hacker news with inline top comments    .. more ..    22 Dec 2013 Best
home   ask   best   5 years ago   
Trevor Perrin requests removal of NSA from IETF Crypto Review ietf.org
959 points by tptacek  1 day ago   136 comments top 9
tptacek 1 day ago 9 replies      
Two things you did not know before this post but know now:

* The IETF has a dedicated crypto review board, the CFRG, which approves or pokes holes in the cryptography used by other IETF standards.

* The chair of the IETF CFRG is an NSA employee (Kevin Igoe, one of the authors of the SHA1 hash standard).

I just learned these things a couple weeks ago. I am not generally a believer in the theory that NSA actively subverts Internet standards. But even I think that it's crazy for an NSA employee to chair the CFRG.

In case you're wondering: Trevor Perrin is widely respected professional cryptographer. Most cryptographers work for university math departments. Perrin worked for years as a staffer for Paul Kocher, the godfather of side channel attacks, at Cryptography Research. He's the designer of the new forward secrecy ratchet for OTR (Axolotl) and the TACK TLS extension, and a behind-the-scenes contributor to other IETF crypto standards. Perrin wrote the pure-Python "tlslite" TLS implementation. If you were to draw a "family tree" of crypto know-how in the software security profession, a surprisingly huge chunk of it would be rooted in Perrin (and Nate Lawson and Kocher); for instance, virtually every modern TLS break came from ideas that Perrin popularized. 64 current Matasano Crypto Challenges, probably 50 of them I can trace to Perrin and Lawson. Trevor Perrin is someone you should pay attention to.

(my best guess is that the standards NSA was actively subverting were about international telephony; subverting the IETF is a little like subverting the Linux kernel --- doable, but bad tradecraft)

declan 1 day ago 2 replies      
Perhaps it's time for a new IETF default: No NSA employee should be chair of an encryption-related working group.

If the NSA wishes to change that rule in the future, it can publicly ask Congress to enact a law making it a federal felony for a government employee or contractor to try to subvert, compromise, or weaken public encryption standards. (That would still allow the NSA to subvert, compromise, or weaken proprietary Chinese or Russian military encryption standards, if it is capable of doing so.)

Until the NSA requests such a federal law -- and it's duly enacted -- it seems folly to encourage the participation of its employees in the IETF process, let alone granting them a position as chair of an encryption working group. Put another way, the NSA's signals intelligence mission has eclipsed its information assurance mission.

Even President Obama's NSA review group that came out with a report this week recommended that the agency "should not" weaken commercial encryption software. Why not a "must not?" p36: http://www.whitehouse.gov/sites/default/files/docs/2013-12-1...

RyanZAG 1 day ago 1 reply      
The next message in the thread is interesting too: http://www.ietf.org/mail-archive/web/cfrg/current/msg03555.h...

A request to replace him with Bruce Schneier.

yeukhon 1 day ago 4 replies      
I want to raise an issue that people often ignore. We put the government's fault onto an employee's fault.

But I will state my position clearly: I do think the resignation is a good thing. I don't agree with the word "removal".

The biggest problem to me is not about NSA involvement, it is how WE treat people who work at NSA and other government intelligence agency. If the fear of a single man is what makes the issue hot, I beg to differ. You can disagree with him and not pass the standard. If the whole committee thinks there is something fishy, I see no reason why the proposal would get through the internal draft. It is that distrust.

My school and many schools out there would send out internship notice; if you are a public school one of those would be government internship and among them is NSA and FBI.

How do we treat these kids in the future? How should we treat our future or current co-workers who had worked as contractor or done internship at NSA, FBI and CIA?

Do we trust them?

The fact that "NSA [employees] (edit, response to http://www.ietf.org/mail-archive/web/cfrg/current/msg03556.h...) should not be in any position in the cryto committee" is too far. He should resign in fact, to avoid interest conflict; people don't trust NSA right now. But how are we treating these employees? Have we asked him privately? Should this email be in the public in the first place? Have they ever had a private conservation about this? I think like it is more of an attack and a warning to all NSA-title employees that they should never reveal their affiliations, even on resume.

Since everyone does things differently, some will never join NSA and some will for either money or technical development or patriotism, how do we as people treat these employees?

I am upset that when people look down at them and think they are rat. This is a stronger ethic issue that few notice. The whole "removal" sounds like "one ought not be an NSA employee." Being someone new to security and admire open standard and fear of backdoor, I think it is nicer and professional if that has been raised to Kevin Igoe first privately.

From the way the mail is phrased: it never happened.

slashdotaccount 1 day ago 3 replies      
By the way, this submission is getting up so slowly (despite the upvotes) because its title contains "NSA" (which automatically penalizes the submission as revealed earlier).
wreegab 1 hour ago 0 replies      
> "Not seeing a major conflict of interest is worrying in itself"

The rationalization from some posters in the thread of why he shouldn't be removed is scary.

pvnick 1 day ago 1 reply      
It's been interesting watching the reactions to these revelations from the more skeptical folks. Tptacek, have there been any stories (besides this one I suppose) that have really surprised you and struck you as unreasonable overreach?
netman21 1 day ago 1 reply      
I have shared similar concerns about the NSA's involvement with the Trusted Computing Group and called for TCG to repudiate the NSA.
infinity0 16 hours ago 0 replies      
the thread is just warming up... I'm half-expecting Kevin Igoe to "reveal his true form" and turn into that giant NSA octopus clutching a shit load of ethernet cables that they thought it was a good idea to paint somewhere.
Secret contract tied NSA and security industry pioneer reuters.com
817 points by bbatsell  1 day ago   290 comments top 54
suprgeek 1 day ago 9 replies      
NSA invents weak (Back Door present) crypto algo.

Pushes RSA to make it a Default in a key function (RNG) by giving them $10 Million.

NSA points to RSA as an early adopter and gets NIST to certify it.

Millions of systems are now protected by an RSA product that the NSA deliberately weakened.

Any sufficiently skilled rogue actor can attack virtually any business that uses these RSA products -

NSA (Cyber security Command) gets even more money to "Protect" us from said Rogue actors.

So all-in-all good investment on their part

Edit: Spelling fixed per commenter pointing out the difference between rouge and rogue. I did imply malicious actors not red-cheeked actors (not that they are mutually exclusive).

lawnchair_larry 1 day ago 3 replies      
Eagerly awaiting tptacek's retraction to his insistence that this was not a backdoor.

Edit: Nevermind, apparently he already did a mere 8 hours ago, replying to my own comment. Shortly before this broke.


zepolud 1 day ago 0 replies      
> [...] but RSA said in a statement: "RSA always acts in the best interest of its customers [...]

True, you just have to keep in mind that their customer is the NSA.

smtddr 1 day ago 4 replies      
>>https://news.ycombinator.com/item?id=6942165tptacek 5 hours ago | link I am not generally a believer in the theory that NSA actively subverts Internet standards(my best guess is that the standards NSA was actively subverting were about international telephony; subverting the IETF is a little like subverting the Linux kernel --- doable, but bad tradecraft)

Does this count?(not trying to be sarcastic or a smart-a##), I just want to get a handle on what I should or should not trust these days. Seeing that RSA SecurID VPN dongle pic in the article scared me. I've pretty much been looking to your comments to give me a baseline.

rhizome 1 day ago 5 replies      
From the BSAFE product page:

"RSA BSAFE Crypto Kernel offers versions of popular cryptographic algorithms optimized for both small code size and high performance. Unlike alternatives such as open source, our technology is backed by highly regarded cryptographic experts." [emphasis added]

kabdib 1 day ago 0 replies      
Not surprised.

One of the security guys who worked for General Magic (GM made an early mobile OS with some security features) told me that he had a visit from the NSA. The NSA tried to get him to leak bits of the keys in the GM protocols. "Just here and there. I've got dozens of these," said one of the NSA reps.

This would have been early 90s.

The NSA has been doing domestic stuff like this for a long time.

dpratt 1 day ago 2 replies      
I wonder if any of the executives involved with this deal will have a moment of clarity and make a public statement - "I was directly told by representatives of the U.S. Government that if we did not take this deal there would be direct and material consequences for both my company and myself. Here is the names of the people I met with, here is a log of the meetings. If I am jailed or in some other fashion publicly discredited through an otherwise seemingly unrelated matter in the future, you should always remember that I have made this public statement."
dpratt 1 day ago 4 replies      
Perhaps I am not reading the article correctly, but it sounds to me like RSA products can no longer be trusted.
fragsworth 1 day ago 6 replies      
The NSA's story about how they need to secretly do these things to fight the war on terror makes less sense with each new revelation.

Terrorists don't use VPN dongles.

What is really going on here?

bostik 1 day ago 0 replies      
When the news about DUAL_EC_DRBG first came out, RSA defended their actions of inclusion and making it a default option by stating that it was at the time a popular choice. Back then I was aghast that a noted security company would make choices based on pure hipsterism. (My apologies to all hipsters, but in this case the word is in place.)

This news on the other hand makes it clear that RSA was not only being incompetent. They were being actively malicious. We've already seen anecdotes in this thread about NSA making house calls to security product vendors as far back as the 90's, so we must assume they haven't given up that venue and are still pushing their ideas, as well as pushing the vendors.

With that proof comes something a lot bigger: every single security product from a US company is now suspect. By logical extension, I will say that similar paranoia should be applied to all security products from Five Eyes countries.

The long-term financial fallout should be interesting material for future chroniclers.

raverbashing 1 day ago 3 replies      
$10Mi? That's a very cheap price for trashing your companies reputation.

More importantly, it confirms that DRBD is backdoored or at least weak enough to be subverted.

steven2012 1 day ago 1 reply      
Who in their right mind would use an American technology product at this point? You would be an idiot to think that it wasn't backdoored by the NSA.
fiatmoney 1 day ago 0 replies      
Seems like their customers now have an excellent case for commercial fraud against RSA.
yuhong 1 day ago 0 replies      
Lucky Green was the first to mention this: http://lists.randombit.net/pipermail/cryptography/2013-Septe...
aortega 1 day ago 2 replies      
TLDR: "RSA's contract made Dual Elliptic Curve the default option for producing random numbers in the RSA toolkit."

Dual_EC_DRBG was a NIST standard.

mathattack 1 day ago 2 replies      
Shouldn't this destroy RSA as a company? If your in security, and your security can't be trusted...
wil421 1 day ago 3 replies      
I use one of these tokens for work. Spying is one thing but destroying encryption is another evil thing to do. If the NSA has introduced bugs in crypto then who's to say someone else can exploit the same crypto.
midas007 1 day ago 0 replies      
RSA is commercially dead. There's no excuse.

Also, closed-source hardware HSMs are blackboxes that are fundamentally paranoia-inducing. There's no reason to trust that the vendor, supply chain and/or manufacturers didn't backdoor them or introduce other attack surfaces. The only way to trust an implementation is decap a sample of ASICs and match features against masks you generated... from sources you trust (whether open source or yours).

If it's a black box, there's no way to trust it (all modern CPUs, N/S-bridge, memory, flash (ssd), hd controllers, on and on.)

Conclusion: We need more open-source hardware that is production-quality (BSD licensed)! This would be very expensive in terms of people time, but it's necessary move since corporations can't be trusted.

vikas5678 1 day ago 1 reply      
"RSA, now a subsidiary of computer storage giant EMC Corp, urged customers to stop using the NSA formula after the Snowden disclosures revealed its weakness." - Just shake my head at this. As news is revealed that all these companies were complicit, they cry foul and "warn" users? RSA deserves to lose all international customers who refuse to buy their products because of hidden backdoors.
undoware 1 day ago 1 reply      
...which is why Theo Deraadt is now suddenly everyone's best friend, despite his personality. :) OpenSSH and its mother project, OpenBSD, are now all that is left of our civilization's freedom to think.

Thanks, Theo, for never selling us out; for being such an uncompromising bastard; for not being like the RSA. May Athena gird you for war against the Spartans.

andrewcooke 1 day ago 0 replies      
the r in rsa is ron rivest who was responsible for some very elegant ideas. his papers, that i've read, are generally very simple and clear. but he also wrote md2 [an old hash, n longer used] which contains some "magic numbers" that no-one can explain. they are supposed to be derived from pi, but no-one knows how... http://crypto.stackexchange.com/questions/11935/how-is-the-m... i even emailed him, but was shrugged off; i know it's silly and paranoid, but...)

anyway, i wonder what happens now to all the customers that use rsa dongles? big, international, political organisations...

somethingnew 1 day ago 0 replies      
Reminds me of http://xkcd.com/538/ except instead of a $5 wrench, it was $10 Million and a few handshakes.
dergachev 1 day ago 2 replies      
If it only cost $10m to bribe one of the biggest security companies around, how much does it cost to bribe a single open source developer who volunteers on tools like OpenSSL? What if you add blackmail to the mix?

Makes me realize that we need bitcoin-style "hack or bruteforce our encryption schemes and you can legitimately get paid lots of money" bug bounties.

chime 1 day ago 0 replies      
In case you didn't know, EMC bought RSA in 2006. Shutting down RSA just means re-branding all the products as something else.
Bud 1 day ago 0 replies      
Reuters just broke this link. So here's the new one:


salient 1 day ago 2 replies      
The end of RSA (the company)? I find it absurd that a security company no less, would hear many veteran cryptographers say this is backdoored a decade ago, and still going ahead and using it - as the default! Who stakes the whole reputation of their company in the field for a meager $10 million (I assume RSA was pretty big back then, too)? It's insane.

RSA, much like NIST, can not, and should not be trusted any longer. All of their customers should be warned, and advised to quit them ASAP. Companies need to learn this is just unacceptable.

summerdown2 1 day ago 0 replies      
From Mikko Hypponnen:


"I'm ashamed on behalf of the whole industry."

rdl 1 day ago 0 replies      
It's going to be interesting what this does to the RSA Conference in SF 24-28 FEB; I wonder if people will pull out, or what?

I'm looking at how to incorporate this as an example in my talk.

mbrameld 1 day ago 1 reply      
> "RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own."

This means one of two things: Either this is a blatant lie by RSA, or RSA is not competent enough to evaluate cryptograpic algorithms. Neither possibility paints them in a favorable light.

babesh 11 hours ago 0 replies      

Paid shill

Want to see money flow from federal government to RSA and EMC over time.

ye 1 day ago 0 replies      
I'd love to see a class-action lawsuit.

This shit must be punished.

Nelson69 1 day ago 0 replies      
Was this money tax free? How does that sort of thing work?

I hope bsafe licensees sue. Any one know of any serious efforts to replace some of the standard cipher suites in common code? AES -> Serpent, SHA -> Whirlpool etc...

mrobot 1 day ago 0 replies      
I remember looking over EMC's acquisitions when all of this starting breaking. EMC acquisitions just read like someone building a surveillance system: RSA, multiple deep packet inspection companies, enterprise clustered postgres, elitigation, forensics and threat analysis, Government-risk-analysis... and if you google around you'll see they kept their investments as secret as they could.


EMC bought every single major corporate partner technology in 2009/2010. EMC is the private honeypot for the entire program. The corporate store is EMC and only EMC. EMC and EMC ventures can go to hell for building this, knowing about it, and continually profiting from it. Profit from investment in a partner of an illegal government program specifically designed to make illegal money from human rights violations should be considered illegal. All of the major money behind EMC knew what was going on. If you did a private benefit analysis, it would be all EMC. Thank you. =)

rurban 1 day ago 0 replies      
I believe we heard that some months before already. The biggest problem is IMHO their libcrypto still being used in Java and MS Windows.
w_t_payne 4 hours ago 0 replies      
EMC own RSA. We just purchased a bunch of EMC kit. Can we trust it?
babesh 1 day ago 1 reply      
Its a sad commentary on a lack of ethics in parts of the tech industry. This industry isn't leading us where we want to go.
middleclick 1 day ago 2 replies      
What implications does this have for RSA?
akulbe 1 day ago 2 replies      
Please forgive my ignorance of these kinds of security issues....

I remember at one point, way back when, it was recommended to use RSA keys over DSA, when creating an SSH public key. Is this this the same algorithm, by the same company?

Does this mean that SSH can't be trusted if you're using an RSA key, versus some other type?

yuhong 1 day ago 1 reply      
This reminds me of the MS-Novell deal, which was done in a similar way and has similar problems.
genwin 1 day ago 1 reply      
wgx 1 day ago 1 reply      
What is the likelihood that anyone will face investigation or prosecution over this?
primelens 1 day ago 0 replies      
Louis Althusser's coinage of RSA as "Repressive State Apparatus" in Lenin and Philosophy seems deliciously ironic now.
spikels 1 day ago 0 replies      
Goodbye RSA and thanks for all monopolistic practices and shitty products. ALL CRYPTO SHOULD BE OPEN SOURCE AND PATENT FREE!
tommis 1 day ago 3 replies      
This is going to end RSA
gejjaxxita 1 day ago 1 reply      
I'm getting a "Page Not Found" message.Here's another version of the article: http://www.reuters.com/article/2013/12/20/us-usa-security-rs...
cratermoon 1 day ago 0 replies      
We already knew back in September that this was happening. All this story adds is details about the actual contract between RSA and NSA.
socialnerdia 1 day ago 0 replies      
Privacy: Pre-internet term(from Latin: privatus "separated from the rest, deprived of something, esp. office, participation in the government", from privo "to deprive") used to describe the ability for human beings to seclude themselves or information about themselves and thereby reveal themselves selectively.
nilved 1 day ago 0 replies      
I don't know anything about RSA as a company. What does this say about RSA as an algorithm and the company's founders?
notdrunkatall 1 day ago 0 replies      
How does this affect the average consumer?
davidmartin 4 hours ago 0 replies      
Any European citizen know what is needed for the European Commission for Competition to put a tariff to American imports so they stop destroying the European industry making undeclared and illegal subsidies?
shocks 1 day ago 0 replies      
Are my RSA PGP keypairs now compromised? How do I tell?
locusm 1 day ago 0 replies      
10M sounds like a downpayment, I dont believe RSA would lay their cred on the line for such a paltry amount.
fantasticfears 1 day ago 0 replies      
So RSA sells its customers for $10 million, and NSA wastes $10 million.
nnieiss 1 day ago 0 replies      
NIST, NIST, NIST.... wait, aren't those the same guys we were supposed to trust on the 9/11 commission report....
I Got Myself Arrested So I Could Look Inside the Justice System theatlantic.com
800 points by ilamont  4 days ago   472 comments top 27
blisterpeanuts 4 days ago 46 replies      
I'm sorry to be a curmudgeon but I don't like this guy at all. He wasted valuable city resources on an experiment the outcome of which he should have predicted, being a criminal attorney in Roxbury.

Why were the police and the criminal justice officials apparently angry with him? Because while he was playing his little game, to "prove" that police profile people and to "prove" that getting arrested and jailed can be a violent and unfair experience, someone else was getting away with a purse snatching, or beating up an ex-girlfriend, or playing the knock-out game, or emptying a cash register.

It's not so much that he prevented one of these other cases from being pursued, but that he seems so oblivious of the effects of his actions. Thus, it seems perfectly natural and reasonable for them to say, "OK, you make twice the salary we make yet you wanna be a petty criminal? Poof, you're a petty criminal. Enjoy sleeping in the bed you made, and here's hoping you will be permanently cured of f##king with us in the future, a##hole."

The police are set upon from all sides. If they bend the rules, they are severely punished. If they don't bend the rules, and the rules don't always apply the way liberal suburban white folks might imagine they do on the street, then they get castigated for not "doing their job" i.e. catching the bad guys. At the end of the day, not catching the bad guys is the biggest sin in law enforcement, because it's the mission. If you fail the mission, you're facing demotion, punishment, deprivation of public support and sufficient budget, and the public will view you with contempt and disgust.

I'm not justifying that that diabetic guy who wanted his sugar pills should be denied his pills. I'm not justifying that the police handle the lower socio-economic cases more brutally, giving them bruises and cuts that the suburban white boy somehow was spared. I'm not justifying racial profiling.

Yet, to walk a mile in their shoes, both the police and the criminal justice system as a whole, is to see the world a little differently from the average Atlantic Monthly reader or Hacker News reader.

Just my 2 cents.

nate_meurer 4 days ago 2 replies      
This is simultaneously the funniest and most tragic thing I've read in a long time. It's nearly unbelievable.

It reminds me a bit of Eddie Murphy's skit for SNL where he dresses up in white-face so he can experience society on the other side. This is almost as funny as that skit, no exaggeration. The tragedy is that this story is true.

blhack 4 days ago 10 replies      
I don't "get" this article.

The beginning seems to be him talking about how difficult it was for him to get the police to think he was suspicious. The article was really interesting, and it seemed to be a point about racial/socio-economic profiling.

But once he got into the system, he was treated terribly. Probation, not being allowed to visit his family, for a misdemeanor.


Honestly, his conclusion sounds more like justice /is/ being applied evenly, it's just that it was harder for him to get the police's attention while he was wandering around in a suit and tie.

kaffeinecoma 4 days ago 3 replies      

  The judge [...] ordered three years of probation, a $1000 fine, a $250 surcharge,  a $50 surcharge, 30 days of community service, and a special condition allowing police  and probation officers to enter and search my residence anytime without a warrant.
Wow. Perhaps I'm naive, but I was unware that a first-time, nonviolent misdemeanor could be grounds for removing your 4th amendment rights.

mdturnerphys 4 days ago 3 replies      
Interesting aside about the author's accidental ability to elude two members of the NYPD counterterrorism division:

"Two Intelligence Unit detectives arrived and testily walked me outside to a waiting unmarked police car. Court papers show that theyd staked out my apartment to arrest me, and that I unwittingly kept eluding them. In one dramatic instance, two officers had tailed me as I walked down Eastern Parkway. Id entered the subway station at the Brooklyn Museum, unaware that I was being followed. One of the officers had followed me through the turnstiles while another guarded the exit. The report states that the officers then inexplicably lost contact with me."

vph 4 days ago 8 replies      
The author hypothesis is that criminal profiling is based on race. A simpler hypothesis is that such profiling is based on looks. Now, instead of wearing suits, if he wears baggy jeans that almost fall off his butt, puts on a few tatoos, nose rings to match, and starts doing seemingly illegal things. And if the cops still don't stop him, then maybe being white has something to do with it.
Eliezer 4 days ago 3 replies      
Is there anywhere on the planet with a functioning criminal justice system? Where should I live if I don't want to live in fear?
tokenizer 4 days ago 4 replies      
Do we really need to punish people with prison for non violent crimes?

We might as well call in the Criminal Punishment System, or the Government's Justice System, as it doesn't engender my views of justice, and nor should it for you.

scotty79 4 days ago 0 replies      
I think there should be kind of mystery shoppers for justice system. They'd commit misdemeanors and get arrested so they can report how they were treated to improve operation of police and justice system and to weed out personnel that doesn't obey the law or neglect procedures.
mschuster91 4 days ago 4 replies      
3 years of probation for a single graffiti tag? Talk about proportions here.
maaaats 4 days ago 6 replies      
> From Brownsville to downtown Manhattan, I would estimate that I passed more than 200 police officers, some from a distance, some close enough to touch.

Wow, is police that common in NY / the states? That's more police than I have seen in my entire life.

base698 4 days ago 1 reply      
Works bombs, mixing Works Toilet Cleanser and Aluminum foil in a 2L plastic bottle were popular in my high school. I can't imagine the charges the children would get today if they were brown. Lucky for them they lived in rural NC.
tsaoutourpants 4 days ago 1 reply      
The first officer had it right: "What are you, some kind of asshole?"
alexhutcheson 4 days ago 0 replies      
In a similar vein, I would highly recommend the book Newjack: Guarding Sing Sing[1] by Ted Conover.

The author was a journalist who wanted to do a story on the prison system in New York State. The Department of Correctional Services froze him out and refused to give him any sort of access or interviews. To get the story, he actually took a job as a correctional officer officer in Sing Sing prison and worked there for a year. His account of the entire experience is fascinating. I think the whole discussion around these sorts of issues could really benefit from more accounts like this that introduce some transparency into the criminal justice system.

[1] http://www.amazon.com/Newjack-Guarding-Sing-Ted-Conover/dp/0...

enkephalin 4 days ago 1 reply      
We avoided inner city streets because they were dangerous, and we relied on the police to keep people from those places out of our neighborhoods. Whatever they got, we figured they deserved.

i find the last statement just as disturbing as the rest of the article. carrying this sentiment around plays a big part in the apathy we see all around us, towards most of the atrocities being committed these days.

tn13 4 days ago 0 replies      
"Simply carrying those items qualified as a class B misdemeanor pursuant to New York Penal Law 145.65."

Are you serious ? And I make fun of Indian laws.

dmourati 4 days ago 0 replies      
To me the whole problem comes down to one of discretion. The police officers in the beginning of the story had too much discretion. By not arresting someone defacing city hall, they trivialized a property crime. The author intimates this was because of his race or at least his appearance. Maybe so.

Next the judge exercises his discretion to come up with a non-standard sentence for the crime. Any non-instigator first offender would have gotten the slap on the wrist. A minority, we are lead to believe, probably much worse. Same crime but the discretion is wide in the sentence.

Later, the issue swings the other way. He has some real cause to go the rally in honor of the fallen student. Here, the discretion is taken away from the parole officer.

Discretion is power. In some instances, society grants too much discretion. In others, too little. We know this is the case but it still shocks us and we like to second guess.

3am 4 days ago 0 replies      
This reminds me of the work I read about Nellie Bly (Elizabeth Cochrane) doing around mental health and institutionalization in the late 19th century (http://en.wikipedia.org/wiki/Nellie_Bly#Asylum_expos.C3.A9). It's not a complimentary comparison for our criminal justice system.
rayiner 4 days ago 9 replies      
This is a great article, and I really appreciate this paragraph:

> But in between the important cases, I found myself spending most of my time prosecuting people of color for things we white kids did with impunity growing up in the suburbs.

However, I think he ignores a really salient distinction: a lot of these "crimes" like the laws against graffiti, exist not because the acts themselves are particularly heinous, but because they're proxies for things that are dangerous, namely gang activity.

In not going after the author, the police simply did the analysis they are required to do: is this guy a threat within the spirit of the law?

Now, obviously there are shortcomings in the heuristics the police are using here. It's not okay to conclude that someone is a threat because they're a black teenager in a hoodie and aren't a threat because they're a white professional in a suit. But I don't think we really want a mechanical justice system that follows the mere letter of the law instead of the spirit. We don't want police to ignore the distinction between someone tagging a public building to make a point, and gang members tagging a private building to "make a point."

hawkharris 4 days ago 0 replies      
The article's description of racial profiling brings to mind a statistic that the ACLU reported a few weeks ago (it was also featured on HN): in U.S. federal courts, blacks are about twenty times as likely as whites to be sentenced to life in prison for non-violent crimes.
dragontamer 4 days ago 1 reply      

Alternative take on what has happened here.

>>> This reporter accompanied Constantino on one of those trips, watching as the lawyer handed a guard his passport and driver's license. After calling City Hall staffers from inside the guard booth, the officer told Constantino to come back the next day.

>>> Instead, Constantino dramatically turned himself in at Manhattan Criminal Court that Friday, after the stop-and-frisk protesters were convicted of disorderly conduct.

>>> "Your Honor, I refuse to leave this court," Constantino told the judge. "I am choosing in peace and love not to leave this court."


The purpose of getting arrested was to protest the Stop and Frisk laws in NYC. It seems like Bobby Constantino is milking the story for all its worth though, and turning it into something else.

Not that it is a bad perspective or anything, but I think it is important to remember his original purpose for getting arrested.

0xdeadbeefbabe 4 days ago 0 replies      
He made eye contact; he didn't run; and he's surprised the policeman left him alone? Hasn't he seen any real criminal behavior or maybe a painting of it in a fine art gallery? I'm glad he got his wish though, but for a minute I was worried he wouldn't.
anuraj 4 days ago 0 replies      
Criminal justice system as it exists has lots to answer 1) What is the purpose? 2) Is it getting achieved 3) What kind of people are administering the system 4) Why biases exist? 5) What should citizenry and political authority do? 6) Ultimately - what is the true conscience of the society?
adamzerner 3 days ago 0 replies      
People could be assholes. I'm sure this sort of mistreatment happens all the time, and I'm sure that the reason for it is because people behave as described by the Stanford Prison Experiment.
thedrifting 4 days ago 1 reply      
So, the author set out to prove how unfair the justice system is between races, and to some extent he did show that. But, didn't his experience also show that a white person was treated just as by the courts as any other person? Am I missing the point of this article?
LekkoscPiwa 4 days ago 1 reply      
There is a lot of BS in the PC thing with profiling. I'm an Eastern European. Almost all Polish people I know work in construction or baby sitting, etc. However, none of them or us Polish immigrants blames the United States for that. Or the Government. They know they aren't educated very well, so they don't finger point to any type of discrimination for their fate. But somehow there are people there, like some Latinos I know who just don't even try. They just want to be illiterate all their life. One Lady I know who is from Mexico doesn't even teach her children English. Doesn't want them to speak English in the US. But blames US for her shitty job and standard of living.

This is a little bit too much even for me (an immigrant) to stomach, you know?

If they voted Obama into Presidency what racism? Bunch of racists and secret Ku-Klux-Klan lovers voted for a Black President? Like really, some people have way too much time on their hands. If I can be consulting for 60-100usd/hr after 6 years of living here, why some people need to steal and deal drugs instead is beyond me.

There is equality in Cuba and Canada. If these people are for real why don't they just immigrate there?

I will be honest. I see a Pole in the US I think he is doing construction or picking up garbage or baby sitting, taking care of elderly. I see a Mexican I suspect he doesn't speak English. I see a black person I check if my wallet is safe.

Everybody does that. Trying to change the way we think about Blacks without them changing their ways is never going to work. Not all Poles in the US are in the construction business. Not all Mexicans in the US are illiterate. Not all Blacks in the US are criminals. But big chunk of all these peoples are, so it's good to be opened minded and don't pretend that things like AIDS epidemic in DC being on levels with Sub-Saharian Africa aren't true. Because they are. And this isn't fault of anybody else but people who live there and make choices they do. I came to this country with 300usd in my pocket. I could have excuses to do nothing and portray myself as a victim too. But who does that in this country?

jebblue 4 days ago 1 reply      

"Off-Topic: Most stories about politics, or crime, or sports, unless they're evidence of some interesting new phenomenon."

There's nothing new in the article. He proved nothing other than dressing decent makes a good impression, we all knew that. Nothing of race or the justice system in general was proved one way or the other in my opinion.

Bill Gates takes part in Reddit's Secret Santa redditgifts.com
721 points by rb2e  3 days ago   226 comments top 24
sethbannon 3 days ago 8 replies      
Things like this are neat because they remind folks that tech titans, billionaires, celebrities, and the like are, at the end of the day, people too -- not that dissimilar from everyone else. It's so easy to forget that.
mynameishere 3 days ago 6 replies      
That's a fun gift. I used to get solicitations from Heifer international years ago, and the sad thing is that they advertise themselves such that if you donate 50 dollars, a family will get a flock of chickens; if you donate 100 dollars, a family will get a baby goat. Etc, etc. But all the money goes into a common fund.

I know charities have to use modern marketing, but that left a sour taste when I found out about it. On the other hand, I suppose Bill's underlings conduct proper due diligence.

bambax 3 days ago 0 replies      
The last line is so funny:

> ps: Sorry for the apple ipad on my wishlist, that was really awkward.

ck2 3 days ago 0 replies      
What a great guy Bill Gates turned out to be and he didn't do it only on his deathbed like some billionaires.
adamnemecek 3 days ago 12 replies      
Someone in the reddit thread asked a good question, what would you give to Bill Gates if you are his Secret Santa?
gadders 3 days ago 3 replies      
I wonder if there is a generational difference between people, say, 30+ and the under 30's of their view of Bill Gates?

For people my age he was "evil" personified during the Netscape/IE/Anti-Trust era. I wonder if people who came of age after that period see him more as a global good guy and philanthropist?

As for me, if he keeps this up I'm going to have to start liking the guy :-)

CurtMonash 3 days ago 1 reply      
Bill gets it from his mother. I only met her once, yet she fell all over herself to be gracious, try to do me favors, etc.
frankydp 3 days ago 1 reply      
The vitriol in this thread is astounding.
csmuk 3 days ago 0 replies      
I love Reddit Secret Santa for the comedy value. So far I've seen this year people have been given:

1. A pig foetus preserved in alcohol.

2. A selection of root vegetables, petroleum jelly and gloves.

vacri 3 days ago 0 replies      
Great story with a fun typo - "Exactly just what kind of charity is Heifner International?"
kylelibra 3 days ago 2 replies      
How celebrities behave on reddit seems to be a good indication of how they actually are in real life.
sifarat 3 days ago 0 replies      
Bill Gates: when you reach your first billion dollar, you are back to cheese burger.

Point. He is just being what everyone else us are here. a normal human being.

rschmitty 3 days ago 0 replies      
The thing I was most impressed with is Bills ability to write a cursive capital G.
joshaidan 3 days ago 0 replies      
Now, I wonder what Bill received. Bill should make a similar post about his gift, would be cool.
mburst 3 days ago 0 replies      
Reddit Secret Santa is definitely a very cool project. Kudos to Bill and all the others for participating. Though as other people have mentioned Heifer spends quite a bit of money on advertising, like most other charities I suppose. My roommate donated $10 about a year or 2 ago for a contest and every other week we receive letters, magazines, and photos asking for more money (way more than $10 worth of material). It would be sweet to see a charity spend their money on the actual cause rather than just promotional material.
davidgerard 2 days ago 0 replies      
That's ridiculously heartwarming.

GEEKS! When you're rich and famous, REMEMBER TO STILL DO COOL STUFF!

DanielBMarkham 3 days ago 0 replies      
After a gushing review of how great Bill was and what a wonderful experience. "...ps: Sorry for the apple ipad on my wishlist, that was really awkward..."

This was a great article, and a reminder that the internet allows us to make a difference in people's lives in ways we never could before.

kimonos 2 days ago 0 replies      
Two thumbs up! A great inspiration for everyone!
Julianhearn 3 days ago 0 replies      
mrmondo 3 days ago 3 replies      
Can anyone say... Publicity stunt?
talon88 3 days ago 4 replies      
I think this is really cool, though the cynical part of me thinks that so will the social media strategists of quite a few celebrities out there, looking to promote things around Christmas...
monksy 3 days ago 1 reply      
Hes bill g, I call him money for short... he even does my tech support. [Something something white and nerdy]
NSA phone surveillance program likely unconstitutional, federal judge rules theguardian.com
709 points by ferrellw  5 days ago   231 comments top 35
bradleyjg 5 days ago 2 replies      
To put it mildly this is the first step in a long, long path.

District courts have the final say in the vast bulk of routine matters that never get appealed, and they can play an influential role in setting the presumptive factual record in high profile cases destined for appeal. But in a high profile case destined for appeal that largely turns on interpreting the Constitution, this court was mostly a gatekeeper. In other words, if the district court had ruled the other way, maybe that would have been the end of the story. Given that it ruled as it did, this will certainly be heard by the Court of Appeals for the District of Columbia (possibly by one of the judges appointed by Obama now that the filibuster has been weakened), and then if the petitioner wins there, either by the full DC Court of Appeals en banc, or the Supreme Court, or first one then the other. If Smith v. Maryland is to be overturned, it will be the Supreme Court that does it, not a district court.

Still, I wish the plaintiffs the best of luck.

For further analysis keep on eye on fourth amendment guru Orin Kerr. His first post describing the opinion is already up: http://www.volokh.com/2013/12/16/judge-leon-enjoins-nsa-tele... and he says another with analysis will be coming soon.

tokenadult 5 days ago 1 reply      
Larry Klayman is an interesting plaintiff in this case.[1] He was a career Justice Department prosecutor during the Reagan administration and worked on the successful antitrust case against the former ATT telephone monopoly. Another article[2] agrees with the article kindly submitted here in reporting that the United States district judge (appointed by President George W. Bush) has stayed his ruling, pending a very likely appeal by the federal government, but it is clear that he thinks the current surveillance program is too broad to be constitutional based on the testimony at trial. That's good legal work.

The link to the full opinion of the district court[3] loads very slowly just now, presumably because many readers are trying to access it.

AFTER EDIT: A legal blogger has put up a copy of the court opinion on a page that loads rapidly.[4]

[1] http://www.freedomwatchusa.org/klayman

[2] http://www.reuters.com/article/2013/12/16/usa-security-rulin...

[3] https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2013cv0...

[4] http://www.lawfareblog.com/wp-content/uploads/2013/12/Klayma...

wpietri 5 days ago 2 replies      
From the article: "The judge, Richard Leon of U.S. District Court in Washington, said that the NSA relied on 'almost-Orwellian technology' that would have been unimaginable a generation ago, at the time of a landmark Supreme Court decision on phone records."

I disagree strongly! The NSA's technology would more properly be called super-Orwellian. Two-way TV, hidden microphones, and steaming open your mail is nothing compared with what the NSA can do.

saosebastiao 5 days ago 3 replies      
Cool. Now just let us know when the criminal trials begin.
ics 5 days ago 0 replies      
I don't suppose they'll use the same definition of 'related' while destroying data as when they actually collected it.
rdl 5 days ago 3 replies      
It's really interesting reading about the main plaintiff, Larry Klayman https://en.wikipedia.org/wiki/Larry_Klayman

I'm curious if he's more motivated by NSA-as-a-tool-to-attack-Obama or the merits of the case itself. Beggars can't be choosers, but still pretty strange to be in a position to back someone tactically on one issue while probably opposing most of the rest of his agenda.

mratzloff 5 days ago 4 replies      
> The judge, a conservative, ruled that the NSA must remove from its records data related to two Americans who filed suit to stop the program.

Since Groklaw was KIA, can someone with a better understanding of the law explain if this applies to all Americans, or only those two who brought the suit?

a3n 5 days ago 0 replies      
No problem, the NSA and whatever administration happens to occupy the Whitehouse at the moment will just re-interpret the ruling as if it ruled that the program is constitutional.

We used to say that whoever wins the war writes the history. But the war on terror will never be won, by definition and design. The NSA probably cares fuckall who writes the history books anymore. They want the dictionary.

001sky 5 days ago 0 replies      
The government does not cite a single instance in which analysis of the NSAs bulk metadata collection actually stopped an imminent attack, or otherwise aided the Government in achieving any objective that was time-sensitive in nature.
JeffL 5 days ago 0 replies      
I suppose there is always a small amount of hope that this could actually stick?
Aloha 5 days ago 13 replies      
I have mixed feelings about this.

Some of the metadata in my opinion is obviously OK to collect - the stuff that would have been captured by a pen register decades ago - Who you called, who called you, how long you talked - this stuff, which is otherwise known as call detail records it available to nearly everyone who works for the telco and is not really what I would consider private.

Other stuff - like Geolocation data is in my opinion clearly not OK to collect - it constitutes an unreasonable encroachment on privacy, normally to track someone historically a warrant must be obtained first, and it required probable cause, I see no reason why a lesser standard should be applied here.

I don't consider blanket recording of calls to be acceptable, but I don't see that as something that has been happening, at least on domestic to domestic endpoints (it's not really technically feasible to do with the way the telephone network is structured), its a bit easier to record calls going to international endpoints because of the structure of the PSTN - VoIP is its own deal, and YMMV on weather you can actually capture those calls or not.

I don't want to see us throw the baby out with the bath water as it were, nor do I want the unreasonable encroachment on privacy to continue.

6cxs2hd6 5 days ago 0 replies      
Yikes, what is it with 60 Minutes lately?

Sunday night they carry water for Amazon or NSA. Right before Monday, the big day.

(My presumption: The NSA knew a ruling was coming today. Getting a puff piece on 60 Minutes is positive spin regardless of whether the ruling turns out good or bad for them.)

Edit: Link


mbillie1 5 days ago 2 replies      
Glad to see this ruling, but this must be too-little-too-late by now, right?
SimonStahl 5 days ago 0 replies      
Nice, but this only applies to americans. They are still allowed to gather the data for the whole rest of the world!
BrandonY 5 days ago 1 reply      
Edward Snowden on this ruling: "Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans' rights. It is the first of many."

Well said, sir.

tn13 5 days ago 0 replies      
That is it ? What about prosecuting the people responsible ? When are they going behind the bars ?
w_t_payne 5 days ago 0 replies      
This is a significant ruling; but only one small step in a long journey. The importance attached to our choice of destination is heightened by the ever-changing technological landscape over which we travel.

The increasingly pervasive and omnipresent nature of public and private sector surveillance, together with the intimate and revealing nature of the information collected, presages a new phase in the relationship between individual and the institutions and organisations to which our social and economic fealty is directed.

A relationship that is far closer and far more intimate; based on an extensive knowledge of the individual's drives, weaknesses, foibles, and personality traits. We can clearly see a worrying potential for forced intimacy and abusive exploitation of the relationship; just as we currently observe (thankfully infrequent) incidents of abusive physical violence and coercion. Perhaps the most troubling aspect of this is the potential that modern technologies have for scalability; facilitating abuse on an industrial and global scale, in market contrast to the inherent limitations of abusive physical interventions.

The key factors here are the fact that the information is intimate; that the collection is involuntary and coercive; and that the means of collection and exploitation may be automated and deployed on a large scale.

The presence or absence of mens rea is besides the point.

Fando 5 days ago 1 reply      
What a sorry piece of news! A federal judge thinks that mass surveillance is LIKELY unconstitutional? The only thing the constitution is good for these days is wiping you ass. Even if these practices are officially ruled as illegal, what will change? How will the oversight be conducted to prevent such practices from continuing. In my opinion, the NSA will simply begin hiding their operations from oversight. The biggest question is whether it is possible at all to implement practical and systematic methods that correctly oversee such government organizations. Is there a solution that guarantees that it will be impossible for the NSA and the like to hide their actions considering the almost system-wide corruption of government bodies? The solution to this problem is difficult to imagine for this reason.
undoware 5 days ago 2 replies      
It will be interesting to see what happens to the judge. 'Parallel construction.'
w_t_payne 5 days ago 0 replies      
The pervasive and omnipresent nature of the surveillance, together with the intimate and revealing nature of the information revealed, presages a new phase in the relationship between individual and state; one that is far closer and far more intimate; based on an extensive knowledge of the individual's drives, weaknesses, foibles, and personality traits. We can clearly see a worrying potential for forced intimacy and abusive exploitation of the relationship; just as we currently observe (thankfully infrequent) incidents of abusive physical violence and coercion. Perhaps the most troubling aspect of this is the potential that modern technologies have for scalability; facilitating abuse on an industrial and global scale, in market contrast to the inherent limitations of abusive physical interventions.
zmanian 5 days ago 0 replies      
We need to generate tangible evidence to the political system that the defenders of the NSA have no credibility. Restore the Fourth SF and others have created a mechanism for Californians to do so.https://shameonfeinstein.org/
qq66 5 days ago 0 replies      
Whether one supports the NSA program or not, it's fairly clear that it's not compatible with the 4th Amendment as understood today. The Constitution has been amended before, if this is important it needs to be taken under the umbrella of a Constitutional amendment.
jrockway 5 days ago 3 replies      
My next fantasy is to see Snowden come back to the US, be tried, and be acquitted.
rayiner 5 days ago 3 replies      
I don't think this decision will hold up on appeal. From the article:

Basically, the judge found the on-point Supreme Court precedent to be inapplicable based on changes in technology in the intervening time:

"Leon wrote that the government was justifying its counterterrorism program based on a 34-year-old Supreme Court precedent that has been eclipsed by 'technological advances and a cell phone-centric lifestyle heretofore inconceivable.'"

It's very worthwhile to read the case that is discussed (Smith v. Maryland):http://scholar.google.com/scholar_case?case=3033726127475530...

Pay specific attention to the discussion starting at the end of page 743 ("Second, even if petitioner..."). That reasoning doesn't seem any less valid to me today than it was 34 years ago. It's an easy, clear rule: "private" means private, not "private but shared with my hundred closest sysadmin friends at AT&T or Google."

mrobot 5 days ago 1 reply      
Is there any way to tackle this at the Terry level? It seems like we can protect ourselves more if we can explicitly eliminate the ability to systematically manufacture terry stops based on phone calls, other behavior, skin color, religion...
leokun 5 days ago 0 replies      
It's weird how the URL for this link keeps changing.
theandrewbailey 5 days ago 0 replies      
In a rare showing, common sense has triumphed this day.
bayesianhorse 4 days ago 0 replies      
The government has a secret system, a machine ...
socialist_coder 5 days ago 0 replies      
Does it even matter what the courts say? The NSA seems like it has no problems operating outside of the law and lying when asked what it's actually doing.
greyfox 5 days ago 0 replies      
"...likely unconstitutional" ya think?
nexttimer 5 days ago 0 replies      
No shit, sherlock.
amerika_blog 5 days ago 4 replies      
I support the NSA monitoring.

No, not a troll.

At this point, the USA has a ton of enemies. Filtering through emails, phone, etc. is a good way to catch these. We need to give law enforcement the tools it needs.

Seeing how this access was abused to hunt down Tea Party groups convinces me that the NSA needs to be de-politicized, not shut down.

I think we'll find that this monitoring is inevitable because the technology is there and also, since the technology is there, if it is not used and a terrorist incident occurs, people will be held responsible for NOT using it.

kansface 5 days ago 0 replies      
Federal courts apparently as per the constitution.
Sent $35,104.11 USD to CoinBase. Never received Bitcoins
615 points by mgrunin  3 days ago   472 comments top 57
barmstrong 3 days ago 38 replies      
Brian from Coinbase here. Sorry for the delay on that - definitely not the customer experience we are striving for.

We should have things squared away for you by end of day.

Edit: your bitcoin credit has now been processed. It looks like as we were performing server upgrades last week a handful of jobs didn't run as normal. We should have certainly caught it and responded sooner so that was our fault. My deepest apologies for the delay and trouble on that. We've credited $50 worth of bitcoin to your account for the trouble, as a small way of saying thank you for bearing with us.

Edit2: we'll push through the bitcoin credit at today's price instead of the original buy price (which should be in your favor) since the mistake was on our part. Sorry again for the trouble!

justin66 3 days ago 2 replies      
> Further avoidance by them will lead me to make a few calls to news stations.

Eek. The best case scenario is that you'll get a news blurb on local TV where you're portrayed as a sucker. "Weird online currency thing does weird stuff in the way you'd expect weird online currency thing to do, and look at this greedy rube who got sucked in and lost it all! Film at 11."

logjam 3 days ago 3 replies      
So wonderful to watch this little drama (complete with breathless appeals to get the news media involved) play out today on HN, which appears to have become "Bitcoin News".

A match made in heaven, between this genius financial entrepreneur and this competent, reliable trading platform, seems to at least sum up Bitcoin nicely, if not the brainless economic philosophies underlying this horseshit.

sheetjs 3 days ago 6 replies      
From their terms of service:

> Coinbase does not guarantee the value of bitcoin. You acknowledge that the price or value of bitcoin can change rapidly, decrease, and potentially even fall to zero. You acknowledge that holding bitcoin is high risk. You agree to deliver the agreed upon payment for bitcoin upon confirmation of an order, regardless of changes in bitcoin value.

> Coinbase will make reasonable efforts to ensure that requests for electronic debits and credits involving bank accounts, credit cards, and check issuances are processed in a timely manner but Coinbase makes no representations or warranties regarding the amount of time needed to complete processing because Coinbase services are dependent upon many factors outside of our control, such as delays in the banking system or the U.S. or international mail service.

It's possible that Coinbase is experiencing delays, and their terms of service give them a clear escape path. It sucks that they are holding onto your money, but consider this a learning experience: always start small, make sure everything smells right, and then scale up. If they were holding onto 35.10 rather than 35.10K, I suspect you would react differently

PeterisP 3 days ago 6 replies      
To all of you who say that Bitcoin shouldn't be regulated - this is what it results in.

If it was any regulated financial deal - say, purchase of stock or Yen - then there are clear rules on how to handle that, namely, you'd be entitled to at least compensation for any decrease between the 'locked' price at the agreed settlement date and the real settlement, whenever it may happen, and the interest for the period. Repeated such situations would result in a rapid audit to verify if they really have enough assets to pay out all their debts, and if not, shut them down immediately.

Now you're quite screwed, while coinbase has taken a profit on this (and probably other) deals by delaying these settlements. And what are you going to do if you don't get all the losses covered? Your options are quite limited.

chollida1 3 days ago 1 reply      
Here is the problem with coinbases tactics.

Consider buying $1,000 worth of bitcoins...

Coinbase can tell you your price.

Coinbase can then just wait, and wait and wait, weeks on end for the price to dip down. They can then buy the coins at the lower price and deliver them to you voila, they profit from you. This is very dubious.

If the price goes up they then buy at your price + some percent of their commission so they don't lose money, either way.

tga 3 days ago 3 replies      
For anyone considering using Coinbase or similar services where you have to pay via bank transfer -- think twice and take this as a serious warning that you have almost no protection if they screw you/up somehow.

I have a problem with Coinbase for a much smaller sum (luckily): ordered at what I was convinced was a fixed price and just received less BTC at a much higher rate. Their customer support refuses to help (or even to cancel the transaction) and banks just don't get involved in direct transfers on your side, the way they would do on a credit card transaction.

Short of going to the police and lamenting on forums (hello!), there is nothing you can do.

buss 3 days ago 1 reply      
They've had some problems recently. I'm now at day 12 waiting for an "instant buy" to clear. The ACH transfer cleared over a week ago but I still don't have my coins. (Support #67989 for anybody at coinbase)

It's weird, I performed several small buys in a row just in case this exact thing happened. I got 5/6 purchases but this one is stuck in some weird state. I really like coinbase; they're just having some trouble handling the huge increase in volume recently.

nathas 3 days ago 2 replies      
I hate to be that guy, but Coinbase is pretty clear that you'll get your coins _eventually_.

If I were doing thousands in transfers, I'd absolutely be using an exchange. They're also a small start up, funding or not.

Their support team has always come through and usually eats the cost difference if it was a bump on their end. I'd just wait it out.

baddox 3 days ago 1 reply      
> Now the real dilemma for me here is the fact that while CoinBase.com has locked in a price for me, because they have failed to deliver I cannot sell my coins at any rate. Bitcoins could drop down to $200, and only then might they deliver the coins.

It's scary that they can literally guarantee constant wins for themselves by choosing how long to delay the delivery of Bitcoins to customers.

seanalltogether 3 days ago 0 replies      
HN is really getting overloaded with bitcoin noise the past couple weeks. Honestly this just doesn't feel like the right venue for advice and support about this stuff.
Moral_ 3 days ago 3 replies      
I feel bad for you, honestly. But serious question as well: Would you have went public with this if the price hadn't fallen dramatically? Perhaps if it went back up to $1500 a coin would things be different? Either way I hope things get resolved for you.
scrame 3 days ago 0 replies      
I bought 1 a few weeks ago. I got a notice last week that they rejected it and would be returning my money. They have still not returned my money, and their customer service emails just return an automated "we are looking into it", with no follow-up.

