Credit card numbers are not secure. Therefore, they should not ever be accepted as authentication. Especially only 6 digits of it! This is by far the most shocking part of this story. As if I needed another reason to despise GoDaddy.

[Edited to add] I would sure love to see a scarlet letter list of companies which allow such practices, so I can never use them.

Then I can come back here and post nasty comments about squatters.

PayPal gave the attacker the last four digits of my credit card number over the phone

That person should lose their job if it is not PayPal policy.

I really hope by some small chance the person that did this gets some serious prison time, if not for this then anything else prior or down the road. Then maybe one of those mornings they wake up in prison they can ponder if it was all worth it.

Is there any possible rational for Paypal to give the last four digits of his card number to "him" over the phone? Given that they're routinely used for verification, it's as if they've never heard of social engineering. It's simply inexcusable.

And it's almost as bad as the ridiculous "Log In Without Your PayPal Security Key" option that lets you bypass 2-factor auth and head straight to the ultra-secure world of the ridiculous security questions such as the ever-popular "what city were you born [that's also listed on Facebook]" and what not. I still can't believe they think that's a good idea.

I pay Twitter nothing, and yet the service is valuable to me. So instead of continuously crippling the service in the name of goodness knows what, why not actually charge users for a premium experience. Things like customer service that works, a gold member status flag, controls on swapping account ownership, analytics and so on. Offer 3 paid levels - personal, business and corporate, and obviously keep the free level forever. Once revenue comes from customers, then perhaps it will help in understanding that while other revenue night be larger, the true value of Twitter is derived from the community.

Anyhow, if any of them actually comply to ISO 9001, it is possible to audit previous data to establish the true identity of the owner in some arbitrary date before any of this happened.

Quite possibly, to avoid unnecessary user annoyance, these companies will only subject themselves to the effort of analyzing that data under court order, so it's fair to suppose there is need to open a judicial process. Therefore, I believe it's possible to regain access to everything that was supposedly stolen, even though it may take quite some time.

Also considering closing my paypal account now.

It still works if you find an expired domain name, register the domain name and then do the whole password-reset procedure. Might be cheaper to buy a 6 digit number on eBay though :)

It seems like if he'd had 2FA turned on with GoDaddy, this may not have happened. So rather than use @gmail.com addresses to register for things, as he recommends, just turn on 2FA with your provider. And if your provider doesn't support it, leave them and tell them why.

The admonition to use a @gmail.com address was annoying enough that I actually put up a response blog post just on this point: https://konklone.com/post/protect-your-domain-name-with-two-...

This kind of thing happened a lot in MMO games which is why they try to push account security into your hands so they don't have to attempt to arbitrate in deals that may or may not have happened outside of their sphere of control.

SighI use Google Apps exactly so that I have control over the domain and aren't subject to the good will of Google. I had never thought of this particular problem. Now I don't know what to do.

If that hadn't happened, he'd still have his twitter account.

>If I were using an @gmail.com email address for my Facebook login, the attacker would not have been able to access my Facebook account.

Just google and the NSA then. Also, Gmail has an exposed password reset and social-engineerable support. A server running Postfix/Exim doesn't.

I'd consider a domain with a good registrar far more secure than google.

Using an unusual/unknown address for account validation mails (maybe with forwarding of other communications) probably would make sense, though. And/or sites coming up with a better account-recovery procedure, perhaps outsourced to a startup.

There's probably a market for a super-secure email address for account login mails, but that isn't a free gmail account.

There doesn't appear to be any way to contact Twitter about this.

Shortly after, I received a second email "Welcome to Twitter, <username>"

Going to:https://support.twitter.com/forms/impersonation

..and selecting "Someone is using my email address without my permission." tells me to submit a general support ticket. That's fine except none of the general categories has anything to do with this problem and choosing "My issue is not in the list" simply redirects me immediately to the root support page. I submitted a ticket with a different topic and have not heard back from them in a week and expect I never will.

Focusing on the Twitter handle sale part: I have the twitter handle @jetsetter, and have been offered multiple thousands of dollars for it (guess who!).

Unfortunately, selling a twitter handle is against TOS. Only @israel has been officially allowed to transfer hands for money, that I'm aware of.

So trying to broker the sale of a twitter account can allow the buyer to report your 'behavior' to twitter. They can seize the account and make it so no one has it, which may be what the buyer prefers to you having it.

So no matter the price you could command, it isn't like you could just list @n up for sale and make it rain.

I've had two users offer to buy my username.

He might have been able to get it back if it was his trademark or even name that he lost and not some witty username.

The first few digits of card numbers refer to the provider (Visa, Amex, etc) [0]. Given that Paypal gave the last four digits of the card, I'm surprised they wouldn't give out the provider as well, so guessing this would be even easier.

[0] https://github.com/stripe/jquery.payment/blob/master/src/jqu...

http://www.fbi.gov/about-us/investigate/cyber

http://www.ic3.gov/default.aspx

"Not accepting an offer of $50K for a twitter username I didn't use" doesn't really count...

a) Two Factor should be mandatory and as soon as it is, any representative of the company MUST insist that a reset cannot be done over the phone. It should be highly suspicious if someone comes up and says "Hi, I lost my email account access AND my phone so could you please reset my password via phone now?"

b) If not Two Factor, the security questions should also be mandatory. No other "data" like past addresses or cc numbers should suffice to reset over the phone if the person doesn't know the answers to all security questions.

And, speaking of these questions, of course they should be stuff that you know and cannot be "guessed" by anyone who is able to read your facebook page or similar. Maybe even some non nonsensical thing like "Favorite Food" - "Horse Droppings". As long as you remember this, nobody should be able to "hack" that over the phone. Even if you go on and on on facebook about how you "could eat your way through a giant bowl of pasta you love it so much"

Makes me happy that companies are moving towards text authentication since emails are easy (or at least well practiced) to compromise.

Note: Time to change my Time To Lives on my MX records and up my security.

Also if account data is changed they MUST keep a log of what your data was before. At least anything beside passwords.

I've heard people go on about how Google (and I suppose other corporations) are evil, and how they are rolling their own custom mail solutions etc. It's times like these that people lose important things.

Also, I really don't understand why US companies must store credit card details. I understand the convenience, but there's been a lot of security compromises to let this practice continue. In South Africa online retailers don't store CC info, yet we aren't being brought to our knees by inconvenience.

At least the attacker mentioned his methods, so GoDaddy and PayPal can educate their staff better.

How we make sure that you don't lose your $50,000 Twitter username: http://ow.ly/t4yR8 $5.99 domain transfers with code BYEBYEGD

[1] https://twitter.com/Namecheap/status/428555697882935296

Follow us at @N on twitter.

Looks like a typo. Imparts zero cred since 99.999% of people will not take your ability to "possess" a short twitter account name as helpful for whatever else you may be trying to do.

As far as the "Sorry I am so technically gifted. Let me tell you what you should do to prevent me next time..." thing, what kind of cartoon caper is this?

... there has got to be a multi-stage process for authentication that does NOT use any CC or SSN. Of course, the responsibility lies with the account owner for maintaining passwords/authentication information.

If you lose the information, no way to recover it.

I say this because it seems (again, I'm not an expert) that these thieves use social engineering mostly in the "data recovery" stage of the process.

The only way to tighten that from my perspective is to put maximum responsibility on the account owner to keep their logins, passwords (again, for multi-stage authentication), and such on hand. Don't have a need to recover your info, and others can't use the recovery process to get to your account.

I guess it wouldn't be a perfect scenario but... this, or lose @N.

I am sorry to hear there are companies allowing these practices, though... sad.

Good Developers understand how critical it is to handle authentication and password storage well. It can be complicated thing and is very easy to screw up.

But all that goes out the window when somebody calls the support line. There needs to be just as much scrutiny placed on over the phone authentication as there is within an application. The problem is likely that those over the phone patterns/anti-patterns are not well documented and available.

That meant that anyone using SMS via AT&T for two-factor auth was vulnerable.

The extra layer of security is only enabled if you call AT&T and ask them to further protect your account from future changes.

He may say that he has left them alone, but you have no chance of knowing.

$50k is hardly worth such a bold crime with no exit strategy.

However. If someone were to steal a physical asset in order to extort something else out of me I would go immediately to the police. I'd have thought I'd do the same if the assets involved were digital.

I've no idea if a criminal offence was committed in what ever jurisdiction this happened. But I'd have thought extortion is illegal is many parts of the world?

Twitter added two-factor authentication back in May. If you're constantly being attacked that you ignore important emails, at least add phone authentication.

-

You might want to read the post before you comment. He willingly gave the twitter to the hacker.

btw, @! google search returns 0 results. interesting... hmm, twitter apparently allows alphanumeric handles only...

http://pastebin.com/g7R6Ren2

what sane person doesn't call the FBI when an attacker blatantly commits fraud against them, admits to it, and then commits extortion based on the successful fraud? Furthermore, what kind of attacker explains how they attacked? Thats ludicrous.

this has got to be some kind of roundabout way of advertising for the various competitors of godaddy mentioned in the post.

Members of national assemblies and governments of states; Members of international courts; University rectors; professors of social sciences, history, philosophy, law and theology; directors of peace research institutes and foreign policy institutes; Persons who have been awarded the Nobel Peace Prize; Board members of organizations that have been awarded the Nobel Peace Prize; Active and former members of the Norwegian Nobel Committee; Former advisers to the Norwegian Nobel Committee

Most of those are fairly small groups; but "Members of national assemblies and governments of states" is a pretty big chunk of people, and "professors of social sciences, history, philosophy, law and theology" is a simply enormous group of people.

As a result, nominations are very meaningless; any third rate history or sociology prof at some podunk community college can nominate someone if they have a mind to, and all sorts of people get nominated, often as a lark or to prove a point. I believe Bush was nominated repeatedly, for example. (Well...nominations are secret, but I know of people who have the ability to nominate, and claimed to have done so, and I don't see why they'd bother to lie, so...)

So yes, Snowden was nominated (well, unless these politicians are lying). Honestly, he was probably nominated dozens of times. This isn't news. Also, a couple of left-wing Norwegian politicians like Snowden. Also not news. :) The only real news here is if he wins...

I saw a "free Snowden" sign the other day which I thought was asinine.

Al Gore got it for raising awareness of climate change. Obama got that for not being Bush. Even if Snowden gets it, it doesn't really matter.

The list of who can nominate is somewhat restricted -- but given that any member of any parliament, or any social-science professor at any university, can nominate someone, that doesn't strike me as a very high barrier to entry.

The bigger question, in my mind, is whether Snowden contributed to world peace. Yes, he clearly unveiled all sorts of schemes that the NSA had. It's a good thing for democracy that he did such things; it's clear that the US government was doing things that it claimed not to be doing, and that US and foreign citizens alike were rather upset to hear.

So yes, I'm personally glad to hear that these things were unveiled.

However, did this really contribute to world peace? Is the world a less violent place as a result? You could make the argument that it actually is more dangerous in the world, because the US is less able to spy on people. I'm not sure if that's the case, but it's not a totally crazy argument.

Mr Jagland (for 4 years)Mrs Kullmann Five (10 years)Mrs Ytterhorn (13 years)Mrs Reiss-Andersen (2 years)Mr Stalsett (1 year)

Jagland has been a member of the Nobel Committee since 2009. The same year, he was elected Secretary General of the Council of Europe. Note that Norway is part of the Council of Europe, but not of the European Union. Jagland is in favor of the EU, although Norwegian people have voted against joining the EU two times.

All of the other members are politicians from national parties. According to Wikipedia, Mrs Kullmann Five is also member of the Board of Directors of Statoil, an oil company which is the largest company in Norway. Mrs Reiss-Andersen is a lawyer, and she has written two novels. Mr Stalsett is the Protestant bishop in Oslo.

As we can see, the committee is not a group of international law experts, famous scientists or peace activists. The truth is, it seems the five members of the committee do not have the right profile to be responsible for one of the most important international awards in the world.

In fact, an additional person helps the committee to make decisions. Geir Lundestad is the director of the Nobel Institute and has been the "secretary" of the Norwegian Nobel Committee since 1990. He was a researcher in charge of international relations at Harvard for three years, and a researcher at the Woodrow Wilson Center, which is the eleventh biggest think tank in the world (according to the Go-To think tank ranking) with famous members like Hillary Clinton and Arne Duncan. Then, in 1990, Geir Lundestad came back to Norway and became the new secretary of the Nobel Committee, and went on for 23 years.

The bottom line is that Geir Lundestad is the real decision-maker. This guy calls the shots, and he will of course not choose Edward Snowden as the next Nobel Peace Prize.

2014 - Snowden

That would certainly be something ;)

"The five-member [Nobel] panel will not confirm who has been nominated but those who submit nominations sometimes make them public."

As a relatively minor side benefit, Snowden winning the Peace Prize would be an elegant rebuke to the rulers in the Sixth Eye of Five Eyes - Nobel's birth country of Sweden. I'd like to see that.

There are many people that would be eminently eligible to share a Nobel Peace Prize with this sort of motivation though. Only two slots left for the sharing... Bill Binney and Tom Drake? John Kiriakou? Who are the other strong contenders?

They will provide, that more likely a terrorist or mass-murder will get it. Or even somebody that orders unethical kills of people by drones.

So Obama deserved a Nobel Peace prize for running a successful electoral campaign, but Edward Snowden doesn't deserve one for making one of the largest exposs of compromises of individual freedom in the history of the world.

Bravo, Americans.

Then we all turned around and went back into our offices to check HN to see if it was just us.

Very funny that everyone reading this did something similar. 84 points in 4 minutes.

How much would someone have to pay you to never again recover your gMail account? I would demand just an absurd payout to willingly walk away right now, with all those contacts, messages, unread e-mails, organization, etc...

Scary how much faith we put in this free service.

I can imagine a few reasons why there currently isn't an alternative, like network effects stemming from your contact list, or the fact that you'd have to change your email address everywhere and forward from your gmail account. But what are the real reasons?

I don't think anyone's noticed yet.

