hacker news with inline top comments    .. more ..    23 Sep 2014 Best
home   ask   best   5 years ago   
TXT Record XSS
987 points by ryanskidmore  4 days ago   227 comments top 46
mrb 4 days ago 12 replies      
I am half serious, but how about making HTML served in TXT records a standard trick for serving small web pages very quickly? There are way fewer network round trips:

  1. DNS query for TXT record for example.com  2. DNS reply with HTML content
Compared with the traditional 7 steps:

  1. DNS query for A record for example.com  2. DNS reply with x.x.x.x  3. TCP SYN to port 80  4. TCP SYN/ACK  5. TCP ACK  6. HTTP GET  7. HTTP reply with HTML content
It would also make the content super-distributed, super-reliable, as DNS servers cache it worldwide (and for free so it would reduce hosting costs :D). Also TXT records can contain more than 255 bytes as long as they are split on multiple strings of 255 bytes in a DNS reply.

Again, I am only half serious, but this is an interesting thought experiment...

Edit: oddtarball: DNSSEC would solve spoofing. And updates should take no longer than the DNS TTL to propagate: the TTL is under your control; you could set it to 60 seconds if you wanted. It is a common, false misconception that many DNS resolvers ignore the TTL. Some large web provider (was it Amazon? I forget) ran an experiment and demonstrated that across tens or hundreds of thousands of clients wordlwide, 99% of them saw DNS updates propagated within X seconds if the TTL was set to X seconds. Only <1% of DNS resolvers were ignoring it.

ryan-c 4 days ago 4 replies      
I enumerated all IPv4 PTR records a few years back, and I saw a couple XSS things there as well. If anyone wants to host that data set somewhere, let me know, would be interesting to see what others do with it.

Edit: I found my data and have a grep running on it, will share what turns up.

Edit2: Somewhat less exciting than I remember:

$ fgrep -- '>' *










philip1209 4 days ago 4 replies      
I added FartScroll.js from the Onion to my text records:


SEJeff 4 days ago 1 reply      
From any Linux (or probably OS X) workstation / server, you can run the command "host -t TXT jaimehankins.co.uk" ie:

$ host -t TXT jamiehankins.co.uk

;; Truncated, retrying in TCP mode.

jamiehankins.co.uk descriptive text "<iframe width='420' height='315' src='//www.youtube.com/embed/dQw4w9WgXcQ?autoplay=0' frameborder='0' allowfullscreen></iframe>"

jamiehankins.co.uk descriptive text "v=spf1 include:spf.mandrillapp.com ?all"

jamiehankins.co.uk descriptive text "<script src='//peniscorp.com/topkek.js'></script>"

jamiehankins.co.uk descriptive text "google-site-verification=nZUP4BagJAjQZO6AImXyzJZBXBf9s1FbDZr8pzNLTCI"

kehrlann 4 days ago 4 replies      
This is hilariousy, but could this potentially be a real threat to anything ?
AsakiIssa 4 days ago 2 replies      
Wasn't expecting that at all! Had several tabs opened and was really confused for a few seconds while I tried to find the tab with 'youtube on autoplay'.

Firefox needs to show the 'play' icon for the audio tag.

ryanskidmore 3 days ago 1 reply      
Who.is have fixed it now, but you can still see it in action over at archive.org


garazy 4 days ago 0 replies      
I've found about 80 TXT records with <script tags in them - most of them look like the person not understanding where to paste a JavaScript snippet over XSS attempts, here's all of them -


There's a few that are "13h.be/x.js" that look like someone trying this out before.

jedberg 4 days ago 1 reply      
Come on people, this is so basic. If you didn't generate the data, don't display it on your web page without filtering it. It blows my mind that this isn't just everyone's default.
rbinv 4 days ago 3 replies      
Clever. I didn't get it at first.

Never trust user input.

Edit: See http://www.dnswatch.info/dns/dnslookup?la=en&host=jamiehanki... for the actual code.

colinbartlett 4 days ago 0 replies      
Bravo, I just embarrassed myself in a very quiet meeting.
toddgardner 4 days ago 0 replies      
The most clever exploit of XSS I've ever seen. Beautiful. Bravo.
JamieH 4 days ago 0 replies      
Still working here if anyone is yet to see it.


Sanddancer 4 days ago 0 replies      
Given how many whois sites cache results, I wonder how many of them are also vulnerable to SQL injections...
kazinator 4 days ago 1 reply      
Since there is very little discussion in the link, pardon me for stating what may be obvious to some, but not necessarily everyone.

The point here is that:

1. DNS TXT records can contain HTML, including scripts and whatever.

2. Domain registrants can publish arbitrary TXT records.

3. TXT records can appear in pages generated by web sites which serve, for instance, as portals for viewing domain registration information, including DNS records such as TXT records.

4. Thus, such sites are vulnerable to perpetrating cross-site-script attacks (XSS) on their visitors if they naively paste the TXT record contents into the surrounding HTML.

5. The victim is the user who executes a query which finds the malicious domain which serves up the malicious TXT record that is interpolated into the displayed results. The user's browser executes the malicious code.

Thus, when you are generating UI markup from pieces, do not trust any data that is pulled from any third-party untrusted sources, including seemingly harmless TXT records.

mike-cardwell 4 days ago 0 replies      
A while ago I experimented with adding stuff to the version.bind field in bind. Just updated it:

mike@glue:~$ dig +short chaos txt version.bind @

"<iframe width='420' height='315' src='//www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1' frameborder='0' allowfullscreen></iframe>"

I put this in my named.conf:

version "<iframe width='420' height='315' src='//www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1' frameborder='0' allowfullscreen></iframe>";

This site is vulnerable:


Although takes a minute before it kicks in. I did report it to them at the time, but never got a response.

elwell 4 days ago 1 reply      
In playing around with this hack, I discovered that Dreamhost doesn't properly escape TXT records in their admin interface when modifying DNS records. I put an iframe in and it shows the box but the src is removed; it also killed the page at that point so I'm unable to remove it...
bwy 4 days ago 3 replies      
Wish there was a warning, because I accidentally clicked this link in class just now.
0x0 4 days ago 0 replies      
Can it be done with CNAME and SRV records too?
Thaxll 4 days ago 2 replies      
It has nothing to to do with TXT record, it's just the website that render html. It could be any source.
gsharma 4 days ago 0 replies      
Not sure how Trulia handles input for its usernames, but at one point I was able to do this http://www.trulia.com/profile/-iframe--home-buyer-loleta-ca-...
js2 4 days ago 0 replies      
All editors should, upon save, put up the following prompt:

"I acknowledge the code just written does not trust its input, under penalty of being whipped by a wet noodle."

But I guess folks would just click through.


sidcool 3 days ago 1 reply      
I opened this link on my Android's Chrome browser. The top search text input started wildly convulsing. First I thought the post was about that. But I didn't really get what this is about.
sanqui 4 days ago 1 reply      
Looks like the who.is site has patched the exploit up a few minutes ago.
gcr 4 days ago 0 replies      
Warning: this page links to (loud!) automatic playing audio.
homakov 3 days ago 0 replies      
XSS on a shitty website not doing trivial sanitization gets 900 points on HN, oh guys you are disappointing me so much.
tekknolagi 4 days ago 0 replies      
This is hysterical.
indielol 4 days ago 0 replies      
Wouldn't this make it super easy for Google to ban (show the security warnings in Chrome) the domains?
nerdy 4 days ago 0 replies      
Best POC ever.
_RPM 4 days ago 1 reply      
When I went to the page, it started playing music. I find that very frustrating and annoying.
bdpuk 4 days ago 0 replies      
I've seen similar examples with HTTP headers and sites that display those, nice angle.
general_failure 4 days ago 0 replies      
Well played sir, very well played
wqfeng 4 days ago 1 reply      
Could anyone tell me what's about? I just see a DNS page.
thomasfl 4 days ago 0 replies      
Finally somebody found a way to put html injection on to good use.
tedchs 3 days ago 0 replies      
FYI it looks like who.is fixed the XSS bug.
ginvok 4 days ago 0 replies      
Aaaand now I'm deaf :)Gotta learn sign language
iamwil 4 days ago 3 replies      
How does this work?
ing33k 4 days ago 0 replies      
good hack but really stupid of me to click it directly :\
PaulSec 4 days ago 0 replies      
I wonder how this got so much points..Reflected XSS in 2014, yeah..
himanshuy 4 days ago 1 reply      
What's up with the search box?
zobzu 4 days ago 0 replies      
That made me laugh, good one :)
notastartup 4 days ago 0 replies      
man...I woke up and got a dose of surprise....love this song.
r0m4n0 4 days ago 3 replies      
isn't this technically illegal to demonstrate haha?
st3fan 4 days ago 0 replies      
sprkyco 4 days ago 0 replies      
Luckily it does not work on my normal browser: https://www.whitehatsec.com/aviator/
I Had a Stroke at 33
588 points by Thevet  1 day ago   148 comments top 30
ohquu 1 day ago 2 replies      
What a beautiful article.

My girlfriend had three strokes, in succession, two years ago (when she was 22). The night before these strokes occurred, she had a transient ischemic attack (TIA). She began speaking gibberish to her friends. She texted me later that night explaining what happened. Her friends had laughed about it because they thought she was just acting like a goofball. I had no idea these were signs of a TIA, but I told her that if it happened again she needed to go to the doctor immediately.

The next day, the right side of her body went numb. This time, she was around people who noticed something was wrong, and she was immediately rushed to the emergency room. By the next day, I had flown a thousand miles (from the location of my new job) to be with her. She couldn't remember many words. She couldn't read a clock. She did not know the answer to 3 + 0.

It turned out that, similar to the author of this article, clots had traveled through the hole in her heart and up to her brain. Luckily, she recovered fully and was back to her old self within about a month. She had surgery to fix the PFO a couple months later. The neurologist told her that nine times out of ten, the clot travels a different path, and the victim is left dead or braindead. I am so lucky. Writing about this has me in big tears.

I am going to stop writing and go hug her now.

weddpros 1 day ago 5 replies      
I was 32 when I had a stroke (March 4th, 2003). It was a different kind of stroke, affecting a different part of my brain, essentially related to vision. I was half blind, but I only realized something was "strange" when I saw myself in the mirror: I had only one eye. My brain knew I should have two: I was half blind.

The first diagnosis was migraine with aura (blindness in my case). But the aura should have lasted no more than an hour. Two days later, the aura (blindness) was still there (a sign of infarct but my doctor didn't know it).

I spent 2 days alone in the dark. I forgot to eat but I knew I had to call a taxi to take me to the hospital. I wasn't scared, I though it was just a migraine. It really looked and felt like my usual migraines. So my doctor had me take anti-migraine pills, which are vasoconstrictors. That might have caused the actual stroke: extreme vasoconstriction. Never take anti-migraine treatment during the aura. Never.

It took 2 days before I was diagnosed at the hospital, but they just told me "I see a shadow on the CT scan"... so I spent the next 2 days wondering what kind of shadow? stroke or cancer? And no, I didn't think about asking.

It took one week to be hospitalized for 10 days (my mother called the hospital, harassed them until she could talk to a doctor, who said it was an emergency... one week after the stroke).

It took 15 days before I woke up in the morning and thought "Wow! WOW! I'm back now!". Before that, I spent most of my time sleeping, reading half a page between two naps. I was sleeping more than I was awake.

It took 3 months before I could look at everything I wanted. Before that, looking at trees (and other complex objects) was "painful", and watching movies was too exhausting (especially action movies). During these 3 months, I recovered from blindness, but not completely. I still have a blind spot in my field of view today.

It took 6 months before my mood was really restored. Before that, I needed a daily nap, lots of soothing music, and no pressure at all.

I took aspirin daily for 3 years, after which my neurologist told me I could stop.

I had a few migraines after that, and even ended under oxygen at the hospital once, but I always recovered within 15 days.

It was 10 years ago, and it changed my life. I quit my job as a developer, spent 2 years wondering what to do next, then became a wedding photographer. In february this year, almost 10 years after, I got a new job as a developer.

I'm back on rails (node.js to be precise :-)

tucaz 1 day ago 1 reply      
About 15 years ago my father had a stroke at our house. I was about 12 years old and at home at the time along with my grandmother. We didn't know what was happening. At one second he was okay and in another he was on the floor. It was almost impossible to put him back at the bed even with the help of one of our tenants.

We called my mother at work and the funny thing is that before she came home to take him to the ER he was able to ask for coffee (and drink it) and also to smoke a cigarette.

Moving 15 years forward he's still with us (62 years old) with no movement at all on the left side of his body. Had a heart attack with major surgery, is on more than 15 different medications, has diabetes and a bunch of other "minor problems".

My mother gave up her life to take care of him and everyday is a struggle because of the existing problems prior to the stroke and the ones that came after he became bitter and really mean to those who love and take care of him.

I'm not sure why I wrote about this but I felt like sharing. It's not easy when people don't recover, but for some reason I believe we have to take care of them and do our part.

ZeroCoin 1 day ago 1 reply      
>I wandered outside the boundaries of telemetry. They lost my heartbeat. When I returned, they scolded me.

The audacity of health care industry workers (those who should know what a certain disease entails) who place blame on their patients for acting normally is infuriating.

I had kidney stones once at a young age. I remember barely walking into the emergency room one night after they became too painful.

As soon as I arrived, white as a sheet of paper, they asked me a few questions... doped me up on morphine... and managed to "lose" me on a gurney in a hallway somewhere for a few hours until my girlfriend at the time came and found me.

They took xrays I believe and I was free to go with some more painkillers in hand.

Apparently the hospital told me that I was supposed to call them by X date if I wanted any more painkillers.

I called them back about a week after that date had passed, asked for a refill, and was scolded like I was some drug addict just looking for a fix. I think they even hung up on me. How could I be so stupid as to have forgotten a date they told me when I was high as a kite by their own doing? Right.

I ended up passing them without any painkillers which as many of you have probably heard is unbelievably painful.

I understand that it can get monotonous working in a hospital, but with the amount of money they're paid to work there you would hope that they would be required to operate with a little compassion. Considering the fact that many people in a hospital are leaving this world.

What if the author's last memory was that of a person she didn't know berating her for something she wasn't sure she even did?

TAM_cmlx 1 day ago 1 reply      
Two years ago this October I was homeless. I would wander around all night for fear of attacks[1] and try to sleep during the day at the university while sitting on a bench or chair. In October the winter shelters had not yet opened here, and it was so cold I feared I would freeze to death. I wandered into ER on a pretext: there was a swelling in my leg, spider bite maybe?

