hacker news with inline top comments    .. more ..    9 Mar 2013 Best
home   ask   best   6 years ago   
1
Breaking down Amazon's mega dropdown bjk5.com
1655 points by df07  2 days ago   189 comments top 44
1
Nycto 2 days ago 8 replies      
Hey all,

I'm on the team that built this. We also built the redesign that launched last year. In fact, this was part of that. The article pretty much nails our implementation.

Point of fact: Our team is recruiting. If you dig UX projects like this, shoot our manager Chad an email: chaddes at amazon dot com

2
UnoriginalGuy 2 days ago 5 replies      
This has always irked me about Windows's implementation of the auto-complete box.

If I start typing, in the address bar for one example, and my mouse happens to be resting over where the auto-complete will soon appear (as is likely because I just had to move the cursor to the address bar to select it) when I hit "enter" it will go to whatever my mouse cursor was over rather than what I typed.

The auto-complete box should detect mouse MOVEMENT not mouse position. The fact that my mouse was there before the auto-complete box even rendered should be a massive red flag that I am NOT selecting something in the list.

3
robotmay 2 days ago 2 replies      
It's probably a great testament to its good design that I failed to notice how well it works when browsing Amazon. Everyone notices awful dropdown menus (and I really don't like Bootstrap's), but good ones like this often pass un-noticed because they work so well.
4
czr80 2 days ago 2 replies      
Tog wrote about implementing this in MacOS: http://www.asktog.com/readerMail/2000-07ReaderMail.html#Anch...
5
calhoun137 2 days ago 6 replies      
There is an important point to be made about the quote from the end of this article.

"Thanks go to Ben Alpert for helping me understand the linear algebra / cross-product magic ...I ended up going w/ a cruder slope-based approach, mostly b/c I've lost all intuitive understanding of linear algebra"

Let that be a wake up call to all of the programmers who continue to claim that you can "get away" with out knowing much math. In this case, the author admits that he used an inferior solution at first because it was based on the math he was comfortable with.

There are so many reasons that math is important in programming, but this article added another item to my list, namely: the level of math that you are comfortable with heavily informs and influences the various options available to you in forming a plan of attack against all types of problems, even those as simple as a drop down menu on a website.

6
StavrosK 2 days ago 0 replies      
Wow, I can't believe I saw both aspects of that behaviour (changing quickly and selecting an element diagonally) and I never noticed that something should be wrong. This exactly the definition of good UX.
7
bruceboughton 1 day ago 0 replies      
It's funny to see this level of attention to detail. I've always found Amazon to be one of the worst designed websites outside of the checkout process, and not from a prettiness point of view. I'm convinced their success is purely due to a smooth checkout process, superior customer service (easy refunds, Amazon Locker, etc.) and price.

Amazon never makes we want to buy anything. I only buy if I go there knowing what I want. Browsing (as in shop browsing) is broken, the suggestions are inane (you've just bought a white 3m network cable, why not buy a blue 5m one?) and the search tools are lacklustre (can't sort by price until you choose one of three plausible departments your product falls into).

I have a Kindle and often go to their website looking for a book to buy. This experience sucks. If I go to Waterstones on the high street, they have both a relatively good depth of inventory but also attractively laid out tables of books grouped by subject. I invariably find 2 or 3 books that I like the look of. Unfortunately for Waterstones, physical books are not what I want (I live in London. Space is not plentiful).

Amazon the store front sucks. Amazon the check-out is awesome.

8
LukeShu 2 days ago 4 replies      
For comparison to native applications:

    - Firefox 19 uses the delay technique
- GTK3 uses the triangle technique
- Tk 8.6 does what bootstrap does
- I can't figure out what Qt 4 does

9
smackfu 2 days ago 2 replies      
If the right side box is very short, this algorithm gets a bit fussy. Not a problem for Amazon since their right side box is fixed height, but often a problem for menus where there is only one item in the sub-menu (usually because the sub-menu is programatically filled in.) You have to thread the needle moving your pointer to the right, because if you leave the line, it collapses the selection and selects the next item.

Even OS X has this issue, so if someone gets a good solution, they can beat Apple at their own game.

10
slig 2 days ago 5 replies      
Really nice! Two questions:

- What's the "cross-product magic Amazon uses to detect movement inside the 'blue triangle.'"?

- How did you do those GIFs?

11
MatthewPhillips 2 days ago 1 reply      
This is why I read HN.
12
ssharp 2 days ago 0 replies      
Thanks for this and I'm looking forward to trying it out!

I've long been annoyed by delayed menu dropdowns, but also having to maintain fine mouse control to get the dropdown to behave how I want it to behave. I don't know why the delay bothers me as much as it does, but I think I'd rather take the finicky preciseness of dropdowns over delayed dropdowns. Amazon's solution is really the elegant winner. There are still some tradeoffs, but I think their solution makes the most sense for delivering expected results to users.

13
mhp 2 days ago 2 replies      
Maybe I'm just cynical, but this seems like the kind of thing they would have patented (not that it deserves a patent, just that they would have applied for one).
14
hackerboos 2 days ago 1 reply      
So who's going to submit the pull request to Bootstrap?
15
karl_nerd 2 days ago 0 replies      
This is some really good UI code. You're storing the state in a very clear way and do the geometry calculations in one place, making it easy to understand what's going on. Nice!
16
damoncali 2 days ago 0 replies      
How sad is it that the first thing I thought was, "I wonder if they're going to sue him."
17
beernutz 2 days ago 1 reply      
Thank you for the write-up on this! Like you, that has been a pet-peeve of mine as well.

I wonder if we can get a comment from Amazon or Nycto, on why the search box is not auto-focused though. This seems like such a natural thing to do, and saves your users a mouse move and click every time they come to the site.

18
Kiro 2 days ago 1 reply      
"See the delay? You need that, because otherwise when you try to move your mouse from the main menu to the submenu, the submenu will disappear out from under you like some sort of sick, unwinnable game of whack-a-mole."

How will a delay before displaying the submenu prevent that? If it would be a delay before it disappears I would understand but in the example it doesn't seem to have that.

19
neilk 2 days ago 1 reply      
Strange. I re-invented that technique for some drop-down menus years ago. I'm not sure if I observed it elsewhere.
20
bthomas 2 days ago 0 replies      
This is really fantastic behavior, but content - the actual list items they show - is much more important for user experience. Why should "Amazon Cloud Drive" be a "Department"?

In the wild, I suspect I would quickly glance at the top level items and decide that this menu isn't useful for me. If I were searching for something specific (presumably the main use case) I'd jump over to the search bar. If I were just browsing, I'd jump to one of the 100000 other random things to look at on the homepage.

Somewhat related: I wonder if they thought about varying the top level list items by user.

21
FiloSottile 2 days ago 0 replies      
An example of doing it wrong? The Facebook chat sidebar, on the right (when trying to access a friend's profile from the hover box).
22
trhaynes 2 days ago 0 replies      
Excellent presentation in this blog post. Perfect use for looped GIFs.
23
Encave 2 days ago 0 replies      
You can sort of do the same thing in just CSS by adding two small boxes as :after and :before pseudo elements.

See: http://i.imgur.com/aSnjEYx.png Not perfect, but pretty close.

Relevant SASS:

  $boxSize:30px

&:hover:after, &:hover:before
content: " "
display: block
position: absolute
top: 50%
right: -$boxSize
height: $boxSize
width: $boxSize
background-color: transparent
z-index: 1000

&:hover:before
right: auto
left: -$boxSize

24
Mahn 2 days ago 2 replies      
I don't get why is detecting the mouse direction necessary in the case of the Amazon dropdown; I can see the utility in the Bootstrap example that the article highlights, but if the dropdown menu and its submenus both fit in a perfect square, wouldn't it be enough to detect whether the cursor is inside of either the menu or the submenu to properly show/hide the dropdown and its submenus? What are the drawbacks of this method compared to detecting the mouse direction like the article suggests?
25
simias 2 days ago 1 reply      
That's quite clever. I've played with the amazon widget quite a bit and it seems to work as intended too.

Are there desktop widget toolkits that implement that behaviour? At a glance it seems GTK at least does not.

26
aleem 2 days ago 0 replies      
Awesome UX. I believe this implementation is called a v-buffer, though I can't find any references right now but I am fairly certain I read about it a decade back.

Apple used this technique for their menus early on while Microsoft took the alternate route of using a delay which was quite annoying. A lot of power users removed the delay via registry settings and it was surprising why Microsoft didn't adopt the v-buffer--might be patents related?

The problem with the delay is not only the delay itself but for wider menus the delay needs to be even longer. Then to account for novice users, you add in a little bit extra just for good measure.

One way to mitigate long delays is to make the parent menu taller so the user has a bigger margin of error while they move the mouse horizontally to the right.

However before hi-res displays became common, vertical real estate was far more limited. On the earlier windows machines where you often ended up having two columns of menus, this was even more annoying because trying to get to the second column of menus required moving your mouse right, through the first-column's submenus. In later version of Windows, Microsoft did away with two column menus and introduced a single column with scroll up/down to solve this issue,but introduced further delay when trying to get to menu items below the visible screen.

(edited for grammer)

27
Achshar 1 day ago 0 replies      
Is the triangle thing straight from amazon code? Because I think it would make more sense to track mouse movement and keep the submenu shown until the mouse is moving towards the submenu. Not in any specific triangle. If the mouse moves below, above or away form the submenu, the submenu changes.
28
hef19898 1 day ago 0 replies      
Small, almost trivial things like that are what distinguishes good from awesome! And great post! As alot of people already mentioned, you don't actually see difference, you just see that it's way better but you can't put your finger on it. Thats what great design is there for!
29
kymmx 1 day ago 0 replies      
A little bit more nerdy here.

What about the opposite direction, ie. moving from a sub-menu to its parent menu.

I see both Amazon and new Khan Academy menu shows instant opening of another submenu when my cursor moves over another parent menu item.

I think there needs to be some delay when your cursor stays on another menu item in case you go back to the original parent menu item.

30
ichirotherager 1 day ago 0 replies      
Amazon is often considered a lumbering giant, so it's great to see this type of innovation from them. We all know they spend lots of time on UX, but I had no idea they had teams thinking outside the box like this.
31
jongraehl 2 days ago 0 replies      
I don't remember when Microsoft started doing the triangular beam (to allow moving the mouse right slightly inaccurately) in Windows, but it was really annoying until they did. I think they had it in Windows 98.
32
tyw 2 days ago 2 replies      
I seem to recall this same technique being used in the pre-OS X era of the Mac OS. Not sure exactly how far back, but I'd say at least into System 8 if not System 7.
33
martinced 2 days ago 0 replies      
That such a trivial improvement gets a top vote on HN and needs a blog entry just shows how not very far at all we are when it comes to UI.

I do honestly believe that we're still in the stone age of UIs and that there's room for a gigantic number of improvements.

34
BuddhaSource 1 day ago 0 replies      
Somebody needs to nail sub menu ux in Mobile. I haven't seen anything that is impressive. Facebook menu is good.
35
buildnship 1 day ago 0 replies      
After reading this thread all day, i felt like i should try out the feature: was as perfect as the work and mathematics behind it, intended ;)
36
unreal37 2 days ago 0 replies      
Brilliant break down.
37
sylvainww 1 day ago 0 replies      
Kinda complicated on some parts for me, but neat! Thanks for sharing.
38
EGreg 2 days ago 0 replies      
I remember that this is how Mac menus worked vs Windows menus!
39
pouzy 2 days ago 0 replies      
That's where you understand that attention to detail is pretty darn important. Hats off for pointing this out sir.
40
sanderversluys 2 days ago 0 replies      
Wow! Am I stupid or what? Never heard or thought of this technique! Genius! Thanks! :p
41
TommyDANGerous 2 days ago 0 replies      
That is what is up! Thanks I am definitely using it.
42
marban 2 days ago 1 reply      
This is what separates boys from men.
43
chris092 2 days ago 0 replies      
Genius! Thanks!
44
marvwhere 2 days ago 0 replies      
hopefully my current customer, will not read this article :D
2
How I spend my first 5 minutes on a server plusbryan.com
924 points by plusbryan  5 days ago   341 comments top 52
1
robomartin 4 days ago 9 replies      
I went through the article and then read every single post on this thread. I am not a security expert so I won't even try to contribute except to say that I see a lot of people offering criticism without taking the extra step of explaining how they would go about hardening a fresh Linux install (or a pile-o-servers in a rack, whatever is applicable).

It'd sure be nice for those of us who are not security experts to read alternative approaches rather than, paraphrasing and not picking on anyone, "using a firewall is dumb" or "blocking ssh is pointless".

I like isolated ideas such as using a script to completely automate the provisioning of new boxes. Kind of a no-brainer if you ask me. The problem is that such recommendations are not followed by something like "Here's the script I use on Ubuntu 12.04 LTS".

How about it guys? Would you care to attempt to produce a canonical HN "How to harden your server" reference?

Maybe one of the security experts on HN can start a repository on Github to evolve a canonical script. I'm pretty much 100% Ubuntu 12.04 LTS, so it is my hope that this is one of the platforms that is addressed.

I did some looking around and this is what I found (I am in no position to evaluate the merits of any of these at anything beyond an intermediate level):

https://github.com/bluedragonz/server-shield

https://github.com/eglimi/linux_hardening

http://www.cyberciti.biz/tips/linux-security.html

http://ubuntuforums.org/showthread.php?t=1002167

http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lt...

http://www.andrewault.net/2010/05/17/securing-an-ubuntu-serv...

http://ubuntuforums.org/showthread.php?t=1919111

https://help.ubuntu.com/12.04/serverguide/security.html

http://www.sans.org/score/checklists/linuxchecklist.pdf

http://nvd.nist.gov/scap/content/stylesheet/scap-rhel5-docum...

http://blogs.csoonline.com/ubuntu_lts_vulnerability_scrub_ag...

http://ubuntuforums.org/showthread.php?t=510812

2
belorn 4 days ago 6 replies      
> No secure server is complete without a firewall.

Comments like those are why I normally point people to actual security expects (like, say, Schneier), and why I recommend that new admins should ignore as much as possible the practices chanted by the industry. A secure server does not need a firewall. A firewall can be used to secure a server against a specific threat, but that's it. The days of ping of death are behind us.

I would like to point out that following the article's guide and firewalling away ICMP, you can end up with a lot of trouble. (see http://serverfault.com/questions/84963/why-not-block-icmp). Some ICMP messages are not blocked by default by ufw, so I'm unsure how damaging ufw is when used like this.

At any rate, a Firewall is a block. A new fresh server install won't have ports that needs to be blocked. By putting up a firewall, there is nothing to be gained. Before the firewall, the ports are closed. After adding the firewall, the ports are closed. All that is gained is a hurdle the next time one wants to install something like a monitor tool (like Munin), or a new service.

It might be useful as a last line of defense against malware regarding outgoing traffic. I am normally against that kind of thing however (as focusing on the cause is better than the effect). At best, one can catch a spam malware, but any bot net, web server, ddos or other type of malware are untouched by the rules (port 80 and 443 is allowed). If the server has email sending configured so root message can be sent, then the spam malware can use that route and the firewall will just sit there.

So let's take a newly installed machine. What threats can be identified and what risks are we trying to mitigate with the help of this firewall (as specified by the article)? The only thing I can think of is either a Zero day TCP/IP stack vulnerability (not a realistic threat), or that the admin doesn't trust the other admins when they install new services. Yes, if an admin installs a new email server and enables relaying to the whole world against the explicit recommendation in bold font by the install wizard and the configuration file, a firewall can block that admins' actions. Then again, that same admin could just as well have disabled the firewall to "get the mail to work", so I'm not sure it's a viable defense against bad admins.

3
shizcakes 4 days ago 6 replies      
The premise of this thing is not good advice.

1) Your first couple minutes on a server should be used to install a configuration management client, if your bootstrap policies somehow don't already install one.

2) Everything else listed in this document should be configured by a configuration management system.

3) "User account sync tools" should have no place in a modern infrastructure, you should use your configuration management tool to (at the bare minimum) deploy /etc/passwd and /etc/sudoers across your infrastructure.

4) You should not use shared/role accounts. The "incremental cost" is paid back immediately when someone leaves your organization; having to update everyone of a changed password or having a password change have any negative impact at all should not be a thing your company does.

This stuff isn't hard. It's worth doing right.

4
thaumaturgy 4 days ago 2 replies      
A few gentle suggestions:

> The days of passwords are over. You'll enhance security and ease of use in one fell swoop by ditching those passwords and employing public key authentication for your user accounts.

ssh keys are better than passwords only because they contain (and require) more information. On the other hand, if your dev's machine is lost or stolen or compromised, so is your ssh key. This is especially a problem in environments with a shared account with full access, as you have. So, it's probably a good idea to make sure you're using a passphrase with your ssh key (during ssh-keygen), unless you need a passwordless login for a shell script or other automated remote system.

> passwd deploy: Set a complex password - you can either store it somewhere secure or make it something memorable to the team. This is the password you'll use to sudo.

Not necessarily. Anybody with access to the "deploy" account can use "passwd" to change its password to anything they like. (Edit: I'm wrong on this! passwd does require your current password; I've just gotten used to doing it for other accounts via sudo, which doesn't.) Changing the passwd on your own account doesn't require sudo. For this reason, I think it's better to simply give deploy nopasswd access to everything, and then delete and lock deploy's password to prevent it from being used at all (passwd -d -l deploy). You'll have effectively the same amount of security, but this way nobody will need to remember or retrieve a complex password, and you'll prevent, say, some accident in /etc/ssh/sshd_config from making deploy remotely accessible via a password.

You can do something better than this though, but it takes a little effort. Deployment is often the same steps over and over again (an rsync or an occasional apachectl graceful in my case). You can give the deploy user nopasswd access to only a shell script that's writable only by root; this way, deploy can still do 90% or more of their job without ever being given system administrator rights. You do have to be a little careful writing shell scripts though -- $* and "$@" still trip me up once in a while.

> Logwatch is a daemon that monitors your logs and emails them to you. This is useful for tracking and detecting intrusion.

This seems of dubious security value to me -- probably better as a generic sysadmin tool, so that you get annoyed by noisy logs and seek out and fix minor problems instead of ignoring them. Thing is, if someone does get access to your server, you pretty much can't trust it at all anymore. With services like Linode, you're really better off just launching a clean new instance, re-running your setup script (if you have one), and moving your data over.

I had to deal with the occasional intrusion in some pretty icky servers at an ISP once upon a time. We used rkhunter for a while, but I learned pretty quick that successful attacks against Linux servers are plenty enough sophisticated to alter all the basic tools that you would use to detect and remove the rootkit.

There is one caveat: I've been playing around with the idea of setting up rsyslogd to route syslog messages to mysql, and then using mysql replication to have an up-to-the-second offsite copy. I'd combine that with Snoopy (https://github.com/a2o/snoopy) or something similar. The point isn't to try to clean up an intrusion, it's to see how the intrusion happened so that I could close that hole. I haven't gotten around to setting this up yet, so I can't say anything terribly smart about it.

Finally: if you're going to have a problem with unauthorized access to your Linux or BSD server, it's probably going to be via one of its services, not via brute force ssh or anything similar. So, if you're concerned about this kind of stuff (and if you're being paid to be a sysadmin, you have to be), then you need to spend most of your attention making sure that your various services are set up correctly (apache/php/mysql/postfix/dovecot/spamassassin/etc. in my case).

5
networked 5 days ago 4 replies      
Beginner or not, you should probably use visudo [1] instead of

  vim /etc/sudoers

for the sanity checks that it provides, if nothing else. A botched edit of /etc/sudoers that locks you (along with every other user) out of administrative access is an unpleasant way to learn this.

[1] http://linux.die.net/man/8/visudo

6
josephkern 4 days ago 1 reply      
Firstly, a nice checklist. Easy actionable steps, repeatable, and pretty much most of what you need.

Secondly, you are about 4-5 hours away from learning puppet (or Chef) and making this checklist into actual code.

Thirdly, you now have a checklist of items that you can use in a job interview if you get the oppertunity to gain a new-hire or an intern.

Lastly, good on you for submitting this to a peer-review on HN. We can be a picky lot.

TL;DR Checklists are a good first step for building a proper config management system.

7
martinced 4 days ago 2 replies      
I honestly do not understand why you need a deploy account with sudo access.

I much prefer a deploy accound which DOES NOT have sudo access. I add firewall rules transparently redirecting 80/443 to non-privileged ports that the webapp is actually listening to. Hence no need to be root / sudo'ed for the deploy account.

You then could get a bit fancier and set the login shell for the deploy account to /bin/false or something fancy (like a fake honeypot shell) to add a bit of "defense in depth" in case someone exploiting a hole in your web server manages tries to drop down to a shell. You'd then use another account to do the (automated) deploy/start/stop/update/patch whatever.

I'd also say that during the first five minutes you should set the default firewalling rules to REJECT anything and then only whitelist what is actually allowed.

8
zrail 5 days ago 4 replies      
The first five minutes on any of my servers involve giving it a name, installing puppet and adding the server name to my central puppet config.

You seriously do this by hand for every server? That seems error prone and a huge waste of time when tools like puppet and chef exist.

9
beagle3 4 days ago 2 replies      
1. You should do "apt-get dist-upgrade" to get new kernel packages as well, otherwise you are stuck on an old kernel. (You might want that. I prefer updated kernel for the security, firefoxen, etc.). "apt-get upgrade" will only update existing packages - but the kernel updates require new packages to be installed.

2. If you're on ubuntu, root already has no password, and your initial setup user (whether it is called "deploy" or "kilroy") is in the sudoers file.

3. Other things I install in the "5 minutes with server" are: htop molly-guard screen git-core etckeeper

git-core because I prefer my etckeeper in git, but if you want it in bzr you don't need git-core. INSTALL AND CONFIGURE ETCKEEPER AS SOON AS YOU CAN, seriously. You need it. You'll thank me when you try to figure out when and how something in /etc got borked. (you need to edit /etc/etckeeper/etckeeper.conf if you use gif. You need to do "etckeeper init" and then "etckeeper commit" to establish the baseline)

molly-guard stops you from rebooting the wrong server

screen (or alternatively tmux) lets you keep your session open through ssh session disconnects (e.g. when moving from wifi to 3G, or between 3G towers that give you different external IP). The most useful way to use screen is "screen -xR" which also lets you share your session with someone else should you need to.

10
nhebb 4 days ago 2 replies      
Looking through the responses here, I'm hopeful that someone will launch a "Sysacademy" variant for system administration training. There are tutorials scattered around the web, but (at least for those of us who don't know where to look), there doesn't seem to be one place that puts in under one umbrella.
11
jackalope 4 days ago 0 replies      
Maybe this is considered a preinstallation step, but the very first thing to do is set the system time on the hardware, before you even boot the OS for the first time. Then the first step after booting is to confirm the time and reset it, if necessary. This is essential for accurate and usable logs, file times, version control timestamps, etc.

It's also a good idea to ensure that sshd has fresh keys that are unique to that machine. Hopefully, your images are installed without sshd keys, otherwise you'll have multiple servers with the exact same keys, which is considered bad practice. During initial configuration before deployment, you might want to remove the keys so that sshd will create fresh ones when it starts:

    rm -rf /etc/ssh/ssh_host_*

12
bcl 4 days ago 1 reply      
Don't forget:

  netstat -ntap | less
ps aux | less

Also check to see what's enabled to run at boot time via whatever your flavor uses.

Check for unusual daemons, ssh running on other ports (yes, the provider pre-loaded systems with a back-door ssh without disclosing it to us).

This is especially important when you are taking over admin on a server you didn't setup yourself. Other folks have weird ideas on how to admin things. Like webmin for example...

I also like epylog for finding unexpected stuff in the logs.

13
belorn 4 days ago 5 replies      
It saddens me each time I see a security best practice guide that suggest turning off ssh access for root. Its a very useful feature, and the security industry should focus on the security problems rather than removing features without thinking about the actually benefits of doing so.

Sysadmins with root access should be able to handle a random 8 character or longer password, and that number is large enough for a secure public accessible ssh. If your not a sysadmin or unable to remember a random password, try go with a passphrase like "correct horse battery staple". If you have too many machines and thus can't remember passwords, then use a master password locally with a bit larger password and store certs there.

To do some math to illustrate the security of a random 8 character long password, someone would need to fill a 100/100 line for several hundred years to get through them all. By that time you should have noticed the constantly full connection, and be happy you haven't died of old age yet even after your 200th birthday.

However, 8 character passwords are not the suggested length by security experts. They suggest using a 10 character long password, as that is also secure in the case that your password hash somehow got lost.

For the several servers that I have, I have been more worried about the logs from failed attempts than I have been of anyone guessing the password. Logs wears on the hard drive, so one might want to install fail2ban to lower the number of writes to it. It also decrease the noise level in the server room.

14
bnegreve 4 days ago 0 replies      
> vim /home/deploy/.ssh/authorized_keys
[and] Add the contents of the id_rsa.pub on your local machine and any other public keys that you want to have access to this server to this file.

Cool trick: use ssh-copy-id <server> from the client machine.

From the man page:

    ssh-copy-id - install your public key in a remote machine's authorized_keys

It is much easier than editing the remote .ssh/authorized_keys file since copying and pasting the key is error prone due to extra new lines typically added by the terminal emulator.

15
rdl 4 days ago 0 replies      
My big thing is making sure 1) the machine comes back up cleanly after a reboot and 2) is current on all patches 3) is running as little as possible.

Also a big fan of externally verifying what ports are open, and making sure the system is in monitoring, backup, config management systems. Config management is kind of optional if you have a small number of servers which don't duplicate configurations, though, and there's often no need to back up the OS, but any data should be backed up automatically.

16
ck2 4 days ago 1 reply      
Your first 5 seconds should probably be

  w
last
dmesg

17
jedberg 4 days ago 1 reply      
To prevent having to log into root via remote console, set up a second backup account with an ssh key and sudo access, and then put that key somewhere safe.

The chances of both that and the deploy user getting corrupted at the same time is unlikely.

18
petsos 5 days ago 2 replies      
I find it very bad practice to blindly pass -f to commands.

  chown deploy:deploy /home/deploy -Rf

19
armored_mammal 4 days ago 0 replies      
So I'll agree with many of the commentators that several of the practices suggested aren't 'ideal.' However, they are easy and possibly better than having no 'practice' at all.

Just as an example, the shared user account with unique SSH keys per user. Sure, it's obnoxious in some respects, but many of the criticisms I'm reading in the comments like "but they could reinstate their access with a cron job that re-adds their key when they leave" and such are silly - presumably those who are using the shared account are developers/sysadmins with sudo privileges. Regardless of whether they have a shared account they have privileges to do whatever they feel like to the systems in question. Hence I'd argue it's a fairly reasonable solution for the situation when you don't have the time/resources to configure something more complex and you have to trust all parties anyway.

I think there are two larger takeaways:

First - Managing multiple users across many servers and dev systems is not easy enough, particularly for smaller organizations, and only gets worse when you try to get more granular about who can do what.

Second - umm... no idea anymore. Forgot what was second. Automation is good?

20
shuzchen 5 days ago 1 reply      
I dunno about this guy but apt-get update/apt-get upgrade takes upwards of 15 minutes on new installs (as does yum upgrade on rhel-compatible systems). Kinda eats up into my first 5 minutes on a server.
21
itry 4 days ago 1 reply      
I use "adduser" instead of "useradd". Its more convinient as it does the remainings steps automatically for your. It comes with ubuntu by default. Any downsides?
22
jiggy2011 4 days ago 4 replies      
The guide recommends blocking SSH access to anything other than your own IP address. The problem is that my IP number sometimes changes at which point I end up locked out totally.

So to get around this you either have to allow SSH from anywhere or you have to use some remote KVM system. Most of the remote KVM systems seem to be based on Java applets which is not really something you want to enable on your system.

So what is the best way to get around this? Just open up SSH and be diligent about your SSH security? implement port knocking?

23
alan_cx 4 days ago 2 replies      
Imagine you are a fairly normal windows user or even sysadmin. Imagine you are considering Linux to replace some task that a windows server performs.

Now imagine the conclusion after reading this thread. As some one who can just about get something useful done in Linux, this thread makes me want to never use it again, it just looks too scary. Loads of disagreements which seems to have lots of dire consequences. OK, great discussion for deep geekery, but scary as hell for normals.

Now, when ever I see those annoying posts from smug Linux users who jump in every time a Win or Mac user highlights a problem, I now have this discussion to point to as to why Mac and Win users wont generally go near Linux.

Sorry chaps (and chapesses), I am on your side, Linux is a great thing, but this has to be the worst advert for Linux ever.

24
waverider 4 days ago 0 replies      
1. I don't think it's a good idea to use the same account by multiple people.

2. And you're not using a configuration management tool (like SaltStack, which is also a remote execution engine) this will give you:
- a central point to manage all your server
- predictable configuration on all servers with the same role
- a configuration documentation place (and even history if you git the confs)
- will make managing multiple users a breeze

3. Use VPN and private services on private IP.

25
ultimoo 5 days ago 0 replies      
Nice writeup. Although I prefer to automatically configure using Chef, I didn't know of fail2ban and logwatch -- I will definitely look into those.

Also, since this post is for beginners, you should mention about restarting the sshd over the lish tty and not over the ssh ptty.

26
npsimons 4 days ago 2 replies      
passwd

Change the root password to something long and complex.

And bam! Not even a full paragraph in and security fail. root login should be disabled completely, and all use of privileges should be through sudo. Debian sets this up for you automatically upon install if you supply an empty root password. Of course, disabling root is just the beginning (and the first user created needs to be locked down, as they are now essentially root).

27
twodayslate 4 days ago 2 replies      
Why install fail2ban and logwatch instead of csf?
28
KevinMS 4 days ago 2 replies      
I was wondering about this the other day, is

    PasswordAuthentication no

really that necessary if a strong password is used?

Honestly, being a private key screw-up away from never being able to log in again scares me a little.

29
philfreo 5 days ago 2 replies      
While I agree these practices seem pretty safe/standard, it's still enough manual work that many people will just skip half of it out of laziness for small projects.

Does anyone have good reusable Puppet (or bash scripts) published that they use on all new servers?

30
plainOldText 4 days ago 1 reply      
The first two things I prefer to do after I log in for the first time (on ubuntu):

  > ufw enable
> ufw default deny

This way, after I log in, I will not allow anyone else to connect to my machine (I've had instances when by the time I changed my root password "bad guys" had already tried to connect to my machine).

Of course after I do the server setup (which is usually a script that will change ssh ports, install packages, etc) I will allow other services in ufw.

31
dave1010uk 4 days ago 5 replies      
Couple of related questions:

1) Many people seem to be recommending Puppet / Chef. How many servers or installs do you need before this is a good ROI? (Over using odd bash scripts or cPanel/WHM)

2) Am I right in thinking kernel updates don't get applied until the server is rebooted? If so, how / when do you manage this?

32
anderiv 5 days ago 1 reply      
I like the KISS aspect of this, though for accountability purposes, I prefer each user to have their own account.

One correction for you: the sshd_config lines should have no "=" symbol.

33
matwizzle 4 days ago 1 reply      
I'd propose using OSSEC over logwatch & fail2ban. Ossec seems to be a bit of an obscure tool, but a thoroughly functional one at that. Logwatch gives a bit too much info at once to interpret properly, while OSSEC will only alert you when something is actually up.

Ossec provides (among some other things):

* Log file monitoring, with severity levels, occurence counting, time-based rules and auto-response. This means (for instance) you get to watch your auth.log for failed login attempts and after 10 failures fire a script to ban him, alert sysop by email or have hubot alert your sysops. Or whatever floats your boat.

* File integrity monitoring. Make sure noone's been mucking around with your files. It has real-time support (through inotify), but if you don't want use that, make sure you store the database it keeps off-server for forensics if need be. Pro-tip: FIM and auto-updates are a tad unnerving.

* It can watch command output. You can use that to make sure the `netstat -tnap` output doesn't change, for instance.

* For larger/more compliant instances, it has a client<->server setup available.

34
fsniper 4 days ago 1 reply      
I do not recommend unattended upgrades. Every upgrade without any exceptions have the possibility to destroy any working system or your applications. Test and deploy would be wiser.

By the way, what the heck developers do on production systems?

35
bluesmoon 4 days ago 0 replies      
We do something similar, though we have a script that sets up the box. We use linode as well, so the script deploys a new box with a complex root password and my id_dsa.pub file. It also sets up /etc/skel and the profile files so that useradd uses them later.

We don't use a single deploy user though, instead, each user with deploy perms is in the sudo group.

36
Matsta 4 days ago 0 replies      
https://github.com/Xeoncross/lowendscript

I just use this bash script when setting up a new VPS. It pretty much takes care of it all for you, plus it sets up a ngnix/mysql stack already optimised for law RAM machines.

Also sets up 3proxy which is handy for viewing Hulu/Netflix :)

37
magnetikonline 4 days ago 1 reply      
I wouldn't bother with fail2ban considering password based SSH logins are disabled (which is good).

Since the author is using ufw to control iptables, better to just use "ufw limit" rules for SSH port 22 to slow down the rate of any automated SSH bots trying to give your server a workout.

38
giulivo 4 days ago 0 replies      
I think you're doing it wrong.

Having a _shared_ account, with sudo privileges and a common password doesn't look smart.

Also, you're forcing devs to copy their public keys around.

I think you underestimate the benefits brought in by a centralized system, like LDAP, which would also allow you to manage the permissions with some more granularity

39
plasma 4 days ago 0 replies      
Is there a web app that I can just have control my servers from? I'd like to do puppet/chef, but I read that its not 100% working for Windows yet (I need to manage both) and it sounds overly complicated.
40
kbuck 4 days ago 3 replies      
Why install fail2ban? You already have SSH password auth disabled, and you only allow SSH connections from your office. Won't this just risk banning your own office if someone's SSH client is misconfigured?
41
sneak 4 days ago 0 replies      
This is terrible. Never let developers log into servers. The output from your devs are commits.
42
berlinbrown 4 days ago 2 replies      
It may seem like a waste of $20 a month if you aren't doing anything big with it.

But you can setup a linux virtual server on linode and go through all of those steps on your own. Also test out your setup.

http://library.linode.com/

43
niggler 4 days ago 0 replies      
How does UFW compare to the rhel firewall configuration utilities?
44
cbracco 3 days ago 0 replies      
This will get buried but I recently posted a line-by-line guide of my first time setting up a VPS server, maybe it will help someone! http://cbracco.me/vps/
45
outside1234 4 days ago 0 replies      
My take on all this is that you should spend 0 minutes on a server and be using a PaaS solution. There might be cases where you can't, but increasingly I can't find them.
46
itry 4 days ago 1 reply      
Is there a benefit of using ufw instead of iptables?
47
cdjk 5 days ago 3 replies      
I've never understood the point of fail2ban if you disable ssh password authentication. Yeah, it might eliminate some spam in the logs, but if you only allow key-based authentication that doesn't really matter.
48
berlinbrown 4 days ago 3 replies      
What do you about all of those chinese hackers hitting your sshd server.

I have 30 different ips and fail2ban doesn't seem to ban them.

49
snambi 4 days ago 0 replies      
This is very useful
50
serf 5 days ago 0 replies      
don't vim sudoers.
the days of the password are not over.
fail2ban is next to useless with key auth.
51
frostiebot 4 days ago 1 reply      
Kinda concerned about the usage of ufw with fail2ban without the mention that you have to do a little more work for fail2ban to actually work with ufw (otherwise fail2ban causes interesting issues/clobbers ufw's rules)
52
vahe 5 days ago 2 replies      
I also recommend changing the default SSH port.
3
Flat UI: Free Web User Interface Kit github.com
857 points by jamesbritt  4 days ago   189 comments top 68
1
danso 4 days ago 6 replies      
I love the work that was put into this and there are some elements that I think are done extremely well and stand on their own...but after seeing a page where everything is flat, I've totally joined the non-flat side of the debate, due to the confusion/ambiguity of the interface...the buttons were especially jarring for me.
2
haberman 4 days ago 4 replies      
While very pretty, these controls make me feel like an old person who is learning how to use a computer for the first time. I have no idea how anything will respond if I click on it. It's a bit unnerving, but helps me empathize with first-time computer users.
3
nhebb 4 days ago 1 reply      
If I saw the unchecked checkbox without a nearby checked one for comparison, I don't think I would know what it is. The solid fill strays a little too much from the paradigm.

Other than that, beautiful design.

4
cromwellian 3 days ago 3 replies      
Just as a joke, I'd like to see someone do a Skeu UI, the polar opposite, one with such ridiculous degrees of skeuomorphism, that you want to laugh. Maybe have it look like a WW2 era Navy Cockpit.
5
ericb 4 days ago 4 replies      
Am I the only one who doesn't love the whole flat trend? It seems like once the novelty wears off, it becomes bland more than anything else.
6
lukateake 4 days ago 3 replies      
FlatStrap -- http://littlesparkvt.com/flatstrap/

It's exactly what you think it is.

7
romaniv 3 days ago 0 replies      
Text boxes don't look like text boxes. Buttons don't look like buttons. Checked toggles might be easily confused with unchecked. Toggles also look like something you should drag, but do nothing unless you click them. Unchecked check-boxes look like oversized bullets from a bullet list.

Moreover, most controls are not semantic and simply stop working if you disable JavaScript. (And no, I don't care whether you consider this issue relevant or not. Users of text browsers, screen-readers, some mobile browsers and people with JS blockers will consider it relevant.)

Moreover #2, these controls don't blend in with text at all. They will distract users from actual website content.

8
TheBiv 4 days ago 5 replies      
I really love the flat design trend. Does anyone know of any good photoshop/illustrator tutorials that teach this new trend?
9
danem 4 days ago 2 replies      
I'm confused as to why people seem to think that only designs featuring large blocks of color and strong accents qualify as "flat UI". What is this 'style' a reaction to? Gradients? Drop shadows? What for? Does anyone really think that employing this aesthetic will free them from some perceived constraints imposed by current fashion? Does anyone think that the elimination of drop shadows will free the user to think about computing in more abstract, powerful terms?

Look around the web, and it is apparent that "flat ui" is already the standard. Indeed, I find it difficult to find many popular sites that makes heavy use of drop shadows and gradients to simulate light. Why is this single aesthetic now being heralded as the way forward while computing has been predominantly "flat" for most of its history?

I think people tend to forget that exercises in style ( such as this ) don't necessarily equate to design. The choices made in any given design must consider content and audience. Anything else becomes decoration, not design.

10
codefoe 4 days ago 3 replies      
I think it's a bit too raw - unpolished at places. The "Messages" menu item for example; the red notification circle with the count of unread messages is off in padding. Some icons are a bit fuzzy when they should be clear (http://dribbble.com/shots/492245-Idiot-Tip-2, if you don't follow me).

Why do people insist on creating a ton of bootstraps, straps or "Web UI Kits"? Let me rephrase the question, why do people want to make the web look the same? These days all I see is some site with Twitter Bootstrap on it and I'm pretty sure it's proven that it's really rare when someone bothers to use those UI kits or straps and make them their own, so in the end you don't help developers with those things, you make them more lazier.

http://xkcd.com/927/

11
Matsta 2 days ago 1 reply      
Ouch, someone just sent in a DMCA:

https://github.com/github/dmca/blob/master/2013-03-06-LayerV...

Now you can't download it, however the OP link still seems to work fine.

Is this a troll DMCA? I don't get it.

12
andrewmunsell 4 days ago 2 replies      
Very nice looking.

Bootstrap 3 is actually headed towards a flatter look (a little like this), so buttons and the nav-bar don't have gradients in the newest version of Bootstrap by default.

13
swalling 4 days ago 2 replies      
This is particularly interesting in the context of the widespread accusation that flat UIs tend to have worse discoverability (example: http://www.nngroup.com/articles/windows-8-disappointing-usab...). If you inspect the key navigational and menu elements, they did a pretty nice job making it visually obvious (with hover states, borders, shapes etc.) what kind of functionality those flat blobs of color offer. ;)
14
spc476 3 days ago 1 reply      
I decided to view it as a blind person might, but removing all styles ("View->Page Style->No Style") and it was interesting to see what was still a user interface (toggles were) and what wasn't (buttons weren't) and what was in between (tags).
15
dllthomas 3 days ago 0 replies      
"Free" is vague, but accurate. CC-BY-3.0 specifically, though I had to download the zip to find that out.
16
enqk 3 days ago 0 replies      
This usage of color only fails entirely for color blind people isn't it?

Minimalism is about making it as simple as possible, and not simpler. Texture is a way to add redundancy and even when not facing people with disabilities, in communication a level of redundancy/repetition is good

17
eridius 4 days ago 2 replies      
Very neat. Couple of nitpicks with the toggle controls though. The animation looks kind of weird here. Instead of sliding the visible "knob" from one end to the other, it animates the "knob" entirely away and brings in a second "knob" that represents the other state. This feels extremely bizarre to me. Also, double-clicking a toggle control selects part of the page.
18
dibbeke 3 days ago 1 reply      
Weirdly, nobody is complaining about the contrast. This might all seem crisp on a high-def screen in good lighting conditions, but try a cheap tablet or laptop and evaluate again. Elderly have tremendous problems reading the labels on the buttons. Try the firefox plugin https://addons.mozilla.org/en-us/firefox/addon/wcag-contrast... to evaluate the contrast.
19
ErikRogneby 3 days ago 0 replies      
No clear link to the normal github page was a bit frustrating.

https://github.com/designmodo/Flat-UI

20
kmfrk 3 days ago 0 replies      
This is what I think people call "clever" webdesign.

It looks good, but practically, it's not going to work very well for the reasons people in the comments have so elaborately laid out.

21
arrowgunz 4 days ago 1 reply      
Just beautiful. It looks so refreshing after getting used to Twitter Bootstrap. I love Bootstrap but it's everywhere on the internet now. This looks pretty refreshing and neat. Well done.
22
lightyrs 4 days ago 0 replies      
Agree with most of the usability comments here but have to give kudos for the color selection. They are phenomenal. I'd love to see a bootstrap theme implement these. Maybe I'll whip up the sass vars file later.
23
SmeelBe 4 days ago 0 replies      
OFFICIAL page is here guys - http://designmodo.com/flat-free/
24
showerst 4 days ago 0 replies      
Cool!

If you're thinking about buying one of the paid packs, I've purchased some of the earlier design elements kits from Designmodo and found them to be super high quality.

25
Keyneston 4 days ago 0 replies      
First somehow this broke my history so when I hit back I got to the same page.

Second and far more importantly your use of "Big Buck Bunny" is in violation of its copyright. While "Big Buck Bunny" is Creative Commons you either have to provide attribution or show the video in its entirety including its credits.

26
estavaro 4 days ago 0 replies      
Animations are fun. I recently created my first animated widget and it felt great. Going from "it works" to "it works and is animated" is a huge step. The animation really helps to tell the story of the switching in my widget. Think the animation of the Chrome tabs when you're switching them by dragging.
27
iconfinder 3 days ago 0 replies      
The icons are available here: http://www.iconfinder.com/search/?q=iconset%3Aflat-ui-free

The glyph are coming in a few :-)

28
seivan 3 days ago 0 replies      
Amazing. Too bad the site itself was not responsive, and nothing was put in there to adapt to a mobile display. All you saw was a white page. The scrolls are hidden on iOS, so you could scroll and/or zoom out to see the rest, but nothing is indicated that it's doable.
29
orangethirty 3 days ago 0 replies      
Don't put a buy now button if the product is not available. I tried buying it from 3 different links and was just greeted with a subscribe form. Also, raise your prices by 10 dollars.
30
ebbv 3 days ago 0 replies      
I've actually had a project in mind for a while now that this is perfect for. Cool beans.
31
pacomerh 3 days ago 0 replies      
I really like this kit. To me eye, it's very stylish and smooth. I feel like there are tons of "safe & technical" developers on HN, to the point where a UI has to be done by the "rules" for it to be acceptable.

Thanks for the kit it's awesome.

32
sgdesign 4 days ago 2 replies      
These are nice, but I wish they hadn't picked the exact same shade of green as Layer Vault ( https://layervault.com/ )…
33
instakill 3 days ago 0 replies      
Lots of pretty things but the pagination is definitely questionable.
34
geuis 4 days ago 0 replies      
Really nice. I get a very Soviet feel from it. Bright colors, round corners, very monumental.
35
Navarr 4 days ago 0 replies      
It's very beautiful, but as danso commented it's very jarring.

I appreciate it, but I'm afraid I don't personally like the look of it, I'd never use it myself.

