hacker news with inline top comments    .. more ..    30 Jun 2011 Best
home   ask   best   8 years ago   
1
Google Reveals Its Stealth Social Project, Google+ mashable.com
519 points by bproper  1 day ago   335 comments top 59
1
kristiandupont 1 day ago  replies      
This is exciting and all -- and much as I would love to see a serious competitor to Facebook, I still don't know how I would convince any of my non-techie friends that they should switch to this.

Circles? Actually I think that many people like the idea of their posts are being read by as many people as possible and not just the ones with similar interests. Although it looks like a big discussion group, the news feed is really a giant personality-defining display for vain people. I saw a programmer friend post annoyance over some Android API today and I suspect that this was more than just a spontaneous exclamation -- he was communicating that he is smart (to non-techies) and that he is "cutting edge" (to fellow programmers).

Privacy? I have the feeling that most really don't care very much. But ironically, I think the privacy-thing could actually work in facebook's favor. Here is why: I use fb a lot even though I don't like their privacy policies. I trust google more than facebook. Still, it bothers me when it says "logged in" in the google bar at the top because google watches my searches. When I am on facebook I behave like I am in public. I don't hope for the best and write secret stuff anywhere. But with all the google searches I make through a day, I am giving google a lot of very personal information that I would not like anyone to see. I would hate to see something that I was searching for somehow show up in a stream for my friends to see because I accidentally clicked a +1 button or similar.

Finally, there is the fact that even if I can export my graph from fb to g+, it's worthless until my friends do the same. And I just don't see that happening before they come up with some truly ground breaking feature that will allow me to get laid with any friend I choose by clicking on their picture :-)

2
cryptoz 1 day ago  replies      
From plus.google.com:

> Google+ is in limited Field Trial
Right now, we're testing with a small number of people, but it won't be long before the Google+ project is ready for everyone. Leave us your email address and we'll make sure you're the first to know when we're ready to invite more people.

WHY?! WHY are they doing this again? They did this with Wave. Google, you cannot launch a social network while explicitly disallowing social networking! This is so frustrating.

3
dfield 1 day ago 5 replies      
(cross posted from http://news.ycombinator.com/item?id=2706219)

I'm very excited to try this out. Context (AKA "Circles") is the biggest feature Facebook still hasn't gotten right. By mirroring the way we think about our social graph in real life, Google is making a huge step toward converging Online and Offline identity. It will be very interesting to see how Facebook responds to this... they might finally have a competitor.

4
tomkarlo 1 day ago 0 replies      
Seems like they're trying to avoid the "NYT problem" - the minute they open a new product, the NYT and other pubs write it up, everyone floods it and sees if they like it... gives them no ability to tweak / improve the service iteratively with real life users (which is so important for social services, where alternative agendas are a huge issue) before the world rushes in. So I think a limited-access launch is totally understandable, if a bit frustrating for those of us who expect we should be able to see everything on day one.
5
eneveu 1 hour ago 0 replies      
PROTIP to invite your friends:

Post something in your "feed", and "target" them, entering their email address. They will receive an email telling them about your post. When clicking the link to view the post, they will be prompted to register.

This worked flawlessly for all my friends.

6
simonw 1 day ago 3 replies      
"""
Oops... you need a Google profile to use this feature.
Google Profiles is not available for your organization.
"""

Grr. Google /really/ need to fix their authentication scheme.

7
cskau 1 day ago 4 replies      
This thing is pretty neat though:
http://www.google.com/intl/en/+/demo/
8
scarmig 1 day ago 1 reply      
I'm playing around with the trial. Some thoughts:

1) Extremely slick interface. Facebook beat MySpace in part because it was relatively clean; Google+ wins here by a mile. That reason alone makes me root for it.

2) It's Google's umpteenth foray into the social arena, so naturally most people are comparing it to Facebook. But its use cases strike me as being more comparable to Twitter than FB.

3) People can be categorized into contexts and multiple contexts. This is the killer feature. I find myself wanting to just eliminate the "Friends" circle wholesale and just have a different circle for each cluster in my social network.

4) I might be misunderstanding how sharing/the feed works. But, if someone is in any circle and you are viewing that circle's stream, I think you see whatever they share. I'd like something finer-grained than that. I have one friend who I both bike with and play board games with. If we get into a conversation about a ride on a weekend, doesn't the model inherently mean what I see in the board game stream gets polluted with the bike conversation?

9
ernestipark 1 day ago 2 replies      
The hangouts feature seems like a big win to me. Group video chats in the browser from someone like Google can really change things.
10
nhebb 1 day ago 0 replies      
There are different kinds of media coverage in SV. There's the excited, this is cool buzz, and then there's the look what big player X is doing sort of coverage. This feels like the latter. People are talking about this, but I don't get the sense that anyone is pumped up about it.
11
Roritharr 1 day ago 3 replies      
The Url below the keep me posted link on plus.google.com is:
https://services.google.com/fb/forms/googleplus/

services.google.com/FB

I really would love to know what the FB stands for.

12
201studio 1 day ago 5 replies      
I think this has huge potential. The problem with Facebook, at least for me, is that I have a ton of friends that post pointless shit. < 10% Is stuff and people I actually care about.

Now with features like Circles I can put my REAL friends in one circle, family in another, and all the noise and acquaintances(networking etc.) in a spam filter circle.

This is going to be awesome.

13
ChuckMcM 1 day ago 1 reply      
This is a solid move on Google's part. Not half-baked like Wave was. Its more evolutionary than revolutionary but it makes the 'package' of Google services a bit more valuable as well.

It will be interested to see if this impacts the IPO plans of Facebook. This does seem to be a direct assault on their home turf.

14
Klonoar 1 day ago 1 reply      
The HTML5 system allows users to drag-and-drop their friends into different social circles for friends, family, classmates, co-workers and other custom groups.

That "HTML5" there is simply for buzz effect. Seriously, come on already...

15
jcampbell1 1 day ago 1 reply      
I am quite impressed, but one thing that is severely broken is the number of duplicate names in the list. Basically if a person has two email addresses, then they show up twice. This would not be a big deal, but the email addresses are hidden, and it is impossible to tell which is an old/work email address rather than a personal one. I hope this is fixed soon.
16
nostromo 1 day ago 5 replies      
What I'd like to know is if I can use Facebook Connect to port my graph over (doubt Facebook would allow this) -- or if this means starting from scratch yet again.
17
selectnull 1 day ago 0 replies      
As usual, Google Apps users, are left behind once again. I really don't understand why Google will not once and for all unify google accounts and google apps accounts.

Supposedly they already did that, and yes I did the "merge the accounts dance", and still, no Profiles for me, and therefore, no +1 and no Google+.

Google, I'm paying for my google apps. I don't want to have another free account just to play with your new features (and I really hope this is not going Buzz way... which I also never saw in my gmail...)

18
beck5 1 day ago 4 replies      
Circles is very interesting, its could solve a work/life/parents social battle I fight, however the demo only allows you to add a person to one circle, I hope this is just a demo limitation, as my sister is also my 'friend'.
19
bryze 1 day ago 2 replies      
Perhaps this will make facebook better. Competition can often improve product quality. For google this might, however, turn out the same way that Microsoft's grab for web applications is going. First to market is hard to break.
20
mikk0j 1 day ago 1 reply      
Can't even click +1. Gives me the error "Oops... you need a Google profile to use this feature. Google Profiles is not available for your organization." since I am logged into a Google Apps account. Google itself force-merged my personal account into the Apps account, so there's an indication of how well they get 'social' in people's lives. And yes I worked there for many years.
21
mikemaccana 1 day ago 2 replies      
Android app is on the market. Note it eats 8MB of phone memory and can't be moved to SD.
22
crizCraig 1 day ago 0 replies      
David Winer's sentiments hit home for me. Google is too big to organically build a social network.

http://scripting.com/stories/2011/06/28/googleYawn.html

However, this poll would suggest people think otherwise:
http://www.wepolls.com/p/884244/Will-Googles-new-social-vent...

23
uast23 1 day ago 0 replies      
The most urgent thing I needed on Facebook - "Circles makes it easy to put your friends from Saturday night in one circle, your parents in another, and your boss in a circle by himself - just like real life"

Might just call it a better version.

24
fedd 1 day ago 4 replies      
too complex to use may affect usage negatively. too many features is not always good. trying to mimic real live brings the complexities of real life to the web.

check this:

"With Hangouts, the unplanned meet-up comes to the web for the first time. Let specific buddies (or entire circles) know you're hanging out and then see who drops by for a face-to-face-to-face chat. Until teleportation arrives, it's the next best thing."

imagine a jerk that noone loves intruding all the hangouts. but everybody too polite/dependant to unfriend

25
SonicSoul 1 day ago 1 reply      
heh.. somewhat ironically, minutes prior seeing this post I noticed the "+1" next to every search result. after exploring it told me that my "+1" will be used all over the web including ads. (am assuming this is part of Google+)

I immediately searched for a way to turn it off.

26
xedarius 1 day ago 0 replies      
I feel like Facebook was a trial, and we all learnt a lot about social networking, we've all made mistakes and it would be nice to re-create your network with hinessight from scratch. This is perfect timing by Google, with Facebook on the edge of an IPO and people largely disillusioned by their service. As long as they 100% lock down the privacy options, get that wrong and it's a waste of time.
27
joejohnson 1 day ago 0 replies      
Group video chat seems really cool. Now I just need to convince enough friends to use this too...
28
trobertson 1 day ago 1 reply      
For those of you with an Android device, there's an app called "Google+" on the Market right now. I can't say if there's an app for iOS, WP7, etc.

You can install the app without an invite, but cannot use it.

EDIT: The "Learn More" button in the app cycles you back to the "You need an invitation" message box. So the app itself is completely pointless if you haven't received an invitation.

29
rakkhi 1 day ago 1 reply      
30
dendory 1 day ago 0 replies      
I dislike Facebook like anybody, but this will not take off any more than Buzz or Wave I'm afraid. This will be that side thing that people may or may not notice when they search. This isn't the site people will flock to when they wake up to see what their friends have been doing.
31
vanchi 1 day ago 1 reply      
Circles would make great sense if we can push some circles into other circles. Close friends into friends and friends into general connections.
32
alienreborn 1 day ago 0 replies      
I think Google's unending efforts to enter social networking space might become successful this time. Big hurrah to circles and hangouts!
33
damonpace 1 day ago 0 replies      
It seems everything is based off the grouping "Circles" aspect. Which if they get it right it will be a home run for the rest of the projects they build off of it. I personally find the Huddle feature the most valuable. This is something I've wanted for a long time, but no one has built...except for GroupMe. Which I'm not a huge fan of.
34
richcollins 1 day ago 1 reply      
One of the nice things about the product is its whimsical nature " a puff of smoke and a -1 animation appears when you remove a friend, and when you remove a social circle, it rolls away off the screen.

Where do I sign up???

35
kingkawn 1 day ago 0 replies      
Wave looked pretty cool when it was revealed too.
36
nkeating 1 day ago 0 replies      
Have been waiting for the day when I can share information that is relevant to the portion of my friends that know or actually care what Im talking about... How has facebook not integrated this before (other than going into privacy settings each and every time)?
37
beck5 1 day ago 4 replies      
Do people trust Google more than Facebook? and could that be a factor in adoption? My gut says probably not to both questions.
38
meow 1 day ago 0 replies      
Their group chat is called Huddle. I think this will have a negative impact on project management startup huddle (www.huddle.com).
39
davorak 1 day ago 0 replies      
I like the idea of Google Takeout allowing you to download all of your data easily from:

Picasa Web albums and photos
Your Google profile
Google Buzz
Google Contacts
Stream

That alone would make me switch to circles.

40
tilt 1 day ago 0 replies      
Nice to see this, it feels like they got it
41
xbryanx 1 day ago 0 replies      
Group video chat alone will suck me in.
42
Wilya 1 day ago 0 replies      
"Your Browser is no longer supported." (from plus.google.com)

Well, okay. I'll live without you, Google+.
(Running Seamonkey 2.0.14, which advertises Gecko/20110430. Out of date since.. 3 weeks.)

43
sinaiman 1 day ago 1 reply      
The problem with Facebook is that your network is too small and constricted, people want to expand and reach many many people, not stay limited within their circle. Think about it, you already talk to most of the people who are your closest friends in real life via phone and chat. You don't need yet another way to contact them. They should have taken the opportunity to bring down the barriers of the closed social graph.

Instead Google makes another Facebook with a different UI. It looks like a cleaner Myspace that will be embraced by a small set of techy users. No way will this ever be cool.

44
ignifero 1 day ago 1 reply      
Anybody knows about 3rd party apps? Sure uncle Google has considered us developers ...
45
nrbafna 1 day ago 0 replies      
works or fails, the UI definitely looks good.
46
olalonde 1 day ago 0 replies      
Might be the end for Rapportive?
47
jarodlam 1 day ago 0 replies      
The mobile app I saw a couple of months ago was pretty slick. I hope they've made good progress on that too.
48
davorak 1 day ago 0 replies      
After reading an article or two on Google+ I searched out the support pages and found them much more informative so I thought I would share.

http://news.ycombinator.com/item?id=2706918

49
zachperret 1 day ago 1 reply      
Did anybody notice that you can workaround needing an invite by clicking "Take the Tour" and then "Join the Project" on their demo website?

http://www.google.com/intl/en/+/demo/

50
EGreg 1 day ago 0 replies      
This is going to kick off a new era in social networking, which we all will be a part of :)
51
marcamillion 1 day ago 0 replies      
I would love to see a live cam feed inside Facebook today.

That would be interesting.

52
jsilence 1 day ago 0 replies      
Are they going to support open protocols for DiSo?
Salmon, OAuth, Activity Streams, FOAF and such?
They support XMPP with Google Talk and gave Jabber a big push by doing so.

-jsl

53
generators 1 day ago 0 replies      
I can not see intersection of circles!! i.e. one person in multiple circles. :O how can they miss that ?
54
foysavas 1 day ago 0 replies      
YAWN - Yet Another Way to do Nothing

BTW, thanks for giving up on Google Health. This is way better.

55
cdcarter 1 day ago 0 replies      
So...iPhone app?
56
gcb 1 day ago 0 replies      
Who's Melissa?
57
dgregd 1 day ago 0 replies      
what a terrible name. "plus" what does this mean for ordinary people.
58
yawn 1 day ago 1 reply      
Doesn't Google already know enough about us and our habits already?
59
Hisoka 1 day ago 0 replies      
Noone will care, and noone will use it. If it won't help you get laid, or boost your ego, it'll be useless. We human beings are not rational.
3
TrueCrypt User Held in Contempt of Court truecrypt.org
481 points by dcevansiii  5 days ago   186 comments top 19
1
ChuckMcM 5 days ago  replies      
First, there isn't enough information to know what it is this person has (or has not) done.

Secondly, the fifth amendment of the US Constitution allows you to refuse to provide testimony which you feel may incriminate you. Generally encryption pass phrases do not count as testimony, the legal system treats them as keys. And that would be covered under the fourth amendment which says the government cannot compel to you to give access to your property for search unless they have probable cause.

If they do have probable cause, they get a warrant which gives them the power to do the search temporarily and only for what they think exists. So if you get a warrant to search your hard drive for something, you are compelled to give them the password just like you are compelled to let them into your house if they have a warrant to search for something like drugs or guns or counterfeit plush toys.

However sometimes the courts do see it as a fifth amendment issue [1] and that has been under debate for a while. (As far as I can tell the legal theory is similar to the police not being able to compel you to tell them where you left the body in a capital crime.)

Disclaimer I am not a lawyer this isn't legal advice, and I've not followed up the cited case to see if it made it to the supreme court or not. Any circuit level decision would not be binding on different circuits.

[1] http://news.cnet.com/8301-13578_3-9854034-38.html

Follow up on the Boucher case:
https://secure.wikimedia.org/wikipedia/en/wiki/United_States...

Where the fifth amendment defense was overturned.

2
jordanb 5 days ago 1 reply      
Depending on what's on the drive, obstruction of justice might carry a much less onerous penalty than what he'd otherwise be facing.

For instance, if it's child porn, he'd be labeled a sexual predator for life. If it's state secrets, he'd be facing treason and espionage charges. If it's mp3s.. financial ruin on top of the felony charge..

3
geuis 5 days ago 2 replies      
So basically we have a guy in jail who is claiming something and making a public appeal. However, we can find little or no independent information about his case. He provides little information about his case. Indeed, the jail site containing his photo says Charges Unknown.

Let's not jump to conclusions just yet. He was arrested on April 14th. Find out the full case history, what was said, what he's accused of, etc.

It's entirely reasonable to assist anyone who's rights are being violated. But keep that separate from what he's accused of.

4
burgerbrain 5 days ago 3 replies      
This is why you always have TrueCrypt use multiple volumes. This is exactly what plausible deniability is for.
5
Aloisius 5 days ago 7 replies      
I have encrypted files/volumes that I don't remember the password for (it has been far too long). Surely not remembering is a valid defense.
6
CWuestefeld 5 days ago  replies      
The author references a previous letter that describes what he's doing in jail. Can anyone find that?
7
mdonahoe 5 days ago 5 replies      
Until the 5th amendment and encryption issues get worked out, these drives should delete themselves upon unauthorized access.
8
brendoncrawford 5 days ago 0 replies      
Text of the article since the page is loading slowly...

  To anyone reading this thread-if you want a quicker response to your
comments or questions, send them to me at:

Matthew Bumgardner
Santa Rosa County Jail
P.O. Box 7129
Milton, FL 32572

Right now it takes about 3 weeks for a post on this forum to get to me,
receive an answer, then have the answer sent back to my sister so she can
post it here.

This is Matthew Bumgardner, the one in jail. I have given this note to my
sister so that it can be posted. Obviously I have no access to email, so this
is the best I can do. Eventually I will get a copy of the posts in this thread
and I will respond when I can. My sister should have already posted the letter
I wrote. Every word is true. There are a few things I would like to add. First,
this jail could generate some serious money for a decent civil rights attorney.
They are already being sued for their mail policy. Inmates can only write on
postcards. They can only send letters to attorneys, members of the media and public
officials. If you were in here and wanted to write a family member, all you could
send was a post card.

The jail also denies access to legal materials. Their policy states that
"inmates will be afforded reasonable access to the courts. This is accomplished
by way of your attorney or public defender." This is a joke, since some inmates
wait 6 months or moe to see their public defender. The policy goes on to state
that pro se inmates must obtain a court order granting them pro se status in
order to get access to the Law Library.

I am a pro se inmate. I have obtained a Court Order granting me pro status.
I have provided that document to the jail staff, and I am still being denied access.
I have filed a new motion requesting an Order to allow me access to the Law Library
and I have also written the judge. I am waiting to see what happens there. I also
ahe a problem getting copies made. When I give my documents to the person making copies,
I inform them that I need them returned immediately. The past two times it has taken
several days fro the copies to be made. This is intentional. Since I am a Federal
inmate the Government pays the jail or me to be here. They make decent money off of
so, so there is no incentive for them to assist in my release.

Although it may seem unnecessary to complain about the jail, it is actually important.
The US attorney and judge that put me here knew exactly what they were doing. They
figured that the constraints imposed by the jail would allow them to maintain their
secrecy. They are wrong. It certainly slows things down, but I will not remain
silent about this.

This issue is more important that you might realize. Right now, this US
Attorney and US District Judge think that holding people in contempt is the way to
deal with encryption. If you read this and still do nothing, then you are telling
them that they are right. You are telling tem that the 5th Amendment is no longer
needed, and that they can issue supoenas that compel acts which are oppressive,
unreasonable and not possible.

I am not asking for my own personal army to help fight this. If you think that
you are my army, you misunderstand this situation. I am your army in this battle.
If you use encryption, or any password protected file, then this issue affects you.
You could be thrown in jail and denied civil rights at the whim of the government.
I am fighting this battle on my own, and I am willing to continue to do so. The
outcome is going to possibly affect many more people. To me, it seems like more
people should be getting involved.

At the very least write the attorney and judge and tell them that what they did
was wrong. Tell them that True Crypt can use more than just a password. Tell them
that a password can be 64 characters long. Tell them they have no right to hold
someone in contempt for failing to produce documents they have never seen. Tell
them that the precedent in US vs. Hubbell and In Boucher II proves that they
are wrong.

The addresses are:

David L. Goldberg
Assistant U.S. Attorney
21 E. Garden Street, Suite 400
Pensacola, FL 32502

Lacey A. Collier
Sr. U.S. District Judge
United States Courthouse
One NOrth Palafax Street
Pensacola, FL 32502

If you don't have time to write a letter, at the very least please forward this
to everyone you now. E-mail it to any media outlet you can think of. If enough
people e-mail tis, a major media outlet might pick up the story.

The Government can only do this in secrecy. If more people know about this it
never would have happened.

Thanks i advance for any assistance you can provide.

9
ajays 5 days ago 0 replies      
Contempt of Court is a serious business. You can be jailed indefinitely for it. For example: this guy was jailed for 14 years because he couldn't (or wouldn't) turn over information about missing assets during his divorce: http://www.judicialaccountability.org/articles/7year.htm
10
AndyKelley 5 days ago 0 replies      
According to wikipedia, in order to prove contempt, the prosecutor must have:

  * Existence of a lawful order
* The contemnor's knowledge of the order
* The contemnor's ability to comply
* The contemnor's failure to comply

It seems to me that the prosecutor cannot prove the contemnor's ability to comply, in the case of a forgotten password.

11
ThaddeusQuay 5 days ago 1 reply      
This may be a hoax. There are only two occurrences of his name on PACER, and both are discharged bankruptcy cases. Also, the federal inmate locator (http://www.bop.gov/iloc2/LocateInmate.jsp) shows no one by that name.
12
coreyja 5 days ago 1 reply      
This may have been posted below as I did not read every comment but isn't impossible to prove that the file is a TrueCrypt volume to begin with? Couldn't you just claim it was a corrupt computer file that contained random data? How can they ask you for something that they have no proof even exists? There is no proof the file is a TrueCrypt volume so there is no way to prove there is even a password to find.
13
michael_dorfman 5 days ago 0 replies      
This is one of those stories where I wish we had a bat-signal to summon grellas.
14
asciilifeform 3 days ago 0 replies      
"If you want a picture of the future, imagine a boot stamping on a human face " forever."
15
dunmalg 5 days ago 1 reply      
"I changed the password every 3 days and never memorized it. Current password was on a post-it on my monitor. Did you guys lose the post-it?"

Simple as that, right? They can't compel you to remember information you never had in memory. It's probably too late, as he's likely admitted to remembering the password. Dumb move.

16
JacobIrwin 4 days ago 0 replies      
What is it with the long history treating inmates poorly in the south?

See: Cool Hand Luke
http://www.imdb.com/title/tt0061512/

17
saalweachter 5 days ago 1 reply      
Just out of curiosity--

Does anyone know why it is important that a password can be more than 64 characters? Is he just saying "which makes it very hard to remember", or is there some legal significance to very long passwords?

18
mobiplayer 4 days ago 0 replies      
Another reason on why you need to hide your TrueCrypt volumes, too.
19
lukejduncan 5 days ago 1 reply      
mirror?
4
How to Make Text Look Interesting: Minimalist Web Design getspace.org
443 points by rabidpookey  6 days ago   72 comments top 20
1
endtwist 6 days ago 5 replies      
Though this article is a way for Space to sell their new theme, I can attest to the information provided being very useful in-and-of itself. It's a strong overview of the fundamentals of typography and basic rules to follow for strong visual hierarchy and content readability.

If you want to learn more about typography, I'd pick up (what is considered) the typographic bible, The Elements of Typography by Robert Bringhurst. While it is largely intended for print, most of the rules and suggestions still apply to the web. Alternatively, some pioneering folks put together a web adaptation of Bringhurt's book, http://webtypography.net/

2
munificent 5 days ago 2 replies      
There's some good advice in there, but mixed in with lots of not-so-good advice, errors, or overly broad claims:

- "The classic typographic scale ... relies on the notion that these sizes, when used together, look pleasing to the eye."

The typographic scale has a fixed set of sizes because fonts used to be physical. Having a 71pt font would be a whole new box of lead.

- "I generally take the largest font I want to use and the smallest font I want to use, and place the headers into that scale at even measures."

For something like scale, a geometric progression makes more sense so that relative sizes are at even proportion (say each is smaller than the previous by 15%) then a linear progression of sizes. The difference between 72pt and 70pt is unnoticeable. The difference between 10pt and 8pt is huge.

- "One way is to adjust the kerning and tracking settings in your design program."

Another way, not mentioned, is to just choose a different weight.

- The "stroke width should be as even and consistent as possible"

It says Georgia has a more even width than Krungthep, which is visibly not the case. Some stroke variation seems to aid readability but too much (like modern serif faces) harms it.

- "Georgia features a larger x-height than Tekton Pro."

That isn't Tekton. WTF.

3
grannyg00se 5 days ago 4 replies      
"Typography is not merely the process of arranging font on a page. It is a living creature; it feels joy in an exclamation point, ...."

Perhaps I'm just not as excited about typography as I should be, but isn't this a bit too much hype? When I'm told that typography is a living creature that feels joy, I'm immediately going to categorize the teller as a person I will not understand. Instant loss of credibility.

4
smcl 6 days ago 2 replies      
Heh, I got one line of black-on-white text describing a database error. Thought it was some kind of joke
5
njharman 5 days ago 2 replies      
Am I the only one that thought that was one of the least interesting and very hard to read (as in nothing drew my eye, lacked any motivation to read those big squarish, repeating, same blobs of text) webpages?