It seems like they take orders as long as they make money (a friend ordering the day before took a loss and they accepted his payment no problem). Looking around their forums, the arbitrary rejections seem very common and make the company seem quite scammy.

mgrunin 3 days ago 0 replies      
The situation has been appropriately resolved by CoinBase. I would like to thank Brian for making this right. It is unfortunate that this situation had to be dealt with in the public light, but this was my last resource before contacting lawyers.

I will answer other comments later tonight.

Thank you HackerNews.

- Martin

keeran 3 days ago 0 replies      
If you search for 'coinbase' on https://bitcointalk.org/ you get a sea of people complaining about the same or similar issues - stay well clear.
zt 3 days ago 3 replies      
ACH transactions are reversible FWIW.
margaux 3 days ago 1 reply      
Not to shamelessly self promote, but the best way to buy/sell large amounts of BTC is directly, without going through an exchange/retail site. It is faster, cheaper and definitely a better customer experience. I've worked at two bitcoin exchanges so I know from experience. Now I am arranging private deals between a buyer and a seller. Here is the plug now though www.BitcoinCapitalPartners.com
tylerlh 3 days ago 0 replies      
FWIW, I made a small transaction with Coinbase not long ago and while they "guaranteed" the coins would be in my account by a certain date, they didn't actually deposit them until 2-3 days after that. Struck me as pretty odd.

Hope your situation gets settled quickly.

agib 3 days ago 3 replies      
I also have some very strange behavior going on in my account: https://twitter.com/agibralter/status/411685377015947264

Basically they're showing a transaction of selling BTC that I never made or authorized. Also, it's showing up in my transaction list but not in my history...

They said they're looking into it, but I haven't heard back in days.

sard420 3 days ago 1 reply      
I'll say this again about coinbase, I'm convinced they are playing the market on peoples investment. I bought when bitcoin was starting to rocket, they tied my money up for weeks, bitcoin doubles in that time. Then after that I get a sorry letter and my money back. What was my money doing in that time? Probably making them money.
kjackson2012 3 days ago 0 replies      
Do an ACH chargeback as quickly as possible, don't be an idiot and wait for a response, otherwise you may miss your opportunity to walk away without losing $10k.
drcode 3 days ago 1 reply      
HN is now a coinbase support forum?

Why would you put that much money into a service that isn't a true bitcoin exchange? Do you realize they're an extra middleman that is likely to add more delays to any transaction?

If you look at reddit.com/r/coinbase you'd know this sort of thing is a common occurrence with coinbase- Why are you surprised this is happening? Seems like they have a history of this sort of thing that should have warned you of the risks you were taking. Why give them your business if they're known to do this type of thing?

If people keep supporting businesses that act in a manner they're not happy with then what is the incentive for anyone to create a better alternative?

7Figures2Commas 3 days ago 1 reply      
Welcome to counterparty risk, Bitcoin style.
GarrettBeck 3 days ago 1 reply      
This is the same situation as Facebook's IPO with NASDAQ. Orders were placed $40, then cancelled, then filled at $40 six hours after the market closed (at which point Facebook was already trading below its IPO price).

Unless you are a massive financial institution with some serious clout/legal department, I recommend you cut your losses and move on.

Your time is much more valuable spent doing something else rather than the time you will spend trying to recover $X,XXX

sergiotapia 3 days ago 0 replies      
His website is hacked by some terrorists: http://www.winningportfolio.com/
fnordfnordfnord 3 days ago 0 replies      
This was posted to imgur a few hours ago. I have no idea of its authenticity, but hopefully they're just really busy, and will do the right things. Good luck.

"Coinbase being a bro - saved me $400" http://imgur.com/r/Bitcoin/E52ILfD

jbverschoor 3 days ago 0 replies      
Tbh... I would still reverse it.I refuse to do business anymore with companies that do not respond.
WoodenChair 3 days ago 0 replies      
Apparently mgrunin's website was also hacked. Not his week.
yarou 3 days ago 0 replies      
This is why I can't take Bitcoin seriously. It's a liquidity depth issue. Much like HFT, there is a _perception_ that the order book has depth. But there's no guarantee that you'll get execution at the price displayed. At least market makers in the past were forced to execute up to a certain amount by regulation. No such regulation exists here.
kolev 3 days ago 1 reply      
I've had poor experiences with Coinbase as well, hit major bugs, which cost me hundreds. The only reason people use them is that they are the only choice at the moment. Can't wait for more alternatives such as Circle to launch! In cases like this , regulation and compliance don't sound like something negative!
bsiddiqui 3 days ago 0 replies      
Coinbase customer service sucks - I rarely get a response, given I've never been this screwed over
yeukhon 3 days ago 0 replies      
Leaking the last four digit of your bank account can be dangerous.http://www.nbcnews.com/id/44231957/#.UrKovi95F7M

Though old news god wonders what other services still do this.

We know your name is Martian and if we spend enough time we might be able to identity your true identity and possible to start trying things.

If you want to hide your identity, you probably should just use something more distinct.

Just saying.

rjbwork 3 days ago 0 replies      
Hey, do you know your website has been hacked?
C1D 3 days ago 1 reply      
I get you're angry about the bad customer service but dude, you need to get off your high horse and realise you're not that special. I don't know who you are and don't care and googling you name doesn't come up with anything special. Get over your self, unless you're a real celebrity no one will care, even if your story made it on to tv (which I highly doubt).
camus2 3 days ago 0 replies      
Can we say coinbase is basically shorting bitcoin with its customer's money ? (it's a question.
bachback 3 days ago 0 replies      
If you have serious money to transfer into BTC, this is not the way to go. Coinbase essentially is an intermediary, not a wallet. The whole point of Bitcoin is to get of intermediaries as are inefficient and make profits along the way. Bitcoin will solve this, it will just a take a couple of years. Btw, online-wallets neglect the working of the algorithm at some point. The system depends at the moment depends that people know what they are doing.
heavymark 3 days ago 0 replies      
I'd go straight to anyone and anyone who will listen. Companies don't escalate until they need to. HackerNews is big for us technies but you need to blow up their twitter,facebook, retweets daily as every day your going to lose value as bitcoin continues to drop with the news about china.
ffrryuu 3 days ago 0 replies      
I got some Tulips you can buy to make up your loss on.
issdispatch 2 days ago 0 replies      
I am really confused and frustrated. I sent my first ever BUY through Coinbase. I got my checking all set up. Made my purchase on 12-16-2013(an earth shattering .12 coins $100 bucks) No biggie. On 12-17-2013 the US funds left my bank account and off to coinbase. Alas... All I need to do is wait now until the 20th to spend my now 30 dollar loss due to market. Well here it is. The 20th of December somewhere in the world so I go to look at my account and there are no coins. Further inspection of this I find my transaction was canceled. No explanation. Just a big red canceled. Wheres my money now? I really want to be an advocate and intend to move WAY more than $100.00 into the bitcoin market place but seriously? Just a hundred dollar transaction that made one of their customers slightly irritated? Im glad I DIDN'T trust them with serious cash like the originator of this post!Come on... GUYS! Don't take the fun out of all this! Figure it out! (Because if its not fun... It certainly wont be VIABLE!)
wil421 3 days ago 0 replies      
How could you get that amount of money back to dollars, if lets say the price doubled and you wanted to sell?

Like back in my bank account dollars.

miguelrochefort 3 days ago 0 replies      
> Further avoidance by them will lead me to make a few calls to news stations. I have the right contacts to easily put myself in the media.


AH4oFVbPT4f8 3 days ago 1 reply      
Did you have prior experience with CoinBase and buying bitcoins from them?

If not, why didn't you start with 1k to make sure the transaction went smoothly before sending over 35k?

yeahwhateverbro 3 days ago 1 reply      
So Coinbase put me in a similar situation but they haven't bothered to respond to any of my emails thus far. Is this where I contact Coinbase customer support?
sifarat 3 days ago 0 replies      
Now take my sincere advise, take a trip to Hawaii for couple of weeks. don't sell them fast. Once you are back, you will either have another trip, or just cash out successfully. end.

As for coinbase, Well played Sir, this comes from a broker but in a different field. every fucking pun intended.

frodopwns 3 days ago 0 replies      
My first purchase with Coinbase took 7 full business days (not far off from what you waited). Other than that my experience with Coinbase has been 100% positive...extremely fast and reliable service.
deutronium 3 days ago 0 replies      
Wow, what a disgraceful way to treat people. Certainly a company to steer clear of then.
cehlen 2 days ago 0 replies      
Question for mgrunin. In your opinion did CoinBase make things right? If not, why? If so then can well just drop this!
wavefunction 3 days ago 3 replies      
Speculation is a risky endeavor.
arun_bansal 3 days ago 1 reply      
Since it has taken this long, I guess you would rather have the lock price removed. It's around ~551.57 vs your original 868.91
_nato_ 3 days ago 0 replies      
Yikes! I really hope this gets resolved for you!
thaifighter 3 days ago 0 replies      
Crap. I was looking at Coinbase. Has this happened to others?
bsiddiqui 3 days ago 0 replies      
What're your non-Coinbase platforms for purchasing coins?
thinkcomp 3 days ago 0 replies      
The official way to file a complaint is with the California Department of Business Oversight, and the form is here:


adizam 3 days ago 0 replies      
Well now I know not to use coinbase :)
justinzollars 3 days ago 0 replies      
melling 3 days ago 0 replies      
Those guys in finance don't make or sell anything. They're just greedy. Too many of the smartest people go into it just to make money... Me on the other hand, I'm gonna make a difference.

Where can I get me some of those Bitcoins!?

iblaine 3 days ago 1 reply      
The guy who bought these coins is a douche. The fact is bitcoins are highly unstable and he bought them when the price was high(for this week). It is doubtful he would have had the sense to sell them before todays drop. If he really believes that bitcoins are a good investment, which I do, then he should have faith that they will rise in value over time(months, years). It's speculators like this that buy in when the price is high then immediately complain about the volatility that give bitcoins a bad name.
A Great Old-Timey Game-Programming Hack moertel.com
549 points by acqq  6 days ago   143 comments top 30
Morgawr 6 days ago 8 replies      
This reminded me of a game programming hack I did back in highschool. I had just started a school course on Pascal and decided to code a small game of snake, just for fun. I knew very little about actual programming, I was a real novice. The game was very simple, it was running in a windows console (cmd) without any graphics, the actual assets were ASCII art. The grid of the game was represented with asterisks and the snake was dots with a smiley face (one of those weird ASCII symbols nobody knows why it's there). Every game update I would redraw the whole grid, snake and the comma that was used to output the food.

The problem was that this was terribly slow, it flickered like crazy and it was unplayable. I was very sad because my game was working but unplayable for anybody so I tried to engineer a way to make it stop flickering. The solution came when I found out about a couple of functions in pascal that let you clear a specific character in the console at a specific X,Y coordinate and write another character that that coordinate. What I ended up doing was keep track of all the changes in the game for each frame (snake movements, food position) and just re-draw only the portions of screen that had changed.

This was great, no more flickering and the game was playable. (Nobody really played it because nobody cared but I was really proud of it).

Found out years later that this approach is pretty much what Carmack did in his old games: Adaptive Tile Refresh[1]


pflanze 5 days ago 1 reply      
I still remember a hack that I figured out on the Commodore 128 to speed up the 80 column display. I'm not aware of any program that actually made use of it (probably because the C128 and its 80 column display did not have a big enough user base to make it worthwhile to develop programs that needed speedy output).

The C128 had two separate video chips/ports, a C64 compatible chip showing a 40x25 character (320x200 pixel) display, and the "VDC"[1] showing 80x25 characters (640x200, or with interlacing, 640x400 or more), which was output on a separate connector. The VDC had a hideous way to change the display: it had its own video RAM, which the CPU couldn't access directly, instead the video chip had two internal registers (low and high byte) to store the address you wanted to access, and another register to read or write the value at that address. But that wasn't enough, the CPU couldn't access those VDC registers directly either, there was a second indirection on top: the CPU could only access two 2nd-level registers, one in which to store the number of the 'real' register you wanted to access, then you had to poll until the VDC would indicate that it's ready to receive the new value, and you would save the new value for the hidden register in the other 2nd level register. (There's assemply on [1] describing that 2nd level.) Those two registers were the only way of interaction between the CPU and the 80 column display.

[1] http://en.wikipedia.org/wiki/MOS_Technology_VDC

This was extremely slow. Not only because of the amount of instructions, but the VDC would often be slow to issue the readyness flag, thus the CPU would be wasting cycles in a tight loop waiting for the OK.

Now my discovery was that the VDC didn't always react slowly, it had times when the readyness bit would be set on the next CPU cycle. Unsurprisingly, the quick reaction times were during the vertical blanking period (when the ray would travel to the top of the screen, and nothing was displayed). During that time, there wasn't even a need to poll for the VDC's readyness, you could simply feed values to the 2nd level interface as fast as the CPU would allow, without any verification. Thus if you would do your updates to the screen during the vertical screen blank, you would achieve a lot more (more than a magnitude faster, IIRC), and the "impossibly slow" video would actually come into a speed range that might have made it interesting for some kinds of video games. Still too slow to do any real-time hires graphics, and the VDC didn't have any sprites, but it had powerful character based features and quite much internal RAM, plus blitting capabilities, so with enough creativity you might have been able to get away by changing the bitmaps representing selected characters to imitate sprites. And you could run the CPU in its 2 Mhz mode all the time (unlike when using the 40 column video, where you would have to turn it down to 1 Mhz to not interfere with the video chip accessing RAM in parallel, at least during that chip's non-screenblank periods.) My code probably looked something like:

        lda #$12       ; VDC Address High Byte register        sta $d600      ; write to control registerlda #$10       ; address hi byte        sta $d601      ; store        ldx #$13       ; VDC Address Low Byte register        ldy #$00       ; address lo byte loop                                                            cycles        stx $d600      ; select address low byte register   4        sty $d601      ; update address low byte            4        lda #$1f       ; VDC Data Register                  3 ?        sta $d600                                           4        lda base,y     ; load value from CPU RAM            4 ?        sta $d601      ; store in VDC RAM                   4        iny                                                 2        bne loop       ; or do some loop unrolling          3 ?        ..
(28 cycles per byte, at 2 Mhz, => about 300-400 bytes per frame. Although the C128 could remap the zero page, too (to any page?), and definitely relocate the stack to any page, thus there are a couple ways to optimize this. (Hm, was there also a mode that had the VDC auto-increment the address pointer? Thus pushing data to $d601 repeatedly would be all that was needed? I can't remember.))

How would you time your screen updates to the vertical blanking period? There was no way for the VDC to deliver interrupts. It did however have a register that returned the vertical ray position. Also, the C128 had a separate IC holding timers. Thus IIRC I wrote code to reprogram the timer on every frame with updated timing calculations, so that I got an interrupt right when the VDC would enter the vertical blanking area.

As I said, I'm not aware of any production level program that used this; perhaps some did, but at least the behaviour was not documented in the manuals I had.

The VDC felt even more like a waste after I discovered this. The only use I had for it was using some text editor. I wasn't up to writing big programs at the time, either.

PS. sorry if that was a bit long.

tbirdz 6 days ago 6 replies      
>The challenge wasn't overwhelming complexity, as it is today. The challenge was cramming your ideas into machines so slow, so limited that most ideas didn't fit.

I like this line right here. It does seem like we've piled on abstraction after abstraction in these days. Sure this does make things easier, but I think things have gotten so complex that it's much harder to have a complete mental model of what your code is actually doing than in the simpler machines of the past.

justanother 6 days ago 1 reply      
This is not unlike how 'fast' screen updates are done on the Apple IIGS. The fastest memory operations on the 6502 and 65816 involve the stack, so one ends up mapping the stack to the top of framebuffer RAM and pushing a lot of values onto it in an unrolled loop. The unrolled loop is itself rewritten by other code to provide the data for the next update.

Apple developer support themselves described this idea in Technote #70, http://www.1000bit.it/support/manuali/apple/technotes/iigs/t...

caster_cp 6 days ago 1 reply      
Loved the story! Mostly because I lived this stuff, and I'm 25 years old :p. In my Electronic Engineering graduation we had three professors crazy about assembly and slow PCs (in fact, FPGAs and microcontrollers). I remember the nights I spent awake trying to make a Viterbi Encoder/Decoder fit into a tiny FPGA, cramming a complex temperature controller (while reading sensors, commanding motors, and handling the input/output) in an 8051, or programming a 128khz sound recorder in assembly on an (old as hell) ARM, while communicating to a PC, showing info on a LCD and doing all the filtering digitally (the only analog stuff we were allowed to use were an anti-aliasing filter and the input/output conforming circuits). Ah, the crazy filters we devised to use all the old ARM's juice.

I lost myself there, but my main point is: in electronics (embedded systems, mainly) all this beautiful joy of crazy optimizations is still alive :D

stusmith1977 6 days ago 3 replies      
Reminds me fondly of the time I was writing assembler for the ARM2/3... it had such a nice instruction set that made hand-writing assembler pleasant.

It had a "barrel shifter" that gave you free shifts of powers of two, so you could calculate screen byte offsets quickly:

  // offset = x + y * 320  ADD R0, R1, R2, LSL #8  ADD R0, R0, R2, LSL #5  // = 2 cycles
It also had bulk loads and stores that made reading/writing RAM cheaper. The trick there was to spill as many registers as you possibly could, so that you could transfer as many words as possible per bulk load/store.

  LDMIA R10!, {R0-R9}  STMIA R11!, {R0-R9}  // Transfers 40 bytes from memory pointed to by R10 to memory pointed to by R11,  // And updates both pointers to the new addresses,  // And only takes (3+10)*2 = 26 cycles to do the lot.
Happy days...

Jare 6 days ago 0 replies      
We did this in our Sinclair Spectrum games to blit the backbuffer to the display memory. Interrupts were not a problem because if they occured during the PUSH (display memory), the corruption would be overwritten immediately when the blit continued, and if they occured during the POP, the backbuffer was going to be overwritten in its entirety the next frame.

However, we had to leave some space at the edge of backbuffer memory, because if there's an interrupt right at the beginning of the blit, the interrupt handler's stack frame could overflow outside of the backbuffer and corrupt other memory. That one was fun to find. [Edit]: I seem to have missed the second footnote where he already describes this issue.

danielweber 6 days ago 0 replies      
I have been searching for at least 10 years for the term "involution": the set of functions where f(f(x)) = x. Now i have it. Thank you.
couchand 6 days ago 2 replies      
This is a really neat article. One thing: the author falls victim to a common, unfortunate mistake in calculating the percentage gains: ...120 cycles. Thats a 30-percent speed-up. and then ...98 cycles. Compared to the original code, thats 60 percent faster.

The right way to calculate this figure is (t1 - t0)/t0, rather than the author's formula which seems to be (t1 - t0)/t1. For instance: (157 - 98)/98 = 60%, but the actual amount is (157 - 98)/157 = a 38% speed up. A heuristic: 60% of 157 will be much more than 60 (since 60% of 100 = 60), which means a 60% speed up would reduce the speed to below 97 cycles.

It gets even more misleading the more efficient it gets: Adding up the cycles, the total was just 1689. I had shaved almost 1200 cycles off of my friends code. Thats a 70 percent speed-up! The author has 1200/1689 = 71%, but the correct numbers yield 1200/(1689+1200) = 42%.

Not that I don't think these are significant gains, but it's just misleading to label them like this. If you've removed less than half the cycles, there's no way you've seen a 70% speed up.

jebus989 6 days ago 0 replies      
Great story, thanks for this; it's a refreshing change from bitcoin and VC chatter.
snorkel 5 days ago 0 replies      
I don't recall which of the Atari cart game did this (might've been Combat) rather than using space for storing sound effects the game would refer to its own code in memory for a random noise sound effect.

So true that back in the day much of a game programmers mental effort was spent on how to make big ideas fit inside small memory, anemic color palettes, and slow processors.

codeulike 5 days ago 0 replies      
Used to do a similar thing with old Archimedes games (the first computer to use an ARM chip, in 1988). The original ARM had 16 x 32 bit registers, and a single assembler command could write some or all of them to memory in one go. In practice you could use about 12 of the registers for graphics data (the others being program counters and stack pointers etc). Each pixel was 2 bytes, so with 12 registers you could do 1 row of 24 pixels - all in one instruction. Fetch some new data into the registers and write them again 24 times and you had a 24x24 sprite drawn very fast. To really use this technique you had to draw at word boundaries, thus the movement had to be 4 pixels per frame. But you could do a good full-screen scroll with this at around 12-15 fps (Archimedes could also do double-buffered screen memory so you draw one while displaying the other) and still plenty of time to do all the other work for each frame.
forktheif 6 days ago 5 replies      
Another possible way to get around interrupts overwriting your screen, would be to turn them off and update the audio after every line or two.
royjacobs 6 days ago 1 reply      
Having just spent a good chunk of my weekend reliving my Commodore 64 assembly coding days, this was an excellent way to top it off!
taeric 5 days ago 0 replies      
I do love the lesson that is implicit here. At least for me. The game was basically playable and doing what it was supposed to do before these interesting hacks were done.

Another interesting tidbit that should be obvious, but I miss a lot. The format of the graphics was fixed and not necessarily on the table for things that can be changed to make the code work. All too often it seems I let what I'm wanting to accomplish affect how I plan on storing the data I'm operating on.

tfigueroa 5 days ago 0 replies      
I'll join the chorus reminiscing about hacking for game performance.

In my case, it was on a Mac on a PowerPC CPU. It's a far cry from the limited resources of early personal computers, but this was at a time when 3D was hitting big time - the Playstation had just come out - and I was trying to get performance and effects like a GPU could provide. A hobbyist could get decent rasterization effects from a home-grown 3D engine, but I was working as far forward as I could. All that unrolled code, careful memory access, fixed-point math... I spent a lot of time hand-tuning stuff. It wasn't until I dug into a book on PowerPC architecture that I found some instructions that could perform an approximation of the math quickly, and suddenly I was seeing these beautiful, real-time, true-color, texture-mapped, shaded, transparent triangles floating across the screen at 30fps.

It was about that time that the first 3DFX boards started coming out for Macs, though, and that was the end of that era.

Aardwolf 6 days ago 1 reply      
>> each tile was 28 by 28 pixels.

Why not a power of 2 like 16 or 32?

professorTuring 6 days ago 1 reply      
I love this post.

Today most of game programmers just ask for a bigger GPU.

boulderdash 5 days ago 0 replies      
Thanks for sharing this. This is what Eugene Jarvis did to make Defender fast. It was a common tool in the toolbox for any clever game programmer for the 6809. I think it is awesome that Tom & buddy to experience the pleasure of its rediscovery.
anonymouscowar1 5 days ago 0 replies      
So, question: what sits in memory below the bottom of the framebuffer? It seems like if a sound interrupt occurs while drawing the lowest-address tile, you might corrupt something below there.

Edit: Oh! Just got to footnote 2. Thanks, author!

pjmlp 6 days ago 0 replies      
Great story! I grew up with this type of programming.

Brought back nice memories.

onion2k 6 days ago 0 replies      
Sounds similar to the scrolling 'hack' John Carmack used on Commander Keen.
gaius 5 days ago 0 replies      
boyaka 5 days ago 1 reply      
Did you guys see the top comment? TempleOS:


Some features:

64-bit ring-0-only single-address-map (identity) multitasking kernel

HolyC programming lanaguage interpreter

Praise God for binds using timer based random number generators

Create comics, hymns, poems as offerings to the Oracle

yoodenvranx 6 days ago 0 replies      
There should be a website where this kind of articles are collected!
teddyh 6 days ago 6 replies      
What computer and game could this be? Looking at Wikipedia reveals that the Motorola 6809 was not used for many computers, and not any that I recognize as being very popular.
vitd 5 days ago 4 replies      
I'm confused about something. After they've implemented their final solution that lets tiles become corrupted before they're overwritten, what happens to the sound? The sound is now being written to the screen, where it will be promptly overwritten by the copy tiles routine. Wouldn't that cause audio corruption? Or did playback of the sound complete before the interrupt returned?
normalocity 5 days ago 0 replies      
I love this kind of stuff. It's the kind of article that today makes me very interested in embedded linux and systems that supposedly don't have enough resources to do things that we've been doing for decades.

Brilliant blog post!

asselinpaul 6 days ago 0 replies      
Good read.
dragontamer 5 days ago 3 replies      
Arcade video game programmers of that age have told me warstories of themselves. BitBlits? That stuff is still handled by the BIOS / OS. The real arcade programmers would code at the level of scan-lines manually. (IIRC, Pacman was programmed at this level).

Every 30th of a second, the screen would have to be refreshed. Arcade programmers would perfectly tweak the loops of their assembly programs such that the screen refresh would happen at the right timing. As the CRT scanline would enter "blanks", they would use the borrowed time to process heavier elements of the game. (ie: AIs in Pacman). The heaviest processing would occur on a full-VSync, because you are given more time... as the CRT laser recalibrates from the bottom right corner to the top left corner.

Of course, other games would control the laser perfectly. Asteroids IIRC had extremely sharp graphics because the entire program was not written with "scanlines" as a concept, but instead manually drew every line on the screen by manipulating the CRT laser manually.

Good times... good times...

The Future of JavaScript MVCs swannodette.github.io
502 points by swannodette  2 days ago   150 comments top 31
bretthopper 2 days ago 2 replies      
There's two big highlights for me:

> Thus we don't need React operations like setState which exists to support both efficient subtree updating as well as good Object Oriented style. Subtree updating for Om starting from root is always lightning fast because we're just doing reference equality checks all the way down.

I don't think anyone actually likes using explicit setters/getters in frameworks like Backbone and Ember. Of course Angular avoids it but that's by the crazy "dirty-checking". Obviously the new Object.observe will help this situation, but I love how simple Om/CLJS makes this.

> This also means that Om UIs get undo for free. You can simply snapshot any state in memory and reinstate it whenever you like. It's memory efficient as ClojureScript data structures work by sharing structure.

> VCR playback of UI state

I can't wait for details on this. This has gotten me really excited about client-side apps again.

ibdknox 2 days ago 2 replies      
We've been thinking about this a lot lately for some of the projects we've been doing for Light Table and we've essentially been doing the same thing as what David's proposing here.

What react ultimately opens up is a way to do immediate mode UI [1] on top of the DOM _efficiently_, which changes things pretty dramatically. It means we can start to treat the browser as just a renderer and get the infectious design decisions of the DOM out of our programs. If nothing else, this gives us freedom, but as david is suggesting, I think this also gives us an opportunity to treat UI much more directly than we currently are. If you want to know what the state of your UI is, you just have to read linearly down through the code that produces your tree. No nest of dependencies, no state hidden in the UI components, you could even get rid of event hierarchies if you wanted.

More important than anything else, this gives us a chance to dramatically simplify our model for UI and magically be even faster than we were before. Sounds like a win to me.

[1]: http://en.wikipedia.org/wiki/Immediate_mode

asolove 2 days ago 2 replies      
Om looks very interesting and seems to handle exactly what I've been looking for. We have reactive widgets, which is great for making changes in the data automatically update the UI. But the hard part is closing the loop: how does the widget communicate back to the data about changes? It would be interesting if we had a zipper-like abstraction, so that the widget gets handed both its data and a function to call when it wants to change just its data. Then that function is smart enough to go find the right place in the big data structure to go do the replace.

Edit: Ok, I now see how the Om todo example is handling update, and it's really cool. It creates a set of channels that encapsulate the knowledge of how to handle each type of change to a todo [0]. That gets passed in to the todo widget as "chans" and the widget sends messages to it in its event handlers [1]. I wonder if this whole channel CRUD abstraction is general enough to make it part of Om or another layer so that it didn't have to be recreated each time.

[0] https://github.com/swannodette/todomvc/blob/gh-pages/labs/ar...

[1] https://github.com/swannodette/todomvc/blob/om/labs/architec...

jordwalke 2 days ago 2 replies      
Jordan, from the React core developer team here. Awesome post, swannodette! This is exactly how we intended React to be used. As swannodette said, at Facebook, we use persistent data structures, in order to prune the update search space for comment updates. We've seen as much as a 10x improvement in update speed for certain operations.

React is a really great fit for Om, persistent data structures, and functional programming in the following ways:

1. We want to allow developers to elegantly describe their user interface at any point in time, as a pure-as-possible function of data dependencies.

2. We allow hooks for your system to help guide the updating process along. These hooks are not necessary. Often, we'll add optimizations long after we ship. We strongly believe that perf optimizing shouldn't get in the way of writing code elegantly and shouldn't get in the way of the creative development process and actually shipping to your users. At the same time, performance matters - a lot. So we ensure that at any point in the update process, if you know better than the framework, you can help guide the system. The fact that this is optional and doesn't change the functionality or correctness of the system is critical. Persistent data structures are an excellent (likely the very best) way to hook into the update system without making the developer do anything special.

Some people here were wondering about the apparent OO influence in React. Here's how I personally think of React's OO support/influence:

1. It's there to help you bridge with other existing mutative, stateful libraries in your stack - you know you have them. The DOM falls into this category as well.

2. It's there when you want to treat state as an implementation detail of a subcomponent. This is only because we don't have a good way of externalizing state changes, while simultaneously keeping the nature of them private. We just need more people to think about it (I'm sure the ClojureScript community can help us chew on this). Our internal motto is to keep things as stateless as possible.

3. A lot of the OO support in React is there as a concession, more than being considered a virtue. It's really cool to have the FP community involved in the UI space. Those people are already sold on FP and statelessness and get the luxury of programming in tomorrow's paradigms today (how ironic that FP has been around for decades!) To accelerate this momentum, we also want to reach out to people who aren't yet sold and change how they think about building UIs and software in general. The most effective way to do this is to reach out to them where they stand today, on some middle ground. It's really great to see eyes light up when they see that they can use simple functional composition in order to build large, sophisticated apps.

We're really glad to have swannodette and the ClojureScript community checking out React (github.com/facebook/react). We should consider adding some level of support for persistent data structures in the React core. Let us know if there's anything we can do to help.

swannodette 2 days ago 2 replies      
I apologize that the Om TodoMVC version is a little bit buggy at the moment, I put it together mostly to demonstrate the benefits of the React/Om model and it appears I missed a couple of TodoMVC behavior issues as they weren't important for demonstrating the approach - I'll try to clean up these annoyances later this evening.

Feel free to ask any questions.

EvilTrout 2 days ago 3 replies      
> Om never does any work it doesn't have to: data, views and control logic are not tied together. If data changes we never immediately trigger a re-render - we simply schedule a render of the data via requestAnimationFrame.

Ember.js has done this since day one with the Run Loop. Additionally it allows to coalesce operations yourself if you need control.

Angular also would not update the DOM as many times as the backbone example as it uses dirty checking to get around this problem.

avolcano 2 days ago 2 replies      
The title of this post is strange. This seems more like the future of JavaScript views than the future of models or controllers.

I don't see a large movement to immutable data structures on the horizon in JS. I can appreciate the performance implications in Om, and would be interested in using React + Mori to the same end, but I'm not sure that it would keep me from having mutable data structures to represent most of my application state.

There are so many now-solved problems in JS MVCs that were a complete trainwreck several years ago - client-side routing, sanely managing data, and intelligently organizing your code base - that all assume mutable data structures and traditional object-oriented paradigms.

This might be the future of ClojureScript (in fact, it should be the future of CLJS, as it's much more elegant than any other view solution I've seen for it), and functional data structures may be a clever way to optimize the DOM, but this certainly doesn't seem like the future of JavaScript to me.

gfodor 2 days ago 1 reply      
This is really cool, and I am one of those people who rolls their eyes whenever there is another article about some newfangled way to build Javascript apps on HN.

One logical step from here is instead of having a one-to-one correspondence between the "virtual" DOM and the browser DOM is to introduce a higher level meta representation based upon the context. This seems like a logical path towards a generative, projectional approach to controlling UI and browser document rendering in general. It's been tried before in several contexts and the hacks I've tried myself have always been to hard to get my head around since it's a complex problem, but this seems like it could be a really decent foothold to build a projectional, transform-based paradigm. For example, having a meta-DOM that encodes mathematical notation (probably inspired by LaTeX), which gets transformed into the current virtual DOM, which is used to update the real DOM. User manipulates a integral on screen, and the downstream transformations are performed lazily and efficiently all the way to the screen. This type of lazy evaluation from document to screen is essentially the core challenge (from a engineering standpoint) in building a usable real-time projectional editor like that demonstrated by intentional software back in 2010 [1].

[1] http://www.infoq.com/presentations/Intentional-Software-at-W...

drcode 2 days ago 2 replies      
I know it sounds crazy, but I think your post just outlined the next 5 years of web development innovation, swannodette- This ties together a lot of ideas that are extremely important, for the first time in one place. Thanks for doing this.

I already have my own React.js+Clojurscript bridge for personal projects, because I think it's an extremely powerful web dev combination. I'm glad I can finally abandon my own library for Om!

taybin 2 days ago 0 replies      
But I just finished rewriting everything in angular!
dgreensp 2 days ago 1 reply      
I've been watching Clojure for a while, and I love the spirit of this work.

However, as a framework author, I feel obliged to point out that of course you can create a more expressive and performant UI framework in a language with S-expressions, macros, and value semantics. What's hard is doing it in JavaScript. :)

It also feels a bit like reverse logic to cite ever-faster JavaScript VMs as a reason to choose a new framework for performance reasons -- shouldn't it matter less exactly how you structure your application logic when you're running on a "fusion reactor"? -- but I realize there's some subtlety here about lower constants enabling better algorithms. (Still, if your framework includes a language compiler or gets to take advantage of an expressive macro system, it should be able to run on anything.)

Once it's possible to compile ClojureScript without booting up a JVM -- which could happen if it becomes self-hosting -- I'll make a Meteor package for it. I'd also like to see the compile times get a little shorter and the runtime library get a little smaller.

programminggeek 2 days ago 0 replies      
There was a really good talk from Charles Nutter about making JRuby fast and the mutable things that Ruby does that basically break caching and things that you do to make things faster at runtime.

I'm not surprised that persistent data structures can make things fast, in fact I've spent the last week speeding up a Rails app in some ugly spots by preloading the data structures to keep DB queries from happening, effectively turning a lot of just in time queries at the ORM level into a pre-loaded data graph. The speed is fantastic, but what is interesting is you could add a level of immutability to this and would be potentially even faster, especially on top of the JVM.

I've been playing with the idea of immutable entities in Obvious Architecture for a while and it really changes the way you look at your business logic and performance.

mtrimpe 2 days ago 1 reply      
I've been expecting this after seeing a few of your teaser tweets and as expected I absolute love it! I've been waiting for something like this ever since I read up on persistent data structures and functional reactive programming almost 10 years ago.

I'm wondering how this compare to the Javelin library as that seems to offer the same functionality when combined with hlisp. Would I be correct in saying that Om achieves the same by using ClojureScript's data structures and core.async to offload the FRP part to React?

jarpineh 2 days ago 2 replies      
This is like a dream coming true. I don't like Javascript's quirks, nor programming DOM with templates nor functions. I'm looking to build somewhat complex UIs without having to think in JS and manage state. React absolves me from DOM and ClojureScript keeps JS at bay.

Only if starting ClojureScript development wasn't so hard. I'd like to use browser REPL, IDE like LightTable. I am used to LiveReload's speed which makes loading changes instantaneous. But ClojureScript compiling seems to be still slow(ish) and I have already found half a dozen of different cljsbuild configuration examples. Compiling simple cljs files can take anything from sub second to 20 secs, and I don't understand why.

Could you perhaps tell more about your development process, Swannodette? How do you develop ClojureScript apps? I don't see anything beyond base cljsbuild in Om's project.clj. I confess I haven't yet had time to play with Om and see how fast it can be compiled.

rtfeldman 2 days ago 1 reply      
This kind of thing is exactly what makes me think CLJS is the current frontrunner to be the first compile-to-JS language to gain mass adoption without JS-like semantics (as CoffeeScript has).

It's the performance.

So many of us who want JS alternatives have made our peace with the idea that we'll have to sacrifice a bit of performance if we want to use a nice language.

But being able to improve performance while using a nicer one?!

Count me in! I already have a serious project in mind for this.

rubiquity 2 days ago 4 replies      
What about long GC pauses and running for cleaning up all those wonderful immutable data structures? Immutability is great when it's at the forefront of how a language is designed. Plastering immutability all over hot code paths in a language that wasn't designed with immutability in mind isn't great.
invalidOrTaken 2 days ago 0 replies      
This is fantastic. I've been goofing around trying to figure out a way to approach the general case (representing an interactive DOM with just EDN), but I hadn't done jack on performance. Thank you thank you David.
_pmf_ 2 days ago 3 replies      
On another note: maybe if the installation of ClojureScript would be manageable in, say, an hours instead of having to search half a day among outdated information, more people would try it (and this is from someone who already uses Clojure and Leiningen a bit).

Clojure and its libraries has the worst documentation, and this malpractice seems to be continued in ClojureScript.

d_j_s 2 days ago 1 reply      
So I rewrote Backbone views to use a queue system that fires on requestAnimationFrame -https://github.com/danshearmur/backbone-fast-view

I'm getting pretty good results with swannodette's benchmarks - http://danshearmur.github.io/backbone-fast-view/

I'm getting approx 150ms in Chrome for benchmark 1 and about 400 ms for Chrome for benchmark 2

jlehman 2 days ago 0 replies      
I spent the day working out the React tutorial in Om. It was an enlightening process.

Code: https://github.com/jalehman/react-tutorial-om

STRML 2 days ago 2 replies      
I'm not great at reading ClojureScript - but I'd really like to port some of the optimizations from Om, such as the rendering on requestAnimationFrame and usage of shouldComponentUpdate to Backbone.LayoutManager[1]. Swannodette, if you're around, do you have a minute to give a more in-depth explanation of how that works?

1. https://github.com/tbranyen/backbone.layoutmanager/wiki

john2x 2 days ago 0 replies      
I'm really excited about this. Until now I've hated working with Javascript because of a combination of the language itself, and its primary domain (the DOM).

Seeing React.js at JSConf.asia last month got me excited that I don't have to touch the DOM anymore, but I still had to deal with Javascript the language itself.

And now this comes along. Now I don't have to deal with DOM (or at least it offers better abstractions for working with it) and I get to use the most pleasant language I've tried so far.

Christmas came early. :)

rgbrgb 1 day ago 1 reply      
Is there any reason we couldn't mod the JQuery object to work on a virtual HTML tree that syncs with the DOM on requestAnimationFrame?

Couldn't this even be done at the browser level?

I think I must be missing something.

wheaties 2 days ago 2 replies      
Been playing around with RxJs and wonder how much difficulty would it be to combine React with this? RxJs seems to work particularly well with Angular but I know Back one much better. is there harmony between the two?
secoif 2 days ago 1 reply      
The flame graphs are meaningless and misleading: om's graph is only looking at 260ms of data, while the backbone's is looking at 1200ms.
EGreg 2 days ago 2 replies      
How is this different from the dirty checking that Angular does in its ModelView update cycle?
dylnclrk 21 hours ago 0 replies      
Neat, first time I've seen Computer Modern outside of a TeX'd pdf. It looks quite nice on your site.

Also... an interesting read, thank you :)

chrisege 2 days ago 1 reply      
Not to take away from the other points in your post, but on the benchmarks, the backbone example is writing to localStorage, while the om example isn't.

The overhead from localStorage appears to account for a significant chunk of the difference in performance. You can remove the localStorage calls with 'Backbone.sync = $.noop' or similar. After doing that and clearing localStorage, benchmark one drops to around 350ms, and benchmark 2 drops to around 2000ms.

Of course, benchmark 2 is where your library really shines, and backbone still takes its time with that one.

puppetmaster3 2 days ago 1 reply      
Lol, why can't it be just another FW that's not MVC? We can't evolve? Games don't use MVC, they use E/S. There is more than that pattern. Also when using API, you need something better.
brosco45 2 days ago 0 replies      
jpatte 2 days ago 2 replies      
It may be because I'm not familiar with ClojureScript's syntax, but the whole sample application code seems like a real mess to me. It's full of boilerplate code and it is happily mixing application logic with DOM rendering. [1]

Compare this with an alternative JS MVC framework (like, say, Knockout.js) and another modern "javascript-compatible" language (like, say, TypeScript), and see for yourself. [2]

While I didn't run any benchmarks, it's safe to assume the Om demo is faster. However which sample do you think is easier to write, test and maintain? If "The Future of JavaScript MVC Frameworks" is supposed to look like the Om sample, sorry but I'll pass.

[1]: https://github.com/swannodette/todomvc/tree/gh-pages/labs/ar...

[2]: https://github.com/jpatte/TodoMvc-Knockout.ts

Data Structure Visualizations usfca.edu
487 points by n008  3 days ago   35 comments top 20
gavinpc 3 days ago 6 replies      
I dream of a world where this is built in everywhere that I write expressions. It's so hard, and we desperately need it. Bret Victor has called a lot of attention to this lately, and rightly so.

It's easy to forget how much we have to remember inside our heads just to work with code. And why? Much of this work could and should be done by the machine, which would free us to focus on what we want. But the need for context, different execution environments, etc, all make this difficult to tackle generally.

More and more lately, I find that I'm interested in this problem more than the code itself.

lelandbatey 3 days ago 1 reply      
As someone who just finished a datastructre class (as in had my final just a few days ago) I used the heck out of this site all semester long!

The visualization for B-trees and Red/black trees was totally invaluable!

capkutay 3 days ago 0 replies      
This was pretty valuable when I took algorithms from this professor. Things like mergesort and indexing in B+ trees can seem very abstract when you try to learn it via a snippet of java code. These visualizations are even more useful if you need a refresher on algorithms for job interviews.
gregfjohnson 3 days ago 0 replies      
I wrote a web site http://gregfjohnson.com/redblackbuilder.html that takes interactive algorithm visualization another step. I would be delighted and appreciative if people go check it out and provide thoughts and feedback. IMHO It is fun and informative to play with, and a great tool for learning the algorithms.

It is specific to red-black trees, but I am considering adding other data structure manipulation algorithms as well.

On insert and delete, you can single-step forward and backward and see the tree manipulations at each step. Or, you can do the entire operation at once.

There is pseudo-code for insert and delete, and at each forward or backward step the line of code being executed is highlighted.

FrankenPC 3 days ago 0 replies      
Wow, this is valuable. It's not the kooky new framework that rockets tech forward, it's tools like this.
satyampujari 3 days ago 1 reply      
This is so useful. Here's another http://www.sorting-algorithms.com/
mmanfrin 3 days ago 0 replies      
This is incredibly useful, as someone who is an engineer with a non-technical degree.

Ironically (or perhaps coincidentally), I got my non-technical degree from the very school this is hosted on.

antonius 3 days ago 0 replies      
Glad I found this to reiterate what I learned as my Data Structure exam is tomorrow :)
enjalot 3 days ago 0 replies      
I just wish there was a button in each example that would populate with some demo data. I like to watch something go and then figure out it out by playing with the parameters. From this I don't immediately know what kind of inputs and outputs to use/expect (integers? floats? strings?).

very sweet project tho!

wlievens 3 days ago 1 reply      
You should check Amit Patel's blog articles, they are chuck full of interactive visualisations that are really well executed.
wijt 3 days ago 2 replies      
There are some great visualisations here. Coming up with good visualisations is tricky. I can't help but mention my own attempt at a more general framework for algorithm visualisation: http://will.thimbleby.net/algorithms/
olegstepanov 3 days ago 0 replies      
We did similar stuff 12 years ago when I was an undergrad at SpbITMO. The website with the visualisers (in Russian) can be found here: http://rain.ifmo.ru/cat/view.php/vis
deletes 3 days ago 0 replies      
Took a quick look at their insertion sort algorithm. It looks wrong, doing unnecessary swaps, when moving elements up. For and extra O(1) memory your can avoid that.
nu2ycombinator 3 days ago 0 replies      
I always had hard time learning algorithms through visualization softwares. Most effective way for me was reading and visualizing in my mind.
GowGuy47 3 days ago 0 replies      
Just found out yesterday that I'll be having my first interview for a Google Software Engineering position in about a month. This is truly going to be invaluable, thank you!
srchit 3 days ago 0 replies      
Awsome!! One of the best visualizations, I came across
crncosta 3 days ago 0 replies      
Amazing! thanks for share.
alixaxel 3 days ago 0 replies      
ananth99 3 days ago 0 replies      
Thank you for this priceless resource.
lisptime 3 days ago 0 replies      
thanks for sharing
Introducing Open Salaries at Buffer bufferapp.com
484 points by jliechti1  2 days ago   333 comments top 65
tikhonj 2 days ago 8 replies      
I've always felt the culture of hiding salaries was doing a significant disservice to employees. It creates a significant and largely artificial information disparity, giving a major market advantage to the employer. In turn, this makes the entire labor market less efficient for the employee.

This also makes the employer less accountable to the employees. The employer can easily pay somebody significantly more or less than they contribute, and the rest of the team cannot really say anything about this.

Now, there are some cultural reasons to do this--preventing jealousy, hiding inequality. But it really feels like a social band-aid, a temporary solution hiding the symptoms but not the underlying problem. Besides, everyone ends up having a reasonable guess as to who makes more and who makes less anyhow! The same dynamics develop, just with more uncertainty.

On the other hand, making salaries public takes these problems head-on. Inequality isn't bad in and of itself; some is basically necessary. But hiding that fact doesn't really help anyone. Instead, forcing people to see it head-on, deal with it and talk about it is probably a better solution.

I really applaud Buffer and the general movement towards transparency. I think it's a very healthy cultural progression and hope it catches on more widely, so that people stop having knee-jerk reactions to salary information.

EDIT: As an interesting additional note, all salaries (beyond a token minimum) at Berkeley (and the whole UC system) are publicly available at http://ucpay.globl.org/.

I've looked up various professors at the ParLab (where I did some undergraduate research). The fact that their salaries range from ~120k to ~350k did not change my perspective of anyone and did not seem to affect the lab's culture at all.

Essentially, I'd be perfectly happy to see this outside of public universities.

JonFish85 2 days ago 14 replies      
Let's say I'm a competitor, and I find that Niel (randomly picked) is someone I want to hire. All else being equal, I offer him $100k (website says he's making $88k). He comes to his boss to say "I like it here, can you match it?"

What does his boss do? Especially, if he's valuable to the company...

What if I have a very specialized skill that doesn't fit nicely into your matrix? Let's say market pay for my skill is $200k. Do you create a new category for me? Do I get dirty looks from all of my co-workers because I have a valuable skillset that most people don't?

I'd hate it, as an employee, as a boss or as an investor. But that could just be me.

suprgeek 2 days ago 7 replies      
Excellent concept - but one major Caveat.Why in the world would you publish it for all the world to see?

Keep it internal to the company - you have an expectation of privacy from your employer and this post just ruined it completely.

I hope they got written signed releases from every one of those folks whose private info they broadcast to the world.

carsongross 2 days ago 2 replies      
I like this idea, but with a few modifications:

* Names should be anonymous. Everyone knows where they are within the group and can determine if its fair without knowing exactly who makes what.

* It should include options and bonuses. In some companies non-salary compensation dwarfs salaries, and it's dishonest to point to a CEO salary and say "Look, he only makes 1.something X what regular people do."

* Keep it internal to the company. No point in giving the competition an exact target or requiring whole company buy in before you do it.

* Allow people to redact their own information, but display it as having been redacted. If enough people do that, or just management does it, everyone will sense that things are unfair.

kapilkale 2 days ago 6 replies      
Seems unwise to have a CEO co-founder be the highest salaried employee at a startup.

That person's equity position is probably at least an order of magnitude higher than the other employees. As an investor or employee, I'd find this alarming.


Call me old fashioned, but I think co-founders should be paid living expenses + 25%, even in a series-A funded startup.

sytelus 2 days ago 1 reply      
Things I learned today:

* Buffer is not somebody's weekend project

* It needs 16 (yes, SIXTEEN) people to run that thing

* They actually have revenue. In millions. $2.3 Millions!

* Their company values are based on How to win friends and influence people.

Aside from that, open salaries are pretty naive idea, if not completely dumb and dangerous. The lives you live everyday is in effect a game (as in "game theory" game). When you are talking to person, selling goods or buying one you are in the game. Like in any game, information is your advantage and your opponents weakness. This is exactly why privacy matters. If insurance company knows you eat too much pizza, they would want to get a higher premium from you. Similarly if a car dealer can look you up and figure out your salary, he can adjust his negotiation tactics. A plumber making half the money you do would want to charge you more than others. And so on. When all these people would look for their next jobs, their next employer would know how much salary to offer them.

dxbydt 2 days ago 2 replies      
Back when I was a really dumb undergrad, I did some work for a company & they asked me where to mail the cheque. I gave them the University address. So I was chatting with my professor & we walk by the mailboxes, and by pure reflex, I reach out into my mailbox & grab my mail & he does the same & we say our goodbyes & go home.

Now, I open the mail at home & am staring at my professor's salary! You see, the secretary had switched our mails by mistake because our last names began with the same letter. I was quite stunned by the number - it was a measly sum, and I did the math & worked out that the Professor's salary was about 60K. Now, I knew my Professor was an important CS scholar & had tons of papers to his name, but that low number irked me. After the PhD and all these papers, just 60K...why..?

At the same time, my Professor had also gone home & opened his mail & was staring at my salary! So much money for some dumb undergrad who was basically an average student & had no major publications or research! He was quite bothered.

The next day, we had a very awkward exchange of mails. But from then on, the student-teacher dynamic completely changed. I suddenly began getting B's instead of C's & even occasional A-. He probably felt, hey if this guy can get so much money in the market, he probably knows his shit. otoh, I began to respect him & the CS program less & less. So I still have to spend 3 more years & take 45 more credits & do the qualifiers to get the PhD & then write all these papers & for what..60K ? That was my attitude at the time.

Needless to say, I dropped out of the PhD pgm with a Masters & went to work full-time. That was the stupidest thing I ever did, but I just didn't know it then. Now, I look back & think...hey if I hadn't known about his salary, I'd have slogged it through & actually gotten my PhD instead of half-assing it out here :(

iampims 2 days ago 2 replies      
Its one thing to have a transparent salary policy, its a whole another world to publicly blog about peoples salary with a link to their Twitter account.

I hope all employees agreed to have their salary published on the buffer blog.