36
vishal0123 1 day ago 0 replies      
37
9999 3 days ago 0 replies      
Crocodile is always the hero that I choose.
38
missenlinx 12 hours ago 0 replies      
hmmm seems this has been taken down for copyright issues.
39
jjsz 3 days ago 0 replies      
Hey guys, don't know if you read the comments of your social networks or hacker news first but I've sent an email to your info@ email regarding this post and also posted on your recent social networks' updates. Hoping to hear back from you. Again, thank you for putting this out! :-)
40
getdavidhiggins 3 days ago 0 replies      
Here's a great article that discusses the 'Metro', or 'Flat' design pattern that is now gracing the shores of many new up and coming projects and websites ' http://sachagreif.com/the-flat-sink/
41
mamcx 4 days ago 0 replies      
Nice yeah, but I think shadows for buttons will make it best. Also way make it with sass when bootstrap use less? That complicate retrofit it for older projects...
42
jamra 3 days ago 1 reply      
I am building a demo site with this just to test things out. I feel like a grid is missing from the demo. I would also like to see how he does the single color background like in the screenshot. I don't see a way I can recreate that given the toolset.
43
winkerVSbecks 4 days ago 0 replies      
Really beautiful design. However, I'm not really sure what this is trying to be. Is it a fork of Bootstrap or do they see themselves as a separate entity. Because if this is indeed a fork of Bootstrap I do have a few grievances:

- Why are there no fixed to top navbars?
- What about lists or stacked navs?
- I don't see any responsive behaviour
- It seems to be missing almost all of js from Bootstrap and doesn't have equivalent implementations in most cases.
- Hover based dropdown menu is a bit irritating, much rather have click based events. But that's a personal preference.

On the whole it's beautifully designed but it's missing so much in comparison to Bootstrap that it becomes useless for building apps.

Also, maybe mention Bootstrap somewhere on the page.

44
mixmastamyk 4 days ago 1 reply      
Re: maintainability... does this add to bootstrap, or do you use their modified copy of it?
45
obilgic 4 days ago 0 replies      
You should add a link of your github project.
46
mordorinc 3 days ago 0 replies      
I can't believe people even mention Josef Muller Brockmann to compare this UI kit with something like Minimalism. People at Designmodo are telling you to "...better to use different shades of provided colors than new." This is not a flat design guide, this is not minimalism. This is fashion trend. This is dogma.

And as designers we shouldn't be following trends so easily, so blindly. We have the knowledge to create interfaces that work. We don't need pre-baked buttons and colors.

Shame on us.

47
Edmond 4 days ago 0 replies      
Actually like it. I wont necessarily use it but as an option I am sure there are people out there who will find it a perfect fit for some use-cases.
48
rtexal 2 days ago 0 replies      
The challenge for flat UI is to create depth and I love the depth you gave to the vector icons
49
nvr219 4 days ago 0 replies      
I think this is beautiful. Thank you for creating it and sharing on github.
50
zen_boy 4 days ago 1 reply      
Where could non-designers learn how to use color swatches in custom designs?

The Flat UI's Color Swatches look delicious and I'd like to learn to use them.

51
jcomis 3 days ago 0 replies      
The icons, while nice, seem to have depth (shadows, etc). Is that still flat?
52
jenkinsj 3 days ago 0 replies      
Very Pretty. Reminds me of the Otl Aicher Munich Olympics icon and typography work.
53
pablosaurus 4 days ago 0 replies      
Resizing the window seems to screw with the positioning of the tooltops (Chrome, Windows 7).
54
shloime 4 days ago 0 replies      
Love the design. It's exactly what I need for a project I'm working on.
55
helloamar 4 days ago 0 replies      
Awesome, thanks for sharing!
56
thinxer 4 days ago 0 replies      
The color scheme of the icon makes me think of Dropbox...
57
marvwhere 3 days ago 0 replies      
just started with node yesterday, to bring on my new website, and i totally love FlatUIs, so thats a perfect css for me =) will use it today.
58
sxua 3 days ago 0 replies      
Am I the only one who see debian logo at footer?
59
littledot5566 4 days ago 0 replies      
The color swatches paired up very nicely!
60
BaconJuice 3 days ago 0 replies      
This is amazing, good job guys.
61
introspectif 3 days ago 0 replies      
it's not that bad. but I find the non-flat giant diamond icon rather ironic. :)
62
cullenmacdonald 4 days ago 0 replies      
so glad you guys finished this!
63
SmeelBe 4 days ago 0 replies      
Very nice!
64
toutouastro 3 days ago 0 replies      
that is really great :D
65
adamlj 4 days ago 0 replies      
Stunningly beautiful!
66
hkh 3 days ago 0 replies      
nice!
67
bwsewell 4 days ago 0 replies      
sehksy
68
JohnPlesher 4 days ago 1 reply      
Subscribed and waiting for release. Perfect UI kit, detailed design.

Waiting for responsive pro version.

5
We Found Our Son in the Subway opinionator.blogs.nytimes.com
821 points by mccolin  8 days ago   175 comments top 27
1
tptacek 8 days ago 4 replies      
Sound reasonable to me. That judge is probably a parent. I suspect most parents understand: if we waited to be "ready", nobody would ever be a parent. Conventional parents get months and months of notice. If they're like me, they're still nowhere close to "ready". It's terrifying. But you, and these guys, and everyone else just do what we've been doing for hundreds of thousands of years.
2
kirinan 8 days ago 1 reply      
Renews faith in humanity. This belongs on HN, because it really does point out the humanity that we all want to touch with our development. These are real people, with real issues, with real emotions, and each one of them may be a user of our products, using them to improve their lives, their sons lives, or whatever. Its very important to be able to empathize with people, and be able to know their stories, this is the only way to build great things that people love. You can say that this isn't "technical" or "business" related, it is however very related to human beings and ultimately these "humans" are your business, your source of profitability. If anything, more articles like these should be on HN.
3
jpdoctor 8 days ago 2 replies      
Good god this has nothing to do with HN.

Good god am I glad that it got to the front page so I read it.

4
5
knodi 8 days ago 0 replies      
My grand-father when he was a young 15 years old farmer found a lost kid on an Indian train. After search for his parents for years with no luck. He adopted the lost kid, at the age of 18 he became a father of a 7 year old. Today the little kid is a retried doctor that resides in New Jersey.
6
Geekette 8 days ago 7 replies      
Ugh. This yanked a couple of thug tears outta me.

And for those wondering what place this has on HN, I actually read HN for interesting, often-not-technically-related news.

7
twstws 8 days ago 4 replies      
This was hard for me to read. I spent four years waiting to adopt a child.Did almost a year of training and home visits, then waited. And waited. Why does it take so long? Because we selfishly insisted that we'd only take one ortwo children. The social workers were not subtle in letting us know that we were selfish to not want a sibling group of 4 or 5(?!) kids all at once. They made it absolutely clear that we could not expect to have a newborn, and a child under 8 was unlikely.

So to hear that, on a hunch, a judge can give a newborn to a couple that had expressed no previous interest in having kids, wtf. It's a nice story, and I'm glad that it worked out so well for everyone. But for me it really underlines how fucked up the system really is.

8
siscia 8 days ago 9 replies      
Love the story.

When we talk about gay marriage and adoption I always need to query a little more, especially about the kids.

What's about Kevin ? His life is "perfectly normal" (how stupid is this expression) ? He is happy ? Does he have problem with his sexuality ?

Do anybody have any experience to share ?
Please to be obvious, in neither way...

(Why this is on HN ? Well, because I believe that HN is one of the best community on the internet, it is normal that people want to share stories and ask opinion to other they respect/admire)

9
ck2 7 days ago 2 replies      
Lovely story but what kind of husband offers to adopt a child without even previously discussing it his wife?

Great relationship there. This story turned out well only because of her.

BTW this is why many cities now have a law there is no penalty to leave a newborn at a firestation, yet some cities still resist it.

10
RyanMcGreal 7 days ago 0 replies      
Well damn. Now I have to wipe these tears off my keyboard.
11
gruseom 8 days ago 0 replies      
Pretty hard not to find that touching.
12
ritchiea 8 days ago 0 replies      
Really heart warming. Also makes me wonder how they handled the financial challenges of raising a child as a young social worker and playwright couple in new york.
13
iaw 8 days ago 0 replies      
That is an amazing story.
14
bobwaycott 8 days ago 0 replies      
What an absolutely beautiful story.
15
muriithi 7 days ago 0 replies      
This would never have happened in Kenya where the Children's Act expressly forbids homosexuals from adopting. Sad.
16
mynameishere 8 days ago 0 replies      
Foundlings are actually fairly common. The only novelty here is that the adoptive individuals are nontraditional.
17
balabaster 8 days ago 0 replies      
Honestly if there was more of a proliferation of this kind of news instead of the constant barrage of negativity and fear that is pushed upon us through mainstream propaganda er... media channels then perhaps we wouldn't need the TSA with their hands up our butts feeling around for shit that isn't there... pun intended.
18
paulnechifor 7 days ago 0 replies      
I'm wondering how many upvoted because they found the article worthwhile versus upvoting because they noticed the author is not a women and that's what's expected. I say this because to me it looks like it's something that's off-topic judging by the guidelines.
19
stretchwithme 8 days ago 0 replies      
My theory is that one of the reasons nature makes gay people is so that there are extra parents.
21
Taylorious 8 days ago 0 replies      
Good story. Am I the only one who read the title as "We Found Our Son in Subway?" As in the restaurant.
22
lysium 7 days ago 0 replies      
Touching story!
23
conroe64 7 days ago 1 reply      
What a corny story
24
chris_mahan 8 days ago 0 replies      
Excellent!
25
mtinkerhess 8 days ago 13 replies      
Great story. Can someone explain why this belongs on HN?
26
Mz 8 days ago 1 reply      
I don't know why people would say this does not belong here. Social hacking gets so little respect.

Two thumbs up.

27
mrb 8 days ago 3 replies      
It seems to be a fictional story. The author is a playwright and a screenwriter. No last names are given (except the author), and the desire for anonymity is not explicitly stated.

I am surprised the NYT Editor did not ask the author to make it clear if it is a fictional or real story.

6
White House Response to “Make Unlocking Cell Phones Legal” whitehouse.gov
726 points by sinak  4 days ago   274 comments top 32
1
sinak 4 days ago 17 replies      
Hey guys, petition starter here. Just wanted to thank anyone who signed for their support. I just got off the phone with the White House and they're really enthusiastic about getting this fixed. We also discussed fixing Section 1201 of the DMCA permanently, and they've agreed to continue the conversation on that.

When I originally posted this to HN at http://news.ycombinator.com/item?id=5112020 there were a lot of very skeptical responses to the effect of "petitions don't have any effect". The optimist in me is glad they were wrong. The White House seem to be genuinely committed to helping push through a piece of legislation to fix this. If there's something about government that bugs you, it's worth trying to do something about it.

Also, we're launching a campaign to ask Congress to change Section 1201 of the DMCA, with backing from the EFF, Reddit and others.

Sign up at http://fixthedmca.org - should be launching the site tomorrow.

2
uvdiv 4 days ago 6 replies      
The White House answered an entirely different question from the one asked!

Emphasis mine:

* "And if you have paid for your mobile device, and aren't bound by a service agreement or other obligation, you should be able to use it on another network."

* "...neither criminal law nor technological locks should prevent consumers from switching carriers when they are no longer bound by a service agreement or other obligation."

The White House response doesn't support unlocking phones, only unlocking phones after contracts are expired. Which isn't at all what the petition complains about. They evaded it entirely.

No, it's lower than that. They're pretending to agree with the petition, in the tone of their writing; but when you read the fine print, they don't. It's fucking doublespeak.

3
JagMicker 4 days ago 8 replies      
For those TL;DR'ers out there, here's a summary:

The White House understands the petition and claims to agree. However, they aren't going to do anything about it other than wait for the "legislature" to address the issue.

You might as well petition the corporate owners of the major cell. carriers, as they are probably the only ones who will do anything about this.

4
gmisra 4 days ago 0 replies      
TL;DR:

1. The White House thinks this is a good idea, but it is not within their powers to implement change under the current law.

2. These rules (DMCA exceptions) fall under the Library of Congress, and the White House has recommended a review of said rules.

3. The LoC has also responded and agreed to re-review these exceptions: "We also agree with the administration that the question of locked cell phones has implications for telecommunications policy and that it would benefit from review and resolution in that context." [2]

4. In an amicus-like capacity, the FCC has also responded and commented on the current regulatory regime: "From a communications policy perspective, this raises serious competition and innovation concerns, and
for wireless consumers, it doesn't pass the common sense test. The FCC is examining this issue, looking
into whether the agency, wireless providers, or others should take action to preserve consumers' ability to
unlock their mobile phones." [3]

(end summary)

The Library of Congress could choose to reinstate the unlocking exception, which they at least purport to be reviewing. Or, the FCC could step in and claim regulatory oversight and create new regulations. Neither of those actions require direct congressional intervention, and both appear to have much higher visibility as a consequence of this petition.

----

[1] https://petitions.whitehouse.gov/petition/make-unlocking-cel...

[2] http://www.loc.gov/today/pr/2013/13-041.html

[3] http://transition.fcc.gov/Daily_Releases/Daily_Business/2013...

5
HarryHirsch 4 days ago 3 replies      
What's this fuss about petitions? Last time I checked, the form of government in the US was a republic, that is the offices of government are appointed by and derive their legitimacy from the people as a whole.

We as a people should not have to petition the White House to grow sense and pass sensible laws, in the way one petitions a monarch. This is the wrong way of combating the laws that come out of Congress thanks to lobbyist influence. It encourages the wrong mindset.

6
JamesCRR 4 days ago 4 replies      
As a Brit, I'm pretty stunned by the efficacy of the We The People Platform here. Good work democracy.
7
timtadh 4 days ago 0 replies      
my response to their response (sent via the "what did you think form")

I don't think you adequately addressed the larger issues raised by DMCA. Cell phones and tablet carrier locking is only one of the anti-consumer anti-user results of the law.

Not being able to install a different OS without illegal procedures such as "rooting" and "cracking" the device remain an outstanding issue for all ARM based devices. This limits competition and unfairly privledges the position of the device manufacturer over the user.

A device is a physical item. It is not rented it is sold. One should have full control over their own devices. Today, sadly, we (the people of the USA) are subject to an over-reaching law which prevents us from legally using our devices to their fullest potential.

As witnessed in the recent volatility of the tablet and smart phone market, commericial players come and go frequently. When they leave, they leave their customers stranded. With out a legal means to change the OS of their devices they are left with insecure outdated software which puts them, their employers and their family at risk.

Please consider expanding your approach to include a full range of consumer protections.

8
ibejoeb 4 days ago 0 replies      
"...neither criminal law nor technological locks should prevent consumers from switching carriers when they are no longer bound by a service agreement or other obligation."

Right. This is a solved problem. We have contracts for a reason: to establish and enforce obligations. Get rid of these ridiculous locks. Either that or harden them and get rid of contracts.

9
tunesmith 4 days ago 0 replies      
I agree with the skeptics that the petition was not a sufficient condition to affect change. However, I do not believe the petition starter ever claimed that the petition would be sufficient.

I also agree with the petition starter that the petition might prove to be a necessary condition to affect the change. It is too early to tell, but this is a good start.

I don't agree with anyone that claims that since a petition is not sufficient, it's a waste of time. That's just lazy fatalism.

Heck, even lobbyists start with conversations that don't go anywhere. The trick is what happens next, that might not have happened if not for the initial conversation.

The other day I downloaded a new programming framework and spent 30 minutes learning it, but it didn't turn into an award-winning website product. So clearly those 30 minutes were a waste of time I guess.

10
coffeemug 4 days ago 1 reply      
When I train our employees to respond to customer support issues, I always make sure that in every response they do as much as possible to "drive an issue to a close". Not every issue can be fixed, but at the very least we can give the user a clear understanding of a) precisely what the state of affairs is and why, b) whether or not we can fix it and why, c) if we can fix it, who's responsible for the fix and when it's likely to make it into mainline and d) if we can't fix it, what the workaround is.

We never ever just say "we agree with you". It's always "we agree with you, and here's how Bob is going to fix this by March". I know that the political machine is much more complicated then a startup of 12, but they don't even try. After having read the whole thing, I'm left with no more understanding of where things are going than I did before I read it.

11
stcredzero 4 days ago 0 replies      
The Obama administration isn't perfect. (What administration is?) However they do seem to understand society's generational lag in understanding technology. They understand that the generation in charge is out of touch and so will unknowingly perpetrate heinous rules interfering with the way the society of people in their 20's actually use and understand technology.

Then again, maybe it's just because Obama is a smartphone user. (Is he still using a Blackberry?)

12
knodi 4 days ago 0 replies      
So the white house is saying they're going to do nothing...
13
zaidf 4 days ago 0 replies      
All this is good, but what happens to the next guy who gets arrested for this and has his life wrecked?

Sometimes I think there should be a penalty against lawmakers for passing reckless laws which could be convincingly argued against in a few paragraphs, as is the case here.

14
rallison 4 days ago 5 replies      
This is a promising response, although one part is of (possibly unfounded) concern:

"And if you have paid for your mobile device, and aren't bound by a service agreement or other obligation, you should be able to use it on another network."

This makes it sound like unlocking a phone while you are still on contract would not be excepted.

15
jsilence 4 days ago 0 replies      
Cute how so many of you still believe you are living in a democracy.
16
Scramblejams 4 days ago 0 replies      
WH: This step is "important for ensuring we continue to have [a] vibrant, competitive wireless market"[1]

Vibrant, competitive wireless market? Coulda fooled me.

[1] https://petitions.whitehouse.gov/petition/make-unlocking-cel...

17
ericjeepn 4 days ago 1 reply      
On a different note... After reading the library of Congress response to the White House response here http://www.loc.gov/today/pr/2013/13-041.html I'm not sure what their actual response is.
18
logn 4 days ago 0 replies      
"We look forward to continuing to work with Congress, the wireless and mobile phone industries, and most importantly you"

Right, this should go well for us then.

19
dreamdu5t 4 days ago 0 replies      
I disagree. If you made an agreement not to unlock the phone as a condition of purchasing it, then people should honor their agreements!

Buy from a carrier that lets you unlock the phone. If that carrier does not exist, and there truly is a market demand for this, then start a cell phone carrier.

20
kirillzubovsky 4 days ago 1 reply      
It is sad how irrelevant "We the people" really is. It gives people an illusion that the government actually cares. The response to this petition is essentially "we agree with you and we will work towards ... {bullshit here}." I signed a few of the petitions to see what would happen, but I think I am going to stop now as it's just a waste of time; a trap, nicely put in place by the administration. The only way petitions would matter if they led to real actions, but it would be suicidal on the part of the government to try and intervene with telecom companies; wouldn't be very helpful for the next election, that's all. Oh... sigh.
21
Wonderdonkey 3 days ago 0 replies      
Read: Nothing will come of this. President Obama also said he would veto CISPA, close Guantanamo Bay, curb ICE, pull troops out of Iraq and Afghanistan, end indefinite detention, defend labor rights, stop hiring former lobbyists in the White House, end the practice of recess appointments, oppose FISA, and end the use of drones to assassinate terrorists, among many other blatant lies.
22
fakeer 3 days ago 0 replies      
Aah... Wish my country(India - the largest family owned 'democracy' on this planet) had something like this. Here we get arrested for posting things on Internet. Maybe starting such a petition would attract life imprisonment.

Congratulation Americans! Glad for you. Don't loose this freedom, don't let them take this away from you and wish us luck and support so that we can get/snatch it too. One day, maybe :-)

23
gesman 4 days ago 2 replies      
Why the *uck Librarian [of Congress or anything else] should be empowered to make the federal laws that can put people in jail?
Aren't librarians are supposed to manage books?
24
smackfu 4 days ago 2 replies      
Am I the only one surprised that the Library of Congress has rule-making abilities?
25
ctdonath 3 days ago 0 replies      
Isn't this the same White House that signed the law making unlocking cell phones illegal?
26
csense 4 days ago 1 reply      
This is the first White House petition I've ever seen that actually got a response that wasn't just some vapid equivocation.

I'm impressed.

27
argumentum 4 days ago 0 replies      
As the DMCA is a federal statute, what the White House should have said at the end, is, quite simply .. we will not be enforcing any related complaints. Unlock away.
28
Pro_bity 4 days ago 0 replies      
Aaaaaaaaaaaaand nothing really happened.
29
nraynaud 4 days ago 1 reply      
Off-topic, but how come they answer so quickly to this one, and not yet to the Aaron Swartz one ?
30
paulhauggis 4 days ago 1 reply      
Where were they when it passed? sleeping?
31
jurist 2 days ago 0 replies      
What a waste of the president's time.
32
danbmil99 3 days ago 0 replies      
weird, something from gov't that is intelligible and lucidly written.
8
Andrew Mason's statement about being fired as Groupon CEO jottit.com
626 points by robbiet480  8 days ago   186 comments top 39
1
sethbannon 8 days ago 12 replies      
Full text of his statement:

(This is for Groupon employees, but I'm posting it publicly since it will leak anyway)

People of Groupon,

After four and a half intense and wonderful years as CEO of Groupon, I've decided that I'd like to spend more time with my family. Just kidding " I was fired today. If you're wondering why… you haven't been paying attention. From controversial metrics in our S1 to our material weakness to two quarters of missing our own expectations and a stock price that's hovering around one quarter of our listing price, the events of the last year and a half speak for themselves. As CEO, I am accountable.

You are doing amazing things at Groupon, and you deserve the outside world to give you a second chance. I'm getting in the way of that. A fresh CEO earns you that chance. The board is aligned behind the strategy we've shared over the last few months, and I've never seen you working together more effectively as a global company " it's time to give Groupon a relief valve from the public noise.

For those who are concerned about me, please don't be " I love Groupon, and I'm terribly proud of what we've created. I'm OK with having failed at this part of the journey. If Groupon was Battletoads, it would be like I made it all the way to the Terra Tubes without dying on my first ever play through. I am so lucky to have had the opportunity to take the company this far with all of you. I'll now take some time to decompress (FYI I'm looking for a good fat camp to lose my Groupon 40, if anyone has a suggestion), and then maybe I'll figure out how to channel this experience into something productive.

If there's one piece of wisdom that this simple pilgrim would like to impart upon you: have the courage to start with the customer. My biggest regrets are the moments that I let a lack of data override my intuition on what's best for our customers. This leadership change gives you some breathing room to break bad habits and deliver sustainable customer happiness " don't waste the opportunity!

I will miss you terribly.

Love,

Andrew

2
sethbannon 8 days ago 3 replies      
I've had little respect for the way Mason ran Groupon, but I have immense respect for the way he's handling his dismissal.
3
kurtvarner 8 days ago 0 replies      
Here's a copy of his statement.

--

(This is for Groupon employees, but I'm posting it publicly since it will leak anyway)

People of Groupon,

After four and a half intense and wonderful years as CEO of Groupon, I've decided that I'd like to spend more time with my family. Just kidding " I was fired today. If you're wondering why… you haven't been paying attention. From controversial metrics in our S1 to our material weakness to two quarters of missing our own expectations and a stock price that's hovering around one quarter of our listing price, the events of the last year and a half speak for themselves. As CEO, I am accountable.

You are doing amazing things at Groupon, and you deserve the outside world to give you a second chance. I'm getting in the way of that. A fresh CEO earns you that chance. The board is aligned behind the strategy we've shared over the last few months, and I've never seen you working together more effectively as a global company " it's time to give Groupon a relief valve from the public noise.

For those who are concerned about me, please don't be " I love Groupon, and I'm terribly proud of what we've created. I'm OK with having failed at this part of the journey. If Groupon was Battletoads, it would be like I made it all the way to the Terra Tubes without dying on my first ever play through. I am so lucky to have had the opportunity to take the company this far with all of you. I'll now take some time to decompress (FYI I'm looking for a good fat camp to lose my Groupon 40, if anyone has a suggestion), and then maybe I'll figure out how to channel this experience into something productive.

If there's one piece of wisdom that this simple pilgrim would like to impart upon you: have the courage to start with the customer. My biggest regrets are the moments that I let a lack of data override my intuition on what's best for our customers. This leadership change gives you some breathing room to break bad habits and deliver sustainable customer happiness " don't waste the opportunity!

I will miss you terribly.

Love,

Andrew

4
jedwhite 8 days ago 0 replies      
"Nothing in his life
Became him like the leaving it."

King Duncan:
Is execution done on Cawdor? Are not
Those in commission yet return'd?

Malcolm:
My liege,
They are not yet come back. But I have spoke
With one that saw him die; who did report
That very frankly he confessed his treasons,
Implor'd your Highness' pardon, and set forth
A deep repentance. Nothing in his life
Became him like the leaving it.

Macbeth Act 1, scene 4, 1"8

5
NZ_Matt 8 days ago 0 replies      
Andrew Warner of Mixergy interviewed Andrew Mason in 2010 while Groupon was at its peak. I haven't had a chance to re-watch it yet but I imagine it'll be a very interesting watch given recent events.

Here's the video: http://blip.tv/mixergy/mixergy-groupon-andrew-mason-3852853

And transcript: http://mixergy.com/andrew-mason-groupon-interview/

6
choxi 8 days ago 0 replies      
I used to work at Groupon, and for all the shit it gets there are a lot of good people working on ambitious problems there and this letter is exemplary of the kind of character that inspired people to work there.

Best of luck to them as they try to turn things around.

7
goronbjorn 8 days ago 0 replies      
I saw Andrew Mason speak at Startup School in 2010; the headline of his talk was 'Polishing your turds and GETTING SUPER RICH.'

http://www.justin.tv/startupschool/b/272030648

8
sfink 7 days ago 1 reply      
Errrr... I'm not really getting the tenor of many of the comments here.

For one, look at what he isn't saying. But start with what we know.

He is being fired. That means he isn't leaving by choice, and most likely doesn't want to be leaving at all.

He is the CEO, and the CEO takes responsibility for the company's failures. Them's the rules of the game, for any leadership role. He is saying no more than that.

In particular, he never says he was wrong. He says he failed to continue being the successful CEO of this particular company. In fact, he somewhat obscurely implied that his intuition was right when what the company did turned out to be wrong. Why do you think the company did those things then? Did he tell it to, or did he lose the battle?

This letter was not written to us. It was written to the people at his company. People who are important to him. Which means it probably wasn't written for us either. The speculation that this is wholly a calculated move seem BS to me.

All that is just pointing out the known facts and suggesting likely deductions. More speculatively, I'd like to share my interpretation of the tone of the letter:

He's pissed. He's pissed but doesn't want to show it. He is staying well in control, writing a decent letter that puts something of himself into it but not too much, not enough to lose face or stir up conflict that could only harm the ones left behind. He's trying to bow out gracefully without capitulating, and I think he did a decent job of it. But this is no "wow, this guy is awesome, I bet he's learned some great lessons and I'd be stoked at the chance to work with him" letter. It's adequate, mainly admirable for hitting just the right level of adequacy when you know the guy probably wants to scream and rip someone or something's head off. He just got fired, dammit!

9
unreal37 8 days ago 0 replies      
I'm surprised that there's not more comment that they guy taking over, Eric Lefkofsky, is the "slimy one" that made Groupon such as sleazy IPO, not Mason, for cashing out $1BB+ pre-IPO.
10
rayiner 8 days ago 2 replies      
As a fellow Northwestern grad it disappointing to see him go, but as a lover of Chicago its probably for the best. I'd really love to see GroupOn succeed and help anchor a diversified tech presence in the city. We have some great startups, but you need big public companies in the same way a mall needs a Macys, Nordstrom, etc.
11
12
nhangen 8 days ago 0 replies      
How fitting for a man that built a predatory company to be ousted by predatory executives.
13
octatone2 8 days ago 2 replies      
Chrome throws a security error up for this site:

The site's security certificate is not trusted!
You attempted to reach www.jottit.com, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications.
You cannot proceed because the website operator has requested heightened security for this domain.

14
millerc 8 days ago 1 reply      
Dear Andrew,

One bad year and a couple missed objectives, and your boss fires you? Looks like you were dealing with somebody who doesn't invest in training his employees... you'll be much happier working for somebody else.

Love,

an observer

15
Cherian 8 days ago 1 reply      
My biggest regrets are the moments that I let a lack of data override my intuition on what's best for our customers.

Are there more insights in this? What do you think are the intuition decisions Groupon took (that's public) that probably wasn't against data?

It might seem obvious in retrospect, but as a startup founder I'd love to learn in context.

16
Volscio 8 days ago 0 replies      
Check out Andrew Mason's bio blurb at WSJ. Weird. http://topics.wsj.com/person/M/Andrew-Mason/6435
17
kamaal 7 days ago 0 replies      
This is classy, glorious and full of honor.

Me personally, I would love to fail like this someday.

The most big wins in my life have come after big failures. This guy is set for something big in life.

18
brunorsini 8 days ago 0 replies      
Battletoads is definitely one of the best platform games ever created, kudos for the reference. It's playable on online NES emulators such as http://www.playnes.net/play/107/Battletoads.html
19
photorized 8 days ago 1 reply      
Sorry, I am not buying this.

He knows what he is doing.

20
wilfra 8 days ago 1 reply      
Your app crashed from the traffic
21
redact207 8 days ago 1 reply      
The problem isn't the CEO, it's the business model.
22
michaelwolfe 8 days ago 0 replies      
Andrew took Groupon further than 99.99% of all startups will ever go, then went out with a funny, accountable, and humble goodbye note.

If you honestly embrace startup risk and failure, you simply cannot bash this guy.

23
dylangs1030 8 days ago 1 reply      
Heads up, as of this writing, the website is down. I think we accidentally slashdotted the page.

Anyone confirm it's not just me?

24
sk2code 8 days ago 3 replies      
Another Steve Jobs in the making. This has happened with Steve as he was fired after founding Apple.
25
kgosser 7 days ago 0 replies      
It's shocking to me how bad the HN community is getting when I check out of a comment thread every couple weeks or so.
26
joonix 7 days ago 0 replies      
I'm curious why he was "fired" rather than given the "opportunity to resign."
27
droithomme 7 days ago 0 replies      
That's a great letter.
28
beedogs 7 days ago 0 replies      
$25 IPO stock about to become an OTC stock.
29
mmuro 8 days ago 1 reply      
I was okay with this until the third paragraph.
30
camkego 7 days ago 1 reply      
Well done.

"I let a lack of data override my intuition on what's best for our customers."
Isn't it intuition that becomes the problem when faced with a lack of data?

31
sideproject 8 days ago 0 replies      
an honest post. I haven't really followed what's going on with Groupon or the whole daily deal space, but good on him for driving the whole world insane with the daily deal craze. Seriously, two years ago, finding daily deals online was EVERYWHERE - it's not easy to start something like that.

It's like... Gangnam style for startups!!!

32
donflamenco 8 days ago 0 replies      
Groupon has Jeff Holden, who was an extraordinary exec at Amazon in the earlier days.

He might be a good fit for CEO.

33
alxbrun 7 days ago 0 replies      
I don't like Mason, but I like this smart, classy, honest message. And he has a great sense of humour.
34
kvirani 7 days ago 0 replies      
This is a true testament to the difference between startup and cube culture.
35
skulquake 8 days ago 0 replies      
Overall Andrew has done a awesome job, from just being a guy with a great idea and taking it to be the fastest growing company in history while inventing a new space is quite remarkable. I think everyone on this board would have liked to hit a homerun like this after only a couple hits at the plate.
36
codeme 7 days ago 0 replies      
He has made his money. Enough to do another startup.
37
aaronbird 7 days ago 0 replies      
I love how candid he is in this letter. Good stuff.
38
redment 8 days ago 0 replies      
Does anyone know how many employees Groupon has?
39
just2n 7 days ago 1 reply      
Groupon fires an excellent CEO while Yahoo's new CEO is utterly impervious (for whatever reason) and is getting away with waging a holy war against engineers? What is going on?

Can I expect the laws of physics suddenly to invert tomorrow?

10
Hacker News Parody Thread bradconte.com
560 points by B-Con  3 days ago   187 comments top 59
1
simonsarris 3 days ago 6 replies      
Good god this was funny, right down to the usernames.

But now its time to be very HN about it.

> Rats, top comments will be impossible to beat.

Actually I think I have a solution to this, though its just guesswork.

I'm not particularly well known here (or anywhere), but either people actually like the words I say, or I simply have yet to make a complete ass out of myself. (I think one of these is more plausible, but who is to say.)

My average karma on HN is 20.59, which seems to be a lot. Specifically, on the Leaderboard[1] that puts me in fourth place among the HN big names for average karma (though I have nowhere near the total karma to appear there).

I've noticed that when I reply to a post, even if there's already 30 comments, my post usually ends up at the top. And it stays there, even if no one replies, and even if I don't get many or any upvotes for it, for a few hours sometimes.

Alas I don't know for certain, but my guess is that if you have a high average karma then your posts are automatically weighted higher, so you can inject your opinion into almost any topic at any time. This affords me the luxury of being a contradictory whine even if I come late to the party!

Can anyone confirm or deny my suspicion here?

[1] http://news.ycombinator.com/leaders

2
Xcelerate 3 days ago 12 replies      
I disagree with the author. This isn't exactly a parody thread. A parody is "an imitative work created to mock, comment on or trivialise an original work" [1]. For one thing, I would hardly call Hacker News comments "original work", and a simple creation like this hardly captures the full scope and breadth of comments on here.

Furthermore, I'm not really sure why this belongs on HN, because it's not very technical, and frankly, not very intellectually stimulating. People on here don't appreciate humor, so those who upvoted this should have known better. I've flagged the article.

Also, I've never even heard of Brad Conte.

[1] http://en.wikipedia.org/wiki/Parody

3
Cushman 3 days ago 4 replies      
The parody is funny. The comments here are hilarious. I fear I will never again be able to tell if an HN commenter is just jerking my chain, no matter how sincere they seem.
4
swanson 3 days ago 3 replies      
Black text on a grey background? How can anyone expect to read this? We don't all have retina displays and use OSX.

http://contrastrebellion.com/

5
ComputerGuru 3 days ago 1 reply      
At the risk of a) being wrong and b) breaking the 4th wall by not conforming to said stereotype, looks like both my username and my tendency to ramble just within the limits of OT have been parodied there.... Oh well, if that's actually the case, then I'm honored :)

EDIT: btw, hate my username and emailed PG to get it changed; he said it's not currently possible in the code. Wouldn't want him poking around the DB for me! Made my username back when HN first started as an anonymous account, but kept using it thereafter... CamelCase usernames suck!

6
vectorpush 3 days ago 4 replies      
The usernames made me chuckle, my favorite is "DefaultSearchIsWikipedia".

Also, you forgot at least one archetype: the enthusiastic rant from an oblivious hell-banned poster.

7
leeoniya 3 days ago 3 replies      
"Rats, top comments will be impossible to beat. I can probably piggy-back off a top comment, though, those comment threads aren't long yet..."

actually, this text in the reply box highlights a huge problem with threaded (and voted) discussions in general: there is little incentive to reply to any already-huge thread, even with valuable content.

i've been thinking of how to solve this issue for the past week and have some ideas, working on a prototype.

8
jjcm 3 days ago 2 replies      
I think a parody of something is one of the best ways to draw insight, and in my opinion I'm kinda happy that this is what the parody of HN is: links to wikipedia/cited sources, debates about whether or not an article was correct, nitpicks and views from different positions/experiences, and the off hand XKCD comic.

Probably much more civil than a parody of a slashdot/reddit/4chan post would be.

9
ot 3 days ago 1 reply      
Relevant XKCD: http://xkcd.com/386/
10
raganwald 3 days ago 0 replies      
Is the a kick starter for HN parodies as hardware? I would sponsor that.
11
minimaxir 3 days ago 0 replies      
I have a related question: what is HN's stance on parody?

I've seen many parodies posted to HN that have been flagged to hell because some don't notice that it's a parody. (excellent example: http://news.ycombinator.com/item?id=5126318) I also have my own parodies that I've stopped posting because they've met the same fate.

12
B-Con 3 days ago 2 replies      
OP here: Thanks for the positive response, HN. The comments here are hilarious. Way to embrace the spirit. :-)

Just in case it wasn't noticed by many, note that all the links on the page are mini-jokes as well. Replies, navigation, everything.

13
kyro 3 days ago 1 reply      
I wish Stripe would come to Denmark.
14
d0mine 3 days ago 0 replies      
As Russian poet said to describe his portrait:

  Себя как в зеркале я вижу,
Но это зеркало мне льстит.

A. Pushkin

Translation:

  I see myself as in a mirror 
But this mirror flatters me.

15
baak 3 days ago 0 replies      
"Who's the OP" was pretty funny. Honestly, the hacker-hero worship on HN gets a little ridiculous sometimes.
16
y0ghur7_xxx 3 days ago 0 replies      
I find it a bit creepy that I got all the jokes.
17
jacobwg 3 days ago 0 replies      
Nice - thanks for sharing!

There's surprising amount of hidden jokes in there too - feel free to read the OP's blog post [1] for many of the details (assuming you like spoilers)!

[1] http://bradconte.com/hacker-news-parody-thread.html

18
joshrotenberg 3 days ago 0 replies      
I read the first few responses but when I finally searched for "haskell" and nothing came up I got bored and moved on.
19
pixelcort 3 days ago 0 replies      
Forgot an "Edit: Why am I being downvoted?" comment.
20
ChuckMcM 3 days ago 0 replies      
I like how this article has 460 upvotes, is only 5 hrs old, and isn't in the top spot :-)

That said it reminds me of the 'every oscar winning movie' video on Youtube https://www.youtube.com/watch?v=rbhrz1-4hN4

21
nirvanatikku 3 days ago 2 replies      
A good laugh -- it's all in the details; and surprisingly plausible
22
Apocryphon 3 days ago 0 replies      
As a Node guy, does this really matter for 95% of the world?
23
joshaidan 3 days ago 0 replies      
I'm tempting to make a version of this that will take a URL and automatically generate comments that follow this model.
24
mdanger 3 days ago 0 replies      
Check where the reply links point to for some extra fun.
25
TallboyOne 3 days ago 1 reply      
I also like how the user "redditor" is highlighted in subtle green.
26
mindcrime 3 days ago 0 replies      
I wish we had more of this kind of content on HN.
27
duck 3 days ago 0 replies      
The one thing this is missing is someone using or accusing someone of a straw man:

http://www.hnsearch.com/search#request/all&q=straw&s...

28
rapind 3 days ago 2 replies      
I know this is off-topic, but does anyone know how he put this together?
29
michielvoo 3 days ago 1 reply      
Hands up if you felt the need to actually reply to some of the comments.
30
munchor 3 days ago 3 replies      
Is it possible to downvote people? Why can't I do that?
31
awestley 3 days ago 0 replies      
I disagree with the author. I know he's incredibly successful and right about pretty much everything he's ever said, but I've had some experience in this area and just finished reading through some of the archives and I think his focus is wrong. I'm going to ignore the technical issue and talk about the bigger picture and higher level things than what was said in the blog post. If the OP thinks that the process is most important, it's really about end results. But if he thinks it should be about the end results then he's an idiot for not thinking about the process. I'll weasel in a reference the startup I co-founded even though it's not directly relevant.
32
JoshTriplett 3 days ago 0 replies      
I love the snarky comments in the reply URLs, too; I missed them on the first pass.
33
ognyankulev 3 days ago 0 replies      
I've finally seen how downvotability looks like in HN UI :-)
34
madsushi 3 days ago 0 replies      
The URLs for the menu links at the top were spot-on.
35
hkmurakami 3 days ago 1 reply      
I'm always saddened when the "guru3" type post is found in the middle of the pack.
36
hcarvalhoalves 3 days ago 0 replies      
Golden that this thread reflects the OP exactly.
37
IgorPartola 3 days ago 0 replies      
As a Python guy, does this really matter for 95% of the world?
38
RivieraKid 3 days ago 0 replies      
Honestly, I find the culture of "top comment contradicts the OP" a bit weird and unauthentic in a sense.
39
MaysonL 3 days ago 0 replies      
The funniest thing about this parody (to me, at least) was that so many of the made up names were actual HN usernames...
40
pettazz 3 days ago 1 reply      
I have stuff to say about JIT.
41
deeqkah 3 days ago 0 replies      
The first thing i did when i opened your link knowing it was a parody was to check how many responses to the article there were. And there were too many. Way too many.

Comments on Hacker News more often than not go into the meta almost immediately, and constantly, so there's usually one comment with well over half of the op's responses nested under it. I use a userscript for HN for this exact reason.

It's upsetting, to be honest.

42
kickingvegas 3 days ago 0 replies      
Missing a comment on how much the commenter hates Unity.
43
3rd3 3 days ago 4 replies      
Nice article.
44
wam 3 days ago 0 replies      
This has nothing to do with parodies or hacker news threads. What's the point?
45
lignuist 3 days ago 0 replies      
Why is this on HN?
46
bobwise 3 days ago 0 replies      
Got distracted halfway through the thread, came back 10 minutes later, and read another 3 comments before I remembered it was a parody.
47
rayiner 3 days ago 0 replies      
The only funny part was the Randell Munroe cameo.
48
andersnolsen 2 days ago 0 replies      
The author couldn't be more wrong. Eating animals is always wrong. Would you eat your own dog? Or little brother? They are made of meat as well. I wouldn't eat my own dog and my little brother, well, if he was a gingerbread boy maybe.
49
TallboyOne 3 days ago 0 replies      
I love what happens when you search. Lol.
50
logn 3 days ago 0 replies      
I have no idea whether to take any comments here as serious or continuing the parody :)
51
hackinghabits 3 days ago 0 replies      
Someone just get me off from a -1 karma!
52
mikeevans 3 days ago 0 replies      
Even nailed the search, if you didn't catch that.
53
donohoe 3 days ago 0 replies      
Links are broken. Can't reply on any threads. DAY RUINED
54
DeepAndDark 3 days ago 0 replies      
"I hate to be the person to point out": The brain-washers offer to help explaining that only when you realize where you have gone wrong can you end the self-loathing you are now experiencing.
55
sampsonjs 3 days ago 0 replies      
This also needs "our slashdot clone of super geniuses is being ruined by comments such as this" pearl clutching from the admin.
56
spoiler 3 days ago 0 replies      
Where am I? Someone point me in the direction of Google.
57
skeletonjelly 3 days ago 1 reply      
pg is not top comment.
58
shokwave 3 days ago 0 replies      
The search function joke got me good.
59
azinman2 3 days ago 0 replies      
I don't get it and therefore it's bad.
11
Why was my email leaked? dropbox.com
503 points by chmars  8 days ago   257 comments top 41
1
inovica 8 days ago 7 replies      
Unfortunately I have seen their customer service go downhill recently. Not sure if they are having capacity problems or something. 2 weeks ago I signed up for a trial of Dropbox Teams and it said that after the trial I would be dropped back to my Pro account. I cancelled the trial as had made my mind up not to do it and it dropped me to a free account. Several emails to support, the account manager I'd been provided as part of the Teams setup and I still don't have my Pro account back and have had zero feedback from the. The only email I got was this one which is ridiculous:

Hi,

Thank you for your support request. Recently, we have been receiving a high volume of support requests and haven't been able to get back to you within a reasonable amount of time.

The volume of inquiries we receive on a daily basis prevents us from responding to all requests. Although requests from Pro and Teams users will be given priority assistance, we will do our best to get back to other inquiries when possible. If you are not a Pro or Teams user and you're looking to resolve your issue before we can respond, you may want to check out:

https://www.dropbox.com/help/

If you need to restore a large number of files and are unable to do so, please visit the following instructions to help us speed up the restoration for you:

http://db.tt/2QPImJ3g

If you are still experiencing problems, please reply to this message. We will try our best to get back to you, however we cannot guarantee a response. We're very sorry for the inconvenience.

Regards,
The Dropbox Support Team

2
markdown 8 days ago 3 replies      
While I can't speak for Dropbox and this specific case, we had angry customers like this two or three years ago.

Obviously we were very concerned, and spent days poring over server logs and trying to figure out where the breach was.

Turns out the service we used for newsletters (icontact) had been hacked. They never emailed to let us know. (They had a blog post up for a few days, then removed it, the slimy bastards!)

Since then we've used MailChimp, and had no problems.

3
chmars 8 days ago 3 replies      
Sean B.:

Hi there,

We've been looking into these spam reports and take them seriously. Back in July we reported that certain user email addresses had leaked and some users had received spam as a result. At this time, we have not seen anything to suggest this is a new issue, but remain vigilant given the recent wave of security incidents at other tech companies. If you've received spam to an email account you only use for Dropbox, please send the message (including full headers) to support-security@dropbox.com to help our ongoing investigation.

Separately, we want to apologize for some of the dismissive responses from our volunteer moderators - since they aren't employed by Dropbox, they don't have visibility into issues like this. We want you to know that we've taken these reports seriously and began our investigation immediately.

https://forums.dropbox.com/topic.php?id=97303&page=2#pos...