Single long column, not adapting to size of browser window. It's more like a book/article/magazine than a web page. Only color jarring red links. Subtitles identical leading/trailing whitespace so text looks continuous instead of broken into sections.

oh but OA used emdash, that's surely important.

6
snorkel 5 days ago 1 reply      
There's plenty of general typography advice out there such as this applicable to typesetting walls of text like blog posts and magazine articles, but what about the more specific case of type setting in web application interfaces? When developing web apps I feel like I waste a lot of time fussing with CSS font settings and the end result frankly sucks. Are there any typography snob blogs out there that focus on web app typography guidlines?
7
5h 6 days ago 0 replies      
at first the page was an error message saying "Error establishing database connection" in 20pt bold black times... that was unintentionally funny.
8
aresant 5 days ago 0 replies      
Text size, color, and font are all conversion drivers in their own right:

http://www.conversionvoodoo.com/blog/2010/08/3-font-tips-to-...

I've found that larger font sizes for copy-heavy sites almost always drive higher engagement

9
rglover 5 days ago 0 replies      
This is a great way to promote your product. I love that the creators are not only giving you useful information for your own work, but subtly offering up their theme as an option. It'd be nice to see other products/services marketed like this. It's subtle and smart.
10
fedd 4 days ago 0 replies      
i made a minimalist web design for my project website http://vsetech.ru/

as i am not a designer at all, so i had to be minimalistic in order not to be very ridiculous. but i tried to make it look interesting. seems i followed some of the advices of the article intuitively (and some was violated of course)

11
BasDirks 6 days ago 5 replies      
- The ragged-right doesn't work with titles that extend beyond the copy.

- Don't use images for examples that are perfectly possible with just type.

- Em-dashes"like this according to convention.

- In one of your examples you combine sans small-caps with regular capitals. Not good style.

- Come on, there are better fonts than Georgia on my mac. Make me look at them.

And there are more examples of bad style on this page.

Like endtwist said, get yourself The Elements of Typography by Robert Bringhurst if you really want to learn.

12
cormullion 6 days ago 1 reply      
Is that really Tekton Pro in those illustrations? Doesn't look the Tekton Pro I used to know...
13
skm 5 days ago 2 replies      
Is it just me, or does this look uncomfortably similar to the celebrated iA3 template for wordpress, designed by Information Architects?

http://store.informationarchitects.jp/product/ia³-template
http://www.informationarchitects.jp/en/100e2r/

14
nwmcsween 5 days ago 0 replies      
This 'advertisement' misses alignment such as 960gs, this makes information easily readable (compare 960.gs sites to this theme).
15
evolvingstuff 5 days ago 0 replies      
Anyone else not really care for the line break in the title? Seems to me like it would have been better after the colon, so that "Minimalist Web Design" would be grouped together on the next line.

I wouldn't normally be so nit-picky, but it is an article about typography after all.

16
floris 5 days ago 0 replies      
A good tool to calculate the rhythm & scale of your website's typography is this one: http://lamb.cc/typograph/

For example(in px):
10-12-14-16-20-26-32-42-52-64-84

17
getsat 5 days ago 2 replies      
105 votes + top spot on HN + submitted by an account registered an hour ago? HN is easily gamed, I guess.
18
skrebbel 6 days ago 0 replies      
i liked the examples. a typography noob, this was mostly new to me, and made me think about how small things do really matter.
19
tedjdziuba 6 days ago 0 replies      
tl;dr
20
mtogo 6 days ago 2 replies      
Funny, a typography article written in one of the most distracting fonts i've ever seen.

EDIT: Obviously i have no idea what i'm talking about. I just thought that the widely varying heights and odd shapes of the letters was distracting from the content.

5
Robert Morris, Pioneer in Computer Security, Dies at 78 nytimes.com
406 points by yagibear  11 hours ago   32 comments top 26
1
jgrahamc 8 hours ago 0 replies      
What sad news.

When I was doing my doctorate in security I used to attend or give papers at the IEEE Computer Security Foundations Workshop (http://www.ieee-security.org/CSFWweb/) which was held in a lovely old hotel in Franconia, NH. This was a really small gathering of people deeply involved the theory of securing computers.

Bob Morris and his wife Anne used to attend each year. It was unusual for people to bring their loved ones to this gathering and having the two of them there gave a certain holiday like atmosphere to the whole affair.

He was a gentleman and very kind to me as a young graduate student and I remember well playing games in the hotel grounds with him and Anne. At the time he was Chief Scientist at the NSA and the Rainbow books had been produced under his gaze. But he was humble, approachable and helpful.

Condolences to rtm.

2
jacquesm 9 hours ago 1 reply      
Until I read the age at the end of the title I thought it was the younger RM that had died, esp. with the black band at the top of HN.

What a pity, that's sad news to wake up to.

Condolences to Robert.

http://en.wikipedia.org/wiki/Robert_Morris_%28cryptographer%...

3
alex1 10 hours ago 0 replies      
For those who don't know, this is rtm's (YC partner Robert T. Morris) father. My condolences to him.
4
IdeaHamster 6 hours ago 0 replies      
Condolences to rtm and family.

It's a poignant reminder of just how young our field is that we are mourning the loss of some true early pioneers. Imagine if you were a physicist just learning of the passing of Newton? It's also a reminder to value the experience and wisdom of those who are still here with us...

5
jcr 2 hours ago 0 replies      
RTM,

I don't know what to say. I'm just one of many strangers who knew of
your dad, and appreciated his work, but never had the pleasure of
actually meeting him. I'm sure there are a lot of strangers like me who
feel uncomfortable saying anything more than offering condolences but
also feel offering condolences is not enough. We wish there was more we
could do. I hope by stating this difficulty for strangers, you are
reminded of how amazingly lucky and blessed you are to have known him.
You will always remember your loss, but it equally important to also
remember your luck. I hope the warm thought of counting your blessings
will help you and your family through the troubled times.

6
tptacek 9 hours ago 0 replies      
A giant. Condolences.
7
squinn2 8 hours ago 3 replies      
Cliff Stoll has a nice account of meeting Robert Morris at the NSA in chapter 45 of "The Cuckoo's Egg".

http://users.tmok.com/~pazzi/cuckoo_egg.pdf
http://en.wikipedia.org/wiki/The_Cuckoo%27s_Egg_(book)

8
pama 6 hours ago 0 replies      
Condolences to rtm and the rest of his family. Here is a link to one of the nicest stories about Robert Morris, written by Dennis Ritchie, his friend and former colleague:

http://cm.bell-labs.com/cm/cs/who/dmr/crypt.html

9
rdl 10 hours ago 0 replies      
I was fortunate to meet rtm a couple months ago; a very nice (and smart, insightful, etc.) guy. My condolences on the loss of his father.
10
staunch 9 hours ago 0 replies      
Anyone would be lucky to live as full, productive, and long a life. Condolences to Rtm and his family.
11
ajju 10 hours ago 0 replies      
Condolences to rtm.
12
pstack 9 hours ago 0 replies      
It's important to pause now and then to recall what a glorious time we live in, where we are alive at the same moment as so many other great human beings. Some in technology. Some in humanitarian works. Some in music. Even if they're near the end of their time here, that you and I existed on this ball of rock at the same time they walked it is pretty fantastic.

My best to Mr. Morris and his family and friends.

13
w1ntermute 9 hours ago 0 replies      
I knew someone had died before I even started scanning the stories, because of the black bar up top.

My condolences to his family. He was quite an accomplished computer scientist.

14
bdhe 10 hours ago 0 replies      
From wikipedia: Robert Morris was the author of crypt the UNIX encryption tool. ViM uses (to the best of my knowledge) crypt when called with -x.
15
ihodes 8 hours ago 0 replies      
Condolences. The world is better for having had him, and worse for having lost him.

.

16
mahrain 7 hours ago 0 replies      
So that is what the black bar is about, I was afraid it was a childish pun on Google's redesign :-S and now I feel bad for thinking that.
17
astine 4 hours ago 0 replies      
My condolences to the man and those he was close to. I hope he died comfortably and untroubled.
18
funcall 9 hours ago 0 replies      
RTM and his controversial (for that time) Internet worm were key influences during my early years with computers and computer networks. My condolences to him and the rest of the Morris family.
19
jrubinovitz 3 hours ago 0 replies      
RIP Robert Morris. Getting a question from you about my YCom application was one of the highlights of last year.
20
kylemaxwell 9 hours ago 0 replies      
I feel terrible that I think of his son first every time I see something about him. May he rest in peace.
21
ericmsimons 9 hours ago 0 replies      
My condolences also to rtm. I assume this is why the top bar of HN has a black border-top?
22
sim0n 8 hours ago 0 replies      
Sad news, my sincere condolences to rtm and his family.
23
revorad 6 hours ago 0 replies      
Very sad news. Condolences to family and friends.
24
chunky1994 5 hours ago 0 replies      
A great loss, he will be missed! Condolences to RTM and family.
25
tilt 4 hours ago 0 replies      
My condolences
26
ldayley 9 hours ago 0 replies      
This must explain the Black added to the HN top banner (or someone is spoofing Google+). Condolences, rtm.
6
Hacked Gmail Account multitasked.net
381 points by madewulf  3 days ago   163 comments top 32
1
Matt_Cutts 3 days ago  replies      
The key part of the blog post for me is this: "To mitigate the risk, Google recently launched two-factor authentication, a mechanism that requires you to input, on top of your password, a code generated by an application installed on your phone (iPhone, Android and maybe some others). I have activated this today."

Anyone savvy enough to hang out on HN probably has a fair amount of valuable info in their Gmail account (domain registration info, passwords/access to shopping sites, etc.) and should activate two-factor authentication: http://googleblog.blogspot.com/2011/02/advanced-sign-in-secu...

Is it a little more hassle? A bit. But when someone else tries to log in from a new IP address in the Ivory Coast, or China, or wherever--they'll be prompted for a PIN and won't be able to log in.

I activated two-factor authentication as soon as I could on my Gmail. I think everyone reading this comment should too.

2
raldi 3 days ago 6 replies      
What I'd like is one-factor for my typical "log in and check mail, write back to a few people" use case, and two-factor or a second password that kicks in when I (or a bad guy) tries to:

* Log in from a computer that's never used this account before

* Set up a forward

* Make a mass mailing

* Change the password

* Do extensive searching or searching for suspicious terms ("password", "credit card", etc)

* Export a large amount of mail

...and other such things. That way, I don't have to be inconvenienced by constantly having to use the second factor, but would still survive a stolen laptop, keylogged passord, or sniffed cookie with a contained amount of damage.

3
yaakov34 3 days ago 1 reply      
I don't understand why so few comments mention that the "last chance form" is a huge security hole. It seems like most of the information for filling it can be seen by someone over my shoulder as I use Gmail. And it's apparently completely automated and can be tried multiple times. I use a strong passphrase and two-factor authentication for a reason, and this defeats it. I already disable the "secret questions", since I don't want cracking the account to be much easier than cracking the passphrase.

I would like Google to give me an option to disable the "last chance form" for my account. Or, if they inisist, I'd like the "last chance" to be to fly to Mountain View and show Google my passport or a court order.

EDIT: and for extra bogusness, it seems that the information needed for the "last chance form" can't be changed if it's compromised. I mean, I can change my passphrase if I suspect it leaked, but how do I change the date when I started using Gmail? Sounds like the best thing to do the moment a Google account is compromised is to close it.

4
drivebyacct2 3 days ago 6 replies      
Not sure why any of these steps should lead you to fear about using Gmail. Hosting your email yourself is almost surely more risky. Those hosting their own email aren't going to have complex password recovery system with the abuse protection that Google's has. There isn't going to be a warning system to alert you that there have been sign-ons from foreign states/countries. There isn't going to be two-auth out of the box unless you install the PAM module.

If your weak link, was, as usual, the human link... I would be inclined to trust a system more catering to (forgive me) ignorant users.

I just worry that the mindset is, "I got hacked because I use Gmail, if I used something else I'd be safer." and I find that logical to be pretty flawed.

5
RyanKearney 3 days ago 1 reply      
> Time now for some damage evaluation. I immediately saw that all contacts had been deleted (annoying but not too bad)

There's pretty much a one-click restore process now: http://i.imgur.com/1EYZ5.png

6
51Cards 3 days ago 4 replies      
I haven't set up two-factor auth yet because I don't always have my phone handy and my understanding of it is that on each log-in you need to use both factors. My comments below are based on this understanding so forgive me if I'm wrong.

What I would love is if instead it asked for both factors under these circumstances:

- option A - on every login like it is now.

- option B - at least once every X days, with a warning that "within the next three logins you'll need to use your second auth" so I will know when it's coming without being locked out because my phone is dead.

- in both of the above cases ALWAYS require two factor auth every time I change the account settings (like password, recovery addresses, etc.) Possibly even require it when I try to do things like purge a mailbox entirely or bulk email all my contacts.

Having this blended option would make it a no brainer for me

Edit: Thanks all for the clarifications below. I am going to give it a try.

7
unshift 3 days ago 3 replies      
tl;dr: don't give your password to anybody. we've been saying this since the mid-90s but people still seem to slip up.

gmail's two-factor auth is nice and easy with the handy iPhone app. of course nobody wants to complicate something like sign-in, but email integrity is very important. facebook also has a similar two-factor auth process (though not as nice; they text you, vs a nice app).

two-factor is a no-brainer at this point for managing your identity, especially given the huge volume of leaked passwords we've seen in the past month. it only takes a few minutes to set up and almost completely eliminates problems like the one in this article. if you haven't set it up yet, do it now! much easier than learning the hard way.

8
muppetman 3 days ago 0 replies      
I read a story similar to this a few weeks ago. The guy recovered his account, changed all passwords, but then it was snatched again. Rinse and repeat, I think he got it back in the end though.

Very strange - he thought he'd been targetted specifically.

9
sorbus 3 days ago 2 replies      
> most distressing to me is that I am still unable to explain how those guys were able to get access to the account twice after I changed the password, security questions and backup email address from my Mac that does not seem to be compromised.

It sounds very much like the hackers were also using the "last chance form." Consider that all of the information it requests is available through Gmail - account registration data, names of tags, most emailed people, and verification code (which was apparently emailed to him, and therefor present in the compromised email account) (Note: I haven't used the form myself, I'm going on the information in the article).

Also, the title is a bit link-baitish.

10
hzay 3 days ago 2 replies      
I went through this two years ago. My ex was hacking into my accounts.

- He used the 'last chance form' to get into my gmail by entering the password I'd given him a year before this (I'd changed the password twice after giving him that password)

- He ran a dictionary attack on my college email which didn't have captcha's, then hacked gmail using the password that worked for my college email

- We were using shared vnc in college, he found his way to my firefox through a mutual friend, installed a plugin that sent him all POST data and got into my gmail again

I created a new gmail account after each incident. I had to abandon each gmail account once it was cracked because of the 'last chance form'. Back then, you only had to give it one or two correct past passwords, and it gave you access. On hindsight, I've been remarkably dense, but it was a good, early lesson.

11
llgrrl_ 3 days ago 6 replies      
This is exactly why I'm using two-factor authentication for gmail (heck, I even ported the two factor auth code generator to my watch so I don't have to panic when my android phone runs out of battery - http://tnhh.net/pancake/chronos-otp.xml :-)

However, I don't use Gmail for 'everything,' it's just too dangerous and I feel doing that way Google knows more about me than they should. I think everyone should be hosting the main email address under something that they can sure control (your work/edu account, or a paid email service). My main account is hosted on fastmail (I paid something like 12 bucks for three years) and is cloaked under a dozen of other email addresses.

Plus, for fastmail you get a free smtp account, and a standard IMAP account (gmail's IMAP is weird). And they will respond if you're in troubles.

12
josephcooney 3 days ago 0 replies      
A friend of mine got his domain stolen recently. He believes his gmail was brute-forced through a known vulnerability/feature when POP is enabled http://seclists.org/fulldisclosure/2009/Jul/254 . He did a write up http://secretgeek.net/sg_hijack_1.asp and here http://secretgeek.net/sg_hijack_2.asp . As soon as this happened to him I turned on 2-factor auth and it works very well.
13
KingOfB 3 days ago 0 replies      
This happened to my girlfriend and I had a similar freak out. After asking a few more questions she remembered getting an email to enter her gmail password to get more storage space.... She knows better, but just didn't think about it - it seemed legitimate. Ask your friend more questions, I bet she fell for the same scam. I've met 4 people now that fell for the same one.

I'm also very concerned about the no 'restore' option from gmail. What good are google backups if you can't initiate them?

14
madewulf 3 days ago 0 replies      
For the record, I don't think that Gmail security is bad, or worse than something else. I just wanted to report my story, as I thought it would be interesting. I am a bit overwhelmed by the reaction to this post, honestly.
15
eneveu 3 days ago 0 replies      
I've also activated two-factor authentication, and I don't think the drawback he mentions are that problematic:

This indeed increases security, but tends to be a bit cumbersome (I often have a depleted battery, for example, which could prevent access to my emails from a computer) and does not solve other case (like somebody stealing my laptop and using an already opened session).

1) You can print a list of one-time passwords and store it inside your wallet. If your phone's battery is depleted, you can use them to log in. You should store another copy of this list in a safe place, just in case.

2) If somebody steals his laptop, he could always log from another computer and disable his session and/or change his password. He should use a password-protected login on his laptop anyway, with an encrypted drive.

16
spacemanaki 3 days ago 0 replies      
I bet signups for Gmail's 2-factor auth spikes when stories like this start circulating. It's awesome that they provide it. I fear it might be too much to ask for my mom, grandmother, etc, who are probably more vulnerable to being attacked in the first place (weaker, duplicated passwords for sure).
17
jarin 3 days ago 0 replies      
My Gmail account recently was compromised due to the MtGox intrusion, as I had completely gotten lax with my password security practices (I noticed because I was no longer able to log in to my Google account). The worst thing about it is I knew better. I had 4 different passwords that I would use for different types of sites, and it just so happened that my MtGox and Gmail passwords were the same.

Thanks to my backup email account and 1password's ability to search accounts by password, I was able to restore access and change every account password I had gotten lazy about, before any damage was done. Turn on 2-factor authentication for my Gmail and Google Apps accounts, and now I can finally feel secure with only 2 passwords I have to memorize (Gmail and 1Password).

18
chapel 3 days ago 1 reply      
One thing you should check for if your email was compromised is the pop3 forwarding and imap. Attackers will forward your emails to their own accounts using either or both. This makes it very easy for them to retake your account.
19
16s 3 days ago 0 replies      
For those of us who never travel outside the continental U.S. (or wherever), it would be nice if Gmail had an option we could check that read, "Disallow international (non U.S.) access to my account."

This would add a small measure of protection, though is not ideal as compromised machines (or proxies) in the U.S. could still access the account.

20
someone13 3 days ago 0 replies      
A friend of mine had a similar problem with her Hotmail account.

It had been hacked, but the recovery questions hadn't been changed (mainly, I think, because Hotmail makes it incredibly difficult to even find the option to do this). We reset her password, changed everything, and the account got re-hacked within 30 minutes.

This happened three more times until, eventually, the recovery questions were changed and we couldn't get access. I posted on the support forums, regained access, changed EVERYTHING (this included checking for email forwarding rules, and so on).

Now, through all this, I told my friend to not sign in to the account (or use MSN) from any computer except mine, to ensure that it wasn't a keylogger or Trojan that was causing this. My machine was running an up-to-date version of Ubuntu, on my home network, using HTTPS. So I'm pretty sure it wasn't a trojan.

Unlike Google, Hotmail requires a human to look over your problem, so after the third time we had to wait for a day to get the account accessed, we just gave up. I signed in, copied down as many contacts as I could, then deleted all the incoming emails. We ended up having to abandon her Facebook account too, as the hacker accessed that and was spamming her friends. Her Tumblr, and a couple of other accounts were toast also. We almost her Facebook back, but the hacker deactivated the account.

It was very frustrating trying to solve this, because I didn't know how the account was being accessed! I opened a ticket asking the Hotmail support staff to tell me how the password was being reset - not any more information, just the method - and they came back with the standard "we won't reveal information unless you have a search warrant or court order".

I love modern technology and all, but sometimes it's REALLY frustrating.

21
S_A_P 2 days ago 0 replies      
So Im perplexed about how the gaming XP machine fits in here. I can understand that maybe that machine was used to log into the gmail account once and the auto login would have let the "hacker" in once. How then, if the user changed the password and security questions, etc did this person access the account 2 more times???
22
pavel_lishin 3 days ago 1 reply      
So, it seems that the XP machine was the source of intrusions - I'd like to see a follow-up.
23
leon_ 3 days ago 0 replies      
> I was very glad that the "last chance form" did work twice

> That's when I lost the connection again...

hmmm ...

24
bwooceli 2 days ago 0 replies      
There is another layer of protection you can put in place - Google Apps. For many people, spending the $10/year on a private domain with the 10 account limit would be more than sufficient. Allocate one of those accounts to a strictly administrative role with 2 factor authentication. That way, you can self-serve on things like emergency password resets etc.
25
jdhopeunique 3 days ago 0 replies      
It would be nice if Gmail and Facebook had two separate passwords: one for everyday login and another for administrative functions such as changing passwords, forwarding options, etc.
26
jeggers5 3 days ago 0 replies      
I'd say this is happening a lot more than we actually hear about. He also raises a good point about how if you gained access to a lot of people's gmail a/c, you'd also get access to a lot of other services they use via the password reset form.
27
paulnelligan 3 days ago 2 replies      
Something i do quite regularly is google search each of my passwords, and I would advise anyone to do the same.

I found several older passwords with my login up on a file-sharing website not so long ago. Luckily I didn't suffer the same fate as the writer's wife.

Also, I believe that google should have 'paid support' in place for this type of situation. No doubt it would be profitable for them, and would save many people quite a lot of pain.

28
paraschopra 3 days ago 0 replies      
Just enabled 'Two factor authentication'. Thanks for writing this. Made me realize the loss I would incur if my account gets hacked.
29
riffraff 3 days ago 0 replies      
the "last chance form" (or "account recovery exam") really is a hard and impossible to find thingy.
Also, I frankly have no idea about when I started using some services, and worst, no clue on how to find out.
30
aj700 3 days ago 1 reply      
They should be asking for certain characters of your password now, to defeat keyloggers. If you've got tons in the cloud, you need bank-level security. If people can cope with it for banking, they can cope with it for gmail.
31
namank 3 days ago 0 replies      
I worry about this a fair bit. This is why I am in the process of cloaking my gmail with a throwaway address (ping@namank.com)

And I just suggested gmail this:

-----
Gmail runs my life, as it does yours! Yes, I have an alternate email but whoever has my password can change it and then I'm LOST! You need to make this hackproof (yes yes, i know. but please, atleast TRY)

I suggest:
-Have a backdoor password. There MUST be a 24-48 hour window between changing the backdoor password and the main password.

-Must be a 24 to 48 hour window between a password change and alternate email change.
-----

32
swaits 3 days ago 0 replies      
You get what you pay for.
7
Designing GitHub for Mac warpspire.com
348 points by rtomayko  1 day ago   77 comments top 26
1
tptacek 1 day ago 5 replies      
What a f'ing fantastic article. Thank you so much for writing this.

I spent a decent chunk of time last year building up a somewhat large Cocoa application (a telling synecdoche of how ambitious the app is: it integrates libevent with the Cocoa loop and involved writing a whole new evented Redis-backed HTTPS cache in ObjC).

But unfortunately, I got to the UI part of this project ("UI part", heh) thinking "this is going to be so much easier than webdev, look at all these tools!, and that was a crushing disappointment; getting anything reasonable on the screen has been intensely painful, and is if anything much harder than CSS3+JQ is on modern web apps.

I'm thrilled to hear that at least to some extent, it isn't just me, and making a good-looking Cocoa app (especially your first) is just very hard.

2
gregschlom 1 day ago 4 replies      
> Death of the SSH key. People should be able to connect to GitHub with their GitHub username and password.

This sounds like a wrong design decision. I wish nobody could log into my github account using anything but my SSH keys.

This is also true of my AWS account: my ec2 instances are protected by SSH keypairs, but if anyone gets my AWS password, he has full control over everything.

I'm not a security expert, but SSH keys feel way safer than passwords, especially with all those recents article showing how easy it can be to bruteforce passwords.

3
tolmasky 1 day ago 1 reply      
Without going into whether I agree with his assertions on Cocoa, if it seemed so much easier to do with web technologies, why didn't he just do it with web technologies?

Cocoa is probably the framework best suited for incorporating web views, and tons of apps do this: Mail.app, iTunes, Aperture, Colloquy, etc. etc. Use the right tool for the right job, if you have something that is going to have a lot of flow-based layout, then by all means use WebView.

It's kind of like refusing to use an NSTextView, then complaining about having to lay out text yourself.

4
RyanMcGreal 1 day ago 0 replies      
> Eventually, I (well, many of us) decided that better native clients (OSX, Windows, Linux, Eclipse, Visual Studio, etc) was the best way to grow GitHub.

I hope that means they plan to build a git GUI client for Windows, the poor bastard child of git support.

5
sant0sk1 1 day ago 2 replies      
Great article for sure, but I take issue with these bits:

> Unfortunately for everyone involved, every OS X application that's showed up over the years gave up and tried to turn CLI commands into buttons.

