hacker news with inline top comments    .. more ..    8 Jul 2011 Best
home   ask   best   6 years ago   
1
Google made my son cry sunpig.com
572 points by rostayob  3 days ago   263 comments top 62
1
DannoHung 3 days ago  replies      
Google needs a fucking customer support line already. Make it a 900 number if they need to and charge $20 per call, but for the love of cheese the number of times something goes horribly wrong and there is little to no recourse is silly. They refuse to let people pay for their services and thus establish a billing verification channel but they're asking users to put tons of important information into them with no recourse if something does happen.
2
zwieback 3 days ago  replies      
I must be a total minority here but as a parent of a 9 and 11 year old I'm shocked how many commenters recommend "just lie" or even teach their kids that lying is ok on the internet. Maybe this particular kid is a total outlier but I can say for sure that my kids and their friends are definitely not ready for any kind of sophisticated reasoning about when to apply which morals. At that age they are also fairly unable to separate fact from ficition and news from gossip.

The age limit of 13 seems pretty reasonable to me and if as a parent you think your kid is so mature (hint: he isn't) then it is definitely your responsibility to act as a guardian.

Google didn't make your son cry, you made your son cry. And that's fine, we all make our kids cry from time to time. Explain the mistake you made to your kid, figure out what to do in the future and move on.

3
jdvolz 3 days ago 3 replies      
Am I the only person who thinks this is a great way to teach your son about civil disobedience? It's clear this law, while well intended, isn't meant to cover this specific situation. I would argue this type of civil disobedience is the first step in getting the law changed (in this case, to something more reasonable, or requiring that parental consent be available and expedient).

It's important for children to understand that laws aren't written in stone and that if they dislike a law they can work to change it. Feeling helpless and acting helpless isn't in the best interest of anyone's child or our children's generation as a whole.

4
mscarborough 3 days ago 1 reply      
I'm surprised at all the histrionics going on in the article and this thread.

"Google ... plans to cut him off from his family until he's 13."

First, take a deep breath. Then, get another email address that you can control, and back it up. See if the grandparents still have copies of their correspondence for the kid to read. Use this as an opportunity to teach the importance of backing up data that is important to you, and why you can't trust free online services to always look out for you.

Currently I'm in India, and today witnessed children sifting through open piles of garbage and panhandling in the middle of traffic. So it's kind of maddening to then witness the stunning lack of perspective these parents demonstrate when their child is temporarily cut off from site update emails and using chat to talk to them while sitting in the same room.

Yes, I understand the data loss making a 10 year old "enormously upset", but if these seemingly technically-savvy parents didn't yet realize the necessity of owning and managing data that is important to the family, then I'd hope that point isn't lost. In the time spent to write a hysterical blog and more responses in the comments, a simple solution to ensure this did not happen again could have been implemented.

5
dexen 3 days ago 4 replies      
Why is that parents can't give consent to their young (<13y/o) child using Google account?

Parent logs into his/her account, parent creates kid's account, parent states real age (10 years), parent expresses consent, child uses the new account. Is it that complex?

6
yanw 3 days ago 4 replies      
Your son joined a service he wasn't supposed to, then joined an adjacent service that still requires an invite and that triggered a mechanism that kicked him out and he gets upset, you evidently don't think it's your fault for not reading the TOS and not being familiar with the american COPPA law and you think it's Google's fault.

Congratulations on proving that link-baiting works very well even on HN.

7
tybris 3 days ago 3 replies      
I think he learned a valuable lesson about how to use the Internet: lie about everything.
8
ern 3 days ago 3 replies      
I think it's unfair that under 13s aren't allowed to use Gmail. But being able to use email, code in Python and use Powerpoint, doesn't mean he has the maturity to use social networking.

The internet is a cruel place, and hysteria about online predators aside, I think that the biggest risk to kids is from their own peer group. I recently encountered a fake profile on FB that was harassing high school kids, including a cousin, by spreading rumours about them. The rumours seemed silly to an adult, but the reactions of the victims on the perpetrator's wall were telling: begging, swearing, threatening (incidentally, Facebook's abuse system was pretty useless, I got the account killed because I figured out who the bully probably was, and dropped a few not-so-subtle-hints threatening to expose her). If teenagers are so distressed by online bullying, it would be worse for pre-teens.

I have sympathy for Alex and his parents, but I don't blame the law for blocking young children from accessing these services, especially social networking sites.

9
GFischer 2 days ago 0 replies      
The author made a followup post here:

http://nielsenhayden.com/makinglight/archives/013103.html#56...

This is what it says:

"Hey ho. Commenting here because I feel chased out of my own blog. I'm trying to figure out if I want to write a follow-up blog post, and if so, what I would write in it. More importantly, who would I be writing it for? There may be some catharsis for me in writing a response, but it would also involve me stewing in asshat soup for even longer while I composed it.

The main thing I would want to clarify is that the technical problems are not actually the heart of the matter for me. Being responsible parents, we set Alex's email up in such a way that we get copies of all his incoming messages. We can probably reconstruct large chunks of his correspondence to date. I'm not even sure if Alex thinks of email as a long-term thing, though. He archives messages, but I don't know if he considers them anything other than ephemeral.

Secondly, we can set him up with a new email account somewhere else. No problem. Offline, IMAP, webmail, whatever. That's easy. (Although I would very much prefer not to have to run my own email server, in the same way that I prefer not to fix the engine of my own car.) Alternatively, we can just do what everyone else does, and simply lie. It wouldn't be the first time, and it won't be the last. (#include relevant discussions of "legal" vs. "moral".)

What really made me angry was the emotional harm. I don't like using that phrase, because for me it brings to mind stereotypical unreasonable lawsuits, but that's what it is. An authority figure in Alex's life turned round and damn near bit his hand off, when Alex thought he was following that figure's instructions. It feels like a violation of trust. No matter whether we get his old email back, the original violation remains. Hence the title of my post: Google made my son cry. When you hurt my kid, I get angry.

I completely understand that Google's hands are tied because of COPPA. As soon as they knew that Alex was younger than 13, they had to act, and they can't "un-know" that information. My instinct says that this is an unintended consequence, though. I find it hard to imagine that "weeding out underage Gmail users" was listed as a goal on the G+ rollout plan.

What would make me happy, as a parent (first of all) and as an interaction designer (because I find it hard to leave the professional side behind)? What would make this right?

* If 13 is the hard age limit for using Gmail, Google should ask for your age when you sign up for a Gmail account. That way, you know in advance you're going to have to lie, rather than having the truth come up and bite you in the ass two years later.

* Instead of the harsh, default TOS violation message, a sympathetic and apologetic error message tuned for the specific circumstance of discovering that you are too young to use the service. Think about it. In this specific case, what do you know about the user? You know that they're a child. Design for this. Error messages are bad enough for grown-ups; they're double-bad for kids.

* The option to retrieve Alex's old email, instead of just discarding it.

* The option for us to give parental consent for Alex to have a Gmail account. I love Gmail. I would much rather Alex had a Gmail account than that we have to arse about with Thunderbird and our own IMAP server.

* Even if there is nothing they can do, an apology would be nice. Just because they're legally in the right, doesn't mean that they feel good about it. Show this."

10
ComputerGuru 3 days ago 2 replies      
COPPA gives an (easy?) way out - the parents just have to fax in their consent for their underage son to use their service. There is no law stopping the kid, Google probably just doesn't want to be inundated with such requests.
11
neworbit 3 days ago 1 reply      
Yeah, Google's pretty much required to do this by US law though (the Children's Online Privacy Protection Act) - I'll leave the "think of the children" jokes to other folks.
12
brudgers 3 days ago 0 replies      
I will agree that children under 13 are perfectly capable of using email safely with adult supervision.

However, the circumstances involved show why 13 years of age may be considered a reasonable minimum age for using Google's services, because the incident which sparked the account being locked was a 10 year old signing up for a social network designed with the assumption that its users would be capable of make sophisticated decisions regarding privacy and be reasonably able to detect ill intent or predatory behavior in an online environment.

While I can understand that the motives which led to the creation of the original email account were based on sound parenting and offered clear benefits for a child, it is hard to imagine sound rationales for giving a 10 year old unfettered access to a social network.

From email to social network there is a quantum leap in the level of sophistication required to safely navigate the service and I see Google's stance as not only justified but reasonable. The argument that it is ok to lie about one's age breaks pretty quickly - very few people are comfortable with 12 year old girls telling grown men they are 18.

13
w1ntermute 3 days ago 6 replies      
Who gives their real DOB when registering for a website? I've been using January 1st, 1975 as my birthday ever since I started using the internet.
14
corin_ 3 days ago 2 replies      
Correct me if I'm wrong, but the under 13 law (in US and some other places, or "policy" rather than law for Google internationally) is only without a guardian's permission, so if a letter was written on behalf of him, they would reactivate it?

Well, certainly that's the case with the law - as to Google policy, that's where you should correct me if I'm wrong.

Edit, on a side note, if the author is the poster here (or reads HN either way): I really like your writing. The story itself normally wouldn't make me care a huge amount (a short version is "a ten year old can't use a 13 and over service"), but I actually found myself really empathising and feeling upset on his behalf.

15
rfrey 3 days ago 0 replies      
call your congressman if you feel the law is unjust

He probably doesn't want to make the long-distance call to his congressman, given that he's in the Netherlands.

16
ck2 3 days ago 1 reply      
Valuable lessons to teach about backups and maybe not putting data into the cloud that can be local.

My 2012 project is going to be to quit gmail somehow and get back to imap with local storage.

Why not buy the kid his own domain name and teach him how to set it up and use a local email program (Thunderbird?)

17
maeon3 3 days ago 1 reply      
You are exposing the kid to adult problems, and expecting an infant to behave in in a legal and socially acceptable manner. I'm not saying not to let the kid on the internet, I'm saying that this needs to be an educational experience for a kid, not a situation where we all complain about regrettable situations.

Why don't we let kids drive cars? All the kid has to do is lie on the form when taking the drivers test.

18
sltkr 3 days ago 0 replies      
I hate to be that guy that links to xkcd comics, but here it goes anyway: http://xkcd.com/743/

Google is under no obligation to allow 13-year-olds on their service anyway, and I'm sure the age limit comes from legal restrictions, not just ageism on Google's part.

Fortunately, e-mail is already an open protocol, and you can get a working e-mail address anywhere. I understand the attraction of Gmail (it's free, user-friendly and offers a lot of storage) but it comes with some conditions; that's part of the deal.

19
petewailes 3 days ago 0 replies      
This also surely means that the Dear Sophie video shouldn't be possible, as the kid, having just been born is thus under 13.

Link for those who don't know what I'm on about: http://www.youtube.com/watch?v=R4vkVHijdQk

20
csomar 3 days ago 3 replies      
This is why I'm going to setup my own mail server. I don't want to wake up some days and find out that all my emails where deleted or locked because of any stupid or not stupid reason. Emails are quite important. They hold very important/confidential information. Your email is also the key to remember forgotten passwords, your conversations with clients, and many other things.

I have purchased the cheapest Linode VPS for this particular reason. I tried Live Mail (the Windows Application) with IMAP and it's really cool. The editor is also better than the Gmail one. I'll miss some features, but it's okay.

Seriously, if you don't want to get hurt, get a VPS or a dedicated. It's not expensive. You host your emails, websites, repositories and everything. You do scheduled backups to Amazon S3 and you are just fine.

I'm going to write about how awesome a dedicated server is, once I complete setting up my server and create my blog.

21
blahedo 3 days ago 0 replies      
I'm surprised at how many people in this thread are focusing on the "Google locked the account" as the bad part of this. The clear fuck-up on Google's part is rather that they didn't provide any avenue for Alex's parents to accept the contract on his behalf.

Nobody would be complaining (other than the usual light grumbling) if the lockout message had been something like this: "Parent permission required! Our records show that you are not yet 13, so we have blocked access to your account. To restore access: If you are at least 13, click here to send proof of that. If you are under 13, have a parent or guardian click here to link your account to theirs and accept the terms of service on your behalf."

22
defdac 3 days ago 0 replies      
This got me thinking. Are there an equivalent of streetsmart on the web - "websmart"? I can't see trace of it in this kids parents or the kid himself. Isn't this sort of useless restriction the first thing you learn to circumvent when you enter the web? It's a web page/service for god sake, not a life threatening mechanical contraption that might chop your head of if used improperly.
23
flocial 2 days ago 0 replies      
I think a lot of people are missing a more important discussion. Should Google be allowed to cross-check a customer's data across all their services? Think about it. If you or your company uses Google Apps, you have Gmail, Youtube, adSense, Ad Mob, and accounts on a bunch of other services that got bought, they know what you search for, and now they even have an approximation of your social graph with Google+ (although it's not much different from your Google contacts).

Banks are regulated by laws that restrict certain arms of their businesses from collaborating too closely (particularly sharing financial information) and I don't think Google should be any different). Was it ok for Google to associate the information entered in a Google profile to shut down his child's email?

The problem with this system is that honest people are penalized and liars are not punished. Regardless of how this man handles the situation, that is not something I would like to face as a parent, to have my child punished for being honest and having to choose between social justice through lying (the child clearly has parent supervision and approval) and letting the child become embittered for losing a significant part of their digital identity (I'd recommend using offlineimap next time though).

24
beaumartinez 3 days ago 1 reply      
Can he not request his mail over POP3 or IMAP and store it locally? Or is his login terminally locked?

What an appalling user experience"and on so many levels. It should have at least warned him that by setting his age he was in violation of the TOS.

25
pathik 3 days ago 3 replies      
What's the big deal? Google is required by law to do that. Enter a fake birth date.
26
thricedotted 3 days ago 0 replies      
I was 10 when COPPA first came into effect, but even before that I never put my actual age/birthday into accounts I registered, and if it was an email service that required an "actual" name from me, I always used some silly pseudonym. All this so I could play Scrabble, chess, and Battlefield with strangers on various websites, email my fourth grade teacher, make a Homestead chatroom, and tell the internet how much I loved SpongeBob SquarePants. Until I turned 13, I never batted an eyelash about lying about my age on the internet -- it was simply something I thought I was expected to do, not because I thought the government wanted to keep me off the internet (which they did, but my parents didn't, so whatever), but because if everybody at least pretended to be over 13, then those under 13 might be safer. My offline and online identities didn't merge until I was 17 or 18...at about the time Facebook started picking up speed.

Now, I don't think that's the right mentality to have, and it's based on false logic since being a teen still makes you prey on the internet, but it's the mentality that was imbued in me as a person who started using the internet pre-COPPA restrictions and, more importantly, pre-Facebook -- in an age when people weren't EXPECTED to have their offline identities connected to their online ones. Especially children.

His parents obviously knew about COPPA restrictions due to the YouTube account business, although I'm still confused as to why he wasn't asked for his age/birthdate on the Gmail registration page. No, their son shouldn't have put his age into Google+, especially if he already know that he couldn't use it to create a YouTube account; yes, Google should at least allow data export for the account (although they are by no means obligated to) and/or provide a streamlined process for parents to authorize the accounts of any users under 13. I remember GameFAQs reacted to COPPA by locking the account of any user under 13 until their 13th birthday -- this would be more reasonable to me, but it sounds like the personal data storage issue gets in the way of that.

Anyway, to me, the more interesting thing is that this post made me realize that I came "of age" (i.e., reached a point where I would be considered something of an adult rather than a complete child) at the same time the internet identity paradigm shifted from relative anonymity and "alter egos" to something much more closely interconnected to a person's real life. And so I wonder: if Alex had been born in 1991 rather than 2001, would this have happened with the theoretical Hotmail account he might have had? No, I think, because once upon a time, it was pretty much expected that a person would not be who they said they were on the internet -- and that was absolutely fine. And even moreso, back in the days when you COULD be a child on the internet, I don't think most children wanted to be known AS CHILDREN. Because seriously, who the heck wants to play Scrabble with an 8-year-old kid?

So, I guess as a kid who grew up before social networking became big, I still think kids are better off lying about their ages anyway. Those who know them in real life will understand that they're circumventing COPPA, and those who don't will possibly be less prone to being creepy/condescending/what-have-you. While I'm sure that this can be interpreted as victim blaming and everybody should have a right to feel safe on the internet while using their true identity, COPPA serves as something as an arbitrary age of consent, since 10-year-olds could unwittingly provide information that gets them kidnapped, just as 15-year-olds can unwittingly make babies. But if you're a 10-year-old who's mature enough to be conscious about privacy, or a 15-year-old who's mature enough to know about safe sex and birth control, then have at it, I say. The system is there to protect, but if you're not in need of the system's protection, then go ahead and circumvent it.

tldr, sorry your son cried, but it would have been easy enough to prevent, and pretty much the expected thing to do during the pre-social networking era.

27
Joakal 3 days ago 1 reply      
Puzzle Pirates handles this better by freezing the game account until the user reaches the estimate legal age.

Avoids COPPA hassles and issues with deletion.

28
SMrF 3 days ago 0 replies      
It boggles the mind that this was actually implemented. Some poor schmuck had to sit there and write the code to delete little kid's emails.
29
raganesh 3 days ago 0 replies      
Google recently ran the "Dear Sophie" commercial. The core theme of the commercial is against Google's ToS.

TechCrunch article on the same along with Google's BS response: http://techcrunch.com/2011/05/09/attention-dear-sophie-inspi...

30
scotty79 3 days ago 0 replies      
He forgot to teach his kid important lesson.

On the internet you can and should lie, cheat and steal, just don't harm real people.

31
motters 3 days ago 0 replies      
Well, when you live inside of a walled garden the proprietor can kick you, or your son, off the grass for any ephemeral or arbitrary reason they happen to have just thought of.
32
willvarfar 3 days ago 1 reply      
I hope the googlers who browse here will be able to sort out a special mail-log as a parting gift
33
chrisbuc 3 days ago 1 reply      
Interestingly, I've just taken a look at the gmail signup process, and the birthdate field appears when I select location "US" but not when you select "UK"

I'm sure I remember seeing an google advert recently (in the UK) where a father sends emails to his child over several years for the child to receive when they're old enough to use email - and I'm sure the child's email was a gmail account (I may be mistaken, though).

34
savramescu 3 days ago 1 reply      
This is most likely an automated trigger that blocked & scheduled for deletion that account. Even for a company as big as Google it's impossible to have these type of things reviewed by humans. What I do hope is that they'll create a channel for complaints if the user should want to.
What I don't understand is the way the parent behaves. He knows he's in the wrong and he still feels outraged because Google blocked the e-mail. Even though nobody reads the ToS it doesn't mean that they are moot. Google didn't make his son cry, his father did.
35
TorKlingberg 3 days ago 0 replies      
A scary thing is, if I signed up for Google+ and accidentally chose 2000 as my birth year, my Google account would have been locked. That includes Gmail, Google Apps, Google Code and probably Android. I guess making phone calls would still work, but who knows in a future when we all use IP telephony.
36
SoftwareMaven 3 days ago 0 replies      
I wonder if Google was headquartered in Utah, where the number of engineers with kids would undoubtably be MUCH higher, if this would be a solved problem already. The law certainly has ways of letting under 13 onto the web, just ask Disney.
37
RyanKearney 3 days ago 1 reply      
ABC Liquor made my son cry when they denied him the sale of alcohol at the age of 8.

No, seriously, there's an age limit that he agreed to when he signed up.

38
stallker 3 days ago 1 reply      
Al giorno d'oggi i servizi di hosting costano veramente poco, così se qualcuno mi chiede di consigliargli un buon servizio di posta elettronica (gmail, hotmail, ...) io consiglio di registrarsi un dominio e di attivarsi le proprie caselle di posta, gestendole in quasi completa libertà, invece di sottostare ai capricci delle aziende 'che non vogliono essere il male'.
Mi ricordo ancora oggi del mio account @mac.com che doveva restare gratuito per sempre... e poi per potere accedere mi chiesero di pagare (e ancora peggio di possedere una carta di credito... ai tempi le prepagate non esistevano ancora).
Scusate se scrivo in italiano... se in qualche modo questo commento può essere utile (e cioè se vedrò un paio di punti assegnati) cercherò di tradurlo al meglio :)

edit: thanks to Vivtek for translation :)

39
dev1n 1 day ago 0 replies      
if lulz security ever takes down another organization please let it be google. They need to learn that taking people's data is not something individuals will take lightly, nor should it be included in a bloody ToS. Nor should there be any reason why the boy's parents couldn't sign off on the contract as his legal guardians on the internet, as they are in real life. Google does not need to keep a 10 year old's email's to his grandparents because of a ToS breach. big impersonal corporations FTL.
40
dkarl 3 days ago 0 replies      
Sheesh, teach him about appropriate times to lie, already. You shouldn't tell anyone on the internet you're under eighteen unless you're signing up for summer camp.
41
michaelschade 3 days ago 0 replies      
What would be really awesome of Google to do then is, if they do lock an account out due to an age-based TOS violation, still provide access to Google Takeout (and add Gmail to the supported services list) so the kid could at least easily get his data back.

IANAL, so I don't know if he technically would not be allowed to access Google Takeout either via the TOS, but if Google's lawyers could incorporate an exception of some sort for age-based violations, then this would at least be a super nice thing for them to do.

42
Poiesis 3 days ago 0 replies      
Is it a TOS violation for someone else to use your account? Adult signs up, kid uses account. Seemingly all perfectly legal, right?
43
dholowiski 3 days ago 1 reply      
Should have gotten him his own domain name (through someone other than google) and used backupify to back up his email. Then when google decides to shut you down, you still own your identity, and your data. Actually this applies for everybody, under or over 13.
44
tommi 3 days ago 0 replies      
It's a sensational story about the required 13 years of age to use the services.
45
dschobel 3 days ago 0 replies      
Great headline, total non-story. It'll be interesting to see how high this one goes on HN...
46
dendory 3 days ago 0 replies      
He could take that as a challenge and learn to buy his own domain, build his own site, install his own webmail system. That way he will never have to worry about a cloud service shutting him down.
47
woodall 3 days ago 0 replies      
Just a suggestion, pretty sure it won't work, but has the author tried downloading the messages using IMAP or POP?

Other than that, it really does suck but it's not a quick or easy fix.

48
tobylane 3 days ago 0 replies      
I was expecting that the child searched some odd word combination that is some horrible (yet brilliant) internet meme like rule 34 or jailbait. This is comparatively boring, COPPA faxes?
49
wnoise 3 days ago 0 replies      
Minors: the last minority it's still okay (and legally mandated) to discriminate against.
50
VladRussian 3 days ago 0 replies      
this is one of the reasons you never enter real data into online services
51
metaprinter 3 days ago 0 replies      
On the internet, I was born in 1901.
52
coffie6423 3 days ago 0 replies      
I have been playing with computers ever since I remember. My first CPU was 8 bit. At that point I was 7. I have not stopped my obsession with it. In the meantime, before I reached 18, I had disregarded laws that will not allow me to access sites.

I have not paid much attention to these laws. Thinking back, though, I think I should not have been spending too much time playing around on computers, but enjoying playing outside.

53
yawniek 3 days ago 0 replies      
backups, backups,backups...

he could start writing the book:

learn backups the hard way

54
jpr 3 days ago 0 replies      
Yay, let's link every service ever together, what could possibly go wrong!
55
felipeoc 3 days ago 0 replies      
In Brazil every kid knows how to lie the date of birth in order to create an Orkut account.
56
Iv 3 days ago 0 replies      
Am I an asshole if my first thought was "that's what you get by putting your data in the cloud" ?
57
publicplanking 3 days ago 0 replies      
First World Problems
58
gaetanomarano 3 days ago 0 replies      
[ goopl.us ] millions people will cry due to Google
--
--
59
svankie 3 days ago 0 replies      
I think -and with all due respect to you, and your son-... this is extremely exaggerated.
60
dstein 3 days ago 0 replies      
Orwell would have called this situation getting "ungoogled".
61
goombastic 3 days ago 1 reply      
A minor is not likely to have immediate spending power, only influence. Google is in the business of making sellers meet buyers. No matter how hard we look at this, that's the fundamental nature of "the Google." It is probable that Google's segmentation of the market shows most minors as being engaged best via TV.

Most of us tend to forget that we are the product that Google is marketing.

62
jellicle 3 days ago 3 replies      
ATTENTION GOOGLE:

REGARDLESS of what you think you need to do to comply with COPPA or any other law in the United States or any other jurisdiction;

IF you have automated processes that cancel accounts and freeze data and do not offer at a minimum, an opportunity for the person affected to retrieve his/her data entrusted with you;

THEN, this will keep happening (Google-made-me-cry stories).

THEREFORE, in order to reduce the number of Google-made-me-cry stories, you should:

IMPLEMENT a system to allowed users adversely affected by your automated processes a way to RETRIEVE their data, all the time, no matter what, come hell or high water.

IN FACT the account_delete() function shouldn't even take an ARGUMENT about whether to allow data retrieval; account_delete() should have a non-overridable call to allow_account_export_for_thirty_days(), if you KNOW WHAT I MEAN, which I nearly think that you DO.

BECAUSE this isn't rocket surgery.

AND BECAUSE we get upset if we lose our data. We become WROTH. You wouldn't like us when we are WROTH.

IT is the LEAST you could do. Seriously, it's the minimum. The absolute least. You could do more, if you wanted to. But this is the least.

SINCERELY, The Internet.

2
Nobody Understands REST or HTTP steveklabnik.com
508 points by dermatthias  4 days ago   133 comments top 30
1
bradgessler 4 days ago 7 replies      
The biggest problem with today's REST implementations is that they're essentially a database serialization layer. Consider how a RESTful Rails model is typically represented as:

  {
book: {
id:1,
name:"To Kill a Mocking Bird",
author_id:2
}
}

How do you get more info on the author if you only have this piece of information? Rails/ActiveResource guesses through convention: "/authors/2", but that might not be the case, which makes this approach very brittle.

A better more "RESTful" approach might be:

  {
book: {
href:"/books/1",
name:"To Kill a Mocking Bird",
author: {
href:"/authors/2"
}
}
}

The REST client would then be able to traverse the representation without making guesses at the URL, and if the end-point of '/authors:id' changes for whatever reason, the href would be updated accordingly.

Pagination/large data-sets could be solved as well:

  {
books: [
href:"/books/1",
name:"To Kill a Mocking Bird",
author: {
href:"/authors/2"
}
}
],
rel: {
prev: "/books?page=1",
next:"/books?page=3"
}
}

... and a bajillion other common RESTful API problems through better convention.

