hacker news with inline top comments    .. more ..    1 Aug 2013 Best
home   ask   best   6 years ago   
I'm learning to code by building 180 websites in 180 days. Today is day 115 jenniferdewalt.com
1481 points by jenniferDewalt  7 days ago   347 comments top 99
sivers 7 days ago 19 replies      
Theres this great story from the book Art and Fear, that's very appropriate here:


The ceramics teacher announced on opening day that he was dividing the class into two groups.

All those on the left side of the studio, he said, would be graded solely on the quantity of work they produced, all those on the right solely on its quality.

His procedure was simple: on the final day of class he would bring in his bathroom scales and weigh the work of the quantity group: 50 pounds of pots rated an A, 40 pounds a B, and so on.

Those being graded on quality, however, needed to produce only one pot albeit a perfect one to get an A.

Well, came grading time and a curious fact emerged: the works of highest quality were all produced by the group being graded for quantity.

It seems that while the quantity group was busily churning out piles of work-and learning from their mistakes the quality group had sat theorizing about perfection, and in the end had little more to show for their efforts than grandiose theories and a pile of dead clay.


Advance congratulations to Jennifer. This is amazing.

freyr 7 days ago 3 replies      
So many hurt egos in this thread.

If you think what she's done is impossible, have you ever devoted 70/hrs a week to a personal endeavor for 6 straight months? Would you have the willpower and perseverance to stay committed and focused?

Also, these are cool sites, infused with a lot of creativity and a refined aesthetic sense, but it's not as if she's claimed to have written an OS or compiler in 115 days. Much of the javascript code is covered extensively in brief online tutorials. Maybe, given 10 hours, you couldn't ingest a tutorial and put your own spin on the concept, but thinking that nobody else could do that is a bit arrogant.

cgcardona 7 days ago 3 replies      
Really great idea Jennifer! This is the kind of initiative and creativity that will surely land you multiple job opportunities.

It reminds me of the steps which I took to transition into working on software professionally full time.

I came to programming relatively late in life when I was 26 and found out that my wife was expecting a baby.

The sudden change facing my wife and I made me take a hard look at my skill set to decide how quickly I could provide for us.

I decided that my interest in setting up wordpress installs as well as tinkering with Photoshop/Illustrator was the surest, safest, and quickest path to a successful career and decided then and there that within 6 months I would have a job as a junior web developer.

To help accelerate this I signed up at my local community college for courses related to getting a web design certificate. Ultimately I took 2 semesters (1 of which was a compressed summer semester) of classes including CS-1, Photoshop, Illustrator, Flash, InDesign, HTML/CSS, PHP/MySQL.

Soon I began to get the feeling that school was moving too slowly. I had joined the W3C HTML5 Working Group and was also participating in the WHATWG and started to realize that I was learning much more by hacking on code in the evenings than I was in class.

During this time I started to create a portfolio showcasing new HTML5 APIs as they would become available across different browsers. Mostly I did this out of my own passion for web standards and wanting to understand the most cutting edge APIs as soon as they dropped. However this portfolio soon became incredibly valuable with regards to landing a job.

During the second semester I got the chance to interview for a local android dev shop (this is in Santa Cruz, CA). I got the job but didn't find Java to be a good fit for my skills at the time and after a couple of months transitioned to another local dev shop.

This company was a rails shop building an app for Walmart's internal network. I got the job based on my HTML5 knowledge and soon found myself learning rails.

Around this time I made the decision to quit going to school and to focus full time on my job. I was at this job for about a year until the company unfortunately went out of business.

Since I left that job I've spent a year and a half at trulia.com where I was on the mobile team building m.trulia.com, Trulia's native windows 8 app, and the suite of webservices powering Trulia's native iOS/Android/Windows apps. Currently I'm at cardfree.com where I'm working with ruby on rails.

The reason I posted this tale is to encourage you to continue what you're doing! When I look back at my short but exciting career I notice that though I feel fortunate to have gotten a couple of semesters of training at a junior college it was mostly always the projects and initiatives which I undertook in my personal and spare time which ended up being the most valuable for me.

There is so much opportunity and demand in the consumer web and electronics space right now that showing this initiative and creating such a strong portfolio will surely land you multiple job offers if that's what you are looking for.

Either way excellent work and I wish you the best of luck going forward!

wellingtons 7 days ago 7 replies      
I have to ask: How on earth do you find the time to do this?

As much as I'd love to do this in order to get my hands dirty on web development and out of systems, I can't ever fathom having the free time available every day consecutively.

I mean, for someone "learn(ing) to code" on Day 1 and by Day 15 doing "Dropping Boxes", it just seems a little far fetched. Obviously you have had a good portion of coding experience and are using -some- level of resources, or you are a savant.

I don't mean to sound rude, I just feel like the readers deserve a deeper level of explanation and cited resources, rather than believing you reinvented Conway's Game of Life by day 108.

Edit: I have to add that this is all very excellent work and good on you for sticking to your goals so far. Clearly you are a very talented individual. Cheers.

cocoflunchy 7 days ago 2 replies      
jbp 7 days ago 0 replies      
This kind of dedication is inspiring.

From http://blog.jenniferdewalt.com/post/51616616313/day-58-explo... :

"Tomorrow I head to Pennsylvania to host a bridal shower and bachelorette weekend for my sister. Between the pre-wedding festivities and visiting with family, Im going to be pretty limited on time for building websites. But, the show must go on and I am excited to see what kind of goodness I can create under pressure."

Congratulations Jennifer.

whbk 6 days ago 1 reply      
From her Facebook, September 2009:"If you don't know already, I've created an iPhone app! I've been working really hard on this and have had lots of fun taking pictures of myself and my friends. Oh, what it does is gives everyone in the picture a HOT or COLD rating. The app is called ruHOT and is available for download for the iPhone and Android phones. Check it out!"

So yeah, highly doubt this is truly her first rodeo. Cool project(s) nonetheless and impressive dedication.

headcanon 7 days ago 3 replies      
I suppose the hardest part of doing something like this, at least for me, would be coming up with a list of ideas of exactly what to create - not just coming up with 180 things, but 180 things that I can reasonably expect to accomplish in one day. Did you come up with that list beforehand, or do you decide today what to do tomorrow, or something in between?Some other random questions that come to mind - What's your daily schedule like during this period? How many hours do you typically spend on a single project? Are you also working during this period, or did you save up some money beforehand?
keiferski 7 days ago 10 replies      
Wow, this is really inspiring. I see that she's hosting them all on her personal domain, but I have a question, if anyone has an answer. What's the easiest/most cost-effective way to host a large number of sites on different domains?

Learn how to use a VPS? Static pages with NearlyFreeSpeech? I've got a zillion ideas (and after seeing this, will be building them soon) but they need to be on separate domains. Paying $5/month or whatever for each is obviously not optimal.

mehulkar 7 days ago 2 replies      
This is awesome. Reminds me of the girl who learned to dance in one year by recording herself every day. Also reminds me of Seth Godin who recommends starting the day by producing rather than consuming and follows the practice by writing a new blog post every day, without fail.

Consistency is so hugely important. Quality is born from quantity.

jqueryin 7 days ago 0 replies      
This is great and all, but I do have to call BS on no previous coding experience. Perhaps she had plenty of HTML experience and wouldn't regard that as coding experience. If you look at her early examples, even on something like day 3, you find the following in the source:

    * Inclusion of a CSS reset stylesheet    * Inclusion of jQuery 1.9.1    * Usage of HTML5 footer tag    * Inclusion of the HTML5 shiv JS
If this wasn't boilerplate HTML being used, I have no idea where a beginner would know these three things on day 3. Perhaps just stumbling upon the right project?

Also noteworthy is the inclusion of an external JS file for loading Google Analytics. Most people have no idea what this is or how to set it up

jmtame 7 days ago 0 replies      
I looked through your comment history to see if you already answered and couldn't find it. What happened when you got stuck? I'd suspect there were points where you couldn't figure something out; it tends to happen when you become frustrated and you have to take a break. You mentioned that you had no previous programming experience. How much time did you spend learning before you created the first app on day 1?

I ask because this goes against the pattern I've observed in most students. I was involved in starting Bloc, which is an online programming bootcamp. I think the #1 value proposition is having a person there to help when you get unstuck. It's fascinating to see you overcome the learning curve on your own which affects most people trying to learn.

Just so I can fully understand: did you have any human interaction or assistance during this entire time? That to me is the most impressive part of this. A lot of us had TAs, professors, group projects where we worked closely with others. I don't know a single person in my own network who has learned to program on their own without any human help.

Hope it doesn't come across as if I'm belittling what you've done or seem skeptical, this is really impressive!

txutxu 7 days ago 0 replies      
I take my hat off by personal challenge and the technical side of the project.

But I put more kudos on "publishing it".

I'm a self-taught which now can say I'm more than a decade in the industry, but I think I could never publish my "learning" projects because maybe I'm ashamed of their quality.

I think what you have do is nice, and more important is well presented for others to see. So you maybe encouraging others to do the same.

That is the spirit. Great.

eat 7 days ago 1 reply      
These comments are infuriating, but not unexpected. So many people who have likely wasted their last 115 days attempting to find every fault with someone who clearly hasn't.

OP: Excellent work, and keep it up. I hope you take the criticisms and disbelief for what they truly are: incontrovertible evidence that you're doing something very right.

DanBC 7 days ago 0 replies      
This is amazing. It's inspiring. I like the rules you set for yourself - a blog post to accompany every website, and releasing the code on github.

It's important that people know the WWW is not out of their reach, and that they can create stuff. This post, and Neocities, strongly feed that "democratisation" of the Internet.

Next it might be a nice idea to do 4 websites, one a month, but polish them so they're standards compliant, as accessible as possible, etc.

ekr 7 days ago 0 replies      
I'm going to ignore all the malicious comments about how fraudulent this is. This is an amazing achievement, and it reminds me of a much better way of improving your skills.

Last time I wanted to build a ray-tracer, I starting using the PBR book, and then started learning about Fourier series and transforms, about signals etc. This of depth-first aquisition of knowledge is not very adequate for the average human mind, whose curiosity and motivation are much better served by achieving many short and tangible results, a so-called feedback loop.

Seeing Jennifer and her progress, I'm determined to start a similar project: 1 demo (not necessarily 4k/64k) coded in asm/GLSL per week.That's after I actually finish writing my hobby OS, which is being done in the same DFS fashion (started reading Tanenbaum's book on Minix, it has plenty of references).

stevewilhelm 7 days ago 0 replies      
In the next couple of weeks you might want to look at secure authentication and authorized resource access, scaling, sessions, cross-platform issues, internationalization, adaptive design, etc.

Also might want to revisit some of your existing websites to get some exposure to refactoring, bug fixing, prioritizing feature requests, test based development, performance profiling, etc.

rdouble 6 days ago 0 replies      
Did you pre-plan the ideas for the websites?

When doing art, I used to set goals like "do 30 drawings in a month." However, I've found that I just draw the same stuff over and over again if I leave it at that. I have to actually make a theme (draw 30 plants) and even get a detailed list (draw a jade plant, a hydrangea, etc) in order to actually make any progress.

I am curious if you did any planning like this regarding the choice of sites you made?

ansdkfus13 7 days ago 0 replies      
This story indeed is very inspiring. I'm a business major turned front-end designer. I worked as a financial analyst for a semi-conductor company for two years and realized I want a career that fosters my creative side. Working with Excel, though I got very good at it :P, all day long made my day very dull and monotonous. I got my husband to teach me how to code (he's a CS major, working as a product manager for a SF company). Now I am fairly proficient in Photoshop, Illustrator, CSS, HTML, and Javascript. Then I made a Python program which analyzes the proper excess inventory to keep for the semiconductor company I worked for, which got me a lot of recognition (the program was prob elementary level and messy but got a credit for being a financial analyst that can code). I quit my day job and I'm working on my startup, for which I'm doing all the front end coding and some of back-end coding as well. Also relocating to SF to pursue this new found passion. I wish the best of luck to Jennifer and other people like her.
booop 7 days ago 1 reply      
In a similar vein, here's a thread of a complete rookie starting from scratch who turned into a fantastic artist by drawing a sketch every day : http://www.conceptart.org/forums/showthread.php?t=870

I guess this works for learning programming too.

espadagroup 7 days ago 0 replies      
Finally someone posting a challenge they're undertaking when they have at least accomplished already some of it. I hate seeing people announce that they are about to do something. This is much much better.
alcuadrado 7 days ago 0 replies      
To be honest, as soon as I read the title I thought "but if you force yourself to deliver something new every day you want have enough time to actually learn new stuff in between", and you proved me wrong. Congratulations!
akurilin 7 days ago 0 replies      
Basically, work a lot. Make sure there's always a chunk of work that's new and challenging, a form of deliberate practice. Also make sure there's a chunk of work that's reinforcing what you already know until it becomes second nature. Rinse and repeat. Kaizen.
donaq 7 days ago 0 replies      
You are super awesome. I have been programming for years and I still don't know how to do some of the stuff you've done for your websites. I'm sure I could easily learn how to, but then it's easy for me because I have the advantage of years of experience. To be able to get to where you are within 3 months is astounding to me and that tells me something about the validity of your approach, so I'm gonna shamelessly rip you off the next time I need to learn a new skill.

Somebody hire this person!

t0dd 6 days ago 0 replies      
Very impressive. It reminds one that complaining about "too much work" is often just a poor excuse for petrifying in a niche of self-satisfaction and comfort. I can't read all of this, browse what you've accomplished in so little time, and doubt the feeling great things are destined for you. Congrats!
jorgecastillo 7 days ago 0 replies      
I am really impressed this gal sure has a promising future as a software developer. I must also say this made me a little sad, she has done in days what I haven't been able to do in years.
ValG 7 days ago 0 replies      
An additional anecdote comes from Jerry Seinfeld, (comedian). He says that his goal when he got into comedy (and still to this day) is to write jokes every day. Create a chain of joke writing and keep track of it in a physical way (in his example, a calendar that he marks off with an X every time he sits down to write). You create momentum that you don't want to break, and even though you might not be writing good jokes (good code, etc...) every day, there is still improvement going on. [1]

All anecdote, but it seems to point to the fact that the value of iteration on DOING is more valuable than iteration on PLANNING. (i.e. plan a little bit, and do a lot).

[1] http://www.writersstore.com/dont-break-the-chain-jerry-seinf...

kenster07 7 days ago 1 reply      
I have mixed emotions, not about the author, but the implications of this thread. It is great that she shows such dedication to the craft. But has dedication to a craft really become so rare that it is worthy of 900 plus points on hacker news? I know countless software engineers who work their tails off every waking hour, myself included. Do we all deserve hacker news posts? Or should we elevate our expectations?
carlosgg 7 days ago 1 reply      
Bravo!! I really liked this:"I think the best way to learn is to solve problems that you actually have. This is the primary reason I decided not to follow a course or textbook. By following my own path, I can tackle new concepts and problems in the most logical order possible, which is precisely when I have them. When I have questions, I look them up on Stack Overflow. If I need to make a big jump, like starting a new language or platform, Ill bootstrap off of a textbook only until I get off the ground."
styrmis 6 days ago 0 replies      
This is really great! There are quite possibly many better ways to spend 180 days if you wanted to make money (#1 would probably be completing every Rails tutorial available) but I don't think that is important here. Rather, I find her approach inspiring and it's something that can be applied to any endeavour.

One nice thing that she will have, even if she doesn't make it through the full 180 is a record of her earliest creations through to her latest. Like when keeping a journal she'll be able to refer to it when she's feeling low and see the progress she's made, and she'll have a record of what she's done that transcends her memory.

At my first job I was lucky enough to report directly to the Technical Director of the company who took the time to mentor me on what it means to be a good software engineer. The first thing he had me do is to keep an engineer's journal. The benefits of this would only become clear a few weeks down the line but clear it was: I would encounter a problem I knew I had solved before but couldn't quite recall the solution to; I would flip back to find my notes and there it would be. Fast forward a few months, then a year and the value received from this simple act of keeping an organised journal far exceeded my expectations.

I have since kept the habit going but I feel that more can be done here. On one level you can keep notes for yourself and improve your own productivity. A level up would be to write those notes up on an internal wiki. One level up further and you've polished them into material you can publish to a wider community. One level up again you can inspire others to do the same through your efforts. One such effort that I have seen (outside of Jennifer's) that I think is completely worth anyone's time to explore is Journey of an Absolute Rookie: Paintings and Sketches (http://www.conceptart.org/forums/showthread.php?t=870), 10 full years of recorded progress of a beginning artist that blew my mind. Warning: you may lose a lot of time to that forum thread!

There is something beautiful and powerful in things that have been worked on and tended to for years, things that cannot be rushed no matter what: the only way to have 10 years of recorded progress today is to have started 10 years ago and to have kept it up for the duration. What a present to give to yourself!

dantheman 7 days ago 0 replies      
Super Impressive, dedicating the time to accomplish this remarkable.
zaph0d 7 days ago 0 replies      
Kudos to you Jennifer. I hope your path inspires many other aspiring programmers.
pwelch 7 days ago 0 replies      
As someone else mentioned, I think the hardest part is coming up with idea.

Most of these are really cool! Awesome job.

karolisd 7 days ago 0 replies      
This is inspiring and I'm not sure why. It's not technically impressive, there's far more impressive tutorials and snippets a single Google search away. It's something about the persistence and a desire to learn and improve. It's about the beginner's mind and artistic whimsy. I get to see someone's thought process expressed through a hundred tiny websites.
jbranchaud 7 days ago 0 replies      
Jennifer,I've skimmed through a handful of your projects and they are all very creative, fun and thoughtful. I'd be excited to see what you could do with d3.js (http://d3js.org/). Check it out if you haven't already!
iguana 7 days ago 0 replies      
This is awesome, humbling, and inspiring at the same time.

(There were 180 comments on this story, now there are 181)

Tycho 6 days ago 0 replies      
I've thought of doing this before. Make one attempt every day, and see it through. Not just for websites but for other skills like songwriting, drawing, short-story writing, and also other types of programming. Needless to say I never went through with it, but it's good to see someone who has.

Taking songwriting as an example, what's interesting to me is that basically anyone can try it. Sit down with a note pad, think of a tune, and make a verse-chorus-verse-chorus song (chords and riffs are optional extras). No doubt people like Paul McCartney do try this every day, but then there's the vast majority of people who never make the attempt once in their life, despite their being no real barriers.

j45 6 days ago 0 replies      
How admirable, good for you. I don't have anything more to add than my sincere appreciation for seeing what you're doing, it's a fantastic example.
vickytnz 3 days ago 0 replies      
Great idea. One minor quibble though: it's 180 webpages or webapps for me at least. I'd say that websites require full infrastructure etc.
zwieback 7 days ago 0 replies      
Fantastic and I'm also glad to see that most of the comments are positive. I was almost afraid to click on the comments link.
auggierose 7 days ago 0 replies      
So many envious comments here, ridiculous. Jennifer, this is really inspiring stuff!
DarrenMills 7 days ago 1 reply      
It's a great way that learning to code can produce a ton of content and experimental innovation. Code Academy (and others) listen up: What if everyone produced content while learning to code?
anishkothari 7 days ago 1 reply      
Brilliant. Good for you! Suggestion: add some contact information in your profile
fnbaptiste 7 days ago 0 replies      
This is awesome. When I read the title I was expecting a bunch of exercises in layout with different slick UIs and such. I was very surprised by how creative each of these were. They're very fun to go through. And in the end, when it comes to getting a job, this kind of stuff looks way better than "went to school, got this degree".
bencollier49 6 days ago 0 replies      
Incidentally, does that remind anyone of the "Cascade Cassette 50"?


The work is of profoundly higher quality, though, I just mean in terms of volume!

cheez 7 days ago 0 replies      
Good on you, your progress is amazing. If you want a job, you'll get it.
dataduck 7 days ago 0 replies      
Jennifer, you mentioned you weren't following any kind of course - how did you decide what to build on the next day?
eagler 7 days ago 0 replies      
Congratulations! I'm impressed how you just got started rather than waiting for "the perfect moment." Your persistence and progress are inspiring. Also, your work doubles as a collection of engaging content ideas for teaching beginning programming :) Thank you!
xmmx 7 days ago 0 replies      
I want to learn from your code, but it looks like it's all hidden somewhere?
chatmasta 7 days ago 0 replies      
Wow. Impressive dedication, and even more impressive creativity.
zinssmeister 7 days ago 1 reply      
This is pretty cool, but I think spending a bit more time with a bigger project instead of doing 180 small ones would be more beneficial. But maybe her goal is to jump into bigger/long term stuff after the 180 days. Either way, congrats for getting out there and building stuff!
javadi82 7 days ago 0 replies      
Thanks so much for posting this. This is the most inspiring "show HN" I've seen here.
realrocker 7 days ago 0 replies      
Wow. Unimaginable patience.
tourbillonfunk 7 days ago 0 replies      
Wow, a huge congratulations to you! I'm just starting my journey to become a programmer and am dedicating the same amount of time. You're dedication, patience and work ethic really inspire me! Awesome job on all of your projects.
thejacenxpress 7 days ago 0 replies      
I was leaving the film industry and unemployed for a year. I only did about 4-5 hours a day (had $$ saved) and got far enough to get a great job, but wow. I like that you're not just BS-ing 180 days, but actually challenging yourself.
sanjkris 7 days ago 0 replies      
Just made my middle-school kids' summer break more interesting. If you take all this js knowledge and add android/ios skills, you can increase your hourly fees by 10X. I myself would hire you for my mobile suite of apps.
franze 7 days ago 0 replies      
i like day 114 http://jenniferdewalt.com/image_palette/page was looking for an online quick to user color picker just yesterday
jaekwon 6 days ago 0 replies      
I tried to splode a bacon bit, but it would not splode.Very disappointed.But love the execution. Good job and keep going!
jumby 7 days ago 0 replies      
Is fizz buzz broken? A random number is nice, but what if not divisible by 3 or 5 - what do I enter? Example: I got 559.
mjhea0 7 days ago 1 reply      
i'd love to hear more about the resources you are utilizing. plus - how do you find time to work on this for 10 hours/day!?
valokafor 7 days ago 0 replies      
Great Jennifer, you have just greatly inspired me. I will get started, maybe do one site a week instead of a day since I have this thing called full time job!

Keep it up

happypeter 6 days ago 1 reply      
Amazing story, love it. Yes it's all about building wonderful things. I've been doing one screencast per week since 2011, I have to say it's really really lots of fun.
Abundnce10 7 days ago 0 replies      
It looks like the majority of her Github commits are happening during 6pm-12am http://imagebin.org/265513
throwaway3030 6 days ago 0 replies      
I'm a software engineer. I love this style of learning.

However, if the idea of building 180 different websites in 180 days sounds so unappealing to me I actually winced when I read the title, should I find another career? (real question)

I'd rather do the opposite thing, sell my laptop and do 180 drawings or sculptures in 180 days.

sonabinu 7 days ago 0 replies      
This is inspirational ... find time to dedicate to learning something new
amerika_blog 7 days ago 0 replies      
I wouldn't launch this kind of project without some kind of ace up my sleeve.

I'd either prepare it in advance, vamp it all from the "tutorials," or have some backup code somewhere.

That would be necessary to avoid having a mundane interruption cause the project to fail.

shire 7 days ago 0 replies      
Wow this must really time consuming. Really great work. Inspirational
gnus 6 days ago 0 replies      
Jennifer, you are just plain amazing. You are my inspiration.
calebhc 7 days ago 0 replies      
This is so awesome! Thanks for sharing your work. :) I really love the Window Master!
exizt88 7 days ago 0 replies      
Ah, but note that Mondrian uses stripes of varying width -- it adds a lot to the piece. Consider trying to make the width individual stripes changeable. This might even provide even some insight into Mondrian's art.
circa 7 days ago 0 replies      
Great job! Will stay tuned for the 65 days left!
devgutt 7 days ago 0 replies      
I wish I had time to do similar approach solely to learn new things using HN: Hacker News University.
barlet 6 days ago 0 replies      
This is great.- she is learning to code- she works hard- she is creative with her ideas - everyday- and she is communicating very well - and getting better at it.
gabeguz 6 days ago 0 replies      
Wow. This is inspiring. I've been programming for years, and don't think I'd be able to create something new every day for 180 days. Major props.
apathetic 5 days ago 0 replies      
Hi, what day-to-day tools did you uses to create these? I wish I did something like this too instead of just playing all day :(
bobwaycott 7 days ago 0 replies      
This is awesome, Jennifer. Keep up the good work!
abinop 6 days ago 0 replies      
Dear Jennifer, something tells me this will be the most difficult of the 180 days. If all this buzz does not distruct you, nothing will.
atmosx 6 days ago 0 replies      
Congrats, it's amazing what you have achieved.
austinrory 7 days ago 0 replies      
this is super smart. also, it gives me a good guide for ideas for the sites i want to build as i'm learning to code. THANKS!
keefe 7 days ago 0 replies      
180 iterations of the same website in 180 days and you have a company :]
alexdowad 6 days ago 0 replies      
Awesome stuff, Jennifer! Congratulations!
ab21 6 days ago 0 replies      
tdd1 7 days ago 0 replies      
Cool! That's DEF fun and creative!! :D
akivabamberger 7 days ago 0 replies      
Great idea. Way to go, Jennifer.
progx 7 days ago 0 replies      
Cant wait until Number 180 when you build a complete Web Framework ;-)
maxmem 7 days ago 0 replies      
Who has the time or money to teach yourself to code in 180 days?
vinhnx 6 days ago 0 replies      
Way to go, Jennifer.

Best wishes for you!

marincounty 6 days ago 0 replies      
Steven King vs. Vladimar Nabrakov
rubyclown 7 days ago 0 replies      
It's 180 HTML & Javascript PAGES, not 180 WEBSITES! Big Difference.

Nevertheless, congratulations on your dedication.

wcy 7 days ago 1 reply      
My plan is to learn how to code by reading the code for 180 of Jennifer Dewalt's websites in 180 days.
RakshaC 7 days ago 0 replies      
Really Wow! Quite inspiring.
ron1986 7 days ago 0 replies      
Great Work! Keep Going !!
smooradian 6 days ago 0 replies      
I have a new hero.
maxisnow 7 days ago 0 replies      
How cool! Keep it up!
dwdwzzz 6 days ago 0 replies      
i'm curious what kind tools are you using.
hydralist 7 days ago 0 replies      
this is inspiring
kavithag 7 days ago 0 replies      
Very inspiring! Keep up the good work!
mrcactu5 7 days ago 0 replies      
lucb1e 7 days ago 0 replies      
I thought you said "websites". You mean pages with a single purpose.

It's a good idea though and you probably learn a lot from it, but I wouldn't say that I'd made 180 websites after completing this.

XKeyscore: NSA program collects 'nearly everything a user does on the internet' theguardian.com
1425 points by sinak  15 hours ago   568 comments top 87
nikcub 14 hours ago 18 replies      
This is overwhelming. Even when you always hear the claims about we knew this was going on, somehow it is still shocking when you see it all laid out infront of you with screenshots and the capabilities described.

I can see how they get HTTP information, since they would intercept at transit hubs - but how are they getting all Facebook private messages and Gmail?

I was also looking for another unique ID that users are identified by - perhaps a machine or browser fingerprint or some form of intel that can 'glue' different browsers together and make a best guess if they are the same person (Facebook does this with device and user cookies) but couldn't find anything. It seems they rely solely on email addresses, IP addresses, cookies and HTTP headers.

So if you are browsing via 16 tor circuits and a browser that defaults to incognito with session histories being wiped, they couldn't reconstruct your history.

Users of PGP/encryption products being singled out is terrifying. The sooner we have the whole world using decent encryption tools, the better.

Edit: Gmail messages must only be captured when they leave the Google network. They are the only provider to support server-to-server TLS: https://twitter.com/ashk4n/status/346807239002169344/photo/1

They must only be getting a slice of the Facebook chat data, since the transport there is also https.

Facebook Messenger, on the other hand, uses MQTT, so it transmits and stores in plaintext. It has support for encrypted + signed messages with OTR if you are using an alternate client such as Adium or Pidgin.

Really need to go out an audit all of these services and let users know which are better.

api 10 hours ago 9 replies      
I'm getting seriously irritated at the "I have nothing to hide" crowd. For starters, here are a few ways this can go horribly wrong:

* Industrial espionage -- it's big business, and I'm sure it pays better than being an NSA analyst.

* Foreign espionage -- since this gives unlimited querying power to every agent, a single "turned" agent could inflict massive damage on U.S. government and industry interests on behalf of a foreign power. The potential for double agents is huge.

* False positives and guilt by association -- being flagged as a "person of interest" and then essentially persecuted because you have fringe ideological interests, are looking up a lot of info on terrorism for a book project, have a friend who knows radical Muslims, etc.

* Corrupt use in political campaigns by incumbent politicians with access -- obvious.

* Blackmail and other corruption.

* Use by government agencies with access to spy on other agencies.

... I'm sure creative people can think of more.

yread 14 hours ago 5 replies      
This is brilliant, I love the screenshots:

Foreignness factor:

The person has stated that he is located outside the U.S.

Human intelligence source indicates person is located outside the U.s.

The person is a user of storage media seized outside the U.s.

Foreign govt indicates that the person is located outside the U.s.

Phone number country code indicates the person is located outside the U.s.

Phone number is registered in a country other than the U.S.

SIGINT reporting confirms person is located outside the U.S.

Open source information indicates person is located outside the U.s.

Network, machine or tech info indicates person is located outside the U.s.

In direct contact w/ tgt overseas no info to show proposed tgt in U.S.

It's quite easy to lose the protections of a U.S. citizen indeed!

kyro 13 hours ago 3 replies      
Is this information the NSA could've attained left to their own devices, or is this sort of stuff only accessible with help from service providers, eg Facebook and Google?

What I'm trying to ask is: with all the hullabaloo Google, Facebook, Yahoo, Microsoft, etc have made about individual, manual reviews of information requests, are we still being lied to? I suspect that we obviously haven't been told the whole story by these companies, and that they are a lot more implicit in this than they let on, but this article seems almost like definitive proof that they did indeed allow unlimited access to user information.

If this is saying what I think it's saying, then I feel seriously back stabbed by the startup darlings -- Zuckerberg, Brin and Page, etc -- that so many people here love and idolize. They should absolutely be held accountable.

martindale 14 hours ago 8 replies      
Interesting; it appears someone failed to redact some data from the slides. In the Facebook chat example, the message is "to" 1536051595.

Using the Facebook Graph API, we can gather information based on this ID: http://graph.facebook.com/1536051595

Which leads us to the Facebook profile (https://www.facebook.com/arash.gorjipour.5) of an individual, real or contrived, named "Arash Gorjipour". His email address and phone number are all exposed in one of his uploaded photos: http://i.imgur.com/0UUk5cB.jpg

I wonder what the reason for this man being in these slides is.

hammerzeit 13 hours ago 3 replies      
Reading these slides, I'm trying to parse what these slides do or do not say. I'd like to leave aside the speculation about what the NSA is probably doing.

First of all, XKeyscore seems to be primarily about the frontend query interface rather than the backend data storage, at least as far as I can tell. It looks like you can basically query their database by email address and get a set of records (email, chat, http logs) back. It looks like there are separate tools for viewing specific records as well. I assume they're joining records on some combination of email address, IP address, timestamp, etc -- not unlike a modern ad server.

A few practical thoughts:* It's worth noting what's not shown in these slides. Specifically, I don't see any ability to query the full text of emails. The more I see about this, the more I'm convinced the NSA is not collecting email body texts directly from corporate servers. Facebook messages I'm less sure of. * How are they collecting HTTP data? I assume intercepting at network hubs?* Given that it appears that individual records are HTTP requests, I'm shocked at how few requests are in the database. 41 billion seems an order of magnitude smaller than I'd expect. Could it be a record is something else?* Interesting to note the "Miranda number" and "Foreign Factor" fields that look like ways of saying "yes, I have permission to do this." Might explain why a sysadmin could bypass these things but your everyday NSA analyst could not.

znowi 14 hours ago 4 replies      
Holy shit... Apparently, the only way to ensure privacy is to go Stallman. Funny how yesterday's "conspiracy crackpot" became today's visionary.
jstalin 14 hours ago 5 replies      
Slide 6 of the presentation clearly shows that pretty much every government is in on the program, with heavy concentration in western Europe.

One question, how did the dot in China get there?


rdl 12 hours ago 1 reply      
At this point the only thing protecting the US (and the world) from the worst tyranny imaginable is that USG's essentially unlimited power is wielded by individuals (rank and file workers, career bureaucrats, political appointees, and politicians) with a fairly reasonable sense of morality and belief that they are constrained by both the constitution and morality.

I'm don't think that is a stable long term system. Either some effective limitations (technical and political) are put in in the next several years, or a few decades of "us vs them" and self justifying security crises will produce a horrible result.

jstalin 14 hours ago 1 reply      
Snowden deserves the Nobel Peace Prize and the Vatican should consider canonizing him.
aspensmonster 13 hours ago 2 replies      
>How do I find a strong-selector for a known target?

>How do I find a cell of terrorists that has no known connection to strong-selectors?

>Answer: Look for anomalous events

>E.g. Someone whose language is out of place for the region they are in

>Someone who is using encryption

>Someone searching the web for suspicious stuff

Lovely. Suspicious stuff and encryption. But wait! There's more!

>Show me all the VPN startups in country X, and give me the data so I can decrypt and discover the users.

Wait... what? I really hope that doesn't mean what it sounds like it means.

>Slide 22 [regarding determining who authored a Jihadist document] redacted.

Well that's interesting.

>Show me all the exploitable machines in country X.

That's cool. I'm guessing this is what Snowden meant by weak endpoint security.

>Over 300 terrorists captured using intelligence generated from X-KEYSCORE

>Slides 29 and 30 regarding this redacted.

What a shame.

akmiller 13 hours ago 12 replies      
Honest, maybe naive question, but what types of programmers actively help build and maintain systems like this? I turned down a job for a company that is less than a mile from my house because I viewed their business as immoral.

Hard for me to fathom anyone taking a job, helping to build systems like this. I get that many of the components of a system like this could be seen as harmless. However, a system of this complexity must have some talented engineers bringing it all together and making it work. How can they feel good about what they are doing?

ck2 14 hours ago 4 replies      
Imagine if storage limitations weren't holding back the NSA.

Those 60TB density HAMR[1] drives that are due in 2016 are really going to take invasive to a whole new level.

[1] http://storageeffect.media.seagate.com/files/2012/03/perpham...

runn1ng 14 hours ago 3 replies      
From the slideshttp://www.theguardian.com/world/interactive/2013/jul/31/nsa...

"Show me all the VPN startups in country X, and give me the data so I can decrypt and discover the users"

Does this mean using VPN is not very safe from dragnet?

antimatter15 13 hours ago 3 replies      
I wonder how Sencha (http://www.sencha.com/) feels about how the NSA is clearly using their ExtJS framework given the screenshots.

I guess this kind of puts different perspective to the whole debate that came from JSMin's "The Software shall be used for Good, not Evil." clause (http://wonko.com/post/jsmin-isnt-welcome-on-google-code) given that conceivably your open source framework might be a significant part of something like this.

sinak 5 hours ago 0 replies      
Hey folks,

Just wanted to add a note and say that if you're angry about this, the best thing that you can do is to get out into the streets and protest everything that's been going on. Check out the Restore the Fourth rallies happening this weekend, share them on social media, and sign up for your local event.


Getting out into the streets is the single most significant thing you can do - even more effective than calling your legislators. The events on Sunday need to be bigger than the events July 4th for this to really be a success.

hga 14 hours ago 6 replies      
This bit both somewhat limits the impact and makes Greenwald et. al.'s claims that most everything is being Hoovered up a lot more credible:

"The XKeyscore system is continuously collecting so much internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: "At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours.""

Of course, as the article goes on to detail, anything that's found to be of interest in that window can be saved permanently, and NSA analysis do that a lot.

dictum 13 hours ago 1 reply      
>Foreignness factor

I know NSA's mandate is to spy on foreigners, but it's still very jingoistic and xenophobic that not being American makes it OK to spy on you.

impendia 14 hours ago 0 replies      
Another data point on the relationship between government and terrorism:

I live in Columbia, South Carolina. A mile from my house there is a prominent statue of Ben Tillman. Tillman was an explicit advocate of terrorism, and indeed personally engaged in it [1], which drove his popularity and ensured his election to the governorship and the United States Senate.

Government programs such as the NSA's exist to protect the interests of the powerful. Same as it ever was.


Buzaga 10 hours ago 2 replies      
Yep I'm done, I'll just go about my life from now on...

It's total power, I think it's unlikely that they'll want to give up on this kind of power, they'll probably keep signing governments and 'the tech' will eventually be exported and in the hands of governments everywhere, they'll keep building this and they'll create tons of algorythms of course because it's just too much data, any resistance can be crushed... and it's so much power eventually some dark times will begin... I'm done with the topic.

kilian 13 hours ago 2 replies      
A 'fun' bit of weasel-wording by the chairman of the House intelligence committee: "He's lying. It's impossible for him to do what he was saying he could do." They seem to be denying it, but all they're really denying is that Snowden had access to the system personally.
jneal 14 hours ago 1 reply      
Noticed one of the screenshots have a URL. It's a little blurry, but I suppose it's an intranet URL since the TLD looks like .nsa

URL looks like:https://gamut-wakefield.ein.nsa/utt/UTT/do/FRNewSelector#sel...

susi22 14 hours ago 5 replies      
One of the screen shots:


says: Top Secret Comm(?) REL() to USA, AUS, CAN, GBR, NZL

confirming the previous suspicions that many other governments are on board.

Der Spiegel actually has reported a few weeks back about XKeyscore [1] and that it is used by the BND (Germany's NSA). I.e. all this data is also available to the NSA equivalents of Australia, Candana, Great Britain and New Zealand.

Many Americans trust their government (unfortunately), will they also trust the other governments?




qwertzlcoatl 13 hours ago 2 replies      
Livestream to senate hearings covering all this can be found here: http://www.judiciary.senate.gov/hearings/hearing.cfm?id=0d93...

As of this moment it's all about FISA. Wonder if this new allegation will be talked about.

venomsnake 13 hours ago 0 replies      
Credit where credit is due - NSA made useful and usable email search. Please give it to gmail and outlook.com ... I want to be able to search trough my mail as good as you guys can do.
dmix 12 hours ago 0 replies      
Greenwald said in the comments, there is a lot more to come:

> That House vote was about one specific topic - bulk collection of phone records - that this newest article has nothing to do with. That House vote isn't the be all and end all: it's just one small battle in what I can assure you will be a sustained and ongoing discussion/controversy.

> There is a lot more to report still. Accuracy is the number one priority. That takes time.

coenhyde 14 hours ago 0 replies      
This is the most terrifying thing i've ever seen. I'm not exaggerating in the slightest.
chewxy 14 hours ago 2 replies      
I don't think I have been more conflicted about this. I've just been talking to my cofounders about the technical feasibilities of XKeyScore, and honestly, our back-of-napkin engineering configurations indicate this is really an awesome project to be working on.

On the other hand, this is categorically 'evil' by my and my cofounders' ethical standards, and really, no one is safe. And that bugs the hell out of me.

On the one hand: really fucking cool. On the other, I really do not like the idea that I am being spied on.

I'm not sure how to process this information.

giulianob 14 hours ago 2 replies      
Holy shit.. they did really write a GUI in Visual Basic to track the killer's IP
junto 8 hours ago 1 reply      
The map on page 6 is interesting. Server locations of note:

  Moscow, Russia  Caracas, Venezuela  Tripoli, Libya  Hubei Province, China  Burma  Lagos, Nigeria  Saudi Arabia  Iran (and geograhically surrounding Iran)  Ukraine
Based on page 13, I wonder if Google have any servers at these locations?

Oh, what a surprise: http://royal.pingdom.com/2008/04/11/map-of-all-google-data-c...

Does that look familiar?

stef25 12 hours ago 1 reply      
A couple years ago there was an AMA on Reddit from someone saying he was very deeply involved in spying on the general public's online lives, "at a level you can't imagine". Many technical questions were asked, all answered properly. I could never get it out of my head and now that Snowden has emerged I can't stop thinking he was the OP. Wish I could find this AMA again.
w_t_payne 10 hours ago 0 replies      
I just read the actual XKeyscore slide deck. Unlike a lot of leaks, these slides are totally worth a look-see:http://www.theguardian.com/world/interactive/2013/jul/31/nsa...
peterwwillis 14 hours ago 2 replies      
Here's an interesting legal question:

If a non-US resident or NSA target posts a thread on HN, and a US person replies to the thread, is the US person now open to unlimited data collection?

Alternately, if you Facebook-like the same thing an NSA target has, are you then subject to unlimited data collection?

shirro 14 hours ago 4 replies      
You have to admit these guys are working on some cool problems. If you don't have a problem with the legality of it or potential for misuse it looks like a really interesting place to work.
MarcScott 12 hours ago 1 reply      
The scale, depth and technical sophistication of everything I've heard and read so far has made me change my mind on whether or not there is a technical solution to NSA and GCHQ surveillance. I'm now convinced that the only way to solve this is through politics. We need representatives that will enforce our rights to privacy, not clever hacks.
api 14 hours ago 2 replies      
At what point do the mathematical limits of data mining kick in here? How useful is all this information?

I'm not an expert in this area of mathematics, so I could be wrong, but my impression is that as the haystack becomes larger the problem of false positives becomes more and more severe.

As a data miner, what you want is the maximum number of "hits" (of whatever you're trying to hit) with the minimum number of misses and the minimum number of false positives. My impression is that this becomes progressively harder-- the golden region between too many false positives and too many false negatives becomes smaller and smaller and harder to hit.

Eventually you either miss important hits, namely the next terrorist attack, or you get swamped with false positives that you have to manually investigate and rule out.

I'd love someone who does know more here to chip in, but my personal suspicion is that this actually has a pretty huge pork angle to it. How much money are the contractors getting for building this stuff?

aspensmonster 13 hours ago 2 replies      
Slide 13 just got slightly redacted.


swalsh 12 hours ago 3 replies      
The thing that blows my mind, is you hear over and over again about Billions of dollars being spent on large software projects for the government that seem fairly simplistic that ultimately fail.

The NSA is accomplishing some pretty impressive things, what are they doing differently?

heyitsnick 9 hours ago 0 replies      
And, according to Greenwald, there's a lot more to come. From the comments:

"There are thousands upon thousands of documents and they take time to read, process, vet, and report. These are very complex matters..... there is a lot more to report still. Accuracy is the number one priority. That takes time."

cnlwsu 10 hours ago 1 reply      
Ok, so ignoring all moral/ethical issues with this. Wouldn't it just be awesome to work on a project like this? Unheard of funds, tons of data, interesting CS problems all around. I am sure they did everything possible to make it miserable on the developers but nonetheless... sounds fun from a completely detached CS perspective.
emhart 14 hours ago 0 replies      
Fitting/sinister that the top of their stored data pyramid is titled "TrafficThief"
hannibal5 14 hours ago 3 replies      
Just like suspected. If you use encryption like PGP, you become person of interest.
eksith 14 hours ago 2 replies      
That UI looks awfully similar to a theme I've seen used in SharePoint Portal Server. I hope that's not what they use for the front end, but I wouldn't put it past them.
chrisstanchak 9 hours ago 1 reply      
Summary of how this story is being covered around the world vs. in the US.


LeeLorean 1 hour ago 0 replies      
It is interesting on slide 17 that the NSA can decrypt all VPN traffic.

Does this indicate that they have broken HTTPS, or simply that they own VPN companies like Private Internet Access?

codex 14 hours ago 1 reply      
The Guardian strongly implies this system is used to intentionally target US citizens in violation of the law, but then admits that would be "illegal." I wonder if the leaked presentation touches on this point.
badclient 9 hours ago 0 replies      
As one slide indicates, the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls "nearly everything a typical user does on the internet".

It seems like everyone's been attacking the wrong folks. From this article it appears that bulk of the data is being tapped at the data center level and then parsed. This begs the question how it would be able to make sense of https traffic.

fideloper 11 hours ago 0 replies      
Are the major news networks ignoring this story? Briefly checking, I only see Fox News reporting related stories, naturally blaming the Obama Administration (perhaps fairly in this case).
mrt0mat0 12 hours ago 1 reply      
I asked this in a deeper thread, but i would like to reask anyone that can explain. If the NSA is tapping pipelines as it seems they are, wouldn't the sources such as facebook and google all come online at the same time? if they were in fact referring to the pipeline access as their way into facebook and company, why did they all have different onboarding times? wouldn't they have all come on at the same time: the time when they tapped the pipelines? Maybe i misunderstand the process. I get that maybe they had to write some interface that interpreted the packets and sorted them as such, but that wouldn't take years.
mtgx 15 hours ago 2 replies      
Nice pre-emptive "attack" by Greenwald today, just before the NSA hearings.
mladenkovacevic 13 hours ago 1 reply      
It seems this was meant to be declassified in 2032.. I guess by then they were hoping this would be so institutionalized and pervasive as to be the norm.

Also I wonder to what extent this is really used to hunt terrorists down and how much of it is used to gain political or economic advantages over other countries.

mikecarroll 12 hours ago 0 replies      
I wrote an e-mail to Congressman Mike Rogers about his misleading quote in this article. I encourage others to reuse my template and also ask him to justify his misleading remarks about Snowden's statement: https://news.ycombinator.com/item?id=6134672

We should start hold our public servant to task for lying to the American people about these programs.

curbrusiasm 9 hours ago 3 replies      
This has been up here for 5 hours and on the Guardian's website for nearly 6 hours. How is it possible that not the NYTimes, FOX, NPR, the Washington Post, or CNN have picked this up? These organizations are an embarrassment to the profession of journalism.
scrrr 10 hours ago 1 reply      
"Mr. <webservice-ceo> Does your company offer a backdoor for the government? It looks like it, even though you have declared that there was no backdoor just a few weeks ago!" - "Uhm. Not wittingly!"
antitrust 13 hours ago 0 replies      
I realize that it isn't morally right, but I think such data storage is inevitable. With the rise of instant communications, the amounts of data people generate are massive, and old school law enforcement can't keep up. Thus with the increase in technology, there's going to be an increase in counter-technology.