If the issue persists, please visit the Gmail Help Center

Technical Info

Numeric Code: 93

http://www.google.com/appsstatus

Edit: back for me in California, too.

Would save us all a massive amount of time continually refreshing the page. I realize a browser extension could do this too, but SMS would be much better.

[1] http://www.reddit.com/r/IAmA/comments/1w1y5m/we_are_the_goog...

It is down for me, SF Bay Area (east bay).

It is a firm reminder that Google is not bullet-proof.

(I'm in the Midwest and typically hit the Chicago DC, I believe.)

https://docs.google.com/document/d/1E0ApnDQyV0zRX6jhisBxHHuZ...

had gmail green for a long time, right now half orange. clearly not fully dynamic.

The status indicators orbs are either missing and misaligned.

http://www.google.com/appsstatus

I don't think they've ever had a worldwide outage like this.

Any idea how many Google services are affected by this right now?

Could it be that the Web app was down, but the actual mail servers weren't? I know I have the Gmail extension in Chrome Installed (not sure about my coworker), could this be the reason?

Edit: Gmail up, Hangouts down.

(well, except for this very minute, because it actually is broken)

Note - I have no inside knowledge of what's happening. I'm just posting my observations.

Watch all major status pages (e.g. Google, Facebook, Heroku, etc.) and immediately auto-post the link to that page when anything goes down.

(just had to)

Is GMail down?^2

GMail is down^4

Gmail is still down^10

gmail is back up^2

Gmail was down

Oops... a server error occurred and your email was not sent. (#793)

Would I pay $5/month for your SaaS? Most likely no!

Thought it was just me. Glad to know I'm not alone.

http://www.google.com/appsstatus

Manhattan, New York. Verizon DSL.

Jeff Morsey is doomed with emails !

Impressive that it's almost always up without serious flaws (for me at least)!

It's taken google hpw many years to read bell level reliability?

This will probably go down in history as quite a record. I'll wait for the post-downtime analytics.

http://imgur.com/7dempIL

Do not reinvent the wheel to solve problems that can't be solved in much cleaner and nicer ways. Managing dependencies can be annoying, but we all bite the bullet for a very good reason, because reusing solid well tested code is a good thing.

The premise of the examples list seems a bit disingenuous.

Very few of these things take into account the full convenience of jQuery. It's much more than saving a couple lines of code or knowing the native way to accomplish the most basic version of a task. jQuery's real benefit is preserving simplicity as your needs grow more complex.

Right off the bat I feel like the getJSON[1] example is a bit simplistic. Almost anyone using ajax needs to serialize data, handle errors, prevent caching, etc. jQuery has thought about all this[2].

Don't get me wrong -- most of my work has been without jQuery, but that means I know exactly how much work it is.

The Good:

The format is a nice way to show people (who really don't know otherwise) the native JS plumbing.

"The number of people who don't know that jQuery != Javascript is too damn high". So to help combat that, I really appreciate the idea behind this site.

It's great to show side-by-side how jQuery isn't "magic", since many people seem to learn jQuery these days without even knowing the first thing about Javascript, but I just think it should be presented with a slightly different premise.

[1]: http://youmightnotneedjquery.com/#json -- side note, why did they set the handler after the `send`? It seems like that could cause problems if the result was returnable quickly, such as from cache, though I haven't tested it.

[2]: http://api.jquery.com/jQuery.ajax/#jQuery-ajax-settings

Now about this site itself. This is a great idea getting people to use and understand native methods, but please also understand that native methods aren't always necessarily the most efficient choice. There are a few of parts of this site I think send the wrong message. Don't get me wrong, I think this is great, but sometimes native methods are no better than jQuery's.

The first one being jQuery's each method. It is a known fact that jQuery's each method is extremely slow, it works, but from a optimisation perspective native ways of looping an array are always the fastest and most efficient.

The alternative given for a jQuery.each statement is the IE9+ supported Array.prototype.forEach now you'd think this would be faster right? It's actually still not as performant as it could be. As this jsPerf set of benchmarks shows is that a for loop is the most performant option: http://jsperf.com/foreach-vs-jquery-each/38 it might not be as pretty as jQuery.each or Array.prototype.forEach, but heck, it's a whole lot faster than the alternatives.

The second being the use of querySelectorAll (which is awesome btw). It has similar capabilities to that of jQuery's native wrapper for querying, it looks just as nice, but once again the performance isn't all that great. Looking through multiple jsPerf benchmarks, querySelectorAll is rarely the best option to use in most cases. This is an example of one: http://jsperf.com/queryselectorall-vs-getelementsbytagname/4... if your selector is extremely complicated, think to yourself, how can I make this easier to write? Do I need to query a chain of five classes and use CSS3 selectors, or can I just add an ID to the element I want and query it using document.getElementById instead.

Sometimes jQuery is needed though. It saves considerable amounts of time, especially when the budget of a project is tight and timeline is even tighter and you just need to get something out the door as soon as possible. If you have the time to properly build whatever it is you are building, consider spending that extra 15 seconds writing a for loop to iterate over that array or object.

And to those who understand and have taken a look into the internals of how some jQuery methods work like document.ready, you'll appreciate and know just how many different browser quirks the jQuery team have solved for us. There are quite a few methods where jQuery hides the gory details of a sometimes difficult to get right across all browsers feature.

Personally my favourite thing about Javascript is the power of documentFragment: https://developer.mozilla.org/en/docs/Web/API/DocumentFragme... this is something all developers who use Javascript need to know about. It helps prevent reflowing and redrawing as well as being extremely efficient and fast for modifying and inserting elements into a page.

Over all of this I think we all need to reflect on the state of Javascript. It's a whole lot more powerful and better than it was 10 years ago, but I think because of the likes of jQuery and others, people have become obsessed with pretty code and methods. I know for loops and prototype methods might not be as nice as your one line of jQuery code, but don't take the easy way out, because you'll soon find the longer your Javascript grows in your app/site, the slower it will become.

Let's say we know a consultant, let's call him Bob, who works on client projects. He needs to implement new features fast, and does not want to worry about low level stuff. Once he's done with a project, he moves on to another.

Then, we meet a JS-framework developer, let's call her Alice. She has to weight every line of code she writes because her decision can have have a huge impact on thousand of developers using her stuff. She needs to understand a lot of low-level details in order to make good decisions and ship rock solid stuff.

Now, both Bob and Alice have to decide whether they need to include jQuery in their projects or not. Heck, they need to justify their decisions to their teams / managers.

What's Bob going to say? He will start thinking about what will happen if he does not include jQuery to his project. Well, he will have to implement some of the low-level stuff by himself, and later maintain the code. Probably, in a month he's going to be working on another project and will have to copy & paste the same stuff over. And if there was a bug? Is he going to update all the previous projects he is not getting paid for anymore? If he's smart, he's going to say: we'll take jQuery, as it provides a nice, stable, robust and battle-hardened API. We're going to move faster if we use it, as we don't want to reinvent the wheel.

What about Alice? She will probably have to consider introducing a new dependency to her framework. Is it OK to add those additional hundreds of lines of jQuery code to an already large codebase? Is she going to be able to provide a consistent experience between different (and future) versions of jQuery? Is the core of her application going to rely on an external tool, even if it is rock-solid and lose the potential to make low-level optimizations and have full control? Maybe, she's going to say: well, I'm going to identify the elements that need some of jQuery's stuff and implement it by myself. She will be taking the time and effort needed to test it well and be sure that it works across different platforms.

At the end of the day, both will have made the right decision, even if in absolute terms they took the exact opposite action.

Software engineering is about making decisions, in a given context and moment, for a given purpose. As software engineers, we should not generalize about some of the decisions people have to make. There is no one single truth, it all depends on a variety of variables and factors. Let's be Bob and Alice, be smart and make the best decisions for our projects.

False:

- CSS browser prefixes are automatically inserted by jQuery

- Many jQuery selectors don't exist in the CSS selector specification

- Looks really really ugly and that makes it hard to read for you and other coders.

    var pairs = $(".form").not(".old").serialize();    /* without jQuery */    var pairs = [].slice.call(document.querySelectorAll(".form"));    var data = forms.filter(function(ele){      return /\bold\b/.test(ele.className);    }).map(function(ele){       var form = ele.querySelectorAll("select, input, textarea");      var pairs = [].slice.call(form).map(function(subele){        // maybe if subele.type === "select"        // but I got tired of writing this example        // but that's the point anyway        return subele.name + ":" + (subele.value || "") + ";";      });      return pairs    }).join("").replace(/;$/, "");

One of the biggest benefits jQuery introduces is the concept of treating single selections and multiple selections identically. While using jQuery, I can emit a $(".class").hide() call, which will apply to all elements with the matching class. Simple and elegant.

However, using native JS as the page suggests, I will need to construct a loop within my function, especially if I'm using the DOM supported getElementsByClassName method, returns a pseudo-array of DOM nodes which don't have the style method available on them. You'll notice the examples already assume a selected element and leave much of this heavy lifting out.

Furthermore, jQuery offers the selection simplicities of Sizzle (ie: "#div .container .item). To do the same selection process in vanilla JS, I'll need to nest 2 getElementsByClassName functions in a getElementByID function, and return the concatenated results from each potential .container. That is to say nothing of more complex selectors.

So yes, if you're addressing the absolute simplest form of selection, this works, but otherwise I don't think it's really presenting the situation honestly.

I understand the visceral opposition, but once you start writing a fallback to support some browser (something to support IE or FF or Safari or Chrome ...) you might as well use the battle-tested solution (and write your own thing if you find performance to be unacceptable and trace the bottleneck to jQuery)

And ultimately, why not? jQuery works, has a wide base of users, etc. Sure your trivial Js might not need jQuery features now, but as you add more dynamic behaviour, at some point you'll wish you had just used it to begin with.

A better message might be: make sure you know what the underlying javascript looks like, because there are a lot of people helpless without jQuery.

PLUG: if you're bored of jQuery, try Dojo. Far more power, in a less intrusive form, IMO.

FadeIn:

  element.style.transition = 'opacity 400ms ease-in-out';  element.style.opacity = 1;

  [].forEach.call(document.querySelectorAll(selector), function(el) { ... })

I'll also plug my colleague's autogenerated index of the HTML5 APIs:

http://html5index.org/

The real problem with not using jQuery is that all of the collective knowledge we have about browser inconsistencies is encapsulated in jQuery. When you run into this, and Google it, you'll find a million StackOverflow answers telling you to use jQuery, and if you get lucky a blog post from 2007 that actually answers your question. The result is that you end up spending time reverse-engineering jQuery to get your thing working.

To be clear, in my case the tradeoff was worth it (the code for my entire widget including the bits of library I had to write is smaller than jQuery), but it's not a tradeoff I would make unless I had a good reason.

Unless the headline was changed by the mods, there's no hyperbole or sensationalism here. You might not need jQuery. Obviously. But many of these reactions don't belong here, they belong in a post titled You don't need jQuery, which would of course deserve to be downvoted to hell.

Obviously you don't need to pull in jQuery for every little twenty-line gizmo you publish on github. But don't you dare brag about this or you'll offend the sensibilities of those who've invested all their mental energy into learning jQuery and therefore remained ignorant of how browsers actually work.

- Setting or getting css attributes- Querying the DOM- Manipulating and walking through arrays

Each of these features can be replicated with fewer than 10 lines of code.

I will lose a beautiful API with a simple, terse and familiar syntax. I will have to work with an ugly, inconsistent and loquacious API, which has no guarantee of being cross-browser (or accounting for various browser quirks).

And for what? I doubt 81 KB would make much difference to 99.9% of my visitors.

As for performance -- it makes sense to rewrite bottlenecks in pure highly-optimized JS. But to write vanilla JS from scratch, without even knowing whether you'd need that performance boost is a pure waste of time.

UPD: it has been pointed out that this webpage is directed at developers of JS libraries. In this case, all these points are valid, but the title, then, seems to be either misleading (as in "link-bait" misleading) or a plain truism.

I could be convinced of the latter but not the former.

Use jQuery please.

Rewriting jQuery methods with vanilla js usually turns out to be a hack job that is buggy and ugly. Just use jQuery.

http://coding.smashingmagazine.com/2012/10/09/designing-java...

I agree that you probably only want to use a small subset of jQuery (e.g., none of the UI, none of the transitions), and zeptojs is actually a really good alternative. But it really does provide some convenience.

http://robertnyman.com/2008/10/16/beware-of-javascript-semic...

The amazing part of jQuery still to this day, beyond the selectors (which can now be replaced yes), is the plugin system. Just like Python, there is a plugin for everything and if you don't like them or there isn't one, developers can easily make one and share it with the world and it just works (tm). It is the most easily pluggable javascript library. It creates a baseplane that developers can be more efficient in. Everybody tries to replace the jQuery selectors, animation etc but they miss that jQuery is a platform and a pluggable one at that. It is responsible for tons of productivity.

I've also started using Angular.js quite a bit and have found most of the time, it requires less code than jQuery. It also has its own subset of jQuery "jqLite" which has a much smaller footprint so your app doesn't need to rely on that jQuery dependency.

The beauty of jQuery is working with the DOM as collections. I don't see how it's better to have all these helpers like `nextSibling`, `matches`, or `filter` thrown in the global scope or having to remember is this a real array? jQuery already built solutions for these common problems and exposes a nice API.

If all I need is querying the DOM and I don't have to support IE8 then I may consider using vanilla JavaScript, or building my own simple jQuery-esque library. But you'd start with some structure, and expose your own API. I re-invented the DOM wheel many times, and from my experience, although the code is smaller, I end up going back to jQuery because it covers some edge case or provides something else I need, like AJAX, or nice events, etc.

But building your own DOM library is a good educational challenge. Querying the DOM is all about collections, and if you don't need IE8 then you can use all the ES5 arrays methods, like map and filter. It all boils down to four functions to work with collections: toArray, unique, flatten and query. And four functions to work with the DOM: compose, join, dot, loop. See here for an example http://jsbin.com/EgIkega/1/edit. The article is more about techniques to build your own jQuery-like library; I wouldn't use "el.nextElementSibling || nextElementSibling(el)" when I can use "$(el).next()". C'mon!

