hacker news with inline top comments    .. more ..    15 Aug 2011 Best
home   ask   best   8 years ago   
1
Can we believe our eyes? Misleading people with Unicode. technet.com
474 points by bensummers  3 days ago   122 comments top 19
1
byrneseyeview 3 days ago 3 replies      
This was how some folks pretended that Google had erased all mentions of "Oracle":

http://giorgiosironi.blogspot.com/2010/08/google-never-remov...

I used this to prank some people on the in-house SEO team at my last job. I'd ask them if they had done anything that might be considered black-hat. Then I sent him a link to a "site:" query on Google indicating that our site had been removed from the index.

e.g. http://www.google.com/search?sourceid=chrome&ie=UTF-8...

2
gwern 3 days ago 1 reply      
I remember years back on Wikipedia, clever vandals would play Unicode tricks. It was interesting, to say the least - you'd register a name that looks identical to a real user, vandalize, and hope the administrator would type the name in...

This was ultimately stopped by Antispoof (https://secure.wikimedia.org/wikipedia/mediawiki/wiki/Extens...) but the bug reports are still interesting:

- https://bugzilla.wikimedia.org/show_bug.cgi?id=2593

- https://bugzilla.wikimedia.org/show_bug.cgi?id=2290

3
driverdan 3 days ago 2 replies      
I personally find the RLO / LRO issue much more concerning. I just tested Chrome and Firefox and found it works in URLs. You could rewrite pyapla.com to paypal.com and phish people easily.
4
mcantor 3 days ago 1 reply      
It's funny to think that a hapless vimmer who happens to be running Windows would have never noticed this, because they would simply have typed ":edit $SYSTEMROOT\system32\drivers\etc\hosts" and gotten the real file.

(This isn't a "look how cool command line junkies are" comment; I was just musing.)

5
andresmh 3 days ago 1 reply      
this reminds me of IDN domains, a few weeks ago I purchased fácebook.com and góogle.com. I get a few hundred visits every day. I posted about it here https://plus.google.com/110362380602139255131/posts/NPS3VNyD...
6
noahc 3 days ago 2 replies      
Somewhat related to this is the ability to change 'l" and "I" around when they both look the same, basically a straight line.

This was very common in Yahoo Chat Rooms when folks would pretend to be someone else by registering their name with the opposite of what they had (assuming it had an "i" or "l" in it).

They would then take a screen shot of their font and copy that exactly so they could appear to be the other person. I'll let you imagine the chaos that could occur because of this!

7
Rygu 3 days ago 6 replies      
I'm pretty shocked that I have never heard of the RLO unicode character before this article. Let's see if it works: ppa.emorhCelgooG => ‮ppa.emorhCelgooG
8
matthavener 3 days ago 2 replies      
This is why "filters" that prevent XSS, etc by remove malicious characters are so easily breakable. This type of attack is called a canonicalization attack (more here https://www.owasp.org/index.php/Canonicalization,_locale_and...)
9
nodata 3 days ago 4 replies      
Seems easy enough to guard against. Highlight the characters which are unexpected for my locale.
10
fferen 3 days ago 1 reply      
A while ago I compiled a list of unicode characters that looked like letters, to get past curse filters. Not comprehensive, because I just manually skimmed through a unicode table, but here it is if anyone cares:

Wide letters: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a b c d ... f g h i j k l m n o p ' ' " " • - - x y z

Better looking letters: ϲ р с ... І А ' • М Н О Р С а е о • - '

Anyone know of a better resource?

11
ams6110 3 days ago 1 reply      
Isn't the real issue that in order to be vulnerable to this, you have to be running as a user who has permission to diddle with the hosts file? Or that your hosts file has too-liberal write permissions?

Hosts file attacks are well-known enough that on windows I always set them to read-only, so that even administrators can't change them without first clearing the read-only flag.

12
evilswan 3 days ago 2 replies      
Yes - reminds me of how several users would exploit the Bolt.com chat system (back in the day) using upper-case 'I's as lower case 'L's to pose as different users and cause mayhem.
13
delinka 3 days ago 0 replies      
With the exe as jpg example, it'd be even more misleading if the exe used a photo for an icon, launched the photo viewer app for a matching jpg photo, and launched an insidious process in the background. Even harder to detect from whence the malware came.
14
sarenji 3 days ago 1 reply      
This is an important issue in some chat programs. I had to deal with this all the time: malicious users using i vs. l to pose as others, and using unicode to mess up or reverse the entire chat. One of the more interesting unicode had characters going left, right, and up and down. This confused moderators about who to kick/ban and obscured other users' text.

The solution was to implement a regex of whitelisted characters; since it's an English-only program, this works well and is future-safe. For multiple languages, a blacklist is probably okay, but the difficulty lies in keeping the blacklist both complete and up to date.

15
mikelward 3 days ago 2 replies      
On Linux, how could you make standard tools highlight or differentiate potentially misleading characters?

I guess the solution would have to be in the terminal emulator? Would a blacklist of Unicode ranges be sufficient?

16
tantalor 3 days ago 3 replies      
But, how does this work? Does Windows source all of the files in your %SystemRoot%\system32\drivers\etc? Why does it matter what the file is named? To hide from idiots?
17
arvinjoar 3 days ago 0 replies      
Seems like there's a hidden benefit to always keeping a tab with the hosts file open in notepad++. I use the hosts file from time to time, and I just leave the tab open, never thought it could help me out security-wise though.
18
HankMcCoy 3 days ago 0 replies      
0x43E (о) is the stuff of nightmares

facebооk.com is still available ;)

19
adr_ 3 days ago 0 replies      
I've had a Fасевоок Off-c-al account lying around for a year or so.
2
For the love of God, YC companies-to-be stop posting ambiguous job description
352 points by startupcto  2 days ago   88 comments top 24
1
TheSkeptic 2 days ago 10 replies      
YC S11 Company Seeks Uber Python Dev

We're a young company that's so hot, we melt ice in our sleep. Some of our investors even believe we're responsible for global warming. Out hotness is to be expected: our 5 founders hail from top engineering schools, and one even won $5,000 in a single night playing online poker when he was 13 (for reals).

Our users? Cooler than a polar bear's toe nails. Think Tom from MySpace, but even cooler. They're young, they love technology and they all have fat bank accounts. Oh, they're all beautiful people too.

Our trajectory is clear: extreme penetration of a lucrative niche market in Year 1, and world domination in Year 2. We've already grown 500% in our first 2 weeks after launch. See http://yfrog.com/kfu2tcj

We're looking for an awesome Python developer with a big ego and low self-esteem. Someone who knows he's the sheeeeet but doesn't want to prove it at a big company that does lame stuff like QA. Someone who can down a can of Coke and a box of Mentos and then go on to devour a four-course meal of web-scale challenges the likes of which no other startup has ever faced. Seriously.

What do we offer? Put simply, The Life. As an early employee, you'll receive a salary that will enable you to rent a condo in Palo Alto with 3 other startup dude roommates, a huge equity stake that will be massively diluted as we raise new rounds of funding from some of the most respected angels and VCs in the Valley, and the ginormous confidence that comes with knowing you're changing the world one unique visitor at a time.

If you're ready to take your awesomeness to the next level and think you have what it takes to hang, send us an email at socially.awkward.hipster.startup@gmail.com and tell us why we shouldn't laugh at your Github account.

2
nirvana 2 days ago 3 replies      
Maybe it's just because I'm "old" or have been around the block, but hyperbole in a job description really turns me off. The harder the sell, the less I trust the seller. Actually this is true everywhere.

Further, you can tell us what the business is, and what is compelling about it, without giving up the secret sauce. You can even mention the secret sauce without giving up the secret.

EG, if your startup was google: We're building a revolutionary search engine using the social proof inherent in the web to give people results that are far more relevant than Yahoo and Inktomi. There, did I give away the page rank algorithm? No, but I did reveal the compelling advantage that google had: they figured out how to derive social proof from the web... which at the time was unheard of.

Even if that's too revealing.... at least talk about your technology stack. If you write a 500 word essay and the only mentions of technology is that you use "rails/node.js" -- something at first blush seems like not a choice but a pair of choices-- you're being evasive one something you have no reason to be evasive on. "We're using rails to host the primary web app, and node.js to run a really nice realtime updating system, blah blah blah."

You can talk about that... and you are giving candidates an opportunity to know what you're like based on your technology choices and how you talk about technology.

3
pg 2 days ago 2 replies      
My apologies on behalf of YC. I deleted that job post, and asked the companies in this batch not to post this sort of thing anymore.
4
mtogo 2 days ago 0 replies      
This is how the second posting came across to me:

==================================================

Wassup broz.

We're an awesome new startup that totally kicks ass and we drink alot of beer and stufzlol.

Anyway, we need a nodejs ninja rockstar bro to chill with us and write some codez.

We aint gunna tell you what we do cuz thats not how we roll but email us at throw.away@gmail.com
==================================================

5
mindcrime 2 days ago 1 reply      
Heh, I agree, that second one is rubbish. It seems like they're trying real hard to paint a picture of how young and energetic and fun they are... but then didn't say the first word about the product they're building. I don't know about the rest of you, but all the "young, hip, energetic, red-bull drinking, prank pulling startup vibe" stuff isn't terribly interesting to me, compared to knowing something about the actual, ya know, work.

As they say "it's called work for a reason."

Sure, we all (well, mostly all) want a fun, happy workplace... but if I'm working on something that's mind-numbingly boring, I'm going to zone out and not give a flip about the red-bull and the nerf fights and the after-work LAN parties and all that B.S., in about 2 minutes.

6
bhousel 2 days ago 3 replies      
It would actually be clever if they are both for the same job and that company is just split testing their job descriptions.
7
ajaimk 2 days ago 1 reply      
The top 3 things I look for when picking a job:

- The people I'll be working with
- The product I'll be working on
- The job I'll be doing

These posts are way to ambiguous to answer these real questions. The only questions they do answer is that you were good enough to get into YC. If you want someone to apply for the job just cause you are a YC company, tough luck - the applicants are gonna suck big time.

8
rhizome 2 days ago 0 replies      
The cheerleaders are beginning to arrive on the scene. Everyone in the company should be outgoing, fun, super-communicative and ready to party. You know: nerds.
9
proexploit 1 day ago 0 replies      
I can understand the various arguments for a need to be somewhat secretive and that's fine. That being said, there's some no-brainer concepts to include in a job listing if you want it to be worth your time.

#1) Don't just say what the job title is, be clear on what it means to you. I've had job interviews for a "frontend developer" be anything from a PSD-slicer to a 95% backend coder.

#2) If you want a passionate employee (you do), you need to give enough information about your company so they can tell if it interests them. I could care less what cool technology you use if I don't know whether I'm reforming healthcare or inventing new ways to impose banking fees. You can say what you do without providing any sort of specific information.

#3) Sarcasm online can be very easily misinterpreted. I suggest being upfront and professional in any job posting but if you must use some kind of sarcasm, be sure to note it.

Note: This is by no means a complete list, simply some reoccurring issues I've seen during my recent job search.
Edit: Formatting.

10
StyleOwner 2 days ago 1 reply      
In this hiring environment I'm not above the occasional shameless plug. Your point about vagueness is well taken, but I'd have to write 3 pages to really give you a detailed understanding and I'd rather just show it all to you over a beer.

My company is hiring:

We do e-commerce where people can set up their own fashion boutique -- we have a massive catalog full of top-tier designer products. We have made incredible partnerships with brands, the fashion industry, etc. People who set up stores facilitate social shopping via their store and make a small commission per sale. If you don't get why this is cool b/c you wear sweatpants or the same pair of jeans, that's OK, I have data to show you.

Our site, www.styleowner.com is solid on the backend but needs a lot of frontend love. If you like backbone.js, web standards, etc., come join us and help make it one of the best sites on the web. Backend developers wanted too however. We use Ruby, Sinatra, DataMapper, Node, Redis and more. Interest in IOS is also a plus.

We're hiring for 2-3 positions. We are looking to make some key hires right now and the goal is a superb team.

If you're in San Fran let me meet with you over coffee or beers and show you our codebase, tell you in incredible detail what we're working on, etc. I'd also like to see some of your code. The goal is to give you an idea if you want to work on our app and what that would entail over at least the next few months.

We're funded by Accel, have great investors, etc. The only challenge has been in tech hiring b/c if you're good you probably already have a job you enjoy. So give it a shot and meet us and see what you think.

Putting together an awesome engineering team is our #1 priority. We're in the stage where we're making key hires and ramping up.

email matt@styleowner.com

11
sprovoost 2 days ago 2 replies      
That last link has the word "bptumblr" in their Amazon EC3 link. If you Google that term, you get a bunch of porn sites. That might explain their popularity in random bars and early profitability :-)
12
jsavimbi 2 days ago 1 reply      
Agreed. #2 appears to be very concerned with interesting they see themselves while #1 appears to understand that a) finding talent is hard and b) they need to convince someone to work for them based on the interesting things they're working on (or they're just savvy on what keywords to use).

You also have to consider that many of these YC companies are young, small and inexperienced, regardless of their job descriptions, so take it with a grain of salt before you commit to anyone. These guys could pivot at any given moment, change technology stack on a dime (just happened to me), fire you because you don't fit in, etc.

13
logjam 1 day ago 0 replies      
I'm not looking for a job, but do occasionally see one here that may fit someone I know, and I pass it on....but only if I don't see (for the 10,000th time) vapid marketing-speak like "join a team of rock stars" or "wanna rock with us?", or "rock our stars" or whatever. I have nothing against actual rock stars (musicians), but if you're basically a bunch of marketing or management suits, you're the farthest thing from a "rock star" imaginable.
14
pagekalisedown 2 days ago 2 replies      
And spare me terms like "ninajas" and "rockstars".
15
nlh 1 day ago 0 replies      
Allow me to ask what may be a silly question:

If you're looking to hire someone by posting a public job description, why are you unwilling to say who you are?

The older and more experienced I get, the more the notion of "secret companies" (aka stealth mode) seems absurd. The CIA might need to keep secrets. A web technology company does not. Like another poster said, nobody's suggesting that you have to reveal your deepest darkest technology special sauce in your job posting.

But why not at least reveal the name and nature of your business? It's fairly relevant.

16
BrentRitterbeck 1 day ago 0 replies      
I fully agree. I often wonder why the posts are something similar to the following:

Young company looking for C++ programmers to help create a small fraction of the functionality provided by a Bloomberg terminal for a small fraction of the price of a Bloomberg terminal. Financial knowledge appreciated, but not required.

NOTE: If I had more than a few hours a week to work on such a thing, and I didn't have a large amount of student debt, then this would be a posting I would eventually like to make. For now, the above is only meant to serve as an example of how I think a job posting should read.

17
feydr 2 days ago 1 reply      
I just don't understand why all these announcements say stuff like 'we have 150k users' -- but they won't even mention their name? I understand if you are IN 'stealth mode' but if you have so hundreds of thousands of users -- that's not exactly stealth anymore is it
18
dan_manges 1 day ago 0 replies      
I actually liked some things in the "YC S11 Company Seeks Rails Architect" post. Not the hyperbole and fluff, but the details on growth, trajectory, culture, current team, etc. I'd be more specific, but since the post was deleted, I can't reference it.

The "Summer 2011 YC company seeks CoffeeScript drinking frontend engineer" post seems very generic to me. It's nice that they mention the industry they're working in, but otherwise, I didn't pick up on much differentiation in the job description from other companies looking to fill a similar role (and the post nearly admits that itself, at the end).

19
waterside81 2 days ago 0 replies      
Thank you for saying this more bluntly then I did:

http://news.ycombinator.com/item?id=2659445

I was trying to be a bit more diplomatic but my feeling was the same. It serves no purpose to be so discrete all the time.

20
issa 1 day ago 0 replies      
I know rock stars. Rock stars are friends of mine. Programmers are not rock stars.

Seriously though, whoever started the whole rockstar/ninja thing should be punished. This is programming. Forget sex, drugs, rock-n-roll and throwing stars. I want to work with people who always know where their towel is.

21
Havoc 2 days ago 0 replies      
Clearly the company in the second example is making gigawidgets.
22
brackin 1 day ago 0 replies      
I agree, they want to remain stealthy and keep the prying eyes of journalists and rivals out but need to be able to convince potential employees to actually contact them.
23
blockbeta 1 day ago 0 replies      
Agree 100%. Whether a job description, Web page, brochure or any other vehicle, real communications say what they mean and don't use euphemisms. These generic descriptions are probably copied and that's pure laziness.
24
chmike 2 days ago 3 replies      
This comment will probably cost me some karma but the "for the love of god" makes me feel uncomfortable. I assume it is used as an expression and not as proselytism or whatever.

Replace god in this expression by gays, Allah, children, science, music, bits or whatever and you may experience the same feeling I had. And it doesn't provide any useful and constructive information to the main point.

7
Leaked AT&T Letter Demolishes Case For T-Mobile Merger broadbandreports.com
294 points by rosser  2 days ago   41 comments top 4
1
cookiecaper 1 day ago 1 reply      
The proposition of this merger is one of the most blatantly negative outcomes for the public I've heard in some time. Anyone with even an inkling of sense regarding this industry understands that it would be very dangerous and troublesome for consumers if T-Mo were absorbed into AT&T -- not only would it pare down the oligopoly that is mobile telco and allow further price gouging (which is already quite excessive; cf. 20¢/text), but AT&T would have acquired the entire GSM market in the US, leaving current T-Mo customers with no choice but to use AT&T or get a new phone and foreign visitors with no choice but to roam on AT&T.

> (somewhere there's a paralegal looking for work today)

I like to think that somewhere there's a paralegal holding his head high for the "accidental" damage he inflicted to this potential merger. Good for you, man.

2
rauljara 2 days ago 1 reply      
There is already too little competition in carriers (and telecoms in general). Even completely ignoring the document, I can't imagine who thought public good would have been served by allowing such a merger.
3
object404 1 day ago 2 replies      
Additional related articles where a lot of this was sourced (3 of them sourced from each other):

---------

Unredacted AT&T Filing Shows $3.8B Price Tag

By Maisie Ramsay
Thursday, August 11, 2011

http://www.wirelessweek.com/news/2011/08/unredacted-ATT-fili...

---------

AT&T Letter Damages Case For T-Mobile Acquisition

Rue Liu, Aug 12th 2011

http://www.slashgear.com/att-letter-damages-case-for-t-mobil...

---------

AT&T's “Ooops” Damages Their Biggest Argument In Favor Of T-Mobile Takeover

By David, Managing Editor August 12, 2011 4:10 pm EST

http://www.tmonews.com/2011/08/atts-ooops-damages-their-bigg...

4
rokhayakebe 1 day ago 2 replies      
I just cannot wait for a startup to disrupt this space.
8
New leukemia treatment "exceeded our wildest expectations" msn.com
281 points by xd  3 days ago   106 comments top 17
1
earl 3 days ago 5 replies      
Wow, that's amazing. I hope the results hold up.

My father died of type 2 non hodkins lymphoma in 1997 when I was 17; he was sick for 4 years from two rounds of lymphoma, plus a marrow transplant. Every time I read about advances like this I feel bad about wasting my life building better advertising instead of doing biomed. I just wish biomed paid better wages -- I much more than doubled my income by leaving a wetlab and doing advertising instead. It's a lesson in what our society really values. And now I feel like Steve Yegge.

2
iqster 3 days ago  replies      
From the article:

"Both the National Cancer Institute and several pharmaceutical companies declined to pay for the research. Neither applicants nor funders discuss the reasons an application is turned down. But good guesses are the general shortage of funds and the concept tried in this experiment was too novel and, thus, too risky for consideration."

The keywords are "experiment was too novel, and thus, too risky for consideration". Unfortunately, this seems to have become the rule rather than the exception in scientific research. All the young folks (pre-tenure) are on a treadmill to get funding and publish something in the top journals/conferences. I wish there was some accountability in the system ... the geniuses who rejected funding this research will go about completely unaffected.

3
justinph 3 days ago 1 reply      
As someone with a genetic disorder, this type of gene therapy is really amazing to read about.
4
ComputerGuru 3 days ago 0 replies      
Original New England Journal of Medicine paper on this subject: http://www.nejm.org/doi/full/10.1056/NEJMoa1103849
5
jcfrei 3 days ago 0 replies      
has this method of cancer fighting been only applied to leukemia patients or could it work for other types of cancer as well? since T-cells reach almost every part of the body, couldn't they be reprogrammed to kill some other cells apart from carcinogenic white blood cells?
6
testcock1 3 days ago 2 replies      
One thing I was left wondering about and maybe someone here can shed some more light on this, what happens to the supposedly enormous amount of "serial killer" white blood cells after they're done with the cancer cells? Do they function normally, until a new "infection" comes, basically serving as a permanent leukemia antidote?

(I hope no one is offended by my quite flimsy grasp of medicine and the human body)

7
curt 3 days ago 4 replies      
Came up with an idea (edit: wrote in generalization, took to much credit, sorry, didn't want to bore everyone with details) 10 years ago, everybody thought I was crazy for wanting to inject HIV into people. The idea I had was to treat the human immune system like a computers anti-virus software and upload treatments using the HIV virus. Didn't think the FDA would even allow something like this for at least another decade. Really believe HIV is the key to ending disease in humans, even possibly aging.

Wonder how they handled its affinity for mutation? That was the big hurtle.

EDIT: xd corrected me. They did it in vitro. Which explains how they got around the FDA.

8
kingkawn 2 days ago 0 replies      
Great outcomes for those patients, but it has to go >3 patients, and survival >5 years before people get worked up. This is a difficult disease and people will get hyped up quickly.
9
gojomo 3 days ago 0 replies      
I am hopeful but also reminded of the opening of 'I am Legend':

http://www.youtube.com/watch?v=8aouT6EMJh8#t=00m21s

(The distracting leading quote and music has been added by the uploader... but I can't find an alternate clip of this set-up scene that also includes the important cut to 'three years later' at the end.)

10
Vadoff 2 days ago 0 replies      
I love how they didn't get any funding. If the government stopped wasting it's money by funding a needless war, and actually put that money to good use in research and education... maybe America could be a leader in innovation once more.
11
rokhayakebe 3 days ago 0 replies      
In each of the patients as much as five pounds of cancerous tissue completely melted away

I always thought the entire cancerous tissue would be no more than 1/8 pound.

12
yxhuvud 3 days ago 0 replies      
© 2010 msnbc.com Reprints

Ok, so what has happened after the article was printed the first time?

EDIT: ok, looks like it was just an error by msnbc. It does seem fresh: http://hosted.ap.org/dynamic/stories/U/US_MED_GENE_THERAPY_L...

13
spottiness 3 days ago 2 replies      
I voted up your posting, but please use the original title "New leukemia treatment exceeds 'wildest expectations'". The HIV part is pretty irrelevant.
14
yaix 3 days ago 0 replies      
>> ...several pharmaceutical companies declined to pay for the research.

Great! No greedy corporation to patent it and sell off the method at overpriced rates.

15
badhairday 3 days ago 1 reply      
Wasn't UPenn banned from receiving federal funding for gene therapy research after the whole Jesse Gelsinger controversy in the late 90s? How did they receive funding for this?

Also, 3 patients isn't statistically significant. Having this in the national media is going to cause mass confusion in the general public. There needs to be many more studies on this therapy before it's actually used as a treatment.

16
sweetchar 3 days ago 0 replies      
This is definitely promising!
17
ck2 3 days ago 2 replies      
So this means it will be $10k a shot in the USA and $500 everywhere else until India clones it?
9
Hyperpolyglot: PHP, Perl, Python, Ruby hyperpolyglot.org
275 points by tathagatadg  1 day ago   52 comments top 13
1
gfodor 1 day ago 1 reply      
That these languages are so similar a table like this is possible leads one to think those programmers who consider themselves "polyglot" by programming in a subset of these aren't really "polyglot" at all.
2
Udo 1 day ago 2 replies      
Neat table, one thing about PHP's member variables compared to Python/Ruby seems inaccurate though. In the example "define class", the member variable $value is declared private and then accessed through a getter and a setter, while the corresponding Python and Ruby examples use a public variable and hence look cleaner. The equivalent PHP version should be more along the lines of:

  class Int {
function __construct($int = 0) {
$this->value = $int;
}
}

instead of the ridiculously verbose thing they posted there.

