in which they can add their dream they expected to get in by entering the website. And then start building them those dreams, for just a penny a day.

aminozuur 3 days ago 1 reply      
Why would you want to make it more profitable? The alternative is giving your users a better, ad-free experience. What makes you happier:1) Getting $100/month in revenue2) Having a fast growing group of users who love your web-app?
Trufa 3 days ago 0 replies      
You need to provide more information about the services you provide.

How specialized are you, maybe if you're incredibly specialized and have the right crowd, you can start having premium accounts, in exchange for special features.

3k is pretty low, for a chat service (in general, maybe for extremely specialized services it isn't).

If possible, try to expand your userbase, advertising? Social sharing? Affiliate programs?

The possibilities are endless and you live and die by the specifics of your niche.

Decide if you want to aim for massive, or niche, ads, premium features, freemium?

If you want more specifics, I think you need to be more specific in your question, but then I'll gladly expand.

xiaoma 3 days ago 1 reply      
>"...but I dont have any clue on how to make it more profitable."

You probably won't fix that in this thread if you don't share the URL or even enough information about your chat site for people to give educated feedback.

What kind of users are they? Do they chat about everything or is there a theme or geographical niche? What kinds of ads are displaying through adsense? How long did it take you to get to 3k users? Do you feel like it will be hard to get more? Why did you throw up adsense at such low traffic?

stanmancan 3 days ago 2 replies      
Aside from having ads on the site, your only real option is a paid plan. In that case, just start marketing the project as "beta" and add a pricing page that says the pricing is "coming soon". Continue building out features and once you get a good enough product to charge for add a paid plan and flip everybody else over to the default "Free Plan" that's limited in a way that users can still use the site, but have enough reasons to upgrade to the paid plan.

Whatever you do I'd try to listen to your users and see exactly what they want. 3,000 users really isn't very many and it would be really easy for them to disappear. Talk to your users, find out why they're using your site/service, keep that in mind when building out your feature set.

Edit: Keep in mind, building out the service and keeping it free is also an option, especially if you enjoy working on and running the site. If you listen to your users and keep improving the product, it's very possible to turn 3K monthly users into 300K. I run an API that has a front end site which gets around 175K monthly hits and brings in about $1300+ (CAD) a month from the ads. The site costs peanuts to run so I'm happy to serve the 35 million API calls for free and fund the project 100% via adsense. It just depends on how far you'd like to scale it and what your users are like.

jlobato63 1 day ago 0 replies      
I suggest to add some premium content to profiles. Charge a very low price - 2-3 Euros/month - and have people pay at the end of each month. If they dont pay then close their account/profile. This way they only pay if they are satisfied and allways have the last 30 free days.You only need 10 paying customers/visitors - 0,3% of current visitor numbers to earn the same as with adsense
throwawayValue 3 days ago 1 reply      
It's a great feeling knowing that you've built something which is used by thousands of people, but even better when it's generating revenue to cover the costs (your time, hosting, etc). However, to put things in perspective you're really only talking about 100 visitors per day and $1 in revenue. Factoring that, I suggest focusing more on improving the site, growing it's traffic and then when it passes 500 visitors per day start focusing on revenue. If you prefer the AdSense route, make sure you've optimized your ad placements and the type of ads you're serving.

This advice is coming from someone who has a site doing roughly $5k month from AdSense via 275k+ visitors / 1.3M+ pageviews and it makes up about 30% of the site's revenue. Rest is from paid plans & affiliate marketing.

milesvp 3 days ago 0 replies      
As a chat service, you may have some options for adding premium emoji, premium avatars, or other digital displays of wealth. Digital gifts can be another option. Ok Cupid is rumored to have made a lot on digital roses. Premium services like private rooms may have value as well.
jeffmould 3 days ago 0 replies      
My question is do you have 3000 visitors or 3000 MAU? There is a big difference. With Adsense there are things to consider to increase your revenue, such as who your users are (location and demographic), the type of content on the site, and how long they stay on your site.

As others have pointed out, without knowing more about your site it's difficult to answer. But some suggestions. Try selling add-ons such as premium emojis or avatars. Look towards a premium account with added features as well.

namank 3 days ago 0 replies      
Go to a startup meetup and hook up with someone you think will be great at marketing or knows something about the chat space that you don't.

Partner with them on making this more profitable.

ialex 3 days ago 0 replies      
I work building tools for ad optimizers, next step they take is to get an account for DFP and Ad exchange(Google) which offers better revenue, there are also other ad networks you can configure on DFP to boost revenue like PubGalaxy the thing is you need to take time to test each one or get help for a pro ad optimizer and these days all big publishers are using Header bidding, you can reach me alejandro [at] ialex.org if want more details.
zerognowl 3 days ago 0 replies      
Flattr is worth investigating: https://flattr.com/

Also you can ask for Bitcoin / Litecoin donations depending on how technical your visitors are. I know you want normal currency, but you can convert BTC using Coinbase and other exchanges

montibbalt 3 days ago 0 replies      
It's awesome that you made it this far, but to be honest 3k MAU just isn't enough. If you're making money through ads, you'll want more eyeballs on them so try getting more users! Depending on how far you want to take it, your username may unfortunately become very relevant.
kwhitefoot 3 days ago 0 replies      
Where is it? If you had given us the URL you might have got a few cents more.
shanecleveland 3 days ago 0 replies      
Is it oriented toward businesses? Or is there an angle to create a more business-oriented version? Better ad payouts in my experience, and more likely to pay for a service.
afarrell 3 days ago 0 replies      
Does your community share some set of problems in common? If so, look for sponsorship by an organization that makes money solving those problems.
wehadfun 3 days ago 0 replies      
You could probably sell ads on your own depending the audience. If its a bunch of CEOs on their you could probably sell ads for millions.
dismantlethesun 3 days ago 0 replies      
Depends on what they're talking about. What's the name of your site?
strugglefun 3 days ago 1 reply      
Ask HN: How (un)secure are the passwords saved at my browser?
30 points by soneca  3 days ago   10 comments top 5
Arcsech 3 days ago 0 replies      
Yes, browser password storage is really poorly secured. For what it's worth, a Chrome staffer explained on this very site[0] their reasoning, but that doesn't really sit too well with me - in my opinion, browsers should either go all way the way and integrate a full KeePass/1Password style password storage or remove the feature altogether.

Firefox appears to be a bit better by letting you set a master password that's used to encrypt passwords[1], although without digging into the behavior I can't say exactly how much that helps.

[0]: https://news.ycombinator.com/item?id=6166731[1]: http://kb.mozillazine.org/Master_password

zerognowl 3 days ago 1 reply      
Lastpass is zero-knowledge but subject to any number of attacks on the client. As the old adage goes: If you can't attack the crypto, attack the client! My personal setup is an always updated version of KeePass. I gave up using 1Password when I realized the loopback is cleartexted when autofilling passwords, and a host of other vulns like the .opvault format not used as the default, and too many other vulns to count. The master password is also a single point of failure and once you get that, you get everything. A chain is only as strong as its weakest link and all that. With KeePass even if they have the master password, they also need a second key / keyfile, and a machine ID so a copy of the KDBX file is useless to an attacker (unless they can emulate your machine UUID).

You can read more about that 1pass vuln here: https://news.ycombinator.com/item?id=11212002

wkd 3 days ago 0 replies      
What advice I give in terms of computer security I see more like being sanitary similar to washing your hands, it will not make you free of germs but it will greatly reduce the chance of getting an serious infection. The thing you should realize is that your data will never be perfectly secure. You could take your data offline and store it on an encrypted hard-drive in a waterproof safe on the bottom of the ocean and there could still be ways to access it. You need to find a middle ground where you feel safe enough not to worry about serious infections but aren't afraid of germs to the level it affects your every day life.

Most browsers store their passwords in plain-text, this means there's applications that can fetch all your stored passwords from all browsers and send them to an undisclosed location in seconds given user level privileges on the machine.

By upgrading to lastpass you have reduced that attack surface by using a secure passphrase and encrypted data-store but you have increased your attack surface to anything accessing lastpass servers and application bugs.