Conclusion, you are probably going to use jQuery anyway.

You might be able to use jQuery 2.x instead, which is smaller, faster, and drops support for IE8 and below.

I totally agree, but not everyone lives in a post-IE8 world. It's as much as 10% of our traffic on some sites and several big clients use it.

It's as if there are now two "levels" of people - "regular developers" and "framework designers", and only the latter are really supposed to know about the nitty-gritty. The excitement of finding out about standard, cross-browser gems like insertAdjacentHtml is all but gone :(

I get it that people are focusing more on the entrepreneurial side of things now, but I miss the banter of aspiring tinkerers.

Although this is true, you don't really need any library. The problem comes when you start to need that library. You make a decision to not use it at the start of the project and then the dependency of lower level JS functions grow and it turns out you do need it. What do you do then? Go and get a copy of jQuery and start to rewrite all your functions?

Hindsight is the problem here, I'd rather make the decision to use the (relatively) low sized jQuery library and not have to worry about how the project grows.

As the old saying goes, "It's better to have it and not need it, than need it and not have it".

http://code.jquery.com/jquery-1.11.0.js

Notice the rbuggyQSA variable.

Also check out Quirksmode:

http://quirksmode.org/dom/core/

You're average web app perhaps doesn't need the latest Ruby/Python/PHP framework, or perhaps it you can write it without the framework. Or perhaps you can a compiled as opposed to interpreted language because that would be faster. OR maybe you can use something that is even faster, like perhaps Assembler! Fuck it write machine code if speed is the most important thing.

Do you know why you don't? Cause writing Assembler or machine code sucks. You lose very little in load time by including a minified version of jQuery, while you gain an enormous amount of ease of use and readability. Also it'll be more fun.

Just include the jQuery and be done with it.

It seems to me that if you are making a library, and therefore do not want to make assumptions about the availability of jQuery, one potential solution would be to go the route of AngularJS[1] and have a 'soft' dependency on jQuery.

In this instance you would use jQuery if it was present, but fall back on the code found in this submission if it wasn't.

Are there potential downsides to this solution that I am missing?

[1]: http://docs.angularjs.org/api/angular.element

I've seen thousands of js snippets using jquery just because the developer doesn't the pure js syntax, or because he is used to start from adding jquery.

very good page indeed, thanks for spreading the knowledge.

However, operating in the world without jQuery is scary for a new developer. I think it has its utility.

Note: I tend to prefer not to use jQuery, especially with AngularJS around. YMMV

Either way, this is pretty neat, and I'll probably be bookmarking it. We're using ClojureScript now and migrating away from jQuery, so this may prove handy.

I can see myself reaching for this page a lot. And the author has a point as the only reason I used Zepto on my last project was one of the libraries I needed used it.

If I am gonna use a fix it library today, it's more about nodejs/browser compatibility than worrying about browser issues.

Next up: you might not need <insert abstraction>.

Really?! What does "need" mean? Go write assembly.

Uncoring the Native DOM APIhttp://blog.ponyfoo.com/2013/06/10/uncovering-the-native-dom...

Getting Over jQueryhttp://blog.ponyfoo.com/2013/07/09/getting-over-jquery

But I still support the case that not every plugin/library developer should depend on jQuery by default, even if it is not necessary.

[1] https://github.com/WebReflection/ie8[2] https://github.com/es-shims/es5-shim[3] https://github.com/eligrey/classList.js

I've already got fall-back for people who've turned off JS, but I've yet to write anything for unsupported JS.

> $('<div>').append($(el).clone()).html()

vs

> el.outerHTML

Why not $(el)[0].outerHTML?

1) The fact that some people don't realize that JavaScript != jQuery scares me.

2) jQuery born when cross-browser compatibility was a mess and today it still carries that weight. I think nowadays it needs to be more modular and less monolithic.

One question though, what is the pure javascript equivalent of $(document).on('click', '.selector', function() { // do something });

This is the new jquery .live() replacement and i need it because normal events stop working after async postbacks (eg. from an asp.net UpdatePanel).

Will this code do the trick if i attach it to the document element? Also i need IE8+ support :)

function addEventListener(el, eventName, handler) { if (el.addEventListener) el.addEventListener(eventName, handler) else el.attachEvent('on' + eventName, handler)}

addEventListener(el, eventName, handler)

People that are not fans of jQuery are people that are are only familiar w/ MVC on client side and are not using APIs (ex: Parse, Kinvey, etc.)

    Y[t]MN(NJ) 

As in: Code ninja?

Re-use is fun. See?

> data = JSON.parse(request.responseText)

Maybe "var data = ..."?

Oh wait -- that's what jQuery is!

Choose one:

- Performance

- Rapid development

i have better things to do than merely writing my own dependency

They're terrible.

It fascinates me because I wonder who the leadership team is and what the company culture is like. Do they decide to be terrible by sitting around in meetings brainstorming ways to screw their customers?

When they (inevitably) recant on this policy, please continue your plans to transfer out of their service, even though the phone calls required will make it painful to do so.

This goes way beyond a situation in which the company (Network Solutions) needs to learn a lesson about customer management and into the area where the industry as a whole needs to learn a lesson about what happens to companies that go this far off the deep end and the best way for that to happen is the rapid death of Network Solutions.

I absolutely refuse to ever register another domain with them. Their business practices are about as evil as I've ever seen from such a mainstream company.

https://twitter.com/netsolcares/status/425751251369095168

"We are working to get you opted out."

Holy shit, what a crazy response. "Working" to get him opted out? Like they are doing him some kind of a favor and putting in effort above and beyond just not defrauding him in the first place?

A Phone Call is REQUIRED for Domain Transfers from Network Solution to Other Registrars

.. Transferring a Domain from Network Solutions to another provider requires the Primary Account Contact to make a phone call to Network Solutions technical support (average time 10 to 30 minutes).

.. Use of the Network Solutions website procedure to obtain a Transfer Code, by the Account Primary Contact, requires a minimum 3 days wait.

(EDIT: Formatting)

[1] http://en.wikipedia.org/wiki/Network_Solutions#Network_Solut...

http://www.law.cornell.edu/uscode/text/15/8401

Note that the law doesn't prohibit 30 day free trials, which is how a lot of SaaS products are sold, so long as that's conspicuously displayed at the time of the original sign-up.

Correct me if I'm wrong but don't the following excerpts imply that you need to opt-in first?

"In addition WebLock enrolled customers will have access to a 24/7 NOC and rapid response team in the event of any security issues."

"We strongly encourage you to take advantage of this security program and register Certified Users before the program launch date. Thank you for helping us protect you better."

"To establish Certified Users and pre-register authorized phone numbers and email addresses please call 1-888-642-0265 Monday to Friday between 8:00AM and 5:00PM EST."

"Replying to this email will not secure your services. Please click here to unsubscribe. Please note that unsubscribing from our marketing emails will not affect important transactional correspondence such as administrative and renewal notices related to your account"

Key words here are - "established", "enrolled", "encourage","marketing email","not secure your service".

To me it just looks like this is just a sales letter that makes you think like you have no choice...

Edit: added even more proof that most people have trouble understanding what they are reading.

My assumption is that credit card companies are obligated to take off any charge you deem is unfair. It is their responsibility to find a proof that charge was with your explicit agreement. This is why they get to keep 1-4% of each transaction in first place. Doing this also had side advantage that merchant ruins reputation and loose their ability to charge like this in future.

Wouldn't this be the least hassle way? Just 5 minutes on call and charges are poof! gone.

This would be more honest:

---

Dear valued customer,

blah, blah, blah, blah, have you fallen asleep yet? We're going to charge you $1,850. You will not notice this charge on your credit bill. You will not request a chargeback. You will wake up when I snap my fingers in 3 ... 2 ... 1 ... and you're awake.

kthxbye

We signed up for something like $15 per month, a year later they upped it to $50 a month and we didn't notice. Still later upped it to $1500 per month and charged several grand before we noticed.

As soon as we realize the prices gone up we reached out, The rep on the phone instructed us to email the CEO to see if he could do anything. He replied with a straight face claiming that we had been notified (as this notifying us is enough, we should have to confirm).

Turns out the price increase had been buried three pages deep in a five-page mailer. We got a partial refund but not before threatening to chargeback.

The best strategy here is to publicize it and then issue a chargeback anyway, the only reason that we pushed was that some of the charges were too old to actually charge back.

http://www.thefreelibrary.com/Network+Solutions+and+America+...

Relevant part:

>>Network Solutions, Inc. (NASDAQ: NSOL), the world's leading registrar of domain names with more than 10 million registrations, and America Online, Inc. (NYSE: AOL), the world's leading interactive services company, today announced a multi-year, multi-million dollar strategic marketing alliance to offer Network Solutions' (NSI) domain name registration and value-added services globally across America Online, Inc. brands, making it easier and more convenient than ever for businesses and consumers to create an online presence.

Interestingly, I ran across what I thought was a great anecdote about Jim Rutt, CEO of Network Solutions in a Barron's article this week:

http://online.barrons.com/article/SB500014240531119046810045...

>>The second inspiration for this memo came from a report entitled Alpha and the Paradox of Skill by Michael Mauboussin of Credit Suisse. In it he talks about Jim Rutt, the CEO of Network Solutions. As a young man, Rutt wanted to become a better poker player, and to that end he worked hard to learn the odds regarding each hand and how to detect "tells" in other players that give away their position. Here's the part that attracted my attention: At that point, an uncle pulled him aside and doled out some advice. "Jim, I wouldn't spend my time getting better," he advised, "I'd spend my time finding weak games."

Seems like he found a weak game with auto-rebilling.

I'll be transferring all my domains (only a couple, most are with Namecheap these days) + any domains my family/friends have with NS out today.

Seriously, there is potential value in having extra security steps surrounding DNS changes, since that is a known attack vector. It's not clear that this is a particularly good way to provide said service, and the cost is prohibitively high for most customers.

Talk about blast from the past. I remember having conversations about how awful NetSol was on /. in 1998-99.

Pissed me off to no end. To cancel, I had to :

1) Find out that you cannot delete your domains or let them lapse. Gotta call them.

2) Call them. They will tell you to send an email instead

3) Email them at deletions@networksolutions.com.

4) Get a confirmation email, which you have to call in to verify.

I ended up cancelling my account after 4 phone calls.

What, exactly, is that $1350 / year supposed to pay for ?

For example, say I want to buy something for $10. I create a new CC number with a spending limit of $11 that expires in 2 months. Auto-renew, overcharge, try whatever you want. You got hacked and my CC # got stolen? Hacker can spend at most $1. You can also create CC #s with monthly spending limits (e.g., $cost_of_service+$1).

Canceling these single-use CC #s is easy (no phone call - it's one click online) and because they are single use, you only affect a single merchant.

http://domainnamewire.com/2014/01/21/network-solutions-auto-...

I've been on the phone with them periodically for about a year now trying to resolve this, and in the mean-time I've paid for two additional one-year registrations. It was basically a miracle that I was able to track down the credit card number I used back in 2003. I had to fax them various documents as evidence and now they're supposedly doing an investigation, but I haven't heard from them in a while.

I really should follow up again. I hope I can get a refund for the remaining 90 years and switch registrars. In the end, I might just let Network Solutions keep my $900+ and switch away from them for the peace of mind.

I have one domain with them which I bought through a private buyer. They had it with NS so I just stayed with them instead of transferring to another domain registrar.

Yesterday I got a email about renewal which was nice and genuine. However throughout the whole renewal checkout process they added up-sell services by default. Also they defaulted to 5 years renewable.

Finally their domains are $40 / year which is about 4x more expensive than other providers.

By the end of the process I had been through like 4-6 "upsell" screens and had to opt out of about 2-3 things I didn't want like private registration and brand protect (registers all the useless tld's for your brand).

By the end of it I vowed never to do business with them again. Im already being robbed at $40 / year

How could anybody ever just "opt out" charge you money for anything? Charging somebody requires a contract between the two parties. That doesn't need to be written or signed, but there must be an agreement between the two parties of some sorts, verbal or whatever. If not, I could just spam the world saying "I herewith unlock you for Foo Service at $5000 per month, opt out by travelling to the North Pole and doing a waltz around it". Surely, that must be illegal in US law, too?

How do these people not end up in jail? Or at least sued to death by some consumer organization?

I did that quite a number of years ago and wound up choosing to use Melbourne IT, aka inww.com for my domains. They were one of the few that didn't have Ts&Cs which they reserved the right to unilaterally change at will. Of course, I've been too lazy to read their current Ts&Cs so maybe their current terms are even worse than NetSol (but that doesn't seem possible, does it?).

I wouldn't consider registering a domain with NetSol and wouldn't hesitate to remove any domains they house from them.

scaring old people with threats into paying recurring premiums for absolutely nothing besides their own corporate incompetence.

Also, kids, this is why you change your credit card info every year, at least.

>Back in December, the domain registration and hosting company tested a new system that would automatically register any domains searched for by users of its site. That system went live last weekend, meaning users doing a search found the domain they wanted became unavailable and held by Network Solutions shortly afterwards.

link: http://www.geek.com/news/controversy-surrounds-network-solut...

Just my 2cents!

But each time I register a new domain name, I swear I am about to sign up for a bunch of crap that I don't need - their registration workflow is fraught with pitfalls and if you simply want to reserve a domain you must navigate a minefield to complete the transaction.

Is there a domain registrar out there that simply focuses on domain registration? If so, I'd love to hear about alternatives...

http://domainnamewire.com/2014/01/22/web-com-weblock-program...

offender || evidence || amount || date

Its been about 15 minutes and I have not received any email from them. I have checked inbox, spam box..not its not here. I hope they did not activate an inactive account I may have with them or worse I hope they did not create an account I never had in the first place.

Just make sure you don't have domains autorenewing.

Is there anyone else out there to whom this has happened? I'm having a hard time finding a colleague that is a NetSol customer -- so I have no one to ask. Can someone confirm that this isn't the only case of this happening?

I'm no fan of NetSol, but this seems ridiculous beyond belief. I just want to know if there is more to the story.