3
lubutu 1 day ago 2 replies      
These tables are comprehensive, but the authors don't seem to actually understand the languages' idioms.

Over on the ISWIM-family page the Haskell "command line args" program is ten lines long, when it could be:

  import System
main = getArgs >>= mapM_ putStrLn

I wish these were written by people who knew the languages.

4
beaumartinez 1 day ago 1 reply      
Neat, ridiculously comprehensive table. A few "warnings" I found in the first 10%:

> Python: Statement separator: ; or sometimes newline

More like newline or sometimes ;. When was the last time you saw a Python script with a semicolon?

> Python: Multiline comment: '''comment line\nanother line'''

That's a multiline string.

5
petercooper 1 day ago 3 replies      
x.succ is not the Ruby equivalent of ++$x in PHP (or Perl). x.succ returns x + 1 (by default, on integers) but does not increment x as ++$x does (since numbers are immutable and that's what "x" is giving us in Ruby). The closest match would be x += 1 (shorthand for x = x + 1). I don't see x = x.succ in common usage but that would work too.
6
olliesaunders 1 day ago 0 replies      
http://rosettacode.org/wiki/Rosetta_Code may be more comprehensive although not as immediately accessible
7
hippich 22 hours ago 0 replies      
I might be incorrect regarding Perl's "scan" function, but I think you can implement it like this:

  my $s = "foo bar baz";
my @b = $s =~ /\w+/g;

Granted, this is not a scanf, but neither are PHP/Python/Ruby examples.

8
georgefox 1 day ago 1 reply      
Some of the PHP stuff, as others have noted with Python, etc., is misleading or outdated.

Backticks work:

    echo `ls`;

Constants can be declared globally:

    const PI = 3.14;

Anonymous functions can be declared without create_function:

    $f = function($x) { return $x*$x; }

I'm sure there are more. That said, I love these sorts of side-by-side comparisons.

9
benatkin 1 day ago 1 reply      
I think this shows that much of the time, the choice of open source scripting language isn't going to make or break a project. Ditto for well-maintained web frameworks.

http://www.slideshare.net/joestump/starting-your-startup/65

10
rednaught 1 day ago 0 replies      
Nice! I was going to suggest adding Lua and Tcl but they're available on the Embedded page. The link in the title goes to the Scripting page.
11
Kwpolska 17 hours ago 1 reply      
python, statement separator: not "sometimes", but "usually"

python, multiline comment: not quite. print '''foo''' outputs "foo". This is a string literal, and """foo""" is more popular.

12
nivertech 1 day ago 0 replies      
REPL for Python: ipython
13
Qa8BBatwHxK8Pu 19 hours ago 1 reply      
Python dosen't have NULL/NIL?
10
WebGL Water Simulation madebyevan.com
271 points by devongovett  7 hours ago   68 comments top 17
1
AndrewMoffat 3 hours ago 0 replies      
this is the algorithm that governs the surface waves. it's remarkably simple and well suited to the parallel computing that shaders can offer: http://freespace.virgin.net/hugo.elias/graphics/x_water.htm
2
jxcole 1 hour ago 1 reply      
When I bought my computer I didn't think graphics were important. Now I wish I had spent some money on a good graphics card. I might have to buy one so I can develop stuff like this.

For those who are interested, if you have a laptop with an intel based graphics card, you are probably using something called Mesa. After researching for a long time, Mesa is some sort of a graphics driver that works on Linux. Apparently, if you have Mesa 7.10+ and Firefox 6 webgl works, though I haven't figured out how to upgrade Mesa. The default on Ubuntu 10.04 is 7.4 or something like that. Apparently, Mesa is pretty buggy and can crash a lot.

If anyone has more info about this subject, I would appreciate it.

3
chaosmachine 6 hours ago 1 reply      
Don't forget to press "G".
4
vmind 5 hours ago 2 replies      
And here I am trying to get a bunch of 2d lines rendering quickly in a 2d canvas for some charts. So strange to me that something 'simple' like drawing 20,000 lines chugs along at ~20fps and a water simulation with caustics is there running at 30fps just fine. Goes to show how much you gain from a GPU if you're using it for something it's designed to do.
5
mtogo 28 minutes ago 2 replies      
Hrm, the site says that latest versions of both Firefox and Opera, and Chromium 6 don't support WebGL. Is there any browser this is supposed to work in?
6
benmccann 4 hours ago 9 replies      
This didn't work for me in Chrome 14 or FireFox 5. What the hell browser does this work in?
7
rvanniekerk 7 hours ago 3 replies      
I have to say, the most impressive part about this is the fact that my macbook doesn't even rev up like a jet engine like it would if I was..say...watching a flash video.

Awesome.

8
Andrex 4 hours ago 2 replies      
Doesn't work for me on Chrome 13 (Stable) or 15 (Canary) on Windows 7. Both throw up an "implicit truncation of vector type" error.
9
hmottestad 6 hours ago 4 replies      
I guess this is going to be the next race for browser compatibility. So far I've tried Firefox, Safari and Chrome all on OS X Lion, I'm hoping a newer version of Chrome will work, if not I guess this is all still mostly academics.
10
jamesaguilar 4 hours ago 0 replies      
Something really interesting happens if you move the ball to the surface, let the water become calm, then move the ball horizontally along the surface.
11
eraemaajaervi 4 hours ago 1 reply      
I'm getting the "This demo requires OES_texture_float extension" error. Strangely, in the conformance test (https://cvs.khronos.org/svn/repos/registry/trunk/public/webg...) OES_texture_float passes without error.

using latest chromium dev build on latest ubuntu 32bit. same error in firefox 5.

12
kpozin 50 minutes ago 0 replies      
Warning: this demo crashed my integrated graphics driver about 15 seconds in. YMMV.
13
vimalg2 3 hours ago 1 reply      
Surface tension seems to be modeled too.

Try violently lifting the ball out of placid water.

The water 'sticks' to the ball for a while.

14
Vivtek 4 hours ago 0 replies      
Waves don't reflect off the sphere - they just pass right through it. Mind-bogglingly beautifully, of course.
15
gcb 4 hours ago 0 replies      
wow. this logged me off my X session on ubuntu 10.10 stable and chrome 13.0.782.112
16
T_S_ 7 hours ago 1 reply      
Very nice. I would like to see somebody do a cannonball now.
17
dendory 3 hours ago 1 reply      
Another HN item that can only been seen by those using Google Chrome. When will it stop? Are we really so dumb and foolish to go right back to the "Works only in IE6" days? WHY is it that because it's Chrome and not IE6, that makes it alright?
11
Why you don't steal from a hacker. infosec20.blogspot.com
262 points by gregcmartin  2 days ago   152 comments top 36
1
giberson 2 days ago 7 replies      
Glad the person got their Mac back, but why does this story and ones like it always end at the recovery of the property? Could we get an update on the punishment of the criminal? I'd like to know what kind of repercussions the criminals suffer--do they get prosecuted? I'm just curious if these software tracking systems have been used in court as evidence to convict any of these criminals.
2
nikcub 2 days ago 7 replies      
the word 'hacker' has been diluted to a new low

first to 'somebody who can write a web app', to now 'somebody who can install software'

3
pclark 2 days ago 1 reply      
This is why I have file vault + password screensaver on my MacBook Pro + insurance. I'd sooner have to wait a few days to get a new laptop than rely on: a) the user not instantly formatting the computer, b) prey finding my laptop, c) the police doing something about it.
4
mcantor 2 days ago 1 reply      
It's amazing how when big media releases a story about "hackers ruining America", people come out of the woodwork saying "actually, the term for someone who practices forced electronic entry is 'cracker', and 'hacker' just means someone who writes code", but when someone uses it that way, the HN post fills up with comments about how the term 'hacker' has been diluted.

PICK ONE, GUYS.

5
gregcmartin 2 days ago 1 reply      
Sorry I wasn't implying that the software I used made me a hacker, that is simply just my profession... I use the term very widely to be someone who codes, pentests, reverses malware or jailbreaks iphones...
6
there 2 days ago 1 reply      
using a laptop recovery service to do exactly what it was intended to do. sweet hack, bro!
7
rajpaul 2 days ago 1 reply      
"took a report and dusted for prints, performed typical forensics"

I'm impressed that the police dust for prints in England. I've never heard of someone getting that kind of thoroughness for a domestic burglary where I live.

8
benatkin 2 days ago 1 reply      
I care more about the safety of my data than the safety of my computer, so I have FileVault full-drive encryption turned on. I don't think a thief could log into my computer without wiping the drive, which would wipe Prey if I had it installed. So I'm not going to bother installing it.
9
a3_nm 2 days ago 1 reply      
This is neat, but it only works if your setup is simple enough to be usable by a random thief so that they can get an Internet connection ready so that the machine can phone home. Were someone to steal my laptop and boot it, they would reach a tty login prompt in a dvorak layout, and playing around in grub would also lead to an LFS install with a patched agetty greeting them in lolcat. (My LFS was just for fun, so I did silly stuff with it.)

In other words, they would probably just wipe the computer and install Windows, and I wouldn't hear about the machine. I guess I could have a Windows install ready with a guest account and sneaky tracking software just for the benefit of an hypothetical thief, but it doesn't seem worth the effort.

10
icebraining 2 days ago 2 replies      
>Luckily the thief was a smart little bugger and he was able to bypass the password by using an OSX install CD to create a new admin account.

So why did he rely on luck instead of SSHing to the laptop and unlocking the machine?

>I cranked up the frequency of reports to one in every five minutes to try to get a screen capture of him using gmail or facebook so I could snag a name or login credentials.

Hmm, start a keylogger (and a sniffer) in the background and then scp the logs a couple hours later?

11
sudonim 2 days ago 1 reply      
I just installed Prey. Ignoring the OP's use of the word "Hacker", you don't have to pay them anything to get good value from the software.

I set it up so if this file ever disappears http://iamnotaprogrammer.com/prey.html it starts sending me alert messages like the one below:

Good news my friend, it seems we found it.

Here's the report from your computer:

########################################################
# geo
########################################################

:: lat=(deleted)

:: lng=(deleted)

:: accuracy=33.0

########################################################
# network
########################################################

:: public ip=(deleted)

:: internal ip=192.168.8.121

:: gateway ip=192.168.8.1

:: mac address=34:15:9e:07:af:86

########################################################
# session
########################################################

:: logged user=sudonim

:: uptime=14:21 up 3:12, 6 users, load averages: 2.12 1.91 2.06

Happy hunting!

-------

Then it attaches a picture taken with my camera and a screenshot. All in all, pretty handy to have running.

12
gst 1 day ago 1 reply      
What I don't understand: I you're so concerned that someone steals your laptop, why do you then install tracking software instead of encrypting your harddrive?

If someone steals my laptop I wouldn't care about the cost of lost hardware. Instead I'd care more about my private data that now is in the hands of someone else.

13
breck 2 days ago 1 reply      
Quick look at the source code (https://github.com/tomas/prey) seems to show that if you wipe the HD you're SOL. I'm still waiting for Apple to release Find My Mac (similar to Find My IPhone), which will withstand a hard drive reformat.
14
dkokelley 2 days ago 2 replies      
I've been wondering about these services. Not having more information about the inner-workings of a monitoring/recovery service, I'm concerned about the company's ability to spy on me the same way I could spy on anyone who uses my stolen laptop. What prevents this from happening?
15
Sargis 2 days ago 3 replies      
Is this one of those viral marketing campaigns again? Yesterday, there was a popular thread on Reddit about some guy who retrieved his stolen Macbook by using the exact same software that's being mentioned here. And not to mention the several other threads here on HN a few months ago that are suspiciously similar.

Or maybe it's just really useful.

16
tyler_ball 2 days ago 1 reply      
Here is a much funnier and more technical account of someone retrieving their stolen computer. In video form!

Skip to 3:15 http://www.youtube.com/watch?v=OAI8S2houW4

17
jcfrei 2 days ago 8 replies      
Am I the only one who feels that it's wrong to put someone's personal information and picture on the internet just because he stole a laptop? Of course you get your personal information stolen as well, but in my opinion that doesn't justify spreading his image and name all over the internet. that kind of intrusion into privacy (of the thief) is a much bigger crime in my eyes than the loss of some laptop.
18
vasco 2 days ago 0 replies      
My mom is a hacker too. She hacked her own gmail account the other day by recovering her password, she even had to remember the name of her first pet!
19
kirillzubovsky 2 days ago 0 replies      
One problem I find with these tracking applications, at least for the average users, you actually have to remember that: (1) you have one installed and (2) your credentials.

It's kind of a problem, if you have all your other data stored using something like 1Password.

I know for sure I have a tracker installed on my laptop, but since it's running in "stealth" mode, I have no clue what it is or where to find it. I guess I am not hacky enough.

20
kragen 1 day ago 0 replies      
Wait, all he had to do was report the guy's name, address, and photo to the police, and they got the computer back for him? It sounds like the London Metro Police are a lot better than the ones in, say, San Francisco.
21
_pius 2 days ago 1 reply      
What I worry about with many of these recovery stories is that you're probably not humiliating the criminal, just some unlucky person who bought the computer on Craigslist.
22
nakkiel 2 days ago 0 replies      
A lot of bits wasted here about semantics but not a single one raising the multiple racist allusions on the linked blog post.
23
joshaidan 2 days ago 1 reply      
Looks like the story just got pulled. I wonder if it was from all the criticism over the use of the word hacker, or if it was for privacy reasons.
24
Void_ 1 day ago 0 replies      
This is exactly why I don't use password protection on my MacBook Pro.
25
joshaidan 2 days ago 1 reply      
I noticed he forgot to black out the guy's IP address 90.201.72.42 in the screenshot.
26
waffle_ss 2 days ago 1 reply      
Selling corporate firewall hardware doesn't make you a hacker
27
gabaix 2 days ago 0 replies      
404
page has been pulled out 1 min ago.
28
pothibo 2 days ago 0 replies      
The guy browsed the internet for muslim revelation videos. I could have give him 1 tip to be in God/Allah's good Grace: Don't steal other people's stuff.
29
saturn7 2 days ago 2 replies      
How the world has changed, Hackers use macs?
30
lawlit 2 days ago 0 replies      
So now everyone who installs a "tracking software" on his laptop is a hacker. Really, the internet has changed.
31
rickdale 2 days ago 0 replies      
I am sorry, but mere mortals have not heard of and don't use prey project. Hackers use prey project. Professional ones.
32
MatToufoutu 2 days ago 0 replies      
Maybe this guy IS a hacker, or maybe he's NOT, I don't care, but the word hacker is worthless using in this story, didn't see any hack involved...
33
dwrowe 2 days ago 0 replies      
"Hacking" is now referred to, someone posting on anothers facebook, since they were still logged in. /facepalm
34
EGreg 2 days ago 1 reply      
Why didn't a real hacker have a keylogger installed on his machine instead of just the webcam thing? You could have gotten the guys' password to his facebook
35
xd 2 days ago 1 reply      
This article seems to imply this "hacker" used some actual skill set to retrieve their stolen goods. Installing tracking software on a mac and then bragging about it when stolen and then found doesn't fit with what I'd call being a hacker.

Nice story though. And I'm happy another rioting / looting is going to court to answer for there actions.

36
budu3 2 days ago 1 reply      
Did Sam Odio's blog get hacked? Because I refuse to believe that the Sam whose comments I've been reading on HN would steal from someone. Sam how is what you're doing different from what Anonymous et al are doing? However irritating Jonathan's experiment is, it doesn't give you the right to impose you idea of morality on them.
12
2011 Startup School startupschool.org
262 points by pg  3 days ago   82 comments top 33
1
raganwald 3 days ago 4 replies      
I got on the cheapest flight I could find and went to the very first Startup School. And while I did not walk out and change the world, I walked out and changed my life. Streaming or not, my advice is to find your way there by hook or by crook and attend in person.
2
pg 3 days ago 2 replies      
The speaker list is just those confirmed so far. It will grow as we get closer to the event.
3
dtran 3 days ago 1 reply      
Startup School changed my life.

I went to Startup School 2008 during my second year at Stanford. I had never heard of YCombinator, but a friend involved with the Business Association of Stanford Entrepreneurial Students (BASES) had encouraged me to check it out because it was on campus. After hearing inspiring talks from PG, PB, SamA, DHH and the other speakers and meeting lots of founders, I joined BASES, where I met and started working with Ricky. I knew pretty soon that I wanted to start a company with him.

Fast forward a year to Startup school 2009: Ricky and I had been working on a few ideas while in school and met Mark, who had just come back to Stanford after dropping out to work on a startup. I ended up working with Mark on a class project a few months later before the three of us formed a company and were fortunate enough to be part of the amazing Summer 2010 batch of YC.

Attending Startup School last year was surreal - here I was right out of school working on my own company surrounded by an amazing community of entrepreneurs. And the energy at Startup School was STILL overwhelming, even after having gone twice and been through YC. There aren't many other places on the planet where you find several hundred smart, super hard-working, energetic people who firmly believe they can build the next Google packed into a single auditorium.

4
grinich 3 days ago 2 replies      
If you're around Boston this fall, we're doing Startup Bootcamp again at MIT. Date is 9/24. More details to follow early next week.

http://startupbootcamp.mit.edu/

5
ajju 3 days ago 0 replies      
I went to the first startup school in Cambridge with my then girlfriend (now wife!). Flew to NYC for cheap tickets and took the chinatown bus to Boston. I was already working at a cool startup then but it started me along a path of several iterations of trial & error which led to RideCell. Now I am on my third year leading a fast growing, cash flow positive company that makes a real difference.

Had some great discussions with edw519 about pawn shops, with tlb about remote receptionists, with Scoble, some guys from loopt, and one of the Lockitron founders in 2010.

Startup school gives me a boost every time I attend. Hope to do so again this year.

6
joshu 3 days ago 1 reply      
Yay! It was fun to speak at the first one of these.
7
wensing 2 days ago 0 replies      
Last time I went to Startup School (2007) Drew Houston was just an attendee hoping to get into YC. I still remember him telling be about this syncing thing ... sounded like it just might work.
8
noelsequeira 3 days ago 1 reply      
All other things being equal, does how early (or late) you fill up the application form have any bearing on whether or not you make the grade? (I hope not)
9
alain94040 3 days ago 1 reply      
Would people like a co-founders meetup that evening? I'm sure everyone's creative juices will be in full swing by the evening.
10
dmazin 3 days ago 2 replies      
I'm moving to the Bay Area tomorrow. I'm attending my first meeting for Rails people in a few days! It's mind-blowing to be in an area where I'm not the only one who likes this stuff.

So obviously I'm very excited by the idea of attending Startup School. Man, years ago now, DHH's talk formed the basis of what I want to do with myself.

11
zinssmeister 3 days ago 0 replies      
One of the best events I have been to. I highly recommend attending in person.
The atmosphere that day in the auditorium was amazing and you get to meet people from around the world.

Have I mentioned it's free?

12
staunch 3 days ago 0 replies      
Never been, but I've watched many of the videos repeatedly. Some great talks came out of Startup School. Can't wait to watch this year's.
13
candre717 2 days ago 0 replies      
I'm applying! I already have the funds saved for the plane ticket. I'm coming from the East coast. I wanted to apply last year but a.) I didn't have the funds and 2.) I wasn't confident in my coding skills as I am now. I'm super excited, because even if I don't get in I'll still be one step better than where I was last August :)

I'm a little uncertain about housing, but worst case scenario, I'm willing to take a same day flight back.

14
malandrew 3 days ago 0 replies      
I just moved to the Bay Area and I'm really looking forward to this.

Out of curiosity, what kind of activities are there going to be to promote ice breaking and networking? I ask because all the best events I've been to always make sure to pay as much attention to promoting networking as they do the speakers.

On top of that, would it be possible to make sure the name tags are really big and easy to read casually at a distance. It's always much easier to strike up a conversation when you can glance at someone's name tag and easily read their name, twitter handle or HN handle without having to lean in and stare.

15
susanhi 3 days ago 0 replies      
What's the criteria on who gets accepted to attend?
16
NoPiece 3 days ago 1 reply      
Would someone over 40 be out of place at this event?
17
wensing 2 days ago 0 replies      
What are the chances of a startup open house?
18
luke_osu 3 days ago 1 reply      
Just filled out the application. It would be very cool to go but I have no clue what criteria they will use to weed people out. I guess we will see!
19
Nemisis7654 3 days ago 2 replies      
I'm a college student who doesn't have much money and thus may not have the funds to take the trip. Should I not even apply or should I apply regardless?
20
RobertHubert 3 days ago 0 replies      
Getting my team to apply now! Thanks for the heads up!
Edit: Im in LA and if I qet the invite, Ill be driving up but I can fit 2 more people in the car for the ride if any locals want to carpool. I have room to host 2 people at my place here in LA also if anyone is flying in to LAX for any reason lol.
21
james-fend 2 days ago 0 replies      
Crossing fingers to get an invite. Im all the way in Nashville, TN but I'll def scrape up a plane ticket to go.. and possibly never come back to TN, lol..
22
wyclif 3 days ago 0 replies      
Anyone road tripping this from back East?
23
Sigma11 2 days ago 0 replies      
Anyone coming from Israel?

I'd much prefer to spend the long travel with some cool people, rather then going alone.

24
moizsyed 3 days ago 0 replies      
If accepted, you can crash at my apartment in the valley for a day. I dont have a big place, but I can easily host 2 people. Will go thru AirBnB I guess.
25
richoakley 2 days ago 0 replies      
I just applied and will be flying in from Cape Town, South Africa to attend if I make it. I've never even been to the States, but I've spent the last 5 years of my life dreaming about spending time in the Valley. This seems like the perfect excuse. No idea where I'm gonna stay, how I'm going to get around, or how I'm going to make it work, but I'm going to try anyway. Can't wait!
26
izzart 3 days ago 0 replies      
How do they decide which applications to accept?
27
paliopolis 3 days ago 1 reply      
watched the old videos over and over gain, cant wait to attend in person ie if I get selected :)
28
mikeg8 3 days ago 0 replies      
This seems like an an invaluable opportunity and I hope I can make it.
29
sinzone 3 days ago 0 replies      
I would love to hear Jack Dorsey!
30
JDulin 3 days ago 0 replies      
I think I will organize a pilgrimage from my school's CS department.
31
repos 2 days ago 0 replies      
Is it difficult to get accepted if you haven't launched a startup yet?
32
jsrampton 3 days ago 0 replies      
I've never been to this, planning on attending!
33
johnx123-up 2 days ago 1 reply      
My Indian pal is more interested.. Few questions from him:

1. Will PG make it in India?

2. Can I fly there to attend? Will the stay be arranged?

13
Google releases Games for Google+ googleblog.blogspot.com
254 points by skorgu  3 days ago   95 comments top 18
1
Khao 3 days ago 7 replies      
I love how Google has really taken time to address the problem number 1 with Facebook games : they are spam machines! Games in Google+ will feel more like real games (pc, mobile or console games) as in if I feel like playing a game and I see my friend also plays that game, then we can share scores and stuff. But when I'm not feeling for games, then games don't invade my news feed. What would be the point anyway in knowing my friend had a high score in a game I wouldn't play? It's only spam.

Clicking on that "Game" tab on Google+ will be just like opening Steam and seeing all your friends' activity and going "Cool, which game do I play now? Is there anyone online right now?" and I love that!

2
dwc 3 days ago 4 replies      
"When you're ready to play, the Games page is waiting"click the games button at the top of your stream."

I keep looking, and it keeps not being there.

3
foenix 3 days ago 0 replies      
As a games developer still green-around-the-ears I'm really looking forward to trying my hand at making a social media game. I never wanted to make a facebook game because I felt like that ship had sailed.
4
AshleysBrain 3 days ago 1 reply      
So are these games all HTML5? Or a combination of technologies? I can't find any info about that. Looks very cool though!
5
andypants 3 days ago 1 reply      
I can't wait until they open up the g+ api.
6
crxpandion 3 days ago 0 replies      
Now if they only integrate it into hangout. Virtual LAN Parties. Not to be confused with VLAN parties...
7
e1ven 3 days ago 0 replies      
Found this video showing some of the implementation details (Via Tom Anderson on G+)

https://www.youtube.com/watch?v=JTYzyIcp0mY

All in all, it looks well done. I want to be absolutely sure I don't see Puzzle crap if I'm not interested, but their statements so far are in the right direction.