I guess what we need to ask ourselves now is whether we want any secrets at all. A true Panopticon -- a society where everyone could see what everyone else was doing -- might bring a "freedom" from certain types of subterfuge, and attack.

Then again, I don't want to live in it.

That leads us to the question of how we handle the flood of data when looking for hostile activity, because governments are certain to use available technology to trap, parse and search that flood.

jstalin 12 hours ago 1 reply      
I don't think it's a leap to assume that ALL TLS certificates are compromised and the NSA can monitor ALL Internet traffic.
totalforge 12 hours ago 2 replies      
Just a friendly reminder that if you looked at the slides, you have read a classified document, and therefore are guilty of a Federal felony. Cheers!
w_t_payne 12 hours ago 0 replies      
Imagine what Nixon would have got up to with this capability. He would probably still be in power!
rosem 13 hours ago 0 replies      
I think it's insane that so many people are pointing the finger at Snowden, yet no one is pointing the finger back at the NSA / US Government.
mkhalil 11 hours ago 0 replies      
Declassify on January 08, 2032. I wonder what kind of reaction the people of 2032 ( we who are still living that time ) would have had if they found out. Would they care? Worse reaction? Probably be used to gov. spying? It's a scary world.
epoxyhockey 11 hours ago 1 reply      
In the first slide, there are 25 red dots in a row on the bottom.. I wonder what those are supposed to represent?
ceautery 14 hours ago 4 replies      
I wonder how they store all that. Surely a side benefit of this could be NSA contributions to CS journals about database techniques.

Also I doubt the veracity of the claim that they collect "nearly everything". Wouldn't they show up on, say, Sandvine's Internet traffic reports? I think it's more likely this claim is made simply to generate FUD in the general population.

llamataboot 10 hours ago 1 reply      
Can someone explain this to me like a 5 year old and how it interfaces with PRISM?
mkhalil 11 hours ago 0 replies      
People aren't going to care about this until they understand what consequences this may have to THEIR personal life. Live with it. Not changing unless the knowledgeable/wise starts educating the general population on how they effects them.

Most people might speak against it (include people here) but at the end, they have the "I'm not doing anything wrong, who cares, not worth the effort" mentality.

yen223 13 hours ago 2 replies      
Has anyone verified the accuracy of the slides? How do we know they even came from the NSA?
mattbarrie 13 hours ago 2 replies      
Um... surely this has to be a spoof. "Select foreignness factor"?? really?

The user interface and way this is done just seems to amateur hour to believe this is actually true

rtf1 12 hours ago 0 replies      
And it's not even limited by the internet. NSA collects every piece of information they can get their hands on, whether it's data on the internet or any other network, or spectrum signals, or simple imagery. And they do that by every means possible. James Bamford wrote years ago a number of books on the subject. And even before him, David Kahn painted a pretty clear picture. Why is everybody so excited so suddenly? Is there somebody on this forum who believes for a split second that Mr Obama and/or the US House/Senate are prepared to lay off way over 300,000 intelligence community workers, contractors and what have you??? -RTF
andy_ppp 8 hours ago 0 replies      
I just censored an email I was about to write in case it is used to discredit me in the future. Jesus. The thought police are here :-(
andy_ppp 10 hours ago 0 replies      
Judgement day is inevitable.

G#$5%V5F'98ux)w[_Fa61f!['"VGu~w|UZhepG^7{Kwqh|m=$L t _pM<q;YC M]!C6nV[cWa?CM"X*b]0ALi3`P#jfu!wb]t_q&Ewr.<?K{

naithemilkman 13 hours ago 2 replies      
Surely the question on everyone's mind is: how good is incognito mode???
rdouble 12 hours ago 0 replies      
It seems like working for the NSA is more like working at Inintech than it is like Minority Report. I've been more embarrassed by how Office Space retarded this seems than I have about the privacy abuses. I'm skeptical any of these supposed systems work, or even exist. It reminds me of Iran's pretend fighter jet.
vasilipupkin 13 hours ago 1 reply      
I am curious: Suppose this is true and NSA analysts have the technical capability to access enormous amount of information with no authorization. But if they do do that, agains the law and the rules and their actions are recorded in the system, they could face penalties no? I mean I could kill someone with a hammer technically, that doesn't make hammer bad per se, does it ?
kepano 9 hours ago 0 replies      
Can someone with data center expertise extrapolate the physical scale of this operation? In terms of storage and computing power it must rival if not surpass what Google has built, no?
obelos 11 hours ago 1 reply      
How weird is it that cnn.com is included as a reason for being interested in HTTP?
arca_vorago 14 hours ago 6 replies      
Lurkers first post here.

I always said saying "I told you so." when stuff like this started getting revealed would feel like a hollow phrase. Some of us have spent quite a bit of time talking about these issues, and were mostly rejected as crackpot "conspiracy theorists". While there are plenty of those around, maybe I could use this slight moment of pseudo-clarity to propose something.

I could tell you where this is going (removal of ex post facto, and eventually algorithmic based pre-crime), and who is largely behind it, but once again most of you would probably perform the standard knee-jerk reaction against "conspiracy theory", only to wait around and repeat the same kind of stuff you are saying now, whenever the next steps are put into action.

We curious geeks have been too cocky, always thinking we could use our superior knowledge of technology to beat "the man". Well boys, the man is learning our tricks, and he's starting to get better at them than us...

The NSA is but a cog in a greater machine, and until we all realize that and start conversing on what/who that machine is, we will continue to spin our wheels uselessly.

mjfl 14 hours ago 2 replies      
Well then they are going to need that big data center. That is an unimaginable amount of data...
amckinlay 9 hours ago 0 replies      
Wait, does the collection require FISA warrants? Is the collection still limited to foreign nationals?
buggedplan 12 hours ago 0 replies      
Germany used NSA's XKeyScore spying software: magazine report http://www.globalpost.com/dispatch/news/regions/europe/germa...
imrank1 10 hours ago 0 replies      
interesting that is not even on CNN or MSNBC yet. Has anyone else seen coverage on US news?
thejosh 12 hours ago 0 replies      
The funniest part is the ancient version of IE they are using in the screenshots.
_sabe_ 11 hours ago 1 reply      
xkeyscore.com leads to Google maps.......just saying o.0
northwest 10 hours ago 0 replies      
General reflection:

As I recall it, our right to privacy is defined by the "reasonable expectation of privacy".

Currently, I see any such "reasonable" expectation to be almost zero.

Therefor, I have to conclude that we have already lost the right to privacy.

northwest 13 hours ago 0 replies      
"The NSA documents assert that by 2008, 300 terrorists had been captured using intelligence from XKeyscore."

So, even IF this number is not just another lie, XKeyscore has been made worthless, with something ridiculously small as the 2 prison breaks of the recent days.

That means: What remains is a police state that is not even "secure".

Good job, governments/lobbyists/"defense" corporations.

GI 13 hours ago 8 replies      
I am going to be obliterated for this comment! Does the fact they've caught 300 terrorists in anyway justify what they're doing? I am not saying it does, I just wondered what people's thoughts were (although I can guess!). It's interesting that it was included in the article in an attempt to give it some 'balance'..
adelpozo 12 hours ago 0 replies      
What makes this even scarier is to see IE in the screenshots. :)
forgotAgain 14 hours ago 0 replies      
Aw, Fuck.
VerilyForsooth 11 hours ago 2 replies      
Why is the commentry on this topic always braindead?

The article states that there is a query interface using the email address as the key. But Where does it say that every single email/webpage from every single person is being collected? Such a task would be technically impossible. It seems far more likely that it's querying a database of pretargeted people.

There is so much hysterical nonsense regarding this topic. The cancer of conspiracy theory spreads.

Kathy Sierra: Your app makes me fat seriouspony.com
648 points by _pius  2 days ago   201 comments top 47
tobtoh 2 days ago 10 replies      
For those people wondering why so many comments here are saying 'Glad to see Kathy blogging again', it's because she stopped blogging in 2007 after getting severely harassed online. http://en.wikipedia.org/wiki/Kathy_Sierra#Harassment

As someone who followed her previous blog 'Creating Passionate Users', I'm really glad she's back writing publicly - not so much for this particular post (which wasn't anything novel), but more that it means her scars have healed enough. Hope to see more posts from her soon!

teej 1 day ago 1 reply      
This is bothering me, but first image is inaccurate. They were asked to memorize a two-digit number (like 17) or a seven-digit number (like 8675309). The image shows 2 two-digit numbers and 7 two-digit numbers. This is important as our working memory capacity has been shown to be about seven digits. http://en.wikipedia.org/wiki/The_Magical_Number_Seven,_Plus_...

It's a minor detail, but an important one.

EDIT: It looks like the image has been updated. Thanks Kathy!

kevinconroy 2 days ago 3 replies      
So happy to see Kathy blogging again! She's always been my favorite tech-UX blogger.

For anyone interested in her prior blog, Creating Passionate Users, I coped with her absence from the blogosphere by curating an e-book with all of my favorite posts.

You can grab a copy here:http://www.kevinmconroy.com/pdf/creating_passionate_users.pd...

foobarbazqux 2 days ago 10 replies      
> Willpower and cognitive processing draw from the same pool of resources.

Like many things in psychology, this is basically unfalsifiable. Our brains have pools of resources? How do you even differentiate between willpower and cognitive processing at a neurological level? It's one model, but there are other equally valid but also unfalsifiable explanations. What about anxiety goes up after working on a hard problem (memorizing a 7-digit number, apparently) - maybe you can test this by measuring cortisol levels - and so you choose the (stereotypically) more satisfying and rewarding dessert (cake) as a form of emotional eating and also, you know, rewarding yourself for a job well done?

I mean, it's basically just saying, "Use your brain, and your brain will get tired. Both solving problems and doing something you don't want to do count as using your brain." Sure, but I hardly need an experiment to tell me that.

Also, what about people who perform better under stress? Since it requires willpower to work hard and meet a deadline, and since the quality of your cognitive processing also goes up (for an initial period), doesn't that defeat the "competing for the same pool of resources" claim?

Psychology is great and a lot of the unfalsifiable stuff is valuable but it's irritating when it's dressed up as science.

xenophanes 1 day ago 2 replies      
This is so stupid. The experiment can be explained in many different ways and she just picks a trendy one. Another explanation is people who did harder work were more tired and hungry, or felt more like rewarding themselves. I don't particularly favor this explanation; I have no idea what is the right explanation; and that's the point, the experiment doesn't tell us.

She also ignores that for some people it takes more willpower to eat the cake. It can go either way depending on a person's ideas. She just assumes everyone has currently trendy ideas wherein fruit bowls are unpleasant but virtuous and people use willpower to eat them. But many other lifestyles are possible. For example, one might think cake is more delicious but they are scared of getting fat so it requires willpower to enjoy eating it instead of giving in to the fear, whereas the fruit bowl is easy to eat because there's no pressure against it, so it's the easy default.

lkrubner 1 day ago 3 replies      
Yesterday on HN there was a link to this story:


Which had this quote:

"This isn't something that happens to some people online, it's something that happens to everyone who has ever put any of themselves out there for public consumption."

One thing that has confused me from the beginning, when Sierra first claimed that she had received death threats, was exactly why this story took on the scale that it took on. I recall at the time, of the 100 tech bloggers that I read on a regular basis, this story overshadowed everything else. I recall that previously I had been unsympathetic to Sierra because of the perception that she tended to rely on hyperbole and drama to sell her books. For that reason I was initially skeptical of her claims. Later it turned out that the 4 bloggers who harassed had clearly stepped over some line, and said some things that were at the least, very rude. As I recall, all of them later apologized (all of them were bloggers with some substantial reputations in the world of tech blogs). But given the amount of abuse that happens online on a regular basis, it seemed a little surreal to me that the story reached such a scale.

ryandvm 2 days ago 1 reply      
I don't get it. How did the first experiment imply anything about willpower?

Seems to me that a viable explanation for the first experiment is that heavy cognitive processing trips some circuitry in the brain that says "We got a lot of work to do. Get me some glucose."

_pius 2 days ago 0 replies      
Truly great to have Kathy back. She gave an awesome talk at BoS 2012 on the "Minimum Badass User" that subsumes this post. Well worth an hour of your life to watch:


pygy_ 2 days ago 0 replies      
"To my readers from long ago: I've missed you. More than you know."

-- http://seriouspony.com/about/


She's back. I'm giddy as a schoolgirl.

okamiueru 1 day ago 0 replies      
Anecdotal, conjectural, and even the dubious psychological experiments she references are completely misrepresented.

The subjects were told told to memorize a number, and on their way to a different room where they expected to be tested, someone stopped them mid-way and asked them to choose between two snacks -- a fruit salad and a cake. The people who had been told to memorize many digits didn't choose the healthy snack as frequent as the people who had been told to memorize few digits (and, presumably, could focus on which choice they really preferred).

It tries to convey "common sense" concepts, using conjecture and complicated constructs. It hurts my brain when I try to understand what is meant by "to use up cognitive resources". The more convoluted an explanation is, the less I feel it has been understood by the person explaining it. I have a strong distaste for psychology terms that add depth, but not clarity, as if trying to validate and give authority to the field or explanation.

A bit ironic for an article trying to explain the concept of "minimizing drainage of the cognitive tank" (to paraphrase).

So, what is this article really about? This -- http://www.amazon.com/Dont-Make-Me-Think-Usability/dp/032134....

hoi 2 days ago 3 replies      
My take on this, is that you can create an app/site that is engaging and depletes self/control or willpower and then monetize that at the end by selling cake or equivalent.

Can test if the conversion funnel for cake (or low self-contro) goods) sell more after a more 'intense' work out on the site/app.

6ren 1 day ago 0 replies      
One thing that troubles me about technological progress is whether we really are making anything better. Sure, we solve one problem... but it creates problems of its own, and exposes previously hidden problems.

I think this article provides something of an answer: work in itself is not a bad thing. It takes effort and concentration - it's work - but it can be enjoyable, satisfying, meaningful.

But putting in effort that is wasted, by being diverted into tedious, pointless, unnecessarily complex tasks, is a bad thing. It's not enjoyable, not satisfying, not meaningful.

Therefore, any technological progress that reduces that tedium is a good thing (even if it has problems of its own, or exposes other problems, provided net tedium is less).

[I don't think this is the whole answer, but I think it's part of an answer (probably, things like saving lives, health, and somehow enabling people to relate better are more important goals).]

dkarl 1 day ago 0 replies      
I don't think the logic is sound. The psychological finding she's applying is that willpower is a finite cognitive resource. It isn't sound to apply that finding to all decisions you make while using an app -- only the decisions that involve willpower. She generalizes to all cognitive resources being finite...

If your UX asks the user to make choices, for example, even if those choices are both clear and useful, the act of deciding is a cognitive drain. And not just while they're deciding... even after we choose, an unconscious cognitive background thread is slowly consuming/leaking resources, "Was that the right choice?"

... which sounds plausible and may well be true, but is much more general than the result she's building on.

I'm inclined to think she's right, though. It would be interesting to know if the psychological research has already been done. The willpower results are only well-publicized because people have a compelling personal interest in it.

fauigerzigerk 1 day ago 2 replies      
"Willpower and cognitive processing draw from the same pool of resources."

I don't see how that follows from the the memorization experiment. Maybe the people who could remember 7 items felt they worked hard so they deserved to be rewarded with a chocolate cake.

eagsalazar2 1 day ago 1 reply      
Not to be too cynical but this really seems like a dangerous insight for people optimizing conversions. Hmm, everyone wants my product but it is wasteful/bad for me/a luxury/etc? Just deplete their ability to resist first. Ooops, someone trying to cancel their subscription? How about a nice maze of forms to get through first?

Anyway, the super cool insight of this article is the relationship between cognitive load and will power. We all knew "try harder" didn't work. Simplify everything else is a way more powerful way to manage your motivation and it makes it super clear that you can really only do a certain number of things. When your motivation turns to procrastination, it isn't some "problem" you are having, it is you simply hitting your cognitive limit for the day/week/month. Awesome.

mijustin 2 days ago 0 replies      
So nice to have Kathy Sierra back blogging. I've missed her!
cafard 2 days ago 2 replies      
"The participants who memorized the seven-digit number were nearly 50% more likely than the other group to choose cake over fruit.

Researchers were astonished by a pile of experiments that led to one bizarre conclusion:

Willpower and cognitive processing draw from the same pool of resources."

Bizarre, all right. Unless the subjects were wrestlers or models, why should the choice of fruit v. cake involve self control at all? If you wished to argue that they thought they deserved more of a reward, I might be willing to consider that.

And are we talking about seven numbers vs. two numbers (as in the illustration) or seven-digit number v. two-digit numbers, as in the text?

ibejoeb 1 day ago 0 replies      
That's pretty neat. I understand why so many folks reject the claims here, but the observation itself is very interesting.

It certainly seems that highly successful, highly visible people (creatives, executives, politicians) tend, disproportionally, to exhibit behavioral problems (addiction, suicide, etc.) I don't know if it really is disproportionate, but if so, is it related to their exertion, or depletion, as the author puts is? Is it the visibility and the accompanying scrutiny? Maybe it's the other way around, and the underlying psychological makeup propels short-term performance.

Very interesting stuff, especially in context of burn-out.

astral303 1 day ago 1 reply      
Sadly, when it comes to app reviews from tech blogs and publications, the cognitive load placed on the user is rarely ever noticed or highlighted, unless it's so high that it's unbearable. Instead, apps often get bonus points for eye candy and gratuitous, but cool-looking animation. Nobody ever writes "wow, I got a bunch of things done and I didn't even notice the interface details."

This is particularly bad in the geek community, as we are used to high cognitive load (configuring X anyone?), and so we brush off any complaints about it as "stupid" or "computer illiterate."

One early app example is all the gas mileage tracking apps. Damn near every one of them in the early iPhone days had the spinning odometer control and the spinning gas number controls (where you spin each number up and down, like a key combo). I recall being infuriated by those designs, because all I really wanted to do was to quickly enter the odometer or the gallons and dealing with spinning those damn digits was NOT at all quick. Compared to the effortless/mindless act of typing into a digit keypad, spinner controls required much more cognitive load (did I spin too fast, will it go too far? Let me catch it at the right digit. Which digit do I need to push up or down to make it match what's on my real odo?).

piyush_soni 8 hours ago 0 replies      
What a lame article. I know so many people are praising the author here and happy for her 'return', but if this has always been the quality of her writing, I'm not impressed. Not the mobile app, but any kind of thinking or stress will reduce your will power, and thus according to you is making you fat. So you might as well stop thinking. Or, on other side, do diet control and exercise. 2nd option is wise, according to me.
ankeshk 1 day ago 1 reply      
While I agree with the thesis, a contradictory point comes to mind.

We just don't know a lot about how cognitive resources are utilized. Long distance runners know this. Athletes know this. The whole concept of "second wind". Where they find the strength to better their game using way less resources -- after they have been tired. Some type of cognitive resource depletion gives people even more energy and motivation.

While I agree that things should be made simpler and we shouldn't over-gamify things, I don't think we should make decisions with the cake / fruits question in mind. That just provides a framework to dumb things down. We will never enable the users to hit their second wind if they never get tasks that make them crave cakes.

I guess my point is: simplicity is good. Simplicity to the point of dumbness is not.

dschiptsov 1 day ago 0 replies      
Statistically caught correlation does not imply the assusmed causation you wish to "prove".

The guys who memorize numbers might associate a cake with a reward and choose it just in order to reward oneself for a meaningless and boring waste of time they choose by mistake, while in 2 digits group it wasn't counted even as a joke.

As for willpower/self-control - hormonal levels are almost always the major factors. Just do the silly experiments which are "considered unethical" involving "images from those magazines" and you will notice lots of correlations.)

The famous experiment with tape-recorded heart-beats is the beautiful one.

Again, trying to find a single cause in psychology is kind of naive. The theoretical framework advocated by Marvin Minsky of constant competition of multitude of semi-independent agencies (specialized regions of the brain) helps to develop the notion of multiple causation.

My guess is that if one would nail a poster of a fit bikini girl to a wall, the number of cakes chosen will be reduced dramatically, everything else being equal.

But for a pony psychology the article is perfectly OK.)

tcskeptic 1 day ago 0 replies      
Based on this I would think that the conversion rate on the TURBOTAX offer to subtract the cost of the service from your return for a HUGE 100% fee (meaning the cost of that method of payment is as much as the tax service itself) but allows you to skip the entering of your CC information, given that it comes at the end of doing your taxes, is probably pretty high. They should try a cake add on.
hsuresh 2 days ago 0 replies      
For those interested in this topic, Daniel Kahneman's book "Thinking, fast and slow" is an excellent resource. He refers to 2 systems in our brain, and how they interplay when making everyday decisions. Fascinating read.
winfred 2 days ago 0 replies      
Now take it one step further, not just your UI, that's peanuts next to that big elephant in the room. Each ad you make me watch, requires a little bit of my willpower. I have to ignore its message, resist clicking on that nice looking lady. Your ad based revenue model is making me fat way faster than your UI will ever be able to do.
varelse 1 day ago 0 replies      
A bit off-topic, but it aligns with why I find daily standups to be a soul-crushing waste of time. Scrum Master Jar Jar (http://softwaremaestro.wordpress.com/2007/06/30/scrum-master...) went into more detail as to why Scrum is usually run this way, but just sayin'...
PaperclipTaken 1 day ago 1 reply      
Anecdotal evidence is not scientific, but this makes a lot of sense in the context of my life. At work, when I hit a tough problem, I'm much more likely to tab over to HN or reddit, yet I've found that somehow I manage to hit the deadlines at the same pace regardless of how much I force myself to focus.

I do think though while you might be drawing from one 'pool', it's a pool that you can work to expand. To me this seems to be the same vein of psychology that makes ADHD medicine ineffective for kids on the long term. There's one pool of resources you are drawing from but like muscular strength you aren't doomed to your current limits.

ryanobjc 2 days ago 1 reply      
I love pretty much any time Kathy Sierra writes. So ditto here, I'm glad to read it.

As for the willpower situation, on a tangent, I really believe that the notion of willpower as a useful ANYTHING is outdated and badly needs to be replaced.

The reality is we are smart people who understand our brains, and can reprogram it. Using emotions and basic urges to create motivations and positive feelings about the things we NEED to do but typically dislike doing is the key here.

Luckily there is a group that is teaching these skills outside the normal context of "self help" that turns off oh-so many people.

marcamillion 2 days ago 0 replies      
Like the other commenters, so glad that Kathy is blogging again.

That being said, I am glad that she has finally verbalized what I have always felt.

As the only person running 5KMVP, I have always found that it is hard for me to do things like marketing, and customer relations/support on the same day I do development.

That would also negatively impact my performance of both.

But now that I have people working with, I can concentrate on interacting with my clients without feeling guilty (i.e. knowing that the rest of my day is dead, from a development perspective).

Also, this explains the logic behind Steve Jobs always choosing a black turtleneck, blue jeans and sneakers. If he has 1 less thing to make a decision about, his life is much easier. I have recently adopted that, and am trying to simplify my wardrobe as much as I can.

This also impacts how I schedule 'outside' events. If I have to go to an event outside of the house, that usually means no coding for me on that day. I can't quite explain why - other than the mere fact that I know I have to go out, is enough of a distraction to make me not be able to 'get into the zone'. Glad to know that I am not deficient in anyway, and it is just being depleted from the same 'cognitive tank'.

moomin 1 day ago 0 replies      
She's back, the article's great, all is right with the world. Let's read the first comment... oh.

Seriously, I thought the article was great. It would be great even if it wasn't written by Kathy Sierra.

dreamfactory 1 day ago 0 replies      
Why is this considered the moral responsibility of the app creator and not the consumer? Seems to be a highly immature viewpoint where the consumer doesn't take responsibility for how they live their life.
6ren 1 day ago 0 replies      

  If you spend the day exercising self-control (angry customers, clueless co-workers),  by the time you get home your cog resource tank is flashing E. 
The Linus solution becomes increasingly appealing...

jjindev 1 day ago 0 replies      
Dan Ariely's Coursera on Irrational Behavior spent much time on current research in these areas. Very interesting (and a good/fun course, should it come around again).
yutyut 1 day ago 2 replies      
Perhaps the conclusions drawn by the experiment (if they are correctly paraphrased in the post; I didn't read the full paper yet: http://www.d.umn.edu/~dglisczi/4501web/4501Readings/Shiv(199...) are valid but I think it would be pertinent to consider that perhaps rather than being 'cognitively taxed', those 7-number participants simply felt that they worked harder and therefore deserved a better prize. I often find myself making similar justifications if I've pushed myself hard in a workout or followed my diet faithfully.

It would be interesting to see an experiment that 'cognitively taxes' participants by having them perform a task that is not considered positive. Memorizing a number elicits a feeling of accomplishment that may contribute to the justification I described above.

areeved 2 days ago 1 reply      
This is fascinating. For those that are interested, Daniel Kahneman discusses this in 'Thinking, Fast and Slow' too:


What I would like to know is how can we grow this limited resource?

lancefisher 1 day ago 0 replies      
I'm glad she's back. I always enjoyed reading her articles back when blogs were new.
ludoo 1 day ago 0 replies      
Sitting all day on a chair, then going home to sit in front of a TV makes you fat, not exercising willpower and using your brain...
vannevar 1 day ago 0 replies      
Grad students and dogs, sure. But how do we know these findings apply to humans?
KedarMhaswade 1 day ago 0 replies      
This is definitely very interesting. In the long run however, I think self-control/willpower works in unison with cognitive abilities, as another famous experiment -- the Marshmallow experiment, tends to conclude.
mmilo 1 day ago 0 replies      
Anyone notice hitting the escape key sends you to a squarespace login screen? Seems like an odd thing to have turned on by default.
muratmutlu 2 days ago 0 replies      
There's so many articles full of analogies and fluff in UX, sometimes I read a post and wonder if I'm in the same industry.
harishankar 1 day ago 0 replies      
I always knew that thinking a lot made me hungry. And tired. Mental work is quite as tiring to the mind as physical work is to the body and muscles. The article is well written, but I found nothing particularly new in that viewpoint.
krmboya 1 day ago 1 reply      
I'd guess terminal users consume more cognitive resources than GUI users. Are they on average fatter than the latter?

Just a speculation.

NatCrodo 1 day ago 0 replies      
I'm a fan too! I was extremely happy when I saw that she is writing again. Looking forward for more.
matthiasb 1 day ago 0 replies      
Now I know why my dog stopped working on his Kong... he's spoiled!
hheide 1 day ago 0 replies      
Actually the the app doesn't make you fat. The resource that is burned is sugar. To replenish it you need one piece of candy. After which you'll be as able to make decisions as you ever was.(But Burger king won't tell you, since they don't make money from candy.)
timmyelliot 21 hours ago 0 replies      
Having a user expend more cognitive energy on my app (as long as I'm not frustrating them), sounds like a good thing. It sounds like another way for them to bond. Seems like I'd rather it be my app them my competition's.
Obama Promises Disappear from Web sunlightfoundation.com
637 points by 1337biz  6 days ago   162 comments top 30
Buzaga 6 days ago 8 replies      
~Protect Whistleblowers: Often the best source of information about waste, fraud, and abuse in government is an existing government employee committed to public integrity and willing to speak out. Such acts of courage and patriotism, which can sometimes save lives and often save taxpayer dollars, should be encouraged rather than stifled. We need to empower federal employees as watchdogs of wrongdoing and partners in performance. Barack Obama will strengthen whistleblower laws to protect federal workers who expose waste, fraud, and abuse of authority in government. Obama will ensure that federal agencies expedite the process for reviewing whistleblower claims and whistleblowers have full access to courts and due process.~


pvnick 5 days ago 8 replies      
I see this as largely coincidental, and nothing nefarious. If you follow the link from the page to the archived version [1], look among the dozens of subjects, click on Ethics, scroll down to near the bottom of the page, you'll see the single paragraph he's referring to. It makes up for about 0.1% of the total content. It's unlikely the administration took down an entire website just to hide Obama's whistleblower promises.

What's more likely is that that, since Hope/Change was the old slogan and "Forward" has replaced it as the new slogan, it's time to take down the old site because it's simply outdated.

C'mon guys let's show a little critical thought and stop looking for conspiracies where they don't exist. It's bad for our credibility. Things are bad enough as it is with the stuff the NSA is actually doing.

[1] http://web.archive.org/web/20130515024407/http://change.gov/...

zdw 6 days ago 1 reply      
One man's terrorist is another man's freedom fighter.

Whistleblowers are frequently viewed by people who disagree with them as whiners, complainers, disgruntled people with axes to grind, and frequently they are all those things, often with nothing more than circumstantial or spurious claims.

Not everyone's a Snowden.

rdtsc 6 days ago 1 reply      
So his supporters are right. He does keep his promises.


By slowly removing the ones he hasn't kept from the list.

ibejoeb 5 days ago 1 reply      
I think this is sensational, but it got me looking around the archive[1], and it's a pretty good read.


Improve Intelligence Capacity and Protect Civil Liberties

* Improve Information Sharing and Analysis: Improve our intelligence system by creating a senior position to coordinate domestic intelligence gathering, establishing a grant program to support thousands more state and local level intelligence analysts, and increasing our capacity to share intelligence across all levels of government.

* Give Real Authority to the Privacy and Civil Liberties Board: Support efforts to strengthen the Privacy and Civil Liberties Board with subpoena powers and reporting responsibilities. Give the Board a robust mandate designed to protect American civil liberties and demand transparency from the Board to ensure accountability.

* Strengthen Institutions to Fight Terrorism: Establish a Shared Security Partnership Program overseas to invest $5 billion over three years to improve cooperation between U.S. and foreign intelligence and law enforcement agencies.


He f'ing nailed 2 of those.

[1] http://web.archive.org/web/20130425003939/http://change.gov/...

ewoodrich 5 days ago 1 reply      
So just to be clear, President Obama's staff took down a transition website that was primarily a link to whitehouse.gov, and this is somehow a scandal because of one of many campaign promises included on the site?

Sure, I guess it could be some sort of conspiracy, but it's equally possible his staff wanted to consolidate web presence. The title on the other hand, implies some direct connection to the whistleblower segment, which has no supporting evidence.

drawkbox 5 days ago 0 replies      
"When one knew that any document was due for destruction... it was an automatic action to lift the flap of the nearest memory hole and drop it in, whereupon it would be whirled away..."
gojomo 6 days ago 4 replies      
We have always been at war with whistleblowers.
mkr-hn 5 days ago 0 replies      
Regular civics reminder: the Executive is supposed to be the weakest of the three branches of government when it comes to domestic issues. If you want a president who's decent at his/her job (foreign affairs, proposing policy), but don't want him/her meddling with domestic affairs, elect a better congress.

This means actually going out to vote in primaries and main elections at the city, county, state, and federal level. All of these determine how much influence and power the federal government has, and whether or not they're doing a good job.

It's true that finding useful information on most candidates is impossible at the moment, but that's solvable.

konklone 6 days ago 2 replies      
This is a simple discovery, but an important one. Change.gov was the President's official transition website, and included a vision for his presidency. It's a central piece of the historical record of the US, and they yanked it from the Internet.

It doesn't matter whether or not the Administration was trying to remove something specific: taking down the content at Change.gov is un-American and un-Internet.

prawn 5 days ago 1 reply      
How likely is it that the pre-pres Obama was as-advertised, but he's now operating with top-level knowledge about the US's place in the power struggles of the world? And that knowledge pushes him to act against some of the friendlier statements he's made in the past?

Could the strength of the US WRT China (for example) be on a knife-edge that warrants the back-pedalling we're seeing?

sehugg 5 days ago 0 replies      
This section of the site has been removed and "revised" before, notably in 2008: http://thecaucus.blogs.nytimes.com/2008/11/18/changes-at-cha...
steve19 5 days ago 2 replies      
Can't someone just file a FOIA request to get a copy of the entire website?

(Just in case archive.org or other archivers missed some of it)

Vivtek 5 days ago 2 replies      
Change I'm forced to believe in.
obtino 5 days ago 1 reply      
Throughout the years of my life I have learned of certain inalienable truths. The fact that politicians are not trust-worthy is one of them.
CamperBob2 5 days ago 0 replies      
Well? He promised "change," didn't he? It changed.
6chars 6 days ago 2 replies      
I agree with the first commenter on the link. This is quite a reach. It's unlikely that the order to take down an old, unmaintained site would have come from someone who's in on some sinister agenda to revise history.
downandout 5 days ago 0 replies      
From NSA to prosecuting reporters for...well...reporting, it is quite clear that one Obama ran for office and a different one actually took office. They are trying to get rid of all the evidence of the many misrepresentations he made in order to get elected, probably so that the next round of Democrats running for office aren't also seen as liars and hypocrites.
christiangenco 5 days ago 0 replies      
All animals are equal, but some animals are more equal than others.
joering2 5 days ago 0 replies      
I wrote about this 31 days ago: https://news.ycombinator.com/item?id=5933806

But is this news surprise to you??

We needs to focus on jobs and middle class and stop wasting time on phony scandals!!

[1] http://dailycaller.com/2013/07/24/obama-repeats-carneys-phon...

This comes after:

- IRS scrutinizing and unconstitutionally profiling people while spending $5MM on "trainings", shutting down operators due to gov cuts while giving contractors 80MM in bonues? phony scandal!!

- 4 US Officials dead in Benghazi almost 1 years ago, no answers, no credibility (people in charge promoted) phony scandal!!

- 1 US Official dead, hundreds of people dead mostly on Mexico soil after DOJ's Fast And Furious mismanage? phony scandal!!

- DOJ spending time on possible civil lawsuit against Zimmerman, while since the tragedy at least 600 murders done by one race on another in Chicago alone. phony scandal!!

- NSA spying on all americans and foreginers intercepting all possible traffic illegally unlawfully and unconstitutionally? phony scandal!!

- Salandra: hundreds of millions given without proper checks to Presidents friends? phony scandal!!

thret 5 days ago 0 replies      
There's something seriously wrong with the entire political system when every single person here is like 'well yeah, he's a politician'.

Those who seek power are not worthy of that power.

mtgx 6 days ago 1 reply      
You know, ending the mass surveilling would be a huge achievement on its own (probably by repealing the Patriot Act and the FISA Amendments Act) - but what I'd really like is to get so much support from the people and the Congress, to eventually impeach him. Now that would remain in history, and would teach future presidents a lesson about overextending themselves with the spying. Obviously people like Alexander, Clapper and Holder would be gone in the next second, too, and the FISA Court disbanded.
msgilligan 5 days ago 0 replies      
About this time there occurred a strange incident which hardly anyone was able to understand. One night at about twelve o'clock there was a loud crash in the yard, and the animals rushed out of their stalls. It was a moonlit night. At the foot of the end wall of the big barn, where the Seven Commandments were written, there lay a ladder broken in two pieces. Squealer, temporarily stunned, was sprawling beside it, and near at hand there lay a lantern, a paint-brush, and an overturned pot of white paint. The dogs immediately made a ring round Squealer, and escorted him back to the farmhouse as soon as he was able to walk. None of the animals could form any idea as to what this meant, except old Benjamin, who nodded his muzzle with a knowing air, and seemed to understand, but would say nothing.

-- George Orwell, Animal Farm

thetron 5 days ago 0 replies      
All animals are equal, but some animals are more equal than others.
kolev 5 days ago 0 replies      
Just because you deleted your promise from the web, it does not annul it. A man who does not keep his word (regardless of price) is no man, but a [insert the C word here].
Allower 5 days ago 0 replies      
If this surprises you well then, you are as dumb as they come
informatimago 5 days ago 0 replies      
In France we have a saying about politicians' promises: "Les promesses n'engagent que ceux qui les coutent.", ie. " Promises are binding only to those who listen to them.". It must be a good thing they try to erase them from the web.


rangibaby 5 days ago 0 replies      
We've always been at war with whistleblowers
AcessoNegado 5 days ago 0 replies      
arcosdev 5 days ago 0 replies      
And that is why you fail.
Psd.rb layervault.tumblr.com
584 points by chamza  1 day ago   85 comments top 20
artagnon 1 day ago 2 replies      
This programmer has written about the PSD format in colorful detail: "Trying to get data out of a PSD file is like trying to find something in the attic of your eccentric old uncle who died in a freak freshwater shark attack on his 58th birthday."


(ref: first link in the article)

mistercow 1 day ago 3 replies      
>Adobe has never produced an easy way for developers to work with the format.

That's not entirely fair. Adobe has openly released a comprehensive description of the format which is, as far as I know, accurate. The problem is that the format itself is a heap of features piled on year after year with apparently no regard for doing things consistently.

tommoor 1 day ago 0 replies      
Wow, fantastic work and a lot of respect for open sourcing this lib when it's clearly an important part of LayerVault.
blt 1 day ago 1 reply      
Does anyone else think it's weird that they decided to make this library in Ruby? It drastically cuts down on the audience. Why not C/C++ with wrappers for all the dynamic languages?

EDIT: nevermind, it makes sense now that I see their main product is a version control system for designers. Still, it would be nice to see this ported to native code some day.

mhd 20 hours ago 1 reply      
Is this more feature complete (esp. regarding to newer PS versions) than e.g. libpsd?


tluyben2 1 day ago 1 reply      
Thank you very much for doing this! I wish all people hacking the PSD format would join forces and help with one project. There are too many partial implementations which scratch an itch instead of trying to be a full implementation.
freerobby 1 day ago 0 replies      
Great work and thanks for building this. There's a lot of room for improvement in automating manipulative photoshop exports, and I look forward to seeing what people do with this, especially in terms of building command line tools.
gburt2 1 day ago 3 replies      
I just wrote a script with this that takes a directory of PSDs and outputs PNGs for each one. It took about 2 minutes. This is great.
nja 1 day ago 6 replies      
Does anyone know of a similar tool for Python?

Not trying to start a Ruby/Python fight or anything; Python just happens to be my preferred language.

adamwong246 1 day ago 0 replies      
Idea: Use this to dynamically "compile" photoshop files into png, jpgs, etc on the rails assets pipeline.
smickie 19 hours ago 0 replies      
This is a great example of why open source is brilliant. Everybody wins. We get a PSD parser. LayerVault benefits from the world improving they're core product too.
captainbenises 1 day ago 0 replies      
I reckon a good tool (that this psd.rd wouldn't actually help write, but), would be one that rendered an html/css page - and exported a layered PSD, so you could prototype an app, render it to .psd and send it to your designer friend to make it look rad.
netforay 1 day ago 1 reply      
I have been trying to do this from last 3 months. But I intend to make modifications to layers (turn on or off, change colors) and export to PNG. When I saw Psd.rb I thought it is done. But it just exports the channel data saved by Photoshop. So our modifications wont reflect in it.
envex 1 day ago 3 replies      
I feel like this could be used to automatically convert a simple .psd web layout to non-shitty HTML and CSS.
carlosdp 1 day ago 0 replies      
Thank you! There's quite a ton I can do to this. Will definitely be contributing soon.
cveigt 15 hours ago 0 replies      
These are great news for developers and an easy way to communicate between designers with developers. Is the beginning of a solution for a big problem.
smtm 1 day ago 3 replies      
So, will there be writing .PSD files as well? This would be the ber thing. Imagine: upload a .PSD and get back a clean HTML layout + bootstrap_overrides.css
isaacjohnwesley 1 day ago 0 replies      
Truly awesome, cant wait to think of the possibilities with this.
Radle 8 hours ago 0 replies      
// PSD is not my favourite file format.

I see bro...

aftermathvc 1 day ago 0 replies      
The Future of Programming worrydream.com
566 points by rpearl  1 day ago   316 comments top 41
InclinedPlane 1 day ago 16 replies      
An interesting talk, and certainly entertaining, but I think it falls very short. Ultimately it turns into typical "architecture astronaut" naval gazing. He focuses on the shortcomings of "traditional programming" while at the same time imagining only the positive aspects of untried methods. To be honest, such an approach is frankly childish, and unhelpful. His closing line is a good one but it's also trite, and the advice he seems to give leading up to it (i.e. "let's use all these revolutionary ideas from the '60s and '70s and come up with even more revolutionary ideas") is not practical.

To pick one example: he derides programming via "text dump" and lauds the idea of "direct manipulations of data". However, there are many very strong arguments for using plain-text (read "The Pragmatic Programmer" for some very excellent defenses of such). Moreover, it's not as though binary formats and "direct manipulations" haven't been tried. They've been tried a great many times. And except for specific use cases they've been found to be a horrible way to program with a plethora of failed attempts.

Similarly, he casually mentions a programming language founded on unique principles designed for concurrency, he doesn't name it but that language is Erlang. The interesting thing about Erlang is that it is a fully fledged language today. It exists, it has a ton of support (because it's used in industry), and it's easy to install and use. And it also does what it's advertised to do: excel at concurrency. However, there aren't many practical projects, even ones that are highly concurrency dependent, that use Erlang. And there are projects, such as couch db, which are based on Erlang but are moving away from it. Why is that? Is it because the programmers are afraid of changing their conceptions of "what it means to program"? Obviously not, they have already been using Erlang. Rather, it's because languages which are highly optimized for concurrency aren't always the best practical solution, even for problem domains that are highly concurrency bound, because there are a huge number of other practical constraints which can easily be just as or more important.

Again, here we have an example of someone pushing ideas that seem to have a lot of merit in the abstract but in the real world meet with so much complexity and roadblocks that they prove to be unworkable most of the time.

It's a classic "worse is better" scenario. His insult of the use of markup languages on the web is a perfect example of his wrongheadedness. It took me a while to realize that it was an insult because in reality the use of "text dump" markup languages is one of the key enabling features of the web. It's a big reason why it's been able to become so successful, so widespread, so flexible, and so powerful so quickly. But by the same token, it's filled with plenty of ugliness and inelegance and is quite easy to deride.

It's funny how he mentions unix with some hints of how awesome it is, or will be, but ignores the fact that it's also a "worse is better" sort of system. It's based off a very primitive core idea, everything is a file, and very heavily reliant on "text dump" based programming and configuration. Unix can be quite easily, and accurately, derided as a heaping pile of text dumps in a simple file system. But that model turns out to be so amazingly flexible and robust that it creates a huge amount of potential, which has been realized today in a unix heritage OS, linux, that runs on everything from watches to smartphones to servers to routers and so on.

Victor highlights several ideas which he thinks should be at the core of how we advance the state of the art in the practice of programming (e.g. goal based programming, direct manipulations of data, concurrency, etc.) but I would say that those issues are far from the most important in programming today. I'd list things such as development velocity and end-product reliability as being far more important. And the best ways to achieve those things are not even on his list.

Most damningly, he falls into his own trap of being blind to what "programming" can mean. He is stuck in a model where "programming" is the act of translating an idea to a machine representation. But we've known for decades that at best this is a minority amount of the work necessary to build software. For all of Victor's examples of the willingly blind programmers of the 1960s who saw things like symbolic coding, object oriented design and so forth as "not programming" and more like clerical work he makes fundamentally the same error. Today testing, integration, building, refactoring and so on are all hugely fundamental aspects of prototyping and critically important to end-product quality as well as development velocity. And increasingly tooling is placing such things closer and closer to "the act of programming", and yet Victor himself still seems to be quite blind to the idea of these things as "programming". Though I don't think that will be the view among programmers a few decades down the road.

ibdknox 1 day ago 6 replies      
It's a fun talk by Bret and I think he echoes a lot of the murmurings that have been going around the community lately. It's funny that he latched onto some of the same core tenants we've been kicking around, but from a very different angle. I started with gathering data on what makes programming hard, he looked at history to see what made programming different. It's a neat approach and this talk laid a good conceptual foundation for the next step: coming up with a solution.

In my case, my work on Light Table has certainly proven at least one thing: what we have now is very far from where we could be. Programming is broken and I've finally come to an understanding of how we can categorize and systematically address that brokeness. If these ideas interest you, I highly encourage you to come to my StrangeLoop talk. I'll be presenting that next step forward: what a system like this would look like and what it can really do for us.

These are exciting times and I've never been as stoked as I am for what's coming, probably much sooner than people think.

EDIT: Here's the link to the talk https://thestrangeloop.com/sessions/tbd--11

stiff 1 day ago 5 replies      
In 2040 someone will discover Haskell, shed tears on why C#++.cloud is so widespread instead in the industry, and use it to conclude the sorry state of the world. Seriously, don't compare what was published in papers 50 years ago with what business uses today, compare it with what is in papers now, and there are lots of interesting things going on all the time, when was the last time you even checked? Probabilistic programming? Applications of category theory to functional programming? Type theory? Software transactional memory?

Woody Allen did this great movie some time ago, "Midnight in Paris", where the main character, living in present times, dreams of moving back in time to the 1920s as the best time for literature ever. When the occasion to really go back appears though, he discovers the writers of the 1920s thought the best literature was done in 1890s, and so he has to go back again, then again, ... This talk is like this, sentiment blinding a sober assessment.

artagnon 1 day ago 5 replies      
The art of programming is evolving steadily; more powerful hardware becomes available, and compiler technology evolves.

Ofcourse there will be resistance to change, and new compilers don't mature overnight. At the end of the day, it boils down to what can be parsed unambiguously, written down easily by human beings, and executed quickly. If you get off on reading research papers on dependent types and writing Agda programs to store in your attic, that's your choice; the rest of us will be happily writing Linux in C99 and powering the world.