I overheard the intake person talking with someone: "I'm worried about that guy in #68." Why? "He thinks he's got a spider bite, but he's got blood clot written all over him."

I felt pretty good about that; it meant I'd have a place to sleep for a whole night. Then I was suddenly surrounded by 5 or 6 people.

Symptoms, sir?

Sometimes slurred speech, tingling in the extremities, can't spell anymore, confused by the way people talk so _fast_, confused by simple things, excessively paranoid, feels like there's an Ace bandage wrapped around my chest.

You're a junkie. No. You're exclusively vegetarian. No. You're diabetic. No, I've been tested for that. Well, we'll take a blood draw.

I got an ultrasound over my legs -- and they discovered a DVT. Next thing I knew, they'd slapped me in hospital for eight days. I was put on no less than eight medications, the scariest of which was Coumadin (same as Warfarin, I think?) -- scary because they made me watch a video describing it, by which I mean "You follow these instructions to the letter or you gonna die, son." At least that's what it felt like. And I had to sign all kinds of waivers, or something. Two of the residents (very young women) told me that they had had DVT's themselves... possibly as a result of being exclusively vegetarian?

The diagnosis was: Pernicious Anemia. My understanding (which is not to be trusted) is that the myelin sheathing around my nerves has been dissolving for years. Apparently the communicating tissue between the axons in my brain had been going away for quite some time.

I liked this diagnosis because: it's easily treatable; it explains my increasingly weird behavior; I'm not dead from it.

The treatment is: Take B12 every day for the rest of my life.

The highly-abbreviated coda to the story is: My Doctor told I'd had this disease for at least ten years(!); hospital got me a case manager, who got me Disability, Homed, and a Laptop. But it took 2 years or so.

TLDR: Being exclusively vegetarian can cause DVT's


huhtenberg 1 day ago 8 replies      
Remember this -

  You have FOUR HOURS to get a person with a stroke to the emergency. 
If you do, their chances of survival are dramatically higher.

pragone 1 day ago 0 replies      
Strokes can present in truly any number of ways. The Cincinnati Stroke Scale, often seen in public health campaigns as "FAST", provides three simple, quick assessments that can reliably delineate a majority of strokes. It is the standard for basic EMTs as well. More advanced providers should perform a more comprehensive exam, testing all the cranial nerves (actually usually just II through XII). A more formalized, advanced stroke scale is the NIH stroke scale: http://stroke.nih.gov/documents/NIH_Stroke_Scale.pdf

While there are often some kind of neurologic deficit associated with a stroke, the goal standard is, of course, a CT or CTA that should be administered immediately upon arrival in the ED of a suspected stroke (depending on the presentation of symptoms an exam by a neurologist may occur first).

The symptoms described in this story would absolutely make me think this person was having a stroke if she had verbalized them to someone with my training.

It's also worthwhile to point out that the person having a stroke may not realize they are having a stroke. People may have the obvious symptoms - slurred speech and hemiparesis - and refuse to acknowledge that these problems exist, because, in their mind, they don't.

If you think someone is having a stroke, record the time you first noticed symptoms and call 911 immediately.

patio11 1 day ago 2 replies      
My mother had a stroke. The fallout is very, very hard for the patient and their family.

Diet and exercise are, apparently, the easiest levers you have to control for stroke risk. Trust me: this is the best of all possible reasons to care about those. You do not want to go through it and you do not want your family to go through it. Specifics elided for privacy but suffice it to say that it combined elements of a heart attack, advanced Alzheimer's, and a profound war injury in a compact package that arrived on a normal sunny Tuesday.

tluyben2 20 hours ago 1 reply      
I had a TIA when I was 28 (over 10 years ago) and under heavy stress (high blood pressure; they did not find any other causes; I was healthy as I could be, just extreme stress from my own business at that time); I swore after that to never be stressed again (and took measures to make sure that is possible, like living in southern Spain for large parts of the year) and haven't been since. I even forgot how it felt. My life is so much better that I now thank this TIA. Stress is pure hell and whatever business people think they get out of it; it's bullshit IMHO; I have had way more business success than ever without stress than I had with.
day_ 1 day ago 0 replies      
Great article.

I had a stroke one night in my 20's. When I woke up, my right side was numb (I thought I just slept on my arm), I spoke gibberish and was unable to write but I felt fine and I thought I spoke perfectly fine. I finally figured out that something was not right when I tried to write a message to my mom on the back of an envelope to tell her that I was fine and I just drew a straight line instead of letters.That's when she called an ambulance.

Luckily I was back to normal within a month, but I struggled for some time to to find the right words when talking.

alexitosrv 1 day ago 0 replies      
Four weeks ago my girlfriend, 32 yo, had a brain stroke because a deep venous thrombosis at her left side of the head. It was intense to see how much she deteriorated in the course of just a few hours, starting with a seizure and some very acute headaches she had together with vomiting the previous days. We were in intensive care around 10 days, and then 3 days more in hospitalization. The investigation of her tendency to hypercoagulate yielded as main culprit sedentarism and the previous uninterrupted usage of oral contraceptives (mercilon) for almost ten years. We were fortunate in some sense as the cause was easy to point out and also as we discarded autoinmuse diaseases (my biggest concern) and now she is under low molecular weight heparin, hoping that the clot is reabsorbed in two or three months.

As part of the recovery, I'm reading to her My Stroke of Hindsight, of Jill Bolte Taylor, and her symptoms and the description of the episode of the acute phase match largely: speech loss, paralysys of her right part of the body and rational disconnect with external stimuli.

This article highlights also how sensible we are to the changes of what we are at the end: physicochemical interactions. I was worried my girlfriend would lose her essence, but thanks to God her recovery has been amazing so far.

treehau5 1 day ago 0 replies      
I am not sure if you are the OP or know her, but this story touched my heart. It is beautiful. I am only imagine how strong she has to be, and the people around her must be to get through this. My sister and her husband are going through the very same thing -- He was progressing very well in his career and they just had their first child when he suffered his from the same reason - a hole in the heart. All the best. You and all the stroke victims have my prayers tonight.
pimentel 1 day ago 1 reply      
All the stories I know and heard of stroke victims in their 30's or 40's make me think and ask: is there really a way to prevent or predict a stroke?

Would the "controversial routine full body scan" help? Specially to people who have a parent being an early stroke victim?

These things are scary as hell...

skizm 1 day ago 2 replies      
Remember FAST: http://en.wikipedia.org/wiki/FAST_(stroke)

First 3 minutes of the house episode Fetal Position (S3 E17) demonstrate it.

Pxtl 13 hours ago 1 reply      
> Each night, I took the box of Lovenox syringes and carried it to my husband, sobbing. Its time for my shot, I said, tears streaming down my face.

> Each night, he pinched skin on my belly as I screamed like a toddler and he injected the medicine.

Her husband sounds like an awesome guy - taking care of her in that state sounds incredibly difficult.

> My husband and I decided to get a divorce.

> I think in hindsight, it was your stroke that changed everything for me, he said.

> I thought it was the affair hed had. But maybe he had a point. Maybe that was the year, I said.


camperman 1 day ago 1 reply      
Her memory experience was already reminding me of Leonard in Memento and then she writes, "it's time for my shot." That hit me unreasonably hard.
taybin 10 hours ago 0 replies      
This was on buzzfeed?? Crazy. Didn't think those soul-less bottom-feeders would turn to quality long-form essays.
glxc 1 day ago 0 replies      
This is an amazing article and incredible blog

Among many interesting and inspiring themes, of interest to the HN community may be the disassociation of vision and objects. All of the deep learning models succeeding in classification emulate one side of the brain, while perspectives like this present life outside the constraint of rational thinking.

spindritf 1 day ago 3 replies      
Well, I just popped an Aspirin for no reason.
jlavarj 23 hours ago 0 replies      
My wife had a stroke at the age of 30, seven years ago. It happened in the hospital during an embolization procedure. She was unconscious for 5 days. This event has obviously changed her life, but I wasn't prepared for the ways it would change mine. Thank you for sharing this.
GuiA 1 day ago 3 replies      
Will smartwatches with heart rate/other health sensors be able to detect strokes right when they happen? Or maybe even slightly before they do?
cell303 1 day ago 0 replies      
I was terrified after reading this. Reminded me that I should live a bit healthier, not drink more coffee then water, got to sleep earlier, wake up earlier, maybe even exercise. But more important, it got me thinking. The non-routine kind of thinking. Read some old diary entries. Wrote a new one, after almost a year.
dgorges 16 hours ago 0 replies      
There is a similar TED Talk worth watching:

Jill Bolte Taylor:My stroke of insight

http://www.ted.com/talks/jill_bolte_taylor_s_powerful_stroke... 18:19 min, Feb 2008)

delackner 21 hours ago 0 replies      
Profound. Thank you for sharing this. It pains me to read though that you had years of abnormal symptoms (severe shortness of breath, migraines, etc) and the medical system was unable to detect the issue early. This seems like the sort of issue that early detection could provide tremendous quality of life / survivability improvements at little risk. If the existing tests are too difficult, then we need more tests.
yousifa 19 hours ago 0 replies      
This is the best piece I have read in a while. It is amazing how something so small could affect our life. We are so delicate. Do you actually see objects as shapes and colors (as in, was the part of the brain that translates the signal into images lost) or was that you can not figure out what it is that you are looking at?
nikant 23 hours ago 0 replies      
Such a well written article. I loved the details with which the incident was described.
bshimmin 1 day ago 3 replies      
I wish Buzzfeed only had articles like this.
diestl 1 day ago 4 replies      
Not sure what this has got to do with programming?
ozy23378 18 hours ago 3 replies      
> As a result, my left brain, the expert at numbers and language and logic and reasoning, a part of it suffocated and died. My right brain, the specialist with regard to color, music, creativity, intuition, and emotions, therefore could not talk to my left brain.

This popular myth of broad specialization of the hemispheres needs to die. The author lost credibility there.

Announcing Keyless SSL
500 points by jgrahamc  4 days ago   184 comments top 27
lucb1e 4 days ago 3 replies      
For those who want to understand how it works (it took me a minute, so I'll try to explain it simpler):

In simplified terms, the server usually stores a public and private key, and sends the public key to the client. The client generates a random password, encrypts it with the server's public key, and sends it to the server. Only anyone with the private key can decrypt the message, and that should only be the server.

Now you don't want to hand over this private key to Cloudflare if you don't need to, because then they can read all traffic. Up until now, you needed to.

What they did was take the private key and move it to a keyserver, owned by your bank or whomever. Every time the Cloudflare server receives a random password (which is encrypted with the public key) it just asks the keyserver "what does this encrypted message say?" After that it has the password to the connection and can read what the client (the browser) is sending, and write data back over the same encrypted connection. Without ever knowing what the private key was.

The connection from Cloudflare to your bank's webserver and keyserver can be encrypted in whatever way. It could be a fixed key for AES, it could be another long-lasting TLS connection (the overhead is mostly in the connection setup)... this isn't the interesting part and can be solved in a hundred fine ways.

Edit: Removed my opinion from this post. Any downvotes for my opinion would also push the explanation down (which I hope is useful to some). I mostly agree with the other comments anyway.

indutny 4 days ago 2 replies      
And my patch for OpenSSL that does the same thing: https://gist.github.com/indutny/1bda1561254f2d133b18 , ping me on email if you want to find out how to use it in your setup.
delinka 4 days ago 5 replies      
Instead of keeping the key in a potentially vulnerable place, they're putting it in an oracle: pass ciphertext to the oracle, get plaintext back. I'm interested in the authentication between CloudFlare and the oracle. Cryptographic examples involving an oracle tend to refer to the oracle as a black box that just blindly accepts data, transforms it, and replies. Of course, then the oracle's content (a key, an algorithm) risks exposure through deduction if an attacker can submit limitless requests. See http://en.wikipedia.org/wiki/Chosen-plaintext_attack

I'm not at all suggesting that CF hasn't thought of this; rather I want to see their mitigation of the risk.

mhandley 4 days ago 3 replies      
This seems to only slightly reduce the threat to the banks.

Currently, if someone compromises the Cloudfare servers, they gain the bank's private key and can impersonate the bank until the bank revokes their keys.

With this solution, if someone compromises the Cloudfare servers, they can impersonate the bank by relaying the decryption of the premaster secret through Cloudfare's compromised servers back to the bank. They can do this until Cloudfare notices and closes the security hole.

It's not clear that the difference is all that great in reality, as most of the damage will be done in the first 24 hours of either compromise.

personZ 4 days ago 4 replies      
After reading the beginning of the piece, I was expected something more...profound. Some deep mathematical breakthrough or something.

Instead they separate the actual key signing, delegating it to the customer's device. That's nice and useful, but isn't quite what I was expecting.

teddyh 4 days ago 4 replies      
So the communication between Cloudflare and the actual SSL key holder is secured by what? Another key? In that case, any compromise of Cloudflares key is the same as a compromise of the original SSL key (at least in the short term).
otterley 4 days ago 4 replies      
Keyless SSL is basically an analogue of ssh-agent(1) for OpenSSL. It's a nice feature that you no longer have to trust CloudFlare with your private key, but there's a huge tradeoff: if your keyserver is unavailable (ironically, due to any of the things CloudFlare is supposed to protect you from or buffer you against -- DDoS, network/server issues, etc.), they can no longer authenticate requests served on your behalf and properly serve traffic.
windexh8er 4 days ago 2 replies      
All other technicalities aside it's rather interesting. From an HSM perspective it either makes that hardware now very useful or very useless.

Think of a large organization - you've been there (or not), there are 30 internal applications with self-signed certificates. Fail. The organization had purchased an HSM, but never really got it deployed because - well, that was too complex and it didn't integrate well with 3rd party network hardware and failed miserably in your *nix web stack.

This could be interesting - and I'm not commenting with regard to the efficacy or security concerns around this, but mainly the workflow simplicity it provides to large organizations who end up in self-signed-cert-hell because HSMs don't interoperate easily in a lot of use cases.

But to my original statement - this is a very good thing or a very bad thing for Thales and the like. The only requirement for an actually certified HSM, really, is certification against some hardware and software standard you have a checkbox to fulfill. Beyond that this would be a killer in the middleground for those who want an HSM like functionality but don't have any requirements to meet other than housing a secure segment where key management can be done in a more controlled manner.

vader1 4 days ago 1 reply      
While this is a cool feature, I wouldn't say the improvement is more than marginal: all potentially sensitive customer data is still available to Cloudflare in plain text. And after all, with a Business plan you can already use your own ("custom") SSL certificate which you can then revoke at any time.