8
DanielRibeiro 3 days ago 1 reply      
It would be nice to announce an open API as well. Hope it comes soon.
9
sgt 3 days ago 2 replies      
I've got like 10 people in my Friends circle on Google+ and my feed is literally flooded. I suppose I could do some filtering (although I doubt that is what a typical user would even attempt doing). It just seems like it's harder to find out "what's going on" than with Facebook.
10
mkr-hn 3 days ago 0 replies      
The only thing that kept me from gaming on FB was stream pollution. I might actually play a few games on G+. I could even see myself developing one.
11
jhuckestein 3 days ago 0 replies      
Next up, apps for Google+ and (more interestingly) for hangout.
12
ristretto 3 days ago 0 replies      
Has anyone seen the games? What are they? An iframe, ajax, javascript or sth else?
13
latch 2 days ago 0 replies      
i wish they bought me out and integrated mogade.com into it as a part of the platform for game developers :(

If you think games are important to your platform, I really think that having game-specific APIs and features for game developers to target is both useful and simple.

I've always thought a Facebook meets xbox live would do well.

14
int3rnaut 3 days ago 2 replies      
I'm still in the dark here so I can't check, but will Games for Google+ be using the same business models as most facebook games?
15
Raphael 2 days ago 0 replies      
Marissa Mayer is kicking our asses at Bejeweled with 409,950 points.
16
jcapote 3 days ago 0 replies      
Good night, sweet prince.
17
ry0ohki 3 days ago 1 reply      
That's why I've largely unfollowed "famous people" on Google Plus... until they have the ability to view "everyone but X circle". The only people of the 100 or so I follow on Google Plus who post anything are celebrities and they post nonstop (and the hundreds of useless comments keep bumping their stuff to the top of my feed). It works on Twitter for some reason, but not on G+.
18
alecco 3 days ago 1 reply      
This is problematic given the current vulnerability to spam Google+ has. Anybody can friend you, via your own friends.To make it worse, Google will give you a red notice for this on every service, even search. I've been friended by multiple online media sociopaths through my friends.

Say Mr. X social media adds a few of your publicly listed friends. And some add him back. Then Mr. X adds all their friends by looking at their circles (both ways). This includes unlisted people. They add all of them. Again, some of them add them back without double-checking. This is reinforced when Google+ shows contacts in common. You think, hey this is a friend of a friend. Often they have more than 2 contacts in common.

It's either spreading like fire or my friends are particularly vulnerable to this, wich I doubt as most are tech-savvy.

I hope Google takes care of this issue before the Zyngas creep up and make the service as trashy as Facebook.

Edit: reworking examples to make it a bit more clear.

14
Google Admits Handing over European User Data to US Intelligence Agencies softpedia.com
250 points by itg  3 days ago   86 comments top 21
1
yanw 3 days ago  replies      
Corporations based and operating in the US are subject to the PATRIOT Act, it's a shitty law but it's still the law. At least they are transparent about it.

Edit: here is the article in question: http://www.wiwo.de/politik-weltwirtschaft/google-server-in-e...

They asked if their EU based dataceters are also subject to US warrants and they answered that they are.

2
omh 3 days ago 1 reply      
The article doesn't mention the "Safe Harbor" provisions. This is a negotiated exception to EU Data Protection - roughly speaking, US companies can export the data to the US, as long as they promise to give equivalent protection. Google uses this to allow it to operate with personal data in the EU.

If Google have exported the data to a US jurisdiction under Safe Harbor, then a subsequent PATRIOT Act request wouldn't need to involve any EU-stored data or EU companies.

This seems like a much more general issue with exceptions like Safe Harbor, and something that people/companies should bear in mind. Promises like "equivalent" protection don't help with new local laws which can always trump anything.

3
nopinsight 3 days ago 0 replies      
This is a clear example why China does not welcome US internet behemoths in their country. Who would want to give competitors easy access to their internal data?
4
eis 3 days ago 1 reply      
Corporations operating in the EU are subject to EU data protection laws.
It does not matter if the PATRIOT Act forces them to hand this data over. They are breaking the law in the EU.

Google had two choices:

  1. Don't hand over the data => they break the US law
2. Hand over the data => they break EU law plus hand over personal data of users who might not want that

To me choice number one would be the lesser "evil" thing to do.

The solution is to have completely separate entities of the company in the local jurisdictions. Those follow local law and only share data with their foreign sister companies in a lawful manner and otherwise can ignore foreign law.
Of course this creates some complexities but it's the right way to do, everything else gets you into trouble and even huge companies as Google can't get around colliding laws from different jurisdictions.

Handing over data to intelligence agencies is just one example of mutually exclusive laws. There are actually many more like data retention laws. The internet is probably the biggest challenge to international laws and treaties ever.

5
caf 3 days ago 0 replies      
The PATRIOT Act is already surfacing as a competitive disadvantage for US-headquartered companies in foreign markets.
6
d0ne 3 days ago 1 reply      
This is a very real problem and provides case in point as to why everyone needs to start using client-side encryption for their data and communications.

In some cases this is still currently impractical to do on a day to day basis but in others such as Email, Social Networking or Instant Messaging it is not[1][2].

[1] I'm involved with a company that recently launched a free tool that provides transparent client-side AES256 encryption for Facebook, Google+, Major Email apps among others.

[2] https://www.socialfortress.com/

7
dpatru 3 days ago 3 replies      
One solution might be for Google to spin off its EU datacenter operations into a company incorporated outside of US jurisdiction. The Patriot Act would then no longer apply and Google would not be force to break EU law.
8
runjake 3 days ago 0 replies      
9
balpha 3 days ago 1 reply      
> According to German-language magazine WirtschaftsWoche, a Google spokesperson confirmed that the company has complied with requests from US intelligence agencies for data stored in its European data centers.

This isn't true; the WirtschaftsWoche article doesn't claim this. It says this could happen, but the claim that this article says it already did happen is a lie.

Not that this means it hasn't happened or is unlikely.

10
ditojim 3 days ago 2 replies      
The first sentence of the article also mentions that Microsoft has been forced to do the same thing.
11
brudgers 3 days ago 0 replies      
I think there is a misunderstanding of the intent of this provision of the PATRIOT act. It's primary purpose is to serve US based companies by providing cover from shareholder activism and negative press when they are outed for providing such information; and to streamline the process of dealing with such requests because there is little to be gained from resistance through litigation.

In other words, the PATRIOT act provides corporations with the least expensive option for providing user data and provides them with political and legal cover when they do so.

12
dendory 3 days ago 0 replies      
There's a huge need for people to start drifting to non-US based companies for everything that has to do with cloud storage or data, either that or force Google and such to offer solutions with end to end encryption that they have no access to.
13
aik 3 days ago 2 replies      
"Do no evil" -- What do you think? Does this qualify as a breach of their motto? Or is it only a clear message to those who may have thought their Google data is private?
14
meow 3 days ago 0 replies      
I think the requirement to be silent about handing over data is more for the corporations than the government. No wonder this remained secret for so long.
15
amatus 3 days ago 0 replies      
It's not clear to me that these laws are mutually exclusive.
1. "the USA PATRIOT ACT, which states that companies incorporated in the United States must hand over data administered by their foreign subsidiaries if requested."
2. "European Union legislation requires companies to protect the personal information of EU citizens"
It could be that the US gov't requested data on non-EU citizens which happened to be stored in EU data-centers.
16
antr 3 days ago 0 replies      
If this had been the other way round, I can easily imagine this issue going to U.S. Congress, leading to hearings, etc.
17
iamelgringo 3 days ago 0 replies      
Weren't we just talking about this yesterday?.... http://news.ycombinator.com/item?id=2855764

Okay, not about this issue exactly, but the amount of data that Google collects on individuals is Law Enforcement's dream.

18
mattvot 3 days ago 0 replies      
Hypothetical question that would never happen: What's to stop Google moving to Switzerland?
19
mikecaron 3 days ago 0 replies      
We can't get Diaspora soon enough!
20
iwwr 3 days ago 1 reply      
It's not as if EU governments have any more qualms about the privacy of their citizens.
21
paganel 3 days ago 0 replies      
How to kill the President of the United States: http://www.youtube.com/watch?v=HDZ574eh9Yw
15
How to put your logo in a QR code hackaday.com
249 points by xd  2 days ago   50 comments top 19
1
evilduck 2 days ago 1 reply      
Shameless plug, but I coded up http://www.crimesagainstcode.com a little while back as a learning exercise that lets you manipulate QR code pixels like this. No logo image injection but you can "draw" whatever you want
As long as you keep it within the error correction you can do whatever you want.

(it's admittedly not very robust, I have a lot more ideas for it, but my time is scarce and my site metrics haven't really shown there's enough interest to put a bunch of time into it -- feedback is welcome though).

2
ColinWright 2 days ago 2 replies      
An interesting counter-point here:

http://news.ycombinator.com/item?id=2800022

This was my reasoning not to do this when I put a QR code on my business card - too much risk of it becoming unreadable as the card got damaged/degraded over time.

3
Rabidgremlin 2 days ago 1 reply      
I created an Android app that let's you create customized QR codes like this on your phone. Check out https://market.android.com/details?id=com.rabidgremlin.andro...
4
pornel 2 days ago 2 replies      
I wonder how feasible would be to compute/brute-force QR code that actually has the data looking like a picture, not merely picture overlaid on the code.
5
radley 2 days ago 0 replies      
We did small 2x2 flyers to promote our Android music player at GoogleIO and SF MusicHackDay.

On the back we had a QR code with our URL on each side and our logo in the middle:

http://cloudtv.files.wordpress.com/2011/05/promoflyers.png

6
ronnier 2 days ago 1 reply      
What's with the QR obsession? A new post about QR codes on HN every few days.
7
sequoia 2 days ago 1 reply      
Can someone explain the error correction a bit more? How exactly is it that you're blanking out 1/3 of the code and it still works? Does it matter which bits you disrupt? Couldn't your design, if comprised black and white squares, inadvertently BE readable QR data that screws up your message?
8
CraigRood 2 days ago 4 replies      
QR codes is another one of those developer/designer driven fads (IMHO).
I'm not aware of any stock camera application that does QR detection. This combined with the time it takes to open the application and scan it, seems more convenient to place a well thought out url instead.
That's not to say it can't be the future. But having bad QR experiences now is not going to help QR codes grow.
9
ams6110 1 day ago 0 replies      
By abusing the error-correcting encoding, you are now relying on your QR code being perfectly rendered and scanned in order to work. You've removed most or all of the error-correcting safety margins.
10
dagw 2 days ago 0 replies      
I just tried to read those QR codes off my screen and my phone refused to recognize the IBM and Firefox ones. The hackaday ones however where no problem
11
trotsky 2 days ago 1 reply      
Since it's relying on the error correction to interpret those bits as smudged / etc. - couldn't you just slap your hi res 4 color logo down on top of the center of the code and get the same effect except without the pixelation?
12
stephth 2 days ago 0 replies      
Is there any iPhone code scanner that shows the result in an overlay on the camera feed, instead of screen jumping the second it detects something? The latter behavior is obnoxious when playing with QR codes.
13
alanh 2 days ago 0 replies      
Very cool. Had definitely been wondering about how possible this was or wasn't, but too lazy/busy to read up on the standard and give it a go. My hat is off to everyone involved in these bits 'o trickery!
14
billpg 2 days ago 1 reply      
I tried doing a similar thing for a fairly short URL. I had to add some padding on the end ("?SourceID=QR") in order to make the QR big enough to fit my changes in.

Does the QR standard allow for arbitarily high levels of error correction? (More than the "H" level.)

15
evanw 2 days ago 0 replies      
I received an image from a co-worker recently which demonstrated the redundancy powers of QR codes: http://i.min.us/ij9Yjs.png

(Try scanning it)

16
DeanCollinsLCC 1 day ago 0 replies      
1/ Stop trying to make QR codes look pretty

http://blog.collins.net.pr/2011/04/stop-trying-to-make-qr-co...

2/ If you must do QR code "enhancement" please use Overlay and not embedding. Overlay positions the QR code "within" a logo and builds a surrounding design.

Want to see some examples of what that means - check out www.Cognation.net/QR particularly the IronMan2 example from Warbasse design.

17
paulschreiber 2 days ago 0 replies      
You can do this with datamatrix codes as well. Semacode has been doing this for years:
http://semacode.com/
18
viscanti 2 days ago 1 reply      
The QR Codes have built in levels of error correction, anywhere from 10% to 30%.
19
tawm 2 days ago 2 replies      
The BBC did that YEARS ago.
17
Death to the 'noreply' mailbox josscrowcroft.com
236 points by josscrowcroft  3 days ago   86 comments top 27
1
ethank 3 days ago 2 replies      
The no-reply email is like sending your error logs to /dev/null

THAT BEING SAID

I used to be responsible for 600 active websites, and when we switched to using a help-desk system for auto-sent emails we broke things and had to go back to no-reply.

Lesson learned for us: it's worse to give the appearance of attention if you don't have the means to deliver on that promise.

2
lobster_johnson 2 hours ago 0 replies      
I disagree with the logical premise of this article, at least for our specific case (social networking app sending notifications about activity). We most certainly don't want replies. The sender of the emails is not us, our company, but the application itself. When a calendar app on your smartphone reminds you of a meeting, there's no "Reply" button because having one simply doesn't make sense.

The fact that email is a system where it's implied that anything is replyable is unfortunate. Email is currently the best option for sending out notifications on the Internet, since most people don't know about feeds or how to use them. If there were a better, equally established technology for one-way notifications, we would use it. (We use SMS messaging, too, but only when it makes sense, since it's pretty invasive.)

Anyway, we did try to kill the no-reply behaviour at one point. Sounded good on paper, but it was impossible to execute in practice. Some issues, off the top of my head:

* We got a ton of vacation autoresponses, in all sorts of languages and all sorts of phrasings. It would be too time-consuming to set up rules to deal with all of the variations.

* We got an onslaught of replies accusing us of spamming them. These were users of our site, remember; a lot of sign up to an app and then promptly forget that they were now members. They never read the actual email, which has a very visible footer explaining how to disable notifications.

* A lot of confused users replied to the emails, either to thank us for the notification (not useful), or intended as a reply to a specific user, such as in the case of "new comment" notifications.

Sure, in some cases (like comment follow-ups) we could automatically process the rely. However, I'm really skeptical about our ability to handle email formatting well, though. Things like quoting, HTML, "On June 12th, John Doe wrote:" headers (which often are not in English) and signatures must be stripped, and I could not find an existing library that would do this reliably.

Maybe if you are Facebook or Google you can spend the necessary manpower to deal with the technical challenges, but we can't; our company is small enough that we can't even afford the resources necessary to screen replies manually.

3
twakefield 3 days ago 2 replies      
"So I've given you my email address. I've given you the permission to contact me directly, via the medium I check more than anything (nasty habit, I know.) And this is how you repay me?"

Hear, hear. We've been preaching the same at Mailgun. A lot of companies pay good money for affiliate lists, scrape web sites; basically do whatever it takes to get emails for marketing/spam. Yet, here are companies with permission to engage their users through email and they totally whiff. EVERY email you send should be considered an opportunity to increase engagement with your users. Tell them them that they can respond with questions, comments, whatever. Grubwithus does a good job of this. They specifically say in the body of the emails that you can provide feedback just by replying.

Email should be considered another interface into your application.

4
neilrahilly 3 days ago 3 replies      
I thought sending notifications from help@atomiccontacts.com and ending them with 'Any problems, just reply to this email!' was a good idea too.

However, I've had to introduce noreply for a lot of transactional emails for a reason I didn't expect.

If you send an email like:

    Subject: X has requested you become friends/posted a photo/tagged you/sent you a message

...even if you mention that replying to the email will come to you, not X, many users will instinctively reply. E.g.,

    Hey X, So glad you got in touch. Love the picture. Want to grab a coffee soon?

Then you feel bad that you're intercepting personal emails.

I switched to noreply and put a help email link in the signature (which is ridiculed as the height of too muchery in the article).

If anyone's got a better solution, I'd love to hear it.

5
yaix 3 days ago 0 replies      
Nope.

noreply is for all the auto responders to not litter your inbox. At the end or beginning of the email is the contact address. A human responder clicks it and replies.

6
oskee80 3 days ago 2 replies      
I consider the no-reply address a courtesy to me to know that I won't end up writing a reply to an address that isn't monitored. Things like bank notifications and alerts are designed to be one-way communications, so the no-reply address makes sense. Usually the body or footer of the message contains the proper contact methods/addresses. It does not hurt my feelings to have to click on an email address within the message vs. clicking the 'reply' button in my client.

That being said, I agree that a no-reply address sends the wrong message for start-ups, welcome messages, signup confirmations, etc. I think they are good for recurring message that are inherently one-way, and when the user knows the preferred contact info for the company.

7
joshu 3 days ago 1 reply      
Unfortunately, lots of people have vacation responders or autoresponders saying you have to click on a URL to get delivered...
8
pbreit 3 days ago 1 reply      
I was head of support for a good size startup and we set all of our reply-tos to go into our support system. There was not much junk (thanks Gmail) but lots of autoresponders. But it's totally manageable. I set up some hairy Gmail filters to try to weed out the autoresponders (would be nice if Gmail could help out more here).

My email account was also the "catch all" and even that wasn't too bad. And some good email comes in.

The thing that is astounding is that these companies otherwise spend millions of dollars to try to talk to these very same customers. Unbelievable.

9
jwilliams 3 days ago 0 replies      
Couldn't agree with this more. A big part of putting a service out there is getting in touch with your users and potential users.

If a user wants to engage/communicate with you, then you should be making it as easy as possible (Generally true, but particularly for an early-stage startup). The noreply seems brain-dead in this light.

10
eli 3 days ago 1 reply      
I used to monitor the reply address for a newsletter list with ~250,000 people on it. At this scale, a simple filter on "out of office" in the subject line really doesn't cut it.

To do it right, it's easily a full time job (and not a very fun one). "Noreply" addresses are bad for customers, but that doesn't mean they're always the wrong choice. As others have mentioned, it's better to bounce a reply than to accept it but not dedicate the resources to deal with it efficiently.

11
ZoFreX 3 days ago 0 replies      
> Some people have pointed out (fairly) that by not using noreply, you open yourself up to autoresponders and delivery failure notices. My response to that would be to go with an email address like friendlyrobot, which, when somebody replies to it, replies with a friendly helpful message explaining that nobody checks this address, and offering other addresses to contact.

Does this not run the risk of ending up in a loop?

12
moeffju 3 days ago 0 replies      
Can't you solve the autoresponder problem by setting the correct Envelope headers? Bounces and automatic responders would go to noreply, actual people pressing reply would each you. Our am I too naive in assuming reasonably well-written autoresponders that know the RfC..?
13
FaceKicker 3 days ago 1 reply      
> Hey asshole, what if I want to reply?

> What's that? You don't want crazies emailing you? You're worried about spam?

Based on these lines, it seems like you're misunderstanding what "noreply@" means... They're not saying it's against the "rules" to reply, they're just saying nobody is monitoring the mailbox so it would be a waste of your time to do so. It's almost a courtesy, really...

14
freejack 3 days ago 0 replies      
I hate noreply as well, at least as it relates to paying customers. At Hover, we switched to a policy of using help@hover.com for the default reply-to on all mailers and it works quite well. Zendesk and our mail system do a great job of filtering out the automated messages and bounce backs and a human being gets the rest. The remainder are usually full of opportunity for us. Consider this Startups - every time you use no reply, you are throwing away an opportunity to solidify a relationship with a customer or potential customer.
15
pornel 3 days ago 0 replies      
If you don't want to deal with e-mails as such and prefer that people contact you via a web form (hooked to some CRM), then add this to /etc/aliases:

     yes-reply "|/your/script/that/reads/email"

It will pipe incoming emails straight to a script that can decode and file them appropriately.

16
EiZei 3 days ago 0 replies      
I think the worst example I have come across of this is my employers e-invoice operator's support email address they use to dispatch error messages from. The error messages (which tend to be fairly huge) have a small disclaimer saying that they wont answer any emails and that you must call a support number that costs almost two Euros a minute. The worst bit however is that the address itself is support@einvoiceoperatorsname.com, how much do they hate their customers?
17
evanhamilton 3 days ago 1 reply      
I agree 1080% about letting your customers easily contact you. That said, I think you completely missed why this terrible practice came about:

1) When dealing with a lot of automated emails, you get a lot of automated responses like out-of-office messages and failure notices (I know others have mentioned this).
2) Many companies have a support process that doesn't take place in email, because email doesn't scale very well.

So rather than just open up your inbox to thousands of junk messages and customer inquiries that you lose in the shuffle, I'd amend your call to action:

Get rid of the no-reply. Set a reply-to that goes into your support ticket system (you have one, right?). Set up rules/filters to automatically get rid of the auto-cruft and route responses to different mailings to the right place.

With that addition, I say: hear hear! Commit to listening to your customers and banish the reply-to! I know our team is going to after reading this.

18
mkolodny 3 days ago 0 replies      
I generally read 'noreply' as, "Here is something useful. And, we're not asking you for anything in return."

'noreply's are usually something you chose to receive. They're a service.

That's not to say that feedback should be discouraged. Just that, unlike the great majority of startup email, something is being given instead of requested.

19
taybenlor 3 days ago 1 reply      
Over at http://halftoneapp.com we use speak@halftoneapp.com
20
Shabby_Chic 3 days ago 0 replies      
I hate seeing that evil no-reply email address. Completely agree that if companies want to better understand their customers, they need to leave the communication door open and allow candid responses to freely flow.
21
Limes102 3 days ago 0 replies      
I have a tiny company, and any automated emails always have written at the bottom "If you have any questions, simply reply to this email"

People are always slightly surprised by it, in a good way.

22
jorgeortiz85 3 days ago 1 reply      
I hope you're volunteering for Facebook to use your email as their return address on everything.
23
se1sm 3 days ago 1 reply      
How many legit businesses would not include a return postal address on their snail mail? Why do people expect customers to go to their home page and look for a contact form? Joss has a point.
24
Sym3tri 3 days ago 0 replies      
What's funny is that many of these same companies will later spam users with surveys to illicit feedback.
25
oh_no_my_eyes 3 days ago 0 replies      
jesus. get a grip. its a stupid bot email. if thats the only way you can communicate with your users is through their hitting reply to an obvious no-reply email then you've got other problems.
26
d2 3 days ago 1 reply      
Hey. Genius. Some of us send over a million emails a week as a free service to users who are happy to hear from us. We just can't afford to check the damn inbox for that many people, so noreply makes it clear. Don't fucking reply because if we had to pay an agony auntie on the other end to feel your pain, the service wouldn't be free.
27
dreww 3 days ago 4 replies      
I don't understand why this has become a trendy pet peeve to have now, at least 5 years after email ceased to be a relevant form of communication. If you care about email, you've already lost.

Overuse of automated out-of-office respondes does far more damage to the medium.

19
Use Jonathan's card to buy yourself an iPad odio.com
228 points by Sam_Odio  2 days ago   230 comments top 60
1
Udo 2 days ago  replies      
So essentially you're proud of stealing huge amounts of money from a fund set up by people for a specific purpose, and then you channel this money to suit your own needs while claiming moral superiority?

You know, even if the money you stole for "the little children OMG think of the children" really reaches the intended recipients, which it probably won't if this is a typical 3rd world development fund, you still betrayed everybody's trust and you're actually proud of it.

Sam Odio is either the worst kind of stealing hypocrite out there, or he's genuinely living in a cardboard box under a bridge giving all his money away to charity. I think I can guess which one is the case.

I apologize for the tone of this post, but the sheer amount of arrogant jerkiness on display here actually makes me angry; and that's saying something.

On the plus side, I suppose now we know who kept on abusing the card (people were wondering in other threads).