I'd agree with the author that REST is misunderstood, but my opinion is that its misunderstood on the grounds that today's "REST" implementations are lame database serializations. The web has been doing this since the <a href/> tag was conceived, but for some reason, modern REST implementations left this out.

2
rkalla 3 days ago 3 replies      
I thought I finally had REST figured out until I read this.

Does anyone else see a diminishing return on pedantically following the REST-prescribed design and actually creating an API that people are familiar with out of the gate? I feel like if I followed this article to the T in my current design, anyone trying to integrate with it would spend so much time reading my API documentation just to figure out why they weren't getting an XML reply that it would stop being productive.

I am working on an API for imgscalr right now and I think I have it about 80% RESTful at the moment -- the parts I'm not doing is paying any attention to the headers either coming or going between client or server.

I'm using the more recent "classic" /path/object.{format}?arguments format that I have seen folks like Wordnik and Vimeo use.

It may not be purely RESTful, but it is intuitive and I can't help but think: "Remember 3-4 years ago when REST wasn't all the craze and no one knew what it was? The web still managed to function back then..."

I'm trying to mix some practicality in a bowl filled with "best practices" and come up with something that most people can stomach.

I hope I hit that mark, but we'll see. As far as I'm concerned I'm sticking with the versioned URLs because I find it more intuitive for endpoints that change, get renamed or are removed than slamming one inside of a mime type or header or even a query string param a la AWS.

3
wyuenho 4 days ago 3 replies      
I read the post and I have to say that he's got a nice flamebait title but totally avoided the thorny issues that people argue about. In fact, I'd like to be pointed to a solution for the following problems:

1. I'm an old Web programmer, and my introduction to the Web started with HTML, not HTTP. I don't just write APIs, I write Web apps. I find it difficult to explain to people what this means:

    <form action="/some/noun" method="POST">

If you are religiously RESTful, you probably think this is fine. But I'm a religious English reader. When I see the word "action", I think of a verb, not a noun. When I see the word "method", I think of "how", not "what". So when I look at the HTTP spec, all the HTTP "verb"s look to me like how-I-should-do-something, instead of what-to-do, and the resources (URLs) look to me like the what-to-do, instead of what-they-represent.

Small semantics issues I suppose, but here's another one:

2. HTTP is not a programming language, and yet it demands a (very) finite set of actions and an infinite set of objects to model the real world, where there are an infinite number of actions and objects. What I mean is, in Java or whatever OOP language, I can define classes to model objects and define methods in classes to model actions on objects, but I'm not sure if I can do it pragmatically in HTTP without getting yelled at.

3. HTTP statuses. Almost the same problem as the above. I have many different kinds of statuses, not all of them fit in the finite set of HTTP statuses, and they don't always provide the granularity I want. Can I return a non-standard status number? How would the clients behave? I have no idea.

4. Being RESTful means not being stateful. But you see, there's this thing called session and login cookies and many other tracking cookies that I have to take care of. Again, I don't just write APIs, I write Web apps. I would like to not do multiple handshake requests just because a paper says I should. I would also like to not get yelled at when I decide not to.

5. HTTP is RESTful, thus HTTP is REST. Please don't tell me HTTP is the best we can do. Can I have something more minimalist, extensible and powerful enough to model the real world?

--
A troubled Web dev.

4
jballanc 4 days ago 3 replies      
Very good read, and thorough. I particularly like the transaction example. It seems like a common idiom that trips people up with REST.

However, I do have a problem with REST that I've been dealing with lately. Specifically, the question of web-hooks. Many services today allow you to pass a URL that they will hit with a POST request whenever something happens. A good example is the GitHub post-receive hook (http://help.github.com/post-receive-hooks/). So, to be a good student of REST, I create an /update resource for the POST (similar to the /transaction example from the article). However, /updates might come in a variety of formats. Not just JSON vs XML, but GitHub vs Gitorious vs Beanstalk vs etc.

So, how do I handle these "formats". Presumably the "Accept" header is out of the question (unless the provider happened to know about MIME's vendor extensions and used them). So then is it acceptable to add a parameter? Use "/update?from=GitHub" for example? Or, is it appropriate to use an extra path element like "/update/GitHub", since the resource really is a "GitHub update", not just a vanilla "update"?

5
heyrhett 4 days ago 0 replies      
He's right, but older web developers might remember the alternative, which was having no design pattern at all.

Most web developers aren't going to read the computer science papers about REST, and how strictly you want to adhere to it, depends on you, and your development team. It's a design pattern, or a tool, but it's not a religion.

On that note, I've gone into several job interviews where they ask me to explain what REST is, and I always start with, "REST stands for Representational State Transfer...", at which point, I get the feeling that the interviewer wasn't aware of that, and I wind up telling them way more about REST than I think they wanted to know.

6
Sidnicious 4 days ago 5 replies      
I had a really interesting conversation about this with a coworker a few weeks ago. We were talking about URL design. I argued for URLs like this:

  /networks/
/networks/girl_talk/
/networks/girl_talk/tracks/
/search?term=bass&sort=artist

He argued for URLs like this (note the pluralization):

  /networks/
/network/girl_talk/
/network/girl_talk/tracks/
/search/bass/sort/artist/

My case boiled down to, “A URL represents the path to a resource. You should be able to remove any number of parts from the end of a URL and be left with a different, meaningful URL. In the case of search, the terms are options that describe what you want returned by the search, not resources.”

His case boiled down to, “A URL is a sentence. You should be able to read a URL as English and get a good idea of what it represents. In the case of search, adding more path components adds words to the sentence to make the search more specific.”

He pointed out (paraphrasing) that URLs are a language " and languages evolve. URLs as paths better embodies the RFC, but a new style of URL might be more meaningful on today's (and tomorrow's) web.

7
glenjamin 4 days ago 6 replies      
Is there any way to make the browser do an Accept: application/csv header on a hyperlink?

I'm pretty sure users like their "Download as CSV" links, which I've generally done as /normal/resource/url(.csv)

While this post sets out the ideals, I think there are some cases where for usability, you have to do something less than ideal.

8
comex 3 days ago 1 reply      
Some of this feels like trying too hard to adhere to HTTP. For example,

> Accept: application/vnd.steveklabnik-v2+json

This declaration loses information, because it no longer contains the MIME type for JSON in a standardized format. Assuming the server responds with the same string for Content-Type, any application that does not know specifically about this API can no longer recognize that it's JSON and, e.g., pretty-print it for a user, as I haven't seen done for JSON but is regularly done for XML by browsers.

On the other hand, the original suggestion:

> Accept: application/json

works in theory, but in practice makes it more difficult to test the API in a browser. This is not the end of the world, but there does not seem to be any real benefit in using Accept. I cannot think of any practical situation where a tool can use the standardized header for an advantage...

9
lazylland 4 days ago 0 replies      
Here's something I've observed:

i) most successful "RESTful" APIs don't really follow all the REST principles (e.g Flickr, Amazon, Dropbox). My thumb rule is this: If an API does not start from a "mother" URI that gives you the most updated list of resources that can then be requested by the application, it is not really HATEOAS.

ii) a purely resource-oriented view of your entire API space shoehorns you into doing really strange things to keep REST "purity"

So my conclusion is that using an architecture/concept originally intended for humans navigating hypermedia documents may not be a natural fit for parts of your API that cannot be modeled as such. See the Dropbox REST API documentation (http://www.dropbox.com/developers/docs#api-specification) (" Section: Deviations From Standard REST Style") to see an example of the pragmatic decisions taken.

10
rubyrescue 4 days ago 2 replies      
good article but...he says version numbers in the url are bad but doesn't say why. using accept headers for versioning is a hassle for every client and makes browser based testing much more difficult. also a v1 user really might not be the same as a v2 user so they shouldn't be the same resource.
11
strmpnk 4 days ago 1 reply      
I've personally given up trying to save the term REST. It was hijacked and will never recover completely at this point. What I've been looking for is a good alternative name. Sometimes I'll write out representational state transfer which is clever enough to get past most REST pretenders but I have yet to find something short.
12
maurycy 3 days ago 0 replies      
A very good and comprehensive writing.

One thing that I cannot find mentioned neither in the article nor in comments, is the confusion related to the idea of state.

While REST is, by definition, stateless, it merely describes the session, not the manipulated data. There's no way to avoid, at least implicit, object's state. For example, if user's password is not empty, it means that the user already set the password.

More comprehensively, with /users/1/edit, or whatever, it is frequently expected to get a different validation error, depending on the flow, such as a paid account might require more billing related details than one without email confirmed.

Of course, it is a nightmare to maintain such matters implicitly. That's why Ruby on Rails plugins like acts_as_machine, and similar, come handy. They do provide an explicit description of the object's behaviour, easy to transform into documentation, depending on the current state.

The idea shows its full potential with multipage forms. Each step of the form might be described with a different state, stored in the state attribute, leaving the controller RESTful, and the model's validations easy to understand.

A yet another confusion comes with too close database mapping. To stick with Ruby on Rails, there is nothing preventing the developer from creating his own setters and getters, like def vattr=(); end; def vattrr(); end.

The framework passes the value of a virtual attribute, using params, to #update_attribute, and other methods, the same way it does for regular attributes created automatically from the database's schema.

Very frequently such attribute provides a much cleaner way to represent the model, rendering either the HTML or the API much more easier to write or understand.

13
archgoon 4 days ago 2 replies      
I don't think that I can fully agree with the idea that a news article written in English is not different content from the German version.
14
extension 2 days ago 0 replies      
You can't satisfy the HATEOAS constraint by simply returning URLs in the JSON response from your API. The structure of the data is still tightly coupled to your own application, and so must be any client that can make use of it.

It is essential that RESTful applications be able to evolve independently from the client. To allow this, they must use forms of hypermedia generic enough to serve as the engine for all present and future versions of the application. If the client has any code specific to your app, then your app is not RESTful in any scope beyond its own.

I'm not convinced that the whole resource vs action thing is all that important to REST. It's an ideal that has been largely ignored in practice and the web has been quite successful without it. Contrast this with HATEOAS which has been the unavoidable reality of the web since day one.

15
palves 4 days ago 1 reply      
While I generally agree with the principles underlined in the article, using the Accept-Language header is definitely not the right way to control internationalization.

Remember that one of the advantages of URLs is the ability to easily share them, however I'm not sure I'd be comfortable sharing content that could show up translated to some recipients, based on the language of their browser/application/computer. For example, most CMS systems assume that the content can be completely different between languages (for the same article): you can have the full text in English and only a teaser in other languages.

Maybe not a pure REST approach but using '/en','/pt','/fr' in the URL has proven to be much easier and safer, from my experience.

16
wanderr 3 days ago 0 replies      
If nobody understands REST, and as other articles have claimed, nobody does it right, then why do we keep trying to use it?
Switch to something simple that everyone can understand like JSON-RPC and quit worrying about pedantry.
17
ericflo 4 days ago 2 replies      
The problem with posts like these is that they say things like "THIS IS BAD!!!!!1" without saying why.
18
decklin 4 days ago 1 reply      
I don't understand the point of "uri":"/transactions/1". Isn't the new resource's URI already part of the response (in the Location: header)? It's sort of like saying GET /posts/show/1 vs. GET /posts/1.
19
clintjhill 4 days ago 1 reply      
Content Negotiation is a critical part of REST APIs and it's my observation that most simply ignore or default to JSON in all cases. Good REST APIs allow the client to "choose" the mime type. Without this part of REST - you have no "representational".

On that topic, to rely on an 'Accept' header is pretty risky. That presumes the client will always have control over the headers. It is in my opinion always wiser to make the API determine mime type by extension (.html, .xml, .json etc).

20
thedebuggr 3 days ago 0 replies      
Excellent article... We followed all of these Rest principals when we designed apis for HP cloud print (i think it will soon become public)..except

1) Representing all resources with noun - We had a tough time representing all resources with Noun. One of our APIs is
Post on \PrintJobs\ - creates a new print job

But printing can only start when all the data (content to be printed) is uploaded on the server. So client needed an API to tell the server that it can start printing..something like this..

\printjobs\1\print
\printjobs\1\cancel

one way we thought to avoid this was to have a represent it job state and client can change them like this..

\printjobs\1
Put : <job>
<state="print">
</job>

But there are cons

1. These were not actually states, these were actions(verbs)..because state would be initialized, printing etc..
so if client does Get after making it Put..it will get "printing" not "Print".

So we were tangling with keeping semantics clear and making it easy at the same time. Hence we went with these resources. Do you think it could modeled better?

2) When we think of versioning, we always assume that only the representation can be changed..why not behavior? Take for e.g. if api implementation changes but not representation..clients may be dependent upon the implementation (i know this is bad! since implementation details are getting leaked out from the API)

Thoughts?

21
binarymax 4 days ago 1 reply      
This is a great article. One challenge I am facing now is both building a RESTful API, along with a UI that uses the API. The biggest question I have is the use of shebangs in urls with the ajaxy app. We must support IE so pushState is out, but shebang just seems like a hack. I think at this point I have no choice but to implement shebang but I wonder if there are any viable alternatives?
22
ams6110 3 days ago 0 replies      
I've been working with/learning about Webmachine lately. A really nice framework for building REST APIs.
23
latch 4 days ago 0 replies      
It really is a good read, I need to digest it, but my initial reaction is that some of this isn't pragmatic. Versions in URLs makes for dead-simple routing in any framework. Also, many APIs are used in a way where you know consumers will create a resource without requesting it (or at least, not within the same session). So why return any location information (whether in a header or in the body)?
24
mberning 4 days ago 1 reply      
I really dislike creating resources to represent transient actions. Not a big deal in the case of a bank transaction as that is something you could easily imagine needing to be stored for later retrieval. A different example is relating one social network friend to another or searching for specific people on the site. Those are things that, to me, are much more borderline and I would err on the side of not representing them as resources.
25
mainguy 4 days ago 1 reply      
I've had this discussion about hundred times now. REST "standards" are as important and significant as brace indentation "standards". A big problem with REST is that it is NOT a canonical (or even important) standard, but rather a useful pattern than can be used to make things exposed via HTTP more intuitive. The evil side effect of this is that a metric crapton of architects/engineers are wasting fifty bajillion programming-hours arguing irrelevant details about who's doing it "right" instead of building useful software. You cannot do REST "wrong" and more than you can do software "wrong"... Folks who argue about the "right" way of doing software are usually "wrong" because they are focused on writing software instead of solving problems.

We need to keep our priorities straight.

26
brendoncrawford 4 days ago 1 reply      
The title seems rather sensational. Is that really necessary?
27
ghostwords 3 days ago 0 replies      
Ironic that the author's homepage (http://steveklabnik.com/) is a confusing pretend console that takes several seconds (on every visit!) to reveal useful information.
28
dreamdu5t 4 days ago 0 replies      
REST is great and all, but browsers don't allow it. The only thing you can do is GET, nothing else is supported cross-domain.

No matter your thoughts on REST, it's dead. It's never happening. This argument has gone nowhere for 10 years.

Very few if any websites conform to the spec, and browsers have made it impossible to do so.

29
Stormbringer 4 days ago 2 replies      
Rest was a really big deal in the Java web-app world for about a year...

It was back when early versions of Struts were 'the designated alternative', and in the bad old days of J2EE and JAX-RPC.

Then Java EE 5 came out, which solved large chunks of the pain that J2EE inflicted, JAX-RPC got replaced with the infinitely better JAX-WS and there was a new breed of web frameworks as well, which blew Struts out of the water.

About that time REST essentially became 'yesterdays technology, solving yesterdays problems'.

I find it interesting that the guy banging the REST drum is a Ruby fan. Has REST always been part of Rails? Or is it something that has crept in over the last couple of years?

Is there anything genuinely new here, or is it the same old story, some dude clinging desperately to an obsolete technology?

30
iandanforth 4 days ago 2 replies      
This is an excellent example of a spec being deemed more important than a useable system.

Frankly, I don't give a damn about the REST spec, and neither should you. When I see an API I want it to be simple and clear.

/getAllPages/

Hey, it's a verb and I've got a pretty good idea of what I'm going to get back

/getAllPageNames/returnType/JSON

Now I really know what I'm getting. The simplicity and usability of this structure absolutely trumps a spec compliant call that involves request headers and nouns.

If you're building a system that requires having read someones dissertation, you're not doing us any favors. Especially when it comes to an API. Keep it simple, stupid.

Remember that your understanding of what a URL 'is' or 'should be' comes from a great deal of technical experience. If you're not working day in and day out to make powerful tools accessible to people WITHOUT such experience, please stop programming. Really, get out of the pool. Whatever awesome knowledge you need to make a system work internally is invaluable, but your interfaces should make the world a simpler, more magical place.

3
What every programmer should know about time unix4lyfe.org
425 points by enneff  4 days ago   125 comments top 30
1
dirtyaura 3 days ago 5 replies      
> Timezones are a presentation-layer problem!

I want to correct this common misconception that UTC is enough. Calendar time with all human traditions involved is more complex than a simple timestamp.

The advice above is incorrect for calendar and scheduling apps, or anything that has a concept of a repeating event.

An example: we have a weekly meeting occurring 9AM Monday in San Francisco. You are in London and want to attent the meeting over Skype. When is it in London time?

It depends.

On 7 Mar 2011 it's at 5pm

On 14 Mar 2011 it's at 6pm

On 29 Mar 2011 it's at 5pm

To make these calculations, you need to know timezone & daylight saving time (DST) rules of both your current location and the home location of the event.

A "DST zone" of a home location of a repeating event has to be saved together with a time and thus it's not just presentation-layer issue.

2
geuis 3 days ago  replies      
"Timezones are a presentation-layer problem!
Most of your code shouldn't be dealing with timezones or local time, it should be passing Unix time around."

I can attest to this. At a previous job our entire API used UTC. It was clean and worked at every layer of the app, from django to our client-side javascript. When we needed to display a human readable version, we did the translation at render time. All interactions with time as data was done with the UTC timestamp and saved much headache.

A couple months before I left, one of the engineers proposed switching everything over to a textual representation according to ISO_8601. I forget the nature of the argument, but it was inane(to me). This actually led an extensive back/forth email exchange between various members of engineering, me as one of the frontend engineers, and even the engineering manager who seemed to favor the idea.

I argued, "why change the entire stack which works just fine, etc etc". Fortunately, in this instance a heavy workload and group apathy about taking on unnecessary additional work allowed this entire concept to wither and disappear after a couple days.

3
tseabrooks 3 days ago 1 reply      
As someone working working on time sensitive code on embedded systems (DVRs that get UTC from the broadcast), I can certainly agree with the issues laid out in the post.

As an example: We have some certifications our product must pass and the certification body plays a 4 minute looping broadcast stream with the test condition in it. It turns out I handled the time jump hat occurred when the stream would loop around poorly and this caused about 1 week worth of headaches and delays in getting our certification. None of my code expects time to be ever increasing now.

4
dkarl 3 days ago 0 replies      
Backwards jumps in time burned me once. The user was running my software on machines that had a bug specific to certain Opteron multiprocessor chipsets where a process migrating from one processor to another would sometimes see a backwards jump in time, even when the system's time was marching forward predictably on each processor. It just goes to show that you're always doing distributed computing, even if you don't know it.
5
psykotic 3 days ago 0 replies      
Erik Naggum's paper The Long, Painful History of Time is a must-read: http://naggum.no/lugm-time.html
6
projectileboy 3 days ago 3 replies      
I'd like to add one to the list - store your Unix time as a 64-bit value, to save your client/employer some headaches in 2032. I doubt I'm the only HN user who was spent a lot of time in '98 and '99 fixing Y2K problems.
7
oasisbob 3 days ago 1 reply      
Unix time: Measured as the number of seconds since epoch (the beginning of 1970 in UTC). Unix time is not affected by time zones or daylight saving.

I don't think this is strictly correct. This implies that someone could start an atomic stopwatch at midnight on Jan 1, 1970, and it would match Unix time. It won't.

Because Unix time is non-linear and will either slew or repeat seconds when UTC has leap seconds, the hypothetical stopwatch would be ahead of Unix time by 34 seconds.

... at least this is how I understand it. Every time I try and wrap by head around the differences between UTC/TAI/UT1, my head really starts to hurt.

8
petercooper 3 days ago 0 replies      
UTC used to be called Greenwich Mean Time (GMT)

Sort of. This could be misleading because GMT and UTC are still two different things with different definitions. Wikipedia is a good source of info on this, but for starters:

UTC is closely related to Universal Time and Greenwich Mean Time (GMT) and within informal or casual contexts where sub-second precision is not required, it can be used interchangeably.

So not strictly, but practically.. ;-)

9
lysol 3 days ago 1 reply      
I like to rip on MySQL as much as the next guy, but the article is incorrect about MySQL DATETIMEs:

DATETIME: Eight bytes:
A four-byte integer packed as YYYY-10000 + MM-100 + DD
A four-byte integer packed as HH-10000 + MM-100 + SS

Storing UNIX time as an integer would be silly, considering:

TIMESTAMP: A four-byte integer representing seconds UTC since the epoch ('1970-01-01 00:00:00' UTC)

10
roel_v 3 days ago 0 replies      
Don't blindly follow the advice at the end of this article! The issues he identifies are real, but the 'solution' only work in a small subset of use cases. When one needs a longer time span than [1970-2038], Unix timestamp is horrible - how are you going to represent a date of birth in it for people born before 1970 (yes they do still exist!)? There is no guarantee that negative timestamps will work!

Also it doesn't take different calendars into account, still doesn't work with leap seconds, doesn't deal well with time spans (t1 - t2 specified in seconds can be a lot things in reality), ...

Use a proper date time library to deal with dates and store them in your database in a string format, including the time zone. It depends on your application which time zone (UTC or local), but in general UTC is best, and the local time zone could be a second column if you need the info (or it could be a property of the user, but e.g. many calendaring application then screw it up in the UI layer...)

I'd like to read a book on the UI issues associated with dates and times, anyone know of something like that?

11
rmc 3 days ago 0 replies      
Another thing to add: When asking people to put in the timezones, don't ask them for a UTC/GMT offset, and the dates that DST starts/ends. Instead ask them for the tzdata format (e.g. "Europe/London"). Then you can localize that wherever you want.
12
kamagmar 3 days ago 0 replies      
> UTC (which is an arbitrary human invention)

Hmm, i wouldn't call it totally arbitrary. UTC = TAI + LS, such that |UTC - UT1| < 1 second, where:

* LS are leap seconds,

* TAI is "physicist" time, based on the ticking of atomic clocks at mean sea level. The length of a second is constant.

* UT1 is "astronomer" time, the rotation angle of the Earth with respect to the quasar reference frame. The length of a second is not constant.

The Earth's rotation is slowing down, so UT1 is gradually drifting away from TAI. UTC is a pretty natural scheme to reconcile these two systems.

13
MarkMc 3 days ago 0 replies      
The problem with time-based bugs is that they are often subtle. I've had time-based bugs that only appear between 11pm and midnight; or only during daylight savings time; or only where the client is in a different timezone to the server.

Also, it is very common for business applications to deal with 'dates in the calendar', for example:
a) John's birthday is 26 August 1966
b) The loan was borrowed on 16 January 2006 and repaid on 9 September 2009.

I suspect most programmers will disagree with me, but in my experience it is NOT good practice to use a timestamp class to represent such things. It's better to use a class specifically designed to represent a date in the (Gregorian) calendar. In fact, I created an open-source Java class for this purpose:
http://calendardate.sourceforge.net/

14
sehugg 3 days ago 1 reply      
Also beware storing milliseconds in 32-bit quantities (as if you'd ever! but it happens).

GetTickCount is the poster child for this class of bugs: http://en.wikipedia.org/wiki/GetTickCount

In fact some versions of Windows CE intentionally set this value to (0xffffffff - 10 minutes) before bootup so that bugs were more likely to come out in testing, rather than showing up 42 days after bootup.

Also, don't store time intervals as floating point, especially if you're working on a missile system: http://apps.ycombinator.com/item?id=1667060

15
sgerrand 3 days ago 3 replies      
As per gakman's comment in the Google+ crosspost[1], be wary of the Unix millenium bug[2] if you use integers for timestamp storage.

[1] https://plus.google.com/106356964679457436995/posts/Hzq2P7V6...
[2] http://en.wikipedia.org/wiki/Year_2038_problem

16
jen_h 3 days ago 2 replies      
"The system clock can, and will, jump backwards and forwards in time due to things outside of your control. Your program should be designed to survive this."

This is one of my favorite go-to test cases. I've found some really fantastically interesting, catastrophic network halting badness with this really simple test.

17
rubashov 3 days ago 0 replies      
Fails to mention the distinction between Zulu and Solar time. All the times mentioned are based on cesium atomic clocks. Satellite and military applications are often instead based on when the Sun is exactly opposite the Greenwich Meridian, re-synced daily.
18
JonnieCache 3 days ago 0 replies      
For anyone else who has just learned about UT1 time and wants to know what it's current value is, here's the link:

http://tf.nist.gov/pubs/bulletin/leapsecond.htm

Today, UT1 - UTC = 82ms.

19
laut 2 days ago 0 replies      
"Other timezones can be written as an offset from UTC. Australian Eastern Standard Time is UTC+1000. e.g. 10:00 UTC is 20:00 EST on the same day."

Every programmer should know about DST. Offsets are not always enough.

When it's winter north of the equator, some countries are on summer time (DST) south of the equator.

20
melvinmt 3 days ago 2 replies      
One notable addition: relative time is the same for everyone.

What I mean by this is that instead of messing with timezones (by trying to guess the user's timezone or even worse, asking for it) in most cases it is sufficient to tell the user something has happened x hours ago, or y days ago.

If you're programming in PHP, I can recommend this book: http://www.amazon.com/architects-Guide-Date-Time-Programming...

21
jorangreef 3 days ago 2 replies      
In the future, the world will use UTC and sunrise and sunset will happen at different times, relative to where you are.
22
maurycy 3 days ago 0 replies      
For a much more detailed perspective about time, and still rather accessible, check Poul-Henning Kamp's work:

http://phk.freebsd.dk/pubs/timecounter.pdf
http://people.freebsd.org/~phk/

23
JohnLBevan 2 days ago 0 replies      
It's about time someone posted about this.
Great summary - when I first started working on an international system I was hunting for this kind of article. Now if someone could only do one on languages, regional settings, character sets and encodings. . .
24
nivertech 3 days ago 0 replies      
The most important thing a programmer need to know about time:
"Don't use t+1 or t+N in your timeseries backtesting code ;)"
25
rvkennedy 3 days ago 0 replies      
Julian Date FTW! Seriously, JD is much smaller than Unix time, so it's less wasteful of numeric range for most practical purposes. And its use would eliminate a barrier between the computing world and that of science.
http://en.wikipedia.org/wiki/Julian_day
26
altrego99 3 days ago 1 reply      
MySQL (at least 4.x and 5.x) stores DATETIME columns as a "YYYY-MM-DD HH:MM:SS" string

Wow that's terrible!