Why not offer a "pass through" mode where the proxying is done on the network layer rather than the application layer? Of course in such a modus all CDN-like functionality could no longer be offered, but it could still do a fair amount of DDOS protection, no?

mback2k 4 days ago 0 replies      
So, this is not actually keyless SSL but SSL using something like a Hardware Security Module over networked PKCS#11. Did I miss something?
zaroth 4 days ago 1 reply      
See: Secure session capability using public-key cryptography without access to the private key.


praseodym 4 days ago 4 replies      
So CloudFlare won't get your private key, but will still get to see unencrypted plaintext for all traffic? Sounds like a huge improvement...
xorcist 4 days ago 1 reply      
The article is somewhat light on content. There are standard protocols for HSM use. What is the reason you didn't use these? There are clear risks involved with inventing your own security related protocols.
_pmf_ 4 days ago 0 replies      
Are we reinventing Kerberos again?
blibble 4 days ago 3 replies      
isn't this completely missing the point, i.e. banks being able to say 'no third parties can see our clients identifying information/balances/etc?'

yes, the SSL key doesn't leave the bank, but everything it is protecting is..

bjornsing 4 days ago 0 replies      
> World-renowned security experts Jon Callas and Phil Zimmermann support CloudFlare's latest announcement sharing, One of the core principles of computer security is to limit access to cryptographic keys to as few parties as possible, ideally only the endpoints. Application such as PGP, Silent Circle, and now Keyless SSL implement this principle and are correspondingly more secure.

Ehh... I'd say Keyless SSL implements the opposite of that principle: encryption terminates with CloudFlare but authentication terminates in some bank.

yk 4 days ago 0 replies      
So the problem is, how to get a cloud in the middle while keeping the green lock in the browser? Just yesterday I read Douglas Adam's phrase "technologies biggest success over itself."
kcbanner 4 days ago 1 reply      
Interesting, but what about the latency issues of having to always contact the key server?
sarciszewski 4 days ago 0 replies      
That is amazing. I can't wait to play with this code :D
yusyusyus 4 days ago 1 reply      
How does this architecture address PFS? I'm guessing a future version would require the exchange of DH private key to make it work...
ambrop7 4 days ago 1 reply      
I don't like to sound hateful, but this is an obvious solution that any competent person knowing how TLS works would find. If someone tried to patent it, I suppose every smart card would be considered prior art. The only "novelty" is that the connection to the "smart card" is the network.

Not to say that it's not useful, but the article describes it as some grand invention.

general_failure 4 days ago 0 replies      
Well, cloudfare can still read all the traffic. I thought that problem had been solved somehow.
diafygi 4 days ago 1 reply      
Is this the free SSL announcement that CloudFlare said it was going to announce in October?
liricooli 3 days ago 0 replies      
It seems that the correct title should have been "all your keys are belong to us".
EGreg 4 days ago 0 replies      
Wow, what a great read!
ilaksh 4 days ago 1 reply      
This is a discussion about cyberwarfare in a literal sense. The technical discussion shouldn't really be separated from the economic, political, social and human health concerns because all of those parts of the system interact deeply and directly.

A goal of total political cooperation or submission leads to economic sanctions leading to serious human health effects leading to defensive denial of service attacks. This accelerates the need to decentralize the financial network systems to make them more robust.

How can we imagine though that even after a complete transition to next generation systems that are ground-up distributed designs (not just stop-gap tweaks like this) that we won't have new types of attacks to deal with.

The starting point is the belief system that provides such fertile ground for conflict. We have to promote the idea that human lives have value and that lethal force is not an acceptable way to resolve conflict.

As long as decision makers are living in a sort of 1960s James Bond fantasy world we will all be subject to the insecurity of that type of world. Its largely built upon a type of primitive Social Darwinism that is still much more prevalent than most will acknowledge.

Its much easier to accept a compartmentalization of these problems and focus on a narrow technical aspect, but that does not integrate nearly enough information.

zameericle 4 days ago 1 reply      
Sounds like Elliptic Curve Diffie-Hellman is used between client/server to establish a private key. Not sure how this is new.
Chromeos-apk Run Android APKs on Chrome OS, OS X, Linux and Windows
463 points by ProfDreamer  3 days ago   90 comments top 18
cryptoz 3 days ago 3 replies      
This is amazing. There's a long reddit thread and some additional instructions here: http://www.reddit.com/r/Android/comments/2gv035/you_can_now_...

From the README:

> Soundcloud - Works, crashes when playing sound

Funny definition of 'works'.

byuu 3 days ago 5 replies      
Can anyone explain how this differs from using an Android emulator? (http://developer.android.com/tools/help/emulator.html)

Is it a matter of features, speed, or convenience? Obviously, all of those can be overcome, be it as a fork of the official emulator or as a third-party emulator. For instance, this new Chrome extension must be the same thing under the hood: a Dalvik runtime, possibly an ARM->Intel recompiler for any NDK applications, etc.

I figured the only reason this wasn't done to mass effect already was because it wasn't in demand. But if it's so desirable, surely creating an actual emulator would be superior to hacking up web browser extensions and ostensibly playing cat-and-mouse with Google over this?

AdmiralAsshat 3 days ago 3 replies      
Neat proof of concept.

I hope Google gets us something official sooner rather than later. It's a little disheartening that I own a Chromebook Pixel and yet I can't use Google's own hardware to design or test Android apps without installing Eclipse on a sideloaded Linux chroot via Crouton.

kasabali 3 days ago 2 replies      
I will absolutely go nuts if this thing manages to run OneNote on my Debian desktop.
wzsddtc 1 day ago 0 replies      
We worked with the ARC team at Vine as a launch partner, there were 0 modifications that we had to do to get it working on ARC. The only difference was that the "bugs" we had to fix were all reproducible on Nexus devices as well BUT the threading model had to be more strict on ARC in terms accessing system resources.
oldgun 3 days ago 0 replies      
This is amazing.

I hope Google could really carry this project as far as possible. The next several major issues would be polishing up the platform, eliminating the bugs, unifying the android and chromebook development interface. Think of one day when android developers could actually design apps for the desktop. How cool would that be?

That's when Microsoft should really get worried.

niutech 2 days ago 1 reply      
Running Android apps in Chrome on desktop is huge! I'm glad that the ARC runtime I provided in https://github.com/vladikoff/chromeos-apk/issues/5 helped to achieve this.
bla2 3 days ago 0 replies      
Interesting, Google announced working on this on this year's I/O and posted the first apps just one week ago ( http://chrome.blogspot.com/2014/09/first-set-of-android-apps... ).
tracker1 3 days ago 1 reply      
Hope this means good netflix support in Linux.
bmelton 3 days ago 1 reply      
So, now we can write apps in Angular that run on the web and compile to Java so that we can install them to Android, running on ChromeOS, running on OSX.


Edit: Perhaps the punny nature of this is deserving of downvotes, but the statement above is the actual use case I presented to a co-developer, discussing how this project could be of use to our app, which was built with Ionic.

FWIW, there's value in it (the app, not necessarily this post) even if it means having to unplug fewer devices to swap them out with different devices to test.

asadotzler 3 days ago 0 replies      
Java makes a triumphant comeback in the browser?
kyrrewk 2 days ago 0 replies      
I have had some success running Android x86 (http://www.android-x86.org/) in VirtualBox.
mattfrommars 2 days ago 1 reply      
How is this really good? Android apps are really good but they are designed for touch interface on mobile devices, not desktop.
bussiere 3 days ago 0 replies      
Fuuuuu Out There a good game only available on mobile crash with this solution ...

Dam but it looks full of promise i hope one day it will work well ...

em3rgent0rdr 3 days ago 0 replies      
Awesome! Works for me on arch linux running latest chromium. Much faster than running android emulator!
chj 3 days ago 0 replies      
Google needs to do this.
mjcohen 1 day ago 0 replies      
Want Open Office!
stuaxo 3 days ago 0 replies      
Its about bloody time!
Apples warrant canary disappears
405 points by panarky  4 days ago   93 comments top 15
kwhite 4 days ago 4 replies      
Is there any reason why a company could not apply the same concept of a warrant canary on a user-by-user basis?

Imagine seeing a message every time you log into your Gmail account informing you that Google has never been compelled to surrender your private data to a law enforcement agency.

panarky 4 days ago 1 reply      
Possible explanations:

1) It wasn't a canary to begin with, so its removal means nothing.

2) There's no legal precedent for disclosing a Section 215 order by killing the canary, so Apple removed it before they received a Section 215 order. That way it doesn't disclose anything and Apple avoids legal liability.

3) Apple really did receive a Section 215 order.

rrggrr 4 days ago 0 replies      
As explained by Apple:

In the first six months of 2014, we received 250 or fewer of these requests. Though we would like to be more specific, by law this is the most precise information we are currently allowed to disclose.


nl 4 days ago 1 reply      
Interesting and somewhat disappointing that it took a year for anyone to notice that it had disappeared. The appearance generated quite a lot of interest.

(Of course, I'm as responsible as anyone else for not noticing. I wonder if it would be possible to build a service to proactively check for their disappearance?)

UVB-76 4 days ago 2 replies      
Gee, thanks for the hat tip...


johnhess 4 days ago 4 replies      
Could a lawyer or someone with familiarity with warrants like these explain how a "warrant canary" is legal?

I understand the concept, but discloses something you can't disclose. They can compel you to lie/not comment if asked, "Hey, Apple, did you get any of those National Security Letters".

Is there a clear cut loophole or is this something yet to be challenged?

tkinom 4 days ago 1 reply      
I wonder what happen if Russian, China, India, Japan, EU all demanding same level of access to Apple's data.

Apple might not care about Iran or other smaller countries, but how is it going to deal with big market like China, India, EU?

chiph 4 days ago 0 replies      
Under what conditions would the warrant canary statement reappear? I'm thinking of those workplace safety signs: "This corporation has operated for [ 179 ] days without a Section 215 warrant being served"
crazypyro 4 days ago 0 replies      
Have any of the other major tech companies had similar canary disappearances? I only ask because this is the first time I've heard of one actually being used by a tech company as a warning flare.

I'd expect a governmental legal challenge...

MrJagil 4 days ago 11 replies      
I've asked this before to no avail, but what can the NSA possibly do if Apple refuses?

Fine them? Sure, they have billions.

They can't arrest the company... Is Cook going to jail? What is the actual threat here? You could argue that Apple has more power than many governments.

staunch 4 days ago 1 reply      
Apple should just declare that they have been subject to Section 215. Given how many users Apple has it can't reasonably be argued that such a disclosure would be a danger to national security.

Hopefully they would end up before SCOTUS and help defang the USA PATRIOT Act.

stevewepay 4 days ago 0 replies      
So now what? Now that the canary has disappeared, is there no other information that can be transmitted to us? It feels like it's a binary signal that just got set permanently, so there's no more information we can glean from it.
ForHackernews 4 days ago 1 reply      
Very interesting in light of this: https://news.ycombinator.com/item?id=8333258
maresca 4 days ago 0 replies      
Perhaps this is the reason for all of the security updates in iOS 8.
What Coke Contains (2013)
402 points by fmela  3 days ago   174 comments top 33
d0mdo0ss 3 days ago 4 replies      
> coca-leaf which comes from South America and is processed in a unique US government authorized factory in New Jersey to remove its addictive stimulant cocaine

According to Wikipedia "The Stepan Company is the only manufacturing plant authorized by the Federal Government to import and process the coca plant, which it obtains mainly from Peru and, to a lesser extent, Bolivia. Besides producing the coca flavoring agent for Coca-Cola, the Stepan Company extracts cocaine from the coca leaves, which it sells to Mallinckrodt, a St. Louis, Missouri, pharmaceutical manufacturer that is the only company in the United States licensed to purify cocaine for medicinal use."

Someone1234 3 days ago 11 replies      
I wish Coca Cola would make a acid free version of coke. The Phosphoric Acid adds a slight tang to the drink, but in exchange absolutely destroys your teeth over years of consumption.

For regular drinkers like myself I'd happily pay a small premium to buy the "acid free" version of the drink. The sugar still does damage but with both the acid AND sugar it is like a double whammy of "badness" (acid which destroys your teeth's natural protective coating, and sugar to feed the bacteria which actually eat away at your teeth).

No amount of brushing can really undo the amount of damage acidic soda does to your teeth, trust me I know! Even with prescription toothpaste with fluoride 5x times stronger than normal (5000 ppm toothpaste Vs. 1100 ppm) you're only slowing down the progression.

jstalin 3 days ago 4 replies      
The same type of story as the classic "I, pencil," published in 1958:


srean 3 days ago 1 reply      
The article waxes so eloquently about this beloved product that I would have mistaken it for a paid PR piece. The article is great read nonetheless.

For those who are also interested in the other darker, grimier side of the same coin, might want to check out its use of mercenaries for union busting in South America(by murder of course. In the hands of the right spinners that would be 'terrorism'), similar stuff happened in India as well.



klinquist 3 days ago 3 replies      
You can make your own almost-Coke... OpenCola, the open-source cola.


gokhan 3 days ago 9 replies      
> The number of individuals who know how to make a can of Coke is zero.

This reminds me a fact I remember time to time. If civilization collapses after, say, a world war, I most probably can't make a pot, can't grow plants, can't differentiate if one is edible or not, can't dig for petrol, can't make plastic (or even glass), can't reinvent concrete, can't make gunpowder etc., you get the point.

I can only write software and maybe drill with tools and nail with a hammer but that's all.

bjornsing 3 days ago 3 replies      
> The top of the can is then added. This is carefully engineered: it is made from aluminum, but it has to be thicker and stronger to withstand the pressure of the carbon dioxide gas, and so it uses an alloy with more magnesium than the rest of the can.

Nope, the pressure from the carbon dioxide pushes equally against all sides of the can. If anything the pressure at the top is slightly lower than at the bottom, at least if the can is standing, because of the weight of the coke pushing against the bottom.

vesche 2 days ago 0 replies      
> ... the inside of the can is painted toowith a complex chemical called a comestible polymeric coating that prevents any of the aluminum getting into the soda.

I though this was very interesting, so I did a little digging... There is remarkably little information on these 'comestible polymeric coatings', but I was able to find (see below) a reason as to why that is. Apparently these coatings are propriety to the manufacturer and there are competing companies who are constantly in a race to find the best coating.