4
WestCoastJustin 8 days ago 1 reply      
Brutal customer service! Especially since a user is giving you a heads up about a possible breach and leakage of their personal information. I can fathom these types of replies if this was behind closed doors, but when you have an open forum like this, you are asking for trouble with snotty replies.

This forum should be a PR beacon for awesome customer support!

5
Mahn 8 days ago 3 replies      
I just checked the spam folder of a gmail account I used for dropbox. Throughout the years I'd ocasionally (maybe once every two months or so) check the spam folder merely out of curiosity, but it was practically always empty.

Perhaps this is just a huge coincidence but I see three spam emails sent today plus another two sent this week. Some of them have cc recipients which seem legit addresses of other people, but I can't identify them. I never used Zendesk by the way.

Edit: here are the senders, in case it helps: no-reply@adsl.hu, no-reply@velkommenhit.no, no-reply@wdl.fr, no-reply@tataidc.co.in, no-reply@variationfm.com. Though it looks like these addresses may have been spoofed... the sender name is "{%FROM_NAME%}" in all of them.

Edit 2: It turns out Groupon Germany (former citydeal.de), which I checked out once with the same address, is responsible from what I can gather (link in german, but everything matches, company has yet to say anything): http://hukd.mydealz.de/diverses/groupon-verkauft-kundendaten...

6
Khao 8 days ago 4 replies      
The way the moderators handled this was pretty damn bad. Two different users tell the moderator they use UNIQUE e-mail addresses for dropbox only, and they received spam roughly at the same time and yet the moderator answers by assuming the users are idiots.
7
jewel 8 days ago 4 replies      
I also give out a separate email address to every service I sign up for. So far geico, mint, and dyndns have lost or sold my email address. I haven't gotten any spam on my dropbox account, but I've only had an account since 2012-10-02.

I don't run any spam filtering, at all, and my email box is the catchall for my domain. These aren't just lucky guesses.

8
xer0x 8 days ago 4 replies      
Holy crap Dropbox's moderators make me want to terminate my account with them.
9
nathanb 8 days ago 2 replies      
Has anyone who created a Dropbox account AFTER July of 2012 noticed this spam increase?

If not, it may be that the compromised list of addresses from summer of last year has finally reached evil hands.

10
Havoc 8 days ago 0 replies      
Damn thats weak. Moderator "Andy Y." doesn't seem to grasp wth is going on at all and the rest of the moderators blatantly ignore ~5 people reporting unique email addresses being leaked.

So much for Dropbox...

11
lucb1e 8 days ago 0 replies      
Sean, who also posted in the forums on page two and apologised for the moderator's behavior, contacted me by e-mail to send him the spam e-mails that I received. It looks like they're taking it seriously now :) Needless to say, I provided all details that I have (connection log, full mail source).

For those who are curious, this is what I received:

Hi Luc,

My name is Sean, I work on the User Security team at Dropbox. We'd like to look into the issue you repoted on the forums. If possible can you forward the emails in question directly to me (xxxx@dropbox.com).

Thanks.
Sean

12
driverdan 8 days ago 1 reply      
I suspect this is a MUCH larger problem than people realize and not Dropbox's fault.

I've noticed in the past few months I've been getting spam to a lot of site specific emails I've used under my Gmail catch all. It's as if a spammer had access to all email addresses I've used for incoming mail. I've talked with friends and found some have had the same problem.

So where are spammers getting the email addresses we've received email from?

1. There's a vulnerability in Gmail / Google Contacts.

2. Some widely used app I've allowed to access my email has been hacked or has been selling email addresses.

3. An Android app that requires access to my email is compromised, either intentionally or unintentionally.

The least likely one I haven't mentioned is that many independent companies have sold my emails which I find very unlikely.

So what's causing this to happen?

14
lucb1e 8 days ago 1 reply      
Aha, that explains it! I've been contacting school about my e-mail address being spammed; I was certain I never publicly posted it. I used my school's e-mail address for the Dropbox Space Race a while ago.
15
robk 8 days ago 1 reply      
Just checked my spam folder and sure enough 5 spam emails to my unique dropbox address.
16
ph33r 8 days ago 1 reply      
Why do people continue to upload and trust their data to this company? I closed my Dropbox account back in 2011 when they had that 'bug' that made passwords for any account optional for four hours.

Since then they have had more security problems/breaches, and admitted to user info being stolen.

Today's news isn't anything concrete... but their moderators were jerks, which makes the company look bad whether they are employees or not.

17
DigitalSea 8 days ago 0 replies      
The part that made me laugh about all of this is the fact the moderators are saying that spammers most likely guessed all of the unique email addresses people are complaining have been spammed that are only used for Dropbox. That doesn't sound plausible at all, especially considering it's multiple people complaining of being spammed here.

Dropbox's customer service has really gone downhill, what happened?

18
kiwim 8 days ago 0 replies      
> Just the fact that you listed your emails says it all.

Wow, that moderator is really professional.

19
FuzzyDunlop 8 days ago 0 replies      
This makes me think about why I've been receiving spam at my professional email, which I tend to use quite sparingly.
20
gottagetmac 8 days ago 1 reply      
I was skeptical at first, but the rest of the evidence makes it look like it's not a coincidence.
21
Foomandoonian 8 days ago 0 replies      
Dropbox should rename mods 'Support Volunteers' or something, just so users know what kind of help they're getting.

I don't understand why the mods were so quick to defend DB, especially since they don't appear to have access to any privileged info. Dropbox has over 200 employees now and whatever precautions they take an occasional slip-up seems entirely possible.

22
adders 8 days ago 0 replies      
I use a catchall and give different email addresses to everyone. I've received 3 spam emails in the past month to my dropbox account, but they aren't the only ones with problems, for example the following are the number of spams for various sites:
* 2 emails Foursquare
* 6 emails Groupon
* 6 emails Rackspace
* 25+ emails Ticketmaster
* 50+ Absolute Radio (UK Radio station)

Absolute Radio was hacked, not sure about the others.

23
techpeace 8 days ago 0 replies      
They aren't letting me post to the forums, but I can also report receiving spam, but only on an address I formerly used with this account, not my latest address.
24
AbhishekBiswal 8 days ago 0 replies      
The Moderator thinks that the user who created that post and his supporters are idiots. How would someone get to know that a user has an email lala.dropbox@xyz.com, if the user hasn't used it anywhere else?

What happened to you Dropbox?

25
johngalt 8 days ago 1 reply      
Is that dropbox@domain.com email listed on any of your phone contacts? Ever had a virus on a machine that has sent or received an email from that account? How many people know that account exists? Only one of them needs to have a careless attitude about permissions.
26
lawnchair_larry 8 days ago 1 reply      
I have a unique email address for dropbox that has not received any spam. I created it a couple years ago but only used it once briefly.
27
codyko 8 days ago 0 replies      
That Chris guy should be fired. A laughable excuse for customer service.

EDIT: Looks like they're volunteers. But still.

28
hakaaaaak 7 days ago 0 replies      
Fortunately, GMail handles almost all of my spam, so this stuff is a non-event for me. But I don't like that they may have been a security breach. Thanks to whomever HN'd this so it would get attention.
29
tlrobinson 8 days ago 0 replies      
Why is Dropbox letting volunteer moderators represent them so poorly? Dropbox is a grown up company now, train and pay a couple people to moderate, or at least make it more clear they're volunteers not employees of the company.
30
uptown 8 days ago 0 replies      
What about a possible leak from a 3rd party? Did you, by chance, use Mailbox? Do third-party apps (1Password, etc.) that sync using Dropbox get access to your email address?
31
TorKlingberg 7 days ago 0 replies      
This post in the forum thread may be on to something:

"I also have a unique dropbox email address, it was compromised on 2/6, but I tracked it down to a friends system that was hacked. I had shared a dropbox folder with them, they got the email from my dropbox address. Virus on their system collected my dropbox email from their system."

32
pyvek 8 days ago 0 replies      
Everyone who received the spam should pastebin the emails along with the header and share them for comparison. If those spam messages are found to be similar then it can be pinpointed that they all have originated from the same person/group and it was no usual hit & miss technique by the spammers which the moderator is contemplating about.
33
alan_cx 8 days ago 2 replies      
I have to say, accusing Dropbox of leaking in the title of the thread, with out any actual basis, since it is possible that the user cocked up somewhere, is not the best way to get polite support. Yes the mods could have been a lot more professional, but I can see why their backs were up and why they would be defensive.

On the other hand, too often as a user I feel I have to walk on egg shells to avoid upsetting some over sensitive petal of a forum mod. One misunderstood word and you are banned for life, with no appeal what so ever.

All of which leads me to think there should be some third party arbitration for this sort of thing.

34
unreal37 8 days ago 2 replies      
This dropbox forum is exploding. Fascinating to watch.

As an aside, who knew so many people had "dropbox only" email accounts. One guy with 10 random letters/numbers he uses only for dropbox. Wow. Is this a thing?

35
deeqkah 8 days ago 0 replies      
You know, it's funny because i got a very clever Pay Pal phishing e-mail this morning, linking to a PHP script hosted on renault-astrakhan.ru

What's worse is that i sent invitations to dropbox time ago to people that i have to now contact and say "Please be aware of this phishing e-mail disguised as a Pay Pal e-mail."

+1 for an alternative service, to be honest. Dropbox is very well done, but this is a good reason to stop using their service if they can't secure their clients' information.

It would greatly benefit them if they found the root of the problem, and reported if it were indeed an issue with them or one of the clients for dropbox.

36
ddrager 8 days ago 2 replies      
What about the possibility that end-users' computers are breached?

- User/pass is saved in the 'Remembered password' area of browser (this is decodable by malware)
- Email is screen-scraped by malware
- Email is sniffed during login at a wifi hotspot (Password is encrypted, user/email may not be)
- 3rd party apps that are linked to your dropbox account

I'm not saying that this wasn't caused by the database breach, but there are a TON of reasons that this could have happened. Some on Dropbox, some on the end users.

Don't expect your email address to stay private. That's what passwords are for.

37
reader_1000 8 days ago 0 replies      
I checked my e-mail accout that I used for dropbox and There is a spam mail coming from ...@direct.nacha.org which is the same domain which one of the customer in forum received. So it seems they are right, this is not a random guess.
38
bshanks 8 days ago 0 replies      
Slightly off-topic, but what kind of forum software does Dropbox use? I like the clean look and the use of the blue background for the Dropbox employee.
39
trekkin 8 days ago 0 replies      
That's why client-side encryption is useful - even with the company (Dropbox) not leaking/selling their users' data on purpose, it is easy to inadvertently leak it.

Proper client-side encryption, while often not appropriate in critical environments, is useful to protect against this type of situations.

Disclosure: I run AES.io

40
weix 8 days ago 0 replies      
why? welcome to the cloud world!
41
dimadima 8 days ago 0 replies      
I'm all for busting some balls, especially if we're talking Dropbox. But shit like this happens all the time, and it's not like by busting some balls here we're going to improve the situation broadly speaking.

It's really absurd to expect that your information will actually be safeguarded by some entity that isn't you. As soon as you give any data to anyone, it's gone. You should pretty much assume it's public and get on with your life. Did ya'll catch that blog post up yesterday from the kid who deleted the USERS table at his job, because he was developing against a production database and running queries against it by hand? Experience has led me to believe that's the situation at like all things, everywhere, all the time. Ass clowns emailing around spreadsheets with user data; people getting malware installed on their Windows shit and entire infrastructure's data being compromised. It's a joke. Let's just always remember that while we're busting balls. But if you value your data, don't give it to anybody, ever.

12
The Coolest Experience I Had as an Apple Store Employee unretrofied.com
483 points by Gromble  7 days ago   158 comments top 30
1
pud 7 days ago 15 replies      
The kids knew sign language?

The kids went and bought stuff (incl laptops) at multiple stores?

And wasn't there a long line at Apple? How'd they make it to so many other stores?

The kids physically go to the store to buy school computers?

The kids are such good actors that they fooled the author & all other salespeople?

A teacher would actually allow kids to pretend that they're disabled?

No bulk discount or pre-arranged deal?

All other employees in the mall were mean to deaf kids?

Author doesn't remember which Apple product was debuting?

I hate to be "that guy" -- but this story is most likely fiction.

2
jballanc 7 days ago 1 reply      
The coolest experience I had as an Apple Store Employee was saving Christmas...no really, we literally saved Christmas. It was about 1:30 AM on Dec. 25th, and a man comes in to the store out of breath. He needs two iPod nanos. "My wife thought I was getting them, and I thought she was getting them..." he explained. Not a problem. We got the nanos, and sent him on his way.

That was fun...

3
joejohnson 7 days ago 1 reply      
That was a sweet story. Now let's turn to the comments and hear all of the cynical reasons I should be mad.
4
jurassic 7 days ago 4 replies      
Please don't do this. While this author seems to have enjoyed the experience, many retail workers have enough to do without being jerked around by those pretending to care about the experience of people with disabilities. It seems ridiculous to me that the teacher thought it was a good idea to lead these children in an extended "lie" in order to teach them about tolerance and empathy.

Once when I worked in bookstore a man came into the store and faked being deaf. My coworkers and I jumped through all kinds of hoops to accommodate him and spent a lot of time writing notes back and forth to help this customer find a particular type of book he said he was looking for. After half an hour of scribbled notes, fetching books from the stacks, and iterating towards what he was describing the man bust out laughing and declared "Hahaha! I'm not actually deaf!!" and walked out without buying anything.

I felt stupid and annoyed that he had wasted so much of our time. Not only did that man's behavior distract us from other legitimate customers, the experience left me feeling guarded about whether to accept people at face value. I never encountered any other customers with hearing disability while I was at that job, but I'm sure I would have had skepticism from this hoax experience in the back of my mind as I tried to help them.

You are not helping anyone by pretending to have a disability.

5
typpo 7 days ago 5 replies      
Perhaps the students were treated better at the Apple store because they were buying 15 macbooks. Surely they didn't spend that much money at all the other mall stores.
6
jyap 7 days ago 2 replies      
It's a nice story but the MSRP of that 160GB MacBook was $1,499.00. So the kids paid $22,485.

So it's comparing Apples with common everyday oranges. (Pun indended)

7
jmomo 6 days ago 1 reply      
Some time in 2007 I went to an Apple event in Scottsdale Arizona. I am a network engineer/system administrator, and my organization was about 50/50 Mac/Windows. We spend somewhere between $200-600K a year on Apple products for employees. I seem to remember that this was shortly before Apple killed off their XServe products, but I could be mistaken about the timing.

There was a break in the presentation, after which I decided I was going to bail. I took my phone, a Blackberry at the time, out of my pocket as I exited the door so that I could check if anything was going on at work.

As I took those first few steps outside, I accidentally dropped my phone.

It wasn't one of those gentle drops. In the process of trying to catch it before it hit the ground, I ended up pushing it with even greater velocity downwards. It hit the concrete pretty hard and a mix of phone, battery cover, and battery went skittering across the concrete walkway.

Three Apple Store employees were sitting outside, also on break. My phone had gone flying right past their feet.

"Oooh!" they said with a wince.

Then one of them said, "Don't worry everyone! It wasn't a IPhone!"

And they laughed.

And that was it. I picked up the parts of my phone, took at a look at the damage, put it back together, and walked away.

There was no offer of help or concern, but they thought it was pretty funny.

Fortunately, the phone survived pretty well off. There really wasn't anything more than minor scratches, despite how I had practically thrown the phone against the concrete.

Ironically, had it been an IPhone (or any modern touchscreen phone), it would have probably been destroyed. I ended up destroying the screen on my Nexus One a year or two later with a much less violent drop.

And, I'm afraid to say, most of my other experiences with Apple store employees here in Arizona has been pretty similar. We regularly have our helpdesk staff go in to pick up parts and do repair runs and I've had to call up our regular Apple rep and comment on bad attitudes, poor service, and outright rejection of service on in-warranty breakages for whatever reason-of-the-day they could make up.

The story linked to is important: You really can make a lasting impression on a customer that they will never forget, positive or negative.

I will never forget the way three Apple Store employees laughed at me as I dropped my phone.

8
thejsjunky 7 days ago 0 replies      
A little tangential to the story but a good thing to be aware of is that the barrier of communicating between deaf people and hearing people is not always that they simply can't hear the sounds you are making. Many deaf people (especially those who are born deaf) are illiterate or have low literacy in written language; so you can't expect to always be able to just pop out a pencil/paper and write back and forth normally as you would with a hearing friend while playing "the silent game".
9
PakG1 7 days ago 1 reply      
When I was a kid, there was a girl I knew who was deaf and mute. But we always had great fun talking with each other using pen and paper. I don't know why, but it was so much easier to talk with her than it was a lot of other kids. Obviously, some types of people are easier to talk with, but I think something actually switches on in my mind that makes it easier for me to communicate when I'm writing, rather than speaking.

http://ars.userfriendly.org/cartoons/?id=19991119

10
lizzard 7 days ago 0 replies      
What is heartwarming about this other than this person patting themself on the back for being a decent human being?

While it's nice when someone is reasonable and polite but it doesn't magically make up for the other 100 people who acted like I don't have the right to get on the bus.

11
CallingIit 7 days ago 7 replies      
Calling it. They went store to store buying Macbooks. Multiple sets of laptops just for a social experiement?
What kind of IT department would allow the KIDS to get the computers they need. And with no bulk discount, what school would allow that?
This happened in his dreams.
12
joeguilmette 6 days ago 0 replies      
I work as a skydiving instructors and had a similar experience. A group of deaf college age students came in to skydive and I was paired with one of them on a tandem skydive. Generally we have about five minutes to gear up and train our students when it is busy (as it was that day).

During a lull I wrote up a quick briefing of everything I would usually say and go over on my laptop. When it came time to jump I greeted the student, smiled and then had them read the text while I geared them up. Them I made a big show of pantomiming everything we'd be doing while we laughed and conversed on the laptop.

It was a lot of fun :)

13
davidedicillo 7 days ago 1 reply      
At the Apple Store in Santa Monica there's a deaf employee and he talks to you typing on an iPad. It was actually a pretty cool experience and I particularly appreciated it since both my dad's parents were deaf (but I do not know the sign language, they were extremely good at lips reading)
14
m_d 7 days ago 0 replies      
I had a similar experience while working at a big-box retailer in high school. You don't get to have many "feel-good" experiences in retail, but using MS Word to sell a deaf woman a computer was one of those rare occasions.
15
mistercow 7 days ago 1 reply      
That school really should have dealt with the Apple store directly. I'm guessing they would have gotten better than the standard educational discount that way.

Also, wow, please don't map "escape" to cause navigation on your website. That's super annoying.

16
cafard 7 days ago 1 reply      
Weird. I worked for a couple of department stores before I was 20, not as a sales clerk, but stocking shelves. I don't remember the sales staff as the sorts who would snub customers. Of course, I wasn't treating them as lab rats in a high school psych course.

I will also point out that retail sales staff get a lot more exposure to anyone and everyone than your average hacker does. One can become jaded and perhaps impatient fairly quickly. Should you? No, maybe not. But it's Friday, your feet hurt, and some kid is social engineering you. Do you feel as if you need that?

17
gyom 6 days ago 0 replies      
It seems to me like almost nobody in the comments on HN believes his story to be genuine. And yet, this guy updated his blog to add :

"Wow, I really didn't expect this story to blow up the way it has. I've never had anything voted up on Hacker News before, much less gain the top spot. I'm still not convinced it hasn't all been a fever-dream."

which just supports the hypothesis that he's just bullshitting everybody.

18
yarou 6 days ago 0 replies      
It seemed to me that this fellow felt the same way colonizers feel about natives of the lands they conquer. How noble of them to spare the natives any thought! They are clearly the better person than the average person that pays no attention.
19
charlieok 7 days ago 2 replies      
I'm surprised that a whole class of kids who were not deaf knew enough sign language to convince the author that they were deaf.
20
shellehs 6 days ago 0 replies      
At first, I thought why not take two colors, than make the kids who preferred black stood left and the others on right side. There should be many simple ways to deal with that situation quickly and easily. I

The story looks a little weird, even not true, like I don't quite remember which product had just released that morning,, is it true?

But at the end, I found I was misunderstood and also was touched.

21
jayzalowitz 7 days ago 0 replies      
The coolest experience I ever had at an apple store involved stephen colbert, steve corell, anne hathatway and one particularly dirty joke.

You clearly win.

22
meerita 7 days ago 0 replies      
I really enjoyed this story. So human. I experienced some of this in the past and acted the same.
23
NicoJuicy 6 days ago 0 replies      
So, the went on an experiment to the mall to check how employees responded to deaf people.

All the students received a MAC from the school.

The author doesn't have any comments on his blog.

It's fiction, this dude is lying like hell :-s

24
nikolakirev 6 days ago 0 replies      
While I was reading the story, I kept thinking that the kids will start using the "say" command in the Terminal to start talking. That would have been a great story.
25
vonskippy 7 days ago 0 replies      
So you got pawned by some warped social experiment - yeah, that sounds about right for the "best" that working at an apple store has to offer.
26
JacobIrwin 6 days ago 0 replies      
you should add commenting capability to the page.. how neat would it be if someone from the not-actually-deaf group were to share a self-confirming anecdote (and possibly, an update on how they're doing now)!
27
inaflashlaser 6 days ago 0 replies      
I would guess this (if true) was from 2008 on the release of the iPhone 3G - based on the fact that the Black MacBook was discontinued in October 2008 (per wikipedia). It could have been 2007 for the original iPhone, but the lines for the 3G were more prevalent.
28
darrenraj86 6 days ago 0 replies      
ok...if the story is true or not..I believe the message there trying to get across is more important. For example who questioning the whole deal must treat people as bad as the other stores treated the "deaf" kids...
29
JeremyMorgan 6 days ago 0 replies      
Not what I expected, and a really good read. Hope it's true.
30
swartz 7 days ago 1 reply      
Unique experience..
13
Heroku Fucking Console github.com
459 points by eik3_de  7 days ago   281 comments top 33
1
sneak 7 days ago 16 replies      
Nothing in computing is worse than software that knows exactly what you want it to do, then gives some shitdick excuse as to why it's not going to do it in an effort to get you to jump through meaningless hoops.
2
eik3_de 7 days ago 8 replies      
HN question: I submitted this story with the title "Heroku f.cking console" and the title was changed to "Heroku console".

Is the string "f.cking" considered unappropriate on HN? What about "f.,.ing" or "f'ing"?

Edit: replaced the asterisks with "." and "," for formatdoc

Edit: has been changed to "Heroku Fucking Console" at 19:02Z. I approve!

3
nswanberg 7 days ago 3 replies      
Swearing is like typing in all-caps or using an exclamation point. It's usually not necessary but when it fits it really fits. (Hedberg only swears a few times here but it sounds exactly right http://www.youtube.com/watch?v=Y5-46bj8b4w).

Used incorrectly swearing suggests someone who doesn't have much control over their emotions or vocabulary and lacks range of expression.

Yet this Heroku library, presumably created by someone who, stubbing their toe on that same problem over and over, is one big exclamation point all-caps rant, with all possible lines of code and input fields in Github (even the license!) filled with rage and satisfaction, and the nice thing is that the library ultimately fixes a problem and makes the solution available to all.

Separately, to anyone thinking this "unprofessional", take a look at Philip Greenspun's definition of a software professional: http://www.youtube.com/watch?v=JsPFdVrbGeE#t=41m20s incidentally, this entire lecture deserves to be bookmarked and watched).

Edit:
By the standards of Greenspun's definition the author of the library would be considered a consummate professional.

For those without time to watch, here is the link for the presentation he used (though he's an excellent speaker and the presentation adds much more):

http://philip.greenspun.com/ancient-history/professionalism-...

4
GhotiFish 7 days ago 2 replies      

    Provide a fucking help topic
210bbc9498 Browse code
tpope authored 16 hours ago

Initial fucking commit
a1b87e8b4b Browse code
tpope authored a day ago

I like how he has total commitment to his commits.

also. WTFPL!

5
xauronx 7 days ago 1 reply      
I don't use Heroku, so I have no use for this but I love this guy's enthusiasm.
6
egonschiele 6 days ago 0 replies      
Another example: finding help on hadoop:

    [vagrant@localhost conf]$ hadoop --help
Error: No command named `--help' was found. Perhaps you meant `hadoop -help'
[vagrant@localhost conf]$ hadoop -help
Error: No command named `-help' was found. Perhaps you meant `hadoop help'
[vagrant@localhost conf]$ hadoop help
Exception in thread "main" java.lang.NoClassDefFoundError: help
Caused by: java.lang.ClassNotFoundException: help
at java.net.URLClassLoader$1.run(URLClassLoader.java:217)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:205)
at java.lang.ClassLoader.loadClass(ClassLoader.java:321)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294)
at java.lang.ClassLoader.loadClass(ClassLoader.java:266)
Could not find the main class: help. Program will exit.

7
johnnyg 7 days ago 0 replies      
This has bugged me too. Thank you.

Also, watch your language young man!

8
dysoco 7 days ago 1 reply      
And guys... this is what happens when you use Vim too much.
9
RyanMcGreal 7 days ago 0 replies      
+1 for releasing it under the WTFPL.
10
dreamdu5t 7 days ago 0 replies      
I'm amazed people put up with this crap just to host a rails app.
11
sheraz 7 days ago 3 replies      
This lacks class regardless of how useful the software may be. And yes, it does matter.

What is with all the crass language that has become so pervasive in this industry in recent years?

Why the need to express yourself so poorly?

12
rahilsondhi 7 days ago 0 replies      
This plugin is hilarious but very unnecessary.

I solved this a long time ago with a simple `alias hrc-='heroku run console --remote'`. That way I can type in console `hrc- production` or `hrc- staging`

13
derleth 6 days ago 1 reply      
Is anyone else's page massively wider than it should be?

(Firefox 19.0, 32-bit build on x86_64 Linux.)

14
antipax 7 days ago 2 replies      
What? `heroku run bash` also works and is shorter.
15
auggierose 7 days ago 1 reply      
Programming, motherfucker!
16
christopheraden 7 days ago 0 replies      
Hah! Tim Pope is a pretty funny guy. His Vim plugins are fantastic as well (Pathogen and Surround are indispensable).
17
andymoe 7 days ago 0 replies      
You know this is one of those times where editing the title is not helpful! The title of the project is actually "Heroku Fucking Console." The edit makes me think it's pointing to something official and it's not!
18
endgame 7 days ago 1 reply      
There are a lot of people in this thread who are complaining that "$some_program won't Do What I Mean".

Sounds familiar: http://www.catb.org/jargon/html/D/DWIM.html

19
slajax 7 days ago 0 replies      
I love it when software is written out of hatred for other software that "f*cking sucks".
20
tomhallett 6 days ago 0 replies      
One non-obvious landmine with the heroku console, it attaches to a running web process. One day I had a typo in one of my console commands:

Post = Post.count
# instead of "post = Post.count"

Which re-assigned the Post class to a number. Then we started getting production airbrake errors where the Post class was now a FixNum, /facepalm.

It was an easy fix, just restart all of the servers, but I was very surprised to say the least.

Note: I believe this was with the Bamboo stack. I'm not sure if this is still true with the Cedar stack.

21
binarycrusader 6 days ago 0 replies      
You haven't used software until you've used it in anger.
22
mcnemesis 7 days ago 0 replies      
To hell with all yo other stale licensing- other than have none, the Fcking License included in this project just makes me want to frk this project!

The attitude is ill ;-)

23
scottbartell 6 days ago 0 replies      
Because things should just fucking work.
24
jbaudanza 7 days ago 0 replies      
I love this. I also miss how the bamboo console would let me enter a ruby command locally and then execute it remotely when I hit enter. I've been meaning to make a gem to replicate this behavior.
25
squid_ca 6 days ago 0 replies      
"This is a long distance call. You must dial a 'one' plus the ten-digit number to complete your call."
26
hiddenfeatures 7 days ago 0 replies      
The true meaning of "opinionated software"...
27
vampirechicken 7 days ago 0 replies      
Tim Pope has a potty mouth.
28
whbk 7 days ago 0 replies      
This. Is. Awesome. Had to be done.
29
skhamkar 7 days ago 0 replies      
Thank you!
30
Cigano 7 days ago 0 replies      
Nice one, dude. Congratulations!
31
dholowiski 7 days ago 0 replies      
Very mature.
32
huhsamovar 7 days ago 3 replies      
I would be interested in this if it weren't for the foul language. This speaks volumes about the author's attitude.

If you're annoyed with something, have they even tried bringing it up with Heroku's support team? If so, have they tried shipping this tool that doesn't make the maintainer look like an arrogant troglodite?

33
nacker 7 days ago 0 replies      
You can tongue punch my fart box, Heroku fucking console!
14
Establishing secure connection wellsfargo.com
451 points by eloisius  7 days ago   143 comments top 35
1
ben1040 7 days ago 6 replies      
This reminds me of something we had at my office about 15 years ago because people were complaining their workstations were slow. In reality, their workstations were just slow machines; standard issue box for most people was a 70MHz Sun SS-5.

So we wrote a perl script that printed out a bunch of platitudes like these, while printing out an ASCII "progress bar." It had some randomly determined sleep() calls in there to make it seem like it was doing something.

  Optimizing priority queues...
Recalculating scheduler lookup tables...
Terminating unused system processes...
Recovering memory leaks...
Flushing network buffers...

Then it'd randomly pick a number X and report to the user "System reports X% faster."

We called it "speed" and deployed it to the app server. Some folks started getting into the habit of running it every morning and swore by it.

2
MattRogish 7 days ago 11 replies      
This is one of those things that is done by people going "We need our customers to 'feel secure'". I get the rationale, but is there actually any data that suggests this gives that actual feeling? That users "feel" more secure? Or are more trusting of the site? Or is this just cargo-cult UX?

edit:
I've seen this on too many financial apps to think it's an isolated incident. It's clearly a "thing" in financial apps (TurboTax.com does it all the time; I see it on my Bank app, lots of mobile apps, etc.)

There's gotta be a reason, even if it's wrong.

3
seldo 7 days ago 2 replies      
This sort of fake-loader animated GIF is pretty common; it's just a slightly more advanced version of a spinner GIF. I don't think it's really that bad.

What would be bad is if this page would accept a parameter to redirect you to somewhere, but it appears it doesn't do that -- it just closes itself. Presumably this page appears in an overlay that then closes itself.

4
rgbrenner 7 days ago 1 reply      
this page doesn't actually do anything. It loads two animated gifs from Akamai (one for the text, and one for the bar), and then uses some javascript to close the window.

If I had to guess, there's a login page. When you submit your login, this page pops up and displays while the login is processed.

source:

  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>

<head>

<title>Loading....</title>

</head>

<body>

<p align="center">

<img src="https://a248.e.akamai.net/6/248/3583/000/wellsoffice.wellsfargo.com/ceoportal/DocumentumRepository/content/images/signon/messaging.gif" width="300" height="30" border="0" alt="Loading Status" /><br />

<img src="https://a248.e.akamai.net/6/248/3583/000/wellsoffice.wellsfargo.com/ceoportal/DocumentumRepository/content/images/signon/statusbar.gif" width="300" height="30" border="0" alt="Loading Status Bar" />

</p>

<script type="text/javascript">

var selfClose = function() {

self.close();

};

window.onload = function() {

setTimeout(selfClose, 10000);

};

window.onblur = function() {

selfClose();

};

</script>

</body>

</html>

5
tptacek 7 days ago 2 replies      
Exactly the security I'd expect from a "CEO Portal". :
6
jmandzik 7 days ago 2 replies      
Somewhere, deep within Wells Fargo HQ, there was a depressed developer in a windowless office that died a little inside when asked to make this.
7
aqme28 7 days ago 0 replies      
If you were going to inspect to see if it was actually doing anything, let me save you the trouble. It just plays these two gifs ontop of eachother.

https://a248.e.akamai.net/6/248/3583/000/wellsoffice.wellsfa...
https://a248.e.akamai.net/6/248/3583/000/wellsoffice.wellsfa...

8
mattdeboard 7 days ago 2 replies      
TurboTax has something that struck me today as similar (in spirit) to this, though TurboTax's is a skeuomorphic thing.

It's the "Save & Exit" button TurboTax has. I'm sure that they are saving all info as it is entered, but users of QuickBooks, Excel, etc., I'm sure are used to having to save their data manually then exit.

I think all the guffawing at this progress bar is a little overblown. If a question or concern comes up in user testing multiple times -- "How do I know my connection is secure?" -- then why not put something in there that makes the user feel safer? What's the problem with that? Sure maybe it's a little overblown graphically but, c'mon, when you're a bank you need your customers to feel secure, in addition to actually being secure.

9
joshwayne 7 days ago 0 replies      
I see a lot of comments condemning this feature and saying it's ridiculous. However, you have to understand that people outside of the tech industry have a very different mental model of how computers work than the rest of us.

One example of this is shown in a usability study by the Baymard Institute on top ecommerce checkout processes [1]. The goal of the study was to determine best practices for checkout usability by testing the top 15 ecommerce sites. One of the more fascinating finds they made was that during the checkout process, users perceived certain fields as being more secure than others. Even though the fields were all part of the same form and on the same page, users still believed fields with a little lock icon were more secure than the rest of the fields! It didn't matter if the entire page was encrypted. Users would abandon the checkout process because the credit card fields didn't "feel secure" compared to the rest of the page.

To most of us, this looks like a frivolous feature suggested by a "UX monkey" (as one commenter put it) but don't underestimate the power of making users feel safe. For all we know, this stupid gif could have cut support calls 20%.

[1] http://baymard.com/checkout-usability

10
ripberge 7 days ago 0 replies      
I use this tool everyday and it has always made me laugh. The security of the CEO portal is actually legit though. In order to do anything you must login with: company name, username & password. Once inside in order to do anything important you must use your pin number + a random number from a security dongle like this: http://en.wikipedia.org/wiki/Security_token

Then someone else from within your company must repeat a similar process to approve your action. So you always need at least two people within your company to perform any action.

Typically the CEO portal is used for wire transfers where security is pretty damn important--once the money is gone--its really, really gone.

11
jlarocco 7 days ago 1 reply      
That's kind of silly.

But as a Wells Fargo customer, I've never seen it while using their website, and I use the site to check my accounts and transfer money between accounts once or twice a week.

12
unsignedint 7 days ago 1 reply      
This reminds me of a story I heard about those ATMs. What I heard is that there are technologies out there that can make a machine to count/validate cash almost instantaneous while not sacrificing accuracy. But apparently, that makes some customers worry that their money is not being processed right, and thus, every time you deposit money to those ATMs, they make that grinding noise, appears to be doing something useful.
13
salman89 7 days ago 0 replies      
Likely is security theater, but in all fairness they might actually be doing all those things and wanted a UI element to let users know what is taking so long.
14
daigoba66 7 days ago 0 replies      
"reticulating splines"
15
ante_annum 7 days ago 2 replies      
So, it's actually possible to update a dynamically served gif to provide real progress updates. If that's what they were doing, I'd wonder why they did that rather than use js hooks.

But this is just a silly static image. What if the server takes longer than the image to load?

16
manaskarekar 7 days ago 0 replies      
Reminds me of this interesting reddit discussion:
http://www.reddit.com/r/AskReddit/comments/uc6qy/reddit_toda...

And the corresponding HN discussion that followed:

(Apple's iOS is "deceptively fast") http://news.ycombinator.com/item?id=4047032

In this case, we have security instead of speed. That's not to say it isn't secure anyway.

17
obilgic 7 days ago 1 reply      
It closes the tab when I click "inspect element". How does it detect that?
18
gesman 7 days ago 0 replies      
I envy consulting company that was tasked $100k to build such a "secure solution" :)
19
eclipticplane 6 days ago 0 replies      
We added progress bars and silly status messages to our 500 error pages in our web app. Things like a 15 second count down to "recalibrate" or "attempting automatic system correction". It, at minimum, stopped users from constantly clicking a button or link that was having server issues (and thus spamming our error queue). Instead, they'd wait the 15 seconds and then go try again.

If the issue was transient, like a dropped connection to the database or memcached or some obscure deadlock, the "automatic" fixes worked as expected from the user's perspective. We, of course, still got the full error report to diagnose the issue.

I even have a few gems in our user feedback system where the users outright praise the "automatic error fixer" and they wish every website/app had a tool like ours.

20
dumyCredentials 7 days ago 1 reply      
You can see this in action by trying to login using dummy credentials here: https://wellsoffice.wellsfargo.com/ceoportal/

:-)

21
phpnode 7 days ago 0 replies      
hfs - your account has been dead for > 200 days
22
JadeNB 6 days ago 0 replies      
The Mac OS X.4 PBE would display the estimated boot time on startup; I thought it was using sophisticated logic, but was later told that it just averaged the last, say, 10 boot times (which is probably at least as reliable). I seem to remember that you could even execute `/usr/bin/loginwindow` (or some such path) from the command line and watch it pretend to boot at any time. I forget when this 'feature' went"maybe as early as Leopard?"but it's not in Mountain Lion.
23
noblethrasher 6 days ago 0 replies      
Don Norman discusses why you would want to do something like that here http://businessofsoftware.org/video_09_dnorman.aspx (50:30).
24
arjn 7 days ago 0 replies      
Wow! I can't decide if this is hilarious or scandalous.
25
hy3lxs 7 days ago 0 replies      
"Locksmith gets less tips and more price complaints for being faster"

http://news.ycombinator.com/item?id=2007385
(807 days ago)

26
bmle 7 days ago 1 reply      
I used to work for a major online tax software provider. I won't name them but I'm sure you can guess. Not sure if it's still there but right after you log in, there are some redirects that take you to the app servers hosting the product and you get the same type of loading image though no secure connections were being established.
27
mikegirouard 5 days ago 0 replies      
As a fan of UX patterns I'm curious: what would this one be called?
28
bbq123 7 days ago 0 replies      
As a customer of Wells Fargo CEO Portal I no longer feel safe using it.

Fun aside this portal uses two factor authentication with RSA tokens (that were promptly replaced after RSA token vulnerability was found).

29
bestest 7 days ago 0 replies      
This felt uncanny. Like I was violated in some strangely wonderful peculiar way.
30
maxhe 6 days ago 0 replies      
I noticed something similar on TurboTax: https://turbotax.intuit.com/tto/alias/dncanimation
31
gfalcao 7 days ago 0 replies      
This is ridiculous
32
jseip 7 days ago 1 reply      
We need a progress bar!
~Brilliant MBA
33
DrewHintz 7 days ago 1 reply      
> ceoportal

Sounds about right.

34
adev 7 days ago 0 replies      
Been there done that. Software development is sometimes Social development as well.
35
borgchick 7 days ago 0 replies      
security theatre much? face palm
15
Ask HN: Webdevs, designers: what devtools should we (Mozilla) build in Firefox?
447 points by paulrouget  3 days ago   332 comments top 147
1
mbell 3 days ago 15 replies      
This is a big request:

Improve "design in the browser" capabilities. i.e. pushing CSS/HTML and maybe JS changes made in Dev Tools back to the source files without manual shenanigans in the middle.

I probably waste more time copying CSS / HTML tweak diffs from the browser back into the related source files than anything else with in browser dev tools. Due to the nature of 'losing changes' if I happen to hit refresh or if the page has some automatic polling mechanism I also tend to do this very often as some sort of manual 'save' action.

There have been a couple attempts to do this (http://www.cssupdater.com/ or https://code.google.com/p/backfire/). But, I'd really like to see a standardized protocol for pushing changes to the server such that server side frameworks can implement it appropriately.

For example a server side implementation for Rails needs to understand the asset pipeline to know how the final file was created so it can work its way back to the correct file to save changes to. This also means you probably need source map style support for LESS and SASS also. Also to change HTML template files the server side needs to know how the page was constructed so it can find the correct partial / template to save changes to. Which is probably really hard depending on how much state based conditional rendering there is in your templates, maybe the server side caches the last response and associated state to work around this.

2
JoeCortopassi 3 days ago 8 replies      
Honestly, the absolute best thing you could do for any dev, is lighten the footprint FF currently has on my ram, and continue to improve the api for add-ons/plugins. The more stable, extensible and fast FireFox is, the more useful I will find it for development. But if more kludge is added to it, and it continues to get slower/bigger, the less likely I am to continue to use it, regardless of what amazing plugins are available (FireBug, Web Developer Tool Bar, etc)

If you are just looking at what's best to add to the browser itself, just look at the plugin market to see what's in wide use.

3
grayrest 3 days ago 2 replies      
Webkit dev tools timeline in frame mode is bar none the most useful tool for tracking down performance issues. Looks like it's on your roadmap but it's far, far more useful in tracking down actual perf issues in large codebases than any other tool in any developer tools toolbox because it's cross-cutting and bottlenecks tend to be a combination of factors and the frame-sizing lets you find what's on the critical path when it's on the critical path. I use it 10 times for every one use of all other perf profiling tools (I consider network/pageload to be a different set of problems).

I don't see it on the roadmap but the firefox console is SO terrible at printing objects. In most apps I work on I'm shipping around 2kB+ JSON objects and the current console is absolutely worthless for these.

Related, but I think there's room for improvement in object printing in general. I find myself not really caring about most fields in an object but I'd like a couple fields printed inline before expansion. I like that the firebug console prints a few fields with the option to expand objects but would like to have control over which fields those are. FWIW, my preferred pretty printer is node's.

I find CSS errors/warnings to be absolutely useless in both the firefox dev tools and opera's. Pretty much any modern site is using vendor prefixes and the result is hundreds or thousands of errors which makes the console fall over.

Due to the above, I've been taking the approach of trying dev tools out again every time Aurora updates and then going back to using firebug and chromium after 15 minutes or so. I completely missed the jsterm addon despite following you on a couple channels. It looks reasonable so I'll be giving it a go today.

When you're doing your network cascade panel, please set it up to load HAR files. You can get HARs from a variety of sources but there isn't (yet) a convenient way to view them locally.

For the debugger, I don't know of an equivalent of webkit's source view cmd+o / cmd+shift+o, which are extremely useful. The cmd+p filtering is decent but most of the time I do actually know what file and function I'm looking for. I also use the reformat button and break on caught/uncaught exceptions on a regular basis. Actually, now that I think about it, I use every single function except for the editing functionality on the chromium sources panel at least once a week.

For the style editor, the side list of stylesheets isn't mousewheel scrollable on my machine (I'm on Aurora).

I find dock right to be the most useful attached view for chrome tools. Screens (and particularly laptop screens) are wider than they are tall and dock right takes advantage of that.

Edit: For a larger feature, I would very much like the ability to edit code when the browser hits an exception and then continue execution using the new code. I've only seen this in smalltalk demos so I assume it's difficult but being able to flip a variable to tweak an if statement when stepping through the debugger saves the effort of getting back into the correct state from pageload.

4
oneandoneis2 3 days ago 5 replies      
I have to be honest - I find the developer tools a pain: They aren't even close to replacing Firebug, yet they're more obtrusive. So I can't stop using Firebug, and I can't remove the unwanted built-in menu options.

So for me personally, what I'd really like to see is either one of:

- Match Firebug feature for feature

- Allow for the dev tools to be completely removed from the interface

Sorry, but it really does come down to those two: Whilst the Dev Tools can't replace Firebug, I won't use them. So either allow me to get rid of them, or allow me to switch 100% to them.

Sorry it's not more constructive, but I've no interest in having to juggle between two different debug tools because they both have awesome features. So I don't care what amazing new stuff you might be lining up, I won't use them until all of the functionality I use in Firebug is also available in FF's builtins.

5
thurn 3 days ago 3 replies      
How about exposing an API for dev tools similar to the "swank" protocol that Emacs uses for editing Lisp code? I know there are people doing stuff like this already, but it would obviously be a lot easier if there were a nice protocol for it (ideally standardized across browsers...). I want to be able to seamlessly interact with a running Firefox instance from my editor or IDE, sending it snippets of code to evaluate and seeing my page change in real-time.
6
waterside81 3 days ago 2 replies      
Hi Paul, how about when serving pages that are https, but contain mixed content, highlighting somewhere exactly what the offending requests are. Currently, I have to scan the network pane and see what's coming from the http:// domain, but it'd save me a few seconds if this was more automated.
7
sisk 3 days ago 4 replies      
Hey Paul. First off, thanks for reaching out to the community like this.

A few things:

Visualized event bindings. Would be awesome to have a visual indicator of event bindings right on the page. Color-coded bounding boxes drawn around elements with a label denoting the event type. Clicking on that box (or label in the case of an element with multiple bindings or nested elements with bindings) would direct you to the code that does the binding.