Kudos to them for trying something different.

benihana 2 days ago 6 replies      
This sounds like absolute hell

>Every internal email sent between any 2 people on the team has a certain list cced that is accessible for everyone: For example if 2 engineers email with each other, they cc the engineers list, if its people on our customer support team they have a support email list cced. Stripe was a great inspiration for this. (More about this)

Openness and transparency and honesty are great. But this seems like it's removing privacy, which sounds very tiring.

dsugarman 2 days ago 4 replies      
I have a feeling you will regret this soon. There are certain benefits in having a firm salary structure sponsored by a transparent system, but the loss of flexibility will hurt in ways you haven't experienced. Also, letting everyone know what their peers make can cause disgruntled employees.
mrkmcknz 2 days ago 2 replies      
Very humbling that no one at Buffer would call themselves a "Master", indeed many would probably but Joel at that level but he sits there on a 1.2x multiplier.

I once had a conversation with an old hat who said "If you call yourself a python master you better be fucking Guido."

YZF 2 days ago 0 replies      
One result from behavioral economics is that people care more about their relative standing to others than the absolute value of the salary. This is why transparency can be a double edged sword. If I think I deserve to be paid more than Joe, as long as I don't actually know how much he's paid I can believe that I'm being paid more. However, once you have transparency and I can see Joe is getting paid more than myself this will probably have a negative impact on my morale and performance.

One example I've heard discussed (I think by Dan Arieli) is how transparency in CEO pay has failed to bring CEO salaries down. One problem is now CEOs can see what other CEOs are getting paid and naturally every CEO will want to be paid higher than his peers.

I used to think open salaries would be a good thing but lately I'm not so sure. You definitely want to tread very carefully there as there are many implications and unexpected consequences.

jballanc 2 days ago 0 replies      
Imagine if you went to the store to buy bread, but you didn't know how much all the other people in line were paying for their bread. When you get to the counter, the baker charges you some arbitrary amount. Today you have enough money to buy bread, but the baker warns you that he may charge more tomorrow. Since you don't know what anyone else is paying for their bread, you can't have any idea if what the baker charged you is fair or not. All you know is that you need to work as hard as you can so that you can be sure you will be able to afford tomorrow's bread.

Of course, this doesn't work. Nobody is preventing you from asking your neighbors what they paid for their bread. Once you know what a "fair" price for bread is, then you know exactly how hard you need to work to afford bread, and you have little incentive to work any harder than that.

If you own a company, ideally you don't want your employees competing with each other. You want each of them to compete with themselves, pushing their abilities, growing, learning, improving. You don't want them to know exactly how much they need to do to earn that next promotion, because then they will have little motivation to do more than the bare minimum.

If you own a company, unlike the baker, you can have some amount of control over the flow of information. This control allows you to manipulate your employees motivations. Like any amount of control over anything, this control can be abused...but in capable hands it can also be wielded to great effect.

An open salary policy gives away that control entirely...

freyr 2 days ago 0 replies      
Many people here are picking on the senior developers salaries, hovering right around $100K. Maybe this isn't a particularly competitive startup salary, but note that salaries are tied to revenue.

If the company's revenue grows significantly, their salaries could become much more attractive. If, for example, revenues grow from $2M revenue to $20M revenue, senior developers would see their salaries increase by $54k or ~50% over this time.

It could be argued that 10X growth or an $18M increase in revenue is unrealistic for a tweet scheduler, but that's for the employees to determine.

zhuzhuor 2 days ago 1 reply      
I found one thing interesting is that only 4 out of 17 people choose equity over $10k salary. Even CTO chooses salary.

I am curious if this is common in startup companies, since I have never worked in startups.

bdg 1 day ago 0 replies      
I'm still baffled by salaries. In Toronto and surrounding areas (cost of living is not as high as San Francisco) I'm a programmer for web apps (php, js, and a bit of this-and-that). I see sallary ranges all over the map. Some make 40k, I've seen a 55k who wanted 60k, I've an 80k, and a few 90-120k.

One job I asked for 2x what I made at my old job.

I'm convinced you're paid what you ask for, so long as you can get shit done.

nsxwolf 2 days ago 0 replies      
Seeing these pathetic salaries (and in the Bay Area!), I don't feel so bad about my boring enterprise development position at no-name established corporation anymore.
icambron 2 days ago 1 reply      
I actually love the radical transparency here, even after reading all the warnings in the HN comments.

What I like less is the salary formula. What's going to happen is that all of the negotiation is going to get packed into the experience and seniority multipliers. It creates the illusion of rigor and possibly does more harm than good.

corry 2 days ago 0 replies      
Serious question: Why aren't equity positions posted too?

To me, that's part of the trade-off that the startup founder / leaderships takes (for good or ill), and seeing salary in the absence of actual equity positions is only half the picture.

Hopefully they all know each other's equity positions internally and just chose not to share publicly... otherwise it would seem like a betrayal of the open culture if the actual ownership structure of the company wasn't openly known and discussed.

ra3 2 days ago 3 replies      
Can't say a lot of good things about a company that pays a "Chief Happiness Officer" more than most of its engineers. I know plenty of startups that seem to be doing alright in the customer service department without an overpaid exec heading it.

Does she really contribute more to the bottom line than any of the other 4 underpaid engineers?

danso 2 days ago 2 replies      
Wow...the engineering salaries are significantly lower than I would've expected for a well known startup in the Bay Area...at least compared to the perceived range for such things.

Note: a less cynical take is this: GodDAMN buffer employees must be happy working there if they tolerated transparency to this level...which, really, is the best win-win for all kinds of transparency scenarios.

Diamons 2 days ago 1 reply      
It's honestly stuff like this that makes me feel like the only sane person around. Why would you do this? If the CEO is pushing for it, the employees will all smile and nod and go along with the crowd, but all this does is breed resentment. The idea of open salaries sounds good on paper, but it's simply idealistic.

You can sing the happiness song and do all the lets-be-friends dances but at the end of the day we're people competing for resources. This will have lasting effects to all current employees for sure.

rmason 2 days ago 0 replies      
I wonder in five years looking back whether Buffer getting hacked or their 'transparency' will have hurt them more. I am betting the latter.

Do they really think they can ban private emails between engineers? it would have been much easier to simply load eavesdropping software on their computer if management doesn't trust them.

I really like Buffer but I'm a little worried about them.

overgard 2 days ago 0 replies      
What the hell is a happiness hero? It sounds like some sort of horrible orwellian euphemism.
joshuaellinger 2 days ago 0 replies      
I always thought the best system would be to tell people what their boss makes, including options and other non-salary compensation.

This eliminates the problem of people comparing themselves to their nominal peers on incomplete information. It really tells you everything you need to know about compensation.

But the most valuable part of the buffer system is the formula. You have a framework for calculating what is fair.

One of the dangers at small busy startups with well-intentioned leaders is that you basically forget to give people raises and your employees don't get you to correct it until they are pissed enough to quit. That's part of why I left my original company and it cost me a good employee recently.

newobj 2 days ago 0 replies      
Well, Sunil and Colin, seeing that you are criminally underpaid, are you interested in opportunities elsewhere?

I will figuratively eat my underwear if you don't come to regret this strategy (public, non-anonymous open vs. internally open) at some point.

zmitri 2 days ago 5 replies      
I have a question: Why would the founders take such high salaries?

Seems to go against everything I would think was important for a company that is venture-backed.

benaston 2 days ago 0 replies      
When the market shifts, or for tactical reasons you have to pay more to recruit someone, you instantly have a problem.
dj-wonk 2 days ago 0 replies      
I've read dozens of the comments on this page so far. The thing that jumps out to me is the interplay between these factors: (1) internal transparency (2) external transparency (3) internal privacy (4) external privacy (5) human motivation and (6) company culture. There are many combinations here, and I can't help but think Buffer didn't do an effective "search" across the possible "parameter space", even according to their own goals and interests.

For example, Buffer could have easily added a policy saying that each employee's compensation may be adjusted by, say, +/- 20% based on individual factors. That would give some uncertainty, and thus a bit of individual privacy. Peers would still have some confidence that they were, more or less, in a similar range as others with their public performance characteristics.

Let's put ideology aside (i.e. do we want this to work, according to our theories of human nature) and focus on the actual effects. How do you know if you've succeeded? How do you measure this? How do you design the experiment?

Call me skeptical, but I can't help but think that Buffer is doing this, largely, to say "look at us!" and "this makes an interesting blog post!".

jcampbell1 2 days ago 1 reply      
Also introducing open revenues and semi open profits.

Implied Revenue: $2.0M [1]

Total Salary: $1.7M

[1] ((158.8 - 22)/1.2 - 751.2)/12

dmourati 2 days ago 1 reply      
Wow, those salaries are low. If I was making that much and someone posted my salary to the internet, I would immediately quit.
the_watcher 1 day ago 0 replies      
The CEO of Buffer was asked by someone if he worried about this making it easier for his employees to be poached. His response: "if they do, they would be saving me time. Good to speed up that process. I dont believe salary is the reason people would leave."[1]

[1] https://twitter.com/joelgascoigne/status/413713018455740416

asgard1024 1 day ago 0 replies      
I think if you don't like the idea of closed salary (I don't), you should just go ahead and publish yours publicly (on FB or something), if you have the guts to do it and face potential conflict with your employer (I don't have the guts, I wish I had).

Because, quite frankly, it's your money. No one should tell you what to do with it, much less to count these, publicly. And if, as the result of this, you get smaller salary, it will be there for the others in the company to see. How motivational.

I think even with this unilateral action, you will get most of the benefits - good people around you are likely to respond back and tell you if you're underpaid or overpaid.

programminggeek 2 days ago 0 replies      
One area where open salaries are not such a big deal - education. Many teachers are paid on an open scale of years of service X education level. It does create a culture of possibly too much higher education beyond what is useful or necessary for certain levels of teaching. That also creates teachers who don't want to switch jobs because they'll lose the years of experience pay.

Lesson - all people game the system for their own benefit.

vladgur 2 days ago 1 reply      
Wow, these salaries seem to be pretty low. I mean a senior IOS engineer making $107K in SF? Id expect them to easily increase their salary by 30% by jumping ship.
iblaine 2 days ago 0 replies      
If I were in HR then I would be reaching out to any employee that I see is under paid. Likewise I would not reach out to any employee that I think is over paid. Perhaps consider keeping this data internal.
tootie 2 days ago 1 reply      
I used to work in government (US municipality) and every single employee's salary (10s of thousands of people) was public record.
dangero 2 days ago 1 reply      
Wow, an Android engineer making less than 100K that's crazy to me, but I'm not that familiar with UK salaries I guess.
icedchai 2 days ago 0 replies      
It's interesting the number of employees that chose the "+$10K more salary instead of more options" option. What does this tell you?
n1ghtmare_ 2 days ago 0 replies      
"Happiness hero"! I can't think of anything more cheesy. Seriously.
rikacomet 2 days ago 0 replies      
when I clicked on "try buffer" it takes me to the url: bufferapp.com, kaspersky blocked it saying "phishing URL".

You might wanna talk with Kaspersky?

codingdave 2 days ago 0 replies      
This is only halfway to true transparency. And also halfway to the bureaucracy of most large companies.

The other half to get to full transparency is having clear, measurable definitions of experience, and clear milestones of how to advance in seniority.

And that relates to how this starts to resemble corporate salary structures -- the key difference being that these guys have a defined number instead of a "salary grade". but the idea of plugging positions and experience levels and seniority into a salary structure is key to almost every large company. And as a result, most of the corporate angst over salaries starts to boil down to questions like: "Why is he a programmer IV, while she is a programmer III.", "How do I advance from being a Staff Software Engineer to an Advisory Software Engineer?"

This structure doesn't necessarily remove questions (and sometimes conflict) over career advancement, it just moves the discussion away from money, and towards labels and definitions.

And as some comments mentioned, there are cases where you really want to hire someone whose salary requirements do not match your structure. You may get into sticky situations like having a great coder, but you would have to make him a Lead, or a VP to actually make him fit your structure. And maybe you don't want them to have that level of leadership, because that is not their skill set. So you end up having to decide -- Is this salary structure more important than making those hires, or are you willing to let potentially great hires get away because this structure is more important to the company than those people?

That decision is not one that I will second-guess - I would think that these types of issues and scenarios, as well as other issues raised in the comments, have probably already been debated internally before this decision was reached.

But that would be an interesting follow-up post -- to hear about what discussions and debates went on before making this decision, what the expected impacts will be, why decisions were made, and what levels of growth are expected to invoke changes in this structure.

Uchikoma 2 days ago 0 replies      
As a "boss" I'd love this.

The only downside I see is that some people will be disappointed because the salary reflects their skills and the value the company puts in them. For some this is hard to take if they are in the bottom 20% of people in their peer group.

Said that, it's probably a good idea to start with this compared to introducing this later.

tomasien 2 days ago 0 replies      
There are a lot of people bringing up edge cases and contingencies on this thread. The success of Buffer's culture is what happens when you stop being afraid of the edge cases and start deciding what kind of people you want to be. People will follow you if you stay true to that, as corny as that sounds.
treitnauer 2 days ago 0 replies      
It's great to see other companies experimenting with openness in salaries. We've taken a different approach and pay all employees (including founders) the same salary which increases as the company grows. Our team is now 8-people strong and it's working great so far. As long as you contribute to the bottom line everyone's salary goes up automatically. It's totally transparent, no negotiations required, reviews, etc.
esja 2 days ago 0 replies      
As they grow they will need to hire more people. I wonder whether this policy will prevent some otherwise excellent hires from joining them.
OhHeyItsE 2 days ago 0 replies      
Interesting in many ways.In particular, only the executives make what would be considered a competitive senior engineer/architect salary in NYC or SF. Perhaps they 'compensate' with equity?
mathattack 2 days ago 0 replies      
I'm very much on the fence with this. If you follow a simple formula, it can work. If you need to use judgment (how to pay a superstar?) then it becomes very tricky. My general observation is that any time two people compare salaries, one is disappointed. And here you shared your salaries with the whole world. Bravo for doing this, and engaging the discussion.
thesausageking 2 days ago 0 replies      
I'm really surprised the founders are the best paid people on the team. $158k is a big salary for a founder/CEO of a company at that stage.
almosnow 2 days ago 1 reply      
What are 'happines hero'es ?
symfrog 2 days ago 0 replies      
This post reminds me of Miley Cyrus at the MTV VMA earlier in the year. Pop singers are incentivized to be the first to break cultural norms for no practical reason in order to ride the wave of subsequent teen followers.

In the same way, posts like these are created to be the first to break a specific norm (i.e. do not post employee salaries publicly) in order to ride the wave of traffic (and hopefully a few additional users).

sifarat 2 days ago 0 replies      
I am the CEO, and my salary is lesser than all the key staff in my company. Reason, self-funded. And everyone in the office knows it. I am just astonished how a CEO of company like Buffer, can afford such an expensive package for himself. Are you making enough or just billing it to your investors?
juliebug 2 days ago 0 replies      
As someone who uses Buffer (free version) on a regular basis, I have to say that I'm fairly amused that it appears as though none of the commenters here have actually read much, if anything, about Buffer. They have quite a lot of information about corporate culture that would have answered some of the questions and concerns posted here. Further, they're a distributed workforce (which I don't think anyone picked up on -- this explains emails vs. face to face conversations).

Some extra reading for you folks:

http://bufferapp.com/about/#our-philosophy scroll down to the 9 Buffer Values)


jaboutboul 2 days ago 0 replies      
Not the smartest thing in the world to do, publish people's salaries and twitter accounts, especially in this day and age where privacy is virtually non-existent. I hope everyone agreed to publicly disclose the salary information.
Kiro 2 days ago 0 replies      
The support staff makes twice as much as me and I'm an engineer. Are those normal salary levels?
Euro_IT_drone 2 days ago 3 replies      
Just trying to compare here with my European salary.. How much of this do you get to take home, ie. what part of it can you spend on food, clothing, housing etc. after takes? What about health insurance, is it provided for?
fideloper 2 days ago 0 replies      
I'm really happy to see companies offer equity vs higher salary. As someone is almost 30 (read: less willing to take the chance that equity will result in future money), I feel that's a great choice to offer employees.
overpaidprobly 2 days ago 4 replies      
Does anyone have an opinion on how these numbers square with market rates?

I make $113k/year as a juniorish engineer at a VC backed startup in SV. Am I hilariously overcompensated?

bliti 2 days ago 0 replies      
1. Does the buffer team work remotely?

2. What's your backend written in?

kreek 2 days ago 0 replies      
How long until the Buffer employees form a union? :
yeukhon 2 days ago 1 reply      
This doesn't scale well when your company grows to hundreds of employees or even thousands.
ereckers 2 days ago 0 replies      
As long as they never have enterprise sales people I thin everything will be A OK.
rpedela 2 days ago 0 replies      
What is a happiness hero?
dinkumthinkum 2 days ago 0 replies      
I don't mean anything but these salaries are pretty weak. Honestly, they are sort of really weak for this kind of company it seems to me. Hardly gives the impression of high paid software developers, particularly in the Bay Area, wow. I dunno.
snambi 1 day ago 0 replies      
A Crypto Challenge For The Telegram Developers thoughtcrime.org
460 points by mjn  2 days ago   131 comments top 18
sdevlin 2 days ago 3 replies      
For reference, here's a list (probably incomplete? (EDIT: and feel free to add!)) of ways this protocol is broken:

  1. There's no authentication at any point. The whole thing is trivially MITM-able.  2. The RNG is Dual_EC_DRBG, which is backdoored.  3. The RSA public key is small enough that an attacker of sufficient means could break it.  4. The RSA plaintext is unpadded. Proper padding is critical for safe RSA encryption. See e.g. Bleichenbacher '98.  5. RSA is used to encrypt semantic data. Dangerous for the same reasons as above.  6. The hash function is broken. I'm not sure if this matters too much here, but I'm also not sure that it doesn't matter.  7. The ciphertext seems to be restricted to messages of exactly 128 bits. It's not clear how or if the plaintext is padded if it's too short, and it's not clear how the protocol handles a longer message. These are noteworthy considerations.
And yet it's still (basically) safe against the kind of contest Telegram has outlined. Someone could win by factoring the RSA public key, but I'm not sure if that would be cheaper than the $200k prize. This vulnerability can also be mitigated trivially by using bigger RSA keys, making the protocol Telegram-secure.

ge0rg 2 days ago 2 replies      
tl;dr: moxie uses ancient, known broken crypto primitives (Dual_EC_DRBG, RSA with 896 bits, MD2 and XOR) to construct a chat protocol which is unbreakable if framed in the same way the Telegram developers did with their challenge. "If they cant demonstrate a break in this obviously broken protocol using the same contest framework theyve setup, then well know that their contest is bullshit."

Also, a call to arms to improve the OSS TextSecure implementation.

zooko_LeastAuth 2 days ago 3 replies      
Dear makers and backers of Telegram:

Perhaps in response to my requests (https://news.ycombinator.com/item?id=6933179 , https://twitter.com/zooko/status/413552420522708993 , https://twitter.com/zooko/status/413552466748133376 ), your FAQ (http://core.telegram.org/contestfaq) now says:

-------Q: Does Paul send the same message to Nick every day?

No, just as in real life, Pauls messages to Nick can be different each time. The only thing that doesnt change is the secret email address in his daily messages.

Q: Could you provide an example of a Paul's message to Nick?

Sure. The message may look like Hey Nick, so here is the secret email address for the bounty hunters {here goes the email}.-------

There are some things that I don't understand about the structure of this contest. Why is the target secret an email address rather than a magic word like "squeamish ossifrage"?

I asked for an examples of the actual message, and you posted an possible example, but what I meant to ask for was actually the exact text of one of the messages. Except, of course with the target string (the email address) replaced by X's.

For redditors following along, getting a (partial) copy of the exact message that was sent would be an example of what cryptographers call (partial) "known plaintext". If your cryptosystem is secure against Known Plaintext Attack, then it doesn't matter if an attacker (me) gets copies of some of the messages. If your cryptosystem is insecure in this model, then your users have to be careful with what they type into their messages. For example, they might need to be careful not to cut and paste long strings from other sources, or to otherwise insert strings into their messages that their attacker might guess.

All good, modern cryptosystems are secure in the Known Plaintext Attack model! (And, in fact, all good, modern cryptosystems are secure in much more rigorous models in which attackers get more powers beyond peeking at plaintext.)

So if the makers of Telegram are confident in the security of their protocol, they should have no problem posting the complete, verbatim text of the first message that Paul sent to Nick, with the target email address replaced by "XXX"'s.

meowface 2 days ago 4 replies      
Even if Telegram's explanation did stand up to scrutiny and was ran by experienced cryptographers, the fact that its core code is closed source makes it utterly worthless from a security perspective. They can tout their own security all they like, but if no one else can independently verify it then it means nothing.

So far they've only published the source to their client, but their servers do all of the actual processing and cryptography.

All of Moxie's projects, on the other hand, have always been completely open source.

paulsmith 2 days ago 5 replies      
Is there a decent Crypto Not For Dummies But For Reasonably Competent Programmers Who Have Thus Far Taken It For Granted But Want To Get Up To Speed Fairly Quickly On Concepts And Implementation text?
huhtenberg 2 days ago 2 replies      
This is counter-productive.

Whichever way you view Telegram, they haven't developed it to make a quick buck on the ignorance of the masses, nor are they in it to deceive people and entice them to use a knowingly broken crypto.

Granted, they have an attitude problem, they clearly have no experience talking to the crypto community and they made dumb move with this contest thing, but in the end of the day they and Moxie(s) are on the same damn side.

Antagonizing things further is just plain stupid.

paveldurov 2 days ago 2 replies      
As mentioned at http://core.telegram.org/contestfaq if more tools to interact with the traffic are needed for the contestants to crack Telegram, they will be provided in the next contest right after 1 March, 2014. The current contest has an important practical task of deciphering traffic that is being intercepted in real time. This is the basic concern of regular users like myself (me and lots of other people in Russia had to stop using WhatsApp because of easily decipherable intercepted traffic). If Telegram proves to be robust in this respect, more tools to manipulate traffic and wider contests with similar prizes are to follow. Like all startups, this contest by Telegram starts from solving a basic but most important problem, then gradually gets more complicated in functionality and scope.

Telegram will always be interested in creating incentives for the crypto-community to check its security and provide feedback. So if you are waiting for tools to try, e.g., a MITM on Telegram and get your $200, please stay tuned. It's @telegram on Twitter.

guyht 2 days ago 1 reply      
Whats to stop Telegram tampering with the messages and just displaying random bytes in the 'output'? This would make it impossible to crack. You cant test the security of a system without 1 - full access to the system or 2 - complete trust in the people controlling the system (which we dont have)
m-app 2 days ago 2 replies      
I have been saying this a couple of times in similar threads, but I think Threema [1] deserves a little more attention. Complete end-to-end encryption using NaCl. The interface they created is simple and gets the point across. Also, they're actually saying "don't trust us!", which ironically makes me trust them.

[1]: https://threema.ch/en/

im3w1l 2 days ago 4 replies      
Using an NSA backdoored RNG is pretty redundant. A cell phone cannot be secured against NSA. They'll just activate their keylogger and grab the plaintext before it has even been encrypted.
StavrosK 2 days ago 1 reply      
I must be missing something, but isn't this easy to attack by exploiting the periodicity of the XOR function? Or is the message 32 bytes long as well?
javajosh 2 days ago 1 reply      
Funny. But actually, the simplest contest that accurately describes Telegram's insanity is simply this:

::Given an unknown function f and a single output y, compute the input x that maps to y.::

Ready? Here's the output: ROSEBUD. Now I'll give $100k to anyone who can tell me x. Good luck!

cybernytrix 2 days ago 0 replies      
<Rant>After reading all the blogs and replies that are abuzz talking about Telegram, I realized they are the best guerrilla marketers I have seen in a while! They might as well throw away their PhD. papers and stop calling themselves as Engineers/Cryptographers/whatever... marketing monkeys...


ef47d35620c1 2 days ago 0 replies      
If the prize was similar to this one, I think the challenge would be taken more seriously:


    * Prize        One small Slurpee or its equivalent monetary value.

conformal 2 days ago 1 reply      
this is a reminder that prizes or cash for breaking crypto products is a silly PR stunt. mega did the same thing, ended up paying out some money, then their product is "secure" by the same sort of argument. same deal with cryptocat and several other cryptoturds.

i do find it amusing to hear moxie ranting about how much better textsecure is when the license on it is such shit. can't argue with the fact that it's open source, but there is no point in contributing the codebase due to the licensing.

andy112 2 days ago 2 replies      
If they were to release the plaintext of Alice's (or, in their case, Paul's) message, wouldn't that include the secret email address?

FWIW, I agree the contest is a sham for the reasons moxie & others listed here and elsewhere.

anonymoushn 2 days ago 0 replies      
public key plz
alonium 2 days ago 4 replies      
Another guy has butthurt from Telegram. As I read somewhere telegram guys said that after 1st march 2014 they somehow will allow to perform MITM in that crypto challenge
If a Drone Strike Hit an American Wedding We'd Ground Our Fleet theatlantic.com
457 points by gabriel34  6 days ago   354 comments top 40
sethbannon 6 days ago 9 replies      
The way America is conducting the war on terror is both self-defeating and morally repugnant.
forktheif 6 days ago 13 replies      
It continues to baffle me why the fact they're drones matter in the slightest.

They're not autonomous, they're flown by pilots who just happen to not be sitting in the aircraft they're flying.

Manned aircraft have killed huge groups of innocent civilians more than once, but apparently that's fine because the pilot was sitting in the aircraft.

k-mcgrady 6 days ago 4 replies      
Not all that surpising. As was made clear during the Snowden leaks the USG doesn't consider human beings who aren't US citizens to have the same rights as Americans.
belorn 6 days ago 3 replies      
> Five of those killed were suspected of involvement with Al Qaeda, but the remainder were unconnected with the militancy, Yemeni security officials said."

> The New York Times reported in 2013 that the Obama Administration embraced a disputed method for counting civilian casualties, which in effect counts all military-age males in a strike zone as combatants.

So 5 people were of military-age and male? Given a size of 22 people, it sound reasonable. I wonder how many were children.

ck2 6 days ago 5 replies      
I think it is time for a world-wide ban on armed drones, period.

Just like we have international treaties for other horrible things like mustard gas.

Do all the reconnaissance you can get away with. But I don't want a tired, overworked, morally disconnected 20-something sitting in a trailer somewhere in the US, pulling a trigger to kill unquantifiable targets anywhere in the world. Or any other country doing it to anyone else for that matter.

rikacomet 6 days ago 0 replies      
Terrorism is a idea, it cannot be killed with bullets or drones.

The Terrorist we know today are a pretty much related to those people who were supported by American Intelligence agencies in the mid70-80s, against the soviet. The "Barbarians" among those folk were given advanced weapons, that America possessed, those weapons might be outdated, and America may have a upper hand, but that is only a matter of time. Sadly, this has became a chicken and egg problem.

The circle of REVENGE is a continuous one, you kill more people innocent or not, you sprout a new rebellion. They will eventually hurt you back, today or tomorrow. and the process will continue.. presidents, prime ministers would come and go by.

The only way to stop this is to actually STOP. Stop interference in ways like espoinage, drone strikes, killing of "Suspected" militants.. never given any right to appear before court.. everything. The root problem is the so called intelligence that does more than just collect information about "suspected" enemies.

Someone has to rise up and stop it. for both sides, perhaps it escape us humans sometimes, the very fact "those who are hurt are the ones who can forgive or take revenge." Thats about there it is to this.

Really sad to hear about that nameless bride/groom & family. May they R.I.P.

belorn 6 days ago 0 replies      
It is articles like this that asks the reader to pierce media bias, and take a honest look at a conflict.

If an Qaeda militant had gone to US city and bombed a wedding where they suspected harbored US officer, how would that play out? 22 injured, 17 killed by Qaeda militants in boston. Terrorists mistakenly targeted a wedding, trying to go after 5 US officer.

If there were no propaganda in media, surely this would play out identical as this drone strike. No world leaders expressing their condemnation of the attacks, condolences, and solidarity. Military strikes kills huge groups of innocent civilians all the times in wars, so nothing to write about.

MattyRad 5 days ago 1 reply      
Would anybody be surprised, even sympathetic, if the families of the deceased joined Al Qaeda as a direct result of this? Americans killed their friends and family on a sacred day, and nothing would be more appropriate than seeing they pay for it. Such an atrocity is almost comical when you think that the reason it occurred was to stop Al Qaeda, ends up bolstering it. It's appalling on so many levels.
swamp40 5 days ago 2 replies      
The anti-American rants on here are disgusting.

Nobody's calling this a mistake except the media.

5 Al Qaeda dead, 5-10 people sitting next to an Al Qaeda member also dead.

Intelligence even pointed out which 4 cars out of the 11 car convoy contained the Al Qaeda members.

If you think there is no war going on over there, the 52 civilians slaughtered by Al Qaeda on Dec. 5 in a Sana'a hospital would disagree with you.

Check out how Al Qaeda operates here at the 56 second mark, where one of them casually lobs a grenade into a crowd of civilians during the Dec. 5 attack: http://www.guns.com/2013/12/14/graphic-cctv-footage-militant...

The US drone strike was a direct response to the Dec. 5 massacre by Al Qaeda.

holograham 5 days ago 1 reply      
A great book to read on the decline of violence in the world:The Better Angels of our Nature: Why Violence has Declined by Steven Pinker.

The Hacker News community should like it as it focuses on the stats and facts rather than anecdotal stories the media slings.

The main thesis: Violence (in nearly every form) has been on a precipitous decline in the modern era. War deaths (and civilian causalities) are at all time lows and still declining.


wil421 6 days ago 4 replies      
I dont know which is tarnishing the American image worse the use of drones strikes or the Snowden leaks. What happens when our allies start to even say enough is enough.
fit2rule 6 days ago 0 replies      
"Let us hit you with this stick, because if we start hitting you with the bigger stick, all the other ants will come teaming out of the woodwork and then there will be a real war going on".

This kind of argument just makes me want to violently throw up. There is absolutely no honor in using a remote drone to kill people from a distance. It is among the most despicable things a human being can do to another human being.

How about we make America take a really honorable position and say this to our American military friends: you are not allowed to kill anyone unless you've attempted, directly, to communicate with them - in their language - and discussed the reasons for their hostility directly, person to person. Only after this has occurred, and all other efforts to resolve the persons aggression, is the right to kill granted.

I'm sure we'd see all those fascist US military personnel take another look at their chosen career path if they did, indeed, have to use the mighty power of American technology, to communicate and make direct peace with the targetted individuals instead of decapitate them, fill them with lead, murder their children, injure and maim their relatives, disfigure the strangers who were simply in the area, at the wrong time ..

badman_ting 6 days ago 2 replies      
It's okay when we do it.
danbruc 6 days ago 1 reply      
Now go and explain the difference between this incident and a terror attack without using the fact the the former has been carried out by a state while the later has been carried out by civilians.
njharman 6 days ago 0 replies      
> A U.S. drone mistakenly targeted

Drones aren't autonomous. They don't target anything. Weapons officers do.

Besides being plain wrong and bad reporting, dehumanizing (attributing it on the drone) shifts responsibility and makes it seem like problem is solvable by "fixing" drone or by grounding them.

clarkmoody 6 days ago 1 reply      
I seem to recall that the Obama Administration was going to restore America's image with the rest of the world -- the image that was presumably destroyed by W.
locusm 6 days ago 0 replies      
I wonder if the blow back from this in 10 years will be worse than the propping up of despots and dictators for the last 50.
altcognito 6 days ago 0 replies      
No, we'd insist that every wedding have a security drone to protect that wedding from other drones. When you ground drones, then only the terrorists have drones.
almost 6 days ago 0 replies      
I think it meant if an american drone strike hit an american wedding.
baddox 5 days ago 1 reply      
I don't see why the author thinks we would ground our fleet. Police routinely and deliberately kill innocent people in the US, and we don't "ground our police force."
nraynaud 6 days ago 0 replies      
And just to make drive a little bit the point home: there are quite a few people suspected of terrorism in the US, like one French spy who blew the rainbow warrior, quite a few people from Via del Mar, US citizen who passed through ESMA in Bs As, probably a few assassins from the mossad etc. And if a pressure cooker is a weapon of mass destruction, I'm pretty sure a hellfire is, too.
yodsanklai 5 days ago 1 reply      
Concretely, at our level, what could be done to prevent those things from happening? voting doesn't seem to be working (esp. for those of us who aren't american).

The problem is that our democracies are broken. Most people aren't well informed or unconcerned, and those who are don't have enough weight to make a difference.

Maybe we could find a way to make our democracies functioning better via public discussion on the internet.

We could imagine some kind of big political forum where logical reasoning would be enforced. Critical thinking would be encouraged. Rhetoric would be banned. Facts would be checked, politician would confront the public and each other on long and deep debates. Decisions would be taken collectively...

rthomas6 6 days ago 1 reply      
I strongly agree with this article, but is this the kind of article that belongs on HN? Is this political article really part of some new trend or otherwise noteworthy, or is it just an editorial that most of us agree with?
pesenti 6 days ago 6 replies      
I don't understand why commenters don't actually discuss Obama's argument. He has the following options:

- Do nothing

- Use drones

- Use conventional weapons which, he argues, would have more collateral damage

- Put troops on the ground and be perceived as an invader.

So either you should argue that these are not the options or you should argue that he did not pick the right one.

headgasket 6 days ago 0 replies      
we've always been at war with terror
thebiglebrewski 5 days ago 1 reply      
Ok, although I fundamentally tend to disagree with much of American military policy - if there were people on that bus who had ties to Al Qaeda and american intelligence knew this...and those people were to cause further destruction if they weren't killed...then I just don't know.

I kind of imagine this like all of those movies about drug cartels where these incredibly rich families are leading semi-normal lives and then during a normal family event like a wedding, are attacked by the rival drug cartel. It sucks and looks really bad, but if you got involved in something illegal like Al Qaeda or the drug trade on a massive scale...didn't you kind of bring it on yourself?

Either way, more evidence needs to be shown for these kinds of attacks and why they are necessary?

ivanca 5 days ago 0 replies      
A weeding bus was destroyed in a terrorist attack and many innocent civilians were killed!

Wait... no, it was done by the USA military so it's not terrorism, totally cool, nothing to see, carry on.

jl6 5 days ago 0 replies      
If you are an American taxpayer, you can withdraw your support by giving away to charity all of your income above your personal tax allowance.
senthilnayagam 6 days ago 1 reply      
friends and family of the innocent killed won't be friendly with americans ever
jds375 6 days ago 0 replies      
So true. It's hard to justify the United States calling themselves the "police of the world" when their actions are so hypocritical sometimes.
zacinbusiness 6 days ago 3 replies      
It's not about stopping terrorists, it's about sending a message.
kyleblarson 5 days ago 0 replies      
Can a Nobel peace prize be rescinded?
rayiner 6 days ago 0 replies      
> Does anyone believe that, if not for our lethal drone program, the United States would've sent the Air Force or ground troops to fire on this wedding party?

The premise of the article is non-sensical. If we didn't have drones, would the airforce be bombing targets in Yemen? Undoubtedly.

robobro 6 days ago 0 replies      
We might pull out of other countries, but we'd pull over our own for sure then. "Well, we can't keep other countries safe... so we'll have to keep our own."
Rogerh91 5 days ago 0 replies      
The day that we realize that all human beings are worthy of the same fundamental protections we take for granted, and act on this impulse, will be a great one indeed.
squozzer 6 days ago 0 replies      
I wouldn't count on it. The US govt has enough media lapdogs who would shout down any calls to ground the fleet. I predict we won't have much longer to wait before the hypothesis is tested.
Codhisattva 5 days ago 0 replies      
peter303 6 days ago 0 replies      
Sure. I believe it was a wedding too. Thats what the other side always says to obtain sympathy.
josefresco 6 days ago 6 replies      
Weddings and funerals are actually targeted specifically because those events are two that even highly sought-after targets attend despite the dangers. Also, the subsequent funerals for those killed at the targeted wedding would then be targeted as well.

You can either agree or disagree, but if you feel the target is accurate based on your intelligence the venue doesn't really matter IMHO. Civilians will be killed no matter if it's a wedding, funeral or some other random day.

Would we have cared if bin Laden was attending a wedding?

walshemj 6 days ago 0 replies      
But America isn't a failed state with a UN task force in place and it is not common practice to take large amounts of weapons to a wedding.

This is a ASB (alien space bat) type of argument as used in many a sea-lion argument "obviously Hitler could have invaded the UK" (only if the ASB's destroyed the royal navy from orbit)

Geneva drive wikipedia.org
453 points by Arjuna  4 days ago   71 comments top 23
Arjuna 4 days ago 5 replies      
Original poster here. I thought you good people would find the Geneva drive interesting. It is so simple and elegant; similar in spirit to the elegance of a beautiful algorithm.

For further reading on the Geneva drive... don't miss the spherical Geneva drive design, illustrated in figure 9-3:


Although not Geneva drive related, if you want to combine your passion of horology with human spaceflight, you will truly enjoy "John Glenn's Heuer":


Also, thank you all for the great, related links!

r4pha 4 days ago 4 replies      
Such a nice hack. If you like this, you might be interested in "Five Hundred and Seven Mechanical Movements", freely available on google books [0], which I found on HN a couple of months ago.

[0]: http://google.com/books?id=vOhIAAAAMAAJ

fernly 4 days ago 0 replies      
I met the Geneva drive when I was trained in servicing IBM 514 and 519 reproducing punches[1], in the mid-70s when these machines were on the way out. A 514 could reproduce a deck of punch cards[2] at 100 cards/minute. A punched card was fed from the "read hopper" and a blank one from the "punch hopper" and moved through the machine under steel feed rollers that were given intermittent rotation by a Geneva gear.

Driven by the Geneva, the feed rollers would move the cards the width of one of their 12 rows, then stop. On the read side, that row was under a gang of 80 little bronze wire brushes. On the punch side, the row was over a gang of 80 sharp little steel punches. When the cards stopped a pulse of current went through the brushes. If there was a hole in the card on the read side, current flowed on to one of 80 little solenoids. The solenoid would yank a bell-crank that pushed a punch through the blank card.

The punches withdrew, the Geneva swung its next lobe, and the cards advanced to the next row. Twelve rows per card, 100 c/m. It was quite noisy despite heavy sound insulation on the insides of the covers, a distinct brrruup, brrruup, brrruup overlaid with a general mechanical roar.


bri3d 4 days ago 0 replies      
If you love both watch mechanisms and incredible feats of "traditional" machining, I highly recommend George Daniels' "Watchmaking." Not only is it a beautiful coffee table book but it takes the reader through modern (Swiss lever) mechanical watches all the way, from concepts to workshop design to machining to assembly. Even if you don't end up reading the whole thing the diagrams are wonderful to flip through over and over again.
Zikes 4 days ago 3 replies      
While the article states that its name derives from an early use in mechanical watches, the modern mechanical watch is far more likely to use a deadbeat escapement for its intermittent motion. [1]

[1] http://en.wikipedia.org/wiki/Escapement

kops 4 days ago 1 reply      
Thanks for the post. Watching that animation reminded what pleasure could be derived by just watching simple mechanism in action e.g. union joint, differential gear, rotary engine etc.
xbryanx 4 days ago 0 replies      
Stop by the Museum of Science in Boston to see a whole working wall of these sorts of mechanisms, or just check out the videos here:


The Geneva Movement is here:http://pie.exploratorium.edu/scrapbook/mechanisms/52.html

Nicholas_C 4 days ago 6 replies      
Is there a drive that does the opposite? A drive that converts intermittent rotary motion to continuous rotation? I never studied this sort of thing in school, unfortunately.
yread 4 days ago 0 replies      
Friend of mine has used it in her creation


(bottom right)

makmanalp 4 days ago 2 replies      
I have a question about these kinds of drives. Don't these depend on the fact that no one is moving and wiggling the whole mechanism? It seems to me like if the red gear with the slots were to move just a bit out of the way, it'd mess up the entire mechanism.
nationcrafting 4 days ago 2 replies      
Thank you for posting this. You've just thrown me back 20 years in time, when I was a young film projectionist in a cinema. The projector we had used this mechanism to flash the images on the celluloid at 24fps instead of one continuous stream of light.

And, I just realised I'm not so young anymore...

franzb 4 days ago 1 reply      
If you liked this, you should love this series about vintage (analog) fire control computers: http://www.youtube.com/watch?v=_8aH-M3PzM0 part 1; other parts in Youtube suggestions).
BrownBuffalo 4 days ago 0 replies      
A link to other amazing Greek designs that often get overlooked - http://en.wikipedia.org/wiki/Ancient_Greek_technology
joelanders 4 days ago 0 replies      
Another cool piece of mechanics this reminded me of: the Master Lock Speed Dial (https://toool.nl/images/e/e5/The_New_Master_Lock_Combination...). I think there's an animation of the internals somewhere out there, too.
agumonkey 4 days ago 0 replies      
I'm fascinated, borderline in love with gears, cams and engines, such as rotary http://web.mat.bham.ac.uk/C.J.Sangwin/howroundcom/roundness/... or others (I found fun ones on youtube but lost the urls).

If anyone knows reference or current research about their mathematical side I'd be glad to read it.

drpgq 4 days ago 0 replies      
As a McMaster engineer, that was cool to see the Iron Ring clock on that page. I knew it existed, but forgot about it until I clicked.
kaolinite 4 days ago 1 reply      
I would love to learn about clockwork - even if only using CAD (although actually getting to make something would be even better) - however have been unable to find any resources for learning about it. Does anyone know of any good guides for introducing horology/clockwork manufacturing to beginners and explaining how to get started?
FrankenPC 4 days ago 0 replies      
On thing I really appreciate about the Geneva Drive is the built in acceleration ramp up/down of the pin engagement. Beautiful.
rcthompson 4 days ago 0 replies      
Another interesting property is that unlike a regular pair of meshed gears, this can only transfer power in one direction. Swapping the input and output shafts won't work.
dhughes 4 days ago 0 replies      
Check out "u.s navy vintage fire control computers (part 2)" on YouTube for similar devices.
ruuki 3 days ago 0 replies      
That's what I call pure genius.
kimonos 4 days ago 0 replies      
Nice post! Thanks for sharing!
Why I want Bitcoin to die in a fire antipope.org
407 points by jagermo  4 days ago   401 comments top 68
cs702 4 days ago 7 replies      
The author's complains are a sober reminder that society is not yet ready, and has not yet evolved all the infrastructure it will need to cope with rising global Bitcoin adoption.[1] Regardless, if the number of people using Bitcoin continues to grow, our institutions and infrastructure will have to evolve to address the problems mentioned by the author.

Among other things, society will need more secure (truly malware-resistant) personal computing systems, more secure (from snooping) communications systems, substantially better authentication mechanisms, more secure energy generation and transmission equipment and facilities, more secure financial institutions, and more technologically-savvy regulatory and policing institutions.

Those are all really good things.


[1] Compare, for example, how society works with paper cash and gold bars versus Bitcoin:

* Paper cash or gold in substantial amounts is always stored in private or bank safes, or in high-security underground vaults that most people have only seen in movies. In contrast, Bitcoin private keys are often stored in general-purpose personal computers running a wide variety of applications, managed by people who don't know how to secure a computer.

* Transporting any substantial amount of paper cash or gold is often done via armored trucks operated by highly-trained security personnel. In contrast, Bitcoin private keys are transported via all sorts of highly insecure methods by people who don't know better.

* No sane person holding a substantial amount of cash or gold at home would ever let complete strangers come and go into their house as they please, while giving them keys to all doors, cabinets, drawers, and safes. In contrast, people regularly give complete access to their computers to complete strangers by willingly or unwillingly installing software created by such strangers.

* Our regulatory and policing institutions know how to identify, prosecute, and even prevent illegal gold and cash transactions, successfully keeping them to a tiny percentage of overall economic activity in most advanced economies. In contrast, those same institutions do not yet know how to cope with the use of Bitcoin for illegal activities.


Edits: moved comparison of Bitcoin to gold and cash to footnote; also, made minor changes to several sentences so they more accurately reflect what I intended to write in the first place.

tokenadult 4 days ago 7 replies      
Charlie Stross writes in the article kindly submitted here: "Bitcoin violates Gresham's law: Stolen electricity will drive out honest mining. (So the greatest benefits accrue to the most ruthless criminals.)" I try to follow most of the Bitcoin threads here on HN, but I've missed that argument before. It makes sense that mining-by-theft will eventually displace mining-by-buying-hardware, and that is indeed not a behavior to encourage by the incentives of Bitcoin.

"Moreover, The Gini coefficient of the Bitcoin economy is ghastly, and getting worse, to an extent that makes a sub-Saharan African kleptocracy look like a socialist utopia" is an argument that tests people's commitment to neutral principles. If you don't like badly skewed differences in wealth, I suppose you wouldn't like badly skewed ownership of Bitcoin. Or do you like that anyway, as long as you have more Bitcoin than the other guy?

nkuttler 4 days ago 6 replies      

> For starters, BTC is inherently deflationary.

For starters, tell us why this is inherently bad. This statement also assumes that the BTC economy will grow forever.

> Bitcoin is designed to be verifiable [...] but pretty much untraceable

What would be bad about this if it were true? Paper bills work just fine, even though they are pretty much untraceable. By the way, this opinion is pretty much wrong, bitcoin is very far from being untraceable (IPs, exchanging BTC, etc.)

> Libertarians love it because it pushes the same buttons as their gold fetish

Ok, article is clearly emotional. How did this end up on the front page?

> Mining BTC has a carbon footprint from hell


> Bitcoin mining software is now being distributed as malware

Surprise. Thieves steal valuable things. This wouldn't happen without BTC, right?

> Bitcoin's utter lack of regulation permits really hideous markets to emerge, in commodities like assassination (and drugs and child pornography).

FINCEN would like a word with you. Also, how does it hurt the USD that it is used for assassination, drugs and child pornography?

It's ok that people hate bitcoin though, some people just let their emotions take control.

Brakenshire 4 days ago 3 replies      
In my opinion, the whole principle of bit-coin is like a manifesto for financial sovereignty - i.e. it says that money should be above government, and above democracy. Personally, I do actually want the government to be able to levy taxes to pay for public services, to be able to trace corrupt payments, to be able to seize the assets of fraudsters who have convicted under a fair judicial process, to be able to nudge the value of a currency to pursue wider macro-economic aims, and so on. Ultimately, living in a society means being subject to its laws. To accept Bitcoin at face value is to accept a future where every country operates by default with a financial system like Switzerland, and I don't believe that the vast majority of the population want that to happen.
clavalle 4 days ago 3 replies      
Bitcoin in traceable. Much more traceable than something like cash or gold.

It can be taxed. In fact, it lends itself very well to taxation since each transaction is indelibly recorded. Just because no one's implemented taxation doesn't mean it can't be done.

If it can be taxed it can be regulated.

It does cut out the banks. That is a strength. The serpentine bank transfer system that skims transaction fees on a huge number of transactions can be avoided. This has some obvious benefits (as most things that reduce transactional friction do -- I mean, most of us on HN are probably in the friction reducing business in one form or another).

Government does not have to issue it. The jury is still out on whether this is a net positive or not. I think it is a worthy experiment since government control of the money supply seems like more of an accident of history than anything. It /could/ be a fundamental strut in the framework of effective government but I think that might be overselling it. Bitcoin gives us a vehicle to test that theory.

In short, Charles Stross is confusing the way things are with the way things must be and that is a mistake. Most of these problems, if they are truly problems, are solvable. And, at the very least, their impact will not be catastrophic so it is worth the risk to see where this experiment leads.

diydsp 4 days ago 0 replies      
I, too, am suffering Bitcoin-headline-fatigue, to the point where I was glad to see machined QR bitcoins b/c I could finally tell people to kindly shove them where the sun don't shine.

HOWEVER, just b/c I'm exhausted, I don't think Stross' points are valid or limited to Bitcoin in the least. He might want BC to die in a fire, but BC isn't doing anything special that cash/gold isn't/can't be doing. Here is an overview of his points:

> 1. Mining BtC has a carbon footprint from hell

> 2. Bitcoin mining software is now being distributed as malware

> 3. Stolen electricity will drive out honest mining. (So the greatest benefits accrue to the most ruthless criminals.)

> 4. Bitcoin's utter lack of regulation permits really hideous markets to emerge, in commodities like assassination (and drugs and child pornography).

>5. It's also inherently damaging to the fabric of civil society.

carsongross 4 days ago 2 replies      
BTC is inherently deflationary.

The idea that deflation is necessarily harmful to an economy is a fallacy. See the Fed itself:


"Our main nding is that the only episode in which we nd evidence of a link between deation and depression is the Great Depression (192934). We nd virtually no evidence of such a link in any other period."

From the post:

The current banking industry and late-period capitalism may suck, but replacing it with Bitcoin would be like swapping out a hangnail for gas gangrene.

Not proven.

A bitcoin economy would be worse than unlimited bailouts and money printing? Not even close to proven, or, at this point, particularly plausible.

weavejester 4 days ago 0 replies      
Usually I agree with Charlie Stross, but I think he's building his case on a few false assumptions.

To mine bitcoin and make a reasonable profit, you really need dedicated mining hardware. This means that stolen electricity is not really an issue, as even very large botnets wouldn't be able to keep up with a few $1000 of custom hardware.

Similarly, while Bitcoin's future carbon footprint is something to be concerned about, I think it's too early to draw a line of exponential growth and conclude the world is doomed. There are a large number of potential bottlenecks when it comes to computing hardware.

I'd also question how useful Bitcoin is for avoiding taxes, when the exchange rate is so volatile. There are far safer ways to avoid paying taxes, many of them legal.

In my view, the most interesting part of Bitcoin is not its value, or its potential anonymity, but that it's an open protocol for distributing wealth, in the same way that TCP/IP is an open protocol for distributing data. There has already been some interesting experiments around micro-payments with Bitcoin that would never have gotten off the ground without it.

epscylonb 3 days ago 0 replies      
Libertarians are annoying, anyone who thinks technology will solve complex social problems will be dissapointed by bitcoin eventually.

The deflationary nature of bitcoin is it's hardest aspect to defend because there really hasn't been anything like it in history before. A finite asset that is easy to transfer over long distances without central interferance really is unprecedented.

I think you have bought in to the bitcoin fantasy that it will be the only currency in use. I don't think that will ever happen for a variety of reasons. If gold and fiat can coexist why not bitcoin too?. Loaning bitcoins seems to be a crazy proposition, so I suspect inflationary currencies will stick around just for that reason. Not to mention bitcoin by itself is fairly terrible for in person transactions, if you add a service on top what is the difference for the customer between that and a credit card company?. Fiat is useful and solves problems that bitcoin doesn't.

Regarding mining, I have my own concerns, bitcoin proponents love to describe mining as securing the network and equate it with vaults and security guards used in banks. This comparison is at least partly flawed, mining prevents double spends and nothing else. It's certainly true that a centralized ledger could prevent double spends for tiny fraction of the cost of mining, but globally who can be trusted by all parties to adminster it?. The comparison isn't one sided however, it is much cheaper to securely store (and move) bitcoins than gold for example.