Programming has not fundamentally changed in any way. x86 is the clear winner as far as commodity hardware is concerned, and serious infrastructure is all written in C. There is a significant risk to adopting any new language; the syntax might look pretty, but you figure out that the compiler team consists of incompetent monkeys writing leaking garbage collectors. We are pushing the boundaries everyday:

- Linux has never been better: it continues improve steadily (oh, and at what pace!). New filesystems optimized for SSDs, real virtualization using KVM, an amazing scheduler, and a new system calls. All software is limited by how well the kernel can run it.

- We're in the golden age of concurrency. Various runtimes are trying various techniques: erlang uses a message-passing actor hammer, async is a bit of an afterthought in C#, Node.js tries to get V8 to do it leveraging callbacks, Haskell pushes forward with a theoretically-sound STM, and new languages like Go implement it deep at the scheduler-level.

- For a vast majority of applications, it's very clear that automatic memory management is a good trade-off. We're look down upon hideous nonsense like the reference-counter in cpython, and strive to write concurrent moving GCs. While JRuby has the advantage of piggy-banking on a mature runtime, the MRI community is taking GC very seriously. V8 apparently has a very sophisticated GC as well, otherwise Javascript wouldn't be performant.

- As far as typing is concerned, Ruby has definitely pushed the boundaries of dynamic programming. Javascript is another language with very loosely defined semantics, that many people are fond of. As far as typed languages go, there are only hideous languages like Java and C#. Go seems to have a nice flavor of type inference to it, but only time will tell if it'll be a successful model. Types make for faster code, because your compiler has to spend that much less time inspecting your object: V8 does a lot of type inference behind the scenes too.

- As far as extensibility is concerned, it's obvious that nothing can beat a syntax-less language (aka. Lisp). However, Lisps have historically suffered from a lack of typesystem and object system: CLOS is a disaster, and Typed Racket seems to be going nowhere. Clojure tries to bring some modern flavors into this paradigm (core.async et al), while piggy-banking on the JVM. Not sure where it's going though.

- As far as object systems go, nothing beats Java's factories. It's a great way to fit together many shoddily-written components safely, and Dalvik does exactly that. You don't need a package-manager, and applications have very little scope for misbehaving because of the suffocating typesystem. Sure, it might not be be pleasant to write Java code, but we really have no other way of fitting so many tiny pieces together. It's used in enterprise for much the same reasons: it's too expensive to discipline programmers to write good code, so just constrain them with a really tight object system/typesystem.

- As far as functional programming goes, it's fair to say that all languages have incorporated some amount of it: Ruby differentiates between gsub and gsub! for instance. Being purely functional is a cute theoretical exercise, as the scarab beetle on the Real World Haskell book so aptly indicates.

- As far as manual memory management goes (when you need kernels and web browsers), there's C and there's C++. Rust introduces some interesting pointer semantics, but it doesn't look like the project will last very long.

Well, that ends my rant: I've hopefully provided some food for thought.

Kronopath 1 day ago 0 replies      
I just watched most of this talk while a large C++ codebase was compiling, in the midst of trying to find one of many bugs caused by multiple interacting stateful systems, on a product with so much legacy code that it'll be lucky if it's sustainable for another ten years.

Like Bret's other talk, "Inventing on Principle", this talk has affected me deeply. I don't want this anymore. I want to invent the future.

agentultra 12 hours ago 1 reply      
One thing I can't help but noticing is that the majority of discussions regarding this talk are focusing on the examples presented.

I thought it was pretty clear that the talk wasn't about whether constraint-based solvers and visual programming environments were the "future of programming." It was a talk about dogma. Brent points out that none of the examples he's mentioned are inherently important to what he was trying to get across: they were just examples. The point he was trying to elucidate was that our collective body of knowledge limits our ability to see new ways of thinking about the problems we face.

It is at least somewhat related to the adage, when you have a hammer every problem looks like a nail. He's just taking a historical view and using irony to illustrate his point. When computer technology reached a certain level of power there was a blossoming garden of innovative ideas because the majority of people didn't know what you cannot do.

What I think he was trying to say, and this is partly coloured by my own beliefs, is that beginner's mind is important. Dogma has a way of narrowing your view of the world. Innovation is slow and incremental but there's also a very real need to be wild and creative as well. There's room for both and we've just been focusing on one rather than the other for the last 40 years.

humanrebar 1 day ago 4 replies      
I very much enjoyed Bret's talk, but the visual programming part of his talk was rather half-baked. I say this as someone who has done visual coding professionally in the past. People have been trying to crack the "drawing programs" nut for decades. It's not a forgotten idea. It's so not forgotten that there is a wikipedia page listing dozens of attempts over the years: http://en.wikipedia.org/wiki/Visual_programming_language.

The reason we still code in text is because visual programming is not a hard problem -- it's a dozen hard problems. Think about all of the tools we use to consume, analyze, or produce textual source code. There are code navigators, searchers, transformers, formatters, highlighters, versioners, change managers, debuggers, compilers, analyzers, generators, and review tools. All of those use cases would need to be fulfilled. Unlike diagrams, text is a convenient serialization and storage format, you can leverage the Unix philosophy to use the best of breed of the tools you need. We don't have a lingua franca for diagrams like we do for text files.

It's not due to dogma or laziness that we use text to write code. It's because the above list of things are not trivial to get right and making them work on pictures is orders of magnitude harder than making them work with text.

EDIT: Wordsmithing

michaelrbock 1 day ago 0 replies      
A quote from the footnotes:

"'The most dangerous thought you can have a creative person is to think you know what you're doing.'

It's possible to misinterpret what I'm saying here. When I talk about not knowing what you're doing, I'm arguing against "expertise", a feeling of mastery that traps you in a particular way of thinking.

But I want to be clear -- I am not advocating ignorance. Instead, I'm suggesting a kind of informed skepticism, a kind of humility.

Ignorance is remaining willfully unaware of the existing base of knowledge in a field, proudly jumping in and stumbling around. This approach is fashionable in certain hacker/maker circles today, and it's poison."

rpearl 1 day ago 2 replies      
"The most dangerous thought you can have as a creative person is to think you know what you're doing."
jingo 12 hours ago 0 replies      
At the end of the video he warns of the dangers of "dogma".

He looks really nervous and impatient in this talk. He seems afraid that it won't be well received. If so, it is interesting to note that this is what dogma in fact leads to... repression of new ideas, fear of free thinkers and the stagnation of true scientific progress. It means guys like Bret Victor will feel awkward giving a talk that questions the status quo.

"Breakthroughs" do not happen when we are all surrounded by impenetrable walls of dogma. I wonder if we today could even recognize a true breakthrough in computing if we saw one. The only ones I see are from the era Bret is talking about. What happens when those are forgotten?

My friends, there is a simple thing I learned in another discpline outside of computing where I witnessed doing what others thought impossible: the power of irreverance. This is where true innovation comes from.

It means not only questioning whether you know what you are doing, but questioning whether others do. That frees you up to work on what you want to work on, even when it is in a different direction than everyone else. That is where innovation comes from: irreverance.

bsaul 1 day ago 3 replies      
Enough already ! Could anyone with 100 millions $ give this guy a team of 100 Phds to create the new software revolution ?

This guy is not a good or great or fabulous computer scientist, this guy is something else entirely. He's a true creative Thinker. He doesn't have a vision, he's got tons of them. Every subject he starts thinking about he comes with new ideas.

He shouldn't be doing presentations, he should run a company.

oh_teh_meows 1 day ago 1 reply      
I think much of the motivation for developing new paradigms stems from growing frustration with tool-induced blindness, for lack of a better term. We spend much of our time chasing that seg-fault error instead of engineering the solution to the problem we're trying to solve.

A new programming paradigm allows us to reframe a problem in a different space, much like how changing a matrix's basis changes its apparent complexity, so to speak.

The ultimate goal, I think, is to come up with a paradigm that would map computational problems, without loss of generality, to what our primate brains would find intuitive. This lowers our cognitive burden when attempting to describe a solution, and also to allow us to see clearer what the cause of a problem may be. For example, if you're a game developer, and you find some rendering problems due to some objects intersecting each other, but you're not sure where it happens, Instead of poring over text dump of numerical vector coordinates, it'd be better to visualize them. The abnormality would present themselves clearly, even to a layman's eyes. I suspect this is what Victor is trying to get at. Imagine, if you will, that you have a graphical representation of your code, and a piece of code that could potentially segfault shows up as an irregularity of some form (different textures, different color, different shape, etc), so you can spot them and fix them right away. The irregularity is not a result of some static error analysis, but is instead the result of some emergent property resulting from graphical presentation rules (mapping from problem space to graphic space). We're good at spatial visualization, so I wonder if it's valid to come up with a programming language that would leverage more of our built-in capability in that area. This may seem like wishful thinking or even intractable (perhaps due to a certain perception limitation...which we have to overcome using more cognitive resources), but I certainly hope we'll get there in our life time.

pnathan 1 day ago 1 reply      
Very good summary of the state of the art in the early 70s.

His analysis of the "API" problem reminds me of some of the ideas Jaron Lanier was floating around about ten years ago. I can't recall the name of it, but it was some sort of biologically inspired handshake mechanism between software 'agents'.

What I think such things require is an understanding of what is lacking in order to search for it; as near as I can tell, that requires some fashion of self-awareness. This, as far as I can conceive, recurses into someone writing code, whether it be Planner or XML. But my vision is cloudy on such matters.

I should note that I think Brett is one of the leading thinkers of his (my) generation, and have a lot of respect for his ideas.

tel 1 day ago 1 reply      
> Ignorance is remaining willfully unaware of the existing base of knowledge in a field, proudly jumping in and stumbling around. This approach is fashionable in certain hacker/maker circles today, and it's poison.

> Learn tools, and use tools, but don't accept tools. Always distrust them; always be alert for alternative ways of thinking. This is what I mean by avoiding the conviction that you "know what you're doing".

These two statements have done a better job explaining my feelings on expertise than almost any of my attempts. Thank you, Bret.

ionforce 1 day ago 1 reply      
This talk is so fluffy and empty. Surely there must be someone else who did not enjoy it.
hcarvalhoalves 1 day ago 1 reply      
Love Bret's style. Also love how the crowd went silent after the "API" slide.
_pius 1 day ago 0 replies      
This is a brilliant, trenchant indictment of the state of our industry.
Knotwilg 12 hours ago 0 replies      
It will not help the discussion forward to behave like fans and treat any substantial critique as "you are one of those old fashioned mindless programming dudes".

On the other hand, in the light of Victor's achievements in industry (including "shipping" stuff) one cannot dismiss him as a smooth talking TEDdie either.

Victor has provided many crafted examples of what can be achieved in the fields of engineering, mathematics and programming, or any field of science and technology, if the feedback loop between the tool and its user is improved.

Indeed, this 30 minute talk does not compare to an industrial delivery. It has some theatre and some deliberate exaggerations or unfair treatment of society evolutions. Such is the nature of talks.

I do not think he sees the current state of affairs as a great mistake. He will surely acknowledge all practical circumstances and conceptual challenges that have made certain inferior designs survive while superior ones did not materialize.

The message is: we shouldn't accept this state of affairs as final or as one that can only be marginally improved. It can still be radically improved. The industry is still fresh - even ideas from the 60s are valid and underachieved.

I see his critique as a positive statement of hope and encouragement, not as a pointing finger to all you silly programmers.

arikrak 14 hours ago 0 replies      
I like his overall message, but I wonder about the details. E.g. he attacks the existence of HTML and CSS, but there needs to be some universal format to store the markup and design in. So I guess he's attacking the idea of hand-coding them instead of using a WYSIWYG editor. But you can use something like Dreamweaver, Expression Web, or even more recent web apps like Divshot. I guess the problem in that they're not good enough yet, but that's not because people aren't trying to do it, it's because it is hard to do.
ThomPete 1 day ago 0 replies      
"they didn't know what they were doing, so they tried everything"
rasur 1 day ago 0 replies      
A whole bunch of interesting stuff in there. Undoubtedly I shall spend most of my forthcoming holiday reading up on papers and other works as old as I am and realising - yet again - everything old is new again (except for the bits that have been willfully ignored in favour of being reinvented, badly ;) )
ibudiallo 1 day ago 1 reply      
I am half way there and i have never been disappointed by Bret Victor. He comes from the future.
calibraxis 1 day ago 3 replies      
What should I read to understand his anti-API point better? Learn about RDF? Or is there something better?
tmarthal 1 day ago 2 replies      
"I do think that it would be really cool if the actor model is like picked up by the Swedish phone company."

Does anyone have an explanation for this reference? It was at the end of the concurrency section, while talking about the distributed graph model.


0xdeadbeefbabe 1 day ago 0 replies      
Subtext seemed like a good abstraction what happened there? http://www.oscon.com/oscon2010/public/schedule/detail/15484
xlayn 1 day ago 0 replies      
Come to wonder when I try to see the places on where this can be applied in my particular working field.If I check my everyday working flow, it seems like I'm constrained to all the scenarios that he mention, and I'm aware of how limiting it can be for what the technology and multiple cores...I'm talking about working on files, not interacting visually with the computer, not letting the computer figure out the stuff... not working parallely

and then I notice...

how I deliver software to a distributed environment of virtual machines some running on the same cpu, some boxes with their own one and realize that maybe the everyday cpu that you buy for your everyday box, is that small cpu on the cpu grid he shows....network between the cpus are the lines that connects them....and notice that I don't remember when it was the last time that I wrote the last tcp stack for connecting those machines....so they somehow are figuring they out on they own how to talk to each other (notice how this is different from having a goal and try to achieve it) I still think we are way far from this happening (probably luckily for us)...

so: what if all he mentions here does somehow exist but it requires to shift the way you see stuff?

dman 1 day ago 0 replies      
Eternally relevant when discussing worlds of computing that could have been - http://www.dreamsongs.com/RiseOfWorseIsBetter.html
marcamillion 1 day ago 2 replies      
Is this an actual talk he gave in 1973 or is this a spoof or something?

If so, it seems he missed the mark (significantly) on web development.

He said "if in a few decades we get a document format on some sort of web of computers, I am sure we will be creating those documents by direct manipulation - there won't be any markup languages or stylesheets, that will make no sense."

So that is either very sarcastic and cheeky, or straight up wrong.

What am I missing?

tomasien 23 hours ago 0 replies      
I just learned today that Smalltalk was the inspiration for a lot of what NeXT ended up doing with Objective C, which makes so much sense. At the end of the day, Xcode is just another set of text files in many ways, but in so many others it's so much more.
chj 1 day ago 0 replies      
I don't think the future of programming is necessarily visual programming. Nature didn't program human bodies visually, and yet we are the most powerful living machines with powerful operating systems. But we do need to find a new "programing medium" like proteins that can build up ideas "organically".
jjindev 1 day ago 0 replies      
Isn't this all just evidence that "better" in most cases is a small margin? You can hate X, and prefer Y, but in most cases the X guys will finish their project. Methodology based crash and burns are pretty rare. And the things that are "not terrible" are not separated by that much.
nickmain 1 day ago 0 replies      
I hope that in another 40 years the fact that programming and programmers ever existed is seen as temporary blip in the evolution of computing.
mmphosis 1 day ago 0 replies      

  1. coding -> direct manipulation of data  2. procedures -> goals and constraints  3. text dump -> spatial representations  4. sequential -> parallel

dschiptsov 1 day ago 0 replies      
Yeah, all the fundamental things were invented and researched before I was born.) and everything is still relevant and actual even in the midst of J* mass hysteria.)
zekenie 1 day ago 1 reply      
This is awesome. It makes me realize how much of the time I am just applying the same formula over and over again and not really being creative. The flip side, I would argue is that reinventing the wheel all the time is expensive. There's a reason why standards have formed.
rusew 9 hours ago 0 replies      
Does anyone know what font he uses in his slides? I really like their look.
6ren 1 day ago 1 reply      
Could someone upload this to youtube, please? vimeo is unwatchable on old/underpowered devices.
gdonelli 1 day ago 0 replies      
Bret Victor is awesome
asselinpaul 1 day ago 0 replies      
Watching this now but I expect greatness like all his talks.
cconroy 23 hours ago 0 replies      
I wonder if there were people like this during the printing press days... ?
creed0r 1 day ago 0 replies      
Google Chromecast google.com
558 points by Zaheer  7 days ago   316 comments top 77
tolmasky 7 days ago 13 replies      
This is exactly what I've been wanting the Apple TV to be for ages. The only thing Apple TV is actually good for is Airplay. There doesn't need to be an OS or a UI for the Apple TV: your phone or tablet will be a better experience for typing and searching for content every time. Its a fool's errand to try to design a UI for a TV that isn't dreadfully painful to use: no one ever wants to interact with something 10 feet away.

This is what the future of TV should be: people should just think of TV's the way they think of their jamboxes: a higher fidelity dumb pipe for their existing content. If Apple turned the Apple TV into an HDMI dongle that solely included AirPlay and included it for free with every iPad and iPhone they sold, it would truly disrupt TV. If I knew for a fact that every new iDevice owner was necessarily and AppleTV owner, I would immediately start making AppleTV-enabled experiences. Overnight the iPad would become a real competitor to game consoles as well.

It just seems so obvious that this is the right way to go. The apps should live on the brain (your device), and the TV should just be an auxiliary screen, nothing more (We certainly don't need YET ANOTHER SDK for writing TV apps). Here's a fun exercise: go to your local Apple Store and ask them what an Apple TV is for today. Then watch them fumble around mentioning "oh if you have Netflix" and "isn't cable hard to use" and just the sheer lack of vision for the product. If it was just AirPlay it would be as easy to explain as an iPod speaker. If they did this, then you could also imagine indie people shipping TV Shows as apps as a viable model for the first time, completely skirting Cable networks.

jcampbell1 7 days ago 11 replies      
> Power cord required (not shown).

What the hell is this about a "power cord". The specs and details are totally not clear. Is this not powered by HDMI? If it requires a power cord, these images are deceptive marketing.

ChikkaChiChi 7 days ago 5 replies      
I think people aren't understanding how awesome this technology is:

1. Every time someone shows you a YouTube video, you spend 10% of your time watching it and the other 90% thinking about that one video you know of that's funnier. With Chromecast, you can queue that sucker up for nexties right from your own phone, without interrupting the video that's currently playing.

2. Chromecast does NOT use the resources of the device used to control the TV for processing...its don't on the dongle itself. This will save battery power, minimize bandwidth consumption, and you can do other things with your phone while watching things on the TV.

3. If it can run Chrome, it can cast to Chromecast. Apple, Microsoft, and Google devices playing together in one ecosystem. No more throwing the babies out with the bathwater.

4. $35.00. Thirty-five dollars for a device that ups the WAF most HTPC nerds have dreamed of for years! I would have bought this at $100!

This is what the Nexus Q was meant to be, but hardware drove the price down dramatically.

I haven't been this excited about a new piece of hardware since the iPhone. This is a game changer.

untog 7 days ago 3 replies      
Worth noting- the $35 Chromecast dongle comes with three months of free Netflix membership (including for existing users), which makes the thing very cheap indeed.
pwthornton 7 days ago 4 replies      
I'm a little confused by this device, and I haven't been able to find the info from Google.

Is it that this device acts like an AirPlay receiver of sorts and accepts a video feed from an approved device or is it that the device simply acts as a remote and the device gets its own stream from Internet sources? The latter is much more intriguing than the former, although both have issues for sure, but hard to complain for the price.

It's an interesting concept either way. I don't see it as a huge threat to the Apple TV or Roku, as both do a lot more and have dedicated controllers. Using an Apple TV with an iPhone is nice in some respects, but the wifi connectivity isn't great. A Bluetooth pairing would be exponentially better. It doesn't appear this device uses Bluetooth either.

As I see it, I could envision having an Apple TV or Roku for a main TV and something like this for another TV or for a computer monitor than can support this.

pyalot2 7 days ago 3 replies      
"Sorry! Devices on Google Play is not available in your country yet.We're working to bring devices to more countries as quickly as possible.Please check back again soon."
ryandvm 7 days ago 0 replies      
I'm curious to see what kind of Chromecast support they build into Google Hangouts.

Right now we have meetings on-site and usually have one person in the meeting running a Hangout on a laptop to communicate with the remote folks. Being able to have a "portal" to all the remote attendees would be awesome.

joosters 7 days ago 0 replies      
Whats the privacy policy? Do I need a Google / Youtube account to use it? Just what data is shared with Google? E.g. Will all my viewing habits be stored? Will Google ads on my browser suddenly target me based upon my TV use?
dm8 7 days ago 2 replies      
If it works as advertised, this could be disruptive. They made it dead simple to stream content from any device to your TV. So anyone can use it, particularly the older generation.

Potential for number of apps that could be developed is endless. Apparently, Washington Post is building an app on top of it (http://t.co/dTWesNOoIC). So possibilities are endless. And good news - another step towards making cable TV irrelevant.

P.S. I just bought one. Can't wait to play with it's SDK.

darkchasma 7 days ago 1 reply      
Chromecast is not available in your country.

I live in Canada. Apple seems to be able to make this stuff work, why can't anyone else?

rlu 7 days ago 1 reply      
Does anyone know if you can stream non-online videos? Like if I have a video file on my computer and want to play it on my TV, does Chromecast allow for this?
martingordon 7 days ago 1 reply      
It's $35, but it only offers the Airplay receiver functionality of the Apple TV (I don't think it will do display mirroring of computers and Android devices though).

From what I've read (please correct me if I'm wrong), the Chromecast doesn't function as a standalone device. In other words, you need a smartphone/tablet/computer to play things on it. It doesn't have its own interface where you can browse and play content like the Apple TV does.

jscheel 7 days ago 2 replies      
I'm confused. Can it grab and process the stream itself? So, if I pull up netflix on my phone, start a video, then force close netflix, will it still be playing?
amalag 7 days ago 3 replies      
Will this bypass the need for a Hulu Plus subscription for TV watching? Hulu plus allows you to watch Hulu on a big screen device in addition to tablets.
smackfu 7 days ago 0 replies      
Makes much more sense as a product than last year's Nexus Q.
tremendo 7 days ago 3 replies      
Nice, since the Play store says "We are out of inventory. Check back soon." https://play.google.com/store/devices/details?id=chromecast&...I'm confused about it being USB-powered. Does it need to be plugged to both HDMI and USB at the same time?

Edit: The Buy button forwards to the Play store, where it's "out of inventory". They could change the wording to "Sold Out!" and then brag about that.

edtechdev 7 days ago 1 reply      
This is useful for educational purposes, too - wirelessly streaming from a chrome browser or chromebook to a projector (via hdmi to vga adapter).

(An alternative if you have a laptop connected to the projector is to run AirServer to act as a virtual Apple TV, and then either airplay from your ipad or run AirParrot from a windows tablet. Of course Chromecast will be the first solution to work from android tablets, too, since Miracast solutions still seem to be non-existent or not so great.)

rplacd 7 days ago 1 reply      
The Chrome and Android teams don't seem to be great bedfellows, it seems - it isn't clear to me what demarcates Chrome-branded products from products running Android in areas far from their original targets.
Ricapar 7 days ago 1 reply      
Any word on if I can stream whatever is on my Android screen to this?

There are many times where I have pics on my phone (either via the phone's camera, or Picasa, G+, etc) that I want to show people at home - but there's no easy way to show them without having to pass around a tiny screen.

shanselman 7 days ago 0 replies      
It'd be epic if this supported ALL the "AirPlay" type tech...PlayTo, AirPlay, whatever "throw my video up there" formats exist.

I like the price and ordered one, but if it only supports Google's format, that'll be a bummer. I want this for AirPlay.

rdl 6 days ago 0 replies      
I wonder how best to use this with a local Plex Media Server. I only really have one projector/ht directly attached to the media server right now, but in a future where I have N TVs throughout the house, it would be nice to have a $35 device on each to stream content. AppleTV support is pretty weak for PMS.

I'd really prefer wired gig-e, though. 802.11n is borderline for a busy network with several video streams. At that point I'd end up running a bunch of separate wifi APs, which raises the cost to where real wired devices start to be cheaper again.

lnanek2 6 days ago 0 replies      
This doesn't seem much different from the MediaLink HD that HTC has had for over a year now. Although that ran Android and this runs Chrome. Both were capable of talking to NetFlix and other content URLs directly once they got the WiFi information from your device. This helps devices save battery since they don't have to download the data just to resend it, and don't have to transcode anything.

That said the MediaLink HD often had lag issues that kept it more in the realm of presentations and media and made it difficult for real time games. Even for presentations I'd often carry my own WiFi AP around with me or find ways to get it just to connect between the phone and device to avoid them. Home performance is probably better than conference and event performance.

I recently tried a Netgear Miracast adapter to send HDMI from an HTC One and the lag is completely gone. I haven't tried Google's implementation of Chromecast yet, but I'm suspicious it won't be nearly as lag and trouble free as a WiFi Direct only device like the Netgear, though. You have a whole extra OS running device in the chain to make things a pain. So I'm suspicious the extra complexity isn't worth it for this class of devices.

marcamillion 7 days ago 2 replies      
This is cool....the only thing that is a bit annoying is the fact that the audio won't be 5.1, it will likely be stereo.

I mean, for YouTube videos it doesn't matter.

But if you are streaming a movie or something, then that may be an annoyance.

But that could just be me.

This is assuming that you have a digital audio source plugged directly into your receiver ofcourse, as opposed to your TV.

ambiate 7 days ago 1 reply      
The device has a microUSB port. The microUSB powers the device. The device plugs into the HDMI port. The device requires a microUSB powered cable to operate while plugged in through HDMI.
vinhboy 7 days ago 0 replies      
This is a $35 AppleTV. Well played google.
mahyarm 7 days ago 1 reply      
They should make a cheaper audio only version for the speakers in your bedroom, etc. Kind of like the airport express. Maybe one with just a stereo jack and one with the same ports as the apple TV.
lotu 7 days ago 3 replies      
Okay maybe this is really obvious, but how do I tell a device with no input which wifi network to connect to and what the password for it is?
majurg 7 days ago 0 replies      
Well, just purchased mine. I was a little peeved that my nexus 7 didn't have HDMI-out, but this device looks perfect.
Rayne 7 days ago 1 reply      
This device is really appealing, but I am extremely disappointed that it can only mirror chrome tabs. I'd be much more interested in this device if they would throw out some native applications to mirror a whole screen like Apple's Airplay can.
kayoone 6 days ago 0 replies      
So it seems not to be an actualy HDMI reciever that just outputs your devices screen on the TV so that you can do anything with it like playing back moviews, playing games on the big screen etc ?Thats that, i had hoped it was basically a Miracast reciever..HTC has a similar device called the Media Link HD which does this, its $90 though but seems to be the way to go for me as i dont want to be limitied by whats possible in chrome.
kleiba 5 days ago 0 replies      
With Chromecast, you can easily enjoy your favorite online entertainment on your HDTVmovies, TV shows, music, and more from Netflix, YouTube, Google Play, and Chrome

...as long as you live in North America.

kayoone 7 days ago 0 replies      
Awesome that its so affordable. HTC has a similar device called Media Link HD which costs around $90 and i considered buying it. Chromecast all the way :)
jasallen 7 days ago 0 replies      
Google may have just won the game, with an infinitely more simple approach than Apple TV, Xbox, and PS. What disruption is all about. Not a Google fan boy, but bravo.
TomAnthony 7 days ago 0 replies      
Not available in the UK, but given the specs I'm unsure what should prevent it working as is in the UK?
tjbiddle 7 days ago 0 replies      
Looks like if you refresh enough it will allow you to purchase - Just ordered one. Took a lot less time than the Nexus 4 ordering process ;-)
zaidmo 7 days ago 1 reply      
I dont understand how you stream content from your device to the Chromecast.My PC has Windows Media Player, my Windows 8 phone has XBox SmartGlass. Would these applications allow you to stream to the tv. I am abit lost...
dtparr 7 days ago 2 replies      
Has anyone seen thing regarding how setup works? That is, how would I choose a SSID and enter my wifi password since my 'remote' would normally talk to it using wifi?
elleferrer 6 days ago 0 replies      
It's powerful, it's cheap ($35 vs $99 for Apple TV) in no time, this device will be on every other tv. Just imagine all that data...this is definitely a game changer. This is awesome.

Here's an article on the Difference Between Chromecast and Google TV (an Interview with Google's SVP of Android, Chome, and Apps: Sundar Pichai) http://allthingsd.com/20130724/sundar-pichai-on-the-differen...

tejaswiy 7 days ago 2 replies      
I wish this did a full laptop display mirroring like AirPlay. Looks like this only works with Chrome, so it looks like I can't rent / download a movie on a different service (say iTunes) and play it on my TV.


sergiotapia 7 days ago 1 reply      
Does this work internationally? I mean, it's just a dongle. Can I have a friend purchase it in the US and have it work fine in Bolivia?
solnyshok 6 days ago 0 replies      
Some compared this to AppleTV, but I would love to point out sellers of overpriced hdmi cables ($20-60, gold plated bla-bla-bla together with new TV). Also, Samsung sells wifi dobgles for their SmartTVs for $60-80 in my country. Hopefully that business will get more reasonable...
umsm 7 days ago 0 replies      
I'll buy this once there is wide adoption. I would like either a Bluray player or VLC to support this.
bostonvaulter2 7 days ago 0 replies      
Did they stop offering the three free months of netflix? I don't see it mentioned anywhere on the page or amazon listing anymore.
mrbill 7 days ago 0 replies      
Just bought two - one for each TV in my house. I already have tons of media-streamer devices (TLBB XBMC, Pivos DS, Roku, etc) but they should be nifty.
ctdonath 7 days ago 0 replies      
Any bets on how soon Apple respond by opening the long-rumored AppleTV App Store?
cyanbane 7 days ago 0 replies      
If this works as an access point I wonder what the pairing will consist of and how easy it would be to stream "things" to neighbor's houses.
johnmurch 7 days ago 0 replies      
So it's like an apple tv where you can push streams from your iOS or andriod device (e.g. youtube) but what about browser/app integration?

I would love to be able to create a "widget" that sits on my tv and has internet. I could think of a ton of things. Like snapchat but for videos .. just saying :)

scarlson 7 days ago 1 reply      
At the same price as a Raspberry Pi, why would I want one?

For me, the only benefit I see to the Chromecast is frequent travel for use on hotel televisions. Otherwise, an HTPC is going to provide superior functionality at the same cost.

msoad 7 days ago 1 reply      
What is maximum video bit-rate this can handle? Can this do real 1080 with 7.2 audio?
nausher81 6 days ago 0 replies      
Chromecast chrome extension works on PS3 YouTube App.

I just tried today and noticed, with the Chromecast extension for Chrome (https://chrome.google.com/webstore/detail/google-cast/boadge...) installed.

I am now able to push YouTube videos from my laptop to my PS3 (YouTube App). This makes searching videos just so much more easier.

alpb 7 days ago 1 reply      
Would it work to stream MacBook screen to a TV?

Because the system seems generic and it could bring AirPlay to any TV.

etler 7 days ago 1 reply      
I think it's cute how Google checkout pretends they don't already know your home address and phone number. :)
ttflee 6 days ago 0 replies      
I can smell the blood in a niche market.


eloisant 6 days ago 1 reply      
Any doc about what developers have to do to support Chromecast?
mrbill 7 days ago 1 reply      
Listed, but not yet available to purchase, on Amazon: http://www.amazon.com/gp/product/B00DR0PDNE
sthomas1618 7 days ago 0 replies      
Will I be able to use free Hulu on Chrome through it? If so, this could make subscribing to Hulu Plus unneeded.
induscreep 7 days ago 0 replies      
So it's a portable Apple TV...very interesting to see all that functionality in such a small form factor.

Still, nothing that a 5$ HDMI cable from my PC to TV cannot accomplish.

general_failure 7 days ago 0 replies      
This is a great Roku 3 competitor! Except roku can't play youtube.
jeena 7 days ago 0 replies      
As always I'm not allowed to buy it because I live in Europe (Sweden).
smmnyc 7 days ago 0 replies      
I wonder if this is why Google never released a YouTube channel for roku devices.
teamonkey 7 days ago 0 replies      
Best Buy is listing the model number as "H2G2-42"
mmcclellan 7 days ago 1 reply      
Hmm, this specifically mentions Chrome for Mac and Chrome for Windows. That very well may mean no capability for Linux yet. It also doesn't implicitly say Chrome OS, so maybe Chromebooks won't work either.
YellowRex 7 days ago 1 reply      
So who is writing an app to trigger streaming from a local network file share?
cpprototypes 7 days ago 1 reply      
The "Buy Now" page has two options now: Google Play and Amazon. If I buy it through Amazon, do I get the 3 months netflix? Or is it only through Google Play?
jahmed 6 days ago 0 replies      
So its a streaming Chrome 2 Phone.
etler 7 days ago 1 reply      
Sorry OUYA. This will play any android game. :)
pawrvx 7 days ago 0 replies      
V2 feature requests:Support MHL (Power over HDMI)Windows Chromecast audio driver/chromecast monitor. So any media player can play to Chromecast...
leetreveil 6 days ago 0 replies      
Does anyone want to buy one for me and ship it to the UK? I'll make it worth your while...

Email me: leetreveil@gmail.com

mikeleung 7 days ago 0 replies      
its available to purchase on amazon now: http://www.amazon.com/gp/product/B00DR0PDNE/ free shipping with prime

fyi you can probably still cancel your order on google play store, I cancelled mine 45 mins ago...

wnevets 7 days ago 3 replies      
I already have a "smart tv", what does this give me that I dont already have?
zensavona 7 days ago 0 replies      
As always, not available in Australia...
GoNB 7 days ago 0 replies      
I have a 30" desktop monitor (Dell u3011) that I use as my "television". I can now stream a video from my iPad to my 30". My monitor doesn't have speakers. Can I still listen to audio through headphones connected to my iPad? I'm assuming yes.
subb 7 days ago 2 replies      
As always with Google, you need to ask "What's the marketing strategy behind this? Why are they making this device?"

My guess : Yet another way to consume more medias / using Google services.

ampsonic 7 days ago 4 replies      
I wonder how long until they are available on Amazon.
shuri 7 days ago 0 replies      
readysetgo 7 days ago 0 replies      
Oh I thought this was hacker news, not advertising for giant companies that don't need it news.
Why I cancelled my TechEd talks goodenoughsoftware.net
475 points by ohjeez  7 days ago   178 comments top 24
BrentOzar 7 days ago 6 replies      
I've spoken at TechEds in the US and Europe, and been in the top 10 for attendee feedback twice.

I'd never speak at TechEd again, and I told Microsoft the same thing, same reasons. The event staff is overly demanding and inconsiderate of speaker time. They repeatedly dragged me into mandatory virtual and in-person meetings to cover inane details that should have been covered via email. They mandated the color of pants speakers wore. Just ridiculously micromanaged.

sriramk 6 days ago 1 reply      
This is sad because this is the opposite of my pre-Microsoft TechEd experience.

When I was in school, I got asked to do a demo for a Senior VP's keynote at TechEd to demo how a student would use Visual Studio. My parents happened to be in the vicinity and I was chatting with them outside the conference venue when a Microsoft employee walked by and asked who they were. When I told him, he asked me to get them inside so they could watch my talk in the big keynote hall, no passes required. That's the only time my dad has ever seen speak me in public and was a very special moment - it probably influenced how I perceived Microsoft and it's employees at a young age.

This particular case smacks of no one with any such decision making authority (basically a full time employee at Microsoft) present there who could help.

singular 7 days ago 1 reply      
I can understand (though find it ridiculous) that they didn't want to give his wife a ticket, but to propose simply leaving her outside the venue alone? What the actual fuck? Was there not a human-based moment of common sense here, or at least marketing sense from Microsoft?

When people behave like that, the umbrella of some corporate behemoth doesn't prevent me from from feeling pessimistic about people (both those in question and often generally.) Sigh!

shanselman 7 days ago 2 replies      
This sucks. However it's never been my experience, and I've brought my wife to a half-dozen techeds on three continents. Sounds like systematic misunderstandings that added up into one big mess.

(I've ignored the dress code for 15 years, FWIW)

Stealx 7 days ago 1 reply      
As someone who as exhibited at TechEd before, it's a poorly run event contracted out to the lowest bidder... just like he said.

It's the Microsoft way, their events are a reflection of how Microsoft truly is.

danso 7 days ago 1 reply      
What I appreciate about the OP is that he has plenty of reason to get mad, but he also recognizable the failure as a result of systematic flaws: the lack of point people and support staff, for instance. I hope I can show as much reasonibility as the OP if I ever get caught in a shitty bureaucratic mix.
interpol_p 7 days ago 0 replies      
Wow this is horrible. I hope Microsoft does something to rectify this.

I had the complete opposite experience speaking at One More Thing in Australia. The organisers completely took care of my wife and infant son, were constantly on-hand to provide any assistance. They went beyond what I expected.

joshuaellinger 7 days ago 0 replies      
Repeat after me:

    Microsoft 201X is IBM 199X
Then everything starts to make sense: Surface. TechEd. Windows Phone.

ceautery 6 days ago 0 replies      
It sounds like they treated you poorly, and I'm naturally inclined to side with people who would abandon the exposure that a set of TechEd talks would bring in favor of not ignoring his wife, but...

...did you make your wife's inclusion part of the contract? To the folks you dealt with on site, it may have seemed that you were springing something unexpected on them at the last second. "Hey, my wife gets in free to take pictures or I walk."

Yes, it should have been trivial for them to allow that, but is it possible you came off as a bully? I wouldn't have made the same decision as they did, but I can imagine a scenario when bringing up your wife in the 11th hour would have gotten my ire up a little.

edandersen 7 days ago 12 replies      
I don't think they expected him to bring guests to a tech conference. What if he brought his kids as well? Grandma? Free $2000 tickets for all? Remember that the hired guns at these events are not paid to think, just follow orders. He should have got special clearance weeks in advance for free entrance for his family - that's the uncomfortable truth.

He will probably live to regret this as a speaking gig at TechEd as a non-MS employee is not to be sniffed at and now he has shunned the Borg - whom he must be pretty invested in skills wise to be invited in the first place. His wife could have gone and done some sightseeing while he works for a few hours.

alan_cx 7 days ago 1 reply      
Off topic, but I do love his web site.
lnanek2 6 days ago 0 replies      
I've run into some bad situations due to lowest bidder staff at conferences as well. One travel agency agreed to a bulk rate, then started charging everyone full price after the first 5 or so people. Meanwhile there were plane and visa deadlines and the like and they did this while they had visas in hand, preventing people from going elsewhere for travel and still making the trip.
marcamillion 6 days ago 0 replies      
I think this is definitely one of the more reasonable 'rants' I have seen.

I would be hella pissed if this happened to me too.

Thanks for the heads-up. After this, I wouldn't even go to a TechEd much less speak at one - I know that you need to be invited, and I am not being so presumptuous to assume that I would be, just saying that if I were....after hearing this story and MSFT's non-response, I wouldn't entertain it.

subsystem 6 days ago 3 replies      
Meh. While they sure could have been more accomodating, 30 minutes before a talk is not the right time bring up your deal breaking demands.
xutopia 6 days ago 0 replies      
I know a conference that refused to let a pregnant woman in.
chadkruse 7 days ago 1 reply      
I wonder how many +1-as-a-service startups we'll see in the next YC batch.
lancewiggs 5 days ago 0 replies      
For the antithesis of this: webstock.org.nzFamous for spending love and effort on speakers.
lazyant 5 days ago 0 replies      
OP acted correctly, actually he could have gone to his talk and explain briefly to the attendees why he was leaving.
thehme 6 days ago 0 replies      
This conference doesn't seem to be about tech anymore. Glad people are spreading the word, so MS can control & fix the damage. Tech conferences should be cool, interesting, and educational, all regardless of what you wear.
joeevans 6 days ago 0 replies      
Developers! Developers! Developers!
joeevans 7 days ago 0 replies      
Duh. Microsoft.
ohnjohn 6 days ago 0 replies      
Isn't releasing the detail about the color of pants allowed in breach of some NDA ;)
blackprawn 7 days ago 0 replies      
Too bad to hear of your experience. Having stopped MS development 15 years ago I don't miss the way that company treats developers.
Goon 6 days ago 2 replies      
So let me make sure I get this correct - you brought your wife to a conference that it costs nearly $2k to get tickets too and you expected your wife to be able to get in, sans purchasing this ticket. I think your expectations of what you bought are off. Would you expect to get your wife into a movie theater free? A music concert? Unless you worked out special arrangements well in advance how did this even evaluate to a workable situation in your head? Now you rant on HN to get some publicity from the easy to please anti-MS crowd.. can you please post up a "How Go changed my life" article next while we're trolling?
Passive Income Hacker vs Startup Guy mkrecny.com
448 points by mkrecny  5 days ago   258 comments top 56
patio11 5 days ago 5 replies      
The conversation has been known to continue:

SG: "You should join our company as chief growth hacker, since it's a great fit for your skills and experience. You'll work 100 hour weeks. We're thinking $60k a year and 0.5% sounds fair. Come change the way the people $VERB."

PIH: "Where do you get to the part of the sales pitch where I get something out of this deal?"

SG: "Did we mention the free soda?"

(I'm joking... but not by much.)

potatolicious 5 days ago 4 replies      
This post makes me happy :)

> "Worst of all, PIH is probably not trying to make the world a better place through technology."

Don't worry, PIH, Startup Guy isn't either.

There are really two main camps of startup founders I've met. There's the type that really wants to bring a vision to life - they have a pseudo-religious fervor about something, whether it's gaming, transportation, lodging, or something else. They really want to change the world, and it's not just talk.

Then there are ones that are really in it to make money. They want to create a company, exit, and go do what they really want to do. Sit on a beach, roll up to the club in a Rolls Royce, travel, whatever.

It's a sliding scale. Every founder has some balance of being genuinely passionate about what their company does, and the desire to just cash out. All said and done though, the founders I meet tend to lean much further towards the latter than the former.

bpatrianakos 5 days ago 5 replies      
What a crock. I get that some of this may be tongue in cheek but I really despise this attitude. There's this sort of weird pseudo-religious belief that by virtue of being involved in a startup you're somehow doing the world some great good.

Your new social/local/mobile app isn't world changing no matter what kind of hustler you are, no matter how much hype you put out, no matter how much money you raise. Anyone can be a capitalist for good or bad whether its exploiting a niche market segment on your own or with a startup.

I believe that regardless of whether you're on your own or do a startup, if your motivation is purely financial you can still do the world great good. Similarly, do-gooders with a grand vision can harm the world. Your stupid little messaging app can connect people from around the world and change the way people communicate (throw in some good crypto and you've done even more good for private comms) or your energy startup that's supposed to change the way we fuel our vehicles and provide clean cheap energy forever can end up doing great harm to the environment or put millions out of jobs as a side effect. These are obviously very hypothetical examples but the point is that there's no "motivation + execution = ethical/unethical success" formula.

There's way too many shades of gray to even be able to consider generalizing like this post does.

ilamont 5 days ago 6 replies      
No, the business is bootstrapped.

Bootstrapping is not a crime.

So you just work out of coffee shops and stuff?

Dumping the office or co-working space saves at least a few thousand dollars per year in rent, and potentially transportation costs and commuting time as well.

He's not funded or seeking funding, he doesn't go to the networking events and hasn't been through an accelerator.

I don't care for these things either. They tend to be time sucks and overly focused on investors.

Look, I am skeptical of those Tim Ferris apostles whose "passive income" businesses are based on spammy blogs, apps, and affiliate sites. But don't sleight startup businesses because their methods of operation don't fit your definition of a startup.

lukeholder 5 days ago 12 replies      
Can anyone identify a few example passive income apps that a single developer has managed to support? I know of bingo card creator, but what are some others?
nilkn 3 hours ago 0 replies      
Really amazed at the number of commenters who didn't pick up on the sarcasm.

But, honestly, how many developers are there making five figures a month in profit passively (more or less)? That is an extreme amount of success, far beyond what most people will ever enjoy in their life.

lifeisstillgood 5 days ago 4 replies      
What is a passive income hacker. All I really understand is someone reading the 4-hour work week, and then writing a fifty-dollar pdf on how to feed blue canaries a vegetarian diet with really long sales letters.

I would quite like five figures a month working from starbucks, so if I am missing a trick let me know

snoonan 5 days ago 0 replies      
Ok, I'll speak up as a "PIH". There are a lot of ideas that help people that will never touch VC money or can support a company with all of its overhead. It's not out of laziness. It's how a great programmer should look at all problems -- what here is redundant, manual and gets the most bang for the dev time and CPU cycles?

When you're a team of 1, your I/O bandwidth is almost infinite. If it's all in your brain, you don't have to explain anything, write anything down, have meetings, draw on whiteboards, etc. Your available time to work collapses down to solving specific business problems with every line of code or web page update. Imagine a case where you never have to compromise, argue, make brain dead concessions or spend resources on proving your position. Assuming you are right, and have a good head for business, marketing and writing half-way decent code, you can solve a small problem every efficiently. There are a lot of $20k-200k problems out there to solve that are not worth it for a company of any size to even touch.

guard-of-terra 5 days ago 1 reply      
"Worst of all, PIH is probably not trying to make the world a better place through technology. He's basically exploiting a narrow arbitrage opportunity and is probably either unethical or lazy."

Is this serious? It's epically funny if it is.

Even if PIH is trying to make world a better place, he doesn't have to do that on his "billed" time. He has a lot of time to spare for that.

applecore 5 days ago 10 replies      
Does Passive Income Hacker actually exist, or is this conversation a fantasy?