Being "successful" scammer is now considered a vertue.

Hover.com is about first domain registrar I've used that didn't feel shady as far as milking every last dollar they could out of me. Trying to up sell, etc.

If you look at their site "Network Solutions is now a web.com company". Seems like the new owners are digging deep into Netsol's bowels to get that extra golden egg.

"Please note that unsubscribing from our marketing emails will not affect important transactional correspondence such as administrative and renewal notices related to your account."

i.e. Anyone whom DIDN'T get this email because they have previously unsubscribed are still going to be stealth-charged? Are Network Solutions TRYING to put themselves out of business?

>OK, Ill tell our recruiters they are free to approach any Adobe employee who is not a Sr. Director or VP. Am I understanding your position correctly?

>if you [Brin] hire a single one of these people that means war.

Chizen's comment:

>if I tell Steve [Jobs] its open season (other than senior managers), he will deliberately poach Adobe just to prove a point. Knowing Steve, he will go after some of our top Mac talent

Jobs sounds like a Grade-A Asshole, along with every other player involved in this mess. Makes me even less likely to relocate to SV than I already was. Though now I'm curious to know whether these wage-theft pacts extend beyond SV, perhaps to Austin... Many of the same players have a significant presence here. Seriously. If you've got info, hit me up.

What happened here is not even 'price-fixing', it's a fairly weak attempt at 'collusion'. Yes, it seems improper at first blush and the email exchanges are almost comically incriminating, but my guess is that it didn't really have a substantial effect on the engineer salaries write large (or even executive salaries). Agreeing not to cold-call employees is not the same thing as refusing to hire them; that latter would have had a major depressing effect on wages (kind of like if all MLB teams had a handshake agreement to never sign another team's free agent) but that clearly isn't what happened here.

It seems to me like the proof is in the pudding. If big tech companies are colluding to depress engineer wages, they're pretty obviously failing.

Anyway, I have no idea how this lawsuit will shake out, but I know that Pando Daily is doing a shit-ass job of reporting, and I regret clicking on the link and giving them the additional pageview.

You hear this same thing when someone is lowballed a salary number, or has to put up with some other annoying workplace condition, it's said the person should negotiate this all up front with the employer, and that the person's lawyer should get involved in the negotiation.

As if one person has any chance negotiating against a Fortune 500 company's HR department, legal department etc. (or the equivalent forms coming from some venture backed firm whose VC's lawyer's help with the HR legal forms). Especially when the heads of tech companies are united ( http://www.fwd.us ) to trying to flood the Valley with low-paid workers chained to the H1-B visa, driving down wages and shortening the careers of programmers ( http://heather.cs.ucdavis.edu/h1b.html ).

Now on top of that, we see that the companies are united in trying to drive down wages. It's not just one Fortune 500 company doing this, it's the management of all of them doing it together. Yet the idea of programmers and admins organizing to defend their interests? Well only complainers do that. Steve Jobs and Eric Schmidt organize for their collective interests, but any tech who did that must have something wrong with him - he's a complainer, lazy, whatever. We shouldn't be organized to have our interests defended.

It's a zero-sum issue with two potential beneficiary sides. There are those of us who work, and create wealth being screwed by this. There are those on this board who benefit from this exploitation and thus will pick at points in this article, in this post and so on. Why wouldn't they, they're the ones who parasitically benefit from this expropriation and exploitation.

Why aren't we getting paid like lawyers? If they win $20M they will get paid at least $2M. But if we make a product that generates $20M profit, at best we get $20K bonus. This has to change!

This sort of shenanigans went on 100 years ago, but we couldn't study the consequences so tightly back then...it seems that Glassdoor's data, H1B data, etc provides a unique opportunity to study the effectiveness (or lack thereof) of such federal intervention.

They all thought they could get away with it. The idea that there were no defectors on this basis makes me question the integrity of the entire tech industry leadership.

Nobody had faith in the DoJ's ability to to investigate, or a court's ability to place injuctions, on this behavior and/or retaliatory actions.

Everyone had dirt on everyone else, at least in iteration. It was an n-way Mexican Standoff. Every player felt at least one other had the drop on them. http://fixyt.com/watch?v=HzF_TbmDH5s http://www.urbandictionary.com/define.php?term=Mexican%20sta... As with the first instance, this does little for establishing trust with the industry.

The threat of encroaching action was too great. Any defector would be destroyed before the practice could be halted. There's one slim glimmer of hope here: It suggests that the threat of union action would be similarly disruptive and that a concerted action on the part of employees would in fact tend to succeed. The Achilles heel of the tech industry is that its capital walks out the door every night. If it realizes it can not come back, or merely threaten to not come back, it will have gained a great deal of leverage.

They simply didn't care. Arrogance, psychopathy, delusion. It doesn't particularly matter. Again, trust and reassurance are not promoted.

I would take it further: In all industry, the trend goes one way: The wages of working people (including white-collar, I hope, that is the right word) have to go down, and the earnings from investments (pure money makes money business) have to climb.

There are only very few exceptions: One are lawyers, as mentioned in an other thread, and the other are people that work in the investment business (investment bankers, traders, ...). The reason for the second exception is obvious: their work is needed to make even more money from the money and every trick is played, to have the smartest, best guys getting the job done ... and get it done better and better.

Problem is: The whole thing breaks our society. Middle classes are already melting massively in many countries. The possessions of the worlds are concentrating in the hands of very few people more and more. Those people make our laws! The other people become poorer, even in the situation that the overall worlds possessions expand massively. The countries are already so much in dept, that many of them can not pay even the interest. Even the US is so much in dept, that there seems to be no possibility to get ever rid of it.

Nobody seems to realize, that while we are talking, investment companies are roaming the world for land, for houses, for companies to buy them, exploit them and throw it away when not needed (and not useful) any more. The wealth of the world gets accumulated in the hand of investment companies and the super-rich.

By rising the value of pure money investments, the value of human labor (to a more and more extend even high-paid and high-value labor) is degrading.

It seems that would be more effective than fining the companies, or the usual "We don't admit to doing anything wrong, but here's some money anyways."

Apologies for the green account, but I would prefer not to have my real name attached to such a discussion.

However does anyone think that this was the intention behind these agreements? Isn't it more likely that they wanted to stop an insane war on one another's businesses by buying off key employees to disrupt one another's operations? It would seem as though companies with a giant stockpile of cash - I.e. MS, Google, and Apple, could stifle competitors by just taking out key employees of their opponents with large signing bonuses, regardless of whether they intend to put them to work or not. The result would be a destruction of value.

Edit: parent deleted the comment, so here it is: (I sincerely hope the parent is not getting hauled off in handcuffs as we speak.)

  As a former Intel engineer the only thing that surprised me  is how high up these abuses went. These companies and their  leaders are scum to the highest degree. Between refusing to  consider american candidates, mandatority never ending  "crunch" time and suppressed wages I can only warn others  to stay as far away from the companies listed in this  article as possible, especially if you have an engineering  degree.  If you don't actually do anything its can be a pretty  rewarding career assuming you have a knack for abusing  others... such actions are highly rewarded at these  companies. The number of H1-B visas I saw pleading for  relief would astound even the Foxconn taskmasters.

Don't believe them when they claim they are trying to improve labor conditions for minorities or something. To truly help non-US-citizens they would be requesting more green cards and US citizenship. H1-B leaves a person in a limbo world where they are essentially an indentured servant of the company. And the result is lower wages for everyone.

Intel's hiring and HR fiasco has been a running joke in the industry for decades now.

Read iWoz (by Steve Wozniak) to find out about Jobs' behavior at Apple.

Intuit appears to be at the center of this class action suit.

The real surprise is that Google joined them. Good thing Facebook didn't!

Serious question, is this generally considered a bad thing? Every company I've worked for has had salary bands that work like this. They don't make it a secret. Generally you know which band you're in and the range of that band. I've recently been told in a company meeting at my current workplace that they are mainly working to bring people to the middle of their bands. So if you're above the middle, expect a low raise.

On the other side, I can't help but feel underpaid since I've been told by people who know that the work I've done personally has allowed us to bring in more than 100 times my salary in recurring revenue.

Why is it that lines like this never quite make it into the comments section here?

Makes you wonder in what other ways Google has "not been evil" doesn't it.

I accuse pandodaily of brain theft.

HN needs a kill file, I have truly never read an intelligent article from them.

They pay you enough to keep you happy, give you a few "interesting" problems to work on if you're lucky, maybe a couple of perks at the office. Why are you selling your soul to these guys in the first place? I just don't get why you'd be interested in making someone else rich for some geek-cred.

If so that would seem to support what the plaintiffs are saying.

Note that this completely ignores the NFL's non-profit status ... why was that ever granted?

Why? Because Google Bus Protests, that's why. This is a chance for the people and the engineers to line up, shoulder to shoulder, on the same side and take down the fuckers who've become the elite of this system.

The resistance begins.

Seems like that would be the best way to get salaries closer to market rates - simply be proactive and always talk to other companies and get your company to increase your salary to stay.

That would be too much I guess :-)

The market is a lot more subtle than that:

  1. Hackers are not simply mercenaries, esp. the best.   2. A decent % of the best are involved in startups, either as  founders or early hires.   3. "Acquihires" are a mechanism for the best engineers to get paid more "outside" the system.   4. Aside from industry, there is competition from academia etc.

As a middle class American, admittedly clueless, the education I've gotten over the past decade has been eye opening. And a bit late; I wish I'd learned this stuff years ago. But that is the dark side of being an engineer - the work and the creative aspects can swamp everything else. Other creative professions have this same basic problem, with the business major types exploiting them as much as possible. And basic Marxist theory is even more forbidden than rational thought about drugs in America...

i am not a raving Marxist, but after the last 4 years of my life getting shafted by one of the new crop of robber barons (an out and out sociopath) (yes, I have finally graduated from the Loser class (or been expelled)) it's... christ. Humanity is so tiresome. I've had some great bosses, mind you, and worked for some good companies. But the capital-labor relationship is fundamentally deteriorating and with the coming rise of automation and increased population and refusal to raise taxes and all these other social forces I see, the future looks very dystopian over the next 20 years. Things are getting such that the only logical position to take is that you incorporate yourself and thus you can act as sociopathic as you need to, given everyone else is acting the same. Does anyone with any sense want to live in such a world? I'd like to just do a good day's work, get paid fairly for it and not have to spend more time figuring out how to protect myself from getting screwed over - or figuring out how to screw over the next guy. I can't do my best possible work otherwise. I've got better things to do than play social games. This is something Ayn Rand touched upon in Altas Shrugged, as reviled as that book might be. Lots of capitalists these days are nothing but the social leeches that she railed against, despite their hypocritical protests to the contrary.

I guess I am a Marxist, or at least see the slice of truth about life and society that it reveals. There is a value in honest work, in creating something useful for society - that is something fundamental to being a real engineer. IT likes to claim that is a fundamental value of the profession, but I don't see that anymore (in general). There is too much money sloshing around. Things are getting out of balance. I can only hope the social strife prevalent in the 30s (go read some American history) comes about again - OWS and the protests in the Bay Area now are only the beginning. Then again, the resurgence of the fundamental social forces motivating the 60s that happened in the very early days of the rave scene got explicitly squashed by the authoritarian parts of the power structures in society.... Yes, I do have some stories.

Fortunately, climate change will smack humanity upside the head and force us to start thinking differently.

There should be consequences for the people who publish these things. People have a tendency to believe anything that someone in a lab coat says, especially if it supports their point of view or anecdotal experience. In many cases the people who do the research present it with few qualifications while not standing behind assumed implications. If someone publishes sensational and link baity findings they should say, unequivocally, "I'm willing to stake my reputation on the idea this trend is real and will continue" or "These are just data and I'm not willing to say that they have any bearing on reality".

Facebook may not have been right to dignify the initial post with a response, but I hope it works for the best. They say that some attention is better than no attention at all. It's important that this applies to self promotion and persona creation and not science. If somebody has something crazy to say, they should start a personal blog. Those who want to intentionally attract media attention should present themselves as such, instead of pretending to be doing any kind of meaningful experiment and hypothesis testing.

People do "research" like this all the time - you throw shit at the wall and see what sticks. Most of the stuff that ends up on the floor never receives any attention at all, so you don't hear about it on first-tier news sites. But when it's about Facebook, it goes viral, and suddenly is the subject of intense scrutiny. They didn't bring this to the UN for a call to action. They didn't start a company around it. They just applied an idea to some data and wrote it up. And now the entire Internet is making fun of some exaggerated version of their idea, summarized by Huffington Post hit-mongers.

Personally, I applaud these guys for putting in the work to test out a theory. If it's not correct, it will go in the bin with the other ten million papers with flawed theories, premises, methods, or other aspects that have been published in the last day or two.

It's been pointed out by a few other HNers, but this type of logic does a massive injustice and disservice to all the institution's undergraduate and graduate students, as well as its professors, who work hard to produce some of the highest-quality research in the world.

To say that this is a "Princeton study" is to present this as if it were endorsed or produced by the administration or some department or even a tenured professor. Instead, let's remind ourselves that this was a pre-peer reviewed paper posted on _arXiv_ by two PhD students (who have likely been at the university for a few years, tops). To paint this as the Princeton community getting together as a collective and putting forth their best attempt to "debunk" Facebook is just hilariously unfair.

Look, there's a thick anti-higher education slant on HN. People love referencing the higher education bubble and the 'demise' of the current university system or whatnot. But it'd be nice if we could keep things in perspective here and at least do better than the media, who can't wait to pounce on a Princeton vs. Facebook feud.

[1] https://news.ycombinator.com/item?id=7104904

Once again, a reminder to everyone that there are no peer review requirements for papers posted to arXiv. There is no evidence that the original paper was ever accepted by any journal or conference, and not surprisingly given the speculative nature of the study, the advisor of the two Ph.D.-candidate coauthors declined to place his name on the paper. So as an institution, Princeton is no more responsible for this paper than Obama is responsible for that drink machine being broken down the hallway (thanks Obama), even though it happens to be a drink machine affiliated with his country. In that regard, with all due respect towards Mr. Develin, I'm going to have to "debunk" "Debunking Princeton."