Energy use is tricky, preserving the environment should be a top a priority, but should we aspire to use less energy?. One question I have often asked but never got a good answer to, how much of the worlds energy needs to be devoted to mining to prevent a 51% attack?. If it is north of 30% of the worlds energy output then right now that would seem a huge waste. But if we had access to cheaper, cleaner renewable energy, would it still be a problem?.

Malware?, it's just a symptom of larger problem, computer security is terrible. No one is really sure who to plame, users, applications, operating systems and hardware makers all come into the firing line. If bitcoin pushes forward computer security surely that can only be a good thing?.

I'm unconvinced about whether greshams law applies to mining due to the performance disparity between ASICs and CPU/GPUs, but surely if computer security improves this problem diminishes?.

nathas 4 days ago 2 replies      
This guy doesn't seem to get what bitcoin is or it's purpose. As far as I'm concerned, bitcoin will just be another alternative currency forever. It will likely never replace fiat, and that's fine. It's awesome for international trade, fast transfer, low-fee, and a safe way to store your money (if you're okay with the value of btc fluctuating wildly; if it ever settles then it will be "safe").

I disagree with all of his points. His carbon footprint/malware/Gresham's law points can all be countered with "incentive to mine leaves as the reward goes down, difficulty goes up, and total remaining coins decreases" which means less people will mine. For hideous markets and tax evasion, yeah, you can do both of those with fiat too. It's not a concept exclusive to bitcoins.

etherael 3 days ago 0 replies      
Wow, this is perhaps the single most ignorant article I have ever read about bitcoin, ever. There goes my respect for Charles Stross.

Not a single point is actually true.

1) Compare the carbon footprint of bitcoin mining to the carbon footprint of all the industries it displaces.

2) and 3) are actually the same item, and both wrong because ASIC miners are absolutely dominating in the mining stakes now and for the foreseeable future, hacked bitcoin miners are ridiculously minor by comparison with almost zero returns.

4) There are already markets in drugs, assassination and child pornography. The currency most frequently used in crime is the USD. Quick, someone stop the printing presses and we'll bring crime to a screeching halt overnight.

5) If Bitcoin actually does manage to destroy the state, and that's a very big if, that is by far the absolute best thing that could ever happen in the entire world without a doubt. And it would imply it happened without bloodshed and because people chose it as a simply superior option, which if the negative scaremongering aspects of the disintegration of the state actually started to manifest, would not happen by definition. So even if you don't take it for granted the state is a shambling monstrosity that deserves a quick and merciful death, the very fact that Bitcoin ever gets to the necessary fraction of the global markets to kill it implies that people accept that and don't worry about it.

girvo 4 days ago 2 replies      
I find people who have a negative opinion on BTC funny. I honestly just do not care about it, it is an interesting experiment, and one that I'm not going to trust my money to. More power to ya if you're going to. If it crashes, alright. If it doesn't, then sweet. Seriously, I'll never understand articles like these...

Oh, and his point about BTC "creating" drug markets -- are you for real? Seriously? People have been buying and selling drugs on the internet since... well, I'd wager since it's inception, but at least for the past decade. BTC may make it easier, or "safer", but those markets have existed for a very long time, you just needed to know where to look...

M4v3R 4 days ago 0 replies      
I was pretty sure that after this current "crash" (3rd already in Bitcoin history, depending on how you count them) articles like that ("Bitcoin is doomed", "I want Bitcoin to fail") will surface. And here it is. Nothing new to see here folks. Same ol' arguments, which were discussed hundreds of times already.
baddox 3 days ago 1 reply      
> To editorialize briefly, BitCoin looks like it was designed as a weapon intended to damage central banking and money issuing banks, with a Libertarian political agenda in mindto damage states ability to collect tax and monitor their citizens financial transactions. Which is fine if you're a Libertarian, but I tend to take the stance that Libertarianism is like Leninism: a fascinating, internally consistent political theory with some good underlying points that, regrettably, makes prescriptions about how to run human society that can only work if we replace real messy human beings with frictionless spherical humanoids of uniform density (because it relies on simplifying assumptions about human behaviour which are unfortunately wrong).

Is Stross speaking specifically of a libertarian political party, like the U.S. Libertarian Party? His capitalization of the word would seem to indicate that, or that Stross is woefully ignorant of even the most basic fundamentals of the extremely broad category of political philosophy called "libertarianism." I tend to think it's the latter, based on his ludicrous summary of his perception of libertarianism. I am curious what assumptions about human behavior he thinks are at the heart of libertarianism.

gottasayit 4 days ago 3 replies      

Big government socialist type doesn't like financial decentralization and a monetary system that can't be strictly controlled. Wants it to die quickly because ultimately free people might decide that it's worth keeping and using. News at 11.

exelius 4 days ago 3 replies      
I agree with all of his points; I've been making them myself for the past few months. Bitcoin is bad specifically because it is unregulated.

Regulation of financial markets exists for a reason: the optimal strategy of individuals and institutions in unregulated financial markets is to lie, cheat and steal to accumulate as much wealth as possible.

Credit economies rely on a foundation of trust; and while it may seem hard to trust our financial system, you CAN trust that when you put your money in a bank, it will be there when you go to get it out (thanks, FDIC!) As much as we may not like credit, it provides market efficiency on an extraordinary scale.

neals 4 days ago 0 replies      
Yes, popular one liners make for great headlines. Die in a fire! That doesn't sound juvinile at all.

These harsh words for something that you don't even HAVE to use or even be a part of.

There's a group of people with an idea, lots of people with great intentions, building a technology that you don't have to pay for. This is called Open source software, you want all of that to die in a fire?

Houshalter 3 days ago 0 replies      
The incentive to create malware, also a significant problem with advertising and online banking/transactions.

Anyways I think the things the author dislikes about bitcoin is precisely what makes it so good. It's great that it can subvert government control on a small scale. It isn't going to stop taxation or anything because there is no way large corporations and rich individuals can hide that much in bitcoin transactions without getting caught. But for individuals who just want to buy something something minor it works perfectly.

Besides it really isn't any different than cash in terms of anonymity. It just can be done online.

And it isn't going to die anytime soon. Even if the price drops a lot, it can still be used to make transactions. The bitcoin protocol will keep on working 20 years from now, regardless what happens to the price.

The speculators might suffer, maybe it will make less news. Maybe mainstream adoption will suffer, so everyday people looking to use it to make transactions easily online won't be able to. But the people that are using it to do illegal things that the author fears so much will still be there and aren't going away.

belorn 4 days ago 1 reply      
So the article claims that more assassination, drugs and child pornography is being sold now than before?

Is there any facts supporting such claim? Sold assassination, drugs and child pornography should exist as crime statistics, proving or disproving the claim.

rfugger 3 days ago 0 replies      
Most of those arguments apply to the internet itself. The author sounds like a conservative in the 90's upon hearing about the web.
baddox 4 days ago 1 reply      
> Like all currency systems, Bitcoin comes with an implicit political agenda attached. Decisions we take about how to manage money, taxation, and the economy have consequences: by its consequences you may judge a finance system.

The consequences of Bitcoin he lists are arguably bad, sure, but they don't touch the consequences of nation states that centrally control their financial and monetary systems.

KVFinn 3 days ago 0 replies      
While bitcoin supporters tend to hate the idea of inflation, there are others coins that have inflation built in to encourage spending -- a kind of progressive version of bitcoin.

Here's a random example of a coin designed around a specific economic philosophy:

>Unlike Bitcoin, Freicoin has a demurrage fee that ensures its circulation and bearers of the currency pay this fee automatically. This demurrage fee was proposed by Silvio Gesell to eliminate the privileged position held by money compared with capital goods, which is the underlying cause of the boom/bust business cycle and the entrenchment of the financial elite, and has been tested several times with positive results.


(no idea if that has merit but it was the one that stuck in my head because it was so clearly articulated on their homepage)

donquichotte 4 days ago 2 replies      
To me, the greatest revelation in this article was the Gini coefficient of bitcoin, which, according to the author, " makes a sub-Saharan African kleptocracy look like a socialist utopia".

https://bitcointalk.org/index.php?topic=51011.0EDIT: Plot of the wealth distribution in bitcoin: http://postimg.org/image/hzjmgepa3/

stcredzero 3 days ago 0 replies      
Which is fine if you're a Libertarian, but I tend to take the stance that Libertarianism is like Leninism: a fascinating, internally consistent political theory with some good underlying points that, regrettably, makes prescriptions about how to run human society that can only work if we replace real messy human beings with frictionless spherical humanoids of uniform density

Brilliant prose! Pragmatism always has and always will rule.

clamprecht 4 days ago 1 reply      
I read the post and wondered if it was prepared, and he waited until the next "crash" to post it. After all, that's the best time to post anti-bitcoin posts.
_greim_ 3 days ago 2 replies      
I love his meta-criticism of Libertarian and Leninist (and presumably other) ideologies:

> [It] makes prescriptions about how to run human society that can only work if we replace real messy human beings with frictionless spherical humanoids of uniform density...

I need to read more of his books.

lhgaghl 3 days ago 0 replies      
And here I was, having a decent day, and now I'm extremely angry.

Why I want the author to die in a fire:

> Mining BtC has a carbon footprint from hell

This is an insanely dubious ungrounded argument. How do you know fiat doesn't have a high carbon footprint too? The linked article doesn't even mention whether this is the case.

> Bitcoin's utter lack of regulation permits really hideous markets to

WHAT the fuck? Who the fuck actually believes this? You fucking sheep.

> Bitcoin mining software is now being distributed as malware

Non-argument, fuck off. This is like saying someone can kill you and take your money, or even more obvious and ironic, install malware on your computer and steal money from your fiat bank account, which happens all the time anyway.

codex 3 days ago 1 reply      
The core argument that Bitcoin is deflationary is irrelevant to the fitness of Bitcoin, at least for online transactions. To me, the chief value of Bitcoin is that it enables super cheap micro (and macro) transactions online. Goodbye silly debit and credit card interchange fees! Used in this way, dollars are held in Bitcoin form for only the tiniest of moments before being converted back into dollars. Long term fluctuations in exchange rates don't matter.

I look forward to using micro payments for content online. Ad supported content and the inevitable vending of my personal data is distasteful to me.

exit 4 days ago 2 replies      
this reads like a movie/music executive complaining about about the open internet

or maybe bemoaning the discovery of nuclear physics

it's also strange for me to read since stross is one of my favorit authors/thinkers

MattyRad 3 days ago 0 replies      
One of the things I happen to like about Bitcoin is that it will only be as successful as its adoption rate. I think of this as a literal interpretation of voting with you wallet. So if Bitcoin, against considerable odds, is successful (a small possibility, to be sure), Charles Stoss here will be outvoted, and there is nothing he or the government can do to stop it. And in that respect, Bitcoin is its own insurance policy.
csomar 3 days ago 1 reply      
Mining BtC has a carbon footprint from hell (as they get more computationally expensive to generate, electricity consumption soars). This essay has some questionable numbers, but the underlying principle is sound.

I didn't do the math (not even back of the envelope) but my sense tells me it'll be less footprint than the current mega banks.

Bitcoin mining software is now being distributed as malware because using someone else's computer to mine BitCoins is easier than buying a farm of your own mining hardware.

Piracy, Theft and Crimes are not a new thing. They have been for a very long time.

Bitcoin's utter lack of regulation permits really hideous markets to emerge, in commodities like assassination (and drugs and child pornography).

We don't have that now? I guess regulation is better with Bitcoin because cash has much more privacy than BTC.

It's also inherently damaging to the fabric of civil society. You think our wonderful investment bankers aren't paying their fair share of taxes?

It's like there is no off-shore tax havens right now, and everyone is paying his share of taxes. Maybe we should give the tax system another look and a good reform?

Sorry, but I couldn't find any substance in this article. Just the usual hatred. Here is my actual view on Bitcoin: http://omarabid.com/why-cryptographic-currencies-matter/

Morphling 3 days ago 0 replies      
I get a feeling there is some alternative motive behind the article. The arguments are some what valid:

Mining uses electricity so it leaves a "carbon footprint", but printing money and mining gold also leaves a footprint.

Unaware "zombies" are used for mining, which means criminals get them more reliably, but I don't think this is BtC's fault. People should be aware what they download to avoid infections.

I haven't heard of the stolen electricity thing, but in hind sight it's obvious, if you aren't paying for electricity you are minimizing your costs, but I'm not sure how wild spread this is, but again I don't think it's about BtC or BtC's fault.

Lack of regulations does NOT permit assassination, sales of illegal drugs or spreading of child porn anymore than our current currencies, because this shit has been happening for way longer than BtC has been a thing.

chmike 3 days ago 0 replies      
I don't think money, or specifically dollars are any better than bitcoins. Beside I would like to point out that it's not the currency in it self the problem, but what we do out of it. Depth grow of dollars is a huge speculation buble which will blast soon or later. Get ready for it. Criticizing the carbon footprint of bitcoin is a joke compared to the carbon footprint of depth dollars.

Regarding the future of bitcoin, my feeling is that it has the value of tracability which is very attractive for the police states we are evolving to. So I expect states might continue to tolerate it as long as it doesn't accelerated the dollar buble blast and present a threat.

Another current problem of bitcoin is that it's value is so much rising by speculation that it prevents it to start being used as a commercial currency. Illegal business activity is indeed a problem, but its tracability leaves a track. I wouldn't assume that it's free play for all illegal business. Assume hunt dogs are silently following the tracks.

rumcajz 3 days ago 0 replies      
Interestingly, in the long run inflation may be problem with Bitcoin rather than deflation.

In 30-100 years (the numbers vary according to the source) the world population will start to shrink. From that point on there will be ever more money available per living person. Which, of course, mean inflation.

Central banks can counter it by burning money. It's not clear who would do such beneficial activity with Bitcoins.

kitsune_ 3 days ago 1 reply      
Surely there must be a kind of duality between inflation and deflation in context of the total money supply and the individual unit of money that is deeper than commonly taught?

Couldn't a a fixed-money-supply economy and a flexible-money-supply economy be unified in a single mathematical and theoretical framework? This must surely be possible, but in that regard "unit of exchange / money" would have probably discarded in favor of another thing?

sliverstorm 3 days ago 0 replies      
... This means the the cost of generating new Bitcoins rises over time, so that the value of Bitcoins rise relative to the available goods and services in the market

False. I mean, it could go that way, but if you have a large established market to anchor the value of BTC, the mining difficulty will adjust to match (instead of the value of BTC adjusting to match). If it is not profitable to mine BTC, people will stop mining and the difficulty will drop; the cost of mining will adjust to the value of BTC.

Tycho 4 days ago 1 reply      
I find the figures about bitcoins carbon footprint to be somewhat dubious. Anyone verify the calculations?

Interestingly, with Bitcoin you could do the mining with carbon neutral energy, since the electricity can be consumed where it's generated and the output is just data to be transmitted.

csense 3 days ago 0 replies      
According to this article,

> Bitcoin is pretty much designed for tax evasion.

This assumes that the government needs to know how much money you have / make in order to tax you. There is an alternative -- to instead tax physical property (in particular real estate) and/or physical goods moving across borders.

This alternative has been used for most of human history; the income tax is a fairly recent thing. (In the US, it is theoretically a "temporary" measure to pay for World War I.)

dpweb 3 days ago 0 replies      
I'm no fan of all th hype, but each link in authors link farm is idiotic. Blaming bitcoin for child pornography?

What these arm chair economics experts miss is that inflation and deflation are meaningless in things other than the currency you are getting paid your wages in. If the purchasing power of the dollar really fell apart, you get riots in the streets people can't feed their families. Bitcoin crashes it just another #1 article on hn to scroll through.

andyhmltn 4 days ago 3 replies      
There are some really bad points in here. Like this:

Bitcoin's utter lack of regulation permits really hideous markets to emerge, in commodities like assassination (and drugs and child pornography).

So are you saying I can't pay for drugs with cash?

colanderman 3 days ago 1 reply      
Deflation and Inflation are two very different things; in particular, deflation is not the opposite of inflation

What am I missing? The very first sentences from the articles he linked:

In economics, deflation is a decrease in the general price level of goods and services.

In economics, inflation is a persistent increase in the general price level of goods and services in an economy over a period of time.

How are those not opposites?

mrfusion 4 days ago 2 replies      
I'd be curious to know if any of the altcoins have tried creating an inflationary currency? I guess you'd still need some kind of reward for early adaptors though?
georgemcbay 3 days ago 1 reply      
I also want Bitcoin to die. For me it isn't about the politics of banking, it is about the fact that the whole system is designed in a way so as to waste maximum amounts of energy on doing nothing of real intrinsic value (which he touches on re: carbon footprint).
AndrewDucker 4 days ago 3 replies      
I wonder what Bitcoin reward halving will do when it next happens (2016). It should certainly make it much less worth investing in as much electricity, and should thus bring down the carbon footprint.
mindcrime 4 days ago 1 reply      
It's disappointing to see that cstross feels the way he does about certain things. He's one of my favourite authors, and I just hope that knowing how far apart we are on some issues doesn't diminish my ability to appreciate his fiction. At least it's nothing like Orson Scott Card, where my disagreements with some of his opinions mean that I basically have no longer have any interest in reading his works at all.

So, Charles Stross hates Bitcoin because he things a market for drugs is "hideous". sigh. I think that a market for drugs is, while not necessarily desirable, inevitable, and that free individuals should be able to choose what they do or don't put into their own bodies.

Assassination and child pornography are Bad Things to be sure, but Bitcoin doesn't cause either and both are going to exist with or without Bitcoin. I don't get arguing against a mechanism that supports basic free market exchanges, just because a few bad actors can use it to do bad things. You can't engineer your way to a perfect world, given human nature.

Tax evasion? Good. Taxation is theft. If I need to employ technological solutions to protect my money from the government, then so be it.

scythe 4 days ago 0 replies      
>a Libertarian political agenda in mindto damage states ability to collect tax and monitor their citizens financial transactions.

It's kind of silly when people twist words like this. Do you support the existence of the United States government? So you support Guantnamo Bay, Abu Ghraib, and Contras killing nuns in Nicaragua? That's the basic form of this argument. It would of course be fair to call Bitcoin crypto-anarchism, or anarcho-capitalism, or crypto-anarcho-capitalism, if you're a huge fan of hyphens. To tar all libertarians (it's never capitalized, unless you mean the party) with this brush is disingenuous; it's a way of arguing against the reasonable sorts (e.g. Milton Friedman and Gary Johnson) and the next complaint "but most libertarians I see are [...]" is equally bad: you choose to look at the crazy types, similar to how Hacker News posts way more about the NSA and DEA than about the NHTSA and the CDC. How can we possibly have a reasonable discourse if we devolve so quickly to calling each other anarchists and fascists and accusing everyone you don't like of supporting child pornography? Signed, "moderate" libertarian.

tomrod 4 days ago 0 replies      
I think his correct points highlight why BtC is good, not bad. Untraceability is incorrect though.

His points expressing worry over stable governance as being totally desirable is interesting. Why is the current system in play necessarily a good thing?

Deflation seems like a problem until one recognizes alternative currencies provide the same options and will grow over time. Hence the deflation isn't a problem unless one only accepts BtC.

warrenmiller 3 days ago 0 replies      
cenhyperion 3 days ago 1 reply      
> calculating ever-larger prime numbers, they get further apart

iirc that's not completely true. It may be in practice for bitcoin as a currency, but I remember reading that there's a limit to the distance between two primes, no matter how large they become.

bobbygoodlatte 3 days ago 0 replies      
While I don't think Bitcoin is a "weapon intended to damage central banking", I'm not sure why the author has such an affinity towards central banks.

He claims Bitcoin might destroy social safety nets but how are central banks protecting those institutions? The cash that quantitative easing produces goes right into the hands of banks / investors. Rich people get richer when QE inflates the stock market to new highs. Working class people get poorer, and will feel the subsequent crash harder.

If anything, Bitcoin is better for working class people. It means the money they earn retains value, regardless of whether they invest it in the market.

krupan 3 days ago 0 replies      
I'm coming across a lot of anti-bitcoin articles today. It alls seems very similar to the anti-linux FUD from 15 years ago.
cLeEOGPw 3 days ago 0 replies      
I think we had plenty of these rants about torrents and how they damage music/film/game industry. I am expecting actually many more of these articles about bitcoin vs banks in future.
brainburn 4 days ago 2 replies      
|new bitcoins are created by carrying out mathematical operations which become progressively harder as the bitcoin space is explored

No, no, NO!

Statements like this immediately lessen the writer's credibility.

Zuider 2 days ago 0 replies      
His main complaint seems to be that bitcoin suits child rapists, and even worse, libertarians.
mpg33 3 days ago 0 replies      
The good thing about bitcoin is that it will succeed or fail based on market principles.
dcc1 4 days ago 3 replies      
Urm Charlie could always issue "Charlie Dollars" backed by bitcoin, nothing stopping him creating his own inflationary currency.

Just like nothing stopped governments issuing currencies backed by gold (and later removing the link moving to complete fiat)

All in all the author exhibits all the signs of someone who doesn't understand bitcoin in his troll attention seeking article.

Bitcoin is not perfect but its a damn interesting new technology/platform that the world has not seen before.

He was probably busy in the 90s slamming this new emerging technology/platform called the web

ypcx 3 days ago 0 replies      
I like how the author implicitly assumes that Bitcoin is a replacement for the current financial system. I wish it was so, but not just for Bitcoin, but the best set of the crypto-currencies, as determined by competition/user adoption.
thekaleb 3 days ago 0 replies      
Most of his complaints are FUD. He didn't even bring up legitimate concerns like how big of space you would need to have the entirety of the block chain in the future.
justzisguyuknow 3 days ago 0 replies      
Why do people keep saying it crashed 50% since yetserday? That number is just plain wrong. It was NOT trading over $1000 yesterday, that was over a week ago.
guiomie 3 days ago 0 replies      
As if the current financial system doesn't have a carbon footprint ...
lurkinggrue 3 days ago 0 replies      
Don't look at me, I hedged my savings into a collection of Beanie Babies and Tulips.
legohead 3 days ago 0 replies      
bitcoin didn't crash 50%, not even close. it was only 700-740ish yesterday. and it's already back up past 600. I've been watching it every day.

it has been on a slow decline for a while, with some drastic dips here and there, but it recovers. still too early to call any kind of crash.

melindajb 3 days ago 0 replies      
One only has to to look at the fate of the Linden Dollar (Second Life) to see what will eventually happen to Bitcoin.
wowsuchmoney 3 days ago 1 reply      
Why are you still buying worthless bitcoins? Doge is the future of money.


such coinmany profitup 50% today

dlsx 3 days ago 1 reply      
bitcoin, its ogre you loose.

The people have spoken, and DOGE coin is the people coin.


dlsx 3 days ago 0 replies      
Blah blah blah doge is up 600% !!!

I just got a girl to show me her boobs for 10K doge. You guys I'm not joking, hot girls are using doge!!!!!!!!!!!!

What the fuck is going on ?


phaed 4 days ago 0 replies      
I lost all respect for this guy.
shadowmint 4 days ago 1 reply      
That little 'flag' link is for articles that get posted that you think are poor content, badly written, ill informed or troll bait... right?
Robinhood: $0 commission stock brokerage robinhood.io
398 points by stevenj  7 days ago   152 comments top 50
euizxcowqasdf 7 days ago 1 reply      
Long time HN member, but as a courtesy to some of my clients, this needs to be on a throwaway account.

Free retail brokerage is something that needs to happen, and I applaud the effort. Brokerages provide a real value add for some services. Offering trading technology, market data, margin, dealing with block trades/portfolio trades, access to OTC, dealing with regulations/back office -- those are real services. Charging me to route an unleveraged, vanilla equity buy order to an exchange and pass the exchange's execution report back to me just because, by convention, exchanges don't want to deal with retail clients directly -- that's just introducing inefficiency and being a middle man.

That said, I don't like the fact that they have a "How We Make Money" section without more extensive disclosure. In my mind, either don't have one (I challenge you to find a single large brokerage that does), or have a more detailed explanation of how the modern brokerage business works. The truth, given the value proposition of free trading, is one that I'm happy to embrace.

I can't say with any certainty what they're actually doing; I can only speak to the industry on the whole, but most retail brokerages make money from:

1. Retail market making2. Netting across client order flow (probably not applicable here)3. Asymmetric exchange fees/rebates

The rules on all three are highly country/exchange dependent, but here's an abridged version.

1. Retail market making involves selling order flow to third parties who are able to execute it at a price better than anything that's currently showing on a lit exchange. I've included more details on this below the fold since a) it helps explain their estimated cost graphic, and b) it's one of the most hyped and misunderstood practices in finance, so people should at least decide how they feel about the practice based on correct information.

2. Netting comes about when you're dealing with lots of order flow at a bank/brokerage with multiple lines of business. Your clients might be, on average, and across some time horizon, buying and selling roughly the same amount of a security. You can fill your client at market price, taking the inventory down on your own book, or cross it immediately against an existing position. Most countries/exchanges still require you to 1) pay taxes and exchange fees and 2) print the trades on a market venue for disclosure/price discovery purposes, but there's still some benefit to be had as you can avoid market impact (moving the market when transacting a large order), crossing the spread (paying the differential between the buy price and the sell price), and "long sell" short restricted securities (many countries have regulations on short selling, some banning it all together, so having natural long inventory to sell against is valuable).

3. Asymmetric fees are the most straight forward. Many U.S equity exchanges charge a fee for taking liquidity (crossing the spread) and offer a rebate for posting it (submitting limit orders that don't cross the spread). By charging people this fee when their order does cross the spread and not giving them the rebate when it doesn't there's an easy differential to capture. Also, as noted in their fee structure, they're passing along all regulatory fees to the customer.

It's important to note that no matter what a brokerage does, the net effect is always a price that's better than or equal to what's showing on any public exchange, and what you as a client could get otherwise. In my mind at least, arguing that "I could have gotten a better price on my own if I had access to the same unfair advantages (read: technology/scale)" makes about as much sense as begrudging Google/AWS for buying hardware in bulk, spending billions on data centers that make more efficient use of power and bandwidth, and subsequently undercutting you in a web services platform pricing war. Anyone who wants to come along and usurp the throne is free to spend the money and hire the right people to do so. For me, I'm happy to let my broker engage in these activities if it gets me a better price than I could get for myself otherwise, after fees. I pay Google/AWS/Linode/Heroku to do things cheaper than I could practically speaking do them for myself.

Taking the above points into account, the feasibility of a free or nearly free brokerage (again, note the reg fees) is very real. I'm excited to see how this plays out.


Details on retail market making

U.S equities exchanges are highly fragmented compared to those in most other countries. It's common to have a single name trade on several lit venues, and when you count dark pools/other forms of liquidity, that number can easily approach twenty or thirty. As an investor you have a regulatory right to specify how your order gets routed. However, most people just want the best price (this sounds like a truism, but sometimes other considerations outweigh saving a millionth of a cent per share), and access to private dark pools isn't a god given right. There are thousands of pages of regulations regarding order routing, right down to what type of client account it is (is this pension fund money? is this an IRA account?) but the redux is -- you can never fill a client at a price worse than what's being offered on any public exchange.

Enter the retail market maker. For certain types of orders/accounts (back to the thousands of pages of regs...), if the client doesn't explicitly specify an exchange, the order can be routed to a retail market maker. Said market maker can fill the order at a price better than what the market has to offer, or immediately pass it along to the exchange. Surprisingly, they'll actually pay the brokerage for the privilege of doing so. Why would they do that? The name of your game as a market maker is netting. If you have a large, unbiased stream of order flow, statistically speaking you hope to see it balance out with market indices/other correlated equities (hedging) or itself (crossing) over a short time frame. Until it does so you have risk exposure, so from an economics/efficient market standpoint your job as a market maker is to provide liquidity and price risk premium.

These groups have access to good technology and are well integrated with all of the lit venues/dark pools. Their volumes are huge so they get exchange discounts and dark pool fees (as any individual trader who dealt in those volumes would). They also have good credit and large account balances, so their clearing/margin/and funding costs are lower. As such, the brokerage makes money (risk free), the retail market maker might or might not make money (depending on how good they are at their job, and the space is competitive enough that only the good ones are left), and the client gets a better fill price than they would have on the exchange. Ironically the only people hurt by this are the HFT guys who now have highly refined (read, directionally correct over a few second time span) orders hitting the exchange.

JumpCrisscross 7 days ago 4 replies      
Ah, I think I figured it out. Un-informed retail flow is valuable. When I was an options market maker we paid a sweet premium for a particular retail brokerages flow and still made a killing on it. Robinhood.io would appeal to individuals who value smaller commissions over better execution, i.e. those with limited capital or investing experience. So that gives them one side of their revenues.

But thats not enough - the fixed and variable costs to providing even decent execution are staggering.

I think the second bit, margin lending and API access, might be them selling sheeps clothes to the wolves. As a sophisticated trader, it may be of value for me to mix my flow with that of unsophisticated retail traders. Its an interesting model and a careful balancing act. As a market maker I would keep a close eye on the information content of their trades and cut them off the moment they started looking too sensible. Compounding the problem would be that the informed traders will tend to dominate the un-informed, in terms of volume.

My alternate hypothesis is they're going to offer commission-free trading in a limited pool of symbols - you should be able to get sufficiently reliable retail flow for, say, AAPL to be able to internally cross most orders.

P.S. Not sure using FINRA affiliation to vouch for your security credentials is compliant

sheetjs 7 days ago 2 replies      
They appear to charge TAF and other regulatory fees (https://brokerage-static.s3.amazonaws.com/assets/robinhood/l...) -- and based on the fee numbers it looks like they don't have significant volume -- but the website shows "FEES $0" in the app screen. The fees may not seem to be a lot, but saying that fees are zero is a factually incorrect statement.

The fact that they don't list exchange fees seems to suggest that they may end up routing orders to a market maker and collect fees from that (the exchange fees are generally 30 cents per 100-share lots). If so, they should note on the website that they are making money by selling flow

thatthatis 7 days ago 3 replies      
If you want a real brokerage that uses technology to keep costs down, check out Interactive Brokers. (http://interactivebrokers.com)

With IAB, a small player (5k+ in IRA or 10k+ in normal account) can trade on terms comparable to what a mid-sized fund can get.

When it comes to financial assets, I'd rather pay an established player $1 per trade than a fly-by-night operation $0.

murbard2 7 days ago 1 reply      
tl,dr; brokers don't charge commissions because it costs them anything to execute your trade, the fair price for a retail trade is actually less than $0. When you're paying e-trade $10, you're paying for their marketing.

For those wondering why they can offer $0 commission, it's because retail brokers actually make money on every trade you make. When you send your $10 through etrade or some other brokers, they don't actually send your order to the market, they sell it to getco or some other market maker.

The reasons are complex and linked to NMS regulation. In short, there are two types of traders, informed and uninformed. Market makers do not want to trade with informed traders, because they tend to lose money on those trades. However, reg NMS mandates that every one gets the same best bid and offer. So the spreads you'll see on the market reflect conditions where adverse selection is anticipated, which is why it's very profitable to trade at those prices against uninformed flow.

Now why don't brokers offer to pay rebates (less than $0) to customers? Well they're not legally allowed to do that. The SEC regulates the maximum rebate and it's not that big.

So why does Ameritrade for instance will charge you for trades? They don't execute anything after all... Well, they're just the middle men. What you're paying for is their advertising campaign that got you to open an account in the first place.

elmuchoprez 7 days ago 2 replies      
This looks really cool but I couldn't shake that feeling of, "If you're not paying for it, you're the product."

I didn't feel any better about that when I saw that Google was one of their major investors.

Still hoping for the best though.

jimbokun 7 days ago 0 replies      
This made me think about this old Saturday Night Live skit.


"All the time our customers ask us, how do we make money doing this? The answer is simple. Volume."

winstonx 7 days ago 1 reply      
"Robin Hood" seems to be a misnomer for this service.

The character Robin Hood stole from the rich to give to the poor. In contrast robinhood.io encourages every-day folks to compete against the elites in the stock market. Which explains why elite capitalists are funding the robinhood.io venture.

If you're not paying for the product, you are the product.

dpweb 7 days ago 0 replies      
Your fees is commission + the spread. Will be good if the executions are good, but one cent in spread on 1000 shares is $10 anyway.. Also $50 to close the acct.. what other unusual fees in there?
JimmyL 7 days ago 0 replies      
If you're Canadian and looking for an online discount brokerage, I've had good luck with VirtualBrokers (https://www.virtualbrokers.com/).

Their website is ugly and old-school, and their online interface - at least the basic one - feels like it's from ten years ago, but it's cheap (and has different pricing plans depending on how you want to trade).

gfodor 7 days ago 0 replies      
What about options? People who do enough trades where costs start to matter are usually trading options. If you are just adding ETFs to your portfolio every month Schwab already has commission-free ETFs, etc.
PhantomGremlin 7 days ago 0 replies      
I don't think anybody has pointed out this fine print yet:

   $0 trade Commissions are currently only available   for Robinhood Financial self-directed brokerage   accounts via mobile devices
Note: only available for ... MOBILE DEVICES

More fine print: only available in CALIFORNIA

fsckin 7 days ago 2 replies      
Some context is appreciated... signup page is pretty sparse on the details. Sounds like they'll charge for API access and margin trading.


foobarqux 7 days ago 4 replies      
This is a bad business. Competing on cost against large incumbents without a defensible low cost position in a competitive industry without most target users paying high costs currently (interactivebrokers).
rl3 7 days ago 0 replies      
As far as I can tell, this is amazing.

One could take trading systems previously designed to operate on large minimum balances of $50,000+ (so as to render the impact of transaction fees negligible) and run that same system on comparatively small account balances, perhaps even as low as $500.

In theory, the percentage returns in both cases should be the nearly same. Obviously a 25% annual return on $500 is a lot less exciting than a 25% return on $50,000. However, the fact it's now possible to even do this (again, as far as I can tell) is exciting.

As other comments have pointed out, trade execution quality may end up being merely average on this platform. But, if your trading system is operating on a sufficiently long time frame, then executions become far less important.

Concerning other comments regarding classification as a Pattern Day Trader and being required to maintain a minimum $25k balance, I believe it only applies to margin accounts. Obviously this means no short selling, but small loss, considering.

sytelus 7 days ago 0 replies      
This is another area rip for disruption. Does anyone knows why all these firms such as Fidelity get away with charging dollars on every trade? Is it because exchanges charge these feeds? But then I guess HFT people must be enjoying per trade fees of almost zero. Why they don't have to worry about per trade fees?

To me it looked like each trade is an electronic entry in market and should cost near-zero dollars givens the volume of all trades.

wheaties 7 days ago 2 replies      
Ok so...

1) How will they afford SIPC coverage? (That is the insurance for your money in case they fail.)

2) Will they do any securities lending with purchased stock?

3) How much will they charge for selling a stock short?

4) Taxable reporting? Do they handle that or is that up to you, the investor?

Tarang 7 days ago 3 replies      
This looks really cool. The first question that comes to mind from the .io tld is does it have API access?

There was a company called Zecco (zecco.com) which also did something similar with zero commissions (hence the name). Not sure if they're still active.

Update: looks like they (zecco) were bought by tradeking.

So from the FAQ Page it looks like they will make money from margin accounts (presumably swap/interest) and also by charging for API access.

wtvanhest 7 days ago 0 replies      
I dont have the finra guidelines in front of me, but the statement that they work with finra and imply that doing so means they have solid security seems like a violation.
chucknelson 7 days ago 1 reply      
Seems OK - but is anyone going to trust this? One idea is a low-amount "test" fund to keep around a year or so? Anyone have ideas on how to feel better about actually using this for larger sums of money?
djhworld 7 days ago 5 replies      
I recently got into the world of Bitcoin and was really impressed with the ease of acquiring bitcoins and selling them on.

I wish trading stocks was as easy and cheap as this. This is one of the reasons why I'm too nervous to buy invest in the stock market or just put some money in it for fun, the barriers to entry are bafflingly complex.

mhb 7 days ago 1 reply      
The enthusiasm for this suggests that there are many people trading frequently enough and making low enough returns that existing discount brokerage fees are significant. Are they doing HFT from home?
kanzure 7 days ago 2 replies      
z0a 7 days ago 0 replies      
It seems that this project emerged out of the Robinhood iOS application they were previously developing. I spoke to the founder of Robinhood a few months ago, and they looked quite centered around the idea of crowdsourced finance. It's pretty interesting that they've decided to change their product completely, and it seems like a smart decision in the long run.
URSpider94 7 days ago 0 replies      
As others have mentioned, other brokerages have tried offering zero-cost or ultra-low-cost trades, only to slowly restrict the number of free trades available and eventually move to charging for all trades. Zecco was the most prominent.

I'll be interested to see if they can find a sustainable business model. I'm on the fence about whether I'm going to open an account. Even if they go under, there's basically zero risk to customer funds, but it is a hassle to do paperwork on another account.

crystaln 7 days ago 2 replies      
Really? $10 is too much for a trade? And anyone with any reasonable amount of capital is going to choose them based on this? I don't think so. I certainly wouldn't.

And their going to make money on margin accounts and API access? Anyone sophisticated enough to be trading on margin or paying for API access has enough funds to not care about $10 trading fees. Seriously - on a $10,000 trade, that's a tenth of a percent. You've got to be a hedge fund with millisecond precision to care about that.

memossy 7 days ago 0 replies      
From the FAQ it would appear that they are backed by Andreesen Horowitz and Google (Ventures?) amongst others so cash burn may be ok for a while.

Its spot on that High Frequency traders pay nothing beyond regulatory fees (or get money back) to trade as they provide (theoretically) market liquidity. Not sure you can extend that argument to individual investors unless they scale massively, but the technology for trading isn't terribly complex.

One wrinkle is in less liquid names, where their algorithms will likely lag those of larger brokers for a while.

shawndumas 7 days ago 1 reply      
Pedantic rabbit trail -- Robin hood reclaimed excessive taxes by force from a tax drunk government and gave it back to it's over taxed citizens.

People seem to forget this often.

nickthemagicman 7 days ago 1 reply      
Uh is this as cool as it looks?

No minimum balance, $0 commissions. Trading for the normal person.

The name Robin Hood is perfect.

Mikeb85 7 days ago 0 replies      
This doesn't have enough features to be valuable to me. I'll gladly pay up to 50 dollars a trade if the features are worth it.

My current broker offers me great execution, trading on a number of international markets, allows me to settle trades and hold a number of different currencies, and good research tools.

At the moment this service seems to be worth exactly what they charge for commissions...

rajacombinator 7 days ago 1 reply      
Ain't no such thing as a free lunch folks...
tslathrow 7 days ago 0 replies      
I can guarantee that they will lose to Interactive Brokers on price. IB has structural cost advantages in internal matching and zero customer service (possible given the more advanced user base). It's also very very stupid for a retail investor to chose a broker based on fees.

A 10-25bp difference in execution on a $10k+ trade easily covers any commission.

znowi 7 days ago 0 replies      
Robin Hood, $0 fees, pompous venture names - there must be a catch somewhere :) I'm positive HN will find out.
asdfprou 7 days ago 0 replies      
I think this landing page design is great. First glance shows:

- their tagline and what they do "$0 commission stock brokerage"

- why I should sign up "stop paying $10 for every trade"

- clear call to action "get early access"

- giant iPhone graphic gets cutoff and leads you to scroll down

franksmule 7 days ago 0 replies      
Looks nice. Glad my data is secured by fingerprints, round green thing and square green things.
barumrho 7 days ago 0 replies      
Would this be restricted to American investors only?
dschiptsov 7 days ago 0 replies      
..that's how we will build our user base and data-sets for ML algorithms and perform beta/stress testing, and, of course, would never announce any fees, we promise.
rdl 7 days ago 0 replies      
I'd be more worried about quality of execution than $0-10 commission, for reasonably sized (non single share) trades.
quant111 7 days ago 0 replies      
$0 commission sounds surely alluring, but what about exchange fees? For some securities, exchange fees are greater than broker commissions.
marincounty 7 days ago 0 replies      
I just signed up, and I hope it's not just a new way of getting Emails? It seems to good to be true?
fygwtclub 6 days ago 0 replies      
The names Awesome. I am LHW..(Laughing in a Healthy Way)

Wish you Super Duper Success :)

tomasien 7 days ago 0 replies      
No fees baby - it's the future, and it's coming in 2014 to payments as well.
seiji 7 days ago 1 reply      
https://www.loyal3.com kinda does the same thing and it's live now. It works with the companies to provide fee-free stock for longish term buy-in. Plus, you don't have to be an institution to grab some IPO fluff. Plus, for non-recurring purchases you can fund with a credit card.

(You can't execute a trade at any given time during the day. You put in "Buy $100 worth of AAPL" and they execute it at the end of the day. Same with sell orders.)

d0m 7 days ago 0 replies      
Very sweet homepage by the way.
salient 7 days ago 1 reply      
Is this US only?
userbinator 7 days ago 0 replies      
I read the title as "$0 commision block storage"...
wudf 7 days ago 0 replies      
Well, they got my email address.
jaksmit 7 days ago 0 replies      
looks awesome. an area ripe for disruption.
djrconcepts 7 days ago 0 replies      
hoping this is not too good to be true.
dharma1 6 days ago 0 replies      
love the design
We Need to Talk About TED bratton.info
394 points by TimSAstro  5 days ago   183 comments top 57
simonsarris 5 days ago 4 replies      
If you haven't seen The Onion's[1] Onion Talks and want a good satirical criticism of TED, I highly recommend them:


(There are more if you want to find them, I didn't want to pollute commentspace with too many links)

[1] The Onion is a satire newspaper, one of the first newspapers to heavily adopt an online format. They just killed their print edition for good last year.

andr 5 days ago 5 replies      
Hi, organizer of one of Europe's largest TEDx events here.

First of all, as others mentioned, TEDx events are independently organized. There are over 3000 of them in the world and obviously quality varies greatly. Getting a TEDx license is pretty trivial and there is no real oversight on quality. Yet, there are some great videos out there.

Second, nobody pretends TED is an academic conference. I see a TED talk as the blurb on the back cover of a book. The speaker's job is to pique your interest in a topic during that 18 minutes. Pique it enough that you'll go on and research the topic in greater detail. Nobody expects to be a master in anything after sitting in a chair for 18 minutes. But if you've never thought about a problem, 18 minutes may push you to do it. And it's true some talks are mostly inspirational, with little informative value - we usually put a couple in the lineup as a breather.

Third, TED is about cross-pollination of ideas. You hear an idea in neuroscience and it inspires you to do something in CS. Happens all the time. You will not act on 99% of the information you learn (be it in news, books, internet, HN) anyways, but it does expand your horizons.

Lastly, TED's biggest value is in developing countries. If you live in NYC or SF, there are dozens of conferences you can attend every week. So the marginal benefit of going to a TED event is little. However, TED as a brand is really well known in developing countries in Asia, Africa, and Europe (like mine), inhabited by few, if any, world class innovators. In those countries, people do find TED really inspirational and often the local TEDx events are one of the very few decent conferences you can attend.

JonnieCache 5 days ago 3 replies      
There was a time when TED talks were mostly academics squeezing their usual hour long presentation into 20 minutes by simply talking really really fast. Those were fun.

After the first couple of ones that were public and on the internet, the usual self-promoting psychobabble-spouting androids moved in and now it's entirely worthless. Someone spins 30 seconds worth of insight out for half an hour, and you still somehow feel stupider when you've finished watching it.

In one of the recent Gladwell threads, someone on here coined the phrase "insight porn". TED is basically insight dogging.

EDIT: to be fair, if TED is insight dogging, this place is a sticky floored insight dungeon in some godforsaken soho basement...

freyr 4 days ago 1 reply      
When I watch a TED talk, I feel good for a moment. If I watch a few more, I begin to feel a little uneasy, and eventually nauseous. It's like eating sugar.

There's a repetition, a shallowness, a formulaic manipulation to evoke an emotional response, a smugness to the presenters, a greater smugness to the privileged attendees sitting there in the audience, grinning vacantly.

They trot an African kid out on stage who built something out of recycled parts, and everybody instantly connects to him, understands the plights of his existence, and shares in the celebration of his achievement. Then they drive back in their expensive cars to their expensive houses in the privileged enclaves of Los Angeles or San Francisco or wherever. They did their part.

I'm glad somebody's discussing it, but this talk is in many ways yet another TED talk. Identify a complex problem that can't possibly be tackled within the confines of the TED format; say non-controversial things as if they were controversial; name drop big issues (the negative aspects of drone warfare, consumer capitalism, NSA spying); provide a rushed, hand-wavey solution without an implementation; but leave the audience feeling like the veil has finally been lifted on this issue, and now they're on the precipice of positive change.

tfgg 5 days ago 1 reply      
I agreed with a lot of what the article said , but then the author seems to go full-TED-bullshit-buzzword towards the end with little evidence or citation and falls into the pseudo-intellectual knowledge-lite trap that he's criticising:

> Part of my work explores deep technocultural shifts, from post-humanism to the post-anthropocene, but TEDs version has too much faith in technology, and not nearly enough commitment to technology. It is placebo technoradicalism, toying with risk so as to re-affirm the comfortable.

> The most recent centuries have seen extraordinary accomplishments in improving quality of life. The paradox is that the system we have now --whatever you want to call it-- is in the short term what makes the amazing new technologies possible, but in the long run it is also what suppresses their full flowering. Another economic architecture is prerequisite.

> The potential for these technologies are both wonderful and horrifying at the same time, and to make them serve good futures, design as "innovation just isnt a strong enough idea by itself. We need to talk more about design as immunization, actively preventing certain potential innovations that we do not want from happening.

Futurebot 4 days ago 1 reply      
Excellent post which has a few points I'd like to add to:

1) "We invest our energy in futuristic information technologies, including our cars, but drive them home to kitsch architecture copied from the 18th century. The future on offer is one in which everything changes, so long as everything stays the same. We'll have Google Glass, but still also business casual."

I recently wrote a post about this phenomenon, which I'll share here: http://www.opir-music.com/blog/culture/is-everyone-naked-in-..., but the basic idea is summed up by Fran Leibowitz: "I have a number of theories but one theory is that we live in the era of such innovation in technology, Lewbowitz said. Its almost like we cant do two things at once. If science or technology is going to be racing ahead, then the society is stuck. Also, I think its a way for people of my age to stay in the center of things." That itself, of course, is a just-so story. What's important here is the observation. I'd also argue that we've enabled something never before possible to happen, which keeps certain things "in the past" (like music): mass intergenerational cultural transfer. What keeps the Beatles on top of music lists of people of all ages? What causes old songs to suddenly pop up as hits, decades after their release because of a YouTube video? It's this effect which seems to cause a large chunk of popular culture firmly set in past eras. We move things at the margin, yes, and yes, we have always borrowed from the past. However, it has never before been so easy for so many to listen and look at the things past generations have created and at such scale. Since "known cultural entities" often serve mainly as a kind of touchpoint between different people, the utility of these well-known icons in the social sphere is very valuable. You can "connect" with others across generations very easily. This isn't good or bad, but I think aptly describes a very different cultural landscape than ones in the past.

2) "Its easy to get enthusiastic about design because, like talking about the future, it is more polite than referring to white elephants in the room.."

This is the sad realization that many (ex-)activists, technologists, and other ardent idealists often come to. It's easier to deal in the uncontroversial, the platitude-ridden, and the simplistic for a number of reasons. First, exclusion - if you add in the depth, the complexity, the nuance, the difficulty - you risk alienating those that are not knowledgeable enough to contribute. Sure, some are eager to learn, and others are eager to teach, but this means lots of time spent on getting people to a baseline rather than progressing. The second thing is plain conflict - often by nominal (and erstwhile) allies. The narcissism of small differences, loudmouths with a chip on their shoulder, and plain old confused angry people serve to stoke the fires of internecine warfare. I've seen it over and over in technology circles (where it can be ugly), and also in social justice "communities" (which are sometimes a nightmarescape of identity politics-based hatred) that I've been a part of. The experienced and the jaded look at this and either exit, or stick to the milquetoast. Neither helps progress anything.

3) "The most recent centuries have seen extraordinary accomplishments in improving quality of life. The paradox is that the system we have now --whatever you want to call it-- is in the short term what makes the amazing new technologies possible, but in the long run it is also what suppresses their full flowering. Another economic architecture is prerequisite."

Although usually applied to culture, I think the idea posited by Paul Treanor applies here as well:

"What already sells well, becomes more marketable. This is a general characteristic of all liberal social structures, not just the market. Repeated transactions and interactions, on the basis of the outcome of previous transactions and interactions, have a centering effect. Deviations from the norm are 'punished' by such regimes, and innovation is by definition a deviation from the existing norm."

That same "centering" effect on culture seems like it may also affect non-cultural entities. What drives things forward may also drive them back - a forced regression to the mean.

po 5 days ago 3 replies      
I submit that Astrophysics run on the model of American Idol is a recipe for civilizational disaster.

In other news, Zuckerberg and others launch a new $3 million Breakthrough Prize stating, "The Breakthrough Prize is our effort to put the spotlight on these amazing heroes. Their work in physics and genetics, cosmology, neurology and mathematics will change lives for generations and we are excited to celebrate them"


So... yeah we're already there in some sense for better or worse.

stiff 5 days ago 0 replies      
If TED isn't successful, how then would success look like for a conference of this kind? I don't think any conference at all is by itself a serious engine of innovation, and the more academic ones are much worse than TED talks, in my experience during academic conferences everyone pretty much expects up front to not understand anything at all from 90% of the talks, at least a half of the people will actively do something else than listening to the speaker, playing with their laptops and stuff, and pretty much the core motivation for everyone is A) the points for getting published in the conference proceedings and B) the party in the evening where one can finally get drunk and have some fun. The only chance of really learning something is if you know some work a bit upfront, or you know the people involved, and then researching it afterwards, so at best you get a little spark and you have to put in a ton of work to make something out of it. If you aren't consistently interested in some small range of topics you get nothing at all from it.

In other words, it seems we don't really know how to make innovation happen at wish. It works better in the universities in the undergraduate studies, where over months people genuinely interested in same intellectual pursuits have a chance to meet and get to know each other thanks to the wide range of classes and activities and people involved. They also get to share a common background, so they can understand each others work and their potential relations, a lot of important scientific work happened in "schools" which started with some figure great either at science and/or at organizing science, and which spanned several generations. So it's a slow process, it happens over years and takes sustained dedication of a large group of people, how would someone expect to contribute to this significantly via a one day event? Conferences are mainly social events in my view, and there is nothing wrong with that.