How many people are there making five figures ($10,000+) in profit a month with their SaaS product? Working by themselves, for only "20 minutes a day", with a full day of product development "every few weeks"?

ezl 5 days ago 2 replies      
1. The "unethical or lazy" is what the counterparty says to feel better about their own lives when they're failing. It's human nature to want to believe you're pursuing the best path.

2. I don't understand why people like to draw such a hard distinction. It doesn't upset me that some people prefer sushi to steak. People are entitled to their own lifestyle choices without judgment of those who make alternate choices. This isn't just a software/business/career choice issue. Paleo people love telling everyone else that their diet is the best. Many vegetarians often evangelize to others and imply there are serious moral imperatives at stake. Just because someone isn't doing what you're doing doesn't make them "lazy" or "unethical". On a side note -- I think "pursuing narrow arbitrage opportunities" is often something someone would say with disdain, but that's my flavor.

3. Most startup people aren't particularly making the world a better place anyways.

I'm sure a lot of that is written tongue in cheek, I loved it until the "narrow arbitrage opportunities" and "lazy/unethical" ending.

OldSchool 5 days ago 0 replies      
Of all income sources, I have to say the passive sort is the most desirable and scalable. You can have as many meaningful hobbies as you want if your bills are paid, unrelated to your participation in commerce.

Sadly, risk-free investment returns have been decimated by 0% funds from the US central bank. We can only hope that we are reaping more rewards through active business as a result, but Fed policy has really punished those who have been financially prudent.

maayank 5 days ago 0 replies      
"But what about dev, marketing, customer service etc?"

"I've automated 95% of the non-dev. The other 5% of non-dev I deal with in about 20 minutes a day. Every few weeks I'll have a big dev day."

Any books/resources with a lot of real world case studies? I'd be very interested to hear many different accounts of such businesses. Here and there you see it on HN, but is there one that has many together?

Dewie 5 days ago 1 reply      
It is apparent from the comments here that many don`t realize that the author is being sarcastic. I wonder what it is about the delivery that this fact isn't obvious enough? Because I think that there has to be something with the article if so many interpret the tone of it incorrectly.
pmelendez 5 days ago 3 replies      
"He's basically exploiting a narrow arbitrage opportunity and is probably either unethical or lazy"

This sentence made me uneasy. I am not good identifying sarcasm so it might be that but... How one would jump into that conclusion without knowing any detail?

On the other hand, lazy is different from being not ambitious. I had several friends like that (not making 5 figures per month though)and I find that is a very legitimate way of live.

superconductor 5 days ago 4 replies      
I tried doing the passive income thing. I set up dozens of blogs with adsense, amazon affiliate links and sold software.

What happened surprised me: it was soul-crushing. I felt dirty. Turns out that meaningful work is what fulfills me. Making "free" hands-off money doesn't excite or inspire me. Totally a learning experience.

makmanalp 5 days ago 0 replies      
I think it's just such a truism these days that every company has to (often recklessly) aim for massive growth and fund that by selling off the company, that there's just a lot of cognitive dissonance when you present that that's not the only way companies can work.

It's not necessarily all derision, it's just the mind trying to reconcile new information with old.

rwalling 5 days ago 2 replies      
Oh man...he had me until he called thousands of people, many of whom I know personally, "probably either unethical or lazy."

I think we can all agree that there are multiple ways to approach startups.

The misstep Myles makes is to assume that one approach is somehow superior to another, and then take the further step of insulting everyone who is striving for something different than what he sees as the best option.

We all have opinions on this topic, and it's an interesting discussion to have. But let's try to avoid dogma and judgment.

What's right for your unique situation isn't necessarily right for the 100,000 other people with similar ambitions, but who may be in vastly different life situations or just have different goals than you do.

Oh, and call me when you're 40, married with 2 kids and a mortgage, and you're coding Perl for a bank because none of your startups made you the millions that TechCrunch promised.

6ren 5 days ago 2 replies      
A self-running business seems cool and magical - like creating a living thing... life! But, I think, for truly passive income (meaning it runs itself), he's right that it does have to be some kind of arbitrage opportunity, that will tend to stay around. By definition, it isn't intrinsically interesting or satisfying. But, in itself, there's nothing wrong with that.

OTOH, I'm not saying startup guying is the only solution - just that satisfaction requires ongoing work. Once you complete your startup (for example), you have to find something else to do - another startup, create YC... something.Why not just do what you find satisfying in the first place? It could be a startup. It could be just to make money (e.g. Warren Buffett loves making money). Or it might be something else.

Here's a twee story about a hand-to-mouth fisherman http://www.rinkworks.com/peasoup/richman.shtml

arbuge 5 days ago 1 reply      
"He realizes that Passive Income Hacker (PIH) is not a hustler, he's not funded or seeking funding, he doesn't go to the networking events and hasn't been through an accelerator."

This article rubs me wrong. This paragraph really rubs me wrong. If you're good at hustling for customers, you're a hustler where it matters. Funding (non-customer funding i.e), networking events and accelerators are secondary - lots of America's biggest businesses have been built without them.

The "passive income guy" described in the article reminds me of the Plenty of Fish founder by the way. Most "startup guys" would probably kill to be in his position...

doctorfoo 5 days ago 0 replies      
Yay, now I have a label for what I am. A passive income hacker. I don't make a lot (maybe $3K / month), but I work only ~half hour a day on my main money spinner, answering support emails. (Plus, maybe a few months solid every year or so on updating the tech.) I designed it so it doesn't have a DB or user account system, to reduce the complexity and make it easier to scale by one person with only certain skills. Users regularly ask for an account system. I don't add it; I have competitors who do have an account system, and there's no way I could compete with them by myself. A certain subset of users appreciate the simplicity of my service.

When users email me support questions, they get a personal response from the guy who made the thing. They probably don't realise either, since most contacts start with "hey X team" or "hey X guys".

Having said that, I do work a full day, on attempting to start other passive incomes, and on more fun things that have less chance of earning. So I'm not quite living a pure passive income dream yet.

scottmagdalein 5 days ago 1 reply      
I think he's being ironic.
richardlblair 5 days ago 3 replies      
Unethical?? HAHAHAHA. PIH supports themselves, and their family. They aren't a drain on the system, and owes nothing.

Realistically, Startup Guy is pissed because his photo sharing website that allows you to apply filters isn't getting traction.

icedchai 5 days ago 0 replies      
So, PIH has a profitable business. "Startup guy" is a bullshit artist.
galactus 5 days ago 0 replies      
What do we win by promoting these caricatures?
lovesgreen 5 days ago 1 reply      
Sounds like jealousy. If you can automate the way you get money, you have 23 hrs and 40 minutes a day to do something without any profit motive for true good. Startups, business, and making money don't have to be a religion.

Bill Gates will do more good with the money he made than he did by creating software.

raverbashing 3 days ago 0 replies      
"Worst of all, PIH is probably not trying to make the world a better place through technology. He's basically exploiting a narrow arbitrage opportunity and is probably either unethical or lazy."

Really, really? Regrettable

This looks like the kind of dreamy SG that only wants to do "good"(by his definition) and doesn't have an attainable goal.

Or the startup guys that want to use the latest and "greatest" so he writes version 1 with whatever.js and when he's about to launch he decided to rewrite everything in drunk_pangolin.js "because of integrity" (except that drunk_pangolin.js is still in version 0.1, has 1 part time developer and no docs)

10dpd 5 days ago 0 replies      
As someone whose Twitter account has been suspended as a result of using the OP's "Passive Income" hack, I wish he would spend more time thinking the project.
MitziMoto 5 days ago 0 replies      
I honestly cannot figure out which guy (PIH or SG) this article is "making fun of" (maybe it's both?). I've read it twice now, and it can kind of go both ways.

Maybe that's the point.

rdouble 5 days ago 0 replies      
This was like reading an excerpt of the HN version of "Rich Dad, Poor Dad" but with the opposite conclusion.
readme 5 days ago 1 reply      
>Worst of all, PIH is probably not trying to make the world a better place through technology. He's basically exploiting a narrow arbitrage opportunity and is probably either unethical or lazy.

Is this supposed to be what "startup guy" thinks, or is it also the opinion of the author? Seems like a pretty jarring assumption, if you ask me.

mhsutton 4 days ago 0 replies      
I found this post mildly amusing. It is a terribly simplified and mildly offensive comparison of two sets of objectives. Neither of which are actually right.

Startup is a phase - not a stereotype.Teams are not essential to either a startup or what you term a PIH. The skills needed for the challenge are. Not the number of people.Not all startups need nor want outside investment.Not all startups have an idea that will change the world.Not all startups need, want or are suitable for accelerators, incubators or other similar vehicles.Startup is neither better nor worse than a single person building something to improve their livelihood.

Best I can tell, the author equates a startup to what is popular in the press. Young geeks, big rounds of capital raising, buzzwords galore, huge acquisitions and all the hype that goes with it.

I think bunkum like this devalues the efforts of entrepreneurs everywhere and demonstrates such a closed mind in a space where openness is increasingly important.

nathas 5 days ago 1 reply      
How does one become a passive income hacker?
vvpan 5 days ago 1 reply      
This article is arrogant and pretentious. Come on, it trivializes one side while glorifying the other beyond reasonable. It seems to say that if you work on a startup you are the cool kid, and otherwise you are loser. Just like high school.
rubiquity 5 days ago 0 replies      
Startup-ers can be some of the most self-important people on the planet. "Passive Income Hacker" is making a living for himself and quite possibly his family as well. There's a lot of nobility in that.
Hydraulix989 4 days ago 1 reply      
What's so bad about being "Passive" Income Guy? This guy is out there monetizing with his self-bootstrapped "boring" SaaS that has real customers, while Startup Guy has blown through multiple rounds of investors' money with his quixotic third-pivot "change the world idea" that still hasn't earned a single penny but is being regularly pitched at circle-jerk networking events to the other benchwarmer wantrepreneur spectators banking on some highly improbable IPO. Wait, who did you say was unethical, lazy, and not a hustler again?
purephase 5 days ago 3 replies      
I so want to be a PIH. I just can't get enough free time to put my shit together as my day job sucks it all away.
iblaine 5 days ago 0 replies      
I have to disagree with this post. Passive Income Hackers are usually hustlers with more street smarts than technical skills. Startup Hackers are the opposite.
PhasmaFelis 5 days ago 1 reply      
Huh, are there actually Startup Guys who want to "make the world a better place through technology?" I thought the basic plan was "build and maintain an amazing, indispensable service for exactly long enough to get bought out by Google/Microsoft/Yahoo/Apple, then retire to Tahiti while the new owners fire everyone and ruin the product."

e.g. Siri before Apple: http://www.huffingtonpost.com/2013/01/22/siri-do-engine-appl...

bluekite2000 5 days ago 0 replies      
I m a developer in New York. I have a few good engineer friends I met while living in Vietnam. If any of you here happens to have a product that qualifies as a passive income product and need a tech partner let me know.
vladmk 5 days ago 0 replies      
Am I the only one who dislikes this post because of theassumptions it makes on startup founders? Statistically moststartups are bootstrapped, this was written by someone who is arguably caught up in the silicon valley hype, you don't need to get funded for everything...Also the other guy has obviously built something called a "lifestyle business" google it if you don't know what that is, the noob startup guy is way too nooby to know what that is. Unless the hacker guy is a hacker and is doing something illegal, I don't see why the conversation should get awkward...
duncanwilcox 5 days ago 1 reply      
Counterpoint (old but relevant):


The article paints non-startup guys as parasites. That's so needlessly polarizing.

The more common definition of the Passive Income Hacker is "lifestyle business", i.e. a business where you don't seek a 10-100x exit.

Personally I think if all you've done or plan on doing is an app or website, calling it a startup is kind of silly.

isaacb 5 days ago 0 replies      
This started out so well and I was hoping it would end along the lines of "different hackers with different goals," but steered way off course to some vitriolic attack on the casual hacker lifestyle.

I think if anything, bootstrapping your product to success is far more respectable than taking large sums of seed funding and potentially throwing it all away when you find that your market doesn't even exist.

jackschultz 5 days ago 1 reply      
So what if startup guy disagrees with the choices of PIH? This is another example of conflicting ideologies, and luckily, no one can do something about it. Imagine if there was a politician who didn't like the approach PIH was taking and worked to ban it because he didn't like it. This seems very farfetched, but there are examples of this happening. The ones that come to mind are the banning of sharing recourses, like AirBnB or any ride share program.
sockgrant 5 days ago 0 replies      
It was a great read, until the end where in the last sentence it was really ambiguous whether he was being sarcastic about "He's basically exploiting a narrow arbitrage opportunity and is probably either unethical or lazy."

Everything was so obviously tongue in cheek until that point.

But, the ambiguity was actually welcome because it forces the reader to wonder and in turn choose their position.

It's a fun read.

allinzen 5 days ago 0 replies      
As a former passive income hustler turned startup guy - this is so true. What's most important is to be comfortable with what you do regardless of others opinions. That's the one thing I could do without in start up land. The prosthelytizing.
liam_boogar 4 days ago 0 replies      
The stereotypes are funny, and startups, by nature, will always be filled with a majority of hustlers, but it may also inadvertently lump an entire group of startup founders -past,present and future- into the "SG pile," whom I think don't belong there.

That being said: i think i've heard this conversation and event had it (sadly, from the SG side in my less-educated days), and I think this conversation is intended to force people to ask themselves "am I a poser or do I want money?" which is a false dichotomy.

I'd rather look at people who want to make money by creating value vs. people who want make money by creating perceived value.

gravedave 3 days ago 0 replies      
Passive income always sounded to me like either a fantasy or a career of ripping people off.
brendoncrawford 5 days ago 0 replies      
Changing the world is the new blinking text, or rounded corners.
kbenson 5 days ago 1 reply      
I love how his comments section is hacker news.
chenster 5 days ago 1 reply      
The last line I suspect is out of utter jealous.
joshtronic 5 days ago 0 replies      
as a PIH and a father, I have to chime in and mention that my lazy & unethical self gets to spend a great deal more [quality] time with the family now that I'm no longer working 24/7 at a startup. sadly, no one ever gets man of the year for being a good parent.
unlimit 5 days ago 0 replies      
Loved it, brought a smile to my face. This is exactly what I am trying to do.
kennstone 5 days ago 0 replies      
:D, Get Income invest on your own business, then get customer to make it grow. It must more satisfied then look up for investor :)

Btw you must see in the end, is there FBI or any kind police knock on your door :p

So make sure your business clean!!! Cheers

wnevets 5 days ago 0 replies      
I would rather be the PIH, how do I become him?
ivanhoe 5 days ago 0 replies      
making the world a better place... mostly for themself, though...
Porting dl.google.com from C++ to Go golang.org
411 points by swah  5 days ago   120 comments top 18
skriticos2 5 days ago 7 replies      
So what I take from this is that the previous implementation sustained a huge amount of code rot and new code got layered over it with a staple instead of proper re factoring.

So he put the whole mess in a bin and re-done it cleanly with Go. Now it's much nicer. Some of Go's attributes helped along the way.

Did I miss something?

STRML 4 days ago 1 reply      
Maybe I'm showing my allegiance to my platform of choice, but the subtle dig on nodejs wasn't warranted on slide 25 (http://talks.golang.org/2013/oscon-dl.slide#25). As everyone's pal `substack` will tell you, use streams! Instead of explicit buffering, handling backpressure, etc., it's as simple as:


Additionally the link to `http-proxy` on slide 30 is misleading; 60% of that file is comments, and about 50% of what's left is websocket support, with the rest being header parsing & redirect parsing. The actual proxying bit is very simple and straightforward, and if you don't need every feature `http-proxy` offers you can do it yourself with streams in < 10 lines.

packetslave 5 days ago 1 reply      
See also https://github.com/golang/groupcache for the peer-to-peer memcached replacement mentioned in the slides.
joebo 5 days ago 5 replies      
I don't understand the need for the payload server from the slides. That makes me wonder - why not just use a HTTP server to serve the static files (e.g. nginx)? I'm sure I'm missing the obvious, but I'm probably not the only person wondering it.
JulianMorrison 5 days ago 2 replies      
What this actually means: groupcache is awesome. You just act as if the cache is full, and if it isn't, it will be. Where did the data come from? That's pluggable. And no concern of the part that just serves it up. Very subtle, very nice.
fizx 5 days ago 1 reply      
How does groupcache handle consensus?

Edit: Scanned the source, looks a like a best-effort distributed lock, rather than any sort of consensus protocol. This works for a cache setting, where e.g. having a split-brain scenario and duplicating the work is no big deal.

hosay123 5 days ago 3 replies      
Either I'm having deja vu, or despite the date on the presentation, this is at least a year or two old
azth 5 days ago 1 reply      
Pretty disingenuous on slide 58 to attempt to make the Go code look shorter than it actually is. Note how he left out all the verbose error checking code.
artagnon 4 days ago 0 replies      
While I won't dispute that Go has some cute primitives, I thought the examples were terrible. On slide 25, it talks about why a simple operation is painful (http://talks.golang.org/2013/oscon-dl.slide#25), and then goes on to evangelize io.Copy() on slide 31. Okay, so the standard library saves me from open-coding it:

  func Copy(dst Writer, src Reader) (written int64, err error) {      // If the reader has a WriteTo method, use it to do the copy.      // Avoids an allocation and a copy.      if wt, ok := src.(WriterTo); ok {          return wt.WriteTo(dst)      }      // Similarly, if the writer has a ReadFrom method, use it to do the copy.      if rt, ok := dst.(ReaderFrom); ok {          return rt.ReadFrom(src)      }      buf := make([]byte, 32*1024)      for {          nr, er := src.Read(buf)          if nr > 0 {              nw, ew := dst.Write(buf[0:nr])              if nw > 0 {                  written += int64(nw)              }              if ew != nil {                  err = ew                  break              }              if nr != nw {                  err = ErrShortWrite                  break              }          }          if er == EOF {              break          }          if er != nil {              err = er              break          }      }      return written, err  }
Uh, big deal?

The chunk of what's important isn't explained at all:

- runtime/ takes care of memory management quite efficiently with a decent tracing gc in runtime/mgc0.c. I haven't benchmarked it against other stop-the-world collectors, but it should be no match for truly concurrent gc.

- runtime/proc.c schedules various blocking and non-blocking (called netpoll, which resolves to epoll on systems where it is available) calls. It seems to account for number of cores and use native threads, but I'm not sure how it interacts with the Linux scheduler.

- runtime/malloc.goc is the core memory allocator/deallocator. Seems to be a relatively straighforward arena allocator using a bitmap.

I didn't have time to go through groupcache, but the presentation certainly didn't tell me much about it.

e98cuenc 5 days ago 2 replies      
These slides are practically unreadable in an iPhone. They are split in half and it's impossible to get a full page on the screen (I can only see the right half of the previous slide and the left half of the next slide).

Anybody has an alternative to read these slides? The content itself seems quite interesting

YZF 5 days ago 2 replies      
Interesting story. Is this a "port" or a "rewrite from scratch"? It's kind of hard to tell.
codereflection 5 days ago 0 replies      
I don't remember where I saw this, but somewhere, someone from Google said that all of their code changes every 5 to 6 months (or some reasonably short amount of time). That clearly sounded... optimistic at best. It's nice to see that even companies like Google have 5 year old old that is legacy and causing problems.
__Joker 4 days ago 0 replies      
I still don't understand why google does not give option to download via torrent ? Downloading android studio from dl.google.com last week over a slow connection was a horrible experience. I had to retry three times before I managed to get a successful download.
_random_ 4 days ago 1 reply      
It seems that Go is a good replacement for Python as well?
c0rtex 5 days ago 1 reply      
Aside: Does anyone know how these slides are generated?
godbolev 5 days ago 0 replies      
Does anyone have a link to the video?
CoryG89 5 days ago 2 replies      
too long... ?
IzzyMurad 5 days ago 3 replies      
Too many Google employees in Hacker News trying to advocate Go...
As Feds Demand the Keys, Preparing for the Death of Public-Key Encryption vortex.com
393 points by ColinWright  6 days ago   289 comments top 34
a3_nm 6 days ago 8 replies      
> Public-key cryptography as we know it today may be rapidly approaching the end of its useful lifespan.

No evidence in the article substantiates this bold statement.

- "pressuring major Internet firms to provide their "master" SSL keys for government surveillance purposes": this demonstrates a weakness of centralized public-key infrastructures, it does not follow that public-key cryptography is doomed. (See: web of trust.)

- wiretaps, snooping, etc.: everyone is welcome to grab a copy of the ciphertext, this does not prove that cryptography is futile -- quite the contrary.

- "concerns about the security of widely used cipher algorithms and a range of other associated exploits": vague.

- "it is prudent to at least assume that intelligence agencies around the globe may still be working several steps ahead of public "state of the art" in crypto tech": unfalsifiable.

- "forced the hands of chip manufacturers to include "special goodies" for surveillance purposes": I am willing to fear deliberate plausibly deniable weaknesses on accelerated hardware implementation of crypto primitives, e.g., PRNGs, but it seems very hard to believe that implementations of public-key crypto using general purpose instructions could be somehow identified by the CPU and somehow tampered with in a way which would be non-obvious somehow.

- "when governments really want to target someone, they'll find some way to compromise the associated computers directly -- either through phishing or other malware attacks, or via in-person "black bag" jobs to physically alter systems as they might feel appropriate": humans are the weakest part of cryptosystems, and if they have physical access then they win; nothing new here.

In conclusion:

> I believe it would be fully appropriate for us to be considering alternative methodologies for data protection that are sufficiently outside the existing public-key "box"

Public-key cryptography is a tool. It certainly does not form, in itself, a full "methodology for data protection", but nothing in the article justifies that has lost any usefulness in its current form.

downandout 6 days ago 7 replies      
This kind of thing makes me think the Snowden disclosures actually emboldened the NSA in some ways. Their nightmare scenario occurred, and nothing happened. Nobody even got fired or "resigned". The public's tepid reaction has brought our nightmare scenario to life - we taught secretive government agencies that they can now do anything they want without fear of public backlash. These kinds of requests can now dramatically increase, with neither judges, politicians, or the NSA itself living in fear of anyone.
johngalt 6 days ago 3 replies      
It's a neat argument that the Feds have.

If you send traffic unencrypted: 'You have no expectation of privacy, because you're broadcasting information publicly.'

Turn on encryption: 'Clearly you have something to hide, and deserve additional scrutiny. It's still not a fourth amendment violation because we are just compelling a business to give us your keys'

thewarrior 6 days ago 2 replies      
Have no doubt about it, this marks the beginning of the end of online privacy. Now that even the U.S. govt is asking for the TLS Certificates there is no country that has the moral high ground on this issue.

I'm from India and when I heard that the Indian government was asking Blackberry for its encryption keys I thought "Hah these people are so ignorant! They don't even know how public key encryption works!!". In hindsight it doesn't look very foolish. In fact they're openly building a surveillance system called CMS which has no checks and balances even on paper. Unfortunately in a country like ours with has so many other pressing issues it isn't a big deal yet.

Recently some governments tried to orchestrate a power grab of the internet via the ITU but it was vetoed by the US. "Its better to let the US govt. have a monopoly on the internet", or so I thought. What with all their constitutional protections and all. Recent developments have shattered my hopes.

The NSA's worst case scenario has already happened. Other than some modest outrage on the internet nothing much has changed. In a sense it shows a tacit acceptance of mass surveillance by most of the public. Hence my opinion that recent events mark a turning point.

With noone having the moral high ground its quite likely that all world governments and corporations are soon going to come to an agreement on permanent mass surveillance . What then ?

rdl 6 days ago 7 replies      
Sounds like not "the death of public key encryption" but the golden age of building technical controls into hardware/software which cannot be subverted by the operator, even in the face of a state agent with a gun.

Assuming the right tech is developed and deployed, this is going to be far better for everyone in a few years. Yes, it will be shitty for a year or two, but by 2020, if we actually have real technical security, it will improve security and trust for end users. Rather than "trust us", it will be "trust us, because...".

wahsd 6 days ago 4 replies      
Something that people have apparently not quite connected is that these developments are incremental steps towards and can already be considered within the spectrum of mind reading. The only reason that that a majority of today's people do not recognize the situation as squarely in mind reading territory based on examples from literature and popular culture is that the the technical limitations still retrain government, with great frustration.

Although the same heeds of danger did not suffice in the early 20th century, we are facing the same mechanics that led to the world war. We are at a nexus of an ugly transition into the consequences of the information age the same way that humanity would ultimately face demise at the nexus of the consequences of industrialization leading up to the World War, first and second part.

The problem is a generational one; the baby boomer generation, with it's industrial age mindset is incapable from internalizing the consequences of their unprincipled actions.

dasil003 6 days ago 1 reply      
> To be clear, this is not to assert that targeted, justified intercepts should not be possible under appropriate and realistic court supervision.

Why make this disclaimer? To avoid being branded a fringe anarchist?

It seems to me that we should absolutely be building intercept-proof communication privacy to the best of our ability since A) there's no such thing as perfect security and B) anything of importance eventually comes into contact with the real world where governments have immense power and don't need backdoors to do their job.

leef 6 days ago 1 reply      
This article seems to be mostly FUD. Per-session, ephemeral SSL keys are available and are used by at least Google [1], CloudFlare[2], and others.

No keys are stored, no keys can be given to the NSA.

1 - https://www.imperialviolet.org/2011/11/22/forwardsecret.html

2 - http://blog.cloudflare.com/cloudflare-prism-secure-ciphers

rlpb 6 days ago 3 replies      
A logical conclusion to this is that if/when governments start forcing people to supply them with their private keys, they will also start forcing companies producing encryption software to include backdoors.

At this point, I'm thankful that we have Free Software. With access to the source code, forcing the insertion of a backdoor is futile, since somebody else will fork and remove it. With Free Software, we'll still be capable of running our own encryption in a way that government intrusion will still be detectable by ourselves.

Unless, of course, governments then ban communication about backdoors, or instructions on removing them, or distributing source code altogether.

anovikov 6 days ago 1 reply      
Broad solution to all this is building your lives in business in a way government can have a minimal control of. Just do what it requires and keep everything else encrypted and anonymized. And don't rely on government for anything, for we are heading for a world of global government failure: people and institutions are going to ignore and circumvent them all, and make them dysfunctional. In a way, that will be like communism: there is little government can be of help nowadays, and it is more and more becoming a nuisance.
digitalsushi 6 days ago 1 reply      
The only thing I get really spooked over, is that eventually it gets to a point where the government starts demanding passphrases for hard drives with no hidden encrypted partition.

Am I being paranoid? Someone sensible please dilute my paranoia.

macspoofing 6 days ago 5 replies      
Does the Federal government not understand that this (idiotic) mass scale surveillance is bad for business? All the big American companies generate most of their revenue outside of the US. Majority of the user-bases of the big Silicon Valley tech companies are foreign. This only works if there is a level of trust in the American system and American government. What are they thinking?!?!
mrmekon 6 days ago 0 replies      
And as Feds demand skeleton keys to buildings, prepare for the death of cylinder locks?

Prepare for a change in how we use it, not for its death.

forman00 6 days ago 2 replies      
If anyone's interested in learning more of how you can use the private key of a server to monitor all communications: see, for example, US Pat. 7,543,051

It describes a way to passively/non-intrusively ("invisible to the server") capture and analyze all network traffic using a cable-tap.

Bottom of column 8: "In order to accomplish decryption in a timely manner the secure traffic decryption unit needs the private key of the server. Usually providing the server's private key to another device would be considered a security flaw, since private keys are not meant to be communicated to any other party. But since it may be assumed that usually the server's owner or operator will use the present invention to monitor his/her own server, providing the server's private key to the secure traffic decryption unit does not pose significant security risks."

kenster07 6 days ago 0 replies      
Articles like this miss the main issue.

Privacy rights should not have to be enforced at the public key encryption level.

Before all the sensationalists start going wild, remember that the NSA almost got defunded very recently. That is where the real frontier of this debate should be.

At best, this episode exposes how vulnerable public key encryption is. But let's not go off the reservation.

masswerk 6 days ago 0 replies      
Just a thought:For the better half of the 20th century, i.e. after WWII, Europe has been confronted and living with acts of terrorism from numerous sides (Israeli just after WWII, Palestine, left-wing, right-wing, nationalist, etc, etc) with several severe casualties. Europe's democracies (for the better part at least) stepped back from drastic surveillance measures at will. (Partly because of the example of the Eastern block. Look up: Stasi.)It worked anyway.

So: There is no possible deal of security versus freedom as it has been proposed for the last 12 years or so. Sorry.It does not make sense. There is no proportion between the losses of freedom and identity, the investment, and the reported "less than 50 use cases" for the whole surveillance system. Please stop. Immediately.

Just saying, while we are losing digital identity.

cmircea 6 days ago 2 replies      
I treat email in Gmail as publicly accessible, same for almost everything I do on the web casually.

My business data lives in Amsterdam (Azure EU West), critical services we use are based in Europe. At least in my case I couldn't care less if the big US companies handed out SSL keys.

zokier 6 days ago 2 replies      
There is just so much more to public key crypto than public web SSL/TLS.
jasonkolb 6 days ago 1 reply      
If they're not careful they're going to endanger what access they have now. If secure communication as we know it ceases to be actually secure people will start (are now) figuring out how to go around points of failure. Meaning, if they push on this too hard they'll lose their ability to listen in on targeted communication because people will have more faith in unsigned than signed keys.

All it takes is one leak of this data to throw the entire idea "gimme your private key" requests into the domain of F###ing horrible ideas.

niels_olson 6 days ago 0 replies      
Due to the nature of SCI compartmentalization, I suspect that if this happens, they're going to end up in something like symlink hell, where some FDA inspector in Kansas has root on Facebook via 4 degrees of ssl certificates.
tallpapab 6 days ago 2 replies      
Please forgive my rudimentary (and possible erroneous understanding. There are three things important to public-key encryption. The public key, the private key (together called the key pair) and a certificate. If I understand it the cert is just to give confidence that you have the correct public key. So the NSA having access to the cert is a non issue as everyone has access to same. That's its purpose in life. Also the public key is publicly available or the system wouldn't work. The only sensitive things are the private keys. Is this right so far? If I want to encrypt a message to someone I need to use that person's public key. I use the cert to make sure I have the right one. Now the message can only be decrypted with the private key. So how can the NSA decrypt such a message? They would need the private key. The ISP doesn't have it. Even if they have the private key don't they need a pass phrase to use it?

Not sure how the above applies to https or to ssh. Still, in both cases I don't think access to the cert breaks things. Indeed access to it and the public keys are essential to it working at all. (I guess one can operate without the cert too if you trust the source.)

teeja 5 days ago 0 replies      
The whole cert structure has always been a house of cards. As evidenced last year, e.g, with the Turkish provider ...

Since I first looked through the original Netscape, I've never had -any- reason to put so much trust in the hands of these Blue-Ribbon names. Or any ISP, for that matter. If US intelligence goes through with this, then only end-to-end (which has been deliberately stalled off and roadblocked and stonewalled for decades) will be left.

At that point we'll find out just how much power we've left to defend the privacy of our communications, our relationships, our finances and our movements. The Cryptocat guy may yet become a legend... or someone like him.

diydsp 6 days ago 0 replies      
As Feds hire contractors to do this work, the work will leak out of the contractors hands into the hands of those with money, such as foreign organized identity thieves. It's not just about hiding furry porn from the "Murican Gubmint," but about protecting our financial info from foreign thieves.
Mordor 6 days ago 0 replies      
Any country with secret laws and secret courts cannot be trusted, so it's only the death of US encryption (chips, software, hosting and services).
cantankerous 6 days ago 0 replies      
Really, this article is silly. SSL keys will remain useful for authentication. If you want to make sure nobody's got the master key, just do a double-Diffie-Hellman and you're square...provided the person snooping on the master key isn't trying to use it to MITM you. That's a whole other bear entirely, though.
chris_mahan 6 days ago 2 replies      
The only defense against government snooping is air gap. Don't connect your stuff to the Internet.
tallpapab 6 days ago 1 reply      
All this increased digital surveillance comes at a time when the US Post Office is under artificial financial pressure. Just last night the news reported a plan to eliminate direct delivery to the door in favor of some sort of community mail box facilities. Interesting coincidence that physical letters (whose contents are still protected by federal statute) are being discouraged while unprotected content is being collected.
acd 6 days ago 0 replies      
Maybe we should not trust central key emitting authorities but each other and our friends instead. For e.g. the government could run shadow CAs which normally perform their duties but at demand provide MITM certificates for them.
aidenn0 6 days ago 0 replies      
Didn't moxie marlinspike have an idea for replacing the current SSL trust chain?
ptaffs 6 days ago 0 replies      
The monitoring program is costing an awful lot of money, the data centers could be doing real work streamlining government processes and making the administration more efficient. We know governments, corporates, sys admins will snoop and should be objecting to our tax being used for a probably useless effort to process this raw data. Discuss tax rather than privacy, everyone cares more about that.
Yourfags 6 days ago 0 replies      
Technology changes and so does the world, whether we like it or not. The question is always, who will come out on top

I'm not really trying to be snide, but it really is an issue that's been sort of hanging around since the before I was born (1980s), who's going to control the internet and how, and whoever does is probably going to have a lot of power

jensC 6 days ago 0 replies      
Arrrg! Forget about the cloud. I'll host my servers at home, unplug them at night and watch my log files over the day :)
mtgx 6 days ago 5 replies      
Why can't PFS be a solution for this?
jokoon 6 days ago 0 replies      
well no one has to obey them.

why so much fuss about it ?

Show HN: CoreOS, a Linux distro for containers coreos.com
385 points by polvi  1 day ago   91 comments top 25
justinsb 1 day ago 1 reply      
The combination of service discovery and containerization is incredibly powerful for distributed applications. I love the idea that I can simply start a Docker container, and it can then discover its configuration and self-configure, rather than having to use Chef/Puppet/whatever.

To my mind, this is the missing answer to "how do I actually use Docker?"

I'm particularly excited by the idea of having a cluster of machines self-configure; normally this is incredibly painful, relying on multicast (not normally available on the cloud) or some ugly hacks (like using S3).

srgseg 1 day ago 2 replies      
For those utterly confused by this story, CoreOS is for running Containers.

Containers can be thought of as way of packaging an entire runtime environment which is more lightweight and more universally deployable than creating a virtual machine image.

This one slide explains it well: http://www.docker.io/static/img/about/docker_vm.jpg

philips 1 day ago 0 replies      
Brandon from CoreOS here. Check out the ec2 docs here: http://coreos.com/docs/ec2/
gexla 1 day ago 0 replies      
Geez, the rabbit hole gets even deeper. This is all great. Docker has been moving at "ludicrous speed" from the beginning and the ecosystem developing around it has been doing the same.

I'm itching to play with etcd also and hopefully it can gain more momentum than Zookeeper or Doozer did.

wmf 1 day ago 2 replies      
This could use some big-picture documentation. Does this run inside or outside the containers?
stock_toaster 1 day ago 2 replies      
Is it kind of like SmartOS but with Linux instead of Illumos and without DTrace and ZFS?
4ad 1 day ago 1 reply      
So the Linux crowd now reinvents SmartOS... Good, I guess.
shykes 1 day ago 1 reply      
And it uses Docker as the package format. Awesome :)
knotty66 1 day ago 1 reply      
I'd like a distro with ZFS/BTRFS, LXC and KVM, with a user friendly configuration layer on top. Not necessarily a GUI.

Really, a Linux version of SmartOS. I really like SmartOS but I like to get as much running in Zones as possible and there would be less friction doing this with a Linux kernel.

dschiptsov 1 day ago 1 reply      
Ready meals, yeah?)

I do remember times when there were essentially two choices - Debian or RH. There was also Suse, but the madness of making everything look like Netware, with standard, classiesc UNIX tools replaced by some home-brew programs with dozens of parameters nobody knew. It died long ago, thank god.

The advantage of Debian was that it was de-facto standard academia linux. Which means more-or-less stable and well tested, while some designs were (and still) lame. apt is such a lousy mess compared to RPM.)

Then the wave of migration from proprietary UNIXes to cheap Linux systems began, and RHEL flourished, being the OS of choice if you wish to run Oracle or Informix (the second was very impressive and still is). RHEL at that time was actively developed, well-tested, and even went through a painful transition to NTPL.

Then good people made CentOS from RHEL's sources and nowadays it is still default choice for some stable, but little bit lagging behind the popular distros Linux (it is still on 2.6.x kernels)

Then was the raise of Ubuntu. Well, it is popular, which almost never mean good.) Nevertheless for the wast majority Linux = Ubuntu. Leaving aside the crazy habit of incorporation of any new shinny crap invented by freedesktop guys, such as various init, management and settings "services" it is quite stable, and well-tested, indeed. Btw, comparing to the glorious days of 2.4 to 2.6 migration, or that NTPL stuff, there are almost no problem with core libraries and tools.

So, does anyone need a new distro? My answer is NO. It is quite easy to reduce CentOS or even Ubuntu (or Fedora, which is also infected by systemd madness) to a minimal and stable set of packages. All you need to do is exclude all Gnome-related stuff with dependencies, keeping image and fonts manipulation libraries, and X11 libs to be able to recompile popular packages.

The key idea here is begin with already many times tested sources, such as CentOS .srpm (got through tests by two separate teams) or Ubuntu's packages, cutting off unnecessary dependencies. Then you will have compatible and well-tested OS for containers or whatever else sales people call the banal para-virtualization.

Setting up your own yum repository is a matter of few hours, Debian packaging is more messy, but manageable. This is what sysadmin's job all about.

Btw, vendors such as Amazon already have done this job, so if you hate system administration (which is a sign that shopping might be a better future ,) just re-use these images - it is much better than some new "core OS".

The so-called "minimal install" of Ubuntu is also fine, and all you need to do is re-compile important packages, such as MySQL the way you like it and place them to your local repo.

zobzu 1 day ago 1 reply      
Oh look, irc channel, docs, etc.. oh and you can't get access to it without registering to something, with full details, and maybe get elected.

I would think that this is not that hard to make something similar from any existing distro, with actual build steps, etc.

Ie the "open source way", and not something with probable financial interest.

brandonhsiao 1 day ago 5 replies      
Can someone please explain what a container is? Googling 'container' doesn't seem to give me useful or relevant results.
pyotrgalois 1 day ago 0 replies      
I am using docker on my startup. It's a very useful technology. I hope that coreos is as good as docker.

I think that anyone interested on this should check http://smartos.org/. Coreos and Smartos have many things in common. I don't know if the creators of docker/coreos have tried smartos. I think they should. It's always good to check and learn from similar projects.

DannoHung 1 day ago 0 replies      
Yowza, I keep being impressed by the alacrity with which Docker based ecosystem components keep popping up.
gales 1 day ago 1 reply      
Very interesting; can this complement Flynn? (https://flynn.io/) or is it in lieu of?Also, can it run on Open Stack?
dmix 23 hours ago 0 replies      
Security-wise is containerization safer than standard operating systems? (besides being relatively new and unexploited)
frozenport 1 day ago 0 replies      
In these embedded and HPC like applications there is a significant advantage gained by having the right kernel flags (Preemption, etc).

I would like to see this distro build its kernel from source for most or every installation.

idan 1 day ago 0 replies      
Has anybody tried to get this running on Linode?

Sorry if that's a n00b question, I'm still fumbling my way around the (ever-growing) virtualization / devops landscape.

bsilvereagle 16 hours ago 0 replies      
If you like the idea of CoreOS but don't like the idea of using Docker containers, check out bedrocklinux.org.
samstave 1 day ago 0 replies      
I am super excited about this as I am doing OpenStack deployment automation. With this - I can automatedly deploy all the way out to the app on bare metal at scale extremely leanly.
alexchamberlain 1 day ago 0 replies      
This looks awesome; any info on the whos behind this?
dochtman 1 day ago 1 reply      
Ah, yet another awesome thing built on top of Gentoo.
grogenaut 20 hours ago 0 replies      
if you're core (totally stripped down os) why do you provide a discovery service I'm going to override?
visualphoenix 1 day ago 1 reply      
Is docker required/prepackaged? I'd prefer to use vanilla lxc/dhcpcd.
inthewind 1 day ago 0 replies      
Has this got anything to do with Tiny Core?
Quickly generate product screenshots in realistic environments breezi.com
377 points by NirDremer  1 day ago   87 comments top 41
sethbannon 1 day ago 1 reply      
This should save a lot of people a lot of time. FYI it's all done under Creative Commons license allowing commercial use of the images.
ryanbrunner 1 day ago 9 replies      
This is a more of a rant on an overall trend than criticism of this site completely, but I honestly do not understand the "drag to upload a file" interaction at all.

I'm in all likelihood going to need to navigate through a bunch of folders to locate what I want to upload anyway - why force me to open up Finder, reposition it so that my browser and finder are both visible, with the "drop area" visible as well, find my file and drag it over? With the default file upload that HTML provides, it's going to open a conveniently sized open window from the start, with a clear call to action on how to select the file in question, and no requirement for an awkward drag into some box on a webpage.

It really feels like prioritizing "cool" interactions over usability.

replax 1 day ago 2 replies      
Seems like this guy's images became somewhat handy afterall:


cpursley 1 day ago 0 replies      
Thanks for sharing, I'll be using it on my revamped marketing site.

I think in terms of conversion, potential users emphatically see themselves using the product with their device with this type of frame (opposed just a screenshot with no device frame).

However, I would suggest several PC shots. Like Lenovo laptop, Dell monitor, etc instead of being so Apple-centric.

jqueryin 1 day ago 1 reply      
This is fantastic. I'm surprised I haven't seen something like this before. I think you've got a great potential market here for monetizing. It's like stock photography meets product upsell.

My first suggestion would be to get similar shots to those you've already done with a female replacing the male. It's an easy way to add more shots quickly.

I also like the idea of more scenes including people. Make it look like they're having fun and also using the phone/tablet at the same time. Smiling faces sell products!

gedrap 1 day ago 1 reply      
Found it on HN on January and... Why it's free?!

I would be glad to pay for each screenshot generated because saves plenty of time and simply makes presentations look way better.

There is a channel (you already have it), there is a real problem to be solved and it's something people would pay... Sounds brilliant :)

evadne 1 day ago 0 replies      
I was trying to find screen reflection :)

The iPhone 5 screenshot area is off. Top left corner too high, top right corner too close to the right, two bottom corners too close to the right so perspective looks incongruent.

Actually content areas in almost all templates are slightly off. All these screens have gaps around them, its chrome - bezel - screen gap - pixels. Consider shooting template images with the device showing a solid color so you have the actual image area baked into the original, not with the screen turned off because youre more likely to get the placement wrong that way.

brandon272 1 day ago 0 replies      
Looks great, but it's taking forever to process the image. And I'm sure that because the app provides no feedback or indication that your image is queued, people are probably stopping the process and re-trying their upload which probably only slows things down tremendously!
enraged_camel 1 day ago 2 replies      
I really want to share this with people, but it's horrendously slow. I uploaded a 2048 x 1536 image generated from my iPad, and it has been processing it for the past 10+ minutes.

edit: over 20 minutes now. I had to restart it.

kafkaesque 1 day ago 1 reply      
It looks very nice.

Is it possible to add glare/reflection to the actual screen? It would make it look more 'integrated' into the photo's surroundings.

philjackson 1 day ago 0 replies      
Amazing. Thanks for sharing this. I'd been searching for stock images like the ones offered here in which to superimpose screenshots but always came short so just didn't bother. Now I'll bother.
joeblau 1 day ago 0 replies      
I used this for a mock that I posted on Dribbble[1]. I remember when it was first released and there were only a few templates so it's great to see that it's still growing. If the OP is here, how hard would it be to have a scene with multiple images?

[1] - http://dribbble.com/shots/1023533-Moneys-Mobile-Digital-Wall...

Yetanfou 1 day ago 2 replies      
Only Apple products there - why tailor to the minority? Globally Apple has around twenty-something percent of smartphones, thirty-something percent of tablets and ten-something percent of 'PC's'. You wouldn't suspect if you looked at the media though where it often is Apple or bust. I never understood this herd mentality and I still don't. People will start dropping Android screenshots in your iProducts, Xmonad runninng on Macs (OK, that is plausible but still...), Windows will suddenly magically run on more iProducts, etc.

Diversity is good. Apple is not very diverse. Why not add something else?

cdawzrd 1 day ago 0 replies      
realistic Apple environments :-)

(I realize there are one or two Android and Windows phones in the list, but still...)

ohwp 1 day ago 0 replies      
Why not transform the image on the client side? It will save load on the server.

But it's a nice idea!

gdilla 1 day ago 1 reply      
I love breezi. Unfortunately, it is against Apple's marketing guidelines to use their product in unauthorized ways to promote your app. It is loosely enforced, but they have pointed it out to us and asked for a takedown (politely). They can also hold it against you if they're considering you for a feature.
sbashyal 1 day ago 0 replies      
Feature request: stages like these http://www.slickwebsite.com/img/showcase1.png

Also, stages with transparent background would be nice

mgkimsal 1 day ago 0 replies      
nice idea. i can see people paying for this to use some premium background images. 3-4 generic ones are free, you could offer up a lot more custom ones for a small fee.
scrozier 1 day ago 2 replies      
Isn't working for me right now...possibly server load? But great idea. I too would pay. And I second the suggestion for more diversity in the shots. E.g., I could use one right now in the hands of a Hispanic teen girl. In general, I would need more women.
nisdec 16 hours ago 0 replies      
If you do an image search on google you can actually find companies which are using them... for example:


( Did the image search with this one: http://placeit.breezi.com/uploads/stage/stage_image/113/bree... )

chmike 18 hours ago 0 replies      
Can I have one context photo with a laptop on the top of a roller coster ? This could be a good introduction for a VC or startup conference presentation.