2
sequoia 2 days ago  replies      
"Or am I alone in thinking that helping a stranger find their next caffeine fix is not what we should be worried about in today's world?"

sigh This is such a silly, stupid point to make:

Buying an iPad? What about world hunger!? Going to the movies? What about the modern slave trade!? Painting a picture? Women in Sudanese refugee camps can't go to the bathroom at night without fear of rape, and here you painting a picture. The way you take your privilege for granted makes me sick, you selfish bastard!!!!

Yes there are problems in the world. Does this mean no one is allowed to do anything frivolous until they are all solved? In my opinion, no.

Get off your high horse, OP.

EDIT: Neat project tho! Took the originator's project in a new, unexpected direction, which makes it even more interesting. Kudos!

3
blhack 2 days ago 1 reply      
God I hate this mentality.

Yeah, you can exploit this, but are you doing anything fun or interesting by it?

I live in a community that has a lot of cyclists in it. If I'm at home, I tend to spend a lot of time on my front porch working on my bikes with my friends. Most of them know that I keep some tools slightly "hidden" there, and I've told all of my friends that they're welcome to come over and use them if I'm ever not there.

Could they steal these tools?

Yep.

Would they would demonstrating some OMG SECURITY HOLE in my "Ryan's Porch" scheme?

No. They'd be acting like assholes, which is exactly what this guy is doing.

I'm an amateur locksmith. I usually keep a half diamond pick and a torsion wrench in my car, and sometimes I even carry it in my pocket. Could I steal half of the bikes locked up across the street from my house?

Could I break into buildings and steal things from them?

What if I donated the money to poor people?!

Sam Odio, you're being a jerk here. Knock it off.

4
lotharbot 2 days ago 0 replies      
What I find most interesting about this is Sam's comments in the previous thread:

1) Claimed that a large purchase was him buying food for two homeless guys:
http://news.ycombinator.com/item?id=2857712

Sam, is this true? Did you actually buy food for some homeless guys (and then later decide on this strategy), or was this cover for your experiment?

2) in response to a comment about the card being ripe for abuse, he said the balance seemed to be holding at a low and steady value, and "That would imply that the card is currently being used as intended."
http://news.ycombinator.com/item?id=2858511

Interesting, then, that he's most definitely not using the card as intended. An "edgy/controversial twist" for sure.

5
epenn 2 days ago 1 reply      
Since I don't find the idea of yuppies buying yuppies coffees very interesting I decided to mix things up a bit.

OP/Sam, I understand that you believe there are worse problems in the world. I have no doubt that you are correct. However, this does not change the fact that your own social experiment amounts to you taking advantage of the good will of those who contributed to the Starbucks card by stealing from them. Contributing the money to a charity afterwards does not change this fact.

You are not Robin Hood stealing from a corrupt Sheriff of Nottingham. So please don't act like it.

6
aneth 2 days ago 2 replies      
This seems like an unauthorized use of the card and could be criminal theft. If I give you my stored value card to buy coffee and you instead steal all the money, it doesn't matter whether you're donating to charity or disagree with my cause - it's stealing.

Regardless, it's certainly a shitty thing to do.

7
tobtoh 2 days ago 1 reply      
Strip away all the fluff that Sam put in his blog post and what do you have? You have Jonathan's 'take a penny, leave a penny' project. You have Sam who thinks he's very clever by showing how someone can come in and siphon off the pennies and whoa ... spend it on other things.

The amusing thing is Sam thinks he's done something really amazing or insightful. The whole 'donate to charity angle' is just Sam trying to justify his actions and put a veneer of credibility on his uninspiring actions.

8
gregschlom 2 days ago 0 replies      
I personnally never donated anything significant to charity. I haven't tried Jonathan's card either (for lack of time), but if I had, I can picture how I would have felt, and how it would have changed my views on human nature and altruism.

Jonathan's experiment was letting people experience other people's generosity and let that change their minds.

And then Sam comes and ruins everyhting. And he's totally convinced that he's doing the Good Thing.

You're not, Sam. You are destroying an opportunity for people like me to become less individualistic assholes.

9
cssndrx 2 days ago 1 reply      
I'm probably going to get down-voted to hell, but I'm not sure what this counter experiment is trying to prove... we all already knew it is easy to take from Jonathan's card.

When people noticed that money was disappearing off Jonathan's card $100 at a time, most people thought it was an uninformed, karma-less nobody stealing from the card. It is incredible that the transactions are due to some educated do-gooder imposing his beliefs onto the donors of Jonathan's card.

I've read many of Sam's comments before, and respect them as thoughtful and intelligent. However, just because you don't like the idea of "yuppies buying yuppies coffee", doesn't mean that you should try to destroy Jonathan's card. Some people feel good and more connected with others by adding to and taking from Jonathan's card.

By taking money out of the system, you are in effect going against donors wishes and imposing your own beliefs on them. It is almost like taking from the vault of a charity that you dislike and giving the proceeds to your charity of choice. Its less atrocious than pocketing the money and buying an iPad, but obviously still bad.

EDIT: I feel sorry for Jonathan and his good intentions.

10
Cushman 2 days ago 0 replies      
Congratulations. You broke Johnathan's Card. But more than that" I think you made a valuable point.

Lots of people who were exposed, maybe for the first time, to the idea of a stranger doing something nice for them for no reason, and then to the idea that they might then do something nice for a stranger in return, have had that illusion shattered. There is no act so charitable that somebody won't steal from it.

You take money from yuppies to give to charity. The people who run the charity take 10% off the top to pay the bills" they have children too, you know. When the food actually gets on the ground, local warlords come and take half for themselves.

The yuppies still drink coffee, the charity still pays its salaries, the warlords still try to kill each other, and children are still starving to death. The experiment has changed nothing" except that a few of those yuppies maybe believe in the idea of random acts of kindness just a little bit less.

Point well made.

11
tobtoh 2 days ago 1 reply      
Sam has posted on Google+ (https://plus.google.com/113956160418597123621/posts/MAqht3NB...) ... however be aware that I suspect he is deleting posts and blocking people (^) that are critical of him as I posted the following:

"It's not much different to taking money out of the church collection plate and donating it to a charity that you prefer over the churches. Whilst I acknowledge this could be considered an extension of Jonathon's social experiment - it's hardly insightful or clever - you took money from an open fund and spent it. Hardly mind shattering stuff. The whole 'charity versus coffee' justification is little better than the 'think of the children' arguments that are used in similar ways. For the record, I don't think what you did is theft or immoral (it was a social experiment after all), but it was just a lame move that served no purpose and made no point."

... and now it doesn't appear in my stream and i can no longer post on the comment thread.

(^) There is a chance I'm just not understanding how to use G+ and Sam has done nothing of the sort - I only started using it recently.

12
byrneseyeview 2 days ago 0 replies      
Donating money to starving children in Africa well-meaning, but cruel. Life in Africa sucks, and making people live there longer is not a good deed. The West has invested incredible sums of money into Africa, and the result is corruption, violence, and stagnation. They are begging us to stop:

http://www.spiegel.de/international/spiegel/0,1518,363663,00...

I believe that about as strongly as Sam believes that donating to Africa will help (this time is different!). Buuut I wouldn't feel justified in stealing from a charity in order to act on that belief.

13
sequoia 2 days ago 1 reply      
I think I've changed my mind about the project, reading everyone's opinions here. At least sort of.

An analogy: You have some clothes, and you build a little covered rack outside your house on the street and put a sign up that says "clothing swap, takes some for yourself or leave some for someone else." Some people take some clothes and drop some off. THEN some guy comes along and says "this is BS, it's just a bunch of yuppies trading clothes" and proceeds to take all the clothes and bring them to the goodwill, where he believes they'll be put to better use. He does this a few times.

Now, if I were the project founder or a clothing donor (or taker), I would be pretty pissed if someone decided to take all the clothes and give them to Goodwill because s/he thinks "they'll be put to better use" there.

1. There's an ulterior goal here (community building) that is scuttled by you taking all the clothes
2. How do you know I don't give to poverty related charities already
3. I have my reasons for not giving to Goodwill
4. Even if you think it's stupid it's not your decision.

On the other hand, if I leave a pile of dollar bills in a bowl on the street with a sign that says "please take only one," would it be reasonable of me to get upset when someone takes more than one? In my opinion it would not be reasonable. Someone abusing the system was the inevitable conclusion of this experiment. That doesn't make what he's doing "right," per se, but it seems silly to rage about something that was predictable with 100% certainty.

EDIT: downvoter: which part didn't you like? I put a couple of different points in one post (I know, my fault) so I can't tell what you're objecting to. :P Just curious.

14
esmevane 2 days ago 0 replies      
Used to work for Starbucks. We once had a day where all of our customers decided to 'pay it forward', and buy the next person's drinks.

It led to a lot of accounting for me, but the final tally was something in the vein of 800 transactions in an unbroken chain.

The high points involved folks buying $50 or more worth of transactions, down the line. The low points involved people trying to put down $20 and the next person using all of it up on silly frappucinos.

To answer another topic, I think that the assertion here that buying Starbucks coffee for someone else as intrinsically frivolous, when we could be doing something valuable, like perhaps Saving the Children, or Helping Starvation, is itself frivolous.

Helping one another is helping one another, and criticizing how it's done is missing the point altogether. I have to wonder where the utility is in comparing the weight of one charity versus another. It seems pointless.

15
rjett 2 days ago 1 reply      
I find it ironic that the OP, who hacked the experiment to divert funds onto his own card (which are now going to a just cause), is the brother of the person in the original comments thread who was posturing about whether or not the card had been hacked.

http://news.ycombinator.com/item?id=2858120
http://news.ycombinator.com/item?id=2858226

Perhaps Sam made this script well after there was a question as to whether or not the card had been hacked, but if not, this is just funny.

16
flocial 2 days ago 0 replies      
I feel sorry for the moron who thinks he's making a statement with this. The card was a brilliant social experiment regardless of critics claiming it a stealth marketing campaign. People who participated felt good giving whether someone was free-riding. However, this just leaves a bad aftertaste. You ruin it for everyone then pretend it's okay by "donating" money that isn't even yours and killing the experiment then brag about the ordeal. Kudos to you. Bravo indeed.

Having said that I'm not at all surprised by the outcome just didn't expect something like this. Now I'm sure some yuppie wannabe is going to try and score an iPad for themselves.

17
sharjeel 2 days ago 1 reply      
The original post about Jonathan's card Stated that the experiment is inspired by "'take a penny, leave a penny' trays at convenience stores in the US".

Then here is what happened:

People started using the tray, taking them as well as leaving them. Then one day a guy started showing up at the store. He would intermittently dump the tray into his knapsack whenever there were enough pennies. Not only he did this for many days, but later he also proudly publicly announced that how he did it. Since all the people who show up at the store are rich and wealthy, it makes more sense to give that money to poor in some other parts of the world.

If this logic is acceptable then I should be allowed to break apart any petty charity collection box and use the money for the purpose I deem more noble.

18
random42 2 days ago 0 replies      
> "Since _I_ don't find the idea of yuppies buying yuppies coffees very interesting"

Wow, This is some serious sense of entitlement of someone else's money/experiment.

I don't believe in many of people's belief. However its their beliefs and it is Jonathan's (and other donors') social experiment. If you do not agree with its philosophy, don't participate in it, but ruining it would be as senseless as me trying to make a personal mission to harass people on having belief's other than mine.

19
kingofspain 2 days ago 1 reply      
The rich steal stealing from the rich to eventually pass a percentage on to the poor. I'm sure it seemed much more Robin Hood-y at the time.

There are far less scummy ways to do something like this. Game a Bing promotion, take advantage of lax security in some other MegaCorp rewards programme - or gasp use your own money. Mind you, those guys are more likely to sue than a disparate bunch of well-meaning folks.

20
oflannabhra 2 days ago 1 reply      
Great, you donated $600 to kids who really needed it. Next time you get the desire to do so, I suggest you build your own crowd-sourced donation scheme, or donate your own money. Either way, you won't be leeching off of other peoples' hard work.
21
napierzaza 2 days ago 0 replies      
Why does a project that's about a minor form of good will always need to be trumped by something else? Like we need to be incessantly reminded that there are starving people for every decision we make in our day to day lives?

It's nice that he's trying to increase the awareness of starving children. But I don't see why he feels he needs to basically destroy the system Jonathan has come up with.

Yes, apparently the one second you were thinking about your own needs, or anyone OTHER than a very poor person, was selfish and horrible. We should all stop buying things, walk out into the street and start screaming at the futility since there are people in the world who are worse off than us.

22
huhtenberg 2 days ago 2 replies      
Another lesson here is to be careful with @font-face styling - http://i55.tinypic.com/1z342ee.png - the whole thing is barely readable on Windows.
23
AndrewWarner 2 days ago 1 reply      
Cached copy of the page: http://bit.ly/pKIoGi
24
pmsaue0 2 days ago 0 replies      
I can't help but feel that this just isn't the right way to go about helping the less fortunate. It's just too underhanded.

Just build something similar that doesn't involve taking advantage of J's Card. Man up.

25
zipstudio 2 days ago 0 replies      
This is clearly theft. What he used the money for is not relevant. The card was put out for a specific use, and this use case was not the intended one. Had he actually bought an iPad, everyone would agree that it's theft. Transferring money between someones else's card and your own with out permission is theft.
26
100k 2 days ago 2 replies      
I'm Starbucks illiterate. How did they transfer the value from Jonathan's card to theirs?
27
johndoe12 1 day ago 0 replies      
This is the same Sam Odio that had a scam Iraqi Dinar exchange...

http://www.youtube.com/watch?v=Lcq2LXSAn_U

The service received a cease and desist letter from the government...

http://www.iraqidinarmoney.com/dinar-profits/

Sam Odio seems to exhibit the traits of a sociopath,defined by the American Psychiatric Association's Diagnostic and Statistical Manual as "...a pervasive pattern of disregard for, and violation of, the rights of others that begins in childhood or early adolescence and continues into adulthood.

Why YC supports people like this is beyond me.

28
ltamake 2 days ago 0 replies      
No wonder the card's been empty every time I try to use it (I'm on vacation in the States). People like you steal the money. Fuck you, and fuck your script.
29
mcantor 2 days ago 0 replies      
Mr. Odio lives up to his name. This is a truly odious act.
30
ck2 2 days ago 0 replies      
cache http://google.com/search?strip=1&q=cache:http%3A%2F%2Fsa...

why he's installing memcache for a single-server wordpress I have no clue - just install wp-super-cache and use .htaccess to do rewrites to static files - only way to bypass the (lack of) performance nightmare that is wordpress

31
kcurtin 2 days ago 1 reply      
meh. don't care who you are donating too, its still shitty. get down of your high horse.
32
jokermatt999 2 days ago 1 reply      
I've seen a lot of hostility in this thread to the perceived egotism of this act. I've also seen some people who dislike that the donations were used for something other than their intended purpose. Since my initial reaction was that he's in the right here (accusations of high horse and such aside, I'd rather not go into that), I'm curious to hear people's reasoning on why they dislike this so much. So, some hypotheticals and questions...

1) What if it had been anonymous and "Ego free". Would you feel better about it if it were disconnected from status?

2) Most people would agree that giving to charity is better than giving a coffee (note I said charity, not Africa specifically. There can be some debate over whether aid helps or harms Africa, but I'm less interested in that now). If charity > coffee, why is this such a bad thing?

3) I understand the hostility to statements about "You should be doing charity instead" because there's always an element of hypocrisy to them, but if the statement is divorced from the person, isn't it correct? So why should there be so much hostility when it's put into practice in this case?

I'm not trying to judge anyone for their opinion here, I'm just curious about their reasoning since it differs from my own.

33
nhangen 2 days ago 1 reply      
Yeah, it's cool, but also nefarious, charity or not.
34
thehotdon 2 days ago 0 replies      
Sam is such a great guy. I'm sure he donates all of his earnings to charity and doesn't own a single luxury, so he's definitely qualified to judge how "yuppies" spend their money.

On a slightly darker note: He sure seems proud of himself for donating to a charity that keeps children barely alive, just long enough for them to have more children that no one can provide for. It seems slightly counter-productive to me.

35
Triumvark 2 days ago 1 reply      
Gift cards held by a group are an interesting way to move money around with a little deniability.

If there was an easier way to cash in Starbucks gift cards, Starbucks could take over Western Union.

36
z0r 2 days ago 0 replies      
Jonathan's card, at worst a marketing experiment, at best a means of charity for those who are privileged enough to learn about it and who like to frequent Starbucks, has been subverted to give to the truly poor and needy. Does it leave a bad taste? It might. Truly, a shame. This toy for the well off might now be broken for good. I might have used it, I might have even given to it (in the spirit intended by the creator), and in either case this exploit would not upset me. I don't see why there is so much umbrage present in these comments.
37
dreamdu5t 2 days ago 0 replies      
But I thought everybody giving according to their ability, and taking according to their need would work out just great?
38
davidandgoliath 2 days ago 0 replies      
This Sam Odio guy sounds like an absolute douche.
39
sondh 2 days ago 0 replies      
I don'5 know who is OP but I believe what he did is wrong, both in legal ground and moral ground. Obviously Jonathan didn't allow him and his friends to transfer money off the card, is that enough to sue him? I'm no lawyer but I can't believe that's acceptable. Also, he misused the card + donate other people's money -- what did he think? And one last point, he said they did that many time but he only intended to donate that $600, what about the other attempts? Can we do something, please?
40
aforty 2 days ago 0 replies      
I think Sam/OP should transfer all the money he took back onto Jonathan's card. In small increments of course in order to curb further abuse like what he committed.
41
rickdale 2 days ago 0 replies      
Jonathan's card strikes a good point beyond giving to Yuppies and not those seriously in need. The social implications of this experiment I think shows that people are willing to help others if its relatable and also accessible for them to do so. Besides, I am sure somewhere someone bought a coffee with Jonathons card and then gave it to a hobo
42
AlfaWolph 2 days ago 0 replies      
It was never meant to be an experiment about charity. It was meant to be an experiment about yuppies buying other yuppies coffee. That is it.
43
EGreg 2 days ago 0 replies      
Actually I have an idea which I will implement soon hopefully. It involves a vending machine for the homeless and money donated by people. If you're interested in participating, and have some kind of experience, contact me. http://magarshak.com/contact
44
pavel_lishin 2 days ago 1 reply      
I like the message that replaced 500: "too. much. traffic. Please wait while I install memcache."
45
mattdeboard 2 days ago 0 replies      
gasp

Rich people toying with the emotions of the proletariat? I am truly shocked that such a thing happens in America!

46
brosephius 2 days ago 0 replies      
how does this work? is he using stark's card balance to buy a new starbucks card?
47
TranceaddicT 2 days ago 1 reply      
Guess Sam couldn't handle the heat. He cutoff commenting on his G+ thread. Hmmm, could he finally be realizing that he messed up and actually did wire fraud and stole money?
48
ether 2 days ago 0 replies      
So what happens if you steal from a charity and donate it to another charity? Is this cool? Hey it's all for good purpose :)
49
Tutorialzine 2 days ago 0 replies      
Would someone care to explain how is this fundamentally different from the Firesheep experiment a few months back, which was heavily applauded by the community here?
50
yaaqmon 2 days ago 1 reply      
Very interesting experiment on an already interesting experiment.

Would everyone be up in arms if he didn't publish how he did it on his blog and publicly post the code on github and instead used it to buy himself coffee for life?

He saw a "flaw" in the system and is publicizing it. Sounds pretty holy to me. Certainly holier than buying yourself a luxury item from an exploiting corporation, meanwhile deluding yourself into thinking you're doing something good for society by donating 5 bucks to said cause.

51
danielodio 2 days ago 0 replies      
Hacking the hack of the hack: @Socialize has paid $625 to @Jonathanscard to promote our SDK Speed Challenge. That's enough for an iPad, @sodio! besoci.al/q2I0QE http://news.ycombinator.com/item?id=2878875
52
jt2190 2 days ago 2 replies      
Jonathan's Card claimed to be a social experiment, but it was never clear to me exactly what the experiment was supposed to test. As an outsider looking at this experiment, the first question I has was: How would he prevent unintended use of the card's funds?

Sam is just part of the experiment. Yes, he's spoiling the good fun of buying coffees for each other, but if it weren't him taking the money, it'd be someone else. At least we still have data on the where most of the money went.

53
heelhook 2 days ago 0 replies      
An alarmingly high number of comments are saying pretty much the same thing, would be great if people writing had something new to say, if not just upvote a well written comment that states your view!
54
jaekwon 2 days ago 0 replies      
wtf
55
Pointsly 2 days ago 0 replies      
I love how his site is now down... I'm sure some one in the HN community is responsible... thank you.
56
ImprovedSilence 2 days ago 0 replies      
I think some people on here took too much offense to his 'holier than thou' attitude. the kid showed off a neat little hack (we're all nerds here) showed it to the world, put the money towards a good cause, and hopefully educated some people about security issues. i think is hilarious, I give sam some props, and I can live another day without free coffee...
57
dreamdu5t 2 days ago 0 replies      
Awesome. What a hack. Can everyone please shutup with their dumb subjective value judgements already? Grow up, these were both fun, benign, experiments.
58
beatpanda 2 days ago 0 replies      
Hi Sam. I know a lot of people are going to talk shit to you about this, but I think what you did was right. You shouldn't have published though. Next time just take the money and run.
59
rrival 2 days ago 3 replies      
Thought this was already revealed as a viral marketing campaign by starbucks:

http://www.coffeestrategies.com/2011/08/08/starbucks-and-the...

Not sure if that means there's more of a reason to exploit it or not, at least Sam's doing it for good =)

60
niels_olson 2 days ago 4 replies      
To all who want to slam on Sam Odio's moral code:

You're seriously arguing that a hack that converts money into fat, caffeinated Americans and corporate profit is better than a hack that hacks that hack to feed the poor? We should be finding more ways to prevent the conversion of money into American fat. In fact: as a doctor, there's my challenge to you: please find ways to catch calories before they land in middle-class American bellies and convert them to some better good.

I know the HN crowd is pretty libertarian, but Sam's behavior is, by definition, thoroughly with the scope of acceptable behavior in a libertarian polity. By the way, Sam's fairly successful startup guy. If you're on HN and not your text editor, you should probably be noting this is how successful entrepreneurs behave, and emulate Sam.

20
Welcome to the Cloud - "Your Apple ID has been disabled." hanselman.com
228 points by darrenkopp  2 days ago   100 comments top 18
1
robflynn 2 days ago 2 replies      
Something similar happened to me a while back. I noticed that several smiley face/emoticon applications had been downloaded using my account. They removed my credit card from my account and drained my iTunes gift card.

Apple caught the problem and e-mailed me to ask if it was me. I told them no. They disabled my account, refunded the gift card money, and asked me to write them once I was satisfied that my computer was secure (just in case it was key-logged [I was not].)

I wrote them back the next day and told them everything was good to go. They enabled my account and I signed in and changed my password.

I didn't lose any of my purchased items and I could have had the account back the same day had I chosen to.

I recall a while back that there were quite a few iTunes accounts that had been compromised. I used a very non-trivial password, too, so I'm rather surprised that mine was one of the compromised accounts. I'm still curious as to how it happened.

2
RexRollman 2 days ago 3 replies      
"We'll never see this fixed until Gruber gets the error."

Awesome.

3
AllenKids 2 days ago 1 reply      
I don't know why he is blaming apple for the security measure. It could be apple's fault that he was hacked, it could be otherwise. Still apple only knew there was a new device using his account, legit or not it didn't know for sure. I have at least 9 iDevices hooked up to my account as of late, on average 3 more each year. And I don't think apple can do much more to validate each and every one of them without being intrusive and annoying.
4
YooLi 2 days ago 1 reply      
I removed my credit card from iTunes a while ago when the first of the "my iTunes account has been stolen" stories was breaking. I just fill the account with iTunes gift cards instead. It's a minor inconvenience to have to keep track of how much gift card credit there is, but the cards are available everywhere in the US (gas stations, Walmart, Walgreens, CVS, etc.) If the account ever does somehow get compromised, the most I lose is the $30 or so I keep in gift card credit.
5
jsz0 2 days ago 1 reply      
How would Apple know about a new iOS device or Mac signing into your iTunes Store account? It learns of the device the first time you successfully login on the device. Besides doing some sort of pre-registration or requiring an iTunes Store ID to simply buy the device there's no easy way around that. They'd also have to end all used/third party sales of Apple products or require resellers to activate every iPad, iPod Touch, iPhone and Mac they're sold. It's completely unrealistic to do a default deny on new devices.
6
taylorbuley 2 days ago 0 replies      
I can see how a data lockdown would be offputting, but I read this as a story about how some algo at Apple stopped a thief from stealing as much as he could have otherwise.