With all these attack vectors one might think that it's better to just not save passwords and just remember them, while this is true in theory in practice it's impossible to remember a sufficiently unique password for each website you are registered to which leads to password reuse which is another much greater attack vector where your leaked passwords from one site can be reused on other sites.

In general I would advice you to use a password manager that generates and encrypts passwords (Lastpass is one of them), use a secure passphrase and don't reuse passwords. Password reuse will likely make you less secure than writing your passwords on a post-it by your computer (don't do that either)

I would also consider looking into using proper 2-factor authentication for sensitive login (document storage, email, password manager) but I don't want to bore people with the details there so I'll defer you to do some independent research


* Store passwords encrypted (Lastpass is fine)

* Don't reuse passwords on different sites

oxguy3 3 days ago 0 replies      
Yeah it's pretty easier to get to your saved passwords in Chrome -- they're at chrome://settings/passwords. They're not encrypted or anything (depending on your OS, you might have to enter your password to reveal the passwords at that link, but that's just to stop unsophisticated snoops -- there's nothing blocking access to the plaintext passwords on your hard drive). I'm not sure precisely how LastPass is accessing them (I use 1Password) but I'm not really surprised. Chrome's password store is for convenience, not security. If you want security, use 1Password or LastPass or something.
jasonhansel 3 days ago 1 reply      
Passwords stored by the browser can't be encrypted. Unlike with, say, LastPass, the browser doesn't have any "master password" to encrypt data with. Moreover, the passwords can't be stored as hashes (like in /etc/passwd), since websites require users to provide passwords in plain text.

Granted, if you use full-disk encryption, this concern is much less serious.

Ask HN: How much do you make in London?
125 points by ldneng  3 days ago   165 comments top 70
gringofyx 3 days ago 2 replies      
Reading some of the amounts listed is a bit depressing, I thought that the increased cost of living in London would justify salaries and rates much higher than the average.

By contrast I know from personal experience you can earn the same or better than what's listed here outside of London and enjoy the lower cost of living.

throwawaylon3 3 days ago 1 reply      
Senior Software Engineer (and manager) at Google, ~15 years experience. 100k GBP salary, plus 20% bonus and stock vesting. Gross 200k+ GBP.
LondonTA77 3 days ago 2 replies      
ASIC design, 7 years here now. 45k + bonus + pension + healthcare. Without the bonus it isn't anywhere near what you'd get in a bank, explains why so many of my university mates took their EE degrees into finance. Probably partly due to the lack of hardware jobs in the capital. I've always found the name 'Silicon Roundabout' very ironic.
frowaway_lon 3 days ago 3 replies      
This is a bit depressing. In 2010 I retired from full-time post as Investment Bank, front office senior dev on 100K with 30-50% bonus, 20 years experience. C++, Java, Sybase, finance tech and domain knowledge, and colleagues in hot areas were getting way more than that. My impression that rates are dropping seems to be confirmed.
strongai 3 days ago 0 replies      
Senior technical author. I freelanced from 2004-2013. My very first London contract in 2004 was at 350 a day. Nowadays, it's crazy bad - anything from 200 to 400, maybe 450 if your domain knowledge is spot on. And Google - I'm looking at you - contract rates of 20-25 an hour have been bandied around in conversations with recruiters. So, no real market uplift in more than 10 years, which is why I'm now a permie (not in London) on 55K basic plus 20% bonus, no stock.
throwawayberlin 3 days ago 1 reply      
Degree in Graphic Design, 8 years industry experience, started with Flash / ActionScript and moved to JavaScript about 5 years ago.

Freelance Flash animation / dev for big digital agencies and ad companies (5 years ago) - 250 p/h, with 3 years experience.

Tech Lead - Digital Agency in Shoreditch (1.5 years ago) doing Node / Ember / Angular / DevOps - 45k, however I chose a lower salary for more leave and flexible working hours.

Freelancing JavaScript dev (Node, Angular etc), digital agencies - aprox 300-350 p/h

Now I work in Berlin in a dev role doing Node / React / Redux. 57k. My living expenses are 1/2 what they were in London, and I live in a central Berlin 1 bedroom apartment rather than shared housing.

bugahdug 3 days ago 1 reply      
PHP Developer in the Southwest of UK (Devon, Cornwall, Somerset etc) 25k, no bonus - and that's about average. Living here isn't the cheapest either, 600pcm for a 2 bed flat, over 1,000 a year for water.

Really need to move towards the midlands (Bristol, Birmingham, Leicester, Staffordshire - cheaper rent, cheaper water, higher pay)

I've been a Dev for 7+ years.

contingencies 3 days ago 0 replies      
Hadn't worked in the western workforce in 7 years. Turned up in London in 2009, got 40k, kicked ass, had 60k within 3 months, up from there. These days I honestly wouldn't live in London for under 100k. I think the thing to do is contract work, live out of London (even in mainland Europe) if at all possible.
barpet 3 days ago 1 reply      
Those people @ 55 - 60k (EUROS) should really ask themselves if it's worth working in London.
londontosser 3 days ago 0 replies      
Yet another throwaway acct. 20+ years large-scale ops and security, last five with one of the "big five" tech companies. 100K base plus stock worth 150-200K/year depending on which way the market wind was blowing on vesting dates.

Currently doing my own startup and cyber-security consulting for 750-900/day.

infinii 1 day ago 0 replies      
This thread has me thinking whether all those claims that financial compensation isn't that important in job satisfaction is true or not. How often do we see threads asking about non-financial benefits.
TamDenholm 3 days ago 1 reply      
Contractor, PHP/Full stack, 11 years exp, 350 - 400 a day in London. Not risen much in 5-6 years which is why i started doing other things like business consultancy.
ShinyCyril 3 days ago 1 reply      
While we're on the subject of tech jobs in London... does anyone work with FPGAs?
lozette 3 days ago 1 reply      
Developer (currently at a startup) 62k, no stock but I do have a pension/healthcare.

17 years experience, initially as a general web developer, then front end, now more back end. Currently Ruby on Rails but I can turn my hand to almost anything.

Not a manager, not a senior developer, not a tech lead. No desire to be.

I work quite short hours (9.30-5) and that's what's most important to me.

ThrowAwayLondon 3 days ago 3 replies      
(throwaway account for obvious reasons)

Web Developer in London for a dating company - 75000 pa (with bonuses it's around 110000 pa)

throwmeaway9 3 days ago 0 replies      
Contract Senior Developer, stack is usually SPA (Angular/React) with "modern" .NET.

Current gig 475pd, to be honest I had better leads but the client offered the same day of interview and I started the following day.

I have 6 years experience and no degree.

Guy next to me does the same job for 53k.

Edit: media type of industry. Work normal hours, usually 9-5:30.

londonite 3 days ago 1 reply      
Throwaway for obvious reasons.

No degree. Around 10 years experience in Network Security.

- BigCo

- Permanent position

- Cloud stuff

- 66k plus bonus et al which pumps it up to around 88k

thrwwyldn777 3 days ago 1 reply      
"Lead Developer" with a startup, 55k (I refused options in preference of salary).

I have a PhD (4 years programming), and ~4 years professional experience as well.

Previous roles:Fresh Graduate: "Developer" 28k + 3k bonus.Fresh PhD Graduate: "Senior Developer" 40k.

asldfkweiorz 3 days ago 1 reply      
Throwaway.Data Scientist, Insurance, FT, 39k a year, approx 3 years experience.
throwaway_27Sep 3 days ago 0 replies      
Currently Senior Dev at a startup: 50k + 3.5% equity.Previous Hedge Fund: 95k + 25-50% bonus.Investment Bank: 80k + 25% bonus

Experience: 20 years as a dev.Skills: full stack dev .net, angular, iOS etc.

novapost 2 days ago 0 replies      
Senior Systems Specialist,32k pa. This is in the North East of England. Job actually involves anything from traditional system/network admin to web development and almost everything inbetween, supplier management, procurement. Probably under paid for the roles covered but thankfully not in a major city.
ijuhoor33 3 days ago 0 replies      
Senior iOS, contract, last year: 575 per day in a medium sized companySwitched to a smaller company as Team Lead for 500 per day
Throwaway33333 3 days ago 1 reply      
650 / day, almost all remote doing Hadoop and Redshift Consulting and POVs. Coding for 15 years, in Big Data for the past 5.
1_player 3 days ago 1 reply      
Contractor 100% remote, full stack, 10y experience, currently 40/h, will increase to 50 before the end of the year.
gooseherald 3 days ago 2 replies      
Contractor, currently 650/day. Hoping to increase that to 850/day by end of year. Experience > 15 yrs in web dev, though maybe only last 5 applies now (I don't do PHP 3 or perl any more).