27
tintin 3 days ago 1 reply      
Does NIST (and other sync tools) keep in mind the round-trip of a request (RTD / RTT)?
28
wooptoo 3 days ago 0 replies      
> When storing time, store Unix time. It's a single number.

This is BS. ISO-8601 (MySQL time) is way better and is not prone to the 2038 bug. Unix time has 'scalability' issues.

29
closedbracket 1 day ago 0 replies      
I thought this was some productivity spiel.
30
lacerus 3 days ago 1 reply      
How can I make Ruby on Rails use unix timestamps instead of MySQL DATETIMEs?
4
Learn C The Hard Way learncodethehardway.org
408 points by mcantelon  5 days ago   243 comments top 27
1
DannoHung 4 days ago 4 replies      
The biggest problem with C is not the language C, for it is a small and mostly simple language with a few warts (I'm looking at you, pointer syntax), it is the ecosystem into which you are thrust when you first use it.

That is, the ecosystem of, "What can I include without dicking around with compiler and linker settings, which I do not care to learn very well because I am just starting?", and the ecosystem of, "Why are all these standard libraries full of functions that all the documentation tells me not to use?", and most importantly, the ecosystem of, "Oh, this looks like a nice library that would make my life easy, (and later), wait, why isn't my program working on this other machine? I copied the binary over? Wait, what's this about a missing so? Oh, that's the library I installed, wait, how do I put it the same directory? Oh my god so many configuration settings! Wait, why can it still not find the library? It's right there now! What's LD_LIBRARY_PATH? LD_LIBRARY_PATH is bad? Why doesn't -R work? Oh, that's only for Solaris? What's the equivalent for friggin' Linux?! Ah, rpath, wait... it's trying to find the ABSOLUTE path? UGGARRHGHGHAAHHHH! Okay, finally, $ORIGIN... now let me just put that in the make file like they said I should.... AHGHGHGHGHGHGHHHHHHHHHHHHHHH!!!!!!!"

Which is to say, the ecosystem of fucking ratholes that have built up over 40 years of poor tool design that cannot be corrected now due to historical precedent.

2
hp 4 days ago 4 replies      
Ohloh says I've changed at least half million lines of C code (https://www.ohloh.net/accounts/rhp/positions/total)
Play me a tiny violin ;-)

What kinda bugs me is that whenever people go to teach C, they make out like it _has_ to be a low-level exercise, as if writing in C suddenly means you can't use abstract data types or object-oriented style or name your functions properly or have Unicode support.

For example, people teach libc string APIs like scanf() and strtok(), which should almost never be used. (See http://vsftpd.beasts.org/IMPLEMENTATION for one take.) Instead, use
http://git.gnome.org/browse/glib/tree/glib/gstring.h or
write your own like http://cgit.freedesktop.org/dbus/dbus/tree/dbus/dbus-string....

If you're going to display user-visible text, you are pretty much required to link to GLib or another Unicode library, since libc doesn't have what you need (unless you want to use the old pre-unicode multi-encoding insanity).

Don't use fgets() and other pain like that, use g_file_get_contents() perhaps, or another library.
(g_file_get_contents is in http://developer.gnome.org/glib/stable/glib-File-Utilities.h...)

You need help from a library other than libc to deal with portability, internationalization, security, and general sanity.

Maybe more importantly, a library will show you examples that in C you can still use all the good design principles you'd use in a higher-level language.

I told someone to "use a string class" in C recently for example, and they said "C doesn't have classes" - this is confusing syntax with concepts.

C requires more typing and more worrying about memory management, that's all. It doesn't mean that all the best practices you know can be tossed.

There's a whole lot to be said about how to write large, maintainable codebases in C, and it can even be done. It's not something I would or do choose to do these days, but it can be done.

One other thought, two of the highest-profile C codebases, the Linux kernel and the C library, have extremely weird requirements that simply do not apply to most regular programs. However, a lot of people working in C or writing about C have experience with those codebases, and it shows.

3
nikcub 4 days ago 4 replies      
I always had an idea of a 'for programmers' series of books for those who know how to program in one language (say, C++, Java or PHP) and wish to pick up a new language

eg. 'python for programmers' would not need the first half of it dedicated to explaining strings, loops etc. and could get straight into it from a programmers perspective - a bit like K&R. You could then dedicate more content to explaining philosophy, design decisions, internals, history, politics (learn all the in-jokes ;)), etc.

this would also be a good format to learn new paradigms, eg. 'functional programming in scheme, for programmers'

4
JoshTriplett 4 days ago 4 replies      
When I first learned C, I did so under DOS, an environment in which you could declare a pointer to video memory, make a magic call, and start drawing graphics. I found that a memorable way to learn pointers. Sadly, doing that in the modern world requires quite a bit more setup.
5
arkitaip 4 days ago 3 replies      
Zed, your level of productivity is truly inspiring. The best of luck to you.
6
gregjor 4 days ago 1 reply      
I'll be interested to see how this compares to K&R, which not only teaches the C language but also C idioms and the reasons for using them. K&R is still one of the very best programming books. Every other C book I've read is inferior. Peter van der Linden's "Expert C Programming" is the only book on C besides K&R that I've learned anything from.

Good luck, I'm all for more programmers understanding C but I wonder if the wonderful days of programming close to the hardware are ancient history. "[P]eople are deathly afraid of C thanks to other language inventor's excellent marketing against it." Maybe, but I think the raison d'être for C is not apparent to programmers who started with Java, Python, or Ruby.

7
alnayyir 4 days ago 0 replies      
I have the "learncthehardway.com" domain, waiting for Zed to stop being so insanely busy so that I can do the hand-off. :)
8
rpearl 4 days ago  replies      
Do people really think C is some mysterious, inscrutable language?

"To many programmers, this makes C scary and evil."

Is this actually true for people? I find C code generally very easy and straightforward to understand; there's not any magic behind the scenes, like there is in any language that's more "high level" than C.

9
leon_ 4 days ago 0 replies      
I'm skeptical that it will be an alternative to K&R 2nd ed but nonetheless I'm interested in the result.
10
briandoll 4 days ago 0 replies      
I'm very excited to see Zed working on this. This exercise-driven tutorial format seems efficient and practical, but what makes this really stand out is Zed's approach to the overall goal.

I greatly appreciate an 'opinionated' programming book. I've probably heard more debates on formatting and style for C than any other language.

11
rgrieselhuber 4 days ago 0 replies      
12
ctdonath 4 days ago  replies      
I look forward to the content. As a beginning C++ instructor I find there is something lacking between the truth of the language and the conventions for presenting it. Nobody, AFAIK save for the truly hardcore student, has nailed it.
13
mikeocool 4 days ago 0 replies      
Oh man, totally looking forward to this. It seems like so many programmers are kind of afraid of C because it's reputation and avoid learning it because they're language of choice is 'more productive.' Which is really unfortunate, I've found having a good amount of C is hugely beneficial to understanding what's going on under the hood when you're using a higher level language, even if you rarely actually program in C itself.

Plus even if you do primarily program in higher level languages, it's a great tool to have in your belt when you need to fix a bug in a library whose bindings you're using in higher level language, or when you legitimately do need to eak a little more performance from a particular piece of code.

Also, love that the book starts by teaching you how to use make as well, so many C books gloss over the tools.

14
getsat 4 days ago 3 replies      
Why is %d used to interpolate an integer into a format string? I don't recall seeing this done for any reason before.

I hope Zed actually covers how dangerous format strings can be if not handled properly. Format strings are still (hilariously) one of the major exploitation vectors in C-based applications today.

Edit: According to Wikipedia, %i and %d are synonymous. Sorry for the confusion.

15
emehrkay 3 days ago 0 replies      
I jokingly made this suggestion to him on twitter. He posted a few "assignments" and we (I assume it was more than myself participating) posted pics of our console output.

This guy loves to program

16
pbreit 4 days ago 2 replies      
Has anyone actually used "Learn Python the Hard Way" in a beneficial way? I started it several times but never got very far and just learned Python from other sources. I didn't really care for the approach.
17
Sapient 4 days ago 1 reply      
Having read a fair bit of LPTHW (though I had no actual interest in the language), I am really excited about this.

One of the best things about LPTHW was the context it was written in, and if LCTHW is written in the same way, it should be a really awesome read!

18
derleth 4 days ago 1 reply      
Isn't "C For Programmers" essentially "HOWTO Use Pointers"? Is there another really complicated idea that C has which most of its heirs do not have?
19
raniskeet 4 days ago 0 replies      
How about having a webpage with recommended libs for newbies to use? Sort of like NodeJS modules page.
20
drivebyacct2 4 days ago 1 reply      
It should say "Learn C and make the hard way".
21
newcguy 4 days ago 0 replies      
I know a fair amount of C. But I am still looking forward to this book as I hear that LPTHW taught something to even intermediate level people. Besides the exercises are usually good and would like to solve them.
22
seagaia 4 days ago 0 replies      
I hope this book will show lots of new C programmers the beauty of pointers in hand-holdy detail ('cause that's the level needed, I feel). Maybe basic stuff about VM, so all the pointer operations make sense (everything is a byte at some offset etc.).

At least I didn't fully appreciate C until I understood some of the underlying concepts.

Looking forward to reading this!

23
24
tomrod 4 days ago 0 replies      
Nice! Where's the rest?
25
auston 4 days ago 0 replies      
Go Zed! I'll buy this when it's ready for payment!
26
swindsor 4 days ago 0 replies      
The problem with C isn't C. It's shitty C programmers.

Learn how the language works, follow good patterns, and expect some bumps in the road.

Most of the time, though, you can use a different higher level language, and be a happier and less stressed programmer

5
User testing in the wild: he has never used a computer jboriss.wordpress.com
406 points by tbassetto  18 hours ago   176 comments top 30
1
ajays 11 hours ago 4 replies      
Sometimes I think technology just leaves people behind, with no hope of catching up.

About 10 years ago, one weekend I drove up to an ATM in Upstate NY, and found an elderly couple standing there, looking confused. After a minute, I stopped the car and got out. Both were well-dressed (probably coming home from church); the gentleman was about 90; his wife was a similar age.

"Is everything OK?" I asked.

"Could you help us?", she said (he was too proud to ask for help, I guess).

"Sure! What can I do for you?" I replied.

"You see, the bank sent us this card and said we should be using it, instead of going to the teller inside. But we don't know what to do with it."

Wow. I was shocked. The bank (HSBC) had not even told them how to use the card. And I was surprised that there existed people who didn't know how to use an ATM in this country!

So I showed them where to insert the card; told him to enter his PIN (while I looked away so I wouldn't see it). I advised them about the security implications; and how to always collect the card after you're done (those ATMs kept the card for the duration, unlike newer ones where you just swipe).

I was left with a sad feeling after that, which I can still remember. If I'm ever designing software for general use, I always think about that couple and try to see it from their eyes.

2
spiralganglion 15 hours ago 4 replies      
The company I work for produces software for users with zero computer literacy. We're a very small outfit serving a very specific niche. We produce new and highly specialized/distinct programs at a rate of about one or two per week. Our users are often subjected to very tight time requirements, so we can't expect them to develop familiarity over a gradual learning curve. They must immediately know what to do, and our software must support them, computer skills be damned.

Almost ironically, I struggle to hold our team to our own UI best practices; to ensure our interfaces and content are approachable. We're always crushed by deadlines " the time it takes to be sure we haven't made any literacy assumptions is time we don't have. It's my job to make developing this sort of UI/UX absolutely painless. Unfortunately, I get almost no opportunities to actually test with our zero-experience users. This article was a wonderful read, and gave me a very specific type of knowing satisfaction. It's a rare opportunity indeed.

As for those best practices, here are a few examples:

• Emphasize actionable items with animations, and textual and pictorial descriptions of the actions that must be taken. Instead of saying "right click", we might show a picture of the mouse with the right button highlighted, with a "clicking" animation indicating the action to be performed.

• Use iconography and terminology derived from the subject matter or real-world objects, instead of common "abstract" UI elements. For instance, a light switch (indicated as actionable, of course) instead of a check box.

• Simplify user interactions and interfaces to the absolute minimum. Reduce the actions the user must perform in order to be satisfied. Reduce the number of options presented to the user at any one time.

In many ways, designing an interface for a zero-experience user is like choosing a programming language: You want the language that lets you describe exactly the program you need to make in as few instructions as possible. Likewise, you want an interface that lets your users describe exactly the action they need the program to perform in as few interactions as possible.

3
melvinram 16 hours ago 1 reply      
Very interesting experience. The real issue is deciding on what assumptions you want to make about your audience. Even people who are not completely new to computers may act like people who have never used one before so making as few assumptions as possible is probably best unless you have a strong degree of confidence.

A few weeks ago, I visited a cousin who had recently bought a new fridge with "high-tech" water dispenser. I'm a big water drinker. When I went to the fridge to get some cold water, I felt really stupid for not knowing how to work a freaken water dispenser. It had a ton of buttons the real button to make it give you water looked like it was part of the door, not a press-able thing. The design could have been done better.

How many times have you been at someone's house and needed to use their microwave and it takes more time figuring out how to make the thing go than to actually heat the food? And even if you've used the exact same microwave 4 weeks ago, it still feels brand new and you feel just as lost.

Whether it's directions to a location or how to use an app/device, it may not stick.

Designing for computer illiterates but decently intelligent people seems like a worthy ideal to strive for. You may never get to a point where someone brand new to computers will feel comfortable with your app but keeping it in mind might help guide us into making small tweaks that can add up a big difference.

One example: With WordPress, you can add a search element to your site/blog. The default language of the label is "To search, type and hit enter." This is probably more clear than "Search this site" or plain "Search" but maybe not as clear as "To search, click here, type and hit enter."

Yes, it's more verbose. No, I'm not suggesting that WP should change the default text.

You have to strike a balance between being clear and not boring your audience by telling them what they already know but when in doubt, err on the side of clarity.

4
jamesgeck0 12 hours ago 2 replies      
My grandfather bought a computer in 2000 to replace his ancient word processor. When I visited him, he said he'd been using it a lot with Microsoft Works. But I couldn't find any documents on the hard drive. It was only when I found a huge drawer full of used floppies and remembered what the "save" button looked like that comprehension dawned...
5
pradocchia 7 hours ago 1 reply      
Joe knew nothing about computers, so he focused on the only item he recognized: text. Icons, buttons, and interface elements Joe ignored completely

Reminds me of my mother. She had a stand-alone word processor back in the day, w/ keyboard, monochrome screen, floppy drive, and daisy wheel. All commands were performed through the keyboard, with prompts on the bottom two lines of the screen, ala emacs.

She was real pro w/ this thing. She taught herself how to use it, and never needed any help from me.

Fast forward to her first personal computer, w/ mouse and icons, and she didn't get it. 10 years later and she still doesn't get it. In fact, it is a major source of anxiety. She doesn't explore the interface because she might get lost and won't be able find her way back to where she was. What do all those icons do? Who knows. She follows a very narrow course through the 4 or 5 tasks that she's familiar with, and that's it. She's almost superstitious about it.

None of this would be terribly remarkable if I didn't know she'd been such an expert user of the old standalone word processor. But she was. And whatever it was about the old machine that worked, it didn't carry over to the new age of mice & GUIs.

[for a similar perspective, see the discussion over at metafilter: http://www.metafilter.com/105309/You-have-to-click-on-the-te...]

6
binarymax 16 hours ago 5 replies      
She should be commended for her patience and willingness to help this man. Several years ago I spent about 2 hours helping an elderly woman do pretty much the same thing, who did not get nearly this far and she gave up. The concept of a mouse moving the cursor on the screen was beyond her comprehension, yet otherwise she was a perfectly intelligent, well-read woman. It may have been my fault for not explaining it properly, but it is certainly true that modern interface design obviously takes for granted that we already know the basics. Who would have thought that 'help' offers none? And 'suggested sites' gives some bizarre privacy warning?

I wonder, however, how Joe would have fared with an iPad?

Edit: oops on the gender.

7
ck2 17 hours ago 4 replies      
A person in 2011 who has never used a computer has far more serious issues (or "differences") to the way they approach life than you can solve by redesigning menus and layout.

This would be like approaching someone in their teens who still cannot read and trying to design a book you are writing to be more accessible to them instead of your general readership.

It's simply a matter of hand-on, over time. I've converted a few AOL users over the years to Firefox, etc. and there is absolutely nothing you can do to improve their experience beyond a very basic level. They just have to use it for a year and go through their own trial-and-error of learning.

8
deadmansshoes 14 hours ago 1 reply      
In these cases I've often thought it would be useful to have an "interactive" character guiding you around the application, such as a dog, or maybe a paperclip for a word-processing program.
9
Joakal 16 hours ago 1 reply      
Funny thing about Firefox 4 release is that it automatically hides menu bar which I thought was stupid. That's right, even help is hidden unless the user presses alt or right clicks to enable menu (Even as experienced as I was, it took time for me to understand why I couldn't find it).

However, if the menu bar was enabled, the user could go Help->Firefox Help and just at the bottom of screen without scrolling is 'Getting started with Firefox'.

Unfortunately the first video talks about bookmarking facebook, doing random searches, keeps talking about how awesome Firefox is and all fast paced and not slow at all.

10
hnsmurf 11 hours ago 3 replies      
This is interesting but entirely useless. Though he's never used a computer, someone already has used this one and changed some things about it.

#1 IE defaults to a blank page in what appears to be private browsing mode, rather than Bing as it does on any new windows install. He's somehow running IE on a Mac which may be why.

#2. Someone checked out San Francisco Yelp on Chrome and as a result there's a link for it.

#3. "We shouldn't assume that new users will inquisitively try and discover how new software works by clicking buttons and trying things out." That's probably misleading for 99.99999% of your audience. Yeah, the one adult on the planet who never used a computer before might be scared to death to play around with it, but you shouldn't design with that in mind (unless you're somehow aiming a product at them, in which case good luck with that sir). Put a 7 year old on a computer and he'll figure out how to find a restaurant in 10 minutes.

11
Zarathust 31 minutes ago 0 replies      
I remember the early days of my parents

"Click on the ok button"
"I don't see it (x5)"
"There is a gray rectangle with OK written on it, is that the OK button?"

"Double click on the icon... no click twice... yeah, like this but faster... faster... no slower than that..."

Really, its like when learning a new programming language, you just need a motivator. My mom learned it to build a genealogy tree and my dad now plays card games online.

12
aorshan 10 hours ago 0 replies      
I used to sell computers at Best Buy in an area that was predominantly elderly, and let me say it is quite a difficult procedure to walk someone through using a computer. Every day someone would come in that said they wanted a computer but had never used one before. I would spend hours showing people how to do things, writing up lists on how each task is performed, etc. It can be very challenging.

I found the best way to help these people is just to put them in front of a computer and walk them through the basics. Also metaphors are huge. It is always easier to understand something when you can relate to it. For example: My documents is like your filing cabinet. Everything is organized into folders so you can find where it is.

The most interesting thing was when the ipad came out. We were seeing people who barely knew what the internet was trying to buy and use one of these things. Try explaining 3G to someone who doesn't have a cell phone. Almost impossible. I remember one man who was so frustrated that he couldn't set up email that he announced that he would give $20 to the person who would do it for him.

13
sjs 10 hours ago 1 reply      
People generally say "time cures these problems" but I'm starting to wonder. Things change so rapidly, someone who is 60 now and is learning to use a mouse and keyboard might be utterly lost in 20-30 years with whatever advances have been made.

When I'm 60 in ~30 years maybe I'll be clinging to ancient things like notebooks and tablets because I know how to use them, and kids will point and laugh while they use the modern stuff.

14
kia 12 hours ago 1 reply      
This reminds me of my first experience when I started to use Linux (SSH, terminal only) and Vim.
15
lian 16 hours ago 1 reply      
I agree with what I think Boriss' point is " that our interfaces are not natural. They require us to build a new system of patterns to match with encountered interfaces of a similar kind, in order to know what we're doing. Same is easily said of learning any new language, visual, written, or spoken.

But to suggest that iconography and buttons in general are unique to digital interfaces is inaccurate, and recounting one man's first interaction with a computer as "user testing of browsers" comes across as a sensational misrepresentation of what user testing is, and what education-by-interface should be.

Let's not show an entrenched English speaker Japanese and claim that it is the language's responsibility to immediately map to his mental model of English. Learning falls on a motivated student (which Joe, with self-proclaimed "no excuse[s]" for never using a computer, was not) matched with an expert evangelist like Jennifer Boriss, in the event of a total failure of comprehension.

16
sheffield 16 hours ago 3 replies      
The world is full of people who have never used a computer. They are called children.
17
mnemonicsloth 12 hours ago 4 replies      
Would you treat a customer this way?

During the interview Joe was "stressed," "taxed," "frustrated," and "confused." He was asked to try and fail to do things the author already knew he wouldn't be able to do. Repeatedly. The author was surprised that he would take failures personally, and described ending the interview as "cut[ting] Joe a break."

Really very generous, to cut Joe a break from the interview he volunteered for.

There is a serious lack of empathy on display in this post. Joe deserves an apology.

18
rythie 14 hours ago 1 reply      
No search engine that I could find [Google, Bing, Duck Duck Go, Dopile, Ask - though the logo is close] specifically prompts you on how to use it. For example they could say "What are you looking for?" for new users.
19
pseale 8 hours ago 0 replies      
This sounds like how I helped my grandma with her Outlook/phone/digital photo woes. With some things (email) she was extremely successful; with others (digital photos, saving attached photos from emails) she remained lost forever.

She could have benefited from a dumbed-down interface for the things she struggled with. Picasa was as close as I could get as simple photo management, but she needed something even more seamless and simple.

It makes me wonder why there aren't more companies creating products like the Jitterbug ( http://www.greatcall.com/ )--for those of you unaware, the Jitterbug is a cellphone with very large buttons and a presumably easy-to-navigate menu system, with concierge operator service for remedial support tasks ("I need to check my voicemail").

Maybe we have tried making extremely simplified UIs for common computing tasks, and failed (Clippy/MS Bob)? Is there an extremely simple photo management app (or something on the Mac) that I'm unaware of?

20
ThomPete 14 hours ago 1 reply      
The problem is thinking that the metaphors we use are actually descriptive to outsiders.

There is no such thing as an intuitive interface that isn't learned.

I had the same encounter with my mom and although she had used a computer before the experience was just as crazy.

http://000fff.org/anatomy-of-a-noob-why-your-mom-suck-at-com...

Here is an excerpt from the conversation.

21
pwhermanson 9 hours ago 0 replies      
It seems to me that the question of the day is..what IS "intuition?" Most UI designers will create an interface that relies on typical design standards that any competent user would understand, such as home icons, menu bars, banners, footers, thumbnails etc. There are good reasons for this; namely because many interfaces target a market of experienced users.

Designing an "intuitive" interface true to the word is almost impossible. Experienced users can look at a new UI developed with standard design principles and navigate through it without frustration. But this is not called "intuition;" This is called past experience.

Now, rollover pop-up text that describes functionality may add a level of intuitiveness to a system. But why create a help menu for how to use the mouse or how to single click in a text field before you can type in it? Many of those users who aren't experienced are left behind only because it is usually not economical to market to them.

22
Mavrik 17 hours ago 18 replies      
Here I want to ask a question: did any of the HN users ever get helped by anything put into the "Help" menu in an application?
23
godarderik 56 minutes ago 0 replies      
Reminds me of http://xkcd.com/627/
24
radarsat1 12 hours ago 2 replies      
The funny thing is that as an "advanced" user I use the terminal all day long, but we assume the mouse cursor is easier for inexperienced users. But something about that old DOS prompt was not so bad: you just learn the commands, type them, and see the result. In a lot of ways it's a more straight-forward interaction than mousing around.
25
ma2rten 16 hours ago 0 replies      
I think there are two lessons to take away from this.

First, the mall can be a great place to do user testing, if you want to reach a broad audience. Except that I would imagine that you get more male participants, because they are waiting for their female partners more then the other way around.

Second, you need to test with your actual target audience. For Mozilla that is at least people who know how to use a computer to some degree.

26
xbryanx 9 hours ago 0 replies      
I applaud the author for doing this sort of user testing. Instead of getting a focus group to come to you, bring your test to them. Besides the mall, you might have fun trying this out at your local museum as well.
27
Joakal 16 hours ago 1 reply      
For some statistics: 2,095,006,005 or 30.2 % of the world are Internet users.

http://www.internetworldstats.com/stats3.htm

I couldn't find any statistics on computer use, so the number is likely higher.

28
arvinjoar 14 hours ago 0 replies      
Reminds of finding a tribe that has never been in contact with other humans. The importance of the internet really becomes clear when reading about people who've never tried it.
29
Tichy 17 hours ago 0 replies      
Now I went looking for the "Nightly Help" item in my browser, but I guess it only applies if you have installed a nightly build.
30
httpitis 14 hours ago 0 replies      
I have several projects atm and feel a bit stressed. In my experience, laughter will help in these situations and reading about Joe's first experience with IE really made my day:

Joe: “I don't know what anything means.”
(Joe reads the text on IE and clicks on “Suggested Sites”)

Me: “Why did you click on that?”

Joe: “I don't really know what to do, so I thought this would suggest something to me.”

(Joe reads a notification that there are no suggestions because the current site is private)

Joe: “I guess not.”

----------

To clarify: I was laughing at our industry as a whole that expects users to be computer literate to the point where ppl like Joe have to struggle really hard to get even the most basic thing done.

6
Why I read Hacker News even though I understand very little of it alexrosen.com
365 points by alexmr  2 days ago   85 comments top 34
1
duopixel 2 days ago 1 reply      
Sponge learning is awesome, but you must always remember to act upon it. Knowing that CoffeeScript is hot in the web dev scene is great, but in the end it amounts to little more than industry gossip.

True understanding comes from actually trying to do it yourself, technologies stop being buzzwords and they become tools.

That said, kudos to the OP for trying to Learn Python the Hard Way!

2
rlander 2 days ago 0 replies      
Two years ago, when I started reading HN, I was a php programmer who didn't even know what functional programming was.