It's supremely interesting the fact that drinking a can of coke is almost a magic trick right in front of your eyes. It'd be like someone holding a lighter straight to a piece of paper and everyone being baffled as to why it isn't lighting on fire. Yet when someone drinks a coke no one bats an eye as to how it isn't mixing with the metal salts and eating straight through the aluminum can.

"Interior can coatings designed to prevent migration of metal salts into the contained product are called "comestible polymeric coatings". The coatings ars polymers typically used in coil coating. The exact nature of the coatings isn't available since most are proprietary to manufacturers who continuously look for better coatings."

source: http://www.eng-tips.com/viewthread.cfm?qid=258261

JacobAldridge 3 days ago 1 reply      
Actually, the Pinjarra process creates Aluminium. The process of shipping it to Long Beach CA converts it into aluminum.
neya 3 days ago 2 replies      
I'm surprised that the author hasn't mentioned the use of toxins (pesticides)[1], to the extent that it is even being used as a real pesticide in various parts of India.

I know some may find this offensive, but sorry, I think I have a moral responsibility myself to let the people around me know of the harms caused by this carcinogen[1].



makmanalp 3 days ago 0 replies      
My favourite version of this is a picture of a boeing 787 and where all the parts are manufactured: http://seattletimes.com/art/news/business/boeing/787/partsen...

Of course if you could break it down further into smaller parts and tools to manufacture those parts, you'd get an even greater variety of countries and companies.

The center where I work actually does work slightly related to this, https://www.youtube.com/watch?v=0JC24CBVsdo

Theodores 3 days ago 1 reply      
You could say this about any product. I think the essay would be considerably longer if it concerned a typical PC or phone, not to mention a car.

I also think the essay can be written with cynicism instead of wonder, e.g. with an anti-capitalist slant. With one innocuous affordable purchase you can deforest and pollute four continents whilst giving yourself diabetes and dental caries!!!

gburt 3 days ago 0 replies      
I am reminded of I, Pencil. [1]

[1] http://www.econlib.org/library/Essays/rdPncl1.html

Tloewald 1 day ago 0 replies      
This article reminds me strongly of a pivotal passage in the novel Gain, by Richard Powers (which I can't recommend highly enough, although it's a downer). In that passage he describes how a disposable film camera is made.
jeffbarr 3 days ago 2 replies      
This is my favorite sentence of the article:

> Modern tool chains are so long and complex that they bind us into one people and one planet.

When we think about colonizing the Moon or Mars with small groups of people with the intention of making the colonies self-sustaining over time, deep, long-evolved tool chains like the one described in the article could be very difficult to scale down and to replicate in other environments.

raverbashing 3 days ago 1 reply      
"The top of the can is then added. This is carefully engineered: it is made from aluminum, but it has to be thicker and stronger to withstand the pressure of the carbon dioxide gas, and so it uses an alloy with more magnesium than the rest of the can"

Yes, but the pressure is the same on all parts of the can. Ok, almost the same, still.

Maybe because of the parts that have been cut to make it easy to open?

AlyssaRowan 2 days ago 0 replies      
Not that I want to waste any time on a HPLC-MS machine on this, but I was distinctly under the impression Coca-Cola 7X does not actually contain kola nut?

I've had Red Bull Cola, and actually found it quite different, but delicious. No accounting for taste, though.

NotOscarWilde 3 days ago 2 replies      
Speaking as somebody who's never even smoked a cigarette or a joint: are there people who tried to recreate the "original" coke recipe? The one with "unprocessed" coca leaves? Is it available on say the latest instance of Silk Road? What is it like?
lpolovets 3 days ago 0 replies      
There's a book with a similar theme about Twinkies. It's called "Twinkie, Deconstructed" (http://www.amazon.com/gp/product/B000OZ0NZS
exacube 2 days ago 2 replies      
How can 0 people know what's in Coke while still getitng it FDA approved? Surely this can't be true.. How does the company know how to make a can of coke if they don't know how it's put together?
TazeTSchnitzel 3 days ago 1 reply      
> The number of individual nations that could produce a can of Coke is zero.

While this is true in that no individual nation could produce Coke with the exact same formula, an individual nation could surely produce a soft drink.

Istof 3 days ago 1 reply      
"[...] and the edges of the can are folded over it and welded shut."

I never thought there was any weld in a soda can... (and I still don't think there is any)

cbhl 3 days ago 1 reply      
Article title should probably contain (2013).
justintocci 3 days ago 1 reply      
i wonder what the failure rate on the interior coating is? How often are people ingesting disolved aluminum?
swartkrans 3 days ago 1 reply      
Is the ammonia dangerous? Or can it be? How much ammonia can a person consume before it becomes dangerous?
alecco 3 days ago 1 reply      
To keep you drinking they add plenty of sodium (50mg+) masked with sugar, HFCS, or sweeteners. They also add caffeine as a diuretic to keep consumers drinking, too. And then they market it to children, lovely people.

Check out Dr. Robert Lustig videos. Also, the book Salt, Sugar, Fat, about food industry engineering.

yarou 3 days ago 0 replies      
He forgot to mention the Colombian paramilitaries that break up Coke bottling plant unions by kidnapping their children. Funny how "globalization" is presented in a saran-wrapped, sanitized version.
InclinedPlane 2 days ago 0 replies      
This is good, although I think it reaches just a little too far when it says that the number of nations that could produce a can of coke is zero. If the US so desired it could grow coca leaves, and kola nuts, and use locally produced aluminum, etc.
Smachine 3 days ago 0 replies      
Think of all of the jobs the making of Coke provides. Oh here we go......lol
argumentum 3 days ago 0 replies      
A brilliant paean to the free market and the invisible hand. Milton Friedman once described the manufacture of a humble pencil in this way.

(edit: just saw a link to an essay entitled "I, Pencil" at the bottom .. this might have pre-dated Friedman).

WiggleYourIndex 2 days ago 0 replies      
Clean water tastes better.
joshfraser 3 days ago 1 reply      
1 can of coke contains 160% of your recommended daily intake of sugar. But you won't see that on the label because money.
One Thing Well A weblog about simple, useful software
351 points by tete  1 day ago   46 comments top 16
Argorak 1 day ago 1 reply      
This tumblr doesn't quite live up its name: http://onethingwell.org/post/97725615916/busybox

BusyBox is great and everything, but it's definitely not subscribing to the "One Thing Well"-philosophy, quite the contrary: everything in one.

asymmetric 1 day ago 1 reply      
OT, but it's heartening to see a link to an RSS feed next to Twitter and G+. I find that more and more sites are abandoning this public, open source standard in favor of proprietary platforms.
state 1 day ago 3 replies      
Sorry, but there is nothing I find more annoying than the "Never miss a post!" spam that Tumblr now inserts in to every page post acquisition.

Perhaps someone could do one thing well and come up with a blogging platform for this nice project?

eps 1 day ago 0 replies      
11 pages of Windows software! Who would've thought it exists :)


tete 1 day ago 0 replies      
Disclaimer: Not my blog, but found it today and really loved it.
fizixer 1 day ago 1 reply      
- See also: suckless.org

- An LFS build off kernel.org (the kernel) and github (the rest of userland) would be an interesting experiment.

denizozger 1 day ago 0 replies      
I love the idea but not the implementation. Categorising software according to purpose and tech stack would be the best.
juef 1 day ago 0 replies      
tretiy3 1 day ago 1 reply      
Very good.Is there any way to subscribe (no count tumblr rss twitter)?
alanning 1 day ago 0 replies      
Short examples would greatly enhance comprehension for me
nXqd 1 day ago 0 replies      
This site could be named unix_hunt :D
zomg 1 day ago 0 replies      
the original "product hunt"! :)
doctorpangloss 1 day ago 3 replies      
> Simple, useful software

I came expecting examples of to-do lists, mail clients, clever messaging apps, etc. There are a handful of those.

Instead, the majority of apps are described by sentences where literally every word would be unfamiliar to a typical computer user. For example, "Cram is a functional testing framework for command line applications based on Mercurials unified test format."

Simple is in the eye of the beholder.

New Developer Tools Features in Firefox 34
316 points by xOnic  23 hours ago   54 comments top 20
azinman2 21 hours ago 2 replies      
Ok debug logging into a table is probably one of the best improvements to logging I've seen in a long time. I kinda want this in every programming language. There are so many useful things about it, especially the ability to then randomly sort it at will!
geekam 1 hour ago 0 replies      
Finally, the storage manipulation has arrived. Now I can get rid of Firebug completely.
diafygi 14 hours ago 1 reply      
Is the bug that treats re-requests source files when opening the debugger fixed yet?


bshimmin 19 hours ago 3 replies      
The jQuery events inspector looks super useful.

I keep meaning to give Firefox another try - after ditching it for Safari, and then Chrome, some years ago - but I never quite find the motivation.

genericacct 16 hours ago 2 replies      
I was excited about the WebIDE but apparently it's only for firefox OS apps. Is there any way of linking a webIDE to devTools? I'd pay for a tool that lets me click on a jsconsole error message and then takes me straight to the editor at that line and column on the original file.
leeoniya 12 hours ago 1 reply      
is there any way of making the inspector show simple textContent inline with the nodes without having to unfold them? i keep going back to Firebug for this.

rather than

    <em>       test    </em>

dubcanada 15 hours ago 1 reply      
Does anyone know if there is a way to theme the developer tools? Like you can do in Chrome?

Like https://chrome.google.com/webstore/detail/devtools-theme-zer...

Tloewald 22 hours ago 2 replies      
A ton of very compelling stuff. I hope it all works nicely; I have found the Firefox dev tools to be weirdly clunky of late and keep going back to Chrome, but this may drag me back.
arenaninja 10 hours ago 0 replies      
Sweet, sweet console.table()! I've never been happy with the way that console.log works for objects/arrays, I'm eager to use this one
pdknsk 22 hours ago 1 reply      
The only feature in Firefox I miss in Chrome is the view that shows the stacked layers of a website. I dismissed it when I first tried, but it can be surprisingly useful. It's no reason to make me switch to Firefox though.


frankzander 19 hours ago 0 replies      
What about firebug? Who long will firebug live with sight of the developer tools becomming better and better?
ck2 21 hours ago 1 reply      
I'm more excited about this coming in the next version(s)



Back in August they were debating enabling by default in November but it is probably not ready for prime-time yet


Kiro 17 hours ago 1 reply      
Finally a way to easily inspect and delete cookies on the run. I remember getting voted down here for complaining about it previously.

EDIT: Ok, read-only. Too bad but at least they have it planned.

gioele 19 hours ago 2 replies      
How big are the developer tools compared to the rest of Firefox? 5% of the total size? 10%?

Can't the more sophisticated tools be split into a separate extension, leaving only some basic things in the distributed package?

iSnow 18 hours ago 0 replies      
Oh, this is neat. This is probably the first time the built-in debugging tools make me think about ditching FireBug.
kolev 22 hours ago 0 replies      
This is great! Firefox Aurora has been my main browser for over 6 months and now these great improvements will keep the status quo for me!
ux-app 19 hours ago 0 replies      
great to see the iframe switcher. Was such a pain to manually switch the context between top and child frames.
vvh 21 hours ago 0 replies      
good list of tools, thanks!
Gonzih 15 hours ago 1 reply      
arahaya 19 hours ago 0 replies      
A Long, Ugly Year of Depression Thats Finally Fading
309 points by squiggy22  3 days ago   128 comments top 27
karmajunkie 3 days ago 0 replies      
Man, there are a lot of diagnoses getting thrown around this thread. As a caregiver to someone with a serious illness, as well as someone who periodically suffers from many of the same mental and emotional issues raised here... How about refraining from doing that unless you are A) a mental health or otherwise trained medical professional; and B) someone who has actually seen and assessed the patient. I'm not calling out anyone in particular because let's face it, this is HN and we're probably all know-it-alls at one time or another, but this can have some particularly pronounced thoughts and effects on the posters who are getting the comments.

If you are dealing with any of these issues, my heart goes out to you. Please reach out to a counselor, or at the very least a counselor or therapist who specializes in the things you're dealing with. If you need help finding one, my email is in my profile, i'm glad to help.

tst 3 days ago 4 replies      
I'm also recovering from a depression which lasted for quite a while. It absolutely sucks because you think you're worthless, nobody loves you, you can't get anything right and the best would be if you just wouldn't exist anymore.

And on top of that you isolate yourself. I know how hard it was to ask for help therefore I want to show you some things which helped me:

- Realize that your depression is lying to you. It doesn't tell the truth. It makes you believe that something is logical even if it isn't.

- Read 'Feeling Good' - terrible title, great book. It will probably work better than average on the average HN reader because it takes a 'rational' approach to depression (cognitive-behavioral therapy). It helps you to recognize destructive thought patterns and how to deal with them.

- Garbage in, garbage out. What works for computers also works for your body. Yeah, you're a geek but you can eat some vegs instead of the 500th pizza. Also working out (or other sports) are pretty great.

- Long term: Therapy which tries to work on the root cause and not just at symptoms.

Finally, here's a rather extensive list with lectures, books, exercises, etc. which help dealing with depression [1]. Back when I was fed up with feeling crap I created a spreadsheet with the 8 activities and tracked those every day.

Note: Every person seem to react to differently. I read about people who improved a lot by meditating - on the other hand, it didn't work for me.

So, try some things out and don't give up. You can beat that liar in your head.

[0]: http://www.amazon.com/Feeling-Good-The-Mood-Therapy/dp/03808...

[1]: http://www.reddit.com/r/getting_over_it/comments/1nd14u/the_...

PS: If you have any questions feel free to ask - if you want to send me a private one write at <username> @ panictank.net

dchuk 3 days ago 3 replies      
I guess I'll be the only person to comment on the actual Moz business struggles rather than the depression side of this post. Moz raised their money at a really tricky time because it was right before Google essentially bent over the SEO industry. When Rand mentions the Content tool that hasn't even started being developed, that was something that was supposed to take your Google Analytics keyword referrer data and match it to your content and your rankings and your links and your competitors and basically help you spot keywords and content you can easily rank better for.

The timeline seems to be matching up where they had this plan for this tool before any of the Google SSL stuff started, so as they started working on the design and UX of it, Google started rolling out the SSL stuff and it basically ruined their idea. Moz ended up adding tools to try and guess what keywords made up your "(not provided)" data but that's a far cry from what they were originally planning.