Edit: long term so no "off" days & 150k ish per year depending how many holidays I take.

bowchickabowwow 3 days ago 0 replies      
I have a computer science degree and around 9 years experience doing full-stack web development(Ruby, PHP, Python, JavaScript). A year ago I was making 55k + around 5k worth of perks as permanent employee. Now I'm doing freelance roles for 350-400 pd.
mrsomeone7 3 days ago 0 replies      
Developer contractor, nearly 20 yr exp., now mainly .NET, works out at just over 1 a minute :-)
throwawayPayLdn 3 days ago 1 reply      
Just switched roles so can give two:

Small Investment Bank - 61k + ~30% Bonus (3-5years experience) Java / Angular - Back Office Developer - Permanent

Small Hedge Fund - 65k + 50%+ Bonus (expected/promised) - .Net / WPF (5years experience although not in .Net) - Permanent

throw9383 3 days ago 1 reply      
For comparison, in Devon. Full stack senior developer, 20 years experience, full time - 42K.
wastedhours 3 days ago 2 replies      
Are we only talking programmer side?

Digital marketing, education sector, 4 years experience: 39k + healthcare

spoonie 3 days ago 0 replies      
"Intermediate" dev using Ruby-On-Rails mostly with a bit of Python, JS, and Go: 41k for the first year and 45k for the second.EDIT: no stock, and only benefit was WFH 1 day/week, and 1% matched retirement savings plan.
throawaylondon3 3 days ago 1 reply      
Senior front end developer. 4 years experience. Now a contractor on my first project at 350/day in a big company. Expecting this to rise to 400/450 for the next gig. A few months ago I was full time at a startup on 52K.
throwaway78978 3 days ago 0 replies      
Senior Web Dev 550/day 7 years experience no degree.

Startup salaries topped out at 80k (ignoring non-liquid stock) so went contracting. You need the stomach for it, but it pays a lot better for similar work.

jakub_g 3 days ago 2 replies      
Semi-related question: How do you calculate taxes in UK? Is the base of the tax the salary offered by companies in job offers? I mean, with say 60k job offer, do I pay tax from 60k? (with the last 17k being taxed at 40%)?
ldnthraway 3 days ago 0 replies      
Finance, QA, permie, 5 yrs exp., 56k + ~10k bonus.

I've been longing to go contracting in the last few months, but judging by the sentiment on this thread, it doesn't look like it's a wise choice.

J-dawg 3 days ago 0 replies      
Front end developer, large IT consultancy, 35k, no bonus. Feeling underpaid.
noelwelsh 3 days ago 1 reply      
I don't work in London but I know many people who do. The experience Scala developers I know who work contracts get 500-700pd outside of banks, and 600-900pd in the banks.
santiagobasulto 3 days ago 1 reply      
This is kind of offtopic, but "There's recently been a lot of discussion about how much people are making in different areas of the US". Where can I find that post? Thanks
throwaway782 3 days ago 1 reply      
Snr Cloud / Infra. 650 day remote working (desk in London but physically in the office 1-2 days a month), 1 yr contract - but renewable. Annualised, 156K
p0la 3 days ago 0 replies      
Front-Office Quant Research in French bank, 4 years experience, 70k fix + 35k bonus. Definitely lower that what you would get in a US or UK bank.
throwbay654321a 3 days ago 0 replies      
70k + stock + 1% matched pension. Senior software engineer. PhD and 4 years professional experience. Work 9:30 to 6. Ruby on Rails.

Throwaway account

acta_non_verba 3 days ago 0 replies      
Startup, full time employee, called Senior but I only have one year of commercial experience, 47,500. ~10% annual bonus & Stock Options.
ukthrowaway123 3 days ago 0 replies      
Lead a team of 6 in one devision of a medium sized org. Web services + api. ~10 years exp.85k plus 30% bonus (expected), no stock.
londondev998 3 days ago 0 replies      
Senior developer with a front-end focus at a startup with some corporate backing, 7 years of experience, ~80k plus benefits.
ThroAwayLondon2 3 days ago 0 replies      
Established privately held (profitable) company, full-time tech-lead, Telecoms + Web + Backend, 10 years experience - 50k.
throwmesalary 3 days ago 0 replies      
At a major retail company, here are our published ranges:Engineer 40-65KSenior Engineer 60-80KPrincipal 75-95k
ThrowAwayBlah 2 days ago 0 replies      
Contract PM in Investment Banking IT, 20+ years experience, 800/day.
surprised_dev 3 days ago 0 replies      
7 years of experience, mostly PHP and Python. Started at 44 after 2 years 51k. Now got offer for 80k~ as devops.
nicolasMLV 3 days ago 0 replies      
In 2013 I declined an offer (first job, graduate): software dev in bigco (IT Provider travel industry), 38K
ldnthrowaway 3 days ago 0 replies      
Startup, Software Engineer (JavaScript), 2.5 years experience (Grad May '14), 38k, 12% bonus.
user1728596 3 days ago 0 replies      
Software Developer - 13 years experience

One of the big tech companies

70k Base20k Bonus+ ~20k / year stock vesting

omurphyevans 3 days ago 0 replies      
Senior Infrastructure specialist, big bank, 14 years, 450 a day, annualises to about 110k
thawlondon 3 days ago 0 replies      
52k, some stock, healthcare. Senior dev in a video game company. ~8 year experience
thrwaynow 3 days ago 0 replies      
Contractor, 700/day, investment bank, back office role

10 years C++, specialised in low latency

throwaway723895 3 days ago 0 replies      
Full stack (mostly PHP) contractor, 15 years experience, 100% remote, 400/day
aprdm 2 days ago 0 replies      
Used to make 32k at startup. 3 years of experience .
wissam124 3 days ago 1 reply      
Quant risk analyst for a commodities trading house

Base 67kBonus anywhere between 15 to 50%

anonforpay 3 days ago 0 replies      
Software engineer (front-end) 8 years experience

77k basic 10k bonus plus stocks

throwawaythrowa 3 days ago 0 replies      
Senior developer in the Civil Service, 8 years experience, 60k/year
jalev 3 days ago 0 replies      
45k pa working as a DevOps for one of the console companies for 2 years.
datthrowawaytho 3 days ago 0 replies      
Mid senior Android Developer in social network 55k +12% bonus no stock
qqqqqqqqqqq 2 days ago 0 replies      

28k in London, full stack dev with 2 years experience... react + redux, node, express, elasticsearch, rabbitmq, postgres, mongo etc.

Thisisrandom8 3 days ago 0 replies      
Im not in London still in(uk), 1.5years IT Security,18k :(
le_ticket 3 days ago 0 replies      
working for an engineering consultancy at a very senior technical level, overseeing big data projects, and doing some business development. 80k p/a plus benefits
throw31337 3 days ago 0 replies      
Full time senior Java/Scala/JS @ 48K :/
middleman90 3 days ago 1 reply      
6 years experience. software developer 450 per day
uuidlondon 3 days ago 1 reply      
Throwaway. 79k + stock option + benefits
z4n 3 days ago 1 reply      
lead developer, no degree, gaming: 75k base + 30k bonus.Mostly c++, some objectiveC and java
idfsifdsjio 3 days ago 0 replies      
throwaway account

Front office large investment bank. Java. Perm. 15 years in banking, 20 years in programming

110k - no significant bonus.

dan_b 3 days ago 1 reply      
May I suggest something more anonymous like a google spreadsheet? Or a HN poll?
Ask HN: What's the best way to learn about the blockchain?
258 points by m52go  6 days ago   73 comments top 36
lhnz 6 days ago 5 replies      
Building the minimum viable block chain: https://www.igvita.com/2014/05/05/minimum-viable-block-chain...