An aggregate repaint view. Chrome lets me view repaints but it clears after every one. If I have a method that is doing a lot of dom manipulation, I have to step through the code to view all of the repaints. Would be great to have the repaint bounding boxes drawn with a low opacity background so that I could see (and clear out) an aggregate view (with highly redrawn areas having higher opacity due to there being multiple layers).

An intelligent debugger that would automatically step over certain files (selectable per debugging session). I occasionally want to step into jQuery but less often than not. I know I can step over those methods but would be great if I could just keep stepping in without accidentally stepping into something when I don't want to.

I'll edit this as I think of more.

EDIT:

Breaking on navigation or on a particular request in order to manipulate headers. Breaking on the response from those requests for the same reason (plus manipulating the body).

The timeline and profiles sections in Chrome are under-utilized but infinitely useful. Anything close to those would be much appreciated.

Throw warnings for potentially orphaned event listeners. Granted, the number one offender recently introduced methods to address this (backbone's #stopListening) but it's still a easy mistake to make. This might bleed into too much hand-holding and open up a can of worms but just a thought.

Throw warnings for overloaded event listeners that fire a lot. Like the last suggestion, this may be heading in a direction you don't want to go in (educating the developer by means of the dev console) but, all too often, I find pages that overload, e.g., the scroll event. If there was some way to inform the developer of this potential problem, I think the web at large would greatly benefit. Perhaps this and the last suggestion would better reside in an auditing section?

8
modeless 3 days ago 1 reply      
My biggest annoyances with the dev tools right now are:

1. The debugger has no REPL. If you evaluate a statement in the console, it doesn't run in the current stack frame and has no access to locals, etc. The only way to execute a statement in the current stack frame is to add it as a "watch" and then delete it.

2. There's no way to get to the console from the debugger and vice versa. You have to activate them independently in two steps, which is annoying because I almost always want both of them. Also, they stack in a different order depending on the order they're activated, which is unnecessarily confusing.

3. There's no way to "pause on uncaught exceptions". It's either "pause on all thrown exceptions" or nothing. Also, the UI is buried in a menu. Exception breakpoints should be shown in the breakpoint pane like other breakpoints, and should be filterable by exception type and whether the exception is caught or not.

9
lobster_johnson 3 days ago 3 replies      
I believe all the current development tools do it wrong, and the right place for a tool is outside the browser, as a custom shell around the main browser component.

This is how I tend to work: I load up an app. I set up my credentials (by logging in or setting a particular cookie manually, for example). I debug using Firebug, mainly using the DOM view, the console and the JavaScript REPL. Then I might change my credentials to see the page as a different user, for example. I clear the cache now and then, and I clear my cookies often. I also change things like cookie preferences and turn JavaScript on/off to see how my app behaves. I also work on multiple projects concurrently, so I frequently need to switch, meaning yet again to clear the browser state.

In other words, I need the browser as a clean slate. I frequently need to throw its state away, and I rarely if ever run pages as "myself".

I'm a Chrome user, so for this reason I currently use Firefox as my dedicated debug browser. This means I can always throw away my browser state, and I can close Firefox when I'm done with work. Firefox is a resource hog on OS X, and will frequently sit consuming 5-10% CPU even when idle, so this is actually important. I almost never use Chrome for debugging, not just because its DOM view and console are both much worse than Firebug's, but because it's my browser. (Yes, I know that Chrome supports per-window profiles, but Chrome just isn't good enough for debugging.)

My ideal development tool would be a thin shell around a web browser component. It would be chock full of techy dev stuff, and it would not compromise the dev aspect in favour of user-friendliness; unlike today's browsers, everything could be provided natively by the tool instead of inserted awkwardly by "extensions". It would do away with user-facing features like browser extensions, fancy history and bookmarks. In other words, it would be a hard core, bare-bones development tool.

This tool would support "projects"; each project being is a browser window, and each browser window is logically compartmentalized, with its own cookie database, history, settings, etc., with the option to save certain things like cookies, so that I can "bake" current browser state and recall it later. The ideal solution would be for each window to be able to embed different browser engines; there is no particular technical reason why this should not work, although it would be a little more work to implement.

I actually started writing an app like this for OS X that embeds WebKit. It was surprisingly simple, and I got a decent DOM inspector view and style editor working, but then my mind wandered off to work on something else. I may pick this project up again at some point.

10
JohnBooty 3 days ago 1 reply      
It would be nice if there was a way (or ways) to ease the pain of debugging minimized CSS/JS files.

We've all been there, right? Uncaught exception on Line 2, Column 49,392 of /foo/jquery.min.js, right?

1. For well-known source files (like major jQuery releases, etc) perhaps the debugger could (optionally) switch to the unminimized version. This could be done via file hash comparisons based on a table stored on Mozilla's servers (oh, I see you're using jquery.min.js which has a hash of 498DE248A4B which corresponds to the unminimized file jquery-1.9.1.js on Google's CDN) or perhaps the debugger could just optionally substitute "foo.js" for "foo.min.js" if it exists on the server.

2. For cases when #1 fails, perhaps the debugger could at least pretty-format the source code so that it's not all on a single line of code 30,000 (or whatever) characters long, so that breakpoints could be set.

11
yesimahuman 3 days ago 1 reply      
I think I'm just used to the WebKit dev tools, but I find it requires more work to get to the Script tools, etc in Firefox than Chrome. For example, in FF I have to go to Tools -> Web Developer -> Debugger to get to the debugger. I can't just get there by doing "Inspect Element".

I'd like to see all the tools combined into one mode and allow me to pop it out into a new window. If I can do that right now, it's just not intuitive.

Also, it'd be great if FF pushed people away from Firebug, as I didn't know FF had built in tools and I was resorting to Firebug each time.

Just some thoughts. Great work!

12
EGreg 3 days ago 3 replies      
I'm glad you asked! This is a good time for me to bring up something I wrote two years ago:

http://news.ycombinator.com/item?id=2024164

I really wish browser makers would do this! Mozilla can lead the way.

I am going to post it here for ease of reference:

1) I propose a simple mechanism to guarantee that a resource located at a certain URL is always the same. Similar to how we have https:// blabla, and the user agent warns us if the server's certificate is not trusted, we should have httpc:// blabla to indicate constant resources. Sites all over the world can download resources from httpc:// urls and store hashes to them in various formats, and your user agent can trust one or more of these authorities. When downloading, it would compare the hashes against the ones downloaded from these authorities, and if there is even a small deviation, it would give you a warning just like https://

This must be done by the user agent. Right now we do have "cache control" headers, but I am talking about the server making a promise to the world that a page is really truly static, and user agents having the ability to verify that. This is different from server-controlled caching.

I can see this being used in app stores for the web (curating apps and various versions of apps, like Apple does) and also for secure logins. I would like someone to make guarantees that my password is not being sent in the clear to the server that I am connected to. Right now, the web forces us to trust a remote server completely, when interacting with a website. For example, when I enter a password, I have no assurance that the server won't misuse it. (See http://xkcd.com/792/)

This simple change would make possible a variety of applications that we haven't even thought of, besides these two.

2) The second proposal is to have iframes that are on top of everything else in the containing window, no matter what. That would enable 3rd party logins (such as OAuth) do be done in the iframe, without worrying about clickjacking. The javascript inside the iframe should have a way of checking whether the iframe is of this type. At most one such iframe can be shown in any given window.

This would lead to much more pleasant interfaces, and once again, the user would receive the extra protection. Of course, this means that Flash and other plugins would have to play nice with this. We could implement this rather easily with a browser extension that causes a borderless window to appear (like Flash does) above the actual browser window.

Thoughts?

13
drivingmenuts 3 days ago 2 replies      
I would say make Firefox as light and fast as possible by keeping ALL developer tools as addons. Most users aren't going to need them at all, so it's just eating up space for no reason.

I personally prefer Firebug over Inspector, so I would rather see you throw more resources into integrating it fully with FF.

14
huhtenberg 3 days ago 1 reply      
Paul, can you comment how Firebug fits into this?

I mean there is A LOT of people who routinely use Firebug. Heck, I am actually designing sites with it. So from my perspective the best thing moving forward would've been for Mozilla to adopt Firebug as a standard DevTool. Frankly, it pains me to see two almost identical tools being developed in parallel, while it would clearly benefit everyone much more if it were a single, unified effort, with freed up dev resources spent on something else.

15
soapdog 3 days ago 0 replies      
I would like a record/replay feature for AJAX requests or at least an interface where I could easily assemble a request as if it was sent from the current app.

A possible "exporter" for the changes you made on the current web page would help some people I know, specially with CSS stuff.

Some integration with MDN documentation would also be a boon, like right-clicking a function and seeing the docs. Like Lisp HyperSpec gizmo.

I don't think that the inclusion of dev tools is cluttering or bloating. We should always include them even if the final user never uses it. The potential for a free tweekable web is there. Lots of people start learning more about webmaking by trying stuff on web consoles.

PS: On saturday I will be a speaker on the largest Javascript event in Rio de Janeiro (http://riojs.org). I will be speaking about Firefox OS (I am a mozillian volunteer) and I will be showing all my stuff using the current devtools from the responsive design view to the web console, so BIG THANKS to @paulrouget and the team for making my life easier!

16
wcchandler 3 days ago 1 reply      
I'd greatly appreciate a performance monitor that is tab specific or even code specific. If you can dial down that one of my methods are using up 80% of my memory, please let me know. Or if the reason my page keeps crashing is because some knucklehead is still using flash poorly for ads, then I need to know that.

From that, if you can "label" sites or ad styles or script styles that are known to perform poorly, that would be amazing.

I find it difficult to edit code in place and see its change. It'd be nice if when I Right Click > Inspect Element; I can track the changes, and maybe even see side by side comparisons. Most of us have multiple monitors so screen real estate isn't an issue. Maybe even be able to let us launch a new window and edit the currently rendered page would be nice.

17
pessimism 3 days ago 0 replies      
I tried searching, but I couldn't find a single thing about accessibility on this page.

As someone who does not rely on accessibility tools, I have a lot of problems writing and debugging accessibility-compatible services, though I do try. I have a blog and a project that I am trying to make aide the experience for people with accessibility tools, but I still have no idea how it “renders” on their end. Nor do I know if I make a typo or write something that would not get validated by a test suite.

Here are some of the measures I include that Firefox does not appear to assist with:

    1. rel="next" and rel="prev"

It is actually incredibly sad that only Opera supports this"from what I can tell. Even Google seems to screw up the "next" and "prev" articles in search results for my blog.

On a personal note, being able to browse through a catalogue of blog posts, forum posts, etc. with just my Space bar, as Opera allows you, is amazing and something I am surprised others haven't copied.

If you want to try it, you can check out my blog linked in my profile on Opera; you can use it either from the pages with several posts displayed or on individual permapages. This kind of navigation creates an entirely new experience, and in some cases it also defeats a lot of tedium, such as when I am reading through fifty pages of forum posts"especially if it is a high-activity thread for, say, a live event where I have to keep up with new posts.

    2. WAI-ARIA

In other words, the `role` attribute.

    3. .link-skip 

How, if at all, does my HTML/CSS actually work on accessibility software? Maybe my implementation is a completely rotten experience, but I wouldn't know.

    4. Testing for colours

Be it colour-blind people or people with poor vision. One functionality could be contrast inspection where a font `color` is compared to the colour of its background. Since you already have the requisite tools for modelling element-layering, this should be fairly trivial to automate as a test.

Another functionality could flip the colour scheme to show what the site would look like with different types of colour-blindness.

There is much more to be done in accessibility, but I don't really feel anything has changed in web-base accessibility in the last five or maybe ten years. I guess I wouldn't know, because the tools available aren't that great at the moment.

    5. Noscript testing

+++++

I really love the continuous integration that Travis CI provides (when I can get it to work, which isn't right now). I would love to be able to automate this process to the extent possible.

Perhaps I could provide some kind of testing recipe that is either automated or provides the tools I need for a certain task"and only those tools"so I have, say, an accessibility-specific testing environment.

18
Mahn 3 days ago 1 reply      
Excellent initiative! I'd personally kill for a tool akin of Chrome's timeline, where to debug performance issues not related to javascript, like rendering e.g. things that trigger a complete screen redraw and whatnot. I'd really like to see this happen because at the moment if an app is super snappy on Chrome but slow on Firefox and javascript is not the culprit, I'm left basically to guess how to improve the performance.
19
paddy_m 3 days ago 1 reply      
Add better support for keyboard shortcuts. I use firefox every day and I still prefer it to chrome because it has better keyboard shortcuts, but they could be better still.

1. I can't disable Ctrl-P/Cmd-P that maps to print screen. I use emacs and this conflicts with many shortcuts that I am used to using. The print dialog takes a full second to display. I haven't had a printer in 8 years.

2. Firefox gives webpages more extensive key capture capability then chrome. Some pages take away the ability to press Ctrl-L to get to the firebug console, this requires me to use a mouse. It's slow.

3. I don't know how to setup a key mapping to change the zoom style.

20
mixedbit 3 days ago 1 reply      
Would it be possible to make JS lint available in Firebug? Preferably in such a way that all scripts included from a currently opened site are automatically linted?

At the moment I go to www.jslint.com to lint scripts, which is such a PITA.

21
nathanstitt 3 days ago 1 reply      
Embed mozrepl https://github.com/bard/mozrepl/wiki or something simular. I'd like network based access (restricted to a socket or localhost by default) to the innards of the browser. Mozrepl works, but has proven fragile. I've had to make several updates to keep it working with the latest Firefox nightlies.

I've currently got mozrepl hooked to emacs so when I save a js, coffeescript, or css/scss file it live updates the page. This makes development so much quicker. I know there's several other methods of achieving this, but to be clear I'm not talking about reloading the page, I'm talking about updating the backbone model of type Foo to have a new definition when I save model/Foo.coffee.

I can also see this being useful for acceptance testing. I'd imagine that the Selenium project would also be interested.

22
pstadler 3 days ago 0 replies      
The main reason I'm still using Firefox as my main browser is Firebug, which is still better than the competition. Unfortunately it's a memory hog and dramatically slows down the whole browser. So my vote goes to performance improvements for Firebug.
23
postfuturist 3 days ago 0 replies      
Cookie handling needs to be visible, not just for devs, but normal users. Maybe a little bar that shows that first party and 3rd party domains are offering cookies and users can allow them as needed or set defaults they are happy with (like having to white-list third-party cookies on an as-needed basis instead of allowing everyone to track you by default). Not only would these cookie controls allow for easier development, but they would make it obvious that sending cookies back to a site is something that the browser (as an agent for the user) is doing voluntarily on behalf of the user, so we can do away with "cookie laws". The fact that cookie laws exist is related to the fact that nobody understands that accepting/using cookies is perfectly voluntary. Nobody knows this because cookies management is insanely obscure and difficult in all browsers Firefox inclusive.
24
d0m 3 days ago 2 replies      
Thanks for asking.

Here are some ideas associated with their pain points in no particular order.

1) I'd like to environment to feel more "dev" when I'm in the debug tools. Ctrl-L should clear the console, C-a should get to the beginning, etc. Ideally, there should be standard console mode (Vim-like, Emacs-like) so programmers can feel more at home while in the firefox console. There should also be a way, maybe a json file a-la sublime, to tweak the debugging tools. That way, I could tweak the appearance, tweak the hotkeys, tweak which tabs are visible, etc.

2) I'd like to have plugins that integrate better with the "main" firefox tool. For instance, a plugin could create a new tab in the firefox dev console or add features on top of what's already there. I.e. A "surround" vim plugin or whatever. That way, existing IDE and other dev tools could integrate with firefox which would make it so much more powerful.

2) I'd like to always have the console at the tip of my hand, so it can load "very" fast and be non-intrusive. An idea would be to bind it to the ~ key which would popup a transparent console on top of the web page. For instance, I'd type:

  ~$('.whatever')

which would evaluate this and return the result in a tool-tip. It annoys me to death to write things like

console.log($('.whatever')).. It should be easier to evaluate things as we write them.

i.e.

  ~$('.whatever')<key to evaluate>.click<key to evaluate (ok good there's the click function)(function() { return 'meh'; }
<Actual click on the .whatever link show 'meh'>
~$('.whatever')<key to evaluate>.click<key to evaluate (ok good there's the click function)(function() { return $('.submit-button')<key to evaluate> } etc, etc.

A little bit like a scheme repl.

And I stress the transparent console because it's so annoying to have a big white console take a large portion of the screen even if most of the time you don't have to look at it. Yes, you look at what you're typing, but everything that happened before isn't that much relevant. And if you need it, you can still "pop" it for real.

3. Firefox needs to be lighter and faster. Maybe on your machine it's fast, but on mine, it's so slow compared to chrome. The main reason I'm not using Firefox for my debugging needs is because I don't use Firefox for normal browsing. It's not just about the page loading.. it's also about the ram footprints and the time it starts. The best analogy I have to explain this is "Presently, Chrome is to Firefox what Firefox was to Explorer in term of speed".

4. Firefox needs to be prettier. Again, maybe on your machine with I-don't-know-what-you-have-installed Firefox looks nice, but on my Archlinux distribution, it looks awful. Here are two snapshots from Chromium and Firefox (Firefox really looks like netscape 10 years ago)

http://s4.postimage.org/e5zmk1m1n/firefox_netscape.png
http://s10.postimage.org/4o2te27x5/chromium.png

25
mweibel 3 days ago 2 replies      
Websockets inspection would be very nice. To my knowledge no browser does support this and it would be very handy IMHO.
26
Su-Shee 3 days ago 0 replies      
So far I'm just not using the Developer Tools at all, because they don't give me what Firebug does.

Debugger, Inspect and Web Console just aren't working well together, aren't interegrated smoothly into each other and I hardly can get from one to the other. I can't enable ALL of them at once.

If they _were_ like Chrome's tools or Firebug I'd wish for the features of Firebug's XPath and CSS extension: input expression, get matching elements highlighted.

So, either they have to be as useful as Firebug, or throw them out to keep FF lean for users who doesn't need them anyways.

Also "keep the DevTools as simple as possible" makes absolutely no sense to me as a Web Developer - I need those tools as GOOD as possible and as USABLE as possible with a specific range of features I've come to expect from Firebug and Chrome.

I mean, I basically live with an open Firebug during work...

27
borlak 2 days ago 0 replies      
What drove me away from Firefox to begin with was the crashing, memory usage, and (lack of) speed. Mostly the crashing -- I was willing to put up with the other stuff.

I'm a backend/systems developer. One thing that would be awesome for me would be a fully featured web debugging proxy ala Charles/Fiddler. This is where I spend most of my time debugging/testing.

I watched your video with the new webconsole (jsterm.v2). Looks pretty slick -- but I'd request code completion. It was hard to tell if you had it or not from the video.

Another comment in this thread mentions you are working on Firebug AND dev tools? Firebug functionality must be part of Firefox by default.

28
thehumantorch 3 days ago 1 reply      
The guy is asking for suggestion to the DEVELOPER TOOLS... no to the firefox browser itself.

I have to admit that i changed my dev browser to chrome. The chrome developer tools are great. I like to have everything on one panel instead of the console in one place and the html and css in another.

29
Benferhat 3 days ago 1 reply      
It would be great if it was easier to debug errors like this:

    [12:11:02.525] Empty string passed to getElementById(). @ https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js:3

Especially when Firefox throws the error and Chromium doesn't.

30
Arelius 3 days ago 0 replies      
I'd personally really like a remote debugging API (Does one already exist) Particularly I'd rather debug in my editor than in Firefox, at least for certain things, there is integration that I could implement in emacs, or even a javascript based Development Environment that just would not be doable without project specific code.
31
javajosh 3 days ago 0 replies      
Move toward cloning MS Access from around 1997, but with open web technologies. And yes, I am very serious about this. We have needed this for a long time, and I don't think anyone but a browser vendor has the expertise to make it happen. Clearly you understand that the browser is an important development environment, so why not go whole hog and create something that can solve roughly 90% of developer's software needs?
32
perlgeek 3 days ago 0 replies      
One things I recently tried in firebug, and which seemed unnecessary hard: I tried to get a list of all the event handlers that fired. Yes, you can go in the source view, and there on "trace events" or whatever it's called (why doesn't that work in the DOM view?), but when there's a page reload, tracing is off again.

And as soon as there's a handler for mouse movement, you see nothing else in the flood of onmouse* events.

(Maybe there's an elegant solution to this problem already, but I didn't find any).

33
geoka9 3 days ago 0 replies      
An SSL MITM "proxy" a la Burp, but built into Firefox (or Firebug). It would be nice if it allowed re-writing (both manually and programmatically) requests and responses (including headers) on the fly, substituting files, etc.
34
kellegous 3 days ago 1 reply      
Some random suggestions:

(1) Developers do A LOT of style tweaks using the dev tools. In Chrome, this flow has gotten smoother and smoother. For example, the little of feature of having key handlers to jog numeric style properties is huge as it allows you to look at your page and not the value you are changing. Along these lines, here are some things that would go beyond what is currently offered.

- Allow me to easily get a diff of the styles that I have changed. I tweak a lot of styles and then I painfully bounce back and forth between my editor trying to make sure I have everything updated. When I forget something, it's lost. (Another angle on this would be to keep a history of the styles that were tweaked so I can get that back after refresh).

- You have the beginnings of an awesome z-index debugger with the 3d-view. Make it more interactive. I really want to see the page from the side with the z-index values somehow visible. Debugging z-index issues are a royal pain in the ass and you have a great opportunity to be awesome here.

(2) Your network level debugging needs a lot of work to even reach par with WebKit browsers. There is a great opportunity here as well. Even with the features that Chrome offers, I still resort to a debugging proxy for many tasks. Specifically, I use Charles for throttling to test timing on slow networks, replace network resources with a copy on disk (for in the field debugging), visibility into compression and a lot of cache related issues. In fact, tooling that gives visibility into caching behavior would be great. Another area lacking for browsers these days is debugging WebSocket traffic. Chrome's WebSocket visibility doesn't give me the real time visibility I need for message-style traffic.

(3) Performance visibility. I worked on the performance related tools in Chrome for a while. In fact, I landed the instrumentation that gave developers visibility into reflow/layout. I want visibility into what is going on in the browser: Reflow, compositing, parsing, HTML tokenization, image decoding, message passing queues. I want to be able to see it all.

(4) Expand Scratchpad. I basically want to be able to write a user script without ever having to install anything or open a file. Let me open the scratch pad, write some code and check "run this when example.com/ loads". I have a lot of debugging-in-the-field issues where I end up jumping through hoops to get some custom script to run at startup.

Ok, that's a quick 4 off the top of my head. Hope this helps.

35
shocks 3 days ago 2 replies      
Thanks for doing this post! Some things I'd like to see:

* Less UI chrome. The blue bar doesn't need to be blue and element breadcrumbs don't need to be fancy styled boxes. Large elements don't even fit in them and get chopped off.

* When I hit Ctrl-Shift-I the FDT open, but if I have the dialog detached it immediately loses focus and I have to alt-tab to see it.

* I find Chrome's Network inspector to be very useful for tracking APIs and checking headers/responses etc.

* It'd be nice if Firefox had an option to 'deminify' Javascript source in the debugger. The same for CSS.

* Built in html/css/js lint would be a nice feature

  * Right click -> Save option for CSS. The "Save" hyperlink is great but it took me too long to spot it.

That's all I can think of for now. I will continue playing and post if I have any more suggestions. :)

36
olivierbeaulieu 3 days ago 3 replies      
I work a lot on a Firefox extension, and honestly, the absence of dev tools for addons is really painful. Developping our extension for Chrome was super easy, since all their default devtools work in extension panels as well, but in Firefox it's been a nightmare, almost no tools. We are left off in a console.log madness trying to figure out what's causing bugs.

It would be soooooo awesome to have Firefox's default devtools working easily in extension panels!

37
TrisMcC 3 days ago 2 replies      
The JavaScript object browser mini-windows do not behave properly on Awesome, a tiling window manager. There is no way to close the windows without closing the entire web console. If I try to close the window like I close any other window, it will close the full browser window.
38
pjungwir 3 days ago 0 replies      
Long, long ago the "info" dialog box had a "Forms" section, kind of like the current "Media" section. It showed all the forms on the page along with all their fields & current values. I'd love to see that feature again. Then I could easy see the current values of my form fields (including hidden fields). Bonus points if I can use that dialog to edit the values and press a button to submit the form.
39
makepanic 3 days ago 1 reply      
I really love what you're doing with the developer tools in Aurora. But I'm missing a network tab.
40
rebugger 3 days ago 1 reply      
Prettyprinting/unobfuscating the JavaScript sourcecode (like in chrome and opera) would be nice.
41
carterschonwald 3 days ago 0 replies      
This isn't in your purview, but it'd be really nice if Firefox text boxes on OS X acted like OS X text boxes. Whenever I try to switch to using Firefox instead of Chrome, this drives me crazy because all the ctrl, cmd, option + arrow key combos I use with every other Mac application for text manipulation don't work.

This realistically a low priority matter, but it's one that keeps on making me switch back to chrome.

42
Harkins 3 days ago 0 replies      
View event bindings. I'm often debugging pages I've never seen before and the only way I've found to know what's bound to what is to grep the js for live/bind/click/etc. or replace the event library (usually jQuery) with one where I've inserted logging into the lowest-level event binding functionality. This sucks a lot.

Show me HTML source over time. If I use curl/Tamper Data I see what the server actually sent, if use View Source I see the source after JS has run, if I use Firebug I see the current DOM. I care about all of these. Give me one place to click through them with diffs. Include steps for the JS changes, and a copy of the JS stack at each change so I can see who did it.

43
moofish 3 days ago 0 replies      
Support V8's debugger protocol so we can use the WebKit Inspector.
44
johnrob 3 days ago 0 replies      
Right now, Web Developer Toolbar lets me live edit HTML in the browser. I'd like the same feature, but instead of editing in the browser, I want to edit the actual html file. So, this would be some sort of "live edit mode" where open a url to your local html file, and any edits you make to the file get applied in realtime (just like the Web Developer feature). It would be nice to use my regular editor (and the true html source file) instead of a browser text field.

I suppose support for CSS could work as well.

45
geuis 3 days ago 0 replies      
I'm not being pedantic.

Implement the same toolset, layout(UI), and keyboard shortcuts as Chrome/Safari. The underlying code would obviously be different, but as a developer one of my biggest problems with Firefox is having to do a mental context switch every time I have to debug something. Things that bother me is the dev tools defaulting to the top instead of bottom and having to click little buttons instead of fat tabs to choose what shows up in the console. Make each its own tab.

On the good side, the FF dev tools are a lot faster than Firebug was. That's much appreciated.

Chrome and Safari should do this as well. My point is that they are more similar to each other than Firefox is.

46
natehunzaker 2 days ago 0 replies      
I love the work that you guys are doing on these tools, they've really come a long way in a short period of time. I find I prefer them to the Chrome tools for a number of reasons. However, I occasionally swap to Chrome for a couple of things:

- The timeline tab. I know there's a profiler panel in FF now, but I have trouble interpreting the results. This may have changed.

- Better stack traces

- The networking tab. Looks like this is in the pipeline. I can't wait to see what you come up with).

- In the style editor, as an Emacs user, I always accidentally ctrl+n to a new stylesheet instead of the next line. I'd really enjoy an easier way to edit keybindings.

- Live editing of JavaScript in the debugger would be really killer

- I often wish the debugger had the "pretty print" button Chrome offers to diminify scripts in the Sources tab.

On another note, Paul, I love the work you're doing on JSTerm. Keep up the great work.

47
kevinSuttle 3 days ago 0 replies      
I would love to see something akin to YSlow's Statistics tab. http://d.pr/i/QC0g

I also support the idea of not competing with Firebug, and possibly absorbing it into the Firefox project. It seems wasteful to have developer resources tied to both in parallel.

To the existing dev tools in Firefox:
- The UI layout could be improved quite a bit, expanding by default and taking up less screen real estate. e.g. the CSS panel could be part of the source view, like most devtools UI. Lots of space on the right side going unused in that panel anyway.
- devtools.inspector.htmlHeight needs to at least be doubled
- everything under devtools.inspector. needs to default to true (I realize this is contradictory to my earlier statement about real estate
- Is the 3D view really needed? Seems like this could be an add-on also.
- Picky one: I would prefer the toolbar/breadcrumbs to be on the top of the panel. Makes it easier to distinguish on a page that looks similar.

I do really like the :hover :active toggles, and the markup viewer mode though. :)

48
therealunreal 3 days ago 1 reply      
The console certainly needs some love. I love that it opens so fast and feels so light compared to Firebug. I don't use it because:

* I can't select and copy text from the console's output (it's a listbox now)

* The autocomplete is not as good as Firebug's and hitting enter does not complete it

* The inspector does not remember the width of the two panels (left with DOM/right with CSS rules)

You get the idea. You've completed the 90%, now fix the 10% left.

49
nfm 3 days ago 0 replies      
Firefox is my primary browser, but I use Chrome to do development, entirely because of the dev tools. I'd really like to move my development back to Firefox.

For me, I'm held back more by the UI rather than the features. I find the different, independent panels very confusing, and the popups (for eg. XHR request info) drive me nuts. I'm sure there's a strong rationale for how it is, but it doesn't quite click for me.

I've tried going back to Firebug where the UI is more my style, but for me, it's too slow (on my not new, but not old laptop). It often takes several seconds to launch the select element tool, and can lock up for a couple of seconds at a time.

The built-in tools are much faster, which is great. I'm just not accustomed to the UI, and have reservations about whether I can get into it or not.

50
maufl 3 days ago 1 reply      
Throw an error if a ajax request fails because it's a cross domain request. Last time I run into that problem everything looked good but the request silently failed and it was only when I tried it in Chrome that I got a hint what might go wrong.
51
electrotype 3 days ago 0 replies      
I'm a big Firefox fan for one major reason : it's the most customizable browser out there. I just love the right-click/Customize and all the available extensions.

My suggestion won't be for a new tool, but it's a suggestion anyway : Please always allow users the decide what they prefere. Choose any defaults you think are the best, but always add a configuration to be able to change it!

An example of this : I don't remember when exactly, but in one release, Firefox devs decided to remove the "loading cursor"( https://bugzilla.mozilla.org/show_bug.cgi?id=482985 ) without any config:about setting to enable it back!!! I was furious, not simply because I prefere to see this loading cursor, but because Firefox didn't allow me the choose what I wanted.

Thanks for reading and thanks a lot to all devs contributing to this wonderful browser!

-----

(By the way, it's now possible to enable the loading cursor using ui.use_activity_cursor = true)

52
msoad 2 days ago 0 replies      
Hi Paul,

I am not a FireFox dev tools user and I highly invested in Chrome devtools. I edit JavaScript code in browser all day. It's hard to not use a fully featured editor but I invested in it to make it better. I submit bugs and sometimes fix small bugs there too.

I will tell you what Chrome dev tools CANT do for HTML and CSS and ask you to implement them to attract more developers.

1. Editing JavaScript code in browser:
- Autocompletion (I know this is very hard)
- Code block collapsing
- A good theme API
- Shortcut keys like CMD+/ for comments
- Inline watchers for when developer stopped at breakpoint and look at watched value right next to it's
position in code (Something like Visual Studio)
2. Editing CSS
- Inline CSS reloading (Reloading CSS without refreshing)
- Better autocomplete for values
- Unminifying CSS
3. Multitouch

53
sambeau 3 days ago 2 replies      
Two things I would like:

1) An easy way to debug events. I find that javascript has become so non-linear it is really hard to decide where to breakpoints and what I really want is to follow an event from object to object instead.

2) An easy way to send, receive, debug RESTful Ajax queries: GET, PUT, POST, DELETE would be nice especially if it had a clever way to view and edit the requests (and responses).

54
Thibaut 3 days ago 1 reply      
This is my wish list: (I'm running Firefox Beta)

- Show ::before/::after pseudo elements in the DOM inspector.

- An option to clear the web console on page reload.

- An option to hide assets requests / show only ajax requests in the web console.

- A "Storage" tab for viewing cookies, localStorage, applicationCache, etc.

- Merge the Developer Toolbar with the DevTools.

Thanks!

55
krob 3 days ago 1 reply      
I think something that would be useful as a dev tool in FF, which only chrome right now has a decent tool for is restful url testing, similar in part to https://chrome.google.com/webstore/detail/advanced-rest-clie... I haven't seen anything even remotely similar for FF, maybe a optional plugin for this kind of tool, it would make my development process much quicker for the client-side code which is being used for restful interfaces. especially if we can maintain our session when submitting information.
56
kule 3 days ago 0 replies      
This is more of a plugin request but I'd love to see something like Postman for Firefox: https://chrome.google.com/webstore/detail/postman-rest-clien...
57
kenshi 2 days ago 0 replies      
This is a big request and probably outside the scope you are thinking (but it shouldn't be): a WYSIWYG layout and editing mode.

Think something like [divshot](http://www.divshot.com) but more powerful, and built right into the browser.

Authoring web content should be a lot easier than it currently is.

58
Skalman 2 days ago 0 replies      
[Inspector] Support more pseudo selectors where applicable. E.g. :link and :visited for links, :target, :enabled, :disabled, :checked, :indeterminate etc.

[Web Console] Add an option to reset when the page reloads (like Chrome). Perhaps it doesn't even have to be an option, but could be the only way.

[Editing HTML/CSS/JS] I don't have a clear idea, but I don't want to edit code in the browser (my editor is my tool of choice), and would love if I didn't have to refresh to update a resource.

59
monteslu 3 days ago 2 replies      
Need to be able to profile frames/second for HTML5 gaming. The frames part of the timeline tab in Chrome is extremely useful.
60
qw 3 days ago 1 reply      
It would be nice to record a session and see what CSS rules that were applied. This should include events such as :hover. As an added bonus it could return a clean version of a stylesheet that matches.
61
ed209 3 days ago 1 reply      
When I go in a tweak the CSS of various html elements, it would be nice to have those changes available somewhere (even if I reload). Even the ability to replay those tweaks after reloading.

I need this to be able to move that css back to my external files.

62
chacham15 2 days ago 0 replies      
One thing that I think would really improve the lives of all firefox users is if firefox would update silently like chrome does. Firefox always chooses the times when I want to get something done to do the updates and so I always cancel the update (in order to do what I want). In chrome, updates happen without me noticing them which is ideal. (this also has the added benefit to devs that older versions of firefox will fall out faster and thus require less support)
63
datadiver 3 days ago 0 replies      
1. for debugging minified JS we tried to use source maps, but they were not supported (I have to say that Chrome claims to support it but it is working intermittently). So our fallback today is to serve non-minified to developers (based on a cookie) and minified to the rest of the world. The drawback is that users may report JS exceptions with the line numbers which are different from what developers would see.

2. for mobile I need FF to let my webaps compete with native apps. Mozilla is changing the game on mobile with webapis to devices https://wiki.mozilla.org/WebAPI, you guys are the saviors! We have been waiting for the ability to write device interfacing webapps since 2008! Our team is on the way with an MVC framework that utilizes device webapis, see http://github.com/urbien/urbini. But one critical thing is missing - Firefox needs to start as a service on device boot, and webapps should be able to register JS callbacks in this service. It does not need to include a rendering engine, but webapp should be able to spawn full browser. Without this we can't write proximity-based social apps, a bump-like app for business cards, network aware db sync engine, etc. To continue this line of thinking, it is not always devices that you need your webapp to communicate with. Sometimes it is Android intents. Like the intents defined by pebble watch service http://developer.getpebble.com/
What would be cool is to have a generic interface to those intents in Javascript. I know it is Android-specific, and iOS will need another solution. The idea I want to throw on a table is to define any interactions with native code as Models in MVC. Our team is prototyping such for Pebble smart watch right now http://urbien.com/app/Pebble. I am available for brainstorming if you want to take it further.

64
SquareWheel 3 days ago 0 replies      
Better management of data would be a big thing for me. Being able to edit cookies locally, and tamper with POST/GET data that I'm sending to pages. Also LocalStorage although that's not something I personally use.

Chrome has the same issue. It's all read-only.

65
lifeisstillgood 3 days ago 0 replies      
A RESTful stub,

so I can run my ajaxy goodness without needing a web server up. More importantly, have it run from standard definitions like jsonschema and URL mappings. Make the static version easy peasy config, and then let me extend the stub with
JavaScript as it gets more complex.

Front end dev is splitting from backend dev - and there is a world of people who would kill for an industry wide means to define easily the expected behaviour of rest API / media types and so be confident that when the outsourced devs returned their work integration would not be a bightmare - expect your stub to be part of many SLAs

There are frameworks out there that do this (Jasmine) but if I wanted something, that's it

Edit: was even less clear than it is now

66
stuaxo 2 days ago 0 replies      
For so long I've been wanting a system I can ask -

Why is this element "HERE" - instead of "THERE" where "HERE" might be 60 pixels to the left, or off the screen + "THERE" is somewhere else.

Basically a system that would be able to interegate the DOM, work out which rules might be causing the problem or have a go at some modifications.

It could answer:

"blah.css resets clear on line 266" - toggle

67
mmuro 3 days ago 1 reply      
The two things that I'd want to see are a Network tab and a better way to edit the HTML. Adding to the HTML is a must-have in my opinion, not just editing what's already there.
68
goldfeld 3 days ago 1 reply      
I'd love vi keybindings to navigate the console and web inspector.
69
the7nd 3 days ago 0 replies      
It would be great if response bodies were easier to view. I have to enable logging and scroll to the bottom of the network request window to view them currently.

Also, thank you. The updated tools in FF20 beta have been fantastic.

70
pfraze 3 days ago 0 replies      
Web Worker debugging that's on par with debugging code in the document. That includes logging, breakpoints, and being able to see the scripts loaded in a Worker without having to open its debug tab first.

(I'm reacting to Chrome's current situation, but it applies across the board.)

71
vsync 2 days ago 0 replies      
> improve the user interface (better theme)

Oh no.

No offense, but every time Firefox gets on an improvement kick, especially when it comes to interfaces, it seems to just be a euphemism for "removing functionality".

72
gverri 3 days ago 0 replies      
What about some "livereload" capabilities?

http://livereload.com/

I know a lot of people who use it. And I think it would be great to have it native on firefox.

73
rpncreator 3 days ago 1 reply      
A clear strategy as to which dev tools will be maintained in the future.

Will Firebug and Firefox Dev Tools coexist? What's the plan there? It seems like a duplication of effort from Mozilla.

74
timme 3 days ago 1 reply      
Make the native 'Inspector' tool go away. Accidentally opening that thing (because they're next to each other in the context menu and the labels are similar) instead of Firebug is infuriating.
75
1337biz 3 days ago 0 replies      
What I would love to see are improved privacy options. Whenever I come across https://panopticlick.eff.org it serves as a reminder that there could be much more done to reduce the footprint.
76
rebelde 3 days ago 1 reply      
Maybe this is provided and I haven't found it yet:
- Rendering speed - show what slows it and what we can do to improve it. (Too many DOM objects, external files, redrawing?).

Thanks!

77
michaelwww 3 days ago 1 reply      
I was just now debugging in 3D view and wishing the view would re-render when I changed a style attribute. That would be pretty slick and quite helpful. Thanks for all your hard work.
78
ElbertF 2 days ago 0 replies      
I'm really missing Firebug's DOM tab (being able to see all JavaScript functions and properties). Also the ability to see which event are being fired.
79
izietto 2 days ago 0 replies      
On Firebug, when you hover the layout section, the respective section of the selected HTML element is highlighted. I use _a lot_ this feature, it is very useful, and IMHO is a must-have for a webdev tool :-)

Another feature I would like to see is a 'Disable cache', and a 'Open source code in a new tab' (the things I use more of Web Developer Tools :-) )

80
grapjas 12 hours ago 0 replies      
Not related to devtools but please make the facebook addon or plugin or whatever removable
81
timw4mail 3 days ago 1 reply      
My request would be a way to plug into the developer tools, similar to Firebug. That way things like Firephp logging woule be possible without the overhead of Firebug.
82
radiac 3 days ago 0 replies      
A menu somewhere to select the current media type would be lovely - not least for checking print stylesheets. Perhaps a drop-down at the top of responsive mode?

A nice ui for cookie management stuff (edit, delete) would be good too. Even better would be a way to manage different sets of cookies on the same site - eg per-tab cookies, or an option to save/clear/restore - to make it easier to test as different users at the same time.

83
blissdev 3 days ago 0 replies      
I think the output/pretty-printing of objects is lagging far behind Firebug/Chrome Devtools. Would like to see this improved.

Also, the request interface seems kludgy and could be optimized. Having to turn on logging of req/res bodies is an annoying extra step. I feel if the devtools are open it should do that.

Thanks for all your effort. Looking forward to upcoming devtools releases. JSTerm is awesome also!

84
account_taken 2 days ago 0 replies      
Simplify the Firefox API's. The J2EE-like APIs in Firefox are complicated and a big turn off. Make debugging background pages easier. Make logging easier. We've built several extensions on Chrome, Firefox and IE. NOBODY volunteers to do Firefox or IE tasks. Chrome is fun.
85
finnnnnnnnnn 3 days ago 0 replies      
I really dislike how chrome display :before & :after in the styles pane. More often than not these pseudo selectors contain quite important styling that's hidden away in the styles. Not sure how you can fix this, but there must be a better way.

Any chance you could remove the animation that appears when using the element selector? I find the flicker very distracting.

86
janitor61 3 days ago 0 replies      
Hi Paul, I think some sort of explicit URL protocol would be nice for short-circuiting DNS without having to add entries to your hosts file and restart; something like:

httpe://1.2.3.4@www.domain.com/index.html

would connect to 1.2.3.4 and ask for domain.com, without querying DNS either locally or otherwise. I'd find it useful.

87
Yaggo 2 days ago 0 replies      
Integrated js/coffeescript editor for live-editing the code without page reload. Must be able to save to disk as well.

Inspiration: http://smotko.si/using-chrome-as-a-javascript-editor/

88
vicaya 2 days ago 0 replies      
Tab group: one process per group. Kill one group kill all the tabs within the group. Make most extensions per group instead of browser wide to improve isolation and security.

It's a natural evolution from one process per tab.

89
mzarate06 3 days ago 0 replies      
Something similar, if not identical, to Chrome's Speed Tracer. I spend most my time in JavaScript heavy apps, and being able to see a visual break down of where my performance goes, and the particulars behind it (e.g. especially involuntary repaints), has been very helpful.
90
Yahivin 3 days ago 0 replies      
Inline editing of Stylus and CoffeeScript when using the inspector. That's about the only thing that could get me to switch from Chrome.

Also, please finish implementing the gamepad api!

91
ericb 3 days ago 0 replies      
Create a debug view that displays all attached event listeners for each dom element, with a link to the source location for each. I hate unobtrusive javascript only because we have traded easy debugging for pretty.
92
electrotype 3 days ago 0 replies      
- To be able to "View Source" with an external editor, without having to use an extension that sometimes breaks from releases to releases, would be really nice.

- Being able to open a new tab that doesn't share the same sessions/cookies than the other tabs would be nice too!

93
scoot 3 days ago 0 replies      
I'm glad you added the last sentence, because at the end of the day, web-browsers are primarily an end-user application. IMHO dev tools should all be add-ons or in a developer-specific build.
94
monk_e_boy 2 days ago 0 replies      
This comment may get lost... I have a lot of the same problems as others on this list. I love FF but use Chrome for developing, it is so much nicer. I don't get a lot of FireBug or whatever it is called. I use the DOM Inspector a lot (with the right click -> inspect this menu)

But what I'd like is to be able to mark a set of CSS rules and see if they are ever run. Put a breakpoint on them. Then browse around my website and see which are used and if any are superfluous. When taking over another website from another team, de-crufting the CSS is a pain.

95
s_baby 3 days ago 0 replies      
Maybe I'm not using Firebug correctly but my stack traces only include the last few function calls. It'd be nice to have comprehensive stack traces from beginning to end.
96
nu2ycombinator 2 days ago 0 replies      
One feature I love is, When I right click on the tab it should give an option to stop the music or video I am playing. May be you should provide hooks for the web page developer to integrate their music/video player to your menu items.
97
nkron 3 days ago 0 replies      
I would love to an allocation profiler that reports garbage. .Net has the CLRProfiler which tracks allocations over time and can show where you are creating a lot of temporary allocations. CLRProfiler is a great tool and I haven't found anything like it in the web world yet.
98
jbackus 2 days ago 0 replies      
* Expose APIs for developer to hook into firefox and reload pages or parts of pages (i.e. reload changed JS/CSS file)

* Intuitive system for playing, changing, rewinding, and replaying JS files for more rapid feedback (see: https://vimeo.com/36579366)

* Let me alter CSS / JS live (like I can with firebug) and then save it to the file if its local

* Implement some sort of system that shows link between JS events and the HTML they are bound to

99
chaudruc 3 days ago 0 replies      
Would love to see integrated ftp/sftp client and in-browser tabbed editing for quick site edits.
100
wafiq 3 days ago 0 replies      
Firstly, I love the new Devtools. I use Firefox as my main development browser because of it.