It's my understanding that for a really long time there was no linkable library for interacting with Git. So unless these devs wanted to first write said library they were pretty much left with putting buttons on the CLI.

You might say "Well they should have written one, then!" but that is quite a risky capital expense on a piece of software that could easily flop. GitHub did it (with Summer of Code's help), but they have umpteen uses of such a library even if nobody uses GitHub for Mac.

> It blows my mind that no one tried to do anything special. Git (and its DVCS cousins like Mercurial & Bazaar) provide an amazing platform to build next generation clients " and it's like the entire OS X ecosystem left their imagination at home.

I dunno, I think GitX (especially its forks) does some pretty special things, including making it dead simple to stage/unstage/discard single lines of files.

6
cageface 1 day ago 1 reply      
As an aside, I really feel like Apple is losing the plot with their latest batch of UIs. Wooden end panels, birch bookshelves, the glossy reflective dock, leather-bound notebooks etc, all smack of a lack of imagination and an timid need to convey value in outmoded terms.
7
pohl 1 day ago 0 replies      
There is no layout engine for Cocoa. If you want two elements to rest side to side, you'll need to calculate the pixel size of the text, padding, borders, margins " then manually position the next element.

This is getting a lot better in Lion. If you browse the WWDC 2011 videos, look for Session 103 "Cocoa Autolayout".

8
jkkramer 1 day ago 1 reply      
> Simplify the git fetch, pull (--rebase), push interaction. Synchronize " don't make the user figure out what they need to do to get their local commits remote and remote commits local.

What about conflict resolution? That's one of the hairiest, least-user-friendly scenarios in my experience.

9
chrismealy 1 day ago 1 reply      
Dear github: clicking "published" on a project deletes it from github. That was a surprise!
10
cdcarter 1 day ago 1 reply      
He makes great points about MacRuby. I started tooling around with it for an app a few months ago, and though it was a great interface, it didn't make working in Cocoa any easier, and I still had to learn a lot of weird technology choices in Cocoa.

Though, I think the difficulty of making a complex GUI in Cocoa shines in the OS X world. It's a lot harder to make a working UI, so you want to get the design right the first time, so you don't have to go back and re-do.

11
dolinsky 1 day ago 2 replies      
Could someone elaborate on the difficulties encountered managing branches of an iOS project in XCode using git?
12
oscardelben 1 day ago 1 reply      
On a related note, i've built a simple github browser for ipad that will never get approved on the AppStore due to paid accounts. If someone wants to play with it here's the link https://github.com/oscardelben/GithubBrowser
13
gawker 1 day ago 0 replies      
Just wanted to say thank you so very much! I'm just getting started on trying to build an iOS/Mac application system and while it's fairly straightforward to build it, the design of the user interface is what gets me. Going from ok to 'wow' is what really sets Mac applications apart from most PC applications.
14
ttrashh 1 day ago 0 replies      
I'd love to see a good comparison from someone with a good bit of WPF/Silverlight/Xaml and Cocoa experience.
15
beck5 1 day ago 7 replies      
Has anyone been using this client, is it worth using as far as GUI's go?
16
grimen 1 day ago 0 replies      
I really like what GitHub do, though in this case I would say that the GitX client (forked one) is way more productive and overview:aböe IMO. I even managed to teach my MBA partner how to use it - this one is actually a bit more confusing than GitX interface. Abstraction is not always for the good, but a very good try at least.
17
atomical 1 day ago 0 replies      
Smartgit is an awesome client for mac and I love the diffs view. Git is complicated so does a simple client help or hurt? I think that's up for debate and different users are going to have different requirements but for me I feel Smartgit is simplistic, useful, and functional where as I think of the Github client as more of an RSS type application where I check the latest stuff that has been committed.
18
vladocar 1 day ago 0 replies      
This is so unfair. I finally mastered the GIT console pushing and pulling stuff around. And this awesome product comes and the console is now obsolete. Jokes apart, this is super tool that will bring new users that are still not familiar with the console. Great job guys!
19
swaits 1 day ago 0 replies      
I use SourceTree. It's not free, it's definitely not cheap, but it's badass. http://www.sourcetreeapp.com/ I have no affiliation, just a happy customer
20
natesm 1 day ago 1 reply      
On the images/code drawing points: are there any benchmarks for this? I've been writing meticulous CGGradient type stuff recently, should I just make a gradient in Photoshop and call it a day instead?
21
peteysd 1 day ago 0 replies      
I've been enjoying the app these last few days. Nice job! It's a great add-on to an already killer service. I'm quite happy to send the folks at Github some of my money each month, because they really earn it.
22
mmphosis 1 day ago 1 reply      
23
rawsyntax 1 day ago 0 replies      
The bit about the NDA is a little ridiculous.

Apple wouldn't be able to politely ask people not to blog about their stuff.

24
dsp2138 1 day ago 0 replies      
'是中国人
25
thelicx 1 day ago 0 replies      
Super interesting article
26
PartyDawg 1 day ago 0 replies      
It's amazing, I thought I would come here to learn things, but instead I am teaching.

Branching projects is hard in XCode? Zip up the project files and back up the revision... in I don't know, a source code repository? LOL!

None of the re-writing is required in Xcode for your app. Design the app, then make it in Xcode. If you have to make revisions to the design of your app, go back to designing it. Most of the code can be re-used, but clearly you haven't finished designing the app yet...

Interesting take on the initial experience. But instead of casting about for blame, it might be better to ask why your processes are going wrong.

8
Skype options turn out to be worthless reuters.com
337 points by TWAndrews  5 days ago   142 comments top 23
1
ghshephard 5 days ago 7 replies      
Absolutely zero surprise on my side. VCs, and acquiring companies are always looking to maximize their return, as legally as possible during an M&A deal, even (sometimes particularly) if that means screwing over employees who are no longer with the company.

I actually like the honesty of this quote:

"Silver Lake declined to comment. When asked about Lee's situation, Skype spokesman Brian O'Shaughnessy said, “You've got to be in it to win it. The company chose to include that clause in the contract in order to retain the best and the brightest people to build great products. This individual chose to leave, therefore he doesn't get that benefit.”"

Most people will look at it and say "What an Asswad" - but at least he's not being a hypocrite. That's precisely what everyone in the M&A team is _thinking_ they just aren't _saying_ it.

This is another take on what Oracle did when they bought Oblix (I had just left Oblix in 1999) Oracle gave MegaBonuses to all the existing employees and executives, two of the founders, and paid absolutely nothing for the common shares. The acquisition price was still $100Million plus, but there was only enough money to cover the preferred options + liquidation preferences in the "on the record" purchase prices. Effectively, they wiped out all the employees who were common shareholders, but no longer with the company (or were part of the 15-20 out of 100 who were laid off during the acquisition) while taking care of the VCs and the acquired employees. (As a side bonus, they called the money they gave to the acquired employees "Retention Bonuses" - which resulted in the top people having to hang around for another year)

Lesson to be learned: When you leave a company, and it is still private - if they are Sold, instead of going public, there are probably any number of ways that you will get wiped out if you are no longer with them - possible exception if you are a founder with a significant percentage of the company, and you might be able to raise a stink for minority shareholder rights. Then you'll get a "consulting bonus" to shut you up.

This story is more common than not.

2
dctoedt 5 days ago  replies      
1. By no means do I want to defend Skype here, but the prose in the linked documents isn't especially incomprehensible, at least not for documents of this type.

I teach contract drafting to third-year law students. It's hard work to take a complex if-then-else concept and render it in plain English.[a]

And here's the rub: Few clients want to pay lawyers to spend extra time on readability -- "good enough" (whatever that means) is the goal.

2. [EDITED TO ADD THIS:] It's not unusual for a private company's employee stock plan to include a "call" option that gives the employer the right to repurchase employee-owned shares when the employee leaves the company.

That makes sense when you think about it -- if you're a private company, you don't want a lot of random ex-employees owning dribs and drabs of your shares, especially if you're worried about the 500-shareholder limit (under current law).

On the other hand, for a company with an upcoming exit to buy back the shares at the employee's cost, instead of at a good-faith estimate of the stock's then-current value -- well, that does indeed seem unusual.

(EDIT: Some documents like this provide that, IF: The company wants to do its buy-back EITHER: (i) after an exit is announced, OR: (ii) if an exit is announced within 30 days or so after the employee's departure; THEN: The employee is entitled to the exit pricing for the buy-back.)

3. Again, not to defend Skype, but conceivably they might not have had a choice about the buy-back price, at least not without jeopardizing some kind of favorable income-tax treatment.

If I had to guess, I'd venture that, X number of years ago, some overzealous junior lawyer decided to draft the relevant documents so as to put the company in the strongest position s/he could. Now that zealousness may be tying their hands. I stress that I'm speculating here.

* * *

[a] If you have occasion to write a complex if-then-else sentence, try using all-caps and punctuation like this: IF: It rains at least one inch today but not more than two inches; AND: It doesn't rain tomorrow; THEN: You will turn on the sprinkler system tomorrow; AND: You will not do so the day after.

3
brudgers 5 days ago 0 replies      
The article leaves out some relevant context. It appears that Yee Lee was at Skype for one year one month 3/2010 - 4/2011. That entire period of time was after Silverlake had purchased Skype and more importantly after the right to repurchase vested options was in place.

It is difficult to see this as private equity screwing over founders or early employees (Skype was founded in 2003 and had been valued at more than $2 billion for five years when Lee Yee came aboard). Indeed given the short tenure of many of the people involved in the story, there seems to be more smoke than fire.

[Lee Yee on Linkedin: http://www.linkedin.com/in/yeeguy]

[Business Week article correlating Linkedin profile to article: http://www.businessweek.com/magazine/content/11_27/b42350386...]

[my comments on previous versions of story: http://news.ycombinator.com/item?id=2672786]

4
ianterrell 5 days ago 4 replies      
While I understand that legalese is necessary since English is ambiguous in its best moments, the only reasons I see not to include a "plain English" version of a contract are A) to save on lawyer hours, or B) to screw someone over.

For most contracts I suspect that the overhead on a plain English version would be very small, as the lawyers' understanding of the topics is necessarily deep to formulate the contract (or they're just shitty lawyers, another topic).

Plain English versions of contracts, with their plain English meanings of clauses, should be included in any contract between two parties of vastly different bargaining power, i.e. a corporation with loads of legal resources and a non-millionaire potential employee.

Update w.r.t. comments"I understand the points you're making, but I don't think it invalidates the argument. I'm racking my brain to find the examples I've seen, but there do exist in the wild "plain English" versions of contracts that are not binding (and they specify that) but instead contain comprehensible summaries of the salient parts.

5
kenjackson 5 days ago 2 replies      
A big part of business is who you're in bed with. MS should cancel the Skype deal, if at all possible. That would be one sign that they've turned a corner. I will never fork over a dime for any Skype service. This, while legal, is clearly unethical on a broad scale. And its the worst kind of unethical. Apple and MS play hardball with competitors -- but you don't do that with your employees.
6
johngalt 5 days ago 0 replies      
This is why cash is king and "equity" is worthless.

Hey bizdev weenies out there that wonder why you can't find a technical cofounder/employee who will work for equity, here is your answer.

7
jsherry 5 days ago 4 replies      
"It turns out the investor group...had secured a so-called repurchase right that gave them authority to buy back the shares at the grant price."

If this is true, it sounds like somebody didn't properly perform their due diligence before signing their options agreement. Although it's never right for a company or investor to exercise this buy back when it comes to an honest, hard-working employee, the onus really falls on the employee ensuring that this clause never sees the light of day in their contract in the first place. Perhaps in the event of "cause", one could make a case, but certainly under no other condition.

EDIT: It's an unethical clause to begin with - absolutely agree with the comments. Just saying that you can't count on anyone besides yourself to act on behalf of your own best interests.

8
unreal37 5 days ago 0 replies      
I understand that Skype is a private company, and so that when they grant options it will have some odd terms that employees of public companies don't have.

They shouldn't use the terms "vested" and "unvested" then. His options were vested, yet were callable. That's not what vested means. They should call all options unvested until the company goes IPO.

9
alain94040 5 days ago 0 replies      
Amazing, this is the first time I see a stock options agreement where the employee is forced to enter into a partnership for his vested shares. I agree with the blog's title "upgrading Skype to evil".

On the other hand, you should have known Skype, incorporated in an international haven, was not your regular startup.

EDIT: also, the stock agreement just says "management partnership" on page 3, with no prior definition of what it might be. Later on, it gets more references, without ever being defined. A good lawyer may have a case?

10
NonEUCitizen 5 days ago 1 reply      
Silverlake is not the only investor in Skype; e.g. Andreessen Horowitz is too:

http://a16z.com/portfolio/

11
ajays 5 days ago 1 reply      
What is Microsoft doing about this? As the acquirer, they may still be able to "do the right thing" and make some of these guys whole. Sure, it may cost them a few million bucks; but can you imagine the goodwill it will generate for Microsoft? You can't buy that kind of good publicity!

But will Microsoft do such a thing? I doubt it very much. (I would love to be proven wrong, of course)

12
arturadib 5 days ago 0 replies      
I wonder how many of us are now scrambling to dig up a copy of our stock option agreement. This sets a terrible precedent. In case you didn't get it yet:

READ YOUR LEGAL DOCS (sock options, IP, etc) and negotiate sketchy terms before you sign them!

13
nestlequ1k 5 days ago 0 replies      
Anyone interested in joining GoDaddy after the SilverLake deal should have their head examined.
14
protomyth 5 days ago 1 reply      
in the other thread on this http://news.ycombinator.com/item?id=2691455 the article had the following line "the company's decision to repurchase would also cause a tax hit to him" - anyone know how that works?
15
madmanslitany 5 days ago 0 replies      
I don't really have much to contribute on the story itself, but I suddenly realized that my former CS472 Artificial Intelligence project partner and friend from Cornell works for Silver Lake, which has led me down an interesting path of daydreaming now that I'm starting work with a Valley-based company in a few weeks.

It would actually make for a great short story or novelette to see former classmates on opposite sides of a deal like this. A lot of very smart engineers go straight into jobs in technology sector investment banking, private equity, etc. soon after college that could eventually put them on a collision course with erstwhile friends.

16
NonEUCitizen 5 days ago 1 reply      
17
va_coder 5 days ago 1 reply      
What's to stop a disgruntled software dev who gets treated this way from secretly using his knowledge to support an open source competitor? It doesn't have to be anything close to a line by line copy, just subtle hints here are there about better, but generic, ways of doing things.
18
paradox95 5 days ago 0 replies      
So the people who lost out here have any recourse? I hope they are talking to lawyers. I'm not typically the type of person to sue over everything but this is screaming for a lawsuit.
19
wccrawford 5 days ago 2 replies      
"that you will receive no value" is hardly opaque, even if the rest is. Any contract that said that would have me pouring over it with a fine-tooth comb. Or more likely, just rejected it and finding work elsewhere.

I wonder if that contract is subject to legal action, though? Seems to me that was a deliberate attempt to screw him over. He shouldn't have signed it, but they shouldn't have written it, either.

I'm now serious considering canceling my Skype subscriptions and finding alternatives, despite how useful they are to me a the moment.

20
daimyoyo 5 days ago 0 replies      
This is yet another reason I refuse to use Skype. I won't patronize a company that treats it's employees like that.
21
joshu 5 days ago 0 replies      
They could also have executed their options to purchase the stock...
22
cypherpunks 5 days ago 0 replies      
I've seen swarms of employees get screwed in ways similar to this. It's not uncommon in Silicon Valley.
23
lanstein 5 days ago 0 replies      
I'm sure I'm not the only one who reviewed their stock grants... (good news :))
10
SearchYC is shutting down searchyc.com
295 points by chengmi  2 days ago   59 comments top 40
1
edw519 2 days ago 0 replies      
"If I have seen further it is by standing on the shoulders of Giants." - Isaac Newton

I believe there are quite a few of us here at Hacker News that could claim you, Mike and Jerry, as our giants.

Respect.

2
pclark 2 days ago 1 reply      
SearchYC has actually been tremendously valuable to me and my startups in the past. Hacker News is such a treasure trove of information, anecdotes and friends and your service was the gateway to that.

I used SearchYC as my "google for startups" I honestly cannot reiterate how useful your service was. I wish you'd keep it going as I still use it over the Hacker News Search (habit, more features, search within search results, being able to search for specific comments from users, etc etc.)

A friend was having relationship problems in part due to his startup, and I explicitly remember him saying "I looked on SearchYC and found tons of other posts from founders in the same boat" (this was when you had the curated post categories)

Seriously, thanks. (my startup is kind of in crunch at the moment but I had been meaning to reach out to you guys when I saw your service went offline a few weeks ago, i couldn't let you guys go without me - and probably the majority of the community - giving you guys some thanks and credit)

3
patio11 2 days ago 0 replies      
Thank you for creating and maintaining SearchYC these last few years. I used it more than any site except, well, HN. (My apologies for the server load.)
4
timf 2 days ago 1 reply      
Thankyou so much for creating and running SearchYC, sad to see it go. It was a really great resource and well executed!
5
kirubakaran 2 days ago 4 replies      
Instead of shutting down, can't you hand it off to someone? Please!
6
mikeklaas 2 days ago 0 replies      
Would you be willing to release the extensive HN dataset you have collected?
7
ivank 2 days ago 1 reply      
With SearchYC gone, is there still a way to get an RSS feed for a user's comments?
8
brown9-2 2 days ago 0 replies      
SearchYC was an invaluable resource and a great tool - thanks for the work!
9
raju 2 days ago 0 replies      
I echo the sentiment of many other HNers. Thank you for all the great work, and the invaluable resource. I can't count how many times it has served me in the past.

I wish you the very best - I am almost expecting something even more kickass out of you guys soon.

10
dschobel 2 days ago 0 replies      
Can't thank you guys enough. If you have a paypal link where we can send you some beer money, I'm sure you'd collect a few rounds worth. Cheers!
11
duck 2 days ago 0 replies      
I'm sad to see it go. I use it every week when creating my Hacker Newsletter and since it has been down I've had a hard time using HNSearch as effectively. Search really was just one component to it, it also had a great way to browse Ask HN threads.
12
markbao 2 days ago 0 replies      
SearchYC was no less than kickass. Thank you so much.
13
loschorts 2 days ago 0 replies      
Thank you for running searchyc all of these years. It was a tremendously useful service.
14
ColinWright 2 days ago 0 replies      
I'm deeply unhappy to see you guys close down. My experience is that your results are easier to use and more accurate. Just one instance of an annoyance is here:

http://news.ycombinator.com/item?id=2704753

But although I wish you would continue to include SearchYC in your future work, I wish you all the best in whatever you put your time and efforts towards.

15
senthilnayagam 2 days ago 0 replies      
no time adding new feature is OK. but if it is hosting costs, HN users can donate or get a sponsor.

if you want a maintainer, I am willing to takeover from where you are leaving

16
shii 2 days ago 0 replies      
Amazing site and resource, thank you so much for your time running it. Really appreciated it.
17
JayNeely 2 days ago 0 replies      
SearchYC has been an invaluable tool for me. It's easily tripled the value I've gotten from Hacker News.

Thank you for all your work on it.

18
yosho 2 days ago 0 replies      
Don't know how to rephrase what's already been said so I'll just say it again. Thanks so much for providing an awesome service!
19
omouse 2 days ago 0 replies      
Turn it into free software! It would be invaluable to the community and you would get a hell of a reputation for it I think, especially from hackernews users.
20
hollerith 2 days ago 0 replies      
SearchYC -- particularly the ability to sort results by date -- has been very useful to me.
21
paraschopra 2 days ago 0 replies      
I especially loved the Ask HN archives -- they are undoubtedly the best advice for entrepreneurs.
22
keeptrying 2 days ago 0 replies      
It was a really useful and great tool. I used it a lot. Thank you!
23
drtse4 2 days ago 0 replies      
Thanks a lot, i lost count of the hours i spent in searchyc searching for old threads, simply great.
24
jmonegro 2 days ago 0 replies      
Is this not ironic http://d.pr/x9Ri :)

Seriously though, all the best, and thanks for all the years of good service!

25
tstegart 2 days ago 0 replies      
Thanks to everyone involved. It was invaluable.
26
Estragon 2 days ago 0 replies      
What did SearchYC give you over a google search like "site:news.ycombinator.com <search term>"?
27
savrajsingh 2 days ago 1 reply      
Maybe Greplin could swoop in and fill this void. It would be nice of them.
28
Typhon 2 days ago 0 replies      
There goes the arc forum search, until, maybe, we get our version of HNsearch.
29
ghostDancer 2 days ago 0 replies      
Not going to say nothing new, but it's been really useful for me. Thanks.
30
fastfinner 2 days ago 0 replies      
Great tool all these years, thank you.
31
karussell 2 days ago 0 replies      
If you still need rss feeds you could use http://jetsli.de launching in ~2 weeks)

You will be able to search for 'geeky news' also on other services than hackernews.

32
ltamake 2 days ago 0 replies      
Thanks for creating this, guys. Any chance you might consider sticking your code on Github?
33
keke_ta 2 days ago 0 replies      
Thank you so much for creating SearchYC. I loved it. When I research something, SearchYC is a great resource.
Respect.
34
wallflower 2 days ago 0 replies      
Thank you!
35
OoTheNigerian 2 days ago 0 replies      
Thanks guys. It helped me on more than one occasion.
36
c4urself 2 days ago 0 replies      
Thank you!
37
staunch 2 days ago 0 replies      
Thanks guys!
38
brndnhy 2 days ago 0 replies      
It's still the better search interface. Hope you make the code available.

Thanks.

39
40
tamersalama 2 days ago 0 replies      
Thank You
11
Dotjs " hack the web defunkt.io
297 points by duck  1 day ago   56 comments top 18
1
holman 1 day ago 3 replies      
I've sneakily been using this for months on Hacker News itself- I just .hide() stories past around story #15. More signal, less noise. And it's just jQuery, so it's really easy to whip up.

Bonus points for it being so easy to share, too: https://github.com/holman/holman-js/blob/master/news.ycombin...

2
gue5t 1 day ago 2 replies      
This seems like it's a lot of overhead for what amounts, in terms of capability, to a reimplementation of greasemonkey. It also makes you implement finer controls on execution by url yourself, whereas greasemonkey has them in its syntax. The author states,

"GreaseMonkey user scripts are great, but you need to publish them somewhere and re-publish after making modifications. With dotjs, just add or edit files in ~/.js."

but this caveat is just as strong for files you maintain outside of your browser, and some browsers' implementations of userscripts/greasemonkeylikes actually have a similar filesystem-based model for managing scripts already.

While respectable, I had hoped to be more impressed by a tool that beckons me to "hack the web".

3
rpearl 1 day ago 0 replies      
4
oldgregg 1 day ago 1 reply      
I'm waiting for someone to build a social browser extension on top of something like this. Anyone could submit custom CSS/JS for a website and the most upvoted "theme" automatically gets loaded. Sure the JS security issues might be a nightmare, but the web would look soooo much prettier!
5
mph 1 day ago 0 replies      
I added CoffeeScript support if anyone's interested.

just change your file extension from .js to .coffee

https://github.com/eightbitraptor/dotjs/commit/20c97774eb29f...

6
omaranto 1 day ago 0 replies      
Doesn't Chrome have builtin support for Greasemonkey scripts? How is this better? Is it just the convenience of having jQuery preloaded?
7
tung 1 day ago 0 replies      
See also jsshell[1] for Chrome. Press the button and you can run jQuery-powered JS on the fly, save snippets and run them, even automatically on regex-matched URLs.

[1] https://chrome.google.com/webstore/detail/kmgmkbicahmbceidoi...

8
JackWebbHeller 1 day ago 0 replies      
Great work! But I had some trouble getting it to run on my Mac.

I think it might be because I use VirtualHostX - http://clickontyler.com/virtualhostx/ - which alters my hosts file. I had to create a host - http://dotjs/ - pointing to my ~/.js/ folder - then edit the Extension JS to point the Ajax to http://dotjs/ instead of http://localhost:3131. A bit of pain but it might just be who this affects.

9
reustle 1 day ago 2 replies      
Requires Ruby? Why...
10
TheMiddleMan 1 day ago 0 replies      
"GreaseMonkey user scripts are great, but you need to publish them somewhere and re-publish after making modifications."

Publish them where? I don't understand this. Whenever I change a user.js file and save it the browser updates it and it's ready to go next time the page reloads.

Side node: Scriptish is a fork of greasemonkey with many cool extras. https://addons.mozilla.org/en-US/firefox/addon/scriptish/

11
sim0n 1 day ago 0 replies      
Sweet! Believe it or not I've been actually looking for something like this for Chrome over the past couple of days so this is great.
12
blago 1 day ago 0 replies      
Awesome, exactly what I needed. I was just about to create yet another "inject X.js" bookmarklet.
13
DanielRibeiro 1 day ago 1 reply      
Reminded me a lot of Greasemonkey for FF.
14
__rkaup__ 1 day ago 1 reply      
The instructions given only work for Mac.
15
antihero 1 day ago 1 reply      
Why does this need OSX?
16
robinduckett 1 day ago 0 replies      
Sorry, how is this different to greasemonkey?
17
meow 1 day ago 1 reply      
Umm.. is there a way to run it on windows :( ?
18
Brewer 1 day ago 0 replies      
This just made my day, keep up the good work.
12
New Google Web Fonts Interface google.com
293 points by jamesjyu  1 day ago   46 comments top 18
1
thematt 1 day ago 1 reply      
Great interface, but the number of fonts is a bit overwhelming to browse through. It would be awesome if you could sort by "most downloaded" or "most used" -- just to get some ideas.
2
tobobo 1 day ago 1 reply      
Wow - I've never seen a cleaner font browsing interface, and they make using the fonts you look at so easy I didn't even realize I was doing it.