And then there is the general question how much influence do so-called "intellectuals" have in the world, as compared to the Napoleons and Alexanders.

stdbrouw 5 days ago 3 replies      
There's some good points in the piece, but I can't help but think it's funny how everyone used to love TED... until "everyone" became a really big group and overnight TED became uncool and pass and insight porn. There's a fair bit of posturing and snobbishness going on here, too.
gilgoomesh 5 days ago 5 replies      
You should clarify that this is a TEDx conference (the 'x' is the important part). It's not really "TED" in the truest sense and is just a TED-like conference hosted by a third-party.


ignostic 4 days ago 2 replies      
Okay, so basically TED should be another dry facts-only scientific conference? Guess what, we already have plenty of those. The speakers will present facts and be judged based on the facts rather than on their presentation skills or ability to inspire. We have a lot of them and they work well - but the general public isn't interested.

There's a place in our culture for real science that is easy to understand, presented by people who know how to present. We need something non-scholarly to keep people interested in science and technology.

That said, we've had a lot of TED talks (especially at TEDx) that are simply sales pitches, fantasy, or completely false. There's a problem here that needs to be fixed. Keep the accessibility and the inspiration, but lose the factual errors and lack of fact by mandating vetting by qualified actual experts.

sethbannon 5 days ago 0 replies      
I've always consumed TED talks much in the same way I might a movie trailer. The talks are normally just enough to give me an idea of whether I want to dig in deeper, but never really satisfying in themselves. If you look at TED this way, I see nothing abhorrent about it.
cjoh 5 days ago 0 replies      
It's easy to look at this as a critique of TED, and it is, but what's interesting here is that this is a TED Talk. He was invited by TedxSD to talk about the problems of Ted. And he delivered those problems in the language and culture of TED. And whether you agree with him or not, I think it's commendable that he was invited by the TED organizers to give this talk, and that he gave it.
melling 5 days ago 1 reply      
This is exactly how I feel about HN:

"So much potential and enthusiasm, and so little actual change. Are the ideas wrong? Or is the idea about what ideas can do all by themselves wrong?"

I believe that the world is better with both TED and HN, but they really could be so much better. How to take them to the next level?

brown9-2 5 days ago 0 replies      
The New Yorker did a great profile on TED last year and it was hard to come away from the article without feeling like they were making a similar critique: http://www.newyorker.com/reporting/2012/07/09/120709fa_fact_...
my3681 5 days ago 3 replies      
We can say what we will about TED Talks, but it is a hell of a lot better for humanity than Jersey Shore or much of the useless crap on television. Like anything, given enough time, TED will have to fight off self promotion and the recycling of ideas to remain pure and relevant, but I am confident that the fight is worth fighting.

I have a friend who teaches middle school Biology, and his students (in his words) "light up" whenever they watch a great TED talk about the similarities between chickens and dinosaurs or the way a gecko can swim through the air while falling based on something way up it's evolutionary tree. I think science-driven TED talks fill a great purpose in inspiring people that may not (yet) be scientifically minded.

Perhaps it isn't as bad as Bratton believes it is, because I can still show a good TED talk to my non-techy mother or father and blow their minds. My father is a deep thinker, but just doesn't come across deep or novel ideas very often in daily life. He is a football coach, so he just doesn't get a lot of that between dealing with kid problems and trying to win. TED has been wonderful for delivering him a nice, distilled idea to think about.

If nothing else, TED gives the general populace a starting point for the state of high-level research and a chance to think about something other than their mortgage or drama on twitter. And it does so in a manner that can be highly entertaining. It is sadly surprising how many people live a whole day, a whole month or a whole year without being inspired by anything at all. Anything that can inspire the public positively should be protected, refined and celebrated.

michaelochurch 5 days ago 4 replies      
I'd go further than "middlebrow megachurch infotainment". I'd say, "high-IQ house-slaves".

I'm sure this isn't the intention of TED, but the purpose of this upper-middle-class boosterism seems to be deeply conservative in nature. It re-emerges every time there's enough wealth to let the 4.9% (as opposed to the 95% doomed to stagnation and the 0.1% taking everything) gain a little make-believe ground (that's chewed up by rising house prices, increasing income insecurity especially late in one's career, and education costs). "You should be proud; you get to clean the upstairs bathroom instead of working in the fields."

It's not TED's fault. The format of an 18-minute talk is a good one for a large number of purposes. The problem is that any time rich people and smart people get together, the smart people are always very willing (as a group; there are exceptions) to become the proud little house slaves just to enjoy that fleeting sense of having arrived due to the phony proximity to the true owners of this world who are running it into the ground. So most of them soften up and start spouting "status-quo-plus-plus" as soon as a few people in the true upper class start tossing them small favors. You see a lot of this in the "tech" world, especially in the VC-funded incarnation of the Valley. It's sad. We were supposed to be different.

Thanks to PG's rankban (I say things he dislikes, so my comments get a personal penalty in placement) this comment will probably be in the middle-bottom (if not absolute bottom) of the page no matter how much you upvote it.

Anyway, there it is.

kaiwen1 5 days ago 2 replies      
I think he (and others here) are being too hard on TED. TED is not a forum for research or a focused campaign for change. It's a forum for 15 min talks. It's an educated sort of entertainment where some interesting ideas get shared. The author claims to have something better in mind. I hope he builds it. I'll sign up. Until then, when I want to unwind, I'll watch a little TED instead of Breaking Bad.
mxfh 5 days ago 1 reply      
Reggie Watts pretty much said it all back in 2012.


Hard to imagine how anyone could follow up after this.

nl 5 days ago 0 replies      
80% of everything is crap.

And yet the original 2007 Gapminder talk[1] still surprised and educates people today

[1] http://www.youtube.com/watch?v=hVimVzgtD6w

binocarlos 5 days ago 1 reply      
TED is brilliant - I've sat there many times and said 'wow' after the talk. I've also worked for a lot of councils and education authorities in the UK and sat in on some evangelical 'how to improve kids education' meetings.

Both exhibit the same moment of 'insight' that people crave. It's like the 'idea' alone is the objective and now everyone can go home.

We lack a mobilizing 'do' component in this flow of peoples attention - what that is I dunno - a TedDone conference? In councils it was 'right - so, everyone back to work'.

DigitalJack 4 days ago 0 replies      
I don't watch very many Ted talks because the topics usually don't interest me. But the ones I do watch are the show and tell kind. The "I did something cool, check it out."

So I have no idea what the author is talking about.

DanielBMarkham 5 days ago 2 replies      
TED is the OMNI magazine of the 2010s: light, fluffy, shiny, sexy. Smile and nod; there's nothing of major important entering your mind today, except perhaps groupthink.

It's a social event. Look at all the cool people! I want to be one too!

Nothing wrong with that. Just important to recognize it for what it is. I love watching some of those talks.

And yes, for a lot of folks that confuse tools and research with presentation skills, they're going to walk away with heads full of buzzword technobabble. But guess what? These folks weren't hitting on much to begin with. They've always just wanted to skim the surface and hang out with the smart kids. That's why these things have always been so popular.

EDIT: There is one thing that is very interesting that has developed: the elimination of the middle-man between science and populist bullshit. Used to be scientists were just concerned what what is, not what could be or what we should do about stuff. Not any more. Now scientists, as this author points out, are supposed to be entertainers. Everybody's their own little self-promotion machine. Extra points to figure out if this is good for science or not (it isn't).

sz4kerto 5 days ago 0 replies      
I can't comment below the video, so I do it here: Thank you, Benjamin Bratton.
new299 5 days ago 0 replies      
2070 Paradigm shift sums up Ted pretty well:


knowuh 5 days ago 0 replies      
Complaining that a 5 minute TED talk isn't "meaningful" is like complaining that popcorn isn't nutritious. This isn't worth writing about; you just have the wrong expectations.

As for " middlebrow megachurch infotainment." just trolling for eyeballs.

waylandsmithers 5 days ago 1 reply      
A boss of mine used to talk about how organizations need both axe sharpeners (people to think about and refine ideas) and wood choppers (people to bring those ideas to life and "do the work"). Problem is, for things to get done, the wood choppers need to far exceed the axe sharpeners, and everyone wants to be an axe sharpener.

As we often discuss when it comes to (software and technology) patents, there are oceans separating conceiving an idea and turning that idea into something real.

chris_wot 5 days ago 0 replies      
So if he inspires people to abandon TED talks because TED talks don't work, all through a TED talk, then it appears that TED has worked.
diydsp 5 days ago 0 replies      
This was online as of an hour ago, but I had to run an errand and it's now down the memory hole! If anyone has a mirror, please post.

TED talks should be taken at face value. They don't necessarily represent the greatest thing in the world. People attach that themselves and should be blamed themselves. We ought to be grateful for the forum. Yes, it's not perfect and 80% is crap, but it doesn't preclude anyone else from communicating in other forums, either!

xixi77 4 days ago 0 replies      
This looks like a perfect example of what is wrong with TED these days (mostly TEDx, but it's really the original's fault for allowing TEDx's to dilute the brand pretty much to zero) -- that is, a vacuous rant with zero substance.

What do we see? We see lot of words, a lot of conclusions with no logical basis. Example: "The most recent centuries have seen extraordinary accomplishments in improving quality of life. The paradox is that the system we have now --whatever you want to call it-- is in the short term what makes the amazing new technologies possible, but in the long run it is also what suppresses their full flowering. Another economic architecture is prerequisite." -- what does he mean by "full flowering"? How does the current system suppress it? What does this have to do with economic architecture? -- of course there are no answers. Such speeches are never designed to produce anything of value, just to please people who already think in vaguely similar ways.

pulmo 5 days ago 0 replies      
TED sometimes seems to me like a collection of sales pitches for books that take four to ten scientific papers about a topic and go on and on ... and on about it. I liked this kind of book but now I give up on them after one or two chapters and read about the main ideas on Wikipedia.

But ... there is a lot of good stuff on TED too like Bruce Schneier's talks.

VLM 5 days ago 0 replies      
"I submit that Astrophysics run on the model of American Idol is a recipe for civilizational disaster."

Well, OK then, there exists one solution in the problem space the author doesn't like. How bout listing one that might actually work? Go look at astrobites and figure out a way to turn that into AV speeches.

Some rich dude should host a con of astrobites level presentations.

mgr86 5 days ago 1 reply      
Eddie Huang went on about his bad experience with TED on the Joe Rogan podcast earlier this year => http://www.youtube.com/watch?v=9FNenJN4484
grimaceindex 5 days ago 0 replies      
A TED talk that complains about TED talks and even uses the tidy acronym TED within the talk? Thou hypocrite! First cast out the beam from thine own eye; and then thou shalt see clearly to cast out the mote from thy brother's eye.
peterwwillis 5 days ago 0 replies      
TED conferences are basically an organized unconference of incredibly long lightning talks. Of course they don't have any value, it's just a bunch of random schmucks ranting about something they're passionate about in a way that gets youtube views. But there's nothing wrong with that.
dm2 5 days ago 0 replies      
There are definitely still great talks being produced. There are a lot of not so great ones, but maybe the solution to that would be better website that sorts and allows for ratings of TED videos. Kind of like a porn website but with only TED videos.

One that inspired me recently: "How simple ideas lead to scientific discoveries - Adam Savage" - http://www.youtube.com/watch?v=F8UFGu2M2gM

tyang 3 days ago 0 replies      
A big problem with TEDx is lack of quality control.

I know one TEDx event that asked a top ten website cofounder to apply as a speaker and then rejected him.

I attended the cofounder's talk at a top university renowned for innovation, and it was awesome.

I also attended the TEDx event this cofounder was rejected from, and it was horrible.

We left after a couple hours, uninspired and none the wiser.

Here's a time and money-saving tip: Go on Quora.

memracom 4 days ago 0 replies      
TED talks are marketing.There is no real link between most of these talks so the fact that it is a TED talk rather than just a presentation, is basically meaningless. TED is just a brand that people licence in order to attract an audience. Over time, with no quality control on the talks other than charisma, it is not surprising that TED attracts all manner of charlatans, liars and conmen.

It is a shame really, because some people who present at TED have really useful and important things to say. Perhaps we will see a startup enter the space to comp.ete with TED and as part of their business model they will checkout the speakers and the content of their talks, only approving the ones that are not charlatans. Seems to me that this is the key problem to be solved, not just creating another brand umbrella for public lectures.

deeteecee 4 days ago 0 replies      
i can't say i understood what he was talking about after the "What is TED?" part but I understand that he thinks you can't take deep, complex analysis into these subjects and easily break it down into simple solutions and explain it to the world. But.. I don't see anything wrong with that. TED is just spreading more insightful ideas out there. If it's not helping the audience, then yeah, maybe there needs to be a better mechanism for organizing their talks or something, I don't know.

The only thing that scared me about TED is Eddie Huang's experience in this video about how enforcing they are in spreading their ideas: http://www.youtube.com/watch?v=_hwLMBdnbXk . Which does kind of make me see, oh obviously there's something manipulative about their schemes in some way.

But anyways, I haven't looked into TED that much other than watching a few of their videos and reading their about page.

Benferhat 5 days ago 0 replies      
> This Event Has Been Deleted

mirror, please?

legendben 4 days ago 0 replies      
Hello people, for those who bash TED, what have YOU produced for the betterment of human understanding of ourselves and the world around us? At least TED inspires people to think about things in new ways no matter how popularist it has become. Maybe instead of bashing TED, talk about how you would make it better if you were to run it AND MAKE IT HAPPEN!
pistle 4 days ago 0 replies      
Thank goodness TED will now eat itself. They always struck me as the bad part of the west coast ethos. Self-fellating bullshit that will go nowhere. If we ever see the dystopian future of a detached gown-wearing overclass, it will come from SoCal.
rwissmann 5 days ago 0 replies      
Now that is the kind of article I come to HN for.
mikkohypponen 4 days ago 0 replies      
I'm a TED Speaker. I'd like to think many of you would get a chuckle out of my talk from 2011: http://on.ted.com/Hypponen
misener 5 days ago 1 reply      
According to the Livestream embed, "This Event Has Been Deleted"
sandersaar 5 days ago 1 reply      
"Content has been removed"
runewell 4 days ago 0 replies      
People like TED. TED is sooooo OVER.- Hipster Professor


api 4 days ago 0 replies      
This guy hit the ball into orbit, and he's not just talking about TED. He's talking about the entire "scene."

-- From the article:

T and Technology

T - E - D. Ill go through them each quickly.

So first Technology...

We hear that not only is change accelerating but that the pace of change is accelerating as well.While this is true of computational carrying-capacity at a planetary level, at the same time --and in fact the two are connected-- we are also in a moment of cultural de-acceleration.

We invest our energy in futuristic information technologies, including our cars, but drive them home to kitsch architecture copied from the 18th century. The future on offer is one in which everything changes, so long as everything stays the same. We'll have Google Glass, but still also business casual.

This timidity is our path to the future? No, this is incredibly conservative, and there is no reason to think that more Gigaflops will inoculate us.

Because, if a problem is in fact endemic to a system, then the exponential effects of Moores Law also serve to amplify whats broken. It is more computation along the wrong curve, and I don't it is necessarily a triumph of reason.

Part of my work explores deep technocultural shifts, from post-humanism to the post-anthropocene, but TEDs version has too much faith in technology, and not nearly enough commitment to technology. It is placebo technoradicalism, toying with risk so as to re-affirm the comfortable.

So our machines get smarter and we get stupider. But it doesnt have to be like that. Both can be much more intelligent. Another futurism is possible.

justncase80 4 days ago 0 replies      
I love TED. Not all of the talks are perfect but in general they are inspiring and wonderful. Some people just like being negative, this author moves me not at all.
simonebrunozzi 5 days ago 0 replies      
Sergey Brin's TED talk on Google Glass is the worst TED talk I've ever seen. Wondering how much he paid to be there.http://www.ted.com/talks/sergey_brin_why_google_glass.html
EGreg 4 days ago 0 replies      
I was kind of with him until he started detailing his own vision of T - E - D.

What an idiosynchratic point of view

robertjwebb 5 days ago 0 replies      
Thank you for making this talk.
rogerthis 4 days ago 0 replies      
I'd rather watch christian tele-evangelism than most TED talks.
soitsmutiny 5 days ago 0 replies      
Looks like someone's launched a TED Offensive.
jimmytidey 5 days ago 0 replies      
Nothing as popular as TED could be any good.
ChristianMarks 4 days ago 0 replies      
The inspirational message of TURD Talks is that if you could only crack your skull in just the right way, at the bottom of a pool after slipping at the edge, or in an almost fatal car accident, or by falling out of your shower and hitting your head on the sink before landing in the kitty litter underneath, then you too could release your inner savant.
Tydlig Calculator Reimagined for iPad and iPhone tydligapp.com
393 points by Istof  7 days ago   147 comments top 35
smikhanov 7 days ago 4 replies      
Great to see more people attacking the underserved math app segment on the iOS.

I'm the author of Scalar (http://scalarapp.com), another calculator replacement for iPhone / iPad. Just tested both versions of Tydlig very heavily, looks like the author ran into lots of the similar math/UI problems as I did when I was working on my app. :) Some approaches he has chosen look similar, some are unique.

Great work, good luck!

jckt 7 days ago 7 replies      
Graphing functionality on a phone reminds me of an old TI calculator. I really don't know why recent OSes (be it on PC, smartphone, tablet) always came with such feeble calculators. It's not like TI calculators are difficult to use. Sure if all you want is add/min/mul/div functionality the TI is essentially a traditional calculator, and then behind that you've got all these nifty graphing utilities. It's not like a graphing calculator app is going to be that difficult to program, or going to be large in size. But no, in 2013, vanilla OS installations are stuck with a calculator app that has less features than that of a computer a few million times less powerful.

(Now I feel bad; bitching and complaining is against the Open Source Spirit).

Edit: I do recall that OSX comes with something similar, except that not many people actually know of it (as far as I can tell, from my friends with OSX).

csmuk 7 days ago 12 replies      
No RPN. Neckbeard status confirmed.

Calculators are still an unsolved problem for me on glass devices to the point I still religiously carry around an HP50G even though its 6x the size of my phone. Also from some bad experiences, it appears that some "app" calculators are also seriously badly implemented. Even basic trig ops can return stupid values at extremes which makes them untrustworthy. Plus none are reasonably programmable.

My use cases are base conversions, simple CAS stuff, basic engineering calculations, unit conversions, financial (TVM etc) and generic math. I also canned a lot of knowledge in RPL programs over the years from fuel calculations to diagnostic tools and dice rollers etc.

Please can someone solve all these problems (without doing half arsed HP calc emulation).

stormbrew 7 days ago 0 replies      
This really seems much more like a freeform spreadsheet than a calculator to me. Which is also a cool idea, obviously, but I find it interesting no one else has made the same observation.
zarify 7 days ago 2 replies      
I basically stopped using "calculators" when Soulver and more recently Calca came out. Much easier to use and a lot more flexible.

That said the graphing in this looks quite nice.

dirtyaura 7 days ago 0 replies      
Great work. A few thoughts from the initial experience:

I like the linked numbers design. As it reminded me of Bret Victor's work, I was expecting scrubbing to work directly with numbers, which caused occasionally a bit of havoc, but I think you did a right choice of putting linking as the main action - touch design is hard.

The free-form infinite layout gives a mindmap vibe: it's potentially great when you are trying to understand pieces of a problem that you need. The downside is that the canvas becomes a bit of mess quickly.

The other alternative could be a Mathematica style, free-form document, with more restricted flow of equations (and text).

Because the organization becomes a bit of problem, undo is a must and solves a bunch of other problems. I'd implement area selection of equations (initiate with long tap?) to quickly move things around.

Y-axis could auto adjust by default or quick slider scrubbing should work directly for axis max-min values.

You probably want a simple document model as this is something between calculator and full featured computation software. Maybe just save every canvas when user clears/starts new one

All in all, great work!

ricardobeat 6 days ago 0 replies      
If you're mainly interested in having all calculation steps visible and 'linked', there is also a great app called Digits (https://itunes.apple.com/us/app/digits-calculator-for-ipad/i...) which is at $0.99 right now.
diziet 7 days ago 0 replies      
This is great, though there are 15,230 calculator apps on iPhone alone. Tydlig ranks as #443 in the US for 'calculator', quite a tough fight!
pfisch 7 days ago 1 reply      
This looks much worse than symcalc.

SymCalc has pretty much all the functionality of a TI-89 including solving calculus and algebraic equations.

Tydlig looks like it has a nice ui but it doesn't even seem to support variables....

lajospajtek 7 days ago 1 reply      
Good to see that Bret Victor's ideas outlined in "Inventing on Principle" start taking some foothold.
cormullion 7 days ago 1 reply      
I love this app, and it's interesting to see the innovation in this familiar space. Oovium for iPad is a great example of fresh thinking. And coming soon, apparently, is the Wolfram Calculator for iPad, featuring user-programmable functions:


wsr 7 days ago 0 replies      
As a Matlab enthusiast, this is probably the coolest thing I've seen in years.

Good job guys, I have high hope for this in the future!

edoloughlin 7 days ago 1 reply      
Tydlig supports external Bluetooth keyboards or numpads for really quick entry

It's been a while since i did any ios development and this was never a requirement for me. Can someone explain why an external keyboard is something that had to be explicitly supported at an individual app level? Surely this should be an OS-level thing?

mwc 7 days ago 0 replies      
The linked numbers are brilliant. Lacking the "in my head" math skills I should probably have, I regularly whip out Excel to solve the kind of use cases you can imagine from the linked numbers in the video.
airtonix 7 days ago 1 reply      
And now for the majority market share, the android version?
ra3 7 days ago 4 replies      
Looks great. Just needs a new name. Tydlig?
jweir 6 days ago 0 replies      
So I bought it

Here are my thoughts as I use it (I will add to this comment. Hopefully the kids won't wake up soon.)

Wish there was an UNDO. I just moved a number and didn't want too. Shake to UNDO?

Pinch to zoom in and out. I'm using this on an iPhone.

Can I save a canvas? It doesn't look like, but maybe I'm missing it.

protomyth 6 days ago 0 replies      
This looks very nice, and I'll probably buy it and Scalar this week, but it did get me to wondering. It would be interesting to see how an APL app would fair these days.
songgao 6 days ago 1 reply      
Nice work! Would be nice to have more tips on graphing. I spent 10 minutes and still can't figure out how to do graphs. The video on website is pretty helpful though.
notpg 7 days ago 1 reply      
For the iphone and ipad? You mean for direct interface devices? (is there any reason this couldn't be applied to non idevices?)
bukka 6 days ago 1 reply      
I was actually working on something really similar. (http://i.imgur.com/w4F8ms4.gif)

It really is true that at any moment there is probably 4 other teams working on a similar idea as you are.

Well I will not give up.Good luck to you too!

karlshea 7 days ago 0 replies      
Seems sort of like a slicker Soulver, I'm going to give it a shot.
daturkel 7 days ago 0 replies      
Just a heads up, the inverse hyperbolic trig functions are arsinh, arcosh, and artanh. That's "ar" and not "arc" which stands for area.
oliwary 7 days ago 1 reply      
I love it! Great design and should be very flexible to create simple functions through linked numbers.

Is it really a good idea to allow 96 + 15% though (at 0:45)? Might cause some problems for people learning maths, as it won't work on normal calculators and doesn't really make it obvious what percentages actually are.

cdcarter 7 days ago 0 replies      
This looks great, for some uses, but I know myself (and a lot of my coworkers) would much prefer a beautiful iPhone calculator that behaves more like a 10-key/adding machine than an iPython notebook.
acqq 6 days ago 0 replies      
Which number system does it use? 8-byte doubles or its own library? What are the ranges? On which libraries is it based? Does it have complex numbers?
jimmytidey 7 days ago 0 replies      
Can we have something other than jingly guitar music for tech videos?
sifarat 6 days ago 0 replies      
Handsdown it has pretty good ui. But i regret buying it, because i can't calculate % seriously why isn't on the front. I have to press folder button to find it.

additionally, I am baffled why do i have to press = to find end result, it should automatically calculate as i enter figure just like my $3 citizen calculator does.

userbinator 7 days ago 3 replies      
This looks closer to Mathematica/Maple/MATLAB than a basic calculator, although still nowhere near the power of those.

Of course 1/0 should be +Infinity, not ?...

(Disclaimer: I have a Mathematica console always open on my desktop, and regularly use it for all kinds of calculations.)

zschallz 7 days ago 1 reply      
Very cool. Unfortunately, I think the price point is a bit too high (at least for me).
kangax 6 days ago 0 replies      
It would be fun to build this as a webapp in JS + canvas/SVG.
snambi 7 days ago 0 replies      
excellent new idea.
pranayairan 7 days ago 0 replies      
anilshanbhag 7 days ago 0 replies      
I would just a ipython console Gone is the age of calculator
Letter From A Psychopath twitlonger.com
363 points by mannjani  2 days ago   322 comments top 34
tomstokes 2 days ago 18 replies      
Perhaps the most fascinating part of this letter is observing people's reactions to it. In the letter, the author goes so far as to admit that s/he is and always will be a psychopath without a sense of guilt or remorse toward others and a keen ability to recognize and exploit weaknesses in others for his/her own gain.

Judging by the comments here, the letter has done just that. One comment below notes that "Jeez, that's the single most interesting, insightful, and well-written piece I've read on the internet in a long time." Others are expressing a desire to meet the author or expressing how they can identify with the author. It's incredible to see just how effectively this letter resonates with the people who read it.

Don't get me wrong: It's both impressive and admirable that the author was able to not only admit that he needed therapy but to press on long enough to make therapy work for himself in an effective manner. I don't want to downplay his accomplishments. However, it is still interesting to dissect and observe all of the persuasiveness of the letter and the fluidity with which the author transforms psychopathy from a very difficult personality disorder into somewhat of a super power that the reader can't help but envy by the end of the letter.

As you read the letter and experience strong feelings of empathy for the author, consider his own poignant words at the end: "In the end, psychopaths need to be given that very thing everyone believes they lack for others, empathy."

The letter begins with the psychopath distancing himself from the traditional destructive psychopathic traits in the most admirable and self-aggrandizing way possible: He went against all odds and admitted himself into treatment, where he claims the health agency had never seen someone of his nature walk-in before and he was too incredible of a case for anyone but the highest-ranking therapist to handle.

He continues by setting up various straw-man caricatures of psychopathy ("cartoon evil serial killers" and the CEO who prizes profits over people) and knocking them down one-by-one, leaving the reader feeling guilty of possibly embracing those stereotypes at one point. With the reader feeling a bit guilty, empathetic, and as if the author's condition is simply misunderstood, the author has set the stage to rebuild the reader's view of psychopathy in a way that benefits the author.

Toward the end, he even goes so far as to put words in the reader's mouth just so he can turn around and undermine the very caricature of a psychopath he suggested you might hold : "Such as statement might tempt you to say 'well obviously you're not a real psychopath then'. As if the definition of a psychopath is someone who exploits others for their personal power, satisfaction or gain."

The rest of the article explains the author's psychopathy the way the author wants you to view it: As "a highly trained perception, ability to adapt, and a lack of judgment borne of pragmatic and flexible moral reasoning." He goes on to say that he "enjoy[s] a reputation of being someone of intense understanding and observation with a keen strategic instinct." At this point, the author has completely distanced his psychopathy from the purely negative caricature he painted in the first half of his letter. Who wouldn't be envious of such incredible, valuable, and morally-neutral abilities as he described them?

I've read the letter several times over, and I'm still amazed at how effective it is at garnering empathy from the reader and cultivating a sense that the author is an impressive individual who has triumphed over adversity after a great struggle. And it's true that overcoming your own objections to seek, and stick with, treatment for such a severe personality disorder is both impressive and admirable. His points about the general public's misunderstanding of true psychopathy are equally true, although he crucially omits any and all explanations of how psychopathy can actually be dangerous and destructive to others. It's an incredible piece of writing, and incredibly persuasive and manipulative in a way that I'm sure PR and marketing teams everywhere would be jealous of.

jseliger 2 days ago 4 replies      
If you're interested in what life for such a person is like (or if you might be one!), check out M. E. Thomas's Confessions of a Sociopath. I wrote about it here: http://jseliger.wordpress.com/2013/08/08/summary-judgment-co... and Tyler Cowen wrote about it here: http://marginalrevolution.com/marginalrevolution/2013/06/con... and elsewhere.

FWIW, from what I've read (http://www.newyorker.com/reporting/2008/11/10/081110fa_fact_...) there were (at least) no therapies or treatments that reproducibly help psychopaths:

The psychiatric profession wanted little to do with psychopathy, for several reasons. For one thing, it was thought to be incurable. Not only did the talking cure fail with psychopaths but several studies suggested that talk therapy made the condition worse, by enabling psychopaths to practice the art of manipulation. There were no valid instruments to measure the personality traits that were commonly associated with the condition; researchers could study only the psychopaths behavior, in most cases through their criminal records.

And now there are, at least in the sense of reducing criminal behavior:

In a landmark 2006 study of a specialized talk-therapy treatment program, conducted at a juvenile detention center in Wisconsin, involving a hundred and forty-one young offenders who scored high on the youth version of the checklist, Michael Caldwell, a psychologist at the treatment center and a lecturer at the University of Wisconsin at Madison, reported that the youths that were treated were much more likely to stay out of trouble, once they were paroled, than the ones in the control group.

But note that the linked article is from 2008. Perhaps things have changed since.

kristofferR 2 days ago 10 replies      
Everybody should turn on showdead in the settings and check out losethos' comments here. Psychopathy is really interesting and fascinating, but so is schizophrenia.

It boggles my mind how anyone can write such nonsensical rambling comments while at the same time coding a 64 bit operating system from scratch.

Pompky 2 days ago 2 replies      
I think psychopaths are incredibly boring, unidemensional people who hopelessly, endlessly intellectualize and play mind games because there is no depth to them. It is only mind machinations without the depth and nuance of a fully feeling and emotionally alive human being. I had psychopathic parents and studied psychopathy as a PhD criminal forensic psycholovist encountering many serial killers, cons and the like. Why do they do what they do? It is no great mystery as I used to think. They dismember people psychologically and physically for the simple reason that they enjoy it. They derive pleasure from the destruction of victims to their power dominance orientation. They are boring stupid people who ate not the least bit interesting. They are pathetic. They choose people smaller and weaker than them that they can pick them off out of the herd of humanity. They are sad expressions of the human genome and dont deserve near the hype and fascination they get. Once you figure them out, it is very easy to remain quite detached from their mental gyrations to seduce and ensnare. It becomes annoying actually. I for one am over it. I do recommend that you not allow one at your hearth or into your bed. You will pay dearly. One cannot allow emotional involvement or any attachment to such people as a regular person is want to do with other humann beings. Get rid of them, they will destroy your mind, spirit and your life. Take it from one who knows from a very young age.
dfraser992 1 day ago 2 replies      
Sociopaths are one of the fundamental threats facing humanity today. Such traits may have been beneficial in times past as group conflict was so prevalent, but if global issues like getting into space, climate change and the prevention of economic chaos are to be dealt with effectively, humanity is going to have to learn how to cooperate more effectively. And that means preventing sociopaths from getting into positions of power.

Unfortunately, society does not seem to have yet evolved the mechanisms to deal with these parasites effectively. The law is hardly a useful tool, given how "flexible" and corrupt it is, and how money aka power is so important in manipulation of the law versus "truth". Economists aka amateur sociopaths are finally beginning to realize an obvious truth - that most humans are not rational actors strictly concerned with profit and loss but that decisions are based on emotion much more than they'd like to admit and so this has a significant effect on economic behavior.

All this does matter because ask yourself - what of the effects these people have on the lives of those they exploit? what sort of setbacks do the good people end up facing and how much of a drain is it on their lives and their efforts to -contribute- to society as a whole? I see so much waste because of the unnecessary chaos the sociopathic introduce to society as a whole. They are a threat and capital punishment is a logical response, because they can not be rehabilitated. But given how society is organized, rich white people are never going to be executed, or even prosecuted, for their crimes unless they're so egregious they can't be ignored.

Even then, the case of Jimmy Savile (in the UK) is an example of how humanity still is little nothing more than talking chimpanzees who respond more to and are controlled by instinctual behavior patterns versus the ability to cogitate like "we" think we are able to. Jimmy was a sociopath, everyone knew he was a pedo, but nothing was done because no one wanted to speak up because of the social cost. Things are better these days, of course, so maybe in another 100 years, there will be a test toddlers are given to track whether they are likely to be sociopathic, and more effort will be put into preventing the development of such evil monsters. It is like the Head Start program in the States - prevent issues down the road by ensuring children have the best psychological foundation established as early as possible.

JonSkeptic 2 days ago 2 replies      
>It is also the case that, being 'normal' takes a degree of energy and conscious thought that is instinctive for most, but to me is a significant expenditure of energy. I think it analogous to speaking a second language.

Sounds about right. I thought it was pretty 'normal' to feel this way sometimes...

southpawgirl 2 days ago 1 reply      
Programmers (me included) are intrigued with psychopathy: we like the idea of pure thought, unencumbered by guilt, untainted by emotions, conventions and niceties. But paradoxically we overromanticise it in the process: I am pretty sure that living day-to-day with such condition kinda sucks, and that it seldom leads to notableness or notoriousness, let alone self-improvement or any kind of refinement. A serial offender petty criminal is probably more representative of the 'average' psychopath than the author of this post, I am afraid.
psychosurvivor 2 days ago 1 reply      
I'm generally viewed as a "nice guy" but once when I was younger met a psychopath who viewed my "niceness" as a weakness and took it upon himself to destroy me. I retreated from that battle, but from then on learned to identify such people and try to match wits with them. I'm very competitive and couldn't stand losing to them. I out-witted several of them over the course of my life and they would usually leave me alone when they knew I would fight back. Fortunately, there are not a lot of true psychopaths running around. However, I finally met my match recently later in life, in a former prison inmate who ran had run his cell block, who had intelligence, charisma, and a breath-taking ruthlessness. He had fooled everyone on his release that he was reformed and had obtained employment where I worked. I did battle with him and lost because I was not willing to go his lengths. Good does not always over Evil, as we all know. I had to get as far away from him as I could. The experience was traumatic in some ways, and I say all this to recommend you avoid psychopaths whenever possible. It's not worth it. A true psychopath is beyond redemption.
b1daly 1 day ago 0 replies      
I've sometimes wondered if the presence of psychopaths in powerful organizations leads to sociopathic behavior on the organizations part, even though most members are "normal." I'm thinking of situations like the outlandish behaviors of major investment banks defrauding their customers, knowingly selling them "toxic" mortgage back securities.

A small population of actors, inclined to gain power, and ruthless in conduct forces all members of the community to act in concert, lest they be cast out entirely.

This might also explain the disconnect of an organization like the NSA, made up of mostly decent, sincere people, engagin in profoundly anti-social, if not downright illegal, activities.

squigs25 2 days ago 2 replies      
Many of the best venture capitalists and entrepreneurs have psycopath-like tendencies.

Think about the similarities. A good entrepreneur/venture capitalist should be:

-Ruthless, selfish, unsympathetic

-Capable of manipulating, good at acting, great at selling a concept and convincing others to drink the kool-aid

-Unfazed by negative outcomes

-Unaware of (or at least, unfazed by) social norms and the status quo

-Creative, capable of thinking radically differently than everyone else

I've seen this comparison a few times, and now I can't seem to find any of the articles that I have read.

ctdonath 2 days ago 2 replies      
"the director of the agency finally took me on herself, and to our mutual surprise we got along extremely well."

Birds of a feather?

pathtopsyche 1 day ago 0 replies      
I come from a rather unstable and violent corner of the world, and I've met plenty of psychopaths growing up. I have a hypothesis that early childhood traumas and violent environment can trigger the development of psychopathic tendencies, but I'm not entirely sure how much role does genetics play in this process.

Some of the commenters on this topic seem to ascribe superhuman rationality and brainpower to psychopaths. I don't think that's a correct way to look at it. They can be very smart, but they suffer from the same set of biases and blind spots and Dunning-Kruger type of phenomena as other people. I think the defining characteristic is the complete lack of empathy and the willingness and ability to manipulate people (practicing the skill from early childhood, hence very good at it).

I was just looking up one of the smartest and most pronounced psychopaths I've met in recent years. Apparently he got his MBA and started an offshore private equity fund, seems to be doing well for himself. The guy had monumental talent for manipulating people. I wonder how far will he go before people catch on to his true nature...

Fuxy 2 days ago 3 replies      

I would like to meet this person.

I find it very helpful to surround myself with people that have a different way of seeing the world.

easyfrag 2 days ago 1 reply      
Jon Ronson's audiobook version of The Psychopath Test is the Daily Deal today on Audible.com for 2.95
wlmeldmanfloch 1 day ago 0 replies      
I find that it is hard to distinguish between psycopathy and narcissism. This person seems like a pathological narcissist not a psychopath. This person is ego tripping by self identifying with something they find powerful. A psychopath may have similar hangups but they don't believe in their own bullshit and would not waste time with self reflection or therapy. Psycopathy is like depression; psycopaths do crazy shit because they can't feel.
6d0debc071 2 days ago 2 replies      
... Am I the only one who interprets this letter as an attempted sympathy exploit/attack on people being properly on guard against psychopaths?
trendoid 2 days ago 0 replies      
Brilliantly articulated. I think this might be useful for everyone :

"The test of their self-superiority is their ability to rapidly find weaknesses in others, and to exploit it to its fullest potential.

But that is not to say that this aspect of a psychopaths world view cannot be modified. These days I see weaknesses and vulnerabilities as simple facts - a facet of the human condition and the frailties and imperfections inheritent in being human."

Yhippa 2 days ago 14 replies      
At one point in our evolution was there some advantage that being a psychopath conferred?
zafiro17 2 days ago 0 replies      
Jeez, that's the single most interesting, insightful, and well-written piece I've read on the internet in a long time. Imagine what things are capable when "being different" causes you - and enables you - to reflect deeply and thoughtfully on what being normal really means.
2mur 1 day ago 0 replies      
Interesting article on a clear psychopath:


JulianRaphael 1 day ago 0 replies      
I have a very pragmatic view that psychopathic traits are just one specific set of algorithms of the many possible sets of algorithms our personalities can exhibit to connect and interact with other personalities or more generally speaking our environment.Looking at the state of the world, at least a subset of these behavioral algorithms seems to be quite efficient (as the letter shows) and various subsets/traits seem to be very common and even desirable. Obviously the manifestation of the overall set which you would define as "psychopathy" varies from psychopath to psychopath, hence the image of the "cartoon evil serial killers", the "CEO" and many more in between these two. I guess in the end it depends on the balance of influence between three factors: the other sets of algorithms which make up your personality, the personalities you interact with and your environment.

I personally think we should look into what we can learn from this set of behavioral algorithms (the good, the bad and the ugly) and how you can balance it to leverage its benefits while not suffering from its drawbacks. That's at least how I deal with it.

anovikov 2 days ago 6 replies      
The more i read about phychopaths is that they are normal guys/girls and it is the society's problem to 'treat' them (because they are too strong competitors and shall be neutralized) rater than their own.
yurgeni 2 days ago 1 reply      
>psychopaths hate weakness they will attempt to conceal anything that might present as a vulnerability [...] ability to rapidly find weaknesses in others, and to exploit it

There seems to be confusion about what constitutes 'strength' and what constitutes 'weakness' in regard to human personalities (or 'hard' vs 'soft')

For example, compulsively manipulating other people is more properly regarded as a weakness, I think. Whereas getting up on a stage and being open and vulnerable in front of a crowd, that's strength. It can inspire people and produce lasting change.

People with heavy streaks of psychopathy, or narcissism, or whatnot, are on a different path to the rest of us. It's better to avoid them where possible, tempting though it is to hope they will eventually acknowledge their faults and apologise. However, not having access to various feelings is going to create straightforward problems in their lives which can in principle lead to private acknowledgement and progress being sought. So I refuse to regard them as incurable cases

michaelwww 22 hours ago 1 reply      
Can two psychopaths fall in love with each other?
socrates1998 1 day ago 0 replies      
Interesting read, but about half-way through I realized he could be manipulating me into thinking he was decent person, just misunderstood.

Anyways, it is scary to realize that there are lots of powerful people out there like this.

Actually, I think there are many powerful CEO's and political leaders that are psychopaths.

How else could they convince people to give them the power, money, and influence they have?

richardlblair 2 days ago 0 replies      
Amazing and fascinating. His state of consciousness is so very different from ours. It is his reality. I'm so happy he shared this.
aagha 1 day ago 0 replies      
Given the number of people here who say have have met or interacted w/ a psychopath, one would think that every other person out there is one.
mzs 1 day ago 0 replies      
"I hope that it can remain confidential for the time being, seeing as it is quite personal."

Dang who is the one exploiting weakness here?

abhididdigi 2 days ago 1 reply      
This is a very good article. Thanks for this.

This explains - What makes a difference, if someone diverts their energy doing something Positive. As they say - It's not who you are, but what you do that defines you.

>Serial Killers & Ruthless CEOs exist - Voldemort does not.

Excellent ending to a great article.

Pompky 2 days ago 0 replies      
I have extensive experience w psychopaths. They have almost destroyed my life given my vulnerability to them because of a mother who is a psychopath and a father who had major psychopathictraits. I had to seek nurturance from a snake and learn how to feed it and placate it while trying to stay alive.
brickcap 2 days ago 0 replies      
Great read. Thanks for sharing.
BaconJuice 2 days ago 4 replies      
Can someone paste it on gist? Work proxy is blocking the site =/
ashleypea 23 hours ago 0 replies      
Who here is aware of the fact Oskar schindler was a psychopath? He sold all his business and fortune to save hundreds of lives.All we hear is psychopaths who fit the stereotype, not those who do not. Cognitive dissonance.
dave_sid 1 day ago 1 reply      
I think I've come in to the wrong forum. I thought this was HN.
What Happens When One of Your Coworkers Dies thebillfold.com
355 points by ohjeez  2 days ago   194 comments top 47
steven2012 2 days ago 4 replies      
One of my coworkers, my mentor and someone who taught me what it meant to be a good programmer, was murdered by his wife, who also murdered their two children and then killed herself.

It took place over a holiday, and I noticed he hadn't shown up afterwards. After a couple of days, I asked my boss if he was on vacation, and he said no, so I emailed him. His body and his family were found the next day by his neighbors. I actually saw his face on the evening news and my heart started racing, because they made it seem as though he was the murderer, but as events came out, he and his beautiful children were the victims.

It was really horrible because he was one of the star programmers at work and responsible for a lot of the success in the company. Everyone loved him and he deserved to be loved. It really hit our company hard, and we had things like counselling meetings but all that did was fuel our anger.

Basically there's nothing you can do. You just have to deal with it and move on. It's been 10+ years, but I'll never forget him though, he deserves at least that.

bane 2 days ago 1 reply      
I've had this happen a few times over the years. It's really tough.

In one case it was a very popular and looked-up-to engineer. Out for a jog one day and an unknown heart defect dropped him dead before he hit the ground. People were very broken up over it and donated food and all sorts of things to his widow and kids. I think a small charity was set up in his name.

In another, nobody really knew the guy outside of his group. But he had had a very bad cough for a few months that to be honest, had become kind of a workplace annoyance and was blamed for everything from loss of productivity to a rash of URIs that ran through the office for a few weeks. He didn't show up one day and everybody assumed he had finally decided to take some time off and attend his cough. The next day it was announced he had died. There was no further information and nobody outside of his immediate group and management really knew anything about him or how to reach out to his family. His desk was filled the next week.

Finally, a guy I knew and my friends all used to work with, broke off to try his hand in the restaurant business. Things didn't go well and mired in debt and suffering from some mental illness issues took his wife and daughter hostage and committed suicide (his wife and kid made it out with very minor wounds). I think everybody was in such shock over such a mild mannered person doing such a crazy thing that people wanted to get over it as quickly as possible and pretend like we all didn't know him at all.

jboggan 2 days ago 4 replies      
This has happened in my experience before, and it is one of the strongest reasons for good source control that is infrequently considered. It was a tragedy when a very wonderful and dear researcher in our group died suddenly, especially to his three children and wife that he left behind. It was also a great loss as well that we could never recover some key bits of source code from his computer, and that a very promising cancer drug trial was derailed because we couldn't articulate why the compounds were chosen for study in the first place.

He died of a heart attack at age 42 after pulling three 90+ hour weeks. It completely changed my attitude towards work. May he rest in peace.

Spooky23 2 days ago 1 reply      
My uncle worked for a financial services firm in the 80s. A consultant was in a computer room working on something very early in the morning and had a heart attack.

Someone discovered the guy, called 911, and went about their business. Due to some combination of bureaucratic bungling and security nonsense, the ambulance folks didn't know someone had died, and were either turned away from the building or taken to the wrong location in the building.

Long story short, the body wasn't removed until early evening. People thought he was taking a nap. I always found that so sad. The poor guy probably had a family and people who gave a shit about him, but the people around him couldn't be bothered to treat him with respect.

edgesrazor 2 days ago 1 reply      
I had something like this happen at a small software company I worked about 15 years ago. Our owner had written a specialized program for his wife to sell on the side, but under the company's name. One weekend, after a very big fight, she ended up committing suicide after he'd left the house. The next week, they had me going through her email to get a list of customers she had been working with. I can't begin to tell you the amount of discomfort you feel going through a recently deceased person's email - especially when it was mixed with personal messages. I got in, found all the work related messages, forwarded them to my manager and got out - I couldn't bear to be in there any longer than I had to. No one at the company was very close with her, but it was still a complete shock.
kabdib 2 days ago 1 reply      
When we were doing the Apple Newton, Ko Isono (who was working on the tablet sensor code) committed suicide. Our manager got us into a common area, then told us the news. We were pretty shocked.

Many of us went to the funeral in the east bay. I remember it was very cold and rainy, and that I didn't mind.

We put Ko's name in the "About Newton" page. Nobody in management objected to that.

aaron695 2 days ago 1 reply      
I'm assuming this story is a Facebook generation thing.

Not sure if it's a disassociation of the difference between/loss of real friendships and acquaintances or perhaps the constant need to get attention which people are starting to use the death of others to get (amongst other things)

I can't tell if this story is true or not, it's certainly well written and of literary value.

But it is not normal to light candles, create movies and put people who have passed away's photos up in the workplace.

Those true friends in the workplace will go to the funeral, this sort of darkness in getting off on people who we barley knew who have died, kinda scares me the most in this story.

Shivetya 2 days ago 0 replies      
We are going through this where I work currently, a co-worker, a good friend, passed away on the 13th. We'd been joking the day before about what food item he was going to bring in the next week though we all knew what it would be.

While he had been sick for a few years, at times appearing in colors no human should ever appear in, he had been improving steadily and was in very high spirits. To say it caught us off guard is one thing, it caught his doctors and family off guard as well.

It is very odd to have lost two friends who just happened to be coworkers since I started at my current company almost sixteen years ago. I lost my former manager six years ago and this friend who recently died was on the same team.

As a group, those closest never ventured into terrible. Oh we hit the gutter for humor but only in how it relates to our other loss years before. Jokes/comments along the lines of "God probably needed help keeping so and so in line" or "Great, now they are going to team up and take over the place".

Mourning will really hit Saturday at the funeral, its possible that terrible is reached the days after that but only directed at those who don't come who should have come. You know the type, there people you work with who really don't care about anyone else but they sure make a show of it when someone higher up is around. Got them, should be interesting if suspicions are right.

Forgetting, well that won't be all the quick. We still bring up the name of the first to pass from time to time, some people have an over sized impact on organizations when they are alive and when viewed with the rose colored glasses of the past. Yet shouldn't we always only remember the good days?

zero_intp 2 days ago 2 replies      
A good friend and co-worker died recently, worked together for 10 years. Hard worker, lived in Cali and flew out every quarter. We shared being assholes who get shit done by working hard, long, and speaking truth to power.

He died by driving fast, impatiently, killing his wife and unborn child. We shared a love of fast cars and recklessness.

His death has helped me re-evaluate. Selling (trying) my fast car, going part time to travel. Working hard for a company and dieing suddenly seems so ultimately unfulfilled.

notastartup 2 days ago 3 replies      

    Colins boss is on vacation this week. He recorded a message by webcam.     Hes lying on his side on a hotel bed. He talks about the clarity of     Colins press releases as palm trees shudder in the wind behind him.    I wish I had gotten to know him better, he says. He seemed nice.
Reading this kind of made me rage...and sad.

Tragic, but the inequality, and the indifference free market creates, makes me steer clear away from corporate environments. I'd rather be a writer or an artist working on one's creation and dropping dead than die for someone's marginal materialistic desires.

I know this is just one way of looking at it, maybe the company was a great place to work at and the words alone do not carry justice.

Unsettling. Knowing that you can die at any moment, yet you work to fulfill the desires of those above you.

When I start a company, I don't want people below me or be insensitive. I'm gonna pay them well, make their work not overwhelming (by creating more software to automate and lighten their workload). Maybe I'm just young and naive. but I sure as shit not going to be an insensitive jerk to my partners in crime. Nobody is killing themselves or getting sick because of being overworked. Fuck that ferrari man, if someone kills themselves in the process of making money for you, I'd be devastated. I don't know how I'd feel when I turn old though, as your frontal cortex deteriorates, causing you to have less empathy and concern for your surrounding.

busterarm 2 days ago 0 replies      
Things get a bit more strange when you don't meet the people you work with. I work somewhere with a large staff that's entirely remote. In the five years that I've been working here, we've had three deaths (so that's about 1 in 400). One was a very grotesque suicide by somebody who was very unhappy and everyone they interacted with knew it. The other two were strokes. The whole company gets an email when this happens but little more than that. I don't even think we offer grief counseling.

I'm very senior here and know that I worked with the people but don't remember any of their names by now. Very few people do, in fact. Only one person I know remembers the name of the guy who killed himself.

There is one name that I remember though. We had a guy who had a very debilitating stroke and tried to come back to work. After about a month of some incredibly strange behavior from him, he was let go. He just never came back the same after his stroke.

Sitting down all day is really bad for your health. So is not having regular interaction with other people. When working remote it's really important to have some regular group activity that you do.

jakejake 2 days ago 0 replies      
This happened to me last year. A young guy with a wife and two kids hit his head getting out of a cab and died a few days later from sudden complications. He was the life of the party type of guy, kinda like the Kramer of the group. Really well liked. I had a voicemail from him on my phone that I hadn't listened to yet.

It really does make you think for a while that you shouldn't take any day for granted. But, just like in the article, after a few months we all just settle back into our routines.

scrrr 2 days ago 2 replies      
Two friends died when I was a student. A guy from the company I was working at died on the Air France flight from Brazil. They were all very young. It's entirely possible this happens to other people I know, or to me.

FWIW, I think it's good and healthy to think about death, perhaps even to think about it often. There used to be a time when people put skulls on their desks to be reminded.

infectoid 2 days ago 1 reply      
Happened to me once early in my career.