One of the main gripes seems to be that Apple "let this happen" -- but enabling app commerce is what they do. Someone gets ahold of your credit line, they go buy stuff. Best Buy doesn't "let it happen", neither does Visa. After the fact they are just mandated to limit the damage to which you're responsible.

I'm not sure I could tolerate it any other way. Personally, I would not enjoy a system where some human calls me up every time I make an app purchase. I feel Apple's sin of omission is forgivable here and see it as laudable that some software algo that stopped it after $40 bucks or so. I'll be interested to read, however, whether or not Apple holds this gentleman accountable for those purchases and whether or not they fallback onto the credit card provider for damage limits.

7
oflannabhra 2 days ago 1 reply      
Not to be un-empathetic here, but I'm more intrigued by the exploit vector than Apple's initial response to an individual. It's interesting that your account is getting exploited without the password being hacked. Does anyone have more details?
8
DannoHung 1 day ago 0 replies      
I'm confused about something here: This guy gets an email about his account being accessed illegally, and the email's got some problems with it in how it presents the info, okay, sure, Apple should get right on it.

Then we jump to some stuff about his AppleID being disabled? What?

9
sprovoost 1 day ago 0 replies      
It's interesting to look at the companies that are mentioned. Pearl-in-palm is based in Beijing and has been around for seven years [0]. They make games and this one gets great ratings on the English store [1].

But very bad ratings on the Japanese store [2], saying things Google translates as "Amount has been exploited to gain unauthorized access".

Based on this and on anto1ne's comment about Chinese "gift cards" [3], my guess is that the company is legit and that someone sells iTunes usernames passwords to individual gamers looking for extra points.

There's another company mentioned in these discussions: Kamagame Poker. In fact, if you Google "Kamagame poker chip" the first two hits are people on Apple forums complaining about unauthorized charges. Same phenoma as above: great reviews in the US store, bad reviews in the Japanse store.

Perhaps the Japanese are not interested in these two games, so a larger percentage of their downloads are scam related, while in the US the majority of downloads is legitimate?

So here's an opportunity for some automated detective work:

1 - scrape all applications with in app purchases

2 - scrape US and Japanese reviews

3 - look for rating differentials (and of course terms like 'fraud', 'charge')

Follow up with more manual labor:

1 - where are most of the customers of these apps? (China?)

2 - are these companies related? (I have no reason to suspect these two, but the bigger picture might look different)

[0] http://investing.businessweek.com/research/stocks/private/sn...

[1] http://itunes.apple.com/en/app/id428912410?mt=8

[2] http://itunes.apple.com/en/app/id428912410?mt=8

[3] http://news.ycombinator.com/item?id=2879423

10
reemrevnivek 2 days ago 1 reply      
I got that same email yesterday when I purchased Lion for a computer on which I'd replaced the logic board. The "change your password" suggestion and lack of a fraud reporting mechanism was strange, but I didn't have cause to tell anyone.

Also, the "do_not_reply@apple.com" seems like a strange address for an email like this. It should be "fraud@apple.com" (note: probably doesn't exist) or at least provide a link to the list of phone numbers at http://support.apple.com/kb/HE57 or the online support system at https://expresslane.apple.com/.

Unfortunately, the conclusion of this rather long thread: https://discussions.apple.com/thread/2178698?start=0&tst... seems to be that Apple isn't legally liable for this, and that you need to take it up with your bank.

11
dasil003 2 days ago 1 reply      
Since this apparently came from China, has anyone considered the possibility that it could be an inside exploit?
12
jonknee 2 days ago 0 replies      
I had a friend receive an email thanking him for his gift card purchase (that he didn't make). Even more strange, it was a different name and not on his credit card, but apparently from his account. There's a ton of iTunes Store fraud out there.
13
sprovoost 1 day ago 1 reply      
Based on his story, I would guess that:

1 - someone got their hands on Apple's private encryption keys

2 - some got their hands on a list of Apple id's or device UDID's

3 - Apple knows this, but wants to fix the problem behind the scenes and keep it under the radar.

My memory of Apple's in App Purchase system is a bit rusty, but my guess is a combination of 1 and 2 is enough to cheat it into buying products on someone else's behalf.

Then again, it could also just be a reused password.

14
cmsj 2 days ago 2 replies      
Note the comment about credit card security codes. This dude is all the way hacked.
15
radicalbyte 2 days ago 1 reply      
Given Apple's security practises are more Microsoft-2001 than Microsoft-2011, I'd hazard a guess that there's some sort of 0-day exploit hitting iOS devices themselves.

Scott's not dumb though to fly without antivirus/firewalls on his own PCs.

Your iPad/iPhone, on the other hand, are almost certainly running no antivirus and no firewall. Because who needs such inconveniences, eh?

16
alexyoung 2 days ago 0 replies      
There seems to be other people talking about unauthorised purchases:

https://discussions.apple.com/thread/3031164?start=45&ts...

17
anto1ne 2 days ago 1 reply      
Well, his account was probably sold in china, it's common (at least it still was a few months ago) on taobao (the chinese ebay), they sell you "gift cards" to be used within 12h after purchase, it's in fact accounts. I guess that's why Apple started to ask CCV for purchases.

There's also a practice in China to use apps as a kind of fraud, or maybe money laundering. I've seen once a chinese wallpaper app, with each wallpaper for sale at $99, making thousands on the appstore.. when you think about it, it's easy to post an wallpaper app, set the price, and you get money through Apple, without any traces.

What I really hate about all this is that Apple still force you (or make it very difficult not to) to have a CC linked to your itunes account, even though you plan to never buy anything.

18
shanselman 2 days ago 1 reply      
OK, let's make this a movement. Tell me your stories: http://myappleidhasbeendisabled.tumblr.com
21
Algorithms to enhance or transform images scriptol.com
224 points by scriptproof  2 days ago   38 comments top 12
1
bignoggins 2 days ago 0 replies      
Some of these (esp beautify) would make great 99c iphone apps
2
gregschlom 2 days ago 1 reply      
A discussion on the pixel art scaling algorithms was going on here, if you're interested in them: http://news.ycombinator.com/item?id=2034690
3
joblessjunkie 2 days ago 0 replies      
...or, a disorganized regurgitation of papers that have been posted to HN several times in the past.

I know it's tiresome to complain about reposts, but can we at least not link to cut-and-paste content farms?

4
adpowers 2 days ago 1 reply      
I'm surprised content aware image resizing didn't make the list. It is a few years old but still pretty neat:

http://www.youtube.com/watch?v=qadw0BRKeMk

5
niels_bom 2 days ago 1 reply      
The "remove an object" image transformation reminds me of the Photoshop new feature "content-aware fill" featured here: http://youtu.be/NH0aEp1oDOI?t=3m33s
6
bengarvey 2 days ago 2 replies      
I was about to call BS on a few of these, but then clicked through to the detailed explanations and I'm pretty damn impressed. Colorization technique and UI is pretty slick.
7
joshu 1 day ago 0 replies      
this appears to be blogspam.
8
jonmc12 2 days ago 0 replies      
A software service with an API that performs these transformations would be amazing.
9
joeyespo 2 days ago 0 replies      
Even though I've interned in the field of image processing (and actually understood the math after a while!), the emerging results never cease to amaze me.
10
wmat 2 days ago 3 replies      
The 'beautify a face' transformation should be renamed 'normalize a face' or something slightly less subjective then beauty. Although, I suppose 'normalize' isn't any less subjective. Suggestions? Perhaps 'standardize' or 'anglicize' or 'fashionize'?
11
pavel_lishin 2 days ago 0 replies      
The face beautification looks like two entirely different faces.
12
lhnz 2 days ago 0 replies      
Some of these are quite cool, particularly the beautification algorithm. But where can these algorithms be found...?
22
The Shapes of CSS css-tricks.com
206 points by tilt  2 days ago   35 comments top 11
1
pilif 2 days ago 4 replies      
The moment your code begins to look like this

   -webkit-transform: rotate(-70deg);
-moz-transform: rotate(-70deg);
-ms-transform: rotate(-70deg);
-o-transform: rotate(-70deg);

you know that it's time to either drop the vendor prefix or to hope that there will not be another browser vendor implementing the exact same functionality and again protect it behind a prefix.

I know that technically, the transform specs are not finalized, but considering this kind of consensus (even IE seems to agree), would it even be wise to change the spec again?

2
ck2 2 days ago 1 reply      
They had me at the heart but then the infinity blew my mind.

For the record it works in what's now the "old" Firefox 3.6 (Firefox 6 final is out in 4 days)

Everything made of triangles works in IE8 (ie. star and pentagon work).

Unfortunately IE6 does not support background:transparent but if you know what solid background color you do want, you can fake it.

If I remember correctly there is also a way to fake the transparency in IE6 with a chromakey and filter. You basically make the parts you want transparent a crazy color like bright pink and then have the filter make that color transparent. Almost not worth the effort anymore though.

3
genieyclo 2 days ago 3 replies      
How much money would HN save in bandwidth from changing the voting arrow images grayarrow.gif and graydown.gif (both 111b) to two small triangles in CSS as shown in this story? Or would it cost them more to even change to the css-style arrows? Also -- correct me if I'm wrong here -- why doesn't HN use one sprite image instead of serving up the images everytime separately for each story and comment? Probably because it's cached the two small arrows from the beginning so there's very little resources used anyways?
4
jsavimbi 2 days ago 2 replies      
Just one more thing to take away from photoshoppers. If you're a visual designer, I'd start learning to code.
5
bruceboughton 2 days ago 4 replies      
Can anyone explain the infinity sign? I can follow all of the other shapes.
6
lean 2 days ago 2 replies      
Can someone explain the triangles?

I see what their doing, but why does it make the triangle shape? Shouldn't it just render as a square with different sized rectangular borders?

7
doctoboggan 2 days ago 1 reply      
Do the people who come up with this syntax spend their whole lives trying to make it as unintuitive as possible?
8
wslh 2 days ago 0 replies      
It reminds me about the importance of knowing geometry :-)
9
tambourine_man 2 days ago 0 replies      
The infinite shape is quite clever.

What I'd like to see is proper anti-aliasing. I'm obsessive enough that it prevents me from using CSS in such cases.

10
pointyhat 2 days ago 0 replies      
Quote astonished to see that this works in IE9 (apart from parallelogram).
11
Raticide 1 day ago 0 replies      
Isn't this what SVG is for?
23
Ask HN: Help, I think Amazon is stealing my ebook amazon.com
206 points by latch  2 days ago   53 comments top 19
1
Cushman 2 days ago 3 replies      
For what it's worth, it's not Amazon, but a highly scammy-seeming Amazon merchant: http://www.amazon.com/gp/help/seller/at-a-glance.html?ie=UTF... "Amazon Digital Services, Inc. US")

It's hard to believe Amazon lets merchants have "Amazon" in their name, but there it is.

If you don't get a reply from someone at AZ in a timely manner, I imagine you could go ahead and file a DMCA takedown as the copyright owner. They're making your copyrighted material available for download without your permission" This is exactly what it's for.

2
michael_dorfman 2 days ago 2 replies      
I see that you've released the book using the Creative Commons "Attribution-NonCommercial-ShareAlike 3.0 Unported" license, so it looks like Amazon is clearly in error here. Have you contacted them according to the instructions here? http://www.amazon.com/gp/help/customer/display.html/102-5493...

There's a telephone number there-- I imagine you should be able to get this cleared up quickly.

3
latch 2 days ago 1 reply      
I should have pointed out that on the 6th of august I sent a DMCA takedown notice to copyright@amazon.com (the address they have registered for such complaints) and haven't heard anything since.
4
ColinWright 2 days ago 2 replies      
Perhaps take this under advisement ...

You might want to consider creating a blog post outlining carefully the situation, the steps you've taken, and the responses you've had. Be careful to state only what you have concrete evidence for, and/or mark very clearly bits that are supposition or deductions.

Mark things clearly with the date and time - make your records of the progress (or otherwise) public. After a few days, start to publicize the page.

Be visible.

When the whole episode is over you will have a documented story of your interaction with Amazon - this could be priceless to those that follow.

5
wiredfool 2 days ago 1 reply      
You're not the only one, it's been noticed before by a bunch of SFF writers here: http://nielsenhayden.com/makinglight/archives/012933.html

Includes suggestions to file DCMA takedowns, and generally how much amazon doesn't care.

I wonder, in idle speculation, if a three strikes law would remove their internet connection for three instances of trying to sell a copyrighted work where they don't have a license to distribute it.

6
svec 2 days ago 1 reply      
Notice and Procedure for Making Claims of Copyright Infringement

If you believe that your work has been copied in a way that constitutes copyright infringement, please provide Amazon.com's copyright agent the written information specified below. Please note that this procedure is exclusively for notifying Amazon that your copyrighted material has been infringed.

    An electronic or physical signature of the person authorized to act on behalf of the owner of the copyright interest;
A description of the copyrighted work that you claim has been infringed upon;
A description of where the material that you claim is infringing is located on the site, including the auction ID number, if applicable;
Your address, telephone number, and e-mail address;
A statement by you that you have a good-faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law;
A statement by you, made under penalty of perjury, that the above information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner's behalf.

Amazon.com's Copyright Agent for notice of claims of copyright infringement on its site can be reached as follows:

    Copyright Agent 
Amazon.com Legal Department
P.O. Box 81226
Seattle, WA 98108
phone: (206) 266-4064
fax: (206) 266-7010
e-mail: copyright@amazon.com

Courier address:
Copyright Agent
Amazon.com Legal Department
410 Terry Avenue North
Seattle, WA 98109-5210
USA

7
mike-cardwell 2 days ago 1 reply      
I assume you've contacted Amazon? Have they responded? A little more info would be useful...
8
dmlorenzetti 2 days ago 1 reply      
This happened with a report my research group put out. The work was paid for by the U.S. government, and posted free on our web site.

Some publisher downloaded it, slapped on an ugly cover, and started selling it on Amazon.

We talked about whether to do anything about it, but in the end decided not to. At this point, the details are a little hazy, but it was some combination of "meh", "we did the research on the public behalf, so as long as the information is available, we're happy", and "our legal advisor says it would cost more to pursue than this rinky-dink report can justify".

PDF of the work in question:
http://securebuildings.lbl.gov/images/BldgAdvice.pdf

9
Nutella2 2 days ago 0 replies      
I just looked at the Amazon sale page and saw it had one review from the author saying that he is the copyright holder, then refreshed the page and the review was gone.

So it seems that Amazon is aware of the problem and is deliberately continuing to distribute his book while concealing any information about the copyright challenge.

10
MrKurtHaeusler 2 days ago 1 reply      
I read this e-book when it first came out. It is excellent. Probably the best thing I read that year.
11
taude 2 days ago 0 replies      
Great book, read it awhile ago. As you've probably figured out, there's been a lot of articles written about content publisher spam and content harvesting...

Seems like Amazon needs to get their systems together to deal with this stuff quicker, much like YouTube.com.

12
giddas 2 days ago 1 reply      
Hmm is this also happening with Learn Python The Hard Way?

http://learnpythonthehardway.org/

Available for Kindle on Amazon but no mention on the official site?

13
jvanderwal 2 days ago 0 replies      
Looks like this is a common problem and Amazon's starting to take it seriously: http://bits.blogs.nytimes.com/2011/08/12/amazon-cracks-down-...
14
ltamake 2 days ago 0 replies      
Send Amazon a DMCA takedown notice and alert the seller as well.
15
mathattack 2 days ago 1 reply      
Perhaps you could sell a 99 cents version on Amazon?
16
shinji97 2 days ago 0 replies      
i dont think they will sell anyway...
out of the 16 feedbacks they have received... 63% are negative...
17
mathattack 1 day ago 0 replies      
The link is now dead. I think that means you succeeded!
18
damoncali 2 days ago 1 reply      
Great promotion opportunity. Run with it.
19
sgt 2 days ago 0 replies      
Great, ordered it!
24
C++ 11 Approved herbsutter.com
192 points by feydr  1 day ago   68 comments top 7
1
Animus7 1 day ago 5 replies      
Awesome! I've been looking forward to the day I'm no longer relying on "experimental" C++0x support! Here's a smaller tl;dr for those who want it:

-foreach loop

-first-class rvalue ("temporary") types

-lambda functions + closures

-implicit typing (auto keyword)

-decltype(), getting "declared type" of any expression

-variadic ... templates

-expanded STL -- incl. threading and RNG's

-construction from C-style initializer list

-Unicode literals

-enum class that doesn't auto-decay to int, enums with configurable base type

-explicit strong nullptr constant; no more NULL macro nonsense

The rest of the stuff is (in my opinion) less general/noteworthy.

2
malkia 1 day ago 2 replies      
I wonder why the C++ body does not consider things like reflection/introspection more important than the stuff they came up with.

All that is needed is just an (optional, like RTTI) way to simply explain in binary format as part of the genereated binary information related to structures, types, functions, global variables, etc.

For example GUI in some external format (json, xml, do not matter) that has it's signals/actions/events encoded as simple names, where at runtime you can map them to actual C++ code (Objective C has it, Java I think, .NET, etc.)

This would reduce the time writing serializers, deserializers, and such. Make it optional (again like RTTI or exceptions) - but make it there for machines which can afford it (PC, Unix, OSX, and even mobile devices).

Why this is important? You would find 100+ libraries trying to solve this simple problem in plethora of weird ways - such as gcc-xml, OpenC++ parser, boost, etc, etc, etc.

And better preprocessor.

3
huhtenberg 1 day ago 1 reply      
So

  decltype

instead

  typeof

Damn... though not really surprising. To me this exemplifies C++ - it does reasonable things, but in that slightly ass-backwards way that makes it annoying... like a light switch that is installed upside down.

4
5hoom 1 day ago 1 reply      
I say this is great news.
A lot of the new stuff really does make C++ both nicer to use and a good deal safer, and it will be interesting to see more boost-y style of C++ become widespread.

Also glad they waited and went with C++ 11, and not C++0x which sounds like a l337 speak swearword.

5
t413 1 day ago 0 replies      
For those who are curious: http://en.wikipedia.org/wiki/C%2B%2B0x

Huge page though, needs a tl;dr of changes.

6
ilitirit 1 day ago 1 reply      
When will we see compiler support?
7
shuaib 1 day ago 2 replies      
Waiting for TC++PL 4th Ed. now.
25
Facebook Wins “Worst API” in Developer Survey techcrunch.com
185 points by Andrex  3 days ago   49 comments top 27
1
jgilliam 3 days ago 1 reply      
I wonder if there is a way to calculate the total cost of lost developer productivity due to Facebook bugs, changes, and bad documentation. I swear I spend way too much of my time dealing with it, and it sounds like everyone else does too.
2
klochner 3 days ago 3 replies      
The biggest problem I've found with the facebook api is their sloppiness in documentation - they often have multiple conflicting versions of api documentation online, with no structured versioning in place.

Several times I've seen functionality removed with nothing in the documentation indicating what had changed.

3
terhechte 3 days ago 0 replies      
I'm the developer of Clarity, a Facebook Client for the Mac (http://www.clarity-app.com), and yes, the Facebook API is the worst I've ever had to use. Words fail me to explain how bad it is.
4
MattKelly 3 days ago 2 replies      
Hey everyone, I'm a partner engineer at Facebook. I posted a response on TechCrunch, where I originally read about this study. Here's a link to my reply: http://techcrunch.com/2011/08/11/facebook-wins-worst-api-in-...

In short, we're working hard and making strides, but we have a lot of work to do. We love hearing feedback"keep giving it to us. It keeps us hungry to make things better.

5
thestranger 3 days ago 3 replies      
As the article mentions, a lot of the rankings seem to be influenced by the popularity of the service. Twitter and Facebook are going to have more complaints simply due to the fact that more people use them.

Twitter in particular has a very good API, I have never used Digg's, LinkedIn's, or Paypal's, but I doubt very much they are better documented and easier to use than Twitter's. (I have had some problems with Facebook's API, so perhaps it is deserving of its title.)

A better way to run this survey would be to only allow people who have actually used all the API's to vote. It would be difficult in my opinion to vote for an API as the worst with no basis of comparison.

6
bryanh 3 days ago 0 replies      
Well, it would be nice if they kept it up more often. In my experience with Facebook, they have a severe problem with maintaining uptime. Facebook is synonymous with breakage for me.

http://api-status.com/6404/50042/Facebook-Graph-API

7
dasil003 3 days ago 2 replies      
Actually the Facebook API has been pretty impressive functionality-wise, over the years. At the initial launch in '07 I remember being blown away by how much you could do with it (FQL, FBML, etc). It was an order of magnitude more impressive than any web API at the time.

The big problem has always been stability as they have continuously developed it and deprecated and removed things at a breakneck pace. The documentation never kept up, and there was a lot of breakage along the way.

I still think this was the right decision for Facebook at the time. They had a lot of growth to do, and were plowing into new territory. It was more important to grow quickly and push greenfield developers in the right direction than to satisfy the long-time developers who were always smaller in number than the incoming batch.

Now, however, Facebook has hit an inflection point in growth, and I think they need to adjust their culture to serve developers and existing users better. I believe Facebook has found the core of what it is, and should now be building new functionality around that core and stabilizing it in order to maximize lock-in rather than breaking shit all the time and just asking people to migrate over the greener pastures. Of course that's just my frustrated developer perspective, it's probably not in Facebook's let alone Zuckerberg's DNA.

8
mootothemax 3 days ago 0 replies      
A survey of over 100 developers

Whilst I'm no fan of Facebook development, this survey doesn't seem to be that fair: one of the graphics it says it received 135 answers in total, 19 of which named Facebook's API. That's not many answers...

9
enjo 3 days ago 0 replies      
It's a well earned honor. Microsoft Adcenter is a close second, particularly if you believe their assertion that a REST api actually exists.
10
dheerosaur 3 days ago 0 replies      
A few days ago, all our Graph API calls used to return errors. The error wasn't very verbose. It was a JSON object saying "Something was wrong". After pulling our hairs for some time, we realized that they removed the trailing slashes from the URLs. They are back with both forms(with and without trailing slash) now. But, it really wasted a lot of time because the error wasn't clear and the code needed changes.
11
eugenejen 3 days ago 0 replies      
After I saw the pie chart, I am wondering the proportion in the chart corresponds to usages of APIs.

So in fact, it is not Facebook API is the worst API but it is most widely used API. And this also shows how much power Facebook has now due to its tremendous data relevant to an internet users.

12
corin_ 3 days ago 0 replies      
I'm not sure that "they have shut down" should count against Google's APIs... because the ones that shut down are no longer Google APIs. Sure, count it against Google's services that not all of them have APIs.
13
blhack 3 days ago 0 replies      
There have been a few things that facebook has done that have been annoying, but...worst? Is everything else really that much better?

Honestly the only thing I've noticed that has made me mad was that they started requiring a permission called "group_access" to view what are normally publicly available groups.

To be honest, I actually like the graph API. I think it's really intuitive, and it make perfect sense to me.

If I had to say "worst", I'd probably pick grooveshark, or twitter.

14
clscott 3 days ago 0 replies      
I'm not surprised. After serving as a maintainer of both the main perl client side api (http://search.cpan.org/dist/WWW-Facebook-API) and one production application I have to say the Facebook platform sucked[1] for its instability, lack of regression testing, lack of roadmap for new feature or fixes for major bugs and lack of a testing framework for client apis.

Now, this was 2 and 3 years ago they may have cleaned up the mess since but I don't think so after poking my head in a time of two over the last few months.

[1] It sucked to worked with but was an undeniable success for them and those that we able to dedicate the resources to keep up to the constant churn and downtime

15
padobson 2 days ago 0 replies      
Twitter and Google both have excellent APIs. Twitter's API is helped a great deal by every client built by Twitter is also built on the Twitter API.