Let's hope the Web Fonts API doesn't go the way of the Translate API, or many webpages will be rendered in incorrect fonts. Horror!!

3
201studio 1 day ago 2 replies      
How many awesome things can Google roll out in a day?
4
ThomPete 1 day ago 0 replies      
This has several flaws.

For it's not consistent. I filtered for Serif and got sans serif in the mix.

But even worse. You can't specify very precisely. For instance if I need a slab serif how do I filter that?

5
cdcarter 1 day ago 2 replies      
This is fantastic! I've been waiting and waiting for Web Fonts to expand, and now I have a lot more choices than Syncopate and Raleway.
6
thedjpetersen 1 day ago 1 reply      
7
StacyC 1 day ago 1 reply      
Nice improvement to the interface. I've just recently started using these fonts a bit and I really like the service. The collection is growing too so there's a good variety there. Nice job, Google.
8
hydrazine 1 day ago 0 replies      
Super like! Can't wait to try it. Looks much easier than tinkering with raw CSS.

Edit: 2 lines of code were all I needed to add. Ridiculously easy.

9
JCB_K 1 day ago 1 reply      
I still don't see the point of a service like this. With a tiny bit more work you have them on your own server, and you have all the control. If Google tomorrow decides to stop serving fonts, your design won't be broken.

With some services I understand people rather have it externally has it's a hassle to do it yourself, but @font-face is too easy to not do it.

10
rglover 1 day ago 0 replies      
This is a great update to their existing library. It reminds me a lot of Fontcase and similar font browsing apps. It's great to see that their library keeps growing. Definitely going to make this a first-stop before working on designs from here on out. Thanks, Google.
11
habitatforus 1 day ago 3 replies      
Judging by the other comments, it's just me, but the fonts look worse now. They aren't smooth at all.

Why?

12
scottseaward 1 day ago 0 replies      
I like this a lot. I'd love to see a monospace fonts filter. Although, saying that, it looks to my eye like the only monospace font on there is Inconsolata.
13
hsmyers 1 day ago 0 replies      
Keeps getting better with each iteration! That said, I'd still like to see some pi fonts and printer's ornaments...
14
lautenbach 1 day ago 0 replies      
anyone have experience using this after typekit? we've been somewhat disappointed with the inconsistency of typekit's rendering lately and are looking for another option...
15
ya3r 1 day ago 1 reply      
They once had some Arabic fonts. Where did they go?

http://i.imgur.com/L5hSF.png

This is a snapshot of their IO's session video.

16
abhaga 1 day ago 0 replies      
I wish they would add Indic scripts too!
17
theatrus2 1 day ago 0 replies      
Didact Gothic is a nice one for headlines.
18
jackpirate 1 day ago 2 replies      
How is this useful if everyone else hasn't already downloaded those fonts? Everyone has Ariel. That's why it is so popular.
13
Don't be rich, Live rich slideshare.net
292 points by BioGeek  4 days ago   136 comments top 25
1
econgeeker 3 days ago 5 replies      
We've been doing this for three years now. This couple seemed to focus on having a year abroad, we've made it our lifestyle, and we're doing a startup (rather than consulting).

I started this as a response to the "how to keep productive" question, but I'll try to address the other questions people have been asking in the thread later on.

We also have the issue of taking some period of time to get back into the productive zone. What we do is spend the visa limit time in each country. For americans in the UK that is 6 months, for instance. So we rented an apartment for 6 months. In the Shengen zone (most of europe) it is 3 months, and last year we spent 2.5 months in berlin.

In both cases we spent most of the time working a normal lifestyle %90 of the time. After our 2.5 months in berlin we spent a couple weeks traveling as tourists (that's where the other 0.5 months went.)

I figure 2 weeks on either side of a relocation are not going to be productive, so might as well spend half of that time, or so, doing tourist stuff. By having such great breaks regularly, we are recharged and I think more productive when we are working.

The weird thing is, indoors, the only thing foreign really is the outlets... so it feels like we're still in the USA, but then you step outdoors and the language, accents and architecture are completely different. So you can "travel" across the globe every day. It is really hard to explain that feeling but it is pretty powerful.

--
Taxes & Visas-- As far as governments are concerned we're tourists. We present ourselves this way and we get tourist visas. However, for most visas "tourist" and "business" visas are essentially the same. We don't work in any country in the sense that we don't have a job, we don't participate in their employment schemes. We're taxed like americans (the US taxes your income no matter where it is earned).

--
As I mentioned we're doing a startup. (We did one and we're just in the process of pivoting so what the new one is at this point is a little vague.) I don't feel out of the technology scene at all-- I have all the same connections I did before we left, except that I can't go to local unconferneces, but I didn't really get much out of them.

There is one conference that I miss that is done in the USA only, but we started buying the videos for it. Spending hundreds of dollars on conference videos sounds expensive, but it is cheap compared to actually going there (Even from within the USA). I don't really miss the networking opportunities-- and we're now networking with a real international network. EG: we network with the locals wherever we are.

The technology scene really is global.

--
Budget:

This is a big one. This inhibits a lot of people. However, if you've got an income from your work, and savings to get by in the USA, you can get buy longer when you're traveling. Even traveling in expensive first world places like europe, right now, we're able to live on the budget we were living on in the USA. Overall, we're actually spending a bit less, and we spend a lot less when we are living in lower cost places (even places in eastern europe, which are "expensive" compared to southeast asia, are cheep.)

So, we could have remained in the USA, and spent the same amount of money. I don't think we would have gotten any more work done, and we would have had a lot less fun. Plus, as our product is global, better understanding of other countries helps.

--

Health insurance: We have the health insurance we had in the USA. It covers us globally. There are specific health insurance plans that cover long term travelers and we might switch, we just haven't done so yet.

Neither of us are under 30, nor are we over 50.

--

Crazy? You hear a lot of people who knock this idea. Lots of people say "I'd love to do that but I've got responsibilities" or the equivalent.

That's fine... just don't presume we're not doing serious work, we aren't doing a "real" startup or anything lie that. These days startups often have employees spread around the globe... we don't have to carry the whole company with us.

I think people thinks this is harder than it is. Or maybe for some people the idea of living out of a backpack is tough.

Personally, I relish the challenge!

Between my laptop, camera, and assorted stuff, I've got about 7 pounds of clothes etc, and 10 pounds of electronics gear. Every time we-repack, we actually shed some unnecessary stuff. It is a process... but I love it.

2
motters 3 days ago 4 replies      
It sounds nice if you can pull it off, but on the occasions where I've been continually moving from place to place I've found it much harder to actually get anything done. Continual travel adds cognitive and other entropic overheads which deplete your mental and energy real estate.
3
maccman 3 days ago 3 replies      
I've been doing the same for 9 months now. I've travelled round the whole world, had a fantastic time, and wrote a book for O'Reilly as I went. It's been the best year of my life. In fact, it turns out that writing books is one of the best ways to do this - as it's very flexible and a successful book will just about cover traveling costs. What most people don't realize, is how cheap it is to do this.

As always though, everything is best in moderation. I'm yearning to be back in the startup/technology scene - and I will be come September. I'm sure that'll I'll do another trip like this in my twenties though (I'm 21 now).

4
georgieporgie 3 days ago  replies      
What are the best technologies to focus on in order to be mobile/remote?

I've notice that nobody is interested in remote C++ development, and the few people I meet who are doing something like this are in some branch of web development.

5
stevenp 3 days ago 0 replies      
At the beginning of June I went to Chris Guillebeau's first World Domination Summit in Portland, OR (http://worlddominationsummit.com/) and met lots of people who are living like this. I highly recommend going next year (I'm already registered!) if you're interested in learning about the techniques people use for lifestyle design.
6
ilamont 3 days ago 1 reply      
Living abroad in your 20s is an unforgettable experience. I lived in Europe and Asia for most of the 1990s, and still look back wistfully at that time of my life. I gave up some early career "juice" but got so much more out of it.

Note that doing what the OP did is far more difficult if you have children, although it is possible to work stable jobs in a single country for longer stints with kids.

7
rdouble 3 days ago 2 replies      
This looks like fun, but so many people have done this now, it's almost a cliche.

It almost seems more unique to hear about a hacker from NYC documenting a summer working in New Paltz, rather than another story about social media experts working from cafes in Buenos Aires and Thailand.

8
kristofferR 3 days ago 1 reply      
BTW, my favorite podcast is The Lifestyle Business Podcast:
http://www.lifestylebusinesspodcast.com/

The hosts are two guys who have created a million dollar business in the last three years while traveling. Their business is not some bullshit "blog"/earn money by selling tips on how to make money thing, it's a real business that actually sells physical products.

Everybody should check it out. It's a shame that they're charging for the first episodes since it makes it kinda hard to recommend to people (I discovered them before that), but their content is definitely worth paying for. It's probably the best audio-only business content I've heard.

9
wallflower 3 days ago 0 replies      
For inspiration, check out Worldhum and Brave New Traveler:

http://bravenewtraveler.com

http://worldhum.com

10
irahul 3 days ago 2 replies      
> Don't be rich, Live rich.

Why not be rich and live rich. I get the "Live rich" part but that "Don't be rich" is unwarranted.

11
skarayan 3 days ago 0 replies      
Moral of the story: structure your life around things you love. Travel is cool, but not for me long term. I love internet startups and getting better with every new idea/execution. Soon, I will be able to stop consulting and get my cash flow from a self sustained business. In the mean time, I consult to fund me ideas. Life is good.
12
rafski 3 days ago 2 replies      
Not trying to take away from how fantastic and inspiring a story this is, what's with the "check for grants/subsidizing" bit?

Is the ultimate advice "be from a wealthy country that lets you travel on welfare"? :)

13
ori_b 3 days ago 1 reply      
How does this work with respect to visas and the like? I don't imagine that countries like you coming in to work and earn money without paying any taxes.
14
bignoggins 3 days ago 0 replies      
My wife and I are currently doing something similar. Traveling the world (4 continents, 20+ countries). She's working on photography and blogging while I'm developing my own iphone apps. Best decision we've ever made, and haven't looked back since (been on the road for 3 months, currently at an airbnb in Taiwan). My wife keeps a blog at http://www.shenventure.com if you're interested in reading about how we did it.
15
jonmaim 3 days ago 1 reply      
A very useful site to help you find a good city/country is numbeo.com. There you can make cost-of-living comparison between 2 cities.

For example, look at the difference between Lausanne, Switzerland and Bangalore, India (the indian silicon valley!) -> bit.ly/ltwXUf

16
jonmaim 3 days ago 4 replies      
Currently doing it in Bangalore, India! Anymore people/couples doing the same right now?
17
seanharper 3 days ago 3 replies      
This is fascinating, and I would really like to try this at some point. However, I am 30, married and have a 1 year old kid. Does anyone have any similar resources, examples, for people who have done this with kid(s)?
18
jbrains 2 days ago 0 replies      
The most fun part of this lifestyle is being able to say "I'd like to go to Paris again this year", then finding work close enough to Paris to pay for going to Paris. By not needing to squeeze every dollar out of my trips, I can be much more flexible and enjoy the travel more.
19
sjmulder 3 days ago 3 replies      
What's the best way to go about finding places to live for a short time that don't cost an arm, leg and rib?
20
hetaoblog 3 days ago 0 replies      
interesting experience. for people running personal web business, maybe this is worth trying for some period;
I just started to do something during weekends, hope it can grow big to cover my daily job
21
TA662 3 days ago 2 replies      
This is just how I'm hoping to spend most of my 20s.

I did freelance for a while, and I came to the conclusion that I don't really enjoy doing client work, so now I'm working on a startup instead.

Does anybody have experience doing a startup on the road, as opposed to the more common freelancing/blogging/consulting?

My aim is to get my SaaS product(s) to the point of requiring almost zero work. (Everything automated, effective 'help' section to keep the amount support emails as low as possible, etc.)

This seems impossible with freelancing/blogging/consulting, as you'll only be able to lessen the workload so much (i.e. it can't be self-sustaining), whereas depending on the startup you can theoretically get by on just a few hours work per week, while your revenues are still increasing.

22
dennisgorelik 3 days ago 1 reply      
Internet allows "rich live" without actual traveling.

Besides, if you have kids, traveling is much harder / expensive.

23
robertduncan 3 days ago 2 replies      
How does immigration law work for this kind of trip? Do you need a work permit/visa?
24
Tichy 3 days ago 2 replies      
Wouldn't the rich way to do it be to buy a yacht and float from place to place?
25
sliverstorm 3 days ago 1 reply      
Beetle? Vintage? That seems to imply "good"...
14
Why mobile apps suck when you're mobile (TCP over 3G) davidsingleton.org
286 points by dps  3 days ago   68 comments top 21
1
kalleboo 3 days ago 6 replies      
There were plenty of wireless-optimized TCP replacements proposed back in the days when WAP and XHTML Mobile were the hottest things around, but none took root as operators, web servers and browsers needed to adopt them in tandem.

Now that smartphone apps are widespread and someone developing a service can control both sides of the connection, there's definitely room for someone to devise a really good TCP replacement (layered on top of UDP) with an iOS library, an Android library, and an Apache mod.

2
dspillett 3 days ago 0 replies      
The problem for those of us on capped and/or expensive-per-kbyte mobile connections (in the UK that is everyone who doesn't spend a large chunk on their monthly contract - people on Virgin pay-as-you-go pat £3 for a day's access but IIRC you get cut off after 25Mbytes in that day) with restarting connections early is that the ~20 seconds worth of packets queued up during the blip is going to be sent anyway even though they are now no longer needed. 20 seconds worth of discarded packets could be quite a bit if you were transferring data at decent 3G+ speeds just before the blip.
3
jchrisa 2 days ago 0 replies      
This is exactly what CouchDB, and Mobile Couchbase for Android and iOS, is designed to fix.

Networks are slow. Mobile networks are slower. The most robust fix to the problem is to "optimistically replicate" your application data to the end user's device, so that the network latency does not become part of the user experience.

This is a strong fit for applications like CRM or geographically constrained apps, as the data sets are small enough to fit completely on your devices. For larger data sets the issue becomes: which subset of the data should be copied to the device ahead of time.

The user should never needs to wait on the network. All data operations are played against the local Couch, which handles asynchronously transmitting changes to and from the remote server, in the background. This pattern makes it much easier for app developers to make responsive applications, where users are never left waiting on multi-second round trip times.

4
aristus 3 days ago 0 replies      
Here's animation of the packets of a Facebook page hit over 3G on a moving bus:
http://vimeo.com/17248120
5
praptak 3 days ago 0 replies      
It looks like this should be (at least partially) dealt with at the OS level especially if the OS in question is a mobile one.
6
micheljansen 2 days ago 0 replies      
Interesting. I cannot stop thinking how cool it would be if Google actually decides to step in and propose an alternative protocol for mobile networks. If they put it in Android, they already have a huge base for adoption.

Ended up writing a piece on Google because of this on my blog:
http://micheljansen.org/blog/entry/1060

(shameless plug :P)

7
clistctrl 3 days ago 5 replies      
Not that his advice is bad, but these statistics are a bit biased. Trains make for some pretty unusually difficult channel conditions.
8
justincormack 3 days ago 0 replies      
Interesting, suggests a quick fix might be for the client to not use keepalive, or to selectively close connections that are very slow so as to start new ones. Potentially a much easier solution than writing a new transport.
9
rowanseymour 3 days ago 1 reply      
Very interesting and sheds some light on the weird latency issues I see here in Rwanda, where 3G issues aren't limited to being on moving trains. Sometimes pinging shows crazy return times of 30000-60000ms. Other times they're only 200-400ms but every other ping packet times out, i.e. one packet through, next one drops, and so on. Still trying to figure out exactly what's happening then.
10
schiptsov 2 days ago 0 replies      
The much worse problem is DNS. For big networks that pushes always the same two IPs (even without round-robin) it is a disaster. There are lags of servers, lags of network, dropped packets, useless overhead with EDNS and different packet sizes (timeouts and retransmitions) and above all, the practice by content providers and CDNs to use hundreds of changing in real time hostnames to implement load balancing and/or geoIP based assets loading. They use near zero TTLs which makes caching useless and dynamic sets.

Indian Airtel's network is a live example of that disaster. It is almost unusable, while they still actively promoting 3G and iPhones. ^_^

11
warfangle 3 days ago 0 replies      
Would Vint Cerf's recent work on a high-latency network standard for space[0] apply? Would it make mobile more useful? It's designed for latencies of days (not seconds), so it might be overkill. But something to masticate upon...

0. http://www.technologyreview.com/communications/21601/?a=f

12
lukego 3 days ago 1 reply      
Don't worry, our Lisp startup (www.teclo.net) is fixing TCP over mobile networks, it will all be fine soon enough. :-
13
sebandr 2 days ago 0 replies      
I'm in a start up that's developed techniques using UDP to allow someone to roam across wifi - in other words we have managed to reduce the tcp delays and time outs to provide consistent and reliable handoffs between wifi zones and devices - regardless what of the network provider. The technology also allows hot handover between femto and wifi too. Right now we're mostly focused on a mobile app to improve broadband delivery of content to mobile users in shopping malls, commercial zones, etc. but that's low hanging fruit. Eventually we believe that this can be integrated in mobile apps to let others us this for true mobility while running broadband services.
14
kaeso 3 days ago 0 replies      
As an historical note, most of these concerns are the same expressed in RFC 3481 (category: BCP). You'll note from there that some of the issues are still open even if almost a decade has passed.
15
wibblenut 3 days ago 1 reply      
This is partly why I'm so interested in publishing information at the DNS level (i.e. .tel) - you get to use UDP (or TCP failover), plus other awesome benefits. You can do other innovative things with DNS too.
16
hxf148 2 days ago 0 replies      
Mobile HTML5 apps, the future is the past. :) Check ours out http://infostripe.net
17
etherealG 3 days ago 0 replies      
anyone know what tool I could use to run a similar test?
18
dps 3 days ago 0 replies      
Dave Taht points out http://www.bufferbloat.net/ which looks very interesting!
19
willyt 2 days ago 0 replies      
Is there any way round this for HTML5 apps? I know you can save an app icon on iphone but when you launch it just launches safari which seems to make a network request to check if the site is up to date? (Sorry, I'm a bit naive about all this HTML5 stuff.) e.g. Gmail in safari on iphone is useless when you get long latency situations like this. Is there a way round that?
20
jb55 3 days ago 3 replies      
We should probably get these long round-trip protocol issues ironed out before we build our galactic internet
21
zobzu 2 days ago 0 replies      
SCTP anyone?
15
Google+ Project: It's Social, It's Bold, It's Fun, And It Looks Good techcrunch.com
283 points by philipDS  1 day ago   78 comments top 24
1
icarus_drowning 1 day ago 0 replies      
Well, I'm glad there are some significant new features that Google is trying to use as leverage. Group video chat comes to mind as something that most people don't like to deal with, but as an integral part of a social network, I can see it making more sense.

Its clear they've tried not just to 'clone' Facebook, which I appreciate.

2
dfield 1 day ago 2 replies      
I'm very excited to try this out. Context (AKA "Circles") is the biggest feature Facebook still hasn't gotten right. By mirroring the way we think about our social graph in real life, Google is making a huge step toward converging Online and Offline identity. It will be very interesting to see how Facebook responds to this... they might finally have a competitor.
3
luu 1 day ago 2 replies      
Unlike on Facebook, people do not have to agree to be friends with one another. They can receive someone's updates without sharing their own

So it's like a reverse twitter, where you choose who can follow you?

4
illumin8 1 day ago 3 replies      
If they pull a Wave and only invite users in small groups it is doomed on arrival. This thing needs to be free and massively available like Gmail. Social is not like email - you need wide participation in order for it to succeed.
5
jagbolanos 1 day ago 2 replies      
I have been an anti-wave, anti-buzz but I just tried Google+ and it's great. I think this time Google really can kick FB. Great, simple interface and integrated to my gmail, picasa, contacts, gtalk it is definitely great!

I love the circles philosophy and UX.

One problem is the restriction on invites. Google+ is valuable to me if I can share things with others, just like I do it in FB right now. They have to enable invites soon or the early adopters will get bored and leave forever.

6
jneal 1 day ago 1 reply      
Okay, there are way too many posts on Google+ on HN right now, but I do have an opinion I would like to share and this thread seems to be the most appropriate.

When I first heard the news about Google+ today, my initial reaction was wow, Google is going to fail again. I mean, with Wave, and then Buzz, and I figured this was just another in the line of failures.

However, after looking into it and reading about it, it is actually very cool looking. I look forward to trying it out live when it's ready.

7
katieben 1 day ago 3 replies      
Awesome, can't wait to try it! Circles sounds like just what everyone wants. I think I'd switch to any half-decent social network made by Google. I do hope they provide a way to use the Facebook data export to make switching easy.
8
thirdsun 1 day ago 0 replies      
I have to admit that the stuff shown on Googles demo page looks really good. I really appreciate the focus on social circles as I really don't want to share everything with everyone but rather address different groups of friends.

Overall this seems to be very well thought through with some fresh ideas.

9
Ryanmf 1 day ago 0 replies      
Facebook launched at schools not called Harvard the Summer preceding my freshman year of college. It went live at my school a few weeks into that first semester. I enjoyed it immensely and observed it carefully, but sometime in 2007 it really began to wear on me. Later, (~2 or 3 years ago) I more or less withdrew from using it altogether.

Circles addresses something like 70% of my gripes with Facebook. Of course, we still haven't seen Google successfully build a social network, so nothing's really been addressed until everyone joins the party (or doesn't). Google+ looks interesting though.

Too bad my primary Google account is my Apps account for my primary domain, and since Apps accounts don't have associated Profiles anymore, I don't get to play. Then again, I'm still dealing with the fallout of the transition to "The New" Google Apps, having already used my domain email as a Google account to sign up for really exotic things like Google Reader, so perhaps I don't need yet another new plaything at the moment.

I will add that I think the Huddle and Hangout components may offer"in the case of the former"good competition both on Android and in general to iOS Messaging/BBM (the only hang-up that has me short of sold on iOS messaging is people don't yet think of their Apple IDs as communication accounts/channels, their Gmail accounts on the other hand...), and"in the case of the latter"someone not only to compete with Foursquare, but perhaps to answer the question from normal folks: Why "check in" anywhere to begin with? (Because you've arrived at the "anywhere" you just "Huddled" over meeting at, your phones already know it, and if you acknowledge their requests to "Hangout" together, even more of your friends may show up. Or something. That last part's a little hazier for me. What if you want to broadcast to the world that you're enjoying your new favorite tea spot, but you don't want to say which 5 people you're with and risk persons 6 and 7 whom were specifically not invited showing up? In any event it seems to me a more human workflow than "Go places, check in, get points/kittens/whatevr."

10
Pistos2 1 day ago 1 reply      
I'd have to see these Circles in action, but if they're what I think they are (e.g. you'd make a "Work" circle, a "Family" circle, a "Casual Acquaintance" circle, etc.), then Diaspora has that concept: They call them "aspects". I must admit, "circle" seems like a better term than "aspect", though.
11
terinjokes 1 day ago 0 replies      
Ironically, the "Keep Me Posted" page has Javascript blocked by Chrome.
12
zephjc 1 day ago 4 replies      
Thing's I noticed trying out the demo:

- You can only have add a person to one "circle". If I wanted to add someone to two or more, I'm SOL. Maybe they will change this.

- A "circle" can only contain a certain number of users before it runs out of room. I haven't seen how it deal with this - does it shrink the circles as you add more? What happens if there are 500 people in one, would they be a bunch of 1 x 1 pixel dots? Or does the circle just say "You can't add any more people"?

13
ChrisArchitect 1 day ago 1 reply      
it feels so closed off. Silo'd. Makes me shudder.
14
rch 1 day ago 1 reply      
If G+ knows individuals, then search results served to other known (or unknown) individuals could reflect the subject individual's 'circles' settings. Ergo, individuals in general have a significant, possibly material, incentive to take part in G+ to the greatest extent possible.

search > social

15
rektide 1 day ago 1 reply      
I'm really excited I don't have to build my own XMPP Muji client[1]. Hang-outs are something I've wanted for a long long time; passive virtual spaces. Goonfleet used to go crazy with Stickam, but it was more event oriented, less passive. Hopefully this can be a good marker in helping people actually communicate and build community over the net, v. individual play.

[1] http://telepathy.freedesktop.org/wiki/Muji

16
johnrob 1 day ago 0 replies      
Apparently another feature was to automatically set your gchat status to "available". That explains why I got a bunch of messages yesterday morning.
17
lparry 1 day ago 1 reply      
I see they're using their 'winning' wave strategy again.

1. launch a social platform, but restrict signups to the point where nobody with access has any contacts on the service

2. keep it locked down until the buzz/hype is all gone

3. open it up to everyone and let them wonder why there was any buzz/hype in the first place

If they dont let early adopters use the platform and give the crucial early feedback, they might as well throw in the towel now.