I was working as tech support at a manufacturing plant. As I'd be walking around a lot fixing things I got to know everyone fairly well.

Manuel was the production manager. A nice guy, always seemed relaxed but always got shit done. He had been working there for about six months.

One morning I get in and hear the news from the somewhat insensitive IT manager, can't even remember how he said it, just remember not liking him at all after that.

About an hour earlier Manuel had been waiting at a round-a-bout. A semi carrying a load of fuel comes down from an off ramp approaching the round-a-bout and the breaks begin to fail. The truck driver attempts to veer but then the trailer starts to skid and pivot.

It crashed to the ground in front of Manuel's car and everything explodes.

I drive past where it happened every time I go to visit my folks. It's been at least 15 years. Someone is still putting flowers there.

officemonkey 2 days ago 1 reply      
When this happens to people in their 20s, it's notable.

Sadly, as I approach 50, it happens in my workplace, in my private life, and in my family pretty much every other year.

howlround 2 days ago 0 replies      
I walked into work one day, and in my email was a remembrance note about a coworker who had just died. I did not know him, but in the email there was a picture of him fly fishing, and then another picture of him standing by his wife. He was an overweight, balding man in a Wal-mart jacket. Something about his "everyday, average guy" look scared me. I never knew him and if it weren't for the email, I'd never have known of him.

I grew angry, and could not figure out why. Was I sucked back into this reality that we all die when I had been working hard to deny it? Was it that someone could die, and some stranger like me had no interest or comprehension of his accomplishment? Was it that I only judged people by their accomplishment, when hypocritically, I had none of my own? Why did I suddenly hate this man, who I never knew existed, and only knew because of his death?

He was a father. He surely comforted his children on the first day of school. He went shopping for them on their birthdays. He had loved ones who grieved for him. Loved ones who had no talent to describe how great he was to them, but only knew he was great to them.

I still don't understand the oddness of my reaction, or why it still haunts me. We are all born in a blur of a gigantic population, and he was simply deleted from my inbox as my company insisted I delete my emails when it approached 150 mgb capacity.

I kept him new and unread as long as I could.

walkon 2 days ago 1 reply      
I don't think this article is just about how people react to a coworker dying. It's an observation that regular presence of someone, particularly in the workplace, doesn't automatically lead the relationship past an acquaintance level. Obligatory social routine and superficial small talk might make us feel comfortable with each other, but beyond that, there might be nothing deeper there. Some of us our surrounded by familiar faces and conversations each day, while entirely disconnected and alone.
pgrote 2 days ago 1 reply      
Great writing.

I worked with a business analyst once who dropped off his laptop for me to take a look at on a Friday afternoon. Odd, because we did regularly scheduled maintenance and he brought his external monitor in.

On Monday morning his mother called to report he had killed himself.

It was so abrupt and took the group by surprise. I do remember thinking that it would change everything. Life went on, though.

Refefer 2 days ago 1 reply      
Reminds me a little too much of the regrets of the dying[1]. Ingrained deep within our mammalian brains is the instinctual desire for community and personal intimacy. We'd do well to remember ourselves and what makes us happy before we're reflecting from our own death bed.

[1] http://www.inspirationandchai.com/Regrets-of-the-Dying.html

brc 2 days ago 1 reply      
One of my close relatives passed away this year. She was the partner in a professional services firm, and well like by her staff. The entire company had a day off on the day of her funeral, and many of them were distressed by it. It was not a shock as she had been ill for quite some time, but it does entail an adjustment.

This is going to become more of a common occurence as the baby boom generation start moving towards an era of high mortality and are in senior positions. There are actually companies around which can help with transitioning through a period like this, including grief counselling for staff, strategies, etc. I worked with someone on a project once who worked for one of these firms. Up until that point, I had never even considered that they would exist.

kfcm 2 days ago 1 reply      
I've been through this four times. Three died at home; one at work. These were all at small companies, so we all knew each other--many for decades, and over different jobs.

The last two passed away about eleven and twelve years ago.

One may think it's haunting to still see e-mails from them in my archives. But the really haunting thing is listening to them speak in the voice mails our phone system e-mailed back then. Voices from beyond.

spacecowboy 2 days ago 0 replies      
When I first started working as a manager for a group of folks, my own manager insisted that if one day someone in my group didn't show up for work and there wasn't a phone call or email or a note, he said to always try to get in touch with the individual to see if everything was ok. My manager was so insistent on following this practice so I asked him why he felt so strongly about this. He said he had an experience in which he had one of his folks not show up for work - no phone call, no email, no note so he tried to reach the individual by phone. After no response given multiple attempts to reach him, by late afternoon, my boss decided to drive out to the individual's house. When he got to his house, he found the gentleman passed out in front of his house. Thankfully, this story ended up with a happy ending.
RougeFemme 2 days ago 1 reply      
At one company where I worked, I resented the fact that the executive assistant to the CEO made more than I; after all, she was non-technical and "simply a secretary". Then she had a heart attack at her desk and died instantly. I felt guilty for my thoughts and resolved to find out exactly what her job entailed.

About 2 years later, her replacement was struck by an aneurysm at her desk and died several weeks later. I had been interacting her a lot for work-related projects and had had learned how stressful, difficult and important that job was and did not begrudge her her salary at all.

seanhandley 2 days ago 0 replies      

I mourn for Colin. And I mourn for the dry wind, devoid of intimacy, that blows out across the open plan stage of our working lives.

stirno 2 days ago 0 replies      
Well written and it hits close to home for me.

Honestly, I've had a fear of being 'Colin' for years.. that if I were to be gone one day, all people I come in contact with, besides family and friends, would remember are the inconsequential things about me. Its an ego thing I'm sure -- that I feel I should be remembered.

I make an effort to have some real impact on as many people as I can. Something they would remember. I have no idea if I've been successful. All anyone really wants is to do something meaningful.

I hope that Colin had a great group of people outside work that could memorialize him properly.

bdamm 2 days ago 0 replies      
We had a fellow in our QA department pass away suddenly. He died at home from "heart failure". I think everyone assumed it was a drug overdose, amid hushed rumors of rather strange behavior during a previous-job Vegas trip. It was sad, because he did good work. Like this fellow, a lot of people simply had superficial contact with him.

I wish I could say that his death motivated me to have more meaningful contact with everyone. But it didn't; it simply made me realize that you can't force that even if you want to. At least not for me. Some people seem to have meaningful exchanges easier than others, and I'm just not one of those people.

aortega 2 days ago 0 replies      
Thankfully never happened to my coworkers.

But many years ago I reported a pretty severe vulnerability in a common piece of software. A patch was issued and that was it. One of the developers then stopped answering emails and later I learn he died, probably by suicide. To this day I don't know if both events were related but I try to be extra nice when reporting vulnerabilities to developers since then.

frankydp 2 days ago 1 reply      
I have personally experienced this on five occasions in the work place. I can say that only once did no one have any idea that there was an issue. I have seen CO's, junior enlisted, and the inbetween. The powers of self loathing are in my experience not the driver, the most dangerous force is self confirmed failure. The type or scale of the failure does not matter, only the persons value of that failure matter.

That being said.

Go in to work tomorrow and make a forceful effort to engage with anyone that you think may have any issue with failure overwhelming them. The only weapon that can help is others.

zacinbusiness 2 days ago 0 replies      
I've not had a coworker die but I've experienced immediate family loss (my mother when I was 10) and I know that being around things that reminds you of that person can be very difficult. I chose to move away (obviously not when I was 10, but as soon as I was 17 I moved a few towns over, now I live at the other end of the state, and as soon as possible I'll be leaving the country, but it seems that sometimes you can never go far enough).

It's interesting though, the way a conversation like this will turn in a community like HN. It goes into religion, but sort of the opposite of how it turns out in RL (or at least here in the bible belt of the U.S.) - most people will say "I'm praying for you and your family." and it's usually received with a "thank you" or similar, here on HN though (and in a lot of communities, such as at a university) these sorts of comments will be met with anger that someone believes something differently.

Personally, I've never had much use for religion. Most of my family is highly religious, and it's never seemed to do them much good though it does help them cope when bad things happen. And that's where I see the value in it. I know it's unhealthy to try to runaway from past pain, but that's how I cope. And when my family says things like "Well, God works in mysterious ways." I know that they are just trying to cope as well, and I have no right to judge them for that.

Empathy is a very important thing, I think, and people who get all defensive when religion comes up should take a step back and think about their own beliefs. The majority of these people (myself included) will talk about science, how we believe in things we can prove. But the simple fact is that isn't really true, is it? I believe, for instance, in the speed of light, and that highly gravitational objects can bend light and even space itself. However, I personally have not measured light or the effect that gravity has on it. I've read papers about it, and I've watched documentaries. But it's still just faith.

dzink 2 days ago 0 replies      
A classmate fell to his death from his apartment's terrace in a skyscraper a few months ago. We were just coming back for our second year of Grad school. He was full of life, working on a startup for which he had won some funding via a competition, spending the summer at an Angel investor group, serving as a favorite TA for a top VC professor. He was a self-made immigrant and the best parts of life were right ahead of him. Nobody knew what happened, but it hit too close to home.

His parents requested that his name was not mentioned on social media until they had a chance to take him home to Europe and tell their family at home. We got together to honor him and express condolences to family and after a week or two, things went back to normal on the outside. On the inside questions still remained, not about what happened, but about the implications it had on us, his classmates, who are just like him in too many ways to count.

theorique 2 days ago 1 reply      
Thats Colin, says Bill. Dead people dont get salaries, so Colins appears as a surplus.


rdl 1 day ago 0 replies      
It was interesting working in a "high death rate" environment, and seeing the ways different organizations dealt with that.

The military (US, especially) seems to rely on tradition. I still think the US Army "last roll call" is among the best.

There were contractor and local companies who did basically nothing, and where the big issue was getting personal effects packed up/returned, and risk that final paychecks (or, in some cases, 6+ months of pay held until completion) would be paid out. And some where the loss of enough people led to the company folding, too, so there wasn't even anyone to pay that money.

Probably not frequent enough to be meaningful for a silicon valley tech company with mainly 20-50 year old employees, but maybe in an industry with older people (or, in 10-20 years, in tech), there will be companies which differentiate themselves by how they handle this kind of thing.

There are some conferences where one of the first parts of the yearly meeting is listing all the former attendees who have died in that year; for the more ee-specific conferences where the average attendee is ~50-60, it's a much longer meeting.

xmjw 2 days ago 0 replies      
I've had this twice. Once to a car accident on the motorway in 2002. Once to a bizarre form of leukaemia such that (from our perspective) the guy had back pain on Thursday, and died over the Easter weekend by Tuesday in 2009.

Still think of them both from time to time. Some of my now-ex colleagues still comment on the anniversary of their passing on Facebook. I don't think I could honestly remember the dates if they didn't... Their names always stick with me though.

tn13 2 days ago 1 reply      
When I was working for an Indian out sourcing giant we had a 9 floored building each with a wide gallery. I liked working beyond 8pm and when I was about leave at 9pm I noticed a small crowd near one of the parking entrance.

Soon found that someone had jumped from one of those galleries. An sms from the individual to his elder brother blamed the extreme work pressure. Knowing his team and manager, surely that did not seem to be the case.

mpclark 2 days ago 0 replies      
I was at a start-up that was essentially a bunch of young lads who had all been close friends since school. Without going into too much detail or focussing on the human tragedy, one of us died in an accident and, looking back, I think it really delayed the growth and progress of the company by a year (or maybe two) while everyone came to terms with loss, death and their place in the universe.

I think the company was quite lucky to get through the experience intact, and it was probably only the presence of a couple of older, more detached execs that made that happen.

mTemp 2 days ago 0 replies      
I worked with someone who joined our development team as a junior. He was a bit aloof, and slightly arrogant. I moved on soon after he started, he IMed me for the contact details of a contractor we worked with, and that was the last I heard from him. I was not surprised to hear, a few months later, that the guy had been fired, because of his attitude.

Fast forward another few years, and I was Googling (or was it Facebook searching?) ex-colleagues who I'd lost touch with. My search led to news articles that referred to his death. He was killed in a bizarre road-rage incident, where he was clearly the aggressor.

His family had created a memorial page on Facebook, but hadn't reported him deceased. I reported his FB profile as deceased, it was memorialized and I moved on.

I spoke to the ex-coworker about what happened (the same one who told me about him being fired a few years earlier), and he pointed out how kind the eulogies were- not really describing the arrogant prick we worked with.

rowdyrabbit 1 day ago 0 replies      
When I was 20 and studying at university I worked during my summer break at a small company. We went on holiday for a couple of weeks over Christmas but just after Christmas Day I got a call from my manager telling me that one of the guys in my team was killed in a car accident and his wife badly injured.

I went to the funeral which was heartbreaking, the place was never really the same again without him. I still think about him every now and then, even though that was more than 10 years ago now.

sidcool 2 days ago 0 replies      
I have seen a lot of departments in my office understaffed. Immigration department, Talent management department, the HR department etc., who job is seen as mostly mechanical and less stressful. In reality, they juggle between a lot of things and are stressed. People keep on calling them and act as if the they are there to serve. I have raised this concern in my organization, but only to deaf ears.
dobbsbob 2 days ago 0 replies      
I worked with a guy who went golfing on one of the hottest days, drank too much and died of heat stroke in his sleep. Healthy guy too who was in perfect shape and ate disciplined nutritional food everyday and ran 5km in the morning while we ate mystery noodle bowls from a chinatown takeout window and rolled out of bed late
davidw 2 days ago 0 replies      
Well that was a cheery way to start my day. That and the chargeback from a confused customer, and the (really) mirror I broke by accident. Perhaps I should just crawl back into bed and watch movies....
jbegley 2 days ago 0 replies      
I rarely read comment threads here. I'm almost as edified by the stories people are sharing as I was with the original post. Thanks to all.
alandarev 2 days ago 0 replies      
Luckily I cannot tell a similar story of mine.

But I would like to thank everyone and OP for sharing tough and eye opening moments, others usually go silent about.

Even-though people prefer not to talk about deaths, it is an ultimate force to rethink our own lives.

angrybits 2 days ago 0 replies      
A decade later you stumble across code they still had checked out in the ancient VSS repo. And then the rest of your day is a bit crappier.
moron4hire 2 days ago 0 replies      
Moving houses, I found a t-shirt I kept meaning to give back to an intern I had had a few years before. We were close in age when I was at that job and we spent a lot of time together outside of work. I looked him up and found his Facebook page, where the last post was a year old, a memorial post from one of his family members. No information on how he died. It hit me a lot harder than I expected.

Holy crap, it's been a couple of years since I even learned he died and it still breaks me up a little.

Mustafabei 2 days ago 0 replies      
DUDE! That's all I have to say.
andresidhil 2 days ago 1 reply      
Lets hope something like this won't happen again.
rurban 2 days ago 1 reply      
commonly called the bus factor. https://en.wikipedia.org/wiki/Bus_factor
Saab wins Brazil jets deal after NSA spying sours Boeing bid reuters.com
354 points by joshfraser  3 days ago   130 comments top 34
_djo_ 3 days ago 6 replies      
Claiming that the NSA scandal is the primary reason for the Saab win is an overly US-centric view.

While there's evidence that Boeing's chances were hurt by the NSA revelations, it's not true that Boeing was a clear favourite. Both Saab and Dassault had presented strong bids and were considered serious contenders, particularly as both offered much higher industrial participation and technology sharing than Boeing and as such had the support of Brazil's aviation industry. That cannot be underestimated, and it's why Boeing was at a disadvantage even before the NSA story broke.

The Saab Gripen met Brazil's FX-2 requirements, it has a lower operating cost than the Rafale or Super Hornet, Saab has agreed to transfer a massive amount of technology and Sweden has committed to investigate a quid pro quo acquisition of Brazilian KC-390 tanker transports. Boeing could not match all that.

dmix 3 days ago 0 replies      
Boeing builds spy satellites for the US gov and their "Boeing Defense, Space & Security" division is deeply embedded in the intelligence community.



msantos 3 days ago 5 replies      
The French bid was turned down by the President herself after major set backs in the current France-Brazil partnership building a nuclear submarine for the Brazilian Navy.

Not mentioned here is the fact that old conspiracy theories surrounding the explosion that destroyed the Alcantara launch pad and killed the cream of the crop of the Brazilian space program, have recently been resurrected and it's believed plausible by some members of the Brazilian government although not widely publicized. Some blame the French for possible sabotaging it.

Over the years the Brazilian secret service (ABIN), have arrested several French spies around Alcantara - the latest case was that a French spy posing as kitesurf instructor. Other cases include water buoys found at sea near the Air Base loaded with electronics, also blamed on the French.

EDIT: added a few sources (sorry portuguese only)






flexie 3 days ago 2 replies      
Maybe Saab won because they had a better offer. And maybe Boing usually wins these deals because they have the backing of large intelligence agencies. Who knows.
TallGuyShort 3 days ago 1 reply      
I can't help but get the feeling, especially from the way things are cited in the article, that the NSA spying was not the cause of Boeing's bid souring, but rather that the decision was used as an opportunity to put some pressure on the NSA. Good on them either way. The economic impact is just one of the ways this program hurts Americans as well as foreign nationals.
mkuhn 3 days ago 0 replies      
Switzerland made a comparable decision this year selecting the Gripen [1] which beat the Rafale, and Eurofighter (Boeing retracted the bid for the Super Hornet).

The decision happened long before the NSA revelations and I think that shows that the Gripen has things that speak for it on its own.

[1] http://www.defenseindustrydaily.com/switzerland-replacing-it...

hcarvalhoalves 3 days ago 2 replies      
I'm Brazilian. Here's my opinion:

The reason they mention it was the NSA is because the government wants to capitalize on the anti-american commotion (and it's working).

The real reason is that Boeing is a competitor to Embraer, so transfer of technology would be limited. Boeing simply had a worse, more expensive offer.

doctorstupid 3 days ago 1 reply      
The U.S. has played dirty against the Saab Gripen before. See the Norwegian section of http://en.wikipedia.org/wiki/Saab_Gripen#Failed_bids
adamnemecek 3 days ago 1 reply      
A while back I came across this wiki article which is relevant


tn13 3 days ago 2 replies      
I don't see how NSA scandal should affect this deal. You dont snap such major deals because you want to insult someone. That is childish. However if Brazil believed that US manufactures might help NSA in planting backdoors, malware into their equipment they could have simply stated it more publicly and done even greater damage to American companies.

The weapon manufacturers + US government nexus has changed world politics over last 50 years. In case of India and Pakistan, US has provided fuel to the conflict just to make more profit from this. Sooner or later the developed world is going to see through the US policy of benefiting from conflict. China is already self dependent in heavy arms manufacturing, India is slow but reaching there. In probably next 20 years, US monopoly on defense equipment will end.

downandout 3 days ago 0 replies      
I consider this to be a good thing. Boeing is going to run to their lobbyists screaming bloody murder. The lobbyists will then ensure that the right palms are greased, the right fundraisers are held, and the right golf invitations are issued. Suddenly, there will be movement on the issue at the highest levels of government.

It is sad that this is how it works, and that it takes evidence of a large corporation losing money to be the catalyst for change. But at least it will work in our favor for once.

sleepyK 3 days ago 1 reply      
The Gripen is simply the most cost effective choice of aircraft....It already uses a lot of American technology, so backdoors probably exist, but it is a newer design than the old airframe of the FA-18, and it's easier to service than the Rafale.The IAF had conducted multiple tests during their MMRCA competition, and Rafale, Typhoon and Gripen came out as a equally matched, with some saying that the Typhoon was an inferior plane.In the end, Rafale won the Indian competition because of intense lobbying by the French, with their Premier paying a visit to India to clench the deal.

Saab was very open for transfer of technology at that time, and I imagine it still is, which would be one of the biggest factors in their favour.There have also been some rumors about the less than stellar performance of the Rafale in recent conflict situations which I'm sure also contributed to the deal.

darkbot 3 days ago 0 replies      
Just so you know, FRA and NSA are best buddies. FRA is the Swedish equivalent to NSA. http://www.svt.se/ug/fra-part-of-top-secret-hacker-project
comatose_kid 3 days ago 0 replies      
In b-school, we talk a lot about political risk - mainly in terms of emerging economies. The US government's actions are resulting in events that will heighten investor perceptions of political risk here too.
ascendantlogic 3 days ago 0 replies      
Good, this clearly isn't going to change because of moral reasons. The only way the US government is going to change direction on this is if it hurts them where they really care, which is "their" pocketbooks. "Their" in quotes because really it's the pocketbooks of the companies that give them millions to re-elect them.
jusben1369 3 days ago 1 reply      
Sounds like Brazil went with the low price leader (French comments were interesting) and didn't miss a chance to stick it in the eye of the US with a couple of anonymous quotes. If you follow the other logic it's pretty depressing "Yes, you had the better technology and were the preferred choice but we went with an inferior product because of spying and no that wouldn't make us feel really stupid if we get into a war with a neighbor who outguns us in the skies because they have better product at least we stuck it to the US in 2013!"
neves 3 days ago 1 reply      
Mirian Leito is anti-governist and one of the main economical commenters of Brazilian media. She says that it was the NSA that kept Boing off the deal: http://oglobo.globo.com/economia/miriam/posts/2013/12/18/com...
Havoc 3 days ago 0 replies      
Well this is interesting. Everyone including the Americans are up in arms about the NSA thing....right up until it gets blamed for a lost bid. Some weird psychological bias at work here though I can't quite put my finger on it.
facorreia 3 days ago 0 replies      
In other news: "Army officials claim that their ammunition stocks are going to last for just one hour of war"



senthilnayagam 3 days ago 0 replies      
India snubbed America in 2011 by not giving the 11 billion $ fighter jet deal, even though Obama lobbied for it.

Bad US behavior does impact their business . Expect similar action for the Indian Diplomat arrest case

sebcat 2 days ago 0 replies      
Sweden sent five JAS39C Gripen to Libya as a part of Operation Unified Protector in 2011. I was told that they performed well in the surveilance role with their "spaningskapsel" (surveilance capsule?), providing intel to the coalition. If anyone has any insight in how well Gripen as a platform performed during that op, please share.
Mikeb85 3 days ago 0 replies      
While it's a good opportunity to take a political jab at the US, the F-18 was never a contender.

Both the Rafale and Gripen are much better choices. The Gripen especially, it's probably the best performing plane per dollar in the world - and has a lot of advantages besides sheer performance...

msantos 3 days ago 0 replies      
As the article clearly says, this was an off-and-on deal rolling for years.

"Fan fact" the Brazilian government has been seating on this project to renew the aging Air Force's fleet since 1994.

And in 2001/2002 the contenters were (in no specific order):

    - Sukhoi Su-35    - Eurofighter Typhoon    - General Dynamics/Lockheed Martin F-16    - Mikoyan MiG-29    - Saab JAS 39 Gripen    - McDonnell Douglas/Boeing F/A-18 Super Hornet    - Dassault Rafale

internalaudit 3 days ago 0 replies      
The lavabit case warns against using proprietary American software or services that use it or simply cloud services located in the USA. We know that the NSA will issue a gag order and demand that the software or service provider installs backdoors without telling his foreign clients. If US-based technology companies want to be considered as potential candidates, they will have to surrender the entire source code for the software and the full design specifications for the hardware, and pay for non-American experts to fully inspect it. Otherwise, no foreign company in their right mind will buy their gear any longer. The NSA-inspired breach of trust pretty much signifies the beginning of the end for US-originated technology exports to the rest of the world.
GigabyteCoin 3 days ago 1 reply      
This is sickening. I live in Canada, and this directly affects a friend's family of mine considerably.

Both my friend and his father are full time factory workers at a company called "Goodrich". They machine landing gear primarily for Boeing jets.

This means less available-overtime at the very least (which many of the workers rely on), and possibly lost wage increases in the future. Who knows.

ddade 3 days ago 1 reply      
Whatever Brazil loses in capability, Rouseff gets back in her relations with her neighbors. I guarantee there's isn't a head of state in South America that hasn't sent her an 'ataboy. Brazil even further establishes itself as the country that matters in South America. That's worth 36 planes that will never fire a shot in anger anyway...
gverri 3 days ago 0 replies      
As I remember the F/A-18 was always considered a front runner for political reasons (pressure). It caused a lot of commotion among those who really understand about aeronautics.

And it's clear that the last choice was a political one also.

caprad 3 days ago 0 replies      
> A U.S. source close to the negotiations said that whatever intelligence the spying had delivered for the American government was unlikely to outweigh the commercial cost of the revelations.

This to me is the most interesting quote. Although vague, you just have to wonder how much of this spy data goes to companies? Anyone can understand that the US has an interest in maintaining the importance of their own corporations around the world.

atmosx 3 days ago 0 replies      

I am thrilled to read incredible insightful comments in posts like this. HN intrinsic value is incredible.

yononabike 3 days ago 0 replies      
perhaps Brazil is just growing into its own. The BRIC countries are all maturing, and perhaps, with that comes a more independent - non US dependent - stance.
brosco45 3 days ago 0 replies      
The end of US tech dominance is at hand.
drewblay 3 days ago 1 reply      
Didn't Saab go under? Or was that just their automotive division?
bananacurve 3 days ago 0 replies      
This is fodder for wankers. Delude yourself if you like, but it only strengthens America.
wil421 3 days ago 5 replies      
That's fine as long as we keep Lockheed planes to ourselves. Nothing beats the F22.
NSA Coworker Remembers Edward Snowden: "A Genius Among Geniuses" forbes.com
353 points by mzarate06  6 days ago   170 comments top 15
Theodores 6 days ago 9 replies      
Snowden differs from many of the whistleblower ilk in that there is nothing to dislike about his character (yet). The media have not dished any dirt, none of his friends/family/ex-lovers have came forward with anything untoward about him and he hasn't shown any signs of being deluded.

Even if you try your hardest to 'believe', a lot of whistleblowers have been deluded one way or another. They can be overly indoctrinated in their 'mission', so, whilst bringing to light useful information they have also been a bit keen to believe the propaganda that goes with The War Against Terror, e.g. Coleen Rowley. They can also be deluded in their importance, to be less than convincing, e.g. Sibel Edmonds. They can also fully jump the shark, e.g. David Shayler. Then there is Assange, 'deluded' in my opinion for thinking leaks could be monetized.

Unless I am missing something, Edward Snowden has taken a stand for truth and not allowed his character to be compromised in any way whatsoever. He has not made any mistakes, there is nothing where you could think he could have done better. Am I being deluded in thinking this?!?

herbig 5 days ago 2 replies      
I like how they say he "cheated" on the entrance exam to the NSA by stealing the questions and answers from their servers, as if that doesn't just make him more qualified for the job..
tootie 6 days ago 4 replies      
The fact that the NSA needed help to setup Sharepoint fills me with confidence that they have no idea what they're doing. I'm guessing the password to the call log metadata is on a post-it note somewhere.
fit2rule 6 days ago 1 reply      
If there is one thing that we should all be taking away from the Snowden episode, it is the fact that all human activities are utterly arbitrary. We decide to live in a free society, and then we do the things necessary to live in that society as we have defined it should be.

The definition keeps changing. One minute, its just not a free society unless you can keep slaves, the next minute its not a free society unless women vote, the next .. well, you get the point. Society is only as good as it declares its intentions and then carries them out; nowhere, alas, in the entire miasma of American law, is there the requirement that one has to always try their best to do well, and to operate on the principle of the greater good - in face of all opposition.

This too, is arbitrary, and the point where it becomes reality instead, is when an individual voice in the crowd stands up and says "this is how things should be!", gaining a little more volume than everyone else, and getting a bit more agreement, in the face of all the worlds cannibalism, that it might be good to cook things slightly differently.

Snowden, and others out there working in their own, utterly non-arbitrary ways, are always going to be necessary to remind us that just when you think you are safe, because status quo, the new safe realm is the as-yet completely unexplored ..

ww520 6 days ago 2 replies      
It's sad that keeping a copy of the constitution is seen as a sign of eccentricity.
Edmond 6 days ago 7 replies      
Nothing in that piece to suggest Snowden was a "A Genius Among Geniuses"...on what basis does his genius rest? AFAIK there is no record of Snowden doing any kind of work out there that'll suggest he knew anything about computing security.

It seems people have forgotten that there are a ton of freely available computer security tools out there that any body can take and do a lot of damage with.

kushti 6 days ago 1 reply      
The difference between Snowden and other NSA employees is that Snowden is the real U.S. patriot, not just government worker.
soulrain 5 days ago 0 replies      
If you can't put the veracity of the revelations of Snowden on trial I guess you attack his character and/or means.

The NSA is in a lose, lose situation. They are painting Snowden to be an idiot...an idiot they were dumb enough to hire and allow to revamp major system. Oh but he cheated on their test to get hired! If the NSA cannot secure a test what can they secure? Oh but a comp sci guy was quirky and eccentric! Ya well maybe tell ole' Keith not to recruit at DefCon what kind of people are you trying to hire?

The idea that there is mass data store somewhere and it will not be utilized for say insider trading or blackmail is naive to say the least. If Snowden had access so do many, many others and I am sure they tell themselves they are good people but human nature is what it is... What weapon, and mass info is indeed a weapon, has ever been created and never used especially a stealthy tool which can always be denied being used hidden behind secrecy and patriotism?

salient 6 days ago 0 replies      
With great power comes great responsibility. I'm glad Snowden saw it that way, too. Same goes for William Binney who was a higher-up in NSA, and also in charge of creating some of its most important/dangerous surveillance software, before he decided to become a whistleblower.
tamersalama 5 days ago 1 reply      
Something tells me that due to Snowden's leaks - nothing will ever get accomplished at the NSA. Not anymore. Imagine of all the additional security and authorization measures that they will add. Imagine how this would be a hurdle in both day-to-day and new projects.
nexttimer 5 days ago 1 reply      
> I wont call him a hero, but hes sure as hell no traitor.

No hero? What does it take for you then?

Actually, he's not a hero, he's more like Jesus of our times, giving away his (perfect) life for us (who - of course - don't even appreciate his sacrifice, let alone act).

lafar6502 5 days ago 0 replies      
I suppose they're trying to persuade us that Snowden is a superhuman, and only his superpowers allowed him to get access to all the information. It has nothing to do with incompetence of his coworkers and bosses, nobody could have prevented that and it's nobody's fault.
siliconc0w 5 days ago 0 replies      
The problem with this article is the author has no idea what is actually a genius security/cryto/computery act. Lazy reporting.
batgaijin 4 days ago 0 replies      
I bet he knew more acronyms than anyone
kriro 6 days ago 0 replies      
Seems like the source for this article was male.
The NSA: An Inside View lorensr.me
345 points by lorendsr  6 days ago   310 comments top 100
jonknee 6 days ago 8 replies      
Interesting to get a look at what it's like to be inside the bubble. It's compartmentalized enough that the individual actors can justify their actions by the assumed competence and benevolence of the others.

> I didn't test it, but I'm sure there was automated analysis that prevented or flagged use of US selectors.

The mental leap here is subtle, but substantial. Since I have been told I can't use US selectors , I assume the system enforces this. As such, US citizens have nothing to worry about. However, in the immediately previous paragraph, he noted:

> one employee spied on a spouse

So much for automated analysis, besides not being able to filter out US citizens' data it can't even filter out an employee's direct family. But there's no need to worry citizen, the NSA has a very high-quality workforce.

In the NY Times this morning was a piece noting that the government has concluded they don't know what files Snowden took with him (http://www.nytimes.com/2013/12/15/us/officials-say-us-may-ne...). The most technologically advanced intelligence agency in the history of the world and they have no idea what files were electronically taken by one of their own. One of their own who passed the background check by the way--I don't know why the OP is so enamored with the polygraph.

sedev 6 days ago 3 replies      
This reads like it was penned by someone who's never heard of the Stanford Prison experiment or Milgram's research. When I read "I have a very high opinion of my former coworkers ... NSA employees are the law-abiding type ... You take a long automated psych test that flags troubling personality traits," I take away "the NSA is full of the kind of person who won't look at the big picture, who will follow orders without exercising critical thinking, and who can be counted upon to be a Good German."

The problems that the HN crowd (speaking broadly) has with the NSA and related entities, are systemic problems. They are not about, "is act X legal or not," they are not about "was this particular incident harmful or not." They are about root of the thing: about the high-level agenda, about the strategies, about the ideas. It does not in the least address these concerns to say "oh, my coworkers are fine folks, we work hard to obey the law, there are scary people out there!" This says nothing to the counterarguments of "we shouldn't have to trust you" (really, you could say that the field of cryptography is about replacing situations where you have to trust a human with situations where you only have to trust math), "the law itself is a problem," and "you haven't proven that you are doing more or better compared to other ways we could push back against scary people."

As with any government agency, the more they insist that they must not be held accountable, the more accountability we should jam down their collective throats. The first sign of someone who can't be trusted with power is that they ask for more of it.

kabdib 6 days ago 3 replies      
"Even if you are not a citizen of the Five Eyes, you shouldn't be worried about your data being viewed unless you're involved with a group of interest, such as a foreign government or violent organization."

Huh, so:

- My best friend's dad was a spy in the CIA

- During the 70s and 80s my dad worked with Russian scientists (also ones from Poland and other Communist Bloc countries). Ecology stuff, mostly.

- I've been in "interesting" circles in the crypto arena, and know people who are almost certainly under surveillance.

So, how likely is it that my email is read, that my phone records are looked at, and so on? What are the chances that I'll have trouble the next time I cross a border or try to board a plane? One percent? Fifty percent?

Am I going to get my Name on a List because I've said that we need to stop allowing the NSA to build more data centers? That I think that Dianne Feinstein needs to be removed from office?

I don't do anything that interesting and my life is quite frankly pretty boring; my personal concern about any damage from someone looking at my emails to Mom is small. But I'd still like the government to get a lot smaller in this area because I'm afraid of what things will look like ten years from now, when data mining the innocuous stuff you did fifteen years earlier gets you Special Treatment at those DUI stops.

The "developed capacity equals intent" bullshit works both ways.

Zigurd 6 days ago 5 replies      
Is this the best defense of the actions of NSA employees publicly available?

He spends a lot of time denying pervasive surveillance puts us in a panopticon where the FBI and other LEAs can observe everything we do. And never mentions parallel construction once.

He tries to justify a Cold War sized, and then some, security state by invoking North Korea.

This is a big bowl of very weak sauce.

The director's standard of candor is "least untruthful."

I really don't care what a mid ranking employee says about what the NSA will and won't do. EVERY revelation where people in this forum have given the NSA benefit of a doubt in the form of "they could, but they wouldn't" has max'ed out at "would do, did do, and trying hard to do it more" once more revelations have emerged.

The NSA can't be trusted with what it has.

mercurial 6 days ago 0 replies      
First off, congratulations for coming forward and giving what sounds like a honest account of your experience at the NSA. You haven't chosen the easiest forum to air your views, and that takes courage.

However, I can't disagree more with your views. You don't mind if [your] emails are copied to an Agency database and likely never read and because from a technical standpoint it would seriously impair our ability to spy if we couldn't gather everything. Really? You may be familiar with a certain Richard Nixon. How would you feel if a similar character came into power tomorrow? Imagine all the wealth of information at hand. All this... without independent oversight. The only thing you need is to make sure a second Snowden comes forward to explain how you're spying on your opponents. And I can't even begin to imagine how much this juicy information means in terms of economic intelligence. Of course, you cannot push this angle too much, because it would mean the end of the cooperation with your partners. This wonderful agreement you have to keep the free world safe. Thanks, but no thanks. I don't want security at this price.

History is littered with examples of power without accountability. And we don't need to go very far... just read any history book about the CIA. I'm sure their personnel is mostly composed of law-abiding patriots. This ends up the same way anyway: coups against democratically-elected governments. Drugs. Assassinations. Torture. And don't tell me that times have changed. The Guantanamo inmates are laughing at you. The Bagram inmates are laughing at you. Even John Yoo is laughing at you.

And that's only looking at it with the eyes of an American citizen, which I'm not. But in the end, what difference does it make? NSA, GHCQ, DGSE... Aren't you all cut in the same mold? You certainly sound like you believe in what you are doing. I'm sure STASI agents did as well, but they were never this successful.

dmfdmf 6 days ago 5 replies      
Translation: Trust us, we are the good guys.

This blog post does nothing to answer the fundamental questions that the Snowden leaks have raised. This man basically argues that, with few exceptions, everyone that works for the NSA is a true American and a patriot who only has your interests at heart and what is a little spying amongst friends anyway. Follow that with some scary hints about cyber war with nuclear responses to further raise the stakes (and the fear) to justify their dragnet surveillance police state. This man is a moron if he can't see that constitutional protections were not created to protect us from good people but bad people who can gain control of such a system in the future.

Moreover, if what he says is true that we are facing real dangers then the government has the obligation, in a free society, to reveal these threats and explain what they are doing about it. The method of using such secret threats as a basis for increase police powers and (implicit) suspension of constitutional rights is not proper for a free society.

If the result of the so called "war on terror" is a gutted and shredded constitution then I'd say the terrorists have won.

Edit: Apparently Loren is a man, Sorry.

notnsa 6 days ago 0 replies      
> I am an American patriot.

The author may believe he or shes a patriot. I disagree. I dont believe someone who acts to subvert the Bill of Rights which states

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

is even remotely close to being a patriot.

> Many are concerned about the NSA listening to their phone calls and reading their email messages. I believe that most should not be very concerned because most are not sending email to intelligence targets.

> Email that isnt related to intelligence is rarely viewed, and its even less often viewed if its from a US citizen.

Rarely is pretty meaningless. The NSA has repeatedly tried to compare the number looked at with the number of intercepts. Of course theyre only looking at a tiny percentage. But if I were to only steal one-in-a-billion dollars in the US or only kill one-in-a-million people, Id still be doing something immoral.

> Every Agency employee goes through orientation, in which we are taught about the federal laws that govern NSA/US Cyber Command: Title 10 and Title 50.

Yet evidence seems to show that they've willfully found ways to interpret the laws in ways that the authors of the laws think is illegal.

> We all know that it's illegal to look at a US citizen's data without a court order.

But the NSA has a special non-adversarial court that rubber-stamps whatever it wants. (And it still happened)

> I use the term "look" deliberately: the Agency makes the distinction that looking at data is surveillance, while gathering it from locations outside the US is not. We gathered everything, and only looked at a tiny percentage of it.

The problem is that the 4th Ammendment makes no such distinction. They were wrong in collecting it in the first place.

> I am okay with this distinction both because I don't mind if my emails are copied to an Agency database and likely never read and because from a technical standpoint it would seriously impair our ability to spy if we couldn't gather everything.*

He may not mind, but many other people do. I respectfully ask that he, Mr. Clapper, and Gen Alexander give us all their data in case we later do find what they were doing was illegal.

> The Agency is an intelligence organization, not a law enforcement agency.

> The NSA copy of my emails won't be viewed by police or FBI investigating me about marijuana use, for instance.

And yet, per Reuters


   A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.   Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin - not only from defense lawyers but also sometimes from prosecutors and judges.
> The NSA copy of my emails will only be viewed if the Agency can convince a judge that I might be a foreign agent. And the judges aren't pushovers.


During the 25 years from 1979 to 2004, 18,742 warrants were granted, while just four were rejected. Fewer than 200 requests had to be modified before being accepted, almost all of them in 2003 and 2004. The four rejected requests were all from 2003, and all four were partially granted after being submitted for reconsideration by the government. Of the requests that had to be modified, few if any were before the year 2000. During the next eight years, from 2004 to 2012, there were over 15,100 additional warrants granted, with an additional seven being rejected. In all, over the entire 33-year period, the FISA court has granted 33,942 warrants, with only 11 denials a rejection rate of 0.03 percent of the total requests.

> They wont spent time on my private love letters.


> That security we had is gone. North Korea has nuclear weapons and is threatening to fire them at the US.

How does spying on Americans help?

> Reality should enter your cost-benefit analyses.

I totally agree.

> This essay was deemed UNCLASSIFIED and approved for public release by the NSA's office of Pre-Publication Review on 11/21/2013 (PP 14-0081).

Somehow, I have a feeling that opposing points of view wouldnt find much an easy clearance.

mtgentry 6 days ago 3 replies      
No offense to OP, but this reads like propaganda to me. It feels like someone at the Pentagon realized they weren't winning the war of the minds of hackers, so they encouraged some of their own to blog about their experiences.

I hate to sound like a tin hat wearing conspiracist. I really do. But I wouldn't be surprised if there was some sort of concerted effort by the NSA to encourage a dialogue with hackers on platforms like HN.

Sorry for the paranoia OP. Glad you enjoyed your time at the NSA.

leokun 6 days ago 2 replies      
These guys just don't get it. They're always saying the same thing "we don't want to look at it."

I want to scream "well maybe someday you will, and then you'll have it collected already."

What a dense mind, and I am not all inclined to insult people in fact I hate it, but in this case it is well deserved.

secthrowaway 6 days ago 3 replies      
I can confirm much of this article. (A couple years ago I provided some comments here https://news.ycombinator.com/item?id=3296691)

There's lots of condemnation of the poster, and the NSA practices and some of the murkier parts of this article. I thought I'd tip in with some explanations as possible while staying outside of anything classified or naughty.

jonknee: https://news.ycombinator.com/item?id=6910978

- "It's compartmentalized enough that the individual actors can justify their actions by the assumed competence and benevolence of the others."

It's compartmentalized a bit more than the OP lets on for mostly security/separation of concerns/need-to-know reasons. For example, a Air Force analyst who is cleared to view TS//SI material won't have access to the NSA systems directly. Some of the NSA systems have external (Intelligence Community (IC)) facing equivalents that omit quite a bit of the information that less scrutinized IC analysts shouldn't have access to. w/r to the information the NSA collects, NSA employees and contractors are held to stricter standards about how that material is used and treated. An analogy, a minor commits a crime and his record is sealed. The local court employees who handle the record, the judge etc. have really nothing that prevents them from leaking that information to an overzealous cop or lawyer or some such other than the standard to which their held for their job. It's more or less the same thing with the NSA.

> The mental leap here is subtle, but substantial. Since I have been told I can't use US selectors , I assume the system enforces this.

Actually, one of the higher standards the NSA employees are held to, and I believe they sign something to effect is that it's outright illegal for them to do so and even one misuse could result in loss of employment, clearance (a death sentence in IC heavy employment areas) and possibly time in prison as a felon. This is taken very seriously and I've never known an NSA employee to not treat this rule and US citizen data as radioactive to them.


> Definitely a bizarre mix, I thought it was a parody a couple of times. To combat the threat of nuclear war with the completely isolated totalitarian state of North Korea we must create and store copies of all global communication...

It's easy to generalize, and if the world worked as simply as the model you propose here, then things would be much better for everybody, but it simply doesn't. For example, to uphold various sanctions regimes, by law, the U.S. must know if a business has connections two hops out that are linked to any bad activity. For example, how did Kim Jong Il buy all his whiskey? It's outright illegal for a U.S. company to sell to the North Korean government. Okay, so they sell to an overseas distributor who then sells to the North Korean government. Turns out that's illegal as well and the government must take action to not allow the U.S. whiskey maker or the distributor to operate in the U.S. any longer. Okay, so the whiskey make checks out their distributors finds one who doesn't sell to NK, but one of their customers does. Same deal, it's illegal for anybody in that chain to operate in the U.S. After that, the chain becomes so long it's not worth looking into and Kim Jong Il was eventually able to get his whiskey.

Just talking whiskey and North Korea here, but you can guess it goes for all kinds of goods and countries under various sanction regimes. So how do you propose things should be collected? Collecting only on North Korea gets you nowhere, it's everybody else who may or may not be supplying whiskey to the Norks that makes things much harder and requires a much larger collection apparatus.


> It's helping diplomats illegally snoop on our allies.

Good! Our allies are most definitely snooping on us! Spying and espionage is sometimes called the second oldest profession for a reason. There's been no time in history that two countries aren't doing a bit of spying on each other, most especially at the diplomatic level.

rst: https://news.ycombinator.com/item?id=6911150

> In fact, it's been known for months that the DEA receives intercepts from the NSA in such volume that they have an office devoted to handling them (the DEA's "Special Operations Division").

This is a problem. In general, the work the IC does in collection does not hold up to LE scrutiny. Having worked on both sides of the fence, LE is both more difficult in some cases and easier in others to work in. For example, you need a warrant to gather phone records in LE, but you can share those records more freely once you have them. In the IC the opposite is true, you can pretty much get whatever you need, but it's virtually useless if a criminal approach is taken. That's why it's often simpler to blow up the target then to arrest and try them. Parallel Construction is an investigative focusing approach that saves LE from getting collection warrants that go nowhere. The IC approach is to find the connections or whatever, then help LE figure out where to focus their warrant-based approach in doing the same collection from their side. Scrubbing U.S. Persons IC data and reusing it directly for LE is highly illegal for all of the participants involved.

revelation: https://news.ycombinator.com/item?id=6911022

> Well, following his explanations, you can fail the polygraph and just do it again. The cost of failure is zero, so really just keep trying.

Actually the penalty after enough tries is no clearance which means no job and a permanent record that you were denied a clearance...which pretty much deep sixes any attempt in the future to get one. In some parts of the country, like the Washington D.C. area, that's virtually a career death sentence.

kabdib: https://news.ycombinator.com/item?id=6910969

> My best friend's dad was a spy in the CIA

> During the 70s and 80s my dad worked with Russian scientists

> So, how likely is it that my email is read, that my phone records are looked at, and so on? What are the chances that I'll have trouble the next time I cross a border or try to board a plane? One percent? Fifty percent?

Assume it is collected but probably not read, but not for the reasons you gave above. There's just simply not enough manpower to read everybody's email, and it's a useless thing to try to accomplish. Now suppose one of the guys you email also emails somebody who's "nefarious" in some way. Then yeah, maybe your email is read. And if all you talk about in your emails are things that don't involve an armed insurrection against the United States you'll probably be filed into the "don't give a shit" bucket and the analyst will move on.

A common thread here is that everybody who's worried about their email being read seems to assume that whatever they're doing is important enough for it to get read. Trust me, it isn't.

(continued next comment)

csandreasen 6 days ago 1 reply      
I see a lot of negativity in this thread, but I think a lot of folks should stop for just a moment and consider the opportunity that's presenting itself: a former employee of the NSA is posting online about his experience and is an active member of HN. He doesn't appear to be in a position where his continued employment with the government would be an issue (he's apparently got his own business), so he doesn't have to worry about talking frankly about his experience, positive or negative (although I'd image that he's still under obligation not to reveal anything classified).

Just about everything we've seen about the insides of the NSA have come from only one source. Snowden was only employed there for 3 months, and has publicly stated that his primary reason for seeking employment there was specifically to gather information on NSA surveillance systems[1] - in order words, his opinions on the NSA were solidified before he joined. To top it off, Snowden is not available for interview.

I'm not even saying you're required to believe him. I do, however, think an insider's perspective has been sadly lacking from most of the conversation that's been going on. I don't expect journalists to have a complete understanding of all of the details regarding these programs and systems that have been leaked - they've never worked with them.

So, lorendsr, thank you for your contribution. Don't let the flat out negative comments get to you. I hope your post encourages others with a background in the NSA to share what parts of their experience that they can. Everyone else, please take advantage of this opportunity to ask questions, gain any insight that you can and don't just dismiss him outright.

te_chris 6 days ago 6 replies      
Thank you so much, kind American intelligence guy, for having the grace to not look at USA citizens emails, all the while not even mentioning foreigners, who should apparently just lie down and take it.
bazillion 6 days ago 3 replies      
I spent four years in (2 years longer than the OP), but worked on a substantially broader swath of intelligence areas and in much more policy-oriented positions, and I can tell you that the vitriol that's been displayed on HackerNews is incredibly tiresome to see, because you are all missing a very key point about how the NSA conducts business (which I've pointed out in previous posts).

The key point is this: the NSA does not create policy for its operations. Those are written into law through executive, legislative, and judicial processes, and the three should theoretically balance each other out, which the public currently deems as not doing a sufficient job of balancing. The NSA acts as an instrument -- the employees (to include the director) are directed through a system of reporting and feedback, and determine how best to act in order to obtain more positive feedback from customers of the reports.

This isn't some theoretical system I'm talking about -- it's a database of reporting with attached feedback. The feedback shows who consumed the report, whether or not the party found it useful, any enclosed comments about the report, and how high up the report went. If my report made it into the president's daily brief and more information about the reporting subject is desired, that will show up in the feedback, and thus I have my "direction".

How does this translate into real world operations? Here is a theoretical conversation between Mr. Policy and Mr. NSA:


Mr. NSA: Here is some information I found about country X, which might indicate that they're conducting operation Y.

Mr. Policy: I would like to learn more about operation Y, and country X's intentions to expand it.

Mr. NSA: I don't currently have the capability to expound upon operation Y, unless you grant me the authority to access datastore Z.

Mr. Policy: We took a vote, and you have access to datastore Z on a thirty day trial basis, but then must shut down operations if nothing of value is found.

Mr. NSA: Here is the information you requested about operation Y and country X's intentions.

Mr. Policy: This information was not useful in directing policy, therefore datastore Z is to no longer be accessed.


From this, I think you can extrapolate my point. Do you blame the scalpel for being too sharp, or the surgeon for handling it incorrectly?

blcknight 6 days ago 0 replies      
"We all know that it's illegal to look at a US citizen's data without a court order. I use the term "look" deliberately: the Agency makes the distinction that looking at data is surveillance, while gathering it from locations outside the US is not. We gathered everything, and only looked at a tiny percentage of it. I am okay with this..."

This is more perverse NSA interpretations of the law.

Collection is the crime.

It does bother me that the NSA asserts a right to hold copies of my GPG-encrypted messages indefinitely. It bothers me more that my web traffic, address book, or phone metadata ends up in a government database even if only temporarily.

I don't care if Google's computers were abroad or not, but they belonged to an American company.

The United States government penetrated the network and intercepted the communications of an American company. That's one of the most egregious violations of the 4th Amendment that the American government has ever committed. Don't pretend this is something that is right.

The NSA had no legal right to spy on me, and they did -- even if you say it's likely no one looked at the data. I don't care. Collection is the crime.

lispm 6 days ago 1 reply      
Hey, and I'm a German patriot.

If the US citizens like to be spied on by its own agencies, fine for me.

As a German citizen I'm not so happy that German citizens, politicians and companies are targets of spying of unprecedented scale and depth. As a consequence we (and others, too) will have to scale back the use of US hardware, software and services. Privacy, data security, confidentially etc. are not provided. A German company would be stupid to store data on servers reachable for US industrial espionage. It's really tough to avoid that - given that the US surveillance and spying is also done directly in Germany in a large scale.