Now most of my personal projects are written in my new favorite language, Erlang. Sponge learning is awesome, specially when you supplement it with lots of hard work. Thanks HN.

3
eneveu 1 day ago 1 reply      
I like Alex's concept of "sponge learning" and reducing "unknown unknowns". I've actually been doing this unconsciously for quite a while.

Let's say there is a debate about the best VPS provider on the HN front page. I have no need for a VPS right now, and I sadly don't have the time to read the whole debate.
Instead, I skim the discussion, bookmark it (on pinboard) with appropriate tags, and know it will be there when I do need to choose a web host.

This also applies to "unknown unknowns": a month ago, I saw the discussion on CloudFare ( http://news.ycombinator.com/item?id=2631019 ). I made a mental note that some services might actually help mitigate DDOS attacks, and made a bookmark for later use.

I could make an analogy with a database: I don't have enough time / memory to learn and remember everything I read on HN. Instead, I use my brain like an "index", the database being my Pinboard bookmarks. I think it's time to expand to other databases, too: I should try out EverNote or Workflowy to store free-form thoughts and other "non-bookmarkable" stuff.

4
Sandman 1 day ago 1 reply      
What I noticed in these 847 days I've been here is that HN's comments spoiled me. I now seek the same level of discussion on other sites and most of the time find myself disappointed.
5
schme 1 day ago 1 reply      
I have been the victim of sponge learning for many years now, HN being part of it for about a year. I can talk about a wide range of techy subjects but I've never really made or done anything to show for it. I learn bits from here and there without never going very deep. I've read through (and done most of the exercises from) K&R and Dive Into Python to name a couple, yet I haven't written a project over 500 LOC.

I've loved technology as long as I can remember, but when it comes to my local circles I've always been alone with it. Sponge learning is great and (as the writer mentioned) it deduces the amount of unknown unknowns, but without peer encouragement or -at least- approval it's very difficult to actually do something with it.

My sincere respect for everyone who has done something with their passions (that includes you alexmr!)

6
raju 2 days ago 1 reply      
Great post.

I have often thought about the way I learn, and it's very much 'sponge learning' (nice term BTW).

I am on a journey to learn Clojure, and improve my JavaScript skills. Much like the author, I read blog-posts, books, the Google groups as well as take any code samples found there and play with them in the REPL. A lot of the posts (especially some on the Google Groups) don't always make sense to me - but I hope that I will have filed it away somewhere. Maybe someday it will all come together :)

Again, nice post.

7
blackboxxx 2 days ago 1 reply      
I did the exact thing with Slashdot, when I first got on the Internet in '98. And I'd read Linux Journal although much of that was over my head as well.

But slowly you learn, and get to know the stuff, and then it gets boring and so you check out something else you know little about. That's what happens to me.

I think you're on to a good strategy alex.

8
seagaia 2 days ago 3 replies      
Hey, this is good. And it inspired the guy to go deeper into some of the subjects!

Sometimes, a problem is that people only go to sponge learning...and then stop. As a professor of my friend's said...people are getting better and better at being able to talk about something for five minutes...then that's it. Thanks to wikipedia, lots of people can seem smart, but not actually understand something in depth.

I find XKCD also to blame for part of this. If I had a dollar for every time someone made a joke about the Axiom of Choice...

9
topbanana 1 day ago 1 reply      
The most upvoted comment on the post (Martin Doms):

Everyone on hacker news is motivated by money. It gets old. There's a huge vibe of "I don't care about this technical mumbo jumbo any more than I have to to make a quick buck". It's VERY trendy/hipster culture there. They jump on all of the silly buzzword bandwagons and distrust tried and true technologies.

I'm not saying I don't read the site - some of the articles are very good. But I don't like to be around people primarily motivated by money. Those kinds of people make me very uncomfortable.

10
pknerd 1 day ago 1 reply      
Best thing about HN that it filters out crap and produces quality stuff. Just because of HN I came across two entrepreneurs who are more than helpful to guide me offline whenever I need.

Thanks PG and Team to give such a quality site. Now I don't visit TechCrunch etc to find out Information. HN does it for me and saves my time

P.S: I am already a techie but a Biz noob and HN is helping me to become an entrepreneur.

11
jasonrodriguez 2 days ago 1 reply      
I'm right there with you. I have been an avid reader of HN for going on 2 years now. While I can't sit down and develop killer software from scratch, I am slowly learning more and more about technology and programming, and a lot of it is thanks to the great HN community.

I just started ready the updated edition of Learn Python The Hard way, and really enjoy it. It's the first book on programming that I have read that throws you right into the thick of things, get's you started writing code from the outset. Feel free to send me a message or email me if you want to bounce and ideas off of each other with Python or anything else, I get the impression we are both starting off on the same page. Should be a fun adventure!

12
jechen 1 day ago 0 replies      
This is exactly the kind of mentality that one should develop on HN (or if they want to get anywhere in the industry). It reminds me of a recent post I read that people aren't intrinsically separated into "technical" and "non-technical" people. If you have the patience and the will, you can become competent at either. :) Read/learn on!
13
bprater 2 days ago 0 replies      
And even when you understand a lot about these technologies -- it can be a great reminder of things to dabble in and see if they fit your model of how you work. This week I jumped into using Less (a CSS tech like Sass) after noticing a post on it.

How happy I am -- Less (or a similar tech) is now going to be a permanent fixture in my webdev world!

14
farnsworth 2 days ago 1 reply      
I did this with Reddit years ago when much of the front page was programming/computer-related. I realized it was an awesome subject, spent a lot of time trying to figure out what they were talking about, and eventually changed my major to software engineering.
15
lambersley 1 day ago 0 replies      
I was referred to HN by a former colleague only 4 months ago. I'm the farthest from being a programmer of any sort, but I work in and around technology and he knew I was somewhat of a 'knowledge whore' aka philosopher. I like being in the know. "Sponge learning" is a great practice. I walk away from the monitor each day knowing what I don't know.

Thanks HN

16
jorgeortiz85 2 days ago 1 reply      
Eternal September.
17
kahawe 1 day ago 2 replies      
It is interesting how synonymous "hacking" and "programming" has become with "web programming" all of a sudden over the last few years...
18
SmartFone 1 day ago 0 replies      
I've been reading HN for over a year even though I'm not the best developer. It simply teaches useful info about how to get things done that I would not get otherwise.

For instance, the case studies on starting a T-shirt company Snowpocalypse 2011 - bam! Knowledge of how to do that. Or the posts on business models in the music industry, links to Mixergy, et cetra, et cetra.

HN basically is extremely entertaining - and the most valuable business site I read.

19
Dramatize 2 days ago 1 reply      
I think this is why I love listening to Build and Analyze by Marco - http://5by5.tv/buildanalyze
20
elebertus 1 day ago 0 replies      
this is almost exatcly how I learn. It is certainly the reason why I read hn, and associate with people who are generally much more experienced than I am (they're great friends of primarily).

I am still very much learning about programming in general, but the beat advice I ever got was this: just write programs any way you can, and learn what you did 'wrong'. there are always different ways to solve problems but the best way to get better is through practice.

its cool to see someone else (and by the comments, many others) doing the same thing I do.

21
127 1 day ago 0 replies      
You can certainly get part of the big picture from reading Hacker News, but if you're going to learn anything in depth, I seriously suggest taking a class. That way someone else has already done all the hard work in collecting all the material in easily digestable chunks and even gives his or her valuable time in trying to make you understand it all.
22
aorshan 1 day ago 0 replies      
Awesome post. I am in the exact same boat as you. I read this stuff every day as inspiration and to learn more about the world of programming and computers. I am also working through python to learn my first language (chose python because of xkcd). Feel free to email me if you want to discuss difficulties or challenges with programming in python or in general.
23
ericelias 2 days ago 0 replies      
Alex, thanks for the post. This is definitely how I read HN and the links to the learning resources has helped accelerate learning new material.
24
dhughes 2 days ago 0 replies      
It's nice to know there are more of us spongers out there, some of us don't have a blog though suspicious look
25
canistr 1 day ago 0 replies      
Judging from the fact that he helped make twordsie, I wouldn't say he's exactly at level zero. Rather misleading.
26
krashidov 2 days ago 0 replies      
Besides the technical stuff, the links and discussions here on HN have helped me with entrepreneurial concepts the most. It helps when really established and well known people, and people who have plentiful experience in starting, running, and marketing a business are discussing things.
27
maren 2 days ago 0 replies      
Totally agree - I'm a complete newbie when it comes to tech but I am learning at a fast clip because of HN :)
28
tilt 1 day ago 0 replies      
I think you might be happy to hear this, I'm a noob as you are and TIL that I'm "sponge learning" aswell! Thanks!
29
hackermom 1 day ago 1 reply      
Alternative title: Why I read Startup/Popular Blogstar news even though I care for very little of it.

Anyone else who has noticed how radically the news content on HN has changed since just last year? HN is dead, long live the new HN.

30
Hari_Seldon 1 day ago 0 replies      
I would class myself as an advanced user, not a developer but someone with interest and enthusiasm for technology. The main reason that I visit HN is that for me, the level of debate is higher. Far less fanboyism and trolling than most tech sites and IMHO - up there with slashdot. That's high praise for me \. is my favourite site
31
boscomutunga 1 day ago 0 replies      
Sponge learning is very good, especially when one wants to learn new vocabulary and tech jargon.
32
kurrent 1 day ago 0 replies      
whew, i thought it was just me
33
known 1 day ago 0 replies      
it, definitely reduces my unknown unknowns
34
matmann2001 2 days ago 0 replies      
Nailed it.
7
Very clever story telling using HTML and Javascript... hobolobo.net
331 points by dclaysmith  3 days ago   28 comments top 10
1
silvestrov 3 days ago 2 replies      
For each page, you must use the horizontal scrollbar to see see the animation and the rest of the images.
2
hobolobo 3 days ago 0 replies      
Well, this is awkward. (Check u/n)
I am unable to claim responsibility for this :)
3
mambodog 3 days ago 1 reply      
I am working on something similar to this, though I've implemented a renderer like that of a game, with all visible elements being rendered at 30 fps, foregoing DOM manipulation for writing HTML text directly to innerHTML[1], and culling non-visible elements. This avoids the slight jerkiness that exists when scrolling on the linked page.

[1] http://www.youtube.com/watch?v=_RRnyChxijA&t=22m56s

4
kungfooey 3 days ago 0 replies      
Wow. This is fantastic. Clever story, clever execution, clever little surprises in the illustrations. Can't wait to see what else this guy comes up with.
5
jpdelatorre 3 days ago 1 reply      
Looks really cool. This would be an amazing tablet app for children. +1 if there's a voice over option. Although it seems a LOT of work to put together.
6
petewailes 3 days ago 5 replies      
So, I've got a question... Whilst this is undeniably cool, can anyone actually anything beyond short children's literature being told this way?

As a more random note, what innovation have people seen/would people like to see in the literature space? How would you tell a novel online?

Discloser: am writing a novel, and reserve the right to totally take any ideas from this and incorporate them. If I do, you'll get a credit in the book.

7
ineedtosleep 3 days ago 0 replies      
Microsoft also made something similar to show off IE9's HTML5/CSS3 capabilities. I don't have a link handy, but it should be easy to find.
8
nerdinexile 1 day ago 0 replies      
You know what this'd be great for? Narrative puzzles. Imagine if Planetarium (http://www.beholder.co.uk/planetarium/) had had access to this technology.
9
inportb 3 days ago 0 replies      
I really enjoyed the experience!
10
sigvef 3 days ago 0 replies      
http://hobolobo.net/what-is-this-thing thinks I'm using Internet Explorer, when in reality I'm using Chrome 14.0.803.0 dev-m.
8
Advanced Javascript tips and tricks google.com
306 points by ck2  2 days ago   35 comments top 10
1
tomstuart 2 days ago 3 replies      

  list = list.sort(function() Math.random() - 0.5);

Please don't shuffle an array like this. Array.prototype.sort requires the comparison function to be referentially transparent (i.e. to always return the same result when given the same two elements to compare), otherwise the sort order is undefined. For example, imagine how far from "shuffled" the resulting array will be if a bubble sort is used with a randomised comparison function.

Use a Fisher-Yates shuffle instead.

2
ck2 2 days ago 1 reply      
BTW I also just noticed Resig's next advanced JS book is almost done (finally!)

http://www.manning.com/resig/

and there is a 50% off code that is working for July 4th - july450

which makes it $16 for the early-edition PDF-only version

(or $20+$5 shipping for dead-tree version but it's $25 on amazon anyway)

If I learn just one new trick for $16 it's probably worth it.

4
ErikCorry 2 days ago 0 replies      
Lots of the stuff in this list is only available in Mozilla browsers. It's not part of the ECMAScript standard:

yield

Optional named function arguments

let (in the 'remove an object from an array' example)

"Convert a string into a charcode list" (both methods)

toSource method on an array ("Array iteration pitfall")

etc.

5
yid 2 days ago 1 reply      
Wow, I'm seriously overjoyed to discover the "yield" operator, which I did not know existed (it barely shows up anywhere!). No more hackishly using window.setTimeout() to yield in JS pseudo-thread simulations!
6
ck2 2 days ago 0 replies      
There is a handy index of them all near the bottom:

http://code.google.com/p/jslibs/wiki/JavascriptTips#delete_a...

7
tlrobinson 1 day ago 0 replies      
Most of these tricks involve non-standard features of Mozilla's dialect of JavaScript.
8
IanDrake 2 days ago 0 replies      
I use the pattern listed under "Objects private and public members" frequently and feel they missed an important point.

They really should add something like:

function MyConstructor( pub, priv ) {

  var thisMyConstructor = this; //**Copy the 'this' variable**

var privateVariable = priv;

this.publicVariable = pub;


Otherwise "public" variables can't be accessed in private functions because "this" no longer references the object. So, from what I've learned it's always best to copy "this" to a private variable and use the private variable for consistency.

9
Yansky 2 days ago 1 reply      
I don't understand the need for the first example: Array.prototype.push.apply(a, b);

Isn't that what the concat() method is for?

10
perlgeek 2 days ago 3 replies      
I find some of them horribly obscure

     +new Date() // 1259359833574

Oh come on, magic constants? How do you check if that's the right number?

    function PrefixInteger(num, length) {

return (num / Math.pow(10, length)).toFixed(length).substr(2);
}

Is there no sprintf in Javascript? Or did I misunderstand what the function does?

9
Once Greece goes... lrb.co.uk
294 points by andrewcooke  4 days ago   193 comments top 16
1
lyudmil 4 days ago  replies      
Every time I bring this up I get down-voted, but I cannot resist.

No one argues that the Greek economy was in good shape. It clearly had severe problems with corruption and inefficiencies, which were brutally exposed when the global financial crisis hit. Everyone suffered, but because of the problems in the fundamentals of the economy, Greece suffered disproportionately more. However, the European Central Bank lent the "bailout" money demanding cuts to public spending that, in the current economic situation, would have very likely worsened the Greek economic situation. Greeks realized this and protested, but were (understandably) dismissed as spoiled brats, demanding an unsustainable, comfortable lifestyle.

Now that the likely, predictable outcome is looking even more likely (namely, default), journalists are still omitting that crucial part of the analysis. Many economists warned that in a crisis of demand, which is what we're experiencing now, cutting government spending is a bad idea. In a situation of such great uncertainty in the market, the government is the only source of demand big enough to make a dent. It must, of course, borrow the money and therefore increase its deficit by doing so, but that's a worthwhile thing to do when the alternative is default. After the economy has stabilized, the deficit problem can be overcome by growth. Moreover, even if deficit reduction is your priority, if the economy is shrinking you're always going to be fighting a losing battle no matter how many spending cuts you make.

To summarize my point, the Greek economic turmoils are less of a cautionary tale of the perils of uncontrolled spending (although they clearly are also that), and more an illustration of the negative effect the austerity measures recommended by the ECB are having on the economies they are imposed on. It should give leading European nations pause when considering what to do with the rest of the troubled economies in the eurozone.

2
fleitz 4 days ago  replies      
Markets are pricing greek debt as defaulted because it's the most rational thing for the greeks to do, and the most rational outcome. Greece holds power over the EU to the degree that its financial insolvency can bring the whole system down. (Technically, it's a power transfer from the EU to US as the fed has already bailed out the EU banks in anticipation of the Greek default)

When you owe the bank $1 million the bank owns you, when you owe the bank $469 billion, you own the bank. The average greek is smart enough to know this and knows that the closer they get to default the better the deal they will get. The banks have two options, get nothing, or get something.

Also, if the Greeks' can't pay at a AAA rating they certainly can't pay at AA rating, nor A, not BB, so the end game for rational thinkers is default because as the rating drops the inability to pay increases. Since Greeks hold EU notes and EU denominated assets they can't even be screwed via an exchange rate mechanism. If Greece defaults Europe basically has to eat it, and it puts Europe in a much worse negotiating position with Spain and Portugal.

Furthermore, with regard to bond pricing there is no such thing as a bad bond, only a bad price, hence they are quickly being priced to zero. It's similar to the whole subprime thing, guys who bought subprime post Aug 2008 actually did alright because the prices were so low that you'd be somewhat likely to get your money back.

3
Aloisius 4 days ago 1 reply      
The Eurozone could go belly up because of a cascading failure. The US may default because conservative politicians think it is "not that big of a deal." China is scared of an economic slowdown and inflation. And everyone thinks we're in a bubble and we're about to hit a point of irrational exuberance.

Interesting times.

4
JanezStupar 3 days ago 4 replies      
There are two sides to this article one is correct and the other is deceitful. I assume that this article was written by a Greek (I infer this from the first person accounting of situation).

The true part of the article is the part about debtors options and possible scenarios.

The deceitful part is the part about "ordinary Greek not understanding the situation and having no part in it". In eastern Europe we have a saying that someone is "indebted as a Greek", meaning that someone is perpetually taking loans to repay old ones while having not a slightest intention of ever paying them off. And this proverb is centuries old AFAIK. So all this protesting going on, pleas of "ordinary Greek people" are an elaborate scheme of shedding guilt. Modern Greeks as a nation are an entitled (an order of magnitude more than attributed to gen-Y) and lazy bunch. Boasting their "heritage", while they have nothing in common with the antic culture.

Any businessman worth his salt will be weary of doing business with Greeks - thats how bad in general their ethics situation is. While I cannot offer any meaningful opinion about how to get out of this mess. I can try to provide some insight into how Germany and France got into this mess. The first would be that greedy coke powered bankers got all optimistic that Greeks will repay their debts this time and went on to issue insane amounts of subprime loans, ok this is not what happened.

What did happen was that western world knew full on from the beginning what would happen - but proceeded anyway, since Greece was too strategically placed in the cold war and could not be lost to Soviet influence. The Greeks being smart, knew that and took full advantage. What happened after the cold war, was basically the subprime mortgage scenario of US played on a national scale - it is fraud committed by German and French bankers over the people of EU. I'm not believing anyone "in the know" telling me with a straight face that they didn't know that Greeks were cooking their books.

So in a sense like US subprime fiasco is fraud committed by US elites over people of US, European sovereign subprime debt crisis is also a fraud committed by European elites over their peoples.

I recommend reading this analysis of Greek[1] and Irish[2] debt crisis. It has to be some of the best journalism I have ever read.

[1] http://www.vanityfair.com/business/features/2010/10/greeks-b...
[2] http://www.vanityfair.com/business/features/2011/03/michael-...

Let the Greek diaspora and leftist lunatic downmodding begin!!

Edit: Indeed it was not written by a Greek. But the part about people of Greece not knowing what is going on is pure bullshit - I am not accusing the author of having an agenda. However I am accusing him of not having balls and bringing it out.

5
abalashov 3 days ago 0 replies      
A recent Der Spiegel article (http://www.spiegel.de/international/europe/0,1518,769329,00....) made a titular remark that I found noteworthily pithy:

"The Euro Is a Fair-Weather Construct"

6
sek 4 days ago 2 replies      
The reason for this big imbalance is the focus of the German industry on exporting goods.
Every time the Euro is lowered the German exports are heavily increasing what makes the problem even worse.

Different countries with the same currency was a stupid idea to begin with.

7
mkramlich 4 days ago 2 replies      
This article reminded me of the larger issue: why do so many modern, national governments seem incapable or unwilling to ever operate with a balanced budget? Why do deficits and debt seem to be the norm? Why all the excuses? Is it a kind of stupidity brought about by having a large group of people each pulling in different directions? Or is it by design and due to malevolent intent? Just curious what everyone thinks.
8
yaakov34 4 days ago 6 replies      
I feel like I should have stopped reading this missive after the first phrase, which is "The economic crisis in Greece is the most consequential thing to have happened in Europe since the Balkan wars."

The Balkan wars were in 1912-1913. I can think of a few other significant things that happened in Europe since then. This crisis - it is really more of a tantrum than a crisis, since the Greeks know perfectly well they are on the hook for the money they spent on themselves - doesn't even register as a blip. It's not going to collapse the economy of the 400 million people within the EU/eurozone area, and even if it did, it still wouldn't reach the significance of 70 years of revolutions and communism and dictatorships and the freaking Holocaust and a couple of world wars, now would it?

This sort of wild-eyed panic mongering by people who take a bath on their real estate or stock purchase, and think that they are living through the worst crisis in the 7,000 years of recorded history, is beginning to wear thin. It's annoying even as deliberate hyperbole.

On top of this, the economic points made are stale and unconvincing. He talks about low interest rates being appropriate for Germany, but not for Greece. Well, guess what? You don't have to lend at low rates to Greek institutions. You can take a risk premium on top of the basic Euro central bank rates. People weren't doing that because they thought that Greece would catch up economically to the Euro average; it didn't, and the risk premiums went up. Hardly worth killing the Euro zone over this.

EDITED to add: he probably meant the wars in former Yugoslavia, rather than what's actually known as the Balkan wars. OK, but frankly, this is still crap, since clearly the creation of the Euro block itself and the unprecedented economic expansion in its new members is far more significant than a tantrum in 3% of the Eurozone. And the economic points are absolute garbage: yes, Argentina recovered, because it is a mining/exporting country and commodity prices skyrocketed. Not very relevant to Greece.

9
Tomek_ 3 days ago 0 replies      
If you haven't already you should also read http://www.vanityfair.com/business/features/2010/10/greeks-b... to get more of a perspective on what went wrong in Greece.
10
sprovoost 3 days ago 1 reply      
Some people have jokingly suggested that Greece should just sell a few islands. I'm just curious how much they'd have to sell to make e.g. $100 billion.
I think it would be kind of cool (and historically ironic) if they sold some land to China and let them build a few descent city-states in the area in the next year or so. A couple of million extra people should prop-up the Greek and EU economy.
11
joe_the_user 3 days ago 0 replies      
The Greek economic situation is unsustainable. The US housing market is unsustainable. The Chinese housing market is unsustainable. I could make a longer list if anyone wanted.

My point is that this article seems to imply that Greece will be the first to go. Maybe but maybe not. If doubt shifts to US, say, the euro might look at great investment by contrast for a while.

12
jamesgagan 4 days ago 1 reply      
"There is a good moment in one of the otherwise terrible Star Trek movies..." - a knife to the heart in an otherwise interesting article. ;)
13
tluyben2 3 days ago 0 replies      
What does Greece 'do'? I can tell you what France exports/makes, Germany, Netherlands, Italy, even Portugal, but Greece; do they actually do anything? Is anything created there? Do the Greek actually work? I've been on vacation there a few times, and i've never seen people so lazy; we went into restaurants and actually had to literally kick the waiters to serve us; they were annoyed that customers came in.
14
jodrellblank 4 days ago 1 reply      
Is there any personal punishment for leaders ruining a country? There would be if the Greek ministers were committing war crimes, or if they were driving without due care and attention. Why not for "running a country without due care"?
15
patfla 4 days ago 1 reply      
I found this more compelling and succinct:

http://blogs.telegraph.co.uk/finance/andrewlilico/100010332/...

16
cynusx 4 days ago 0 replies      
In my opinion the EU needs to trace the contagion effect and limit its effects.
It can do this by offering to take over all credit default swaps on Greece's bonds, no sane economic actor is going to refuse that when a default is imminent.
What happens then is that the ECB absorbs all losses from a Greece default, blowing a large hole in its balance sheet.
However the ECB can just print itself back into solvency.

The aftermath will be a period of high inflation.

10
Unannounced Facebook feature uncovered lifeisagraph.com
257 points by ghostmachine  11 hours ago   43 comments top 16
1
agscala 10 hours ago 2 replies      
Now that Facebook actually has something to worry about slightly, it's kind of cool watching Facebook and Google both scramble to win over the users with these awesome A+ features one after another.
2
smackfu 10 hours ago 0 replies      
Odd to think it will be called Facebook Vibes when the chat isn't called Facebook Peep. Probably just a codename, and it will end up being called Facebook Music.
3
budgi3 10 hours ago 3 replies      
Heard that Facebook are integrating Spotify. Maybe that will be 'Vibes'?

Some more speculation here:
http://www.digitaltrends.com/social-media/facebook-said-to-l...

4
masnick 10 hours ago 2 replies      
I would speculate that this could be something like http://turntable.fm built into Facebook.

If so, what a great way to keep users actively using Facebook: I can imagine someone spending a lot of time doing other things on the site while listening to music with their friends.

5
sausagefeet 7 hours ago 0 replies      
In all honesty the only feature one social network has over another is where my friends are. I never check the stuff otherwise.
6
lojack 10 hours ago 0 replies      
This all seems so familiar...

In a completely unrelated note, apparently Myspace sold last week for around $35 million.

7
eiji 8 hours ago 1 reply      
I still woundn't mind some investigation on how the call/video feature works.
The post mentions some java. We are not talking about applets here are we?
8
Qz 9 hours ago 2 replies      
I still don't understand why I would want to pay for music through facebook.
9
uvTwitch 2 hours ago 0 replies      
So, Facebook is going the way of MySpace then?
10
untog 9 hours ago 1 reply      
Personally, I'm more excited about the fact that it requires an app ID. I'm very interested in users being able to record video from within Facebook and upload it.

Anything to escape the awful Flash implementation of it...

11
balakc 3 hours ago 0 replies      
FB giving Google a run for its money
12
ajhit406 10 hours ago 1 reply      
Strange that this was posted on July 4th and is now just getting promoted / submitted.
13
The_Igor 9 hours ago 0 replies      
Beautiful! Competition is good for the consumer.
14
bhartzer 10 hours ago 0 replies      
You would think they would use another filename that wouldn't reveal Facebook Vibes.
15
shimsham 8 hours ago 0 replies      
this will surely be their spotify-based app.
16
JacobIrwin 7 hours ago 0 replies      
So what, Jeff is proud of his discovery. So what, he made a few snarks.