18
makthrow 1 day ago 2 replies      
Very bad marketing here. Whoever chose the name "Google+" should be fired. First, the name confuses people with google's +1 button. Second, what does "+" have anything to do with a social network? It gives you no information at all about the service. They should have called it "google circles" and emphasized that Google Circles let you compartmentalize your social network, as opposed to facebook.
Bam, instant differentiation. Instead we have a product that tries to do too much and needs a demo to make people understand.
19
hollerith 1 day ago 1 reply      
I might delay learning anything about Google+ until I have some evidence that Google is not going to kill it in a few months :)
20
olalonde 1 day ago 0 replies      
I hope it won't be blocked in China.
21
MetallicCloud 1 day ago 1 reply      
> "Everyone has high-speed networks these days"

Oh really? Tell that to a bunch of my friends who are either forced onto dial up, or 1.5Mb internet.

Not everyone lives in a big city.

22
genericbrandx 1 day ago 0 replies      
Anyone want to wager when Google Mindmaps will debut?
23
rektide 1 day ago 0 replies      
I haven't heard anything about API's or developers.

Another annoying case of "do no evil" not implying anything about actually pushing the state forward or helping. I'm not altogether that interested in the greater of the two silos, although I am excited by a state of play other than facebook moseying down the field palming the ball in one hand.

24
presty 1 day ago 0 replies      
I wonder what huddle.com has to say about Google's Huddle..
17
Paper.js " The Swiss Army Knife of Vector Graphics Scripting paperjs.org
260 points by hakim  2 days ago   41 comments top 13
1
haberman 2 days ago 3 replies      
Why implement vector graphics on Canvas when you could use SVG?

EDIT: Seems to be answered in the FAQ: "We have decided to use the Canvas object as the main backend for now because it is faster than SVG and allows us to implement and optimize our own Scene Graph / Document Object Model. We will be offering SVG (and hopefully PDF) importing and exporting in the future."

But it seems hard to believe that doing vector->bitmap rasterization in JavaScript is going to be faster than using the browser's SVG implementation (written in C++).

2
gruseom 2 days ago 1 reply      
Regarding vector graphics performance, there's a weird way to use SVG that is sometimes much faster than Canvas: use string concatenation to build up a huge blob of SVG markup and then splat it into the browser all at once by setting innerHTML on an SVG element. We rely on this trick for UI performance in our web app. In fact, we do it on every scroll and/or mousemove. The amount of computation you can get away with in JS without noticeably slowing down the renderer is nothing short of astonishing.

Given how clunky SVG can be, it's surprising that this technique works so well. I believe the performance gain comes from batching everything you want to render into a single ginormous round trip between JS and native code. With Canvas, you don't have that option, so you have to cross the grand canyon with every call. The equivalent in SVG would be making a series of tweaks to the SVG DOM, and that's even slower. Much better to rebuild the entire DOM yourself in text and overwrite the old one.

As a bonus, you can take the same approach in IE using VML. Though the markup is different, the SVG and VML models are close to isomorphic - not close enough to abstract over without an annoying impedance mismatch, but much closer than either is to Canvas. Thus this technique affords a good way to get graphics performance out of both the modern browsers (SVG) and the pre-9 IEs (VML) for as long as the latter are around.

3
maresca 2 days ago 2 replies      
Has anyone used both this and raphaeljs? How do the two compare on features, browser compatibility, performance, etc?
4
fedorabbit 2 days ago 1 reply      
default smoothing example uses 52% - 62% CPU at run time on my macbook pro i7 duo core 2.66GHz laptop. Bouncing ball uses 100% on average. Pretty cool script! it makes a good example what today's browser is capable of.
5
aarondf 2 days ago 0 replies      
The Mona Raster, made with Paper.js

http://d.pr/Oa4n

[EDIT] Slightly sharper eyes.

6
kleiba 2 days ago 2 replies      
That website makes my CPU sweat.
7
fomojola 2 days ago 2 replies      
Internet Explorer compatibility, anyone? I mean, I'm as much in favor of the latest and greatest as the next man, but...

RaphaelJS has IE covered.

8
laughinghan 2 days ago 0 replies      
The obvious comparison is with Raphael.js (raphaeljs.com)

Wouldn't it be great if someone did all the RaphaelJS examples in PaperJS, and vice versa, so we could compare performance and ease of use?

9
noduerme 2 days ago 1 reply      
proce55ing is great for what it is / does, but there's a large gap between that and building functional games and animations, which isn't addressed by their screen graph model (nor this one). At issue, and missing, are parent-child relationships in which transformations and mouse events can be factored or transmitted up or down a display chain in the screen graph. To my knowledge, the only existing library that does this on Canvas is StrikeDisplay (strikedisplay.blogspot.com). In general, the ability to do that doesn't impinge on the ability to use native canvas vector functions in any way; but it simplifies the mixture of vector and raster images for animation, and acts as a better tool to let coders focus on the game they're trying to build rather than the intricacies of the canvas processing -- or to step it up, the raster and/or vector transformations -- behind something like:

var a = new Sprite();
var b = new Sprite();
a.addChild(b);
b.x = 100;
a.rotation = 45;

Which ideally should rotate both a and b by 45 degrees clockwise, with b offset in the rotation around a's axis by 100 px.

10
emiranda 2 days ago 1 reply      
Anyone happen to know where I can find general information on implementing something like this? http://paperjs.org/examples/chain/ I'm interested in implementing this mechanic in Flash (for a game). I looked through the source code and it seems like a lot of code just to get to the point. Hoping to find something more basic that I can port over.
11
mhd 2 days ago 0 replies      
I still miss Display Postscript.
12
Shana 2 days ago 0 replies      
Q-anyone have comparisons to the processing.js (processing) wrap?
13
florin_ 2 days ago 1 reply      
any 3d on canvas?
18
How to take advantage of Redis just adding it to your stack antirez.com
248 points by antirez  2 days ago   52 comments top 13
1
bretthopper 1 day ago 2 replies      
I've read about Redis before and heard how companies are using it, but never completely understood it's purpose. After reading this I can actually say I understand Redis now and how it's useful. Amazing that after hearing so much about it all it took was a relatively simple article.
2
bretthoerner 1 day ago 1 reply      
We use a ton of Redis, but I think the main takeaway from this article applies to all "NoSQL databases".

The "movement" is about polyglot persistence and not leaving RDBMS completely. Pull pain points out into something that's a better fit. Rinse and repeat.

3
true_religion 1 day ago 1 reply      
What I get from this is that Redis is so powerful that its best to not use it as a simple read-cache where the database is still the cannonical source.

Its better to use it as the write-cache for complex datasets with the database being the backup.

4
jarin 1 day ago 0 replies      
Resque and redis-store are like auto-adds for almost any Rails project I work on these days.

Resque is for background jobs (with many add-ons for locking, scheduling, retries, etc.), and redis-store is a drop-in store for Rack::Session, Rack::Cache and Rails.cache. Easy and super fast.

5
mickeyben 2 days ago 0 replies      
Very good article: there is some good exemples on how you could use Redis.

We just added it to our stack for caching and storing sessions.

It's blazing fast !

We're now trying to use it for different other purposes; autocompletion, counting and ab testing.

6
randito 1 day ago 2 replies      
In your first example, you use redis to cache the id's of the latests comments, with a fallback to SQL in order to populate the list. However, you still need to call the DB to load the comments. I don't see the gain here.

Yes, you've replaced a "select * from comments order by created_at limit 10" with a "select * from comments where id in (list_of_ids_from_redis)".

Wouldn't you cache the comment models in a top-10 list?

7
geuis 1 day ago 2 replies      
What are some inexpensive cloud options to run redis for large data sets up to say a gb or so?
8
rch 1 day ago 0 replies      
Does anyone know if hdf5 would be an acceptable optional replacement for the current Redis disk format?

I have a console app that's backed by Redis (in much the same manner as described in this post), but I save my sessions to h5 when I switch between datasets. That means I need to combine the Redis data with my app data and export -- I do this using two separate h5 files, with with the appropriate links.

It would be nice (for me anyway) if I could do a Redis-native save, and move the resulting file. That would also improve my startup times when I reverse the process.

But, while h5 is nice for My data, I can't say it would be any good for generic Redis data...

thoughts?

9
Joakal 2 days ago 2 replies      
Would it help game servers to run it with Redis? Like say, a FPS or RTS server.

I'm not sure of the typical game server stack though.

10
datadon 1 day ago 0 replies      
These little fixes are how I got into Redis and a month or so later, it's a primary data store (with disk based fall back) and I find myself doing 99% of aggregation and temporary storage operations with it.

Really great tool for the belt.

11
ww520 1 day ago 1 reply      
Anyway to use Redis in App Engine setting? Or does Google have similar service in App Engine?
12
pg_bot 1 day ago 0 replies      
This is a great example of how to promote adoption of a new technology. More companies should pay attention to how their product can be used rather than what their product is.
13
va_coder 1 day ago 0 replies      
I'm looking forward to the book
19
Goodbye Basecamp, This Is The End christianjung.com
248 points by railsjedi  5 days ago   96 comments top 24
1
spolsky 5 days ago  replies      
The 37signals ethos of having an opinion and saying no a lot creates wonderful experiences and products for users who are new to a certain field. For someone who is new to project management, for example, the fancy programs with every feature and option are confusing and scary. Products like Basecamp are beautiful for these users.

As users gain more experience, their needs become slightly more complex. They start to understand the simple product completely, and then they have the cognitive ability to understand more fancy bells 'n' whistles. For users who have been doing project management for a long time with any software product, they will have a long list of things that they know -- from experience! -- that they need.

That is why there's a market for simple and there's a market for full-featured. Both are discrete markets, usually. Obviously every software designer strives for "power made easy" -- it seems easy at first, but there is power under the hood when you need it.

2
ianterrell 5 days ago 4 replies      
I think Jason Fried and DHH might take issue with, "You proved yourself wrong, I think."

In addition to "Say no by default," one of their other points of advice has been: "Let your users outgrow you."

37signals has found that there's more people to sell to at the bottom, and when customers need/want more, they're free to find it elsewhere.

3
atacrawl 5 days ago 0 replies      
I was expecting the author to say something to the effect of "37signals added too many new features and now the software is confusing." So I was a little surprised to read on and learn that, no, 37signals kept their software somewhat basic, just as they said they would.

I have a feeling the author will write a similar piece in a year or two after using Podio -- no software is perfect.

4
tokenadult 5 days ago 7 replies      
I'd really like to hear from hackers organizing their projects what software in this category they like best. I have liked Basecamp as a framework for sharing do-list items with colleagues (most of my colleagues and I work independently of face-to-face meetings most of the time) but I am willing to learn about other products or service. Efficency is key. What do you recommend to do best what Basecamp does?
5
kenjackson 5 days ago 0 replies      
Refering to a Robert Scoble post while accusing DHH of being on insider bubble is really hilarious. There is no one more in the bubble than Scoble, and no one who is more blinded by the fact that he's in the bubble than Scoble.

DHH was fundamentally right, even if the details were wrong. For 99.9% of apps there is a replacement app available on any of the mainstream phone platforms. The long tail maybe gets you a bit more polish, but its polish on non-core scenarios. Most people will decide based on the polish for their core scenario, not on Textalyzer.

6
nhangen 5 days ago 1 reply      
Just left Basecamp for Apollo for a few reasons:

1. Apollo has great customer service, and listens.
2. Apollo's interface doesn't look like Windows NT
3. Apollo is moving forward, while Basecamp seems to have stagnated/rested on its laurels.

I think Basecamp is a good product, but it's not that good.

7
richardw 5 days ago 0 replies      
This is a story of success, not failure. He used BC and loved it for almost 6 years. I'd be very impressed if the next product Christian uses fulfills all his project management needs for the next 6.
8
trustfundbaby 5 days ago 1 reply      
I'm just glad somebody said something about their prices ... they're ridiculous now.
9
imbriaco 5 days ago 1 reply      
For those who say that 37signals has allowed Basecamp to stagnate, I'd trot out as exhibit A the changelog: http://basecamphq.com/changes

Being very deliberate about making sweeping changes to an application with an extremely large number of very satisfied users is not the same as allowing it to stagnate. Having spent 4 years of my life working at 37signals I know first hand the incredible amount of energy that is devoted to it by an extremely talented team.

That said, it's certainly not for everyone. And if you outgrow it, fantastic, feel free to move onto a new product that suits you better. We do this with many other aspects of our lives, why should software be any different?

10
bborud 4 days ago 0 replies      
I was introduced to Basecamp through a project I was invited to contribute to. Before I had heard about the product, but I had never used it and as far as I can tell I wasn't significantly biased for or against the product or the company that made it.

However, within days I came to hate Basecamp intensely. Not so much because it imposed certain structures and ways of working -- discomfort is to be expected when you learn a new tool. And, of course, sometimes, it turns out you can learn better ways to work from tools that force you into certain ways.

No, what made me hate Basecamp with a passion is that the thing is slow. It is unacceptably slow. And the UI, be it the web UI or the various apps that existed for it at the time (late last year), did not manage to meaningfully mask the fact that the system was slow as molasses.

The fact that 37signals, a much lauded company, would allow an important product to have such a glaring fault now means that I see anything that 37signals say or anything that is said about them in a different light. I am now thoroughly biased to think that they have no business telling anyone how you make good software. I can't help this, though I will acknowledge that this is an emotional response rather than a rational one.

It also means that anyone singing the praise of 37signals now also seems suspect. Do they even form their _own_ opinions or do people just parrot the praise that people they look up to heap on the company.

Slow apps are not cool. Companies that make slow apps without visible embarrassment are not cool. Basecamp is dead slow and it is perfectly okay to point out that the monarch appears before the court sans clothing.

11
petercooper 5 days ago 1 reply      
You didn't integrate the Writeboard into Basecamp.

Worse, it hasn't been papered over well either. I can't load a Writeboard from Basecamp without some weird 1990s-style "we're loading your Writeboard" page hanging around for a couple of seconds. UI-wise, I'd be satisfied with it being separate if it weren't for the extra page coming up wasting time and making me think something happened.

12
rlobue 5 days ago 0 replies      
I just finished reading ReWork, Jason Fried's latest book. The irony of this submission is that the book describes Christian to a tee: the customer who always wants more; the customer who has outgrown the product; the customer who compares competitors but would rather complain than move.

I have to admire the way 37signals has grown over the last few years. Sure, they clearly don't integrate every feature. The user interface certainly works but has no iGloss about it at all. Pricing is steep and they hide the lower-priced plans. But it works: people still use the service.

If you're a coffee shop you concentrate on your coffee. If you're an electrician, you concentrate on the quality of your work. Adding extras like "nice cable ties" are irrelevant. 37signals are concentrating on their core functionality. When the day comes that the majority of their users require X feature and that feature becomes a norm in Project Management, Contact Management, Collaboration, etc then I'm almost sure they will react: why wouldn't they?

13
becomevocal 5 days ago 0 replies      
The fact that a user goes out of the way to broadcast that they're walking away from the service is a testament to how bad ass it truly was for them. Every developer should hope for that sort of torment at the end of use period for a user. Clearly it was a big enough part of their workflow to complain.

Most (all?) of us developers / product guys fight with feature creep. I'm glad 37signals is there to remind us, by example, that it's OK for a software business to focus on a specific solution, sans bloat. There are users that will appreciate your vision - and gladly pay.

14
dmazin 5 days ago 0 replies      
I don't think you've listened enough, because 37signals has stated repeatedly that it prefers customers to outgrow the services (as is your case) than to intimidate new customers.
15
timjahn 5 days ago 1 reply      
I think the effectiveness of project management software depends greatly on the type of project being managed.

For example, I don't consider Jira as in the same arena as Basecamp (and I've used both a good amount). I see Jira as a programming/development specific management tool, to be used by programming teams and maybe the managers of those teams.

I see Basecamp as a far more flexible project management tool that can fit a wide variety of needs. It works great for organizing our Entrepreneurs Unpluggd events. It works well for some web dev projects and design projects, but not others.

Basecamp isn't always THE solution. For some types of projects, it is. For others, it isn't.

At the end of the day, the right answer is the project management software that helps you more efficiently organize your specific projects. Because Basecamp doesn't work for Joe and his projects doesn't mean it can't work amazingly for Sally and hers.

16
mberning 5 days ago 0 replies      
The customers you start off with are usually not the customers you end with. People grow, products grow.
17
nirajr 5 days ago 0 replies      
I got quite put off by lack of email integration in Basecamp and recently wrote this: http://goo.gl/Vthjb

I've, since, moved away from Basecamp and am almost completely on Jira now.

18
KeyBoardG 5 days ago 0 replies      
My company pays a whole hell of a lot more for a far far more complex and way over bloated system. I applaud 37signals for their choices and sticking to it. The author here needs to just get over the fact that his needs outgrew the software and to seek another solution. No need for the dramatics.
19
grandalf 5 days ago 0 replies      
Basecamp seems to be designed exactly for a web design shop that wants to take on bigger projects and present an organized appearance to clients. More client management than project management.
20
dfischer 4 days ago 0 replies      
Shameless plug: we built http://www.kanbanpad.com because we wanted something simple and intuitive. Basecamp never fit our flow.
21
dnugent 5 days ago 0 replies      
Basecamp is a good product but only if you share its "opinion" on workflow and design. Obviously 37Signals has done well by sticking to a minimal set of features and catering to a very specific audience.

We are of the mindset that software should fit the way you work, not necessarily the other way around. We're building a Force.com-like platform that allows you to create custom business workflow apps in minutes to handle not just tasks, but also lightweight crm, recruiting, and other business functions involving a relatively defined process. We provide a fast UI to access these records, so all you do is specify the schema and callbacks.

We're still in beta, but happy to release some invites and work with members of the HN community -- http://www.devcomb.com

22
andrew_wc_brown 5 days ago 0 replies      
I think every Project Manager has its place. I really like the development of Asana. http://asana.com/
23
EGreg 5 days ago 0 replies      
Just wait for what we are planning to release ;-)
24
languagehacker 5 days ago 1 reply      
Am I the only person who couldn't get anything out of this post because of its bad grammar?
20
Facebook autobot going berserker facebook.net
247 points by ZeroC00l  5 days ago   153 comments top 34
1
catshirt 5 days ago 5 replies      
"Guys, the moderators are volunteers, and we have no power over any of Facebook's software (like the ban-bot) or their policies. We just delete spam on the forums, mostly. We do have a way of raising issues to the FB employees, and we have done so. Trouble is, they've been ignoring us (and everyone on the forums too) for weeks or months."

wow, that's pretty sad. and i thought they were only ignoring my problems.

2
eugenez 5 days ago  replies      
Hey guys, I am a Facebook engineer working on this.

We've been getting a lot of user feedback recently, spiking significantly over the past week, on the amount of application spam people are seeing in their feeds and on their walls. We turned on a new enforcement system yesterday that took user feedback much more heavily into account. This resulted in a number of applications with high negative user feedback being disabled or having certain features disabled. In particular, many applications were disabled which posted to the walls of other users and had very high mark-as-spam numbers.

My apologies for the suddenness of the action. The numbers were high enough to cause a real loss of trust in applications, which can impact the entire platform. Where we have failed is not providing enough feedback about negative engagement metrics to developers before needing to take this action. This is something we are working hard to fix with the new Application Insights that will be launching over the next few weeks - you will have detailed information about both positive and negative engagement of the content your application generates.

If you think you have been disabled in error, you should have received an email to your application's contact email address with a link to appeal. Just in case, the appeal link is https://www.facebook.com/help/contact.php?show_form=dev_disa... . Note that no content is deleted when an application is disabled. If an application is re-enabled, all the content posted by the application will once again be visible.

-Eugene

3
anthony_franco 5 days ago 6 replies      
Unfortunately, our application was also a victim of this widespread banning. We built up a user base of over 2 millions users. As of yesterday, they're all receiving a 404 error when attempting to visit our application. And we have no way of reaching them.

Attempting to appeal to Facebook results in a generic email response instructing us to begin the application anew.

Worst of all, deleting our application also deleted the photos our users took. We had a video chat application that allowed users to take pictures together with their friends. Over 1 million photo memories deleted by Facebook. It's just a sad situation overall.

4
bermanoid 5 days ago 5 replies      
I know there are plenty of Facebook people reading HN, so I can't help but wonder why complaints about FB are never addressed here when they come up, especially when they're of this nature (this particular problem seems like a glitch in code, not something that would require a massive business effort to fix). The instant someone makes a complaint about some aspect of Google's search algorithm, Matt Cutts appears out of the wild and addresses the situation; I've seen many other Googlers comment on various issues, too, letting us know that they've escalated issues as appropriate, or even just that they're aware of problems but can't do anything about it.

What's up with the silence from the FBers in the crowd? Not allowed to say anything? Don't know who to forward the issue to? Just don't care?

5
ltamake 5 days ago 1 reply      
Really starting to hate Facebook more than I already do. As someone below pointed out, their API is going to shit, and they're starting to become more strict with their TOS. I know 5 friends who have had their Facebook accounts forcibly closed or suspended, or put through this ridiculous "roadblock" system that requires them to pick out 10 pictures from their friends' albums. Regarding apps: someone notified me that their app had been suspended because of "negative reactions" by users; only 10 people used the app, and it got one one-star review. Lovely.

I did like Facebook at one point: two or three years ago. Now it's just getting ridiculous.

6
vessenes 5 days ago 4 replies      
This is all because of Google.

No, really. Google decided they could scale better if they used computers to do customer service, or just didn't have customer service. In exchange, they didn't charge anything for a lot of their services and told people 'deal with it.'

This worked well for Google! Facebook is staffed extremely lightly given their reach; stuff like this is just going to keep happening. I have no idea if the app developer deserved it, but these 'free to play' broad-reach companies CAN'T provide the service this app developer feels he/she needs, they wouldn't scale properly if they did.

7
wwav10 5 days ago 0 replies      
We are from Playality, developer from Grand Poker. As many of you may know, our application was disabled this morning for no apparent reason given. The company spend huge amount of marketing dollars on adverts and product development . Furthermore, many of our paid customers demand for refunds or legal action. Grand Poker is our company main source of revenue, and it is also funding other projects on facebook. This incident pretty much killed off the company.

Also, using user's feedback may not be an accurate measurement to the quality of the application. There are many methods or bot script that can simulate users to mass complain the application. This is a very common strategy uses by competitors.

all in all, we are still relatively new to for facebook, It may be possible that we did somehow crossed the line in feeds or wallposting, but.is it worth killing off a small start-up because of this?

8
andylei 5 days ago 2 replies      
problem is that facebook doesn't really have too much of an incentive to care about these developers. they are not like apple, whose products include third party apps as part of the core value proposition. when steve jobs sells you an iphone, one big reason you buy it is because it has thousands of great apps. people don't sign up for facebook because of farmville, farmville uses facebook because people have already signed up for facebook.

thus, when apple's developers get screwed and there's no app ecosystem, there is the potential for decreased sales. when facebook apps disappear, i doubt there are a lot of people leaving facebook.

9
steve114 5 days ago 0 replies      
I'm not a developer but I'm appalled at this.

No human review of banned apps with millions of users.
Moderators who volunteer to build the brand of FB are simply ignored.

The problem is that even if your apps are reinstated, the damage may have already been done.

Sorry guys...

10
npollock 5 days ago 1 reply      
Cue the conspiracy theorists, all the banned apps are photo related.

http://techcrunch.com/2011/06/15/facebook-secret-photos-app/

11
Osiris 5 days ago 2 replies      
This seems to me to be indicative of a problem with the Facebook apps platform. They are using significant resources to try to combat spam, but the spam is posted through the mechanisms provided by the platform.

What I'm suggesting is that the Facebook apps platform is fundamentally making it easy to post spam so they have to fight it afterward.

Would a better approach be to shore up the platform so that apps are simply unable to generate spam? For example, currently a user can only Allow or Disallow an app. They cannot Allow or Disallow certain permissions. I should be able to use an app while denying it the possibility to post to my wall or my friends walls.

It seems like it's the wrong approach to try to stop the spam by banning apps rather than fundamentally changing the way apps can access person sites and information and make generating spam incredibly difficult.

12
alanh 5 days ago 0 replies      
“Operation Developer Love” is what Facebook calls their weekly report on the state of bugs in their developer/app platform.

Looks like if there was really developer love, they wouldn't need to market their love of developers.

13
powertower 5 days ago 1 reply      
> Don´t know what to do. I am desperate. This app is my company´s single product. The business impact is huge. No warnings. No specifics.

(http://forum.developers.facebook.net/viewtopic.php?id=103384)

Now imagine Google dropping you from the index for whatever reason.

How many of us here would be wiped out?

A business that's dependant on a single channel or platform for more than 20% of its revenue/profit is not a real business as much as it is a sugardaddy's dependent?

14
splitrocket 5 days ago 0 replies      
Facebook's API has become increasingly unstable. They recently dropped millions of oauth tokens for no apparent reason. See here: http://news.ycombinator.com/item?id=2661850
15
mpunaskar 5 days ago 2 replies      
Thast why i would never rely on closed platform.

I will never waste my resource in build apps that solely rely on closed commercial entities like facebook, apple. If they choose to ban/block/delete you then all of your hard-work is gone in a second and will leave your users unhappy.

and this can happen to any of us

16
EGreg 5 days ago 0 replies      
Always get your users' emails when they sign up. Facebook even has the email extended persmission to streamline it. That way you aren't 100% reliant on facebook to keep in touch with your users! You never know what they are gonna do.
17
yaix 5 days ago 0 replies      
Reminds me of Google Adwords and Adsense Bots banning random accounts. Better dont put all your eggs into one basket and dont develop for only one company you then will be dependent on. Especially if the company is as big as G or FB. They dont care loosing a few good publishers, but a publisher who has invested all his time or money will care.