I would suggest to provide HP or Dell computers too because Apple computer everywhere is getting boring. Ask them to giveaway the laptop as marketing campaing.

nns 1 day ago 1 reply      
This has been discussed before over here - https://news.ycombinator.com/item?id=4988914
GuitarJ87 1 day ago 0 replies      
I created an opensource alternative a few months back, called snappshot. (https://github.com/justinjudd/snappshot)

Right now I have just posted my own images, but my goal is to get other photographers/individuals to add photos of different devices.

I am updating my webserver right now, but for now you can run it locally or deploy it yourself.

subsystem 1 day ago 1 reply      
I do wonder if something bad happens if you try to screenshot the screenshot script url, being a get request and all.
ollysb 1 day ago 0 replies      
I'd love this as a webservice (I'd pay). I need to create product shots for every customer I have (white labelling) and it would be awesome to be able to generate them on the fly.
trin_ 1 day ago 0 replies      
awesome service!

any chance of getting a good ol' boring office version maybe with a real monitor or just a laptop on a desk? the kind of people i would use this for really dont go for "macbook air with a notepad in the garden"

davefp 1 day ago 0 replies      
I'd love a way to filter the options. Scanning through all the pics looking for all the laptop ones (for example) is annoying.

Otherwise: I like it!

ceeK 1 day ago 0 replies      
Awesome. I was just the other day thinking that there should be this exact service when considering doing one of these shots. This is going to save me a lot of time, thank you. Will be much easier to create marketing assets.
jacog 1 day ago 0 replies      
Brilliant. Bookmarked.

Would love some Windows-y machines as well, all laptops are Macs. (Which is what I use, but still live in a world of Windows laptops)

triplenineteen 1 day ago 0 replies      
Correct me if I'm wrong, but it seems like you are sending a Safari user-agent string for all of the devices.

It might be worthwhile to send the proper user-agent strings for each device, so that you'll get a custom response from servers which dynamically generate content based on that header.

quadrant6 1 day ago 0 replies      
Very nice. When I typed the url of my own website, which is responsive, it didn't get the responsive version. If it did, it would be perfect.
quartus 1 day ago 0 replies      
I loaded up my first screenshot sequence of the day. http://placeit.breezi.com/3443524Please advise on how to kick up the 4d3d3d3
mjpa 1 day ago 0 replies      
I'm guessing it takes a higher resolution image than what the device would use? The sites I tried ended up rendering wrong in terms of what media queries were used...
aaronz8 1 day ago 2 replies      
I tried to drag and drop one of the images on top, but I get:

We're sorry, but something went wrong.

We've been notified about this issue and we'll take a look at it shortly.

andyhmltn 1 day ago 0 replies      
It doesn't work at all for me. I just keep gettign 500's
alevans4 1 day ago 1 reply      
Would be awesome if this had stages for industrial environments.
slawwwc 1 day ago 0 replies      
I was just looking for something like this. Works great!
aytekin 1 day ago 0 replies      
Awesome idea. Great execution.
foxhop 1 day ago 0 replies      
url2png is kicking my butt when it comes to conversions!

They get around 5 new customers for every 1 new linkpeek.com customer.

the_kat 15 hours ago 0 replies      
what are the terms of use? what is breezi doing with my uploaded screenshot? can I find that out somewhere?are the screenshots stored on their servers?
Heart Surgery in India for $1,583 Costs $106,385 in U.S. bloomberg.com
371 points by danboarder  2 days ago   264 comments top 37
DigitalSea 2 days ago 18 replies      
The first supposed fact thrown around in the medical costs argument like this is, "Well in India their cost of living is lower, so they charge considerably less, yadda yadda..." but it's obvious the price difference goes way beyond any cost of living gap. That's over $100,000 in price difference, while it is true the cost of living (salary, prices of every day items) in India is considerably less than that of the US, the gap certainly isn't 100k+

It's comparisons like these that really make you sick to your stomach. You don't see this kind of innovation in the American health system because it has been engineered with greed in mind right from the start. The lobbyist super groups, hospitals being paid kickbacks for using an exclusive medical equipment provider, the money hungry mentality of US medical corporations is more than obvious.

I think when your medical system becomes so expensive it's cheaper for people to fly out of the country, pay for accommodation and even some spending money to get the same level of care, if not higher than that of your own country, regardless of cost of living differences and other nation specific costs that's absolutely ridiculous. By the sounds of it, India is going to be the new global superpower if more and more people fly there to pay for medical treatment it benefits their economy in the end (given how a substantial chunk of the population is below the poverty line, this might not be such a bad thing).

A doctor trained in India is no less qualified than a doctor trained in the US. So expertise or training is no excuse either. In-fact I've found Indian trained specialists to be more thorough, careful, understanding and compassionate in comparison to that of Australian trained medical professionals (I'm from Australia). When was the last time you saw or heard of a poor American medical specialist or surgeon?

The question is: Will America ever change their ways? Or will quality medical care only be reserved for those who can afford decent medical insurance or have jobs that provide fair medical benefits?

One thing is for certain, this is submission is going to garner a lot of responses from both sides of the fence if past submissions along these lines are anything to go by.

riahi 2 days ago 3 replies      
Probably not going to get seen in this morass of comments, but I went back and reviewed the CMS data that the article cites.

The article used the Diagnosis Related Group (DRG) 238 - Major Cardiovascular Procedures without Major Complications. This is the best guess at capturing the costs of "Open Heart Surgery". (CMS only releases data for the top 100 DRG codes). "Open Heart Surgery" is a term for a variety of surgical procedures done on the heart, including valve replacement, vascular repairs of the aorta/vena cava/pulmonary vessels, and coronary bypass. These span a wide variety of DRG codes, including 216-221 for valve replacement, 228 (other cardiothoracic procedures with major complications), and 231-236 for cardiac bypass. Assuming we are comparing the operation known as coronary bypass grafting, then 238 is a decent enough code to use, with the proviso that it's not the best source for data.

Looking at the numbers claimed: If you download the Excel file from CMS [1], you can sort by DRG and Provider Name. Yes, if you search by DRG 238 and filter by Cleveland Clinic you will get $106,385 charged to Medicare. However, what the article completely leaves out (and anyone in medical practice will assume) is that Medicare simply does not pay the amount covered. Average Total Payments by Medicare: $26,898. That's how much Cleveland Clinic gets reimbursed, on average, by Medicare for any procedure included in DRG 238.

It gets more interesting when you include all providers and sort by average total payments. The highest average Medicare reimbursement to anyone for DRG 238 is $54,682; the lowest $13,233. Another interesting example:

In Alabama, at Brookwood Medical Center, DRG 238 covers $111,008 and only reimburses $15,552.

These comparisons of the US system to outside countries really need to compare average US reimbursement to their stated cost, because they sure aren't funding an army of administrators to get the insurance companies to pay up.

In summary, you can get "open heart surgery" in the US (Alabama) for "$15,552". I wonder what the Alabama price is if you walk in and offer to pay cash. If you can get it at the Medicare reimbursement rate, that compares decently to the Indian price.

[1] http://www.cms.gov/Research-Statistics-Data-and-Systems/Stat...

patio11 2 days ago 4 replies      
Somewhere there is a forum of doctors saying "Pfft, the US firm wants $100k for the patient records system and the Indian firm wants $1,000. Those greedy bastards! They live in a toxic industry which acts as parasites on us noble public servants saving lives every day. It serves them right to deal with international competition finally.

Let's go with the Indian bidder. What could possibly go wrong."

rayiner 2 days ago 2 replies      
First, adjusted for PPP that is more like $3,000. Second, nearly all personal and professional services cost way more in the U.S. Try hiring a nanny in India versus the U.S. and compare the prices.

In any case, whenever you talk about prices, it's important to try and think about it in terms of supply and demand. Why might prices for similar services be lower in India? In both countries, the price for that heart surgery is roughly the same order of magnitude as the per-capita income. But the median Indian is living far closer to subsistence than the median American. India's population is 70%+ rural and slightly over 50% are dependent on agriculture. Heart surgery isn't really an option for the median Indian.[1] While it may be financially catastrophic for the median American, between insurance, Medicare, Medicaid, etc, it is an option for the median American. The net result is that demand for heart surgeries, relative to the population, is far lower in India.

At the same time, the supply of doctors is higher. Being a doctor is considered socially desirable in India, and as a result there is a good educational infrastructure in place and plenty of candidates.

Higher supply and lower relative demand = lower prices.

I bet you can explain a lot about the U.S. healthcare industry in terms of regulatory issues, etc, but the magnitude of the impact of that is probably the difference between the U.S. and the UK, not the U.S. and India.

[1] It should be noted that when people give anecdotal reports about what things are like in India, there is tremendous perspective distortion. People will often pretend like relatively well-off people living in the cities are the "typical Indian" when in reality they're probably in the top 10%. It's as if the vast majority of India, poor and rural, doesn't exist.

danboarder 2 days ago 2 replies      
I found it fascinating how this goes way beyond wage differences -- it's a serious focus on fiscal efficiency. The entrepreneur behind this has opened 21 new hospitals in India focused on bringing more affordable care:

"...he has cut the price of artery-clearing coronary bypass surgery to 95,000 rupees ($1,583), half of what it was 20 years ago, and wants to get the price down to $800 within a decade."

This leaves me wondering: Where is the innovation toward affordable care here in the USA?

tenfingers 2 days ago 3 replies      
I'd like to point out that the price difference is most likely to do with the marked conditions of the health care in general, and has nothing to do with the quality of the operation itself.

There is a big problem with health care in most countries that I've been living into for extended periods of time (France, Italy and to a lesser extent Germany).

Anything sorrounding "medical" and/or "health care" has a 10x-100x price blowup, for absolutely no reason. I'm not even speaking about surgery, I can start by phisiotherapy consumables, such as elastic bands. Elastic bands are used in phisical rehab. They are dirt cheap, usually, if you buy them inside a child play store. But behold, if you buy the same stuff from "Thera Band", which is officially sold to hospitals and clinics, a couple of meters of the stuff will cost you 20-30 times more. I worked as an assistant in a phisical rehab clinic for several years, and this kind of bullshit is amazing, because it goes for everything (air balls, plastic rods for balancing excercises, and so on). The price inflation goes even higher with actual machines.

There is a machine which is called "Rehab 3xxxx" (produced by a clinic around here which I helped develop, so I won't disclose the details), which is just a linear actuator which moves back and forth. Literally, nothing more. There is an embedded controller which allows to tune the extension limits, and a couple of ABS plastic accessories that hold to the knee, wrist, etc.

The idea is just to move the articulation, and/or rotate it, over and over. You would think that there is something "fancy" about it, to name a few details which I wished this machine had:

* force feedback to stop the motion (right now the machine will just twist your arm as configured, no matter the force)* speed regulation (who needs it? just one speed is good enough)* some sort of patient-id so that you don't need to reconfigure it each time

But not really. Like I said, this is just a dumb linear actuator, with incredibly cheap ABS plastic accessories and a fancy name. Price? 30k euros in the basic kit.

The funny part: for anything medical, you have to demonstrate that this machine is effective somehow. So we had a trial in an hospital, wrote an article about the effectiveness (or lack thereof) and did some paperwork. The idea is that you just have to demonstrate that it doesn't hurt. Of course, a physiotherapist will be twice as effective, but it's more expensive on an hourly basis, so that's why clinics love to buy the machine and just let patients sit on it.

I'm literally disgusted, but I can see everything around "medical" equipment having the same issues. All the economy surrounding hospitals, doctors and equipment is essentially broken, because there's essentially no competition, assured money (by the state in this case) and a lot of corruption going on within the clinics and medical companies (unfortunately).

edit: english.

zaroth 1 day ago 0 replies      
Bloomberg is comparing apples and oranges, to the point of caricaturization. They are also link baiting with false statements.

First, the link bait: "The same procedure costs $106,385 at Ohios Cleveland Clinic, according to data from the U.S. Centers for Medicare & Medicaid Services." Funny thing is they actually cite their data source, so I downloaded the Excel sheet and looked for myself. The $106,385 is the "Average Covered Charges" for "238 - MAJOR CARDIOVASC PROCEDURES W/O MCC" at Cleveland Clinic. If you read the definition of "Average Covered Charges", it is not the cost of the procedure. The cost, aka "Average Total Payments" was actually $26,898. That's what medicare pays, including co-pays, deductibles.

I spent a few minutes browsing http://my.clevelandclinic.org/ - the Ohio Cleveland Clinic has over 3,000 physicians and scientists, 1,700 residents and fellows in training, with 47 buildings on 167 acres. They helped develop coronary bypass surgery in 1967.

Shetty (the "Henry Ford of heart surgery") is standing on the shoulders of giants, and as well he should. The Cleveland Clinic and Narayana Hrudayalaya coexist symbiotically, and I'm happy we have both in the world. Coronary bypass surgery has to be invented first at Cleveland Clinic before Shetty can put it on the assembly line.

If you have the time, read the Cleveland Clinic's 2012 Annual Report (http://viewer.zmags.com/publication/71bd62a6#/71bd62a6/1) and you can see what they think they are doing differently to provide the best service, continue driving innovative research, support their local community, and reduce costs. Take a minute to appreciate the breadth of research that goes on in their facilities, in areas including high-performance computing, robotics, 3D printing...

Cleveland Clinic had $228m in Operating Income on $6.2b in Revenue in 2012. Their $6b in expenses are dominated by $3.5 billion in "salaries, wages, and benefits" which unfortunately is not broken down much further that I could find in the report. "Functionally" their expenses are $4.7b healthcare services, $450m on education and research, and $663m on G&A. I was disappointed to see their education and research expenses are less than their G&A, but it's hard to draw conclusions from such high-level data. It was interesting to note they have $1.6b of accumulated pension benefits, which are 68% funded.

Unfortunately there doesn't appear to be anything resembling a financial statement on http://www.narayanahospitals.com/.

danso 2 days ago 6 replies      
Can't resist posting this anecdote from Atul Gawande's (best known for his New Yorker medical pieces, such as the one about checklists) book, Better: A Surgeon's Notes on Performance...at the end, he describes spending some time in India as a visiting surgeon to see how innovation was possible in comparatively squalid circumstances. The Nanded hospital he describes below serves 1,400 villages, about 2.3 million people, with just 9 surgeons (Gawande says that'd be comparable to the state of Kansas having 9 surgeons):


note: It's a little OT, but I guess it's an interesting anecdote because it talks about how absolutely significant surgical innovation (not just, "good for the India masses") can occur in desperate situations. I have no idea if that applies to the state of the art of heart surgery in India.


Among the many distressing things I saw in Nanded, one was the incredible numbers of patients with perforated ulcers. In my eight years of surgical training, I had seen only one patient with an ulcer so severe that the stomachs acid had eroded a hole in the intestine. But Nanded is in a part of the country where people eat intensely hot chili peppers, and patients arrived almost nightly with the condition, usually in severe pain and going into shock after the hours of delay involved in traveling from their villages.

The only treatment at that point is surgical. A surgeon must take the patient to the operating room urgently, make a slash down the middle of the abdomen, wash out all the bilious and infected fluid, find the hole in the duodenum, and repair it. This is a big and traumatic operation, and often these patients were in no condition to survive it. So Motewar did a remarkable thing. He invented a new operation: a laparoscopic repair of the ulcerous perforation, using quarter-inch incisions and taking an average of forty-five minutes.

When I later told colleagues at home about the operation, they were incredulous. It did not seem possible. Motewar, however, had mulled over the ulcer problem off and on for years and became convinced he could devise a better treatment. His department was able to obtain some older laparoscopic equipment inexpensively. An assistant was made personally responsible for keeping it clean and in working order. And over time, Motewar carefully worked out his technique.

I saw him do the operation, and it was elegant and swift. He even did a randomized trial, which he presented at a conference and which revealed the operation to have fewer complications and a far more rapid recovery than the standard procedure. In that remote, dust-covered town in Maharashtra, Motewar and his colleagues had become among the most proficient ulcer surgeons in the world.

GFischer 2 days ago 0 replies      
I've posted about this a LOT here on HN, because I live in a country (Uruguay) that has a good level of medicine and prices are way cheaper (heart surgery as described would be at least an order of magnitude cheaper than in the U.S.).

One possible explanation I came up with was:

U.S. hospitals have legions of well-paid administrators doing paperwork for insurance companies, which will have legions of people doing paperwork on their side, and government doing its bit, and lawyers doing their thing. All that money is obviously not going directly into healthcare, it's basically monstruous bureaucracy friction. I suspect "real" healthcare costs, even factoring expensive U.S. doctors, would be shockingly cheap.

There are also other "hidden" legal costs, such as the cost of malpractice insurance, and overcosts due to doctors being extremely worried about being sued over malpractice and ordering unnecessary tests.

Is there a "transparent" U.S. medical institution whose expense records could be examined to come up with where all the money is going?

That said, the article compares with Ohio's Cleveland Clinic, which is the most famous heart surgery clinic. Supply and demand alone will make heart surgery there an order of magnitude more expensive, regardless of actual costs. But I've heard most U.S. clinics arent that much cheaper.




(I was really surprised by that one, why ARE ambulances so expensive in the U.S.?)

carbocation 2 days ago 0 replies      
I can assure you that the doctors doing 1-2 CABGs per day are not making $30M-$70M/year.

Alas I don't know how much the hospital takes, but I know that there are ~500,000 CABGs per year. I suspect that we as a nation are not spending $50 billion annually on CABGs, but I could be off.

pravda 2 days ago 6 replies      
It's not greed, it's a consequence of health insurance. Get rid of health insurance and prices would drop 10x.
yaix 2 days ago 0 replies      
Maybe it would make more sense to compare it to prices in Europe or other places with similar medical standards.

My guess would be $100k in the US is about $50k in other places. At least my travel health insurence charges twice the rate if I travel to the US compared to "rest of the world".

nazgulnarsil 2 days ago 0 replies      
"greed" is generally a code word for "incentives are too complex for me to bother to try to understand."
larrywright 2 days ago 2 replies      
This is over 94,000 Rupees. That is a huge amount of money in India. I'm not sure most people realize the cost of living difference between the two countries.

Case in point: I was in India (Chennai) for a week on business a couple of months ago. During that time (M-F), I had a driver who was dedicated to me. He took me to the office and back, and took me anywhere else I wanted to go. This wasn't a taxi service, he had nobody else to shuttle around. When I was working, he just waited around for me to call. The cost for all of this? US $25, for the entire week. That's what I paid the car service, so he's getting some amount less than that.

All this to say: These sorts of comparisons are not as dramatic as they seem.

swatkat 2 days ago 0 replies      
Jayadeva Institute of Cardiovascular Sciences and Research, a popular hospital in Bangalore, publish procedure charges (in Rupees) on their website. Might be interesting for comparison.


kapad 2 days ago 3 replies      
Medical tourism has hurt most Indians. 1583 USD is almost 100k INR. The average per capita income in India is 1219 USD (72k INR). This figure too is very misleading, since poverty is a huge problem.

A very simple plotting with data from wikipedia and rudimentary extrapolation, shows that more than 1.1 billion Indian's annual income is less than the current cost of heart surgery. India's total population is 1.2 billion.

Medical tourism, though very fine for a lot of folks who want a cheaper alternative, is driving up the cost of medical treatments in India by leaps and bounds. This makes surgeries, that were already very expensive and out of the reach of most Indian's even more expensive and out of the reach of even more people.

Sources: http://en.wikipedia.org/wiki/Income_in_Indiahttp://en.wikipedia.org/wiki/Poverty_in_IndiaSimpel graph of the poverty data : http://imgur.com/JngiK8W I used this to find the number of people with an annual income less than 1583 USD)

DanBC 2 days ago 3 replies      
People have mentioned the cost of MRI scans in the US.

How much would it cost to buy a bunch of scanners (full body, and bucket-type for arms and legs) and employ technicians to do the scanning and offer this as a service to hospitals?

You could have technicians working on shifts to have out-of-hours scanning.

The scans are provided in electronic format to the patient and to the doctors specified by the patient. The centre encrypts all the scans and stores them for X years to cover regulation and litigation.

There's a big capital investment cost, but you're not doing any actual medicine there (no interpretation of scans, for example) and so litigation risk is reduced. You can concentrate on churning people through the machines, you don't have to give way to emergency cases that need immediate scans.

And the price of a scan can be listed up front.

Is this a stupid idea? (Or is it already being done?)

tsax 2 days ago 1 reply      
- The hospital industry is a monopolized cartel - you usually need the approval of existing hospitals in an area before you can open your own.- The insurance industry is a cartel - there are extreme compliance costs that only a few big players can take care of.- Employer provided insurance is subsidized.- Most 'reform' of health care in the US has punished individual insurance holders while strengthening the employment-based insurance system further strengthening third-party payment systems including increasing lists of 'must-cover' mandates for health insurance. - McCarran-Ferguson act exempted health insurance from a competitive national market.- The culture and institutional incentives in US healthcare push towards extreme capital-intensive expenditures and cut down on labor-intensive expenditures even when its not cost effective for the procedures that the patients require. Hospital beds get more expensive per day while extremely unlikely to succeed procedures like proton therapy expand further.

This paper is very illuminating and comprehensive: http://c4ss.org/content/2088. Please have a look even if you disagree with the solutions and the ideology of the author. I assure you it will be worth your time.

joseflavio 2 days ago 0 replies      
I believe that the high medical costs are exactly the result of Free market in the long run. Entities will always unite to get stronger, control the market and to do so they will support little by little laws that allow this. Just my 2c, but if you don't keep your laws and democratic institutions distant from the big money... the free market will transform in a legal monopoly.
bluecalm 2 days ago 1 reply      
Another case: I live in Poland and needed a knee surgery (arthroscopy). Costs:-visit to a doctor and diagnosis (30$ per visit)-MRI of a knee (135$)-surgery + one day stay in private clinic (1k$)

So now I wanted to pay for everything without help of our health care system because that would mean waiting. When I tell people in US MRI costs 135$ in Poland they just can't believe it and this is in commercial clinic so they make money here, it has nothing to do with national health care system as I didn't use any refunds.

ctrl_freak 2 days ago 3 replies      
You would think more Americans would fly to India to get expensive medical procedures done. Or are there other issues that need to be overcome to do this?
teyc 2 days ago 1 reply      
This is classic disruption at work. There are many procedures e.g. cataract surgery costs have come down but they are such cash cows that the prices were held high. India is doing this because skills can scale if there is a system of training. It wasn't too long ago when I read the Russians invented a factory-line method of doing eye-surgery.
barking 2 days ago 1 reply      
In my country I know of a hepatologist who claims to have seen higher than normal rates of hepatitis B amongst people who have travelled to lower cost countries for dental treatment.

One country was mentioned in particular (not India as it happens).

codex 2 days ago 0 replies      
Given that surgery costs are dominated by labor costs (surgeon plus support staff) and labor costs 20x more in the US than in India (see: http://www.economicpopulist.org/content/china-and-india-real...) is it any wonder that surgery is 10x more expensive in the US? If the only cost were labor it would be 20x!
tn13 2 days ago 0 replies      
When government enters any equation and starts over-regulating in the name of "poor" the poor must be actually worried. Indian healthcare system is no less greedy than that of United states, I know several examples where Doctors would perform needless surgeries, will recommend expensive surgeries for terminally ill patients (which makes death more painful) and so on.

Indian government is a big believer in state interference into everything but when it comes to healthcare Indian government's approach is different. Instead of telling private hospitals who they should be run, Indian government builds its own hospitals. Thus private hospitals are left on their own with very little government interference. Thus those doctors can experiment while being very open about their experiments.

muzz 2 days ago 0 replies      
From the article it's not clear what the major drivers are in bringing down the costs. What I've gathered from the piece and another link posted in the comments:

* No air conditioning

* Buying used scrubs

* Buying in bulk, directly from manufacturers [1]

* Surgeons that work "typically work 60 to 70 hours a week" [1]

The additional link [1] seems to indicate that the innovation is simply volume. The highly-trained surgeons perform more surgeries, the expensive equipment is utilized more hours of the day, etc.

[1] http://m.theaustralian.com.au/archive/business-old/the-henry...

joshmn 2 days ago 1 reply      
As an American. this makes me sad. Just sick to my stomach. It's just greed.
randomtree 2 days ago 3 replies      
What is the survival rate in India after that procedure, comparing to the US?

My colleague _visited_ India and returned with a stomach flu, spent a week in a hospital.

Cardeck1 2 days ago 0 replies      
I'm not gonna go on the conspiracy road but the world is functioning on the wrong parameters. Instead of being a united civilization and help each other in order to advance to a higher level, we are fighting each other like lions for supremacy in every domain possible.

Our whole system is based on superficial needs and wants rather than focusing on what we really need as species/civilization.

How can we expect innovation and progress when we can't even cross the damn ocean without selling our souls...we can't even cross our own borders without special rules. Not to mention that racism is high in many countries. We are divided as hell. If an advanced race would watch us right now they would probably laugh hard and leave.

grandalf 2 days ago 0 replies      
For anyone interested, I'll perform heart surgery for you in India for only $1200.
tn13 2 days ago 0 replies      
One of the prerequisites for markets to work is that, both the parties should get into a transaction willingly. That premise somehow gets violated when it comes to healthcare. That is why there are too many market inefficiencies which are skewed towards hospitals and insurance companies.
keithjia 2 days ago 0 replies      
heart surgery in China: $237.95heart surgery in Mexico: $199 on Saturdays

WTF is the point of talking about is, such BS. Who here is willing to have their baby girl's heart surgery done in India vs best of the US here?

socialmediaisbs 2 days ago 1 reply      
Just had heart surgery. It's closer to $170,000 here in the states. :-/
chiachun 2 days ago 0 replies      
The situation in other Asian countries like India, Taiwan, or South Korea is nearly the same.There are still some obstables.A different environment and unknown results may be the major ones.People should try to calculate the overall outcome and costs and maybe come up with some good international insurance packages.
shameerc 2 days ago 2 replies      
I'm just curious to know the situation in countries like Russia and China, because many of my friends took their medical degree from those Countries. Is is just the education is cheaper or entire industry?
asitkumar 2 days ago 0 replies      
India is just cheap and best :> I wonder it would be great if the medical facilities in india be improved considering the huge mass of population.
pawrvx 2 days ago 0 replies      
Anything you can do, we can do cheaper, and better.
MIT Report is a whitewash. My Statement in Response tarensk.tumblr.com
362 points by woodhull  1 day ago   195 comments top 19
pkfrank 1 day ago 8 replies      
>Aaron would be alive today if MIT had acted as JSTOR did.

This may in fact be true, but this claim is leveled with the implication that MIT is responsible for his death. They surely could have responded better; taking a "non-neutral" position (actively supporting lessened punishment), but this claim seems overreaching and narrow.

freyr 1 day ago 7 replies      
"Aaron would be alive today if MIT had acted as JSTOR did. MIT had a moral imperative to do so."

It's natural to look for someone to blame. Should we lay the blame on MIT? If they had called off an overzealous D.A. from throwing the book at him, he might be alive today. Why not blame the D.A.? Or JSTOR? In any case, aiding in prosecution did not cause his death directly.

The decision to commit suicide was ultimately his own. Of all the options he had available to him, he consciously chose that option. I'm reminded of a quote by Viktor Frankl:

"Forces beyond your control can take away everything you possess except one thing, your freedom to choose how you will respond to the situation."

Aaron had the power to choose right until his last choice. Why do some people survive terrible hardships, and others don't?

According to his close friends' personal accounts, Aaron suffered from suicidal thoughts and depression for many years. Long before the JSTOR case, and long before MIT ever got involved. As long as we're speculating about things we can't know for sure, I'm guessing depression was really to blame for his suicide. That won't satisfy everyone, since it doesn't give them a powerful organization to rage against. But reality doesn't always work that way.

suprgeek 1 day ago 1 reply      
MIT "Negotiators" were the ones primarily holding out against the "No Jail" plea-bargain [1] which would have otherwise succeeded in getting Aaron the commensurate penalty for his actions.

Instead, because of their pigheadedness, the govt. got a chance to threaten him him with a very large Jail sentence leading to the completely avoidable tragedy that happened.

Whitewash indeed...his death is certainly attributable to MIT & Carmen Ortiz, et al.

[1] http://gothamist.com/2013/01/15/aaron_swartzs_lawyer_mit_ref...

GrinningFool 1 day ago 7 replies      
This is probably going to cost me karma, but here goes: "Aaron would be alive today if MIT had acted as JSTOR did"

So he has no responsibility for the decisions he made, up to and including the final one?

Yes, MIT's actions may have had influence. Or they may have hastened the inevitable - a person who makes this choice is not untroubled to begin with, and it's never about just one thing.

Ultimately, it was his choice in the end. The responsibility is his.

denzil_correa 1 day ago 3 replies      
Is this true?

    This report claims that MIT was neutral  but MITs lawyers gave     prosecutors total access to witnesses and evidence, while refusing     access to Aarons lawyers to the exact same witnesses and evidence.     Thats not neutral. The fact is that all MIT had to do was say     publicly, We dont want this prosecution to go forward  and     Steve Heymann and Carmen Ortiz would have had no case.
Was there a possibility where MIT could say that they did not want any prosecution?

thezilch 1 day ago 0 replies      
MIT's a bully, and they should educate themselves on the lengths taken by their state's legislature to help prevent suicide [0]. Aaron might have played a part in his own actions, but if MIT is OK with Aaron being classified a cyber criminal, I'm OK with setting them on the express path to blame.

[0] http://www.boston.com/news/local/massachusetts/articles/2010...

ferdo 1 day ago 0 replies      
The historical info contained in JSTOR should be free, just as Aaron envisioned. MIT long ago lost its shine as a conduit for information and has now become just another McBiz.

Long live Aaron's spirit and his zeal.

falk 1 day ago 2 replies      
If you don't agree with how MIT handled this situation, protest the MIT hackathon in October and any other MIT related events.
willholloway 1 day ago 0 replies      
A sane nation would have recognized Aaron as an incredibly valuable asset to the entire society. The American criminal justice system saw him as a dangerous threat and offered only cruel and unusual punishment. The facts point to just one conclusion: we live under an irrational and pathological criminal justice system.
ddod 1 day ago 1 reply      
It seems like objecting to the FOIA is all the report we need on how wrong/right their actions were. If they think that whatever in there is damaging to them or likely to cause people enough anger to create a dangerous climate for those involved, it doesn't really matter what MIT's internal report characterizes things as.
delinka 1 day ago 0 replies      
"...Thats not neutral. The fact is that all MIT had to do was say publicly..."

Well, the author's proposal for action by MIT is also not "neutral." Though I hold the same opinion about how MIT should have acted, I feel it's [inadvertently] written with this juxtaposition that goes from a level-headed "that's not neutral and here's why" to an emotional "they should have done X instead" which I fear reduces the effect of this statement.

However, there's been boatloads of public outcry over this whole thing and I'm certain I feel that MIT should address each and every issue people continue to raise, regardless of the how emotionally charged such statements might be.

danso 1 day ago 2 replies      
> Here are the facts: This report claims that MIT was neutral but MITs lawyers gave prosecutors total access to witnesses and evidence, while refusing access to Aarons lawyers to the exact same witnesses and evidence. Thats not neutral.

Those aren't really facts, those are assertions that could use some documentation. Which specific witnesses and pieces of evidence did the defense request (and is there a record of this) but were denied to them (and is there a record of that)?

SCAQTony 1 day ago 0 replies      
MIT obviously is conducting it's affairs like a business. Therefore, asking MIT to do the "soul searching" they promised is like asking Dow Chemical* to do so some "soul searching" searching after the the Bhopal chemical spill. https://en.wikipedia.org/wiki/Bhopal_disaster

Dow Chemical bought Union Carbide

Zigurd 1 day ago 1 reply      
What, will these hands ne'er be clean? No more o that, my lord, no more o that. You mar all with this
whitehat2k9 1 day ago 1 reply      
>his report claims that MIT was neutral but MITs lawyers gave prosecutors total access to witnesses and evidence, while refusing access to Aarons lawyers to the exact same witnesses and evidence.

I'm sorry, but where exactly did this report, or any other literature on the case, indicate that MIT refused access to the defense's lawyers?

vehementi 1 day ago 0 replies      
Kinda sucks that almost every post here is getting distracted by the "he would be alive today" bit.
crb002 1 day ago 0 replies      
Ouch. Glad Taren is holding their feet to the fire.
Pro_bity 1 day ago 0 replies      
This has to be difficult to stomach. I am very sorry for your loss.
comrh 1 day ago 0 replies      
Some serious misunderstanding of mental illness in this thread and on HN in general that seems to raise its ugly head with news about Aaron.
Edward Snowden's not the story. The fate of the internet is guardiannews.com
347 points by teawithcarl  4 days ago   87 comments top 15
peterkelly 4 days ago 11 replies      
If anything, I think this should be a wakeup call for those of us who have the capability to change things. I'm not talking about lobbying or raising attention to the issue, but the technical challenges of designing a network that is immune to all forms of surveillance. Let's treat this as an issue of computer science, not politics.

Now I'm not claiming that this will be easy (and it may not even be possible), but this whole episode has made me seriously reconsider my long-term career direction in terms of the type of research I want to be doing. Pioneers like Vint Cerf and Bob Kahn created the "Internet 1" so to speak, and everything since then has been building on that. There's been plenty of projects that have worked towards getting around these surveillance measures (Tor for example), and I think we need more things like this.

We need to fundamentally rethink the design of the Internet, because the current design is broken. Just like TCP/IP provides the infrastructure to abstract over different networking technologies and physical links (and the failure/slowness of individual links), we need something that abstracts over the basic, unencrypted (or encrypted but subject to centralised sabotage, like SSL) communication layer. Something that third parties can't intercept, at least not with anything like the ease with which they do today. It never ceases to amaze me, for example, that email is still unencrypted by default, and we don't have public-key cryptography built in to every mail client and turned on by default.

Most importantly, we need more distribution, and to stop relying on centralised service providers, who are necessarily subject to the laws of the country in which they operate (see: recent articles discussing impacts of the issue on US cloud firms operating in foreign markets). Facebook should be a protocol, not a service. Twitter should be a protocol, not a service. And so forth. This of course completely upends the business model these technologies are based on, and would need to be approached by people with a completely different perspective.

I certainly don't have the answers to these questions. But it's made me curious and it's something I'll be giving a great deal of thought to in the coming years.

As Albert Einstein once said: "We can not solve our problems with the same level of thinking that created them".

acabal 4 days ago 1 reply      
From talking to some non-tech people about this, I have a dim view of the possibility that Snowden's revelations will change anything on a political level. People seem to either not care about the power the NSA has over them, or think Snowden is a traitor that deserves death and that's enough to invalidate anything he might have revealed. Society forgets history--generations of born-here Americans have never lived in a totalitarian state, and thus don't have the frame of reference to understand why the NSA's power could lead to grave harm.

But I still do have hope, and the community at HN exemplifies it. Even if politics and society won't change enough to prevent further spying (or, on the scale of decades, a worse NSA-fueled catastrophe), at least all the smart techies of the world are growing aware, getting outraged, and getting organized over what's been revealed. In many ways, our real control over technological progress is the best we can ask for.

If you know how to program, if you're thinking about learning, if your business depends on the internet, or if you're otherwise in a position to create technology of any flavor: the responsibility is on you--on us--to shape the internet and future technology in a way that will protect humanity's privacy and civil rights for generations to come.

MarcScott 4 days ago 5 replies      
Nobody outside the HN community seems to care about the Summer of Surveillance. Everyone I talk to has the same "meh" attitude. I find the lack of concern from friends and family to be more troubling than a lack of concern from the main stream media.
logical42 4 days ago 0 replies      
While I agree with the general reasoning of the author, I hesitate to agree with its conclusion. Like most of us here on hacker news, I've been following the Snowden/Prism/NSA stories rather religiously and, for the most part, have been very happy with the rather overwhelming coverage here on HN.

But there have been those getting tired of the news; understandably so, the repetitive hum of media coverage these days is enough to infuriate anyone who has the capacity to remember stuff. The author of this article seems to be pretty infuriated at the the public's fascination with Snowden and wants, rather ambitiously in my opinion, the public to shift their attention to the core of the issue.

I'm not sure if the public is capable of maintaining interest in such a passive evil (I guess I probably don't think too highly of the public). I do think, however, that the public is capable of fixating on the Snowden story because it is a rather interesting story. And the longer the public stays fixated on Snowden, the weird guy living in a Russian airport, the longer the NSA's wrongdoings also stay in the public consciousness.

I say, keep the melodrama coming, if only to keep alive the story of injustice to the public. The success of Snowden's whistleblowing (i.e. in terms of tangible impact) may actually rest on it.

D9u 4 days ago 0 replies      
(from the article)US government should have turned surveillance into a huge, privatised business, offering data-mining contracts to private contractors such as Booz Allen Hamilton and, in the process, high-level security clearance to thousands of people who shouldn't have it

That part there really illustrates the corporate fascism which has permeated the US government.

Who's to say that some analyst working for a private corporation isn't selling our stolen information to some nefarious third-party for whatever reasons?

The idea that any "oversight" would preclude the above scenario is about as believable as the insistence by "high level" government appointees claiming that the NSA doesn't "wittingly" collect data from American's communications.

datalus 3 days ago 1 reply      
What concerns me the most about all of this is that it puts us on a slippery slope. If always on surveillance becomes the norm for people to just take as a fact of life, then it just gets worse from there. I have a couple friends who run a startup and have told me they have given up the fact that privacy is an illusion/out moded when discussing this with them. So if being recorded all the time is the new norm and letting those outside of your own self connect data points about you is okay... where does that lead? That's what I'm really worried about.

It spells out my worst fear of later generations of digital natives will actually live in a world best described as Orwellian or even post Orwellian... even more ridiculously pervasive. They wouldn't know any better.

Ultimately data can never tell the whole story, but yet we'll act on it as if it does.

n00b101 4 days ago 2 replies      
"So when your chief information officer proposes to use the Amazon or Google cloud as a data-store for your company's confidential documents, tell him where to file the proposal. In the shredder."

This advertisement paid for by your friendly, co-located, on-premise, enterprise hardware vendors.

lettergram 4 days ago 1 reply      
The whole idea of surveillance truly doesn't bother me because there is literally nothing I can do if the higher end government did ever decided they wanted me. Since the 50's they've had the ability to listen into conversations via a laser on a window: http://en.wikipedia.org/wiki/Laser_microphone and if anyone really ever believed that the internet would be much different they probably didn't think it all the way through.

Sure the internet had that possibility not to be monitored and for a time it probably was, but clearly no longer. Further, I think the idea of mass data collection is monstrous however there is nothing I, nor you can really do about that except perhaps hiding as much of our data as we can (via encryption). Even if our data is encrypted in the end if they want your data they can get your data.

The thing I find interesting about this article is the idea that eventually the internet could be closed off only to a few nation states. I disagree this would ever happen because Pandora's box has been opened and some communication will always be allowed via wireless connections, hidden cables, or some other method. Obviously, the average user might be affected, but just like the soviet union fell so would what ever country decided to block off their nation.

People don't care about surveillance for the most part, as someone already commented: "I've talked to two people about this issue. Their answers were "Whatever, I don't care" and "honestly, I get it. If they're catching terrorists..."" They do however care if you disconnect their internet, and if any country was to do that in the end it would fail. The point being, the article stated that nation states of internet would develop and my reasoning points to that not happening (at least based off what i've seen). In my honest opinion, the internet has always been a place to communicate, but about as secure with my data as a friend you never quite trust with your secrets. What scares me is not the internet surveillance or my government hunting down (in my opinion) an innocent man. What horrifies me the most is that no matter what we do the surveillance will only become more intense (as the price of computing/computers gets lower) and there is no going back. 50 years from now, what am I going to be faced with and will I be able to continue to just ignore these B.S. laws we have, or if I unlock my cell phone will I really go to jail for 10 years?

That's what thoughts keep me up at night, not the idea of my data being collected at mass online (although I would stop it if there was any way I could), but the idea that even offline walking down the street or in my own home I may be required to follow the laws which are outright ridiculous.

DanielBMarkham 4 days ago 2 replies      
"Nor would there be finally a serious debate between Europe...and the United States about where the proper balance between freedom and security lies"

Whoa horsey. The author is making the same mistake as he accuses the press of: missing the story.

If you want a good repeat-after-me line, repeat after me: "this has nothing to do with the NSA either" All intelligence agencies are either doing this or have plans to do it -- including lots of European ones which are breaking their own laws while doing so. That's yet another shoe that hasn't dropped. Who knows how long it'll take for our European friends to figure it out. Might be a while.

But the larger point is valid: the internet as a conduit between a person and the larger world is a cesspool of corporate and government eavesdroppers. We're not operating the net: the net is monitoring our thoughts and recording them for others to inspect at their leisure. This is not a good thing.

So the story isn't Snowden, and it's not the NSA either. It's what has become of the dream that was the internet, and the question of whether anybody is left that cares enough about privacy and anonymity to do something about it.

amac 3 days ago 0 replies      
This story is pathetic, it will sell news but it's pretty much nonsense. Clearly, the new era of computing upon us - networked computing - and with it will bring with lots of opportunities as well as many problems to solve.

Privacy is one such problem, but it's one we can work together to solve. Humans are capable of this, and capable of more than just writing stuff to cause division like the article.

guard-of-terra 3 days ago 1 reply      
"If, as a political dissident, you had to choose between organizing your protest on Facebook or Vkontakte, Facebooks Russian equivalent, youd be far better off doing it on Facebook."

Lol, no, you aren't.

What you do is use every platform available.

snambi 3 days ago 0 replies      
why everyone is crying about spying issue. The original purpose of internet is military. US government gave access all of access to the internet, because we all wanted to use it. That doesn't mean US govt cannot use it the way it wants to use it.
gulfie 4 days ago 0 replies      
Don't cry for the internet, it's already gone.
northwest 3 days ago 0 replies      
> Edward Snowden's not the story. The fate of the internet is.

The fate of the internet's not the story. The fate of democracy is.

The fate of democracy's not the story. The fate of our society is.

The fate of our society's not the story. The fate of humanity is.

hamsternipples 4 days ago 0 replies      
snowden is not the story. it has remained obvious to me that the NSA or whatever organization (rusian, chinese, or whatever) does not need some sort of dinosaur spygame facility to access this data.

all they need is just one underpaid programmer without a soul working at facebook to compromise the whole database.

wouldn't it be much easier in a case such as this one, for verizon to just have some retard patsy create that backdoor? I would imagine this to be a get out of jail free card for those guys really pulling the strings. all you gatta do is drop all the blame on some naive techie and let him go down in flames.

IMO, the next up in this chess game, is a traitor techie willing to compromise a whole nation to pay his bills.

New Course: The Design of Everyday Things udacity.com
347 points by dpatru  6 days ago   55 comments top 15
millerm 6 days ago 4 replies      
The "Design of Everyday Things" is probably one of the best books I have ever read on design. It's poignant for any designer of anything a human interacts with. Even though this book doesn't touch computer interaction it's completely relevant. Bonus: everyone you know who reads this book, or takes this course, will annoy you a little with the overuse of their wonderful new word "affordance". :-
kjhughes 6 days ago 2 replies      
The quality of Udacity courses combined with an updated "Design of Everyday Things" plus Don Norman's direct involvement makes this course sound very attractive. The Udacity "Introduction to Computer Science" course by David Evans, by the way, is excellent. It is the one that I chose for by sons to take online this summer. I liked the balance it provided between pragmatic programming (Python exercises completed and evaluated in-browser) and CS fundamentals (BNF introduced in first lesson, for example). This new design course may have to be next on their list.
jpatokal 6 days ago 5 replies      
In case the name doesn't ring a bell, The Design of Everyday Things is an extremely readable introduction to usability, and an absolute classic in its field:


You'll never look a door the same way again... particularly if it has a handle but still expects to be pushed open.

ThomPete 6 days ago 1 reply      
I don't understand why you would want to take a course with that book. What on earth do people expect to get out of that they can't get from reading the book?

Don't get me wrong, it's a great book, but it's popular because it's easy to understand, not because it necessarily contains actionably insights or complex issues that require a course to unveil.

maaaats 6 days ago 2 replies      
It's so weird seeing prices on courses, coming from Europe. With that said, I've taken a course heavily based on this book. It is mandatory for all comp. sci. students at my Uni. Many didn't like it, being to "soft" when they wanted to hack, and complaining that "most of it is sooo obvious". And yes, it may be obvious when spelled out, but far too often overlooked and forgotten. I quite liked it.
msvan 6 days ago 0 replies      
It's interesting how many design links pop up here. I came here with a technical background and developed an interest for entrepreneurship reading HN, and I think that in the same way a design interest develops in those who are already sold on the idea of doing a startup. It'll be interesting to see what collective interest will develop here after design has become a core part of the "HN mentality".
lovskogen 6 days ago 3 replies      
Don Norman has just released a new version of this book seems like a smart move to do a course.
swamp40 6 days ago 0 replies      
Another great quote from the book:

The same technology that simplifies life by providing more functions in each device also complicates life by making the device harder to learn, harder to use. This is the paradox of technology.

The paradox of technology should never be used as an excuse for poor design.

~ The Design of Everyday Things by Don Norman

drcube 6 days ago 0 replies      
I've never read this book but of course now I have to.

I'll suggest reading Henry Petroski's stuff, too. "The Evolution of Useful Things", "The Pencil: A History of Design and Circumstance", and "To Engineer is Human" all make the case that the design of things around us are shaped less by insight and more by evolution, incrementally building on the mistakes of the past.

If "The Design of Everyday Things" is half as interesting as Petroski's books, I can't wait to read it.

lnanek2 6 days ago 3 replies      
Don't bother trying to sign up, after they get you to make an account they tell you:> The Design of Everyday Things> Were still making this course but we'll let you know when it's ready!