First, I would like to request if the rules tab on inspector pane didn't change user value or unit. We can save that for the computed value tab. For example I would like to inspect the hex color and not rgb.

Second, I miss Firebug's colored overlay of padding, margin and border on inspect mode. Chrome inspect didn't have it either.

Third, is the performance measurement pane, like in Chrome.

Lastly, maybe an additional pane to edit/manipulate request header. Right now, I had to enable it every time I need to inspect the request header, and it couldn't be manipulated.

101
sathishmanohar 3 days ago 0 replies      
+1 for "design in the browser" capabilities.

But, a more easier (I guess) but similar feature I would like is, full color picker for color values, and a gradient generator with color stops etc. which can be invoked for all gradient background supported elements, both color and gradient should update the rendering as the values are changed.

102
mlakewood 3 days ago 0 replies      
After having to hunt in google chrome dev tools for memory leaks from a single page JavaScript app, memory dumps with a separate tool that can give you a really good insight into what hanging around would be great. I found that if you were doing snapshots of website states and the memory footprint was significant then the browser just wasnt able to handle displaying all of them at once. I know this is an issue kinda for chrome, but I figure Firefox might have a similar problem. And single page/MVC javascript apps are only going to get more demanding.
103
aviraldg 3 days ago 0 replies      
Make it possible to run DevTools in "editor mode" ie. make it possible to run DevTools in a separate tab as an editor.
104
funkyboy 3 days ago 0 replies      
I'd start with something simple. Edit a file, server detects the change, browser refreshes the page. Just that would save a ton of man-hours.
105
juzfoo 3 days ago 0 replies      
Would like to see something that help inspect events bound to DOM elements. i remember there was a script/plugin called liveevent but that has been plagued with issues of late and kinda stopped working for me.
106
dmitris 2 days ago 0 replies      
Tainted mode for Javascript and tools for identifying DOM XSS (similar to DOMinator) would be really useful for security testing and audits of the modern complex sites. There is a bug open https://bugzilla.mozilla.org/show_bug.cgi?id=811877 - hopefully it can be given sufficiently high attention and priority!
107
adrocknaphobia 3 days ago 0 replies      
Please build a remote inspection / debugging API similar to Chrome so tools like http://brackets.io can integrate with Firefox.
108
alme1304 3 days ago 0 replies      
First of all thank you for taking the time to do this and for your work. The tools have made some great progress in the recent builds.

I'm currently on FF 22.0a1 and I can't find the ability to dock the tools to the left/right. I know I used to be able to. Whether that option is present or not, I think that it is part of a bigger issue, customization. I would love to have the ability to customize the hell out of this, either from a gui or code

109
gabeio 3 days ago 0 replies      
Honestly I would like to see firefox become more like google chrome in the fact that theres less of the browser and more of the page that takes up the screen for normal browsing. Firefox would be a lot nicer actually if you guys would keep the dev tools but they don't really need their own key command to get to them as you will not really need them on each and every page you visit and a basic user may get lost if they open it by accident.
110
flexterra 3 days ago 0 replies      
Chrome has a button that gives format to minified code. It's useful.
111
kalail 3 days ago 0 replies      
Small but irritating issue: The clicking and editing mechanics of Firefox's CSS 'Rules' sidebar is just-a-bit too sticky. It'd be nice to be able to use the arrow keys to move around different fields instead of just TAB and SHIFT + TAB.

The left - right keys should obviously only jump fields once the cursor is at the edge of the current field. Kinda like Microsoft Excel cells, if you know what I mean.

112
mikeburrelljr 2 days ago 0 replies      
Get rid of the current native debug tool - and replace it Firebug (or have the option to switch between the two).

There is nothing more annoying than trying to inspect something via Firebug, and you end up accidentally open the native debug tool instead.

/rant

113
mnazim 3 days ago 0 replies      
Ability to move tabs to the sidebar - left or right is needed badly(at least, I need it badly).
114
mehrzad 3 days ago 1 reply      
Personally I find it annoying that <tag> is displayed as <tag >. I never understood why this is.
115
lightopia 3 days ago 0 replies      
I'd like to be able to debug webworkers in their own environment (though I would accept the Chrome workaround of debugging in an iframe).
116
tholex 3 days ago 0 replies      
FF's web console has some nice resizing features to test responsiveness. They keep me coming back and trying aurora once in a while but the CSS property / value editor is currently lacking.

Either keyboard shortcut mappings for web console commands, or a simultaneous view of different responsive sizes would definitely be killer for responsive development.

117
patrickdavey 2 days ago 0 replies      
One thing I'd love to see baked in is the "fireshot" plugin. Basically a way to take a screenshot and annotate it. Very useful when mocking up with the client / working through support requests etc.
118
jasonbarone 3 days ago 1 reply      
I understand this is probably not be the kind of feedback your team is looking for, but I haven't used Firefox for front end development since I got a Retina Macbook because I can't stand reading text anywhere in Firefox.

Before the Retina I used Firefox/Firebug all day everyday. After Retina, I jumped to Chrome.

119
millzlane 3 days ago 2 replies      
It would be helpful if I didn't have to close and restart my browser to install an addon. It would be easier to only have to restart the tab I want the addon to start working on.
120
_ZeD_ 3 days ago 0 replies      
A thing I never understood is why writing into the console a function should show the complete body content.

The only one who do it "right" in my head is firebug: console.log(my_function) show just the function "definition", clickable to go directly in the sources at the right row.

121
rtexal 2 days ago 1 reply      
Just thinking that debugging a huge DOM is a waste of time after each refresh. If there's a way to visually select/click elements on screen to directly zoom in onto the part of the DOM tree, that will be kickass.
122
conradfr 3 days ago 0 replies      
A close/dismiss button on the responsive design mode ...
123
McUsr 3 days ago 0 replies      
Hello. I think first and foremost FireFox should build in support for disabilities, so that one can get to its UI Elements. The nice side-effect is that governments, which has laws regulating software for the benefit of disabled workers, then are able to use it.
124
pwnna 3 days ago 0 replies      
I find that firebug slows down the browser after a while of debugging. Memory leak? Make it faster :)
125
ethanpil 3 days ago 0 replies      
My suggestion is to take a look at this plugin and make everything about it better and faster:
http://chrispederick.com/work/web-developer/

I use this thing several hours per day.

126
vanessa-dc 3 days ago 0 replies      
Keep "view selection source" !!
127
floppyspinner 3 days ago 0 replies      
At some point, I've noticed that stack traces just stop altogether. This happens when I work with Three.js. I think libraries are gonna grow bigger and more complex, and so having the browser tools match that would be great.
128
franze 3 days ago 0 replies      
obstrusive http and <head>-browsing mode. basically show http and head data (in a useful way) while browsing.
129
jnowlan 3 days ago 0 replies      
I would like to see the adoption, if not formally at least informally, of a javascript ux toolkit. This toolkit would work across platforms - mobile, web, desktop. Ideally it would be modeled on qt. Maybe using dojo/Maqetta if this is possible or makes sense or Qooxdoo.

ZUL offered much promise but was never really developed imho. And now there are too many js toolkits out there -- too much choice! I can understand not wanting to favor one toolkit over another, but I think there is nothing wrong with informally adopting one -- and consolidation will happen eventually anyways. Web components may be a way forward here, but I would think Mozilla, with its emphasis on standards, could be a leader in uniting these elements.

130
kevinSuttle 3 days ago 0 replies      
Also, I can't remember exactly what the issue was, but I remember not being able to access or do something with local files. Anyone know what I'm talking about?
131
digitalzombie 3 days ago 0 replies      
edit:

Sorry I didn't read the link you included.

You've made what I've just requested. Thank you so much!

---------

I know you guys have a lot of built in tools for web development.

But they're (the web dev tools) are all separated. It's nice and I like it. But is there a single shortcut or something where I can click and have it all organize in one giant tool? Like Firebug?

Btw, I loooove mozilla (borderline fanboy) and aurora is awesome, thank you for an awesome product.

132
frozenport 3 days ago 0 replies      
I want an IDE for Javascript.
133
lignuist 3 days ago 0 replies      
JS and CSS minifier that (optionally) removes dead code.
134
kineticfocus 2 days ago 0 replies      
A 'nice-to-have' security feature: when parsing the PDF, show the embedded JavaScript code.
135
blueshift 3 days ago 1 reply      
I spend a lot of time needing to step through/understand someone else's pages/script, and would really like to see a way to immediately link between the HTML on* attributes and the functions that are invoked. I can at least get the function names through the DOM tree sub-tab, but I end up doing global finds to actually get the function being called - especially when someone has overloaded myFunc() with N different parameter options.

Maybe there's a different way to do it, but I haven't found it yet.

136
felipebrnd 3 days ago 0 replies      
I think a macro recording tool would be very useful (maybe something like Selenium).
137
phoeniciansail 2 days ago 0 replies      
I'd like to see a way to compare the CSS values on two different elements, like two buttons that should look the same, but aren't. I do a lot of manually flipping between the two elements, and trying to spot the differences in the property list. But it's pretty clumsy that way. :)
138
mzcomm 3 days ago 0 replies      
Better unit testing support please. Currently marrionette js support is minimal, selenium/webdriver is too heavy weight. I realize that there is a lot of legacy mochitest code. Having an easily accessible framework that one can integrate with nodejs to do BDD/TDD is extremely useful for writing guality code.
139
serverhorror 3 days ago 0 replies      
Look at phantom.js -- make it happen that Firefox integrates easily with the framework.
140
aaronsnoswell 3 days ago 0 replies      
+1 for remotable debugging. I love this feature in Chrome.
141
bharad 3 days ago 0 replies      
Firebug: Make testing hover and active classes easier.
142
samiullah 3 days ago 0 replies      
Add some git plugins ,if possible ...
143
kadaj 2 days ago 0 replies      
Dev tools provided by webkit is really cool. Why not get some thing similar. At least a debugger and a good console.
144
stfnhrrs 2 days ago 0 replies      
Webkit
145
dylanhassinger 3 days ago 0 replies      
Webkit?
146
benaston 3 days ago 2 replies      
Copy Chrome?
147
antihero 3 days ago 2 replies      
Make it exactly like the webkit dev tools?
16
The Apprentice Programmer lutke.com
399 points by seubert  5 days ago   146 comments top 27
1
dxbydt 5 days ago 22 replies      
I simply do not understand this anti-college anti-credentialling sentiment. I am featured in the latest Hacker Monthly ( print version of HN). So they asked me for a bio. I wrote something about how I learnt everything in college...am not a hacker...and that you should go to grad school if you want to get better at CS. So they edited out all of the pro-college stuff and just said this guy is data scientist.
You don't figure out Dirichlet allocation and principal components and matrix regularization hacking away in your garage. This stuff isn't going to occur in your mind out of the blue. Its fairly complicated and even those of us who were systematically taught these things at school take years to internalise it. Don't downplay education. You are missing out on a treasure trove of knowledge humanity has collated over centuries, just to hack away and reinvent the wheel by yourself...well, good luck with that.
2
jmduke 5 days ago 6 replies      
This is well written, but I feel as though I'm missing something.

The best way to get better at being a career programmer is to be a career programmer. This is understandable! And the author's initiative at 16 years of age to identify his passions and stick with them at the exclusion of higher education is commendable.

But I've learned a whole, whole lot in college -- and yes, I completely agree with the author that the amount of time I spent tinkering around with computers is smaller than it otherwise would. Instead, I spent time joining a fraternity; taking classes comparing Milton to Bradbury; learning how to pitch a stock; volunteering with the homeless; getting blackout drunk on a Tuesday night; learning the differences between Brahman and Brahma.

Do those things make me a better programmer? No, but I absolutely think they make me a better person than had I spent the past four years as an apprentice. (And, I'd wager that they're better for my career in the long term, but that's not really relevant to this discussion.)

So, I guess, my takeaway: if you know with absolute certainty that computer programming is your sole passion in life, then college is probably not your best choice.
(I'm not saying that the author is being anti-college in this post: but I fear most of the readers might interpret his post as such.)

3
templaedhel 5 days ago 8 replies      
I feel like confirmation bias is in play when you read about successful people who have dropped out of school, succeed, and then blogged about it. You have to keep in mind the hordes of people who have followeded a similar path only to archive not enough to blog about.

Self education may appeal to many of us here, but it applies to less than it appeals to.

4
ender7 5 days ago 2 replies      
The OP was incredibly lucky to find a mentor like Jurgen. Being handed a thoroughly "proofread" review of your work is perhaps the best way to improve at almost anything. Unfortunately, creating such high quality feedback demands more time than most people are willing to spend, especially if it's above and beyond their normal duties.
5
hkarthik 5 days ago 0 replies      
I actually met with some programmers from Shopify at a conference this week. They spoke of Tobi's leadership very well and I could see he's worked hard to cultivate a certain culture at Shopify. Reading this essay really validates a lot of what his programmers said about him.
6
davidroberts 5 days ago 0 replies      
God. If only the US had something like this instead of the stupid everybody go to college, everyone spend years studying vapid idiocy after already wasting years doing the same in high school. I'm not anti-college. I'm anti no choice, one size fits all, we don't care if you actually can do anything as long as you were able to put up with enough wasted time to prove you are not the type to buck the system and maybe cause problems.

And by the way, I do have a degree.

7
jboynyc 5 days ago 0 replies      
It may be worth recalling that Americans have been interested in the apprenticeship system for a very long time. For instance, Booker T. Washington's strategy for racial uplift at the Tuskegee Institute was based on the apprenticeship/vocational training model -- that's more than 100 years ago!

His critic, the famous sociologist W. E. B. Du Bois, had the following reaction after a trip to Germany in the 1930s:

   The Siemens AG factory, in Berlin-Siemensstadt,
particularly excited him, with a training-and-
apprenticeship system that he believed could
provide the model for American Negro industrial
education.[1]

(Yes, that's the same Siemens that Tobias refers to in his post.)

More recently scholars like Katherine Newman and others have looked at such programs as a model policy not for racial uplift but to boost the US's shrinking middle class.[2][3]

With college debt now at $1 trillion and rising, it definitely is not a bad idea to explore alternatives to the way education works in the US.

   [1]: http://chronicle.com/article/WEB-Du-Bois-in-Nazi/1896/
[2]: http://books.google.com/books?id=1jfAhghdH7MC
[3]: http://dx.doi.org/10.1007/978-94-007-2272-9_10

8
blt 5 days ago 2 replies      
I wish I could have a mentor like Juergen in the article. Ever since I started writing code, nobody has had enough time or dedication to go over my work line-by-line like that. I learn those lessons by trial and error when my code breaks. And they aren't lessons I could have learned in college. I've got a long way to go, but one day if I'm actually a good programmer I'll try hard to be a mentor like that to the new guys.
9
javajosh 5 days ago 0 replies      
tl;dr The OP is not alone in finding a real problem highly motivational to learn the solution; there is a missing component to computer science education that doesn't address 99% of what application programers do; apprenticeship programs would particularly benefit from certain practical additions to the curriculum.

His learning "disability" is all but universal: teaching style doesn't give students a real problem to solve. That's how science is supposed to be taught. Ask your students: can you build an engine out of a pot of water, a tight-fitting rubber cap that expands, and a small weight that can be attached and detached from a crank at any point in it's motion?

This is how you introduce temperature, heat, pressure, volume, work, etc. And I can't help but think that an apprenticeship basically achieves the same thing: it motivates the learner with real problems that motivate them to find a solution.

This is great in theory, but in practice CS doesn't really answer the problems you have as an application programmer. Much of CS "book learning" is focused on things like compilers, systems programming, or data-structures and algorithms. I don't know about you guys, but I spend very little of my time designing languages, compilers, or systems programming. I don't even spend that much time choosing data-structures. No, I spend most of my time learning the interfaces that other people have built around these things - learning how to parameterize and operate within someone else's higher-level environment (which is also known as a platform).

So what should ordinarily be an exercise in data structures and algorithms becomes a piece of techno-social detective work: nothing less than the determination which library/tool/framework is appropriate for the project, and then to get busy learning that combination to be able to release real software. If there exists, anywhere in the world, a class on how to discover, evaluate, and integrate libraries into an existing project, I don't know of it. In the same way, I doubt there exists a class on comparative application architectures.

10
shanelja 5 days ago 1 reply      
I was an apprentice, fairly recently actually, only last year. I loved it - the crappy pay, the meaningless jobs and the terrible teaching aside - I found that I was in my element.

Half my life I've been fascinated with computers, for a quarter of it, I've been actively building programs to populate them, replacing the typical childhood experience with code and logic.

When I got my first job in programming I had been a hobbyist for a few years and I was a fresh mind to mold, but I felt used, I had a house and food to pay for and it was a hard experience.

It's more than a year ago now and I'm at another company, one which valued my skills in a better way, more money, better prospects and far better training, I feel like I learn more every week at my current job than my entire time at my last job.

To anyone out there who is young and jobless, or unsure of what they want to do, or sick of stacking shelves at Asda, I implore you, try one out, the job satisfaction and the change in your mentality will be more than worth the effort.

You don't need to program from your youth like me, most people start between the ages of 16 and 21 (so far as I can tell) and codecademy and other services are making it a lot simpler to learn these days - anyone else remember learning HTML from W3SCHOOLS?

I said this to my best friend a few months ago, when he had just had his baby and had no job: Why do nothing, when you can do something you will love?

11
mijustin 5 days ago 0 replies      
Are you in the Austrian or the German system?
12
uokyas 5 days ago 1 reply      
In Portugal we adopted the same system, 5 years ago or so, and i can say its not working as good as in Germany, for young adults who live in rural areas they don´t have the industry to get an apprenticeship like you did,not everybody gets a chance to work with smart minds like you did, and have the adult discern like you did to make yourself useful at such early years of life. That´s is a good story, i can tell you that. But it does not means that its reachable to everyone everywhere.
13
DasIch 5 days ago 0 replies      
I very much doubt that he "dropped out" of "high school" and was able to get an apprenticeship, this is probably a bad translation.

He probably left a Gymnasium after tenth grade without getting an Abitur or didn't go to a Gymnasium after finishing Haupt- or Realschule. Unlike dropping out of high school in the US, this would still leave him with a diploma which would make getting an apprenticeship as a Fachinformatiker plausible, which is practically impossible to get without some kind of diploma.

btw. you can't just drop out of school as a minor in Germany as not attending school regularly would be illegal.

14
larrywright 5 days ago 0 replies      
As someone who essentially went the same route (though I finished high school, and took a slightly more circuitous route), I've often wondered what I missed out on by not going to college.

Don't get me wrong, I don't think it would have made much of a difference in where I'm at in my career, but I wonder about the rest of me. The people I know who went to college tended to have social experiences that I didn't have (though perhaps working at a startup these days offers some of that). They took classes in subjects that I have only a basic understanding of (physics, chemistry, politics). In some sense of the phrase, they're more "well rounded".

I'm not certain how much that matters. Maybe it doesn't matter at all.

15
zdgman 5 days ago 0 replies      
Now I love that the company job board conveys the same type of ideals. http://www.shopify.com/careers?posting=ruby-developer. Nothing gets me more than founders saying "I didn't go to college and look how great I did" while requiring their employees to have a CS degree to even get an interview. I know this is more of a filtering tactic but it seems so disingenuous. The biggest take away from the article wasn't dont go to college, it was find an environment that suits your learning style! College isn't right for everyone especially with student loan debt just about to eclipse 1 trillion dollars.
16
fallous 4 days ago 0 replies      
In the US a model akin to this exists in certain trades, such as sheet metal workers, plumbers, etc. The trade unions essentially act as guilds (rather than the more worker vs company model of UAW and the like) that sponsor apprentice programs. The apprentice has to obtain instruction at a trade school for basic skills and then apprentices through the union for an employer or employers. The unions have their own insurance plans that the members pay for themselves, and in essence the group of workers are "contracted" to the companies.

In order for something like this to extend to programming, you'd need someone to establish such a guild structure and trade training capacity.

Whether such a thing ever occurs is doubtful in my mind due to the established interests of those who are already credentialed and in the workplace. Much as becoming a lawyer was once a matter of simply passing the bar (no Juris Doctorate was required) but now has erected barriers built by the ABA to protect its membership, I suspect that there would be resistance by established tech workers and managers. (as an amusing aside, the state of Washington actually still has an apprenticeship program for lawyers but due to the ABA those apprentices can only practice in the state of Washington and will not receive reciprocity with regards to taking and passing the bar in any other state.)

17
walshemj 5 days ago 0 replies      
What he doesn't say is the the dual system in Germany is very stratified it can be very difficult to go to a tier 1 university in Germany if you don't get steamed into the right sort of high school.

note that he moved to the USA where the stigma of going to the wrong sort of school is less of a problem.

18
phatbyte 5 days ago 0 replies      
I'm the process of getting a H-1B visa denied because of my lack of degree on IT. I order to get working H-1B visa without a degree one would need to have near 12 years (which I have, but not 12 straight years obviously with a few months lacking here and there) of working verified experience. My company however, seems to find me valuable enough to want me to work for them even if remotely. The US gov does not....go figure....
19
dreamdu5t 5 days ago 1 reply      
I'm so sick of success being portrayed as an institutional choice rather than a process of individual choices.
20
zenbowman 4 days ago 0 replies      
Apprenticeships are awesome, but a lot of comments here refer to dropping out and just going it on your own, which is a lot different from an apprenticeship, which, for better or worse, we don't have here. I would recommend the apprenticeship route if we had one, but as we don't, a college degree will make your life a lot easier.

And one of the best reasons to go to college for computer science is making friends who share your interests, those are the people you will network with to find great jobs, start new companies, etc. So while the classroom environment might not be thrilling, there is plenty of education to be had outside the classroom. If you are super enthusiastic, you might even get to work on cutting edge research as an undergrad in a university lab.

21
sebastianmarr 4 days ago 1 reply      
I also live in Germany and am currently writing the thesis for my masters degree in CS. In my case, I wished I left college after getting my bachelor. I had a solid foundation of theoretical CS knowledge after 3 years. I continued to study only because I wanted the degree, in case I "need" it later to get a job.

For over a year now I didn't see any lectures, but have been working at a company instead. I had all my exams, the only thing I have left to do is my thesis. It's hard motivating yourself to do scientific work if you know you can get by just fine without it. And all just for a degree that doesn't matter (to me at least).

22
genwin 5 days ago 0 replies      
If you don't have a degree then simply leave an education section off your resume and don't bring the topic up. Ignore degree requirements for jobs; apply regardless. Doing this, your lack of degree will probably have little remaining impact on your career. This strategy works because a CS degree has small actual value to an employer, and most employers know it.
23
namank 5 days ago 0 replies      
Actually the apprenticeship model exists in Canada too. But it`s restricted to trades like electrician and plumber and does not extend to engineering or law.
24
pascalo 5 days ago 0 replies      
Good article, and most of it sounds very familiar.
I went through the apprenticeship system in Germany after dropping out of Uni (I guess I wasn't cut out for German literature and philosophy after all).

At the time there was a true disconnect between the real industry and the schooling part of things, mainly due to the fact that unlike baker of carpenter, front-end programming was such a new thing, so it got thrown into the same basket as print publishing, and thus I had to spend my once-weekly days at school memorizing various paper-fold patterns and Colorspace and DPI settings which were highly irrelevant to what I was doing throughout my days building websites at a digital media agency.

Like the OP, I got taken under the wing by a guy called Thomas, who was a pretty decent coder, and to whom I owe a lot.

Germany wasn't doing so well economically at the time, so shortly after I migrated to the UK. My three years of industry-relevant experience gave me a great base to build my career upon, for which I am thankful to this day.

25
inquist 5 days ago 0 replies      
I work for a US company and have had a similar experience to what is described here! My employer had that type of practical education, and so even though I have a bachelor's in Physics I am working as a programmer, gaining valuable experience and feedback.
26
mickgardner 5 days ago 0 replies      
I would love to have done an apprenticeship in Programming. Australia really needs an apprenticeship program like the one Germany has.
27
gdsimoes 5 days ago 0 replies      
I wish we had these type of programs in my Country...
17
LayerVault Sends DMCA Takedown Letter re Flat-UI github.com
395 points by bencevans  2 days ago   353 comments top 56
1
ender7 2 days ago 11 replies      
For the lazy, here's a summary of the claims that LV/DN is making:

Some icons appear to be heavily inspired by LV.

Here are three icons (circled) from Flat-UI: http://i.imgur.com/xDDULcG.png

You can see that the gears and news icons do bear some similarity to LV's versions: http://dribbble.com/shots/800428-LayerVault-icon-set-for-del... and http://imgur.com/rli5IVU the latter via http://news.ycombinator.com/item?id=5332741)

In addition, LV claims that Flat-UI ripped off a number of other icons from dribble.com, such as this clock and map (Flat-UI above, originals below): http://cl.ly/image/3Q181w0b1u2K (original dribble links: http://dribbble.com/shots/695458-Nasa-Playbook-Icons and http://dribbble.com/shots/877061-Map-2013).

Finally, the color schemes have been claimed to be identical: http://pixxel.co/feed/layervault-issues-dmca-takedown

LV appears to be confused as to what constitutes copyright infringement. None of these icons are actually copies of the original, and even if they were LV would not have a right to issue a DMCA takedown for the ones they didn't own.

This seems to be a massive PR blunder for the LV guys. They could have put up a blog post enumerating how many of their (and others') designs were ripped off (which is not the same thing as copyright infringement) and probably garnered some internet sympathy. Now, by misusing the much-hated DMCA takedown notice they've positioned themselves in the same camp with all the DMCA bullies we have grown to loathe.

2
mrmaddog 2 days ago 12 replies      
And here's a reply from Allan:
https://news.layervault.com/stories/1992-layervault-whats-up...

Looks like the pitchforks are out over on HN.

It was pretty straightforward. Our reaction was "Cool, a flat UI theme" to "Wait, this looks familiar" to "Wait, are those our illustrations?".

I contacted the designmodo people over email, because that's the right way to handle this. The owner was being stubborn at first and refused to admit wrongdoing. At that point, I submitted the DMCA request. Eventually, he removed the most blatant icons which (in my eyes) is an admission of guilt.

They even managed to kinda lift the old DN icon :) http://imgur.com/3zoKuvH

If you have some intimiate knowledge of LayerVault's UI (which their designer apparently does), the similarities are a bit more than striking. That's not a huge issue until you release everything together - the icons, the colors, the UI elements, whatever.

We give a lot of our stuff away for free. We put a lot of our projects on cosmos.layervault.com, we write about interesting concepts we've come up with and include the code on our blog, whatever. This isn't about thinking we own "Flat Design" or being mad that there's some other design out there with a similar aesthetic.

3
recoiledsnake 2 days ago 7 replies      
Someone please lend LayerVault some contrast.

http://i.imgur.com/jfSuxcK.png

http://i.imgur.com/cMO4lxA.png

http://i.imgur.com/JnaZdN7.png

I cannot believe a "top notch" design house can get this so wrong.

Edit: Designer News seems to suffer from the same affliction.

https://news.layervault.com/

A lot of sites that are HN these days seem to lack contrast, what's up with that?

4
justjimmy 2 days ago 2 replies      
Complete Side by Side Comparison

TLDR:

Noun Project vs Layer Vault vs Flat UI

http://imgur.com/IH1osAD

If anyone notice other similar icons, I can update image with side by side comparison.

Thanks to fellow HNers for the links to the images. I just stuck it all together side by side.

Edit: Updated with more samples.

5
aviraldg 2 days ago 4 replies      
Why don't we, as a community, collectively agree to boycott copyright trolls? (and teach them a lesson in the process)

esp. when the target audience consists of developers/designers

EDIT: I tried to cross-post this on Designer News, but it turns out they're invite-only. Can someone do me the honour?

6
HeyImAlex 2 days ago 3 replies      
I have the old pre-dmca Flat UI gitgub page from yesterday open in another window, and designmodo has apparently made a few changes since then. Just based on that, I'm going to guess that the problem was stemming from these.

http://i.imgur.com/xDDULcG.png

7
andyl 2 days ago 1 reply      
I learned one thing: I will never use LayerVault's service, and discourage anyone I know from using it.
8
jgj 2 days ago 1 reply      
The founder of LayerVault is claiming it was specific illustrations which were stolen

https://twitter.com/Allan/status/309346292902014976
https://twitter.com/Allan/status/309350351054716929

9
ajross 2 days ago 4 replies      
Can someone please summarize for those of us not plugged in to the web UI framework (or whatever this is) community? I'm seeing entities like "LayerVault" and "Flat UI" and products (?) named "trend" that I've never heard of.

Is this an abuse of process I should actually care about or is it just a "who did what?" spit between estranged developers?

10
mnicole 2 days ago 3 replies      
Am I understanding this right; that LayerVault is trying to claim that they are the sole owners of the flat UI trend? I'm sorry Allan, I've been a fan of yours since before LayerVault was even launched, but this is really low. And if I'm remembering correctly, this isn't the first time you guys have harassed someone about using "your" aesthetic.
11
Pyramids 2 days ago 2 replies      
Filing a counter notification is extremely straightforward, and moves this to a court dispute, which will almost undoubtedly never happen.

You can use Chilling Effects Counter-Notification generator to automate the process:

http://www.chillingeffects.org/dmca/counter512.pdf

For those who are unfamiliar with DMCA notices, in short:

1. Content Provider Receives DMCA

2. Content Provider must act 'expeditiously' to remove content which is claimed to be infringing

3. Individual has an opportunity to submit a counter notification to their content provider, in which case the content can be reinstated after 10 business days regardless of the other parties claims. (Unless an injunction is obtained.)

4. Any further action is only by legal means (court injunction)

Disclaimer: IANAL (yet)

12
newishuser 2 days ago 0 replies      
You can't copyright a color pallet.
You can't copyright an icon concept.

Sending DMCA take-downs without full intent to prosecute and full conviction that your copyrights have been violated is not only illegal but shameful.

13
bluetidepro 2 days ago 2 replies      
Whether this is true or false, I see this hurting LayerVault more than it's worth fighting. It will be interesting to see this play out.
14
ck2 2 days ago 1 reply      
I thought "look and feel" lawsuits over UI were settled long ago?

http://en.wikipedia.org/wiki/Lotus_Software#.22Look_and_feel...

15
kunai 2 days ago 0 replies      
What's kind of ridiculous is that LayerVault took a lot of inspiration (I repeat, A LOT) from Hacker News with regards to the design of their discussion site. From the URL, the minimalism, and the link design. Heck, even the name is copied -- Designer News? Really?

I guess pg should send a DMCA takedown notice to them, then.

16
Daiz 2 days ago 0 replies      
What I personally don't understand is that if DesignModo did actually copy assets from LayerVault, why doesn't LV name said assets and possibly include screenshots or whatever in the DMCA claim? Or make a post about it. Or really, anything that would include the specific information so that people wouldn't be left guessing. As evident by the reactions, not being specific here only serves to make LV's claims seem unsubstantial. I'm personally rather doubtful about their validity for the same reason as well.

Also, I think it's pretty ridiculous that a DMCA takedown can even be "valid" without specifying what exactly was infringed - "I am the exclusive rights holder for the artwork contained within Flat UI, Free Web User Interface Kit" isn't exactly saying much.

17
beernutz 2 days ago 0 replies      
I don't care for the whole "flatUI" trend, but I REALLY can't stand this kind of blatant abuse of the DMCA (which itself can be argued to be an abuse of common sense).
18
throwaway420 2 days ago 0 replies      
Without some extraordinary explanation by Layer Vault detailing an actual theft of files or copying of their actual work, it sounds like Layer Vault just did a major scumbag move that harms designers everywhere.

And that's a shame because I like Layer Vault a lot.

19
Duhck 2 days ago 2 replies      
Maybe Hacker News should send you a take down notice for copying HN with "Designer News" aka DN?

https://news.layervault.com/stories

20
DannoHung 18 hours ago 0 replies      
If these layervault dickholes really believed so strongly in this, they'd issue a DMCA against designmodo's webhost.

But then designmodo would absolutely be forced to defend itself and layervault would be liable in court.

DMCA is a bunch of bullshit.

21
dreamdu5t 2 days ago 1 reply      
Am I the only one here who sees nothing wrong with copying icons? Layer Vault doesn't own the things they freely display for others to imitate.

I'm repulsed at the idea of "owning" a visual depiction of a fucking newspaper.

And yes, I've worked for years of my life as a designer. I know what if feels like to have people copy you.

22
largesse 2 days ago 2 replies      
What are the penalties for a false DMCA claim?
23
stefanobernardi 2 days ago 0 replies      
The reality is that DesignModo is not new to this.

I have been waiting for this to happen for a while. Their "Bricks UI" is an extremely blatant copy of Google Ventures' web site, and it's weird nothing happened there.

http://www.googleventures.com/
http://designmodo.com/the-bricks-addons/

I'm not on either side, but it's just painful to watch the reactions on HN. It seems like a lot of the commenters were just closed down somewhere waiting for the right occasion to blame some copyright enforcer.

24
sobering 2 days ago 0 replies      
For being a design oriented company, LayerVault can't choose type colors worth shit. I can barely read any of the body text on nearly every page of their site.

They need to read up on W3's proposed contrast minimums: http://www.w3.org/TR/WCAG/#visual-audio-contrast-contrast

25
vicbrooker 2 days ago 0 replies      
I can't help but think this sort of thing is going to happen more and more as we move towards a flat/minimalist UI.

I've read comments (not on HN) from people who have endorsed the DMCA takedown because of their personal ethics and morals rather than knowledge of the law. Particularly one who claimed that the similar colour palettes between LV and Flat UI justified the takedown - even though colour palettes themselves are currently not copyrightable subject matter. To win on those grounds you'd need a genius (and crazy) lawyer and a judge who is either asleep at the wheel or bribed. Then you'd lose on appeal anyway.

Colours can be only trademarked. Using that colour is not a copyright violation. Hence no DMCA.

It makes me sad that as we all move towards minimalist design startup founders will need to know IP law better than a few years ago. Some of this is due to trolling and some because of a mislead or otherwise naive understanding of the law like I mentioned above. It's just adding pressure on founders that we don't really need and more work for lawyers.

A lot of us are doing whatever we're doing for the first time and that makes us (potentially) easy targets. A better knowledge of the law in this scenario might have prevented everything from blowing up like it has. But Flat UI and Layervault wouldn't have had as much energy put into the product and so everyone suffers.

Then again I'm in law school right now so at least I know there's a job in all of this if i ever need it :-/

I guess I just wish we could stop bickering about stuff like this and get on with building cool stuff.

26
camworld 2 days ago 0 replies      
Congratulations to LayerVault on their biggest day of traffic ever. Whether this brew-ha-ha was intentional or not, a lot more people are now aware of them than before today.

I like browsing their Designer News links on a daily basis, but I would think twice about signing up for a service run by people with questionable character and morals, which is the feeling I am coming away with after reading through this thread.

This whole thing could have been handled a lot better and with far more professionalism.

27
3amOpsGuy 2 days ago 2 replies      
The designmodo logo is quite debian-esque. Maybe too close to debian's i'd think.

EDIT: https://secure.gravatar.com/avatar/7d9027189b18855f5f2ddeb7d...

28
damncabbage 1 day ago 0 replies      
The DMCA counter-notice has been submitted: https://github.com/github/dmca/commit/6a33a213e04e7fc5e74ce3...
29
justjimmy 2 days ago 0 replies      
Does anyone have a active subscription to Layervault?

Here's the Flat UI designs:
http://designmodo.github.com/Flat-UI/

LV is saying that illustrations/artwork was the reason for the notice so if anyone have artwork on the dashboard they can compare that'd be great (cause I can't find any copied artwork from their main site).

Layervault
https://layervault.com/

The issue is artwork/illustration.

30
SmeelBe 2 days ago 2 replies      
I not see any resemblance between layervault project and Flat UI, colors are different, icons too... explain please guys what is the problem?
31
mambodog 1 day ago 0 replies      
When you use an overly simplistic visual style, don't be surprised when it turns out to be very easy to rip off.
33
beatboxrevival 2 days ago 0 replies      
Always With Honor should go after LayerVault.
Saul Bass should go after Always With Honor.
Picasso should go after Saul Bass.

Any designer that doesn't understand that design is an iterative process, shouldn't be a designer anymore.

34
binaryorganic 1 day ago 0 replies      
Now the "no design skills required" slogan from their site makes perfect sense.
35
justjimmy 2 days ago 1 reply      
This is why we can't have nice things.

Even Apple didn't even go after others when rounded corners, glassy/glossy, gradient buttons was the trend. (Yes, Apple didn't invent those, just as LV didn't invent flat UI or the art work - which btw, is just a flat color. Glad Pantone isn't going around with LV's mentality.)

Just speechless.

36
etchalon 2 days ago 6 replies      
I'm not a massive fan of the most of the responses in this thread.

Any designer would look at Flat UI and immediately realize that they drew inspiration from LayerVault. The similarities aren't minor, in either style, tone, or techniques.

The three icons DesignModo removed were the most obvious offenders. And by obvious, I mean, "Yeah, you completely ripped those".

So DesignModo has absolutely no right, in any sense, to be indignant. They produced unoriginal, lazy, copied work, and got called out on it.

Within this thread, I see lots of idiotic bits such as "LayerVault doesn't own hex codes!", "You can't own a style!", etc etc. These type of comments miss the forest for the trees.

Individually, no, LayerVault has no right to claim ownership of any specific color. But Flat UI's rip is the combination of a rip of all things together, not one thing in specific. Change the color scheme of the illustrations and you'd have less of a case. Change the shadow technique, or the general aesthetic of the icons.

It's the COMBINATION of all of these factors which makes this a "rip".

Now, what DesignModo did may not be illegal, but why is anyone rushing to defend them? In what terrible universe is being an insipid, unoriginal copier something any community champions?

And why would anyone walk away with a negative opinion of LayerVault? Really? You don't think they should be slightly irked that DesignModo ripped off their distinctive style, and is _charging_ people for the chance to use it?

It baffles the mind.

37
melvinmt 2 days ago 0 replies      
I like the way how Github handles DMCA requests by the way, everything's out in the open, including the lame claims people come up with.
38
jbverschoor 2 days ago 1 reply      
Damn..
I think I'll send myself a DMCA notice, post it on HN and get lots of traffic and noise around my brand
39
ebbv 2 days ago 3 replies      
Really glad I downloaded Flat UI yesterday before this crap started 'coz I'm gonna be using it for a project this weekend.

Fortunately I only wanted the CSS. If an illustration was stolen (which seems unlikely, or at least it wasn't done with designmodo's knowledge), that won't affect me since I'm not using any of them.

40
enra 2 days ago 1 reply      
When the Flat UI was released, I was waiting for Layervaults response. In their defence, the style, colors, some of the icons are very close to Layervaults, so I can understand their frustration. I have no doubt that designmodo had more than "inspiration" from Layervault.

Probably they didn't break copyright, but basically they copied the style and made it a commodity (this is like the Svbtle thing all over again). Flat design is a trend, but I haven't seen similar site, with similar colors and style as Layervault. When you ripoff something almost 1:1 in design, necessarily it isn't illegal but it isn't honorable either. As a designer, you shouldn't do that to other designers.

41
largesse 2 days ago 1 reply      
Could a site have a policy where if you issue a DMCA takedown for something on the site they drop your content and ban you?

It's sort of like the logic of GPL.

42
lucaspiller 2 days ago 0 replies      
Anyone got a clone of flat-ui?
43
brendanobrien 2 days ago 0 replies      
I think this serves as a great testimony to just how homogenous / under-considered the "flat" aesthetic has become. For crying out loud, flatUI is a kit for replicating this appearance! I love the flat look, but as soon as kits for replicating a look start to grow in popularity, it's time to move on.
44
mattwdelong 2 days ago 1 reply      
Does anyone notice a striking similarity between the "Debian swirl" and the e in Designmodo?

It's obviously not a copy of it, but rather an "inspired version" of it. With that being said, it's definitely possible that designmodo didn't copy layervault, but rather was "inspired" by them. Not sure how that would stand up legally, but I would say that if I were designer, it would be "ethically annoying".

45
jcomis 2 days ago 0 replies      
The only thing that is not completely generic imo is the color scheme FlatUI picked, which is similar to the scheme on LayerVault. But it's not exactly the same (I checked, everything is quite close though). Don't think something like that warrants an action like this at all.
46
aubreyrhodes 2 days ago 0 replies      
Seems like their complaining about the news icon. Here's the DN icon and the flat-ui icon side by side: https://acr-skitch.s3.amazonaws.com/news.png-20130306-130455...
47
torbit 1 day ago 0 replies      
Nice color scheme. I just copied it to colourlovers.com. Now many can enjoy it.
48
fuddle 2 days ago 0 replies      
It is still available for download on their site: http://designmodo.com/flat-free/
49
bratao 2 days ago 0 replies      
Anyone can provide a mirror ?
50
ryanAmurphy 2 days ago 0 replies      
Maybe they own a few hex codes.
51
creullin 2 days ago 0 replies      
Coders Twitter account https://twitter.com/iurevych
53
saiko-chriskun 2 days ago 2 replies      
anyone manage to clone the repo?
54
bzelip 2 days ago 0 replies      
so disappointing when our generation(s) act to limit the Internet. LayerVault please stop, we really dig ur stuff.
55
SmeelBe 2 days ago 0 replies      
let me guess, the next one you're going to report is microsoft, or google?
18
What I've learned from 35 years of wearing computerized eyewear ieee.org
396 points by twentysix  5 days ago   117 comments top 26
1
maeon3 5 days ago 3 replies      
I spend several thousand dollars testing a few "eyesight for the blind" products by taking video on a head mounted camera, encoding the image as an 1 image per second audio file that is transmitted to the ears. I was actually able to get it to work as advertised, and I believe that given 10 hours a day practice for a month, you could detect a sense of depth perception and make out attributes in your environment through your audio cortex enough to walk around slowly without bumping into things. I had the blind friend test out the best I could do, and although it was a technological marvel, he actually didn't like it because it made people ostracise him even MORE than him being blind. He can move around slowly without bumping into things much more fashionably with the system he already had, a stick, good hearing, touch, and memory.

So a few insights:

1. If you are putting something in front of your eyes, or on your hat brim that looks like a hacked together bunch of cameras and wires and you wear it in public, there is millions of years of evolution causing people to ostracise you. It's so bad, that a blind person told me: "The ostracism from wearing it is worse than the ostracism from them realizing your blind."

2. You think you're confidant and can handle it? You aren't, inside you are millions of years of evolution to remove what is causing the ostracism. If you are the kind of person who can choose to remain single and lonely for life when you burn with passion for the opposite sex, then you have the kind of mettle it takes to wear cameras and wires on your head in public.

3. The experience I had with converting visual to audio and using my audio cortex was tremendous. For example objects that "popped out" at me during audio-vision were completely different than normal vision. Take a brick wall for instance: I could hear the distance between the bricks (cement) was smaller in one spot, and larger in another spot because of an anomalous blip in the audio file. When looking at it visually, you think "meh", it's just a brick wall. With the audio file, the different brick leaps out at you as an anomaly. Thus exposing the data structure/algorithmic differences between the visual cortex and audio cortex.

Doing visual as audio makes you an infant again, the tiniest changes in things leap out as fascinating. This experience I had could probably be sold to people bored to tears with life. A billion dollar idea! Be an infant again.

2
jwr 5 days ago 6 replies      
I don't understand why Google hasn't hired Steve Mann yet, at least as a consultant on the project. Seems like hubris to me: this guy has been testing wearable systems for 20 years or so and knows more about the experience than anyone on the planet.
3
sudhirj 5 days ago 2 replies      
Steve Mann: Old-fashioned welding helmets use darkened glass for this. More modern ones use electronic shutters. Either way, the person welding merely gets a uniformly filtered view. The arc still looks uncomfortably bright, and the surrounding areas remain frustratingly dim.

Me: Hasn't this guy ever heard of HDR? He could have just used a couple of video cameras with some processing.

SM: A few years before this, I had returned to my original inspiration"better welding helmets"and built some that incorporated vision-enhancing technology. [...] These helmets exploit an image-processing technique I invented that is now commonly used to produce HDR (high-dynamic-range) photos.

Me: Oh. Right.

4
cromwellian 5 days ago 1 reply      
I think eyestrain would be a factor if you're using these systems as an augmented display that's constantly on, but I don't think the point of these devices is to be constantly looking at them, but rather, to engage them as needed, otherwise, let them get out of the way.