Hope FB will react better then G and reactivate their apps.

18
pstack 5 days ago 0 replies      
It's hard for me to have sympathy when people choose to develop for Facebook instead of for the Internet. When you are contributing to the problem, you have to accept a certain level of potential downside and lack of control. There's a massive internet out there. You know, everything that is not facebook.com and you can do pretty much everything on it, but without being subjected to the rules and whims of anyone else.
19
topherjaynes 5 days ago 1 reply      
When Roger Ebert's page was banned on the 21st his complaint was reversed with in a few hours... http://twitter.com/#!/ebertchicago/status/831526706464686

So it can be done, hopefully the attention in HN will help

20
wccrawford 5 days ago 2 replies      
Wow, you'd think banning would be important enough to pay someone minimum wage to sift through and find the ones that don't make sense.
21
ignifero 5 days ago 5 replies      
It baffles me why there are no large competing social gaming web platforms. Google, Zynga, EA (playfish) could easily start one. It's a guaranteed success: people love games to be social. Facebook developers are so disgruntled with the FB platform that they 'd flock in hordes to convert their games.

On top of that, facebook enforces FB credits from July, and banned adsense advertising in apps. We are not going to pay 30% of our revenue to facebook for such a crappy platform. We moved our apps to an external website.

22
zaidf 5 days ago 1 reply      
I feel we need an independent org that does arbitration of API/platform-related cases. Have a complaint about Facebook's API? File it with the independent org and as a member of the org, Facebook will be forced to resolve it in a fair manner or take a reputation hit.

The most extreme cases could be decided by a human arbitrator.

23
lukejduncan 5 days ago 0 replies      
I find it interesting that most of my non-technical friends actively dislike Facebook. Their growth comes from new markets while their existing user-base grows increasingly dissatisfied.
24
atlas3651 2 days ago 1 reply      
Our primary app got shut down for "spamminess" on 6/20/11 (one week ago). We had 4M users. We've appealed. No response. A lot of users contact us plaintively hoping the app will come back. Sigh. Another small tech business will go kaput (ours) and half a million bucks will go down the tubes.

This is obviously just another similar data point on this thread, but what I want to add is to the discussion is this idea: why not create an completely OSS facebook? If a bitcoin can exist (and hell, a Linux), why not a decentralized open-source facebook? The core functionality is not that complex, IMHO. Well, Linux is complex and it took decades to perfect... but the need for it was pretty clear and it's proved itself. But Facebook, OTOH, is not a complex operating system or even a super-complex search engine (ala Google). It's simply a network of interconnected user accounts with certain assets assigned to each account (history, preferences, content, etc), and info feeds (transient) delivered to those accounts via various formats.

If such a project were OSS, people would design their own feed sorting algo's, their own notification systems, and most of all their own "spam" filtering systems, as plugins, all of which could mean nobody needs to "go dark" to satisfy the whims of one corporate entity.

25
arihant 5 days ago 0 replies      
I highly doubt that the 'conspiracy theories' popping up against the photo apps are correct. If they are, then facebook has bigger problems than lack of API stability. Good tech companies and engineers should be confident enough in their work. Try searching for 'search' on Google.
26
evanw 5 days ago 0 replies      
It looks like GoodReads was banned within the last 24 hours from Facebook as well: http://www.goodreads.com/topic/show/314867-goodreads-and-fac...
27
reustle 5 days ago 0 replies      
Where is that quote about not depending on a platform that is out of your control?
28
dendory 5 days ago 0 replies      
Step 1: Base your entire business model on the latest buzzing platform (Facebook)
Step 2: ????
Step 3: Profit!!!
...
Step 4: Get banned, lose all your hard earned work.
29
antihero 5 days ago 1 reply      
How can automatic banning/deletion of content ever be a good idea?
30
steve114 4 days ago 0 replies      
Looks like TechCrunch caught on to this thread, sorry if it was already posted by someone else.

http://techcrunch.com/2011/06/25/facebooks-ban-bot-leaves-so...

31
patja 5 days ago 1 reply      
Old news. Facebook told us in a developer blog entry months ago that the auto-ban bot looks at user feedback such as hides, comments, uninstalls, mark as spam, extended permissions prompt acceptance rates etc. And you as an app developer can actually see all of this data through the Insights feature of the developer app.

Too many developers have their head in the sand and think just because they have 1 million users and a 4 star review rating that everything is peachy. The fact is there are a ton of crap apps that spew out BS. Maybe the user who installed the app thinks it is great to spam all of their friends' feeds, but when those friends hide the app's posts, mark it as spam, etc. then the app is going to risk auto-banning.

I know folks on HN don't play Farmville or spend all day on these apps like fortune cookie, quiz of the day, etc., but bazillions of FB users have nothing but app-generated posts on their walls.

32
crazymik3 5 days ago 0 replies      
It's pretty interesting that most of the apps seem to be photo related, with lots of users.
33
veyron 4 days ago 0 replies      
What was the fred wilson quote about not being _____'s bitch?
34
bcl 5 days ago 1 reply      
Yay! Less apps for me to add to my block list.
22
How (not) to sell your iOS app stoicjesterstudios.com
242 points by thestoicjester  2 days ago   94 comments top 33
1
rkalla 1 day ago 3 replies      
Here's what DID work for you -- summing up all those failures into a well written, entertaining and light-hearted article that is genuinely helpful to anyone else in the iOS game.

Oh yea, and the front page of HN this time around.

It sounded like you got your hands wet in a lot of different things. That doesn't necessarily mean you are going to retire on this game, but think how many people are aware of you now and when you do Bullet Factory X (where you skeet-shoot puppies and elderly people) you'll have that much more information on how to promote the game or where to spend your time. It also sounds like you had a successful working relationship with your sister (as an artist) which is half the battle for any game title. So that's a big win right there for your next game too.

I'm not that surprised as the lack of feedback from bloggers though. I think I get 10 emails a day following the format:

  OMG, Super Games Factory, LLC has just released the
most amazing game on the planet: Dish Washer!
Wash dishes in amazing stick-figure 3D! Contact us for
a free evaluation code!

It just wears you down after a while so ignoring something like Bullet Factory isn't an insult, it just falls into the 'spam' category of garbage announcements I'm sure most bloggers get every day.

Bullet Factory is a fun/simple concept, but it seems better as an ad-supported title (it's too simple) than a 99 cents title when you compare it along side other 99 cent titles I've seen in the app store. The bar is getting higher and higher and unless I see something amazing in screenshots or a trailer, it's not even worth the purchase barrier to entry for me to try it. Unrealized value (purchasing a game for 99 cents only to realize I hate the gameplay mechanics) is so frustrating to me, I'd rather just not buy something I'm on the fence about.

I would take the low-sales-since-december-even-though-you-are-marketing as an indicator that it isn't a high-demand game. Release a free ad-supported version of it "Bullet Factory FREE" and move on to your next title. Keep track of the download differences to learn a bit more about what worked, what didn't and where the bar is.

That's not to say your next game or the game after that won't hit -- keep pushing, you'll have a success and it will catch you by surprise.

They always do.

2
geuis 1 day ago 2 replies      
Here's my experience with a Hangover 2 app I released 1 month before the movie came out. (it was taken down after Warner Bros sent Apple a C&D.)

1) Reviews are the most important things when you sell an app. I made the app free for the first week or so until I had about 10 5 star reviews. DO NOT use scammy tactics for fake reviews. Make sure your app is well polished for what it does. If it's not, don't put it in the App Store.

2) Review reminders. Basically the user uses the app a few times and they get a notice asking if they would like to review it. Include something like the appirater class. Google that.

3) Built-in sharing options for Facebook and Twitter. These should link back to the iTunes page for the app or to a custom site.

4) Setup bitly links for each sharing option. This helps in keeping stats about where your app is being talked about.

In the first week or so I was getting 3000 downloads a day. When I hit my 10 review goal, I switched to $.99. It's disheartening to see that 3k number drop to 20 the next day, but that's money in your pocket now. For the rest of the month, I averaged 20-30 paid downloads a day.

Things not to do:
There are lots of stupid people out there. They will leave 1 star reviews because they hear no sound. Their mute is on. Don't get upset about these people.

Twitter is great for campaigning. Don't write bots that listen to the stream for people talking about the movie that then follows them and does @Soandso check out my Hangover2 app! Surprisingly, it actually works very well. It ran for about 45 minutes and followed 400+ people. About 50 of them clicked through (bitly again) and I think a few people bought it. However, Twitter banned the account after 45 minutes. So, don't do what I did.

Don't write well polished apps that use sound clips from a big upcoming movie. You might argue that it's fair use, but that doesn't mean crap when WB decides to stomp on you.

3
biot 1 day ago 2 replies      
As you're not looking for any sugar coating, after watching the video showing the gameplay you would need to pay me to want to play it. The reason is that there is no "why" to it. Shooting low-resolution textured balls wasn't fun in the late 80's, and I'm not seeing anything in the video that tells me it won't just be a chore to play.

Is there some back-story to this game that is interesting? Are these spheres of mutant gel being produced by the evil Dr. Klaus Scheitzenburger to turn children into mindless drones so that he can take over the planet and only I can stop it using my Mutant-b-Gone sphere blaster?

Oh, none of that? It's just a sphere popping game? There's no marketing that can save that.

Now a killer back-story isn't a requirement, but it would help if it were "juicy fun". There's some great advice here: http://www.gamasutra.com/view/feature/2438/how_to_prototype_...

4
alanfalcon 1 day ago 4 replies      
The game lacks the fit and polish that sells iOS games. Yeah, much easier said than done (this coming from an aspiring iOS game developer). The advice to change the icon is spot on. I'd also advise changing your screenshots (which would probably also involve changes to the game graphics): all that grayscale is very depressing, and the monospaced serif font for "Gyroscope Controlled" is very bland and ugly. You want something more fun, possibly at a jaunty angle, definitely using layer styles.

Your game screenshots scream "tech demo", which is no way to sell a game.

5
greengarstudios 1 day ago 4 replies      
I'm an independent iOS developer. My paid apps have sold over 100,000 copies at 99¢ or higher. In total, my iOS apps (including free apps) have been downloaded over 7 million times.

I took a look at your app in the App Store.

Here's your problem: your icon.

The icon is the most prominent thing the user sees when first looking at your app in the App Store.

Change your icon, and you'll get more downloads. Trust me :-)

Feel free to contact me if you'd like to discuss good icon design, or other under-appreciated aspects of selling an app.

6
extension 1 day ago 1 reply      
I'm trying to buy it but the app store isn't working right now. At any rate, here are some ideas from an iOS developer with nothing shipped yet, for what it's worth:

Be way more explicit with your branding and marketing about exactly what the game is, right down to the name, if you're willing to change it. Looking at the top charts right now, there are games that show you exactly how to play just with the title and the icon: Fruit Ninja, Cut the Rope, Flick Golf, Feed Me Oil. You want to be the gyro shooting gallery app. So, something like Gyro Shot or Gyro Shooting. It's sounds lame but it seems to work. It may also give Apple a reason to feature you, since you are demoing a hardware feature.

I think you also need a more fun look. The game looks really drab right now. A grey factory is not a terribly exciting backdrop and the balls are pointy. Choose a look that you can execute at grade A level. This is where the "glowing neon" look came from -- programmers who can't do art. Use shaders to make the balls perfectly round and give them some sort of cool effect. The screenshots should be attractive on their own.

7
IanDrake 1 day ago 1 reply      
Just played it. Fun game. Here's what it's missing...

First time I loaded it the menu seemed sluggish. When I pressed buttons, the button gave no feedback and I wasn't sure if the click had registered. I understand there's loading time involved, but some feedback would be nice.

During game play when I "Shoot" there is nothing that displays a shooting event. Balls just explode if my cross-hares are on it. That seems odd. Again, a feedback issue.

Also the menu buttons seem smaller than needed and there are too many options. If you could make it simpler that might be better.

Overall the game play is smooth and the gyro controls are cool. I think this would make a really engaging first person shooter. Maybe shooting something other than balls for points would be more fun.

8
unshift 1 day ago 0 replies      
a couple notes on the app store page:

the testimonial paragraph is awkwardly worded ("... a portal into a virtual shooting gallery overflowing with beach ball-shaped targets just waiting to be popped") and i can't tell how to play (or what makes it fun) from the screenshots. it's gyroscope controlled, but what the hell does that mean?

i'm going to give the lite version a try, but the app store page totally didn't grab me.

i thought "the heist" had a pretty good write-up and screenshot section, for what it's worth. i usually just read the first paragraph and scroll to the screenshots.

EDIT: i tried it, it's like an FPS where you shoot beach balls and twist the phone around to aim. looks pretty well done, but not my bag (i hate aiming anything by moving the phone)

9
chipsy 1 day ago 0 replies      
Having successfully finished many bad games, while gradually making better ones, here is my advice:

You can know from very early user feedback whether the game is going to interest anyone as a product, but you have to stop believing in your game for a moment, or you'll ignore the warning signs. The in-person pitch or demo lets you pick up some details, but product releases give you broader feedback. Do lots of both.

If, after pressing people in-person for thoughts, the feedback is "hmm...well...i don't know...that sounds interesting..." the concept is wrong and you need to start over. You should have something that gives people a foothold to really discuss it and take ownership, or the subsequent marketing efforts won't have much impact on anyone. Online, this is reflected in dead silence. People look and then go away, or if there's interest, it's in something not really related to the product's selling points, like the technology stack it uses.

If there is a product there the volume of commentary will be much higher and drastically more opinionated. From there it's a matter of managing the conversation and picking the path that is likely to open the doors further for the product - pivoting it if necessary. The feedback here is from other developers, which means a heavy bias towards polish. Try to find deeper user concerns instead.

10
terhechte 1 day ago 0 replies      
Ok, I didn't actually buy the game, instead I had a look at what all your potential customers see. Your screenshots are too gray and muddled, the game doesn't look exciting on these shots. Have a look at top selling games (i.e. Angry Birds), and how colorful their screenshots are.
Your icon is not good. It doesn't tell a story, it doesn't look fancy, it is not colorful.
I'm selling a couple of apps, and one think I'm sure of is that customers never, ever, read the text description. They just have a look at the screenshots. And they decide which apps / screenshots to check by your icon. I've, accidentally, had a non working app (there was a huge bug in there for the first 2 weeks which made it basically dysfunctional) reach huge sales (150+ sales a day) just because the icon was really, really beautiful.

The problem with the screenshots, of course, is that the in game content looks to dull. I can't really say how you can improve it, but have a look at top selling games.

11
kolinko 1 day ago 0 replies      
Thanks for sharing.

A couple of details - icon (as someone else mentioned). Another thing is - you're a textbook example of promoting "features", and not "benefits". Instead of writing "Using Oscilloscope", which nobody cares about, you should've written "The smoothest shooting experience there is (thanks to oscilloscope)".

Also: get a graphic designer. Your graphics are not that bad, but a good painter could really make this app work much better. People buy good looking games.

As for your trailers - they aren't that bad. As a tech person I'll say: wow. It really looks smooth, I'm impressed. BUT most people aren't technical - aside from the screen they should see a happy person playing, and they should see someone really TILTING the device - now it's barely visible (perhaps even exaggerate the moves so they can be seen on the camera). Look at one of the Kinect trailers. You can't do as good, but you can get close. Oh - and remember that there should be a link close to the end of the movie, directing to the app store.

Anyway - these are just a couple of things for a good product / landing page. Doing this alone won't increase sales though...

12
ja27 1 day ago 0 replies      
It doesn't look like you've ever offered the full app for free. Have you considered playing the "free for a day" game to drive some interest?
http://appshopper.com/games/bullseye-factory

Have you considered updating the app icon? It looks quite dark and flat rather than fun and cartoony like many game icons.

I was a little surprised to see how non-spherical the balls look in your screenshots. If it can still perform well with a more detailed ball model, I would think that would help the look of the screenshots.

13
stuartjmoore 1 day ago 2 replies      
The biggest change I've ever seen is when I changed one name from "* Lite" to "Free *". Went from about 100 to 1,000.

Regardless, I stopped promoting my best selling apps and they sell exactly as many copies.

14
ecaron 2 days ago 2 replies      
tl;dr There is plenty of advice out there on how to publicize your iPhone app, and all of it is worthless.
15
allenbrunson 1 day ago 0 replies      
You mentioned posting to Hacker News before, and hey, I was the one guy who left a comment! heh.

I also have an iPhone game in the store, but I've done a little bit better than you have. I made about $8,000.00 in my first year.

Just echoing everybody else's comments: People are very reluctant to spend any amount of money on a game without being able to try it first. You must have a free option to get them interested. In my case, I have a crippled free version and a paid version. I started before in-app purchasing was available. Today I'd probably go with "free but pay to remove ads" instead.

The mistake I have made is that I program too slowly (heh). Eight grand a year for an app is not bad, if I could crank out a new one every three months or so. The app store audience favors having a bunch of shallow apps, rather than one big app you pour your heart and soul into.

16
exolab 1 day ago 0 replies      
I know how you feel. I invested a lot of time in a game that just isn't selling. Nor is the free version. I mean what is wrong with free games? :)

I think sometimes we just fail to see that our games are really crap. I totally fell in love with the idea of a real-time multiplayer quiz for the iPhone. But nobody else did.

[EDIT]I am not saying your game is no good. I haven't really played it. More of a general comment on how we may not fairly judge our own work[/EDIT]

17
jarin 1 day ago 0 replies      
Most of the time, it takes stops and starts, failure, heartache, and most importantly years of work and some luck to make an overnight success.

Your Ask HN not making it to the front page? Probably just bad luck (there are lots of good stories that don't make it to the front page). Game blogs not writing about it? Probably just bad luck that they heard about other games at the same time that they wanted to write about more.

I think there's a common feeling that there's just that one magic bullet that's going to make you a success (that TechCrunch article, or that Touch Arcade article, or if you can JUST get into YC or get that first investor). I think all that stuff definitely helps, but from what I've seen the best way to do it is to get a good amount of sleep, hustle your ass off 5-6 days a week, and have a partner in crime (even if it's just a drinking buddy who works on their own, separate projects).

I think you just have to pick up and start on the next project. The App Store is extremely competitive, but if you just keep making better and better games every time, something will stick. Just be sure to do some client work or keep your day job in the meantime to stay financially solvent. :)

18
joshwa 1 day ago 0 replies      
From watching the video, your game actually seems like it has a pretty fun core mechanic.

Go play Fruit Ninja, and then go hire the best artist you can afford. (and put fruit ninja in your keywords!)

19
angerman 1 day ago 1 reply      
I wonder if this is the common theme among many of us who try to put apps in the app store: figuring out what does not work. For our app: iEBT (which is an interface to a server allowing you to track your euro notes: eurobilltracker.com), we not only took a very tiny niche, but didn't think about marketing either.

What we did was this:
- picked a somewhat hight price point ($2)
This seemed to use like the sweetspot, with what we could live and what we would expect an
honest buyer to pay. (who knows?!)

- we wrote to the canonical forum, where we expected most of the potential users.
That resulted in an initial rush (two days after writing to the forum), but it wasn't
much at all.

- the domain iebtapp.com was registered prior to publishing, but contained nothing more
then a simple "Something's coming this december" string. Watching the server logs, there
seemed to be some who were trying to figure out where the link from the app pointed.

- after some time, we wrote the current, very limited text on iebtapp.com. Not even with images.
That seems to have resulted in a minor increase in sales.

- with some text on the website, we thought it was time to do some advertisement, and went with Google Ads.
This too seems to have resulted in a minor increase in sales.

And here's what we plan to do:
- add Appirater to the App. We have only a very few reviews, and they are not enough to get any star rating
on the AppStore. Maybe this helps, who knows. I will closely watch this.

Personal conclusion:
iOS development is really /a lot/ of fun. But I think we need to change two things:
- More marketing. But not all at once; results should be measurable.
- Niche markets, that are this tiny, can be a very high risk game. (Especially if someone
else, writes to the forum that he's going to release another iPhone app and lets people
sign up for the beta :-))

--
[1]: see iebtapp.com

20
adjwilli 1 day ago 0 replies      
Yeah, I agree with @rkalla that this marketing anti-pattern summary will likely prove to be your best marketing piece so far.

Also, I would recommend finding a good graphic designer to help you out. The icon for Bullseye Factory doesn't promise $1.99 worth of fun. Plus, I'm sure you can think of something more creative than stripped balls in a perfectly preserved yet empty factory. How about going along with the Jester theme and making it some sort of a factory taken over by zombie clowns?

Your game is technically very impressive, but needs a good theme to sell it. Looks at Nuts for instance. It's probably slightly less complicated technically, but it has a funny, slightly juvenile name, cute squirrels, and various alternative objectives.

21
kenjackson 1 day ago 0 replies      
Great comments this time around. I'd buy the game if I had an iOS device. Looks truly fun. I agree with others though that the icon can be improved. I found the trailer very good.
22
PartyDawg 1 day ago 0 replies      
This article/blog post is wrong. None of the reasons listed had anything to do with his app store success.

Word of mouth was there: and it was 'don't bother'. If it's an app or game that people have to have, most of these techniques would have yielded different results.

Except for a few: like submitting to websites for review... most of them are looking for cash for reviews, so you get what you pay for.

I haven't seen any games that topped the list that were not worthy of chart-toppers... If games or apps like this were chart-toppers, then the chart wouldn't be worth much.

23
follower 1 day ago 1 reply      
24
J3L2404 1 day ago 0 replies      
'Most of the major iOS gaming message boards have a section where developers are “allowed” to announce the arrival of their games. This is convenient for gamers as they can just avoid this one section altogether.'

Stoic Jester indeed!

Nice overview of app marketing wasteland. I went thru much the same and the needle never moved, or not very much at least. My new approach is to give away a free version that is slightly hobbled but still useful and use that base of users to launch other ventures.

25
hxf148 1 day ago 0 replies      
Thank you for writing up your experiences. I hope that things improve. I've experienced much if not all of the things you have gone through with Infostripe http://infostripe.com. Was to be an iOS app but lives as a HTML5 one. iOS to return eventually.

I guess what I am saying is that you have to keep going, market, iterate, try things and as said not give up. At some point hopefully your product will begin to sell itself enough for you to improve or version 2 it.

26
fastfinner 1 day ago 0 replies      
on a tangential note - "This was not the easiest thing in the world for me to sign myself up for, seeing as how I usually tend to avoid going places where there are likely to be people (not a big fan). However, somewhat bizarrely, I do enjoy public speaking, so I decided to give it a whirl."

I thought I was the only one that behaves like that!

27
aorshan 1 day ago 1 reply      
Wow that was a very interesting article. Thank you so much for the advice. I am working on an app of my own now and my marketing plan was essentially the same as what you did. I would have never guessed it would be so hard to get people to look at an app.
28
seanMeverett 1 day ago 0 replies      
Chin up man, I've been studying behavioral decision making as it relates to marketing "nudging" for years and am still learning everyday. The only thing I've found that consistently works with any meaningful probability is being different. Just like this post. Yet another iOS game doesn't though I do feel the gyroscope is the most underutilized piece of hardware with the most potential for ios devs...
29
dawsdesign 21 hours ago 0 replies      
C'mon man, this is targeted to FPs people. You need a better reticule than that!
30
helipad 1 day ago 0 replies      
I suppose a lesson that you might have learned is that doing things the expected or accepted way is not always the right answer.

As you alluded to, releasing pre-Christmas and pitching bloggers with free promo codes is so common as to render it useless unless you're remarkable about it.

31
jholloway 1 day ago 2 replies      
Not to be rude, but I think the best way to sell your iOS app is to make a really good one.
32
tinynation 1 day ago 0 replies      
I looked on the App Store at the screenshots and as much as I wanted to like it after reading your great article, it just didn't look like the sort of game I would download (even if it were free).

The graphics are dreary and the screenshots don't make it look fun (or even give me a sense of the gameplay)...

33
nobody_nowhere 1 day ago 1 reply      
Newsflash: "if you build it they will come" is bullshit. It's dawned on your that you're not getting your message out.

Now what?

1. Buy ads. It costs about $0.00001 to show an ad banner on mobile. $0.01 to buy on a click basis. $10k to get into the app store top 25. Do the math. Minimums apply.

2. PR: meet/call or otherwise contact the people who can get your message out and convince them how cool your game is. Or pay someone who can do this for you.

3. ?

Marketing is hard work, get busy!

23
The Tale of OpenGL vs. Direct3D stackexchange.com
240 points by tilltheis  18 hours ago   33 comments top 13
1
brudgers 11 hours ago 2 replies      
Though well written, I think the article misses an important point. Microsoft designed Direct3D with games in mind and the culture surrounding OpenGL gave priority to productivity applications for engineering and design as is appropriate for something that was developed by Silicon Graphics.

The characterization of Microsoft being disorganized because they were working on OpenGL at the same time as Direct3D is a direct result of misunderstanding this difference. Microsoft had to address to entirely different markets: gamers for whom high frame rates were much more important than fidelity and engineers for whom accurate rendering was important (Even today, high end graphics cards for Windows workstations run OpenGL.)

[http://www.nvidia.com/object/autocad_pd_perf_drivers.html]
[http://en.wikipedia.org/wiki/Quake_engine#Reducing_3D_comple...]