Pretty annoying it gave me the option of Google/Facebook login, then made me fill out information anyway. The whole reason I picked Google to login is because I don't want to fill out a registration form for site number 1000.

mathattack 6 days ago 0 replies      
I used to give this book away to all my employees who were involved in GUI design. It is great about respecting and understanding your users, even if on the surface it's about door handles.

I wonder how this will play into Udacity, as I view it more as a platform for short quizes and testing via code. This is more a book on conceptual understanding.

sc00ter 6 days ago 0 replies      
Wonderful book, but if Norman is updating it, I really hope he drops the 'POET' backronym. It was contrived and awkward, and it's repeated inclusion felt seemed more like a slight to the publisher who changed the name from Psychology Of Everyday Things to its more approachable name.
cgag 6 days ago 0 replies      
It's strangely hard to do, but I'll go ahead and admit I found the first couple chapters incredibly dull and put this book down.
jfb 6 days ago 0 replies      
It will be interesting to see how the course is designed, given that nobody has yet to really figure out the design and pedagogy of online teaching. It'd probably be worth checking this out.
krmmalik 6 days ago 0 replies      
Has anyone had any luck signing into the udacity course on their ipad using either facebook or google login? My attempts keep resulting in a blank white screen.
Now That Its in the Broadband Game, Google Flip-Flops on Network Neutrality wired.com
343 points by hvs  1 day ago   202 comments top 34
smtddr 1 day ago 14 replies      
IMHO, this headline & article is sensational and almost a straw-man argument. I'm not sure anyone should expect to be able to run a substantial business off their home internet connection without buying a business-class connection - nor does this decision by Google somehow imply they've "flip-flopped" on net-neutrality. I run a little game-server from my RaspberryPi at home. Technically, I'm not allowed to do this. While my Comcast IP is supposedly dynamic, it only changes once every 18 months or so. But I really think the law is there for people who go overboard sending terabytes-per-hour with some crazy successful business. At its peak, my site only gets only about 5,000+ hits per month or so(because it reports real-time data and people hit refresh all the time). Like Comcast, even if Google says no, just go ahead and do it anyway. They'll probably not bother you unless you're rolling your own Netflix-clone or something, in which case you really should upgrade to business-class or get on those cloud providers.
RyanZAG 1 day ago 3 replies      
I think by now most people have learned never to trust Google (or Oracle or Microsoft, etc). This certainly doesn't come as a surprise to me, and I fully expect them to pull as many anti competitive stunts on Chrome and Android in the future as they possibly can.

The question is: what can we do to mitigate this? And no, choosing not to use Google products is about as useful as choosing not to use MS Windows was 10 years ago. We need to try and find solutions now before this becomes a serious problem.

spankalee 1 day ago 7 replies      
Disclaimer: Google employee here, though nothing to do with Fiber.

I don't really like the no "server" policy, mainly because it's impossible to define what a server is, but I understand it from a business perspective. If a business likely to use a significant portion of their upstream bandwidth, it's reasonable to charge more than a consumer who doesn't. At the same time you want to be nice to power users who aren't running a business, but who use more upstream than average and might recommend the service to others.

Personally, I think this is all a consequence of not having metered billing. It would be more fair if your bill was a function of max bandwidth, actual data transferred, and service levels (support, QoS, etc.), though I would pay more than most of my neighbors.

The headline and net-neutrality tie in are just wrong though. This has nothing to do with net neutrality, it's a service level / market segmentation issue.

arh68 1 day ago 0 replies      
I'm trying to piece together the legal basis for the whole no-residential-server thing, and the more I dig, the more baseless it all seems.

Darah Franklin's dismissal [1] of McClendon's complaint states, 'Google Fiber's server policy is an aspect of "reasonable network management" that the Open Internet Order and Rules specifically permit.' That seems like an awfully vague phrase, "reasonable network management", but here's one interpretation, offered by the FCC back in 2009 [2]:

>> Under the draft proposed rules, subject to reasonable network management, a provider of broadband Internet access service: ... 2. would not be allowed to prevent any of its users from running the lawful applications or using the lawful services of the users choice; 3. would not be allowed to prevent any of its users from connecting to and using on its network the users choice of lawful devices that do not harm the network;

'Lawful services'? 'Lawful devices'? It seems like a private git server should be allowed, after all. But that was just a draft. Franklin doesn't mention any room for exceptions, though:

> The server policy has been established to account for the congestion management and network security needs of Google Fiber's network architecture.

Okay, so "reasonable network management" is justified by "congestion management and network security needs". But then I read the FCC's 2008 decision concerning Comcast's BitTorrent RST abuse [3], and right there on the first page:

>> We consider whether Comcast, a provider of broadband Internet access over cable lines, may selectively target and interfere with connections of peer-to-peer (P2P) applications under the facts of this case. Although Comcast asserts that its conduct is necessary to ease network congestion, we conclude that the company's discriminatory and arbitrary practice unduly squelches the dynamic benefits of an open and accessible Internet and does not constitute reasonable network management.

So the FCC has indeed set precedent that a necessity to "ease network congestion" does not necessarily outweigh "the dynamic benefits of an open and accessible Internet". Franklin makes more than one reference to a certain Preserving the Open Internet Broadband Industry Practices document [4]. I found this reference incredibly brazen. Franklin claims this server issue was specifically discussed. In the document, Google actually argues

> The threat that wireless networks may develop into fundamental non-neutral platforms is real. For example, the terms imposed by most major wireless carriers purport to prohibit the use of, at minimum: ... server or host applications. ... All of these actions threaten user choice and freedom online, and adopting network neutrality rules for wireless networks will allow the Commission to take action against these kinds of practices in the future.

What the hell? Google specifically advised the FCC to disallow what Franklin specifically says is industry standard. Google is playing a Dark Knight here: the laws are bad, and Google wants everyone to feel the full force of bad law. I can't applaud them for playing the status quo so hard like this, and now that they're moving into the ISP sector it's getting more and more dissonant to hear them claim they're powerless over industry standards.

Lastly, I can't find the forum thread described by the Wired article, "But in the Google Fiber forums, employees assure subscribers the rules aren't meant to apply to Minecraft servers." I think this kind of deception is heinous. The employees can't say what their legal department will or will not state. They're maintaining a false PR stance that is simply misleading: Google (Darah Franklin) has clearly stated Google Fiber disallows servers. Tricking the public to think they are in the clear to run a Minecraft server is perhaps well-intentioned but just doesn't jive with "Don't be evil."

[1] http://lwn.net/images/pdf/google_fiber_response_to_mcclendon...

[2] http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-294159...

[3] http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-08-183...

[4] http://www.freepress.net/sites/default/files/fp-legacy/FP_Co...

wmf 1 day ago 6 replies      
IMO this headline is a little inflammatory; the (mostly unenforced) ban on servers is a pretty small carve-out. Also note that the NN people haven't been complaining much that every consumer broadband plan also bans servers.
kevingadd 1 day ago 1 reply      
I seem to remember lots of people talking about the exciting potential Google Fiber would create for internet startups and small businesses. Too bad Google doesn't feel the same way.
GhotiFish 1 day ago 1 reply      

   Your Google Fiber account is for your use and the    reasonable use of your guests. Unless you have a written    agreement with Google Fiber permitting you do so, you    should not host any type of server using your Google    Fiber connection, use your Google Fiber account to    provide a large number of people with Internet access,   use your Google Fiber account to provide commercial    services to third parties (including, but not limited    to, selling Internet access to third parties)
I think I see what's going on here, they have to assume most people arn't actually going to use their connection. So they offer it on the pretense that no one will take advantage of it.

It's why the bandwidth caps exist, it's why bittorrent shapping is happening at all. BitTorrent really did start making use of the bandwidth the telco's promised. A promise they couldn't deliver.

Frankly, google's going to need more clauses than that in order to prevent people from taking advantage of their empty promise. I can't wait to see these obvious rule patches grow like cancer.

Anyway, Why can't I share my connection? It's very easy. "Hey neighbor, take this Ethernet cable, you're welcome." Oh that's not ok? OK so why can my family use it then? I'm the one buying right and my family arn't guests. What about multiple families that live in the same house? We should order 3 packages?

This is silly. What is going on down there?

As a closing thought. People are laying these expectations of google fiber, because google fiber was supposed to be the ISP that was going to save us. If you're going to lead by example, you're not supposed to go "But those ingrates are doing it, so I can too".

nknighthb 1 day ago 1 reply      
Google has never, ever objected to server restrictions on residential connections, and the entire industry has had those restrictions for most of its existence.

Remember how big a deal Speakeasy always made of allowing servers? It's because nobody else did.

codereflection 1 day ago 1 reply      
The thing that concerns me the most if how unresponsive Google has proven to be when someone files a complaint about being wrongly chosen for having their account suspended. Just look to the recent example of Gary Bernhardt trying to get his email turned back on. https://twitter.com/garybernhardt

What's going to happen when someone's kid starts up a Minecraft server to play with his friends and Google suspends their Fiber account due to it. Most likely - they won't respond. I hate to see them turn into the next Comcast.

Zikes 1 day ago 0 replies      
This is pretty disappointing to me, I was looking forward to being able to use my internet however I please on the off chance Google Fiber ever came to my area.
jotm 1 day ago 2 replies      
That's not what net neutrality is about - the author is taking it to the extreme.

Not allowing a server on the client side is just reasonable business practice, as opposed to shaping or prioritizing traffic to the client according to the source or the client's pay plan.

rayiner 1 day ago 0 replies      
In other words, now that Google is an ISP, all the concerns that ISP's have about traffic management suddenly make sense.
nathas 1 day ago 7 replies      
Eh, I don't see a huge problem with Google saying "You can't run enterprise-level servers off of our consumer-level lines" even if they have ridiculous speeds.

"Your Google Fiber account is for your use and the reasonable use of your guests"

I'd consider small-time server software to be within a "reasonable use". If you're hosting a web server with 10 simultaneous requests, you're outside of reasonable use. Any other ISP would have turned your pipe off.

joe_bleau 1 day ago 0 replies      
From http://www.google.com/intl/en/about/company/history/

1996: "BackRub operates on Stanford servers for more than a yeareventually taking up too much bandwidth to suit the university."

1998: "Google sets up workspace in Susan Wojcickis garage at 232 Santa Margarita, Menlo Park."

I wonder, were those business class connections? Or were they maybe bending the rules just at bit at times?

anonymoushn 1 day ago 0 replies      
What does the policy mean by servers? "Hosting a server" might include hosting custom games in Warcraft III or hosting netplay games in $FIGHTING_GAME_OF_CHOICE. It might also include operating some machines that are "servers" even if they are not running any particular "server" software.
apalmer 1 day ago 0 replies      
Its not really against net neutrality in the 'traditional' sense... but its more inappropriate advertising. Google and all the other ISPs advertise their service as 10 Mbps Down/5 Mbps Up, when really if you read the fine print its ('up to' 10 Mbps Down/spike uploads of 5 Mbps but not sustained uploads... which is a fine product, and not a big dealbreaker to most people, but is definitely not what is usually advertised.
justina1 1 day ago 1 reply      
If everybody maxes out a 1 Gbps line, no one will get a 1 Gbps line.

The implication is that the broad terminology will prohibit computers doing common consumer things in addition to servers. Except that hasn't happened.

The complaint was filed by a potential customer, not someone who ran in to the restriction. In fact, it sounds as though Google Fiber keeps making exceptions for even less consumer-like things (Gaming servers in this case).

chiph 1 day ago 2 replies      
If they had said only 256 or 128 mb/sec of your 1024 mb/sec is allowed for home server traffic, I'd be ok with that. Yeah, it's a residential connection, so the TOS would surely be different. But as it stands, I now have no compelling reason to choose them over the competition (who will also be offering fast transfer speeds once Google Fiber comes to Austin)
mncolinlee 1 day ago 0 replies      
Don't these terms also forbid Chromecasting? The device itself is a server on your local network.
znowi 1 day ago 0 replies      
Google dismissed the don't be evil mantra a while ago and has little resemblance to the company of integrity so many of us fell in love with. They're so big and pervasive - it's a juxtapose of government and multinational corporation with vastly different set of goals and values. Incidentally, not very favorable for us, users. But it will take 3 Stallman's and another Snowden some time in the future for people to finally realize that :)
neura 1 day ago 0 replies      
I love the use of "should" in "you should not host any type of server using your Google Fiber connection".

For a legal document, that's a pretty muddy word. It could be just a suggestion or it could be interpreted as "shall", basically making it a demand.

jakejake 1 day ago 0 replies      
Why are ISP so terrified to say that you only get a fixed limit of bandwidth? Can you not survive in this business unless you lie and say "unlimited?" It seems we all know that unlimited actually means "some unknown number of Gb before you get a warning letter."

Server monitoring seems so easy. If you're running a serious server-based business then your upload is going to be way out of whack with download bandwidth. Why not just limit your upload traffic and let people do whatever they want?

I'd rather know what my limit was and work with it than to have my ISP tell me I have "unlimited" bandwidth, but then secretly limit or throttle me.

transfire 1 day ago 0 replies      
Sigh. To disallow the ability to run services from anywhere, particularly home, undermines the very future of the Internet's full potential as a massively distributed computational aid and data store. Google was the great hope in this. Now they too have succumbed to the $$ of acting as a cartel. Which means, eventually the Internet will be little more than a glorified cable box.
GravityWell 1 day ago 0 replies      
Sounds to me like they want to offer a Business level tier. The wording "should not host any type of server" was probably groomed by the legal team. My guess is rather than define what a server is, which is almost impossible, they are covered by that vague terminology.

The important question is to what degree do they enforce it? 0.01%? If so, then no big deal to me. I'm paying a lot more for a lot less with my current ISP. I'd be glad to endure Google's draconion rules.

mesozoic 1 day ago 0 replies      
Don't be evil... Unless you know it helps us make more money or something.
gaoshan 1 day ago 0 replies      
"Don't Be Evil... you know, generally. When it's practical. For us."
bowlofpetunias 22 hours ago 0 replies      
All I can think is : thank god I don't live in the US. The telco and cable market there sounds utterly horrible.

Banning servers is normal practice? Those kind of restriction were dropped over a decade ago in civilized countries with decent broadband.

BTW, this is the second time Google has done a 180 on net neutrality. The first time was when it tried together with Verizon to redefine net neutrality with an exception for wireless networks.

_greim_ 1 day ago 0 replies      
Instead of content-based throttling, why not just switch people from 1GBPS to 10MBPS after the first NTB per billing period? Still fast enough to watch streaming video all month long, just not fast enough to host streaming video.
gradstudent 1 day ago 0 replies      
Isn't net neutrality about giving preferential treatment to traffic depending on its point of origin? Has Google flip-flopped on this issue?? All I see is some rambling protestations about Google not allowing servers on their free internet connections.
adam_lowe 1 day ago 0 replies      
The key will be how they actually enforce this. Siting servers is the wrong thing to tack on to. Because there are perfectly legitimate personal servers as outlined in comments above for personal use that wouldn't eat up excessive bandwidth. That being said I think the "no professional" or "no business" uses are terrible too depending on how they choose to interpret and apply. A loosely enforced version of the latter would be better in my opinion.
_greim_ 1 day ago 1 reply      
Why not just treat broadband as a utility like everything else (electricity, gas, water) and just charge a dollar per TB or whatever?
MrKurtz 1 day ago 0 replies      
I'm not sure I understand the tone of that piece, it strikes me as yet another attempt at vilifying Google for the most trivial and altogether invalid reasons.

Google offers gigabit speeds in very select areas; coverage-wise they are hardly a blip on the map. Ostensibly the main strategic purpose of Google Fiber is proving that 1Gbps connections to consumers are possible and affordable, which in turn might shame the main players to up their game or result in municipal broadband initiatives and the like.

So now after scrutinizing a strictly worded and loosely enforced TOS agreement, the author (in a shameless display of feigned indignation) is invoking the plight of political dissidents?! this is absurd, the author ought to re-adjust his perspective and lay off the navel gazing.

I don't know what the future holds for Google Fiber but from afar it appears to be an experimental initiative that is still evolving, so disallowing enterprise grade servers at this point in time isn't the end of the world, keep in mind that doing similar things on competing services isn't even viable.

sumit_psp 1 day ago 0 replies      
Not surprised, it's a business and like every other business it is trying to protect its interests. The good news is now we know Google's stance, so it's upto you if you still want to get to Fiber.
Simple1234 1 day ago 0 replies      
Frankly, I don't care if Google changes it's slogan to "Do lots of Evil". If it means I get Google Fiber in my area I'm all for it.
UK Porn Filter Will Censor Other Content Too, ISPs Reveal torrentfreak.com
342 points by llambda  5 days ago   169 comments top 47
InclinedPlane 5 days ago 7 replies      
This deserves a lot more of a response but for now I'll just leave this:

Liberty is about the ability of the individual to do things that others disapprove of. You don't need liberty if everyone else approves of your actions. As a corollary, the exercise of liberty does not require a justification, because it's a liberty, practicality or "usefulness" or what-have-you play no part in it. It's onerous to require someone to justify their right to look at porn. It's even more onerous to ask people to put their name on a list as someone who desires the ability to look at porn. And indeed this is how freedoms are eroded. Because once you put things on a different footing and you require people to justify their freedoms then it becomes ever more difficult to justify anything. Can you justify eating a cheap, greasy cheeseburger? Can you justify watching "Jersey Shore"? Are you willing to?

These are precisely the same sorts of tactics that have been used since the dawn of time for busybodies to rein in individual freedoms of others, and thereby to obtain greater authority over others.

People often dismiss out of hand the notion that tyranny could possibly take hold over the first world democracies of the west in the 21st century. And to that I can only sigh. Perhaps it will not be known as tyranny, perhaps someone will come up with a different, more apt name once (if) we are in the clutches of it, but it will be every bit as bad and every bit as difficult to throw off, if not more so.

ferdo 5 days ago 2 replies      
Sorry for the 19th century text wall, but this is so pertinent that it hurts.

"Next in importance to personal freedom is immunity from suspicions, and jealous observation. Men may be without restraints upon their liberty: they may pass to and fro at pleasure: but if their steps are tracked by spies and informers, their words noted down for crimination, their associates watched as conspirators, who shall say that they are free? Nothing is more revolting to Englishmen than the espionage which forms part of the administrative system of continental despotisms. It haunts men like an evil genius, chills their gaiety, restrains their wit, casts a shadow over their friendships, and blights their domestic hearth.

The freedom of a country may be measured by its immunity from this baleful agency. Rulers who distrust their own people, must govern in a spirit of absolutism; and suspected subjects will be ever sensible of their bondage."

The Constitutional History Of England Vol II (1863), pg. 288

by T. E. May


Nursie 5 days ago 2 replies      
Well DUH!

Some of the politicians like to say it'll be the same sort of system that's on mobile phones here. These have two characteristics -

  1. The filter is full of holes  2. What's blocked is pretty arbitrary
For instance, I was at a music festival last year (Beautiful Days), and access to the online site map and festival schedule was blocked as 'adult' content. The festival itself was full of kids and teenagers (brought along by their parents) for whom the info would have been useful. To get around it, I installed Orbot (Tor for android), because they only care about censoring the web.

rsync 5 days ago 0 replies      
2010-2012 may well have been "peak internet".

Three years ago, or so, I was thinking about[1] the idea that we may have been witnessing something akin to peak oil, or peak credit.

At that time I was discussing it in terms of network fragmentation and net neutrality ... but a collection of different censorship regimes around the world degrades it[2] just as well...

[1] http://blog.kozubik.com/john_kozubik/2010/12/peak-internet.h...[2] "it" being the "homogenous, globally routed Internet as we have known it."

EGreg 5 days ago 0 replies      
First they criticize the Great Firewall of China. Then they start building it themselves. And who better than a Chinese network operator to do it? After all:

"The Public Pledge on Self-Discipline for the Chinese Internet Industry is an agreement between the Chinese internet industry regulator and companies that operate sites in China. In signing the agreement, web companies are pledging to identify and prevent the transmission of information that Chinese authorities deem objectionable, including information that breaks laws or spreads superstition or obscenity, or that may jeopardize state security and disrupt social stability."

-From Wikipedia

Shish2k 5 days ago 1 reply      
A possible silver lining - if you're against the filters that currently exist (blocking child porn), someone might infer you're a paedophile, which would be bad for you. If you opt out of porn filters, you'll go down on a list of people who want porn. If you opt out of everything-filters, the only thing that can really be implied is that you want access to something, which is somewhat less easy to blackmail with.
glesica 5 days ago 0 replies      
Which is, of course, an excellent reason such projects should never be tolerated in the first place. Government-mandated filters simply should not exist. Full stop. It's an easy question: Does the law in question require that access to publicly-available information be blocked in any way? If yes, then it is a bad law.
markbao 5 days ago 4 replies      
The terrifying reality of censorship, as told through the lens of that of China:

"I knew of some Chinese migrants to Australia who watched a Tiananmen 10-year anniversary documentary, and apparently tears just streamed down their faces.

They had no clue that it ever happened."

Tyrannosaurs 5 days ago 1 reply      
I'd like to see some direct information on what was actually said by the ISPs and where it's come from. This article is a lot of speculation based on a statement that they've said something and then an existing service offered by one ISP. Clearly they're not going to block games and dating sites which this service does so it's not clear why we should assume that it's any sort of useful template for what's proposed.

ISPs have a stated objection to these proposals (if only because they understand what's really involved) and it feels to me a little like this could just be spin from their camp. Suggesting that this is the start of wider censorship would certainly be a way of pushing the public against it which would suit the ISPs cause.

None of which is to say that what they're saying is wrong or that it's good bad or indifferent, just that my reading of the article is that it doesn't really have much to support it's claims.

All that said we know for sure that the proposals will block things other than porn if only because it's almost impossible to accurately define porn or build a perfect filter for it based on whatever definition you have. There will be false positives and negatives both in terms of definition and implementation, meaning that stuff will absolutely be restricted which shouldn't be (and let through when it should). Good luck running an on-line site such as Ann Summers or Agent Provocateur, even when you're allowed shops in the high street.

whamill 5 days ago 0 replies      
There are two aspects to the current debate:- The 'child porn keyword' web search filter mandated on all UK ISPs with no opt-in or opt-out- The 'opt-out porn block' which will be applied to all internet connections, from which people can opt-out in order to receive unfiltered results.

The first part hasn't received as much attention because it's harder to write a punchy article about the malicious nature of a government-supplied permanent search filter blacklist, and it isn't as easy to attack as the blocking of legal content such as pornography but this is where the real danger lies.

Once the government add all their 'illegal search terms' to the blacklist and have the appartus for such wide-ranging censorship set up, what is to stop them from adding terms unchecked and unguided to filter any "unwanted" material from web searches? If this had existed in the US, for example, when the NSA Verizon/PRISM stories were leaked, how easy would it be for them to simply add "Edward Snowden" or "The Guardian" or "PRISM" or even "NSA" to the search term blacklist? They would easily justify it on the grounds that the material leaked was classified or damaging to national security.

At this stage a majority of people would in hindsight agree that this leak is hugely important and in the public interest, but if these terms were blocked by the government then what?

Fuxy 5 days ago 4 replies      
There's no feasible way of blocking circumvention tools without causing massive collateral damage.

If they block SSH tunnels for instance no sysadmin will be able to do their job. Same for VPN. A lot of people work remotely.

I will laugh my ass off if they try to do that.

At the same time I won't be able to access my VPS anymore :(

smnrchrds 5 days ago 0 replies      
When widespread Internet censorship started in Iran, they promised it will only be used for porn. Being a religious country, no one protested. I don't say everyone agreed, but because of all the stigma attached to porn, no one said a word or lifted an finger. What started as a porn-only filtering system expanded exponentially. Little by little, the number of unavailable websites grew. Nowadays, most of the internet is inaccessible from Iran. To name few instances:

YouTube, Vimeo and all other video-sharing websitesFlickr, imgur and all other photo-sharing websitesWordPress, Blogger and all other blogging platforms (and every blog on them)Facebook, Google+ and all other social networksBBC, CNN, NPR and almost all foreign news agencies...And also HTTPS rarely works. They have limited the HTTPS bandwidth so much it's impossible to use Gmail without a headache, in an effort to encourage everyone to disable it, thus making it easier for surveillance.

Dear British friends, it's a slippery slope. Don't let the same thing happen to you.

x0054 5 days ago 2 replies      
In my previous line of work, as a criminal lawyer, this is how this would be used:

Q: "Mr Smith, isn't it true that you willingly removed a filter on you Internet connection, places there for your safety, and the safety of your children, and now your connection allows you to watch hard core porn?" A: "But... I did it because.."Q: "Yes or no, Mr. Smith? Did you ask for the filters to be removed?"A: "Yes, bu..."Q: Thank you, Mr. Smitha

varmais 5 days ago 2 replies      
There was a debate in Finland when the child porn filter was introduced a few years back. One guy had a website where he kept database of sites which were blocked but did not contain any child porn. Aftermath was that the site was added to list and that raised even more questions about the whole censorship idea. (http://en.wikipedia.org/wiki/Lapsiporno.info)

Unlike in Britain, the consumers did not have an option to opt out from the filter although it seems that majority of ISPs don't use it. Later on ISPs were forced to block piratebay.org and there have been discussions about blocking online poker sites etc, because Veikkaus enjoys monopoly in gambling and betting business in Finland.

javajosh 5 days ago 2 replies      
You know what would make a lot of sense? Install these filters on every new device sold in the UK. Make them configurable, and even uninstallable, but defaulting to "blocked". That way if and when people choose to unblock something, it's a private matter between them and their device.

This achieves both the stated goal of protecting people from malicious content, and the freedom of people to consume malicious content, if they want to, in private.

dcc1 5 days ago 3 replies      
Us hackers need to make a new "web" a web where censorship is not possible and everything is encrypted, a "web" with no single points of failure, a "web" where domains cant snatched or censored, a "web" like the web used to be :(
nodata 5 days ago 1 reply      
It turns out that the slope was very slippery indeed.
mcintyre1994 5 days ago 0 replies      
Absolutely no way they'll ship with social networking blocked by default, it'll be dead on arrival. Every household will want social networking, and will enable that if they just skip through and realise they can't get to Facebook. Once they do that the whole systems pointless unless people actually see some benefit.
triangle 5 days ago 1 reply      
If you live in the UK, please consider signing the petition to stop the filters: https://submissions.epetitions.direct.gov.uk/petitions/51746.

At the moment, it's sadly languishing at a mere 21,000 signatures. If it reaches 100,000 then that should trigger a parliamentary debate. I'm also going to send an email to my local MP. Does anyone have any other ideas for fighting this censorship?

frobozz 5 days ago 0 replies      
Pope is Catholic, Vatican reveals.
cle 5 days ago 0 replies      
I can only interpret this as a power grab. This is not a sensible solution, it's an opportunistic solution.

I think many people in modern society don't understand the power of data. The NSA scandal has shown how much people underestimate the power companies can have when they own everyone's data. And similarly, they underestimate the power that a government can have when it owns everyone's data.

We need to do a better job of showing the lay person how much they're underestimating the value of their data, and how much power the data aggregators have.

nutmeg 5 days ago 1 reply      
If the concern is actually about enabling people to restrict what their children see, why not create and distribute a free, open-source software package that citizens can run on their own?

Obviously the question is rhetorical, but I'd like to see someone ask it.

majke 5 days ago 1 reply      
I tried to look it up, but UK's law is still a mystery for me. Can someone help: what is a definition of ISP in the UK?

Especially: is a VPN provider an ISP?

Additionally, what definition of ISP is used in Mr Cameron's proposal?

w_t_payne 5 days ago 1 reply      
Let's see which way the wind is blowing .... hmmm... I sense an opportunity for profit!

I think that I will create a business to develop technology that lets us block undesirable thoughts. We will use an EEG cap as the sensor, some machine learning to detect undesirable thoughts, then a bone-conduction speaker to play distracting and disorienting sounds whenever our detector is triggered.


Do you think I could get some government funding for this?

buro9 5 days ago 0 replies      
HN users in the UK should note: The default blocked items includes "web forums", potentially including HN.

You would have to opt-in to viewing such content as the default has you opted-out along with porn, violent material, extremist and terrorist related content.

huherto 5 days ago 0 replies      
At least to me, the big problem with porn is that it can rise your thresholds of excitement, make you insensitive, and you can even become an addict. But our kids will (hopefully) live in a world where porn is prevalent. We should teach them (at the appropriate age) that it is something that they can enjoy but should be careful not to abuse it.

Anyway, the idea of getting the government involved on blocking porn (or anything) is really bad. I rather live in a world where we have to teach our children to be responsable than in a world where the government decides what they can and what they cannot see.

pavanred 5 days ago 0 replies      
This is probably a long shot but I was wondering if eventually this censoring functionality can be used to draw boundaries over the internet. Once you have the infrastructure in place to censor then there's very little needed to do extend the filters to censor other content.

For instance, nationalize the internet, perhaps block services from companies from other countries or tax such services to promote indigenous companies that provide similar services. The reasoning can be why not promote local businesses and provide them incentives by taxing or levying duties on services from other countries instead of letting a company from some other country making all the profits.

edit : typo

reidrac 5 days ago 0 replies      
I don't know how things are going to change but I ordered Talk Talk a couple of days ago and they only ask you if you want content filter and antivirus filter on; whatever you choose they say you can customise it later in your control panel.

So far I like what I have seen. I just don't want any filter, thanks, and I did't have to say why (ie. porn or anything else).

linuxhansl 4 days ago 0 replies      
Of course it will. Porn, terrorism, etc, etc, are always used as fronts for some other goal. History has shown that once a technology is in place it will be misused.
fastball 5 days ago 1 reply      
So what are the speculations on circumvention?

Would an unblocked proxy suffice, or do we think UK internet users would need to purchase a VPN?

Also, is the idea to block porn sites, or any site that contains pornographic content, like NSFW subreddits?

dobbsbob 5 days ago 0 replies      
This filter is for the coming austerity cuts Cameron is about to roll out. He saw what happened in other countries and took a preemptive measure to be able to filter Twitter and other online protest organizing during times of "national security".
ollysb 5 days ago 0 replies      
The whole thing comes a bit unstuck when you realise that BT has had a system in place that allows parents to protect their children for years. The new approach doesn't seem to provide any benefits but succeeds in pissing off a great number of users.
cmircea 5 days ago 0 replies      
I don't understand one thing: how will this filter actually work?

Say I use Google or Bing or whatever over SSL. All traffic is encrypted end-to-end. How will the ISPs know I am searching for a forbidden term? Are they going to request a CA to issue certificates for google.com to ISPs?

ollysb 5 days ago 1 reply      
Slightly tin-foil, but any thoughts on the timing of this story? The intersection between those talking about the NSA and those that will be angered by the introduction of internet censorship is pretty perfect.
nly 5 days ago 0 replies      
Anyone know if Tim Berners-Lee has come out to say anything about this?

I believe he's expressed views in favour of net neutrality and against censorship in the past. With his participation in the Olympic ceremony perhaps, if he were to get in the news, the public would pay some attention.

xedarius 5 days ago 0 replies      
If you have a problem with what your children are exposed to lock them in a box, not the internet.
spdy 5 days ago 0 replies      
The state nanny approach to internet censorship.
cLeEOGPw 5 days ago 1 reply      
If the block itself is only a technical measure, it only boosts alternative access methods. But if they make it illegal to do things like watch port or download torrents without government permission, like they do now with the requirement to hand over private encryption keys to the officials require them, then GB will become worse than China in the freedom of information flow aspect.
coldcode 5 days ago 0 replies      
If everything goes through a filter then anything can be tapped and recorded as well.
worksaf 5 days ago 0 replies      
So basically its a business deal between Huawei and the UK and they're using the angle of "Think of the children" to sell the idea.
diminoten 5 days ago 1 reply      
The Internet interprets censorship as damage and routes around it. $5/month VPN subscriptions will come with routers, pre-configured.
runarberg 5 days ago 0 replies      
The internet filter at the caf I'm connected to at the moment (Stofan in Reykjavk, I'm sure some of you know the place) actually blocked me [following this link](http://www.siminn.is/lokad-a-sidu/).
Sephiroth87 5 days ago 0 replies      
Doesn't really surprise me, since it's basically the same thing we already have on mobile connections...
mcantelon 5 days ago 0 replies      
i.e. D-notices.
grabhive 5 days ago 0 replies      
The rapid growth of circumvention technologies is now assured.
pasbesoin 5 days ago 1 reply      
As I've been saying for years, the Great Firewall of China is -- or was -- the prototype.

Look at its early history: Built with "Western" technology and consulting.

Did you think all these firms were creating a one-off?

And, the following observation is perhaps stretching the interpretation a bit (or not), but I find it somewhat ironic that, after all this, it is a Chinese company that is pushing this implementation forward. Use domestic market access to acquire the knowledge (sometimes, by hook or by crook), and then use your control of your own labor market to undersell the competition.

rqfowler 5 days ago 0 replies      
Groupcache: an alternative to memcached, written in Go github.com
328 points by sferik  2 days ago   97 comments top 14
joshfraser 2 days ago 2 replies      
For those that didn't catch it, this is from Brad Fitzpatrick, the same guy who made memcache
chetanahuja 2 days ago 3 replies      
I'd be curious to hear performance numbers (assuming a reasonable front-end server to this library). I get it that the replicated in-memory caching part is valuable. But (from painful experiences with Java) I also fear that a GC based memory management system is anti-optimal for an in-memory cache of small objects, especially as the size of heap grows to beyond a couple of GB( * ).

(* ) http://cdn.parleys.com/p/5148922a0364bc17fc56c60f/GarbageCol...

borlak 2 days ago 4 replies      
I really wouldn't call this an alternative. If you are running memcached, it's very unlikely you can switch to Groupcache.

Parts of your application may rely on the expiration feature. But the biggest change is the inability to overwrite a current cache key. Every application I've used does this constantly (object updates).

Groupcache in its current form is useful for a very narrow set of applications.

reeses 2 days ago 0 replies      
Am I reading this as a distributed, immutable, weak hash table rather than what one would consider a 'cache'?

Mind you, doing so avoids the hardest parts of caching (and especially distributed caching, which otherwise begins to underperform around 5-7 nodes), so I can see significant upside. No surprise stales, distribution update clogging, etc.

willvarfar 2 days ago 3 replies      
I noticed this when he talked about speeding up the Google download servers. Very interesting :)

Its an alternative to memcache but not a direct replacement. I hope he adds CAS etc.

I hope they start using the kernel's buffer cache as the backing store, or explain why its not a good idea: http://williamedwardscoder.tumblr.com/post/13363076806/buffc...

happyhappy 2 days ago 4 replies      
I want to use this, but since the keys are immutable, how can I store data like sessions which can change and would sometimes have to be invalidated from the server side (i.e. you can't simply change the session ID in the cookie and use a new cache entry, because bad-guy could still be holding on to an old stolen session ID)?

In general, how can one learn to think in an immutable fashion to effectively exploit this?

buro9 2 days ago 2 replies      

> 64 MB max per-node memory usage

So this is best used as a LRU cache of hot items.

It doesn't compete/replace memcache comprehensively, but it does attack the use of memcache as a relief for hot items.

I can see me mixing my Go programs with both groupcache and memcache.

Edit: I have glanced through the code and cannot see where the 64 MB per-node limit comes in. Anyone see that?

RyanZAG 2 days ago 1 reply      
How does this compare to Hazelcast[1]? Seems like the same idea, but far less features?

[1] http://www.hazelcast.com/

justinhj 2 days ago 1 reply      
I'm a bit confused about how you use this system with immutable keys. At face value it's a great idea, but I need a simple example of how's it is used to say retrieve a piece of data, then later update that to a new value.

Is this anything like how vector clocks are used, where the client uses the clocks to figure out which is the right state in a distributed system?

j_baker 2 days ago 1 reply      
I like the idea, but it seems like it would make deployment a pain. How do I spin up a new server without rebalancing and/or restarting the world? Not to mention that now when I do need to restart the world, I can't do so without also clearing my cache.
casperc 2 days ago 1 reply      
How does its sharding by key algorithm work and how does it handle adding new peers? I was looking for at in the source, but couldn't find anything related to it.
justinmares 2 days ago 2 replies      
It'd be interesting to compare this alternative to other solutions like Redis.

Has anyone used both/either?

otterley 2 days ago 1 reply      
How do you set an item's TTL? How do you set the maximum size of the process's cache?
Tox: secure messaging for everyone tox.im
321 points by NotUncivil  2 days ago   199 comments top 37
latitude 2 days ago 22 replies      
Oh, I see you helped yourselves to my Secure Chat logo -



https://www.google.ca/search?q=secure+chat+logo - first page hit too

Not cool at all, "cool guys around the world".


(edit) Regardless of whether this was copied, over-inspired or independently conceived (but let's be realistic here), the generally accepted rule of the game is that the first to the finish line gets to keep the logo. I don't make my living with logo design, but I did kill a week of sketching, refining and re-balancing on this one and I do happen to like it a lot. For what it's worth, I wrote a P2P VPN system in the past (called Hamachi) and I am involved in p2p and crypto domains in general. So I expect you to extend some professional courtesy, change the logo and close this matter in an amicable matter.

anologwintermut 2 days ago 1 reply      
So this appears to naively use DJB's NACL/crypto_box construction, which is a curious choice given the existence of OTR for messaging protocols which would handle things like session key negotiation and provide deniability.

First, If I'm reading the source correctly, they are doing public key encryption for every message. Which, ok, DJB was a fan of at least for DNSCurve, but is generally regarded somewhat dimly for efficiency reasons. So I guess this puts them on one extreme of the Bell Curve or the other. I wonder which?

[EDIT, removed point about nonce's in handshake]

Funnily enough, at first glance it looks like they covered at least some of the obvious issues: they do at least attempt to authenticate the session key and the crypto_box's use of a Nonce prevents replay and re-ordering attacks.

How do they handle video chat? Crypto_box won't work there naively sense packets will get lost and the nonce's won't be in sync.

shin_lao 2 days ago 2 replies      

* Lossless UDP? Is there a reason not to do TCP?

* There is no way to know if the public key is genuine, so the system is very sensitive to MITM.

* The key exchange is inadequate. Why not do DH if it's just to have session keys?

* The system is very easy to brute force as the acknowledgement is based on a known plain text. This is very bad.

A quick glance at https://github.com/irungentoo/ProjectTox-Core/blob/master/co...

I found a potential buffer overflow at line 143. If an attacker sends a large file, what happens?

Making crypto software is not just a question of wrapping a crypo lib (in that case NaCl) with a GUI. There are some tricky security issues as how you use the crypto.

kostyakow 2 days ago 4 replies      
Tox aims to be a secure replacement for Skype.

There's several other similar projects, but they are usually hard to set up and use for an average user.

Tox is FLOS software developed by community, and currently licensed under GPLv3. We are considering changing the license to something more permissive, so it would be possible to put it on the App & Win8 Stores.

Currently, it is in really early stages of development. But we already have basic IM, and nCurses interface. We use NaCl library for encryption and will probably add FFmpeg for video.

We are working on a cross-platform GUI using Qt5. Please note that the screen-shots on the main website are only mockups, and (in my opinion) should have been labeled as such.

Since the website is down, here's some links:

Subreddit: http://www.reddit.com/r/projecttox/

Core code: https://github.com/irungentoo/ProjectTox-Core

Qt GUI code: https://github.com/nurupo/ProjectTox-Qt-GUI

Website code: https://github.com/stal888/ProjectTox-Website

IRC Freenode chanel: #InsertProjectNameHere

DanBC 2 days ago 3 replies      
Github maintained by someone with a troll username?

Comments like this:

> IMPORTANT: release two major sanctioned UIs, one for autists, one with inbuilt support for the previous list so that plebs can't get confused with setting it up and autists don't complain about it getting in their way. de geso > I would suggest a "Advanced options" where the autists can rejoice with all kinds of options (and it doesn't frighten the normalfags, since it's not shown by default). Also, 2 UIs would be chaos to maintain.

Talk about not needing to be an expert to use it, but then a "learn more" button sending people to github?

Not inspiring confidence so far.

It's nice to see they're using an existing crypto library. I'd be surprised if they haven't made errors implementing it.

irungentoo 2 days ago 2 replies      
Since you managed to kill the website:


Tox is a completely decentralized secure messaging service which aims to replace skype.

It it still in heavy development.

So far we have IM working almost perfectly but no completed GUI yet except for a basic ncurses interface used to test the core.

For the detailed info on how everything works see: https://github.com/irungentoo/ProjectTox-Core/wiki

runn1ng 2 days ago 1 reply      
OK, /g/entoomen, I will keep saying what I said in one of your threads.

I feel it's strange that your IP is shared to the world together with your public key, so it is, in this sense, anti-anonymous.

You cannot even use it with Tor, because it uses UDP.

yogo 2 days ago 2 replies      
It might be useful to mention more about how encryption is done on the website itself since that is the main selling point. As it stands I have to go through the source code.
runn1ng 2 days ago 0 replies      
/g/ has finally managed to make this somehow usable?

Well, congratulations.

fernly 2 days ago 0 replies      
As a naive potential user I am willing to take the assurance of proper crypto and forward secrecy. What needs to be addressed also is the issue of metadata. It is the broad collection and easy analysis of metadata -- NOT content -- that makes NSA monitoring so sinister. By knowing all about who you connect with, when, for how long, and with what regularity, they can know a vast amount about you.

What of the who/when/how-long/how-often metadata is evident when using Tox? As compared to normal skype or IM, that is?

BadassFractal 2 days ago 0 replies      
I'm glad that people familiar with security and cryptography in this thread are trying to poke holes in the product. As long as the development team uses these comments as productive criticism and fixes potential issues, everybody benefits in the end.
unknownian 2 days ago 0 replies      
Minor contributor here: we've been trying to recruit help from HN multiple times with no luck. /g/ recognizes that the dev talent on the web resides here, so if you have a mastery of any of the needed skills (C, GUI design) we'd love your help.
dkhenry 2 days ago 1 reply      
I hate to be the bearer of bad news, but if your intent is to get around NSA snooping this doesn't do that. All you have really done is made sure that your communications are target for closer scrutiny. Remember I don't care _what_ you say I care _who_ your saying it to. Once I know who is talking to who and which person might be a good source of information there are much easier ways to get that information then trying to break encryption[1]

1. http://xkcd.com/538/

lvh 2 days ago 1 reply      
It is unfortunate that this thing's name collides with tox, the testing tool.
CompulsiveCo 2 days ago 0 replies      
This has been a project on 4chan's /g/ board that began after Snowden's initial leak. Its good to see that this project has developed into something substantial.
osth 2 days ago 1 reply      

0. How important is simplicity (modularity) to the project?

1. Will Tox work for user "idontrungentoo"? Will it compile on Solaris, BSD, etc.

2. Will the GUI be optional? If not, why is it mandatory?

3. Can Tox work without DHT? What if two users just want to call each other without connecting to tens, hundreds or thousands of strangers? If there are problems with the DHT, are they SOL?

It would be good to have competing teams all working on some similar system (a Skype alternative) and then have an open bake off, instead of just idle criticism in forums like this one. This way we could see which system actually works the best instead of just theorizing about design choices and taking random anecdotes from alleged users in forums on faith.

D9u 2 days ago 0 replies      
All this crap about a fucking logo?

What about the technical merits of Tox?

rodolphoarruda 2 days ago 1 reply      
"...application that allows you to connect with friends and loved ones."

...who know what to do next after they click the 'download' button and are forwarded to a GitHub page. I'd like to give the app a try, but I look at that page and I don't know where to start.

hnha 2 days ago 0 replies      
why not exchange "proper" keys when both parties are first both online? messaging that does not let me send messages to offline peers is quite useless in many cases. I would much prefe
mylorse 1 day ago 0 replies      
Can anyone convince me why I should contribute to this project when I can already use the following?:[[bitmessage.org][Bitmessage]][[freenetproject.org][Freenet with a chat client]][[gnunet.org][GNUnet with chat]][[i2p2.de][I2P-Messenger]][[retroshare.sf.net][RetroShare]]

PS You could also apply a simple Icecast and/or MPD video stream under those proctols, even [[stomp.github.io][STOMP]].

cpursley 2 days ago 0 replies      
This is great. A cross platform web app would be icing on the cake. Built on something open source like Lungojs.
floor_ 1 day ago 0 replies      
They're pushing the hell out of this on the /g/ technology board on 4chan. I wonder if large group chat rooms will be a new way of sharing files over secured/private connections.
nfkd 2 days ago 1 reply      
Apparently, we can't use the name "Tox": http://tox.readthedocs.org/

Here are the most liked alternatives proposed on anther thread:










mars 2 days ago 0 replies      
why not hop on the xmpp train? xmpp just lacks a great client incl. some cross device synch capabilities, but besides that is secure, decentralized, open and a standard...
thaweatherman 2 days ago 0 replies      
Another app that is the same as good existing solutions and is an outgrowth of spying revelations. Easy secure messaging, calling, etc apps already exist and are freely available. Once Whisper Systems apps are out for iOS at the end of the summer the bases will be covered.
gsibble 2 days ago 1 reply      
Also might want to get a better server. I'm not trusting a messaging service whose marketing site I can't even reach.....
untitaker_ 2 days ago 0 replies      
It's kinda impressive in how many languages the website got translated from the start.
unknownian 2 days ago 0 replies      
Thankfully we have a graphic design board now to aid in this stuff, though it might have been a /g/sent who designed it. There are some undiscovered talents on 4chan.
astonex 2 days ago 0 replies      
It's funny how many focus on what are rather trivial things, the logo and name, instead of looking at the actual things which matter: the code, the security, and the idea itself.
codebeaker 1 day ago 1 reply      
Whilst we're bashing them for IP theft, can anyone tell me why they're using the Github Octocat logo for their Freedom point? It doesn't appear to link to Github?
chuckd1356 2 days ago 0 replies      
How's their service going to stop a Man-in-the-middle attack, client endpoint exploits? Or the HN effect crippling their marketing servers.
Plexion 2 days ago 1 reply      
Website owner here: Currently getting a 50k pps DDoS. It'll be over shortly, I hope.