His devices in the pictures are shown to get in between the eye and the external world, whereas, if you look at glass, the screen is up and out of your line of sight.

I think if your wearable tech display is always on and continuously visible, it'll be a problem, battery life will be negatively impacted, and the device will distract you constantly.

5
kiba 5 days ago 4 replies      
To me, google glasses is worth a buy for just only one reason: sousvelliance(or inverse survelliance).

When somebody crashed into your house, or you witnessed a crime taking progress, or remembering an important details related to business dealing, it just may be worth the 1500 dollars you spent to get a Google Glass.

Other application of google glass may provide utility on a daily basis. I can imagine getting 10 dollars worth of useful service from google glass everyday, and 5 dollars in security benefit for the surrounding society. Multiply that by 365 days which is 5475 USD in term of economic benefit every year. Don't forget to mention high value recordings such as record of criminal activities, abuse of authorities by cops.

(Of course, if you're too poor, than google glasses isn't worth 1500 USD even if it may be someday worth 1500 USD of value to you.)

6
jaggederest 5 days ago 1 reply      
I really wish someone would make an early-adopter version of his EyeTap v4/v5 and sell it.

Would I pay cost plus 50% for one? Absolutely. Up to and including car-level prices. This is HN, a startup, anyone?

7
dbbolton 5 days ago 1 reply      
>The impact and fall injured my leg and also broke my wearable computing system, which normally overwrites its memory buffers and doesn't permanently record images. But as a result of the damage, it retained pictures of the car's license plate and driver, who was later identified and arrested thanks to this record of the incident.

This image retention also happened when he was attacked at a McDonald's in Paris last summer: http://www.huffingtonpost.com/2012/07/17/steve-mann-attacked...

Here's his account: http://eyetap.blogspot.com/2012/07/physical-assault-by-mcdon...

As far as I know, nothing ever came of it (i.e. there were no charges or settlements).

8
codeulike 5 days ago 1 reply      
The second issue, the eyestrain from trying to focus both eyes at different distances, is also one I overcame"more than 20 years ago! The trick is to arrange things so that the eye behind the mirror can focus at any distance and still see the display clearly.

Sounds like he has some great insights here. He's also known as 'the worlds first cyborg' (http://en.wikipedia.org/wiki/Steve_Mann), and the lonely trail he seemed to be on is now shifting to the mainstream.

9
Swizec 5 days ago 2 replies      
All I really want from computerized eyewear is telemetry for sports.

Current time/pace/distance/route/whatever when I'm running.

Current speed, next corner severity/distance when I'm longboarding. (http://swizec.com/blog/ifihadglass-the-app-i-want-to-build/s...)

That alone would be worth the money to me. Such things already exist for skiing goggles, but those aren't extensible and only really fit one sport. So that's no good.

10
splicer 5 days ago 1 reply      
As I went to speak with the driver, he threw the car into reverse and sped off, striking me and running over my right foot as I fell to the ground.

Probably because the driver was like "AAHHHHH!!!! A FREAKIN' CYBORG!!!!"

11
woodchuck64 5 days ago 0 replies      
> But as a result of the damage, it retained pictures of the car's license plate and driver, who was later identified and arrested thanks to this record of the incident.

[McDonald's assault]:
> when the computer is damaged, e.g. by falling and hitting the ground (or by a physical assault), buffered pictures for processing remain in its memory, and are not overwritten with new ones by the then non-functioning computer vision system.

Fragile design or, say, accelerometer-controlled backup memory?

12
WestCoastJustin 5 days ago 0 replies      
Reliant: Steve Mann wrote "Physical assault by McDonald's for wearing Digital Eye Glass" [1], back in July 2012. Speaks to the stigma Google Glass is likely to face.

[1] http://eyetap.blogspot.ca/2012/07/physical-assault-by-mcdona...

13
nirvana 5 days ago 2 replies      
For the record, this guy has been wearing actual computers.

Google glass is an accessory- essentially a bluetooth headset, display and camera built into glasses. The intelligence lives on the servers, and glass needs a bluetooth or wifi connection to talk to the net.

I think google's engaging in a bit of a PR swindle by making people think google glass is like an iPhone. It isn't, it needs and iPhone or android phone to connect to the net.

Consequently it can't replace a smartphone.

I'm also pretty dubious about the battery time it will get, even without having to run a local CPU.

14
rogueSkib 5 days ago 0 replies      
Visual perception is truly an amazing thing! The author's anecdotes about vision alteration and the brain's ability to adapt were very interesting to me. I have nystagmus: my eyes move back and forth quickly all the time. I've often wondered what it looks like to see without the movement; however, that is how I see: I don't notice the movement at all. My vision with contacts doesn't get much better than 20/40, so I do experience the effects of the movement. I tend to think of my vision as if it's an example of two-point wave interference: http://en.wikipedia.org/wiki/Interference_(wave_propagation) The further away an image is from my focal points, the more the interference from movement affects my brain's ability to piece it all together; it's similar to tunnel vision, but instead of darkness on the periphery, it's progressively more blur. To see most clearly, I have to tilt my head to the side, to my "null point" where my eyes move the least. Not to mention my head moves often in some sort of sync with my eyes, especially while reading; once in school, a substitute teacher raised his voice angrily, thinking I was shaking my head at his work on the board!

I'm curious how Google and other developers of high-tech eyewear will account for us with out-of-the-ordinary eye conditions. If the glasses or certain apps rely on eye movements for communication, we probably couldn't use them.

15
hnriot 5 days ago 1 reply      
I wonder how much wearing a contraption on his head contributed to his getting hit by the car. Even state of the art high-end viewfinders with millions of pixels have frustratingly long lag, enough to easily take away the reaction speed edge gained from millions of years of evolution.
16
coldtea 5 days ago 1 reply      
>What I've learned from 35 years of wearing computerized eyewear

Apparently nothing about fashion?

17
drsim 5 days ago 0 replies      
Apart from the potential physiological issues, the author briefly touches on the sociological impact this may have. In my mind that will be even more profound.

If you haven't seen it, 'Black Mirror' on TV here in the UK has an excellent episode where nearly everyone (voluntarily) has an implant which records everything they see.

Well worth a watch: http://www.channel4.com/programmes/black-mirror/4od#3327868

not sure how available this is outside the UK. It's called 'The Entire History of You'

18
Tichy 5 days ago 0 replies      
Couldn't the fashion problem be solved by making hats cool again. Already some hipsters are wearing them, should provide plenty of space for hiding computing gear. Perhaps even the projector into the eye could be hidden in the rim of the hat?
19
shocks 5 days ago 0 replies      
EyeTap, and this: http://bits.blogs.nytimes.com/2013/02/27/scientists-uncover-...

I would pay for this. I would pay a lot.

20
ronyeh 5 days ago 1 reply      
(In the far future) if Google Glass could automatically upload video of what you're seeing to your cloud storage, you could have a searchable log of your entire life.

Reminds me of these projects:

http://en.wikipedia.org/wiki/MyLifeBits

http://en.wikipedia.org/wiki/Microsoft_SenseCam

Maybe a V1 of this could have Google Glass take a photo every minute. You could upload it automatically to Evernote or your private G+ photo feed. Then, you could occasionally review and "star" the important moments of your life (and maybe even delete/summarize chunks that are less important).

21
ericbb 5 days ago 1 reply      
The pinhole aremac idea is so elegant! Infinite field of view and no need to measure the eye's lens. I wonder if video games and head-mounted displays designed for gaming will one day take advantage of that.
22
aneth4 5 days ago 0 replies      
This guy looks amazing, though he can hardly lament that lessons were not learned if be did not participate in the commercialization of the technology.

Why is this guy not consulting for Google? And I'm not sure if I'm more astounded or thankful that he has not patents his research.

23
kayoone 5 days ago 2 replies      
Computerized eyewear like Google Glass will kill the jobs of Rally Co-Drivers!
24
paulftw 4 days ago 0 replies      
35 years? means we won't hear about any entertainingly silly patent claims?
25
seatac 5 days ago 0 replies      
I don't think the article said what the man's purpose was though (the one who crashed into his home and hurt him badly).
26
rikacomet 5 days ago 0 replies      
this has to go front page!
19
Why American Eggs Would Be Illegal In A British Supermarket, And Vice Versa forbes.com
371 points by memset  3 days ago   287 comments top 23
1
simonsarris 3 days ago 10 replies      
This is generally one of the first things that people who decide to keep hens learn, and is reprinted in nearly every homesteader/farmer magazine ever.

(that said, I'm surprised to find it on the front page of hacker news!)

Where I live in NH lots of small farms and people keep a few hens, and most of the smaller places will mention this to customers.

Eggs from these "home hens" definitely taste different, though I doubt it has to do with washing and much more to do with hen diet.

(And now it's mid noon here, time to go home and make eggs. Far more important than any local food movement, for me, is living within walking distance to work!)

2
user24 3 days ago 6 replies      
> Since the late 1990's British farmers have been vaccinating hens against salmonella [...] Amazingly, this measure has virtually wiped out the health threat in Britain.

"Amazingly"? No not really! Vaccination stops disease. It's completely expected, not amazing at all.

edit: Likewise it's not "amazing" that cases of Diptheria, Measles, Polio, etc have been drastically reduced - by 100% in some cases - since widespread vaccination began in the USA (source: http://www.forbes.com/sites/matthewherper/2013/02/19/a-graph... )

3
alphaoverlord 3 days ago 4 replies      
I feel like this story is a great example of how its easy to come up with ad hoc justifications. After you decide to do something, it's quite easy to find evidence for your perpsective and justify standard practice.

At the point that there is such a huge variation in practice, for most of these steps, I can't imagine that they are very significant/important. The two systems are made to sound like there is significant justification for each step, which protects one from the shortfalls of other steps, but I can imagine that a combinatorial approach for each of the requirements would work just as well.

Then again, I don't know anything about hens. Just my thoughts.

4
newishuser 3 days ago 1 reply      
This is one of those obvious to some, and eye opening to others things. I had always wondered why other countries keep their eggs unrefrigerated and we Americans have always been very thoroughly warned about the dangers of room temperature eggs.

I always figured it was a matter of cultural tradition and that eggs weren't really as sensitive as I've been told. I had no idea there was so much process and science behind it.

This kind of fits as a rough analogy for software. Consumers may see eggs in either market as just eggs. Maybe they have a slight different taste, maybe some are kept in a fridge, but they're still plain, simple, safe eggs. Getting to that point of consumption though is a choreography of processes that has no "right way" and is more complex than the average consumer wants or needs to know.

5
tptacek 3 days ago 3 replies      
You can get unwashed eggs from farms in most parts of the US. Farm-fresh eggs are much better than supermarket eggs, regardless of whether they're washed.
6
mongol 3 days ago 4 replies      
I don't think the article is accurate. In Sweden, part of the EU, washed eggs are common. I google and find for example this (Swedish): "from 2004 EU labeling rules were changed so it must state if eggs are washed".

More, in Swedish on http://producenter.svenskalantagg.se/tvaettade-/vi-tvaettar-...

7
greghinch 3 days ago 1 reply      
Basics that I've seen when it comes to regulations of these kinds in US vs UK/EU:

In the US, the regulations are primarily to serve the corporate interests (consistent production at scale, distribution over a wide area)

In the UK/EU, the regulations are primarily to protect the citizens, often to the point of impeding business to a degree.

I'd rather see the latter but it goes against pretty much everything we're taught from birth in the US.

8
mauvehaus 3 days ago 2 replies      
"guidance set out by the Chartered Institution of Building Services Engineers recommends supermarkets maintain a temperature of between 66.2F to 69.8F in the winter and between 69.8F and 73.4F in the summer. Room temperature is generally considered to be between 68F to 77F."

Does it drive anybody else a little nuts when newspapers don't either 1) leave the numbers in their original units and put the conversion in parentheses (or vice versa) or 2) round sensibly? It's misleading to suggest that anybody is measuring supermarket temperature to the tenth of a degree Fahrenheit by using so many significant figures.

It would both help people understand the metric system and be a more accurate description of the situation to say that what's actually specified is 20 degC +/- 1 degC in the winter and 22 degC +/- 1 degC in the summer.

9
DanBC 3 days ago 1 reply      
This is a fascinating look at different systems.

I hope that cooks are frequently washing their hands when preparing food, especially when moving between items that cary a risk of contamination (raw meats, etc) and already prepared items (cooked meats).

Also: egg yolk colours are controlled by feed additives. Farmers can get colour charts and specify the colour of the yolk they want.

10
MichaelGG 3 days ago 1 reply      
It seems like there should be solid data backing up the EU or US regulations. Is it not possible to accurately calculate how much/often contamination gets inside the egg? Do health records not provide sufficient evidence to determine if cross-pollution by end-users is causing sickness?
11
rmc 3 days ago 7 replies      
As a European who watches American TV & films, the one thing that strikes me about American eggs is the colour. They're white! This just looks wrong! Eggs here are a peach/pink colour. White eggs look like fake eggs.
12
elptacek 3 days ago 0 replies      
Coincidentally, I was just telling our kids last night how much store-bought eggs and raw chicken skeeves me out. I don't know where these things have been, who has touched them or what they've been fed. We never washed eggs with water (I grew up on a farm), just knocked any big bits off with a soft brush, like the kind you'd use for mushrooms.

Too bad I can't keep some hens...

13
darxius 3 days ago 1 reply      
Very informative article. I was expecting the author to finish off on an "Americans are weird and people shouldn't have to worry about refrigerating their eggs" but, instead, he showed why its valid for us to be doing so.

Kinda cool, learned something about eggs today.

14
Vlaix 3 days ago 6 replies      
1. Why would anyone ship eggs across the pond ?

2. I don't buy "clean" eggs. They look fake. Eggs come out of a hen's butt, deal with it. But then again, I'm neither American nor British (but French).

15
gcb0 3 days ago 0 replies      
Both sound good in theory. And they arebeing applied for decades. Just get the delta of salmonella cases from before and after each solution was implemented and you will be able to measure which is better in practice.
16
scrumper 3 days ago 1 reply      
Enjoyed this, very interesting. The salmonella scandal in the '90s was absolutely huge in Britain. The health minister at the time, Edwina Currie, was forced to resign over it. The tabloids subsequently dubbed her 'Eggwina' and she's never really lived it down.
17
mozboz 3 days ago 2 replies      
To summarise the numbers: the American laws result in 0.045% of the population being affect by salmonella related disease, whereas the British laws result in 0.00093%, that's 50 times more illness in the US per capita.
18
kemiller 3 days ago 0 replies      
I feel like there's a lesson for software here. You can have more than one effective system. Each will have its own properties, upsides and downsides, but you can't cherry-pick specific practices within the system and transport them into the other system, or even evaluate them in isolation. What is best practice in one system may be actively harmful in another.
19
hiharryhere 2 days ago 1 reply      
So in short both methods = lower disease.

Let's review the approaches:

- EU relies on natures own mechanism along with responsible farming and vaccination
- US relies on energy intensive washing, coating with a chemical spray and constant refrigeration

Hmm...

20
nnq 3 days ago 4 replies      
I hate dirty eggs, even when there's just a tiny point of dirt on one in a box! I wish the EU would make egg-washing mandatory, even for purely "aesthetic" reasons :
21
ndespres 3 days ago 0 replies      
I'm a new (small) farmer, and I've just begun selling eggs from my small (70 hens) to neighbors, and they're often surprised when they see that the eggs are not refrigerated. I do have conversations a lot about this, and folks are often surprised to learn that the eggs in their grocery store cooler are often 2-3 weeks old already and that the refrigerator is a requirement to keep them edible for so long. Mine will be edible for just as long, and they taste fresher too!
22
spiritplumber 3 days ago 1 reply      
This is why laws that cannot prove that they're consistent with physics and formal logic are useless and should not be considered when transacting business.
23
mydpy 3 days ago 2 replies      
Why is this on Hacker News?
20
A new Light Table experience chris-granger.com
365 points by falava  8 days ago   143 comments top 48
1
manaskarekar 8 days ago 1 reply      
Apart from the other obvious praises, I just want to thank you for making something so beautiful with Clojure as a first class citizen.
2
Raphael_Amiard 8 days ago 1 reply      
It is absolutely gorgeous, but it is also looking a lot more like a traditional text editor from what i can gather.

I'll download and play with it a bit anyway, to see what i get from it.

3
pixelbath 8 days ago 6 replies      
This is a very pretty editor. That said, I have no freaking idea what I'm supposed to do. I've been messing around with it for around 15 minutes now, and I still don't understand it.

I added a PHP website folder and got no code hinting or anything else beyond "here is the match for your parenthesis" for either PHP or Javascript. This also resulted in my "navigate" tab being filled with SVN meta-files. I am quite confused.

Looking around on the site and some of the comments here, it appears you're using Clojure. Does this IDE only support Clojure?

4
Sandman 8 days ago 1 reply      
Every time a new version of LT playground gets released I feel like a kid in a candy store, looking for all the cool new stuff Chris and the rest of the team put in :). Awesome work, and it just keeps getting better. To be honest, since there weren't any updates in a while, I started having doubts about whether they'll be able to deliver, but I'm glad to see that the project is alive and well.

Judging by the comments I see that there's a lot of people who haven't yet heard of Light Table, which surprised me a bit because posts about LT frequently hit the front page of HN. If you're one of those people, you should take a look at their kickstarter page: http://www.kickstarter.com/projects/306316578/light-table

Finally, while there's a lot of people bemoaning the fact that some more popular languages (than Clojure) aren't supported out of the box, I, for one, am glad that somebody's developing such an awesome tool with Clojure in mind.

5
ollysb 8 days ago 2 replies      
I'd absolutely love to see ruby in Light Table, how are plans looking for this? If there was a kickstarter for adding ruby I'd pony up in a flash. I realise manpower is probably going to be the main issue though...
6
scottjad 8 days ago 3 replies      
How are you highlighting the matching characters in the fuzzy search results?

http://www.chris-granger.com/images/030/navigate.png

It looks like the same method I'm using in emacs/ido, which is to turn "la/clj" into

  "(l).*?(a).*?(/).*?(c).*?(l).*?(j).*?"

I've found this technique gives inferior results to whatever SublimeText is doing. For example, in your hits with "langs", such as "lt/objs/langs/js.cljs" I think "lt/objs/langs/js.cljs" is more intuitive than the result you give of "lt/objs/langs/js.cljs". (Sorry for the hard to read italics)

For another example, on a search of "completions" I think your technique will highlight "hacks-completions" as "hacks-completions" instead of "hacks-completions".

Does anyone know if there's an easy way to modify the regex (not LightTable) and get the user-friendly results of Sublime Text?

7
podperson 8 days ago 2 replies      
What going back over the old demo and looking at this post did was remind me of how nice jsfiddle is when it isn't insanely slow, which then led me to wonder how hard it would be to create something like jsfiddle that lived on top of github would be, or something like jsfiddle that lived inside my favorite editor, or just in a static html page on my desktop.
8
abecedarius 8 days ago 1 reply      
So how do you see these inline results? I'm told cmd-enter or cmd-shift-enter will evaluate code; on Windows 7, for me, none of ctrl-enter, alt-enter, or windows-enter seem to do anything. ctrl-shift-enter in a .js file creates a checkmark next to my first line, 2+3; (though not the lines I'd written after it). Trying to create a .clj or .cljs file, by 'Create a new file' and then 'Save file', it remains as 'untitled', and ctrl-shift-enter doesn't seem to do anything.

Anyone else on Windows at the moment with tips?

(The 'bindings' command lists things like Cmd Enter; since it lists Ctrl for other keybindings, I'm guessing that's meant to mean Alt.)

9
sudowork 8 days ago 2 replies      
Small bug I found: When I change the editor theme to something other than `default`, the next time I start up the editor, the theme isn't loaded. Instead, I just get some light grey text on a dark grey background.

UX Annoyance: When clicking on an exception, there's no visual indication that it's been clicked on. I found that Shift+Tabbing brings you back to the editor pane (other than using the mouse).

A couple more things that could just be me being stupid. When I try to eval using Ctrl+Shift+Enter, nothing happens. Instead, I have to eval each line one-by-one. I tried creating a new key binding, but couldn't figure out how to delimit my keys to allow modifiers. I also can't figure out how to pop up documentation or data flow as demo'd in the original light table (this is my first time using any version of light table). I tried `(doc <foo>)`, but it just evaluates to `nil`.

Anyways, hope these comments might be useful in terms of my user experience as a first time user.

10
pjbrunet 8 days ago 0 replies      
Would be nice if font size changed by control+scrolling mouse wheel, most code editors do that. I can't imagine really needing (or wanting) to evaluate things in realtime (like the videos demonstrate) unless I was writing cryptic, mind-numbing algorithms all day every day. I like the idea in one of your videos, every function can have its own little window, but I wouldn't want that to create new files for me automatically in the background and it would have to be more useful than a straightforward "split window" editor function, which is already something I rarely use. The colors are cool but not as cool as my hacked Crunchbang+Geany colors. Maybe one day Light Table will be like a more graphical, user-friendly Emacs? I don't know. The videos are really eye-catching but realistically I can't imagine why I'd use Light Table. I realize there's already a lot of interest in this, but I would like to see more videos showing how this is actually more useful than Gedit or whatever.
11
paulhodge 8 days ago 0 replies      
I love these updates, the tool is looking more awesome every day.

I'm wondering if there's a roadmap for Light Table's release, specifically if there's a point where the code will be available? I have a programming language in progress and I'm interested in potentially hacking LT to support the language. It seems like it would be a good fit.

12
andreyf 8 days ago 1 reply      
Noooo! So many wasted pixels at the top! Why!? It was so much better before!

Aside from that: neat! :)

13
amckenna 8 days ago 1 reply      
I know python support is planned, but will it be integrated alpha/beta or will we have to wait until after the 1.0 release?
14
Macsenour 8 days ago 1 reply      
As a game dev guy, I'm looking at the two new Open game platforms, Ouya and GameStick, and thinking that LT might be a great way to get kids into coding.

Getting kids to code games is so much easier than any other project, even if the game is extremely simple.

Anyone care to comment?

15
btipling 8 days ago 3 replies      
You gotta be kidding on the sideways text as an important part of the UI. Also adding the vim integration is a waste of time as long as you don't have buffers, registers, ranges and can't parse my .vimrc nor use my modules you might as well not do it.
16
eaxbin 8 days ago 1 reply      
I'm getting Access Denied when trying to download the OS X version. Other versions are working fine.
17
fnordfnordfnord 7 days ago 1 reply      
If you're going to make it vi-like, please put some effort into introducing the modal-concept, and lots of help for new users. There are reasons that many people avoid vi. You may not think that you need to make it a teaching tool, but everything else about lighttable makes it well-suited as a teaching tool.
18
bbq 8 days ago 0 replies      
This looks great! It's getting more and more usable.

It would be nice if, when a computation is running in the instarepl, the computation indicator would display inline e.g. with the previous result - perhaps graying the result out?

How would I go about implementing this myself? Or is LightTable reflection not yet publicly available?

19
edoloughlin 8 days ago 0 replies      
Currently downloading at 9-10KB/s. Anyone seeding a torrent?
20
fdb 8 days ago 1 reply      
There's something weird going on when using the trackpad on OS X. My trackpad is set to "natural scrolling", but if I scroll really fast the editor seems to scroll in the other direction.
21
glesperance 8 days ago 0 replies      
What is the project direction in relation to complex JS apps?

i.e.: How do you guys expect the instarepl idea to be used in apps made of serveral node.js modules/libs or several files meant to be loaded together via RequireJS ?

22
DigitalTurk 8 days ago 1 reply      
It just so happens that I started playing with Clojure yesterday! I didn't quite manage to get anything to work in LT, however.

E.g. if I do Cmd+Enter on a definition, I get this:

  clojure.lang.Compiler$CompilerException: java.lang.RuntimeException: Unable to
resolve symbol: defn in this context, compiling:…

If I click 'Make current editor and instarepl' I get errors like this:

  clojure.lang.Compiler$CompilerException: java.lang.RuntimeException: Unable to
resolve symbol: subs in this context, compiling:(NO_SOURCE_PATH:9)

It's all rather confusing. Maybe there's a manual somewhere I should read, but I couldn't find it.

23
sc0rb 7 days ago 0 replies      
I can't wait for this to support Java so I can at least have some beautiful tools to get me through the soul sucking days of Spring development :-)
24
cheald 8 days ago 0 replies      
I've tried to add a workspace directory from a Samba mount, and it's been stuck for about 10 minutes now.
25
auggierose 8 days ago 3 replies      
Does anyone know what Light Table is programmed in? It seems to be cross platform, how does it achieve that? I assume some kind of mix between Clojure and using browser technology as a UI, but does anyone know specifics?
26
Meai 8 days ago 2 replies      
You should add mousewheel scrolling of tabs, I'd like that. Also a white theme, because black themes look sort of sketchy at work.
27
agentultra 8 days ago 0 replies      
Nice work.

Seems to me like it's becoming emacs (which is a good thing, you should poach more ideas from it).

28
marizmelo 8 days ago 0 replies      
Small drag and drop problem.... On OSX I can drag the divisor for files/texteditor OVER the option of tabs (left options)... if I drop the editor there I cannot resize the view anymore and have to restart the program.
29
pjmlp 8 days ago 1 reply      
Eventually the editors of Smalltalk and Lisp environments of the early days will be rediscovered by youth generations it seems.
30
companyhen 8 days ago 0 replies      
I'm a web designer (PSD -> WordPress) and I started learning programming around the time Light Table was funded on KickStarter. It's been nice to see the project grow with my programming skills. Although I still don't feel like a decent programmer, it's nice to see what my small $15 investment has helped create. :)
31
octix 8 days ago 2 replies      
Has anyone started using LT? Is it productive? Should java devs even bother with this? Thank you.
32
rsamvit 8 days ago 0 replies      
Beautiful Editor.
I'd switch to it completely if it supported a more complete vim emulation -- for now I use it as a repl
33
karlokeeffe 8 days ago 3 replies      
I get the error:

"LightTable.app" is damaged and can't be opened.

I'm running OSX 10.8.2.

Anyone else having the same problem?

Are there any dependancies I need to have installed before running the app?

34
pjbrunet 8 days ago 1 reply      
I downloaded Linux 64 and it doesn't work in Debian. No readme either?
35
dpick 8 days ago 1 reply      
Stack Size Exceeded when trying to open a ~3500 line clojure app :(.
36
devy 8 days ago 0 replies      
How do I open a new client like what Chris demo'd in the video to eval JavaScript & CSS?
37
almost_usual 8 days ago 0 replies      
Awesome, really nice to have such great Clojure support
38
programnature 8 days ago 0 replies      
Congrats, the improvements are quality.

Would love to switch to light table, but I need paredit. Can't switch without paredit.

39
truncate 8 days ago 0 replies      
It still depends upon on libudev.so.0. Hence can't use it on ArchLinux (unless I fool it by linking it with latest so). :(
40
dimitris99 7 days ago 0 replies      
Looks really nice. I want to use it. I also like vim.

BUT could do with some more documentation.

41
null_pointer 8 days ago 0 replies      
I've been playing with this editor, except it seems Syntax Highlighting doesn't work (Linux x64). Which is kind of a killing point for me. Does anybody know of a forum / mailing list I can get on to figure out configuration and such? I have heard so much about this IDE, but it kills me that it doesn't seem to be working properly.

EDIT: Restarting twice seemed to fix the problem.

42
shuma 8 days ago 1 reply      
Which languages does it support?
43
baby 8 days ago 0 replies      
More than 300k raised? Isn't that way too much? How much is a developer getting paid in the valley?
44
billyvg 8 days ago 1 reply      
How do I go into vim mode?
45
arrakeen 8 days ago 0 replies      
any reason in particular that this doesn't support osx10.6?
46
ttty 8 days ago 0 replies      
how to open those cells like they do in the video?
47
zenbowman 8 days ago 0 replies      
Beautiful stuff
48
tapichu 8 days ago 0 replies      
great, happy to see the vim mode!
21
Vim Git Gutter github.com
361 points by glazskunrukitis  3 days ago   114 comments top 27
1
jsulak 3 days ago 2 replies      
2
TwistedWeasel 3 days ago 2 replies      
3
ianbishop 3 days ago 3 replies      
Is there any way to make it so that the gutter is always present? There's a bit of a noticeable jump to include it when I save a file, it's sort of annoying me.

I tried

  let g:gitgutter_enabled = 1

but that does seem to work.

I'll have a poke through the source.

4
morsch 3 days ago 3 replies      
Eclipse pretty much does this out of the box. I guess so do IntelliJ and Visual Studio. You can also display the name of the last person to change a line in the same position (ie. svn/git blame), which is very useful to quickly find out who to talk to regarding a section of a file. The commit message is displayed on mouseover.
5
jaytaylor 3 days ago 2 replies      
This is really nice, but I wish the background color of the gutter would automatically match the rest of my background. The gray band [1] is pretty unappealing IMO.

Also noteworthy is that that the gutter only updates when the file is saved.

[1] Screenshot: http://imgur.com/TIGKVRS

6
shuzchen 3 days ago 2 replies      
I've also got a similar plugin https://bitbucket.org/sirpengi/iwilldiffer that works with hg as well as git. Mine uses python though, nice to see an implementation that's all in viml. Neither of our plugins are async though (so vim ui will block while the diff is running), which is the biggest hurdle I want to cross.
7
kristopolous 3 days ago 6 replies      
An aside question; what's the deal with "pathogen"?

I've been using the "/bin/cp" command for years installing vim plugins and it's worked remarkably well; requiring just about 1 invocation on average...

What problem does that thing solve?

8
ylaassel 3 days ago 6 replies      
It'd be perfect if the signs changed in real-time without the need to save first. Awesome work though. Thanks Andy.
9
jisaacks 3 days ago 1 reply      
Ugh, someone submitted the original Sublime version to hackers news 2 months go http://news.ycombinator.com/item?id=5027308 and it got no love.

It just makes sense that someone would port it and become the #1 story.

10
DelvarWorld 3 days ago 1 reply      
I honestly like vim fugitive because of it's awesome power. I just type ,gd to see a diff in a split. I probably don't want to scan the gutter for files i've changed, and fugitive diff folds all non-changed lines

also, who the hell sets their font size that small? (screenshot in the readme). that's a sociopathically small font size. I will never trust you airblade. never.

11
swift 3 days ago 0 replies      
vim-patchreview is a bit different, but also of interest: https://github.com/vim-scripts/patchreview.vim

I find it really useful in particular for working with Mercurial patch queues. I have a command in my .vimrc that will run ReversePatchReview on the topmost patch in my patch queue. It pops up a diff tab for each file that has changed. I can easily use "[c" and "]c" to jump between changes within each file.

This setup makes it incredibly easy to review the changes a patch makes, and it's so convenient that I often write quite a bit of my code inside these diff views. I don't think I could live without vim-patchreview when working with Mercurial.

12
methodin 2 days ago 0 replies      
Any way to bind "toggle the gutter" so I can press my "set nonumber" button and have it toggle the gutter as well? [edit] Apparently I didn't read down far enough! This functionality exists already through the plugin. This works for me: nnoremap <F2> :set nonumber! <bar> ToggleGitGutter<CR>
13
jayroh 2 days ago 0 replies      
This works really quite well - great work, airblade! For reference, this is what I placed in my vimrc to get things how I like them:

  highlight clear signcolumn
let g:gitgutter_enabled = 0
nmap <leader>gu :GitGutterToggle<CR>


I prefer my buffers to start with it disabled by default and toggle as needed.

14
finnh 3 days ago 2 replies      
Seems to add noticeable latency (1+ seconds) to my save, each time. Vim is unresponsive during this time

Is this expected? I save quite frequently, it's an unconscious reflex at this point.

15
purephase 3 days ago 1 reply      
Very cool. Pointed me at the Sublime Text version and I love it.
16
marcamillion 3 days ago 0 replies      
I would love something like this for TextMate 2.
17
DelvarWorld 3 days ago 1 reply      
I honestly prefer vim fugitive's diff function, as it splits with highlighted lines.
18
prg318 3 days ago 1 reply      
I'm really impressed with this -- I would love to see this see functionality for other VCSes (subversion, etc) so that I could use it with my non-git projects. The vimscript looks pretty clean -- maybe I have a new weekend project ahead of me.

edit: just a quick hack for a "vim svn gutter": https://github.com/prg318/vim-gitgutter

The code is really clean and it would be fairly trivial to adopt this for use with any other VCS. Open source yay!

19
tiziano88 3 days ago 0 replies      
Brilliant, I have been meaning to build this exact same plugin for a while already, thanks a lot for doing this!
20
bilalq 3 days ago 1 reply      
This looks amazing. Nice work! Does it always diff with the last commit?
21
nXqd 2 days ago 0 replies      
There is another implementation, it's a bit faster and well documented :)

And there is more customisable as well

https://github.com/mhinz/vim-signify

22
alxndr 3 days ago 0 replies      
Nice! This is one of the things I got used to in RubyMine that I've missed in vim.
23
awef 3 days ago 1 reply      
Awesome work! Cheers airblade. One nitpicky thing though, why do you use "_" and not "-" for removed lines? Can't see why you wouldn't want it vertically centered!
24
liquidsnake 3 days ago 1 reply      
Great stuff, I was using svndiff before this but it was more of a miss than a hit, this seems to work nicely so far.
25
tpflug 2 days ago 0 replies      
If you like gitgutter and you are a fan of textobj plugins you might also find this useful:

https://github.com/gilligan/textobj-gitgutter

26
mavlee 2 days ago 0 replies      
Edge case: after deleting the first line, no gutter shows op
27
spreeker 2 days ago 0 replies      
often do a "git add -p" and commit different aspects works for me.
22
Why Python, Ruby, and Javascript are Slow speakerdeck.com
354 points by jasonostrander  7 days ago   199 comments top 35
1
DannyBee 7 days ago 6 replies      
Speaking as a compiler guy, and having a hand in a few successful commercial JITs: The only reason he thinks they aren't slow is because they haven't yet reached the limits of making the JIT faster vs the program faster.
Yes, it's true that the languages are not slow in the sense of being able to take care of most situations through better optimization strategies.
As a compiler author, one can do things like profile types/trace/whatever, and deoptimize if you get it wrong. You can do a lot. You can recognize idioms, use different representations behind people's back, etc.

But all those things take time that is not spent running your program. On average, you can do pretty well. But it's still overhead. As you get farther along in your JIT, optimization algorithms get trickier and trickier, your heuristics, more complex.
You will eventually hit the wall, and need to spend more time doing JIT'ing than doing real work to make optimizations to some code.
This happens to every single JIT, of course.
This is why they try to figure out which code to optimize.
But even then, you may find there is too much of it.

Because of this, the languages are slower, it's just the overhead of better JIT algorithms, not slower code. In practice, you hope that you can optimize enough code well enough that nobody cares, because the ruby code takes 8ms, and the C code takes 5ms.

For example: Almost all of the allocations and copying can be optimized, but depending on the language, the algorithms to figure out what you can do safely may be N^3.

Also, PyPy is still pretty young in its life cycle (in this iteration of PyPy:P) for folks to say that they can make stuff much faster if they only had a few things.
It really needs a very large set of production apps being rin by a very large set of folks for quite a while to see where the real bottlenecks still are.
Past a certain point, you run out of optimization algorithm bullets. The way compilers get the last 20% is by tuning the algorithms for 10 years.

Of course, i'm not trying to slag on PyPy, I think they've done an amazing job of persevering through multiple rewrites to get somewhere that seems to be quite good now. I just am a little wary of a fairly young JIT saying that all big performance problems fall into a few categories.

2
pcwalton 7 days ago 3 replies      
Related to this is the importance of deforestation. Some good links:

* http://en.wikipedia.org/wiki/Deforestation_%28computer_scien...

* http://www.haskell.org/haskellwiki/Short_cut_fusion

Deforestation is basically eliminating intermediate data structures, which is similar to what the "int(s.split("-", 1)[1])" versus "atoi(strchr(s, '-') + 1)" slides are about. If you consider strings as just lists of characters, then it's basically a deforestation problem: the goal is to eliminate all the intermediate lists of lists that are constructed. (It's something of a peculiar case though, because in order to transform into the C code you need to not only observe that indexing an rvalue via [1] and throwing the rest away means that the list doesn't have to be constructed at all, but you also need to allow strings to share underlying buffer space"the latter optimization isn't deforestation per se.)

I don't know if there's been much effort into deforestation optimizations for dynamic languages, but perhaps this is an area that compilers and research should be focusing on more.

On another minor note, I do think that the deck is a little too quick to dismiss garbage collection as an irrelevant problem. For most server apps I'm totally willing to believe that GC doesn't matter, but for interactive apps on the client (think touch-sensitive mobile apps and games) where you have to render each frame in under 16 ms, unpredictable latency starts to matter a lot.

3
cschmidt 7 days ago 1 reply      
A nice talk. The punchline for me was:

    Things that take time
•Hash table lookups
•Allocations
•Copying

Interestingly, that's exactly how you write fast C++ code. His point is that languages like Python lack good API's for preallocating memory.

4
irahul 6 days ago 1 reply      
Mike Pall of luajit fame has an interesting take on it.

http://www.reddit.com/r/programming/comments/19gv4c/why_pyth...

<quote>

While I agree with the first part ("excuses"), the "hard" things mentioned in the second part are a) not that hard and b) solved issues (just not in PyPy).

Hash tables: Both v8 and LuaJIT manage to specialize hash table lookups and bring them to similar performance as C structs (1). Interestingly, with very different approaches. So there's little reason NOT to use objects, dictionaries, tables, maps or whatever it's called in your favorite language.

(1) If you really, really care about the last 10% or direct interoperability with C, LuaJIT offers native C structs via its FFI. And PyPy has inherited the FFI design, so they should be able to get the same performance someday. I'm sure v8 has something to offer for that, too.

Allocations: LuaJIT has allocation sinking, which is able to eliminate the mentioned temporary allocations. Incidentally, the link shows how that's done for a x,y,z point class! And it works the same for ALL cases: arrays {1,2,3} (on top of a generic table), hash tables {x=1,y=2,z=3} or FFI C structs.

String handling: Same as above -- a buffer is just a temporary allocation and can be sunk, too. Provided the stores (copies) are eliminated first. The extracted parts can be forwarded to the integer conversion from the original string. Then all copies and references are dead and the allocation itself can be eliminated. LuaJIT will get all of that string handling extravaganza with the v2.1 branch -- parts of the new buffer handling are already in the git repo. I'm sure the v8 guys have something up their sleeves, too.

I/O read buffer: Same reasoning. The read creates a temporary buffer which is lazily interned to a string, ditto for the lstrip. The interning is sunk, the copies are sunk, the buffer is sunk (the innermost buffer is reused). This turns it into something very similar to the C code.

Pre-sizing aggregates: The size info can be backpropagated to the aggreagate creation from scalar evolution analysis. SCEV is already in LuaJIT (for ABC elimination). I ditched the experimental backprop algorithm for 2.0, since I had to get the release out. Will be resurrected in 2.1.

Missing APIs: All of the above examples show you don't really need to define new APIs to get the desired performance. Yes, there's a case for when you need low-level data structures -- and that's why higher-level languages should have a good FFI. I don't think you need to burden the language itself with these issues.

Heuristics: Well, that's what those compiler textbooks don't tell you: VMs and compilers are 90% heuristics. Better deal with it rather than fight it.

tl;dr: The reason why X is slow, is because X's implementation is slow, unoptimized or untuned. Language design just influences how hard it is to make up for it. There are no excuses.

</quote>

Also interesting is his research on allocation sinking:

http://wiki.luajit.org/Allocation-Sinking-Optimization

5
kingkilr 7 days ago 1 reply      
Author/speaker here:

I don't have time to read all the comments now (thanks for all the interest though!). I just want to say I think when the video comes out it'll answer a lot of questions people are having.

6
njharman 7 days ago 5 replies      
Meh, MEH.

I'm almost never waiting on my python code. I'm waiting on network or disk or database or joe to check in his changes or etc.

I'm sure there are people who do wait. But that's why numpy, c extensions, all the pypy, psycho, and similar things exist.

Python and more broadly "scripting" languages are for speed of development. Something else can take on speed of execution faster than 90% of people need it to be.

7
defen 7 days ago 1 reply      
Back when I wanted to investigate the numeric performance of v8 I wrote a Runge-Kutta integrator + Lorenz attractor in C and in JavaScript as a simple-but-not-entirely-trivial benchmark. I was actually pretty impressed with how fast the v8 version was. On the downside, it's fairly non-idiomatic js and not that much nicer to look at than the C. Doing a million steps on my machine takes 0.65 seconds in node.js v0.8.4, 0.41 seconds in C compiled with gcc -O0, and 0.13 seconds with gcc -O3. Here is the code if anyone is interested. Note that it's not commented, not thread-safe, and doesn't free memory, so use at your own risk :)

https://gist.github.com/anonymous/5066486

    gcc strange.c rk4.c; ./a.out

node strange.js

8
moreati 7 days ago 1 reply      
Great presentation, thank you for making me aware of an aspect of Python performance. One slide struck me as odd - the "basically pythonic" squares() function. I understand it's a chosen example to illustrate a point, I just hope people aren't writing loops like that. You inspired me to measure it

    $ cat squares.py
def squares_append(n):
sq = []
for i in xrange(n):
sq.append(i*i)
return sq

def squares_comprehension(n):
return [i*i for i in xrange(n)]
$ PYTHONPATH=. python -m timeit -s "from squares import squares_append" "squares_append(1000)"
10000 loops, best of 3: 148 usec per loop
$ PYTHONPATH=. python -m timeit -s "from squares import squares_comprehension" "squares_comprehension(1000)"
10000 loops, best of 3: 74.1 usec per loop
$ PYTHONPATH=. pypy -m timeit -s "from squares import squares_append" "squares_append(1000)"
10000 loops, best of 3: 46.9 usec per loop
$ PYTHONPATH=. pypy -m timeit -s "from squares import squares_comprehension" "squares_comprehension(1000)"
100000 loops, best of 3: 8.67 usec per loop

I'm curious to know how many allocations/copies a list comprehension saves in CPython/PyPy. However I wouldn't begin to know how to measure it.

9
wheaties 7 days ago 0 replies      
Great bit of slides. Straight and to the point. If you've ever ventured under the hood of Python you'd see this in the code. If you've ever had to optimize the bejeesus out of code in C++ or C, you'd know exactly the kinds of things he's talking about.
10
Zak 7 days ago 1 reply      
The creators of Common Lisp knew what Alex is talking about. Lisp is, of course just as dynamic as Ruby, Python or Javascript, but it exposes lower-level details about data structures and memory allocation iff the programmer wants them.

Features that come to mind include preallocated vectors (fixed-size or growable), non-consing versions of the standard list functions and the ability to bang on most any piece of data in place. There are fairly few situations in which a CL program can't come within a factor of 2 or 3 of the performance of C.

11
riobard 7 days ago 0 replies      
Completely agree. APIs are so important for many optimizations to pull off.

I'd really like to use a lot more buffer()/memoryview() objects in Python. Unfortunately many APIs (e.g. sockets) won't work well with them (at least in Python 2.x. Not sure about 3.x).

So we ended up with tons of unnecessary allocation and copying all over the place. So sad.

12
CJefferson 7 days ago 2 replies      
One main thought on this topic -- languages like Haskell and lisp also have very poor support for direct memory control, but tend to be viewed (perhaps untruthfully?) as much closer in performance to C than Python/Ruby.
13
dicroce 7 days ago 3 replies      
As a C/C++ programmer I find these slides kind of amusing... These languages are popular because they make things simpler, and his suggestions may very well get a nicely jit'd language on par with C, but I suspect you'll then have the same problems C does (complexity).
14
revelation 7 days ago 0 replies      
Looking at CPython and the bytecode it uses, it's not very hard to see why it would be slow. It's basically designed as a reference implementation, with only very tame optimizations.
15
meunier 7 days ago 1 reply      
Someone actually posting notes with slides! It's a miracle!
16
wting 7 days ago 1 reply      
I have a few comments about some of the slides, feel free to correct any misunderstandings.

Dictionary vs Object:

Lookups in both data structures is O(1), the difference being the hashing cost (and an additional memory lookup for heap) vs a single memory lookup on the stack (1 line of assembly).

Squares list:

> ... so every iteration through the list we have the potential need to size the list and copy all the data.

This is no different than stl::vector which has an amortized cost of O(1) for a push_back().

It's not going to be as fast as C, but I'd also argue for a generator version instead:

    def squares(n):
return (i*i for i in xrange(n))

One of the main reasons people choose Python is for expressiveness and not manually managing memory, although pre-allocation does seem like a good idea.