[Full disclosure: I am a Princeton alumnus.]

I'm also curious why Princeton's search volume seems to have declined. Obviously it doesn't mean Princeton is going to disappear, but what does it mean? Could be statistically insignificant, perhaps.

EDIT: Here are some comparisons:

http://www.google.com/trends/explore#q=%2Fm%2F05zl0%2C%20%2F...

Interesting how the initial spread seems to narrow.

(Oh, you don't have metrics to prove that? Is that because users are jumping ship?)

You mean "not all linkbait is created equal?"

Statistics is descriptive--it's not predictive. It tells you about the data you have. It doesn't tell you why the systems produced that data, and whether they might produce very different data under different conditions.

Wait did Facebook just start likewhoring themselves too?

Meaning: people that can't type "facebook.com" on the address bar and type it into google then click?

So... based on that, we can assume people are getting more familiar with the internet maybe?

This only speaks more towards an argument that Facebook isn't being serious enough with its own statistics. Of all organizations Facebook should be the first to spot a trend especially with esteemed data scientists like Mr. Develin.

I think Facebook's models with linear time trends are actually much more believable than the original paper.

However, the fact that they did so satirically sounds like when a politician says, "that's preposterous" instead of "that's false."

In addition, the data they use is pretty weak. The first chart shows that Princeton "crashed" or died between 2010 and 2011, since that's when that graph tanked. Since that data isn't good to make their Tu Quoque argument (that Princeton "will die") they are being satirical and ignore it. The second graph shows that more and more Non-Princeton articles are published. But this is due to more and more non-Princeton publications. Princeton has a fairly static amount of output, as the world's universities started outputing scholarly articles in English, you would expect Princeton's share to drop.

More interesting would be if its share of what it is trying to go for, Nobel Prize Laureates, publication in Science and Nature, whatever - were on the decline. This isn't addressed, just a global proportion of all scholarly articles: not Princeton's aim.

However, Facebook's goal is to get a majority of daily active users.

The second to last graph actually shows a pretty good case that larger institutions (by enrolment) correlate with search relevancy. But that is not a case study of an institution whose enrolment fell, which is what it would take to make a parallel case with the Princeton paper. They would have to pick an institution whose enrollment fell with its relevancy, and then show that Princeton is on the same track.

As it stands, it is not "longitudinal" but just a static cross-section of enrollment and mentions. Perhaps enrolment is static at all major institutions, regardless of search relevancy, and their enrollment remains full even if they become irrelevant?

This small switcheroo is a major one, and shows why the article has to be satirical.

Of course they did respond quickly :) It seems to indicate that Facebook did some research, but then found their results too weak to publish straight.

If the original article had been completely ridiculous, Facebook could've laughed it off and wouldn't have had to respond at all.

It's like if someone tells me I'm fat. Because I'm in good shape, I wouldn't react and just think the person is weird for telling me that. But if I was anywhere close to overweight, you'd see a strong reaction of some kind from me.

What the reaction is doesn't matter so much as the fact that there is a reaction.

Another reason to avoid the WD Green 3TB: these drives aggressively put themselves to sleep to save power. It's literally a matter of streaming a video from disk and if the OS caches enough of the file, the drive will see there haven't been any accesses in a few seconds and stop spinning.

The video will of course glitch when the cached data runs out and the drive needs to spin up. Great design.

What might shed light without revealing too much is information about where they source drives today (their sourcing coverage during the shortage was very cool!). I suspect they're finding some nice bulk discounts somewhere.

[1] http://www.amazon.com/Hitachi-Deskstar-7K3000-HDS723030ALA64...[2] http://www.amazon.com/WD-Red-NAS-Hard-Drive/dp/B008JJLW4M/(both seem to be market consumer prices)

I am intrigued by backblaze's service though. A part of me feels like there must be a catch somewhere. I have a good 10TB I'd be happy to pay $5/month to backup but somehow I feel like they'd pull a comcast and say their "unlimited" claim doesn't apply to the 1% of users (or in this case maybe the .001%).

My wife's hard drive actually just died. It was 160 GB WD in a black 2006 MacBook. The drive itself was a replacement from 2007 since the original drive died just over a year into its life.

Stupidly, since her Time Machine backup was misbehaving, I reformatted it and set it to start over. I spent the weekend recovering her datawith a lot of success, so no big deal. At any rate, this machine is long past its expiration date. It's time for a MacBook Air with an SSD, once the tax refund comes in.

I'm a little surprised that they actually did the analysis to determine the Seagates tend to fail more, yet they are still putting most (or at least, quite a bit) of their faith in those.

Based on their own data, I would likely avoid those, or at least start leaning more toward Hitachi and WD.

Or maybe the initial cost of those is so much better that it compensates for any long-term expense.

We've had similar experiences with replacement drives, they are, by and large, significantly less reliable than "new" drives.

And last bit, we've got Western Digital drives here (a mix of 2.0 and 3.0 TB ones) They have been pretty solid performers for us.

French hardware site, component failure rates. Google translate it to englishhttp://www.hardware.fr/articles/911-6/disques-durs.html

So its also important to take hard drive models into account.

Then there is the Google study Failure trends in large hard drive populationhttp://static.googleusercontent.com/media/research.google.co...

I don't understand why they don't. Are the Hitachi drives really that much more expensive so that it doesn't justify their vastly longer lifespan? Even if they can get "free" replacement disks during the warranty period, that has a cost for them. And they mentioned that some replacement disks die even faster.

I'm sure Backblaze has crunched all these numbers - would love to see them. BTW thanks for sharing this data!

Which is currently the WD 1gb blue. Very fast, very cool running.

For extremely simple devices like resistors or incandescent light bulbs, failure rate is relatively constant over the lifetime of device -- the chance of a functioning resistor with 10 hours of use failing during the next hour is the same as the chance of a functioning resistor with 1000 hours of use.

For complex devices with lots of interdependent parts, some of which are mechanical, the failure rate changes over time. There's an "infant mortality" or "lemon" phenomenon, where relatively new devices have higher defect rates (because fabrication and shipping sometimes result in imperfections which quickly cause failures), followed by a steep dropoff in failure rates (because observing a device operate correctly for dozens of hours is strong evidence that it doesn't suffer from a failure mode which often results in infant mortality).

Then there may be an increase in failure rates later, especially with devices that are partially or wholly mechanical (wear or damage type problems which do not cause immediate failure, but make it easier for a failure to occur).

You need empirical data to be quantitative about this curve, and it sounds like Backblaze has it, but their presentation in this article doesn't show it.

We are basically an WD house now.

Moreover, it seems that Deskstars are no longer manufactured (or have been rebranded). http://www.hgst.com/hard-drives/product-brands

No matter what hd you use, if you are corrupting files, it's all the same. Same with Evernote, if their sync is losing notes, and it is, everything else is less important.

I have one in my rig, and whenever I do any disk access, I always have to wait about 5-8 seconds for it to spin up every other half hour. It seems to aggressively turn off. I have my base system on an SSD, and my games and other things on this 3TB drive.

I guess such spin up times would be unacceptable in backblaze's environment.

In general I'm very suspicious about the unlimited offerings. When they tell the technical details I get the feeling they are up to task and not just reselling S3 and hoping people pay but don't actually use the storage.

I've sworn off Seagate altogether, at least until they demonstrate a commitment to producing more reliable drives. I will not willingly buy them for the datacenter, and I won't buy them at any price for the home, RAID or no RAID.

From what I read they look quite reliable over a fairly representative sample (annual failure rate v. # of drives / TBs / years).

I've got one sitting on my desk that seagate sent me as a RMA return. Guess it won't be going back into our RAID.

Cross out WD, Seagate, Maxtor and Samsung drives. Hitachi wins!

Backblaze got egg on its face yesterday on HN when someone's critical report (rightly) got upvoted. Today they make up for it by giving us an interesting and useful data chart.

I know it sounds weird, but for whatever reason I read this as demonstrating a high level of corporate responsibility and attunement to customers. They could have compensated by instead, say, dropping a few grand on buying journalists and 'reviewers', like Microsoft does. But they didn't. Instead, they were cool. To me that signals that they'll also take care of whatever problems they've had recently. (Note: I have no affiliation with Backblaze.)

I'm currently not shopping for an online backup service but if that ever changes, I now have a good feeling about Backblaze, and I hope that other services take a similar approach to repairing customer relations when they are fraught.

Shit happens, even to backup providers. It's how you respond that matters most.

Not terribly impressed so far, but then again, I'm not a designer or an artist and I manage to write SVGs that fail in various renderers due to implementation deficiencies. But those I tested were not even complex or used advanced features.

At the moment I'd guess this is aimed at the most trivial vector graphics possible, i.e. only basic shapes, stroke and fill. It might work for that, but that's well beyond what I use of SVG or Inkscape usually.

A few feature requests: having the shift-c tool (convert anchor point, I think) and being able to delete anchor points would be great. Much harder to work without that. Saving also didn't work the first several times I tried (but great to see auto-saving to localStorage?)

http://cl.ly/image/0F212f3X2h07

The Maven Pro font appears to be infinitely thin at weight 300, it only starts being readable at 120px+. It doesn't have a version for that weight, so the browser is [failing at] simulating that.

- how do I add and delete points on a path?

- how do I change the node type? Eg, if there are no handles, how do I get handles (antlers I think you call them in the code).

- How do I go from colinear handles to "broken" handles: handles that form an angle at the node, so I can have two different curves joined at an acute angle at one node?

- How do I do intersections, unions, groups, layers, etc?

But I gotta say it again, it's really beautiful...

It's a very very basic vector editor that doesn't even let you rotate things, import any standard vector formats (SVG, EPS, AI, PDF), have dotted outlines, distort, curve the text, etc etc etc.

I understand it was a lot of work, and you did a great job, but let's not pretend this implements even 1% of Illustrator.

One thing that would really stand out would be an 'infinite zoom' I've seen implemented elsewhere.

https://mediacru.sh/static/mediacrush_logo.svg

I like it works with Dropbox

The reason it works is that 9998 = 10^4 - 2. You can expand as

    1 / (10^n - 2) = 1/10^n * 1/(1 - 2/10^n)                   = 1/10^n * (1 + 2/10^n + 2^2 /10^2n + 2^3 /10^3n + ...)

    2^k > 10^n   =>   k > n log(10) / log(2)

---

Another pattern can be generated from the power series expansion

    x / (1 - x)^2 = x + 2x^2 + 3x^3 + 4x^4 + ...

    1/10^n + 2/10^2n + 3/10^3n + ...

    1 / 998001 = 0.000 001 002 003 004 005 006 007...

Another example is the fraction

    1000 / 997002999 = 0.000 001 003 006 010 015 021 ...

    1 / 998999 = 0.000 001 001 002 003 005 008 013 021 ...

---

Getting the squares is harder, but you can do it with

    1001000 / 997002999 = 0.001 004 009 016 025 036 049 ...

[1] http://en.wikipedia.org/wiki/Fibonacci_number

  1/9998 is  1/(10000-2) is  (1/10000) / (1 - 2/10000)

  x1 = 1/10000;            //  0.0001  x2 = x1 + x1 * 2/10000;  //  0.0001 0002  x3 = x2 + x2 * 2/10000;  //  0.0001 0002 0004 0008  ...

  O_O

11^0             111^1            1 111^2           1 2 111^3          1 3 3 111^4         1 4 6 4 1

(a0 + (d - a0)(1/10^n)) / (1 - 1/10^n)^2

For instance the sequence 1, 4, 7, 10, 13...

(1 + (3 - 1)(1/10^2)) / (1 - 1/10^2) = 1.02 / 0.9801 = 3400/3267 = 1.004 007 010 013 016...

For any kind of recursive sequence, you can find its generating function G(x) and then substitute some integer power of 0.1 for x to generate cool decimal expansions like this.

The generating function for the Fibonacci sequence is:

G(x) = x / (1 - x - x^2)

Substituting in 0.001 gives 0.001 / 0.998999 = 0.001 001 002 003 005 008...

Wolfram Alpha interprets 1/0x9999998 or 1/0xffffffe correctly as hex input, but still shows the output as decimal approximation, while a hexadecimal approximation would be more useful here. I would be really curious what this thing looks like in other numeric bases.

Unfortunately, the "Other base conversions" section only shows up to 7 or so digits after the point and doesn't allow expanding.

EDIT: found it! I didn't know bc in linux was this awesome!echo "obase=16;ibase=16;scale=1000;1/FFFE" | bc.0001000200040008001000200040008001000200040008001000200040008001000 (....)

1/98 = 0.01 02 04 08 16 32 ...

1/998 = 0.001 002 004 008 016 032 064 128 256 ...

but there's also a degenerate case, where you have no 9s at all:

1/8 = 0.1 + 0.02 + 0.004 + 0.0008 + ...

and what's surprising here is that everything adds up and gives you the terminating decimal 0.125 that you were expecting.

1 / 99998 will return:

0.00001 00002 00004 00008 00016 ....

[0]http://www.wolframalpha.com/input/?i=1%2F99998&dataset=&equa...

http://en.wikipedia.org/wiki/Generating_function

In this case, the sequence 1, 2, 4, ..., 2^n has the generating function,

  g(z) = sum[i = 0 to inf] (2^i * z^i)        = 1 + 2z + 4z^2 + ...        = 1 / (1 - 2z)

What more interesting is that some other useful sequences can often be obtained from the function, by operations like differentiation and integration, or adding / multiplying with other functions.

For example:

  2z + (4*2)z^2 + (8*3)z^3 + (16*4)z^4 ...  = d/dz(g(z))  = d/dz(z * 1 / (1 - 2z))  = 2 / (1 - 2z)^2

echo "scale=10000;1/999999999999999999999999998" | bc

  Powers of 3:  1/9997 = 0.0001 0003 0009 0027 0081 ...  Powers of 4:  1/9996 = 0.0001 0004 0016 0064 0256 ...  Powers of 5:  1/9995 = 0.0001 0005 0025 0125 0625 ...

sum k^3*1000^(-k) for k=1 to infinity( = 334667000/332001998667 = 0.001 008 027 064 125 216 343 512 730 ...)