I'm basing this entirely on being heavily involved in the SEO industry around the times mentioned in Rand's article and having even run a successful SEO SaaS product (which is still going even though I've moved on to other projects). I just remember seeing screenshots of what they wanted to build and thinking "wow, if they can nail this, it will be great". I wanted to build a similar app. But when Google started hiding all organic keyword data in analytics, I distinctly remember saying "Well there goes Moz's whole new product".

Google really fucked the SEO world up with their (not provided) move. Think what you will about SEO but it's still a legitimate marketing channel and I really have never been able to understand why Google thinks it's ok to not share your organic keyword data but your paid keyword data is totally fine to share with site owners.

But not much anyone can do about that now I suppose.

jtbigwoo 3 days ago 0 replies      
>> ...layoffs is a Pandoras Box-type word at a startup. Dont use it unless youre really being transparent (and not just fearful and overly panicked as I was).

I made a similar mistake once as a manager and experienced this kind of thing more than once as an employee. Certain words like "layoffs" or "merger" are so loaded because employees know that you know more than they do. Even if you think you're being totally transparent, employees are correct to assume that you're holding some things back because you are. It's your job to understand the state and direction of the company and give your employees the information they need to do their jobs. Employees, especially the smart ones, are going to try to infer additional information from what you tell them even when you think you've told them everything they need to know. Leaders need to be aware that a certain amount of "Kremlinology" happens in every company.

He made things worse by being vague about the company's real situation and contradicting himself a couple sentences later when he said, "...we'll survive (though not with much headroom..." If he's talking about layoffs, who is this "we"? Everybody? Rand and Sarah? If you're going to be transparent, you also need to be specific and direct. A better approach might have been, "Sarah and I modeled out some worst-case scenarios last week and this stretches our break-even point an extra six months, which will constrain our growth."

astockwell 3 days ago 0 replies      
Speaking purely to the experiences of building a new software product, I've seen this exact story play out countless times. Everyone (except maybe the engineers themselves) seems to think that designing a software product is part of the "planning phase", and thus should happen before any time is "wasted" on development:

> "That product planning led to an immense series of wireframes and comps (visual designs of what the product would look like and how it would function) that numbered into the hundreds of screens..."

The biggest contributor to this I've seen is the dozens (hundreds? thousands?) of small ways that a design (done in a vacuum, without simultaneous prototyping) will differ from established development patterns, frameworks, and other pre-packaged solutions that engineers use daily to avoid reinventing every wheel. And engineers respond with timelines that expect to be able to leverage those frameworks. Thus the dissonance begins.

One example: a design calls for a form to be broken across 4 pages. There may be great aesthetic rationale or even user testing to support this, but that means that in all likelyhood any framework (e.g. Rails/Flask/Play/etc, not to mention native apps) will have to have additional modification to support sessions, changes to validation, changes to the auth domain, persistence changes, etc. And it's not necessary for an MVP. And many times these differences are much more subtle and deeply entrenched, and would require rethinking much of the wireframes/designs to align with development patterns. /rant

I'm not sure what the answer is here, except maybe that this is one more point in favor of having a "technical founder" or in general a technical person with decision-making authority, to avoid going down a road without proofing out your ideas or timelines.

Alex3917 3 days ago 0 replies      
> "the funny thing is, Marijuana doesnt have any pain-killing properties. It just lessens tension, anxiety, and stress for some people."

Marijuana is an analgesic. But in this case the effects are stemming from the fact that's its an anti inflammatory, so that the fluid in your disc is no longer compressing the spinal nerves. And the fact that it reduces anxiety also reduces inflammation even further, since anxiety is probably largely what was causing the inflammation.

johnyzee 3 days ago 0 replies      
I love it when CEO's own up like this, it's probably one of the most appealing traits in a leader I personally can think of. As long as they don't become too insecure to actually lead, introspection and self-criticism are strengths, not weaknesses. Besides, being aware of these traits and their negative repercussions put you in a pretty good place, the ones who really suffer are the guys who repress and deny the down slopes, always happy and bubbly on the outside but in reality inches from a mental breakdown.

The last part about how stress causes physical health problems is very important, and very overlooked. Besides the muscle and nervous tension the OP mentioned, stress seriously reduces immunity which can manifest itself in a myriad of unexpected ways (whichever subsystem fails first), from infections to cysts and all kinds of nastiness.

gadders 3 days ago 0 replies      
One last comment - this post from Rand reminds me of the following from Ben Horowitz:

"By far the most difficult skill for me to learn as CEO was the ability to manage my own psychology. Organizational design, process design, metrics, hiring and firing were all relatively straightforward skills to master compared to keeping my mind in check. Over the years, Ive spoken to hundreds of CEOs all with the same experience. Nonetheless, very few people talk about it and I have never read anything on the topic. Its like the fight club of management: The first rule of the CEO psychological meltdown is dont talk about the psychological meltdown."


mikeleeorg 3 days ago 0 replies      
This is an incredibly brave, and hopefully cathartic post by someone I greatly admire. I really hope he is able to find the support and peace he needs.

As a bit of an aside, I wonder how much of this has led to similar troubles for other founders:

When the Foundry investment closed, we redoubled our efforts to build Moz Analytics. We hired more aggressively (and briefly had a $12,000 referral bonus for engineers that ended up bringing in mostly wrong kinds of candidates along with creating some internal culture issues), and spent months planning the fine details of the product.

I've heard from friends & colleagues about the massive amount of pressure they've felt after closing an investment round. While fundraising is already an incredibly trying process, the next stage is sometimes even more difficult.

In contrast, other friends & colleagues who've opted for the bootstrapped route (either by choice or circumstance) haven't seemed to face a similar massive amount of pressure. Yes, they faced incredible stress too, but not to the level of those that have raised capital.

This is merely an anecdotal observation made in my peer group. I don't mean to imply that this is some kind of phenomenon. And clinical depression is something that can cut through any kind of circumstance.

I just can't help but notice the stark difference in stress level of founders who are growing organically & carefully vs founders who are in a mad recruiting rush and sometimes hire the wrong kind of people. I wonder how much of a relationship there is between having the right kind of people in your company vs the wrong kind of people, and the stress level of a founder. I would imagine a lot.

bocalogic 3 days ago 1 reply      
I respect Rand and give him a lot of credit for vocalizing his challenges. Depression is a challenge and it can be overcome.

I am not a doctor, but I can tell you that a lot of my peers are suffering from depression from business, marriage or just in general.

One thing I do know is that the world has changed a lot in the past decade. The price of everything just keeps going up and we are constantly bombarded by information. Humans are not built that way. There is no badge of honor for being under stress 24/7. It will catch up to you one way or the other.

Humans suffer from the fight or flight responses that we encounter during high stress situations. The challenge is to digest it and make decisions not based on fight or flight emotions.

The body produces cortisol when we are under duress and it is horrible for you. It screws up everything with your body and your mind. One way to counteract this is by working out, getting sunlight, eating the right foods and staying off caffeine. Try some black or green tea instead.

30 minutes of working out will combat cortisol production for about six hours. Even going for a walk helps a lot.

Most of the worlds brightest minds and most successful people suffer from depression and knowing that your ARE NOT ALONE is a huge step forward.

You can beat depression and your life will turn around!

Talking about it and seeking help is definitely a step in the right direction. Keep your chins up.

raheemm 3 days ago 0 replies      
So few people and places can allow for this level of vulnerability and authenticity. This post is going to help a lot of people.

I have even more respect for Rand and Moz. We can say Fail Fast, Fail this, fail that ... but this kind of writing is the true embrace of failure, learning, wisdom, humanity.

gadders 3 days ago 4 replies      
I admire what Moz has done and it was an interesting read.

My comment is more of a meta one about HN. Are we really that interested in these stories of depression? We seem to get at least one a week. I realise it's an issue that may affect people here, but I'm not sure if we need the volume we are seeing now.

jroseattle 3 days ago 0 replies      
I read through this and the Can't Sleep/Loop post, which had me wiping my eyes. I feel I'm there, right now.

We're in the middle of raising money, while I also keep the engineering ship moving forward with product releases. We're about to run out of initial seed money, as we were supposed to have brought in the balance of the round and been on to Series A at this point. It's challenging, but I feel like I'm handling it.

Or so I thought. It turns out, I'm getting little sleep right now -- maybe 4-5 hours a night, on average. I've gained back so much weight and I abhor seeing myself in photos. I watch colleagues take absurd plans to investors and get way overfunded, more than they were ever asking to take on, while our little operation that's actually generating revenue (we will likely be break-even in 6 months) gets passed. I know it's not a rational reaction, but still the mental headwinds it creates really sap my soul.

It sucks when you're a (very) logical being, and something in your head no longer fits into place. I'm short with my kids at home, and I literally dread downtime. I find that cocktails go down easy, really easy.

It's a loop, alright.

danielweber 3 days ago 1 reply      
Slightly OT, but I read the whole thing thinking Moz was a nickname for Mozilla, or, at the least, that Moz was related to Mozilla.

It's still good to get these stories.

akrymski 2 days ago 0 replies      
I've been through this at every startup I founded, but managed to pull through in the end - and I'm still hoping this startup won't be any different. I struggle to imagine if any CEO has not had a tough time like this and felt utterly depressed at least once when things weren't working out. Rather than focus on the depression aspect however, why not discuss what COULD have been done better, and what Rand and other CEOs can learn from this - because ultimately there's an important lesson there besides "depression sucks":

- Don't bet your whole business on one product. Products come and go, businesses pivot. Remember how Steve Jobs launched the Mac? He created a separate, small division for the Macintosh to directly compete with the rest of the company (working on Lisa - which wasn't going well actaully). That's genius. He knew Mac is a risky project that could well take much longer than anticipated. He didn't bet the whole house.

- Start as small as possible. Moz Analytics was meant to be this giant swiss army knife right? Wrong. MVP lessons still apply. Couldn't you have launched the new brand with a tiny set of core features? Broke it into a modular setup where consumers could pay for features/modules in the future as you develop them?

- Iterate. Real artists ship, remember? Agile software development and all that? Doesn't sound like you had clearly defined iterative goals that you were hitting as you went, because then you'd really have an idea for where you are in the software development process. You seemed to have to go on someone's word on this. Instead you should have been producing A product every month with an increasing set of features. That way you could have still launched on time, but with less features.

- Review your progress often, and don't loose sight of the grand mission. Being smart doesn't help here - it often makes you stubborn, and I've got the same issue. But sometimes you need to have that thc-truffle, take a step back and think how else you could allocate your resources. Are there some other opportunities that the business can simultaneously pursue with a small set of resources as a backup plan? Are there some major M&A deals that can be done to shuffle things around? Do we need to hire more staff / or let people go who aren't hitting the deadlines? Drastic times call for drastic measures. The biggest issue with depression is that deep inside you still expect things to just get better on their own. And as they don't, you feel worse. Well the bad news is they won't get better on their own. You have to do something about it.

- Don't fail to communicate. The value of your business is in its passionate community, not one product. Seems like there are lots of people passionate about SeoMoz. Instead of shutting yourself out due to what appeared to you as a product failure, perhaps you could have engaged the community in the process, help you establish the product roadmap for the features you should be rolling out first, and try to understand why 90k of sign ups failed to try out the product.

karl24 3 days ago 0 replies      
Mental illness impacts more people than cancer, diabetes, or heart disease. Unfortunately only 1/3 of people who have the illness get treatment due to cost, access, stigma, etc.

We're working on an app that uses technology to help bring clinically proven treatments to market at a price point that dramatically improve access. We are pairing this with product design that's common on the consumer web but uncommon in mental health apps to help with adherence and engagement with treatment.

I hope this isn't perceived as attempting to capitalize on a serious thread. We (the founders) have incredibly personal reasons for perusing this problem. Many in this thread are likely ideal early adopters for the product. The general awareness that this discussion is raising is a good opportunity to reach out and ask for help as helping us will ultimately help many others.

Two ways to help:

(1) 7 question survey, < 1 min to complete: http://bit.ly/1plE2Rg

(2) contact us directly via cbtmobileapp@gmail.com if you'd like to provide insight via a more in-depth interview.

swombat 3 days ago 9 replies      
Forgive my ignorance and bluntness, but reading the above, it sounds more like an anxiety disorder than like depression. Both are serious, but I'm not sure if it helps to confuse the two?

I've not experienced either seriously, but I know people who have. Depression seems to be more about things not mattering anymore, everything being pointless, the world seeming drab and just not fun anymore, rather than feeling that everything is going to go to shit. Anxiety, though, (and I'm speaking from experience here, having had some light anxiety attacks caused by too much regular caffeine usage) seems to be characterised by a feeling of impending doom, that everything is wrong, it can't be fixed, it's all hopeless, etc. But in my (mild) anxiety attacks, like Rand, I still cared about the outcome. I just felt like there were too many problems to solve, overwhelmed, ready to say "fuck this", give up the entire thing, and start again from scratch with something completely different.

PS: Otherwise, props for the very honest and open article. Running a business is a lot of responsibility and very stressful and it can be comforting to know you're not the only who seems surrounded by world-ending scenarios.

marklittlewood 3 days ago 0 replies      
Depression in technology is a very common condition. If you suffer from it, please know you ARE NOT ALONE. This talk is very honest, open and has some really helpful and practical advice.


ryanobjc 3 days ago 2 replies      
We talk a lot about successes.

It's also good to talk about failures, both partial and more complete.

And redemption.

The road to victory is long, and I would put my back against Rand because I know this struggle has made him better.

autism_hurts 3 days ago 2 replies      
I cannot stress how much exercising to exhaustion daily (read: Crossfit) and eating healthy (Slow Carb / Paleo) impacted my depression.

Please try them before you medicate.

austengary 3 days ago 0 replies      
Not an overnight fix. But with sustained effort, meditation changed my life. Eventually other things fell in place. Diet, exercise, relationships, mental health. Buddhist teachings really helped too.

I started here. http://headspace.com

DanBC 3 days ago 0 replies      
Here's what the English "National Institute for Health and Care Excellence" say: https://www.nice.org.uk/guidance/CG90
l33tbro 3 days ago 1 reply      
As somebody who is not depressed, it is always confronting to see just how hard depressed people are on themselves.
x0x0 3 days ago 0 replies      
Wow, props to Rand for sharing this.