3dLabs involvement with the development of improvements to OpenGL is symptomatic of OpenGL's emphasis on fidelity in rendering and the legacy of SGI from whence it evolved. The slow pace was perfectly acceptable to a group of serious people who care about standards and don't care about games.

3dLabs is also an example of the distinct segmentation of the consumer and engineering market for graphic cards in the PC market. The second PC I inherited in my first CAD job had was a 386 with an Nth Engine B752 - you could have built a kickass gaming system for the price of the card alone but it wouldn't put much of a dent in the price of an Iris.

[http://www.thecomputerarchive.com/archive/Displays/Video%20C...

Keep in mind that back in the 1990's all sorts of consumer grade graphic card craziness was going on in Windows boxes - e.g. VESA local bus [http://en.wikipedia.org/wiki/VESA_Local_Bus] and the volume of new Windows machines was exploding and many of them were running graphically intensive games.

2
marshray 16 hours ago 2 replies      
The moderate experience I have with OpenGL confirms this explanation. However, it sort of misses the point. The author may be a bit too close to OpenGL to judge the relative significance of the all the historical details he knows.

Take a step back:

A) There's no way in hell Microsoft would allow OpenGL to take the lead from Direct3D on Windows and Xbox. They would wield the carrots and the sticks to prop up Direct3D (and perhaps even disadvantage OpenGL) if it ever came down to it.

B) OpenGL is a success by any objective measure. Nearly every platform except Windows and Xbox uses it exclusively. E.g. mobiles. Game consoles may have dedicated APIs but I'm sure there's a better OpenGL compat layer than a Direct3D.

Recently I've developed some code on Linux for OpenGL 3.3 with GLSL and it is awesome.

3
ANH 3 hours ago 1 reply      
Another thing that isn't exactly helping OpenGL is Apple's slow creeping adoption of recent versions. I'm running the latest Snow Leopard and my code is reporting OpenGL 2.1.

I'm not really blaming Apple. I mean, on top of the core version they've implemented about 100 extensions with names like GL_ATI_separate_stencil, GL_NV_fragment_program2, GL_ARB_instanced_arrays, etc.. But the OpenGL 4.1 specs were released a year ago and I've got 3D code that runs significantly faster when I boot into Windows. Exact same hardware, but it's OpenGL 2.1 (+ extensions) vs. Direct3D 9.

4
latch 15 hours ago 3 replies      
As if Glide never existed

In all seriousness, I did 1 graphics programming course back in the day, and it was pretty insane. This was all in OpenGL. The amount of code required to draw the simplest scene was massive. I seem to remember there's a built-in teapot primitive, and I ended up just using that to construct everything (yes, there are simpler built-in primitives, but none nearly as cool as a teapot). I didn't do very well in that course.

5
rvkennedy 2 hours ago 0 replies      
The article misses one of the more interesting recent developments - that via OpenGL ES, GL is effectively doing an end-run around the whole Direct3D roadblock. As several posters have mentioned, GL ES is the standard in all the major mobile platforms. Now WebGL is threatening, not without some MS pushback, to become the standard for native 3D on the web.

Almost by default - simply because DX is a Windows/Xbox technology, and these platforms (particularly Windows, but also the traditional consoles) are fading - and GL is ruling the new world of games - online games, Facebook games, web and so on.

It's rare indeed on HN to see much talk of Microsoft's continuing dominance, because in the web/tech world, that dominance doesn't exist. Games are changing too. And it's games we're talking about here - OpenGL has always run the show in serious applications of 3D, and that shows no signs of abating.

6
goalieca 16 hours ago 0 replies      
Wikipedia also has an extensive page on this topic http://en.wikipedia.org/wiki/Comparison_of_OpenGL_and_Direct...
7
Impossible 17 hours ago 1 reply      
This is probably the most accurate view of the history of OpenGL vs. Direct3D I've seen on the internet. It goes into the actual implementation details of why OpenGL or D3D have been more or less popular for games\graphics programming over the years. Also follows my personal adoption of the APIs for projects pretty closely. Most other comparisons are too political or anti-MS, and are often written by people that have limited (if any) experience with Direct3D.
8
barrettcolin 5 hours ago 0 replies      
As a complement, Chris Hecker has kept some of his notes regarding OpenGL vs. Direct3D around:

http://chrishecker.com/OpenGL

It seemed quite important at the time that he- who begat WinG, which begat DirectX, some of which is covered in Renegades of the Empire, which someone else mentioned, which is certainly worth reading- went on to agitate for OpenGL over Direct3D. Now there's kind of a scrapheap of history vibe off of the whole thing.

10
deathwarmedover 15 hours ago 0 replies      
I feel a lot less ignorant of all that was going on behind the scenes whilst I was rocket-jumping, exploring black mesa, destroying diablo's soulstone, driving around liberty city etc
11
Fuzzwah 10 hours ago 1 reply      
As a gamer all I knew was that Quake ran fast and Monster Truck Madness was framey as hell on my box. Thus I knew that OpenGL was good and Carmack was god and D3D was terrible.
12
gavanwoolery 11 hours ago 0 replies      
I just wrote about this recently, although with more focus on Microsoft's mistakes post DirectX 9.0:

http://altdevblogaday.com/author/gavan-woolery/

:)

13
spydum 14 hours ago 0 replies      
slow clap
24
10000 things all CS students should do before graduating tagide.com
233 points by amesign  6 days ago   159 comments top 37
1
raffi 5 days ago 5 replies      
I'm a computer scientist, not a web monkey (FOOTNOTE). I'd say these are not the things all CS students should do before graduating. The field has much more to it.

How about:

1) add or modify a significant feature of a working kernel

2) write a toy programming language

3) program in a programming language with concurrent constructs (e.g., erlang)

4) study some theoretical area, develop a practical application based on the theory

I don't know, these are some things a CS student should aspire to. Setting up a WordPress blog and configuring a basic Apache instance? Yeah, good stuff--but I would in no way attach computer scientist to these activities. It's like calling the Best Buy Geek Squad folks electrical engineers.

(FOOTNOTE let me caveat that I do on occasion, work as a web monkey.)

2
natural219 5 days ago 5 replies      
I think a lot of people here missed the point. This isn't a list of "stuff that will make you SUPER BALLER," it's a list of easy things that teach you very much and give you a lot of confidence for a very small amount of effort. Plus, all of these tasks are highly relevant in our web database-driven world. Not everyone wants to be Johnny Writes His Own C Compiler Geek, but every CS student SHOULD be able to configure LAMP.
3
gaius 5 days ago  replies      
How is any of that computer science?

I mean, is there a list out there for astronomy students that includes, grind your own lenses?

4
JeanPierre 5 days ago 3 replies      
It's an interesting list, but I do believe it lacks a lot of computer-specific things which I personally think people should do. For example

  - Build your own computer
- Build your own (small) operative system
- Build your own programming language

would be on my list of things a CS-student should do before graduating, because you will most likely get into problems where knowledge of the three things mentioned above will help you understand/solve the problem. Obviously, that list is not complete, but I think those are some of the more important points.

5
benihana 5 days ago 0 replies      
All of these I did the first five years of my career - I feel that I got a lot more out of them than if I would have done them while in my CS program. With a few years of experience, I have a much better context into which to place these experiences.
6
younata 5 days ago 0 replies      
I just finished my first year of Uni.

I'm spending the summer at an intership, where I'm writing very low level code. (For example, right now, I'm writing a utility to arping an address range. I've learned all about OSI, ethernet interfaces [I'm using BPFs [1]], etc.).

In my free time, I'm playing with opencv. For example, here [2] is an image I took of myself, ran through an edge detector, ran again through a distance transformer. I'm thoroughly enjoying myself.

I also know how to configure a LAMP [3], but that's nowhere near as interesting as the previous two paragraph.s

[1] http://www.FreeBSD.org/cgi/man.cgi?query=bpf&apropos=0&#...

[2] http://michaelbrindle.com/images/meDistTrans.jpg

[3] in my case: FreeBSD, Lighttpd, mysql, and python, so... FLMP

7
phxrsng 5 days ago 1 reply      
I'm a CS student, near the end, and let me add at least one or two things to this list:

- Meet a lot of interesting students outside of CS

- Go to at least one random social even that has no connection to CS

- Minor in something non-technical, or at least take a few classes

Not to detract from CS at all, but it discourages me how many of my classmates spend 4 years doing nothing but computer science and never think/learn anything else and become even the slightest bit well-rounded. So many of them barely socialize at all for 4 years, even within CS, much less outside of it.

There's more to being a good student and having a good life than knowing the ins and outs of programming languages and kernels, and your career will benefit from being a little rounded.

8
tudorizer 5 days ago 2 replies      
Silly me. I hesitated clicking on the link because I was affraid of reading a super long list.
9
praptak 5 days ago 0 replies      
Quite web-specific (not necessarily bad!) It's been over 10 years since my MSc in CS and even more since I started working in IT and I still haven't done most of the things.
10
jdefr89 5 days ago 1 reply      
Why can't I down vote? That advice was horrid, and basically said 'learn all about buzz technology and blog stuff'.... Seriously, thats what they should be doing way LESS.. They should do more things such as the following: (My own biased list)

1. Designing their own CPU
(this will go along with learning memory management, paging, translations, etc)
2. Learn about Linking and Loading
3. Write Toy OS
4. Learn C and x86 assembly
5. Learn TCP/IP and OSI model well.
6. Write some damn code and try to contribute to open-source
7. Learn about application security (stack overflows, heap, etc.)
8. Write your own API for anything to learn how to create consistent and easy to use code.
9. Apply what you learn about an algorithm or data structur in a novel way to solve a practical problem. Who knows you may see something and say 'wow I could use that algorithm and apply it to finding words that rhyme' or something like that....
10. Please... have some damn system administration skills. Learn your way around a modern system be it linux, bsd, windows.
11. Figure out why design patterns and OO aren't goddamn silver bullets for every issue.
12. Christ sakes, learn some damn math.
13. Stop trying to learn every damn language you see. Just because proggit/hackernews is buzzing about some new technology doesn't mean it is worth your time. Be different go against the grain.

... and other stuff I can't think of..

11
thenduks 5 days ago 0 replies      
This list has nothing to do with CS students. It's just (specifics about LAMP/etc aside) stuff any competent programmer should do.
12
KirinDave 5 days ago 1 reply      
Why is the rule restricted to LAMP? And why should the P = PHP & Python? What makes these special? Both are poorly designed languages (since I assume we're not talking Python 3k here)?

If anything, I'd say, "Do the systems engineer job application challenge at Square in 2 languages of your choice, one of which should be Valley mainstream. Keep Python or Ruby in slot one, and aim for a big-iron language for #2, like maybe Scala or C++ or OCaml or Haskell.

13
dlo 5 days ago 0 replies      
Maybe different lists can be prepared for different career tracks. The items enumerated in the main article obviously has a Web development feel to it. For perhaps another track, I feel that the following tasks, actually performed by someone, can be re-formed into a similar list.

* modifying the Linux implementation of strace to implement system call interposition for CDE

* modifying the official C implementation of the Python interpreter to create IncPy and SlopPy

* prototyping Python interpreter extensions by hacking on PyPy, a Python interpreter (written in Python!)

* enhancing Klee, an automated test generation and bug-finding tool based on the LLVM compiler infrastructure (written in C++)

* performing quantitative data analysis using SQLite for data storage and retrieval, Python for ad-hoc data munging, and the R project for statistics

* creating lightweight interactive data visualizations using HTML and JavaScript with jQuery

* writing lots of Python scripts to automate routine tasks and to administer computational experiments

* writing a custom memory allocator for C programs

* creating dynamic program analysis tools in C using the Valgrind code instrumentation framework

* building components of a software simulator for semiconductor tester hardware using C++ within the Microsoft Visual Studio IDE

* creating an interactive image filtering application in C++ using OpenGL and GLU for image rendering and Qt toolkit for GUI.

* building graphical applications for Palm OS handheld devices in C using the Metrowerks CodeWarrior IDE

* writing a GUI for a handwriting recognition application in C++ using the Qt GUI toolkit

Programming, and indeed all of computer science, is a very mixed bag!

Source: http://www.stanford.edu/~pgbovine/academic.htm

14
maurits 5 days ago 1 reply      
Let me compress this list, for those people in CS programs which focus on theoretical/more abstract paradigms, it is useful ( and fun ) to code. SO

10 Write code in <language> for <project> based on <technology/idea> on <platform>

20 goto 10

15
flexd 5 days ago 0 replies      
I think there are about two things on that list I haven't done, besides not having started CS/Comp. Engineering yet.

It might just be me but shouldn't just a whole bunch of debugging, technical know-how and actually having a strong interest in technology also be important? I know many CS students that besides gaming are not really interested in nerdy technical things and I know there are a lot of people starting CS (at least here in my country) that have never really used a computer for anything other than internet surfing and word processing.

It's not like you become a good programmer or computer person over night just by taking a three year long CS bachelor.

Somebody who is already committed to learning more things on their spare time and already has an interest in these things before starting school will always come out of the situation/bachelor better. Don't you think so?

I would also have included a bit of electrical engineering knowledge (like soldering, electrical circuits and things like that) because just because you are a CS student and work in software it shouldn't mean you should know nothing of the systems and technology you use.

16
vduquette 5 days ago 1 reply      
10001 - Talk to a girl.
17
pnathan 5 days ago 0 replies      
Web-monkeys need to get of their shell more.

There's a gigantic world of computing out there, with good jobs to boot, that has nothing to do with web 2.0.

18
sayemm 5 days ago 0 replies      
This is very web-based, which is good and I think it should be done by current CS students - it shows passion/motivation and actually getting real-world exp.

On the other hand, for a more CS-based list of tips, this is what Joel Spolsky has to say: http://www.joelonsoftware.com/articles/CollegeAdvice.html

19
dendory 5 days ago 1 reply      
I've done all of that many times before, and I don't have any CS degree. Do I get an honorary one now? :P
20
mattdeboard 5 days ago 1 reply      
First step for anyone who actually WANTS to be a skilled programmer is, in my opinion, find a mentor who:
1). is really really good at programming;
2). is even better at teaching complex matters in understandable ways.

Made all the difference for me.

21
joezydeco 5 days ago 0 replies      
Learn to install and reinstall Windows. Not just Vista or 7, but XP as well. Learn how to add/remove/troubleshoot device drivers without killing yourself. Connect to a local server, get networking set up, get wifi working.

Because someone, somewhere, shortly after you graduate, will ask you to do this. You might even have to do it for yourself at your first job.

[EDIT] You can downvote me, but any fellow CS grad that makes it to a business environment will encounter some coworker that will want help with their machine, and I guarantee it will be running some version of Windows. Trust me on this one.

22
zb 4 days ago 0 replies      
10 - learn to count in hex instead of binary.
23
asciilifeform 5 days ago 0 replies      
10000) Learn arc welding, plumbing, or other genuinely useful skill.
24
yesimahuman 5 days ago 0 replies      
This is essentially the same advice I give to people when they ask me. A great way to become a self-sufficient developer is to try coordinating a group of machines all running software you've written. Bonus points if someone actually uses it.
25
Swannie 4 days ago 0 replies      
Before GRADUATING?!

This was all things I was doing before I started ATTENDING university. It's super simple, and you won't be downloading Slackware on 30 floppy disks any more!

26
wonnage 5 days ago 0 replies      
I don't think you actually learn much from doing any of these things. For example, most of the developers I meet set up apache the following way: google a bunch of conf files; bash at it until it works; never touch it again. In any case, what good does it do you to rote memorize how any one piece of software works? What if Apache didn't exist, what if it was 1999 and all these shiny Web 2.0 APIs didn't exist - how would you write a web server or communicate with other applications then? Seems like that's the sort of knowledge you want to have, and precisely the sort of handwavey theoretical stuff you have the luxury of spending time on in college.
27
vvnraman 5 days ago 0 replies      
Well, the author intends to give us advice on the the general purpose CS stuff which all the CS students should have a practical knowledge in.

I think its taken for granted that while graduating, we would be doing the more demanding things such as:
-designing our own programming language.
-developing a minimal OS dedicated for some specific task.
-develop an new alogorithm or drastically improve upon an existing one.
-etc...

While doing the things mentioned in the author's list, you may surely implement a few of the crypting concepts which you have learned during your graduation. No one is stopping you to do that.

28
drdaeman 5 days ago 0 replies      
> Install an Apache web server and configure it in a non-trivial way, e.g. to serve multiple domains.

Since when adding 3-4 self-describing lines (bare minimum required to add a virtual host) to config file is non-trivial?

29
mashmac2 5 days ago 1 reply      
Binary... not a literal 10,000 item list, a mere 16 items in base-10.
30
evan_ 5 days ago 0 replies      
numbering computer-related lists in binary stopped being cute a long time ago
31
peacewise 5 days ago 0 replies      
It is sad that CS students are now encouraged to become fancy sysadmins, linking existing technologies together 95% of the time and maybe adding 5% of actual stuff.

No wonder resumes come with tens of technology names on it, but the owner fails to implement basic things like itoa.

32
jccodez 5 days ago 0 replies      
I would add: Visit an art museum and learn about the different styles of art. It's about different forms of expression that don't involve 1s and 0s.
33
DLarsen 5 days ago 0 replies      
I'd go further and suggest completing most of these before entering a CS program. Consider it the start of a long career of self-education and improvement.
34
primitur 5 days ago 0 replies      
This is more like what "IT" students should do before entering the workforce.

CS students, lucky sods, should be making transistors.

35
known 4 days ago 0 replies      
And do MBA.

Writing software != Selling software

36
urwrong 5 days ago 1 reply      
Isn't CS supposed to be a branch of math?
37
JacobIrwin 5 days ago 1 reply      
up to 0100 and haven't been accepted to a CS program...

(havent applied yet either)

25
Learn Python The Hard Way 2nd Edition Released learnpythonthehardway.org
230 points by Ntagg  3 days ago   57 comments top 19
1
Sukotto 2 days ago 5 replies      
LPTHW has a good rep, but it looks like it focuses on teaching someone who's never programmed before.

Would anyone like to recommend something similar for people already well versed in (a) mainstream language(s)?

2
rgarcia 2 days ago 4 replies      
What's new in the 2nd edition? Couldn't find a list of updates/additions anywhere.
3
cantbecool 2 days ago 1 reply      
This reminds me of Ruby on Rails Tutorial by Michael Hartl. I love the idea of the book being online in HTML for free, but you can pay for a better learning experience: screencasts, PDF files, and online training courses.
4
rubergly 2 days ago 2 replies      
Does anyone know of any good books for people that are proficient with Python and want to learn more about the language and come closer to being an expert?

The idea of LPTHW has always seemed cool, but I've looked at the table of contents a couple of times and thought "huh, 80% of these topics seem trivial to me"; maybe I could still benefit by skimming through and reading anything that I don't already know. Also, it's kind of a bummer that there's no .mobi version.

5
Ntagg 2 days ago 1 reply      
Zed, are you going to be writing any other books for Python, like Python 3 or more advanced topics? Maybe "Advanced Python the Hard Way?"
6
bane 2 days ago 0 replies      
Awesome! 1st ed was invaluable to my co-Founder when she started learning Python for our startup a few months ago.
7
creativeone 2 days ago 0 replies      
Just bought the Kindle version. Now I have the book on my Kindle and iPhone Kindle App (Looks really crisp on my iphone and has anchor links to each chapter, although it could use a better table of contents)

Link: http://www.amazon.com/gp/product/B00586LJ2O/ref=as_li_ss_tl?...

8
cvg 2 days ago 2 replies      
Planning to buy the paperback. While checking out the paperback info, I noticed that the pdf is still free on lulu.
9
sigzero 2 days ago 1 reply      
I am doing all of it with Python 3. So far, very little needs changing to make the examples work. Very clean and concise. Thanks Zed.
10
nin_appa 2 days ago 2 replies      
Has the book "Learn C the hard way" released yet?
11
creativeone 2 days ago 2 replies      
What is the advantage of the course (on discount today)?
12
aorshan 2 days ago 1 reply      
What are the advantages of using this book over the online tutorials that are available on the python website or even using some of the MIT OpenCourseWare courses?
13
capkutay 2 days ago 0 replies      
love this book. very little verbal fluff, allows the reader to figure out the material on their own with the exercises and extra credit.
14
jolosan 2 days ago 1 reply      
Now on exercise 15! Best US$1 I've ever spent so far! Thanks Zed!
15
ltamake 2 days ago 0 replies      
Just bought a copy for my iPad. I look forward to reading it!
16
ChikkaChiChi 2 days ago 0 replies      
I just picked this up on AppSumo. I'm coming from PHP and C, so this will be a nice chance to try out Python.
17
malabar 2 days ago 0 replies      
Thanks Zed, I just bought the epub for my kindle. I am going to give it a go.
18
nospoolin 2 days ago 0 replies      
Just bought the PDF, Damn paypal tricket me into paying $1.00 with billmelater =/
19
Ideka 2 days ago 0 replies      
I checked the first couple of sections, and I'm sure learning Python "the Hard Way" would have been much more exciting than reading the official documentation...
Oh, well. What is done is done.
26
Lulzsec/gn0sis/AnonOps dox'd pastebin.com
215 points by shii  4 days ago   92 comments top 28
1
trotsky 4 days ago 5 replies      
Hmm

  * mentions HBGary a lot
* focuses on people who have been previously associated with the HBGary hack
* shows special disdain for kayla and sabu & seems to be personally offended
* likes to link people to their social networking profiles
* only non-skiddie name mentioned is Barr's
* obviously works (worked?) in infosec
* previously in the military? (ALPHA MIKE FOXTROT = Adios Mother Fuckers)

Gee, I wonder who the author might be...

2
nyellin 4 days ago 1 reply      
For lack of a better explanation, is it crazy to consider the possibility lulzsec released this themselves? Hack innocents, preferably script kiddies from 4chan, install evidence on their systems, and walk away through the smoke.
3
tlrobinson 4 days ago 1 reply      
Reading the Laurelai/NA cap about the FBI raid made me wonder if anyone ever tries to reverse-bug the FBI by hiding bugs in HDDs and other equipment prone to seizure...
4
sliverstorm 4 days ago 1 reply      
I am currently imagining the icy thrill running down their spines if these guys fingered them properly...
5
burgerbrain 4 days ago 2 replies      
Has anyone checked out those PGP files? Don't really feel like doing it myself, considering the likely unsavory nature of the author of this document (barr...).
6
laurelaib 4 days ago 0 replies      
yeah lets put random peoples names in a pastebin and claim they are 3 different groups all rolled into one. I just write articles, and sometimes people get upset by them. its probably Barr because i wrote those crowdleaks articles about him ,he also had his pet lawyer threaten me.
7
zitterbewegung 4 days ago 1 reply      
I don't see how anyone can actually trust this leak though. How can we verify if this information is legitimate?
8
dekz 4 days ago 1 reply      
> 20:25 <Laurelai> want me to be an informant on account im everywhere and iwas in the army

No honour amongst thieves eh.

9
dhjskdh 4 days ago 1 reply      
There are some odd problems with this document:

1) The timeline in the beginning is incorrect. #11 shows Laurelai was part of the HBGary attack. Yet in the #hq logs, Sabu had no idea who Laurelai was (and raged on him/her pretty hard).
2) Kayla is the only member that the A Team does not dox. However, the Laurelai/NA conversation contains a reference to the Xyrix = Kayla idea (which is referenced in many other places). Xyrix' denials are weak.

10
ZoFreX 4 days ago 1 reply      
I find it amusing that they call Lulzsec out for being childish, then think it's relevant to post the personal information of some dude's sister (and cry "LESBOZ!!!" because she's married to another girl).

Reddit has rules against posting personal information. Does this website not? I really have little interest in websites that think it's ok to spread people's personal data. Weren't we mad at Sony and Lulzsec for allowing that sort of thing to happen?

11
16s 4 days ago 0 replies      
So how do they identify people who have no facebook account or facebook friends? That seemed to be the main focus of identifying people.
12
cantbecool 4 days ago 1 reply      
That was a horrible yet interesting read at the same time. The PGP keys deceived me into thinking there was more content then there really was.

What does the author mean by bounce in the document, take over a machine and proxy themselves with it? I'm confused.

13
callmeed 4 days ago 4 replies      
What is a busy box?
14
krashidov 4 days ago 0 replies      
I don't know if any of the identities are real. The Sabu guy's alleged name has been out for a while now, and after some googling it all goes back to some weird site:
backtracesecurity.com

Until we get some arrests I wouldn't be particularly excited over this.

15
Keyframe 4 days ago 0 replies      
How is this (if we presume it's true) possible without deep infiltration? If that's the case, wouldn't the guy that exposed them be a perpetrator too?
16
ulvund 4 days ago 0 replies      
Drama
17
shareme 4 days ago 1 reply      
What is more ironic?

1. The gross miss spelling in the post
2. That Mr Barr could not catch somewhat beginner hackers

18
bromagosa 4 days ago 0 replies      
They seem to be pretty good at computers, I don't see why they can't learn how to spell.
19
retrogradeorbit 4 days ago 2 replies      
you're, not your.

edit: desides? How old is the author, I wonder? It all sounds very 'schoolyard'.