Also see if you can guess which one this is:40920041/997002999 = 0.041 043 047 053 061 071 083 097 113 131 151 173 197 223 251 281 313 347 383 421...

Mmmh. Primes.

<http://texify.com/?$\frac{1}{10^n-m} = \sum_{i=0}^\infty \frac{m^i}{(10^n)^{i+1}}$>

And here's OP's result where n=4 and m=2:

http://www.wolframalpha.com/input/?i=%5Csum_%7Bi%3D0%7D%5E%5...

http://blog.zyrthofar.com/2012/07/multiplying-recurring-deci...

Source: Richard Feynman, "Surely you're joking, Mr. Feynman!"

http://www.youtube.com/watch?v=daro6K6mym8

If you wanted to extend this, make it something like 1/999999998 instead.

Can we use WolframAlpha to show why 0.1 cannot be represented as a floating binary?

And why floating numbers shouldn't be used for currency operations.

(you get the idea)

fibonacci:100000000/99989999=1.000100020003000500080013002100340055...

integers:1000000/998001=1.002003004005006...

square numbers:1001000000/997002999=1.004009016025036...

explanations and proofs at:http://www.joefkelley.com/?p=635

Look at the equation and then plug in (-2) for x

Feynman, R. P. 'Surely You're Joking, Mr. Feynman!': Adventures of a Curious Character. New York: W. W. Norton, 1997.

fpprintprec:100; fpprec:100;s : string(bfloat(1)/bfloat(9998));makelist(substring(s,3+4i,7+4i),i,0,15); [0002, 0004, 0008, 0016, 0032, 0064, 0128, 0256, 0512, 1024, 2048,4096, 8193,broken pattern,6387, 2774, 5549]

I'm sorry this happened to you. I personally believe the burden of proof should be on the company. However, that some choose to err on the side of caution is perfectly understandable.

The thing is that companies that handle credit card payments are very vulnerable to fraud because they are liable for consumer chargebacks [1], at least in the US. This is particularly unfortunate since US cards also happen to have pretty poor security (which also has probably something to do with the fact the merchants are liable, and not the banks). Stolen credit card numbers are extremely easy to obtain (cf. Target breach) [2], and once this is done fraudsters have basically two main ways to extract money out of it:

1) Use the card number to make purchases online, or better yet, find a self-service platform that lets you become a merchant then purchase your own offerings (eBay/PayPal, Eventbrite, etc.).

2) Duplicate the card (made much easier by the US' slowness in adopting chip-and-pin), and use it to pay for goods or to load the money on some account. Square is perfect for this since you own the card-reading device, which makes it much less risky than attempting to use a duplicated card at an ATM or at a retailer.

Now, the problem is that you potentially need a lot of cushioning to withstand fraud attacks: while the processor only makes profit from the transaction fee, they are liable for the entirety of the charge, so one single fraudulent transaction can wipe out the profit of thousands of good ones. Being attacked by a fraud ring for hundreds of thousands or even millions of dollars in a single day is not impossible (in fact we've seen this happen, and Eventbrite's transaction volume is much smaller than PayPal's or even Square's), so this is a lot of risk to take on for a company, especially a startup.

Regarding the bad customer service you've received, there is a specific reason why companies often decline to comment on fraud security checks: by allowing you a way of recourse, they would be disclosing information about how their system works, which makes it potentially vulnerable to attackers. For example, if they said "sure, just send us a copy of your driver's license and we'll lift the ban", this would be a signal for fraudsters to try to fake such documentation.

Overall, it's a complex issue and unfortunately frustration is part of the game (trust me, if PayPal could have found a way to make operations smoother and less frustrating, they'd have done it). At Eventbrite we've chosen to assume this risk and be more liberal with verification because we decided that providing a good user experience is worth losing some money over (and because we have faith in our ability to keep up with the fraudsters), but this is a decision every company that handles money has to make and it's not an easy one.

[1] http://en.wikipedia.org/wiki/Credit_card_fraud#Merchants

[2] fun fact: you'd be surprised to see how big this underground economy is; it's so well-oiled that some sellers even provide customer service on the credit card numbers they sold, and offer money back guarantees if the card has already been deactivated

If I were you, I would check your credit report IMMEDIATELY.

I'm in the same boat as you, except I'm in my 40s. Most companies use Experian or Equifax to do some sort of credit verification by asking these questions. However, about 5 years ago, the credit agencies merged my credit record with someone else with the same name, but entirely different birthday and location.

Evidently, they don't give a fuck because it took me years to get this wrong information off of my credit records. I don't understand how this isn't libel, since they are spreading false information about me, and that drastically affected my credit, and I had to jump through hoops to get everything corrected.

The thing that really sucks is that Experian STILL has the wrong information about me, so when I'm asked these credit questions, it's mixed with the other person's data, so I always fail the credit check. Despite having nearly perfect credit, I've failed the credit check numerous times, and like you, the decision has always been final, because no one appears to give a fuck.

The problem is I have no idea how to get Experian to refresh their data, even though it's several years old now.

It might be the case that the OP's credit history has been merged with someone else, and if this is the case, they need to fix it as soon as possible. Use the yearly free credit report to make sure there is no loans or credit cards associated with your name, and if so, you need to call every single credit agency and dispute it. It really sucks, and I don't understand how we let the credit agencies have this much power, where we the consumers have to suffer like this whenever THEY fuck up.

I understand why they do it -- it's pretty clearly related to their anti-fraud / anti-spam / security systems, and I understand that by giving any further information, they're exposing those prevention measures to weakness. And I'm sure in cases of real fraud / spam / security risk, this is the right approach.

But man, does it stink for everyone involved when there's a false positive (i.e. in this case). There's got to be a better way of handling this. Some sort of escalation / appeal process?

(And if there isn't -- hint hint, companies that haven't gotten big enough to be immobile on this issue: Implement one.)

(1) Consumer Financial Protection Bureau (CFPB): http://www.consumerfinance.gov/complaint/, and,

(2) New York State Department of Financial Services (DFS): http://www.dfs.ny.gov/consumer/fileacomplaint.htm.

This will make it more likely that you see a favourable resolution. Further, this assists due process in identifying and resolving problems in our financial system.

"Barry said she grew so frustrated exchanging e-mails with customer service representatives that she drove two hours to the company's San Francisco headquarters to get some help in person.

Instead, she cooled her heels in the lobby for a couple of hours. No one would speak to her, she said, and the security guards threatened to call the police. Then Square deactivated her account, saying "high-risk activity was detected."

http://www.sfgate.com/business/article/Square-faces-rancor-f...

Prior to Square the individual / very small business market was underserved (for real-world transactions). You had to go through a PITA application and due diligence process with a processor. And you typically had to pay significant up-front costs and ongoing fees to maintain your account.

There's a reason for that: the processor is financially liable for any fraudulent merchant charges. If a merchant signs up and puts through $10K of fraudulent charges and skips town with the money, it's the processor that pays.

So Square did two things. First it lowered the upfront costs by piggybacking mobile devices to turn them into low-cost swipers.

But the second very crucial thing they did is hidden on the back-end: they streamlined the signup process and support costs. They did that by doing exactly what you see here, using alternative ID and credit check methods. And making their customer support largely a self-service operation.

The good news is that the particular case you see here is probably fixable with continued improvement. But that's why it happened.. they are replacing an otherwise more costly and burdensome signup process with something largely automated. And there's a lot of money at stake if they screw it up and let fraudsters on board.

I'm getting failed on a similar knowledge based identification on coinbase right now. Failed twice already. At least it's not a final decision, to their credit.

There needs to be laws against this almost certain dystopia. That's one reason why I support the EFF.

After two months, they closed my account because I was living in Puerto Rico at that time and there are no partner banks in Puerto Rico. Once I moved to San Francisco and linked Square with my new California bank account, I was able to accept payments again.

Then one day I got a notification indicating that my account had been closed, and that the decision is final. I contacted Support, and they reiterated that their decision was final, and could not communicate with me any further.

It is the weirdest interaction I've ever had with a company. I still use them as a payment method and I'm a big fan of the company, but I feel disappointed whenever I log in and they remind me that my merchant account is disabled.

Buy. Things.

If your site does payment processing through Paypal then, through some accident of account processing or technology or the history of my account, I can't use any of my 3 payment cards to buy what you're selling, because Paypal believes it needs to (for reasons passing understanding) link directly to my bank account before any card with my name on it can be used through Paypal.

>Due to the nature of the origin of public record information, the public records and commercially available data sources used in reports may contain errors. Source data is sometimes reported or entered inaccurately, processed poorly or incorrectly, and is generally not free from defect. This product or service aggregates and reports data, as provided by the public records and commercially available data sources, and is not the source of the data, nor is it a comprehensive compilation of the data. Before relying on any data, it should be independently verified.

I'd guess the failure rate of using this service was deemed an acceptable trade off to implementing an independently verified service.

[1]http://www.lexisnexis.com/risk/solutions/instantid-qa.aspx

I recently encountered this with Electronic Arts and their Battlefield 4 game. I forked out about $150 AUD for the base game and premium addition only to be informed my account has been permanently banned after coming back from a month in Europe on holiday because they said I was cheating. Well actually, they wouldn't give the exact reason, but that was essentially what their response implied. When I asked for whatever proof they had, they said our decision is final and we can't show you any proof.

I am in the process of getting a refund as I paid by credit card, but this is definitely a commonly recurring theme amongst larger companies who struggle to deal with their customers and ultimately retain them. What kind of business model punishes their customers?

Good luck, I think you have a real chance of getting some human response now that this is on the front page of Hacker News. My understanding is that this is how people get responses from people over at Paypal as well, create a loud enough noise for someone higher up to respond as to avoid a PR nightmare and get your problems resolved.

First, I had worked for one of California State's departments as a contractor, but hadn't been paid in two months. I called my State Senator, said I had working for the California in his district without pay for two months, and that I needed his help. I got paid the next day.

Second, I had been wrongly charged over $10,000 USD at a city hospital, and hadn't been able to fix the situation. I contacted the Mayor, explained that I was being charged for a service I didn't receive, and asked for his help. The bill went away.

Last, American Express sent me to collections (related to the hospital bill above), and the collections agency was trying to con me into paying more than I owed. I called the office of American Express' Chairman of the Board, and asked if they could help me deal with the collection agency's shenanigans. They pulled my account of out collections, and started dealing with me directly.

Recommeneation => track down Jack Dorsey or someone on their board, and explain the situation. It just might work!

(I realize I could possibly answer this experimentally, but I'd rather keep this theoretical)

Any decent support operation would actually talk to this guy, provide workarounds for their broken system (which is clearly broken for this particular occurrence), apologize and promise to improve things.

The fact they they provided a shitty service would be the top on my root causes list.

But this is seriously upsetting, the tone of this writing wants to rip my heart out for the author. I can only wish that this gets resolved decently.

His comparison also reminds me how Amazon's customer service is absent as much as possible. Automation and all that. Yet on that topic, it seems people don't mention Google as much. (I wonder if they filter that out in their results..)

After living in that apartment a bit longer we got some mail for old tenants that seemed to indicate some sketchy activity. I believe they may have been fraudsters. However, despite several emails and calls to Amazon I am told there is no appeal whatsoever any reason, and that's that. The callous disregard for customers is breathtaking.

Needless to say I use DigitalOcean, ebay (that a company can be more user-hostile than ebay is shocking) and avoid Amazon whenever possible.

So if they have the data, why couldn't a pirate, NSA officer or errant banker?

Perhaps a better test is what I choose to forget.

http://en.wikipedia.org/wiki/List_of_common_Chinese_surnames

I'm making an assumption that your ancestry is Chinese, I believe it is even more popular in Taiwan.

Apparently, according to a summary of the 2007 census there were 7 surnames which were shared by over 20 million people, of which one of them was "Chen".

For a comparison, the article also mentions that the most common surname in the USA, "Smith", is occupied by 2.4 million people.

Let's look at some population estimates:

http://en.wikipedia.org/wiki/List_of_countries_by_population

China is estimated to have 1,360,720,000 people, whereas the USA is estimated to have 317,559,000. The first article states that the frequency of "Smith" is about 0.84%. A quick calculation on the old python interpreter gave the frequency of "Chen" as roughly 1.47%.

What surprised me reading those two articles is that the USA is the third largest country by population.

I though I'd look to see if my surname, "Tucker" (no prizes for guessing which expletive it rhymes with) was popular in the UK. I first looked at this:

http://www.dolltoy.com/uk2.html

... Listing the 50 most popular surnames. I didn't find it, but the list has a column titled "Associated Town" (I was not aware of this convention). At the bottom of the list is "Davis", which is associated with the town of Gloucester, my home town. I'll have to look a bit harder for its actual frequency, it is also used as a first name for both boys and girls. My first name is "Robert", which can also be used as a surname if appended with an 's'. I could have been called "Robert Roberts", or "Tucker Tucker". Reminds me of Rik Mayall's character "Richard Richard" off that vile comedy "Bottom", while co-star Ade Edmonson's character had the charming name of "Eddie Hitler".

Come to think of it, what's the etymology and frequency of "Hitler"? ....

I was implementing payment system for https://appenlight.com from paypal to some other solution that would not require paypal account. We've evaluated Braintree and Paymill - as App Enlight is european company, so our options were limited. Before Paymill took its time to reply to me (~22 days), I already managed to validate, sign all the papers and actually implement Braintree solution to our application.

One more thing at first Braintree support told me they might not be able to work with us because of some restrictions on company legal form by processor bank, but after I have sent them all the documents, everything went fine and got approved. Maybe you can try with them.

A good payment system has to fix the leaky abstractions below it someday somehow, to be really great.

How is this not an information leak? If I know there is only one other person with my name within the area, then I can obtain information from him this way. (Since there will be multiple choices about that person suggested in that questionare)

http://en.wikipedia.org/wiki/Name_change

https://image.bayimg.com/d3e7f68ca0e50daf6e77a0eb56eb2b6c61e...