That's where I would start.

shp0ngle 6 days ago 4 replies      
Everything in Bitcoinlandia is fairly superficial, since everyone is trying to sell Bitcoin and make himself rich. So it's like reading multi-level-marketing books.

That being said. What's actually kind of good (with actual technical specifications) is Bitcoin wiki, even when it's slightly outdated; then official bitcoin website; and sometimes bitcoin stack exchange website (but that can become outdated too).

I don't think Blockchain can be disconnected from Bitcoin, and if you do, it's very general and not that specific.

justinpobrien 6 days ago 1 reply      
Highly recommend the Princeton book and Coursera course as a starting point.

And if you want a compiled list of resources for learning:https://drive.google.com/file/d/0B6CKmAqa1_nzRGVicnlHY1BaaUk...

daveguy 6 days ago 2 replies      
I assume you have read the the original Nakamoto paper on bitcoin. I will put it here for reference purposes. It is a seminal paper on blockchain and fairly accessible.


zmanian 6 days ago 1 reply      
I highly recommend the Princeton book and associated video lectures as a place to get started. It does a great job of framing things in the context of the wider fields of cryptography and distribute systems research.


daniel-cussen 6 days ago 1 reply      
My understanding of how the blockchain works:

Someone tells a joke based on a prompt. This would be your Genesis block. Then everyone else competes to tell the funniest joke based on only that and the new prompts from the audience.

Repeat until you have an ongoing, hilarious comedy routine that cannot be edited after the fact without being found out because that would ruin the whole routine. It just wouldn't be as funny.

fode 6 days ago 0 replies      
This has been a great resource for me, especially Andreas's video at the end:

Inserting metadata into the blockchain.https://medium.com/@bkawk/inserting-metadata-into-the-blockc...

Andreas M. Antonopoulos: "Consensus Algorithms, Blockchain Technology and Bitcoin" [UCL]https://www.youtube.com/watch?v=sE7998qfjgk

wslh 6 days ago 0 replies      
I think a good unorthodox start is skimming/looking at Q&A sorted by votes on [1] and [2]. A good book but oriented towards bitcoin is [3]. My company also made an spreadsheet comparing different blockchain approaches [4] to have a high level understanding (e.g. blocks speed, security vulnerabilities)

I work in the field and the most difficult thing is to separate the noise from the signal. On talks with financial institutions and the government, they say they want to use the blockchain but when you ask about how many nodes they are planning to run they came up with one, or doesn't understand the question. Also, there are a lot of use cases that are not realistic because they depend on oracles or there is no way to enforce the smart contract in the real world.

[1] http://bitcoin.stackexchange.com/questions?sort=votes

[2] http://ethereum.stackexchange.com/questions?sort=votes

[3] https://www.amazon.com/Mastering-Bitcoin-Unlocking-Digital-C...

[4] https://docs.google.com/spreadsheets/d/1DQ770nGnHfJOoRSqTLmI...

fitzwatermellow 6 days ago 0 replies      
Stanford CS 251: Cryptocurrencies, blockchains, and smart contracts


bachback 1 day ago 0 replies      
1) Read the original blockchain article: http://szabo.best.vwh.net/securetitle.html

2) Longest lecture Nick Szabo, inventor of blockchains, ever gave was in the money museum in Zurich: https://www.youtube.com/watch?v=tWuN2R2DC6c

3) Study the original source code (bitcoin version 0.0.1).

4) https://github.com/bitcoinbook/bitcoinbook

gregoryrueda 6 days ago 0 replies      
21 has some fun tutorials.https://21.co/learn/

The intro to bitcoin concepts is great place to learn about blockchain.


elorant 6 days ago 1 reply      
I would suggest the book Mastering Bitcoin from OReilly. I dont have extensive experience on the issue but what really worked for me is that the book provides code examples (in Python and C++) that help get a better grasp of the technology.
umutisik 6 days ago 1 reply      
Probably too basic for original poster but this post by Michael Nielsen helped me with the basics of the bitcoin protocol. http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-a...
jloughry 6 days ago 0 replies      
Set up a full node at home and run it for a while. Turn on logging and watch the messages there.

You'll need (at present) about 80 GB of disk space to hold the blockchain. The full node client will download it for you or you can torrent a recent snapshot of the blockchain and then synchronise from there (quicker).

The software you can obtain from here:


Or you can use git to pull the source code from GitHub and compile it yourself. I've done both, and found the developers on GitHub friendly and responsive to pull requests, even helpful to a newbie submitting a first pull request.

Beware that running a full node will try to eat all your upstream bandwidth. It takes a few days for the Bitcoin network to notice the existence of your new full node, but the number of connections will grow (others asking you for pieces of the blockchain, as well as transaction verifications). You can learn a lot about the Bitcoin ecology this way.

aerovistae 6 days ago 1 reply      
This book is insidiously useful. I went from not getting it at all to getting it more or less completely. Includes code interacting with the blockchain in a wide variety of ways.


scott_ci 6 days ago 1 reply      
I've found that getting a wallet and sending some Bitcoin is a great first step. This course introduces Bitcoin and also surveys an array of other decentralized, blockchain projects: https://www.pluralsight.com/courses/bitcoin-decentralized-te... (caveats: self-promotion, pay-walled, but the free trial allows you to watch 95% of it).

Bear in mind that the word "blockchain" is an evolving word; almost every definition I've read differs. Some see it as barely different than a distributed database that doesn't allow deletions. Many others see it as paradigm shifting.

anatoly 6 days ago 0 replies      
I liked this for a technical introduction:http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-a...
blockchain 5 days ago 0 replies      
Read the original Bitcoin paper, it should take no more than two hours even if you're not technical; http://genius.com/Satoshi-nakamoto-bitcoin-a-peer-to-peer-el..., once you understand what a blockchain does you'll probably want to know more about smart contracts http://about.smartcontract.com/#defining-a-smart-contract, since their decentralized data/transaction storage capabilities enable the decentralized computation which has the capacity to replace 90%+ of computable contracts (http://www3.weforum.org/docs/WEF_GAC15_Technological_Tipping...) which are currently in silos, much like what we had with various data before the internet
bitcointutoring 6 days ago 1 reply      
Hi m52go,

I have a blockchain/bitcoin tutoring service at www.blockchaintutoring.com. I did a Show HN but didn't get a single comment :(

I'm a programmer myself, but my target market is not the typical HN user. I'm looking to teach more business types and people in the law profession, for example. I'm preparing a small course plan to help people get from 0 to knowledgeable. The course will certainly be a bit technical, but I would not cover for example the pros and cons of the blocksize debate unless someone asks for that information.

I invite you to contact me, either through my website's contact form or the email address there provided. We can chat, and then if you ever choose to use the service, it's going to be at a discount for HN users. Your questions will definitely help me tailor my offering.

jeffrestore 6 days ago 0 replies      
Capability-based Financial Instruments:http://www.erights.org/elib/capability/ode/index.html

Although this paper does not directly address the blockchain, I believe it and the thesis below are at the root of the concept. (If you want to go down the rabbit hole, check out the references page of the above paper). Fair warning, the above paper is from 1999/2000 so obviously much has changed, but still worth reading.

Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control by Mark Samuel Miller:


Razengan 6 days ago 2 replies      
Newb question: Why do people refer to it (these?) as "the" blockchain?
izqui 6 days ago 0 replies      
If you are interested in the technical implementation of it, I did a very basic version of a Blockchain in Go a while ago.


hendzen 6 days ago 0 replies      
Honestly your best bet is to read everything Gregory Maxwell has ever written.
udayj 5 days ago 0 replies      
Annotated Bitcoin paper (which also talks about Blockchain) - http://genius.com/2683791Digital Currency MOOC http://digitalcurrency.unic.ac.cy/free-introductory-mooc/
benev 6 days ago 0 replies      
I wrote a piece for Linux Voice on how bitcoin works a couple of years ago. It's obviously focused on this particular blockchain, not the principal in general and it's a couple of years old now. I tried to give a good overview for techincal people : https://www.linuxvoice.com/bitcoin/
ftlio 6 days ago 0 replies      

^ Following along with this helped me a lot. Bitcoin is a rather large onion, but, as others are saying, implementing parts of it is the only way to go.

brudgers 6 days ago 0 replies      
I found the various interviews on Software Engineering Daily informative. There's probably more than revealed by a naive search, but it's a start:


adamqureshi 6 days ago 0 replies      
I was working on this service. Teaching blockchain bootcamp courses online. I found a few instructors. Just need go figure out the MVP. Are you in NYC? Check the landing pagehttp://studioblockchain.com/
Everhusk 6 days ago 0 replies      
If you enjoy more of a hands on approach, try getting a miner setup for some new coin. You'll learn a ton in the process.
kobeya 6 days ago 0 replies      
brighton36 6 days ago 1 reply      
Blockchains are just databases rebranded to be something interesting when cryptography is applied. There's no magic to keeping transactions in 'folders'. Database journaling, and message signing has been performed since the 80's (or older)
ttam 6 days ago 0 replies      
as others have mentioned, the princeton course videos + _homework exercises_ are a great entry point. also read satoshi's paper and then other resources
kapauldo 5 days ago 0 replies      
Read the Greek guys open source book.
Nano2rad 6 days ago 0 replies      
Learn elliptic curves.
Ask HN: Developer salary at nonprofit in Bay Area?
11 points by m52go  3 days ago   9 comments top 6
zephharben 3 days ago 1 reply      
I worked at two technology-focused nonprofits over a stretch of 11 years (mostly in management). At a well-funded nonprofit, you can expect salaries to run around 25 - 30% below market rates.

For organizations that are closely aligned with humanitarian causes (e.g. health projects in the developing world), I've noticed a much higher gap, presumably because these organizations are able to attract talent that's more passionate about the cause/willing to accept lower compensation.

brudgers 3 days ago 0 replies      
Non-profit does not mean charity, though it can. If the non-profit is well funded then there's not necessarily a reason that employees ought to make direct donations via their paycheck.

None of which is to say that a particular individual might not wish to take a position with a particular non-profit that pays less than market rate for a variety of reasons. Only that non-profits often pay full market rate for development [in the context of donors] and fund-raising and administrative staff as well as for services and goods from outside organizations.

Good luck.

amorphid 3 days ago 0 replies      
I'd say it depends on how well the non-profit is doing. I recruited a couple dozen engineers for a couple of successful non-profits in the Bay Area. They usually paid 10% to 20% less than my startup clients, and probably offered a less demanding life style.
zachlatta 3 days ago 1 reply      
30% below market is considered competitive for well-funded Bay Area nonprofits. 70-80k for software engineers.
sfrailsdev 3 days ago 0 replies      
Non profits vary widely enough that you see places that can only take volunteer developer time and maybe provide some sort of tax benefit, maybe not, and places that pay something approaching market rate.

What's important is that you feel fairly compensated, and that you don't have to fight for that too hard, so that your income continues to grow.

nmgsd 3 days ago 0 replies      
Kaiser Permanente is technically a non-profit. Their wages are more or less in line for tech jobs at bloated big bureaucratic companies where the performance demands are low and the meetings schedule is full.

edit: but other non-profits will typically pay much lower.

Ask HN: Blindsided by YC competitor after MVP and starting to promote, advice?
18 points by patrickxie  1 day ago   9 comments top 6
patrickxie 1 day ago 2 replies      
OP HERE, continuing post in comment due to character limit.

I see several advantage and disadvantages both of our startups have.

first they might be pressured to focus on profitablity since they are funded, I don't.

they have side projects, offering courses on growth, and doing case studies, which I think are being purposed to be potential loss leaders to drive the main business. however the confusing part to me is that they are already monetizing for these side projects, which leads me to conclude that perhaps their investors are getting impatient and are pressuring them for returns already? which means that they are vulnerable to anyone that can offer the same product for free can starve them to death with a runway siege. and it will be hard for them to raise additional funding because if current investors aren't seeing good returns, how will additional investors buy in?

they are also doing a lot of inbound marketing, not yet outbound, means they have no sales team yet, first mover advantage to reach all the potential customers in the market is not yet capitalized.

plus there is always room in other markets on the globe, and I do have the language capability and freedom, and if I were to launch to a market like china for example

They have SDK for android, ios, and maintain libraries in js and python, where I am only doing python and utilizing react(native). Which means I will have smaller potential clientele, but it also means I can iterate much faster.

I do believe both of our startups have numerous similar and different challenges to overcome. I do have a couple ideas on how I could execute better to one day lead the market, if not then at least forever be a barrier to them in their journey to capture the total addressable market. Hey, nothing to lose for me right.

recmend 1 day ago 0 replies      
1. You should work on acquiring customers / beta signups while building MVP, it should be parallel not serial.2. Have you done any validations that it's a important problem for your customers i.e. vitamins vs painkiller3. You shouldn't be worried about a YC competitor. Focus on building, talking to customers and growth.
GFischer 1 day ago 0 replies      
Don't worry that much. I've seen two YC-funded companies that are similar to my own side project, and both failed to gain traction. As the others said, I'd worry a lot if there was NO competition (and it will be funded, count on it).

Look at different angles than they have :) . For starters, you're not competing on keywords ! :)

_jdams 1 day ago 0 replies      
Having competitors is great! Congratulations on that.

Now is where the real work begins. Continue to improve your product or service and you will prevail.

Mz 6 hours ago 0 replies      
I-phones and Android phones both exist. I don't think either is likely to die due to the existence of the other.

Just get on with building your thing. This mostly doesn't matter.

samfisher83 1 day ago 0 replies      
What is your startup?
Ask HN: How would you tell that your app is going to require a subscription?
7 points by diegogcouto  2 days ago   11 comments top 5
mtmail 2 days ago 1 reply      
Here is an email I received from rollbar.com when they announced price increases. I was impressed enough how they chose their words to save the email.

 Your account is on a plan from prices that we set back in February 2015. Back then, we were 5 people in a San Francisco coworking space trying to figure out if what we were building was going to be useful to anyone other than our early adopters. Over the past year and a half, we've learned a ton about just how valuable Rollbar can be, how it fits into the modern software development lifecycle, and where it can go. Tangibly, we have: * Grown our full-time staff over 3x, from 5 people to 17 * Hired dedicated support staff * Released and improved countless features, including SSO, 2-factor auth, and tons of integrations ... and we're extremely excited to keep working on our missionto help developers build and maintain software, quickly and painlesslyfor many years to come. To have the resources to do that, we need to adjust our prices to better reflect the value that Rollbar can provide, and we hope that you'll stick with us on this journey.

napsterbr 1 day ago 1 reply      
If most - or all - of your users are Brazilian, then I'm afraid you'll have a hard time. People here don't realize the value in software/apps.

Offer a full month trial to your existing userbase, and 1 week trial to new users. The Rollbar email is a great example on how transparency can go a long way. Consider offering different pricing plans with different set of features. Power users are more likely to pay more, and casual users can continue using limited features at a smaller price.

Also, as much as I agree with traskjd comment, I don't think it holds true to Brazil. You probably know what I'm talking about. I'm afraid the strategy here must be "price as cheap as you can", unless you are dealing with a very special audience (or with enterprises).

I'm happy to know how this turns out. Consider sharing a blog post with your experience :) Good luck / boa sorte.

saluki 2 days ago 1 reply      
I would expect speech therapists to want to pay for the app, speech therapy apps and apps for doctors in the states are usually pretty pricey.

I wouldn't expect any medical office to balk at $9/mo . . . if anything you should raise the price, that seems too inexpensive. I'd do three plans $49, $99 and $199 depending on features/levels you can offer or maybe per doctor/staff/patient depending on your app.