17
estavaro 7 days ago 0 replies      
My own piece of feedback based on my experience. The slides were good. But like others, JIT is not all rosy. In V8 and Dart and .NET, code gets compiled to native code as soon as possible. I think that's the best case scenario in general. You then don't have to guess as much.

The author didn't mention method dispatching. I think it's an issue for many languages. In Dart, they tried to optimize it by the specification by mostly eliminating the need to change methods at runtime. In Ruby I watched a video by one of the core Ruby developers and he said that in Ruby method dispatching can be very complicated requiring up to 20 steps to resolve them.

As important as getting the best performance out of programs is to get the programs created in the first place. That's why I'm against shying away from larger codebases. I'm in favor of OO programming exactly because I think getting things done comes first, even if that could complicate the implementation of the toolset. And OO is all about layers of abstractions that bring more performance costs with them.

That said, I absolutely abhor type annotations. They make code hideous and decrease the opportunities for experimentations. Instead of reading a + b = c algorithms, you may need to parse A a + B b = C c source code.

In Dart we have Optional Types. But the core developers are fond of type annotations, so most samples they post come with them. I take relief in being able to omit type annotations while experimenting, researching and ultimately prototyping. Although in a way I feel like a rebel in the community for this disregard. Thankfully there is this chance to share a community with them.

Reading the part that you don't like adding heuristics to help programs to go faster reminded of adding types to them even if they are mostly disregarded as in Dart.

Then again, not all "dynamic languages" are the same. Some are truly dynamic with eval and runtime method changes. Others, not so much. Sometimes the tradeoffs allow for other kinds of gains that could come into play like when deploying. So there is a lot more to it than just getting the algorithms correct.

18
cheald 7 days ago 4 replies      
Kind of a poorly-named deck. It's really about why programs use features of these languages that end up causing poor performance relative to C, rather than why the individual VMs themselves are slow. It's no surprise that trading the byte-precision of C for the convenience of a garbage collector and heap-allocated data structures results in a performance decrease.

Dynamically-typed languages are often easier to program in, but require more copying (and memory allocation) as a result. Hash tables are heap-allocated and have to be garbage collected, but they're flexible - something you don't get with structs. Allocating and freeing memory has a cost, and that can add up quickly. Your primary line of optimization in most of these languages is "avoid the GC", which really boils down to "don't allocate more than you need to", which is sound advice in every language, scripting or otherwise.

19
csense 7 days ago 0 replies      
The example he gives for strings could be optimized to near the efficiency of the C version by a sufficiently smart compiler:

    int(s.split("-", 1)[1])

If the JIT knows that s is the builtin string type and the split() method has not been overridden [1], it can speed this up by using "pseudo-strings," where a pseudo-string is an index and length into another string. This would require only O(1) time and space.

Garbage-collecting pseudo-strings would be an interesting exercise, but I'm sure it's a solvable problem [2] [3].

[1] If the preconditions for your optimization don't hold, you can always fall back to interpreting it. As noted by the speaker, this sort of logic is already a critical part of many JIT's including Pypy.

[2] The problem is actually GC'ing the parent. When the parent string is gc'ed, you have to compact the orphan strings to reclaim the remaining space; otherwise it'll be possible to write user code that uses a small finite amount of memory in CPython but has an unbounded memory leak in your compiler.

[3] You can avoid the trickiness in [2] if the parent string can be proven to outlive its children, which is the case in this example. You could probably optimize a lot of real-world code, and have an easier time implementing the compiler, if you only used pseudo-strings when they could be proven to be shorter-lived than the parent. As a bonus, this partial GC would build some infrastructure that could be recycled in a general implementation.

20
bithive123 7 days ago 1 reply      
If you want to learn more about what the Ruby VM has to do in order to execute your code, and some of the performance challenges for Ruby implementors (such as it's extremely flexible parameter parsing) I suggest this talk by Koichi Sasada: http://www.youtube.com/watch?v=lWIP4nsKIMU
21
gingerlime 7 days ago 0 replies      
Interesting slides, and good point about having better APIs.

Perhaps I'm nitpicking, but with a function called `newlist_hint`, I struggle to see how anybody would adopt it. I had to go back to the slides maybe 3 times, and I still don't remember the name of this function... Those APIs must have the most obvious, logical and simple names.

22
edanm 7 days ago 0 replies      
Very interesting talk

Leads me to wonder - has anyone done a study of any large-scale program to check where the slow spots are? It's not that I don't trust the speaker, he makes excellent points and is obviously a great memeber of the community.

But it would be very interesting if he were able to say: "Using PyPy's secret 'hint' API, only in drop-dead obvious places, improved performance by a factor of 5".

23
arocks 7 days ago 5 replies      
It is almost time that people stop referring to Languages as Fast or Slow. It is an implementation that is fast or slow, not a language.
24
d0mine 7 days ago 1 reply      

    atoi(strchr(s, '-') + 1)

What does this do? Finds the first instance of a -, and converts the remainder of a string to an int. 0 allocations, 0 copies. Doing this with 0 copies is pretty much impossible in Python, and probably in ruby and Javascript too. </quote>

The copying could be avoided in non-idiomatic Python:

    int(buffer(s, s.find("-") + 1))

25
coldtea 6 days ago 0 replies      
Speak about Python and Ruby.

Javascript is insanely fast, with V8 and its ilk.

And I'm not talking about "toy benchmarks" either, I'm talking about envolved stuff written in plain JS (no C extensions), from the QT port to JS/Canvas, to the h264 encoder and such. Try doing those on Python and you'll see what you get. And of course all the toy benchmarks also agree.

Javascript with v8 is like a faster PyPy (with less performance deviation): 10 to 20 times faster than plain Python code.

Sure, you can extend Python with fast C code. But as the core languages are concerned, JS beats CPython hands down. (Oh, and you can also extend JS with fast C/C++ code if you need that. Node modules do it all the time).

26
mixmastamyk 7 days ago 3 replies      
Question:

    def squares(n):
sq = []
for i in xrange(n):
sq.append(i*i)
return sq

A basically idiomatic version of the same in Python. No list
pre-allocation, so every iteration through the list we have the
potential to need to resize the list and copy all the data. That's
inefficient.

Is that true? I'd expect .append() to change a pointer or two, not "resize and copy" the list. Even an .insert() should just move pointers at the C-level... no need to "defrag" it. I guess the key word is potential.

27
oscargrouch 6 days ago 1 reply      
Its time to face it:

People start to create computer languages without carrying too much about the target processor opcodes (because in that time processor were just getting faster with time) and focus more on programmer convenience, and wild beasts like python and ruby were born..

C is fast because it was created with processor awareness in mind.. pretty simple...

these days kids are all about trying to create more and more crappy convenient sintax languages.. and they get worry when the languages dont scale? for what computer they design the language? from venus ?

nobody should be doing any serious software in python or ruby.. is such a waste of talent .. use it for education.. for fun.. or for the things they are best.. wich is not in the system/plumbing side of things

28
kristianp 7 days ago 0 replies      
As a ruby lover, I'm interested in the ruby implementation the Author wrote and mentioned, topaz [1]. Has anyone here tried it?

"Topaz is a high performance implementation of the Ruby programming language, written in Python on top of RPython (the toolchain that powers PyPy)."

[1] http://docs.topazruby.com/en/latest/

29
Nate75Sanders 7 days ago 2 replies      
He mentions that he couldn't find a pure C hash table.

http://linux.die.net/man/3/hcreate

30
jderick 7 days ago 0 replies      
I think the preallocate APIs sound like a cool idea. Perhaps there could also be some kind of 'my hashtable is an object' hint that could let the compiler do the same kind of optimizations on hashtables that it does on objects (assuming that your hash keys don't change much).
31
jdhuang 6 days ago 0 replies      
Interesting presentation, but it can't be the whole story. Even projects like SciPy which use the most rudimentary data structures (basically just a large array of floats) and algorithms (sometimes just looping through the elements in order a few times) see a considerable advantage when rewritten in C.

http://www.scipy.org/PerformancePython

32
lsiebert 4 days ago 0 replies      
As a programmer that first learned c and still thinks like a C programmer in a lot of ways, this actually explains a lot to me.
33
ippa 7 days ago 0 replies      
His suggestion for better preallocate APIs made me think of this ruby patch from Charles Nutter: http://www.ruby-forum.com/topic/173802

4 years later and they still discuss it, heh.

34
rjzzleep 7 days ago 1 reply      
i'm actually surprised noone ever talks about perl. isn't perl crazy fast compared to the other interpreted languages?
35
rasmusfabbe 7 days ago 6 replies      
This is misleading and contains errors like calling C++ "C". Unless you have a great deal of knowledge about these things already, I urge you not to learn from this but read the slides purely for entertainment.

Question: The author claims to be a compiler author. After some digging I haven't found any information on what compilers he has written or are part of writing. Could someone point me to the compiler(s) Alex is involved with? Thanks.

23
The Secret Tesla Motors Master Plan (2006) teslamotors.com
347 points by mactitan  6 days ago   186 comments top 23
1
spullara 6 days ago 8 replies      
When I ordered my Tesla S I also needed to get a 240V charger installed in my garage. Tesla sends you over to SolarCity for that and they can install it for you. This also gives them the perfect opportunity to offer you solar panels as well since they can show you, based on your electricity bill and the number of miles you are going to drive, how much it is going to save you.

Long story short, bought a Tesla S from Tesla, a outlet installation from SolarCity and now have also signed up for 8.8Kw solar panel system for my house.

The vertical integration of his investments is awesome. I just hope he somehow integrates in SpaceX ... maybe solar microwave power from orbit?

2
angstrom 6 days ago 0 replies      
They've followed the plan well. I'd also like to point out a lesser known article from 7 years ago: http://money.cnn.com/magazines/business2/business2_archive/2...

The New Power Play

The Investor: Elon Musk, co-founder, PayPal

What he's backed: SpaceX, Tesla Motors

What he wants now: As Musk's two most recent investments - in a space rocket and an all-electric sports car - suggest, the 35-year-old entrepreneur likes to think big. So he's intrigued by the promise of a next-generation battery called an ultracapacitor, capable of powering everything from cars to tractors. Unlike chemical batteries, ultracapacitors store energy as an electrical field between a pair of conducting plates. Theoretically, they can be charged in less than a second rather than hours, be recharged repeatedly without sacrificing performance, and far outlast anything now on the market.

"I am convinced that the long-term solution to our energy needs lies with capacitors," Musk says. "You can't beat them for power, and they kick ass on any chemical battery."

Musk would know: He was doing Ph.D. work at Stanford on high-energy capacitors before he helped get PayPal off the ground. At least one startup, EEStor in Texas, and a larger company, Maxwell Technologies in California, are working on ultracapacitors. Yet Musk believes a university-based research group has an equal shot at a commercial breakthrough, since universities are where the most promising research is bubbling up. "The challenge is one of materials science, not money," Musk says.

The team to pull this off, he says, would need expertise in materials science, applied physics, and manufacturing. Musk wants to see a prototype that can power something small, like a boom box. "Make one and show me that it works," Musk says. "Then tell me what's wrong with it and how it can be fixed."

What he'll invest: $4 million over two years for a working prototype

Send your pitch to: mbb@spacex.com. -- M.V.C.

3
wamatt 5 days ago 2 replies      
Musk's plan in a way serves as a reminder for those of us that tend to overestimate the role luck plays in the personal journey towards entrepreneurial success.

While generally HN users are open minded, no small number have derided the notion that others (perhaps far less capable than Musk), are capable of having a meaningful vision.

Of course having a justified belief and plan is a different approach to the lean startup philosophy. Lean effectively aligns more with the randomness worldview and iteration with an impartiality (or even celebration in some cases) of failure. Whereas OTOH, the visionary approach usually has more confidence in a self-directed path.

Those with this visionary quality (in varying levels of ability), can arrogantly dismiss others too, with behavior that is equally cringe worthy. Moreover, it would be hard to objectively and meaningfully argue either approach is universally "better".

However, perhaps the most significant indiscretion, is not in picking a side that works for you, but rather failing to see that two sides exist at all.

4
ChuckMcM 6 days ago 1 reply      
August 2, 2006

The Secret Tesla Motors Master Plan (just between you and me)

From 2006. Nice to know they are still sticking with it :-)

5
codex 6 days ago 3 replies      
"Without giving away too much, I can say that the second model will be a sporty four door family car at roughly half the $89k price point of the Tesla Roadster."

A Model S for $45K? Where do I sign? The average selling price of a Model S is probably more like $90K.

6
jessriedel 6 days ago 6 replies      
Can anyone point me toward Musk's reasoning about why solar will beat out wind power in the long term? I know he owns a solar company, but why did he choose that over wind?

(I'm aware of the basic pros and cons of both. I'm really just looking for Musk's thinking.)

7
jasonshen 6 days ago 1 reply      
Nothing builds credibility like doing what you said you would. =)
8
surrealize 6 days ago 3 replies      
> the second model will be a sporty four door family car at roughly half the $89k price point of the Tesla Roadster and the third model will be even more affordable

Tesla cars so far have definitely been luxury cars. If they keep going downmarket into the mainstream, I wonder if they'll want to create a separate brand for their mainstream stuff, a la acura/honda, toyota/lexus, and infiniti/nissan.

If they do, the low-end brand should be "Edison".

9
NoPiece 6 days ago 8 replies      
I am rooting for Tesla, but if they are counting on a "solar electric economy," that makes me worry. Let's target something practical, like a nuclear/natural gas/solar electric economy.
10
uptown 6 days ago 0 replies      
Not that he's presumably anywhere near the end of his life - but does Tesla or SpaceX have a contingency plan should something happen to Elon Musk? Don't get me wrong - I absolutely love everything they're doing. It just scares the crap out of me that such a grand movement opposing very powerful forces is led by a single individual. Please tell me there's more brilliant leaders with the same mindset involved in his mission, ready to take the reins should the need ever arise.
11
btipling 6 days ago 0 replies      
(2006) on the title please.
12
chenster 6 days ago 3 replies      
> However, let's assume for the moment that the electricity is generated from a hydrocarbon source like natural gas, the most popular fuel for new US power plants in recent years.

Above statement is mostly true in state of California where natural gas generates one third of its total power (source: http://energyalmanac.ca.gov/electricity/total_system_power.h...)

Not so true national wide. According to US Energy Administration, the energy sources and percent share of total for electricity generation in 2011. Note the the combined renewable energy sources is below 10% still in 2011.

• Coal 42%

• Natural Gas 25%

• Nuclear 19%

• Hydropower 8%

• Other Renewable 5%

• Biomass 1.38%

• Geothermal 0.41%

• Solar 0.04%

• Wind 2.92%

• Petroleum 1%

• Other Gases < 1%

(source: http://www.eia.gov/tools/faqs/faq.cfm?id=427&t=3)

Coal is still the king.

13
HyprMusic 6 days ago 0 replies      
I find it incredible how one many seems to be driving such a change in the future of our planet. Considering people have apparently been putting time and money in to this for decades, why are we not seeing more attempts like this? Is it because it's not considered lucrative enough for the capitalist market? Or is Elon just a very good at convincing us (me) he's breaking new ground?
14
TechNewb 6 days ago 0 replies      
Secret: One of the reasons I want to get a good job is so I can afford a Tesla... Don't tell anyone.
15
mactitan 5 days ago 1 reply      
Hybrid vs EV: .56 vs 1.14 km/mj.

Xprise 100 mpg winner seriously considered EV but won with
Gas engine. Where's the discrepancy?
At least Germany is a good case study in the feasibility
Of a solar electric infrastructure. I thought diesel/ hybrid is best bet but it's good musk is here pushing the envelope.

16
zacharycohn 6 days ago 1 reply      
I am a huge fan of Elon and have a lot of faith in anything he's involve in.

I am interested, however, in how this reconciles with the Innovator's Dilemma. He's starting at the top of the market and working his way down.

My possible explanation (assuming he will be successful) is:

There isn't enough of an existing market to be disrupted for the Innovator's Dilemma to apply. What I would be worried about here is the other electric cars that ARE on the market are on the lower end (comparatively. The Leaf is $23,000 vs Tesla @ $52,000).

Nissan is working on using cheaper tech, and then will find ways to improve that cheaper tech versus Tesla using expensive tech and finding ways to make it cheaper.

Opinions?

17
DanBC 6 days ago 1 reply      
How rare is lithium for lithium ion batteries? And how recyclable is it?

Should I be buying lithium now to sell it later?

18
vignesh_vs_in 5 days ago 0 replies      
Here is a video documentary by Nat Geo on Tesla, Model S. https://www.youtube.com/watch?v=qvPosSzUGVI

Elon explains the master plan himself.

19
AlexeiSadeski 5 days ago 0 replies      
Assuming all observed warming is anthropogenic, the amount of global warming caused by the cumulatie emissions of all of America's cars ever: 1/40th of 1 degree Centigrade.
20
chenster 6 days ago 3 replies      
Richard A. Muller, Nobel Prize in Physics, posted an short article on energy efficiency and pollution in gasoline, hybrid, and pure battery powered cars. Gasoline vs best battery powered car is a factor of 40.The only car has zero pollution is the hydrogen powered.

http://muller.lbl.gov/teaching/physics10/old%20physics%2010/...

21
zaidrahman 6 days ago 0 replies      
A CEO who sticks by the grand plan. This is refreshing.
22
slevcom 6 days ago 0 replies      
Total man crush on Elon here. He's like a science fiction author except he makes the spaceships for reals instead of writing about them. Meanwhile a large chunk of the entrepreneurs continue to optimize ad delivery and photo sharing (myself included), just sayin.
23
mynameishere 6 days ago 1 reply      
Yeah, right. He just wants pollution moved from rich areas, where traffic density is located, to poor areas, where power generating stations are located.
24
Virtual lane graphics for swimming with CSS3 xy-kao.com
344 points by CWIZO  4 days ago   34 comments top 12
1
randall 4 days ago 4 replies      
This is great! We (Vidpresso) think this sort of thing is the future of TV, and that's why we're building it. Currently, our first product is a way for TV stations to take Facebook and Twitter, and show it using their own graphical look on-air. We have some big broadcasters, like Anderson Cooper's show Anderson Live, as well as some interantional stations in Germany (QVC!), Panama, and Lebanon. In the US we have more than a dozen US TV stations, and Univision uses us for their network programming.

Here's some samples:
http://www.youtube.com/user/randallvpp

All we use is Google Chrome on the output side to make it simple to display the graphics.

All three of us have video & TV backgrounds, but we all turned into coders somehow. We're always looking to meet more interesting folks who are interested in the intersection of video and the web. I have info in my profile, plus you can check out our website: http://www.vidpresso.com/

2
ck2 4 days ago 1 reply      
I suspect with this ability the star wars opening credits in pure css3 is coming soon (or maybe already done).

added: ah of course: http://blogs.sitepointstatic.com/examples/tech/css3-starwars...

3
dsl 4 days ago 0 replies      
For anyone who is interested on how this works in the real world, the system is called First and Ten, and is built by Sportvision. (I'm pretty sure they have also patented the hell out of it)

http://en.wikipedia.org/wiki/1st_%26_Ten_(graphics_system) http://www.sportvision.com/

EDIT: The demo reel is pretty good nerdporn too http://www.sportvision.com/media/sportvision-reel-2012

4
bsimpson 4 days ago 1 reply      
I'm not sure I understand why CSS was chosen for this project. It looks to me like he's creating a static image, transforming it, and feeding it as a green screen overlay into a video mixer. Since everything is static, wouldn't it have been simpler to just make a PNG in PhotoShop and use that?
5
jezfromfuture 4 days ago 1 reply      
Yeah there are countless programs to do this outside web browsers some of my favorites of the last 20 years
http://en.wikipedia.org/wiki/Scala,_Inc Amiga tool , see we did stuff too before the web !)
http://en.wikipedia.org/wiki/Video_Toaster (another awesome amiga based h/w )

The point is it doesn't take any messing about with web technologies , the people doign this sort of titling professionaly for Sky/Fox BBC are using a combination of broadcast hardware & occasionally Apple Shake in the case of sky sports though i may be out of touch now since shake is not avail much longer.

6
jQueryIsAwesome 3 days ago 0 replies      
My (nonexistent) OCD was kicking in and I had to fix the skew in demo.html: http://rapedinheaven.com/with_skew.html (5deg, 0deg
7
danso 4 days ago 0 replies      
This reminds me of a humorous blog post by the New York Times interactive graphics desk, in which they debated several options for overlaying flags for swimmers...not for live TV but for their 3D renders:

http://chartsnthings.tumblr.com/post/29133053109/the-olympic...

8
shabble 4 days ago 0 replies      
There was a Wired article[1] I saw here a while back about some of the tech being developed to do this (and much much more) dynamically for sailboat racing, filmed live from helicopter(s).

The technical challenges, as well as potential for live info-graphics in sport make this a pretty interesting area, and it's nice to see relatively modest setups capable of producing what were, until recently, digustingly complex and expensive video effects/compositing tasks.

[1] http://www.wired.com/playbook/2012/08/ff_americascup_ellison...

9
kayoone 4 days ago 1 reply      
Thats pretty neat, i was always wondering how they really do this in big football(soccer) machtes or olympics where its done realtime and with no control over camera images. This explains in nicely!
Also well done on the project, i bet it really added value for spectators!
10
EEGuy 4 days ago 0 replies      
Nice work. The pro company that does this for broadcast is Sportvision, www.sportvision.com/
11
rtexal 2 days ago 0 replies      
there are quite a few videos i see out there that place augmented objects in a video which moves accordingly to the shift of the camera. However that is not live.
Combined with AR algorithms, I am pretty sure that this could be a kickass overlay for web live videos in the future.
12
jaseflow 4 days ago 0 replies      
This is very cool! Things like this are what's going to allow CSS to become the design language of future UI.

I can see this being used in a car where an interface is displayed over the top corner of a screen.

25
Evernote hacked evernote.com
332 points by tlogan  6 days ago   211 comments top 36
1
UnoriginalGuy 6 days ago 10 replies      
The following blog post is also being sent to all Evernote users as an email communication.

Evernote's Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service.

As a precaution to protect your data, we have decided to implement a password reset. Please read below for details and instructions.

In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.

The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.(http://en.wikipedia.org/wiki/Salt_(cryptography) ))

While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure. This means that, in an abundance of caution, we are requiring all users to reset their Evernote account passwords. Please create a new password by signing into your account on evernote.com(https://www.evernote.com/Login.action).

After signing in, you will be prompted to enter your new password. Once you have reset your password on evernote.com, you will need to enter this new password in other Evernote apps that you use. We are also releasing updates to several of our apps to make the password change process easier, so please check for updates over the next several hours.

As recent events with other large services have demonstrated, this type of activity is becoming more common. We take our responsibility to keep your data safe very seriously, and we're constantly enhancing the security of our service infrastructure to protect Evernote and your content.

There are also several important steps that you can take to ensure that your data on any site, including Evernote, is secure:

Avoid using simple passwords based on dictionary words
Never use the same password on multiple sites or services
Never click on ‘reset password' requests in emails " instead go directly to the service
Thank you for taking the time to read this. We apologize for the annoyance of having to change your password, but, ultimately, we believe this simple step will result in a more secure Evernote experience. If you have any questions, please do not hesitate to contact Evernote Support(http://evernote.com/support).

The Evernote team

2
Ensorceled 6 days ago 3 replies      
I'm kind of annoyed they didn't send an email, just flagged my password. So I couldn't use the iphone/mac apps and had to login via the web interface to reset. Which I didn't know because they didn't send an email, just got an invalid password error.

Their lack of encryption and lack of 2 factor auth just became a much bigger issue for me...

3
rdl 6 days ago 1 reply      
I've never really understood the security model for Evernote. It's "an exocortex" -- your personal notes, which are likely to be more security sensitive than general documents, email, etc. And yet they have even less security than Dropbox, themselves not exactly an exemplar of robust security.

They've got competent people operating the service; it's just not well designed for security.

4
melvinmt 6 days ago 1 reply      
That's why I don't use any fancy services for my notes, which usually contains sensitive data. I simply use Notational Velocity which encrypts my notes and stores it locally. It does provide a synchronization option with SimpleNote but they can't even be bothered with using SSL.
5
makeramen 6 days ago 1 reply      
I managed to reset my password to the same that it was before. I changed it again right away of course, but there should definitely be some protection against that.

(FWIW I didn't get the email so I was simply locked out and used their "forget password" form instead of trying to log in, which may have a different reset process).

6
seldo 6 days ago 0 replies      
I note that when Twitter released their breach notice on a Friday afternoon there were comments accusing them of trying to "bury" the news:

http://news.ycombinator.com/item?id=5154502

While there are (so far) no such comments about Evernote releasing this stuff on a Saturday morning. I think security breaches are just discovered at inconvenient times.

7
ams6110 6 days ago 2 replies      
we have found no evidence == "we really don't know"

Sorry, I'm sure the Evernote tech team is competent, but clearly some marketing spin has been put on this announcement.

8
kmfrk 6 days ago 1 reply      
Service currently unavailable. Here is their latest tweet:

    Important: Evernote just implemented a service-wide
password reset. Please read our post for details and
instructions

Said post is unavailable by the look of it.

Can someone post a paste of the blog post in here?

9
jerrya 6 days ago 0 replies      
I find evernote tremendously helpful and I pay the $5 per month for a premium service, REGARDLESS, a google of https://www.google.com/search?q=evernote+two+step+authentica... says little good about how Evernote respects me or their many many other customers whom have repeatedly asked for two factor authentication.
10
moe 6 days ago 0 replies      
Let me be the first to say: HA-HA! </nelson>

Over the past few years I've told everyone to refrain from using Evernote. I told them that Evernote doesn't use end-to-end encryption and that eventually this would happen.

Hardly anyone would listen ("You're just paranoid", "I don't store anything private in there anyway, except.. oh").

For once I take cruel pleasure in being "that guy". The general public needs to learn this lesson.

11
bthomas 6 days ago 0 replies      
> we have found no evidence that any of the content you store in Evernote was accessed

This depends on how hard they looked - do people believe content wasn't accessed?

Is it fair to ask them for a technical post about why they don't think content was hacked? I'd love to know how they separate auth from content, and how they ensure that a hacked auth node can't view notes

12
tlrobinson 6 days ago 1 reply      
Any suggestions of migration paths to more security conscious alternatives?

I'd even be happy with an encrypted disk image on Dropbox if there's a good way to OCR scanned docs, then be able to search them.

13
mieubrisse 6 days ago 0 replies      
In the post, they say:

"The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)

While our password encryption measures are robust, we are taking additional steps to ensure that your personal data remains secure. This means that, in an abundance of caution, we are requiring all users to reset their Evernote account passwords. Please create a new password by signing into your account on evernote.com."

What it doesn't say is how the passwords were dumped in the first place, or what they're going to do to ensure it doesn't happen again (outside of taking "additional steps"). I understand that not all users of Evernote are technical, but I'd like some peace of mind that a similar thing is less likely to happen in the future.

14
Stratoscope 6 days ago 1 reply      
For anyone who is as puzzled as I was about how to change the password in the Android app, the answer is you can't change it in the app. (!)

Instead, you have to tap the "authentication failed" notification. Then you can change the password.

15
jrockway 6 days ago 0 replies      
I finally made the switch to randomly-generated passwords for everything, so for once I can finally not care at all that this happened. It's just a reminder that I need to close my Evernote account.
16
lysium 6 days ago 1 reply      
I'm wondering how they perform the password reset.

Surely, you must know more than the username. But they cannot rely on the old password either, because the whole thing was set off by assuming that the old password is hacked. And they advise their user to ignore instructions per email.

So how do / could they do it?

17
SonicSoul 6 days ago 1 reply      
i didn't get the email, and my original password still works, it just took me directly to change password screen.

i guess they're counting on compromised passwords not being used individually to create new ones?

18
rburhum 6 days ago 0 replies      
Funny enough, logging in to Evernote was the first thing I did after laying in bed spending 1hr+ watching this amazing video about http/https man-in-the-middle attacks using sslstrip http://www.thoughtcrime.org/software/sslstrip/ . Not a good way to start my morning.
19
eliot_sykes 6 days ago 0 replies      
20
colinmegill 6 days ago 0 replies      
"Please create a new password by signing into your account on evernote.com(https://www.evernote.com/Login.action).
After signing in, you will be prompted to enter your new password."

Why couldn't an attacker do that at this point?

21
ga0bi 6 days ago 0 replies      
I filed a ticket this morning after I was unable to login to the Mac client. Here's their response:

"Dear Valued Customer,

We're truly sorry for the inconvenience this has caused you this morning. We are attempting to contact our entire userbase about this matter, but we feel that immediate action in these cases is the most prudent course."

The rest of the email contained the contents of their blog post.

22
apapli 6 days ago 2 replies      
Frustrating, I thought they would have done security better than most given the type of information stored here.

Does anyone know a decent password keeper? I have a list of logins/passwords for my key sites in a word .doc file stored locally, but given I have a work mac, home mac, tablet and iPhone it really is a pain to access the locally stored file.

I thought about saving this file on google drive, but their 2-factor auth doesn't seem to apply for drive (only gmail).

How do others do this - is there a way to store an encrypted file somewhere online, then typing in a known password to unencrypt / open it when I need to access it?

23
mourique 6 days ago 1 reply      
whew, i was shocked when my evernote client asked me to enter my password because i did not recieve the e-mail. It seems like this was a precautious step as nothing was 'really' hacked, or was it?
24
marcuspovey 6 days ago 0 replies      
Good they're being proactive here, but two things:

1) I'm sick of going through this password reset crap every month or so. Please lets get rid of passwords.

2) Could Evernote please look at some sort of oauth based signin for mobile devices? I have to enter this unique and very long password multiple times on every device I own.

It'd be nice if my linked phone and tablet didn't need me to use the same login system as a human.

25
senthilnayagam 6 days ago 0 replies      
Anybody considered the zendesk link http://m.techcrunch.com/2013/01/08/zendesk-evernote-25k/

Twitter, tumblr, Pinterest hacks are all having zendesk connection

People on Dropbox have issues too

26
mdp 6 days ago 0 replies      
They've never really been focused on security in the past. Honestly, I love the service, but their lack of concern about keeping it secure has never sat well with me.

I wrote up a post with some of my security concerns. http://news.ycombinator.com/item?id=5311010

27
hgezim 5 days ago 0 replies      
I just got an email from "Evernote" with links pointing to http://links.evernote.mkt5371.com/

Please, be very careful, people. Of course, this won't reach the people who need to hear it :(

28
lucb1e 6 days ago 0 replies      
I am impressed by how well this is handled. Much better than I've seen from other companies!
29
santiagoIT 6 days ago 1 reply      
I got the email and reset my password (web browser on desktop). I then launched the MaxOs client app and it asked me to enter the new password, however the iOS app shows its initial loading screen but then just crashes. It never gets around to asking me for the new password. Anyone know a solution to this?
30
yabatopia 6 days ago 0 replies      
I didn't get an email (yet) so I visited the Evernote Forum. I was a bit surprised to see that I had to sign in with the same username and password of my Evernote account. It's convenient, but I prefer seperate accounts, especially since they're using third-party forum software.
31
Nyr 6 days ago 0 replies      
And following the announcement, the blog it's down and emails didn't arrived yet. Well done, Evernote.
32
freewizard 4 days ago 0 replies      
Why not share more about the hack detail? Is it another attack from China? As a (paid) user, I'm a bit concerned about my data security.
33
DocG 6 days ago 1 reply      
Not cool. I use evernote for throwaway email passwords.
And storing some usernames, without passwords. Just to remember usernames.

I wouldn't lose anything, it would be just inconvenient for me.

34
xutopia 6 days ago 1 reply      
Anyone know a good Skitch replacement?
35
jms703 6 days ago 2 replies      
I don't understand why they don't offer encryption.
36
mmagin 6 days ago 0 replies      
And another example of how badly Wordpress scales.
26
Show HN: Tiled Text " a Different Approach to Editing Text tiledtext.com
328 points by westoncb  7 days ago   90 comments top 28
1
jerf 7 days ago 2 replies      
"I have just moved to Boston and will have to find (real) work soon (been working in a grocery store part-time while building this)."

Someone get this man a job, even if it has nothing to do with this code.

2
lobster_johnson 7 days ago 3 replies      
I like the way people are starting to look at alternative approaches to text editing. Light Table has some good ideas, for example. For me, multiple cursors and fast symbol navigation in Sublime Text has been a huge time saver.

Personally, I have never needed code folding (I prefer to have my own map of the code in my head, and anything that obscures that map just gets in the way), or Sublime Text's minimap, nor have I ever needed the symbol sidebar that is found in some IDEs (Eclipse, Netbeans). What I really want is more efficient editing.

For example, text editors like Sublime have zero language-sensitive refactoring support. I can't rename (variables, methods etc.) or extract methods, for example. Even some really simple operations like "select entire current nesting level" are unavailable. I remember using Eclipse 7 years ago and really liking the intelligence of the incremental compiler backend, even though I hated Java; it seems that with backends such as Clang, those tools can once again be applied outside big, annoying IDEs like Eclipse and Xcode.

Not sure if this particular approach is useful except to a small niche, but it looks pretty slick. Good luck with the effort!

3
ebbv 7 days ago 2 replies      
This is a cool toy but it doesn't really seem to address the main issue of writing code on a touch device; typing on a touch device sucks.

Moving code around is not a difficult problem to solve. Drag to highlight, grab it and move it somewhere else. You've done that elegantly.

But writing massive amounts of code on a device without a traditional keyboard is awful and that's the difficult problem to solve. Until that's solved I don't think anyone can claim to have made real progress enabling development on keyboardless devices.

4
pak 7 days ago 2 replies      
Could doctors use a gestural interface like this to write templated notes in an EMR on touch devices? Most of the notes that doctors write have repetitive structures. Hence, EMRs like Epic have come up with features like Smart Text, which expand special phrases into large templated sentences with certain bits of data prepopulated and keywords that can be toggled between values (present/absent, etc.) with the keyboard.

But the key complaint with these EMRs is that you need to type to use them, which is awkward and breaks the flow of conversation with a patient. Eye contact is important during patient interviews. Therefore, most doctors use paper and type them into the EMR later (waste of time).

A lot of people (and companies like drchrono) think that the way forward is to use tablets like the iPad mini or the Galaxy Tab, which balance the intrusiveness of the computer form factor against the ability to enter data. A pain point of tablet EMRs is text entry--but like I said, a lot of notes that doctors write have predefined structures, like code.

I think there is potentially a lot of money in elegantly solving this UI problem with a new interface like Tiled Text.

5
shabble 7 days ago 1 reply      
I'd love to see more editors/IDEs that operate at a higher semantic level than plain text. The biggest problem is of course interoperating with existing language/development ecosystems. I have pondered in the past about a language or platform where everything is stored internally as some form of AST, and text is just one of the possible representations. It would at least solve the coding-style (well, the formatting part at anyway) issue for once and for all; everyone just maintains their own CSS/XSLT-alike transforms with tabs or spaces and brackets and semicolons wherever they like.

I've come across occasional research projects in 'structural editors' which only allow semantically correct input (and, depending on the size of the input alphabet, can function through almost 100% autocomplete menu input)

Anastasia[1] is one that I know of, and this Modeless Structure Editing by Sufrin et al.[2] looks interesting.

The main issue I can see, apart from the effort involved, is how to deal with incomplete documents, since almost by creation or editing process will have interim invalid structures. Emacs paredit can be pretty infuriating if you don't use its specialised operations and try to edit your code in a way that malforms the structure.

[1] http://dream.inf.ed.ac.uk/projects/anastasia/

[2] http://www.cs.ox.ac.uk/bernard.sufrin/edit.pdf

6
zrail 7 days ago 0 replies      
This is a very cool project, nice work. It seems to be very similar to an older project for Emacs named Versor[1]. There's an interesting document out there talking about how to operate Emacs and Versor using a gamepad[2], similar to how you're doing here. It seems that Versor eventually compromised on entering necessary text with a real keyboard and using the gamepad for all navigation and other editing purposes. I actually had a weeks-long thought experiment involving Versor and a 3d-printed gamepad with a chording keyboard on the back. It never went anywhere, but it was fun to think about.

[1]: http://emacs-versor.sourceforge.net/

[2]: http://www.cb1.com/~john/computing/emacs/emacs-gamepad.html

7
pshc 7 days ago 1 reply      
This is really nice.

I'm working on a non-plaintext programming language that just needs a structural editor like this. I'll drop you a line.

8
ibdknox 7 days ago 2 replies      
This is really neat, great work! I wonder, do people perform the kind of edits that this makes efficient very often?

For example, in the video it was predetermined exactly what was going to be moving and where it was going to go to. From my observations, these sorts of large scale changes are rarely handled so easily. Context helps people map things cleanly, and the contextual change of zooming in and out forces you to constantly rebuild that map. It's an issue I've seen over and over again with any zoom-oriented interface.

Regardless, this is cool work. We need new and interesting interfaces for code - I'm hoping to show some fun things myself at the Live Programming Workshop [1] at ICSE[2].

[1]: http://liveprogramming.github.com/2013/
[2]: http://2013.icse-conferences.org/

9
hpcorona 7 days ago 2 replies      
I don't get it... He's trying to solve the problem of typing text in a touch device... with an XBox controller? why not better carry a small keyboard?

The program looks awesome, but i believe it would be more productive to have this features on a regular IDE where you can actually use the keyboard... All the movement between nodes looks terrific.

But anyway...

10
VeejayRampay 7 days ago 0 replies      
Blocks in 3D would be neat. Gives you an instant representation of the depth of inner loops/blocks/closures/function bodies.

I wonder if we'll have that at some point.

11
lifeformed 6 days ago 0 replies      
Cool. Have you considered also tokenizing camelCase text into separate words?
12
eaurouge 7 days ago 1 reply      
Congrats on building this! I wonder, have you considered speech recognition as an alternative source for text generation? You could build some powerful voice commands this way, possibly rivaling Vim, TextMate etc.

We will eventually see some growth in demand for text editing on tablets and phones. With some further research and innovation, you may be able to turn this into a tool (possibly commercial) that is useful for a larger audience.

13
frou_dh 7 days ago 3 replies      
> ... the Tiled Text engine will narrow down the possibilities of what can be inserted at any given point so that the user can select textual constructs from a grid of options, rather than inserting everything one character at a time ...

The recently revamped PSN Store on PS3 has what I thought was quite a usable implementation of text entry. When searching the store, you select characters one at a time from a (vertical) strip, but that dynamic strip only contains characters for which there will continue to be search results after it's appended to your string. The current search results are shown as a live preview, so you need enter just enough to filter out the noise.

14
resu_nimda 7 days ago 1 reply      
The image at the top of the page almost made me close the tab instantly. It's the polar opposite of slick and intuitive.

I did stick around though and the video does look very nice, but I would recommend a more inviting first impression (I realize this is a library for developers, but still).

15
ww520 7 days ago 0 replies      
This is very innovative. Constraint does force invention.

Often time I wish I can write some code on my phone but gave up after a while due to the painful editing process. It looks like it can help a lot. Looking forward to further development.

16
yefim323 7 days ago 4 replies      
I've just download Vim Touch (https://play.google.com/store/apps/details?id=net.momodalo.a...) and have been playing around with it for a bit. And I can attest to the fact that editing on a phone is incredibly painful. Once I realized that, though, I also realized that there is very little need for me to ever need to edit code on my phone. So, I see and acknowledge the conceptual problem that Tiled Text is trying to solve but I fear that the audience is far too small for it to be of much use.
17
hangtwenty 6 days ago 0 replies      
It would be really cool to see an integration of this with the Leap Motion controller (http://leapmotion.com/). I can't imagine writing code exclusively with Tiled Text gestures, but the idea of moving around, navigating, and manipulating text with gestures when it make sense, then typing when that's the most effective - and going fluidly between the two - that sounds really incredible.
18
arithma 6 days ago 0 replies      
Although our company is from Lebanon, so we'd basically be pulling ourselves to compete with your groceries job, I believe I can convince our company to offer you a job.
You can thank the sheer chutzpah of your person, that allowed you to create this editor.
Let me know if you're interested, so that we can discuss the details :)
19
stormbrew 7 days ago 1 reply      
Nice. Was vi-style modal editing a significant inspiration? It seems like it must have been. Definitely neat to see an approach to the same kind of limited-terminal constraints brought to modern devices. I don't know if I'd use it as a primary interface, but as a high level tool for code organization it could potentially justify having a touch screen on a code editing machine.
20
wildgift 6 days ago 1 reply      
oh wow. I was watching the video and thought, "oh whatever, it's just like a visualization of some vim style editing". Then I realized that you really did something amazing. "oh daaaaaamn, he just made a visual editor that could become the next vim."
21
saadazzz 6 days ago 0 replies      
It would be nice to have sound effects like that in Sublime Text.
If anyone is interested, I'd be glad to write a plugin together.
22
yarone 7 days ago 0 replies      
Congrats. A very interesting an innovative approach.
23
catshirt 7 days ago 0 replies      
i like the debug mode. being able to manipulate the tree directly seems like it could be more efficient than a cursor.
24
aaronsnoswell 6 days ago 0 replies      
I watched the video and still have no idea what this is about - someone explain it in english?
25
potomushto 6 days ago 0 replies      
I definitely want to try it with MYO wireless control, mostly for WOW effect.
26
dakimov 6 days ago 1 reply      
Not really innovative, but it has some sci-fi feeling in it due to the animations and sounds. He works in a grocery store?! I would hire him in no time.
27
kpierre 7 days ago 2 replies      
have you considered using APL and its derivatives ? it's about 100x less typing than java.
28
fishcakes 6 days ago 0 replies      
using the syntax tree for navigation was a brilliant insight. really nicely done.
28
Namecheap now officially accepts Bitcoin namecheap.com
323 points by redegg  3 days ago   172 comments top 27
1
ashamedlion 3 days ago 1 reply      
I'm loving this Bitcoin ramp up over the past few weeks. Namecheap should be applauded for their general endorsement of "what's good for the internet". Of course it's in their best interest, but you don't see GoDaddy doing the same.

I think back to the "So, that's the end of Bitcoin"[1] article by Forbes and chuckle to myself. Hopefully one day we can look back at that article in the same way we look back at Ballmer laughing at the iPhone [2]

[1] http://www.forbes.com/sites/timworstall/2011/06/20/so-thats-...

[2] http://www.youtube.com/watch?v=eywi0h_Y5_U

2
gibybo 3 days ago 6 replies      
Well, I just tried to transfer one of my domains to Namecheap using Bitcoin, but their implementation leaves a lot to be desired.

I filled in my domain, got to the checkout page, and it gave me three options: Pay from 'Funds', 'Credit Card', or 'Paypal'. Turns out in order to pay with Bitcoin, you have to first add 'Funds' to your account. So I click the link to do that, it asks me how much I want to add (I don't know, aren't you supposed to tell me how much I owe?). Anyway, I follow a few pages and finally end up on BitPay's page where it asks me to send a specific number of Bitcoins to their address, so I do. The page recognizes immediately when I have sent the funds, and redirects me back to Namecheap.

Great, now I can find my way back to the checkout page and finally finish the transfer! Except I can't. Despite having sent the funds, they won't show up in my account for another hour (or possibly up to 24 hours). I understand they want to prevent double spend attacks, but this is absurd. We're talking about a $10 domain that they can just revoke if the payment doesn't clear. They have to wait 45+ days for paypal/credit cards to clear, but they give the product to me immediately, and I don't have to go through their ridiculous fund adding process to do so.

I applaud the effort Namecheap and I'm happy to see Bitcoin becoming more useful, but this needs work.

3
qdot76367 3 days ago 1 reply      
Ok. So accepting bitcoin, but they still won't have things like two-factor auth available for "several months" (reference: https://community.namecheap.com/forums/viewtopic.php?f=10...).

I realize PR departments are probably flailing wildly over $33 bitcoins, but which feature do you think your users are more likely to use?

4
Skoofoo 3 days ago 5 replies      
Neat, but will they turn a blind eye to domains registered with false information? After all, the biggest advantage of Bitcoin over traditional digital payment methods is its capability to be used anonymously.
5
largesse 3 days ago 0 replies      
It's odd about technology. The more pervasive it becomes before it legislators are aware of it, the harder it is to crack down upon. I don't know what the legal challenges will be to the widespread use of BitCoin in commerce, but I'm sure there will be some.
6
davidroberts 3 days ago 2 replies      
I think in five years, the idea of using credit or debit cards for electronic transactions will seem slightly ridiculous, sort of the way using snail mail to pay bills by check seems now.
7
kalleboo 3 days ago 1 reply      
Looks like they're using BitPay https://bitpay.com

edit:
I just tried it. The workflow works well, but this brings me back to my biggest reservation about the usability of BitCoin for regular transactions: The long period (hours) to confirm a transaction.