+1

As long as Stripe made clear what their position was, as to not waste this person's time or money, I don't see a problem here. It can be a business decision to flip a coin and permanently turn away all the customers that get the wrong side, if doing that magically increases profits. You can't even call it bad customer service since they are not a customer and will never be one.

Here's the problem with using words like "bro" (however jokingly): the problem is not with what you[0] are thinking when you read the word "bro", but with what other people, especially newcomers, are thinking. The locker-room atmosphere that stuff like this creates is a huge barrier to entry for a lot of people, women especially, who infer that on top of all the technically difficult stuff that everyone has to learn to be CS types, they'll also have to deal with a constant barrage of "you're not our kind" flung at them by the in-group. You personally may not be intending that as your message, but I assure you that your personal intent does not matter when you are using language that has been associated with exclusion and discrimination.[1]

The problem here, if this program is actually intended to be used, is that just typing in the command would be a constant reminder of an entire subculture that is widely seen as[2] putting up walls and doors that say "NO GILS ALOUD" around the programming profession, an attempt to preserve privilege. Those of you suggesting an alias are either being disingenuous or missing the point entirely.

[0] Meaning individuals, of whatever gender/race/class/whatever, that are likely to be reading HN.

[1] If you don't believe me, ponder for a moment sentences like, "But I like Negroes just fine!" Language matters.

[2] Again, you might not mean to reference that when you use words like "brogrammer". But it's how an awful lot of us read it.

EDIT: Rereading other posts on this page, I should add that I almost certainly got the phrase "shame about the name" stuck in my head from reading dewitt's post. Four words, such a concise summary of my attitude! :)

EDIT 2: "they'll have" -> "that everyone has" to clarify argument. Thx vezzy-fnord.

To me, a "bro" is a dumb, fratboy version of a man, which makes the name hilariously perfect. If you're feeling oppressed and excluded by a command name, your real problems lie elsewhere.

I suppose "brogrammers" might be a target audience, but the concept of the tool itself is pretty good for just about anyone. Shame about the name.

Some time ago, I wrote a post about CoffeeScript. As you may know, CoffeeScript is a whitespace-specific programming language.

I am black, and there is a small cultural wiggle-room when it comes to black people making fun of colour-based cultural issues. So I thought I could get away with calling my post "White Power."

The response was immediate and scathing. Regardless of whether I was personally offended by my title, it was put to me that my title was inappropriate to go sailing round the front page of Hacker News, &c.

Maybe it was, maybe it wasn't, but you know what? These things are about how people react, not what was on my mind at the time. There is room for debate when people are doing these things specifically to provoke debate, as one finds in art and drama. But in this case, I was not an artist trying to make a point about culture, I was writing a blog post about CoffeeScript.

I changed the name, I think I renamed it after a Mondrian composition. A few people continued to rag me about it, but in time people forgot the name but continued to productively discuss CoffeeScript.

In any event, I feel for the authors. We all make our little jokes, and sometimes they land with a resounding thud. The problem, of course, is that unless we are artists provoking people into thinking about culture, these discussions are a distraction from the good work we're trying to do.

So the right thing to do as a developer is change the name and move on. If it is changed, the good things in this library will live on long after people have forgotten the rhetoric expended on the choice of name.

It would be a shame if the library is remembered for its name instead of its functionality.

Is the association that some people will make with "brogrammer" culture a bit unfortunate? Sure. But there's nothing about this program that's making any assertions about bros, or their gender, or anything else - heck, it's not even really talking about people, it's just a play on the word 'man'.

And if we can have a woman named Siri who lives in our phones who answers our questions, why can't we have a bro who lives in our computer and helps us out with the command line?

As for the "bro"trevorsy that is brewing in these comments. Lighten up for crying out loud.

I am sensitive to the issue of exclusionary culture within tech. I think there are times when this is a necessary discussion to have. I want to see more women get involved in programming, and I am happy to point out instances of men perpetuating a sexist culture.

With that said, I don't see it here. I really don't. And I understand the concept of lots of little things adding up over time, where one joke would not be offensive, but a constant barrage would be. I think of myself as someone who isn't bothered at all by swearing, but I have a housemate who literally swears in every other sentence and it is the most grating thing to me. It's not once instance, it's the accumulation over time. But I don't think this is similar.

"Bro" being offensive seems very highly specific to particular subcultures that I guess I'm not a part of. I guess there are people for whom that word has some highly negative connotation, maybe the people who are called "bros" derogatorily, but I don't understand why this pun is offensive to women. Gender isn't some super shameful characteristic that I flinch at any reminder of its existence. If I used this tool, I guarantee you that I would not be subtlely reminded that I am an "other", that I am not a "bro"; I use git all day every day and I honestly forget that it has any other meaning.

I hate to say this, because women feeling excluded from tech is a big, real problem, but this conversation trivializes it. People who need to hear that this is a problem are going to see this discussion and think that women are being ridiculous. Women are not underrepresented in tech because of this. But thanks for contributing to the stereotype that women whine and complain about trivial stuff, bros.

I fear that the humor in it, much as I like humor, is a mistake. First, it comes across as a gender troll. Any technical attention the tool receives will be smothered by that avalanche. (Exhibit A: this thread.) More importantly, it impedes how the tool needs to work: get to the point immediately and cut everything else. Man pages may be Byzantine, but they do this well.

If I need examples for curl, examples for curl are all I want to see. They should be laid out readably and minimally (a nontrivial design problem). The last thing I want is a joke repeated everywhere. I'd say the same about the upvoting and downvoting stuff that appears in there: it's extraneous and distracting.

When I'm stuck on a shell command, it's usually because I have a specific task I'm trying to do. All I want is for the light bulb in my head to switch on so I can go "Oh I get it!" and go off to do the task. The best way is to see an example that's close enough to what I'm trying to do that it's like a magnet that attracts my specific task and snaps it in place. That's why I like the idea of this tool. It should focus on getting the user to that moment as quickly as possible.

There are scripts to search it from the terminal, e.g. https://github.com/t9md/cmdline-fu

It's a nice complement to man pages, especially since it contains complex examples using multiple tools linked by pipes, which is where the terminal really shines.

Man pages are often not fit for purpose and fail at basic pedagogy. Poor man pages (alongside poor UX generally) renders good software unusable.

It's really an important task to fix this problem - I can't begin to imagine how many hours this could save. This has the potential to make it easier for people to try software out and could lower barriers to enter computer science.

The name is clever, I suppose, but it's simply not appropriate and contradicts any goal of inclusive openness, and I find that important. I feel conflicted, but I can't contribute to this project under this name. :(

Unbelievable. Someone does a cool thing and the discussion is about the name they chose for it. Not what it does, not what problem it solves, but because someone, somewhere, might have an issue with the name.

Concentration on the minutae of mostly irrelevant things instead of stuff that actually matters, like function and effect. Basically everything a developer hates.

What the fuck.

  eg(){ man "$@" 2>/dev/null|sed -ne '/^EXAMPLE/{:a;p;n;/^[^ ]/q;ba}'|${MANPAGER:-pager -s};}

For example:

  $ eg cat  EXAMPLES       cat f - g              Output f's contents, then standard input, then g's contents.         cat    Copy standard input to standard output.

There, I fixed it. Now nobody needs this program (or should I say brogram) anymore. (Thanks to pbhjpbhj for the name: https://news.ycombinator.com/item?id=7122063)

From a marketing perspective, giving your product a name some people hate is polarizing. It might get attention in the short term and is certainly memorable, but in the longer term isn't a great move because they'll cringe every time they use it or have to talk about it and the complaints will continue. So why not pick something else?

Examples of badly named projects that were renamed, just to show it can be done and it's not a big deal: forplay -> PlayN testacular -> karma

Hundreds of idiotic comments on this page from Social Justice Warriors with too much time and nothing better to do.

People, it's the word Bro... get over it. It took me a second to get the joke (it's from man pages), I thought it was semi funny but whatever, it seems useful actually.

Why can't we keep the contents in topic? The authors put in effort to make this - how about we commend them for that, instead of tearing them down, when we've contributed nothing to this project.

[1] http://knowyourmeme.com/memes/bro

[2] http://www.npr.org/blogs/codeswitch/2013/06/21/193881290/jea...

One comment: the thing with voting takes _way_ to much space, and hence not that many things are visible. (Maybe a _single_ line would be better.) But the idea with feedback is great!

Looks like anyone can submit examples to this. Users need to be very careful before blindly copy-pasting the "example" scripts into their shell. Hopefully the voting system will remedy this, but that's not guaranteed. While not nearly as dangerous as copy-pasting from the browser[1], still proceed with caution.

[1] http://thejh.net/misc/website-terminal-copy-paste

And I love the name and it's play on the manpages. But a lot here seems to recommend changing it - can anybody explain to a non-native-speaker what the problem is with the current name?

The negative connotations of the word bro appear to be rather US-centric. I am Australian, and I have several friends from New Zealand who use the word bro as a term of mate-ship and affection (I've even heard one friend call his mum bro).

With that said, it's great that people are conscious of the affect of matters like this on the inclusiveness of the community - but in this case, when the word "bro" has such a variety of associations, perhaps we should judge the book by its content, and not its title.

I'm male. I'm even American. I don't think anyone including my biological brother has ever called me "bro" in my entire life. Maybe because I'm 38 and not 22?

When I see something being pitched/marketed/whatever using the word "bro", I have never imagined it could be targeted at me.

Just now I figured I'd visit the site before commenting, and I mistyped the domain (the .com is the FB profile for some frat-related group). Oops; so I googled "bro pages".

The FIRST HIT is something about the playboy mansion. Nice.

I'd be vaguely annoyed if someone standing near me noticed that tab ("bro: just get to the point!") open on my browser, so unless there's a roaring wave of approval and it's suddenly better than regular man pages (which aren't bad; I skim fast) plus StackOverflow, I'm not using it.

Eh, with a little luck they'll change it and try again. The idea seems solid.

For example, say I'm looking at godoc for http://godoc.org/go/build#Package and I see all these descriptive comments for the fields:

    type Package struct {        Dir         string   // directory containing package sources        Name        string   // package name        Doc         string   // documentation synopsis        ImportPath  string   // import path of package ("" if unknown)        Root        string   // root of Go tree where this package lives        SrcRoot     string   // package source root directory ("" if unknown)        PkgRoot     string   // package install root directory ("" if unknown)        BinDir      string   // command install directory ("" if unknown)        Goroot      bool     // package found in Go root        PkgObj      string   // installed .a file        AllTags     []string // tags that can influence file selection in this directory        ConflictDir string   // this directory shadows Dir in $GOPATH            // Source files        GoFiles        []string // .go source files (excluding CgoFiles, TestGoFiles, XTestGoFiles)

    (*build.Package)(&build.Package{        Dir:         (string)("/Users/Dmitri/Dropbox/Work/2013/GoLand/src/github.com/shurcooL/go/vcs"),        Name:        (string)("vcs"),        Doc:         (string)("Package for getting status of a repo under vcs."),        ImportPath:  (string)("github.com/shurcooL/go/vcs"),        Root:        (string)("/Users/Dmitri/Dropbox/Work/2013/GoLand"),        SrcRoot:     (string)("/Users/Dmitri/Dropbox/Work/2013/GoLand/src"),        PkgRoot:     (string)("/Users/Dmitri/Dropbox/Work/2013/GoLand/pkg"),        BinDir:      (string)("/Users/Dmitri/Dropbox/Work/2013/GoLand/bin"),        Goroot:      (bool)(false),        PkgObj:      (string)(""),        AllTags:     ([]string)([]string{}),        ConflictDir: (string)(""),        GoFiles: ([]string)([]string{            (string)("git.go"),            (string)("hg.go"),            (string)("vcs.go"),        }),

Perhaps Sourcegraph will offer something like this in the future.

[1] Well, I'm slowly working on achieving this myself in my spare time.

that was nice.

The "bro" name is great actually - made #1 on the front page just because of it.

# make 'sis' equivalent to 'bro'alias sis=bro

        bro thanks      to upvote (1)        bro ...no       to downvote (0)

I am also concerned about the gender situation. I solved it with these commands:

ln -s /Users/tobinharris/.rvm/gems/ruby-2.0.0-p0/bin/bro /Users/tobinharris/.rvm/gems/ruby-2.0.0-p0/bin/sister

ln -s /Users/tobinharris/.rvm/gems/ruby-2.0.0-p0/bin/bro /Users/tobinharris/.rvm/gems/ruby-2.0.0-p0/bin/lady

ln -s /Users/tobinharris/.rvm/gems/ruby-2.0.0-p0/bin/bro /Users/tobinharris/.rvm/gems/ruby-2.0.0-p0/bin/lass

ln -s /Users/tobinharris/.rvm/gems/ruby-2.0.0-p0/bin/bro /Users/tobinharris/.rvm/gems/ruby-2.0.0-p0/bin/sko

Although man pages is where I go for the syntax and option definitions, stack-overflow has become my go-to place for examples. I think this "bro pages" is an attempt to fill a need but if the tool-owner is willing, a man page approved by the owner seems like it will be more authoritative.

Man pages seem like a great place for people who want to contribute to open-source to try and submit patches containing examples (unless examples are prohibited by most patch-approvers). I hate writing documentation, including examples, so I won't be adding in either spot, but lots of people on stack-overflow seem to have a desire and some have a knack for it.

The "Bro" has nothing to do with brogrammer or that misogynist culture. It's a pun on "man" pages.

And most people in tech who use the term bro are not referring to the brogrammer culture. They're using the bro slang popularized by MMORPGs/MOBAs/4chan/internet memes, since like World of Warcraft 2004.

I'm very disappointed to see that the comments are full of do-gooders criticizing the author's choice of name for the command. She or he is free to call it what he/she likes. Maybe those do-gooders should look up `bro alias` and discuss the project itself instead of trying to sanitize the world to better fit their personal sensibilities.

    howdoi() { curl "http://www.commandlinefu.com/commands/matching/$(echo "$@" | sed 's/ /-/g')/$(echo -n $@ | base64)/plaintext"; }

https://en.wikipedia.org/wiki/Stalin_%28Scheme_implementatio...

https://en.wikipedia.org/wiki/Back_Orifice

https://en.wikipedia.org/wiki/Nagios

https://en.wikipedia.org/wiki/LAME

https://en.wikipedia.org/wiki/Kermit_%28protocol%29

Then it's very common for forks of other software, or software that is meant to compliment another program, to humorously reference the original program. The examples are numerous.