Do you have Hipaa style privacy laws regarding electronic medical records in Brazil? That usually commands a premium here so same app for non-medical $99/mo for medical $199/mo.


I think you're pricing too low, if it provides value speech therapists are going to expect to pay for it.

Good luck, let us know how it goes.

traskjd 2 days ago 1 reply      
Hope it helps, but I wouldn't worry about it. Give a trial so they can test it out. If people are disappointed, then they weren't likely to be your target market anyway (especially if they assume the apps are free!)

I'd also suggest charging more than $9 a month. I appreciate there's a currency difference between the US & Brazil, however that's really not a lot of money. Consider the human support side alone. One question from each customer would likely take months to recover the cost of (and that's after you paid to acquire them, and provide the service).

Just my 2c, but hope it helps!

Cozumel 2 days ago 1 reply      
Lead in with a free month, if you provide value they should hopefully convert.
Ask HN: What is that one deciding factor that makes a website successful?
33 points by ziggystardust  5 days ago   31 comments top 25
afarrell 5 days ago 1 reply      
This is like asking "what is that one deciding factor that makes a small business successful?"

It is too broad and so there is no one deciding factor. You don't even have a clear definition of success. Is http://lawcomic.net/ successful? It has a loyal following, but it doesn't update that much, or earn much money for its creator.

emilyfm 5 days ago 2 replies      
The one factor: meet a need.

If you're selling something, make it something that people want at the right price and make it easy for them to buy.

If you're selling advertising (you're a decade late on that one...), give people a reason to come back to the site - make the site sticky or have network effects.

Scaling comes later (assuming your initial design isn't a complete resource hog). It literally follows the money.

id122015 5 days ago 0 replies      
Niche is one of the main one.Most people have limited time and limited memory and wont use more than a dozen sites every day. Even though I use to bookmark thousands of websites, when Im bored I dont find it easy to remember more than 5 sites that I'm interested in.
armini 5 days ago 0 replies      
Like everything else, I look at nature for guidance. In this case the Epidemiologic Triad (https://onlinecourses.science.psu.edu/stat507/node/25).

My understanding (feel free to correct me if I'm wrong) of it in the context of good websites is

Host: You need a great host/site, something stable & something people want to use

Agent: I consider agents as internal factors like technical, sales & marketing, They help you grow & the ensure stability.

Environment: Environment is pretty much your jurisdiction, you need to make sure that your solution is legal & your environment is supporting of you growing. Another fascinating theory to study around that is the Overton window (https://en.wikipedia.org/wiki/Overton_window).

Vector: A vector, an organism which transmits infection by conveying the pathogen from one host to another, with the most powerful agent been word of mouth.

I guess if you have these 4 components structure well, then you have a pretty good chance of having a successful website according to the Epidemiologic Triad.

Now if you're question is more around business models, then heres also another good resource to look into by HBR(https://hbr.org/2016/10/the-transformative-business-model)

unimpressive 5 days ago 0 replies      
From what I've observed of my own behavior, the way to get me to consistently check back on a blog is to let me know the blog exists, be in my general category of interest, and then consistently update with impressively good content.

I first got hooked on slatestarcodex (http://slatestarcodex.com/) when the author hit a five post homerun streak and he was just too good to not check in with.

When I'm evaluating whether to follow a tumblr I can see the process unfold in real time, where I scroll down and finally think to follow after I see several really good posts at once. The moment I stopped and saw myself doing that I realized if I ever wanted to get followers on tumblr my blog would probably need to have the same kind of five-post punch to get people interested.


1. Update often.

2. Make it easy to find your new stuff, or display your archive proudly and live off the interest.

3. Keep a high quality bar. It might even be useful to take your absolute best and put it in one place so you can show people your better side.

4. Market aggressively or be prepared to wait a while.

prawn 5 days ago 0 replies      
I would've thought that scaling was a fair way down the list. Don't scale prematurely is one mantra commonly mentioned.

It's also question that needs to be better defined. What sort of site? What definition of success?

For many sites, the biggest pieces are having something that people want or need, then consistently providing it. Of that pairing, having something people want is the absolute core.

WheelsAtLarge 5 days ago 0 replies      
Very generally speaking, fill people's needs.. Look at maslow's hierarchy of needs, https://en.wikipedia.org/wiki/Maslow%27s_hierarchy_of_needs.

You'll get some ideas.

More to the point, making sure people know about it and the site is easy to use. Beautiful design is nice but if it gets in the way people will admire it once, twice... and finally give up. Don't let content get stale.

z3t4 5 days ago 0 replies      
Content is king, don't worry about design or scalability. Just look at HN <grin>
Mz 5 days ago 1 reply      
I think you need to specify here what you mean by success. It sounds to me like you mean something like "made someone rich," which is a far cry from what I was thinking when I came here intending to try to articulate something only to realize it is almost certainly wholly unrelated to what you are talking about.
timehastoldme 5 days ago 0 replies      
The site owners not expecting there to be one deciding factor that would make it successful.
lgas 5 days ago 0 replies      
Having a good mix of other factors.
adamqureshi 5 days ago 1 reply      
What is the one deciding factor that makes a business successful? Swap out website for business. Revenue. If your business makes money therefore it's successful. Swap out users if your website / business earns ad rev.
zerognowl 4 days ago 0 replies      
Make your site work in any browser, and make it accessible. The sheer volume of useful sites that break because of poor accessibility and design antipatterns is astonishing. See https://en.wikipedia.org/wiki/Anti-pattern

The audacity of webmasters who think all their users have JavaScript enabled is quite cruel and shows that this problem is endemic of lack of education about who your visitors are. Infact your visitors could be anybody and they could have any configuration.

hasanzuav 5 days ago 0 replies      
Kind of the YCombinator mantra: "make something people want". Talk to potential/existing users often and use that information to be laser focused on product building.
xapata 5 days ago 0 replies      
That's like asking what the one deciding factor for cancer is.
threesixandnine 4 days ago 0 replies      
The deciding factor that makes a website successful is offering info or tools that people look for and need.
garethsprice 4 days ago 0 replies      
It meets the needs of its users while fulfilling the objectives of its creators.
erikpukinskis 5 days ago 0 replies      
Does what it says.
atultherajput 5 days ago 0 replies      
Its all about marketing strategy.
estefan 5 days ago 0 replies      
Satisfying a need.
gjolund 4 days ago 0 replies      
Gustomaximus 5 days ago 0 replies      
gcatalfamo 5 days ago 0 replies      
ttam 4 days ago 0 replies      
its purpose
probinso 4 days ago 0 replies      
Ask HN: Is taking a job as a Delphi programmer career suicide?
6 points by delphithrowaway  1 day ago   6 comments top 6
BjoernKW 1 day ago 0 replies      
I'd strongly advise against it. I know a few Delphi engineers, who get considerably lower rates than, say, Java developers.

As good as it is from a technical perspective Delphi, while not truly a dead language (it's still commonly used in many enterprise-size companies), it is a dead-end. Besides, Delphi and its ecosystem is mostly closed source. The vast amount of readily accessible help and information programmers have come used to with modern language environments simply isn't available for Delphi. Be prepared to pay (or convince your employer to pay) for 3rd party libraries or build everything yourself.

svisser 1 day ago 0 replies      
Even if you get paid more, you still spend time learning knowledge and skills which aren't easily transferable to your next employer.

You can't get that time back so long-term it's probably better to develop software in a more modern ecosystem.

Having said that, I don't know your local market or industry.

mb_72 17 hours ago 0 replies      
IMO, it depends on how long you are planning to stay there. For a year - it might be ok, especially if you are working on your own stuff (that isn't in Delphi) out of hours. There is nothing wrong with Delphi from a technical point of view, however it's a shrinking area of work. Myself, I have used Delphi since the early 90's, and just finished a rewrite of a product that was written in Delphi (we moved to C# as it allowed cross-platform development on PC and Mac) for one client, and for the other few Delphi clients I have I've made it clear I won't do anything else but urgent bug fixes (which is fine as the software is reaching EOL for them anyway).