I appreciate the info and he's ultimately correct. "[I] heard it here first."

11
JQuery 1.6.2 syntax error? You may be the victim of SEO. encosia.com
254 points by gavingmiller  1 day ago   134 comments top 29
1
pierrefar 1 day ago 2 replies      
Hello all

I work at Google as a Webmaster Trends Analyst to help webmasters with issues like this one.

Looking into this, the first thing I noticed is that the blog.jquery.com seems to be blocking Googlebot from fetching its pages, but the site responds normally for web browsers: it returns an HTTP 500 error headers for requests using a Googlebot user agent. You can see this yourself using a public tool like Web Sniffer to fetch the page spoofed as Googlebot ( http://web-sniffer.net/?url=http://blog.jquery.com/2011/06/3... ) or using Firefox with the User Agent Switcher and Live HTTP Headers addons.

Unfortunately this is a very common problem we see. Most of the time it's a mis-configured firewall that blocks Googlebot, and sometimes it's a server-side code issue, perhaps the content management system.

Separately from that, I also notice that the blog.jquery.it URL is redirecting to the blog.jquery.com, suggesting they are fixing it on their end too.

If an jquery.com admins want more help, please post on our forums ( http://www.google.com/support/forum/p/Webmasters?hl=en ).

Cheers,

Pierre

2
patio11 1 day ago 2 replies      
On the plus side: there are a lot more interesting things a spammer could do with a copy of jQuery than accidentally include a syntax error.
3
Encosia 1 day ago 4 replies      
In case the spirit of my post isn't clear, let me be the first to acknowledge that I wouldn't have run into this problem at all if I had been less careless. The purpose of posting this was to raise awareness and hopefully help others avoid making the same blunder (and to point some links at the correct site with good anchor text).
4
gojomo 1 day ago 2 replies      
Google didn't just misrank this fraud; they also provided the loot (AdSense revenue) that likely motivated the crime.

They should ban not just jquery.it from both natural rankings and AdSense, but every other site on the same AdSense account and with the same registered domain owner.

5
VMG 1 day ago 2 replies      
No, "being in a hurry" doesn't excuse downloading and including jquery from the wrong website. He is lucky that there was a syntax error and the script didn't work, this could have turned out much uglier.

Edit: the headline should be: "Everybody watch out, a fraudulent jquery website ranks higher in google than the official website". The syntax error is the best thing that could happen.

6
rsoto 1 day ago 2 replies      
This is very weird. jQuery.it has the same PageRank as jQuery.com (8/10). This site dates back to 2007 [1] altough it started copying the jQuery site until 2009 [2].

It also has cloned the subdomains: http://dev.jquery.it/ and http://forum.jquery.it/

What this site appears to do is mirror the content of jQuery.com by copying everything and then appending the "Time to generate" string.
I just checked adblock, it also adds a Google Ad, which is the point to this.

Obviously Google has messed up big time, but also the whole web by linking so much a fake site that it has the same page rank as the original.

1: http://wayback.archive.org/web/20071001000000*/http://www.jq...

2: http://wayback.archive.org/web/20090601000000*/http://www.jq...

7
dlikhten 1 day ago 4 replies      
HA! I started reading and researching and it just made me laugh.

Guess what you get when you go to http://duckduckgo.com/?q=jquery THATS RIGHT, an official site logo, because Gabriel is f-ing awesome and I love DDG's little almost insignificant features like showing you the official jquery website vs what you THINK the official one is, since google never helps you there.

Also I have adblocking and opt-out from google's ad tracking on so I never suffer these things. But that's what makes DDG so amazing, that opt-outs don't mater Its just so clutter free. Putting things into context vs just presenting you with data. Note that in my search results I even get the nice icons indicating if the result is spam or not. That website for the fake jquery is... well its not even on first 100 search results, may be blocked.

Thanks DDG, you just justified your existence yet again.

8
tghw 1 day ago 3 replies      
What I find incredible about this is that Google has gotten so good at returning exactly what we want that we no longer bother checking the authenticity of it, even when it's something specific. If Google was "lagging behind on the game" as some people are suggesting, this never would have happened because we wouldn't be trusting it to return what we want.
9
kristofferR 1 day ago 1 reply      
This should be easy to sabotage/fix for the real jQuery.com guys. Since the fake .it-site hotlinks directly to the css and custom javascript from jquery.com they can add some code that will warn users that the site is a fake, automatically redirect all traffic to jquery.com with a 301, add canonical headers etc...
10
po 1 day ago 0 replies      
This is also another example of why having more top level domain names will make things worse, not better.
11
gaborcselle 1 day ago 0 replies      
I highly recommend using the Google-hosted versions of JQuery rather than downloading them and hosting them on your own. You get the benefits of faster downloads through Google's CDN and since many websites use these, they're pre-cached in browsers:
http://code.google.com/apis/libraries/devguide.html#jquery
12
AlexMuir 1 day ago 0 replies      
Not only has Google ranked the site highly, it seems to be the financier too. It looks to me that this was done just for the Adsense income.

Why this was done? Here were my first few thoughts:

1. Display ad revenue. - Maybe initially, there is Adsense markup but the ads aren't showing for me so perhaps Google has disabled them.

2. Affiliate income from the links to jQuery books - I can't see an affiliate code in the links so probably not.

3. Hijacking the Donate button - No. This leads to a blank page with just a Time to Generate snippet.

13
yaix 1 day ago 0 replies      
>> If you're in a hurry to download a copy of the latest jQuery revision

Pardon? If you download just any jQuery without even checking the domain you are downloading from, then you are very careless. That's just like typing your Paypal password into a form on a website that was linked in an email that looked like it came from Paypal...

Your copy of jQuery will be able to see anything that happens on the site you are writing, send any user password to a external server, read session keys, query your API for any data as a logged in user, etc. You could even build a botnet out of modified jQuery libraries.

Whenever you download executables, make sure you know where they are coming from!

14
JonnieCache 1 day ago 1 reply      
I bet there's a codepath in the magic google algorithm that says, "all things being equal, favor the page that has adsense." Except normally, things arent quite this equal.
15
dspillett 1 day ago 1 reply      
There is a fairly simple heuristic that could combat this, which I assume is possible with Google's architecture (which I know little about, so I could be wrong here!):

* if a page A refers to the same external css and images as page B on another site, and those external resources are local to B, then assume B is more original and should be ranked higher than A.

Of course the SEO people will get around this by making sure they take copies of the css and image assets as well as the html ones once this is implemented, but at least it'll save the "target" site a little bandwidth.

16
ljlolel 1 day ago 0 replies      
Great find. Google is really lagging behind on the game. An italian blog should never rank higher than the jQuery site. If Google loses our trust, and we have to be on our guard all of the time, ...
17
MatthewPhillips 1 day ago 1 reply      
How is this even possible? Doesn't PageRank work by counting links? Does jquery.it have more inbound links than jquery.com?
18
mrcharles 1 day ago 1 reply      
What worries me about this is the original intentions of the owners of jquery.it. Obviously they planned something malicious, and were setting up for it, only random chance resulted in them getting outed before they could begin deploying their actual malicious code.

Frankly, had you been more careful, worse could have happened down the road. Still, I would be interested in seeing exactly how jquery.it made it to the top of the search listings.

19
czDev 1 day ago 0 replies      
I don't think the author is to blame at all. I do stuff like this all the time - I'm working on something, google for it, download and keep on moving. I use google constantly throughout the day, and trust the top result to be authentic. As it turns out, that trust may be unwarranted.
20
eps 1 day ago 0 replies      
In short -

Beware of downloading JQuery from jquery.it, which may appear before jquery.com in related Google searches. The end.

21
chrisjsmith 1 day ago 3 replies      
I think the blogger was being an idiot. You should check the authenticity of what you are downloading, not just snag it.

It's like eating a kebab dropped in the street.

22
AndyJPartridge 1 day ago 1 reply      
If I now do a search at google.co.uk for "jquery 1.6.2" the linked article is the first hit.

The .IT in question site is the fourth.

Things move fast on the interweb, I can't agree with anyone claiming this is Googles fault.

With the size of the database, the breadth of queries that are done against it and the myriad of possible returns - how could they reasonably police it?

23
lhnn 1 day ago 0 replies      
What if Google put subtle warnings on websites from other CC TLDs than .com, .net or the TLD you live in?

Alternatively, Google could just work on spotting phishing and spam sites.

24
scottkrager 1 day ago 0 replies      
The victim of SEO?

No, the victim of a scam and Google. The site barely has any inbound links, if this is SEO, they suck.

This is a google fail, not an SEO fail.

25
iter8n 1 day ago 2 replies      
I would have just typed in 'jquery.com' and then clicked the link for the download page.
26
ldar15 1 day ago 1 reply      
"MAJOR BUG! Google search engine found to be open to SEO abuse!!!"

Except that this wouldn't be news. And because it wouldn't be news, the blame falls entirely on the author.

The author got fished. Kudos for letting everyone know about it. -kudos for blaming google.

27
EricR23 22 hours ago 0 replies      
The jQuery team is well aware of this issue.
28
bhartzer 1 day ago 0 replies      
I'm amazed at how many people jump to conclusions--and say that a bad Google search result or search spam is always the fault of SEO. SEO is not evil, and it is not all search engine spam. Most of the time the SEO that I do has to do with more with cleaning up bad or sloppy code and web design errors.
29
fendmark 1 day ago 0 replies      
Saying that you're a victim of "SEO" is about as accurate as saying you are a victim of "Web Development."
12
Twitter acquires BackType (YC S08) backtype.com
257 points by razin  2 days ago   48 comments top 14
1
swombat 2 days ago 4 replies      
[ YC08 ]

BackType has raised a total of $1.32m according to http://www.crunchbase.com/company/backtype

No speculation as to the size of the acquisition, but I guess anything between $10-100m is possible, which would give YC a return of about 3% (6% adjusted down to 70% twice) of that, or somewhere between $300k and $3m?

"YCombinator: turning $15k into $300k in 3 years"

Not bad.

Edit: This is based on the idea that BackType is successful, and had other options (which may not be the case, since their QuantCase/Compete graph is going down)... if they were about to go bust, the price could be considerably lower... but if they were doing well, I imagine investors would have blocked a sale lower than $10m.

2
nestlequ1k 2 days ago 1 reply      
I don't get it. Are startups now just a new resume? How are BackType users supposed to react to this? How are users supposed to trust other API startups if they can just get the rug pulled out from them like this?

I'm happy for the team, but is there not any way they could have transitioned the project to other developers and still joined twitter fulltime?

3
plinkplonk 2 days ago 2 replies      
Old readwriteweb article

"Secrets of BackType's Data Engineers - How do three guys with only seed funding process 100 million msgs a day?"

http://www.readwriteweb.com/hack/2011/01/secrets-of-backtype... HN discussion http://news.ycombinator.com/item?id=2097926

I am not a Clojure fan, but I found BackType engineer Nathan Marz's fusion of Datalog, Clojure and Hadoop to create Cascalog very impressive, and was looking forward to Storm.

4
icey 2 days ago 3 replies      
A) Congratulations to the BackType team! I wonder if they're the first Clojure-heavy startup to be acquired. It will be interesting to see what happens to their technology stack after a couple of years.

B) Does this impact the open-sourcing of Storm?

5
joblessjunkie 2 days ago 3 replies      
I wish that when a headline announced "Big company acquires little startup you've never heard of" that it would be accompanied by some explanation of what the little startup actually does, and why it is interesting.
6
thecoffman 2 days ago 0 replies      
Congrats guys! I worked with Nathan, and he's a brilliant guy. Well deserved success.
7
swannodette 2 days ago 1 reply      
I wonder what affect this will have on the open sourcing of Storm.
8
brlewis 2 days ago 2 replies      
"we will discontinue the BackType product and API services"

Besides Google Alerts, what alternatives are out there?

9
randall 2 days ago 1 reply      
Black shirt acquired! Congrats guys!
10
siculars 1 day ago 0 replies      
Looks like they shut their free api down around noon today. Not even a tweet. Boo.
11
pdelgallego 2 days ago 0 replies      
Congrats to the guys of BackType.

I have been very tempted to apply to their internship during the winter.

12
ddemchuk 1 day ago 1 reply      
and yet no profit has been had...good job twitter, good job
13
edawerd 2 days ago 0 replies      
Congrats guys. Well deserved.
14
chrisvallejos 2 days ago 0 replies      
Congratulations to BackType!
13
MIT 6.006: Algorithms in Python mit.edu
252 points by helwr  2 days ago   26 comments top 7
1
sajithw 2 days ago 0 replies      
It's a bit misleading to describe this as "algorithms in python". You'll find that the course is almost entirely theoretical (as it should be) and that there is a small implementation component for each problem set that just happens to be in Python.
2
niyazpk 2 days ago 3 replies      
Waiting for the video lectures...
3
Bogdanp 2 days ago 0 replies      
4
nsomaru 2 days ago 1 reply      
does anyone know of a directory of all MIT CS lectures which may not be available on OCW? would be great to have such a list. extra brownie points for Python... :)
5
scorpion032 2 days ago 0 replies      
Always, Always been a fan of algorithms taught in Python.
6
morazow 2 days ago 2 replies      
Erik Demaine great lecturer.
7
pbreit 2 days ago 2 replies      
Could Khan do each of these in about 7 minutes?
14
US claims all .com and .net websites are in its jurisdiction theinquirer.net
249 points by pixdamix  2 days ago   150 comments top 32
1
Silhouette 2 days ago 3 replies      
England, February 2014: In other news, the Internet Service Providers' Association announced today that no major English ISP now relies on Verisign, the US company formerly responsible for administering major domains such as .com and .net worldwide.

This follows a ruling at the European Court last year that Verisign's actions in blocking the domain of German business Musikjetzt GmbH constituted an unlawful restraint of trade, and a subsequent European decision that all primary DNS management should be run under the newly formed United Nations Internet Oversight Service.

The Musikjetzt service allows music fans to stream their favourite songs on demand under the new copyright collective licensing regulations introduced Europe-wide in early 2013, and has sharply increased the consumption of music by independent artists.

Shares in major US record labels have fallen over 40% in the past year, which industry insiders have repeatedly blamed on the way that Europeans "don't respect copyrights." As one CEO put it, "If they won't respect our rules voluntarily, we have to make them respect them."

A spokeman for the US Immigration and Customs Enforcement agency said "Economic attacks on fundamental US industries are a bigger threat than terrorism, and we will always respond accordingly."

No-one from the Recording Industry Association of America was available for comment.

2
Shenglong 2 days ago 2 replies      
Is this a joke? I thought it might be serious until I read:
ICE is not focusing its efforts just on web sites that stream dodgy content but those that link to them

Please tell me this is a joke. I don't know whether to laugh or be sad.

3
dsl 2 days ago 3 replies      
FYI, .com/net/org have always belonged to the United States.

In the same way that .ca belongs to Canada, com/net/org/us belong to the US. Think of them as the sponsoring organization that originally created them.

The only thing the US government has ever given up is control over the registry and DNS management. Under a MoU[1] that facility was handed over to ICANN with the understanding that they would select US based private sector companies to take on the duties.

Other TLDs that are sponsored internationally but managed in the US (like .me or .ws) is a whole different issue, but this one is pretty clean cut.

1. http://www.icann.org/en/general/icann-mou-25nov98.htm

4
tomp 2 days ago 0 replies      
Barnett, assistant deputy director of ICE: "The idea is to try to prosecute."

If I remember correctly, in the few cases that the domains were confiscated, there was no prosecution, no courts involved. The owners of the domains had practically no means to question or challenge the seizure. At least that's what the media reported at the time.

5
vacri 2 days ago 0 replies      
"By definition, almost all copyright infringement and trademark violation is transnational."

By definition? By definition!?

If that's the case, then as long as the bulk of pirates are in the same country as the copyright owner, then by definition, no violation has occurred.

6
arihant 2 days ago 1 reply      
I'll get downvoted for this.

Argument (I don't completely agree, but someone will make it sometime)- I think it is not good for humanity to trust the jurisdiction of a country which has demonstrated tainted judgement by getting involved in nuclear weapons and given their recent involvements in the middle east. The United States is not the country whose jurisdiction should control any form of worldwide open platform.

Just a thought. This stuff needs some sort of international law. No jurisdiction in the world is good enough to rule the web, in any damned way. We cannot take our narrow minds into the future for our race.

7
daimyoyo 2 days ago 2 replies      
If these sites are in the jurisdiction of the US, aren't they also entitled to the same right of due process? Have any of these seizures been challenged in court? And if so, what's the status of the cases?
8
clistctrl 2 days ago 3 replies      
I ask this completely seriously. What would it take to declare the domain of the internet as its own sovereign entity? The internet to me has become greater than just a communications network. It is a place where people connect/work/play. DNS is a natural resource, and should be regulated by all that is affected by it.
9
romland 2 days ago 0 replies      
Hmm. Personally this is how I always thought of the original generic TLDs (com/net/org). In my head I think I even applied the idea to .xxx, .aero and what-not as well. Pretty much how I expect Libya to do whatever they want with the .ly domain.

This seizing of domains has been kind of the de-facto behavior for at least some five years by now. In my head this new policy does not change anything (don't run gambling sites on a .com domain etc?). Hell, I might even go as far as to say that it might be a positive thing if there was no such thing as a generic TLD. Most corporations registers all their domains globally anyway (whether that is good or bad is another story).

Not the most relevant Google query, but it takes the idea home, I guess: http://www.google.com/search?hl=en&q=us+seizes+domain+20... -- I didn't bother looking for older entries than that.

11
jxcole 2 days ago 0 replies      
I think they may be shooting themselves in the foot with all this litigation against copy infringers. Once it becomes impractical to share files using bit torrent, people will probably just switch to mildly less convenient but more secure methods, like free net.
12
ebaysucks 2 days ago 3 replies      
Suddenly I am happy only the .org was available for my new project.

I am wondering though: Couldn't the US make similar claims on .org and .us (and .edu, .biz?) domains?

13
chrisjsmith 2 days ago 2 replies      
Centralised DNS = bad. That's the issue.
14
imrehg 2 days ago 1 reply      
Why is online piracy such a big business (and hence a problem to the rights holders)? Because there are no comparable legal alternatives. So instead of technology and business innovation, let's do legal innovation and sue them people regardless of where they are.
15
jbronn 2 days ago 0 replies      
Verisign is operator of the authoritative domain name registry for the .com and .net top-level domains. Verisign is headquartered in Virginia, and as such, the "property" of the domain is located in the United States and is subject to the jurisdiction of our courts.

This isn't new, and it's why anti-cybersquatting legislation (15 U.S.C. §1125) can be enforced.

16
dstein 2 days ago 4 replies      
Then .com's should be phased out. Migrate all .com to .co.us.
17
jrockway 2 days ago 1 reply      
Maybe all those .ly domain names aren't such a bad idea after all...
18
turbojerry 2 days ago 0 replies      
I wonder where this will end? Claiming all packets that go through the US are in its jurisdiction? All packets that go through routers supplied by American companies who provide finance for the router? All packets that go through routers owned by a company who has 1 or more American shareholders?
19
tnorthcutt 2 days ago 3 replies      
Perhaps I'm missing something, but why would ICE have anything to do with copyright in the first place, regardless of whether their jurisdiction claims are upheld/fair? How does copyright fall under either immigration or customs?
20
nhangen 2 days ago 0 replies      
I get that they can take the domain away, but to seek extradition and US charges in court seems absurd.
21
imrehg 2 days ago 1 reply      
Oh dear, why did I by a .net for my personal domain.... ><
22
brudgers 2 days ago 0 replies      
tl; dr

ICE spokesperson: All your domain are belong to U.S.

23
suprgeek 1 day ago 0 replies      
Intentionally or not this is an excellent way to force the "distributed control" issues of the Internet. It is only a matter of time before other countries (non-US) demand greater say in the control of the policies. This should be an interesting issue and relevant to all users of the Net in the long run.
24
nodata 2 days ago 1 reply      
Everyone else claims .us is in the US jurisdiction.

How will this stop anything? Wasn't .com handed to the UN to manage?

25
noarchy 2 days ago 0 replies      
Are there currently any TLDs that are not under the control of a country?
26
bad_user 2 days ago 1 reply      
Well, PirateBay is a .org
27
crististm 2 days ago 1 reply      
That's why I want to see alternative DNS services (TLD) take off...
28
generators 2 days ago 1 reply      
if they even remotely try it, I bet each country will have their own dns server and broken internet. this clearly show that How gradually, USOFA do not have any intention to keep internet open. so it would be wise to move away from them while we can. ( only sometimes, once in a while, why it seems that china is better ? )
29
Uchikoma 2 days ago 0 replies      
+1 for having more than one domain for your (user content generated) startup.
30
canadiancreed 2 days ago 0 replies      
Sounds like a good time to start selling those .com/.net domains I've got stashed away.
31
ao12 2 days ago 0 replies      
All your base are belong to us
32
BasDirks 2 days ago 0 replies      
I do not condone any lulz that may result from this, but this is the equivalent of dropping your soap in prison.
15
Clojure on Heroku heroku.com
240 points by joshuacc  2 days ago   27 comments top 5
1
wingo 2 days ago 0 replies      
Remarkable. Congratulations, clojure folk, for a fairly mainstream Lisp coup.

[Edit: Also, props to the Heroku folk for doing something a bit off the beaten path. I'm sure clojure is lovely, but it wasn't the "obvious" next thing to work on.]

2
olifante 2 days ago 2 replies      
sweet but surprising. This would probably never have happened if the author of Ring didn't work for Heroku.

Anyway, definitely a major milestone for the most elegant language of the last 5 years.

3
olifante 2 days ago 4 replies      
This also means that technically there is no reason why Heroku Cedar couldn't support other JVM languages, such as Scala. It would be fun to watch Scala and Clojure fight it out on an even playing field.
4
ericlavigne 1 day ago 0 replies      
Excellent news!

Heroku is the only reason I gave Ruby/Sinatra a try for a while. I love the idea of having Heroku-style deployment without giving up Clojure.

5
choffstein 2 days ago 1 reply      
Very interesting. Seems rather niche, though after the recent sale of Phenona (which I believe was on Hacker News a couple weeks ago), I can see why everybody would be rushing to become the cloud-deployment solution for any language vertical.
16
Sublime Text 2: Beta sublimetext.com
236 points by creativityhurts  6 days ago   90 comments top 38
1
daeken 6 days ago 2 replies      
I've been using Sublime Text 2 since the first alpha and absolutely love it. Insanely customizable, really well laid out, great project management, fast as hell, etc. I'm still using 'E' on Windows, but on OS X this is all I use.
2
tel 5 days ago 1 reply      
Honestly and evenly, if I'm a proficient vim/emacs user, why would I want to try this out?

I know there's plenty of market not underneath that hypothetical, but an editor has to answer that question to even register with me these days. I also assume I'm not alone.

3
trustfundbaby 6 days ago 1 reply      
You know what I love about Sublime? It this nifty little feature where if you're looking at files in your file list in the side bar ... clicking through them brings up the content of that file in the tab you were last editing (no opening of a new tab) ... and when you go back to editing your file ... the content shows back up in the tab.

So you can look through files very quickly, just by clicking through them, instead of opening 20 files only to close them all when you find the one you want.

And if you start editing the content of a file you were just perusing, a tab opens for that file automatically. tres cool.

... totally sold me on sublime.

4
dtalen 6 days ago 8 replies      
As a longtime vim user I'm interested in knowing if there's anyone that's switched to Sublime Text (or TextMate, or any other similar contemporary editor) and if so, how has it gone? There seem to be a lot of cool features here but do they outweigh the benefit of knowing that they key bindings you've learned will continue to serve you for decades?

Please, this is not flamebait. I'm interested if anyone's made a switch from an old standby like vim/emacs to a new editor and how they've fared. Maybe it's time for me to start looking at all the new editors out there.

5
chime 6 days ago 0 replies      
I just gave it a try and absolutely love the minimap feature. Definitely helps with browsing through my code quickly. Once it had code-folding, I will hit 'Purchase'. Until then it's TextWrangler for me.
6
flocial 6 days ago 0 replies      
Ever since I stopped waiting on TextMate 2 and learned to love myself more, I've moved on to vim and now emacs. I'd be weary of any editor that isn't open source or has a solid organization behind it.
7
veidr 6 days ago 1 reply      
I am really sick of new 'text editors' hitting the scene that can't handle editing text other than English.
8
Corrado 6 days ago 3 replies      
I would say this is more than a replacement for TextMate on OS X. Stop waiting for a TM update and jumpt to Sublime Text 2. I've been using it since the early alphas and it's always been top notch.

The only thing that bothers me right now is the slightly different keyboard shortcuts between Linux and OS X, but I think you can "correct" those manually by editing a couple of config files. Other than that, I LOVE this editor! :)

9
fingerprinter 6 days ago 1 reply      
I LOVE this program and I can't wait for it to be in the Ubuntu Software Center...everyone should be able to get and use this really easily.
10
mrinterweb 6 days ago 0 replies      
For Ubuntu and Debian users, I would recommend installing this from the PPA. https://launchpad.net/~webupd8team/+archive/sublime-text-2 Installing from this PPA worked well for me and it would appear to be up to date.
11
STHayden 6 days ago 0 replies      
I use it and love it. If you ever tried 1.x and have not tried 2.x then you should give it another try. It's worlds better.
12
loevborg 6 days ago 0 replies      
Sublime Text claims to be an editor for prose as well as for code. But does it allow you to use good-looking proportional fonts with good line spacing? Yes, in this respect (though in no other) a text editor should be like Word. I write all my "prose" in a simple text editor (Vim), but I dislike the limitation of using only fixed-width typefaces.
13
lobster_johnson 5 days ago 0 replies      
As a TextMate user, I love Sublime and I'm trying to migrate over.

The built-in project-wide search is extremely slow (it seems to search absolutely everything and consumes 100% CPU while doing it) and seems unfinished. I really miss AckMate (https://github.com/protocool/AckMate/wiki/Usage).

Also, some files with canonical names (Gemfile, Rakefile) don't have file extensions nor shebang lines, and so Sublime can't determine the language for syntax highlighting. Is there a way to fix this?