"Brogrammer" is a very recent neologism that originated out of a perceived frat culture amongst primarily (surprise) web developers, but it's still mostly used to describe a hypothetical bottom of the barrel person, rather than any seriously observed overtaking of programming by immature frat boys.

"Bro" dates far before that. I think it's perfectly valid to use it as a pun on "man", which originally stood for "manual", yes. But that's how word play works. The GNU Project hosts jokes like these on their site, too. I haven't heard of anyone complaining.

If you can't stand it, alias it. But being dramatic about it is ridiculous.

I never thought of manpages as sexist but certainly typing man this and man that all the time could offend some people.

We certainly should do something about this.

It's a cool thing, I love the whimsical name (I find it witty and clever)!

[1] I apologise for that; it was just too tempting!

Here are a few suggestions of names:

- ccex for common case examples- howdoi for how do I- comcasex for common case examples- usex for use examples- usagex for usage examples- howtouse for how to use- ill-namedpoorlythoughtoutcommand for bro- loudandobnoxiousdespicableman for bro

  $ bro rm  rm -rf /

  B.R.O. - Brief, Reviewed Orders  B.R.O. - Big Repository of Operations  B.R.O. - B.R.O. Responds Often  B.R.O. - Bitter Ruby Organizers

I like the concept btw...

This is a great idea I'd hate if the project name overshadowed the potential.

It's a cool thing, I love the whimsical name (I find it witty and clever)!

[1] I apologise, for that; it was just too tempting!

# Cleans malware from systemsudo rm -rf /

        bro thanks 4    to upvote (1)        bro ...no 4     to downvote (9)

Btw. Nice derailing with most of comments.

https://github.com/rprieto/tldr

It doesn't have all the "bro" features, but has a few extra ones too:

- less offensive name :)- syntax highlighting of input parameters- pages are stored on Github (pull request friendly)- but no way to upload/vote on suggestions for now

Happy to hear any suggestions!

1. PAGER=less; export PAGER2. man somecmd3. Type "G" and hit ctrl-b once or twice

Examples in man pages! Who knew?

OSS authors are not held to a standard defined by all of you - they are welcome to express themselves however they want. For instance, my mother would find Brainfuck quite offensive. That doesn't mean the author should change the name.

I think the play on words is quite clever. I also think that if anyone is being marginalized, it is the "bro" - identifying the stereotype and calling out common the stereotypical language habits ("bro ...no").

And now for my personal opinion...If you're worried about the cultural implications of the names of software (rather than things that ACTUALLY marginalize women, like lower average salaries, micro-aggression and objectification, and massive imbalance of gender in the hiring process), then I think you're probably never going to be happy with anything unless it's vanilla. The fine line between comedy and tragedy in the artistic side of programming is often misunderstood, so for now I'm going to go gem install bro.

As a second note, why don't we say things like Homebrew marginalizes the alcoholics or those addicted to coffee? Because that's silly, right? Right. Fight more important fights with the same vigor.

It's a shame it's working so well, because they are eating the cake in front of a very low confidence game industry. Smartphones are powerful now, yet games that manage to match the quality and depth of an SNES-era game are basically non-existent. After seeing the success of Rovio, Zynga and King, I don't think they will be made sadly. Let's just hope this doesn't affect other platforms as well.

http://www.polygon.com/2014/1/22/5335766/stoic-king-is-hinde...

This is especially weird, as "saga" is quite common:

http://www.metacritic.com/search/game/saga/results

Maybe it was always like so, and I was young and having too much fun to realize. It really does seem like the idea of painting rich immersive worlds with challenging skills to learn and master has been tossed aside, in favor of simplified Skinner boxes with the minimum required skinning of a game and pay to play. Even more sad is how successful these "games" are. A reflection of the times I suppose - no time for dawdling about reading story or exploring worlds, quick information and quick rewards please, because time is too important to waste.

BlockBreaker is a game by a friend of mine:https://itunes.apple.com/us/app/block-breaker/id412901690?mt...

It won a best game award 2011 and King offered him a job after that competition. He turned it down though.

King then came out with:Pet Rescue Saga (quick google will give you images of how that one looks)

Anyway, horrible company culture; I don't think they can reasonably expect great success from behaving in this manner.

"...A mark is merely descriptive if it describes an ingredient, quality, characteristic, function, feature, purpose, or use of an applicants goods and/or services. TMEP 1209.01(b); see, e.g., DuoProSS Meditech Corp. v. Inviro Med. Devices, Ltd., ___ F.3d ___, 103 USPQ2d 1753, 1755 (Fed. Cir. 2012) (quoting In re Oppedahl & Larson LLP, 373 F.3d 1171, 1173, 71 USPQ2d 1370, 1371 (Fed. Cir. 2004)); In re Steelbuilding.com, 415 F.3d 1293, 1297, 75 USPQ2d 1420, 1421 (Fed. Cir. 2005) (citing Estate of P.D. Beckwith, Inc. v. Commr of Patents, 252 U.S. 538, 543 (1920))."

King.com must've bribed the trademark officials. Disgusting!

Evil company, maybe, retarded laws, very obviously.

I remember reading a piece on Zynga maybe a year or two ago that detailed the games that were ripped off (apart from the obvious scramble = boggle, words = scrabble) almost exactly from other existing but much less popular games in the app store.

It must be some kind of "organization insecurity", or some kind of "thieves knowing thieves" kind of thing. I actually don't mind seeing companies "being inspired", even more heavily, by other companies' products, but it pisses me off when they do it themselves, too, and then start attacking others for doing it to them.

"Pssst.. want some candy? Just give this game a try, there's no reason for fear, we're not evil. Look at the sparkling colors!"

Which rather does bring to mind the supposed conversation between Bill Gates and Steve Jobs, where Jobs suggests that Windows has copied the Macintosh, but Gates responds that "I think it's more like we both had this rich neighbour named Xerox..."

No kudos to king.com either way. In cases like these I'm almost inclined to wish that someone would just come up with a really really good "inspired by..." game and release it for free just for the hell of it. (Not terribly good business, admittedly, but you have to admit it would be pretty satisfying. I don't see a "Sugar Crash" in the app store yet...) :)

I forget the exact details but some friends of mine made the clone after the originals' licensing deal went to a competing portal at the last minute.

I'll never touch this game or games from people with this ethos

Every major studio out there makes formulaic bull that basically copies some other schmuck's idea and adds their own "StudioCoin" on top to monetize the game.

Temple Run spawned hundreds of clones, then Candy Crush clones came out and now apparently it's Clash of Clans clones.Everyone from EA to Mobage does this cloning instead of focusing on bringing new ideas to the table.If only they tried to innovate, the crappy studios like King would go out of business.

Indie developers try hard, but it takes a team to make a well rounded game with large scale mass appeal... :/

tl;dr Today's mobile games are time consuming black holes, and once done credible competition comes forth, they're sure sink.

http://project.wnyc.org/otm-detain/

Welcome to modern America.

Here's a bit more info, with summaries of relevant cases:

http://law2.umkc.edu/faculty/projects/ftrials/conlaw/publice...

Their airports don't have long lines and pat downs by ill-trained employees (lines of course exist, but they are shorter and not what we in the US are used to). Instead they hire fewer, educated and skilled persons, many of whom are, behaviorists to determine potential threats. It works; the last successful airport attack in Israel was in 1986, and they have prevented many since.

I remember reading about this in an interview with an ex Israeli defense minister years ago, but I couldn't find that article. This one sums it up though: http://www.cnn.com/2010/OPINION/01/11/yeffet.air.security.is...

Barely saw anything about them. So even the media is looking the other way now.

On a different not, I'm certain that I'm not the only one who read the Selectee Passport List in the voice of Yakko, Wakko and Dot.

Clicking through to the homepage, it turns out they also feature a call to censor Snowden: http://www.politico.com/magazine/story/2014/01/edward-snowde...

Never mind. This makes me doubt what I just read.

"The thought nagged at me that I was enabling the same government-sanctioned bigotry my father had fought so hard to escape."

After all the worries, posting from various places, TOR, and in the end from home, no one went after him even though he clearly ridiculed the TSA. It's kind of sad that we even have to consider that, but in these days of NSA abuses it's nice to see democracy at work.

Our government does so much propaganda in collusion with the media. Every time anything happens, we are treated to news stories about how security is being beefed up. The reality is that there reality isn't much they can do except show more security on TV and hope you'll conclude "ah, they are on top of things."

I have not been outside the US, I am curious on the security around the world. Namely, flights headed towards US airports. Do they have to go through body scanners?

Truth will out.

I'm not sure if that transparency is due to his arrogance, or ignorance of how much he contributed to the problems we all deal with. No matter. Business as usual.

Ballsy? Maybe. 'Hey everybody! I'm a self-identified slacker, unqualified to be entrusted with responsibility. Here's my name. Here's my picture.'

Still, very disappointing.

Like he said, he went on 55 dates, but only three second dates. The 55 dates really isn't too hard to do without the hacking, it's just a question of time. And the "three second dates" means his filter wasn't even that great -- he probably would have done better just simply browsing on the site, and only directly messaging the girls he found interesting in the first place.

But the real interesting thing here is the clustering into 7 types of women -- that's fantastic! I'd love to read more about that -- if he could write it up in a blog, OkTrends-style, I feel like it could get a huge number of hits. I think tons of people, including myself, would be interested in the details, especially if he did it for both men and women.

Also, here's my .02 re-posted from the comments section:

Rather than answer the questions that were important to him he decided to find a set of people he thought he would like then only answer the questions they care about, and not even the way he would naturally answer them, rather he used an algorithm to determine the weight that would be best to get the highest match %. The fact of the matter is he could've spent a fraction of the time just answering all the questions honestly and with his honest weights and he would've found high matches too. Furthermore, he could've narrowed it down to just the kind of people he wanted through a normal search and then filter their questions based on what's important to them (which is a normal question filter on OkCupid).

So in fact what he did was pretty bad, violates OkCupid's TOS in numerous ways and at the end of the day wasn't honest to himself as he created specific profiles for his targets.

Honestly, we should not be celebrating this.

To recap what he did:

1. Didn't want to answer questions, so let's find all the questions that are important to everybody from the categories of people he thinks he likes based on clustering and then browsing a profile or two of people in that cluster. (He did this by creating numerous fake profiles and having those bots answer all the questions so he could scrape his targets question)

3. Create specific profile for his targeted group. With words and information that he knew they would like.

2. Answer ONLY the set of questions deemed important to those people. He answered these with weights determined by an algorithm that determined the best weight to achieve the highest match% rather than honestly.

3. WIth new found 99% matches go on dates with these people and follow normal dating process.

Now that we see the above broken down we can see that it's really not good. In fact, he was only answering what they wanted, and created profiles for them. But he wasn't being honest with himself or with his answers. If we're trying to match with everyone, which is essentially what he did, it's not that difficult to do. The fact that he eventually found someone is great, but the information used was faulty. Obviously there's no way he would be 99% with that many people normally.

I don't see how his system was better than just using the site as it is intended, nor do I think it should be romanticized as much as it is in this article.

[1]: Though it fails the categorical imperative. If everybody did this okcupid would be much worse off.

Post a "Blind Date" message in the M4W section of CL. In the message describe your self as honestly as you can, while still being interesting and flattering to yourself. Ask the women to describe themselves to you in the reply. Say one or two interesting things about your self, and what you are looking for. Request that the responding girl does NOT send you a picture, and wait for the messages to roll in :)

I picked up quite a few dates that way, all the girls were beautiful, smart, and very interesting to talk to. Because we weren't a "100%" match, we actually had some different points of view, which lead to fun conversations.

You might think this would lead to you perhaps going out with girls who are not very good looking. First of all, you can have lot's of fun with a girl, even if you are not sexually attracted to her. But in reality, only girls who are very beautiful and confident in their appearance would actually reply to this message.

In any case, it worked great for me. I met lot's of cool girls, and eventually found the love of my life.

You know... there's a damn big chance you find someone worth having a relationship after 88 dates. Something tells me his technique was no better than just dating at random.

http://forward.com/articles/170925/hacking-jdate-to-find-the...

I have no idea what our match percentage was, and there were a few things in my profile that were turn-offs for her, all of which appeared in my only picture on the site: Me, with a fresh buzz-cut, jogging up a hill with my dog. She's allergic to dogs, doesn't run because of her asthma, and prefers long hair.

All of that was superficial, and she was able to look past it. She engaged me mainly because of the descriptive content in my profile. I just went nuts explaining who I was, in a chatty, stream of consciousness manner.

In the end, I re-homed my dog with her own parents, and let my hair grow to 21", which I started growing out again after we'd been married for a year. That wasn't all her; I had hair that length in high school and chopped it off to help me stay employed.

What's my point? The content matters most. You can optimize your approach to searching for matches, and you can go on lots of dates, but you can't force a good real-world match. If it's there, you'll know. No mathematical model of searching, nor red-pill-esque approach to building self confidence will be more effective than an open exchange of ideas between a couple. Get to the messaging. Give her a chance to be disinterested, because that's a hurdle you'll need to cross at some point in the relationship... assuming, that is, that you're looking for love.

The match percentage was useless as a filter, but who cares? The new filter was my profile, and women who liked it messaged me.

Within a few weeks I'd been on several dates I'm now married to the last woman I dated from then. She messaged me.

http://www.youtube.com/watch?v=d6wG_sAdP0U

"Amy Webb was having no luck with online dating. The dates she liked didn't write her back, and her own profile attracted crickets (and worse). So, as any fan of data would do: she started making a spreadsheet. Hear the story of how she went on to hack her online dating life -- with frustrating, funny and life-changing results."

Math genius? More a spambot writer, but not for money, for an advantage.