TL;DR - it's not that Delphi is so bad, but there are so many other environments / languages that are thriving these days, why limit yourself?

partisan 1 day ago 0 replies      
I would advise against specializing in any proprietary language or ecosystem. You might find it lucrative, but the long term damage to your career just can't be compensated for.

Also, don't believe them if/when they tell you they are looking to migrate to something more reasonable as part of their attempt to get you to join. I interviewed at a place that did VB6, but they promised work in .NET during an upgrade, but I suddenly found myself reading COBOL and being asked how excited I would be learning JCL. They are still on VB6 and I left there only 8 years ago.

dmitripopov 16 hours ago 0 replies      
It's far easier to become a big name in a small niche than in a big one. If it's not your objective then the answer to your question is YES (that's right, capitalized).
zerr 21 hours ago 0 replies      
You should ask for higher salary in any case. Also, find out if it is possible to use Embarcadero C++Builder.
Ask HN: Business ideas for solo developers?
14 points by a_imho  1 day ago   13 comments top 6
BjoernKW 1 day ago 1 reply      
Consulting. If you really want to be successful in this industry, then yes you need a different skill set from engineering: Sales, marketing, being able to network with people and talk about your work, accounting.

There's this idea of a T-shaped skill set that I think very much applies to this kind of business: You have your primary skill (i.e. the service you offer, in your case engineering expertise), in which you have in-depth knowledge, and then you have supporting skills (like accounting) in which you're no expert but which you know sufficiently well enough to be able to market your services.

Finding the right balance between earning sufficient revenue sustainably (and the always reasonably full sales funnel required for that) and not taking up more work than you can handle can be particularly stressing.

brudgers 1 day ago 0 replies      
To me, there seem to be two successful paradigms for running a business, being engaged by the administrative side of the business or being engaged by the operations side of the business...these of course can be merged into some single notion of being engaged. Plain old working for money is on the close end of the spectrum to the first. Putting up with the pain of running a business for the sake of the work is along the spectrum toward the other.

The biggest stressor for the owner's of most small businesses is not getting a regular paycheck.

Good luck.

wprapido 8 hours ago 0 replies      
http://7daystartup.com/ is a great resource
debacle 1 day ago 2 replies      
If you're willing to do even a modicum of the business leg work you can make 2x what an SV dev makes as a consultant, while working far less.
dgreenlieber 1 day ago 0 replies      
There are many great Micro SAAS idea you could build on your own any day and make an income of. A skill that is needed is focused on running a SAAS business, but there are so many great content and tools out there to support you.

Go for it!

See : https://news.ycombinator.com/item?id=9877881

Bino 1 day ago 2 replies      
Stressing concerns; I would say the IRS (and alike).
List of cryptography resources and links
15 points by sobolevn  2 days ago   1 comment top
usgroup 14 hours ago 0 replies      
Oooo please add Degree level courses with particular mention of ones that can be done from home.

Will bookmark, thanks for this

Ask HN: How do you pass on your work when you die?
35 points by PascLeRasc  5 days ago   24 comments top 17
rabboRubble 4 days ago 0 replies      
Everything depends on having a person that you can trust. Along with my will and estate plan, I have a technical handover plan ("THP"). The THP for is 2 pages long with the core accounts needed for recreating my technical life. Page 1 is a technical recovery document with instructions that assumes complete loss of all my hardware, for example in a fire. Page 2 lists 1Password vault password key, hardware inventory, cloud accounts, and offsite data back up. For each item, I list some combination of password, ID, license key, two factor recovery key, and where I get a two factor code from. These documents are on file in a trusted person's fire proof safe and with an attorney.

In addition to this documentation, for Gmail and Facebook, I have completed the "I'm dead, do this with my account" sections of my account profiles. Gmail, after 90 days of inactivity, my brother gets an email and gains access to the Gmail account.

danso 5 days ago 0 replies      
Set up access control. I believe Google Cloud applications can be assigned to multiple users, in the same way that a Google Document can. Create a couple of superuser accounts. As long as one person is alive, someone has the proper access to change things if needed.
p333347 4 days ago 0 replies      
There are these two stackexchange qna threads [0] [1] that I had bookmarked a while back. I came across another one [2] that mentions something called "bus factor"[3], which I found quite amusing, though this question is about freelancing. I think there is enough material in all these combined and the links they point to to sufficiently address your concerns.

[0] http://programmers.stackexchange.com/questions/125656/softwa...

[1] http://workplace.stackexchange.com/questions/9128/how-can-i-...

[2] http://freelancing.stackexchange.com/questions/126/how-can-w...

[3] https://en.wikipedia.org/wiki/Bus_factor

angry-hacker 4 days ago 1 reply      
My problem is that I can pay everything in advance to insure myself, but who can make sure everything keeps running on my vps?

I have 2fa everywhere and my close ones won't be able to keep updating my box or troubleshoot... I guess the bank will close my card when I die and I can pay in advance. Currently, I have 3 years of 'insurance' , but what if DO doesn't exist anymore...

Canada 4 days ago 0 replies      
Do you have a will? Issues such as who will inherit copyright ownership of your work should be handled there.

As for passwords, keys and so on, you can put all that into a single archive. (eg. regularly export your password manager, put any private keys you want to pass on, instructions for how to use them, etc)

Encrypt the tarball/zip file with a symmetric key.

Then you can use Shamir's Secret Sharing Scheme to split up the key so that a certain threshold of key holders is required to access the data (eg. Any 2 of 4): http://point-at-infinity.org/ssss/

Distribute the parts of the key to your heirs.

Leave instructions in your will so your heirs can locate the encrypted file when the time comes.

mattbgates 4 days ago 0 replies      
Kind of an interesting thing, but nothing is guaranteed. The only things that are probably guaranteed are the websites with boards, major social media networks, with CEOs who make sure that they get passed on. Apple is a pretty good example. I currently run a popular website, http://www.confessionsoftheprofessions.com and I have hundreds of companies and individuals that rely on me every year to publish their articles. The thought always crosses my mind to know what would they do if something would happen to me.. sure, the site would die and they would probably just find somewhere else to publish their new articles, but I would certainly love to know it would continue without me, but its a blog that I know how to run and I've not really taught anyone else how to "process" articles, so I suppose it will go with me. I have mentioned it to my fiancee and left her with the username and passwords, and even if she doesn't process any new articles, I would hope that she at least pays to keep the server and hosting going! At least Google and the Internet archive might do something with it.
pseudozach 4 days ago 0 replies      
google has a mechanism for such things in place it's called "account inactivity". Basically you setup a contact person to whom your account will be handed over after a certain time has passed and you haven't logged in.
JSeymourATL 4 days ago 0 replies      
I was shocked to hear recently of a local business owner who I knew that died suddenly-- still young in his mid-50s. Super sharp guy, a systems guy. He had a contingency plan in place.

Folks speculate that he must have known something. But his wife insists he was always a planner. The business appears to be busy and humming along fine. In many ways a tribute to what he built. Certainly a huge relief to his family, employees, and customers.

Here's good link on contingency planning> https://partners-network.com/2013/10/17/contingency-plan-for...

kennu 4 days ago 1 reply      
Isn't the real answer to this to start a company (or some other form of organization)? Then the accounts and other ownerships are no longer tied to a single individual but to a virtual entity that can be controlled by other individuals when needed.
ng-user 5 days ago 0 replies      
One thing I've considered too as I begin to work with more and more developers on larger projects is the good ole 'Bus Factor [0]. In short, it's determining whether or not your project can be sustained should the major contributor or 'main brain' behind the project get hit by a bus. The entire objective is to reduce the number of places the project can fail, simply by having one member pass unexpectedly. Should you steer clear of avoiding a single point of failure? Absolutely. Is it always avoidable? Absolutely not.

[0] - https://en.wikipedia.org/wiki/Bus_factor

kawera 4 days ago 1 reply      
A bit tangential but this may be part of the solution: https://www.deadmansswitch.net/
besselheim 4 days ago 0 replies      
I used to concern myself with this, but eventually realised that it doesn't really matter, as I'll be permanently dead and gone. And in time, so will everyone who ever knew me.