8
daniel-cussen 3 days ago 1 reply      
The Coupa Café of Palo Alto is going to support paying with bitcoin soon. Yesterday I bought coffee for $2.00, with the option of paying .17 bitcoin.
9
andreyf 3 days ago 1 reply      
This is crazy: MtGox is 37 USD/BTC today, up from 20 USD/BTC a month ago.
10
teoruiz 3 days ago 1 reply      
It's a great step towards domain anonymity, but at the end of the day Namecheap is a company in the USA that needs to comply with USA law and its enforcers. And we know it's not the most privacy-friendly country in the world.

To be fair, registering a .com domain is a bad idea if you want to stay anonymous. Go for a .is, a .ch or even a .eu.

11
ihsw 3 days ago 2 replies      
Now Amazon needs to start accepting Bitcoins for EC2 instances and the world will be on its way past the Visa/Mastercard duopoly.
12
bmiranda 3 days ago 1 reply      
The price of Bitcoin is currently hovering around 37 USD. I remember when Bitcoin was $2.00 after the first crash, I never expected it to rebound so quickly. Announcements such as Namecheap's lend credence to the current price, but I would not be surprised if a correction brought Bitcoin below $30.

Regardless, I am excited that there are more places to spend Bitcoin each and every day.

13
foxylad 3 days ago 0 replies      
A domain registrar is going to have a fairly technically literate customer base, but bitcoin is edging towards the mainstream faster than I'd expected.
14
score 3 days ago 1 reply      
I seems the overall useage and popularity of bitcoins has gone down though. I haven't had a single purchase with bitcoins in about a year at Flow and Zone Games ( http://flowandzonegames.com ) and that's quite a change from the one-a-week clip before.

I don't understand the currency so maybe I'm overpricing.

15
lowglow 3 days ago 2 replies      
Hey all! I'm trying to build a domain registrar we'd actually love to use. Does bitcoin really appeal to you as a user? I'm trying to find a list of must-haves and want-to-have features to bake into my project.
16
juskrey 3 days ago 0 replies      
Interesting if anyone had conducted an experiment, whether new Bitcoin button, near old good CC payment, actually worsens whole conversion rate, due to interesting Bitcoin reputation in masses.
17
stevewilhelm 3 days ago 1 reply      
To put in perspective:

_____~10000000 (10 million) dollars in bitcoin transactions a day [1] verses

~5000000000000 (5 trillion) dollars in daily foreign currency trades worldwide. [2]

[1] http://s831.us/XIQoZ7
[2] http://s831.us/XISAQb

18
WhoIsSatoshi 3 days ago 1 reply      
This is beautiful to watch unfold: The universe is taking flight! Do help it, not for the sake of a cryptocurrency, but for the ethical implications. For you and for me.
19
mariuolo 3 days ago 0 replies      
The same namecheap that blocked *.imgur.com ?
20
tedsanders 3 days ago 3 replies      
Accepting a volatile currency seems risky.

What if bitcoin drops and I fill register domains on the cheap? Is there a way to prevent this? Are the prices somehow pegged to the dollar?

21
johnx123-up 3 days ago 0 replies      
OT: Can anyone suggest a good Bitcoin processor? What about Mt.Gox? Is it sensible to create our own processor and escrow for Bitcoin?
22
lucb1e 3 days ago 0 replies      
Looking pretty good, privacy and IPv6 support like you might expect nowadays, only no DNSSEC. Not buying.
23
adrianwaj 3 days ago 1 reply      
I'd like bitcoin to succeed even to a small extent if only as a counterweight to keep central banks in check but it would be better if it weren't so cumbersome to use, ie slow.
24
vishaltelangre 3 days ago 0 replies      
Well, just reading about bitcoin and saw this here. I am pretty fascinated by the fact that it take not much time for currency conversion across the world. Awesome. Hope, this will dominate the current methods, and frauds.
25
eduardordm 3 days ago 11 replies      
Because bitcoins are illegal in my country, I'll keep my personal domains on namecheap but will certainly move my company domains out of there until I figure out if there's a chance I have problems with this.

I like bitcoins just like everyone, but there are laws you need to abide by and bitcoins are illegal in many countries.

26
rrrrtttt 3 days ago 5 replies      
Let's say I think that in one year's time Bitcoin will be gone. And let's say I want to put my money where my mouth is and want to short Bitcoin. Presumably there's a lot of people who think that Bitcoin is going to appreciate and thus should be happy to give me a low-interest loan. And yet there is no way to get a Bitcoin-denominated loan. Does this mean that people don't really believe Bitcoin will be with us in one year's time?
27
nuII 3 days ago 0 replies      
Fuck yeah Namecheap!
29
Ubuntu will switch from X window server to Mir ubuntu.com
321 points by dz0ny  4 days ago   331 comments top 45
1
acabal 4 days ago 16 replies      
Maybe this is a good idea, I don't know about X/Wayland enough to say. But it worries me that Ubuntu is increasingly striking out on its own. What I like about the GNU/Linux ecosystem is that a lot of distros share a lot of common underpinnings, and everyone benefits from a large community fixing bugs and improving those underpinnings. It's also less knowledge to have to keep in your head for system administration stuff. (Which is still necessary in Ubuntu, regardless of what the "it just works for me" people say.)

Maybe this is the kick in the pants Linux needs to increase adoption. But I would much rather know GNU/Linux, not Ubuntu. Now Ubuntu is standing alone with Compiz, Unity, Upstart, Launchpad, and Mir, all pretty fundamental pieces of the core system. In a decade, will switching from Ubuntu to Debian be as big of a culture shock as switching from Windows to Linux?

2
pilgrim689 4 days ago 11 replies      
I don't understand all the negative reactions. Canonical is recognizing various problems in making GNU/Linux mainstream. They are then innovating at a deeper level (fixing root causes rather than duct-taping) to ultimately attempt to really attract the layman to a mobile or desktop GNU/Linux distro. Devs don't need to target Mir if they don't want to, Linux users can switch to another Debian if they don't like it, and the Layman discovers that Linux can possibly be just as shiny as Mac OS.
Can someone explain to me why this is all so horrible?
3
tiles 4 days ago 0 replies      
From the MirSpec at https://wiki.ubuntu.com/MirSpec:

"Why Not Wayland / Weston?

An obvious clarification first: Wayland is a protocol definition that defines how a client application should talk to a compositor component. It touches areas like surface creation/destruction, graphics buffer allocation/management, input event handling and a rough prototype for the integration of shell components. However, our evaluation of the protocol definition revealed that the Wayland protocol suffers from multiple problems, including:

The input event handling partly recreates the X semantics and is thus likely to expose similar problems to the ones we described in the introductory section.
The shell integration parts of the protocol are considered privileged from our perspective and we'd rather avoid having any sort of shell behavior defined in the protocol.
However, we still think that Wayland's attempt at standardizing the communication between clients and the display server component is very sensible and useful, but it didn't fit our requirements and we decided to go for the following architecture w.r.t. to protocol-integration:

* A protocol-agnostic inner core that is extremely well-defined, well-tested and portable.
* An outer-shell together with a frontend-firewall that allow us to port our display server to arbitrary graphics stacks and bind it to multiple protocols.

In summary, we have not chosen Wayland/Weston as our basis for delivering a next-generation user experience as it does not fulfill our requirements completely. More to this, with our protocol- and platform-agnostic approach, we can make sure that we reach our goal of a consistent and beautiful user experience across platforms and device form factors. However, Wayland support could be added either by providing a Wayland-specific frontend implementation for our display server or by providing a client-side implementation of libwayland that ultimately talks to Mir."

4
ChuckMcM 4 days ago 0 replies      
This is awesome! I really can't wait. Having been dealing with the drm/kms stuff to try to build applications "near the metal" on small devices has been painful painful painful. Just too many pots, each with their own sous chef. Someone to put some structure around that and get the GPU folks in line makes so much sense.
5
munchor 4 days ago 1 reply      
>This is the worst path Canonical could have possibly chosen. Now developers across all different toolkits and applications, from Gtk+ to Wine, will need to maintain massive patchsets to integrate with Ubuntu. Either that or run in a rootless X window in "legacy" mode.

>This will not end well for interoperability, for developers, or for the wider Linux ecosystem. Bad times.

That comment on OMG! Ubuntu! is making me uncomfortable with the consequences this might have for the GNU/Linux ecosystem. I am not sure about how far I can trust that comment, but the Phoronix article[1] explains it better:

>Canonical developers will make to see that applications relying upon Qt/QML, GTK3, XUL, etc will be able to use Mir in an "out of the box" manner. The legacy X support will come from an in-session root-less X Server.

I would, though, like to know more about the consequences for this. First of all, we know that Unity will be much faster, since this thing needs to run on phones too and Unity will actually be a "real thing" instead of just a Window Manager (Compiz) plugin.

>Isn't a point of FOSS that people can all contribute to one major project instead of reinventing the wheel?

That is another comment on OMG! Ubuntu! and I completely agree with it. Sure, freedom of choice is great, but why not use Wayland, really? It was designed from scratch to work for everybody.

[1]: http://www.phoronix.com/scan.php?page=news_item&px=MTMxN...

6
hazov 4 days ago 1 reply      
For those that are curious this is a good diagram by Alison Chaiken about the two major ways of the architecture of Linux graphics:

http://she-devel.com/Linux_Android_Graphics_Stacks.svg

I believe Mir will just be a custom tailored SurfaceFlinger, I just do not understand why Canonical will not use SurfaceFlinger.

EDIT: Maybe because SurfaceFlinger is built with OpenGLES in mind? I don't really know.

7
otterley 4 days ago 0 replies      
I notice that rasterization to non-display devices (e.g. printers) isn't mentioned in the proposal at all. This was a serious weakness of X11 and I'm surprised it's not discussed. In mainstream consumer OSes, such capability is part of the basic graphics toolkits (GDI, Carbon).

If Canonical is serious about attracting mainstream Linux adoption, this is going to have to be addressed from the start.

8
prodigal_erik 4 days ago 1 reply      
Remoting over a network with latency is not even an afterthought; none of those words appear in this spec at all. I'm worried that a new display system might start getting traction in the industry while assuming there's only one computer in the world I care about and that I'm sitting in front of it, because that would be a huge step backwards.
9
binarycrusader 4 days ago 0 replies      
If this is going to have any real hope of replacing X it also needs to be licensed as liberally as X is, otherwise, it's doomed in many commercial sectors. (Current mir license appears to be GPLv3.)
10
lucian1900 4 days ago 2 replies      
Wtf? "We don't like Wayland because of ... reasons, let's build our own stack from scratch!"
11
lee 3 days ago 0 replies      
Those who are complaining that Ubuntu is diverging from most other Linux distros forget that this is the nature of open source software and competition.

Part of the success of open source software is that it's highly evolutionary. Good successful projects attract a following and get better. For this to happen, you have to have choice and diversity. There has to be competing flavors, libraries, and distros all vying for market share.

What Ubuntu is doing is great for us all. Providing more alternatives in the Linux ecosystem than just relying on X/Wayland/Whatever.

12
BruceIV 4 days ago 1 reply      
On the one hand, this looks like one good way to get rid of the massive bag of hurt that is X; on the other, seriously Canonical? Re-inventing another huge chunk of the stack just because? NIH syndrome much?
13
sneak 4 days ago 1 reply      
> X has a long and successful history and it has served the purposes of both system level and application level UI well for more than 3 decades.

HAHAHAHAHAHAHAHAHAHA

14
qznc 4 days ago 1 reply      
So, Wayland vs Mir will be the next Gnome3 vs Unity?
15
mhw 4 days ago 0 replies      
More interesting stuff from one of the developers here: http://samohtv.wordpress.com/2013/03/04/mir-an-outpost-envis...
16
AnthonBerg 4 days ago 2 replies      
Given my bad experience during the past years of Ubuntu breaking things in Debian and inventing poor software by themselves, my estimation is that they're not smart enough to pull this off.
17
ElliotH 4 days ago 0 replies      
Competition is good.

Ubuntu seems to have their reasons not to want to use Wayland. Maybe Mir is awesome. Then I can move to it. If it's not so awesome then like Unity and Upstart I can ignore it.

Seems to me the enemy here is the old fashioned clunky X server. Good. Two armies fighting the same target at least eliminates that target before they start fighting each other.

Besides, if they both end up having support in all the major toolkits and they both have an X server fallback, then we should be able to meet in the middle somewhere eventually.

18
sandGorgon 3 days ago 0 replies      
This is Ubuntu's "Bada" move - it is scared of being assimilated by Android that it is forgetting that it can truly innovate in the UX and not by building walled gardens around display managers.

Ubuntu already has significant investment in Surfaceflinger/Android via its Touch vertical. It has also started migrating to QT/QML for its shell (which work really well on Android). There is a significant opportunity to innovate on UX (like Blackberry Z10), rather than throw away the ecosystem that would come with adopting an Android core.

Yesterday, I couldnt join a GoToMeeting using Ubuntu. But just after, I did it in less than 2 minutes by using an app oumy Android device. That is a huge ecosystem, that I want to use on my desktop (I dont know how the desktop UX for a touch app will work, but I hope it will).

I say that Ubuntu, Google and Valve should sit together and come up with a graphics+sound backend that will work together. And let me play Half Life 3 on my phone and desktop simultaneously !

19
desireco42 4 days ago 1 reply      
While I agree with most of you who says they are worried by this development, I understand and welcome this direction Ubuntu is taking, almost making their own, not flavor but unique OS. Which is what people said HP should have done.

It is frustrating being open source advocate, if software you use is somewhat inferior to what is available on other platforms, just try to use firefox on ubuntu and compare that to osx or windows. If Ubuntu manage to pull this off, and I think they deserve all our support in that, we will get inspiration for all the open source projects as well as good codebase they can fork and work with. I am not expert in licencing, but anything they accomplish can't be bad for the open source movement.

My 2c.

20
gvalkov 4 days ago 0 replies      
Just wanted to mention that the news of Mir has hit wayland's mailing list[1]. I'm very curious to see what the wayland developers think of all this.

A lot of work has already went into wayland and in making things work with it (gtk3, qt5, clutter etc). This is truly an ambitious project and I doubt that ubuntu engineers would needlessly want to write all of this from scratch if there weren't legitimate shortcomings in wayland's architecture.

Personally, I'm looking forward to my wayland powered, fedora 20 desktop running the yet to be invented WMonad tiling window compositor.

[1]: http://lists.freedesktop.org/archives/wayland-devel/2013-Mar...

21
VLM 4 days ago 1 reply      
No one has made the obvious comparison in the comments to ipv4 vs ipv6? The main issue with "yet another graphics protocol" is islanding. Right now all my "linux" boxes are more or less intercompatible. I can ssh -X whatever mythtv-setup and get the config GUI from a server that doesn't even have a monitor (not even sure if it has a graphics card?)

Now I / we will inevitably have three little not too compatible islands of X, wayland, mir, who knows.

My primary interest as an end user, because the machines "I do stuff on" are multiple huge headless servers and virtual images running on them, is network transparency. As long as a Mir keyboard/mouse/monitor can connect to a "real" system and give my my X when necessary, in a VNC like window or whatever if necessary, I'll be OK.

Connectivity demands go both ways. If my refrigerator ends up running Ubuntu for its user interface, I'd really like to be able to remotely connect to it to mess with it.

22
doublextremevil 4 days ago 0 replies      
from Wayland creator Kristian Høgsberg:

" things they claim wayland/weston input can't be extended to support:

"... adjusting and extending X's input model is difficult and supporting features like input event batching and compression, motion event prediction together with associated power-saving strategies or flexible synchronization schemes for aligning input event delivery and rendering operations is (too) complex."

is already implemented and working in weston today..."

https://plus.google.com/100409717163242445476/posts

23
hamax 4 days ago 0 replies      
I don't hate this decision. I probably won't upgrade as soon as it comes out, but in my opinion linux ecosystem needs competition in the display server segment.

If they screw it up there are plenty distros to choose from.

24
caycep 4 days ago 1 reply      
Also - kind of a noob question but: my assumption is all the recent ubuntu controversy is over ubuntu desktop. Does this affect the ubuntu server distro at all? Especially since I am trying to learn how to create a well provisioned ubuntu server vm for use with linode deployments...
25
kunai 4 days ago 5 replies      
I suppose it's time to switch to Fedora, now, even though I've been holding out for as long as humanly possible.

This just pushes me over the edge.

26
trotsky 4 days ago 1 reply      
Did I read that correctly, there is no plan to build GTK+ bindings - they are going to qt based dekstop applications?

Or do they expect gnome to port to mir? Unless they already worked that out it doesn't seem too likely as this amounts to a direct shot at them.

If Ubuntu is suddenly not going to have any gtk applications available it is going to be a very foreign environment to lots of its current users.

27
JoachimSchipper 4 days ago 0 replies      
Relevant: https://lwn.net/Articles/524606/, OpenBSD complaining about modern X becoming less and less portable. Ubuntu, of course, is always willing to turn the incompatibility to 11.
28
mixedbit 4 days ago 0 replies      
It it going to be compatible with existing window managers for X or does the change mean that Ubuntu will work only with Gnome or window managers developed from scratch for Mir?
29
scolex 4 days ago 0 replies      
in the past when ubuntu was still "linux for human beings" they did great job polishing the linux and providing good linux experience. They were very good improvers.

but then they decided to became inventors. But they don't have strong engineering background and their products were trash.

upstart never provided advanced parallelism and was surpassed by systemd

Top menu and indicators rely on d-bus -- really stupid idea and misuse of technology

they abandon mutter+clutter for closed gl-canvas rendering library + compiz to be used in unity. Now is mutter+clutter far more advanced.

Now they want to change wayland for mir? are they serious? They are not good at inventing things. They will just make linux fragmentation much worst. It's really problematic to make good drivers and gpu companies can't spend money and people on different linux platforms.

ubuntu became from "linux for human beings" to "crappy mac-os like for poor"

30
elteto 4 days ago 1 reply      
Wow. The sheer level of FUD and negativity that you can find on these comments is just mind blowing. It seems that most of it (with a few knowledgeable exceptions) is coming from folks who don't know what they are talking about and have never probably developed graphical applications for Linux. They can't elaborate a single technical reason as to why they dislike whatever it is they dislike, yet they still jump on the bashing theme du jour (which nowadays seems to be Canonical).
31
yk 4 days ago 0 replies      
It appears that any sufficiently widely adopted Unix becomes a OS of its own. Examples include OSX, Android and increasingly Ubuntu.

( I have a wonderful proof for this, unfortunately HN does not allow to write into the margins.)

32
csense 4 days ago 0 replies      
What does this mean for Ubuntu-based distributions that offer a more traditional look and feel, like Linux Mint? I jumped ship for Linux Mint when Ubuntu shoved Unity down everyone's throats.

I like the balance Ubuntu strikes between good hardware support, recent packages, proprietary graphics support, and the "it just works" factor.

I just want all of that without the Unity mess. Unity might be good on a cell phone, but it was really crashy and impossible to do any work, because every time I've attempted to use Unity, I couldn't figure out how to do the simplest things with the GUI, and ended up switching within days.

It sounds like the new window manager will only support Unity.

33
Someone 4 days ago 1 reply      
Anybody know what this will be licensed under? I would think (L)GPL, but https://launchpad.net/mir isn't clear:

   "Licences:
GNU GPL v3, GNU LGPL v3, MIT / X / Expat Licence, Other/Open Source
(Boost Software License - Version 1.0)
Commercial subscription expires 2022-09-24
This project's licence has not been reviewed."

34
caycep 4 days ago 2 replies      
The other possibility - I just saw an article on phoronix noting the adoption of the Android window server layer (SurfaceFlinger or something like that) on ubuntu mobile. Not familiar at all with android underpinnings, but would that be another alternative to Mir? i.e. more modern window server, actively developed by Google dollars, etc?
35
morsch 4 days ago 0 replies      
They also announced the successor to Unity will be based on Qt/QML...

http://news.ycombinator.com/item?id=5320633

36
lsiebert 3 days ago 0 replies      
Either it will be better, worse, or a mixed bag.

If it's better, Then they have improved the ecosystem, and the developers and users will follow. If it's worse, then we can hope they will switch back, or they will lose users/developers.

The concern is a mixed bag... splitting development on something that may or may not ultimately win.

But mixed bags lead to innovation more than having one true way. Ideas from Mir and Wayland and X can lead to all three of them improving more then if only one or two of them were viable. However the lack of focus may slow individual development.

TL/DR Worst case is still not horrible, so long as Canonical recognizes it.

37
mtgx 4 days ago 1 reply      
It seems they are rewriting Unity, which I think is great. Unity is too slow. It should never be used for mobile devices as it is.

https://wiki.ubuntu.com/UnityNextSpec

38
debian69 4 days ago 1 reply      
Ubuntu is like an aneoba they cant stop splitting.
39
X4 4 days ago 0 replies      
######### We need Borg efficiency!!

SAR - We need fast driver development using safe and automatic "Template-Based" build systems.
There is a lot GNU/Linux can learn from Embedded Systems development.

40
ac 4 days ago 2 replies      
Does it mean we won't be able to use "ssh -X" on Ubuntu in future?
41
st3fan 4 days ago 0 replies      
"Tailored towards an EGL/GL(ES) world" - this is obviously to make it easier for Canonical to run on (mobile) devices.
42
dakimov 4 days ago 0 replies      
The worst thing is using C++ for a GUI engine. Don't do that mistake again!

The code looks quite weak at the first glance, but at least not so ugly as average open-source code.

The architecture solutions seem a bit weak too, even weaker than a GUI engine I have written being a junior developer.

Overall, their code seems to be written by a junior developer.

Seems to be too ambitious so far.

The problem is that it is actually really hard to make a proper GUI engine. It requires enormous experience and amount of expertise, like you can come up with something decent after building a few your own engines and closely analyzing existing solutions.

43
teeja 3 days ago 0 replies      
Considering that Plasma (on my install) uses 100MB of RAM to work its wonders (I have no idea what or how), that alone makes me suspect there might be a better way.
44
vsync 4 days ago 0 replies      
> "beautiful"... "beautiful"... "beautiful".

Really?

45
popee 4 days ago 2 replies      
Or just install mint ;-)
30
Show HN: Increase your productivity with ambient noise coffitivity.com
321 points by hangoverhammers  3 days ago   204 comments top 83
1
lukev 3 days ago 1 reply      
Very interesting, but I find I get much the same effect with the right types of music (which are also more aesthetically pleasing, to me).

Also, recorded environmental sounds always have a certain degree of annoyance for me. There's nothing on earth I love more than the sound of rain or a crackling fire, but recorded versions just don't cut it (for me). This seems to fall into the same category.

2
neya 3 days ago 3 replies      
If I'm correct, this is a type of Binaural recording, where they use a stereo microphone combination separated approximately at the distance of our ears while recording. I used to be a Binaural hobbyist sometime back and I recorded some (unprofessional) stuff along the way. I'd be glad to share it with the community:

1) 3d Sea - https://www.box.com/s/krtxx1tejeftffaegh4v

2) 3d Rain - https://www.box.com/s/feoczntidb4rkppz1fa7

3) 3d forest - https://www.box.com/s/35p4vpn4t6rdc2p8ok39 This is a Binaural music track composed by me :D)

Please use headphones to listen to these tracks (and not your speakers, because binaural stuff sounds good only on headphones)

EDIT:

Here are two more professional recordings (not by me) that will (possibly) blow you away! :D

1) Amazing 3d Matchbox - http://www.youtube.com/watch?v=WYdIidUIbAs

2) Virtual 3d Haircut - http://www.youtube.com/watch?v=qnNEJfokpWU

3
instakill 3 days ago 3 replies      
It's alright but there's way too much dish hitting. The talking is good but the kitchen cleaning staff is not only distracting but angering.
4
pivo 3 days ago 2 replies      
"Research shows it's pretty hard to be creative in a quiet space."

I'm sure that research is accurate for some people, but it's definitely not accurate for me. Quiet, aside from any noise I make myself, is the only way I can be truly productive.

5
doktrin 3 days ago 0 replies      
Interesting. I honestly would never have thought this type of erratic ambient noise would be a productivity boon.

I like to get in the zone, which is trickier when having to worry about the world around me. I don't consider myself paranoid, but I guess I subconsciously maintain spatial awareness when out in public.

Maybe I'm just not well acclimated to working in public spaces, but I find a lot of the background activity distracting (like the dishes, for instance).

6
alec 3 days ago 1 reply      
I like "Star Trek TNG Ambient Engine Noise (Idling for 24 hrs)" for drowning out everything else: http://www.youtube.com/watch?v=ZPoqNeR3_UA
7
wyck 3 days ago 1 reply      
http://somafm.com/ Old site, still amazing broadcasts direct to VLC.

Real people , not an algorithm "learning" what you like. Don't forget to donate:)

8
david_shaw 3 days ago 1 reply      
I've got to say that as skeptical as I was--noisy environments tend to annoy me--coffitivity is working very well for me.

Coffitivity plus Soma.FM's Groove Salad station (Soma.FM is great in general) has made me bang out more work in the last hour or so than in the several hours before it.

It could be the placebo effect, but so far, I'm loving it! Thank you!

9
cullenmacdonald 3 days ago 3 replies      
Just so every one knows, the guy that made this started learning to code from nothing about a month ago. Great job, man. I'm impressed that you conceived of, built, and then launched something in your first month.
10
moultano 3 days ago 0 replies      
http://soundtracker.com/ is what I use for this. He makes binaural nature recordings. They are as effective as white noise at blocking out my surroundings, but because of the feeling of space and the variety of sound, I don't get tired of listening to them the way I do listening to noise.

Here's an article on his search for quiet places and the movement to preserve them. http://www.orionmagazine.org/index.php/articles/article/3627

11
glenjamin 2 days ago 0 replies      
This is very similar to http://raining.fm which I'm a big fan of. Rainfall seems to be a nice approximation to pure white noise while having enough randomness to not be noisy.

The pomodoro style timer is also very handy.

12
duiker101 3 days ago 2 replies      
http://www.rainymood.com is my background noise of choice.
13
DerKommissar 3 days ago 2 replies      
My brain must be wired differently. I listened to that for about three minutes before I wanted to pull my hair out. The only ambient sound I've ever been productive listening to is rain.

I've tried to work in coffee shops before. Every few minutes I realize I've been listening to my neighbor's conversation and not doing work. I really dislike working in noisy places.

14
plg 2 days ago 0 replies      
from the actual paper (linked at the bottom of the coffitivity post):

"A total of 188 ideas were generated, for an average of 4.48 (SD = 2.09) ideas per person. The noise level did not affect the number of solutions generated"

"ideas generated by participants in the moderate- (vs. low-) noise condition were rated as more original (M = 3.87 vs. 3.66; F(1, 40) = 4.76, p < .05)."

Ratings were on a 7-point scale (1 = not at all, 7 = very much)... so ... a difference in originality of (3.87-3.66)/7 = 3% (i.e. not actually particularly significant (in the usual use of the word) even though the 3% difference was statistically reliable)

"... a significant effect of noise on this appropriateness index, such that ideas generated by respondents in the moderate-noise (vs. low-noise) condition were rated as more appropriate (M = 4.48 vs. 4.20; F(1, 40) = 5.34, p < .05)."

again, (4.48-4.20)/7 = 4% difference... not exactly impressive, although apparently it was statistically reliable

It always pains me to see scientific research reported in the media in such a way as to inflate the significance of the work ("significance" used here in the layperson sense of the word, not the statistical sense of the word).

PS the statistical significance was only reported as "p < .05", which means there is a 1 in 20 chance of getting a difference that large or larger due to random sampling alone (i.e. in the absence of an actual effect).

This XKCD cartoon is worth a look: http://www.xkcd.com/882/

15
lt 3 days ago 2 replies      
I ran into a similar thing today, focus@will:

https://www.focusatwill.com/about/

More than specific patterns they offer, I found interesting that they they claim unfamiliar music is better for productivity:

"And the single most important factor to consider when choosing a genre is what kind of music you usually listen to for fun and entertainment when you are not trying to be productive. And then, counter-intuitively, it's best to select the very opposite kind of music when using focus@will. Why? Because your brain gets pleasure, releasing dopamine when it hears music you like and listen to a lot, and music that is associated with good times or strong memories of any kind will reduce the focus enhancing effects when used as a productivity tool."

Unfortunately, I can't try them out because I'm not in the US.

16
Myrmornis 3 days ago 1 reply      
Silly idea, backed by "research" from the world of business-studies pseudo-academia. Do you trust the results of a paper that starts with the sentence "Creativity is ubiquitous in the realm of consumption"?

http://www.jstor.org/discover/10.1086/665048?uid=3739560&...

17
Inufu 3 days ago 0 replies      
For arbitrary ambient sounds, http://www.ambient-mixer.com/ is great. You can create your own mixes or just listen to premade ones. And you can individually adjust each 'effect' on mix board: http://weather.ambient-mixer.com/light-thunderstorm
18
deepGem 3 days ago 0 replies      
Man, this reminds me of a relatively unknown movie 'pushpak' - a silent Indian movie. The lead actor's house would be next to a movie theater but he will be forced to move out. He moves to a quieter place but can't sleep in the quiet zone. So he goes back, records all that movie theater noise and manages to get a good night's sleep listening to that recorded noise :).
19
lenazegher 3 days ago 2 replies      
Goes very nicely with the fragrance of dark coffee [1]

[1] http://www.youtube.com/watch?v=HMnrl0tmd3k

20
backwardm 3 days ago 0 replies      
I'm trying this out now and am really enjoying it. I work at home and usually just have my noise canceling headphones on with no music playing, so having the ambient coffee shop sounds plus music is a nice change. So far, I'm still able to concentrate on my work. Not sure if I'm being more productive or not, but it is a nice change. I just need a coffee to complete the illusion.

The loud dish clanks don't really bother me yet. (I am using my beloved Bose Q15 headphones, listening to KCRW Eclectic 24 + the ambient soundtrack both volume levels are very low).

21
rm999 3 days ago 0 replies      
I listen to "binaural beats for a more creative mind" or "binaural beats for concentration and alertness" on spotify while working sometimes. I'm not convinced on the actual science behind binaural beats' affect on the brain, but it very much helps my productivity. At the least it drowns out ambient sound and doesn't distract me with familiar music or lyrics.

http://en.wikipedia.org/wiki/Binaural_beats

22
erinaceous 2 days ago 0 replies      
This doesn't work on me. Even with the volume down low, I couldn't help trying to listen to the coffee shop conversations the instant it started playing. All the voices were somewhere in front of me in space, and after a few seconds I felt pretty overwhelmed. Completely lost my ability to focus on anything else, unfortunately.

This could be due to the fact I get sensory overload easily (and I'm somewhere on the broad autism phenotype). It was a jarring experience.

Plus the coffee shops I frequent are usually quieter than that - that sounded more like a busy canteen than a coffee shop to me! Needed less echo, more muffling, less voices, and some ambient background coffeeshop music, in my humble opinion of small-coffee-shop patron-hipster :)

If I want to focus on stuff, often I have to completely block out people talking and ambient noise and stick music on. The best kind of music is lyricless (or at least, no coherent words - Sigur Røs' english-icelandic gibberish mix is a good example of that), usually long movements, lots of prolonged chords and repetitive segments and a steady rhythm. That stuff helps with my sequencing ability and I find I flit between tasks less.

I've also tried white noise / "binaural beats" (those audio signals that use gentle modulation to supposedly alter your brainwaves), but those are pretty overwhelming too.

I do wonder if it would have a better on me had they used binaural recording (two microphones where the ears would be on a fake head, plus some algorithms to create a 3-dimensional sense of space from the signals) - which to me sounds more natural.

I can't read the whole paper on this, but I'm wondering if they took account of the spectrum of different neurotypes when studying this "coffee shop creativity" effect?

Also, since I've seen other people doing it, here's the artists/bands I listen to like 24/7 when in work to help me concentrate:
Godspeed You! Black Emperor (favourite <3),
Set Fire To Flames,
Explosions In The Sky,
Lovett's "Ghost of Old Highways" album,
Sigur Røs,
Ludovico Einaudi,
Philip Glass,
Massive Attack,
Portishead,
Liquid Stranger,
Radiohead,
DJ Shadow,
RJD2,
Kid Koala,
Hybrid,
Deadmau5,
Hans Zimmer soundtracks,
Nine Inch Nails' "Ghosts I-IV",
65daysofstatic (some stuff anyway, some of their stuff is crazy loud and overwhelming)

23
ajb 3 days ago 3 replies      
(edit: I was confused, it's not restricted. Sorry for the noise)

"not yet available outside the US" .. fair enough, and kudos for saying up front. How about adding a way of telling me when it is available?

Specifically, that is. I'm not going to subscribe to your normal feed because enthusiastic messages about a service which I can't get yet are just irritating. Indeed, the better they sound, the more likely I am to search for alternatives! This goes for anyone else who is rolling a service out slowly..

24
jph 3 days ago 0 replies      
Focus@Will is a startup doing music to boost productivity: https://www.focusatwill.com/

Lifehacker did a related post abiut choosing music for focus: http://lifehacker.com/5987019/choose-unfamiliar-work-music-f...

(The founder's a friend)

25
koof 7 hours ago 0 replies      
Great, but the one sample of the woman going "I shouldn't!" over and over is pretty distracting.
26
Havoc 3 days ago 1 reply      
I favour trance (e.g. Armin van Buuren). They usually have dreamy female vocals & the electronic feel makes all the notes sound the same, so it doesn't distract (OCD style). The mixes are often 1hr+ long so need to worry about track selection. I find it offers a good mix between not boring & easy to tune out (flow).

Example:

Ana Criado & Omnia No One Home
https://www.youtube.com/watch?v=KOSgtpbnCeI

27
tomasien 3 days ago 0 replies      
I'm using it on soft combined with music, and I'm into it! Helping me out.
28
Aga 3 days ago 0 replies      
Very nice idea! This is strangely compelling and I almost forgot it to the background despite having radio on... :-)

For those moody evenings and nights a nice choice is "You are listening to" It combines ambient tracks from Soundcloud and police/fire department/etc. radios:
http://youarelistening.to/

29
phatbyte 2 days ago 1 reply      
What I like to listen while coding:

Aes Dana - Memory Shell

Aes Dana - Season 5

Black Sands - Bonobo

Carbon Based Lifeforms - Interloper

I also find jazz and post-rock pretty good for ambient noise

30
baby 3 days ago 0 replies      
I see lots of people talking about it not working for them. I find the idea Genius! I haven't got anything done today, I'm going to start now with your product + the pomodoro technique and see if I can get things done.

EDIT : Okay I really can't focus while having this on the background. But I'm sure it's because I'm doing math. A task that would require less focus would be better with that kind of background. I need silence right now.

31
antihero 3 days ago 1 reply      
Does anyone else's brain get distracted trying to pick out conversation from the ambience? Perhaps it's an ADHD thing.
32
crynix 1 day ago 0 replies      
Explosions in the Sky is fantastic for getting things done. I've written some of my best code to their music.

http://open.spotify.com/track/5uWzSBJKqdSKJ3uMrYYUIT is one of my favorite songs by them.

The Earth Is Not A Cold Dead Place is my favorite album from them.
http://open.spotify.com/album/1JU4XTyTzADBQE1KpM0Wtx

33
mitchi 3 days ago 0 replies      
I just work in a public place like a college cafeteria and I fall in love 100 times in a day watching beautiful women. That's even more disturbing than the noise.
I still get work done.
34
akx 1 day ago 0 replies      
This is excellent! Well done. :)

I'd consider making it more procedural, to slowly mix and match different sources (akin to ambient-mixer) for a less static experience (that, by side effect, would also happen to be infinitely long).

35
pyre 3 days ago 3 replies      
I've always enjoyed the whitenoise of HVAC systems. It was always pleasant in college to find empty classrooms after-hours, with just the whirr of the HVAC.
36
ccleve 3 days ago 0 replies      
Anyone ever heard of the Hawthorne Effect? http://en.wikipedia.org/wiki/Hawthorne_effect
37
j45 3 days ago 0 replies      
Interesting. I find I get a ton done with ear plugs but it might be due to some traffic noise right outside my window.

I've also tried white noise which works pretty well.

I'll give this a go, but I'm not sure any music will work, the music itself can't be too enjoyable or engaging or it can become a distraction.

Somafm.com is a great station for this kind of music that you can leave running in the background where the music is good, reasonably unfamiliar,etc.

38
b1daly 2 days ago 0 replies      
I'm listening to Souxsie and The Banshees right now while I'm trying to work, I can tell you it is not helping my concentration. Though it is very cool.
39
guynamedloren 2 days ago 0 replies      
I personally find ambient noise to be distracting, but I have to say I love the simplicity and cleverness of this idea. Well done!
40
pkhamre 2 days ago 0 replies      
I created a playlist with soundtracks from indie games. Initially it was created as background music for playing StarCraft II, but I use it as background music when working instead.

It includes soundtracks from Bastion, Machinarum, Braid, Dustforce, Dustforce, Fittest, and Limbo.

http://open.spotify.com/user/pkhamre/playlist/53KjzBtdxdGmPZ...

41
robmcm 3 days ago 0 replies      
I use ambiance (http://ambianceapp.com/iphone) a lot when working, you can record your own sounds or download lots of free ones. I find airplane noise quite good, or low frequency humming.

I think half the effect comes from people thinking twice about bothering you if you have earphones in.

42
stuaxo 3 days ago 0 replies      
I heard someone I know used white noise, so trying this one I found

http://cantonbecker.com/music/white-noise-sleep-sounds/mp3s....

A bit crazy they want to charge nine quid for it, but can just play it in the web player

43
vignesh_vs_in 3 days ago 1 reply      
I know people want their posts to be on HN front page, but rigging the upvotes is not the right way. (users RamzyIS,acecallwood
44
toddrew 2 days ago 0 replies      
For me, I find long periods of time spent working in front of a screen can lead to anxiety. When I start getting distracted in many directions the feeling starts to come on. Listening to this ambient noise for the past half hour has calmed down that anxious feeling and made me feel more focused.

I am however used to spending lots of time working in public spaces in the past, and have spent the past six months in a more isolated work environment. (On an off the grid property 50m up the side of a volcano that you need to take a boat to access)

Maybe this is just putting me back in my comfort zone.

45
nollidge 3 days ago 0 replies      
Chrome on Windows 7, clicking play button does absolutely nothing.

EDIT: started working after like a minute of sitting. Maybe it had to wait to download the audio file?

46
brianobush 3 days ago 0 replies      
I would rather go to my favorite coffee shop. Comes with great coffee too! Lately, this has been my routine a few times a week in the afternoon. The change of environment has been quite effective.
47
codequickly 3 days ago 0 replies      
Some interesting music/audio for coding:
1. ambient sounds of star trek lcars (http://www.lcarscom.net/) and the repetitive beeping noise.
2. classic video game music on NES, like Super Mario Bros., Zelda
3. ASMR (search youtube) works wonder for those are affected by it. It puts the listener into a super-relaxed state, which can only be described as tingling or extreme pleasure for the brain.
4. Office Sound Effects (http://www.amazon.com/Offices-Sound-Effects/dp/B008HKONNA)
48
codezero 3 days ago 0 replies      
I like this, it would be even cooler if there were a way to scale the density of the conversation/background noise. As it is, for me, this sounds a bit too cluttered and makes me feel a bit anxious, besides that, it's pretty cool, and a great idea.
49
hboon 3 days ago 0 replies      
(If you use iTunes)

Along the same lines, I'm a fan of this https://itunes.apple.com/us/album/people-sound-effects-2/id5... Track 21.

50
honopu 3 days ago 0 replies      
I always listen to this on loop in itunes: http://www.sonicstudios.com/pptwaves.mp3

It works for me.

51
byjess 2 days ago 0 replies      
Thanks... its a great pairing with Songza. Particularly, http://songza.com/listen/jazz-for-reading-songza/
52
rhubarbcustard 2 days ago 0 replies      
If I'm having trouble concentrating I listen to some Brandt Brauer Frick.

http://www.youtube.com/watch?v=lrOVaqdYxuM

http://www.youtube.com/watch?v=gR8KGam3m9Q (ignoring the intro)

53
joshrotenberg 3 days ago 0 replies      
This was pretty good for getting work done. The real benefit came when my homemade lunch tasted like it was made in a cafe and cost me like $13.27 before tip. I bussed my dishes.
54
rolleiflex 3 days ago 0 replies      
I am not seeing a volume slider on Firefox 19 Stable, OS X. Is this something that can be added?
55
eoinmurray92 3 days ago 1 reply      
The link to the research paper at the bottom is the bomb, because no matter what it says I should get an hour or two of placebo filled awesomeness from this.
56
flux_w42 2 days ago 0 replies      
Bugfixing is fun with Mozarts Requiem - Dies Irae :) It feels like saving the world with every commit :D
57
awjr 3 days ago 0 replies      
Have to say I was skeptical, but after about 20 minutes of this, I think I'm sold. I do think this would be nice as a downloadable soundtrack/app though but the concept works very very well in an open plan office.

Not sure where this urge for cake is coming from and I swear if you listen closely enough, once in a while, you can hear a sheep bleating just briefly.

58
saltcod 3 days ago 0 replies      
Really, really useful. Thank you!
59
ehmuidifici 2 days ago 0 replies      
Well, let's give it a try, although I prefer Dave Matthews Band discography (and my wife likes programming with Bach, Beethoven or other soundtracks).

But that's a good idea, this should work better on very almost-dead quiet spaces.

60
josephjrobison 3 days ago 1 reply      
I can't tell, is it the same track over and over again or a new one?

By the way, I absolutely love this. I'm 4x more productive in coffee shops compared to everywhere else and I never knew why.

61
marvwhere 2 days ago 0 replies      
most of the time when i'm programming from my home office, i'm not listening to any music.

but since i'm working in an office, with 10 other people most of the time we listen to music over some speakers.

when its rock or metal i'm not very productive - but when listen to some good chillstep tracks with the right volume i notice for my self i get more shit done.

so i totally agree, right sounds/music in the correct volume and everything is fine.

p.s.: people talking around me distrect me totally, because my scumbag brain want to listen all the time...so i do not prefer coffee shops

62
arbuge 3 days ago 0 replies      
There are some strange noises in that soundtrack...
63
ewoutkleinsmann 3 days ago 0 replies      
I didn't read the whole research, but a quick glance at it told me that moderate ambient noise boosts creativity. The research doesn't mention productivity, though.

EDIT: And neither does your website, I see now. Why did you use it in the HN title?

64
swah 2 days ago 0 replies      
If this helped me focus then my colleagues talking would also make me focus - that is not the case though..
65
dtf 2 days ago 0 replies      
* dons evil hat * How much would you charge to insert subliminal adverts?
66
realdlee 2 days ago 0 replies      
I like EDM (Avicii station is a favorite).

I also sometimes like the sound of rain, so picked up a mp3 for a buck off Amazon ('The Sound of Summer Rain').

67
porker 3 days ago 0 replies      
I like, save for the bits around 4-4:30 where spoken word is too clear and disturbing.
68
jmd_akbar 2 days ago 0 replies      
I dunno if anyone recommended this or not, but these days i'm into "Two Steps From Hell", especially their album "Invincible"
69
chookrl 2 days ago 0 replies      
After 3 minutes I had to close it. Maybe if I wasn't aware that this is synthetic I would benefit from it.
70
pkfrank 3 days ago 0 replies      
As getting the precise volume is so critical, it would be nice if the volume-slider on the widget were wider, making it easier to find the right balance.
71
hozae 3 days ago 0 replies      
I mixed it with some Claude Debussy radio on Spotify.
72
lefinita 3 days ago 0 replies      
Well, that women at left are so talkative.
73
leoplct 3 days ago 0 replies      
You right. It works!
74
mike_ivanov 3 days ago 0 replies      
Doesn't work for me, I find it highly distracting.
75
br0nerd 3 days ago 0 replies      
For the love of coffee.. this is money!
76
WayneS 3 days ago 1 reply      
Anyone else hear an occasional goat bleating in the background of that cafe?
77
cthackers 2 days ago 0 replies      
This works very well for me. Thank you!
78
emrebey 2 days ago 1 reply      
man, are you just kidding? is this a joke project?

this "ambient noise" is the reason why I have open offices.

79
Gotttzsche 3 days ago 0 replies      
it's down. :( what is it? just drowning out distracting sounds or magic productivity noise?
80
McUsr 3 days ago 0 replies      
I liked this webservice!
:)
81
webandy 3 days ago 0 replies      
s/Eurika/Eureka/
82
acecallwood 3 days ago 0 replies      
Clean.
83
paromi 3 days ago 0 replies      
site is slow
       cached 9 March 2013 03:11:01 GMT