Rand, if you're reading this, two things occur:1 - you're far from the first person to go for big-bang software releases (though listening to your cto is probably a good idea)

2 - in _Fooled By Randomness_ by Taleb (I believe, I could be misremembering) he describes the incredible level of stress that monitoring his investments daily created. I seem to recall the author writing that he simply was unable to monitor them every day and instead had to only look at some periodic summaries. Perhaps this may help people who get to mentally exhausted looking at numbers daily? I mean, it's good to notice immediately if they crater, though that can be scripted. Beyond that, there's probably not much value looking at them 7 days a week that you don't get looking at them once every seven days. I use the same technique on the elliptical machine; time crawls if I look at the timer, so it's an exercise of will to go as long as possible before looking.

Hope he's in a better place now.

andreash 3 days ago 0 replies      
One of the most honest blog post I've ever read.
Siecje 3 days ago 0 replies      
thinknothing 3 days ago 0 replies      
I started writing poetry when i got depressed - www.thinknothing.co
MIT Students Battle State's Demand for Their Bitcoin Miner's Source Code
307 points by msantos  13 hours ago   111 comments top 24
will_brown 8 hours ago 4 replies      
There is a lot of confusion in this thread regarding basic concepts of the law.

1. The NJAG is not prosecuting the MIT student(s) (at least not yet). Therefore, this is not similar to the alleged overzealous prosecutors in the Swartz case.

2. A subpoena is a writ compelling testimony or evidence. A subpoena is not synonymous with being a defendant.

3. NJAG served one MIT student with a subpoena to turn over documentation (source code, downloads, users, ect...)for a program which maybe being used by third party websites in a way that violates the rights of NJ residents vis-a-vis unauthorized access to computer systems.

4. It seems there is an issue raised arguing NJAG does not have jurisdiction over the MIT student(s). Personally I would find this analysis the most compelling because it is at the intersection of where facts and law meet.

5. EFF is arguing that complying with the subpoena may violate the students right against self-incrimination. I think this is a losing argument where one's right against self-incrimination is rather limited, generally to information contained within their mind and not typically extended to documentation and records.

6. Though this is not at issue, it would be almost impossible for the MIT student(s) to have committed a crime, as the crime would require intent. It would be nearly impossible to prove the student(s) intended that their code be downloaded by third-party websites for the specific purpose of running on the end users computers without their knowledge. It would be on par with charging a gun manufacturer criminally for intending that their guns be manufactured and sold for the exclusive purpose of committing crimes.

bertil 11 hours ago 3 replies      
That article describes a though experiment that would A. remove an ad, and B. should (but doesn't) trigger a BitCoin miner. It's clearly marketed as an illustration to an idea. I'm failing to see the consumer fraud. Is this like accusing a car-manufacturer of manslaugher because they latest concept-car didn't have seat-belts?

I would like to know if that's selective reporting from Wired, or spectacular fishing from NJ state atorney.

Also, neither the hackathon, nor MIT appear to be in NJ: what is their jurisdiction? Those two issues should be clarified in any basic coverage of the incident: at this point, it is plain bad reporting.

teachingaway 5 hours ago 1 reply      
New Jersey's Position is laid out in their 3/7/2014 filing. https://www.eff.org/files/2014/03/07/njs_memo_in_opposition_...

Here's the relevant parts (lightly edited):

The Division issued the Subpoena and Interrogatories in furtherance of its investigation into an entity called Tidbit. Tidbit is a group of students who developed a software code that may have hijacked the computer resources of consumers within the State of New Jersey and improperly accessed and/or used such computer resources to mine for bitcoins for the benefit of Tidbit and its customers and without any notice to, or obtaining consent from, New Jersey consumers, in possible violation of the New Jersey Consumer Fraud Act ("CFA") and Computer Related Offenses Act ("CROA"). Bitcoins are a digital medium of exchange that can be traded on online exchanges for a dollar value. Bitcoins are "mined" through the use of computer resources to solve complex algorithms. Many times, consumers' computer resources are unknowingly accessed by entities through software code or otherwise in order to mine for Bitcoins.

Plaintiff's own description of its services strongly suggests that the code it developed is, in fact, designed to hijack consumer's computers. .... Further, contrary to Plaintiffs allegations in its brief, the Division specifically found Plaintiff's code on the websites of entities located in New Jersey. Furthermore, the Division determined that the code was active.

The following representations, among other things, are made on the Tidbit Website: "Monetize without ads"; "Let your visitors help you mine for Bitcoins;" and "Built on the bleeding edge." The Tidbit Website further provides: "How does it work? ... [1] Make an account - Sign up with your Bitcoin wallet ... [2] Paste the code - we'll give you a snippet to put in your website ... [3] Cash Out! - We'll send a transaction to your Bitcoin wallet." ...

E. The Division's Undercover Investigation

On February 7,2014, the Division re-accessed the Tidbit Website and "Sign up" button. While on the Tidbit 'Website, the Division submitted Sign-up Information to Tidbit using an undercover e-mail address and an undercover bitcoin wallet id. In response to receiving the Division's undercover Sign-up information, Tidbit sent the Tidbit Code to the Division's investigator via a confirmation page on the Tidbit website ("Confirmation Page"). The Tidbit Code that the Division received includes the Division's undercover bitcoin wallet id. Additionally, among other things, the Confirmation Page states: "Your embed code - Paste this at the bottom of your HTML page, and your visitors will start mining Bitcoins for you!" (emphasis in original).)

eli 10 hours ago 1 reply      
The EFF has the actual documents in the case posted https://www.eff.org/cases/rubin-v-new-jersey-tidbit

Based on a quick skim, this is the closest NJ comes to making a case: https://www.eff.org/document/nj-attorney-general-response-ef...

JacobEdelman 11 hours ago 3 replies      
I feel like this article is a bit one sided. It doesn't ever state NJ's case against the students and draws strong parallels to Aaron Swartz (a hero to many people). A lot of the time these parallels seem to be weak, the student who did this is an MIT student who built a piece of software at a hackathon, this has almost nothing to do with Aaron Swartz's situation except it involves a young programmer and MIT.
downandout 3 hours ago 0 replies      
There is an option in all browsers to disable javascript. That, combined with the fact that you are requesting files from a website (as opposed to them being surreptitiously forced onto your machine) implies consent to execute the code sent to you. Finally, the code made no attempt to go beyond user-granted access limits (in this case the ability to run javascript in the browser, a decision which is entirely under the control of the user).

I cannot see how a fraud or hacking case of any kind could be made here, even if they got the code.

borlak 7 hours ago 0 replies      
Tidbit inspired me to write my own web-miner, which I open sourced. It's hacked together as I was really just trying to learn how the cryptocoin&mining stuff worked. The mining rate you get with straight javascript is truly abysmal, even with web workers (much worse than the standard cpuminer).

I found a couple examples that do the scrypt part with GPU in browser, but your browser has to support custom shaders, I think (I forget the details), and the version most browsers support doesn't allow this (again, my memory is sketchy about the details).

Anyway Here you go, NJ! https://github.com/borlak/cryptocoin_scrypt_stratum

csense 8 hours ago 2 replies      
Don't users implicitly consent to a website using their CPU and bandwidth for arbitrary tasks while the website is open, by using a browser that downloads and runs arbitrary JavaScript and allows it to XMLHTTPRequest?

Even if the code in question was being run on a publicly accessible website, was used by a New Jersey consumer, and was fully functional and actually mined Bitcoins (all of those points are disputed by the students' counsel)...The only thing that's being taken by the website operators would be users' CPU cycles and bandwidth. And if the users have implicitly consented to the website's arbitrary use of those resources, how is anyone being harmed?

lotsofmangos 11 hours ago 2 replies      
They want source code for a client side javascript miner that they saw on a website. Was their right mouse button broken?
tgb 12 hours ago 5 replies      
What law did they supposedly break?
Cogito 7 hours ago 0 replies      
Perhaps most interesting in my reading of the documents provided by the EFF is the correspondence regarding the counter-sue made by Rubin against the NJAG.

In it NJAG lay out exactly what they think Rubin did:

...Plaintiffs development, use and deployment of the Tidbit Code which, by plaintiffs own description, strongly suggests the code was designed to hijack consumer's computers to mine for bitcoins, including the computers of New Jersey consumers. Further, prior to the issuance of the Subpoena and Interrogatories, the Division determined that the Tidbit Code was present and active on the websites of entities located in New Jersey and Plaintiff affirmatively sent the Tidbit Code to the New Jersey based entities.

They posit that the code was

1. Designed to hijack a consumer's computer for the purpose of mining bitcoins

2. The computers targeted for hacking (implicitly the entire internet) include those of New Jersey consumers

3. The code was found on websites owned by New Jersey entities

4. Rubin sent the code "affirmatively" to those New Jersey entities

I think 1. is the weakest point, but that weakness is based on my understanding of the definition of 'hijack'. 2. and 3. seem to follow easily from assumptions, or could be easily shown as fact. 4. seems like it would be harder to prove, but I don't know the implications of the term affirmatively used here.

peter303 11 hours ago 1 reply      
I'd curious to find out why NJ AG would get so paranoid about this? I couldnt really find a link to their side of the story.

The Natinal Science Foundation did discipline a researcher who did some mining on their computers.

everettForth 6 hours ago 0 replies      
This sounds like some trivial code, not even fully functioning, that was written during a hackathon. Why does New Jersey care?

It wouldn't even make sense as a business model anymore, because asic miners are so much more efficient than GPUs, but I heard many people talking about building this kind of service years ago.

NJ could pay a software developer to write them code to let people generate small amounts of bitcoin in a browser. Why would they possibly want this MIT student's code so badly?

joshdance 10 hours ago 2 replies      
This seems insane to me. What law was broken? What could even be considered remotely criminal about this? Seems like a gross over reach by the gov.
codexon 6 hours ago 1 reply      
I don't understand how their javascript based miner is feasible.

Mining bitcoins with a CPU is an extremely futile endeavor, and on top of that, it is implemented in asm.js.

Even with thousands of workers, GPU and ASIC mining is anywhere from hundreds to over a MILLION MH/S while modern cpus top out at 20 with most around 5.


javajosh 1 hour ago 0 replies      
How is surreptitious use of compute resource any different than the surreptitious accumulation and analysis of data exhaust? If this moves forward to prosecution, I'd argue it will actually open up an avenue of attack against Facebook, Google, et al.
larssorenson 8 hours ago 0 replies      
I don't understand how it could be considered consumer fraud or computer fraud and abuse if it was clearly indicated to the visitor that their browser would be used as a BitCoin miner in lieu of being displayed Ads. Assuming they weren't told, I could see the issue but it didn't seem like they were trying to dupe visitors.
ndesaulniers 5 hours ago 1 reply      
squozzer 9 hours ago 0 replies      
It sounds to me like NJ wants to start mining bitcoin. Nothing is sacred when you're running a deficit I guess.
trhway 9 hours ago 0 replies      
they need to bring in a couple of seasoned enterprise developers who can hand off any project in such a state that it would be easy to rewrite it from scratch than to even just successfully build it, less run/debug/understand...
Thesaurus 9 hours ago 1 reply      
Is there another website other than wired with this article?
u124556 8 hours ago 1 reply      
They could just, you know, give it to them?
joshfraser 11 hours ago 2 replies      
We're lucky to have an organization like the EFF that fights this nonsense. It's a good time to support their work.


stealthlogic 11 hours ago 0 replies      
Fuck New Jersey.
306 points by WestCoastJustin  1 day ago   24 comments top 13
reitzensteinm 23 hours ago 2 replies      
One trick I've used quite a bit in games I've written is to do a breadth-first search of the entire playfield, with no termination, resulting in data for how to get from any tile to the destination.

This has a few nice advantages:

* Breadth first is trivially broken up to iterate over multiple frames, amortizing the cost of visiting each tile

* It reduces the worst case as the number of enemies scales up but the destination counts are low.

* The implementation in general is very simple

* You can still early terminate if you keep track of the farthest distance a pathfinding layer needs to satisfy.

* No pathological, worst case situations where a playfield becomes very expensive to pathfind. An open field is the worst case.

I first used this in Robokill, a flash game which often had 20+ enemies on the same screen tracking the player. I estimated at the time that it cost about as much as doing A* on ~5 enemies.

In games, the worst (common) case is basically all that matters - a constant 60fps is significantly better than 100fps dropping to 30fps occasionally.

curiousAl 1 day ago 0 replies      
Wow, this is a fantastic visualization of algorithms with scary doctoral-thesis-y names.I love visualizations that make scary things simple.
tokenizerrr 1 day ago 1 reply      
Very nice. If the author is the submitter or sees this, could you please provide some details on what kind of libraries and techniques have gone into creating this? A blog post or something would be great.
noiv 13 hours ago 0 replies      
The above pathfinder is much faster with a binary heap, https://github.com/bgrins/javascript-astar and can be heavily optimized if you know your engine. With SpiderMonkey I get fixed cost of around 1ms for initialization and it checks nearly 2000 nodes in 1ms on a 3Ghz Core Duo with a relative costly euclidean heuristic. So worst case on a 40x50 map is ~2ms. If worst case can be avoided upfront you'll always get a response within 2ms even with a 2000 nodes long path on most maps. It is amazing what one can do with JS nowadays.
newbrict 1 day ago 1 reply      
The recursive visualization is really slow on even moderately complex graphs, otherwise it's a really neat tool
jMyles 1 day ago 1 reply      
In my first bit of play, I just tried to find cases where Manhattan lost to the others. It seems like Manhattan is not as good when faced with a plausible path only to be thwarted at the end - is this right?

Can you show a few cases where Manhattan loses by a landslide?

tejon 1 day ago 0 replies      
Of course it's a gray link... but wow, major enhancements since ~1 year ago when I was on my pathfinding binge. Good stuff! Never did implement full jump-point optimization, though I got halfway there by manipulating queue priorities.
iandanforth 21 hours ago 1 reply      
None of these appear to work in an intuitive fashion. Are there algorithms that better resemble biological strategies? If I create a large walled area, I expect an entity to explore in one direction with a preference with external walls, miss areas and completely fail sometimes.

Here's a cute and furry demonstration of biological pathfinding: https://www.youtube.com/watch?v=HRd5WYrnML4

diziet 21 hours ago 0 replies      
For a similar problem, check out http://www.pathery.com/ - create the longest possible maze with X blocks.
muhuk 23 hours ago 0 replies      
In case you miss the tiny link, here's the source: https://github.com/qiao/PathFinding.js
jokoon 21 hours ago 0 replies      
I recently implemented A* with the help of this website, which really explains it well.