Additionally we should also deny the US the capability to plan their targeted killings from Germany - for example from the US military central command for Africa - which is located in Germany. From there strikes with armed drones are planned and controlled. Unfortunately the German government does not seem to be willing and/or able to prevent that...

alan_cx 6 days ago 2 replies      
"I am an American patriot."

If anything scares me, its that. I know what he has written straight afterwards, but it still makes the hairs on the back of my neck stand up. Its all very well the author trying to define the word to suit their own purpose, but Im afraid its not that easy to get others to accept it. Try using your own definition of the word "Nigr", and see how that flies.

"Patriotism to me simply means that I care about the US and its future."

Yeah, and that is the problem. What is meant buy the "US"? The land on a map? The political system? The people who are also "patriots" and claim to care about this "US", and its future, yet do evil? Do you care about them? Every one uses the word patriot to justify their actions, good or bad.

That the author misses this, but still insists on still using the word suggest a dangerous and blinkered ignorance. TBH, it stinks of years of gentle brain washing. I'll never forget how Bush Jr used the notion of patriotism to garner support.

Im sure the author think he is well meaning, but this honestly reads like loyal, patriotic PR.

Stal3r 6 days ago 0 replies      
I am horrified by this essay. It's overwhelming how much disturbing information is in here. I am deeply saddened that someone so young has had their beliefs so strongly influenced.

Some of the most disturbing passages:

> it would seriously impair our ability to spy if we couldn't gather everything.

It is saddening to hear someone so young say this.

> I am an American patriot. Patriotism to me simply means that I care about the US and its future.

How often is the word "patriot" used internally in the NSA? Who is building up this false hero, blind to his own oppression? A synonym might be a "justifier" or "oppressor" or even more simply "someone who has not yet been oppressed."

The rest speak for themselves:

> The NSA copy of my emails will only be viewed if the Agency can convince a judge that I might be a foreign agent.

> The vast majority of unauthorized retrievals of US-person data are unintentional.

> ...the rare cases of unauthorized data retrieval were ... regular employees illicitly viewing communications for personal gain

> XKeyscore ... was an analyst tool that I had access to.

> NSA employees are the law-abiding type.

I am scared to respond to this article. How easily could I be labeled a "foreign agent"? Does criticizing the system mean I'm working for another country? Did the NSA try to demonize Snowden as working for the Russians? Everything you have written has only increased my fears. To hear the blind loyalty to the system that comes from the NSA's own employees means that nothing is safe.

I hope that later in your life, as you grow as a person and a citizen, you see the evil in the system you colluded with, and experience a deep regret about your actions. The same regret that lay citizens feel when we learn our tax dollars have built a criminal entity. The regret that we did not try harder to stop it, to read up on laws like the Patriot Act and protest more. The regret of our collective ignorance that has built the tool to intrude on everything we do.

DigitalSea 6 days ago 1 reply      
Stockholm syndrome?

This guy is essentially validating the actions of the NSA because he calls himself a patriot and even admits he doesn't care about other countries other than his own: The United States of America. As an Australian I find this kind of attitude disgusting and I think it highlights a massive problem within the agency itself.

While I am somewhat more lucky than others being in a country that is part of the Five Eyes agreement, what about those not in a country that has signed the agreement? It doesn't make me feel any safer because it seems the concept of borders and rules in the intelligence game do not exist.

There is a lot of downplaying, "but your data is in a big database and nobody will most likely ever look at it", "only the NSA can see this data" while this might be the case, if for whatever reason I found myself in a position of power, this kind of harvested information could be used to blackmail or destroy me. Just because it's not being used now doesn't mean it won't be used later.

While this is probably the only validation of the NSA's actions I can find that is somewhat backed by someone with experience working for the agency, it honestly sounds a little too safe and doesn't really address any of the concerns people have.

andrewcooke 6 days ago 1 reply      
The NSA is not a law enforcement agency.

I am not one either. But I still have to obey the law.

Maybe that's not what's implied by that statement? But if not, what on earth is meant (more exactly, what was the author's intent in saying something that seems obvious and irrelevant if taken at face value; what am I expected to infer?)?

princeverma 6 days ago 0 replies      
I seriously don't understand if OP has written this article in satirical sense, because to me there is no logic there.

I am a foreign national, I and my company uses services provided by a US company (email etc.), and this gives right to you guys to collect and ready my emails?

tldr; of your article is this:"Oh ! he is a foreigner, fuck him. What he can do? ? He can't vote to get us out of power. So, it's ok and about the persons who can vote to get us out, they can't do anything because we know every little dirty secret of them. Oh ! one more thing, we are so good we promise we don't look at these dirty secrets. Although cases where a employee uses this 'secure' system for personal use, ya that do happen. Trust Us."

a3n 6 days ago 0 replies      
<lie type='omission' subject='parallel construction'>

The NSA copy of my emails won't be viewed by police or FBI investigating me about marijuana use, for instance. Law enforcement might get a search warrant and retrieve a copy from Google, but not from the NSA.


mrobot 6 days ago 1 reply      
One thing that always bothers me is the assumption that we dislike the NSA because we're worried about them reading our personal emails and looking at our photos, and.. "you know.. our Instagramming". We should know it's not about anyone going through the process of reading our communications, it's about having automated systems hooked up to them, keeping them, and having the ability to use them. The human and electronic pieces of this system can act on you and change your life, even without you ever knowing about it.

Being hooked up to machines like this is losing a large part of our own power as a check and balance in our own government. We won't do it. If this program is "necessary" to fight terrorism, will i be considered a terrorist if i continue to disagree? What if i become very effective at disagreeing?

I believe that most should not be very concerned because most are not sending email to intelligence targets.

It's not just directly to intelligence targets. Can someone remind me what 3 hops from a base group of 117,000 targets is again? We're not talking about a home handwritten address book, this is linkedin, everyone i sold shit to on craigslist, everyone i've ever contacted. Heads per hop is like 100, at least. Anyway, should that group be concerned?

The Agency is an intelligence organization, not a law enforcement agency.

So what? Just because there's a boundary between the NSA and everyone else doesn't mean they aren't exploiting the same broken interpretation of Terry v Ohio to build systematic unreasonable-unarticulated-suspicion writ-of-assistance privacy violations. We disagree with the principle, not just the NSA. AT&T works directly with the CIA, the CIA works with the FBI, sharing on that side is just a cluster.




And I would prefer a world in which spying was unnecessary. But humanity is not there yet.

No one disagrees that intelligence is necessary. We disagree with being wired up to management and machines that can (and always will) easily make mistakes. Privacy is a right, violating it to feed the machine is already diminishing us.

I refuse to eat your mayo.

SwellJoe 6 days ago 1 reply      
This is why I don't believe the president's assertion about the employees of the NSA being innocent of wrongdoing or anyone's assertion of them being "good guys".

This is apologia for crimes against the world and the American people. This is saying, "If you don't have anything to hide, you have nothing to worry about." This is demonstrably filled with lies and misrepresentations, whether intentional or through ignorance of what the rest of the NSA beast has been up to (but, if he has followed the Snowden leaks with more than passing interest, he would know he's lying in blatant and obvious ways).

I'm sure this article is meant to quell fears about NSA spying practices, but it only makes me more angry and more fearful. It confirms something I suspected but didn't want to believe: The entire organization from low-level analysts on up to the leadership (who will repeatedly lie to Congress to serve their ends) is corrupt and will exhibit little or no remorse even when caught red-handed, and will spread astroturf and refuse to acknowledge that their behavior crosses lines that should have never been crossed by a US agency.

I'm getting close to believing that starting any online service in the United States is unethical, because of what it will do to its users.

droithomme 6 days ago 1 reply      
This article is transparent propaganda.

Author is not a patriot. Author is an enemy of the people.

malloreon 6 days ago 1 reply      
"But I digress the rare cases of unauthorized data retrieval were not polygraph-trained foreign spies trying to infiltrate the Agency, but rather regular employees illicitly viewing communications for personal gain."

There are articles suggesting this is happening many thousands of times per year - shouldn't each of these 'regular employees' be put on trial? They have committed serious crimes.

mcgwiz 6 days ago 0 replies      
TLDR: Don't worry. We have civil liberties orientation. You can trust us.

The author understands their is a misconception at play, but it's not that the public thinks NSA agents aren't upstanding or law-abiding, it's that NSA agents think their idea idea of patriotism is broad enough. It's telling that he dismissed an examination of patriotism, because that's the root of so much discord over civil liberties and national security.

There are two major currents of patriotism in this country. The first is that we take pride in our accomplishments, and we must defend our borders, protect our treasure and lives, and maintain the status quo. The second is more idealistic, that we take pride in having an open (vulnerable, ever-changing) society, and we must defend our democratic identity, promote participation, protect individual freedom, and be skeptical of concentrations of power. The first is practical, easy to quantify (and therefore appealing to a data-thirsty culture). The second is strategic, asks more from the average citizen, and rests on an understanding of alternative forms of society (what is lost when we prioritize security and order over those "inalienable" rights).

Ideally, the NSA would be staffed by patriots of the second type. They'd embrace 'public service' as having deep reverence for the public (not just their physical safety, but their liberties as well), that appreciates the philosophical underpinning of democracy (including it's necessitation of vulnerability and cultural evolution), and that prides itself in taking on their intelligence goals while ardently building checks and balances. They'd never just ask how they can get the information, but how it can be done in a way that proudly upholds American values. With bureaucracy you'll always have some amount of inefficiency and misalignment with top-level goals, but a pervasive culture can go along way.

rahoulb 6 days ago 0 replies      
The key thing that worries me about it is even if no-one reads all those emails that are stored, what if they are mined for data and used to make predictions?

Last.fm can guess the type of music I like about 25% of the time, Google can guess the type of information I'm interested in around 70% of the time (figure based upon potentially ambiguous web searches I do). Neither of those services have very much metadata from me about their respective subject areas.

If the NSA/GCHQ/5 eyes are hoovering up all this metadata about pretty much everything I do online, that's a ton of information to start mining for patterns - whilst legitimately say that no employees are reading it.

What sort of predictions can they make? What's the accuracy of it? When do they start acting on the predictions thrown up by the system? And who polices that?

drcube 6 days ago 0 replies      
>in 2007 the US suffered an "espionage Pearl Harbor" in which entities "broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information."

Man, I would hate if an entity downloaded my information! Poor agencies. But it's probably fine, I mean, those "entities" couldn't look at terabytes of information. It's probably just sitting in a database somewhere. So, nothing to worry about.

muglug 6 days ago 1 reply      
Thanks for sharing your POV. Do you think Snowdon's revelations had any beneficial impact, or is your view of them entirely negative?
doe88 6 days ago 0 replies      
> I use the term "look" deliberately: the Agency makes the distinction that looking at data is surveillance, while gathering it from locations outside the US is not. We gathered everything, and only looked at a tiny percentage of it. I am okay with this distinction both because I don't mind if my emails are copied to an Agency database and likely never read and because from a technical standpoint it would seriously impair our ability to spy if we couldn't gather everything.

I'm not mad at NSA they're just playing their role, they're grabbing everything they can. But, it should serve as a reminder of the goals we should all (civilians) strive for: encrypting everything. I think lot of individuals are working on these problems right now and I'm confident great tools and protocols will soon be created/improved.

edit: downvoted for proning mass encryption, great.

room271 6 days ago 1 reply      
While I do not agree with much of the sentiment, I enjoyed the article.

My question to the OP: even if you believe that at the moment abuses are rare and that your colleagues are trustworthy and law-abiding, does the capability and level of information concern you in terms of the potential for future abuse it enables?

Tarang 6 days ago 2 replies      
Well looking at the end it says that its declassified/published with the NSA's blessing.

If an employee had a contrarian opinion to the NSA would it be declassified like this one?

Its hard to read it and feel that it is balanced or even truthful.

josephlord 6 days ago 0 replies      
It is interesting as a view into the naive and uninformed [1] view of those inside.

I suspect the screening selects for compliance and maybe against questioning authority plus the people applying May self select in that way.

Note that this was approved by the agency and therefore may have been through a filter process that removes other reports with more critical views before publication. (I am not suggesting that this author is anything other than genuine but if it was a critical view could it have been published).

I don't doubt that storing everything helps find threats but the price is far too high, whatever difference it makes.

[1] he hadn't heard of parallel construction - https://news.ycombinator.com/item?id=6910972 he may have deep particular knowledge in some areas but his understanding of the overall agency appears poor.

joelgrus 6 days ago 0 replies      
Hey, I backed that guy's Kickstarter! And now that I read his post I just cancelled my pledge.
CamperBob2 6 days ago 0 replies      
The Agency is an intelligence organization, not a law enforcement agency.

Monstrously disingenuous. The term "parallel construction" apparently means nothing to him.

In 1991 the USSR dissolved and the Cold War ended. The world let out a sigh of relief, safe in the the knowledge that humanity wasnt crazy enough to destroy itself. That security we had is gone. North Korea has nuclear weapons and is threatening to fire them at the US.

I'm missing the part where collecting my email and phone records will help with this problem.

andyl 6 days ago 1 reply      
I don't know if Loren is sincere, or if he's part of a disinformation campaign. Either way, I don't believe his reassurances. I think NSA surveillance is first and foremost a tool to control the American citizenry. The next Martin Luther King, Ralph Nader, or Daniel Ellsberg isn't gonna stand a chance.
wissler 6 days ago 0 replies      
Copy our data without our consent. Lie about it to our representatives. But just trust us.

The ends do not justify the means; on the contrary, nefarious means imply nefarious ends.

gohrt 6 days ago 0 replies      
Note that this blog post has been vetted by the NSA PR office, and so should be taken with the same grain of salt that one takes with all NSA-approved communications, recalling that the NSA has admitted they will lie to Congress and the Supreme Court if it suits their mission.

"This essay was deemed UNCLASSIFIED and approved for public release by the NSA's office of Pre-Publication Review on 11/21/2013 (PP 14-0081)."

aaaahhhhh 6 days ago 0 replies      
Even if we accept that the NSA is comprised solely of benevolent actors practicing perfect discretion, and will remain so for the indefinite future, the mere act of collecting "everything" is an enormous hazard. OP recognizes as much:

CBS reported that in 2007 the US suffered an "espionage Pearl Harbor" in which entities "broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information."

What's to stop this from happening again to the NSA? They couldn't even implement audit trails internally -- there should be huge doubt as to the agency's competence in securing their data.

Also, OP, did you not hear about parallel construction? How do you rationalize your statement that the NSA "is not a law enforcement agency" in light of this?


tripzilch 5 days ago 0 replies      
... the cognitive dissonance is strong in this one.

> I am an American patriot.

> Patriotism to me simply means that I care about the US and its future.

> We all know that it's illegal to look at a US citizen's data without a court order. I use the term "look" deliberately: the Agency makes the distinction that looking at data is surveillance, while gathering it from locations outside the US is not. We gathered everything, and only looked at a tiny percentage of it. I am okay with this distinction both because I don't mind if my emails are copied to an Agency database

That very last bit, is that also a symptom of "patriotism", or more like a justification to tell himself "this was my job, I believe I do right, so my job was right, because it was my job, which is right".

(then again, his ad for "paleo mayo" does show that this person has a habit of buying into beliefs as long as they are backed by sufficiently authorative-sounding sources)

> NSA employees are the law-abiding type. Firstly, the lawbreaking type isn't likely to want to work for the government. Secondly, if they did apply, it is quite unlikely they would make it through the clearance process.

Yeah, actually, "law-abiding" is not really the word I'd describe for the sort of people this process attracts ... More something in between "gullible" and some of the less positive interpretations of "US Patriot".

> While the efficacy of polygraphs has been questioned, and while I'm sure given sufficient training and natural psychosomatic control one could beat them, I think they're fairly accurate. They may yield some false positives (I, for example, initially failed when I said, "No" in response to, "Have you ever given classified information to a foreign entity?" this is before I knew any classified information and had to fly back to DC for a second attempt a month later), but I believe false negatives are rare.

Aahahaha, yes, and so do horoscopes! Can you believe this guy?!

They could have had a psychic in a sufficiently impressive suit "evaluate" him, and he'd still have bought into it.

> Even if you are not a citizen of the Five Eyes, you shouldn't be worried about your data being viewed unless you're involved with a group of interest, such as a foreign government or violent organization.

Whut? So anyone involved with a foreign government, such as their politicians, should be worried.

By extension, all citizens relying on that government should be worried.

Doesn't make sense. But then, I can decide what not to worry about by myself.


> it would seriously impair our ability to spy if we couldn't gather everything.*

> * I am not permitted to say why this is the case, but it is true.

Fine. But the problem is not so much having to take his word for it, it could very well be true. The problem is, your current situation is wrong, very wrong. It obviously needs overhaul, and without talking about the "why", you can't have a discussion about fixing it, either. He himself admits he is unaware of the "big picture"--all the while stating that whatever it is, he's probably okay with the implications.

I'm pretty sure that even if I did know all the things he knows but isn't telling us, I'd very much disagree with that notion.

> The NSA is our best hope in this war. In my mind, the Agencys continued dominance of the Internet is absolutely worth [whatever]

Remember, patriotism doesn't mean he doesn't care about people outside the US, just as long as the NSA gets to dominate the entire Internet.

lucb1e 6 days ago 1 reply      
This is interesting to read, but I have one very important question:

Why is a distinction made between US and non-US people? Why do some systems automatically ignore all US IP addresses?

What makes me a potential criminal, and Mr. Smith not? Why can he read my email without a court order, but not from someone from Nebraska? Why does my physical location, or proxy server for that matter, matter?

I think the only reason is because it's simply in the US law, so it doesn't really say much. It's just one of those things that are the way they are. But then...

why does he keep bringing it up as "you shouldn't be worried because we don't look at data from the US"... if I'm not from the US? Does this mean I should be worried that he is really reading my email if it has certain keywords? I could become an intelligence target because of keywords or activism in certain groups, merely because I'm not using a US-based proxy server?

bane 6 days ago 0 replies      
I'm always surprised about how posts like this bring out the real nutjob part of HN that sort of sits there and lurks dormant waiting to pull out unprovable conspiracies any time something like this gets posted. I'm not talking about the folks who disagree with the OP, or what the NSA does... I'm specifically talking about the rather uncomfortable level of crazy that squirrels out in these "discussions".

There are some posts here so outright loony that I actually feel a bit uncomfortable having an account here.

burke 6 days ago 0 replies      
> I do not believe that their information-gathering powers should be curtailed. Such restriction would not only hinder the Agencys ability to gather intelligence, but also impede its ability to wage cyberwarfare.

Yes. That is the point.

malandrew 5 days ago 0 replies      
One of the most concerning things about the selection process for who gets into the NSA, is that it all but guarantees a lack of diversity of thought within the NSA. There are probably very few people with opposing viewpoints so most projects that would be considered dubious by the diverse population in the US can go completely unchecked within the agency.

For example, the author mentions the following:

    They examine your 127-page Standard Form 86, in which you     include lists of your illegal activities, foreigners you     have worked with or befriended, and where you have lived     and traveled in your life and with whom.
The fact that someone is capable of truthfully filling out such a form is a huge flag that the person has had remarkably little exposure to the rest of the world. They are probably poorly traveled and grew up and lived in places with few if any immigrants. I don't know how someone who grew up in NYC, San Francisco, Washington DC or Los Angeles could possibly ever fill out such a form truthfully or completely. Anyone from such cities would have come in contact with and befriended so many people from other countries over the course of 18-22 years of living in such a diverse metropolis that any attempt to fill out such a form would be incomplete and could contribute to being rejected.

r0s 6 days ago 0 replies      
The gist is that you should not value your privacy if you have nothing to hide.

This principle is absolutely forbidden to be reversed, the secret workings of government agencies are protected by the highest secrecy.

What do they have to hide?

viame 6 days ago 0 replies      
Enjoyed the read, edited by NSA.

On the other note. If you want good mayo: http://www.eff.ca/featured_products.html order from these guys. I am sure they can ship to your door, they do distribute in the USA as well, however, not sure to which cities.

rdl 6 days ago 1 reply      
"People who build security tools" are in the set of people under active monitoring and exploitation by governments. I'm personally far more concerned about China and Russia and others than I am about NSA, but if I were Nadim (who I believe is personally not a target of NSA, but by virtue of Cryptocat most definitely is), I'd be quite concerned.

I was actually waiting for the big reveal in this ... "x, y are good, but Z is not, and is why we have the problems we have now." I guess not having that is why it went through publication review.

glenra 6 days ago 0 replies      
I found the polygraph stuff disturbing. The fact that the NSA takes polygraphs seriously (despite presumably knowing there's little scientific evidence supporting their use and knowing that lots of spies have had no trouble passing them) makes me think the NSA must be full of gullible morons.

Does the NSA weed out polygraph non-believers during their hiring process? So far as I know, the main "valid" use of polygraphs is (a) to trick/intimidate people who believe in them into telling you a more thorough story, (b) to acquire a "scientific" seeming reason to do or believe what you already wanted to do or believe going in.

I don't feel very reassured.

freyr 6 days ago 0 replies      
To summarize:

* He doesn't care if the NSA spies on everybody, because he doesn't care if they spy on him. He have nothing to hide.

* In his experience, the people accessing our data can be trusted. We can extrapolate this to the NSA as a whole. The bad apples are rare.

* Cybarwar is real and dangerous, and we should reevaluate our priorities with this in mind.

cinquemb 6 days ago 0 replies      
Interestingly enough, 60 minutes will have an "Inside View" of the NSA tonight. This just keeps getting better I'll be sure to absorb this message and the probable similar message that will be broadcasted to the masses tonight.

Yeah, buddy, I'll believe you just keep telling me over and over and it will sink in eventually. ;)

Pitarou 6 days ago 0 replies      

1. The NSA only hires earnest, ethical people

2. There are real threats we need to protect you from

3. So everything's OK


I believe the first two of those statements. And if the people at the top were also ethical and earnest, I'd believe all three. But, as Angela Merkel can attest, the people at the top do not respect boundaries.

aaron695 6 days ago 0 replies      
It reminds me of that sketch of the nazis where they realise they are on the baddies side, except op isn't there yet.


People need to realise it's more "All that is necessary for the triumph of evil is that good men do nothing."

And less terrorists and other cliches.

typon 6 days ago 0 replies      
It's quite interesting to me that someone who has worked for the NSA can write such an article and not have heard of William Binney and Thomas Drake's experience with the NSA. Ethical, upstanding people my ass.
w_t_payne 6 days ago 0 replies      
It is really nice to get a coherent, human view from inside the security and intelligence community. To the best of my knowledge, the article reads as an honest and true account of security service culture of integrity and professionalism. Kudos to him, and kudos to his colleagues as well for their restraint and their service.

I am pleased to see him hint at the exposure and vulnerability of the general public to surveillance by third parties, when he describes of the ongoing battle to dominate electronic systems, being waged by various nation-states and criminal gangs around the world. (I refuse to use that horribly juvenile construction "cyber-war").

However, we still have some way to go before we fully confront the magnitude of the problem, and are able to formulate a sensible and coherent response.

Our military forces and security services are rightly part of our response to this vulnerability, but they cannot be the only tool that we deploy. Societies that lean to heavily on their armed forces and security services quickly feel the negative effects of their reliance, no matter how well-intentioned, well-disciplined and professional the servicemen and servicewomen may be.

Civil society needs to step up to the plate also. The problem is difficult, and the response needs to be multifaceted and broad. As engineers, we need to make our systems more secure and more trustworthy - and we need to make tools for the creation of secure and trustworthy systems ubiquitous.

For example, I am writing software for advanced driver assistance systems & autonomous vehicles -- I need to think very very carefully about how I can make my software secure and robust from attack; I need to educate my colleagues about the risky environment that we will be operating in, and together, we need to come up with standards and processes to help us ensure that the software we create minimises the risk posed by malicious actors.

undoware 6 days ago 0 replies      
Sorry lorensr.me. "Trust me, they're good guys" is not an argument, and in the current context, it can only be read as a small piece of damage-control astroturf.

Or rather, the NSA's perfidy has left us with no other safe default assumption, so we have to ignore on sight. The data is tainted. All of it.

rookonaut 6 days ago 1 reply      
Some trendy buzzwords in the title, no relevant information in the post, just opinions,... Imho it's just a disguised advertisement for his kickstarter campaign.
gohrt 6 days ago 0 replies      
Note that this is either an imposter account, or the author themself is mostly unaware of the publicly-divulged NSA abuses -- let alone any non-divulged abuses.


MrQuincle 6 days ago 0 replies      
Nice that you are a patriot and that you are all law abiding types. We need more people that do not ask questions in those positions...
wmt 6 days ago 0 replies      
> I had to make sure that my searches didn't use US selectors, such as a US phone number or IP address.

i.e. "we aggressively spy on all U.S. citizens, but we try really hard not to look at that data."

atmosx 6 days ago 1 reply      
I stopped reading after the patriot paragraph. I don't like concepts that divide people and patriotism is inherently bad for the world. It brings only war and pain.

I love my country but I never met a patriot that could think straight.

anoncowherd 6 days ago 0 replies      
The surveillance's purpose is not to catch criminals or terrorists, as evidenced by the recent confiscation of some NZ citizen's electronics at the airport. He had attended a meeting on mass surveillance, and is therefore considered a troublesome, unharmonious little peasant, and must be kept in check or made an example of. That is the point here. It's about power, and maintaining it through whatever means possible.

The US is showing clear and abundant signs of being a police state - there's simply no denying that anymore. So what does it matter what their rule books say about spying on people, when even the Constitution has been calmly disregarded for years?

"Here are the official guidelines for spying on people! Remember that spying on US citizens is restricted because that would be kind of naughty, but foreigners are fair game."

It's just ridiculous. But again, it's certainly not about catching terrorists. This level of surveillance would make Stalin just shit himself with joy.

sifarat 6 days ago 0 replies      
Got your point son. I am a Pakistani and I know what it means to me. fuck you with love.
dimitar 6 days ago 0 replies      
Data is provided by ISPs and big companies like Google and Facebook.

Now, if you ask someone working for a ISP or Google if they hand over information to anyone, of course they'll say that they don't and haven't heard of someone doing it.

But of course they wouldn't have heard of it, one person with access is enough to rsync or sftp it to the NSA; no need for the others to know about it. They are needed to their jobs with clear conscience. I assume its the same in the NSA on the other side of the 'relationship'.

The same phych screening process the author took probably also selected the guy is doing the abuse.

gesman 6 days ago 0 replies      
So, if I'll meet someone who wanted to work more on personal coding projects and start a company and is making a mayonnaise as his first product - I'll know the guy must be from NSA!


junto 6 days ago 0 replies      
This is something that bothers me:

  Email that isnt related to intelligence is rarely viewed,   and its even less often viewed if its from a US citizen.   Every Agency employee goes through orientation, in which we   are taught about the federal laws that govern NSA/US Cyber   Command: Title 10 and Title 50. We all know that it's illegal   to look at a US citizen's data without a court order.
I can rewrite this to:

  We are indoctrinated to believe that we shouldn't really  invade the privacy of US citizens, and it is highly unlikely  that we might mistakenly or otherwise read your private emails,  however, if you aren't a US citizen then fuck you, you are our   enemy, you have no right to privacy because you weren't born   in the land of the free. Oh yeah, fuck you twice, cos we can.  Ha ha
You know what, fuck you too.

drharris 6 days ago 0 replies      
> Email that isnt related to intelligence is rarely viewed, and its even less often viewed if its from a US citizen

I stopped here. The words "rarely" and "less often" should both be "never". If the answer is not never, congratulations, you just helped ruin the world. Engineers and developers should be using our powers to help the world, not help corrupt governments spy on their own citizens. I only wish there were a way to strip credentials from technical people who aid an enemy so they can never work in this field again.

joelrunyon 6 days ago 1 reply      
> The NSA is our best hope in this war

Is this an inconvenient time to point out that we're technically not in a congressionally approved "war" with anyone?

manish_gill 6 days ago 0 replies      
> Analysts dont care about whats going on in your life. Only until they do

> the Agency makes the distinction that looking at data is surveillance, while gathering it from locations outside the US is not. We gathered everything, and only looked at a tiny percentage of it."

"Cheer up, we're just collecting everything about your private life, we're not looking at it...mostly!"

So, besides a lot of fear mongering about Cold War and Nuclear Weapons (yes it is fear mongering, and mostly irrelevant to the debate, given your average citizen, whom you're spying on, is not about to go detonate one), what you have to offer is anecdotal evidence of your own time at NSA, who are all supposedly highly intelligent and trained individuals who can do no wrong. And what you're saying is that essentially, we're supposed to feel at ease because you don't care about our lives.

...and of course, your post is approved for publication by the NSA.

beachstartup 6 days ago 0 replies      
yeah, all that juicy data, just sitting there. trust us. we won't touch it. neither will the fbi. or the cops. they don't care that you smoke weed. really.

except they do care. and they want that data. and they will get that data. you can bet your fucking LIFE on it.

if it's there, it will be used, and very possibly by someone with less than good intentions. how the hell could anyone convince themselves that this isn't true? it's mind boggling.

look at mccarthy era politics. THAT CAN HAPPEN. IT DID HAPPEN. IT WILL HAPPEN AGAIN.

stefantalpalaru 5 days ago 0 replies      
> Halting use of USB drives is not enough to protect air gapped systems, as Ruiu's recent research on badBIOS demonstrates.

False. In the badBIOS case the 2 computers thought to communicate using audio were already infected.

javajosh 6 days ago 0 replies      
What fascinates me is how the principle of warranted search and seizure can be so completely ignored in the presence of an easy, painless way to seize and search information. It's really that simple: you either believe it's right, or it's wrong, and the possibility of doing it at a large scale is truly orthogonal to the question of what is right.

What is not in doubt is that the data from a panopticon used by a benevolent organization would be a powerful protection. But that same argument could have been used to subvert the 4th Amendment. Indeed, that argument could be used to subvert every amendment in the Bill of Rights, since a benevolent actor, by construction, would only subvert those rights with good reason.

The lack of thoughtfulness about what the Constitution means, and how it applies in a world where government wishes to piggy back on ubiquitous corporate surveillance (and extend it), is fascinating. One can imagine the creation of a new police robot that knows when you are not in your home, and which lets itself in, reads all your documents and catalogues all of your belongings, disturbing nothing. Would that be okay?

crystaln 6 days ago 0 replies      
> everything the NSA collects is by default shared with your government

So... does that mean that even though the NSA supposedly doesn't analyze American communications, their colleagues in other countries can?

Also, while it may be reassuring for Americans to know that US IP addresses are not allowed in searches, how reassuring is it for Canadians, Mexicans, Germans, Australians, etc? Does this not harm both our reputation and business interests?

In general, this article assumes agents of the government are, and will continue to be, law abiding and respecting of citizens rights. Is that likely to remain the case in 20, 50, 100 years? How about after a major terrorist attack?

jgg 6 days ago 0 replies      
Right, Loren, so:

* even though Congress was lied to/mislead about the scope of the NSA's programs, by none other than the Director of National Intelligence [1]

* despite the fact that the NSA hastily rushed to justify an invasion of Syria with misleading data [2]

* despite the fact that the NSA helped produce evidence to justify the false invasion of Iraq [3]

* despite the fact that the NSA helps to subvert crypto software and backdoor services, which makes people and businesses less safe against electronic warfare (despite the fact that al-Qaeda is at least aware of the need for building their own crypto, even if what we've seen so far is possibly crippled by stupidity) [4] [5]

* even though the NSA were unable to catch the Boston bombers (even though the warned the US multiple times about the brothers, they were tied to Chechnya, had jihadi content on their social media profiles and were already tied by association to a homicide) [6] [7] [8] [9]

* despite the testaments from former Intel folks that mass data collection doesn't work and that Gen. Keith Alexander is incompetent [10]

* despite Alexander being unable to come up with problems the NSA's mass surveillance has solved without lying [11]

* despite the fact that Alexander is a monumental douche who used taxpayer money to have a Hollywood set designer make his office into a re-creation of the Starship Enterprise [10]

...we should be "reassured to know how capable and thorough your cyber spy agency and military command are." We should rest assured that our electronic communications being scooped up and stored couldn't ever possibly be used for nefarious purposes against a citizen of the US, that it isn't a gross violation of a person's right to privacy and dignity and that even the majority of the NSA are kind-hearted people looking out for America's best interests in the big, scary world full of North Korea's and Muslim radicals and that my virgin, uninitiated mind just doesn't understand. This isn't all just a big, dumb, out-of-control bureaucratic freak-out or an attempt to instate a Stasi-esque intelligence regime.

Fuck you and your condescension, Loren. You are a coward and a liar, unless there is some grand plot the NSA has helped unravel, Clancy-style, that you just can't tell us about (I will apologize and retract my statements when it comes to light).


[1] http://www.huffingtonpost.com/2013/08/13/james-clapper_n_374...[2] http://www.lrb.co.uk/v35/n24/seymour-m-hersh/whose-sarin[3] http://www.thenation.com/blog/174744/remember-when-nsa-surve...[4] http://techcrunch.com/2013/09/05/nsa-subverts-most-encryptio...[5] https://www.schneier.com/blog/archives/2008/02/mujahideen_se...[6] http://www.independent.co.uk/news/world/americas/russian-off...[7] http://www.thenation.com/article/174026/there-chechen-connec...[8] http://www.cnn.com/2013/04/20/us/brother-religious-language/[9] http://articles.latimes.com/2013/oct/23/nation/la-na-nn-bost...[10] http://www.foreignpolicy.com/articles/2013/09/08/the_cowboy_...[11] http://www.dailykos.com/story/2013/10/15/1247400/-NSA-Direct...

ad80 6 days ago 1 reply      
Important voice in the whole discussion around NSA, but forgive me being suspicious - it comes around the time his Kickstarter campaign is to end...
film42 6 days ago 0 replies      
Did anyone else notice the countless screens running windows xp?

There were a few linux desktops, but really most of the screens were turned off, or on and showing windows xp.

I don't like the idea of the US Govt using an extremely deprecated operating system.

devy 6 days ago 0 replies      
If he's so "patriotic" and so proud of him being a cyber spy, why didn't he jump out earlier to defend NSA's position? Why did he only come out and write an blog a few months late and around the same time as CBS 60 minutes NSA interview? I say this is a NSA propaganda.
eli 6 days ago 1 reply      
Thanks for posting what I'm sure you knew would be an unpopular opinion around these parts. Interesting read.
kika 6 days ago 0 replies      
> I would also notify the users that their data was accessed, if it was legal to do so.

And of course you'd also put up a warrant canary [0] on your website, am I correct?--[0]: http://www.rsync.net/resources/notices/canary.txt

sbierwagen 6 days ago 0 replies      
Interesting that the HN algorithm that automatically flags NSA stories off the front page didn't penalize this one.
SchizoDuckie 6 days ago 0 replies      
What bothers me most about the NSA stories is that all the damage control seems to be revolving around not pissing the US citizens off because their data is collected.

What about the rest of the world? They just have a carte blanche to tap everything from everyone 'regular joe' from outside of the US can't do Jack Shit about it, other than help invent newer and stronger encryption methods, since all our governments have their arms up the US's ass.

are_you_serious 6 days ago 0 replies      
Did this line bother anyone else?

> If you are a citizen of the UK, Canada, New Zealand, or Australia, you may also be glad, because everything the NSA collects is by default shared with your government

He spends the whole post telling us its okay to trust the US and then completely throws that out the window by saying 4 other countries have all of our data too.

danbmil99 6 days ago 0 replies      
> I have a very high opinion of my former coworkers.

Well then, problem solved.

are_you_serious 6 days ago 0 replies      
What each section basically says:

1. We collect all of your data

2. That's okay because we're the good guys

3. Btw, there are bad guys hacking us and have in the past downloaded TBs of data from our systems

What happens when a bad guy gets access to our data? Whether from within or out?

alandarev 4 days ago 0 replies      
> US citizens have nothing to worry about.

Oh, alright then, there is nothing except the trillions of spies queued up behind US borders.

There is a shocking news to be revealed: Not all non-US citizens are spies.

agorabinary 6 days ago 0 replies      
I can't help but observe, with a sort of grim humor, that this fellow's resume now consists of international unwarranted espionage that threatens to upend the very foundations of our constitutional republic...and organic mayo entrepreneurship.
mpyne 6 days ago 1 reply      
Well this comment thread went about as I expected it to go...
hawleyal 5 days ago 0 replies      
> not a law enforcement agency

Naive to think that mass-collection of data is not a tool that will eventually used by law enforcement.

javert 6 days ago 0 replies      
> Even if you are not a citizen of the Five Eyes, you shouldn't be worried about your data being viewed unless you're involved with a group of interest, such as a foreign government or violent organization.

Is the US Tea Party considered a "violent organization"? (It's not, but that's a separate issue.) If not, can you guarantee that it won't be labeled as such under some future administration? The IRS is already targeting the Tea Party, so we have reason to believe that certain US political actors are not interested in abiding by objective laws.

If not, why do you defend the NSA?

Though I'm a US citizen, I'm sure one of the other Five Eyes countries can be employed to spy on me.

Marbux 5 days ago 1 reply      
@ "Every Agency employee goes through orientation, in which we are taught about the federal laws that govern NSA/US Cyber Command: Title 10 and Title 50. We all know that it's illegal to look at a US citizen's data without a court order. I use the term "look" deliberately: the Agency makes the distinction that looking at data is surveillance, while gathering it from locations outside the US is not. We gathered everything, and only looked at a tiny percentage of it. I am okay with this distinction both because I don't mind if my emails are copied to an Agency database and likely never read and because from a technical standpoint it would seriously impair our ability to spy if we couldn't gather everything."

lorendsr has far too much confidence that what he was taught about the governing law is correct. The governing law is far broader than the two titles of the U.S. Code he cites. The 4th Amendment, for example, protects against not only warrantless searches but also warrantless seizures. That line is first crossed at the gathering point, not at the point that the data is viewed. Put another way, the Amendment prohibits warrantless gathering of the haystack that includes private communications, not just the warrantless search of that haystack for a given needle. http://www.law.cornell.edu/constitution/fourth_amendment And that is only one example of his legal naivete.

Paul E. Merrell, J.D.

ekianjo 6 days ago 0 replies      
reading it feels like reading a PR document, just made to shed a positive light on the NSA.
nexttimer 6 days ago 3 replies      
Don't fight it. Just let it take over. Stop struggling. Once you'll have stopped struggling, it won't hurt anymore. You won't feel any difference anymore. And it will be like it was never different.
iribe 6 days ago 0 replies      
What do you think of the NSA tapping datacenter traffic, gaining access to company source code, passwords, and everything else companies incorrectly assumed wouldn't be sniffed? Was that justified? How do you know that data didn't get into the wrong hands, other than assuming every coworker was trustworthy.
njtechie 4 days ago 0 replies      
One of the earlier statements by government spokesmen was that they're only collecting meta-data and no one should be concerned about that. Fine. Then every top-level NSA employee, and anyone else involved in the data collection process, should immediately and publicly publish THEIR meta-data. That means detailed phone bills showing what number they called, when, and for how long. That means to "to" and "from" plus timestamps on all email sent and received. That means the recipient name and address of every piece of Postal mail sent. We don't need to see the content of those communications, just the meta-data. Because that's harmless and not really private, right?
einrealist 6 days ago 0 replies      
He only describes his view from inside the system NSA. But it is the outside which really worries me. Governments and legal boundaries can change. DHS and TSA were such changes. And both agencies have a big impact on the lifes of citizens and visitors.

OP admitted, that NSA already gathers data of US citizens. But the current legal boundary prevents analysts to just add a "selector", except when it is allowed by a (secret) court. So the data is already there with the technology to query or filter it, which is a bad thing in itself. But it is a tiny change in the law, that would make it legally right to include US citizens' data into the query.

Looking back at DHS, TSA and the overall militarization of the security forces, it is not hard to imagine that NSA is an easy pick for a reactive government responding to the next terrorist threat.

BTW. When have government institutions ever been dissolved? Isn't that a lot harder than creating new ones or changing the rules in favor of more control?

bbakkd 6 days ago 0 replies      
If you are not a terrorist or a foreign government official or work for a large corporation or bank or travel or communicate with people in certain countries or use certain keywords in your communications you have absolutely nothing to worry about.
bayesianhorse 6 days ago 0 replies      
We are the watchers on the (Facebook) wall...
focher 6 days ago 0 replies      
The worst thing about such pro-spying articles is that they are policy arguments, when the real issue is one of Constitutional rights. I don't really care what policies individuals or groups support. That's the whole point of a Constitution. It protects liberties from even majority rule taking them away. What part of the Fourth Amendment is unclear? Don't like it? Then pass a new goddamn amendment.
jsac 6 days ago 0 replies      
this story smells like PR via the NSA....
LekkoscPiwa 6 days ago 0 replies      
First 60-minutes, now this. Are we in the middle of a PR campaign now?
jjguy 5 days ago 2 replies      
HN, I'm ashamed of you.

The comments in this thread (and every other Snowden-related revelation in the last six months) have made it clear you are incapable of appreciating the magnitude and complexity of this scope of issue. The comment threads have been dominated by narrow, small minded thinking, bereft of any considered thoughtfulness. I quit reading your comments on these posts long ago, because they were a worthless echo chamber of self-righteous arrogance. I thought maybe, perhaps, this post would elicit better discussion. I should have known better.

Even after six months, I don't yet have a well-formed opinion on the topic. It's incredibly complicated and encompasses considerations most of us can barely comprehend. In an essay on the topic, Mike Hayden (ex USAF General, ex NSA director, ex CIA director) said: [1]

    it takes a special kind of arrogance for this    young man to believe his moral judgment    on the dilemma suddenly trumps that of two    (incredibly different) presidents, both houses    of the U.S. Congress, both political parties,    the U.S. court system and more than 30,000 of    his co-workers.
The HN collective deserves the same chastisement.

I expect more of HN than I do a typical forum. I dismiss the "not like the old days" cynics. Please don't prove them right.

1 - http://www.cnn.com/2013/07/19/opinion/hayden-snowden-impact/

Telegram protocol defeated. Authors are going to modify crypto-algorithm translate.google.com
337 points by xytop  15 hours ago   191 comments top 27
OoTheNigerian 7 hours ago 10 replies      
This is my first comment on the Telegram bruhaha.

Sometimes, I get embarrassed by what I experience here on HN. The gang up, the unnecessary pride.

To those saying RIP, Telegram will succeed. Without using it (I use a Blackberry), it looks to be top two of the chat apps when you combine usability/security. I will download it once I get an Android phone in January.

I will not wish failure on anyone that is confident in his product. Of course they could have shown more humility but it he face of "take downs" on all sides especially the ones sponsored or initiated by the Whispersystem/Texsecure chaps, I do not see why they should have bowed down to be crushed.

Considering the type of responses given by Pavel Durov, I am almost certain he would have been much more humble if his attackers toned it down a notch.

To the person that found a flaw, kudos to you on doing something and not spending all your time doing take downs of telegram on HN threads and blogs.

Pavel, I am hopeful that you will reward the chap even though the discovery was not within the "guidelines". it is all about the spirit of the competition.

As for the TextSecure/WhisperSystems guys, stop being like the politicians we hate who campaign by slinging mud on opponents instead of selling their stuff. Focus on selling the TextSecure app and not looking to takeout anyone who has a different approach.

PS: I have no relationship with either party. I am a neutral observer that has his own opinions.

pjscott 13 hours ago 3 replies      
There's a lesson here. I genuinely don't mean to sound smug, but -- remember how confident the Telegram guys were? Remember how sure they were that their protocol would be able to resist the eavesdropping efforts of the NSA and whatever other nefarious interlopers may come along? Remember how they said they'd been working on it for years, and presumably expected for it to last many more years?

Remember how that was, like, five days ago?

sillysaurus2 14 hours ago 3 replies      
TextSecure's protocol, on the other hand, hasn't ever been compromised. Don't use Telegram. Use TextSecure. https://whispersystems.org/
11001 12 hours ago 6 replies      
Here are some of their comments:


, . , : . nonce , . , x7mz email support@telegram.org .


Thanks very much, the author is absolutely correct. Just wanted to explain that the intentions were good: to correct bad "random" on the client side.

From this point on nonce will always be set to 0, and next we will definitely remove it from our diagram and explanations in the docs.

The author definitely deserves a prize, please enquire at the following email for details.


, nonce MiTM DH . , nonce , , , , . , nonce , nonce.

, , , , , .

200k$ , , . , - .

, , . . - - , .


He is correct, looks like the server can manipulate nonce and succeed at MiTM on DH between the clients. Not sure who's idea it was to introduce that nonce in this form, but I do understand the motivation, to protect against the "weak random" on the clients that can in theory be written by anyone. Obviously, we need to make nonce=0 and refuse secret chats with non-zero nonce.

It is quite amazing that the man who calls himself "a crypto noob" found a real vulnerability, as opposed to all those so-called professionals whose criticisms were largely unfounded.

Not sure about the $200k since this vulnerability won't really help to decipher the traffic and the server doesn't know the key from the secret chat, because it doesn't have any "bookmark". But I really don't like that in the future such a bookmark could be added.

However, I think this is a valuable observation and you do deserve a prize, even if not such a big one. If you, or anyone else, will find other potential vulnerabilities, please let us know, we will be rewarding.

droopybuns 13 hours ago 1 reply      
Excruciating evidence that supports Moxie's position.

Vuln rewards should exist for two purposes:

1)An act of good faith on the part of the developer that says "I am interested in securing my product and I won't prosecute direct disclosure"

2) The Dev knows exploitable vuln discovery has value, but cannot compete with black market pricing. Instead, the reward is a token of appreciation for a shared code of ethics.

I wish bug bounties could compete with the budgets of nation states. They can't.

Companies shouldn't pretend to compete. Shame on telegram for stupidly false promises.

xytop 15 hours ago 1 reply      
In short:telegram in secure chats (http://core.telegram.org/api/end-to-end) was using modified version of Diffie-Hellman algorithm:key = (pow(g_b, a) mod dh_prime) xor nonce(original: key = pow(g_b, a) mod dh_prime)That custom 'nonce' is derived from server and in theory server can send a specially formed nonce which will lead to known client keys ("bookmark"). It means that server as MITM can read all needed chats by request..Authors of Telegram agreed that it is a big hole and their algorithm needs modification. User, who found the issue will get a prize (not 200,000$, but good enough).
rdtsc 13 hours ago 1 reply      
Well nice knowing you Telegram. I don't see a good way for them to recover from this. First the bogus contest that Moxie debunked. Now this. The best option is to close shop, open a new company, new names and do something else.
solyanyk 4 hours ago 1 reply      
The Telegram guys chose to view it as a proof of inherent superiority of humble Russian programmers over NSA-backed American haters (I wish I was kidding!).Here is what Pavel Durov had to say on the matter (translated from his public post on vk.com http://vk.com/wall-52630202_7858):

> This story makes me once again admire Russian programmers. For a whole week esteemed American cryptographers on HackerNews were picking on the protocol fruitlessly - mostly demanding to replace our own solution with algorithms from NSA-backed Suite B [sic!]. An yet a Russian programmer, who calls himself "a novice", could immediately recognize the weak spot in the secret chats, in the context of an article on Habrahabr.ru.

Edit: To make it clear, that is not the whole post, just the first paragraph relevant to my point

gohrt 9 hours ago 3 replies      
Why is Telegram in the HNews so much? Are they part of the YC fraternity? Why do pay so much attention to crypto hucksters?

It hasn't been so long since the last snake oil peddlers had their roasting -- I forget the name, it was some cutesy web-browser "secure" chat thing.

It's cool to report debunkings, but if it weren't for HN, I (and most others?) never would have even seen these products in the first place.

paveldurov 13 hours ago 4 replies      
I'm excited by the insight and modesty of this guy. I will see to it that he gets a mighty prize.

It's great to see how open software can leverage the power of the community to find weak spots and become stronger.

hcarvalhoalves 13 hours ago 3 replies      
Demoralized twice, first for finding a flaw, second for not giving the prize.
ge0rg 4 hours ago 0 replies      
On http://vk.com/wall-52630202_7858 Pavel Durov writes that the finder of this vulnerability will receive a reward of $100k, and that comparable awards will be given for other findings. It looks like they are slowly making progress from a rigged show to a proper crypto evaluation situation.
Trufa 13 hours ago 5 replies      
As a side note, I didn't notice it was google translate until half way through the article. It's getting really good.

Is Russian an "easy" language to translate to English?

notastartup 14 hours ago 1 reply      
I hope this person will get the full $200,000. I definitely don't think we can ever trust Telegram's strength again. They won't be paying him the full $200,000 even though he has rendered the Telegram to be weak. Major, major backfire for Telegram stakeholders.
eliteraspberrie 13 hours ago 0 replies      
Great work! I hope this person gets a big piece of the prize, if not all of it. Perhaps they should have waited for the challenge to be expanded. (That's what I'm doing. I just hope nobody spills the beans first.
sciguy77 10 hours ago 1 reply      
Am I the only one who read this in my head with a Russian accent?
jokoon 5 hours ago 0 replies      
Noone should trust a service that advertises itself as being safe from governments ears. Pure and simple.

First, there's a risk the NSA is actually the one initiating those services.

Secondly, in cryptography, it's very hard if not impossible to effectively prove your messages are not read by someone else. Cryptography experts do not tend to work for people's interests. And if some do, the NSA has too many resources to just defeat those who try to not be listened to.

I understand the intention is noble, but if you release such a safe tool, the NSA will view it as a terrorist threat, because that's the job they have been given, and they will end up listening anyways.

I can't understand the paranoia about all this. If you're really afraid the NSA might use information against you, it's because you made political enemies, in this case, why use digital means of communication at all ?

I really tend to think it's being cool to use those cryptographic features, rather than anything else, and that's worrying.

dewiz 14 hours ago 0 replies      
So this was supposed to be secure/robust/mature/trustworthy ? Not impressed, still too many companies around pretending it's sooo easy to make something better, how hard can it be ?
User1398 11 hours ago 0 replies      
This is great news for Telegram. With such a weakness, the NSA will soon be encouraging wide spread use of their protocol.
justinzollars 14 hours ago 0 replies      
That didn't take long.
knodi 14 hours ago 1 reply      
200k gone just like that, better now then later.
ateevchopra 6 hours ago 0 replies      
The first thing they teach in hacking class is "Nothing is 100% secure. Even the brain.exe is vunerable.".. Well proved again. Nice work !
nly 14 hours ago 1 reply      
Why does Telegram provide the generator (g and p) and then suggest validation and caching? These can be hardcoded parameters
tigerweeds 14 hours ago 2 replies      
cool stuff. Give the guy his prize
xternl 5 hours ago 0 replies      
Interesting. I'm wondering about Threema, I think Moxie is already on them.
Aloha 11 hours ago 2 replies      
Would this hole allow him to decrypt chat text?
rikacomet 6 hours ago 0 replies      
Lol, I don't know whats so bad in Telegram being a bit "braggy" about their stuff. I mean, it took them a lot of hard work, in the first place since they did a lot of things on their own, instead of using pre-set standards. Everyone can loose a grip on self control, more than a few times. So what!