In the grand scheme of things, we're all irrelevant. And in the end, none of this really matters.

a3n 5 days ago 0 replies      
I asked about this years ago, I think it was PairNic. They said file a legal document and send them a copy.

So, there's the technical route, whoever has the passwords wins.

But if it matters, and you don't want your technical heirs to be fighting each other, you should probably establish ownership and succession with a lawyer.

33a 4 days ago 0 replies      
Will figure it out when that happens.
ChoHag 4 days ago 0 replies      
That's what children are for.
aaron695 4 days ago 1 reply      

Concentrate on living a healthier/safer life and keep it going longer.

Raed667 4 days ago 0 replies      
Why would you care? You'd be dead.
Ask HN: What would work well in a country built on the Unix Philosophy?
16 points by Numberwang  4 days ago   16 comments top 4
sova 4 days ago 2 replies      
If all legislation followed the model presented by git (versioning, increments, branches, merges, and total transparency) I think that it would reflect positively on a true democracy.

The next step, however, would be to educate the populous so that all voters were informed, and that voters would be presented (in an elegant fashion) with what is relevant to their districts on the three tiers of national, state, and local policy. I don't know if Unix has a good metaphor or reflection of this, but unix is meant to be a) modular and b) minimalist, so if we can sponsor the idea of true modularity in voting, I think we could see some full-participation schemes that are not overwhelming. I don't have to vote on every issue, but could vote on collections of issues that reflect my general ideology or current understanding of what best suits the republic.

Another issue though, is ownership. In the Feudalistic Republic of the United States (as of 2016) it's hard to describe a system that could be adopted reasonably that promotes the idea that all the nation belongs to everyone in it. We have some things like "the right to life, liberty, and property [often misquoted as 'happiness' at the end here]" and how does one reconcile this idea of property with a truly harmonious community? Good question.

So in short, the basis of the Unix philosophy would help (especially with law versioning, that is just what needs to happen and is so brilliant and clear I am surprised there is not greater traction for it). All Laws need time limits (and easy renew options if they are good)... And the entire populous needs higher quality information that [forces?] causes people to consider the community at large.

/rattle like a snake

arkitaip 4 days ago 2 replies      
How do you define The Unix Philosophy as applied to a country? Software doesn't come close to the complexity of an entire country so your analogy could possibly be fundamentally mismatched...
angersock 4 days ago 1 reply      
The plumbing, presumably.
oftenwrong 3 days ago 1 reply      
National PKI. Every citizen would have a key pair. I believe I have read that Estonia has implemented this.
Ask HN: What's the equivalent to a 3 Michelin starred restaurant in tech?
14 points by itamarwe  4 days ago   23 comments top 8
mtmail 4 days ago 4 replies      
Michelin awards the whole experience in the dining room and doesn't check what went into creating it (they don't step into the kitchen). From documentaries I learned the low level kitchen staff gets a lot of pressure and many are only enduring it (low pay, longer hours) to have that on their CV. I'm not sure I'd call that "amazing and enriching experience", maybe it is later if they look back.

I would see https://developer.apple.com/design/awards/ as the tech equivalent award currently.

WA 4 days ago 2 replies      
The game development industry. Low pay, high pressure, trying to achieve better graphics and gameplay and whatnot all the time. Ratings and reviews as Michelin awards.
joezydeco 4 days ago 1 reply      
A long time ago we used to obsess over the SEI/CMM (Capability Maturity Model), where a software organization is inspected and rated on a level from 1 (chaos, cat herding) to 5 (managed, optimizing).

Managers would read papers about the CMM and declare that they wanted to be a Level 5 organization, causing insane amounts of busywork and document generation and overall grief to realize that their underlying business processes were hopelessly in the way of any positive change.

So then the goal went from "Level 5 or Bust!" to "Okay, let's try to get to 3" and then later "Um, can we make Level 2?" Then everyone just gave up. There were only a handful of shops that ever made 5 and stayed there, the Space Shuttle engineers being the most famous example[2].

[1] https://en.wikipedia.org/wiki/Capability_Maturity_Model

[2] https://www.fastcompany.com/28121/they-write-right-stuff

ethanbond 4 days ago 0 replies      
I think such discipline is exceptionally rare in software, and it's never sexy. How about NASA? Haven't they only had like 4 software bugs in their control software ever (or some equally absurd figure)?

In design, Apple's core hardware design team is over the top psychotic about the quality of their work. It's a true obsession for them. Many font foundries have similar neuroticism driving their work.

I think Chef's Table (great show!) does us all a disservice by kind of skipping over how unbelievably grueling such an undertaking is. It truly is inhuman. It's unfathomably difficult to create merely a successful restaurant... it takes a perfect storm in both the positive and negative sense for someone to create something like a Michelin starred restaurant.

So yes, probably. Is it sexy? Certainly not. It looks insane more than anything outside of the lens of a beautifully crafted documentary.

js4 4 days ago 0 replies      
It really depends on how you define success. Cheesecake Factory is more "successful" then Jiro's Restaraunt with regard to cash generation.
heisenbit 4 days ago 1 reply      
This is a people service business like cooking. Which makes it hard to scale when it comes to excellent service. Boutique consulting companies may offer excellent service. Like with kitchens there are plenty of them all claiming to serve great food. Stellar are few. The initial looks can be deceiving.

Hint: The proof is in the pudding. But you have to sit through the whole meal to know whether you enjoyed it...

LarryMade2 4 days ago 0 replies      
I would say probably Apple is a good example in past experiences.

Their products were regarded as things that "Just work" their website was very easy to use for support and information, and these were consistent over a long period of time.

I'm not so sure about the Apple today, but in the 2000s they were certainly were hitting their marks.

perfmode 4 days ago 0 replies      
Working with Jeff Dean or Sanjay Ghemawat.
Ask HN: Motivation
11 points by usernamebias  3 days ago   11 comments top 8
JSeymourATL 3 days ago 0 replies      
> The work is mundane and repetitive.

Deep work is hard, not always satisfying. Generally speaking, progress equals happiness. What's important to you? What do you want to achieve? Why?

Robbins has a good system for creating an action plan > https://www.youtube.com/watch?v=78pwjZ7lzBI

RUG3Y 3 days ago 0 replies      
I feel the same as you. Completely unmotivated and burned out.

I wish I had some good advice for you, but I'm still trying to figure it out myself.

Jtsummers 3 days ago 0 replies      
You mention work, exercise, and work. What do you do socially? Try to keep up the current routine, but change some nights for nights out with friends (or nights in) each week. You may be experiencing some loneliness with your burnout.

In my experience, burnout comes from too long as a student/worker (even self-employed) without giving yourself a break (among other things, but this is a common start to it). Maybe find some other hobbies to help you out, even if they're only intermittent (like my infrequent gaming hobby). They give you something entirely different to focus on for a few nights each month. That break can do wonders for your motivation and focus when you return to your other projects.

android521 2 days ago 1 reply      
You need to spend time with other people (non co-workers) at least once a week as a way to recharge yourself.
fnightingale 3 days ago 0 replies      
Are there any learning opportunities that you can ask for at work? New technologies you can explore while improving the company in a small way? If you're not excited about the technologies you're currently working in you can find ways to grow. It's kind of up to you to ask for them, though.
mynameislegion 3 days ago 0 replies      
Do some open source stuff, go to some open source conferences and make friends with open source people. Eventually the community will be a major motivator.Eventually you'll find a job doing open source things.
ryanlm 3 days ago 0 replies      
You haven't mentioned how long your commute is. How long is it? I think that is a significant factor in how much energy you have after your done with work for the day.
ak39 1 day ago 0 replies      
Until you ship a minimum viable and usable product in the hands of a user who depends on your software, you'll languish with crushing torpor. It happens to almost all of us.

Focus efforts now to release v1. Find your willing user first, commit to deadline with the user, deploy version 1 for user to start off with, then watch life take on new motivation as criticism, comments and compliments start coming in.

MVP or bust

       cached 1 October 2016 04:05:01 GMT