Google's APIs, in my experience, have great documentation and an excellent learning curve. Want to do something simple? Well here's code that does that. Want to do a medium challenge? Use that code and this documentation to expand it - often projects can gain sophistication quickly with only tweaks here and there.

There's no doubt the Facebook API is terrible. You have to read several pages of text and answer a bunch of obtuse questions just to get your app registered. Then you have to deal with the oft mentioned documentation problems. The biggest problem I see is that its so hard to develop for, no one has built any decent third party libraries - as opposed to Twitter which has a ton of excellent libraries for interfacing with your favorite language.

I can't help but wonder if all of this is done on purpose. It seems to me that Facebook doesn't want anyone to be able to make as much money as them developing on their network, so they make it impossible. If there was a better API, there might be 10 Zyngas by now.

16
pan69 3 days ago 0 replies      
Since recently when I'm asked to do Facebook apps I explain to my clients I need to charge them a Facebook tax. I can easily spend 50% of my time building a Facebook app on dealing with Facebook API issues.
17
jscheel 2 days ago 0 replies      
A few months after Facebook announced "Operation Developer Love (http://developers.facebook.com/blog/post/417/), I reported a bug I had found in the API. Their first response was to tell me I didn't know what I was talking about, and that is was functioning fine. After explaining myself better, they finally admitted it was a bug... and promptly informed me they would be marking it as WONTFIX because they didn't feel like addressing it at the time. Lost two days of work because of that bug, and they don't want to fix it... that's love for you. Here's the bug report for reference (I may have gotten just a bit testy, but still, it was pretty frustrating) http://bugs.developers.facebook.net/show_bug.cgi?id=16856
18
fredBuddemeyer 3 days ago 0 replies      
can someone from fb respond to this? the biggest problem is communication and this discussion is a lot like when you look for help w the api - lots of commiseration without a peep from the people responsible.
19
cmurdock 3 days ago 1 reply      
I had a brief experience with using Facebook's API last year. It was absolutely horrible. Documentation in the Wiki of features that no longer existed. Features that would just break with little or no explanation. Maybe it's improved since then but I would never try and use it again unless I absolutely had to.
20
ianso 2 days ago 0 replies      
I think the AWS team at Amazon should break open a bottle of champagne and congratulate themselves for not being anywhere on this list. AWS lives and dies by its API, and they've done a very good job of it.
21
AntiFreeze 3 days ago 0 replies      
The original post is here: http://news.ycombinator.com/item?id=2873040

We weren't trying to bash on Facebook at all (and the survey had nothing to do with which services people liked/disliked).

Our main point was simply that the developer community really seems poorly served by the API players. And that rings true, scientific survey or not.

But clearly there were lots of things wrong with our initial survey (poor questions, limited sample size, etc.), but we'd very much like to run another survey and address theses issues as well as possible.

So please, chime in and let us know how we can take this up a few notches.

22
fnl 3 days ago 0 replies      
OK, so the Facebook API is probably (one of) the most used API nowadays, maybe even before Google APIs. Assuming out of N developers each has the same chance of "dislike" for some API, it seems to me this pie-chart just nicely shows -roughly- how developers are distributed across APIs. In other words, I don't see how the general distribution of API use [edit]by the surveyed developers[/edit] [del]in the survey[/del] was accounted for.
23
brettnak 3 days ago 0 replies      
I wonder if they've ever done any AVR programming. Why do they insist that each register have a 3 to 4 character name?
24
yariang 2 days ago 0 replies      
"Meanwhile, complaints about Google cited APIs that had been shut down or were missing."

So the quality of Google APIs is based, in part, on missing ones? I am not sure I understand. I can understand that API integration can cost time, and if Google decides to terminate an API project then that work is basically thrown away. But that doesn't reflect on the quality of Google's APIs, it reflects on the flakiness of Google as an API provider.

Also, "voting down" their API quality for not having APIs that the developers want hardly seems fair either.

P.S. Using API so many times in a comment is probably a great start for a tongue-twister.

25
dfguo 3 days ago 0 replies      
Facebook API is terribly documented and the supporting forum is basically dead. They tried to encourage people to use the open graph(deprecating FBML) without a good documentation.
26
jdelsman 3 days ago 0 replies      
This is like free user testing info for building APIs. Companies should take note, especially ones building APIs right now (like me
27
dualboot 3 days ago 0 replies      
Oh those sweet summer children.
26
The Sad Reality of Post-Mature Optimization yafla.com
184 points by p4bl0  1 day ago   61 comments top 35
1
jarrett 1 day ago 5 replies      
I find that these debates often come down to an either-or proposition: "put off optimization indefinitely" or "optimize to the max the whole way through." But it should never be so black and white. From a business view, both approaches are wrong, as they tend to entail unnecessary costs.

The OP is right that if you completely ignore performance as you code, you'll be doing things so blatantly wrong everywhere that it's difficult or impossible to fix. But, Knuth is right too: It's counterproductive to spend 10 times as long developing version 0.1 just to make sure it's the fastest 0.1 there could possibly be. This is because your early code is likely to change a great deal over the course of the project. You'll refactor, you'll add and remove features, and you'll realize you were wrong about where the bottlenecks are. Much of your early optimization effort will have been wasted.

After much programming experience, including trying both extremes, I've learned that a middle road is the most cost-effecive. The real quote from Knuth, so says Wikipedia, is: "We should forget about small efficiencies, say about 97% of the time: premature optimization is the root of all evil." He's not saying to ignore performance. He's not arguing that you should blindly accept obviously unperformant architectures, such as the OP's example of iterating over a huge array when a hash would clearly be better. He's saying you shouldn't obsess over the "small efficiencies," the time-consuming rewrites of every little, rarely-called function to shave off 5% of execution time. At least not early in a project. I think Knuth would support doing that for a highly mature product, at least in some cases. Indeed, much of Knuth's most well-known work is entirely focused on performance. He's just telling people not to be overzealous.

So how does all this translate into everyday practice? I think a lot of it has to do with instincts and experience, which let you estimate the labor costs and performance benefits of individual optimizations. For example, as a web programmer, this ethos leads to decisions like this:

- I WILL prevent a given method from loading the same database records twice, even if loading them twice is the easy way.
- I WON'T rewrite the SQL that my ORM generates in most cases.
- I WON'T worry about the performance difference between calling an object's instance variable accessor vs reading the instance variable directly.

2
ebiester 1 day ago 2 replies      
I think something is lost in translation. Once upon a time, premature optimization was writing a subroutine in assembly because you "knew it would be slow." Now, people are using ill-fitted data structures and optimizing for developer time in the name of avoiding premature optimization.

These days, with the test suites we have and the highly decoupled architectures we have created, we can profile nearly instantaneously. Put ten million records (or more, depending on your expected volume) in a database and test your code against it. If your test begs for mercy, it isn't premature optimization to fix it.

From a startup's perspective, I understand the idea of failing fast, but getting some buzz and seeing your servers melt down is a good way to fail fast as well.

3
michaelochurch 11 hours ago 0 replies      
My opinion is that an optimization that costs less than a couple of hours of development time, if it doesn't harm code quality, is invariably worth doing. Even if there's no evidence (because the code is being constructed at the time) that this matters from a performance perspective, you should spend the hour or two and get that low-hanging fruit and not worry about it being "premature". If you don't do this when you're in-context, it'll cost an order of magnitude more time later on if the problem is discovered in profiling and needs to be addressed in the future.

When premature optimization is evil is when it damages code aesthetics and maintainability. There is a limit, in performance, to what can be achieved with aesthetically clean code. What awful programmers (who think they're being clever) tend to do is write the ugly, dirty code because it's super-fast, but no one can maintain it and even they don't understand it.

What good programmers do is write clean code on sound fundamentals first, so that people can understand what's going on. Then, if a performance problem's discovered and a certain module needs to be optimized, they put the critical region behind a clean interface and allow the dirtiness (which they document heavily) to be in the implementation.

TL;DR: spend time to make your code performant if it doesn't damage code health; be very cautious about replacing clean code with faster, dirty code.

4
SoftwareMaven 1 day ago 0 replies      
Good software engineering practices (eg using good data structures, using appropriate algorithms, etc) is not optimization.

Software always requires tradeoffs (I don't consider "it does what it is supposed to" a trade off; that's more an invariant). In general, we put human consumption factors (readability, etc) high on the priority list, which is where it should be, usually.

Optimization is taking code with one set of value priorities and making a different set of priorities. Until you hit the real world, though, you won't know which priorities you need to value: is it hard drive throughput, raw processor cycles, or network latency? Regardless, in the end, you will generally have code that is less fit for humans, meaning the cost of maintenance will go up, so you want to ensure you are only optimizing what really needs to be optimized.

If "optimization" means "I didn't think about what data structure to use", you don't have an optimization problem. You have a software engineering problem.

5
zzzeek 1 day ago 0 replies      
there's a difference between non-optimized code and code that's just written by a bonehead. I don't think it's actually more complicated than that.

We of course are all boneheads at one time or another so we should go through our code continuously as we write and refactor it to fix bonehead-isms. But "optimizations", inlinings, making the code harder to read for performance, awkward caching steps that make the code harder to debug, that's always later, once the real world, usages, and data expose what's really important.

6
joe_the_user 1 day ago 4 replies      
"Just as you can't add quality to your code just before shipping, seldom can you significantly improve performance without dramatic rewriting."

That statement struck me as odd and possibly revealing... You should be able to significantly improve performance with a few changes .. in code written enough. Here, the code is modular so a given sort of slow thing should happen in only one place.

But naturally, in poorly written code, you need rewrite to optimize or to improve quality or to change anything else. It makes me wonder which kind of code he's looking at in making his generalizations. I'd agree it is never too early to write good code.

7
_delirium 1 day ago 0 replies      
It might be what kinds of stuff I write (the stuff that's at all performance-sensitive is mostly data-processing algorithms), but I've had reasonably good success with the write-and-then-profile approach, and found myself wasting a lot of time on bad guesses if I tried to optimize things up front. I agree it's also possible to make something a really slow mess that's hard to fix, though.

My current method is to think about performance while writing code, but instead of doing anything particularly clever up front (unless it's easy), just make a comment to myself about potential places for improvements, like "doing the naive scan through the list for now, maybe could do [blah blah]". Then I'll profile later, and in a surprisingly large percentage of these cases, the places I identified for potential performance improvements don't matter, so it's a good thing I didn't bother doing something clever that would've taken more time to write, and been more error-prone.

8
patio11 9 hours ago 0 replies      
Update: A torrent of readers and my meager server's CPU usage sits at a constant <1%. Hardly miraculous " trivial even " but compare it to the countless sites that fall over when they receive any attention at all. When I built this trivial blog engine, largely for a laugh, efficiency was a principal consideration right at the outset, and was an architectural concern with every decision.

Web servers typically don't fall over because PHP or Rails can't hand a whole ten requests a second on a CPU that can do a billion operations a second. They fall over because of a performance optimization written into the default Apache configuration in1996 to increase throughput by ~2%

Death to KeepAlive.

9
icebraining 1 day ago 0 replies      
The quote makes sense in its completeness:

"We should forget about small efficiencies, say about 97% of the time: premature optimization is the root of all evil"

The key expression is "small efficiencies" - choosing the right data structures for any reasonable amount of data is not small.

10
dusklight 1 day ago 1 reply      
The idea behind not optimizing prematurely is there are some optimizations that come at a cost of decreased maintainability/readability. Not prematurely optimizing means choosing to prioritize your code structure to allow no-unexpected-side-effects changes and easy readability by other people, but it is not an excuse to use a O(n^2) algorithm when an O(n) algorithm can be used without cost. You should always be aware of the ballpark O(n) of your code, but in the initial stages of a project you might choose to prioritize other things.
11
mmelin 1 day ago 0 replies      
Everything in moderation. Iterating over a giant array when a hash lookup is the correct approach is not avoiding premature optimization, it is incompetence.
12
maayank 12 hours ago 0 replies      
"Why not iterate a giant array instead of using hashes? Why not use LINQ everywhere, repeatedly and inefficiently filtering a massively excessive superset of the needed data?"

There's not prematurely optimizing and there's criminal neglect.

Sure, if you take the First Year Student™ approach to problem solving then a simple database query and processing might be O(scary) and fail to perform.

Generally speaking though, a few milliseconds away from that clever bitwise operators hack would be fine.

13
amcintyre 1 day ago 1 reply      
From the article: "When performance wasn't a consideration from day one, inefficiency becomes endemic, corrupting every square mibbibyte of the project. Why not iterate a giant array instead of using hashes?"

Spending 5 minutes choosing the right algorithm every time you write a component isn't premature optimization, especially if you know to within an order of magnitude or so what N is. If you have no idea what N is, then go with the simplest implementation that works at the time. (That assumes your design doesn't tie a bunch of internal component decisions together, in which case I must say, "good luck with that.")

In any case, the time to optimize is most likely after you've written some tests to verify the code is correct. I've seen too many cases where people spent a lot of time making something really complicated--and completely untested--run faster, and then later said, "Now how can we make this correct?"

14
mwsherman 1 day ago 0 replies      
In my experience " and this does require experience " you can avoid big problems by simply factoring well. For me, the best proxy for “well-factored” is the least amount of code necessary for a defined task.

If the code is clear, then it's unlikely that performance problems will be expensive to fix. Caching is a good example " most of my methods will allow an “if cache exists” block to be inserted near the beginning in about 5 minutes, when the need arises.

But experience does matter. I've learned that LINQ can be expensive unless you understand a few key behaviors. Knowing the platform very well allows you to not make huge mistakes on a first-pass.

15
cstavish 1 day ago 0 replies      
Bentley's Programming Pearls soundly differentiates solving a problem by taking into consideration all known information (including limitations such as the presence of duplicate values when sorting a massive list of numbers, for example), using the most appropriate data structures and algorithms, etc. from code-tuning.

I mention this because it seems that when people talk about premature optimization, they are generally referring specifically to code-tuning. Thinking about a problem holistically and making smart choices about data structures and algorithms is never premature optimization"those steps are absolutely definitive, while code-tuning can and should be reserved for later in the development process, because it is does not define the solution.

16
TrentS 18 hours ago 0 replies      
Incidentally, I just finished reading Knuth's original article from which his now famous quote originated. If you'll forgive the large copy and paste I think it is insightful to see the quote in context.

The original quote from 'Structured Programming with go to Statements' Computing Surveys, VOL 6, No. 4, December 1974 on page 268 is:

"The improvement in speed from Example 2 to Example 2a is only about 12%, and many people would pronounce that insignificant. The conventional wisdom shared by many of today's software engineers calls for ignoring efficiency in the small; but I believe this is simply an overreaction to the abuses they see being practiced by penny-wise-and-pound-foolish programmers, who can't debug or maintain their "optimized" programs. In established engineering disciplines a 12% improvement, easily obtained, is never considered marginal; and I believe the same viewpoint should prevail in software engineering. Of course I wouldn't bother making such optimizations on a one-shot job, but when it's a question of preparing quality programs, I don't want to restrict myself to tools that deny me such efficiencies.

There is no doubt that the grail of efficiency leads to abuse. Programmers waste enormous amounts of time thinking about, or worrying about, the speed of noncritical parts of their programs, and these attempts at efficiency actually have a strong negative impact when debugging and maintenance are considered. We should forget about small efficiencies, say about 97% of the time: premature optimization is the root of all evil.

Yet we should not pass up our opportunities in that critical 3%. A good programmer will not be lulled into complacency by such reasoning, he will be wise to look carefully at the critical code; but only after that code has been identified. It is often a mistake to make a priori judgments about what parts of a program really critical, since the universal experience of programmers who have been using measurement tools has been that their intuitive guesses fail. After working with such tools for seven years, I've become convinced that all compilers written from now on should be designed to provide all programmers with feedback indicating what parts of their programs are costing the most; indeed, this feedback should be supplied automatically unless it has been specifically turned off."

17
dicroce 9 hours ago 0 replies      
I disagree completely with this.

I have been a paid software engineer for 15 years, and have been writing code since I was 8 years old.

Numerous projects (I would say even the majority) had spots that could be optimized. Don't believe me? Ok, on the video pipeline I have been working on the last few years: When we finally got around to profiling we found that a large chunk of time was spent scanning for H264 start codes... And we immediately saw that if we simply scanned through the buffer the other way, we cut down it's run time dramatically. Or how about the time that the profiling revealed a "hash table" that was, due to a bug, actually a linked list!

Finally, I am tired of working on projects that "optimize" the whole time. The code bases are CRAP. Full of "optimizations" that usually are actually slower, and a nightmare to maintain. Do you know what works better: Concentrate on solving the problem at hand and writing high quality simple code, and don't do anything else.

18
extension 20 hours ago 0 replies      
There is a certain kind of project where you're not sure, at the outset, if what you want to do is even possible due to performance issues. Obviously, that question needs to be answered as early as possible, and so the project is about "optimization" from day one.

A good example is id games -- Quake, Doom, et al. They design games around technology. They need to figure out exactly what the engine can do before anything else.

Phones and tablets are making this sort of project common again as people push the limits of those platforms.

19
herdcall 10 hours ago 0 replies      
The problem is: in a fast-moving startup we rarely have the time/luxury to spend time on optimizing after the fact. IMO your choice will depend on how isolated the optimization task is and how long it will take.

E.g., we're building a healthcare app with Google Web Toolkit on the front and Google App Engine at the back. On the front, I'm creating single instances of each page (e.g., one patient widget instance per patient) right now because changing that model from regular (new instance every time) to singletons after release is prohibitively expensive and risky.

On the other hand, I've postponed server memcache implementations to cache query results on the app server because the APIs are fluid/changing (so it's wasteful to do now), and I can take up all the memcache setups together comfortably after the release. I.e., that task unlike the widget instances is isolated and relatively safe to do.

20
tete 15 hours ago 0 replies      
One really has to think of the WHY behind such idioms. The reason for not beginning to early are that you might not know what the real bottlenecks will be and therefor sacrifice readability and time for finishing an early version, which would actually allow you to have a look on how things work in practice. Usually you want to have some kind of small prototype/proof of concept to follow other idioms, like "release soon, release often" or "small is beautiful".

Also it depends on what you actually do. If you want to create something where you mostly care about performance it's not like you'd start when everything is already finished. Another thing is that such idioms are important to make you a good programmer writing good software which isn't always what you want to do in real life. Often you just care about making money or pleasing your customer/boss.

Think about Sun Tzu. A lot of people in the military read his books. He was very experienced and had a lot of knowledge, still it may be impractical to follow his idioms, even if they are one hundred percent correct in every situation.

I guess the world would be better, if everyone would listen and _always_ follow guidelines, as the UNIX philosophy, but the current situation real word sadly adds a lot of variables which cause you to ignore them.

Or in other words: It all depends.

Or to quote Einstein: All things are relative.

21
jmount 8 hours ago 0 replies      
I like the observation. It is a corollary of Amdahl's law: if every step is slow there is no point optimizing any of them until you can optimize all of them.
22
cpt1138 1 day ago 0 replies      
How would you know the difference between the first chart and the third chart a-priori. Say you saw the third chart and mistook it for the first chart?

Having looked at 10's of profiles using frameworks and seeing the exact same profiles across the applications, can we ignore the framework part of it?

Recently we spent a week profiling an application trying to find a very bad, but very hard to reproduce bug. After a week of profiling, debugging, pouring over logs, etc. It turns out the problem might have been a defective controller on the storage appliance the database was using. How can you know a-priori what you are looking at?

23
njharman 23 hours ago 0 replies      
> Most will say the time to optimize is once you're fairly well along in development.

I call BS. But, if most do say that they are stunningly wrong. The time to optimize is after it is determined that some portion of code is too slow to meet a (non)functional or business requirement.

24
nickzoic 19 hours ago 1 reply      
The problem with postponing optimization is that getting really good performance out of a system sometimes depends on picking a particular underlying model, which may subject your system to some unexpected constraints.

For example, who remembers DOOM? The distinctive 2-1/2 D level designs were done that way to simplify rendering, as an optimization. That's how the rendering engine could run at a remarkable framerate on the hardware of the time. If ID had started off with a full 3D rendering system and said "well, it runs at 2 FPS, lets go design some levels, we'll optimize the rendering engine later" ... well, the game would have worked out quite differently.

25
mdomans 1 day ago 0 replies      
It seems to me, that this article is based on wrongly understood idea.

"Premature optimization" should be rather considered as an idea to consider the whole picture first. It's scary sometimes, but engineers are usually paid because of creating something and that creation is usually more than a set of highly optimized code lines.

Consider the fact, that even when analyzing algorithms, you should consider whether your point of focus are allocations or comparisons. You have to remember about cpu time, memory, I/O, cache, data fragmentation and sometimes even power outages.

Thus, there is ABSOLUTELY NO EXCUSE TO CODE WITHOUT UNDERSTANDING WHAT GIVEN CODE IS SUPPOSED TO DO, but killing yourself over few extra miliseconds of cpu time, or even few extra megabytes of storage usually is SENSLESS.

What's more premature optimization can easily lead to mentall exhaustion (because "well, I spent 8 hours writing a function in assembly, so I'm tired") and eventually, decrease of quality of the rest of the code. And even if not, you have good chance of writing code, that is beyond reusability.

Summing up, pretty please, everyone, stop confusing 'code desing' and 'optimization'.

26
dools 23 hours ago 0 replies      
"Just as you can't add quality to your code just before shipping, seldom can you significantly improve performance without dramatic rewriting"

That's total bullshit. I've seen massive improvements from just a few key optimisations on very large code bases.

Q: "When is it a mature time to start to consider performance, however?"

A: When you have problems due to slow performance.

The "premature optimisation is the root of all evil" catchcry is basically the same as "don't solve problems you don't have".

27
mojuba 1 day ago 0 replies      
Premature optimization is a skill. That is, you know how to write good code and never waste your time on neither premature nor postmature optimization.
28
scotty79 1 day ago 0 replies      
Always avoid premature optimization and every optimization before you can run benchmark is premature.

But, hey, don't do anything stupid. Like pulling whole dataset over the net from database just to calculate some sum or average or do a join or iterate to find something.

29
chanux 1 day ago 0 replies      
Finally someone who can get some attention voices the truth!

It has been frustrating to see how people avoid doing a `bit of thinking` in the name of the gold words 'Premature Optimization is the root of all evil'.

30
goblin89 15 hours ago 0 replies      
I suppose, that's what you call 'uniformly slow code'. http://c2.com/cgi/wiki?UniformlySlowCode
31
xedarius 1 day ago 0 replies      
I use a simple rule, treat all new code as production code, don't assume you'll have time to go back and optimise it, because you won't, ever.
32
jkyro 1 day ago 0 replies      
An experienced developer can in many cases be explicit about when he is sacrificing performance for the sake of getting things ready. Usually ends up writing code whose performance can be fixed with relative ease. Those places will be the low-hanging fruits.
33
jwingy 1 day ago 2 replies      
Unrelated comment, but the sidebar on that page sort of looks like a premature optimization...what's the purpose of making it hard to see? I didn't notice it was there until I accidentally moused over it. Can anyone explain the efficacy of that in design terms?
34
deathflute 1 day ago 0 replies      
As they say there is more than one way to mouth a cliche.
35
dm_mongodb 1 day ago 0 replies      
I imagine Knuth's first version of Tex was pretty darn fast even without 'optimizing'.
27
An Idea for the Economy that will Freak Out a lot of People blogmaverick.com
179 points by knowtheory  3 days ago   189 comments top 52
1
jswinghammer 3 days ago  replies      
Jobs are a means not an end. I've never worked at a job to work at a job. I work at a job to provide for my family and for my other goals in life.

This sort of top down thinking is just toxic. It seems so great and tidy until you actually try to implement it and then you realize that your level of ignorance was greater than you could have possibly imagined. You can't solve a debt problem with more debt and you can't solve a jobs problem by just creating meaningless jobs. The only jobs that are sustainable are the jobs that produce something that other people actually want.

The whole idea of the price system is that we're given signals about the best ways to serve other people in society. The price system in financial and real estate markets is completely insane and basically non-functioning. We're all suffering with these zombie banks we've created for ourselves.