I also used a method to create discrete path between cells, to straighten the path when possible.

poseid 19 hours ago 1 reply      
I wonder if something like this could be used to automatically place components in an electrical circuit (PCB)
jwklemm 1 day ago 0 replies      
Really useful library and great visualizations. I'm having flashbacks to my CS algorithm analysis class.
Keynote by John Carmack at Oculus Connect 2014 [video]
284 points by ivank  2 days ago   48 comments top 16
iamshs 1 day ago 2 replies      
I am only 10 minutes into this talk, but John is one awesome speaker. No PR talk at all, he is speaking his mind freely and in fact started with shortcomings of the product. The segue between different sections is so smooth. I do not have background in VR, but he explains things so smoothly. He is just freely talking about supply chain, and what the product constitutes. And he has been standing in the same spot. What a genuine speaker. Also, looks like Facebook's influence has been minimal. There is just no iota of bullshit in him. I like him already. My first John Carmack video, and I am already hooked. Now onto watching the full video.
Laremere 2 days ago 1 reply      
I love it when John Carmack talks, because he doesn't do marketing speak, and he doesn't dumb down his content. It's just a brain dump of technical info until they (almost literally) kick him off the stage.
gnarbarian 2 days ago 0 replies      
Carmack has been a hero of mine since the mid 90s. He was also the inspiration for me to go into computer science. Always a pleasure to listen to such a technically dense talk on the cutting edge of a subject dear to me. I highly recommend his quake-con keynotes as well for those of you who like this video.
webwielder 2 days ago 3 replies      
Perhaps even more impressive than Carmack's technical chops is his ability to stand in a single spot for hours on end.
jayavanth 1 day ago 1 reply      
Michael Abrash's keynote is worth checking out! https://www.youtube.com/watch?v=KS4yEyt5Qes
justifier 1 day ago 3 replies      
it becomes its own form of marketing speech,carmack was the reason i got involved: financially, temporally, and mentally; and i think the organisation understands this as common for a number of people.. especially 'developers'

the oculus is digital stereoscopy

which is hard with simple stationary fixed objects(i),but combine it with inferred spherical screen encapsulation and it becomes a real challenge, probably a fun one too

you let carmack wax poetic on his interesting ideas to fix this tech and he will talk about latency and hertz and i'll listen with bated breath because i like hearing people talk about solutions to problems

but then i put the headset on and i realise these are hardly the problems befallen the proposed goal

i want someone to address that piece of a person that is lost when they put the headset on for the first time,it almost appears physical when you see it waft out of them

i lost it, my gamer friend who already preemptively developed a defensive cyncism to the tech lost it, the eleven year old i introduce hacking to lost it,and that last one was probably the most signifigant for me to see

i had been using the object sitting on top of my bookshelf as an incentivising mechanism:'finish your project and i'll let you use the oculus'; last week he pushed his finished project but i had other obligations the following week so he had to wait 'two! whole! weeks!' to get to use the oculus

when i picked him up the following week, uncharacteristically early this time.. we both are lax in our punctuallity but he refused to let me be late today so he came directly to me fifteen minutes early.. he went on and on about how he has been 'scared' all day:'scared, but like happy scared'; i tried to explain to him the concept of anxiety but his mind was hurling itself around all of what he was about to become witness to

i put the headset on him and he had fun with it, but when he took it off he became suddenly very pragmatic in his demeanor,he told me he thinks it hurt him,his head, his eyes, something.. he needed a glass of water,i explained that that was because instead of being a virtual reality in which he was transposed to the thing exploits an optical illusion which means your brain is doing a lot more work than it usually does trying to rectify the inconsistencies,if you've ever been frustrated by trying to see a sailboat in a magic eye you know what it feels like to use the oculus

i asked him his opinion:'honestly? ..well, unfortunately a little dissappointed';

i see my position as creating a safe environment for him to develop his ideas so naturally i challenged him to explain himself by defending the technological feat that he was holding in his hand,but the only thing we could talk about quickly became anything other than what we wanted to talk about

so we talked about the tech,i started going all carmack on him and we had fun talking tech but the conversation was clearly avoiding talking about the 'experience' one develops when wearing the headset

i wanted to know what he lost, and asked him to describe the thing he thought it was going to be,he was unable:'i don't know, just different, like? more 3d`ish'; in fashion i told him to explain himself explicitly stead superficially:'but what does that mean? what did you think it was going to be? describe that to me';

'i don't know anymore'

this i understood, but my experience was different,after wearing the headset i started to dream up better ways to do what i thought they were trying to do before i put it on,ways to do what i wanted from virtual reality,they are dreams and some built on the sort of technological feats of dreams but this was and still is my reaction each time i wear it

so yes john, tell me all about your brilliant ideas for fixing latency issues because this stuff is fun,but please acknowledge the baseline of this research is fundamentally flawed as it pertains to the proposed goals

i've stopped calling the oculus virtual reality,the oculus is digital stereoscopy




.(i) the first thing i did with the oculus was pull up two terminals, cat out some of my writing,align vertically,then slowly move one terminal into the field of view of the other eye until the text seemed to stop wonking my brain and really pop out at me

the experience was profound

so, i threw together a little browser playground with two 117px squares,one blue and one pink,i aligned them vertically then again slowly moved one into the field of view of the other eye,and i waited until those two distinct colors overlaid in my mind as a single purple

herein lies the problem:there was a multi pixel range where my brain would close the gap manually, out of my control and rather forcibly;it was impossible for me to find the perfect distance between the two divs,340pxs worked but so did plus or minus 4px from 344px,the perfect'exact`preferred`innate distance was undiscoverable because of the exception handling in my brain's interpretation of my visual input

.. edit:: gramm`err

asadlionpk 1 day ago 0 replies      
Just finished watching, I am impressed at how low-level/technical he can get without boring or confusing the audience.

I have some experience with technical speaking and its very hard to make a technical point without dumbing it down for the audience.

Jacky800 19 hours ago 0 replies      
John Carmack is great technical speaker. His interesting thoughts flows in a continuous stream and as a listener its almost impossible to get distracted.

I wish Carmack does an interview like the one in "Coders at work" format where we can get some insight on

How he approaches debugging,

what tools he uses apart from visual studio.

How does he approaches already existing large code base?

What is the optimal duration to code without interruption.

What techniques does he use to get in to flow state e.t.c..

asciimo 1 day ago 1 reply      
While listening to all of the mitigation strategies that Carmack proposed for the technological challenges, I wondered if you could hack the user. What about drugs? Is there something that can reduce our sensitivity to low-frequency displays and yaw lag? At the very least, motion sickness drugs?
lucasgw 1 day ago 2 replies      
I was in the room - he is a truly dynamic speaker and obviously a super-intelligent guy. I think he went off the rails a bit with the suggestion of interlacing as a potential solution. That makes little sense to me. It's, at best, a short-term solution once you get fast enough displays and rendering. (And as an old-time video guy... just... god, please... no...)
riffraff 1 day ago 1 reply      
Sorry for the somewhat lame question, but is he always that still?

I'm 10 minutes in and I don't think he moved his feet once, and his right hand just a couple times.

It feels very weird for me to watch and I just noticed it now, is there something wrong with me?

walterbell 1 day ago 0 replies      
Nice use of keynote to directly present requirements to engineers throughout the display supply chain, especially in large companies like Samsung.
vertis 1 day ago 0 replies      
This keynote was by far the highlight of the entire conference for me

Second were the amazing demos on the Crescent Bay prototype

Kenji 1 day ago 0 replies      
Nothing Carmack does is ever boring. This man is a huge inspiration for me.
Vanayad 1 day ago 1 reply      
Can anyone tl;dr the new stuff in this version of the oculus prototype ?
bsaul 1 day ago 1 reply      
Anyone's got a link to the slidedeck ?
Larry Ellison Will Step Down as CEO of Oracle, Will Remain as CTO
270 points by jhonovich  4 days ago   88 comments top 13
chollida1 4 days ago 5 replies      
Interesting that they name Co-CEO's in Catz and Hurd. I wonder how that will work, especially given Hurd's "tough to work with" reputation.

Interestingly Ellison will be the CTO. This could be a shit show with 3 people trying to run the show!

I mean does anyone really expect Larry Ellison to start taking marching orders. Will be interesting to watch the short interest on this company!

I think the two headed CEO is what the street expected all along as Catz has been around for ever and alot of people thought that Hurd, the former HP CEO, was promised the CEO title when Ellison resigned.

It looks like they, Catz and Hurd, will split the running of day to day operations as Hurd gets sales, marketing and strategy reporting to him, while Catz will continue to have finance, legal and manufacturing.

Its down about a dollar after the close on about a third higher trading volume than normal. So it doesn't look like anyone is "spooked" by the news.

dm8 4 days ago 1 reply      
If you want to read about Larry Ellison's personality and his management style, you should read - "The Difference Between God and Larry Ellison: Inside Oracle Corporation; God Doesn't Think He's Larry Ellison". (http://www.goodreads.com/book/show/181369.The_Difference_Bet...)

It's one of the best books written on him and the way he managed Oracle right from it's beginnings. He was damn good at selling things.

mindcrime 4 days ago 1 reply      
Not really sure what to say about this. I don't know Ellison, nor do I own Oracle stock, or have any particular interest in Oracle per-se. But nonetheless, I've always seen Ellison as an important character in our industry, and after reading a biography about him, I felt a sort of kinship with him based on some shared interests.

At any rate, it definitely feels like the "end of an era" in a sense. I got my start in this industry in the mid to late 90's when Oracle, IBM, Novell, Microsoft, Borland, etc. were duking it out for supremacy, and - for better or worse - you've never really been able to escape Oracle's shadow to some extent. And Ellison was Oracle, in so many ways.

Edit: It's been a while, but I think this[1] was the biography I read. I'll just say this: regardless of what you think of Ellison, he's an interesting character and reading about the history of Ellison / Oracle is quite fascinating.

[1]: http://www.amazon.com/Softwar-Intimate-Portrait-Ellison-Orac...

smacktoward 4 days ago 0 replies      
I'm guessing he wants to spend more time wringing extortionate license fees out of his family?
ChuckMcM 4 days ago 1 reply      
Demonstrating once again that tech companies really don't "get" succession planning :-) I'm kind of half joking, if you look at a bunch of 'old school' BigCorps, the progression is (CEO->Chairman, SVPx -> CEO, VPx -> SVPx) and then the Chairman of the board retires and the CEO takes on both roles Chairman and CEO, priming the pump for the next cycle.

Co-CEOs have so far been an experiment in disaster, something about not having an ultimate authority seems to really crimp organizations. I wish Oracle well but they have a lot of challenges to overcome, if I were a share holder I wouldn't be all that pleased with this arrangement as it seems to basically leave all the same people in place with all the same problems (Amazon/Google EC2/GCE, MySQL vs NoSQL vs expensive Oracle, Cheap Clusters with High Reliablity vs Expensive Servers, Etc.)

bsimpson 4 days ago 0 replies      
Someone in The Verge's comment section noted that this Forbes list will now need to be updated:


spindritf 4 days ago 1 reply      
The final Larry Ellison scorecard: Oracle stock is up 89,640% since he took the company public in March 1986.


turar 4 days ago 9 replies      
Co-CEOs? I only know one company that had co-CEOs, and that didn't work out well for them.
sebst 4 days ago 0 replies      
joelrunyon 4 days ago 4 replies      
Are there any more details into why he's doing this?
azifali 4 days ago 0 replies      
The end of an era for Oracle that existed as a software (licensing) company. I think that Ellison stepping in as the CTO is probably more important than him stepping down as the CEO.

This move will perhaps will lay the groundwork for the next tens of billions in revenue for Oracle, in cloud based software and infrastructure.

sebst 4 days ago 1 reply      
Will Oracle then become better? Maybe as good as Sun used to be?

just dreamin'...

justinph 4 days ago 3 replies      
What is with the capitalization on the headline on Recode? I read it and thought, who is "Will Remain"?

It should be:Larry Ellison will step down as CEO of Oracle, will remain as CTO

Headline capitalization is pretty easy: Capitalize the first word, then any proper nouns. That's it.

Loyalty Nearly Killed My Beehive
275 points by dnetesn  16 hours ago   86 comments top 23
mudil 12 hours ago 2 replies      
I started beekeeping 2 years ago, and I cannot be any happier about this hobby. It's easy and fun. Bees do not require feeding, cleaning, just an occasional check up. And they give my family the best honey the money can buy.

To start, I read (believe it or not) Beeking for Dummies (http://www.amazon.com/Beekeeping-For-Dummies-Howland-Blackis...). It's a well rated book, and it has all the basic info. Then I watched various YouTube videos.

Then I ordered the following list of supplies. (I buy all my equipment from Mann Lake. $100+ it's free shipping. http://mannlakeltd.com/)

This is a list I recommend:

Note that the hive boxes and frames, are unassembled. Mann lake does have assembled hives. Assembly is easy, and I did it with my kids.

1) WW-605_b Med Hive Qty. 52) FR-811 Med Frames Case of 10. Qty. 5 (so you get 50 frames)3) CV-305 Suit - economy - Medium (Buy YOUR size.) Qty. 14) HD-540 Smoker Qty. 15) CL-620 Economy cowhide leather gloves(Buy YOUR size. This is small) Qty. 16) HD-210 7D Nails (1lb) Qty. 17) HD-220 Frame Nails Qty. 18) HD-620 Hive tool9) HD-660 Bee Brush10) WW-310 Bottom Board11) Your choice of top cover (buy with Inner cover)... http://www.mannlakeltd.com/beekeeping-supplies/page29.html I practice foundationless but some prefer not to deal with the cross comb headaches and use foundation. Foundation part number is (FN-720).

I adopted my hive from Jack at Los Altos Honey Bees (http://losaltoshoneybees.wordpress.com/). He goes and rescues feral colonies.

I also joined Beekeepers' Guild Of San Mateo County (http://www.sanmateobeeguild.org/). The club is great: the mailing list discussions keep me informed about things to do right now, and what to do to prepare for upcoming seasons.

radicaledward 9 hours ago 3 replies      

Just in case anyone read the first paragraph and thought, "Hey that's a good idea!" Honey contains bacteria that causes infant botulism [1]. Once a child has a more fully developed digestive system, this is no longer a problem.