14
palves 6 days ago 1 reply      
How does it compare with powerful IDEs like Intellij/PyCharm or Eclipse? I mean, does it make sense to have an editor that is both good at "code, html and prose" (debugging and refactoring comes to mind...)?
15
frsandstone 6 days ago 0 replies      
Their server is getting hammered right now. Anyone have a mirror?
16
drewjoh 6 days ago 1 reply      
I'm loving Sublime... except the character spacing is weird for me (running on OSX using Droid Sans Mono). Has anyone else experienced this or know a solution? Sublime/Textmate example: http://cl.ly/050P2l37121b2R0P0a3V

Update: After going through other mono fonts... it seems like all of them are spaced just a little farther apart than what they appear like in Textmate, Espresso, etc.

17
sgrytoyr 6 days ago 0 replies      
ST2 is fantastic. One of the many benefits compared to TextMate is that it supports Emacs-style marks, which enables commands like kill-region and yank.

I have created an "Emacsify" package with some important keyboard shortcuts and additional commands. You can find it here: https://github.com/stiang/EmacsifySublimeText

18
florin_ 6 days ago 0 replies      
Been watching sublime for some time now after I gave it a short try. If only these lightweight editors provided CTRL-click type navigation I'd be sold. I use IntelliJ IDEA now - it is a powerhouse of irreplaceable help. It works magic with Java/Groovy/JavaScript/CSS/HTML navigation.

I need Sublime to provide type navigation. Forget debugging and other features.

19
newman314 6 days ago 3 replies      
Does it do language autocomplete?
20
JeffJenkins 6 days ago 0 replies      
This seems pretty cool, but is there a way to filter out certain file/folder patterns (or globs) on a per-project basis rather than globally?
21
d0m 6 days ago 2 replies      
How's the keys customization? Is there a vi-mode key binding?!
22
georgemcbay 6 days ago 2 replies      
I like this as a code editor, but the lack of even a rudimentary project/directory view (other than the file list overlay which I don't like at all) kills it for me.
23
beck5 6 days ago 0 replies      
I bought the alpha a few months back because I was very impressed with the demo. Its fast, looks good and has good amount of power, power close to Vim level in my opinion. But at the end of the day I use Vim because it is so ubiquitous (and open).
24
orta 5 days ago 0 replies      
I've wrote a ruby gem to act as an equivalent of TextMate's mate command, OS X only I'm afraid.

gem install slime

25
Xavura 6 days ago 0 replies      
I've been using Sublime 2 since early alpha, it is... aptly named. I've tried dozens of editors and eventually settled on TextMate many years ago.

Within 2 days, Sublime had completely* replaced it--something that many editors have failed to do.

I can't wait until I get paid, so that I can throw money at them.

* I still use TM on occasion for its GUI theme/bundle etc. editors.

26
yannski 5 days ago 1 reply      
Poor syntax highlighting for HAML and coffeescript highlithing is non existent... This is why I love vim and the Janus "bundle" https://github.com/carlhuda/janus/ : they are always up to date.
27
jbrowning 6 days ago 0 replies      
Here is an alternate download location from the developer:

http://209.20.84.235/

Source: http://twitter.com/sublimehq/status/86799940021518336

28
Inufu 6 days ago 2 replies      
Why should I use Sublime Text and not emacs? (note that I'm not experienced with emacs)
29
XLcommerce 5 days ago 0 replies      
I really like the feel of sublime text, however there's one feature keeping me on Notepad++ which is double click to highlight text also highlights all instances of that word in the document.
30
chrisrogers 6 days ago 1 reply      
I am a big fan of this project, and it's made some great progress over the months. Only thing holding me back right now: code navigator. The overview display is nice, but a full code navigator would seal the deal.
31
AaronMT 6 days ago 0 replies      
Selecting text shows invisible characters, awesome (it's the little things).
32
swah 6 days ago 1 reply      
I can't stand the black tabs.
33
derencius 6 days ago 0 replies      
from textmate, to vim and now sublimetext2. I'm not that proficient on editors, but sublimetext is being great. fast and simple very configurable. my editor of choice for a couple of months.
34
tomrod 6 days ago 0 replies      
How does this compare with Coderoom?
35
KevBurnsJr 5 days ago 0 replies      
Poor support for PHP 5.3
36
crazymik3 6 days ago 0 replies      
Happy to say that I've already been using it for a while. Big fan.
37
sashthebash 6 days ago 1 reply      
Where is the Peepcode Screencast or something similar for this that teaches me the basics in about an hour?
38
thaumaturgy 6 days ago 1 reply      
Wow, this looks great! I really dig the no-distraction mode, I did something similar with my terminal program and I love it.

clicks Download

...oh. 10.6 required.

Shucks. At least I got to see pictures of it, I guess.

17
Thorium nuclear reactors: a possible solution of the energy crisis? (video) youtube.com
225 points by japaget  4 days ago   101 comments top 20
1
rmason 4 days ago  replies      
I've studied this for years and haven't found any credible reason why we couldn't do this today.

But there are a lot of forces allied against Thorium in both the government, energy companies and the current nuclear industry.

Senator Hatch (R) Utah with support from Harry Reid (D) Nevada has introduced a bill annually for five years to fund $200 million to research to commercialize Thorium power. Yet every year the bill never even gets voted on.

http://hatch.senate.gov/public/index.cfm?p=releases&Cont...

What is stopping Google itself from funding this I don't know? Our country should make this a major initiative similar to the race to the moon and get us off coal, oil and gas.

2
api 4 days ago  replies      
I hear a lot about the LFTR, and I wonder what the problem is. Is there a major technical hurdle that prevents this from seeing widespread use?

Sometimes there is, sometimes there isn't. Sometimes a really good idea never gets used because... well... because nobody really picks it up and runs with it. It's that simple sometimes.

But sometimes there's some hidden gotcha.

3
Create 4 days ago 1 reply      
This is project pursued by many[1]. The main hurdles are:

1. political [2], which Kirk mentions (it is no coincidence, that the pellets that the rods contain are as standard as the NATO bullet) -- the industry and power has a very different interest

2. technical: Kirk always mentions, that the fuel is not solid. It is liquid. The latter means, that you do have higher concerns about corrosiveness, hence (useful) reactor lifetime...

Also, the issue of scale, which tends to lie between 1. and 2. Uranium "won", because you got the real stuff with it (weapons as in actual projection of power, or the capability of threat to project power) and because you could make it work on a massive scale (current reactors are an order of magnitude larger than any LFTR design, and capitalism is based on the leverage of and concentration of power).

[1] http://energyfromthorium.com/

http://www.thorenergy.no/

http://thoriumenergy.com.au/

... besides China, India, France and (even) Czechs.

[2] http://www.bbc.co.uk/blogs/adamcurtis/2011/03/a_is_for_atom.... -> see Seaborg interview part

4
fleitz 4 days ago 0 replies      
Just use CANDU reactors, it will burn raw uranium, and can use the waste product from PWR reactors, just leave the thorium in the raw uranium. It's been working for years, no Yucca mountain, Yucca mountain is a purely US phenomena, it doesn't exist in Canada or France. It's not a new technology, it's 60 years old. All you need is a little heavy water, and in event of a meltdown you just flood the tank with regular water and voila no reactions.

http://en.wikipedia.org/wiki/CANDU_reactor

Here's the fuel cycle for a CANDU reactor which will support the thorium cycle as well.
http://en.wikipedia.org/wiki/File:CANDU_fuel_cycles.jpg

5
zherbert 4 days ago 1 reply      
I go to school at Boston University and took an Energy class with a Nobel Laureate in physics, Sheldon Glashow, last semester. He spoke in great depth about Thorium reactors, and is very supportive of the technology.

One of the main hurdles is that we have poured money into our modern-day reactors, and have constructed hundreds of plants. If we were to switch to thorium, we would have to essentially start from scratch - new research, new plant designs, new training, etc. It is very difficult to justify a complete switch from uranium, as it would be incredibly costly.

In other countries, however, thorium reactors could be very beneficial. Countries using thorium would not be able to produce nuclear weapons, which would give the world great peace of mind. This could minimize risks in unstable countries - we wouldn't worry if Iran was building a thorium reactor, for example.

There are also other types of reactor designs that use nuclear waste to create power. I believe our nuclear future lies with these types of reactors, rather than with uranium or thorium.

6
amalag 4 days ago 0 replies      
Since India has a lot of Thorium, they are actively pursuing it. http://www.youtube.com/watch?v=Nl5DiTPw3dk&feature=relat...
7
DennisP 4 days ago 0 replies      
For anyone who wants to delve into this more deeply, Sorenson's videos (http://energyfromthorium.com/2011/06/04/adventures-with-gord...) are really great. I recently watched the two-hour one, which was edited from a longer talk to cut out the pauses. It's a rapid-fire, passionate technical introduction that I found very compelling.
8
ugh 4 days ago 1 reply      
Any plans to build a reactor somewhere?

I fear that mere engineering heavy talking has no chance solving nuclear's PR problem.

Actually building a reactor might help. Maybe. Maybe not.

9
daniel-cussen 4 days ago 0 replies      
I read an American company is trying to make one in the north of Chile. It's because they really need energy (they're currently using coal and diesel to keep the lights on in the north) and there's not a whole lot of bio-anything to protect there. I think it's a great idea, but a lot of people don't.
10
mcritz 4 days ago 0 replies      
Thus video just gave me something to research for the next few days.
11
iwwr 4 days ago 3 replies      
You can still make bombs from the thorium cycle, with U233.
12
ollybee 4 days ago 1 reply      
the UK National Nuclear Laboratory (NNL) undertook a recent independent assessment, in which it assessed a number of claims made by proponents of thorium fuel. The report can be found at: http://www.nnl.co.uk/positionpapers
13
mrothe 4 days ago 5 replies      
This cutted version feels like none of these persons said anything that is in the video, because the statements (or even words) are "out of context". I just can assume the author of the video has good intentions and did not change the context.
14
brianbreslin 3 days ago 0 replies      
Slightly off topic, but could thorium be used for vehicle propulsion? as in nuclear submarines or even better: space craft? if the payload is efficient enough, it could solve the issues we have with getting rockets into space (fuel is heavy, and costly to transport).
15
earlyrise 3 days ago 0 replies      
If the world was serious about nuclear non-proliferation, we would have thorium reactors everywhere already. They said a few times in the video that thorium reactors can't be used for weapons, and so they are not built. Governments have decided that we need nukes, so thorium reactors do not get funding.

But if we are serious about non-proliferation, then switching to thorium reactors and controlling which new reactors get built is a much more effective strategy then the current weapon-counting efforts. Once a reactor is built and starts creating fissile material, then it is difficult to keep track of and control. But it is much harder to hide a reactor while you are building it - Iran tried and failed.

So it seems to me that thorium reactors, in addition to their efficiency, low cost and low amount of radioactive waste, could also be a useful tool in enforcing nuclear non-proliferation. We've got these reactors that cannot be used to make bombs - why don't we sign treaties saying that they are the only reactors that can be built?

16
softbuilder 4 days ago 0 replies      
Can I look forward to a Google thorium salt reactor in the near future?
17
u48998 3 days ago 0 replies      
I have a whole lot of related links here making the case for thorium: http://webwanderings.wordpress.com/2011/04/07/thorium-based-...
18
seamonster 4 days ago 0 replies      
Kirk Sorenson on Dr kiki's Science Hour: http://www.youtube.com/watch?v=vEpnpyd-jbw
19
delinquentme 4 days ago 0 replies      
Tailor made idea for the "reverse VC pitch"

VC >> find engineers >> provide $$ >> GO.

20
zobzu 4 days ago 2 replies      
text > video
18
Companies that make money by distributing misleading versions of VLC l0cal.com
223 points by etix  15 hours ago   72 comments top 14
1
jbk 13 hours ago 3 replies      
Disclaimer: VLC dev and VideoLAN chairman

I think the worse part of all this mess is that Google refuses to act and stop those. This was requested quite a few time and Google told us to go away because we didn't own all the trademarks in the US (even though we still have copyright).

Moreover, the safe-browsing initiative, used in Chrome 12, is a complete joke. Reporting one of those websites make the safe-browsing re-scan the website, and find absolutely no issue with it and white-label it, which is even worse...

I contacted the Safe-Browsing initiative to report the issue and they told me "that their wasn't any issue on those websites...". Right...

Of course, running any of those executables on your Windows machine makes MSE (or other antivirus) scream...

I hope that Google fighting spam initiative will improve the situation, but seeing http://vlc-download.com/ on the first page of "VLC" search makes me wondering...

2
troymc 10 hours ago 0 replies      
Last week, I changed my default search in Chrome to DuckDuckGo. Today when I do a search for VLC Media Player I get the "VLC media player" Wikipedia article in the red box at top, and http://www.videolan.org/vlc as the top search result, with a nice little "Official site" label beside it.

I'm increasingly delighted by DuckDuckGo.

3
darklajid 14 hours ago 5 replies      
I wonder if there are any SEO people out there, doing pro-bono (is that even the right term?) work for open source projects like this?

It should be possible to fight back (or, as was discussed/suggested before, search engines are just broken).

4
rwmj 7 hours ago 0 replies      
One problem with VLC is the genuine site's URL is not obvious. It is:

http://www.videolan.org/vlc/

but it's competing against (spammy) sites like "vlcdownload.org".

If they had vlc.com or changed their name to videolan, then it'd be better IMHO.

5
billpg 13 hours ago 1 reply      
So distributing copy of VLC with lots of malware added but still conforming with the GPL is okay?
6
shadowflit 2 hours ago 0 replies      
So of course I agree that spam results are the heart of evil. But I'm confused. After reading the DDG comment, I plugged both "VLC" and "VLC Media Player" into both google and DDG, expecting to see bad results at google. Instead, the top 4 results (ignoring ads, of course) all point to videolan.org. Is this a case of my results being pre-filtered or something? I don't recall hitting the "this is stupid, make it go away" button too often on Google.
7
MetaMan 8 hours ago 0 replies      
I think the real issue is that there is a misalignment of "business models".

On the one hand you have an open Source project with little funding relying on a small group of volunteers acting mostly out of a sense of social responsibility and on the other hand you have dishonest rip-off artists able to make money for free with little or no practical sanction applied.

Its not really google's job to police the web (Note I'm not condoning Google's behaviour). The extent to which they do this depends on how well that policing activity aligns with their business interests.

The root problem is profit Vs non-profit in an environment with dis-interested / conflicted and or toothless regulatory bodies.

IMHO Money is metaphor for power and as long as VLC/VideoLAN is a 'not-for-profit' organisation they will have problems.

8
zenspunk 12 hours ago 4 replies      
Should Google somehow run background checks on every advertiser to see if they're breaking some US law? (or other countries' laws?) What broken laws should justify removal?

Should this be before or after they allow them to advertise? If before, this would inconvenience the majority of advertisers who are legitimate. If after, should Google investigate every incoming report of illegitimate advertising? Or, how many reports should warrant an investigation by Google?

Regardless, can Google remove these Adword listings without legal issues (i.e. without risking being sued)?

Getting these scammers off the front page of search would be relatively easy - it can be solved algorithmically. They're probably working on it now, with their anti-linkspam initiative.

But I don't see how Google could get them off Adwords without employing hundreds or thousands of people to review advertisers, but this would create more problems of greater magnitude than it would solve.

They could crowdsource it to narrow the (retrospective) review process, but this would create a secondary market of advertising, which I doubt Google wants, nor users would want to deal with.

I can't think of a way for Google to solve this problem without creating larger ones.

It's the responsibility of governments -- not internet advertising platforms -- to police copyright law.

9
TeMPOraL 14 hours ago 0 replies      
Seeing that I am thinking more and more about creating a personal "never ever work with those people/companies" database...
10
mwill 14 hours ago 1 reply      
Worth noting it seems many of the sites listed at the end of the post are now offline.
11
arihant 7 hours ago 0 replies      
To me it appears that most have not changed the name and they are hosting the download files for free. Not all darkness here.
12
Zeus-TheTrueGod 7 hours ago 1 reply      
sudo apt-get install vlc.
Really easy, so may be google is not the best way to download and install software ?
13
pavel_lishin 9 hours ago 0 replies      
Why do you consider VLC crap, and what would you suggest as an alternative? Bonus points if the alternative works on all three operating systems that I use (OS X, Windows XP, Ubuntu.)
14
omouse 10 hours ago 1 reply      
How can you say "intellectual" property and GPL in the same sentence? That's fucked up, seriously. The whole point of the GPL is to help erode the copyright system and make it unnecessary.

Of course this situation is not specific to VLC, other open source products are affected by this scourge and there's not much we can do about it. They have the money to buy adwords, we don't. Sadly, as a non-profit organization we don't have the money to sue them.

Really? You would sue them? That's kinda dumb don't you think? Kinda gives legitimacy to the shitty copyright system...

Anyway, my solution would be to ask for money so that you can afford to take some action.

The other half of this solution is to setup a few spammy/malware-looking websites that offer the genuine product. Out-spam the spammers! There must be a reason people are falling for the spammers' marketing after all.

And judging by the domain names, you failed to pick up on that marketing. They have some key domain names; downloadvlcplayer.net, vlcdownload.org, vlc-media-player-blog.com. Those domain names should have been bought up a while ago. Create a new domain, something like free-vlc-download.com.

19
Twitter Shifting More Code to JVM, Citing Performance and Encapsulation infoq.com
224 points by colin_jack  3 days ago   83 comments top 14
1
raganwald 3 days ago  replies      
I like this. I recall a startup some years back with a vision to build something complex. The founder sat down with everyone and said that we had an important decision to make: Do we build something that grows or do we build something that evolves?

Neither way forward was presented as an obvious win. Building something that grows meant overengineering and trying to forecast the future. Building something that evolves meant constantly rewriting things, taking time away from new development.

Twitter seems to have taken the "evolution" route, and it has served them well. I'm not at all sure they would be this successful if they'd tried to build on the JVM right from the start using the technologies available at the time.

2
fizx 3 days ago 2 replies      
One of the key things that was kinda skimmed over: You should check out http://github.com/twitter/finagle.

It takes async network programming with netty into a functional programming paradigm. Programming scala/finagle network services is much nicer IMO than coffeescript, ruby/em/fibers, raw netty. I can't wait until we release our finagle-based cassandra client. It's been really nice to work with.

Here's some sample code:

https://github.com/twitter/finagle/tree/master/finagle-examp...

3
clintjhill 3 days ago 1 reply      
In my opinion, the best part of their infrastructure is their willingness to specialize in languages within each stack. It isn't simply "Java everywhere".

"To allow developers to choose the best language for the job, Twitter has invested a lot of effort in writing internal frameworks which encapsulate common concerns."

The single best investment companies can make is to allow developers to choose their specialty, and their language. Otherwise you have a huge overhead of skill set mismatch. And your talent pool can be bigger if you're open to more than one language.

It's a refreshing view.

4
lemming 3 days ago 0 replies      
This sounds slightly misleading to me:

The primary driver is honestly encapsulation, so we can iterate faster as a company. Having a single, monolithic application codebase is not amenable to quick movement on a per-team basis. So when we decide to encapsulate something, then because of our performance concerns, its better to rewrite it in the JVM for most systems, than to write a new Ruby system.

It sounds from that like their primary driver for using the JVM is actually performance, but that they only decide to rewrite components when encapsulation drives them to do so. I can't see how the JVM provides any encapsulation benefits over Ruby for new systems.

5
jrockway 3 days ago 1 reply      
jrockway's law: add enough developers to a project and it eventually becomes Java.
6
sehugg 3 days ago 1 reply      
Netty is a godsend. Java threads are extremely memory-hungry, so async I/O is a must for handling many connections. We routinely handle 200K simultaneous connections on our push servers without breaking a sweat.
7
russellperry 3 days ago 4 replies      
"...static typing becomes a big convenience in enforcing coherency across all the systems. You can guarantee that your dataflow is more or less going to work, and focus on the functional aspects...But as we move into a light-weight Service Oriented Architecture model, static typing becomes a genuine productivity boon."

A 'productivity boon'? I don't understand. At the risk of invoking the ancient static vs. dynamic religious war, this statement makes no sense to me.

I get that if your codebase is tangled enough, and your unit test suite is inadequate to "guarantee that your dataflow is more or less going to work" that maybe rewriting significant portions of it in a type-safe system makes sense. I guess. But without specific code examples it's hard to say exactly what he's talking about.

Myself, I've spent many years in both static and dynamic environments and I know exactly where I'm more productive -- and it's not wrestling complex parameterized types to the ground, pulling up abstract classes or interfaces, and/or configuring IOC containers, abstract factories and the like.

I wonder though -- this has echoes of Alex Payne's criticisms a couple of years ago, which I think Obie Fernandez addressed pretty well:

http://blog.obiefernandez.com/content/2009/04/my-reasoned-re...

8
SoftwareMaven 3 days ago 0 replies      
One of the important lessons, IMO, is that you should always be making pragmatic decisions that work today and into the near future. You can't predict how your system will change over time, so engineer in today's needs and let tomorrow take care of itself.

Pragmatic failure inevitably leads to analysis paralysis. Just worry about getting stuff done. :)

9
petenixey 3 days ago 1 reply      
I wonder if the reason Twitter never sees any significant evolution in product is because they've weighed themselves down with too much iron cladding on their services or if they've had more time to iron clad their services because they never evolve the product.

Neither may be related but for a large company with very little product they seem to produce astoundingly little.

10
msie 3 days ago 0 replies      
Holy name-soup, Batman! Stuff that was new to me: Gizzard, Finagle, Blender, Netty and Earlybird.
11
riprock 3 days ago 0 replies      
As a JRuby fan, I have my fingers crossed that they will switch to JRuby and help it become "more mature." :)
12
gary4gar 3 days ago 2 replies      
I wonder how the story had been, if twitter had opted for Python, instead of ruby.

Do they still have these problems or in these aspects python is better than ruby?

13
rockarage 3 days ago 0 replies      
This is similar to facebook going from php to c++ via hip hop. ( http://developers.facebook.com/blog/post/358/ ) Very few companies will ever reach the scale of twitter and facebook. Building with ruby, php, python.. whatever your team is comfortable with is still ok.
14
cheez 3 days ago 0 replies      
Hopefully they don't have any Java experts on board.
20
Why the #AskObama tweet was garbled on screen hanselman.com
224 points by brianwillis  5 hours ago   52 comments top 17
1
pak 4 hours ago 2 replies      
"This is SUCH a classic sloppy programmer mistake that I'm disappointed"

Oh come off of it. This happens everywhere on the web on probably something like 25% of websites. And it's NOT always the consuming program's fault: very often somebody upstream, e.g. the hosting company, the person that wrote the HTML, the source of an RSS feed being inserted into the page etc. etc. forgot to encode something the way somebody else expected, and you as the poor guy at the end of the chain gets a document with multiple encodings improperly embedded into it. Inevitably you have to make some bad decisions and not all corner cases are handled.

Somebody once reverse-engineered the state chart for how Internet Explorer handles documents with conflicting encoding declarations and I kid you not, it must have had >20 branches spanning a good few pages. Officially, the correct order of precedence is (http://www.w3.org/International/questions/qa-html-encoding-d...):

1. HTTP Content-Type header

2. byte-order mark (BOM)

3. XML declaration

4. meta element

5. link charset attribute

but that's not how every browser does it, because the W3C sort of declared that after things on the Real Internet (TM) had already gotten out of hand. I hate to resuscitate Joel posts but Unicode is not easy to implement right.

2
giberson 4 hours ago 3 replies      
Maybe I'm just a terrible programmer, but I think the author may be a little over emphasizing the seriousness of the bug. To me, this is one of those throw away issues that you keep in the back of your mind. Unless I'm coding something that is extremely datacentric and critical in that sense. But it's not like its on one of my "top 20 must run tests" or anything. It's always one of those issues I ignore or assume is correct until I find out it isn't. When I find out, it's simply a matter of tossing in a code page translation at either the input or output end and I'm done with it.

Or maybe I've just been fortunate enough to be in an environment where an occasional goof of this caliber doesn't have any serious consequences.

3
js2 4 hours ago 1 reply      
tl;dr:

  $ python
>>> print u"\u2019".encode("utf-8").decode("Windows-1252")

4
yahelc 4 hours ago 1 reply      
'So do political nerds get to moan because the author referred to Boehner as "the Senator"?'

https://twitter.com/douglas/status/89080894018686976

5
pavel_lishin 4 hours ago 2 replies      
Did they see the encoding mistake before they showed it?

Because I wonder how difficult it would be to create a string that says something innocuous in UTF-8 (e.g., "When will you bring the troops home #AskObama") but in ASCII would read as something totally different, but legible (e.g., "the secret priests would take great Cthulhu from his tomb to revive His subjects and resume his rule of earth...")

6
anigbrowl 4 hours ago 1 reply      
I find it infuriating that this sort of thing is still a problem. I'm constantly seeing mangled apostrophes in places like Google reader too.
7
Jach 13 minutes ago 0 replies      
Zed Shaw, can you make a post called "Programmers Need To Learn Unicode Or I Will Kill Them All"?
8
zach 4 hours ago 1 reply      
Proof that even completely ordinary string data used in the most USA-centric domain imaginable STILL needs proper encoding.
9
luigi 4 hours ago 2 replies      
What modern software stack uses Extended ASCII as its default encoding? The last time I dealt with this problem, it was in 2005 or 2006 and I was working with PHP.
10
gutini 23 minutes ago 0 replies      
An error like this should not detract from the value Mass Relevance delivers. Clearly an event like this or similar events like the Oscars in which they take part are better, more engaging because of their involvement.
11
markbnine 2 hours ago 1 reply      
What a cool shot. The prez with a common bug on his screen. And a bug I can fix! Still, even though this is an easy fix, he's going to need to open up a ticket.
12
dabent 4 hours ago 0 replies      
That's a lot of detail, but a very good explanation of what happened.
13
ignifero 4 hours ago 1 reply      
So does HN support utf8 ¢ðrrꢆl¥?
14
zipdog 3 hours ago 1 reply      
What bugs me is not the mis-encoding (though that's a fail), but that people "struggled to understand" it... surely everyone's seen apostrophes turn into these special characters on enough web pages over the past ten years to have recognized what's happening when it does.
15
Jach 3 hours ago 0 replies      
Well, it could have been worse. They could have shown \'
16
nextparadigms 4 hours ago 1 reply      
Why does it say 3 hours ago under the tweet? Wasn't this in real time?
17
ignifero 4 hours ago 1 reply      
You have to give it to Microsoft. They use Word even for 140 letter documents now! (I understand spelling is a reason, but browsers have spelling now)
22
MySpace, Skype announce partnership (2007) msn.com
207 points by timjahn  1 day ago   44 comments top 9
1
flyt 1 day ago 2 replies      
"Some pundits are complaining that the technology is not new, but that's besides the point. Case in point: at MySpace we launched what Zuckerberg is announcing in 2007 (try googling “myspace skype partnership”), and MySpace also had one-on-one video chat back in 2004. The point is that people weren't really ready for it back then"now is the time, and Facebook has the user base. The large user base (750 million) paired with a simple integration of arguably the best voice/video tech (Skype) is what makes this news."