The real question shouldn't be how to create jobs but rather how to create a society where needs can be met by entrepreneurs and businesses. We've all seen that when people are having their needs met then jobs end up being created by the businesses that form in the process of meeting those needs.

2
jerf 3 days ago 3 replies      
I'm just completely at a loss as to what this says.

Companies are flush with cash. The government can't figure out how to spend money productively. So, we're going to have the government borrow more money to give it to companies that don't need it, using its incredible inability to allocate capital to decide which of these companies to allocate capital to?

If the government can't productively allocate capital and companies have enough, why, in the terms of this post, exactly is it such a bad idea to have the government stop borrowing all the available capital and let the companies start allocating it instead?

(I italicize some words to emphasize that it is the internal issues with the logic of the post I am questioning. I may strongly disagree with it, but I am well aware of the liturgy for Keynesianism.)

3
DanielBMarkham 3 days ago 1 reply      
I like the creativity here, but the naivete is a bit much. Very strange that I should make that observation about Cuban, but there it is.

We already have this incredible sophisticated and involved system for creating jobs -- its called the startup market. Each year, tens of thousands of folks come up with ideas to do things people want, and that always means creating a job, if only for the founders. Each year folks invest, or not, and those folks get a shot at succeeding.

So we have tens of thousands of highly-motivated folks putting their own lives and money on the line to make jobs. How could this possibly stack up against BigCorp getting subsidies to create busywork?

The Tea Party used to be non-partisan, at least in theory. Probably never really were, though. But there's a critical non-partisan meta point that you have to acknowledge before you spin off with a bunch of creative top-down ideas: we've been here before. Every time there's an economic problem people come out of the woodwork with all sorts of totally awesome ideas. Some of these work, some don't. The only difference between these implemented ideas and the startups I mentioned is that these ideas are huge things and we can only do a few at a time as a nation.

I think this creative problem-solving is great, but you have to face facts: been there, done that. Whatever we do, we have to have a system that continues to let us come up with and fund these ideas when we need to. Running huge deficits and debt loads over 100% of GDP doesn't let us do that. [insert argument about how I exaggerate when exactly we become limited in our options, but note that at some point even the hardiest Keynesian must realize that the time has arrived.] So debt arguments are not necessarily about philosophy for how to run the economy and create jobs, they can be about the simple ability to do so.

If you ask me, we need to talk about policies that are going to create millions of failures from the bottom-up, all trying to build things to help folks. Not trying to pick among the hundreds of great ideas for the top 3 or 4 that we then throw hundreds of billions of dollars at. It might feel great all rallying around one or two cool ideas, but this is a numbers game. We need to play it intelligently.

4
smokeyj 3 days ago 4 replies      
Cuban says big companies are not cash poor. I wonder how many of these have foreign funds that just won't import it because of the tax hit they'll take.

If you want to create jobs, how about companies under 10 years pay zero taxes. Zero costs to incorporate, and all licenses are free. No costs to access secondary equity markets, and access to an entrepreneurship courses. I don't think they want that many jobs tho, might shake things up.

Cuban is just trying his hand at central planning and it's not well engineered.

Considered the market needs to flush itself of some of these mid to upper sized companies. Some just exist because their stock maintains, while costing society valuable talents and resources. Just something to consider.

5
jseliger 3 days ago 0 replies      
The problem with a lot of armchair economists is that they get stuff wrong. I left this comment on Cuban's site:

"Plus our federal government loves to hire people."

This isn't true. As <a href="http://www.data360.org/dsg.aspx?Data_Set_Group_Id=228>th... data set shows</a> (and it's similar to data I've seen in civics textbook, the number of non-Census federal employees has stayed more or less constant for decades.

If you want to know the biggest portion of future federal debt, look for Medicare entitlement spending.

Back to HN: the other problem is that merely "hiring employees" isn't the same as productively using employees. He's deploying a variation on the broken windows fallacy.

6
justinsb 3 days ago 0 replies      
This already happens: if you're a corporation promising to create jobs, you can negotiate with government for tax breaks. I believe Twitter negotiated with San Francisco city government to get their payroll tax breaks by threatening to leave the city. Datacenter construction tends to get property tax breaks from local government. If you're talking about locating a car factory in a country, much bigger incentives are to be had.

Twitter: http://latimesblogs.latimes.com/technology/2011/04/twitter-g...

Datacenters: http://www.computerworld.com/s/article/9217259/Apple_Google_...

Ford Tax Breaks: http://www.huffingtonpost.com/2010/05/24/fords-to-invest-135...

7
knowtheory 3 days ago 1 reply      
Other nations have sovereign wealth funds which invest in companies and build up business and investing acumen.

Instead, America is trying to destroy any expertise or knowledge that the government has, and keep anyone with experience out of government (look at the ridiculous confirmation battles over the past 5 years).

The problem is that our current politics won't let the US government act on societal principles, or on business principles. The US Government is so hobbled that it can't act to succeed.

8
cyrus_ 3 days ago 1 reply      
The conversation we really should be having involves answering these three questions:

1. What work could be done that would create a better world for us?

2. Why isn't this work being done? Is it regulatory paralysis? Insufficient coordination amongst stakeholders? Are the rewards difficult to capture by the people doing the work? Are there not enough people with the requisite skills?

3. Can we stimulate or coordinate the private sector to organize labor and capital to get this work done? If not, why not?

If you've thought about these questions for a while, it is absolutely shocking to listen to the economic debate going on around us today. We have two camps who are both way off -- some people (e.g. the author of the blog post) assume that throwing money at anyone who asks for it will work, but it doesn't (they just waste it). Others think that letting people keep the money they have previously earned and staying outta the way will work, but it doesn't (they just hold on to it or waste it).

I don't know what the solution is.

9
groby_b 3 days ago 0 replies      
Completely flawed. Objections in the first 2 minutes:

1) Companies don't really need cash, currently.

2) This is easily gamed. (Hire people for the minimum amount of time, fire again)

3) It excludes major sources of employment - the majority of gross job gains comes from companies with less than 50 employes.

4) Jobs worth creating require qualifications. People are not interchangeable cogs, you would need to create jobs that actually fit unemployed people.

10
rmason 3 days ago 0 replies      
What he is proposing was already tried by the Michigan Economic Development Corporation.

Politicians from both parties loved photo ops where some entrepreneur was creating jobs, especially in a distressed area in exchange for state money. Even if all the promised jobs never got created.

Then it got to the point where a con man showed up who never intended to create any jobs.

http://record-eagle.com/opinion/x908934006/Editorial-MEDC-ou...

11
acslater00 3 days ago 1 reply      
This is a good idea from a "look, i'm being counter-intuitive" sense. But it will not work.

There's a reason the federal government can borrow at 0% short term and my hypothetical auto parts manufacturing company can't. I am a default risk; the federal government is not.

IRL, banks essentially borrow at 0% from the federal reserve. They do exactly what Cuban is suggesting the federal government do. They have lots of money. Their mission is to lend that money to businesses who will "create jobs" with it. They price those loans at an interest rate which The problem right now is that not enough businesses see good investment opportunities that justify taking out a loan at rate X, and not enough banks see businesses who are not so risky that they can justify making the loan at a price they would pay. We're in equilibrium, but it's a lowish one.

At the margin, we can increase some of that activity by either (a) making the loan cheaper for business or (b) making the risk lower for the bank of (c) both. In this case, the federal government acts as a guaranteeing middleman between a bondholder (the "bank") and a business. Because the bondholder doesn't have to worry about a business default, the lending takes place at essentially 0%. So this plan boils down to having the federal government guarantee loans to businesses, only instead of saying, "I'm guaranteeing a private loan to a business," they're going through the process of actually initiating the loan themselves (with a website?? please.)

The idea of federally guaranteed loans is not new. Organizations like Fannie Mae and Freddy Mac literally do exactly that; subsidize loans to achieve some kind of social good (in that case, home ownership). The problem is that -- unsurprisingly -- people default, and the programs end up going hundreds of billions of dollars in the hole. And then the taxpayer is on the hook. And that's, kind of what we want to avoid here.

More oddly, Cuban is making the assumption that not only should the federal government subsidize the loan, they should originate and (probably) administer it, which only makes sense if you believe the federal government has a better eye for businesses that will actually succeed and "create jobs" (I suppose) than the many thousands of banks that do this professionally. Color me skeptical.

Yes, money is cheap. But disintermediating the entire corporate paper industry is not a solution here.

12
chailatte 3 days ago 5 replies      
Here's another wild thought.

Do nothing.

Let the bankers steal from the middle class. Let federal reserve steal more money from its citizen. Let the government accumulate more debt. Let the jobs go overseas. Let inflation run rampant. Let people go deeper and deeper into housing/student debt. Let small businesses die.

In fact, encourage it.

Why? because the current system/society, as it stand, is dying body that cannot be healed. It is too old. Too lazy. Too morally corrupt. Too broke.

Because common citizens will wake up one morning. They will be out of a job. They will be losing their house. They will be in massive debt. And they will not be able to afford even the most basic food/gas.

Then they will be truly angry. Not angry as in chatting about it online. Angry as in massive protests in the capitals. Angry as in shutting down major websites. Angry as in rioting. Angry as in burning down houses. Angry as in everywhere.

Only then will there truly be changes.

13
owyn 3 days ago 1 reply      
This idea will never work, but on top of that his "rules for entry" are totally silly. Just take a glancing look at this data and you can see that his criteria should be inverted http://www.census.gov/econ/smallbus.html

There are ~6M firms in the USA but only ~90K with revenues of 100M+ so his pool is very small to start with. Firms with 100+ employees count for 1.8 percent of employment and capture 65% of total payroll and something like 2/3 of total revenues. I think ANY company that is pulling in 100M in revenue has probably got things figured out already. The vast majority of employers in this country are small firms so why not try to help small guys turn into bigger guys.

So I think if anything, there should be more investment in firms with less than 100 employees, less than 100m in revenue and less than 10 years old.

14
yaix 3 days ago 0 replies      
Why 100 employees? Why 100mm turnover? What are all these random values about? Any science in it, or just a guess?

There are and have been all kinds of stimulation policies in Europe. If you are looking for ideas, have a look at which of them where successful and which were not.

For example in 2008/09, the German gov't paid companies a part of wages if they abstained from laying off people. Was a win-win a year later. The companies saved money because they did not need to re-hire tons of employees when the economy recovered, and the gov't saved money on all kinds of welfare expanses they could avoid paying.

There are many other such programs around, some successful, many not. But it would probably be better in the hands of the US states and not the federal gov't.

15
Alex3917 3 days ago 3 replies      
How about 10,000 X-Prizes, each with a 10M or so prize. That seems much more sensible. Everyone who wanted to compete for a given prize could register with a transparent prediction market, which would give investors an easy way to get to know the different people competing in each category.
16
adammichaelc 3 days ago 0 replies      
When are smart people going to stop falling for central planning? How can a person believe that any central power can accurately plan for more than a few others?

In any economy, millions of individual buy/sell decisions affect the system. One central committee will never be able to mimic that complexity and then accurately plan for it.

PS to the OP. I wouldn't say it's high taxes that are hurting jobs as much as it is stifling regulations. Our system is basically a 200 year-old Windows computer that has had its kernel and registries tweaked and changed so much that the machine is slow and a pain to use. Not to mention the malware (think lobbyists)...

If we could re-boot from source in the US and just end most regulations jobs would come back more quickly than any other scheme. Or perhaps we just need a new OS.

17
jules 3 days ago 0 replies      
Imagine this scenario:

Once upon a time the total money in a country was $1. Then the guy with the $1 put it in the bank. The bank lent the money to another guy, and that guy then owed $1.10 to the bank after interest. That guy happened to be a car dealer, and the bank owner bought a $0.10 car from him for the interest he earned. Everyone is happy.

Now imagine this scenario:

Once upon a time the total money in a country was $1. Then the guy with the $1 put it in the bank. The bank lent the money to another guy, and that guy then owed $1.10 to the bank after interest. That guy happened to be a car dealer, and some other guy bought a car from him for $0.10. That guy got the money by lending it from the bank. After a couple of years of this stuff, through interest, the total money owed to the bank was $2. So the interest these people have to pay in total is $0.20 that year. There is no way that all money can ever be paid back to the bank, unless the bank owner spends a lot of money. If the bank owner spends say $0.10/year, the total money owed to the bank is bound to increase. Everyone is now a debt slave to the bank. People are going to have to default on their debts, there is no other possibility, because there simply isn't enough money in the world to pay back the bank.

Is it possible that we are in scenario #2?

18
ojosilva 3 days ago 0 replies      
Here in Spain, and in other countries I've lived in (Europe and South America), there's something called a Savings Bank (http://en.wikipedia.org/wiki/Savings_bank): a non-profit, regional/local state controlled bank. Good folks put their money in them and the savings bank invests it back into the economy for public good, social and cultural projects, and job creation - doing precisely what the OP suggests.

But savings bank are being dismantled in Spain now, and in many places like Brazil 10+ years ago. Why? Because politicians need money for their campaigns. Politicians control these savings bank. Eventually the savings bank money makes into the ruling parties friends pockets and financial supporters. Or into senseless investments, investments a private bank has a much lower probability of making since private banks have shareholders and higher stakes that make them much more accountable for their actions.

Government should not lend money directly. That's what banks are for. Government should not replace the private sector. Ever.

Government already has enough resources to incentive the job market: tax cuts for companies that hire new people. Deregulation of the market. Interest rates. Money printing. Hiring public workers. Starting public projects. Declaring wars in foreign countries.

Creating jobs with loans is currently available anyway: companies can show a plan to banks and investors, so they can decide to grant the loan or not based on things like risk and profitability for both parties. Risk aversion and accountability is something that Government overlooks considerably. Private loaning and investing is a very flexible system: the company may then chose to use the money to cut down on its work force, replacing people with robots. That's great, because it makes companies more competitive. That's more important down the road. Lending money, as the OP suggests, to companies so that they can just go out and hire is reinforcing a negative behavior: become less productive first, then see if you can catch up. That's just creating a country of sweat shops.

Recessions can actually be a positive thing for the economy when good, functioning companies (who have cash flowing) have better choice to hire great people (who became suddenly jobless). So don't inflate the job market artificially and mess it up for the well-managed companies and deserving people out there.

19
T_S_ 3 days ago 0 replies      
tl;dr Wage subsidy in the form of credit extended to established companies. No benefit to you, HNers.

Remember green jobs? They aren't happening. So here's an alternative. Cut sales and income tax. Impose heavy carbon tax (enough to get gas to $10 gallon in 7 years). Impose carbon-linked tariff on imports. No subsidies to energy research, only to verifiable carbon sequestration. The realignment needed to adjust to that will be very US-labor intensive. And people will feel great about meeting the challenge of fixing the world's biggest externality. Some of us will anyway.

20
Lambent_Cactus 3 days ago 0 replies      
"The Republican/ Tea-Party approach to job creation is to cut taxes. The theory being that more money in the pocket of individuals will cause people to spend more money in the economy thereby creating more jobs. Nope. Not happening. Why ? Because individuals have too much debt. Any money they get goes to pay credit cards, student loans and for the smart and fortunate into savings.

Individuals now have debt = to about 119pct of income vs historical levels of .17pct in the 40s, 55pct in the 50s , 65pct in the 60s and a high of 133pct in 2007)."

This is clearly wrong. Never mind cutting taxes, that's much too indirect. New plan - the government borrows as much as it can at negative real interest rates until it bids those rates back down to 0. Then it just mails checks to every American. Some will spend the money (probably with great efficiency! They know what they need!), but most will use it to pay down debts. This is a feature, not a bug. The debts that Americans owe have positive, and in some cases substantial, real interest rates. Bam! You have just accomplished to biggest interest rate arbitrage play in history.

21
retube 3 days ago 0 replies      
> if you can borrow money at a negative rate you should borrow as much as you can

True, but the treasury can't borrow at a negative rate. Actual yields are positive [1].

So called "real" yield is the actual yield minus a forward inflation component as implied by the TIPS (Treasury Inflation Protected Securities) curve. All this means is that the return you earn on owning the bond is _likely_ to be less than what inflation is projected to be. And from the Govt perspective, they will still be paying back more than they borrowed (yields are positive) but that the payback is likely to be devalued to a "real" value less than today's value.

http://www.treasury.gov/resource-center/data-chart-center/in...

22
csomar 3 days ago 1 reply      
You don't need money to create jobs. I'll give you a scenario:

Imagine Mark and Adison, two neighbors. Both are living happily and have 10 hours a day of free time. Mark can plant trees, while Adison can do house decoration. Both of them are idle. Both of them are jobless. Why? Because Mark can't plant trees, he doesn't have a land. Adison had already done decoration for his home.

One day Adison comes to Mark and suggests that he does home decoration for him. In return, Mark will plant some trees for Adison. Trees are like a long term investment for Adison and house decoration is an improvement in the living standard of Mark. Now both of them are working full time. No money is required.

For the economy, the living standard of the population had increased. Did we require money? No!

So what's wrong? It's not about the money. We need to enthusiast people with a fair, free and open system and they'll start working.

23
TheCondor 3 days ago 0 replies      
Are there enough good people to hire? Not that many years ago tech companies were hiring every H1B they could because there weren't enough local talent.

The more I think about it, the solution might make the problem worse in the near term but I think the solution is to clean the slate so we can start over with a new playing ground to make our compromises on. Let's make a flat tax for all businesses and then a flat tax for all individuals, price it to balance the budget and put a 5 year holiday on new tax law. Then in 5 years we can start making our compromises again and recomplicate the tax code to let companies game the system and try to coerce culture changes and what have you. In the mean time, all businesses pay x% and all individuals pay y% on all income, period. Perhaps graduate the tax for incomes below $50k, maybe. And perhaps instead of 5 years, we do it until the AAA rating is restored or the debt shrinks to some number or something. Just radically simplify it all.

I'm just tired of all the unintended consequences and how complex the tax code is. I can't see how we can make it better by trying stuff like this and it seems easy to game without some sort of oversight. (Could you hire your 3 year old and give them a salary no the government's dime? Could you hire a bunch of people for really cheap wages and skim?)

24
tomjen3 3 days ago 1 reply      
Great he wants to make it even more difficult for small businesses to compete.

Anyway the reason to cut taxes isn't to create jobs, but because taxing anymore than what is required to fund basic government services is immoral.

25
gallerytungsten 3 days ago 0 replies      
The process Mark Cuban describes already goes on all the time at the state level. States routinely give giant tax breaks and other financial goodies to companies that promise to build a plant, create jobs, or otherwise invest in the state economy.

The problem right now is that this system is generally highly political, unfair, and non-transparent. Cuban implicitly identifies this problem with his idea that the decision-makers should have not made political contributions for five years.

Additionally, states routinely fail to put an enforcement mechanism in place, and they're shocked, just shocked, when they discover they've been fleeced.

26
steins 3 days ago 2 replies      
Facepalm.

I normally love Mark Cubans blog, but this is a terrible idea. If a company cant afford to keep employees it shouldn't hire them. This would be almost as bad as the bailouts were.

This would send inflation skyrocketing.

What happens to all of those small companies that don't have the connections or legal know-how to get the government money? They go out of business because they would not be able to afford the new inflated cost of hiring.

What happens to the people who can barely scrape a living out of their current wage when the inflation this would cause sends food prices sky rocketing?

27
f1gm3nt 3 days ago 0 replies      
This is a good idea, but will never work. First of all the requirements wouldn't work. You would be investing in companies that would hire a ton of people only to lay them off after a project.

You would have better success by finding businesses that would hire and retain people. These won't be a company that has been around 10+ years. Those companies would put this money to better use.

Also it would be a crazy bet to give money to any business that has only been in business for a short time.

If you're really looking to freak people out, put your presidential candidates on American Idol and see who gets the votes. Why not just make a push for a resource based economy? Not THAT would really freak out a lot of people.

Good article :)

28
nhebb 3 days ago 0 replies      
Charles Gasparino has a similar idea. US companies have about $1 trillion parked overseas that will be taxed at 35% if transferred back to their US operations. His idea is to let them transfer the money tax free, on the condition that they use 25% of the funds to hire workers. and grow US operations. that may sound like corporate welfare, but the truth is that those companies are not going to bring that money back anyway.
29
mdonahoe 3 days ago 0 replies      
We need a better vision than "everyone must be employed."

Something more specific than "Win the future", and ideally something most people can believe in.

It seems like an implicit goal is world peace. The US spends a ton of money on defense, but the problem is our current methods involve lots of killing. It's hard to feel good about mass murder. I think we should still spend tons of money on defense, but just explicitly give more money to non-lethal technology.

We should be very clear that our goal is world peace and come up with very specific subgoals we want to see.

30
Symmetry 3 days ago 0 replies      
We could just borrow money to buy foreign debt, lowering the value of our currency to help our export center. Basically doing the same thing we always complain about China doing to us. We could probably earn a profit even if some of the countries we end up investing in default.
31
chefsurfing 3 days ago 1 reply      
Why not? If the Chilean government can do it, I imagine government(s) in the US can make it happen. Maybe it could start in smaller cities and towns. The missing part it the meme and forward thinking.
http://www.startupchile.org/
32
tybris 3 days ago 0 replies      
Dig a hole and fill it up. Our economy is saved!

What the government needs to get better at is extract money from the economy in a way that creates, rather than destroys economic value. This is what almost every business does, why can't the government?

33
Xlythe 3 days ago 0 replies      
This would put a large amount of money in the hands of a small group of people. Money that isn't theirs, yet they get to decide where it goes. If the payout justifies it, corporations will hire lobbyists or set up backroom deals. There will be a huge influx in demand for essentially free money, meaning the paperwork to go through will be enormous. Shell Corporations that meet the requirements will sign up in addition to their actual corporation. And by setting minimum requirements (Especially 10yrs, 100workers), you end up targeting corporations who already have money in the bank. It's the uprising corporations that spend their revenue on expansion, that take out loans to rent a bigger office.
34
lkrubner 3 days ago 0 replies      
The USA has suffered a loss of $2.8 trillion in GDP that the USA could have but chose not to have:

http://krugman.blogs.nytimes.com/2011/08/11/the-waste/

35
doctoboggan 3 days ago 1 reply      
I hate to be cynical but I give this a near zero chance of happening. I do think its a good idea though.
36
maxwin 3 days ago 0 replies      
This assumes that China and the rest of the world are idiots. By borrowing more and more money and devaluing it, US is gradually losing one thing :trust which is very important for the US economy.
37
jaekwon 3 days ago 0 replies      
Face palm.

Yes, let's have the business of government be exactly that of venture capital / angel investment.

The government is bankrupt because special interests and incompetence makes it an unprofitable business. I'm actually glad that the federal reserve is relatively immune and separate from the government. That way maybe we won't have a catastrophic failure when the government finally becomes illiquid.

38
guelo 3 days ago 0 replies      
> The problem for the Democrats is that the government hasn't shown that they can earn a positive or even a break even return on their spending.

How do you calculate the return on health care for old people, or school lunches for kids, or clean water in your faucet, or adding a lane to a congested highway?

39
gavanwoolery 3 days ago 0 replies      
Creating jobs is good, but why put this in the hands of the government? You (Cuban) have already argued they are too bureaucratic and wasteful in organizing any of their sectors.

Cut taxes. Tax cuts give VCs, banks, and other lenders/investors more money to invest. Tax cuts also make employment cheaper for everyone (since they get taxed less, you can pay less and they will still get as much money). And they will invest in the things they think are going to be most successful, which I would argue the government would not be good at doing.

Stop giving the government money. They have already proven they do not spend it well, and they create more debt than value that they add.

40
NHQ 3 days ago 0 replies      
How is idea different from taking "short term debt for long term project", which he assails up front? The money is short term debt; the job, we hope, is long term--presuming best case scenario where the program operates as planned, and creates jobs that don't evaporate.

I don't know logics, but that doesn't seem like a natural good conclusion, when the positive negates the whole.

41
iwwr 3 days ago 0 replies      
Any money they get goes to pay credit cards, student loans and for the smart and fortunate into savings.

What's wrong with THAT?