EDIT: It's done.

snowfox 2 days ago 0 replies      
Wow how did you get it translated to so many different languages?
mtct 2 days ago 0 replies      
Well done /g/!
northwest 2 days ago 0 replies      
If you're the author, you should add it to the list: https://en.wikipedia.org/wiki/Darknet_%28file_sharing%29
fracchio 2 days ago 0 replies      
I do like your project, why not putting it on indiegogo or pledgie to help the development and large the audience?
donnfelker 2 days ago 0 replies      
Brought to you by the NSA.
Ask HN: I might be going to prison soon how to save my one-man SaaS startup?
316 points by 3a0e8ff4e557  16 hours ago   327 comments top 65
milkshakes 15 hours ago 0 replies      
(i am very sorry for your situation. this response is assuming you cannot find any way to get out of jail. i hope you do though.)

i had a friend from the internet who went to jail before. we used to run topsites together back in the day. he would usually wind up getting the boxes and affiliations, and i would wind up taking care of them, scripting them, and maintaining them. we had a good racket going.

one day he wound up going to jail for something incredibly stupid and unrelated, for almost a year. he gave me all his passwords and i just took care of the sites while he was gone. if i needed to interact with someone he knew, i just logged into his IM or email and pretended to be him. nobody even knew. then he came back and it was like nothing ever happened.

it's hard, but do you think you would be able to find someone like that? if not a friend, then maybe someone you could employ?

jacquesm 15 hours ago 1 reply      
How hard is it to keep it alive? Can I do it for you while you get your stuff sorted out? Do you have a decent lawyer? Would that make a difference? Let me know (email in profile), I'll gladly help you if I can. I second the calls to leave your country but I can see that this may not always be an option.
mahmud 15 hours ago 5 replies      
Escape the country.

Going into a foreign embassy is not gonna do you any good. "The Free World" spies on, and jails its own people, and it will not risk another Mohammad cartoongate helping you. So don't even think about requesting asylum at an embassy.

Sell all you own and head to the nearest border/coastal town. Pay off smugglers or fishermen and get the fuck out.

btipling 15 hours ago 1 reply      
shubb 15 hours ago 2 replies      
Depending on how long you are likely to go away, it's probably best do just do the time.

Escaping, as others suggested, would mean leaving your life behind, likely living as an illegal elsewhere (without the ability to open a bank account or own a business). If it's probably just a couple of years, it's probably best to sit it out, and resume your life after.

You need to hook up with someone you really trust, and give them 50% revenue of the startup (after a while, they will see it as theirs, and wonder why they are paying you if it's less). Family would be good, but otherwise an old friend. If they are technically literate, maybe they can outsource the actual work so long as they remain in control.

DominikR 15 hours ago 1 reply      
Leave the country if possible.

I obviously can't know what kind of anti religious posts you have made and what your history on that matter is, but if it isn't hate speech that encourages others to discriminate or do anything else illegal there definitely would be some countries that would give you asylum.

The other option if you want to accept going into prison for whatever reason (maybe it is just a few months, or you cannot leave for other reasons like family) is to give someone else you trust some equity and hand operation over to that person for the time you are in prison.

Good luck

alinajaf 14 hours ago 1 reply      
As a former Muslim atheist, Jesus Christ!

Assuming there's nothing you can do to escape your pending jail term, I would suggest getting your legal person to draw up some sort of agreement where someone can run the business and keep the profits in your stead. This will have to be someone you trust as no matter how good the contract, the potential downside for you is huge. You could structure it as selling the company with an option to buy it back at the sale price when you get out of jail.

This sucks so hard. As an openly atheist ex-muslim, I'm permanently striking Indonesia, Malaysia and more or less any other predominantly muslim country off my lifetime travel itenerary. If they'll throw you in jail for some snarky photos, my head rolling into a bucket isn't a great stretch if the imagination.

strlen 8 hours ago 0 replies      
As a Russian Jew who immigrated for the United States, hearing your story upset me a lot: there are many parallels between how Russia/USSR (both under tzar and communists, fortunately less so after fall of USSR) has treated Jews and how Malaysia and Indonesia treat their Chinese minority.

It is sad that I am powerless to do to help you and that our immigration laws will probably hold what your government has done to you _against you_, e.g., if you were in the process of getting a college degree but were kicked out by your government, you will not be eligible for an H1B visa. Fellow Americans: this is why immigration policy is not about economics or politics, but a moral issue. Perhaps it's true that immigration leads to lower salaries or to more democrats instead of republicans being elected (but I have my doubts), but isn't it a _far greater_ injustice to prohibit people like OP[1]) from wanting to have basic liberties we take for granted?

[1] ... or myself from 17 years ago: we had to jump through many hoops for my dad to get an H1B visa, for my mum and I to get an H4 visa, and later for all of us to get green cards. We were racked by uncertainty and anxiety over many years: I thought a lot about how we might not get a green card and how upon return I'll likely be inducted into the military where I'll be periodically bullied or even tortured ( https://en.wikipedia.org/wiki/Dedovshchina ) for edification of others.

fnordfnordfnord 14 hours ago 1 reply      
To everyone ITT who is questioning whether OP has considered leaving his country. This is a public forum. Obviously, OP cannot/should not openly solicit or respond to advice for breaking the law or otherwise give any impression that he intends to flee, or otherwise escape his country's excuse for "Justice".

Of course we are all free to give him this advice, and perhaps we should do so, but remember that OP cannot respond positively.

moubarak 15 hours ago 6 replies      
if anyone here helped you it would be a real shame for HN. if you did offend another religion and rightly convicted then you should pay the price of your apathy and recklessness. jail should not be the price you have to pay, but instead you she be outcast by the community, at least on HN.
rdl 13 hours ago 0 replies      
It really depends on how long you might be away. My goal if I were you would be to resolve this ASAP to focus on my court case and enjoying freedom for the next months.

What I'd probably do is find someone I trust to have power of attorney to manage the site at a high level for my benefit; give him a percentage of profit, or someone who owes you a favor. Then that person will handle finding someone to operate the site -- that way the first person can continue to provide oversight and replace the second if needed. If it is for a short time, you might be able to get away with just one person, but two is much more durable.

I'd plan on giving up a fair bit of the revenue while away -- up to you if you want the operators to try for growth or just maintenance. Someone just passively maintaining it will cost less but the site might eventually die.

geuis 15 hours ago 7 replies      
Get out of the country ASAP. Come to San Francisco. You won't go to jail here for posting pictures. Apply for asylum or whatever later, but get your butt on a plane ASAP.
BSousa 16 hours ago 0 replies      
Best thing to do would be to collect some data on your saas for the last few months, prepare it for selling, and find someone that will buy it from you and keep at it.

I have no idea how prison is where you live, but I doubt you will be able to run any kind of SaaS business from there so either fold it or sell it.

peterjancelis 14 hours ago 1 reply      
You have a CTO co-founder (http://zuupy.com/about/), is he going to jail as well?
realrocker 15 hours ago 0 replies      
Hire someone outside your country for a percentage of the profit. Don't worry too much about the paperwork. Just hire a well known guy(meaning open source projects, vocal on technical issues etc.) in the hacker community to find someone trustworthy. I am sure many of us would be happy to help. Though I may not be qualified I am up for it.
ackfoo 13 hours ago 1 reply      
Get out. Forget your business; you can make a new one somewhere else.

Any life elsewhere is better than a life in a country filled with morons who believe an obvious lie like Islam and order their lives by it.

When you get out, dedicate your life to doing great things by your own rules and eradicating the stupidity of people who believe the crap they are told without evidence.

And for all the overly-sensitive Muslim fanatics out there: your Allah is a figment of your imagination and your Mohammed fucked dogs in his spare time for fun and profit. Jesus, also, was imaginary, you stupid bastards. I dare you to prove me wrong.

Come and get me. I will defend my right to say these things until I am dead. It's called freedom of speech.

ck2 15 hours ago 0 replies      
Can you apply for asylum at an embassy for a non-muslim government?

(just don't let your government see you doing it)

carlob 15 hours ago 0 replies      
I might be able to put you in contact with someone who knows a great deal about asylum requests in Italy. Let me know if you're interested.
JamisonM 12 hours ago 1 reply      
Look, I know this is not what you asked about but I have to say this: For your sake I hope that the prosecution does not stumble across this posting. Given the gravity of your situation your decision to add the gratuitous "my government and the majority mob" to your posting it makes your public apology seem disingenuous.I also hope that before you post anything else on the Internet in any forum that you run in by your lawyer first.Human rights issues aside, I have to confess that I did not have much sympathy for your plight before as your initial posting was obviously going to get you in trouble with the law, as unjust as that law might be. You need to stop and take stock of your situation and consider carefully your behaviour going forward, you need to take this more seriously.

As for your startup, if the thing is not really profitable in the first place why are you worried about it? Let it die and move on, it might very well be holding you back from trying something else that will actually be successful.

chewxy 15 hours ago 1 reply      
You don't happen to be Alvin Tan who recently caused a ruckus in Malaysia do you?
eli 15 hours ago 0 replies      
Jeez, I wouldn't listen to anyone who is certain you should become a fugitive from justice based solely on the three sentence description of what's going on. (C'mon guys, really?) If you want legal advice, talk to a lawyer.

To answer the actual question you asked: well, it depends. I don't think you've provided enough information for me to help. What industry? What sort of bugs and features? What platform? How many customers? Feel free to send me an email with specifics and I'll promise not to share if that's what you wish.

mnazim 14 hours ago 1 reply      
"posted religiously-insensitive photograph" is a very vague statement. Many questions come to mind.

- What is the nature of photographs?

- Were you exposing some kind the truth and got caught up by legal loopholes or an inherently unjust law in your country?

- Did you knowingly break a law which has existed in your country for a long time?

- Does the nature of your photographs insults someone's faith and or religion directly, knowingly, or purposefully? Or was it so subtle that you could have done it unknowingly?

- Could your postings promote hatred and/or violence against a specific group of people in the society?

- Is you SaaS startup related to the exposure of photographs? Were your postings directly as a results of your startup?

Many more questions can be raised and I think not many can help you without a clear understanding of the issue. At the very least anyone who might want to jump in to help would at least want to clearly understand the connection between your legal issues and your startup.

That said, without clear understanding of what you actually did, I have no right to assume who among the parties involved is right and who is wrong.

If you are willing and if it's possible without putting you in more trouble than you already have on your hands, please share a few more details about the issue. You would be surprised how much help communities like HN can provide you, given proper details.

PS. If legal precedence from authentic Islamic history is accepted in the courts in your country(which should be). Feel free to get in touch with me privately and I will do my best to help you find authentic Islamic precedence that might help you in your case - but of course, only if you are comfortable with it.

seanccox 12 hours ago 0 replies      
First, you should read the U.N. Convention Relating to the Status of Refugees and determine whether you will be a candidate if you flee. No sense leaving if you will simply be deported back to your country. I think it applies:

"A refugee, according to the Convention, is someone who is unable or unwilling to return to their country of origin owing to a well-founded fear of being persecuted for reasons of race, religion, nationality, membership of a particular social group, or political opinion."

You appear to be facing a clear and imminent risk of persecution at the hands of your government because of your political views, which in all likelihood makes you a candidate for seeking asylum in another country and claiming refugee status through the UNHCR.

Not knowing where you are, I can't advise any further. If you are unable to exit the country with your passport, bring whatever identifying documentation you have about yourself (drivers license, birth certificate, diplomas or degrees, etc.). All of that will aid in your case.

If you are able to prepare well beforehand (do so, if you have time), get the phone numbers and addresses of these organizations in the country you seek asylum in: the UNHCR, the International Organization for Migration, the Helsinki Citizens' Assembly, the International Catholic Migration Commission... that's all I can think of right now.

Prepare to present yourself to local law enforcement in your new country at some point, but try to avoid doing so without consulting local refugee support staff. In all likelihood, you will need to be arrested and processed by local law enforcement as part of your declaration for asylum. I have dealt with this in Turkey for Iraqi, Iranian, and scores of East African refugees, so I only know the peculiarities of Turkish law and refugees. If you can get to a European country, you will fare much better.

JamisonM 6 hours ago 0 replies      
Sweet Jesus... I was looking at the news about your case and posting here is a violation of your bail conditions, if you stopped responding here for any other reason don't start again for that reason, you are endangering your freedom.
masukomi 14 hours ago 0 replies      
My thought is to put together a very detailed set of instructions including a screencast. Then contact one of the many companies that offers virtual personal assistants. Tell them you need someone for a couple hours a week with whatever level of technical knowledge they'd need to be able to follow your instructions.

Then start using them right away (before being interred) so that you can see if you've gotten a person who understands the task and can do it well, or if you need to have them find someone else to do it.

It should be cheap and easy.

Alternately, you could just sell the business and start a new one when you get out. I'm sure there are many folks here, myself included who would be willing to consider buying a self-sufficient SaaS business.

philtar 15 hours ago 0 replies      
Can I ask what your name is? I'm a free speech activist in the area and would love to see if I can help.

On topic: Post more information about the SaaS. Someone where could want to buy it.

csomar 14 hours ago 1 reply      
Here are my thoughts

1. For a period of 3-5 year, I'll proceed with the jail. I think you can have limited Internet access in jail, but this might not be the case in your country. Check with the authorities. Otherwise, proceed by selling your business quickly and put the money is a safe index fund. With a 5% return, over 5 year, this means 27% return.

2. If the period is hilariously long, like 20 years, I'll advise you to escape. There are many ways from seeking Asylum to illegally crossing the borders. Some people will discourage you to illegally cross the border, but I guess it's better than spending 20 years in some prison with no real-life contact.

3. I remember there was a discussion about changing one identity. It might sound like movies, but you may want to look into that. You can also just hide in your country, and keep looking for possible escape solutions/countries.

pushkargaikwad 15 hours ago 2 replies      
>> Is there anything I can do to save my SaaS startup?

Don't you think you have bigger things to worry about then your SaaS company ? I meant, you are about to lose your freedom which I feels should be your first priority.

I really feels to have a stronger case and to preserve your freedom, you should come out open with your name. International pressure and media do work as in Deborah Dalelv's case http://www.huffingtonpost.com/2013/07/19/marte-deborah-dalel...

SaaS companies normally don't have lot of overhead, so you can hand over the control to some local friend, do inform your customers about your current situation and the possible repercussions of it.

davidcollantes 14 hours ago 0 replies      
"Religion is the sigh of the oppressed creature, the heart of a heartless world, and the soul of soulless conditions. It is the opium of the people."

Can someone run the SaaS startup for him while --and if-- he is in jail?

ryan-allen 14 hours ago 3 replies      
I disagree with my country's laws, and sometimes do flaunt them. If I were to be caught and had to serve a prison sentence, who am I to blame? I knew the risk, and I took it. I might disagree and think it unfair, but those are the rules of the game.

I don't mean to be insensitive but if you willingly break your country's rules then you have to accept the retribution that is dealt out. This is the cost of being outspoken, or revolutionary, or straight out insurgency. Being a HN regular and entrepreneur I'd hope that would be self evident.

Maybe the West has sold you on the idea that you can go against the grain and not pay for it, that's certainly what the western so-called revolutionaries seem to demonstrate. How long do you think Chomsky would last in Russia?

Some people in this thread suggest you move to San Francisco. It would have been ideal if you were born there instead. In SF you can go against the grain and pay nothing for it (and then advise the rest of the world to 'rebel'). What great heroes they are.

Where you are from it looks like if you upset the authorities you pay a hard price. I hope you feel strongly about your actions.

Today a US intelligence analyst was convicted of espionage by a US military court. He was pushing boundaries he knew to be illegal in his arena and now he's paying the price. His actions will be remembered for better or worse for decades to come, and he paid the price.

He didn't grow up in San Francisco, like you. I wish you the best and hope for a positive outcome.

fantnn 14 hours ago 1 reply      
Fuck religion; the lack of existence of any kind of deity can be proven with etymology
lizzard 11 hours ago 0 replies      
Good luck, and I'm so sorry about your situation. I hope you have good legal and family support and that you find someone to maintain your startup.
arisAlexis 16 hours ago 1 reply      
write a blog entry about your story, make it known to the public many ppl might volunteer to e-protest for you
PencilAndPaper 11 hours ago 0 replies      
ORIGINAL QUESTION: Is there anything I can do to save my SaaS startup?

Its kind of insane to suggest someone jump bail and flee their country without actually knowing their full situation and them as a person.

arbuge 14 hours ago 0 replies      
One question: what's your best estimate of the jail time you'll get? Apologies if it's mentioned elsewhere in the thread and I missed it...
dboles99 16 hours ago 1 reply      
Contact me at daniel dot boles at gmail dot com. Maybe we can work something out.
alex_hitchins 14 hours ago 0 replies      
Open Source it maybe? Set up some small foundation to keep it running. Or, sign over rights to someone you trust while you are in prison to keep it running.

What is the nature of the service? Is it something you need strong domain knowledge in to support?

I like many others would probably be able to offer to act as caretaker providing it's all legal and it's not something that will require lot's of time to get up to speed learning.

let me know if you want to discuss anything.

blackoil 14 hours ago 0 replies      
#if you are in for >5-7 years, forget ur startup, handover 50% stake to best guy you can find and focus on legal troubles.

#if it is only few months, and your customers value ur service, be as honest with them as you can, create a forum for them to help each other, get some friend/family to pitch in.

#little tricky for inbetween, you'll need a dedicated guy to work on it, he'll expect a substantial share, so you can just hope for best to find a talented/honest guy.

rogerthis 12 hours ago 0 replies      
If you call it "my government", then you should obey him. Even if you disagree. Or you can question it in appropriate instances. That's how things work here in the west. If you think the government is treating you unjustly, you can 1) stand your ground, keep your inner freedom (lots of people have done that in Communist and Nazi Germany countries in the past); 2) Run, hide.
treskot 15 hours ago 0 replies      
Hire a developer (to add features) and a support guy (for emails and bug reports). At least have these as your backup while you think of other ideas.
tzaman 15 hours ago 0 replies      
Can you provide a link? (I know it's not going to help, but curious about your startup)
alexvr 11 hours ago 0 replies      
Forget about the business for a while and do your absolute best escape to a free country.
chenster 11 hours ago 1 reply      
Seriously if I'm going to prison, worrying about my SaaS app is probably the last thing on my mind.
throwaway6629 15 hours ago 0 replies      
Open source your code. It might not be as much of a competitive advantage as you think and open sourcing it will help with the bug fixes and features

Concentrate on the value that you and your brand provides - if your main customers are in your home country then you can already provide value from localisation. Can you hire someone to handle the marketing and support?

checarsner 11 hours ago 0 replies      
Message me. I might be in a position to take it over until you get out. I realize I'm a stranger, but communicate with me and maybe we can figure something out together.
steveinator 15 hours ago 0 replies      
Is it something that can be run from the states? I'll take it and run it while you're gone.
nightcomer 10 hours ago 1 reply      
To everyone, I urge you to stop commenting on religion. With all the comments I read, says the OP is innocent and it's the religion at fault. You do not have the complete knowledge nor the right to just go on insulting other's religion.

The OP is smart enough to use the language and not show the link to the posting that has landed him into the trouble.

I do have sympathy for OP, but this discussion is going way on a different track. I also advice the HN admins to delete this post.

jnardiello 15 hours ago 0 replies      
To reply to your question: Hire someone or sell the business. This is pretty much everything you can do. Leaving the country is actually an option but might be quite dangerous depending on your current location.
magikbum 14 hours ago 0 replies      
facorreia 16 hours ago 0 replies      
Request political asylum?
dschulz 15 hours ago 1 reply      
Outrageous. I can't accept things like this are still happening in 2013. Please tell me that you at least considered leaving your country.
kfk 15 hours ago 0 replies      
How many years are you going in prison? How do you feel giving away equity?
ada1981 13 hours ago 0 replies      
I have an activist media company. We'd be happy to help you. anthony + @175g + .com
smewpy 13 hours ago 0 replies      
Sorry to hear this. Jumping bail and escaping the country, is a valid option, in my mind.
adamzerner 14 hours ago 0 replies      
Is that really the most important question you should be asking?
narx9888 11 hours ago 0 replies      
Just incase some of you guys are curious with Malaysian laws especially when it comes to religious matter, a Muslim lady is now probably going to face jail time because of bathing dogs. http://www.freemalaysiatoday.com/category/nation/2013/07/31/...

Yes, you read it right. It's against the law in Malaysia for Muslim to be near dogs.

bwb 14 hours ago 0 replies      
Can you flee the country?
superconductor 13 hours ago 0 replies      
Read E-Myth. Then you'll know what to do.
mattwritescode 15 hours ago 0 replies      
Whats the company address?
icedchai 11 hours ago 0 replies      
how much do you want to sell it for?
dhanush 15 hours ago 0 replies      
I think you should get in touch with avaaz.org They have an influence on such issues. They will get their members to sign up in you support, create international awareness on this issue and then generate massive awareness regarding the situation. Not only will this buy you more time, it will also boosts up your chances significantly.
hearty778 13 hours ago 0 replies      
Singapore is 100% not a Muslim country. Looks like he's in Malaysia.
me551ah 15 hours ago 0 replies      
which country?
gotrecruit 13 hours ago 0 replies      
regularguy 15 hours ago 13 replies      
I'm assuming you are this guy: http://www.huffingtonpost.com/2013/07/18/alvin-and-vivian-ja...

What you did was quite offensive, for Muslims and non-Muslims.

If you are that person, it may difficult to find someone you can trust enough to take over the SaaS startup whilst you are away. Good luck.

Why YouTube buffers: The secret deals that make and break online video arstechnica.com
297 points by abraham  3 days ago   110 comments top 23
revelation 3 days ago 10 replies      
This is just one of the many fights surrounding net neutrality.

We desperately need to break up ISP monopolies and enact strict net neutrality regulation and bandwidth (even latency/routing) guarantees. The idea that a single ISP is in a position to charge both YouTube and its customers is bizarre. By any basic reasoning, an ISP that doesn't enable access to YouTube should be out of customers within a few months. That this doesn't happen is testament to the broken market surrounding internet access, and a bad sign for the fights that await us.

(Google needs to start naming and shaming the ISPs that do not want to peer with them on reasonable conditions or with sufficient capacity when they detect bad performance on YouTube. They have been doing this locally, e.g. they delisted french news sites from Google News when these lobbied for protectionist laws, and they have been stating the parties that forbid them from showing copyrighted content, e.g. the GEMA in Germany.)

epa 3 days ago 10 replies      
While it may be true that there are some outstanding ISP issues that lead to slow internet, I think the more pressing issue is the behaviour of the new(ish) youtube player acting erratic. For instance, you cannot fully load a video anymore, it will only load a portion as you continue watching. If you wish to rewind the video, for some reason youtube will want you to rebuffer the entire from where you have rewinded to. This is terrible when dealing with slow connections. I have found that since youtube has implemented three specific things, 1) new player, 2) changing of related videos, 3) google account requirements, the user experience has gone way down hill.
rossjudson 3 days ago 0 replies      
Step one here is transparency. Before we impose new mechanisms by legislating, we should allow detailed study of the ones that are in place. To do that we may need legislation that states simply: All such peering agreements, including all of the technical and financial terms, shall be filed as public documents with the FCC at least 7 days prior to taking effect.

This accomplishes two things: It allows third-party analysis, and it provides early warning of change to affected parties.

300bps 2 days ago 1 reply      
The reality is that major ISPs like Verizon and Comcast want Netflix to DIE because it is a major competitor of theirs. How many people have cut their cable TV service because Netflix is "good enough?"

So Verizon and Comcast can compete with Netflix, or they can attempt to cut off their knees.

"Nice streaming service you got there. Be a shame if it was so slow your users got frustrated and cancelled their service."

This is why Verizon and Comcast don't take Netflix up on their offer to provide caching servers, create peering agreements and take other actions that actually decrease the ISP's cost. Because Verizon and Comcast want Netflix DEAD.

Qantourisc 2 days ago 3 replies      
The internet used to be ran by engineers. Now it's ran by suits ...

The former does what needs to be done, and all pitch in to move traffic. Suits on the other hand only see $$$.

As for the suits: either your are overselling your bandwidth and you don't have enough money to make the necessary changes REGARDLESS of where the traffic is going/coming from. Or your just being greedy !

To fight this, I think it's best to get review ISP by their real speed. Then getting this information out to the public. So people can select the best ISP, and natural selection of the fittest(fairest ISP) will occur.

adrr 3 days ago 2 replies      
Content is King. Youtube should be copying the model of local TV stations. Charge the cable companies for the privilege of accessing content. It shouldn't be reversed.
Dewie 2 days ago 0 replies      
I remember the glory days when YouTube would buffer the whole video from where you started, at a very uniform speed. If you wanted to jump to somewhere in the video and it was buffered, there was no rebuffering.

ISP's or not, it is infuriating for me as a user to see a website get significantly worse as it gets bigger and bigger.

nivla 3 days ago 2 replies      
So its basically ISPs acting as CDNs, infact the best one money can buy.

Does this mean no one will every be a true competitor to Youtube or match its performance unless they pay all the local ISPs?

incision 2 days ago 0 replies      
Just the other day I had a non-technical friend ask me if upgrading his 50Mb connection to 75 as suggested by Verizon would get rid of his YouTube buffering problems.

I wonder how prevalent and successful such fraudulent upselling is?

x0054 3 days ago 1 reply      
If you have a Mac, try a free program called YouView. Google YouView Mac. It gives you YouTube experience, but uses the MP4 files YouTube hosts for the mobile platforms. I never have a problem with YouView. Some times it's slow, but at least you can download the entire movie before watching. Also, it uses a lot less resources, 5-10% CPU vs 30%+ if played via browser. This means better battery life.

I think something like that must exist for windows and Linux, but I could not find anything free.

GhotiFish 2 days ago 1 reply      
Youtube has a very poor connection around my area in Canada. Video connections are unreliable, unexpectedly dropping or just being slow. Slower than the Kbps of the video I'm trying to watch.

For youtube's client side player this is completely intolerable. Which is why you don't depend on youtube's clientside player for anything. Use SMplayers downloader, or youtube-dl, or videodownloadhelper. These make use of more dependable protocols for downloading the video, and they will download 100% of the video.

You can buffer several videos up and watch effectively.

My user experience is so much better than what people experience through official channels. How can that be? I hacked my user experience together with bits of string and duct tape. Why should my experience be so miserable on official channels when so many manhours have supposedly went into making that experience the best?

Should you really be losing out to bits of string and duct tape?

What the ISP's are doing to youtube isn't fair, but the ISP's are clearly not the only ones at fault.

baddox 2 days ago 0 replies      
You should try to stream live content from twitch.tv. Pretty much everyone complains about how bad their service is, and twitch has been very clear that they're doing everything they can but that it mostly comes down to these deals with the big Internet infrastructure guys.
jimmaswell 3 days ago 0 replies      
I prefer to download videos with an extension and watch the file as it downloads in VLC instead, for longer videos.
bane 2 days ago 0 replies      
Youtube was almost unwatchable on my 50/30 FiOS till I did this http://mitchribar.com/2013/02/how-to-stop-youtube-sucking-wi.... This completely transformed my youtube experience to one that's fine compared to waiting 10 minutes for a 1 minute 240p video to buffer enough I could watch it all the way through.

Now the only problems I have are with the semi-broken new player, fast forwards and rewinds are often broken, full screen doesn't always full screen etc.

shoxty 2 days ago 1 reply      
This peering issue has affected me a lot. I watch a lot of gaming streams online and during peek hours Twitch.tv has becomes unusable. During a major tournament this is very unfortunate. Another example of this peering dispute affecting me is with the game League of Legends.

Almost everyone who is on Comcast (myself included) during peek times experiences lag that makes the game unplayable. Your character "skates" along the map and usually when it buffers and catches up to you you'll find yourself dead. My friends and I got together to play over the weekend and ended up having to stop due to the lag.

Heres a thread where the guys at Riot are trying to identify the issue. It wasn't until 7/22 that they identified the problem everyone has been having was due to a peering dispute between Verizon and other vendors. To fix the problem they are having to make changes with their provider to route traffic to bypass problematic junctions.


Its been very eye opening to me. I have a 50mb connection and I always thought that as long as I had a faster connection I wouldn't have lag issues. It was disappointing to learn that regardless of your connection you can still be throttled by ISPs and their vendors.

IgorPartola 2 days ago 1 reply      
As a temporary workaround I access YouTube over an IPv6 tunnel through Hurricane Electric. Since I set it up almost two years ago I have had no issues with YouTube. The only downside has been the IRS's quarterly tax site which seems to be misconfigured for IPv6 access but works if r over IPv4 (/etc/hosts FTW).
leke 2 days ago 0 replies      
I thought this idea was actually quite good, although sometimes the buffering issue is there. About 50% of videos I've watched, I've tuned of within 1 minute because it wasn't what I expected. The old system would have buffered about 10 minutes worth by then. The new system only buffers about 15 seconds. This is a huge bandwidth saving when you think of it on a mass scale.
Oculus 2 days ago 0 replies      
This article just brought a whole new meaning to Google Fibre. I think Google is seriously considering becoming an ISP which would make a lot of sense seeing as how they make up 25% of North America's traffic already[1].

1 - http://www.wired.com/wiredenterprise/2013/07/google-internet...

umsm 2 days ago 0 replies      
There was a similar discussion on HN a few weeks ago regarding a similar issue about ISPs buffering the CDN (I think).

I dug up a link that I saved:


Here is the fix:

  sudo ipfw add reject src-ip in  sudo ipfw add reject src-ip in

marquis 2 days ago 0 replies      
I watch http://www.internethealthreport.com out of interest - it shows just how clearly the peering is skewed for US tier 1s.
osth 2 days ago 0 replies      
Sounds like mirroring and ftp servers (or even bittorrent) would work just fine for distributing copyright-cleared video. Indeed that's how I remember it being done before YouTube and Netflix existed.

Today, with the explosion of online video, the copyright-clearance step could be administered by companies (as it already is, e.g., YouTube), but the servers providing distribution to the users at the network edge do not have to be run by companies.

1. Recall that storage is quite inexpensive and users are today quite capable of providing their own at home or on-the-go storage for terabytes or gigabytes of video.

2. Recall the "content-centric" networking idea Van Jacobsen has presented to Googlers. Does it really matter where the user gets the content? No. What is important is that it is authentic (and copyright-cleared).

codecool 2 days ago 0 replies      
Here I was cursing my ISP for ridiculous connection but I should have been cursing them for entirely different reasons! What is the use of taking costly high speed plans when the sites that require high speed (youtube, other video streaming) are still going to be slow?
rgbrgb 2 days ago 0 replies      
Given this discussion, what's the best resource for choosing a new ISP? I'm moving to SF in a week and I want to get a really nice connection for my apartment?
SkyMall's SkyFall priceonomics.com
295 points by DavidChouinard  4 days ago   94 comments top 19
aresant 4 days ago 7 replies      
Here's what I think happened:

a) Xhibit has built a solid digital agency team on the back of nutraceutical affiliate marketing offers, and enough revenue to support a trailing $300 - 500m valuation. But they realize their business isn't sustainable, and want to unlock the value of their team & experience with a larger play. They have failed at doing this with their own projects.

b) Najafi Companies, that originally owned Skymall, recognizes that the continued move to digital will eventually, and probably quite rapidly, decimate what is effectively a print advertising business in Skymall. They need a forward looking strategy, and a team that can execute said strategy ASAP.

c) Given that both companies are in Phoenix, a fit is recognized, and Skymall's recently appointed CEO Kevin Weiss is named CEO of the merged organizations. They sign him to a 5-year agreement to develop the digital strategy for Skymall and, given his background at "Author Solutions" which shows his experience in transitioning print-to-digital, this makes sense.

d) They hatched this plan when Xhibit's CEO met Skymall's CEO standing in line to use the restroom at a Phoenix Sun's game (a team that Najafi Companies has an investment in).

(1) http://biz.yahoo.com/e/130621/xbtc8-k.html

rohin 4 days ago 2 replies      
Author here. We published this about a month and a half ago so the stock price information in the post is out of date.

Since then, the stock price of the acquiring company (XBTC) has fallen roughly in half.


ErikAugust 4 days ago 4 replies      
Xhibit's "Twityap": http://www.twityap.com/

What an insulting joke.

Looks like their Twitter account was suspended: https://twitter.com/TwitYap

Elancer from Punjab who put the app together has a couple screenshots: https://www.elance.com/samples/twityap-android/71857479/

Totally funny stuff...

draz 4 days ago 4 replies      
I propose a 4th reason why they merged with Xhibit: the owners of SkyMall realized that with WiFi becoming more and more prominent on flights, bored traveler are less and less likely to flip through their magazines, but instead get online (where they'd have their own set of advertisements, shopping capabilities, etc). I think, therefore, it was the right move to cash out before companies themselves pull out of their agreements with SkyMall.
Afforess 4 days ago 1 reply      
Seems like a fitting fate for Skymall. A company that profits by selling overpriced shiny garbage is bought by an overpriced and shiny company, that is garbage.
chipsy 4 days ago 0 replies      
As someone who has had the misfortune of holding this type of scam stock in the past, I have great sympathies for the shareholders.

There are all sorts of ways you can find yourself holding a worthless investment(myself, via the entreaties of an overly enthusiastic and gullible friend) but once you have it, the rationalization machinery is going to kick in deeply, because now you're a sucker, and you really don't want to feel like one.

That's why there's often a lot of online noise generated around obviously bad companies like Xhibit - it only takes the slightest big of hope to keep people in as the price plummets.

skybrian 4 days ago 0 replies      
I think the most plausible scenario is that SkyMall wasn't a good investment to begin with, so their private investors dumped them.

We have no hard numbers. Magazine advertisers often don't pay list price for ads and their expenses are private deals with the airlines, who are likely to drive a hard bargain if they can. And I'd be skeptical about how many people actually read them regularly; a survey commissioned by the company could be exaggerated or flawed in some way.

jwheeler79 4 days ago 1 reply      
From their 10-K: "We owe $375,000 at a fixed interest charge of ten percent (10%) regardless of the time of repayment to four shareholders due March 31, 2014"

That means they issued a 10% bond sale that four dumbshits, already holding common shares, bought into. A 10% bond!

When spain was on the verge of insolvency, they were issuing bonds at 7%

throwaway9848 3 days ago 0 replies      
According to Yahoo! the Xhibit CTO makes $3K/year. Three thousand dollars.


dschiptsov 3 days ago 0 replies      
Nothing to see here. In general, being a cheater is much more efficient strategy than being a working drone, and, on the other side requires much less actual skills. This is why, for example, so many people struggling to create an appearance of competence and success, without actually possessing any appropriate skills or qualities. Their overconfidence sometimes fools simpleminded neighbors.

Creating an empty-shell companies based on buzzwords, bandwagon effect and spikes of mass hysteria in order to gain ballooned valuation via media campaigns and staged "acquisitions" is a normal practice nowadays. The nonsensical valuation of companies such as Zynga are canonical examples.

Using just appearance and media manipulations to create an association between few buzzwords, a brand and ignorant snap-judgement - "oh, that is a cloud virtualization mobile stock" or, you know, MongoDB - "instant gratification and productivity (of ignorant)" is a new-normal.

The exit strategy could be a fail fail due to "bad economy", while pocketing all the money, or, if lucky, sale to a bigger fool, but first one is much easier.

toble 4 days ago 0 replies      
Couldn't there be lots of other reasons? Like the current owners may have been forced to do it? From reading the article, I got the impression that this business was being passed around like a toy. Are the previous owners indirectly linked to investors in the airlines that carry the catalogue? Or members of the same club? I think I have watched too many detective shows, but there you go.
eksith 4 days ago 0 replies      
Funny thing is, I've browsed through for some ideas for electronics projects (not to use as-is, mind you, just to fiddle with) and found parts at wholesalers. What can I say, they were a handy supply of barely usable, often unnecessary rubbish, but as a museum of oddities and bad ideas, it was rather inspiring.
unreal37 3 days ago 1 reply      
Option #4, the old owners of Skymall financially benefit from the deal regardless of the up and down of the stock price. What if current holders of xhibit stock are the ones getting scammed here?
awongh 4 days ago 0 replies      
twityap?!? you can't make this stuff up.

It's sad that this might work to get people to part with their money.

lifeisstillgood 4 days ago 0 replies      
Isn't the simplest explanation the best? SkyMall was simply made an offer they couldn't refuse.

Don't sell horses heads in the magazine do they?

cpks 4 days ago 0 replies      
Last time I saw something like this, threats from the Russian mafia to the selling party were involved. No kidding.
cmccabe 3 days ago 0 replies      
I thought Xhibit was a rapper or something. Also-- Twityap? Is that for real?
circa 3 days ago 0 replies      
So Xhibit is faceblock?
adamtait 4 days ago 0 replies      
I guess when Priceonomics finds their business model has also fallen on hard times, they can resort to ... uh ... journalism.
Bootstrap 3 RC1 twitter.github.io
295 points by taspeotis  4 days ago   130 comments top 39
davidw 4 days ago 11 replies      
I love bootstrap, but I'm completely unconvinced about the flat trend.

My site, www.liberwriter.com is squarely aimed at non-technical people who are not really on top of the latest trends. I could very easily envision them having a higher cognitive load trying to figure out what is a button and what isn't and so on.

What do testing and studies show about this?

nileshtrivedi 4 days ago 4 replies      
List of all cross-browser gotchas from the Bootstrap site:

- Striped tables are styled via the :nth-child CSS selector, which is not available in IE8.

- IE and Safari don't actually support the <disabled> attribute on a <fieldset>

- Avoid using <select> elements here as they cannot be fully styled in WebKit browsers.

- If you add the disabled attribute to a <button>, Internet Explorer 9 and below will render text gray with a nasty text-shadow that we cannot fix.

- Keep in mind that Internet Explorer 8 lacks support for rounded corners.

- Badges won't self collapse in Internet Explorer 8 because it lacks support for the :empty selector.

- Progress bars use CSS3 transitions and animations to achieve some of their effects. These features are not supported in Internet Explorer 9 and below or older versions of Firefox. Opera 12 does not support animations.

- Firefox persists the disabled state across page loads. A workaround for this is to use autocomplete="off".

It would be nice to see if any progress is being made on these.

aaronbrethorst 4 days ago 4 replies      
Cue a dozen comments about flat buttons.

This looks like a nice set of changes for Bootstrap. I'm not sure how I feel about the grid class name changes, but then again, I went all-in on Foundation a few months back, so it doesn't affect me one way or another.

I'm sure mdo and fat have excellent reasons for using Less instead of Sass, but I'm a Rails user and I like Sass better to boot. Anyway, no matter, I'm glad to see Bootstrap is continuing to push forward!

baddox 4 days ago 1 reply      
It has all sorts of bugs in Safari on my iPad. Switching screen orientation and zooming out cause the left sidebar to cover up the body text, I can sometimes get it to stay zoomed out way too far, and if I try to zoom in Safari crashes every time. Looks very slick though.
buro9 4 days ago 0 replies      
For those wanting to try out Bootstrap 3 against an existing Bootstrap 2 site... note that if you use anything other than 12 columns that it won't work yet.

Simply: The grid is hard-coded to be 12 columns.

If you want more or less, then you need to adjust less/grid.css manually and reflect that in column count within less/variables.css and use grunt to rebuild.

Aside from the generation of custom grids being broken, no complaints about the rest and we've been following the bleeding edge for several months now and it's been fine. Yeah a couple of things have broken, but every change has been an improvement and that's a good thing.

rushabh 4 days ago 0 replies      
We have built the new version of our web app on BS3. The migration from BS2 to BS3 was not too difficult. There are some new elements too like List View and Panels. Love the flat UI too. Feels very modern and light. Here is a demo of our app: http://demo.erpnext.com/
taspeotis 4 days ago 1 reply      
The documentation makes reference to an announcement on the blog, which doesn't seem to be available. If anybody wants to keep watch, be my guest: http://blog.getbootstrap.com.

I've been keeping an eye on the pull request (https://github.com/twitter/bootstrap/pull/6342) and the gh-pages branch (https://github.com/twitter/bootstrap/tree/gh-pages) for other Bootstrap 3 information.

http://twitter.github.io/bootstrap/customize strongly suggests there will be another RC after this one.

arocks 4 days ago 0 replies      
I think Flat design is good from one perspective - easier to win client acceptance. The original Bootstrap is so familiar to everyone.

Even non designers have a Deja Vu feeling - "Oh, this is a very cookie cutter look. Can we get something more distinctive?". Of course there are excellent sites [1] which help in tweaking the base design but takes a lot of work.

Flat designs can be much more easily customized and developers can spend more time focussing on the functionality than the design.

[1]: http://bootswatch.com/

k-mcgrady 4 days ago 1 reply      
I'm launching a site in a few weeks which uses Bootstrap 2. Should I upgrade to Bootstrap 3 now or wait until the final version of 3 is released?
wojt_eu 1 day ago 0 replies      
Flat or not, this is how I feel about UIs built by programmers before Bootstrap was available: http://www.youtube.com/watch?v=-MC7GrDS8TE
Techasura 4 days ago 0 replies      
Just remove the "-dist" from the url orhere is the download url: https://codeload.github.com/twbs/bootstrap/zip/v3.0.0-rc1
dreamdu5t 4 days ago 2 replies      
The modal is still not responsive. I've been using http://jschr.github.io/bootstrap-modal/ and am kind of disappointed that the new version isn't improving existing widgets like this.
jdorfman 4 days ago 0 replies      
Now on BootstrapCDN for reals
killion 4 days ago 0 replies      
I find it funny that their examples of grids don't line up on the right side.

It totally speaks to my experience with their grids.

timkeller 4 days ago 0 replies      
Congratulations on reaching RC1 after more than seven months of intensive work.
ereckers 4 days ago 0 replies      
I'm happy about the mobile first approach. Simple things like 100% button widths is great. This was a modification I had to make to every Bootstrap site I built. I like the idea of having a single CDN for it too. Nice work.

Oh, I owe it to the thread - flat buttons.

lenkite 4 days ago 0 replies      
The Bootstrap grid system now appears crazy complex to me. I really wish all browsers would now support modern CSS3 Flexbox.
marizmelo 4 days ago 1 reply      
Well just use xtyle instead: http://xtyle.xchema.com

It's smaller and uses CSS property names as class names. You know CSS you know how to use it.

xSwag 4 days ago 0 replies      
Didn't know advertisements were allowed on github pages, I guess the developers have to monetize somehow.
joeblau 4 days ago 0 replies      
Congrats guys, I've been following the RC1 branch for a few months now and this looks great.
gugol 4 days ago 1 reply      
I love it! But it's not Bootstrap, it's something very different. They shoulded name it different or keep maintaining the older version...
natch 4 days ago 0 replies      
I get "Not Found" upon clicking the big main call to action, the Download Bootstrap link.
conradfr 4 days ago 0 replies      
Side menu (links) doesn't work for me in FF or IE, only with Chrome.
jonaldomo 4 days ago 0 replies      
I've been waiting for the dropdown events that were added. I started a project in Zurb Foundation today due to Zurb having the upper hand in responsive, time to reevaluate it looks like...
pgsch 4 days ago 0 replies      
The main problem I'm having with the bootstrap flat design is how to difference between button and (e.g.) labels/badges.In the previous version (2.x..) it was pretty clear for the user that a button was a button...
rch 4 days ago 0 replies      
Seems like navigation might be broken on the Nexus 7.
pseudobry 4 days ago 1 reply      
http://getbootstrap.com/ looks like it got its design from Heroku's new website.
hemezh 4 days ago 1 reply      
Finally bootstrap with flat UI. Loved it. Looking forward to use it in my next project. Does that mean twitter might also launch a flat UI soon?
zekenie 4 days ago 0 replies      
I kind of love the new form markup. It makes more sense to me than BS2.
thomasfoster96 4 days ago 0 replies      
Flattest thing I've seen today.
ing33k 4 days ago 0 replies      
just tried replacing the css files with the new ones , navigation and many things broke ..but any how I like it, I will integrate it after checking out docs ..
tednash 4 days ago 0 replies      
Bootstrap is utterly brilliant in terms of validating an idea and indeed scaling one.
PaulHoule 3 days ago 0 replies      
that page seemed to load in a microsecond, wow!
gcatalfamo 4 days ago 0 replies      
is it just me or it feels somewhat sluggish on mobile? (nexus 4)
mangaprincess 4 days ago 3 replies      
so0o0 do we have a gem yet
hackapreneur 3 days ago 0 replies      
They weren't joking when they thought the world was 'flat'.
alixr 4 days ago 0 replies      
I've never been a fan of bootstrap, namely because nobody modifies it and all websites end up looking the same.

But I will say its nice that they're going Flat. Much easier on the eyes, and much simpler to creative a responsive layout for multiple screen sizes.

emn13 4 days ago 6 replies      
So what exactly is the point of bootstrap? It includes an entirely pointless (and poorly made) grid system; an excessive (and unnecessary) css reset; complex & slow selectors, and lots of default styling you're probably going to replace anyhow.

If it were a bunch of separate modules you could individually include and use as a template for your own style, you could actually use the parts you need: as it is, I really don't understand the hype.

NSA director heckled on stage at Black Hat security conference forbes.com
282 points by tjaerv  9 hours ago   173 comments top 21
tptacek 8 hours ago 8 replies      
This entire event was a staged press op. Keith Alexander is a ~30 year veteran of SIGINT, electronic warfare, and intelligence, and a Four-Star US Army General --- which is a bigger deal than you probably think it is. He's a spy chief in the truest sense and a master politician. Anyone who thinks he walked into that conference hall in Caesars without a near perfect forecast of the outcome of the speech is kidding themselves.