-Tom Anderson, founder of MySpace

http://techcrunch.com/2011/07/06/zuckerberg-first-public-res...

2
jhuckestein 1 day ago 1 reply      
It's a different feature. The skype button on myspace would bring up skype and require the other side to have a skype account.

The Facebook feature runs in the browser and guides the receiving side through the process of enabling in-browser video calls.

That said, I agree that Facebook's announcement is not that big of a deal.

3
snorkel 1 day ago 0 replies      
Next feature announcement from Facebook: ghetto bling wallpapers
4
BvS 1 day ago 1 reply      
According to this article it wasn't about video but free Internet phone calls.

As Tom Anderson (founder of Myspace) stated on Google+ (https://plus.google.com/112063946124358686266/posts/g2zmxn1L...) Myspace had one-on-one video chat back in 2004 but I guess without the help of Skype and without the necessary broadband penetration it wasn't all that useful.

5
timjahn 1 day ago 1 reply      
Just noticed the title of this post changed from what I originally entered.

I was unaware somebody was able to do this. Who has the ability?

(I don't mind, just curious.)

6
city41 1 day ago 0 replies      
Features alone do not a good product make.
7
haydenevans 20 hours ago 0 replies      
How many actual active users does myspace still have at this point?
8
ericfrenkiel 1 day ago 1 reply      
execution execution execution
9
hendler 1 day ago 1 reply      
It is reasonable to question Facebook's feature choices.

A risk for both Google+ and Facebook is that because they are in a war over features; features which may threaten their own value propositions.

Facebook as made changes to adapt to Twitter and done well. But Skype integration may not turn out to be forward thinking for Facebook.

"Facebook Video Chat: Like ChatRoulette, but with real-life consequences within your relationships & social circles." -
https://twitter.com/#!/robdelaney/status/88676143158407169

23
Google+ is Awesome. Facebook Maimed, Twitter Mortally Wounded? singularityhub.com
209 points by kkleiner  1 day ago   137 comments top 34
1
raganwald 1 day ago  replies      
The Google+ circles concept is powerful and easy to use. It represents the defining, foundational difference between Google´s and Facebook´s vision for social networking. If this new model takes off with users, then Facebook will find itself in the uncomfortable position of having to replicate these features within its own platform. Unfortunately for Facebook, moving to this new paradigm will not be possible overnight. We are talking about a major architectural overhaul. In the meantime, Google will have a chance to attract significant numbers of users and influence.

There's a massive assumption here that G+ is blindsiding Facebook. Obviously there is no limit to human stupidity, however I'd personally be surprised if adding a circles-like feature to Facebook is an architectural nightmare, or that they haven't thought about it.

The idea that there are meetings at FB where people are saying "F___, we're screwed" is implausible. This has been discussed for years, and I'd bet actual money that FB engineers and/or product managers periodically propose adding this feature and FB decides that the time is not yet ripe. If and when G+ demonstrates that people really, really want this functionality, I expect Facebook will roll it out smoothly.

2
goodside 1 day ago 2 replies      
This headline is sensationalistic beyond the pale of respectable journalism, and certainly beyond that of HN. The article does nothing to justify the title. Speculating ways in which Twitter might eventually lose to a new competitor does not license you say they've already been "mortally wounded".

To the extent that anyone reading this has the authority to change headlines (I only know for sure that pg does), could you please modify it to something reasonable? Thanks.

For others, please note that improving headlines is not only permitted, but very much precedented and generally encouraged. Bad headlines let shitty articles get upvoted, and degrade the overall quality of HN. (With some sources, namely Popular Science, I'd even humbly suggest changing the headlines be mandatory.)

3
camtarn 1 day ago 5 replies      
"Each of us on average has hundreds of friends on Facebook. When you share things on Facebook, you have to share it with all of them! How stupid is that?"

It would be stupid ... if it were actually true. Facebook's privacy controls are actually pretty sophisticated now: by default I have anything I post shown to friends of friends, but excluding certain people. For potentially controversial status updates I restrict visibility to a couple of lists. If I wanted I could target a photo or status to an individual person.

So, Facebook already has all of this control baked into its architecture. In theory, all it needs to do is make it more easily discoverable and easily used. Of course this is easier said than done, but it's certainly not a 'major architectural overhaul'.

I do wish that, when people slate a platform for not having certain features, they would actually do a little research instead of assuming.

4
quanticle 1 day ago 1 reply      
I find it ironic that the article claiming that "Facebook is maimed" and "Twitter mortally wounded" is on a site that has "Like" and "Tweet" buttons, but no Google+ interaction at all.
5
fab13n 1 day ago 0 replies      
This article takes an engineer's point of view, and is relevant to maybe 5% of the population.

Facebook is about reinventing the web for dummies: micro-blogging, RSS-like stream aggregation, photo/video/text publishing, web application publishing... FB is pretty much the sum of dumbed-down versions of these. By targeting a very wide unsophisticated audience, they reached a critical mass.

Sure G+ is better, nicer, more powerful etc. Will it appeal to unsophisticated masses, though? It might, but I'm not so sure. Maybe it will partially succeed, and become a secondary social network catering for more savvy users. But when it comes to herding Average Joes, Facebook has a strong track record, Google hasn't. FB's going to give its very best at delighting your average Farmville player, and G+ will do the same to your average EFF member. Guess who matters to advertisers?

6
wccrawford 1 day ago 1 reply      
I just realized I can use G+ as a blog and just post those entries publicly... It would be even better if they'd implement tagging.
7
Tyrannosaurs 1 day ago 0 replies      
Yes it can do what Twitter does plus all the other stuff but most Twitter users don't want that other stuff, they actively dislike it. They like Twitter because it's simple, that's one of it's killer features.

Google+ is Twitter on steriods isn't a sales pitch for people who value simplicity.

The article mentions this but then goes on to completely ignore it in it's analysis but for me it's critical to understanding why people like Twitter in the first place.

8
newobj 1 day ago 1 reply      
Guaranteed that it'll be easier for Facebook to mimic the successful features of Google+ than it will be fore Google+ to acquire the relationships that are already captured in Facebook.
9
watmough 1 day ago 1 reply      
Why is Twitter wounded? Twitter is essentially friction free in use, and has a lot of momentum as a single-purpose destination.

On the other hand, Facebook has felt increasingly intrusive, facial recognition etc., and I already gave up on it, even before I knew G+ was coming out.

10
ahi 1 day ago 0 replies      
Am I the only one that really hates this stuff? I have a Facebook account because I have to have one in order to be a socially functional 20-something, but I don't actually like or want it. Please "social media douchebags", just stop.
11
yalogin 1 day ago 3 replies      
Leaving the emotion of Google+ being awesome out - what is preventing facebook from copying this? They have a huge number of users who are not going to leave overnight. Facebook we all know can turn on a dime to get products/features out. If these features are really that sought after and good they could just implement them and give it to their users. Why won't that work?

Also facebook is a platform as much as a social network. People play games on there probably more than post pictures or tag their friends. That is what sustained facebook and made them utterly dominant. That is not going to change with G+.

I agree G+ is a good service but why is everyone making the grave ready for facebook?

12
MrJagil 1 day ago 0 replies      
If Google+ can manage the same speed as Chrome, the future seems as bright for Facebook as it does for IE.
13
juliano_q 1 day ago 0 replies      
The question is: nobody likes doing lists on Facebook because they don't like to categorize their relationships or because the UX of the lists on Facebook is terrible?

I tried to use the Facebook lists feature many times but its a freaking pain. I almost dont share on Facebook anymore exactly because I dont want everyone to read it. Now I am using the G+ circles and having a lot of fun with it.

14
iter8n 1 day ago 0 replies      
Signing up for anything google feels more like a commitment compared to creating a twitter account. Google wants to integrate more and more of your data into their system, linking it with your other google accounts whether you like it or not. G+ seems, like FB, more like an experience than a simple service. Not that it cant provide the same function as twitter, but providing only that function is still valuable, I think.
15
alexsherrick 1 day ago 1 reply      
I have to agree with you on a lot of your points (even though I haven't had the chance to use G+). I am actually happy that G+ is missing advertising, corporate pages, and widgets. These things are "social", but I truly believe a social network should be about people and not games and corporations.

However, put with words with friends on there, and I'll be happy!

16
aufreak3 1 day ago 0 replies      
The share target in G+ leaves me wanting for a "not" operator - i.e. share with "A and B but not C". I really wish they give a special "advanced" geek interface for this - full set operator support. I tend to think "A+B-C" and every time I've got to warp my head to the way G+ or FB thinks.
17
masonhensley 1 day ago 0 replies      
The problem is that you cannot categorize the thousands of friends on any social network. No one should or would curate that many connections.

As cool as the lists/ circle are, they will be kinda pointless if users are overwhelmed by the monumental task of curating everyone.

18
dasil003 1 day ago 0 replies      
Someone oughta show this to Calacanis as an example of how to write a honeymoon fanboy article.
19
jmjerlecki 1 day ago 0 replies      
I disagree with this portion of the article:

You have hundreds of friends, but your news feed is always filled up with nonsense from the same 5 friends that seem to send an update every other minute.

I believe Facebook has an algorithm that only displays status updates from the people I interact with most on the service. For example, using Seesmic or Flipboard shows each status update, as opposed to Facebook on the web I seem to see only a small number of updates and I have noticed they tend to be from the profiles I visit the most. I am actually not bothered by my Facebook feed, although I do love the notion of circles. My Mom got a circle all to herself.

20
bonch 1 day ago 0 replies      
Only trendy bloggers even know or care about Google+ right now.
21
robot 1 day ago 0 replies      
No matter how many users twitter has, I have found myself struggling to [use it] find a twitter client that works on all my devices. I have to install/configure multiple clients, log in just for twitter functionality, and I have to train myself. I am sure there are millions of people in the same position. If it is integrated with G+ though, you get it for granted once you log in along with many other features.
22
jgamman 22 hours ago 0 replies      
Q. what would a social network look like if you designed it primarily for business use and personal/social use was a subset?
I think G+ could dominate the corporate collaboration scene in a way that Facebook can't. Seriously, FB is banned in lots of corporates but banning Google? Seriously, I literally can't function without search. I guess you could say 'corporate Z only uses Bing' and yeah you're right but seriously, Google is an extension of my own personal productivity - and that's how i put food on the table.
Now imagine Huddle, Circles, blog/tweet, docs etc - work flow project management out of the box. and, oh yeah, you can organise this weeks BBQ with your buddies without it being a hassle...
i don't know squat but if you wanted to own a seperate space to the FB lolcat picture brigade - target the grown-ups...
23
sigzero 1 day ago 1 reply      
I do not see a wave of Facebook users moving to G+. It just isn't gonna happen.
24
icebraining 1 day ago 2 replies      
I don't have a G+ account, so forgive me the question: since everything seems to be cataloged based on circles where you put people, how does it work for unapproved followers? Is there an 'empty' circle for them?
25
dmbass 1 day ago 1 reply      
The one problem I have with G+ is that sometimes there is gold in the junkstream. Sometimes someone does post something interesting and they would not normally share it with me.

How can we balance over-granulated sharing with under-granulated sharing?

26
dennisgorelik 22 hours ago 0 replies      
I think Google Circles would finally kill LiveJournal.
Ability to friend people without them friend you back is probably why LiveJournal is still alive (in spite lack of new technical features in LiveJournal).
27
Steer 1 day ago 0 replies      
This whole discussion thread makes me think that Facebook/Google+ will be a new PC/Mac discussion with people taking opposite stances and debating ad nauseam. Is that really worthwhile?
28
rajpaul 1 day ago 0 replies      
I love the sensationalism of the headline. Very exciting, concise and a good summary of what's to follow.

I genuinely enjoy the techniques yellow journalists use to get page hits :)

This gif from the article is great:
http://singularityhub.com/wp-content/uploads/2011/07/faceboo...

29
digamber_kamat 1 day ago 1 reply      
Facebook lists seem to be equivalent of Circles. Why should I be using Google+ except that it is from Google ?
30
dools 1 day ago 0 replies      
"These circles represent a powerful innovation. They allow us to send more personal updates just to our closest friends instead of forcing us to share with all of our hundreds of acquaintances"

Powerful innovation!? Give me a break. This should be called an "obvious innovation" or "trivial implementation". How is it any different from having mailing lists?

31
msimr 1 day ago 0 replies      
A Google+ extension that tags users mentioned on every page you visit.

https://chrome.google.com/webstore/detail/jdncfcpdfdhodkdlec...

32
manishm 1 day ago 0 replies      
This is one of the problems I faced and blogged last September

http://manishmideas.blogspot.com/2010/09/social-network.html...

33
known 1 day ago 1 reply      
Is drag & drop extensively used?
34
bhartzer 1 day ago 0 replies      
I'm still waiting for my google plus invite.
24
Andy Hertzfeld tells about the team behind Google+ Circles google.com
198 points by dirtyaura  6 days ago   47 comments top 7
1
orky56 6 days ago 4 replies      
You've got to hand it to him for being so classy and humble about it. It's much easier to be quiet and take the praise. Only when someone is modest enough and truly believes that others deserve credit does he/she actually advocate for other people on his/her team.
2
StavrosK 6 days ago 4 replies      
I was impressed with the fact that this post was on plus. It's like Twitter, only with no size constraint and with discussions right on the post. I'm excited to see how its usage will pan out.
3
Bud 6 days ago 1 reply      
You've got Andy's name wrong, twice, in the headline. It's "Hertzfeld", with a t, and no i.
4
staunch 6 days ago 0 replies      
Anyone interested in technology who hasn't read the stories on his site are missing out: http://www.folklore.org
5
nikcub 6 days ago 1 reply      
It was nice of him to announce this using a service he single-handedly built in a weekend
6
justlearning 6 days ago 3 replies      
" I conceived, designed and implemented a compelling prototype for it almost single-handedly, and then wrote a fair percentage of the production ......but that's pretty much as far as it goes."

That's some modesty!.

7
mark_l_watson 6 days ago 3 replies      
I thought that the UI was done in GWT, but that was a guess, and I was probably wrong. Anyone know?
25
Web Intents - the future of web apps kinlan.me
194 points by kinlan  5 days ago   39 comments top 14
1
extension 4 days ago 2 replies      
It seems like there should be an even simpler way to create an intent link than with a form. Something like

  <a action="http://webintents.org/share"
type="text/uri-list"
data="http://kittens.com">Share Me!</a>

Presumably browsers would also be at leisure to provide access to intents in their native interface, like a share button right on the toolbar.

The intent choosing UI is a thorny issue. I dislike forcing the user to respond to install dialogs or limiting them to intents they have previously installed. I think my ideal browser would silently remember all the intents it has seen. When it needs me to choose one, it shows me a list of candidates I have used before (as intents), padded to some pleasant length by candidates most often visited (directly). If not all candidates fit, a "More..." option expands the list to completion.

Some sites will want to be certain that intents they invoke can be handled by all users. So, maybe they should be able to suggest some services to be appended to the user's (possibly empty) list.

Making the action field a URI could create some interesting politics. I can imagine the action space being fragmented along company lines e.g. http://facebook.com/like vs http://google.com/plusone vs http://twitter.com/tweet etc. A flat namespace might encourage more reuse of actions and less creation of new ones. But maybe I'm just being paranoid.

2
ollysb 4 days ago 3 replies      
This feels like an engineers vision of the web. The two benefits of this over apis are:

1) The user gets to choose how to perform a particular activity.

2) Services can be found either automatically or by the user searching for services and saving them for later.

Don't the majority of users want this taken care of for them? Imagine going to facebook and having to find a service to perform a friend request. That's just an irritation for a benefit that most people don't want(wow I can send an invite using SMS with this service).

It's also notable that there's no styling on the examples. How is the UI going to be integrated, are all of the web intents supposed to follow a standard CSS format? How about the amount of space that service takes up on the page?

I suspect apis are popular because they're the best fit for sharing functionality on the web. Users want curated, integrated websites, not a set of mix 'n' match components.

3
tomstuart 4 days ago 1 reply      
How does this relate/compare to Twitter's Web Intents? http://dev.twitter.com/pages/intents
4
rkalla 4 days ago 1 reply      
I like this idea, my gut tells me there is something in that arena to be solved with some simple like this (maybe even a universal JSONP callback method definition for an endpoint or something for services that you can call out to for things like this?)

I wonder if the actual usability of this is what stymies it... for example, say SmugMug exposes their image filtering API that they use to sharpen and enhance uploaded images and Flickr exposes their geocoding API to allow you to pass in GPS coords and they write them into the JPG meta for you... what is the motivation for these services to expose these services to 3rd party (potentially competing) web applications to make use of them? I am assuming you have access to these services because you are already customers of those companies, wouldn't they want to keep you in their garden?

If you put this in a pot and boil the water off of it, wouldn't this idea more or less come down to the problem web services are meant to solve and in that way end up with a similar looking ecosystem?

Not critical of the intents idea, just trying to think of where this goes once it exists to get a better idea of how it should be designed/pitched/used/thought of.

Thoughts?

5
jinushaun 5 days ago 1 reply      
Interesting idea, but the examples seem very awkward. I was expecting an in-page UI instead of an HTML popup. I was expecting a cookie to save my favoured intent for later use so I didn't have to choose a service provider every time I wanted to shorten a link. I was expecting to be returned to my originating page once I was done with the intented service.
6
skybrian 4 days ago 1 reply      
Nice idea, but surely you can't introduce a new cross-site communications protocol without discussing the security implications?
7
nikcub 5 days ago 1 reply      
it belongs in meta rather than as its own tag
8
pauldino 5 days ago 0 replies      
I have been working on something like this but a bit different for a while; you can see an example at http://cloudactions.herokuapp.com/paint/ or http://xdpaint.herokuapp.com - I'd be curious what you think. (If you choose the Flickr open option or Imgur save option you don't need to log in with anything)

You can turn the iframes into popup windows if you eval 'cloud.noIframes=true' from a javascript prompt or enter 'javascript:cloud.noIframes=true' in the URL bar.

EDIT: There's also an older iteration of this idea at http://xdproject.org/filterizer/

9
drusenko 5 days ago 2 replies      
Have you thought about defining an (optional) Integrator ID that would be dispensed by the central authority? There are a couple use cases here:

1- Some services that are prone to abuse may require the Integrator ID to rate limit or prevent spam. The central authority could rely on a system that makes it difficult to obtain multiple IDs.

2- Some services may wish to provide a revenue share to integrators as an incentive -- we can imagine that Picnik is the service, and it collects revenue from usage through ads and premium upgrades, and opts to share that revenue with integrators.

10
radagaisus 5 days ago 0 replies      
This is really a great idea.
11
twidlit 5 days ago 2 replies      
Aren't APIs kinda sorta built for this?
12
overgard 4 days ago 0 replies      
This seems like one of those ideas that comes up every few years and sounds great to programmers, but never results in anything noteworthy, because it's a solution in search of a problem.
13
flytail 4 days ago 1 reply      
We have built and OCR service that includes pretty cool image pre-processing feature to ensure high performance OCR. The actual OCR is done using corporate level software from ABBYY. We did this for an android app we are working on but have built the service in such a way that it could be run by another piece of software easily.

We will probably offer it out via a simple API but interested to know if we could also offer it via "Web Intents" - would it make sense? How could we do it?

26
Internet predictions from 1982 nytimes.com
194 points by pitdesi  2 days ago   63 comments top 15
1
spolsky 1 day ago 1 reply      
- Copies of the report, titled ''Teletext and Videotex in the United States,'' were scheduled to be available after June 28 from McGraw-Hill Publications, 1221 Avenue of the Americas, New York, N.Y. 10020

Typical New York Times. No URL.

2
chaosmachine 2 days ago 3 replies      
These are some really prescient predictions...

- The home will double as a place of employment, with men and women conducting much of their work at the computer terminal. This will affect both the architecture and location of the home. It will also blur the distinction between places of residence and places of business, with uncertain effects on zoning, travel patterns and neighborhoods.

(This basically describes my life ;)

- Home-based shopping will permit consumers to control manufacturing directly, ordering exactly what they need for "production on demand."

(Kickstarter is a nice example.)

- There will be a shift away from conventional workplace and school socialization. Friends, peer groups and alliances will be determined electronically, creating classes of people based on interests and skills rather than age and social class.

(You're participating in one such peer group right now...)

- A new profession of information "brokers" and "managers" will emerge, serving as "gatekeepers," monitoring politicians and corporations and selectively releasing information to interested parties.

(Bloggers, obviously, but more interestingly, Wikileaks, Lulzsec, Anonymous...)

3
jgrahamc 1 day ago 0 replies      
When this was written the Internet hadn't really been developed very far and the report cited is talking about videotex services (like France's Minitel or the UK's Prestel). http://en.wikipedia.org/wiki/Videotex

These services tended to be centralized and look nothing like the current Internet (although France's Minitel network did use packet switching and some service providers ran their own data nodes).

I remember really well playing with Prestel and Minitel in the early 1980s using acoustic couplers and dedicated terminals. The feeling associated with the sudden access to unlimited information at incredible speeds (1200/75 baud) was really amazing (even just being able to look people's phone numbers up on white pages). Wikipedia has a nice example of French Minitel terminal from the year this report was written: http://en.wikipedia.org/wiki/File:Minitel1.jpg

What's most interesting is that there wasn't much 'future' in this report given that France already had a functioning viewdata system at that time and it was clear from the services that were being offered that the things mentioned in this report were actually available or easy extrapolations.

Also notable was that viewtex services used a subscriber pays model where access was metered by the minute and added to the phone bill. On Minitel some services were free (except for the per minute charge), e.g. white pages, other were premium (access to special databases, for example) and some were very expensive (access to Le Minitel Rose where pornographic chat etc. was available).

As William Gibson might have said: the future was already here, it just wasn't evenly distributed yet.

4
msluyter 2 days ago 4 replies      
Amazing predictions, IMHO, except for the last one:

The study also predicted a much greater diversity in the American political power structure. ''Videotex might mean the end of the two party system, as networks of voters band together to support a variety of slates - maybe hundreds of them,'' it said.

Am I alone in thinking that it we're more polarized and entrenched in our two party system than ever, with internet aided confirmation bias being one of the primary causes? (I.e., political "filter bubbles.")

5
vessenes 1 day ago 1 reply      
I'm reminded of Philip K. Dick's prediction that mankind would be networked together across nations and continents, making us into a super-efficient race of engineers.

SO CLOSE. (OK, I paraphrased the above).

In this case, this article represents some pretty awesome ideating. I bet that not many of the article authors invested in Google, Dejanews, Yahoo, or AOL, though.

I had a brilliant moment of ideating in 1993 when I realized "Domain Names are going to be huge. There will be a landrush."

I pooled my dollars with some friends, and we bought ... foo.net. Cha-ching! Shopping.com, tv.com, etc. didn't really cross my mind.

What's really super hard in my opinion is setting oneself up to benefit from these tectonic trends; at least, it's hard for me!

6
px 2 days ago 2 replies      
The accuracy of these predictions is remarkable, from the anticipation of shifts in social interaction to the fragmentation of the two party system.

On this last point, is there any documentation of the role of the Internet in the development of the tea party movement?

7
Nate75Sanders 1 day ago 0 replies      
He died in 1996, so he got to see the transformation happening:

http://www.nytimes.com/1996/08/30/us/robert-reinhold-ex-repo...

8
fishtastic 1 day ago 0 replies      
I wonder if the accuracy of this report was just base on some lucky guesses.

Right now, there are probably hundreds of such predictions about the future. Look at them again in 20 years, most of them will probably be incorrect. Yet there is always this one report (like this one from 1982) that will be shockingly accurate. The problem is that by then, it won't provide any useful information. We need is to know this is correct in 1982, not 2011.

9
selamattidur 1 day ago 2 replies      
While we're looking at other predictions of the future, here's another standout from a 1981 KRON broadcast which I'm sure you'll remember:

http://www.youtube.com/watch?v=5WCTn4FljUQ

10
ericelias 2 days ago 0 replies      
Line from the article, "But for all the potential benefits the new technology may bring, the report said, there will be unpleasant ''trade offs'' in ''control."

That surely came about in ways they could not have imagined.

11
Happer 1 day ago 0 replies      
Another great prediction of the rise of electronic commerce way back in 1967 from the Harvard Business Review archives.
Including an amazing illustration.

http://blogs.hbr.org/hbr/hbreditors/2011/03/hbr_predicts_the...

12
UofFree 1 day ago 0 replies      
Given a 1982 frame of mind, these are some fairly remarkable predictions, has the author written any other predictive stories?
13
EGreg 1 day ago 0 replies      
Very nicely done! This is one of the most prescient reports of the future that I have read. Jules Verne, step aside.
14
pbhjpbhj 2 days ago 1 reply      
[Outcome] Reporting bias?
15
meadhikari 1 day ago 0 replies      
Privacy Issues Seen Posed
27
Cool notification messages with CSS3 & Jquery red-team-design.com
191 points by redmaniack  2 days ago   33 comments top 10
1
keyle 2 days ago 3 replies      
2
lovskogen 2 days ago 2 replies      
Don't make the same mistake as Twitter, putting status notifications above navigation or other crucial elements. Disabling functionality due to a temporary notice is not good design.
3
alanh 2 days ago 1 reply      
Why would there be a warning-stripe background to the info & success variants? That doesn't make any sense. Especially to colorblind users.
4
BobsonU 2 days ago 2 replies      
I don't like it, also I'm pretty sure it isn't new. Stack Overflow has something similar, but it also pushes the page down as to not cover the topmost navigation.
5
redmaniack 2 days ago 0 replies      
Thanks guys for your valuable feedback.

I just updated the article and demo:
-Added CSS3 animation support for Mozilla 5+
-Fixed flickering the proper CSS3 animation
-CSS3 gradients syntax updated. Now, Safari also renders background stripes.