42
chrismealy 3 days ago 0 replies      
Another edition of "Let's pay attention to what the rich man says."
43
nhangen 3 days ago 0 replies      
I disagree that the Republicans and Tea Party can be tied together in the same / - but also that their sole method for fixing the economy is lowering taxes.

Regardless, the answer isn't jobs, but transitioning people from being skilled in trades that no longer matter, and becoming skilled in modern trades, such as programming, design, etc.

44
bennesvig 3 days ago 1 reply      
Why not just adopt something like the Fair Tax where business would pay significantly less taxes. Wouldn't that be just as good, if not better than doling out money to companies who "promise" to hire?
45
gosub 3 days ago 0 replies      
I'd like to see a serious discussion about the possibility that western economies reached their maximum capacity for employment. Probably the level of production for goods and services will hit a plateau (even if we increase the number of products to infinity, we don't have the time to consume all of them, so the market will reject them), while the productivity (production per unit of workforce) naturally tends to increase. I think there are serious sociological implications.
46
jgervin 3 days ago 0 replies      
One issue, companies that meet your requirements really aren't innovating or releasing new products. If they are, a overwhelming majority will be investing in short-term micro growth, like building a new bridge.

We actually have this system in place, VC's, Incubators and Angels. They verify opportunities and fund them. Startups are our future, whether you like it or not. And yes many will fail, but those that don't will provide long-term macro growth.

The biggest winner in about 10 years will be DST, they get it.

If the government wants to solve this issue lend capital to startups directly or via VC's, Incubators, Angels, or whatever. Maybe only lend it to those seeking C rounds to verify a companies stability and to prevent a bubble.

47
itissid 3 days ago 0 replies      
I dont mean to hijack this post but I think granting citizenship to non citizens living here for sometime, provided they buy a house, would be a great way to raise real cash instead of printing and borrowing and cash for clunkers. There would be a lot of people willing to spend some serious money to get a citizenship in the US. And giving it to only a certain category of people who have stable jobs for a certain period of time here can address the immigration and job killing issue.
48
JeffffreyF 3 days ago 0 replies      
Great idea. Liars and thieves would kill it. They kill all the ideas that can work, until liars and thieves are under control nothing will change.
49
jpr 3 days ago 0 replies      
Yeah, stupid, ignorant and dangerous ideas tend to freak people out...
50
monochromatic 3 days ago 0 replies      
I see a whole lot of conclusory statements in this article. Why should I take your word for a single one of them?
51
shawndrost 3 days ago 0 replies      
yeah we're already doing that
52
donnaware 3 days ago 0 replies      
Mark Cuban for president
28
Groupon updates IPO filing, admits it's unprofitable cnn.com
180 points by silvio  4 days ago   85 comments top 12
1
cletus 4 days ago 5 replies      
Groupon is a fundamentally bad business and I wouldn't touch it with a 10 foot cattle prod.

Some say that we know they're not profitable but that's really not the point. By counting customer acquisition as an extraordinary expense they are implying that:

1. The value of that customer is AT LEAST as much the cost of acquisition; and

2. That cost also accounts for the natural loss of customers.

This is shady because (IMHO) daily deals customers have very little loyalty to the providers of those services, there is no natural barrier to prevent customers moving to LivingSocial or whomever and the high margin on deal split is transitory because increased competition will reduce what is really nothing more than the artificial scarcity introduced by Groupon's one deal a day (per market).

But none of that is why Groupon is a bad business (IMHO). Consider: Groupon offers a deal, people buy it and Groupon and the provider split those proceeds in some fashion. I believe--but don't know--that the provider has to wait for some large part of those proceeds too. Basically that delay is Groupon's cash flow.

So what's the best outcome for Groupon and the provider? One of two things:

1. The customer doesn't use that coupon. Groupon and the provider pocket the free money; or

2. The customer spends above the coupon or is a repeat customer such that the "marketing cost" (to the provider) of the Groupon offer is amortized over multiple visits and/or higher spend such that they make a profit.

In the case of (1), many providers really don't want customers to use coupons. There are plenty of anecdotes from people getting bad reactions when they tell a proprietor or a waiter or whatever that they're using a coupon, particularly in restaurants.

Worse, coupon users may be people who are prepared to pay full price anyway or the influx of coupon users may prevent full-paying customers from being able to use your service. The propaganda is that you can sell unused capacity. While true for some businesses I think you'll find that many people try to use Groupons in, say, restuarants at otherwise peak or busy times.

There are some success stories of (2) but plenty of failures too.

What isn't built into Groupon's financial statements is account risk. There is a strong argument that a failing business can make one last roll of the dice with a Groupon offer. If they fail, they were going under anyway.

I actually don't know if Google (disclaimer: I work for Google) tried to buy Groupon or not and if we did, at what price. The press reports Groupon turned down a $6 billion offer.

My personal opinion is that Google dodged a huge bullet if this is true.

2
suking 4 days ago 1 reply      
It has always admitted it's unprofitable - they dropped their BS accounting metric trying to show that with some magic they were making a profit.

To be honest their filing reeked so bad and them trying to slip in that crap and not account for marketing expenses - I wouldn't trust their executive team at all.

3
puredemo 4 days ago 7 replies      
Groupon not selling to Google was the dumbest thing I've ever seen a company do.

Ever.

4
jcampbell1 4 days ago 2 replies      
If you are interested in Groupon's actual performance rather than a reporter's linkbait, see the filing. I find the table on page 57 rather informative about the current state of the business.

http://sec.gov/Archives/edgar/data/1490281/00010474691100717...

5
yid 4 days ago 2 replies      
The juice that we're all looking for:

> On that basis, Groupon incurred a $420 million operating loss for 2010 and a $117.1 million loss in the first quarter.

So they had a slightly worse amortized 1st quarter this year than last.

6
uptown 4 days ago 1 reply      
What I don't understand is that Google Offers has essentially mimicked the same type of "deals" that Groupon is offering ... usually NYC restaurants I've never heard of, or activities I'm not interested in. Today's offer is "$15 for a tour of the Ground Zero Museum Workshop (up to a $25 value)". So I unsubscribed.

I feel like Google had/has a tremendous opportunity to do what Groupon does, but do it with offers that their users will find valuable. Instead they're just trying to recreate the same cut-rate nail salon discounts and arguably exploitive 9/11 museum "deal".

7
vaksel 4 days ago 0 replies      
frankly with the status of the current stock market, I don't see Groupon actually doing an IPO.

I mean today, the market tanked another 519 points. Everyone is busy taking their money out, not putting it in. And groupon doesn't exactly have the reputation as being a high quality IPO

8
JangoSteve 3 days ago 0 replies      
So, my question is, did Groupon turn down Google's acquisition offer because they knew it would probably fall through in the due diligence stage? Whereas, they could then use the hype from the offer to somewhat inflate an IPO?
9
int3rnaut 4 days ago 0 replies      
It would be interesting to find out how other coupon sites with similar business models are fairing--as much as the land grab theory makes sense, I actually wonder about the current system of offering stuff I normally wouldn't want for cheap being a viable business.

A little off topic but I've been noticing a lot of "TeamBuy" ads on TV (I live in Canada)--one can't help but think that until competition like that is settled there will continue to be tremendous growing pains for Groupon and company.

10
hullo 4 days ago 0 replies      
One interesting number for last quarter, from total sales of $878 million, $341 million or 39% was actually Groupon's. Which definitely seems to be proof that the days of 50/50 splits are over, if any merchant prospects about to talk deal terms hadn't already gotten that memo.
11
caffeine5150 4 days ago 0 replies      
I think groupon has gotten a huge boost from retailer desperation since the 2008 crash. They haven't existed in a normal economy. Not only might businesses decide they are not a good solution in hard times, but in the longer term as the economy recovers, they'll likely have less interest as well.
12
u48998 4 days ago 0 replies      
Groupon=Bubble
29
Perlis Languages fogus.me
177 points by pepijndevos  10 hours ago   18 comments top 12
1
RodgerTheGreat 8 hours ago 1 reply      
I would strongly favor Forth over Joy, but either way concatenative languages are really worth exploring. It seems fair to compare Forth with C, as both deal with hardware and memory rather intimately. Compare a C implementation of a Fisher-Yates shuffle:

  void shuffle(int *array, int n) {
int i, j, tmp;
for (i = n - 1; i > 0; i--) {
j = rand_int(i + 1);
tmp = array[j];
array[j] = array[i];
array[i] = tmp;
}
}

With the same algorithm in Forth:

  : shuffle
1- for
i 1+ random over +
over i +
swap@
next
;

The types, intermediate variables and many of the unnecessary details of the implementation fall away. It's an aesthetic distinction, since we're really trading these for "stack noise" words like over and i, but I find it very pleasing.

C is normally considered an extremely simple, lightweight language. I think the main lesson Forth has taught me is that we can design much simpler languages in the same space without sacrificing power and flexibility.

2
raganwald 20 minutes ago 0 replies      
A few of my own reasons for thinking Joy is interesting:

https://github.com/raganwald/homoiconic/blob/master/2008-11-...

3
pavpanchekha 6 hours ago 0 replies      
A great set of languages. It's true that languages should be mind-expanding, and for that reason I wish C would be included on principle --- everyone should understand pointers --- but I suppose most people have already seen that (the assembler included may make up for it, too).

I'm rather happy that many of these are "modern" languages: Qi, Oz, Kernel, and similar raise my hopes for the field showing that in the interceding 50 years, we have improved upon Lisp, ML, Prolog, and the like.

4
cageface 3 hours ago 0 replies      
Tinkering with new languages is fun and worthwhile to a point, but I honestly feel that my time is now better spent learning new problem domains. Languages matter, but the less tangible skills I've developed working across different domains have been more valuable and fundamental. The things I've learned while studying Machine Learning and DSP over the last year are much more broadly applicable than I would have guessed.
5
rmc 5 hours ago 0 replies      
Inform7 is a another perlis language. It's designed for writing text adventure games, but the source code is designed to look like a natural english language.
6
alephnil 5 hours ago 0 replies      
What will be a "Perlis language" will necessarily individual. What makes it so for you, is that it have some features that is conceptually new for you. For me BASIC, C, and Simula was Perlis languages, but none of them has features completly unique to them, but I learned new concepts from them. On the other hand Java, Python and Lua were not, because I had encountered their core features previously, and learned little from them for that reason. People with a different background would have a different experience.

Few concepts are unique to any computer language, so I would argue that it should be about learning new concepts rather that a new programming language.

Some of the examples he picks are rather good at that, since they contain concepts not part of the mainstream paradigms, and so will have new concepts for most programmers.

7
ScottBurson 6 hours ago 0 replies      
PerlisLanguage(Prolog).
8
sgt 6 hours ago 0 replies      
Reading the Eiffel entry, it mentions Design By Contract. This is interesting stuff and I should mention that .NET 4.0 includes Design by Contract in the framework itself.
9
tvorryn 4 hours ago 1 reply      
I spent quite a few hours a while ago trying to organize languages into different language groups in order to pick which languages to learn next. If you're interested in that see the blog post that came out of that: http://hacklash.posterous.com/how-to-choose-your-next-progra... .

Just be warned that I'm coming at it from the outside with most of these languages, to make your final decision try and find someone experienced in multiple languages from the paradigm and ask them which to learn the paradigm with.

10
FuzzyDunlop 2 hours ago 1 reply      
Call me stupid, because I'm just a lowly PHP developer who's a bit confused as to what new things he wants to learn (for better career prospects), but the first reply just emphasises the balance between verbosity and terseness a language should attempt to maintain.

As a fun learning adventure it's interesting - and, as the article says a lot, mind-blowing - but I can read and understand what is going on in C.

Ask me to explain what Forth, or most if not all of the other examples are doing and you'd be lucky to get more than an, "eeeerrrrrrrrrrrrrrrr...." from me. I suppose that experimentation and innovation are more the point with this though.

11
SoftwareMaven 8 hours ago 0 replies      
Interesting set of languages. I would include a language focused on coroutines and concurrency as well: Erlang, Go, or Stackless Python for example. Many problems change significantly when seen in the light of concurrency.
12
tete 8 hours ago 2 replies      
I think Smalltalk is an other language that's at least fun to explore. Especially if you want to know what OO is really about.
30
Flickr is dead thomashawk.com
179 points by wspruijt  2 days ago   94 comments top 34
1
potatolicious 2 days ago 8 replies      
The whole photo-sharing space is ripe for a massive disruptor.

Photographers and enthusiasts have been drifting away from Flickr for ages, but up until now there's been no offering that's really a suitable full replacement.

On the one side you have sites like SmugMug, which has an awesome API, detailed controls over your images... but is devoid of any of the social features Flickr users have grown to love (and loathe sometimes - YOUR PHOTO HAS BEEN INVITED TO [INANE GROUP HERE!]).

Or you have beautifully designed sites like 500px... which also has no API and forces its users to operate the whole thing painfully in manual. But it does have really good discoverability features, maybe better than Flickr.

I'm not confident that Facebook and Google+ will take over the photography enthusiasts' world. I believe that most regular people will share their pictures there (and they already do, on Facebook), but the photography community won't jump on board until there are some very significant leaps (solid API, discoverability features, more niche-specific social features).

But in any case, Flickr is feeling old and creaky, we're all just waiting for something better to come along. Honestly, I'm surprised it's taken this long.

2
ajays 2 days ago 2 replies      
Thomas Hawk is a well-known Flickr hater. He keeps bashing Flickr at every chance he gets. And then he continues to use Flickr. I've been reading his "Flickr is dead" and "I hate Flickr" rants for years and years. He tried to start a competing service, but it failed miserably; so he continues to bash Flickr instead.

Dude: if you don't like Flickr, don't use it. Plain and simple. And if you think you can build a better product, go ahead and build it.

The world would be a much better place with fewer whiners and more doers.

3
acangiano 2 days ago 1 reply      
I'm surprised he hasn't disclosed it himself, but it's worth noting that the author has tried his own hand at this problem with the site Zooomr.com. Things didn't work out though and the site never took over Flickr.
4
ANH 2 days ago 3 replies      
One thing Flickr has going for it is photos aren't so closely tied to a user's identity. I'm a bit of a photography buff, a Flickr Pro user for years, and I'm not sure I want my photographs to be in the same place where I update friends and acquaintances about my status. It's an entirely different thing to me.

The article has it right, though, about Flickr's lack of updates. The most recent major change I've noticed was a year or two ago and, IMHO, it made the site worse.

5
Terretta 2 days ago 1 reply      
Except that this gentleman has previously complained about Flickr censorship, yet completely ignores that Google+ is far more restrictive and has already been accused of pulling people's photos (e.g. Lego cleavage[1]) and pulling non "real name" accounts. I don't think he's thought this through.

1. http://www.networkworld.com/community/blog/did-google-ban-cl...

6
martingordon 2 days ago 1 reply      
Flickr may or may not be dead, but Google+ isn't going to replace it. The great thing about Flickr is the discovery. Flickr has a ton of tools that help you find other photographers (explore, tags, groups) and Google+ has none of these.

Whereas Flickr enables and encourages users to seek out new contacts, it seems to me that the purpose of Google+ is to better facilitate communication between existing contacts. He doesn't mention this in the post, but does anyone know how was the photo walk organized?

7
EwanToo 2 days ago 0 replies      
The short version of the article is that Flickr hasn't changed in years, no one at Yahoo seems interested in it, the community is drifting away, and they're heading towards Google+.

I think this is pretty much true, though I'm not sure Google+ will really be where everyone will end up - it certainly lacks a lot of things (like shared circles for example), and whether Google will support those communities by creating the features they want is really up in the air right now.

8
hopeless 2 days ago 0 replies      
Here are a few things that have killed Flickr for myself and 80% of my photographer friends:

- Poor quality of work (or, rather, the good photography is buried under mounds of dross). 500px has the advantage of being new, and limits monthly uploads, so the quality there is surprisingly high

- Vacuous comments. "Nice capture!". "Great shot!". This is only made worse when looking at the horror-movie-esque overdone-HDR monstrosity.

- Group and all flashing badge icons in comments

- woeful mobile interface which is slow and eventually displays a non-zoomable postage stamp sized image. I cringe whenever I see a Flickr link on twitter

In short, Flickr might still be a place for photographs but not for photographers. Actually, I think photoblogs or 500px combined with twitter provide a great way of showing off your photos and getting great feedback from people you respect.

9
spjwebster 2 days ago 0 replies      
I knew I'd heard that name before:

> Flickr will be here long after you are and its cultural significance to our world will outlast your quarter to quarter financial results.

http://www.businessinsider.com/an-open-letter-to-carol-bartz...

10
Tichy 2 days ago 3 replies      
Not that I have high hopes for Flickr, but sampling the trends going on a walk with Google employees is probably a bit biased.

As for Flickr: isn't it strange how the products with the worst user interfaces always seem to become the most popular? Same with Facebook.

11
gchucky 2 days ago 0 replies      
Sensationalist title aside, I think Google+ and Flickr fill two different niches: the former is for the social sharing of images, whereas Flickr appeals more to a professional/enthusiast group. One thing is that Flickr puts control of image copyrights into the user's hand, whereas G+ doesn't really have that at all. To that end, someone looking to protect their images would seem to prefer Flickr, I should think.
12
tricolon 2 days ago 1 reply      
No photographer will take Google+ seriously as long as uploading an artistic nude could result in your entire Google account being disabled.
13
jsavimbi 2 days ago 0 replies      
In short, Mr. Hawk is pointing out that Flickr is no longer dedicating resources to untangle a PHP codebase that has taken on a life of its own after seven or eight years whereas Google+ is embracing photo-sharing as an integral part of its new offering. Proof to that is that I have Brian Rose in my circles right from the beginning and I had no clue who he was. A photo-walk with the Facebook team? Can anyone even tell me who's on the Facebook photo team? Flickr?

Flickr will not be rebuilt nor will it be offering incremental feature upgrades of any importance going forward. I'd be surprised if they actually had a dedicated development team versus a group of maintenance developers. The managers are there to make sure I pay for my Pro account once a year and report back to the board that the money is still rolling in.

Google+ pictures to help you share, discover and reinforce social relationships, Flickr to store and organize your crap.

OMG does 500px suck. It's Flickr with a new theme and Stumbleupon integration.

14
olefoo 2 days ago 3 replies      
Thomas Hawk has a long history of enthusiasm and rage; if his normal pattern holds expect to see him lambasting Google for not adding his pet (absolutely essential) feature in six months or so.

This latest enthusiasm has me puzzled though. I mean Google+ looks like it's great for sharing photos of limited interest that aren't necessarily public. But it doesn't strike me as a good place to present your art to the world.

I'm surprised that no one is selling turnkey photosharing sites that work off an Amazon backend and that operators can skin with their own branding and mix and match galleries and slideshow Javascript, and other features.

15
RexRollman 2 days ago 2 replies      
Yahoo, which once held great promise, seems to have become the company that buys things and fails with them. Some examples off the top of my head:

Konfabulator (Yahoo Widgets), Geocites, Delicious, Flickr, Broadcast.com.

Heck, they don't even provide their own search results anymore. Can anyone think of something that Yahoo has bought that has flourished under them?

16
Maro 2 days ago 1 reply      
I'm a weekend photographer and I recently became a paying Flickr user. For my simple use-case of uploading files and sending off the URL to a couple of friends per email Flickr is the perfect service.
17
acabal 2 days ago 0 replies      
I could never understand the appeal of Flickr. I've always found the UI to be extremely confusing and close to unusable. Way back in the day I used to post my travel photos there, mainly because back then there weren't that many alternatives. None of my family could figure out how to use the site to view my albums either.

Thank God we have a competitive market for this sort of stuff now so that I haven't had a reason to visit Flickr in years.

18
bad_user 2 days ago 0 replies      
The problem with Facebook and now Google+ is that these are not specifically designed for sharing photos.

Facebook gets more photos uploaded than Flickr can ever dream of, but they are family pictures or pictures of drunken teenagers, of poor quality in general. If you want to see art, Flickr is a wonderful place to discover amateurs with talent and there's nothing out there that can beat it.

Also, I think a photo-sharing service has to have good tools for exploring said pictures. On Flickr, even if it has many flaws, it is really cool to search for pictures with a high interestingness score and then to start following the people that took them. I found some breathtaking works of art that way.

On Facebook and G+ you have to rely on your friends-feed instead for discovery, but that's not how art is supposed to be discovered.

Flickr, for all its flaws, works for its intended purpose and can only be killed by another web service that is created explicitly for photo-sharing.

Google is in a position to do that however, but with Picasa Web and not Google+, although integration would be nice.

19
ChrisArchitect 2 days ago 1 reply      
a bit heavy on the google influence in the article....

I don't feel like G+ is at all geared to photographers. Flickr has tons of features/tools that seem natural to many but are key to managing photos, making sets, organizing etc. The meta data alone you can associate with flickr photos is incredible. G+ can make a photo set in the same way Facebook can, not really same target/point.

20
ja27 2 days ago 0 replies      
I'm not going to argue that Flickr isn't dying, but they do have some things that Google+ and Facebook don't have: groups. A lot of groups are a waste, but some well-administered groups are awesome, both for the group photo pools and discussions.

The Strobist group is one example: http://www.flickr.com/groups/strobist/

21
InclinedPlane 2 days ago 0 replies      
Flickr hasn't much changed their business model or their service offering in a long time, meanwhile online storage costs have dropped through the floor and competitors have been innovating like crazy. There isn't quite a "flickr killer" out there just yet for flickr's key users (avid and professional photographers), but it's getting closer and closer.
22
xbryanx 2 days ago 0 replies      
Flickr is an amazing resource for sharing and using Creative Commons licensed photos. We use it extensively in creating museum exhibits. I hope that Google+ makes it easy to search and share photos with Creative Commons licenses.
23
Jun8 2 days ago 1 reply      
One thing I always thought that Flickr lacked was an integrated, easy way to buy photos. I don't want to contact the photographer and wait for a reply, when I need a photo for a slide, I want to be able to buy it instantly.

At this point Flickr seems like a site that just survives by inertia, nothing new seems to be done, they have pretty much accepted defeat, I guess.

24
pkulak 2 days ago 0 replies      
Google+ finally made me move from Flickr. The integration between Google+ and Picasa is really well done. Now I can upload HD video longer than a minute and a half. I can easily share content with exactly who I want to (without them needing an account anywhere). Before I had to upload family photos to Flickr (world-public, of course, or no one was going to be able to figure out how to see them) then email the album around or post it on Facebook. Now it's all in once place and way easier.
25
ShardPhoenix 2 days ago 1 reply      
Maybe it's just because I'm not a photographer, but I'm surprised that something like photo sharing can generate this much passion.
26
cek 2 days ago 0 replies      
If Google really wanted to make this true, they'd add "Import from Flickr" to the G+ Photo Upload page.
27
hackermom 2 days ago 0 replies      
After 10 minutes his website finally loaded and I got a chance to read his blog entry. What he backs his claim up with in the end is that a lot of his photographer friends, some of which work for Google, talk about Google+ instead of Flickr, and that there's a tipping point situation happening because the 10% that represent the "best" Flickr contributors are moving to Google+.
28
Hisoka 2 days ago 0 replies      
Isn't there a chicken and egg problem for new entrants? There's not a lot of photos to discover if you're building something brand new.
29
nhangen 2 days ago 0 replies      
TLDR; Google+ has infinite scrolling, and Flickr does not, therefore Flickr is passe and not supported by developers or the photo sharing community.
30
alrs 2 days ago 0 replies      
Infinite scrolling makes me nauseous. I literally feel sick to my stomach when the bottom of the page is always yanked out of my grasp, Sisyphus-style.
31
abava 2 days ago 0 replies      
site about "dead" Flickr is dead :-)
32
zobzu 2 days ago 1 reply      
thomashawk.com/2011/08/flickr-is-dead.html
Connection timed out

Must have been hosted by flickr then.

33
buster 2 days ago 0 replies      
I don't know what the article is about, since the website seems to be down, but i found Google+ to be an awesome photo community.
34
tripzilch 2 days ago 0 replies      
http://www.downforeveryoneorjustme.com/flickr.com

I think it's just you.

Stupid sensationalist headline.

       cached 15 August 2011 02:11:01 GMT