20
tathagatadg 4 days ago 1 reply      
Their last tweet is 5 hours back ... wonder if there will be anymore lulz there ...
21
Pentel 4 days ago 1 reply      
What Interests me is, who capped all the logs. In a room with four ops and 4 non ops, unless it was server admin?
22
awm 4 days ago 0 replies      
I don't know about the validity of this, but that skull and cross bones was pretty fun.
23
dolvlo 4 days ago 0 replies      
These guys sound pretty butthurt
24
antihero 4 days ago 0 replies      
I did actually ask Lulzsec to hack my site. They never got back.
25
leon_ 4 days ago 0 replies      
Didn't the kid have a spell checker or did he just want to sound l33t?

Usually I'm not a grammar nazi (english isn't my first language so I understand the curse of engrish) but this is just annoying to read.

26
dustingetz 4 days ago 0 replies      
I read the whole thing, for some lulz search laurelai then incremental search fbi lol
27
sabat 4 days ago 1 reply      
Boring.

The problem with these tards is that they lack the discretion to find interesting problems to tackle. So: they pick on weaklings like Sony.

Real grown-ups find good problems to solve and, well, solve them. A lot of those guys profit from them.

I hope that the lolsec guys eventually realize that there's more to gain from helping the world than from hurting it.

28
SeoxyS 4 days ago 1 reply      
I personally applaud the unmasking of the internet's anonymous. Maybe once they realize they're not truly anonymous, they'll stop with their appalling behavior. What they're doing exemplifies everything that is wrong with our sensationalist, power-hungry and generally corrupted culture.

This kind of mob-trolling behavior is not ok, and prosecuting perpetrators to the full extend of the law ought to set a nice example.

I'm all for free speech, and blowing the whistle. But this is much too far, and honestly, anarchy isn't any better than a police state.

27
Hacker CS: The Khan Academy of Computer Science. hackercs.com
210 points by agilo  4 days ago   76 comments top 32
1
schiptsov 4 days ago 4 replies      
What is remarkable about Khan Academy is that it was done. It was a huge effort. And it was done from scratch, out of nothing. Not in order to promote some crapware like Silverlight or Flash, but with commitment to teach poor people.

Collecting videos around the net and put it in one page is useless idea. There are plenty of really great courses from MIT, Yale, Berkeley and they were already aggregated on sites like academicearch.

And of course, no one could ever beat 6.001 from MIT ^_^ It is art. Btw, if you like to improve your education in CS courses from MIT are enough. For general education visit Yale. For everything else there is Berkeley. CS69A is a masterpiece.

2
ISeemToBeAVerb 4 days ago 0 replies      
As one commenter brought up, I think you need to keep in mind who you are targeting. The real brilliance about Khan Academy, in my mind, is that they aren't just another video tutorial repository. They have a sophisticated back-end tracking system that allows teachers and parents to gauge the level of comprehension the students are working at.

The other thing to note about Khan, is that the site is precisely intended for younger students in an effort to give them a solid foundational backing for further study.

Personally, I don't think we need another resource for experienced developers. Experienced developers have a level of understanding that already allows them to be more critical of the tools and resources they choose. If you're truly interested in following the Khan model, you should be focusing on the core fundamentals that are often taken for granted in many of the other resources. That's not to say that you couldn't expand to more advanced topics, but starting at the lowest level and working up would be more beneficial in my eyes.

Anyhow, interested to see what you get up there. Cheers!

3
Killah911 4 days ago 1 reply      
Come on, you guys could've at least not done the robot voices on the intro video. A blackboard with some emotinoal statments regarding pointers or even a "reflection" joke would've been more like it. It'd be a neat idea and I'd follow up only if you promise that robotic kittens will not be involved in any of the lectures :-P
4
patrickaljord 4 days ago 1 reply      
Will it be under a Creative Commons license like the Khan Academy? That would make a lot more people want to contribute.
5
paufernandez 4 days ago 0 replies      
Now I feel I have to say it: I've started a YouTube Channel inspired by the Khan Academy (in spanish). It's not like Hacker CS, though. I'm targetting only guys who want to program and don't know how to start, not future CS students. In my opinion, that is closer in spirit to the Khan Academy.

I have only C++ right now but there are already 136 videos (and 227 subscribers). And I've gotten some very nice comments, and that makes me very happy.

Here it is: http://www.youtube.com/user/paueky

There is a companion site, which shows the dependency graph between videos: http://minidosis.org/C++

6
JacobIrwin 4 days ago 1 reply      
Looking forward to seeing this tool launch!

May take a bit before it has all the resources that can currently be found in the YouTube tutorials, but I can see it getting there in a short time...

This guy has a full range (and a good rep) of CS tutorials: http://www.thenewboston.com/. Maybe you could contact him and collab.

Keep us posted :-)

7
Locke1689 4 days ago 2 replies      
What's the targeted difficulty level here? My experience with other Khan Academy videos is that they may be fine for a sophomore or junior year high schooler but their advanced topics are very lacking or generalized. How much CS will actually be taught here? How will it compete with things like Google Code University? http://code.google.com/edu/algorithms/index.html
9
chrisjsmith 4 days ago 1 reply      
choke SICP.

And it works in bright sunlight and doesn't require batteries.

On a more serious note, Khan Academy is great but the format allows too many distractions. I'd like to see a paper version of it.

10
lhnz 4 days ago 0 replies      
I've put my email down.

Hopefully this is more about the fundamentals and theory of Computer Science, since there is a lot elsewhere online if you want to learn how to program.

Somebody else mentioned the format, and I would request that the videos are short and concise. It would also be nice if there were audiobook versions since I could listen to this on the way to and from work, although then you would have to make sure the visual part does not contain information that's not audible.

11
makthrow 3 days ago 0 replies      
I'm sorry but you are not the "Khan Academy of CS" until you actually have a product. There is nothing on the site yet. It's an idea, a concept, a theory. I don't like this trend of launching while you haven't developed anything.
12
agilo 4 days ago 1 reply      
That's a sample of the videos: http://www.youtube.com/Agilowen
13
antihero 4 days ago 1 reply      
http://files.0xf.nl/images/Screenshot-Hacker%20CS%20is%20the... I'd sort that font out. But wicked idea :)
14
jules 4 days ago 0 replies      
I sure hope that the videos are not based on the same computer generated speech.
15
Thoreandan 4 days ago 2 replies      
Unfortunately the signup logic considers a "+" in an email address field to be an invalid email address.
16
duncanj 4 days ago 0 replies      
Starting with a quick discussion of NIH syndrome.
17
Brewer 4 days ago 1 reply      
I'm a huge fan of Khan Academy, so I hope that your site will do the name justice. Now I can't imagine that Khan would have a problem, but you should be careful when relating your site with others like this. Some people might think that you're actually aligned with Khan Academy.
18
alatkins 4 days ago 0 replies      
The typical "hacker" ethos these days (out with the old, re-invent the wheel, everything taught in college is a waste of time etc) seems to be almost the antithesis of classical computer science, so I'm not sure I get the juxtaposition of the two in the name of the site.
19
pbreit 4 days ago 0 replies      
Hopefully this will answer my Quora question: http://www.quora.com/Is-there-anything-like-Khan-Academy-but...
20
nwhitehead 4 days ago 1 reply      
Sounds cool! I'm excited to see how it works out.

Some notes from the video I saw on YouTube. Needs better audio quality. Bigger fonts for the computer typing would be nicer, the existing size was just legible. It would be nice to see the diagram and code on screen at the same time rather than switching back and forth. I liked the 5 minute length, that is just long enough.

21
nrbafna 4 days ago 0 replies      
nit-picky but "sign up to be notified" text, looks like a text-input field. changing the box-shadow to outside will help.
22
hng 4 days ago 1 reply      
You can find some good lectures on the ArsDigital University Archive http://www.aduni.org/courses/
I liked the Theory of Computation lecture.
23
blendergasket 4 days ago 0 replies      
This is extremely exciting to me! I've worked in a couple programming classes but am mainly self taught (and no where near as good as I want to be) so I'm really excited to go through these! Thank you!
24
tanay46 3 days ago 0 replies      
A great idea. Will you be making your own lectures or linking to the lectures from MIT OCW, Stanford etc.
25
krashidov 4 days ago 1 reply      
I'm in school for CS right now, so I'll be sure to complement with these videos as well.

Thanks!

26
buckwild 3 days ago 0 replies      
This sounds awesome. Can't wait.
27
jvandenbroeck 4 days ago 2 replies      
I quickly skipped through the video & it looks nice:) although I don't like the sound of the voice
28
virtica 4 days ago 0 replies      
Its a great idea. Ready for the movement from idea to implementation.
29
rreeves 4 days ago 0 replies      
Great idea! I'm looking forward to your launch.
30
newcomment 4 days ago 0 replies      
Anybody else find the video creepy? Watching this seems reassuring that the uncanny valley is very very very far away. :)
31
tathagatadg 4 days ago 0 replies      
Awesome ... no more school!
32
dolvlo 4 days ago 0 replies      
Xtranormal. Really? Can't take this seriously, I laugh so hard at TTS
28
AWS drops bandwidth pricing amazon.com
211 points by werner  11 hours ago   66 comments top 19
1
rkalla 9 hours ago 2 replies      
Making all in-bound traffic free is a super-aggressive (and much appreciated) move.

As blhack pointed out Voxel's per-GB rate[1] before AWS dropped was extremely competitive, but they charge for in and out-bound data. AWS, after the 1st of July will only charge $0.12 for out-bound data and $0.00 for inbound data, effectively making it something like $0.06/GB compared to Voxel (I'm hand-waving this a bit to make a point).

Also as wiradikusuma pointed out, this comes right on the heals of Google's App Engine pricing structure change[2] to be more business-friendly (read: more expensive/more predictable billing) that upset smaller shops and individuals.

As someone who reads most of the AWS forums every night, I would say overall that Amazon seems to be responding more quickly to low level failures that used to run rampant on the system (although US-EAST still has more failures than any other region. I guess due to overload). They seem like they are hitting faster/smoother, sounds like a good time to push forward and grow which I imagine this move will help do.

Getting a little excited to see what the price decrease for per-GB billing on S3 will be in the coming months following this up (my assumption).

[1] http://www.voxel.net/pricing

[2] http://www.korokithakis.net/posts/app-engine-pricing-changes...

2
timf 11 hours ago 0 replies      
The pricing change is better understood with the tables here which include a "previous" column:

http://aws.typepad.com/aws/2011/06/aws-lowers-its-pricing-ag...

3
sriramk 8 hours ago 1 reply      
This is probably a move in response to Windows Azure dropping its inbound data transfer rates to zero last week. When I was back in Windows Azure, we would often see AWS try to do a price-match whenever we changed prices drastically.
4
zmmmmm 10 hours ago 1 reply      
I'm blown away. This radically changes the cost for one of my core products (automated browsing from EC2 machines). I've thought for a long time that EC2 was getting comparatively very expensive for bandwidth (simply not decreasing their prices). I thought they would have to change it, but I didn't expect free!
5
blhack 10 hours ago 2 replies      
For another comparison, voxel.net (which serves imgur):

http://www.voxel.net/pricing

$0.10/GB up to 40TB

$0.07/GB up to 500TB

$0.05/GB >500TB

This looks like the cheapest "real" CDN I've seen. Awesome :) Not that I need it [yet], but here's to hoping :)

6
kmfrk 52 minutes ago 0 replies      
The timing for this Django deployment script couldn't have been better: http://news.ycombinator.com/item?id=2700120.

I was going to look into deployment scripts for App Engine, but Amazon makes it more compelling to use AWS.

7
nigelsampson 11 hours ago 0 replies      
I wonder if this was in reaction to the same pricing change from MS Azure http://blogs.msdn.com/b/windowsazure/archive/2011/06/22/anno...
8
Rickasaurus 11 hours ago 2 replies      
Amazon is now the #1 choice for web scrapers everywhere :)
9
werner 11 hours ago 1 reply      
My blogpost w background information: http://wv.ly/iLDaqu
10
tzs 10 hours ago 0 replies      
This is big. It makes it a lot cheaper for a busy site to keep an up to date mirror at Amazon on standby for use in emergencies.
11
orijing 9 hours ago 2 replies      
Dropbox must be super happy that half their bandwidth costs have disappeared!
12
latch 11 hours ago 0 replies      
I don't even remember what the old pricing was. For the first (non-free tier), was it at 0.18? 0.12/gb is getting pretty cheap for non-bulk bandwidth of this quality.

edit

above poster has link showing it was 0.15

13
wiradikusuma 11 hours ago 0 replies      
this should put some pressure on recent Google App Engine price increase (fingers crossed)
14
MaxGabriel 11 hours ago 1 reply      
For someone inexperienced in this market, why wouldn't they just say free? I've never heard someone sell something for "$0.00"
15
aolnerd 2 hours ago 0 replies      
We're looking for even cheaper bandwidth for streaming audio. Can anyone recommend a vendor to provide 150mbit+ bandwidth on a vps platform or rented server platform?
16
chaselee 10 hours ago 0 replies      
Now if only Google App Engine would follow suit...oh wait they raised prices =/
17
neworbit 11 hours ago 1 reply      
Good lord, about time. Why was incoming bandwidth ever on the list?
18
Joakal 11 hours ago 2 replies      
Why is bandwidth pricing higher in Asia despite bandwidth rates there being among the highest in the world?
19
nhoss2 11 hours ago 2 replies      
ooh "AWS drops bandwidth pricing" come on please be true! darn it just inbound.
29
Sam Altman will clean your house for $5 agrawals.org
208 points by davidhperry  4 days ago   69 comments top 15
1
potatolicious 4 days ago 2 replies      
Besides the fact that the idea makes no sense, I find it downright wrong that Loopt is enriching itself at the expense of local businesses. Establishments work damn hard to establish a brand, and here is Loopt going around shitting all over them, without consent.

This is where I'd hope trademark law kicks in. Here's hoping Loopt gets what's rightfully coming to them.

2
ianterrell 4 days ago 1 reply      
This is slightly reminiscent of Get Satisfaction's model of creating support forums for companies unless they opt out.

And sometimes those companies take offense: http://37signals.com/svn/posts/1650-get-satisfaction-or-else

3
sama 4 days ago 5 replies      
We're trying something new and innovative, and of course we'll have to iterate on it. We're moving as quickly as we can to fix this and make it work for consumers and businesses--obviously, it doesn't work for us unless it works for both of those groups. We have a chance to really improve local commerce, and I hope we do.

As soon as a business wants to opt out, we block them permanently in the system and remove any pending deals. We're changing the product right now to make the language more clear, and we're not going to use any trademarked images until the business approves the deal. We're going to make it really clear that a business hasn't approved a deal until they do.

We've certainly gotten negative feedback from a few businesses, but in general people seem excited about this--word of mouth is a great referral, and businesses understand that. The promise of u-Deals, if it works, is that your best customers become your big advocates.

Should we have gotten this right from the beginning? Yes, and I'm sorry we didn't. We've gotten things wrong in the past, and we're going to get things wrong again. As always, we'll try not to get the big things wrong, we'll do everything we can to make it up to our users, and we'll get it fixed as fast as possible. That's the nature of trying new things, and it's how the world gets better.

4
X-Istence 4 days ago 0 replies      
Loopt is causing conflict with a business's potential customers simply by making such "deals" public when they don't actually exist and are meant solely to show businesses that customers want discounts. Off course people want discounts, but that doesn't mean the business is willing to give said discount.
5
mtkd 4 days ago 0 replies      
When I first read about this - it seemed like a new Groupon angle that might have some legs.

Seeing it in the flesh - it feels wrong. It's passing-off.

http://en.wikipedia.org/wiki/Passing_off

6
byrneseyeview 4 days ago 0 replies      
Group buying is actually a variant on an older practice called Tuangou (http://en.wikipedia.org/wiki/Tuangou), which Loopt is recreating here.
7
netcan 4 days ago 0 replies      
There are a few things that seam clearly, though not necessarily badly, wrong here. For, example: They use a a Groupon like appearance as many deal-a-day sites use. This sends a strong-ish message that something Groupon-like is going on. A lot of people will have bought these coupons recently and will make quick assumptions. This is the kind of things brands do, usually, to send a message to the buyer/user. It's like when generic coffee comes in a nescafe-like jar. There's also potential for non-savy small businesses owners to feel coerced. I'm not sure trademark is the issue though, at least not a terrible one.

Anyway, I think judgement should maybe be postponed. This could easily be an awkward mistake. The overall intent doesn't seem nasty. The execution, particularly clear messaging, has just (perhaps) been done absentmindedly. It shouldn't be too late to clean this up. Let's see if they do.

8
chailatte 4 days ago 3 replies      
First airbnb, now loopt. Something evil has infiltrated the house of ycombinator.
9
chailatte 4 days ago 1 reply      
I don't understand why Paul thinks so highly of Sam Altman, supposedly a guy with a 40 year old soul [1], that he even made him partner at yc.

I saw plenty of writhing away from the blame (It's a bug!), instead of admitting his mistake and apologizing publicly.

I saw a lame joke written by Sam in this thread (shortly pulled after by the author) that was something to the effects of "I wouldn't help clean his house, he clearly doesn't like me".

If I saw all this and I was on the board, I would've already called a quick board meeting to replace the current CEO.

[1] http://www.paulgraham.com/notnot.html

10
zeddez 4 days ago 0 replies      
This reverse deal idea didn't make any sense when I heard about. But I have been surprised before, so would interesting to hear counterpoints.

The fundamental problems as I see it just starting with user persective: 1) I put in effort as a user to create a deal - with the high chance of no payoff - why would I ever do this the first time, let alone the second time 2) I have to wait for other people to join - so gratification is at best delayed 3) Very likely the deal will not be accepted by the merchant.

The ideal model for coupons would be take out the high cost of sales in this business. And getting businesses to go to a website and submit their deals by themselves. Of course SMB are notoriously slow to adopt new technology (many still advertise in YP). But over time, they will get there as well and the winner will be whoever is there when SMB begin making the move.

11
suhail 4 days ago 0 replies      
You guys really need to think about the chance that it actually works. Loopt isn't some shady company trying to steal people's credit card information for something malicious. Their goal, in the end, is something benevolent for all parties.

If they fail (which is likely for any startup) then it's because the idea wasn't a good. It stands to reason that they can make this clear to both parties: consumers and businesses. If they didn't at this point then I am sure they'll fix it because ultimately everyone actually will be angry. The market will answer so you need not worry. I am sure Loopt has done a sufficient amount of customer development before exhausting all their engineering bandwidth, marketing resources, and product focus--meaning you should consider giving them the benefit of the doubt.

Let businesses decide. It's not something you're capable of proving. Loopt likely is gaining more feedback about it then you realize.

12
EwanG 4 days ago 0 replies      
I would have been willing to pay $50 dollars... anyone willing to reopen the deal? :-)
13
hammock 4 days ago 1 reply      
Loopt seems like a democratized version of group purchase organizations (GPOs), which have been around forever and are used, for example, by groups of hospitals banding together to get bulk discounts on the things they regularly buy.

If you got ten of your friends together and put in bids on Loopt for a few different pizza places, it's not too different from the GPO process. You are basically saying, "I am willing to buy 10 pieces from you at this discounted rate." It makes me wonder if most of this talk about brand erosion etc is mostly alarmism.

14
eridius 4 days ago 0 replies      
When I heard about this the first time, one of the "benefits" of this approach is they only sell deals to companies that actually have demand. And I never understood that. One of the reasons Groupon is so reviled is because the demand for these ridiculous deals causes great problems for the business in question. If the deal didn't have any demand, then there wouldn't be any problem whatsoever and people wouldn't be hating Groupon. If anything, the way Loopt is doing this is far worse than Groupon, as the article demonstrates.
15
rockya 4 days ago 0 replies      
I always separate the person from the model. My criticism is of the model and the actions. The headline was to make a point as to how absurd what Loopt did is.

I have never met you, so I have no opinion on you. I know people who know you and they've said good things in the past.

30
Groupon leaks entire Indian user database risky.biz
205 points by Garbage  2 days ago   90 comments top 17
1
microarchitect 2 days ago 4 replies      
We have begun notifying our subscribers and advising them to change their Sosasta passwords as soon as possible. We will keep our Indian subscribers fully informed as we learn more.

This is a lie. Neither I nor my brother have heard from them. Keep in mind that this happened on Friday and it's already Tuesday here. In the meantime, I have been spammed about deals that I don't care about through e-mail and text messages four times.

2
franze 2 days ago 2 replies      
as we are currently groupon bashing, take a look at groupon.de (germany) http://www.groupon.de/deals/berlin

scroll down ... down ... down ... there it is (gray text on black background), the crappiest example of SEO i have seen in a long long time. keyword stuffing is so 2004.

"Berlin ist als Hauptstadt der Bundesrepublik bekannt für seine Sehenswürdigkeiten und das umfassende Angebot an Freizeit-Aktivitäten. ... ... Berlin Deal ... ... Rabatten ... ... Geld zu sparen... ... Gutschein ...bla ... ... Angebote des Berlin Deals ... ... Wellness-Angeboten ... ... Restaurantgutscheinen.... ... .Freizeiterlebnisse, Events und Dienstleistungen in Berlin ... ... Shopping und Online Shop. ... ... Berlin Gutscheine ... ... "

i would have guessed that a multi billion dollar company could at least hire a decent SEO guy.

3
51Cards 2 days ago 1 reply      
Ok my mouth is literally a-gape at the number of database dumps indexed by Google. I guess I just never thought of searching for something so simple and now I'm floored at how often this seems to happen. How does anyone possibly allow a data dump to come anywhere near somewhere Google could index it?
4
india 2 days ago 1 reply      
Did anyone manage to get a copy of the sql file? A password analysis of a largely Indian audience could be pretty interesting.
5
mqzaidi 2 days ago 1 reply      
Here's the communication they sent. This is totally a lie - my email was in the database, and they have been only saying an issue potentially affecting them
-------

Hi SoSasta Subscriber,

Over this weekend, we've been alerted to a security issue potentially affecting subscribers of Sosasta. We wanted to let you know that the issue has been brought under control and your accounts are secure. However, as a precautionary measure, we recommend that you change your SoSasta password immediately, by visiting the SoSasta website (Sign-In using your existing password, then click on Profile followed by Change Password). If you use the same email/password combination at other websites, we recommend you change those passwords as soon as possible, too.

Please be aware that none of your financial information (Credit Card, Debit Card, NetBanking etc) has been compromised since this information is not stored on SoSasta, as per law.

If you have any concerns or find any unusual changes in your SoSasta account, please contact our Customer Support team as soon as possible at 1800 103 2111 between 9.30 a.m. and 6.30 p.m. IST, Monday to Saturday so that we can review your account.

You should know that we are working aggressively to prevent this from happening again. Sosasta takes security and privacy very seriously -- it's important to us to provide you with a safe shopping experience of the highest quality, and we will do everything possible to keep your trust. Please accept our apology for any inconvenience or concern we've caused.

Sincerely,
SoSasta Customer Support

6
drivebyacct2 2 days ago 2 replies      
I am not normally in favor of legislation, but I'd be okay with a fine for US-based companies that leak and expose this kind of data. Specifically a harsher fine for cleartext or anything less than bcrypt.
7
g123g 2 days ago 1 reply      
Sosasta means "so cheap" in Hindi. Maybe they are too cheap to spend any effort on security of their users' data.
8
gary4gar 2 days ago 1 reply      
I can guess, how this can happen.

---------------------
First,Take the db dump, for backups/setting up another server etc.

$ mysqldump -u <user> -p <password> <db name> > xyz.sql

Now, lets move db dump file to webroot, I hate SSH,FTP,RSYNC -- too complicated for me. I like clicking hyperlinks. KISS FTW!

I guess nobody will notice that file is present here. How can they know, I won't tell them!

$ mv xyz.sql public_html/uploaded/users

now, I can download it simply by going to

http://www.sosasta.com/uploaded/users/xyz.sql

See how easy this is, why complicate things unnecessarily.

---------------------

I guess the guy wouldn't have even imagined mighty google will index this & people from around will download the file, resulting in major security breach.

This is what you get when you act ignorant or plain lazy. poor guy...lol

9
jtchang 2 days ago 2 replies      
In clear text? Really? How is this even allowed anymore?
10
suking 2 days ago 0 replies      
Your User Information - 100% Off!
11
nestlequ1k 2 days ago 0 replies      
Heads outta roll for this one. The dev, the supervisor, his supervisor. Probably all the way up to VP.

It's a stupid, boneheaded mistake, but one of those that could only be made in an environment where security is extremely lax. Easiest way to fix the environment here is to just fire everyone involved.

12
skbohra123 2 days ago 3 replies      
Incidents like this make me think that if success is anything to do with talent? Even a mediocre developer wouldn't do such mistake and these people are acquired by Groupon. Then, I think, it's all about who you know ?
13
adhipg 2 days ago 0 replies      
Continuing on that line of thought - a simple search like 'filetype:sql phpmyadmin' also shows a lot of 'interesting' results.
14
TheOnly92 2 days ago 2 replies      
Maybe Google should start working with security firm so that once their bots crawled on a leaked database they will notify the website owner immediately.
15
mukeshsinghr 1 day ago 0 replies      
If Companies itself ready for compromising there email id and password then who can protect them. Hacker's just shown there mistakes done to the people.
Otherwise a small child knows well how to hide his password from the other people.
16
evolution 2 days ago 1 reply      
anybody got that sql?
17
PartyDawg 2 days ago 0 replies      
Sue this irresponsible company into oblivion.
       cached 30 June 2011 15:11:01 GMT