Once again thanks for your comments!
Catalin

6
MatthewPhillips 2 days ago 1 reply      
We need a shim to use HTML5 notifications by default and fallback to something like this when notifications are not supported.
7
vailripper 2 days ago 1 reply      
Not bad, but I don't think I'd want to use something like this very frequently, as it's fairly intrusive. We typically use Pines Notifications for most of our work. Very flexible.

http://pines.sourceforge.net/pnotify/

8
SnowLprd 2 days ago 1 reply      
The article says the animated background diagonal stripes are visible in WebKit-based browsers, but I'm not seeing them in Safari 5.0.5 -- just in case that's of interest to the devs and perhaps to other folks as well.
9
grk 2 days ago 0 replies      
This made Google Chrome Renderer eat 20% cpu, so no thanks.
10
hackermom 2 days ago 0 replies      
Needs moar jQuery.
28
Hover.com: we store & email passwords in plaintext for usability hover.com
187 points by MattHampel  3 days ago   182 comments top 37
1
markbao 3 days ago  replies      
This isn't a microblogging service or pet social network. A domain registrar is storing your password in plaintext? Really? Didn't we go over this a thousand times?

If I was on Hover (which I considered), I'd transfer my domains immediately. Moving to a plaintext password system to get fewer support requests is like removing the door from your house so you don't have to keep fumbling for the key.

2
raganwald 3 days ago 7 replies      
Blaming Hover.com is shooting the messenger. The problem here is that this is what customers want. As long as you ask Hover to compete for business in a race to the bottom of the "convenience" barrel, you are going to have this problem. If Hover stop doing this, someone else wil come along and take Hover's business by sending plaintext passwords around in email.

So.

You either live with it and do your business with someone who has decided to offer a "premium" service and has a business model catering to educated customers,

Or:

You look for the government to regulate the marketplace as a public good. We do this with things like the safety of cars, we've decided that the marketplace cannot be left to decide this for itself. We attempt to do this with things like the content and handling of food, we've decided that the marketplace cannot be left to decide this for itself.

Perhaps the security of your account is not important enough to impose regulation. Perhaps it is. But as long as it's left up to the marketplace, the existence of companies like Hover is inevitable, and waggling our fingers at them is not going to do anything except make us feel smarter than the average bear.

3
freejack 3 days ago  replies      
tl;dr: guy from hover, mea culpa, new code on the way.

I thought it might help to provide some further deets on that blog post.

I don't think we're making a case there, or providing an excuse - it certainly wasn't my intent to try and convince anyone of anything when I wrote that, but rather, it was an exercise to explain where we were (with that and other development projects) and where we were going.

We've gone back and forth on how we handle passwords over the years - and it has always come down to what type of interaction do we think will be best for our customers. I haven't re-read that post from April today, but I think I mentioned our last go-round on this made it much easier for our customers and customer service people to help in bound callers and sacrificed too much in terms of security.

We'll probably continue to go back and forth iterating the implementation, each time narrowing the swing of the pendulum until we find something that more appropriately balances what we think our customers are looking for in terms of security and usability.

I'd also like to point out that the scope of the risk isn't trivial. For example, URL-based password resets are only as secure as the mailbox they are sent to. i.e. a significant number of domains are stolen and threatened to be stolen through email account exploits (re-registering previously used addresses, forwarding attacks, etc.) This is made even more complex when a domain expires and email on that domain stops functioning. Where should the password reset go? We get dozens and dozens of calls a day from people in this position that need our assistance, making it tough to simply send out a reset request.

Anyways, I didn't come here to make excuses, I just thought I should acknowledge that we're aware of the gap (we caused it!) and working on it and considering the whole set of variables. Security is our primary consideration but that doesn't give us the luxury of ignoring the usability implications. Were that the case, we'd simply issue two-factor fobs to our clients and be done with it.

And finally, to those of you that guess at some sort of evil corporate motive or the involvement of stupid engineers, or even just dangling the implication that we've "Made a Final Decision" to store passwords this way, etc. It just isn't the case - our engineers are great and our motives are pure. If you want to blame anyone specifically, you can blame me for pushing the implementation in the direction I did. We're really just trying to do the right thing for our clients, and in this case, I took a great idea too far. Its just code, it can be changed - it will be changed, and changed in a way that will help our customer service staff continue to provide awesome customer service and also enhance the protection of our customers assets without stepping on toes in either regard.

We originally posted that commentary back in April because we had a ton of work backed up behind the release of our new domain and email management tools - which included a huge refactoring of most of the core code, transitioning to TDD and a ton of other important pieces. We were supposed to be done work on those pieces months ago, but as the management tools took shape, the task grew longer, pushing out these items to the point where it was getting embarrassing with our customers. That work shipped late last month and launches formally tomorrow putting us back in a place where we can get serious about the backlog. The new approach is pretty straightforward and moves us to a hashed password file, URL-based resets, etc. but also some identity verification features that our customers and customer support staff can use to validate who they are talking to in order to force resets manually. Its the validation piece that I'm most excited about given the extent to which the bad guys will go to phish a user out of their creds. We've seen some pretty sophisticated social engineering and we're hoping these new features will give our customers a leg up.

Sorry for the lengthy note - happy to take questions, slings, arrows, etc.

Ross Rader
GM, Hover
ross@hover.com

4
geuis 3 days ago 2 replies      
I've considered using Hover and switching away from Godaddy, particularly since Hover is recommended frequently on the TWiT network. That thought has instantly evaporated.

You absolutely cannot store passwords in plain text. There is no level of security you can wrap around the database that will ever be 100%. It only takes one mistake for everything to get exposed.

To try and reason that there is a trade off between customer support and security is ludicrous. Your reset emails aren't getting through? Work on fixing that damn system instead of exposing your customers to a world of hurt down the road.

5
eam 3 days ago 1 reply      
>Very quickly, our customer service team was inundated by requests from people that weren't receiving the email, found the process confusing, and a myriad of other related requests.

Wait a second, so customers wont receive an email with a password reset link, yet they'll receive an email with a plain text password? I guess it's possible, but interesting.

6
naner 3 days ago 1 reply      
This really isn't that uncommon. When forced to choose between easier customer support or ostensibly better security practices, easier customer support usually wins. Stolen passwords through email/eavesdropping are rare enough that they can deal with it on a case-by-case basis. If someone somehow gets access to the entire database of passwords (also rare) then they have other security issues that likely would have been a problem no matter how they stored passwords.

If company X hashes your password on their server you still don't know that they did it properly or how good the rest of their security is. Basically the only way this differs is that you when you forget your password, your actual password sent in plaintext over the network and is now sitting in your email account. That makes me uncomfortable so I change it right away. Which is the exact same set of steps you would use for a hashed password reset.

Everybody focuses on the hashing thing like it is some kind of impenetrable defense or crystal ball into a company's security practices. It is not.

7
arihant 3 days ago 1 reply      
"Very quickly, our customer service team was inundated by requests from people that weren't receiving the email, found the process confusing, and a myriad of other related requests. "

What I read - Because we aren't smart enough to create an automated password recovery that works, you should now trust that we are smart enough in network security to safeguard your passwords.

Also, these guys mention that they were receiving multiple requests. But how many requests came per user? If you got a million users and they each forget their passwords once a year and have to spend 5-10 minutes resetting it, I don't think its a usability problem at all, even if I get 1 million mails a year complaining about it. Its a bad decision for company handling domains and credit cards. And even if these guys really are good enough to secure their end of systems, whats the guarantee that my inbox is not compromised?

8
wccrawford 3 days ago 0 replies      
Maybe this is all an elaborate practical joke.

Or maybe they wanted to test their security, so they're putting out an all-call to every blackhat out there.

Because either of those makes a lot more sense than what they've said.

9
rkudeshi 3 days ago 3 replies      
Whenever I call up MediaTemple for support, they always ask me my password for verification. Does that mean they also store passwords in plaintext? (serious question)
10
scottkrager 3 days ago 5 replies      
At least they make a case for it. Security isn't just how you store passwords.
11
pittsburgh 3 days ago 1 reply      
In the past few weeks, we've discussed a new approach that we think will strike a better balance by giving our customers greater control over password management and at the same time ensuring the basic security of those passwords. I'm personally very pleased that our approach will have appeal to customers that are concerned about password security and customers that appreciate the benefits of great usability (and for customers who are concerned about both, blow their socks off

Could anybody find the blog post they are referring to that explains their balance between simplicity and security? I was unable to. However, it does appear that they still send plaintext passwords via email: https://www.hover.com/send_password

If you're looking to switch registrars, I can't say enough good things about http://gandi.net. Their motto is literally "no bullshit" and it's the reason I switched to them a few years ago. They aren't the cheapest option, but their UI is very simple and aesthetically pleasing, they offer free DNS hosting, they don't clutter their checkout pages with any ads or ridiculous upsells, they don't kill elephants for fun ( http://mashable.com/2011/04/01/bob-parsons-elephant-story/ ), and they don't email your password in plaintext. There are very few companies I'm willing to rave about, but Gandi is one of them.

12
macmac 3 days ago 0 replies      
"Sorry sir, we really don't know how much money is suppose to be in your account. Our developers thought that transactions added too much overhead, so they decided to drop them to insure that the increased response time wouldn't anoy our customers."
13
damncabbage 2 days ago 2 replies      
http://jumba.com.au does this as well; when on the phone to you, they ask you for your password, and the customer support person checks it on their screen.

(What could possibly go wrong?)

14
alexmuller 3 days ago 0 replies      
I emailed them about this a few months ago after being spurred on by the creation of plaintextoffenders.com:

> I received this email when I registered with you last year, and was prompted by the recent creation of the site 'Plain Text Offenders' to send it to them. Somebody else has submitted their registration email too:

The reply was as follows:

> We realized that this area was of great concern to many customers and we have since removed password submission in our 'Welcome' email.

So to give their customers peace of mind, they made it less obvious that what they're doing is stupid.

15
joshontheweb 3 days ago 0 replies      
W T F. I just opened an account with them. Im not too happy. Always seems disrespectful of companies to do that. I think they should at least inform you before you make the account that they are sacrificing your privacy and security in order to cut down on customer service requests.
16
JohnsonB 3 days ago 3 replies      
Couldn't they at least encrypt it, and store the key on a separate file?

*edit: I just want to be clear, I don't actually think encryption would a sufficient replacement for a good hashing function, the question was just pointing out how bad this decision by Hover was; not only do they decide to make the password recoverable, but they don't even take whatever meager opportunities there are to make it at least somewhat secure.

17
benbeltran 3 days ago 0 replies      
From reading the post, I think the post says that they'll give users the option to choose if they want their password to be encrypted (and any reset request will contain a URL) or not to be encrypted (and they'll send the plaintext).

This way they'll satisfy all users (or so they think.)

I hope they default to the secure method.

18
drivebyacct2 3 days ago 0 replies      
Oh jeez. I was enjoying the conversation about looking out for dumb users and just giving dumb users what they want.

Hover is a domain registrar. I'd rather use GoDaddy than give someone business that tells me that my passwords are stored in plaintext because customers want it. I'd like to login everywhere with just my full name and phone number, are they going to implement that?

19
billmcneale 2 days ago 0 replies      
"Initially, we were emailing reset instructions but people complained that they didn't receive the email. In order to fix this problem, we are now emailing you your password".

Makes perfect sense.

20
iamichi 3 days ago 0 replies      
I emailed a major technology retailer about this when they sent me my password in plaintext. This is the response I got (I pointed out that she made my point for me, but I didn't get another reply)...

Dear XXXXXX

Thank you for your email dated xx/xx/2011. I apologise for the delay in my response.

The only way that people can get your password is to hack into our system or your emails. It has to be sent in plain text for you to know what your password is.

I hope this helps.

Kind Regards

Xxxxx
KNOWHOW Customer Support
Dixons.co.uk

21
PonyGumbo 3 days ago 1 reply      
FYI - Hover is a front end for Tucows / OpenSRS, which also store passwords in plain text.
22
bkaid 3 days ago 0 replies      
Next weeks headline: "Anonymous hacks Hover.com, user database of emails and plain text passwords posted to torrent."
23
Jach 2 days ago 0 replies      
Interesting use of emoticons in that section.

I think we've found a suitable candidate for a first-pass Internet Driver's License test. Filling out a few forgot password forms, checking email, checking spam in case it went there, clicking on a link, and changing to a new password that's >= 10 characters and not a dictionary word...

24
brendoncrawford 3 days ago 0 replies      
This seems like a good time to mention that I highly recommend using the Password Hasher extension if you are on FireFox. It does help to alleviate problems like this:

https://addons.mozilla.org/en-US/firefox/addon/password-hash...

25
dieselz 3 days ago 0 replies      
I take this approach to security: I do everything I can possibly think of to secure an application. Any barrier that you setup now could save you 100x the time (& pain) later. Saying that one part is secure enough is asking for trouble.
26
krashidov 3 days ago 0 replies      
I guess these guys have taken a fondness to the Anti Security movement...

On a more serious note though its dangerous enough to store passwords in plain-text, announcing it to the world is a bit stupid.

27
Uchikoma 2 days ago 1 reply      
Is there a website that lists all services that store plain text passwords? (so one can avoid them)
28
pwaring 3 days ago 1 reply      
My hosting provider (Bytemark) sends out passwords in plaintext, though I'm not sure if they're stored that way. It is a lot more convenient that having to follow a password reset link, though I'm not entirely convinced by the security/usability trade-off (there's not much on my accounts, since the password simply allows access to the control panel, not root access on the machines).
29
bkorte 3 days ago 0 replies      
Damnit, transferring domains is such a pain in the ass.
30
mattsidesinger 3 days ago 0 replies      
"We acknowledge that ours is not the most secure approach." Sounds more eloquent than, "We acknowledge that ours is the least secure approach." Although, the 'smileys' were a nice touch and made me feel more secure.
31
bad_user 2 days ago 0 replies      
Btw, DreamHost does it too.
32
rowanseymour 2 days ago 0 replies      
I've given up on trusting any site to protect my password, so now I use passwordmaker.org to create my own hashed site-specific passwords.
33
Kwpolska 2 days ago 0 replies      
"Hover.com: the 'change your password' and 'close account' buttons were removed"
34
shapeshed 3 days ago 0 replies      
SQL injection anyone? I hope the app is secure
35
chrisjsmith 3 days ago 0 replies      
Arrogant idiots! Nothing more can be said.
36
edgardcastro 3 days ago 0 replies      
I knew bcrypt/scrypt was just a hype! ;)
37
dexen 3 days ago 4 replies      
Please correct me if I'm wrong, but... storing password hashes (actually key derived from password) is only meant to secure up password re-use. If there is any other reason, please disregard the text below and just correct me ;-)

Isn't password re-use a social problem rather than technical one? Perhaps we ought to use a different -- social -- measure to prevent password reuse. Throwing technical solutions onto social problems doesn't seem to work.

Proposal: let's store all passwords plaintext and force users not to re-use passwords, ever. Let's have every password-using service and system make available hashes (derived keys, to be exact, bcrypt() style) of the passwords completely public; when a person tries to create a new account, the service would check a good bunch other services against password hash matches. If the new password (used upon registration) hashes to the same value as on any checked service, the user is rejected and publicly shamed for endangering the service and his account. More checks cound be performed after the registration in background, to lessen the delay on registration.

That's it. Social problem, social solution.

29
Google bid pi billion dollars for Nortel patents (and lost) reuters.com
189 points by fromedome  5 days ago   82 comments top 28
1
JonnieCache 5 days ago 2 replies      
As much as this phrase is a cliché on the internet, I believe it is entirely justified in this case: well played.

More seriously, I think the fact that the person high up enough to lay three billion dollars on the table was also the kind of person who knows about Meissel"Mertens constant says a lot about google's structure. Either that or the whole thing was a whimsical piece of obtuse preplanned PR, which still says a lot.

2
acangiano 5 days ago 2 replies      
Google should now spend Pi billion dollars lobbying the US government to abolish software patents. ;-)
3
Steko 5 days ago 4 replies      
The real interesting thing in the article isn't that the nerd number bids, it's how the alliances formed. They weren't set going in, people hit their limit then looked to buy into an alliance. Intel chose to partner with Google instead of Microsoft and Apple. Android vendor Sony-Ericsson went with Apple instead of Google.
4
thought_alarm 5 days ago 0 replies      
You've got to hand it to Google. It's a brilliant strategy if the Nortel patents were being auctioned off in radians.

Unfortunately for Google, the patents were auctioned off in reality.

5
sambeau 5 days ago 2 replies      
See. Another case of 2π being more suitable.
6
nikcub 5 days ago 1 reply      
I think Google's plan was to get the other parties to pay more for the group of patents than what the original price was (~$1.5B).

They probably decided that they may as well have some fun with it in the meantime

(although google has a history of using mathematical significant figures in financial dealings, such as in their S1 filing)

7
computator 5 days ago 1 reply      
$750,000 per patent--$4.5B divided by 6000 patents--is clearly absurd.

Or is it? I'm thinking that it does make economic sense, but only if
you buy in bulk.

The vast majority of patents (not even limited to software patents)
make no money, are never enforced, and are completely unused in every
sense of the word. Even a patent lawyer has admitted this to me.

But in very rare, unpredictable, and seemingly capricious cases, it's
worth a fortune. The best example is the patent purportedly for inventing
wireless email that allowed NTP to extort $600 million from Research In
Motion a couple years ago.

If you buy patents in bulk, you might even be able to achieve a
return despite the randomness in value.

I'm going to make the analogy to owning a gun and deciding how many
bullets (patents) to buy:

- A dozen bullets and you can (maybe) protect yourself.
This is your defensive patent portfolio; if sued, you can maybe
find some way to countersue.

- Thousands of bullets and you can wage war.
This is your attack patent portfolio.

- But a single bullet is good only for suicide.
Start-ups that spend their time and energy filing one
patent application probably kill themselves. I saw one case
where it happened.

I think I'm going to call this principle the Patent Portfolio
Price Power Law. In a ruthless business sense, a LOT of software
patents makes sense.

8
jrockway 5 days ago 1 reply      
I don't understand why the article refers to this as "shenanigans that didn't work". The problem wasn't that they bid pi billion dollars. The problem was that they didn't have enough money to buy the patents.
9
alderssc 5 days ago 1 reply      
Google has a history of doing things like this. In their IPO filing, they intended to raise $2,718,281,828 [see https://secure.wikimedia.org/wikipedia/en/wiki/E_-_base_of_n...].
10
cma 5 days ago 1 reply      
Should have gone with Tau
11
cageface 5 days ago 0 replies      
Stand by for a new raft of belligerent offensive patent suits...
12
nextparadigms 5 days ago 1 reply      
They should've gathered the whole OHA alliance around and get them to make a pool. Just getting Apple alone in the bid would've meant a very high chance they lost the bid, because Apple could've outbid them if they really wanted the patents. But of course it got even worse, with all the others joining up with Apple to take them.

They really didn't expect this to happen? I'm a bit disappointed in Google for not thinking this through, if they really wanted to get them to protect the whole Android ecosystem.

EDIT: I also think Microsoft is focusing too much on making money on patents, rather than from their own product. Are they going to buy as many patents as possible that later they can use to act as a leech on Android ecosystem? That's a pretty perverse business model, and it doesn't make them look any better than Righthaven.

13
megamark16 5 days ago 0 replies      
Am I the only one who thinks Google didn't really plan on winning anything? I think they were just making a statement about the ridiculousness of patenting an algorithm. But, I'm probably wrong.

You can't patent innovation, although you can attempt to stifle it with patents. If you're going to sue me on the grounds of patent infringement, I can go work on something else, but you're just going to be left holding your bag of patents. Like a bully on the playground, sure you've got the ball now, but nobody wants to play with you.

14
ignifero 5 days ago 1 reply      
Looks like their strategy was to just push the bids up, so as to force their competitors (who are competitors to each other) to bond together in a giant bid: divide and conquer.

Either that, or they didn't like the Feigenbaum constant.

15
meow 5 days ago 0 replies      
Looks like they ran out of well known constants. I'm sad google lost this round.
16
nutjob123 5 days ago 0 replies      
Google thinks this is real funny until Samsung android phones are banned from the us
17
statictype 5 days ago 1 reply      
That's an awful lot of money to spend on patents unless they plan on aggressively pursuing violators of it.
18
robryan 5 days ago 2 replies      
Things like this make it hard to ever really abolish patents, either a lot of companies would be out a lot of money or the government would have to reimburse they a lot of money.
19
helmut_hed 4 days ago 0 replies      
Am I the only one who wants to know what the numbers that were not even numbers were? What does that mean?
20
darrikmazey 5 days ago 0 replies      
In my mind (despite the precedent with Google), Google's irreverent bidding suggests that they were simply running up the bid. In which case perhaps the partnership with Intel suggests similar strategies from companies that never intended to win the portfolio. It would be interesting to me to know if Google later secures licensing on some or all of these patents for less than Pi billion, as licensing seems more likely than litigation.
21
snotrockets 4 days ago 0 replies      
When bidding with imperfect information (that is, each party does not know the other bids, only if his is the highest,) it makes sense to bid in non-even numbers.

I think the bidding here wasn't such, so it probably not the reason here.

22
jowiar 5 days ago 0 replies      
How irrational.
23
sshah 5 days ago 0 replies      
See how this is great for people in finance and law - they get big firms into bidding wars, end up paying a large number and eventually end up filing infringement suits to get back the $$$$ spent.
24
darrikmazey 5 days ago 0 replies      
I would also be interested to know exactly the order of bids, because if Google and Intel never bid directly after one another, it might suggest they had an allied strategy going in.
25
ck2 5 days ago 2 replies      
They should have bid Planck's constant and would have won?
26
cmeiklejohn 5 days ago 0 replies      
should have bid 2.71828 and 0.42331 bil.
27
immortalbeast 5 days ago 0 replies      
Would be funny if in the future Google's ordered to pay $3.14159 Billion for violating the same Nortel patents in Android.
28
immortalbeast 5 days ago 1 reply      
Google was Trying hard to be cute it backfired.

Typical childish behavior from Larry Page.

30
Facebook blocks Google Chrome extension for exporting friends zdnet.com
189 points by pushingbits  2 days ago   103 comments top 19
1
Shenglong 2 days ago 1 reply      
I think this is just pissing users off. I want to import my contacts into Google+, but I currently have no desire to leave Facebook. After seeing this, that changes a bit.
2
mike-cardwell 2 days ago 1 reply      
Apparently there is a sanctioned method for pulling all of your Facebook friends into Yahoo contacts:

http://www.zdnet.com/blog/weblife/invite-your-entire-faceboo...

From there you can do what you want with them.

3
brendano 2 days ago 6 replies      
There is a legitimate question here -- do you own the information about your friends, or do your friends? Many things on Facebook are a shared quasi-public, quasi-private space where the ownership isn't clear, and don't fit into our usual mental model of "I own my own data!"

This example is even clearer. The app lets you export your friends' names and contact information. This isn't your information, it's your friends'. What if one of them wanted to take their phone number off the site? What if one of them wanted to hide their information from you specifically? If you've downloaded it already you're depriving them of the right to control their own data.

Clearly social networks should be required to offer some sort of friend list information for export. Maybe a bare list of user ID's is all that should be required -- the information about who your friends are seems legitimately like it's yours. Joining it against names and contact information is the potentially privacy-invasive step; that could be done online, under control of your friends, not you.

4
tomelders 2 days ago 6 replies      
Any legal eagles here on HN care to comment on the legality of this?

I would have hoped that data protection laws (I'm in the UK) would have protected this, since it provides me with access to my own data.

5
sleepyhead 2 days ago 1 reply      
From the article it seems like the app is scraping. Why? The Facebook Graph API should be able return all this data. That Facebook prevent scraping, which is most likely conducted by some scamming services, is a good thing IMHO considering most (all?) of the data is available through their API. If this is the case the title should be "Facebook prevents scraping" as Facebook still allows export of data through the API. The Facebook Graph API usage is managed by the specified permissions for the app and thus you can control it to a greater extend compared to a browser extension which could do whatever it wants to the pages you visit and your authenticated session.
6
ben1040 2 days ago 0 replies      
Is this particularly new news? This extension was the first thing I tried Wednesday night when I got into the service, and it didn't export anything but profile URLs. I had to make a throwaway Yahoo account to export my contacts.
7
phereford 2 days ago 1 reply      
I am going to start off by saying I haven't read the article. With that said, didn't Google deny Facebook from scraping contacts off of gmail a year (or two) ago? I forget the exact method they implemented, but I know it stunted Facebook's ability to scrape the emails for a good while.

How is this any different?

8
jnhnum1 2 days ago 0 replies      
...

Their "Download my information" option excludes users' email, which makes it mostly useless for exporting your graph.

Furthermore, if they were worried about server load, they would block queries altogether. Instead, what they're doing now is just hiding the email addresses if an IP address queries too rapidly. I don't think there is any explanation besides data protectionism.

9
unicornporn 2 days ago 0 replies      
Lucky me I used it to export all my contacts (with tel numbers and mail addresses) two weeks ago. It was a good extension.
10
Slimy 2 days ago 1 reply      
Interesting that it took the launch of Google+ for Facebook to notice this extension.
11
tahu 2 days ago 0 replies      
There's always various scrapers, like this http://vytautas.jakutis.name/2011/05/27/convert-your-faceboo... by me.
12
yuhong 2 days ago 0 replies      
If you search TechCrunch for "facebook google contacts", you will see some of their old stories on this.
13
danoprey 2 days ago 1 reply      
I managed to use it to export my contacts about an hour ago. Successfully imported them in to Gmail and G+. Strange.

I highly doubt that it is illegal, but it certainly breaks FB's TOS.

14
stitchy 2 days ago 0 replies      
I think I used this extension months ago before it got blocked. Worked pretty well, but I found that it didn't get all the information that I was hoping for. Namely the e-mail address was missing for all of my contacts. Got their bio info. and other stuff though.
15
blackRust 2 days ago 0 replies      
Also means @givememydata doesn't work. Was just planning on extracting list of email addresses...
https://twitter.com/#!/givememydata/status/88181497894404096
16
chrischen 2 days ago 1 reply      
Can't you import friends by downloading your friends list using the facebook export tool? Google can use that to match people up with their friends as long as their friends have opted into Google+ with their facebook UID too.
17
UtestMe 2 days ago 2 replies      
Actually they did not restrict the access to your own data, but to a specific method of accessing them. Which, I am quite sure, is no legal issue for anybody
18
revorad 2 days ago 2 replies      
G+ should allow you to import your Facebook data if you download it using Facebook's own export tool.
19
ChrisAnn 2 days ago 0 replies      
Petty.
       cached 8 July 2011 02:11:01 GMT