Besides, its only to inspire someone to crack their program, it is necessary to come across as a bit arrogant, so someone would loose a screw and crack it. never mind the buttery language post-cracking, since that usually comes from appreciation for each other.

Putting up a challenge publicly is a great PR tool, I feel its not reasonable to only bash 1 company about it. Unless, there is something I don't know, about what they said/did earlier on HN.

Developer and Power Users Tool List for Windows hanselman.com
336 points by Walkman  1 day ago   175 comments top 42
to3m 1 day ago 3 replies      
I don't know why people have such a blind spot in this regard, but Visual Studio's non-support for word-wrapping comments is obviously shameful. It's utterly ridiculous that you have to press Return while writing comments, and then more ridiculous yet that you have to go back and re-wrap them by hand when they change! - and the end result of course is that people usually don't bother, with the wrapping becoming steadily more ragged over time. Which looks shit.

So, I'll recommend this addin, that fixes it pretty nicely:


Though, you know... I've recommended this to numerous people over the years. And all of them have gone and ignored me. So perhaps I'm just unusual, and people like the raggedy look. Still, Comment Reflower gets my vote.

cowkingdeluxe 1 day ago 3 replies      
I agree having Paint.NET on this list, it is pretty good. I used paint shop pro 6 (yes, the one made in 1999) and switched to Paint.NET last year. It has really expanded my capabilities with regard to art for game development.

To get the most out of Paint.NET check out their plugins (http://forums.getpaint.net/index.php?/forum/7-plugins-publis...). It seems like there is a plugin for anything you can think of.

gchucky 1 day ago 4 replies      
A great list overall. One alternative I'd offer: he recommends Github for Windows and Tortoise as Git clients. I've been using SourceTree for Windows (http://www.sourcetreeapp.com/) and it's excellent. They've done a great job maintaining and keeping it up to date.
alan_cx 22 hours ago 1 reply      
Just a couple of things.

uTorrent got iffy once it was bought out. IIRC, you want version 0.6 This was very small, fast and unmolested.

VLC. For years used to be absolutely fantastic. When it came out, a god send. I'd tell anyone listening to use it. Sadly, recently its caused me loads of sync problems, and various other minor niggles. As a result, I have had to reverted to CCCP. When VLC works for me, it is the best, but when it doesn't, CCCP fills the gap. In fairness, maybe a recent VLC update will cure my problems. Dunno.

Foobar2000 needs a mention, especially with Winamp going. My PC is connected to my amp directly via USB, and FLAC files sound incredibly good. (These days, hifi wise, MP3 is, to me, awful. They kinda sound dead. You lose so much detail and depth. But that's a whole new discussion) You can also get a great little app for Android that you can remote control foobar2000 with over your lan.

suhair 1 day ago 4 replies      
Cmder[http://bliker.github.io/cmder/] from that list changed how i view a windows commandline. My best windows tool discovery in 2013.
aktau 1 day ago 3 replies      
Even though I barely touch windows these days, when I do, I invariably use "everything" (http://www.voidtools.com/) to find where everything is. So fast, so minimalistic. It's like locate on crack (because it shows you stuff as you type and it automatically updatedb's).
iaskwhy 18 hours ago 1 reply      
A few more I use:

SSH Tunnel Manager (open source). I don't really like managing tunnels via cmd so here's a GUI to do just that.https://code.google.com/p/ssh-tunnel-manager/

CryptSync (open source). This keeps a folder in sync with another one but encrypts the content of the destination folder. It's extremely useful to use with Dropbox where I keep everything encrypted.http://stefanstools.sourceforge.net/CryptSync.html

Greenshot (open source). I use this to get screenshots of a particular area of the screen like I would do on OSX with CTRL+SHIFT+4.http://getgreenshot.org/

Prepos App. A generic preprocessor for everything web (js, css, etc).http://alphapixels.com/prepros/

SPlayer (open source). I have no idea with I enjoy this video player more than VLC but I do.http://www.splayer.org/index.en.html

VistaSwitcher. It's an ALT+TAB replacement.http://www.ntwind.com/software/vistaswitcher.html

wrongc0ntinent 23 hours ago 1 reply      
AutoHotkey is a great way to get your kids coding. Not sure if there's anything like it for what kids use most nowadays, iOS and Android tablets, but having them make macros and letting them manipulate their favorite piece of software in ways they didn't think possible is usually an eye opener.

Edit: I'd add SpaceSniffer to this list.

strick 23 hours ago 0 replies      
Great list! I would also include http://www.expandrive.com/expandrive which lets you mount any server with SSH as a local hard drive.
Afforess 22 hours ago 1 reply      
Great post. However there is 1 great utility missing:

Clover: Chrome-like tabs for your file explorer. No more having dozens of file windows up. Just one. http://ejie.me

rschmitty 1 day ago 3 replies      
No idea why he would use Notepad2, ST3 loads up just as fast and provides way more features for text editing. Plus it is good with markdown syntax highlighting thus eliminating the need for MarkdownPad

Also Github for windows or just Git bash covers the need for Gow

Jabbr is ok, but I havent been able to give up mIRC

Also he left off a good tabbed ssh/putty

Great list, learned lots of new things thanks!

gus_massa 23 hours ago 0 replies      
Two additional utilities y like:

* 7+ Taskbar Tweaker ( http://rammichael.com/7-taskbar-tweaker ): allows you to configure various aspects of the Windows taskbar, for example reorder and regroup the programs in the taskbar.

* Network Activity Indicator (http://www.itsamples.com/network-activity-indicator.html ): displays the old 'two monitors' icon in Windows 7 that flashed blue to show network activity. (Well, this dont belong to the OP list because the only purpouse is to clutter the systray, but I like it.)

Havoc 1 day ago 4 replies      
Nice list. Can't say I agree with everything, but preferences vary.

I'd add though:ninite, notepad++, foobar, windows snipping tool and maybe cdxpburner.

NB both CDXPBurner and Imgburner come with Opencandy adware in some versions and are sneaky about it.

pkrumins 22 hours ago 1 reply      
Here's my list of tools:


Must Have Windows Programs

wslh 1 day ago 2 replies      
I suggested the author to review my company product SpyStudio that has a free version and is being used by Microsoft MVPs and VMware to troubleshoot Windows issues.

If you need a trustworthy source, here is a video from Peter Bjrk ( http://blogs.vmware.com/thinapp/author/peter_bjork ) showing how to troubleshoot a ThinApp package: https://www.youtube.com/watch?v=6sLxeoB7Bho

RexRollman 17 hours ago 0 replies      
I don't use Windows all the time but I do have some favorite programs:

  Firefox  Notepad2  7zip  Faststone Image Viewer  Foobar2000  Mame  ExactAudioCopy  FLAC  LAME  Jhead

polskibus 21 hours ago 3 replies      
There's a lot about asking people not to copy the list to their own blogs which kind of spoils the first impression to me - especially that the note is before the fold.

Does the HN crowd have an opinion on this? Did you find the note a bit weird ?

japaget 1 day ago 1 reply      
Great list. I'd add one more program: Agent Ransack at http://www.mythicsoft.com/agentransack/ . It's a file search utility that is orders of magnitude better than the utility built into Windows.
nhebb 1 day ago 1 reply      
> "NimbleText - Regular Expressions are hard and I'm not very smart. NimbleText lets me do crazy stuff with large amounts of text with it hurting so much [sic]."

In case it's unclear from the description, NimbleText is a simple code generator. It's saved me a ton of time and keystrokes. Well worth the $20.

michael_fine 1 day ago 2 replies      
Does anyone know of a list similar in scale and scope for Mac users?
thearn4 1 day ago 4 replies      
For python development, I'd also add Python(x,y) and/or Anaconda distributions for windows. They're binary installers that give you cpython interpreters + the kitchen sink when it comes to third party libraries and development tools.

Also, I have to disagree with the author about recommending Torrent. It's become more and more adware ridden with each new update. Deluge is pretty good though.

shocks 19 hours ago 1 reply      
Disappointed that clink [1] didn't make it onto this list. :( Clink brings Bash's powerful command line editing to Microsoft Windows' cmd.exe!

1: http://code.google.com/p/clink/

raveli 1 day ago 1 reply      
Great list of suggestions. While many of us on HN prefer Linux or OS X for any development work, it doesn't mean we don't at least occasionally work on Windows machines. Knowing how to make that experience more smooth definitely helps.

Going through the list of suggestions there was one particular item that stopped me to think. Living close to the arctic circle where sun never rises with the winter solstice approaching, trying F.lux (http://justgetflux.com/) felt at first a bit depressing with the app interpreting it's night even though it was noon. But then again, I guess most things have a tendency to feel depressing at this time of year.

ufmace 19 hours ago 1 reply      
Nice list! I see a few things I already have, and a bunch more that I'll check out.

A question for those who spend more time doing front-end web development: What do all of these much-touted Firefox development plugins like Firebug do that Chrome developer tools doesn't do?

patrickk 1 day ago 2 replies      
A word of warning about TerraCopy- it can cause annoying errors when copying. I transferred many gigs of data from one computer to another over a LAN, some files transferred fine, others looked like they copied ok, but were actually 0kb in size on closer look.

I'm not sure if it was a bug in that particular version or with the setup being used, but once I uninstalled TerraCopy the errors ceased.

pagade 22 hours ago 0 replies      
Although he mentions Hyper-V Virtual Machines, the real winner for me is VMware Player (http://www.vmware.com/in/products/player/). Its just like a audio/video player but for Virtual Machines.
MichaelMoser123 16 hours ago 0 replies      
I recommend far manager - http://www.farmanager.com/It looks and acts like Norton commander for windows - in text mode; it has many plugins, can't live without it.

Another one missing is vim / gvim.

dyml 1 day ago 1 reply      

I often copy code from my IDE to my blog or other Markdown formatters. I always have to add four spaces or convert tabs to spaces so that it gets formatted as code block. This extremely fast and simply site just brings a simple and easy solution to my problem.

ghh 22 hours ago 0 replies      
IMDisk, a virtual disk driver and disk image mount utility that is lightweight, ad-free, and actually supports Windows 2000 to 8.1 [1]. It's also open-source.

[1] http://www.ltr-data.se/opencode.html/

kirtijthorat 1 day ago 0 replies      
Scott Hanselman's list is amazing! A must-have for everyone in the tech industry. A decade worth of work at your fingertips. These are all well loved and often used utilities. I have curated my own list of utilities out of this humongous list. I truly appreciate the amount of hard work and many hours of research put together in making this list by Scott Hanselman.
hndl 1 day ago 1 reply      
Does anyone know of (or have) a similar list for OSX?
ericcholis 1 day ago 0 replies      
Non-Windows users should still grep this list. There are some multi-platform tools listed.
stusmall 23 hours ago 2 replies      
What's the best hex editor on Windows these days? I'm rarely on it but when I am I usually use the Notepad++ plugin for it but love to hear about something better
curiousDog 20 hours ago 0 replies      
Does anyone know of a similar list for OSX?
jhasse 1 day ago 0 replies      
Is anyone using TouchCursor (http://touchcursor.sourceforge.net/ )? I really like the idea, but I'm not sure if I should try to stick with it.
ionelm 15 hours ago 0 replies      
I'm surprised AltDrag[1] didn't make it in the list. It's incredibly useful !

[1] http://code.google.com/p/altdrag/

oliwary 1 day ago 0 replies      
My favorite tool on the list is Everything search, which instantly finds all files. It has completely changed the way I use the file system, to the point where I will rarely even open the Windows Explorer.
wil421 1 day ago 0 replies      
Does anyone have a list similar to this for OS X?
ijoyce 23 hours ago 0 replies      
I would add scoop. http://scoop.sh/
bberrry 22 hours ago 0 replies      
I love checking out lists like this.
PavlovsCat 1 day ago 2 replies      
my 2 cents:

- TreeSize ( and/or SequoiaView ) -- see where the big files/directories are on your harddrives

- Piriform CrapCleaner -- deletes unwanted/unneeded files after booting; configure all of it, then add folders and log files manually (find good candidates with Treesize ;) I like all Piriform tools, they're small, quick and slick. I wish they made more things.

- any SysInternals stuff you have a use for (Autoruns is a must have)

- DirectoryOpus -- the best file manager I know

- FreeFileSync -- backup/synchronize directories (locally, that is). Can also monitor directories for changed stuff (also for Mac and Linux)

peterkarson 1 day ago 1 reply      
"Everyone collects utilities"

Speak for yourself. I don't collect utilities.

Show HN: Myth CSS the way it was imagined myth.io
331 points by ianstormtaylor  4 days ago   151 comments top 28
pvnick 4 days ago 6 replies      
Wow. I'm shocked at the disgusting responses I'm reading here. No wonder people get terrible anxiety about releasing their hard work for feedback. Hacker News seems to be a den of vipers, waiting to strike at the tiniest opportunity to nitpick. And then folks have the gall to bicker and argue over whether the project even has fundamental merit, on the very thread that the author tries to show the "community" what he/she has made. I've been working on a project myself, something I'm passionate about and looking forward to my own "Show HN" thread, but this trend of negativity really makes me hesitate.

I think this is a really cool project, and I commend ianstormtaylor for pushing the envelope and advancing the state of the web. Good job!

edit: I understand criticism has its place in Show HN. But for God's sake, I had to scroll _all the way to the bottom_ to find some kind words of encouragement. You folks should really read some Dale Carnegie

crazygringo 4 days ago 7 replies      
> Myth lets you write pure CSS while still giving you the benefits of tools like LESS and Sass.

Having a "polyfill" is certainly a valid justification. But this doesn't come close to LESS/Sass -- I'd argue that the main feature of those is nested rules, and then mixins.

Variables and calculations are great, but most LESS code I've encountered uses nesting and mixins to a far greater extent. Advertising the project as "the benefits of tools like LESS and Sass" seems misleading, and seems to set up expectations that Myth doesn't fulfill.

JimDabell 4 days ago 1 reply      
This only polyfills some of these features in the most superficial way. To polyfill some of these features according to spec., you need to do it in the browser.

For example:

    <!DOCTYPE html>    <title>CSS Variable Test</title>    <style>        head {            display: block;            var-mycolor: blue;        }        :root {            var-mycolor: red;        }        title {            display: block;            color: var(mycolor);        }    </style>
If I load that document in a browser that supports CSS variables, the title will be blue. But if I run it through Myth, it drops the blue rule and makes the title red. This is because CSS variables are inherited throughout the document and can be overridden at any time. The calculated value of the CSS property that uses the variable depends on the document structure.

Likewise with calc() - if you multiply values like in their example, it works, but if you try to add two values of different units (e.g. 2em + 30%), it silently falls back to requiring browser support for calc().

This might be useful in narrow circumstances, but it should have big warning signs because it doesn't come close to being a proper polyfill.

eknkc 4 days ago 0 replies      
It's basically a rework (https://github.com/visionmedia/rework) distribution with a couple of plugins bult in.

I you need finer grained control, take a look at rework itself. We have been using it for a while and it's just great.

codegeek 4 days ago 10 replies      
Oops. Landing page font is almost unreadable in Chrome Version 30.0.1599.101 (Windows XP)
xauronx 4 days ago 6 replies      
I've avoided the CSS preprocessors for some reason, something about learning a CSS pseudo-language just didn't feel right. The idea behind this however is awesome. You're writing simple, true CSS and it does the annoying work of making it crappy CSS that browsers want. I might actually be able to get behind this.
jackmoore 4 days ago 1 reply      
You all should be aware that it is impossible for CSS preprocessors/postprocessor to fully replicate calc() and var(). For example, you won't be able to do something like calc(100% - 200px) or have scoped variables.
badman_ting 4 days ago 0 replies      
Very cool, but once you start working in something like LESS or Sass, it totally changes how you write styling and becomes something more than "CSS with variables". The possibilities they offer are more than features, it changes your entire workflow. Personally, I won't go back.

But besides all that, it's pretty sweet to have something more like "CSS with variables". That can come in super-handy sometimes.

chc 4 days ago 2 replies      
Despite its assertion to the contrary, that looks like a preprocessor to me.
coderzach 4 days ago 0 replies      
This looks pretty cool. It should probably explain that it's a static subset of the spec, and not actually a polyfill for the spec itself. Since the spec allows for dynamic, cascading variables, as well as dynamic calculations.
Pxtl 4 days ago 0 replies      
"Myth - CSS the way it was imagined "

I totally read that completely differently. Complete document/style separation is a myth.

prezjordan 4 days ago 0 replies      
Wow what a great idea. Nicely executed, love the demo page.
Kiro 4 days ago 2 replies      
What's up with the font? It looks like a disaster on Chrome @ Windows.
ozh 4 days ago 0 replies      
lots of readability issues on this page. Purple tiny text on black background != easy to read.
djokkataja 4 days ago 0 replies      
The site looks gorgeous and is perfectly readable in Firefox 25 on Ubuntu.

Also this looks pretty neat; I wasn't super interested in learning to use Sass/LESS or working it into my development cycle, but this looks like a good step towards not having to make much of a change while still reaping some nice benefits.

lstamour 4 days ago 0 replies      
Long-term I'm not sure how well this will work.

After all, SCSS was based on "CSS3" so we wouldn't have to rewrite our CSS. It's still around ... so we don't have to rewrite our SCSS.

I'm happy to see innovation here, but I also wish IE would just auto-update already. :D

transfire 4 days ago 3 replies      
I wish there were a revolt against W3C. They have consistently made a mess of everything they touch (and take forever to do it). Why reinvent the wheel yet again with another fuglier syntax? We already have Sass and LESS which are widely used and quite beloved. Just adopt the best of those and save us from yet another "XSL-FO". Please! For God's sake, man!
iLoch 4 days ago 3 replies      
Man I really hate when the creator of the site expects me to scroll down. I have a 1080p monitor, if I can't see any content at that height I have to assume there isn't any.
crystaln 4 days ago 0 replies      
"post-processor"? What does that mean?

Looks a lot like a pre-processor to me, except that its functionality is limited to what can be defined by pure CSS. I'm not sure why you would choose this preprocessor over one with more functionality.

Somebody must have thought it was a good idea to have gone through so much effort, so perhaps I'm missing something.

ultimatedelman 4 days ago 0 replies      
this is cool, but the problem i have with the variables is that it's based on a suggestion of a spec that mozilla hasn't even finalized... if it changes in the future, this could break
abvdasker 4 days ago 0 replies      
Definitely going to give this a try. I really appreciate the apparent simplicity and creativity of this tool. It avoids the need to learn the odd syntax of LESS/Sass for those of us who need reliable cross-browser support while providing many (though not all) of the benefits of precompilers.

Seriously great work.

pc86 4 days ago 0 replies      
Tiny text is unreadable on Windows Chrome.
nawitus 4 days ago 2 replies      
Can Myth postprocess LESS output and guarantee that it'll "just work"? I like the vendor prefix feature (although there's a 'LESS Prefixer' project too).
habosa 4 days ago 2 replies      
SIde note but I have never seen "Star on GitHub" before ... does that mean contributions are not welcome?
oneeyedpigeon 4 days ago 1 reply      
Interesting. Shouldn't the 2nd "a" in the right column under "Color Manipulation" be an "a:hover"?
philliphaydon 4 days ago 1 reply      
Why do front-end developers not test their website cross-browser and platform?

The font chosen doesn't render properly on Windows with Opera or Chrome.

kumarski 4 days ago 0 replies      
A little tough to read the text.looks cool.
fiatjaf 4 days ago 0 replies      
I imagine a CSS where the outer divs submit to the inners (but only when I want to).
$200,000 to the first person to break Telegram telegram.org
323 points by helgidub  3 days ago   162 comments top 40
mds 3 days ago 9 replies      
Cryptography Snake Oil Warning Sign #9: Cracking contests.

https://www.schneier.com/crypto-gram-9902.html 1999)

nwh 3 days ago 1 reply      
Most of the concerns people had were Telegram's servers acting maliciously or being coerced into acting maliciously, which is obviously not covered by this contest or the protocol they have designed. It's a bit disingenuous that Telegram is broken but not in a way that this bounty could pay for.
x0054 3 days ago 3 replies      
I have a better challenge! From today until March 1, 2014, I will SSH into my server and type a secret email address on the command prompt. Send me an email to that address and tell me my crypto key, and I will allow you to pet my dog for 5 minutes. (Sorry, I do not have $200k in BTC, or any other currency, for that matter :(, but my dog is totally cute.)

The point is, the above challenge is impossible without a MITM attack, and that MITM attack has to take place when I first save the server keys on my computer. The point is that there are numerous cryptographic protocols available which can not be broken using currently available technology.

This contest will prove one thing, and one thing only, the cryptographic algorithm they are using is secure. And it SHOULD be, considering that there are a lot of publicly available secure algorithms. This contest, however, will not prove that the Telegram service is secure.

sdevlin 3 days ago 1 reply      
This is really chickenshit, which is completely in line with everything else these guys have said or done.

Just so we're clear, this rules out:

  * Chosen plaintext attacks  * Chosen ciphertext attacks  * Adaptive chosen ciphertext attacks  * EDIT: Also any kind of side channel
If you're keeping score at home, that's just about everything.

The only thing that would fail to meet this definition of security is repeating key XOR. And RC4.

abcd_f 3 days ago 1 reply      
Pavel, since you are here,

Don't you think that you are basically fighting a needless uphill battle here? I mean, people crave a good encrypted communication system and you have the intent and the infrastructure in place, but you are shooting yourselves in the foot with your cryptographic design indulgence. This animosity will continue, because Telegram crew comes across as cocky and arrogant know-it-alls, and not because people think you cannot design a crypto protocol. The contest doesn't help a bit, it only further enforces the impression of arrogance on your end. This is not what you would've done if you in fact allowed for the existence of flaws in your design. You would've released an RFC instead.

I have all the sympathy for you. I don't doubt your motives, but you are setting yourselves up against skilled technical crowd. It has already started off on the wrong foot and this unfortunate dynamic will continue.

Perhaps consider offering an alternative crypto suite based on standard protocols? In parallel with what you have. Just reuse an existing crypto framework and redo transport layer to your needs.

earthrise 3 days ago 1 reply      
This is a bullshit challenge. The attack model in which it is set is nothing like the theoretical models cryptographic systems are designed to be secure against, and even less like how crypto software is actually attacked in practice. There is no possibility for known plaintext, chosen plaintext, chosen ciphertext, side channels, etc.

If they just encrypted their communications with AES-128 in ECB mode with a fixed random secret key, the challenge could not be won. And that's not even semantically secure. So we will learn absolutely nothing about the security of their software from the results of this challenge. Whoever designed this challenge is either extremely dishonest or knows nothing about cryptography.

If they really want to improve their software, they should offer a $200,000 bounty for a proof of concept implementation of an attack within their threat model.

Edit: I originally started this post with "...probably designed to get press rather than to actually improve the software...", which I have removed, since I have no evidence to support the claim.

blahbl4hblahtoo 3 days ago 1 reply      
Note to everyone in technology...Hacker News isn't the crowd that you need to impress.

The cryptanalysis community, in particular, has a small group of experts that can credibly critique your ideas. They would probably love to pick apart a new system...seriously in the hopes that it advances the art, but critically in the case that it doesn't.

Claims of some kind of "tightly knit" cabal of closed minded people excluding you would be a warning sign. (It sounds like creationism. Not that this is what these guys did. I'm just saying.)

Maybe instead of a competition they could have just approached some of the cryptanalysis community for an early look? Those guys could kick the tires and pass it on to others that they know. That really seems to be how this area works.

mikeyouse 3 days ago 2 replies      
At least they'll put their money where their mouth is. I'm excited to see someone call out the naysaying masses on HN and stand by their product in this regard.
CJefferson 3 days ago 1 reply      
The problem with this test is that there are many encryption systems I would consider fundamentally broken where I could not claim this prize.

To make this a slightly fair challenge, we should at least be allowed to get the clear text of our choice also encrypted with the same key.

MichaelGG 3 days ago 7 replies      
This is such a sham. Here, I'll offer $2000 to break my plaintext crypto. Every morning, in the shower, I'll say a secret word. Email me the secret word and I'll send you $2000 in BTC.
mullingitover 3 days ago 0 replies      
This would be an easy contest to win: bribe someone at Telegram $100k to help you MITM.
xerophtye 3 days ago 0 replies      
Ok so here's what i understand what's going on here from reading the challenge and people's responses.

1) A classical crypto-challenge where you are given a cipher text and the algorithm and told to crack it is somewhat useless Because that would just prove strength of the primitive algorithm, not the system. Here you are given a scenario and told to use whatever attack is at your disposal to hijack the conversation and somehow retrieve the plain text. So while it is similar to in someways, but not exactly the same case.

2) People are not amused because they seem to find the vulnerability that upon initiation of the secret chat, the first time, the server can perform a MITM attack. Because apparently they use a Deffie-Helman key exchange where the server connects them to each other. So the server is in the best position to do the MITM. And since this contest does not allow to make that attack (even if u had the server in your control, the secret chat has been initiated already).

And hence everyone is frustrated because they seem to KNOW the system is weak, but they cant prove it right now. And this will lead to Telegram boasting in March.

sergiotapia 3 days ago 1 reply      
Of all the software branches out there in the world, crypto's are by far the coolest and scariest in my opinion. They wield obscure knowledge, have long beards, a white van full of tech, communicate in some obscure protocol with each other - oh man. :)

I'm really excited to see if this is cracked!

josephlord 3 days ago 0 replies      
The problem with such a test is that it is a limited attack surface compared with the real app in use. There is a log of messages that are encrypted but there are no possibilities of active attacks such as man in the middle attacks and others that attack the protocol rather than the encryption.
h0cked 3 days ago 1 reply      
This is like putting messages encrypted with ANY encryption algorithm, and ask people to guess the key. This has nothing to do with whether the communication protocol is secure or not.
r-s 3 days ago 4 replies      
Travel to russia, get big wrench and hit Durov with it until he gives up his password. Win 200k.

In all seriousness, im interested to see if anyone can crack this.

jd007 3 days ago 2 replies      
Is that $200,000 in BTC valued at the time that the award will be given, or valued now? With the way things are going, not sure which would be better...
d0m 3 days ago 0 replies      
Someone will probably break an employee's computer and will just access private information, good game 200k. And then they will say it's unfair and I'm not paying you. And then HN will go crazy. Mark my word HN.
helgidub 3 days ago 1 reply      
So yeah guys, Pavel Durov saw your comments regarding security of Telegram messenger. Go for it.
poolpool 3 days ago 2 replies      
This is $200,000 in bitcoins, not actually $200,000.
patmcc 3 days ago 0 replies      
Does the secret email address change every day? Or is it the same one from now until the close of the contest?
legierski 3 days ago 0 replies      
How is that supposed to be secure? All I need to snoop on your conversations is access to your phone for 1 minute to receive the activation code and delete message about new device connected to the account.
exit 3 days ago 2 replies      
so the winner is allowed to remain completely anonymous, receiving 200k usd payment in btc?
xentronium 3 days ago 0 replies      
I find it amusing how first this genuinely benevolent side project puts Pavel in trouble with his investors and then HN crowd hates it too.
feronull 3 days ago 2 replies      
> 100% FREE & NO ADS: Telegram is free and will always be free. We do not plan to sell ads or introduce subscription fees.

how you are then going to make a money ?

nullc 3 days ago 1 reply      
Is anyone able to determine whos running this company? All the records seem to be anonymized.
GigabyteCoin 3 days ago 1 reply      
Surprising they didn't prove that they actually control $200k worth of BTC when it's so gosh darned simple to do so.

How do I know they are being honest?

They should have signed that blog post with their BTC wallet.

cypherpnks 3 days ago 0 replies      
This contest is a sham. Crypto has to be secure against things like known-plaintext attacks and similar. That's typical in any real-world setting.
Justsignedup 3 days ago 0 replies      
while the contest itself not wonderful, they do offer the source code, they offer constant traffic, they claim the contest is ongoing, so even if you don't win now, you might later.

The last point Schneider made of them winning but not telling you until they feel it's worth it is still valid.

eof 3 days ago 1 reply      
to do this "right" shouldn't they release a hash now of the keys that will be exposed in march; as well as sign a message from a bitcoin address containing ~500btc?
kul_ 3 days ago 0 replies      
Although i have limited knowledge of crypto, but the algorithm seems pretty similar to what is used in SSL with key exchange via DH and encryption via AES. Although i notice that instead of a server clients are doing key creation and exchange which is why Telegram may be calling the architecture 'decentralized'. What is new here, how is it Telegram's own encryption method? Just having a ssl like client to client security model is what is being coined as MTProto?
memracom 3 days ago 0 replies      
Judging by the phone numbers, I would say that this is likely to be some form of elliptic curve cryptography with domain parameters different from the NIST and GOST standards.

I don't personally have the depth of experience with elliptic curves to go about cracking this crypto, but others have cracked elliptic curve algorithms. Perhaps one of those people will find this tidbit useful in narrowing the field.

Also, I would expect that at least some of the plain text is Unicode, probably the plane from 0400-04FF.

zooko_LeastAuth 3 days ago 0 replies      
Could you show us examples of the actual message sent each day from Paul to Nick, except with the secret email address XXX'ed out? Is it the same message each day, or different?
nnx 3 days ago 0 replies      
I find it cute that the server's IP address as available in the logs is assigned to an organization named "Digital Fortress Corp"
fegu 3 days ago 1 reply      
I love how Telegram, at the beginning of a secret chat, says og is "200% secure". Right below the graphical representation of the cryptokey.
negamax 3 days ago 1 reply      
This is their protocol header

<Magic Number (Nonce?)> . <Magic Number> <Number of bytes + 1> IN/OUT <Ip Address>

swami1984 3 days ago 0 replies      
inb4 post about Schneier and snake oil contests - oh wait!
mattbarrie 3 days ago 0 replies      
This can only end badly.
uonyx 3 days ago 0 replies      
Shots fired.
suyash 3 days ago 1 reply      
PLEASE edit the title saying $200K in Bitcoins and not real $.Otherwise it seems link-bait (misleading).
Sent $10,701.03 to Coinbase. Still missing bitcoins.
315 points by permanence  3 days ago   132 comments top 37
znowi 3 days ago 6 replies      
When it takes a public outcry on HN for a company to do their job, I no longer deal with such a company. Simple as that. I don't care if you raised $25 million - if you can't treat your users fairly, you deserve neither.
sheetjs 3 days ago 1 reply      
The same class of problems (questions regarding account balance, money taken out but BTC missing, support went dark) happened earlier this year and there was another front page conversation: https://news.ycombinator.com/item?id=5427985

Sadly, it seems that the key takeaway (the importance of customer support) was lost upon the Coinbase staff. Based on the last response, its clear that they have not learned their lesson.

I recommend pulling all money and BTC out of Coinbase before the next crisis. And I say "next crisis" because there is no indication that steps were taken to rectify the underlying issues here. For example, as speculated in both threads, do they need to move off of MongoDB?

swombat 3 days ago 1 reply      
"I don't have the ability to forward this to the CEO"?

Fix that even before fixing the reconciliations...

kjackson2012 3 days ago 3 replies      
Why are people even posting on HN? The easy answer is do an ACH chargeback and be done with it. Do it quickly as well since the price has plummeted. Don't even bother with contacting customer support.
streptomycin 3 days ago 3 replies      
Just a fun anecdote to throw in:

I never bought through Coinbase, but I did sell some coins there recently for like $7k. They deposited the $7k in my bank account twice, and then a few days later took the extra $7k back.

So although ultimately it all worked out fine, they do seem to be ridiculously reckless in their dealings with thousands of dollars. I can't imagine my bank doing something like that. Made me very wary of dealing with Coinbase in the future.

untitledwiz 3 days ago 2 replies      
Well then, third post in week or so, I see HN has become the official support system for Coinbase ...
brandon272 3 days ago 2 replies      
Assuming this post is legitimate, what kind of organization of that size (an article published today indicates that there are 8 employees!) has a hierarchy and culture where if an individual working in a customer support role sees something wrong they have no way of communicating with the CEO?

Scary, if true.

aidanlister 3 days ago 2 replies      
Does anyone else get the creepy feeling that this is mgrunin posting to stroke his own ego?

"That guy must have been one of our extremely high volume VIP users or something in order for something like that to have happened."

That just does not sound right. And it's not the first time he's tried a sockpuppet account [1].

[1] https://news.ycombinator.com/item?id=6930297

jamestnz 3 days ago 1 reply      
"I'm not sure how that guy got the CEO of the company to intercede on his behalf"

Well, he did so by raising a public fuss about it, that much seems obvious. The OP of this thread seems (quite reasonably) to be attempting to achieve the same outcome by the same method.

Taking this OPs claims at face value, it seems like the support person quoted was trying to be helpful (or at least empathetic). Unfortunately, on a basic customer-service level, the response fails spectacularly.

I fail to believe that a company such as coinbase would neglect to have some mechanism where staffers can escalate support tickets (as is apparently being claimed). Jeez, it doesnt even have to go directly to the CEO skipping all intermediate steps: just bump it up the chain!

That CEO intervention should be necessary to achieve basic customer satisfaction is crazy to begin with. Either empower the hierarchy to solve problems, or give them access to someone who can.

OP did you try emailing brian@coinbase.com directly? (Im not revealing any information here that a quick googling doesnt).

ziko 3 days ago 0 replies      
Hi, <name> from Coinbase here. Sorry for the delay on that - definitely not the customer experience we are striving for.

<some phone shit right here>

Edit: <we actually did our job and made it work. we also gave you 0.01% on top!>

sergiotapia 3 days ago 0 replies      
Unfortunately this is a trend for Coinbase: http://www.reddit.com/r/CoinBase/comments/1t6326/customer_su...

Just don't use them and protect your hard earned money.

barmstrong 2 days ago 2 replies      
Coinbase founder here. We'll reach out via email to discuss the details of this case with you.
patrickg_zill 3 days ago 1 reply      
Wow, that is pretty surprising.

First thing in support is, YOU are the face of the company as far as the person you are in contact with, can see.

Second thing is, if you don't know, don't guess; tell them you will check into X and get back to them about it.

Third, empathize with the person - wouldn't you be worried over the disposition of $10K if you took it out of your bank account and then had problems getting what you ordered?

Saus 3 days ago 0 replies      
The problem what I have is 'fairness' (not just Coinbase, mostly all companies with customer service).

OP tried to solve it without making a fuss, without causing trouble for CoinBase but they couldn't help him and they didn't want to help him. Now he is creating negative press (exactly what you don't want) and see the response from last night. CEO probably comes in and saves the day.

The problem is that the people who 'behave' will get shafted, and those who seek 'social media' will get a prompt resolution.

That is a disappointing trend that with Twitter/Facebook only became worse (before those it was mostly threatening with consumer advocate programs on TV). Try it yourself, send an e-mail and a tweet to a company. E-mail gets a reply within 48h, twitter within 1h. Companies are creating their own monster this way....

codebolt 3 days ago 0 replies      
This is exactly why I'm not buying bitcoins in the current dip. Counterparty risk on the exchanges.


permanence 2 days ago 0 replies      
UPDATE: I've been in touch with Coinbase support and they've corrected the larger of the two transactions in question. I'm still waiting on the second transaction to be fixed. I'm still missing some bitcoins from transactions that are well beyond complete (more than a week old, ACH withdrawal completed and marked as complete in coinbase).
rdxm 3 days ago 0 replies      
Ever wonder why there are not 100 different exchanges out there providing services to the equities/options/bond markets??? Simple, it's fairly costly and complicated to 1) meet regulatory requirements, 2) achieve a level of liquidity/transaction volume to make the exchange viable, and 3) take business away from the incumbents...

moreover, as soon as you attach the word 'exchange' to your service you immediately set an expectation in the consumers mind that you will provide a similar level of service/liquidity as that which they would receive if they were working with a real exchange operator.

coinbase currently lists a team which has zero experience in the exchange operations world. the closest they come is a guy who did some foreign exchange trading at GS.

net-net they have a looooooong way to go to get to being a viable exchange in the traditional sense of the word. and that's before you get to the whole topic of whether or not bitcoin is really something that will be a viable exchange model asset. that has yet to be tested outside of a very, very small base (relatively) of ecosystem participants..

colanderman 3 days ago 4 replies      
1. Chargeback.

2. Better Business Bureau.

3. Federal Trade Commission.

4. Lawyer/lawsuit.

All of these are better options than whining on some Internet forum.

jnardiello 3 days ago 0 replies      
Seems like Coinbase wasn't able to create a viable and sustainable process. To me, they will just fail as long as their processes become scalable. Surely i won't deal with them anytime soon :
steeve 2 days ago 0 replies      
They are 8 people. He can surely push through.
simonebrunozzi 3 days ago 0 replies      
I have a question that is related to how Coinbase deals with situations like the one on this thread:I have a Coinbase account, and I am verified with a Credit Card. This means that I can instantly buy bitcoins. What happens if they fail to get the money from my bank account 2-3 days later? Would they charge my credit card instead?
jackgavigan 3 days ago 2 replies      
Before the $25m round that was just announced, CoinBase had raised $6.71m.

What have they spent that money on?

mattmaroon 3 days ago 2 replies      
Can we make a new rule? HN is not an end run around companies' bad customer support (even YC ones). We could probably fill this site with these pretty easily.
simias 3 days ago 1 reply      
HN is not a Coinbase support group. There must be better ways to deal with this.
permanence 2 days ago 0 replies      
UPDATE 2: Still waiting to receive two missing bitcoins that were purchased on December 11 and promised delivery for December 17. I mentioned the issue to them days ago and it's still hasn't even been acknowledged. Sent them a message this morning and again right now.

Coinbase has been kind enough to resolve the issue with 10 bitcoins being delivered nearly a week late. But I'm not sure why 2 bitcoins disappeared from my account and they have yet to acknowledge the issue.

Tarang 3 days ago 0 replies      
I think Coinbase ought to be aware we know their customer service needs work & when stuff comes on HN and it looks bad for them its just damage control to give a false impression of competence when they respond.
kaonashi 2 days ago 0 replies      
"There's a sucker born every minute" - P.T. Barnum
juanbyrge 3 days ago 0 replies      
LOL it seems that Coinbase has a lot of junior developers that are too superior for unit tests . Try the magic the gathering site?
pbreit 3 days ago 0 replies      
You posted here at pretty much the exact wrong time (11:30pm PT) but I would still be surprised if you don't eventually get taken care of (assuming a legit situation).
grimaceindex 3 days ago 1 reply      
To the OP: if Coinbase provides terrible customer service but you still publicly declare you're a "huge fan", what incentive is there for them to change?
permanence 1 day ago 0 replies      
UPDATE 3: Still missing bitcoins purchased on December 11. No acknowledgment of missing bitcoins yet from customer support or Brian.
j_s 2 days ago 0 replies      
Sounds like it's time to start the process of reversing a fraudulent ACH transaction.
andersthue 3 days ago 1 reply      
Did anyone say Ponzi Scheme ?
brentm 3 days ago 0 replies      
That is one of the worst responses from a customer service agent I've ever seen.
tlongren 3 days ago 0 replies      
Glad I don't use online bitcoin wallets.
learningram 3 days ago 2 replies      
Bitcoin news...

I have no interest in Bitcoins. Is someone gaming HN ?

CSS animated loading indicators tobiasahlin.com
314 points by hising  5 days ago   70 comments top 18
gizzlon 5 days ago 2 replies      
Are you telling me that CSS can now make nice animated wobbling circles but still can't center in a sane way?

(Nice work, btw, like the animations =)

moistgorilla 5 days ago 3 replies      
Nice job. Is it a problem with the state of webdev that the thing I was most impressed by was that your website didn't break my back button? Seriously, good work.
nkuttler 5 days ago 1 reply      
Here's the browser compatibility info: http://caniuse.com/css-animation
petejansson 4 days ago 2 replies      
These are really very nice, but they don't really convey any more information than a static picture of a puzzled kitten. Like "security theater," this is "progress theater" and I would prefer to give my users a more useful indication of progress. I do appreciate the work that went into these, and admire the skill.
surjithctly 5 days ago 0 replies      
I've also created one

Windows 8 Loading with pure CSS3


CRowlands 4 days ago 0 replies      
Here is a little editing on one of the ones I like this better then the three in a row. .spinner { margin: 100px auto 0; width: 70px; text-align: center;}

.spinner > div { width: 22px; height: 18px; background-color: #333;

  border-radius: 100%;  display: inline-block;  -webkit-animation: bouncedelay 1.4s infinite ease-in-out;  animation: bouncedelay 1.4s infinite ease-in-out;

.spinner .bounce1 { -webkit-animation-delay: -0.32s; animation-delay: -0.32s;}

.spinner .bounce2 { -webkit-animation-delay: -0.16s; animation-delay: -0.16s;}

@-webkit-keyframes bouncedelay { 0%, 80%, 100% { -webkit-transform: scale(0.0) } 40% { -webkit-transform: scale(1.0) }}

@keyframes bouncedelay { 0%, 80%, 100% { transform: scale(0.0) } 40% { transform: scale(1.0) }}

eik3_de 5 days ago 1 reply      
Unfortunately very CPU intense, compared to SVG-based indicators
brokenparser 5 days ago 0 replies      
Nice work, especially "Wave" and "Circle" because they're more likely to be recognised as such. (Similar animations are already seen in the wild.)
baby 5 days ago 8 replies      
It's nice and well done, but now who would use this novelty idea in a real work? There are animated GIF or fonts SVG for that.
Trufa 5 days ago 0 replies      
This is pretty neat, also I was incredibly surprised when going through the code to see in how little number of lines he achieved that!
Vektorweg 5 days ago 0 replies      
Now we have brand new CSS and we do a subset of the cool things, we could do in SVG since ten years. I'm a bit confused.

Oh and it doesn't work in Opera 12 .

cupofjoakim 5 days ago 0 replies      
Feels a bit too flashy for me. That's just personal opinion though, it's still great work. Now work on cross browser support.
odc 5 days ago 0 replies      
Very nice! Although I hope this won't be mainstream too soon as this uses 10% of my CPU (Firefox on Linux).
onion2k 5 days ago 3 replies      
They don't seem to animate in Chrome 31.
wil421 5 days ago 1 reply      
Does anyone have a tutorial that shows how to implement a loading screen?
im3w1l 4 days ago 0 replies      
The animation tears, and it needs antialiasing.
usrnam 5 days ago 1 reply      
And this is main in favicon:


Sorry no preview

nvdk 5 days ago 3 replies      
I believe all of them actually use more bandwidth then a gif, so why use this exactly?
Decline of 60 Minutes Continues With This Weeks NSA Whitewash thenation.com
313 points by pain_perdu  6 days ago   92 comments top 20
vinhboy 6 days ago 4 replies      
I am really glad people (or at least some) saw right through them.

I caught only like 10 minutes of it, but one of the NSA official was talking about how they discovered a state sponsored malware that could infect your BIOS and brick your computer. I was like, wait, what? So you spy on our phone and internet communication so you can protect us from computer viruses?

But if you were to view that as a lay person, what the NSA official said about cyber attacks must have sounded really damn scary. After hearing something like that, most people would accept that the NSA's actions are justifiable.

forgotAgain 6 days ago 0 replies      
I think its good to remember that these people are professionals in disinformation and psyops. If we don't understand what they are attempting then it's more likely due to our lack of experience in the area rather then their incompetence.

One plausible explanation is it is an effort to give cover to friendly politicians during political campaigns. They can't just leave these people without a story. They need to supply them with something to counter all the negative news. The story doesn't have to be airtight. It just needs to be good enough for the majority of the population to remain accepting of the status quo.

As an example of another bit in this campaign I would point to the recent instances of politicians claiming that Snowden must have had help from the Chinese or Russians. No proof was given but he just had to have help because how else could he have done it.

It would be good to remember that the first goal of any organization is survival. There is no reason to think that the offensive capabilities of the NSA and the rest of the defense establishment aren't being used to protect themselves.

IanDrake 5 days ago 2 replies      
CBS is really pumping up the PR for the NSA.

Recent episodes of NCIS have a NSA agent on loan to the NCIS staff. She's cute, smart, and quirky and does a great job protecting us all from the scary people.

Also, Hawaii 5.0, had a hack attack on an episode lately and they were all "Thank god we have the NSA to protect us". Ok, I forget the details on that one, but I remember rolling my eyes.

Now with 60 minutes jumping on board, it's plain to see there's a coordinated effort to spin the NSA in a good light. Not just a whitewash, the message is "The NSA spying on Americans is a good thing".

DigitalSea 6 days ago 3 replies      
I am one of the few who remember a time when 60 Minutes actually did investigative journalism and not biased propaganda pieces for the likes of the NSA. Now you'll be hard-pressed to find any investigation in a 60 Minutes story, let alone the journalism part. Sad.
runjake 6 days ago 0 replies      
An easy bite for a real journalist would've been Alexander's statement in the opening segment that NSA does not collect data ("phone calls and emails") on Americans. He then goes on to detail all the safeguards (FISA courts, access controls) to prevent analysts from mis-using this actually-collected "uncollected" data.

A real journalist, which Miller isn't, would've been all over that. But if it hadn't been Miller, and it had a real journalist, there would've been no way NSA would've allowed CBS inside any part of the complex.

Later in the segment, it is mentioned we share all this data with our FIVE EYES partner countries, where presumably, they don't have safeguards regarding foreign nationals (eg. Americans). Another something a real journalist would've jumped all over.

Another little aside: Miller asked Ledgett (the Snwoden task force head and soon-to-be Deputy Director, NSA) how many times he's been interviewed by the media and he replied "One. Now.". He's been interviewed at least a few times before, most recently by the WSJ. A quick Google search pulled up this URL: http://online.wsj.com/news/articles/SB1000142405270230460710...

rl3 6 days ago 0 replies      
Unsurprisingly, the words "targeting" and "collecting" were used interchangeably when convenient.

In similar fashion, "metadata" was again used as a red herring.

All domestic communications within the United States are currently intercepted and stored for at least 5 years, including content. Perhaps that wasn't a desirable talking point.

transfire 6 days ago 3 replies      
"The fact is, we're not collecting everybody's email, we're not collecting everybody's phone things, we're not listening to that."

Uh... http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/

How easy it has become for them to lie.

gjenkin 6 days ago 3 replies      
FRONTLINE seems to be the only investigative journalism program of note left on television. Will be interesting to see their report on the NSA, assuming that they're working on one.
atmosx 6 days ago 4 replies      
I saw the show here[1]. It's beyond ridiculous. The saddest thing is how stupid they consider average Joe to be.

[1] http://www.thewire.com/national/2013/12/60-minutes-nsa-good-...

Another question that always puzzles me... Are operating system THAT vulnerable? Every Agency, Criminal, whatever-organization has a remote 0day windows/linux/macosx exploit????

grogenaut 6 days ago 0 replies      
Once Rooney died they were all free to stop complaining which does not make for good news. That grumpy old man was protecting our freedoms by protecting our lawn.
kpapke 6 days ago 1 reply      
EDIT Did anybody find that segment about the codebreakers and the Rubik's cube kind of silly? It seemed to send a message to me like, "These guys can solve a damn Rubik's cube okay. Their work is way over your head. Don't ask questions, just trust them."
doki_pen 6 days ago 1 reply      
And the first example they use is a "pirate"??!! That justifies a lack of privacy and an ungodly sum of tax money?!

:throws up in mouth:

paul9290 6 days ago 0 replies      
60 Minutes pawned by Jeff Bezos and now a paid stooge for the NSA who tried to further discredit Snowden.
siculars 5 days ago 0 replies      
NSA and there mass media partners are basically running psyops on Americans. The sad thing is that it will probably work on many of the sheeple and provide ample cover for morning talk shows and op-ed articles ad nauseam.
mrobot 6 days ago 2 replies      
Sigh, more about phone records.

Phone records! Just metadata collection! Data collection? Oh, right, we do that, too.

cafard 6 days ago 0 replies      
The notion that 60 Minutes had a position from which to decline is curious.
josefresco 6 days ago 1 reply      
Since when did anyone still consider 60 minutes serious journalism? They've long gone the way of "gee-whiz" reporting for the aging (and probably sleeping) baby-boomers. You want hard hitting journalism covering the worse situations around the world? Frontline has you covered.
rdl 6 days ago 2 replies      
Are they this bad in their other current reporting?
nexttimer 6 days ago 0 replies      
I think the majority of the US public doesn't even need any of that propaganda to hang Snowden in public and continue to put up with corrupt DC.
LekkoscPiwa 6 days ago 1 reply      
Who is the target? I mean, seriously. Nazism had Jews. Communism had bourgeois. Who is the enemy of the US Totalitarian Government. Because as we all (well, maybe not all) know from school, the totalitarian Government to exist needs two types of enemies: internal. And external. We know who the external enemies are: so called "terrorists". So this begs the question, who the internal enemy will be. They will probably also be called "terrorists". But will these be "islam fundamentalists" like in the case with external enemy. Or maybe so called "patriots"? Or OWS movements? I have no clue to be honest. Who is the enemy? Which group the propaganda machine will sacrifice to keep the wider populace in check, obedient and scared?

Seriously asking because from me this is the only point from understanding if we are in fact dealing with totalitarians already or not yet. I assume this is morphing slowly into a totalitarian state. But who will be sacrificed? Who will be the internal enemy. That puzzle is missing for me. Who will be used to keep us scared?

The scenario I think is possible: like with world trade centers, via/nsa/whatever will do some kind of horrible 'terrorist' attack on the US soil. Thousands will be killed. And the whole thing blamed on OWS -- or -- Patriots -- or -- both of these groups at the same time -- and prosecuted without courts in concentration camps a.k.a "Gauntanmo Bay". I know, I know, sounds like sci-fi. Anyone taking bets on that though?

Because that's the only part of the puzzle they are missing. And if you ask me, the reason why they selected 'terrorism' as the target is not an incident. That's the only tactics that can be employed successfully against strong, organized total government effectively. Both Polish and French underground soldiers were called terrorists by the Nazis.

If you take away democracy from people - at has already happened in the US where whoever we vote into the office will just do the same thing - the only option you leave them is violence. Terror. If you know and understand that - as they USG had known for a long time - your first step will be making them the public enemy #1 even before you start morphing the country into a totalitarian state.

Who can be accused of terrorism? Even 82-old nuns are. http://jezebel.com/5943373/82+year+old-nun-breaks-into-the-f...

Why not me for writing the above? The punishment? No right to lawyer, no right to due process, torture, indefinite imprisonment in de facto concentration camp. WAKE UP!

       cached 22 December 2013 16:11:01 GMT