Heckling Alexander played right into the strategy. It gave him an opportunity to look reasonable compared to his detractors, and, more generally (and alarmingly), to have the NSA look more reasonable compared to opponents of NSA surveillance. It allowed him to "split the vote" with audience reactions, getting people who probably have serious misgivings about NSA programs to applaud his calm and graceful handling of shouted insults; many of those people probably applauded simply to protest the hecklers, who after all were making it harder for them to follow what Alexander was trying to say.

There was no serious Q&A on offer at the keynote. The questions were pre-screened; all attendees could do was vote on them. There was no possibility that anything would come of this speech other than an effectively unchallenged full-throated defense of the NSA's programs.

Even the premise of the keynote was calculated to wrong-foot NSA opponents. However much you might want to hear Alexander account for the activities of the NSA, the NSA itself is not the real oversight mechanism for the NSA! My guess is that no pol with meaningful oversight over NSA would have consented to address a room full of technology professionals about NSA's programs; they were happy to send NSA's own supremely well-trained figurehead to do that for them.

I think a walkout might have been effective, had it been organized well enough in advance (perhaps with some of the same aplomb as the [I think misguided] opposition to CISPA); at least you'd get some stinging photos.

dmix 7 hours ago 1 reply      
> Alexander also noted the 6,000 NSA cryptologists who have deployed to Afghanistan and Iraq, 20 of whom were killed in the line of duty according to Alexander. Think about people willing to go forward to Iraq and Afghanistan, to make sure our soldiers, airmen and marines get the intelligence they need, he said. I believe these are the most noble people we have in this country.

Having lost a brother who deployed as a signals operator in Afghanistan (to an IED), it always makes me cringe whenever they use forward-deployed soldiers as a defense of the higher-level states "nobility". There is nothing noble about mass surveillance or the invasion of privacy of non-enemy combatant nations/citizens.

The fact citizens signed up to risk their lives in combat-zones at the bottom end of the chain does not legitimize the actions of those at the top.

JumpCrisscross 7 hours ago 3 replies      
"Ninety-eight percent of society has issues with this"

"The national survey by the Pew Research Center, conducted July 17-21 among 1,480 adults, finds that 50% approve of the governments collection of telephone and internet data as part of anti-terrorism efforts, while 44% disapprove. These views are little changed from a month ago, when 48% approved and 47% disapproved."


norswap 8 hours ago 4 replies      
Hackers applauded Alexander? He really has played them like pipes.

You can argue all you want, but in the end, some boundaries have to be set. What the NSA did (does actually) is way past that boundary for most people, and I think with reason, but that's another debate. He hasn't supplied any argument that would make us reconsider the boundaries. All this terrorist talk is bullshit.

IanDrake 7 hours ago 3 replies      
>the four-star general presented a timeline of terrorist attacks around the world, from the 1993 World Trade Center bombing to the Boston Marathon attack.

Can anyone speak as to why, with the NSA's systems, they were not able to thwart an attack by the ass clowns in Boston? Russia even warned us about them and they made frequent contact with foreigners.

I'm sorry, but that terrorist event seems like low hanging fruit if their system really works to protect us.

vijayboyapati 7 hours ago 2 replies      
Funny how Alexander says he's read the Constitution, and implores the heckler to do the same. If one can read the Constitution and square the NSA's mass surveillance with the 4th amendment then one can square a circle. There really is no point in debating people like this on the technicalities of the Constitution. What they understand is power. He has it and we don't. He knows how to pull the levers that matter, and which Congressman and executive branch bureaucrats to lean on to make sure his bailiwick is not reduced by a single inch. The rest of us, sadly, are left flailing around hoping that pointing to a piece of paper is an effective check on evil.
rbanffy 7 hours ago 2 replies      
I find particularly hard to believe the "6,000 NSA cryptologists who have deployed to Afghanistan and Iraq" part. Why would anyone want to deploy cryptologists into a war zone?

I also found disheartening the applause given to the general for his clever answers. "I have. So should you"?! I expected more from the Black Hat crowd.

And, finally, I applaud Jon McCoy for his sacrifice. His willingness to endure all the cavity searches he'll be subjected to before and after every flight inspires us all.

mjfl 8 hours ago 3 replies      
I don't care whether the director of the NSA is a bad guy, it just makes you look bad if you heckle someone on stage. There are probably few more scrutinizing audiences for the director of the NSA than a professional security conference. I would rather have him say what he has to say and be analysed by the many bright minds at the conference than for him to be childishly interrupted and waste time that could be spent talking about the actual role of the NSA in the security of the nation.
JonFish85 8 hours ago 3 replies      
All things considered, it seems like Keith Alexander did a pretty good job of handling the situation. Personally I think the heckler sounded like a douche ("read the Constitution" sounds like a dumb thing to say to a 4 star general who probably has better knowledge of it than your average hacker), even if he (the heckler) had some good points.

It would have been easy for the situation to devolve into something much uglier, but fortunately it seems like things stayed pretty calm!

kyzyl 6 hours ago 0 replies      
Looks like I'm a little late for this comment party, but I'd just like to highlight one comment from the Forbes website that I thought was good:

"In general I agree with McCoy in his ad-hoc debate with Gen Alexander as well as his post presentation remarks about the distorted perspective of national security. At the same time, I do conceed that the NSA is acting in good faith and within the law as presented to them via the Patriot Act. I have similar feeling about the value of TSA, but whereas the TSA is a publicly disclosed program, my most pressing concern with the NSA is the secrecy of it. First, the secrecy presents an extremely high degree of risk (in terms of both the probabilty of occurance as well as the dangers) of mission creep. I doubt Congressional nor FISC oversight are adequate to mitigate this risk. Second, secrecy is not really a valid tool for deterence. Anti-terrorism programs are like a doomsday devices: its a good deterence only if it is widely known about (see Dr Strangelove). Moreover, while secret programs might be good for support of kill/capture programs, it is far from clear that such efforts reduce terrorism.

For all I know, the government spy/drone program is to terrorists as a hammer is to an ant colony. If you have a spilled pot of honey in the kitchen, it doesnt matter how good you are at spotting and smashing ants. I want to know these things, so that I can help shape public policy through the ballot box."--uspatriot2001

I think that's a good assessment of the high-level picture, and it's much more informative than "NSA BAD! Freedom good!" (not to belittle anyone's comments here) in that it reflects a road forward.

podperson 8 hours ago 5 replies      
No idea how accurate a depiction of the speech this is, but the article is -- contrary to the title -- portraying the speech as having been warmly received, applauded, with one lone heckler. Now, whether or not one agrees with General Alexander, there are more courteous and productive ways to express yourself than yelling "bullshit".
replax 7 hours ago 0 replies      
Wow, I am really, really surprised. Especially as Gen. Alexander gave the keynote speech to DEFCON last year, and explicitly said, when asked after his speech:

Q: "[..]Does the NSA really keep a file on anyone? [...]"

A: "[..] Frist, no, we don't [...]"

Absolutely astonishing!

listen/watch here: http://youtu.be/tz0ejKersnM?t=33m2s

abalone 7 hours ago 0 replies      
In fairness, the title could just as well be "NSA director applauded on stage at Black Hat security conference".

The crowd's reaction was definitely mixed.

YellowRex 7 hours ago 1 reply      
I hate Forbes - interstitial ads and persistent headers are super annoying. Can we stop posting Forbes links?

Boing Boing has the same coverage with a much more reader-friendly site design: http://boingboing.net/2013/07/31/nsa-capo-heckled-at-black-h...

northwest 8 hours ago 1 reply      
> I havent lied to Congress, Alexander responded

And WTF was that, now?

EDIT: I guess this is true because actually, he lied to the chairs in the room. Or some coffee mugs that were also present.

Is that how one evades a lie detector, btw?

It really can't get any sicker. We have now reached the bottom.

generj 9 hours ago 1 reply      
I think this underscores Defcon's decision to exclude the Feds this year.
northwest 8 hours ago 1 reply      
> No, Im saying I dont trust you! shouted McCoy.

I believe that's pretty central here. I don't see how we can ever be able again to trust an organism such as the NSA - or even the government.

Transparency is the only solution here. Will we get it?

If we don't, the only other solution would be to cut budgets so drastically that such an enterprise will simply not be possible financially, anymore.

And maybe, as a general improvement: Decentralize the government and give the States back their autonomy (and here you have your link between technology and politics - see the recent cry for less "political posts" on HN).

etiam 6 hours ago 0 replies      
Keith Alexander's way of bending words, and his facility with swinging a crowd and lying skillfully under pressure once again reminds me disturbingly of accounts I've read about psychopaths, and of probable psychopaths I've encountered.Those patterns could of course be stuff you pick up anyway as a top player for power, but I find the parallels highly worrisome.For those who have never read anything about the subject, may I suggest browsing e.g. "Without conscience" by Robert D. Hare. The sections with court proceedings in particular illustrate well what I mean.
wil421 7 hours ago 0 replies      
From the article: Everyones thinking this, but no ones saying it public, so everyone thinks theyre alone, he said. Ninety-eight percent of society has issues with thisBut no one speaks up.

While I think some people don't how to speak up, beside calling/writing my congress person, many don't care either way. In fact, many older people I have talked to (I am in my twenties) dont have a problem with what the NSA is doing. They dont really mind if their data is being sifted through as long as its being used to "Find Terrorists or what have you."

My problem is the lack of oversight and the fact court that has approved 1,789 out of 1,748 requests (97.7%!!!!). Not only that but they have legal justifications for what they are doing, therefore since its legal its allowed, forget the morals/ethics involved.

Who's to say they won't turn this around on the public at large because it will prevent smaller crimes instead of terrorists. Also whats to stop the government from calling people who oppose their views terrorists and then just spy directly at American people.

rinon 6 hours ago 0 replies      
Amashs Amendment To Defund NSA Program Fails 205-217 techcrunch.com
278 points by llamataboot  7 days ago   159 comments top 22
tptacek 7 days ago 9 replies      
Copied from the other thread, because it bears repeating:

I think it's important to keep in mind that the 12 vote margin is comfortable for Amash and supporters of new NSA restrictions and uncomfortable for its defenders.

Here's why: opponents of Amash wielded an argument that "split the vote". Representatives who voted against Amash could have done so for one of two reasons:

(1) They actively support providing the NSA with unchecked access to cell phone metadata under the "business records" provision of PATRIOT, or

(2) They don't support that access, but can't support a broad amendment that potentially de-funds whole NSA programs, and instead need something finer grained to correct NSA with.

Meanwhile, everyone who supported Amash believes strongly --- so strongly that they're willing to do something disruptive to NSA --- that new checks on NSA are needed.

(I think Amash was a good amendment, if only because it would force the House to do its actual job and carefully regulate intelligence collection; if it caused a temporary shitstorm, so much the better --- it'd be a well-deserved comeuppance for a legislature that has been derelict in its duty to oversee these programs. But you should be aware that opponents of Amash had a persuasive-sounding argument for voting it down even if you believed new regulations were needed.)

I think this was a pretty hopeful vote.

KevinEldon 7 days ago 3 replies      
Your representative is probably on Twitter. If you've got an account tweet how they voted and what you think about it. Be polite. You can of course email and call them too to share you viewpoint.

Find your Representative - http://www.house.gov/representatives/find/

Amash vote - http://clerk.house.gov/evs/2013/roll412.xml

pvnick 7 days ago 0 replies      
Twelve votes? That's it? Wow, that's incredible. The first real tide change we've seen since the passage of the patriot act. Those who voted Nay seemed to do so because "metadata isn't covered under the 4th amendment."

Wait until they find out the NSA is raking in the call contents too [1]

[1] http://www.huffingtonpost.com/2013/06/29/glenn-greenwald-nsa...

kristopolous 7 days ago 2 replies      
I'm knowingly paying an organization to openly wage cyber warfare and espionage operations on me?

Splendid. At least we may get a few good HPC and IR publications out of it.

Actually, it will probably be outsourced to contractors who will squander it away without producing anything.

Unless, that is, the next 9/11 gets planned using twitter hashtags. Actually, since the Sandy Hook shooter openly talked about his plans on 4chan, I'm guessing that even a twitter campaign would still "pass under the radar".

I bet the only real consequence is that someone will lose a laptop with like, everybody's social security number and financial history on it. It's going to be so awesome.

lettergram 7 days ago 2 replies      
Republican: 94 yea 134 NayDemocratic: 111 yea 83 Nay

Pretty close and party lines didn't seem all that important.

guelo 7 days ago 2 replies      
If congress were to pass some law (over Obama's veto) limiting the intelligence agencies, what is to stop the administration from coming up with a secret interpretation of the new law that effectively ignored it? They are already in violation of current law, as the author of the Patriot Act has stated.

Democracy has been completely subverted at this point. We need impeachments and new anti-secrecy laws.

s_q_b 7 days ago 0 replies      
Repost from another thread on the same issue:

I really do commend everyone involved in this effort. This is how the system is supposed to work, citizens making their voices know, and the legislature acting upon the will of the people.

Honestly you guys got far closer to your goal than I would have anticipated. The bipartison support was almost unprecedented in recent years.

From a practical matter, even if the House bill passed it was dead on arrival in the Senate. But nevertheless it is a significant symbolic blow to blank surveillance against American citizens.

All I've tried to communicate, perhaps with less than appropriate tact, is that this is going to be a long slog.

If you're going to reign in the surveillance state, you'll need to start thinking like Washington insiders. Pick one incumbent that vocally supported these programs, and take him or her down. That will instantly catapult this issue to the top of the concerns in DC.

It only costs a few million to get that done. Considering the wealth of the tech industry, and the threat this poses to overseas expansion of the US internet services, donations shouldn't be overly difficult to drum up. We could really make a large dent in getting the legislature to help roll back these programs to sane levels. Add to that an anit-SOPA style social media campaign, and you could accomplish real and lasting change.

altero 7 days ago 4 replies      
I think this is the end of the cloud. For me (as european) it is now unacceptable to use american webservices and remote apps. We had a good run.
llamataboot 7 days ago 0 replies      
I am wondering why we didn't see a /single/ large tech company release something in support of this. Even something as simple as a press release...
livestyle 7 days ago 3 replies      
Would be interested in a consolidated list names of those who voted in favor and against this bill.
D9u 7 days ago 0 replies      
The bit about "...not the product of an informed, open, or deliberative process" illustrates the hypocrisy inherent to the ruling class.

They rarely hold themselves to the same standards which they set forth for the proletariat.

marcamillion 7 days ago 1 reply      
Even though I don't have the time to do it, I have a feeling that if you drilled down into the votes some more, you would likely see a pattern/relationship re: authority.

i.e. those in higher authority would have voted it down (Boehner, Pelosi, etc.) and those with less authority supported it. So the powerful preserving their power, with the less powerful challenging it.

That alone can speak volumes about the potential for their power crumbling. Boehner has been on the ropes recently with his caucus warning him to tread carefully.

If that turns out to be the case, then the leadership has big problems. Both in the House and the Whitehouse.

That could be good for the issue over the long-term....which is encouraging to me as a "foreigner".

tzs 7 days ago 0 replies      
The votes from members of the Permanent House Select Committee on Intelligence were 2 yes, 21 no.

By party, that was among Democrats 2 yes, 8 no, and among Republicans 0 yes, 13 no.

coldcode 7 days ago 0 replies      
The tool who represents my district actually voted AYE. Maybe there is hope for this body of morons.
BashiBazouk 7 days ago 0 replies      
If this is to be fought the time is close at hand. First off if this is played as a left vs right issue it will lose. Second this needs to be won at the primary level. If both the democrat and the republican in a district/state are against it, then it doesn't really matter who wins as far as this issue is concerned. Bonus points if when the debates start, instead of opposite sides of the issue, they try to one up each other on how they will dismantle the surveillance state. I think asking your Representative their stand on this issue as well as any one else who enters the race is a good start but also try to get some sort of pledge that they will work across the isle with the other party to get this done.

This will need at least two election cycles to be successful. Everyone in the house is up for re-election every two years but the senate requires six for everyone to go through the re-election process. I think with some luck, the third senate election cycle might not be needed if enough momentum can be attained. But I think to really succeed it will have to survive a filibuster and possibly a presidential veto.

We can do this if we are willing to put aside our political differences, work together and think long term.

clarky07 6 days ago 0 replies      
Really interesting thing here is that 12 people didn't vote, exactly the margin of defeat. I wonder how many of them were leaning towards voting for it, and how many of them were strong advised (coerced) to abstain.
darkmethod 7 days ago 3 replies      
Is this the will of the people?
rdl 7 days ago 0 replies      
It's really interesting looking at the people who voted against this -- Nancy Pelosi and Michelle Bachmann?
evolve2k 7 days ago 1 reply      
Which way did Obama himself vote?
pteredactyl 7 days ago 0 replies      
Maybe its a Spectacle for hegelDialectic/divideConquer #pov
tlongren 7 days ago 1 reply      
I read the title as "Amish's Amendment". Wondering what the Amish did to illicit such attention from the NSA.
pawrvx 7 days ago 1 reply      
Now you know who runs America.
Introducing Quip quip.com
276 points by jamesjyu  1 day ago   152 comments top 50
finiteloop 20 hours ago 14 replies      
It's always surreal to read Hacker News threads about the stuff you make. Harsh, but realistic. Anyway, I am Bret Taylor, co-founder of Quip. I am here if you have any questions, etc. (Also posted responses on the existing thread already).

Just to clarify a couple of points I have read:

1. We do support desktops. We have a really nice web app. It is Chrome/Firefox only right now.

2. We have an Android app. It is a "preview release" because it is not feature complete. We released it because it is pretty close, and you can download it at https://play.google.com/store/apps/details?id=com.quip.quip. It is early, but it exists.

pud 1 day ago 2 replies      
Quip is Bret Taylor's new company.

Bret founded Google Maps and FriendFeed. Then he was CTO of Facebook for 3 years.

So this should be interesting.

OoTheNigerian 21 hours ago 2 replies      
Great stuff. Never easy tackling such an entrenced market.

I have a few suggestions though as someone that not only actively uses Google Docs but practically forces people I work with to do so too.

1. How do I make this appear in my existin Google Docs folder? I really do not want to have another place for my documents.

2. The pricing of Google Docs makes it really hard to beat. How does quip plan to fight that?

3. Still early days but people create different types of docs e.g Spreadsheets and slides for the same projects. How does it work with them without putting one type of doc in a differnt location from another? Especially when they are fr the same project?

4. My biggest issue when using Google Docs is that of formatting. The format does not play well with Word (we have to accept Word I'd boss for now and a monster number of people still use it ). Does the formatting work well with Word?

From my very limited knowledge, I have a few suggestions

1. Be the best at something and come inthrough the flanks. E.g the best way to edit your DropBox documents (I actually thought Dropbox would have launched a document processor by now). Coming through the flanks will remove the weight of expextation and at the same time allow people to

2. integrate you into an existing workflow for a large number of people. Eg. Sync with Google Doc.

3. Understandably, 17million is not a lot these days so you need to start earning money. But consider almost everyone will already have away of processing docs. I would find it hard to pay for something I have already paid to do. And does far much more work for me. You need people to start geting used to you and your pricing will limit adoption

The above is my feedback. I am sure you must have thought of it and more. I wish you all the best.

dakrisht 21 hours ago 1 reply      

I'm personally not a tablet-typer and connecting a BT keyboard to an iPad with a case is basically a laptop, so I'd rather just use an Air (wouldn't you?)

Quip looks nice, but from reading this thread, their and playing with the app myself I have a few observations. After all, this is a thread where we come to comment, so why not throw five minutes of my life into some writing, using my BT keyboard, on a big heavy iMac.

First, saying that there is "barely a laptop in sight [in the Bay Area]" is just rubbish - there are _plenty_ of laptops in and around the Bay Area, the Valley, Southern California, California, the United States, the world. Startups - your users are not all in San Francisco. It's like Tim Cook saying "there are no Android phones at BJ's Grill."

I appreciate the forward thinking of this app in a very "post-PC" era kind of way, but showing a screen of MacWrite from 1984 in the app page is just ridiculous - there have been _plenty_ of great mobile-based word processing applications in the past few years, in case you have not noticed. From Pages to IAWriter to Textilus to Evernote, the list goes one. Saying the "software that we use to get work done has not evolved over the past thirty years" is just utter nonsense. It has evolved, quite a bit. As much as I don't want to praise Microsoft, they've been improving Word (sure, Office for iOS is terrible) slowly but surely over the years. It's a solid WP and you give credit where credit is due.

With regards to this application, the "thread approach" to document sharing and collaboration is an interesting notion. That is if you share a lot of documents with other social-based users a la FB style, but I highly doubt you're going to see attorneys redlining agreements in a feed - although it would be nice to see people chatting regarding a document, pitch, brief, agreement in real-time - but hey, world doesn't work that way (especially at $500 an hour). I don't think a lot of users "enjoy" word processing. We do it do get work done!

Editing document also appears to be a little strange (although I don't have anyone to collaborate with yet) but the concept of including "documents edits" in the activity feed makes no sense really. WP's such as Word (and WordPerfect in the past) have always been known for a rich set of features, tools for various professionals, the people who use WP's all the time. Formatting options, graphics, tables, charts, margins, etc. These are all very important features for the bulk of users. So while I understand the product and the "modern word processor" buzzword, it's important to define what a "modern word processor" is/should be and how you're going to get the majority of the world (95%) or a small chunk (<10%) to shift away from Word and to this modern design.

I get it - it's a social thing, the buzzwords are there, the skeuomorphism is flowing with the manila folders, but Word Processors have in inherent attribute that is tough to rewrite with graphics and sharing and @mentions: it's functionality. And that's all the matters.

Best of luck to you guys.

Edit: I wanted to add that it's important to test, use, and discuss [new] applications with an open mind. This is their first release, so things will undoubtedly improve, user feedback is so important to a new startup/product. Your users are everything - and certainly those outside of SFO (sorry had to). I think Quip can learn a lot from comments here on HN, no matter how long you work on a product and polishes the edges, it takes someone from the outside looking in to really give you some great direction at times.

marcamillion 22 hours ago 4 replies      
This looks awesome.

When I installed it, the first thing I am greeted with is a screen asking me to enter my email address. Given that my email is a Gmail address, it notifies me about wanting to manage my contacts and something else (that was the first off-putting step in my experience). I just met you, and your hands are already going down my pants.

Then once I got in, the 1st or 2nd screen inside is about adding friends because it is better when you collaborate.

The only reason I saw the 'Skip' in the top right is because I was really looking for a way not to do this.

So I think the issue I have with this workflow is that the expectations that the landing page set are one thing (i.e. awesome document creation on mobile devices) and then the experience is pushing me into a "hand-over-your-address-book-and-get-to-sharing" experience right off the bat.

I get the whole "viral loop" thingy, and baking it into the product experience, but I feel like it would leave a better taste in my mouth if I was nudged into it - rather than broadsided.

That being said, I am likely to continue using it and playing with it (because of the potential value that a word processor made for an iPad can have).

I was just put off by that digging into my address book experience...that's all.

paul 23 hours ago 0 replies      
Looks awesome. I especially like the conversation column showing diffs and messages together -- it seems like an elegant way to collaborate.

Congratulations Bret and team!

samstave 23 hours ago 1 reply      
Nice subtle "Professional" marketing with the Quip Business screenshot for the desktop NOT being on a Macbook. :)

However, this says nothing of compatibility with existing docs. What if I have a ton of content trapped in .docx? What about Tables in docs? Are they supported?

How do you send a document to a non-Quipper? Does it PDF? Export to ODF? DOCX?

Or are we to expect an email "Hey, I sent you this awesome document! All you need to do to open it is install this app and reate an account!" type of spreading?

Finally, while the UI is definitely beautiful, the collaboration part looks like it suffers from Facebook's one-scrollable-column...

Ill definitely give it a try - but if the app is just a vertical data-silo into which my content is trapped... then I don't see it being very useful for me. Looks nice - lets hope its useful.

EDIT: I am really interested in the UX of creating a nice looking document without a mouse! The speed with which I can type and navigate on any phone or tablet is fractions of that of my desktop... I guess some people like producing on a phone/tablet - I personally HATE it - so I'd love to hear how people deal with it on this...

For example, there is no Search function for text on my iOS devices. They'd better implement search and replace. Highlighting SUCKS on any touch based device as well...

I am wondering if these UX issues are overcome by well built software?

Basically I see phones and tablets as almost exclusively data/content CONSUMPTION devices - not because of size or form - but of the HID/Input.

sytelus 22 hours ago 0 replies      
Definitely "not for my mom" product, at least not yet. I logged on using my Google account and it needed permission to manage my contacts and among other things! Why a word processor needs to manage my contacts? Interface on desktop Chrome is filled with undiscoverability issues like Windows 8 UX. For example, it took me forever to figure out that there was a "+" sign on the bottom right to start creating new doc. That was in fact only way to create new doc. I still can't figure out where is the button for making text bold or italics. After few minutes I gave up trying to figuring out how to change font.
antr 21 hours ago 3 replies      
The signup process is totally screwed up, in an infinity loop kind of way.

I signup: email, name, password. Sends me a confirmation email. I click on confirmation link. Sends me again to the same signup page, only this time the fields are completed. The only available next step is to click on "Next" again, and the email verification is sent again, sending me to the same completed fields page...

It happens on both web and iOS. I guess I'll have to stick with Google Docs and Pages.

pmarca 20 hours ago 3 replies      
Boy, Hacker News has gone in a strange direction. Killer new product from legendary engineers. Let's all get together and shit on it!
ryanSrich 23 hours ago 1 reply      
This looks great and I'm hopeful that it will do well.

Having said that I can't help but think how strange it is that the launch of another word processor is novel enough to reach the front page of HN.

I understand that the co-founders are big names in the valley but a word processor? Perhaps I'm missing something but the technology here seems anything but front page worthy.

jongalloway2 23 hours ago 0 replies      
Kinda looks like OneNote for people who haven't seen OneNote. A few cool new things in there, like the @mentions. Neat.
goldfeld 22 hours ago 1 reply      
Criticizes word processors as being from another era with old concepts. Then goes on to show a skeuomorphic interface based on even more elderly analogies, such as "desktop" and "folders."

Minor nit aside, the diffs do seem very helpful to the folks who pass around Word docs and such. I guess either technology or the tech world has only now caught up to this need with things like this and Draft.

aresant 23 hours ago 0 replies      
The messaging challenge Quip is going to have is that they have to call themselves a "modern word processor" so we have context to understand what it is.

But from the landing page this looks / feels drastically different from any word processing / document creation tool I've used in the past.

It might be interesting to test a variant that starts with a screenshot that centers visitors around what this has in common with today's word processor, and then hammers home the "awesome" part after that.

kfk 22 hours ago 1 reply      
Meh, MS Word is a horrible piece of software, but it does its job, how is this different? Collaboration? Good luck convincing the business world only with that, they have been emailing files for 20 years and they have been reading paper for over a century. Really, good luck.

Then, format? Open, closed? Are we again proposing creating documents on proprietary formats after all the issues we saw with .doc and friends?

616c 21 hours ago 0 replies      
Yet another company making Android a second class citizen? Pass. When you send me that message early, all I can say is thanks. I know I will be disappointed because other devices are a priority. At least you are honest.
jrd79 23 hours ago 5 replies      
Who likes typing on a tablet or phone? They are for reading, not composing.
dylanz 14 hours ago 0 replies      
First, great work. Second, please put something on your landing page that addresses Google Docs. Address the top X document tools and explain to my why I should use Quip. That was my initial question, and I had to scan through HN to find my answer. Other than that... it looks great and I hopeyou guys rock it!
ryandrake 23 hours ago 2 replies      
Is it just me, or are a lot of startups borrowing each other's value props? It's like a Mad Lib that everyone just fills in:

"[Product] is a [app category] that enables you to create beautiful [output]."

Everything's about "enabling the creation of beautiful" XYZ. Nothing against these guys in particular, I just happened to notice it while reading the site, and am thinking back to the N other new product announcements I've seen here recently.

Someone 10 hours ago 0 replies      
From the privacy policy;

"Information that we collect from our users, including PII, is considered to be a business asset. As a result, if we go out of business or enter bankruptcy or if we are acquired as a result of a transaction such as a merger, acquisition or asset sale, your PII may be disclosed or transferred to the third-party acquirer in connection with the transaction."


shortformblog 10 hours ago 0 replies      
Why doesn't this support external hyperlinking yet? That's what I don't get. It's like creating an epic meal and forgetting to offer a fork.

EDIT: I figured it out. I had to paste a URL in and then type over the hyperlink. That's far from intuitive. It's too bad, because it mars what appears to be an interesting product.

yread 21 hours ago 5 replies      
I don't understand why do all (and I mean ALL) screenshots have to be on an Apple device? Are you selling iPads or iPhones? Shouldn't your focus be on your product and not on Apple's product?

Perhaps in the beginning somebody could be fooled that if you like awesome Apple products your product will be awesome as well. Or that because iThingies near perfection your service is also going to be highly polished. Obviously, that is more often false than true - you're a damn startup and the products on the screenshots are sometimes little more than MVPs (not in this case, I guess).

What is wrong with just a screenshot?

taude 16 hours ago 0 replies      
Played with the web version for a bit. Nice looking app, but doesn't really do anything I need that I can't do with Google Docs, which my company uses for a lot of collaborative writing. We still eventually publish the docs out to Word and PDF because that's how they get consumed, but for the collaborative writing part it's Google Docs all the way, so I see value in refining the collaborative writing market.

Having offline mobile is "nice" but not totally necessary for my use case, mostly because the number of people I know who car write decent sentences on their mobile devices are few.

mercer 16 hours ago 1 reply      
Compliments on the thing as a whole, but one thing stuck out to me (negatively).

When I read about 'tablets' and 'interaction' and saw the screenshot of how interfaces haven't changed much, I got rather excited about the idea of a word processor that truly tried to change the way we 'process words' on touch devices.

Instead, it seems you've mostly focused on the stuff surrounding word processing. Which is a noble goal, but not what I was hoping/wishing for.

I'd like to see someone reinvent the word processor, or update it for touch interfaces. In the same way that the mouse greatly changed the way we work on 'normal' computers, surely touch should give us similar new advantages.

I've been following a number of projects that try to do this, but they are hyper-focused on just that text-input part. I'd love to see the best ideas from those experiments find their way into Quip.

(This is just a general observation, not an attack on Quip. I can understand that you have chosen a specific focus that doesn't happen to be what I care about.)

Schwolop 23 hours ago 1 reply      
Interesting though this sounds, I get irritated whenever I read about someone changing the existing paradigms of [insert topic here], and then continuing to use all the existing metaphors from the existing paradigms, e.g.; 'desktop', 'inbox', etc.

And despite my rant, I'm not sure if there's a solution to this. You need customers to understand how you're asking them to change, and without reference to the old terminology this is damn near impossible.

bsaul 19 hours ago 0 replies      
A bit off topic, but every time i see document-making apps, i wonder about the lack of file manager.

My workflow is almost always, open the app, start typing, then ask myself "i'd like to add a picture here". Now, on desktop that's simply a matter of clicking "import image" and browse my hard drive to find the picture. It's a pull workflow.

What's the worflow for that on an iPad ? Android has file managers, but iOS definitely needs something more convenient than "export this image to".

EDIT : and that could be really easy to do from an API / UI perspective : just create a system UIViewController like mail composer, that present the list of apps (or app groups), and let me pick files that the apps put in their "shared" folder (read only).

evv 10 hours ago 0 replies      
Looks like a pretty great service, assuming markdown export/import is coming!

Also, every time I open the app (on the web), I am asked to link facebook or twitter for a profile picture. I'm happy to upload a profile picture, but I'm very upset about being constantly pestered to link social accounts!

fauigerzigerk 19 hours ago 0 replies      
No doubt, this is very hard to get right, it's amitious, and maybe these guys do get it right.

I wonder, though, whether it is a good idea to sell the product as this completely disruptive rethink of word processing as we know it. The "What Quip does differently" section certainly doesn't make it clear to me what that revolutionary difference is suppsed to be.

fieldforceapp 23 hours ago 0 replies      
Nice. Seems very similar in focus to other document based collaboration services, perhaps most notably these folks: http://www.collaborate.com/

Quip seems closed, no links to Google Drive or Box that I could see, but they include private links to hosted document storage and PDF export. It's like the Asana[1] in that way, but Quip has a solid focus on documents not tasks.

Some strange UI artifacts on my iPhone 4s iOS7b4, text insertion didn't work; wonder if this is due to a proprietary attributed uitextview?

[1] http://asana.com/product

monatron 15 hours ago 0 replies      
To me this feels like a group of friends that are already financially stable deciding they're tired of working in a corporate juggernaut and just want to "get the band back together".

Maybe quip works out, maybe it doesn't, maybe it's just giving these guys and gals something to do for the next year or two... and that's just fine. Not every product has to shake the foundations of society and life as we know it.

Hilyin 23 hours ago 4 replies      
All devices, except your laptop. Who actually wants to write more than a few sentences on anything but something with a keyboard?
nathos 13 hours ago 0 replies      
finiteloop: Can you talk about the UI at all?

Are you using any open frameworks/tools to emulate the iOS interface & animations, or is it all homegrown? Will you be updating the UI when Apple releases iOS 7 (and your UI suddenly looks out of place)?

tigroferoce 15 hours ago 0 replies      
Very interesting project.

Just a couple of feedback and a suggestion for a feature

1. when editing a document, the left arrow works as opposite as one would expect: instead of sending the editing fullscreen, it brings the toolbar in foreground. In this case I would put a right arrow.

2. I would put the graphics/table menu together with the paragraph/heading/list

As a LaTeX user (and as a editor of many BS/MS thesis of non-technical friends) I have always thought that defining the structure of a long document before starting to write was fundamental. Therefore I would love a WYSIWYG editor that forces (or at least guides) users to define the structure of the document before and in a different place than where they write the content.

amasad 21 hours ago 0 replies      
I wish developers would experiment with new ways of "typing" on touch-screen devices. And I put typing in quotes because maybe writing on touch-screen devices should take on a new form. This "disruptive shift" would not be complete without a better way of working on tablet.
shiftb 23 hours ago 0 replies      
The danger in building a product like this is that you can try to be everything to everyone and end up being nothing to anyone. They've combatted this by positioning it as a simple word processor.

After playing with it, the product is much more than just a simple word processor. It's really well designed, especially considering how complex some of the ideas it tackles are.

Excited to see how things play out.

LukeWalsh 7 hours ago 0 replies      
One suggestion I would like to see is a public permissions mode where anyone I share a link with can create an account and then be able to edit the doc.Looks great, very clean UI. I have been waiting for something like this!
d0m 23 hours ago 0 replies      
"We are starting with the word processor, but our mission is to eventually build the productivity suite for the mobile era." -> Intriguing!

Basically, google doc for mobile. That's not a bad idea seeing how google are closing products that people love.

Void_ 22 hours ago 0 replies      
Are there really more users who own tablet + external keyboard, than those who own a laptop? (Even if it was for Apples only?)

I think writing documents, or doing any kind of work for that matter, on an iPad with external keyboard looks ridiculous.

_cbdev 21 hours ago 0 replies      
How your website looks when accessed over my 3G connection:


Annoyingly, all your images are loaded first (and judging from the load times, they're not that small).

hnriot 10 hours ago 0 replies      
I tuned out when I read "beautiful". If only writing something beautiful were as easy as picking the right word processor.

I'm amazing that anyone would enter the word processing space when we already have dominant players with years of experience doing the same.

I'm sticking to Google Drive. I don't see any advantage of Quip and like that google drive has many other features beyond Quip.

adwelly 22 hours ago 0 replies      
Lost me at 'To create an account'
aragot 19 hours ago 0 replies      
I find inexact that word processing hasn't evolved since 1984. I have personnally been working at Atlassian and I can tell:

Confluence has seemlessly replaced Word in the company.

The "share" workflow is pervasive in a corporate communication tool, and the rich text editor makes it possible to build bigger, richer documents. The reason word processors per se are being side kicked is they're only useful to layout a letter.

marc0 22 hours ago 1 reply      
Great tool which solves several practical problems. Especially I like the ability to edit documents offline.

After looking at it briefly I came up with these points:

- I'd like to have an easy integration of multiple accounts, like a 'combined inbox', so that I can use quip for private and professional purposes at the same time

- For the desktop I'd like to have an app instead of editing text in the browser.


- In order to make a really great product, add LaTeX support, esp. for maths

leeny 21 hours ago 0 replies      
how is this wildly different than evernote? is it support of multiple types of documents (spreadsheets etc)? i was looking at the bullets under "what quip does differently", and i feel like evernote addresses all of those things. what am i missing?
whocanfly 22 hours ago 0 replies      
Download as PDF skips all people/document mentions.I expected some alternative text or link, but it skips.

Screenshot of the Introduction to Quip PDF:https://dl.dropboxusercontent.com/u/14308170/quip.png

akc 23 hours ago 1 reply      
I'm curious as to how they were able to line up the NYT coverage http://t.co/qCFneXpJwV with the launch announcement. Any idea who reps them, PR-wise?
tbassetto 19 hours ago 0 replies      
It bothers me that it is free. What is the business plan? Are they going to sell my documents to advertisers in a few months?
jalada 20 hours ago 0 replies      
This is without a doubt the niggliest point ever: Your Twitter app description just says 'Quip application'.
plg 16 hours ago 0 replies      
what's the elevator pitch for why users should look at this instead of iWork?
ultimatedelman 21 hours ago 0 replies      
sooo... trello meets google docs?
Identical Droplets in the DigitalOcean: Regenerate your Ubuntu SSH Host Keys now missingm.co
275 points by jlund  2 days ago   104 comments top 16
agwa 2 days ago 6 replies      
SSH host keys are problematic on cloud servers, not just because of this problem, but also because if the cloud provider does the right thing and generates the SSH host key on the first boot, the key is generated when the system has very little entropy available. The primary sources of entropy on Linux are key/mouse input, disk latency, and network interrupts. There's obviously no keyboard/mouse on a server, and in an SSD environment like DigitalOcean, disk latency is quite uniform and thus useless as a source of entropy.

Linux distros mitigate the cold boot entropy problem by saving some state from the RNG on shutdown (on Debian, it's saved in /var/lib/urandom/random-seed) and using it to seed the RNG on the next boot. On physical servers this obviously isn't available on the first boot, and on cloud servers, the provider often bakes the same random-seed file into all their images, so everyone gets the same seed on first boot (fortunately this doesn't harm security any more than having no random-seed file at all, but it doesn't help either). What cloud providers should really do is generate (from a good source of randomness) a distinct random-seed file for every server that's created, but I haven't seen any providers do this.

Nux 1 day ago 0 replies      
This is not the last of the problems we'll have with "the cloud", but I guess it's part of what makes it so exciting. :-)

Many people, especially beginners, make the mistake of leaving the same SSH keys in a certain template or in a snapshot of a virtual machine that they later use as a template.

There are a few files that you really, really need to wipe out from a wannabe image template:

- /etc/ssh/* key* (for reasons explained in the parent article. stupid autoformatting, remove the space after the first asterisk)

- /var/lib/random-seed (the seed used to initialise the random number generator. this is the location on CentOS)

- /etc/udev/rules.d/70-persistent-net.rules (so that the VM's new NIC - with a new MAC - can use the same "eth0" name)

People who want to do this more exhaustively can have a look at libguestfs and it's program virt-sysprep which does all of the above and more!


mey 2 days ago 4 replies      
I must say, I'm impressed with how this was handled both by the original researcher and DigitalOcean.
rwmj 1 day ago 0 replies      
They should be using cloud-init or virt-sysprep[1] on new instances. In particular, it is vital that you give your new instances a unique random seed (which virt-sysprep can do). Also that you provide the virtio-rng to guests that support it.

[1] http://libguestfs.org/virt-sysprep.1.html

rlpb 1 day ago 1 reply      
To avoid this kind of security problem, use providers that use official Ubuntu Cloud images only. If Canonical haven't certified the Ubuntu images you're using, then your provider could have done anything to them. You'll need some other way to determine their competence.

Cowboy images like this are exactly the reason trademarks exist. Commercial providers who don't get certification are in fact violating Ubuntu's trademark by telling you that you are getting Ubuntu, when in fact you are getting a modified image which is possibly compromised (such as in this case).

makomk 2 days ago 2 replies      
This is now one of the first things I check when setting up a new VPS or other VM instance, because it's really common.
sehrope 2 days ago 2 replies      
Generating fresh keys aside, one thing I do with our AWS setup is whitelist the IPs that can connect to our SSH bastion host. This completely eliminates scripted port scans of the SSH server and makes the auth logs much more manageable.

If our IP address changes (eg. ISP assigns a new one for the cable modem) then we just update the whitelist (and remove the old address). It's very infrequent. I could probably count the number of times I've done it on one hand.

It might not be the most scalable setup but at our small size with everybody working from home it works great.

The only slight hitch is updating it when traveling but even that isn't much of a problem. It takes a minute or two from the AWS console and its good to go.

I recently took a look at digital ocean ($5 servers gives me ideas...) but didn't see a firewall option similar to the security group setup in AWS. If it does exist then I highly recommend it.

druiid 2 days ago 0 replies      
One good thing to note is that any VM image using cloud-init (a package for debian/rhel systems) should automagically generate a new host_key set for any new system image. Basically if you build a system image for EC2 or any system that uses the EC2 data format (like Openstack) for host instantiation, then you should install cloud-init. It would prevent something like this.
schappim 2 days ago 0 replies      
Props to the way you handled this. That's how you do responsible vulnerability disclosures!
davidhollander 2 days ago 0 replies      
> After you have run those commands, simply restart the SSH daemon so it starts up with the new keys in place

I believe if your version of OpenSSH is up to date, sshd will read the host key each time a session is opened and does not need to be restarted.

joeblau 1 day ago 0 replies      
Great find. I came from a heavy security background and moved to SV where it seems like security is an after thought. I spent many long days and nights STIGing RHEL boxes so I can appreciate this find. Also thanks for letting me know about Digital Ocean, their VPS looks promising and I think I might start using it.
joshmn 2 days ago 0 replies      
Now that it's said, I did notice something strange once.

I had loaded up an Ubuntu Desktop droplet with the purpose of checking something out through the browser on the node.

The startup page was https://www.americanexpress.com/

Since when is that default?

Didn't think much of it at the time, but now... whoa.

scottlinux 2 days ago 0 replies      
I suspect this kind of thing happens with other companies, but can only speculate.

Somewhat related: chicagovps gave me a 'fresh' gentoo vps, and the default provided root password was identical to the original one from several months ago. I assume it is one gentoo image with the same password (for all customers)?

stevekemp 1 day ago 0 replies      
We ran into similar problems on the hosting side; another surprise can be the debian-sys-maint password configure by the Debian mysql-server package.
foxhop 2 days ago 0 replies      
So you are the reason I started getting these error messages, I noticed the change on June 2, great work.

If you are still reviewing salt, I just wrote a post about salt-cloud and DigitalOcean that you should check out -

Create your own fleet of servers with Digital Ocean and salt-cloud:


throwawayh4xor 2 days ago 3 replies      
Just verified this is also the case with at least some AWS-hosted servers. Coupled with the fact that many people simply ignore the MITM warning that SSH throws, this is scary stuff.
Dont Worry Government, I Got This Porn Filter Sorted sicksad.com
275 points by petemcc  3 days ago   43 comments top 13
sehrope 3 days ago 5 replies      
> Any request that is denied by OpenDNS is then allowed by our DNS server, and any request allowed by OpenDNS is blocked by us.

The most interesting part of this to me is using multiple DNS providers to determine which category the site is in. It's both simple and effective.

If they actually go ahead with this plan in the UK and it's implemented similarly (eg. via DNS rather than IP blocking), somebody should make a list of what's blocked. Go through the top N sites and for each run a DNS lookup from both a filtering DNS server and also a couple non-filtered ones (ex: Google DNS[1]) then compare the results[2].

Bonus points if someone builds a way to crowd source the data so that it gets logged from multiple DNS servers round the world.

[1]: https://developers.google.com/speed/public-dns/

[2]: This would need to do more than a plain A == B as each address could resolve to multiple IP addresses.

joeblau 3 days ago 4 replies      
Pretty comical video, one quick tip. If you typed a command on the terminal and you get the "Operation not permitted." You can run the last command prepending sudo like this:

  sudo !!

pvnick 3 days ago 0 replies      
Step 1: Put your dic (delete)


I was cracking up. Brilliant!

calpaterson 3 days ago 0 replies      
The section with William Hague (UK Foreign Secretary) at the end of the video is priceless.
gojomo 3 days ago 0 replies      
Awesome. Advanced assignment: build a search engine which for each jurisdiction only contains results blocked-in-Google-by-legal-threats in that jurisdiction.
kordless 3 days ago 0 replies      
No comments? I guess Hacker News gets blocked when you install it. :)
vukmir 3 days ago 1 reply      
... ask not what your country can do for you ask what you can do for your country ... JFK would be proud.
harrytuttle 3 days ago 0 replies      
Absolutely wonderful. Well done!
milesokeefe 3 days ago 0 replies      
He should have made the server run on port 69.
Hello71 3 days ago 0 replies      

  sudo ss -lpu 'sport = 53'

laurent123456 3 days ago 0 replies      
Slightly NSFW, could someone add the tag to the title?
allinzen 3 days ago 1 reply      
Brilliant! Now only if there was a cat filter that only showed cats and cat related material.
lewq 3 days ago 0 replies      
+1 for using Twisted
       cached 1 August 2013 04:11:01 GMT