[1] http://en.wikipedia.org/wiki/Botulism#Infant_botulism

flatline 9 hours ago 1 reply      
> Queens typically live for about four or five years

This figure is from an old study that others have repeatedly failed to reproduce. More recent attempts to determine queen longevity have shown they live to an average of about a year, and furthermore failed to find any of significantly advanced age. So it shouldn't too much of a surprise that she only lasted a season. Since there seem to be a few beekeepers hanging out here, I'd be curious to hear anecdotal evidence of queen lifespan.

SEJeff 13 hours ago 2 replies      
Absolutely fascinating article. I'm really glad that HN contains the occasional non-tech related story. It seems somewhat obvious how an engineering mindset transfers very well to other disciplines, and unbeknownst to me, beekeeping is one of them.
k_sze 2 hours ago 0 replies      
I'm a huge fan of ants, bees, and wasps, but I have never kept bees, only ants. There is something I don't understand.

Is there any rational advantage to keeping the beehive alive between the two queens, especially since the new queen is probably only remotely related in terms of genealogy? Is it just so the production of honey, propolis, etc remains uninterrupted? What happens if you let a beehive completely die and then put in a new queen? Would the beehive become too filthy for the new colony to develop easily?

Or does the author's wish to keep the beehive alive only stem from emotional attachment?

Qworg 14 hours ago 3 replies      
If you like this story, I'd unabashedly recommend that you try and keep bees. They are relatively low maintenance, interesting to observe and fun to debug (no pun intended). Success is amazing - both to eat and think about.

The other benefit is psychological - beekeeping requires an almost zen like approach when dealing with the hive. You cannot get angry or flustered, even when surrounded by thousands of bees desperately trying to sting you. You have to focus, be calm, and do the work.

MechSkep 12 hours ago 2 replies      
One of my side projects is building a sensing electronics package to monitor the health and activity of beehives. The idea is to make it easier for someone just starting to maintain their hive.

Any one have feedback on the concept? Or features we haven't thought of?

qwerta 13 hours ago 1 reply      
I never heard of replacing queens, beehive always raised new one. But perhaps there are different methods in Europe.

I have good story to share: we had 10 beehives at cabin in middle of woods and one of them got stolen! We moved remaining across the town to safer location. Carrying 100 pounds out of which 40 pounds are life bees is quite something :-)

gresrun 9 hours ago 0 replies      
My friends are currently serving as missionaries in Tanzania and are teaching the art of beekeeping to help diversify the local economy and diet: http://makondefrasers.wordpress.com/
hiharryhere 7 hours ago 0 replies      
Great article, well written and fun. Though how is nobody weirded out by him just leaving his hive on the roof of an apartment he no longer lives in. What a hilarious dude.
jackgavigan 13 hours ago 1 reply      
There's a whole industry around renting beehives to farmers to pollinate crops: http://www.scientificamerican.com/article/migratory-beekeepi...

There's an interesting supply'n'demand thing going on as a result of the decline in the bee population, coupled with the growth of almonds as a cash crop: http://scientificbeekeeping.com/2012-almond-pollination-upda...

csorrell 14 hours ago 2 replies      
This is why I always recommend new beekeepers start out with at least two hives. If the author had another healthy hive, he could have moved a frame of young brood to his queenless hive and they would have raised a new queen on their own.
S_A_P 5 hours ago 1 reply      
So is there any truth to the "africanized/killer"(I dont know any other way to state it but I dont like the term) bees being more difficult to manage and more aggressive? I live in Texas where they arrived in the early 1990s. I would be leery of keeping bees that were not as docile as the european variety. I am not too worried about getting stung once or twice, but I have heard that the "killer" bees go ape shit once the stinging pheromones have been released and you can get stung hundreds of times in a short time span.
Nanzikambe 10 hours ago 0 replies      
A beautiful article, makes me yearn for that recent-convert's enthusiasm for a new hobby. Reminds me of when I first took up mycoculture. Perhaps I'll get a behive and join the legion of "that guy" :)
beginrescueend 9 hours ago 0 replies      
Great article!

We're on our 3rd season beekeeping; we just collected honey, last night.

In fact, I got my first ever bee/wasp/hornet sting ever, last night, from one of our bees. I was being sloppy, wearing running shoes under my bee suit, instead of boots. It hardly hurt at all, though. (I've had worse mosquito bites; so far, horseflies are the worst bites/stings I've ever had).

We captured our first swarm, this year, and got another hive "for free." Woo hoo!

As far as ordering stuff, since somebody mentioned it, we just go to http://www.beekeepers.com/ to get our gear, since our local farm stores don't carry much.

I am interested in these projects, so I can get my bee geek on, but I don't know if I should commit the time and money to them (any success stories out there)? http://www.opensourcebeehives.net/ http://opensourceecology.org/wiki/Beekeeping http://openenergymonitor.org/emon/node/102

ncourage 8 hours ago 1 reply      
I don't know why I didn't expect this, but this article was the most interesting thing I've read all day. It made me almost feel compassion for the bee hive by my mailbox (if you can call it that), in a hole in the grass. We've tried to be rid of them.
orenjacob 8 hours ago 0 replies      
For those interested, Beekeeping For Dummies (http://www.amazon.com/dp/0470430656) is actually quite a good way to start.We've had our queen replaced by our swarm and it was quite an amazing thing to witness.Our hive/swarm gave more than 40 pounds of honey a year and we kept our whole street well fed with local honey for a few years.And my garden almost doubled in productivity once the bees were in place.A win all around.Sadly a family member developed an allergy so we have to discontinue keeping bees, but it was amazing while we had them and I strongly keeping bees to anyone interested.
andyl 12 hours ago 0 replies      
I have two hives in the yard. (Palo Alto) We produce 10-20 gallons of honey per year. Fun to harvest - kids love to get hands-on. Fun to give away esp to random strangers.
brianbreslin 13 hours ago 2 replies      
My biggest fear of putting a beehive in my parents yard is that it would result in my dog getting stung or my parents.
Thesaurus 6 hours ago 0 replies      
I can't believe I read that whole thing, it was written so well. Quite informative and very interesting.
Elzair 12 hours ago 1 reply      
Is Colony Collapse Disorder largely affecting only domesticated beehives?
hywel 13 hours ago 2 replies      
Kept waiting for this to turn out to be an allegory about a startup.
McDoku 9 hours ago 2 replies      
This is so meta.
TempleOS: 5 minute random code walkthrough
262 points by GuiA  18 hours ago   118 comments top 28
userbinator 54 minutes ago 1 reply      
What makes this amazing is that Linus Torvalds probably wouldn't be able to pick a random piece of code in the Linux kernel and do this.

The fact that it's quite featureful for an OS of ~100kLOC - including an assembler and compiler for a language with some OOP - makes this even more interesting. "The shell is a compiler/interpreter" concept somewhat reminds me of Lisp machines too.

Mithaldu 6 hours ago 1 reply      
These videos already make me inordinately happy, because everything about templeos is beautiful, and having it explained is so very nice. However the most beautiful take-away from these videos to me is that Terry has a bird. :)
chippy 6 hours ago 3 replies      
I want to build in some kind of primitive networking into this OS - just so one machine can talk to another... it's on my side project list. Anyone had much experience with the code?

Also - Love the positive comments in this thread. Proud of this community.

M4v3R 5 hours ago 3 replies      
It makes me sad that even with his illness he delivered more working code than I probably will ever do. Maybe not because I can't, but because I procastinate so much and I really have hard time focusing on doing work.
microcolonel 6 hours ago 0 replies      
I had a conversation with Terry on freenode a couple years ago, back when TempleOS was "losethos".

I was convinced, given the context, that losethos was just computer malware, and he had a hard time articulating why it wouldn't be, and ended up just getting frustrated at the most cursory of questions.

A few days later, somebody who had witnessed the conversation informed me that he was a well known probable schizophrenic, and it really bummed me out that I didn't know or handle the situation better.

While he hasn't convinced me of anything other than that having nice uniform names for types can be helpful(U64, S64, F64, etc.), that conversation gave me some perspective on what it means to be schizophrenic.

desireco42 16 minutes ago 0 replies      
After looking at some of videos and intro, he is onto something with this. You can always run this in vm, I can see how permissions and ownership can get in a way. By using subroutines, he gets every ounce of juice out of his machine.Also document format, based on his description, sounds awesome.
curiousDog 2 hours ago 0 replies      
As much as I appreciate what he did (most of us wrote a bare bones OS in school anyway), I'm not a fan of his racist comments. Some are incredibly specific like "I can't believe a nigger is the boss of a white guy, that just isn't right" or something like that. It's like he has these thoughts actually bottled up but cannot control them because of his illness. Nonetheless, my bad to rain on someone with such an illness. All the best to him.
Igglyboo 6 hours ago 0 replies      
This guy never ceases to amaze me, he's insanely smart and dedicated.
andrewljohnson 6 hours ago 1 reply      
Random numbers coming from God is cute. I'm not a theist, but I also feel awe of the elusive concept of true randomness. I read something about this from him before, and it pops up in the 1st video.

The flashing Menu button and marquee filename are interesting. A distraction to most people, but I wonder if they help the author Terry stay focused.

sitkack 4 hours ago 0 replies      
The world is definitely better off with Terry. Thanks man and keep on doing your thing.
codezero 3 hours ago 0 replies      
I actually like the idea of having to pick a random routine in a large codebase and then explaining it on the fly. Terry does a pretty good job at this, he's done similar things in other videos.
cmdrfred 2 hours ago 1 reply      
I hope medical science can one day find a way to help our friends like Terry find their way home. Until then all we can do is let him know that he is loved and respected by his peers, Terry you are one of us.
callahad 4 hours ago 1 reply      
I love the idea of a built-in hotkey for jumping to a random line across the entire codebase. Like a fuzzer, but for your understanding of your project.

...and now I really want to write a vimscript to do the same.

broken 1 hour ago 1 reply      
"showdead -> yes" is the only reason i have a HN account.
tlo 6 hours ago 4 replies      
Can somebody explain in a few words what TempleOS is?
ivans__ 5 hours ago 0 replies      
Terry is always a huge inspiration to me!
no_future 4 hours ago 1 reply      
Terry is a goddamn hero and an inspiration to us all
gojomo 5 hours ago 1 reply      
What if the giant computing platform battle of 2040 is TempleOS vs. Urbit, because everyone else got neurobricked by the iBrain/mindroid 0day of 2034?
LukeB_UK 6 hours ago 1 reply      
All the flashing bits and marquees... I never thought that someone could create an OS that reminds me of GeoCities
incision 5 hours ago 1 reply      
Neat, subscribed.

I make a point to read TempleOS' comments. Looking past the frequent nastiness they're sometimes interesting and even poetic, in a way that's as sadly familiar as the intonation in these videos.

smegel 2 hours ago 0 replies      
If nothing else, this guy's got staying power.
thaumaturgy 3 hours ago 1 reply      
Does anyone have the code for the PRNG handy, or is familiar with it? It'd be kinda neat to see how that bit works.
MarkPNeyer 4 hours ago 0 replies      
i've been through a lot of psychosis and feel like i can understand this guy. i had a psychotic break in late 2012 and thought strongly that catholicism was created to teach the world computer science concepts.

when you start reading about roko's basilisk, it's not a stretch at all to imagine that primitive human beings exposed to an artificial intelligence would think of it like 'god'.

cschep 6 hours ago 3 replies      
Whhhaaaaat the hell? Is this real?
namecast 6 hours ago 1 reply      
Shine on, Terry, you crazy diamond.

If nothing else, TempleOS is a testament to how much one programmer can accomplish absent feedback or collaboration from others. For better or worse.

elwell 4 hours ago 1 reply      
Let's all hope Terry doesn't learn AI enough to equip TempleOS with the ability to learn (as well as networking). There's is no guessing as to what a randomized OS with a god-complex might do.
Davesjoshin 5 hours ago 4 replies      
How come his rants have a lot of racial slurs? Am I missing something? http://www.templeos.org/Wb/Accts/TS/Wb2/Rants/TAD/2014/09/Ra...
cmdrfred 5 hours ago 1 reply      
What if he's right?
OpenGL in 2014
278 points by ingve  1 day ago   115 comments top 15
c3d 1 day ago 1 reply      
The multiplicity of APIs demonstrates that the problem is hard. The needs of game developers pull the APIs in a specific direction. And these requirements must be addressed, because the games market is huge and pushes the envelope.

But other users may have different needs. OpenGL is used by games, but not just games. For example, at Taodyne, we use OpenGL for real-time 3D rendering of business information on glasses-free 3D screens. I can tell you that my pet peeves with OpenGL have nothing to do with what's being described in any of the articles.

Some of the top issues I face include 3D font rendering (way too many polygons), multi-view videos (e.g. tiled videos, which push texture size limites, or multi-stream videos, that bring a whole bag of threading issues), large numbers of large textures without the ability to manually optimise them (e.g. 12G of textures in one use case).

Heck, even the basic shader that combines 5, 8 or 9 views into one multiscopic layout for a lenticular display makes a laptop run hot for a mere HD display, and requires a rather beefy card if you want to have any bandwidth left for something else while driving a 4K display.

Many of these scenarios have to do with limitations of textures sizes, efficient ways to deal with complex shapes and huge polygon counts that you can't easily reduce, very specific problems with aliasing and smoothing when you deal with individual RGB subpixels, etc.

Of course, multiscopic displays are not exactly core business right now, so nobody cares that targeting them efficiently is next to impossible with current APIs.

fizixer 1 day ago 0 replies      
It seems no one has mentioned the long peaks fiasco yet, which is an important part of understanding OpenGL history and the committee(s) in charge of the standard:


TL;DR: This is not the first time people are pissed at OpenGL. Last time when industry, developers, etc were sick and tired, around 2006-2007, and it was decided to do something about the API, an effort was initiated. Once the work was close to finishing, those who had seen the glimpse of this yet-to-be-released API were excited and were eagerly waiting for the release. Then the OpenGL committee vanished from the scene for a year or so, and when it re-appeared, it released the same old shitty API with a handful of function calls on top of that.

zerebubuth 1 day ago 2 replies      
OpenGL might well be the "only truly cross-platform option", but it seems to me that, for games or mobile app development, getting stuff drawn on screen is only part of the problem. The rest is about doing so with the minimum use of cycles - either for better frame rates or better battery life. I can easily imagine that this is a classic 80/20 problem, with the 20% that takes 80% of the time being adequate ("butter smooth") performance.

So, given that the capabilities of the graphics hardware can vary a lot, how closely can a single, unified API like glnext approach optimal use of the hardware? And without the kinds of platform-specific code paths which are necessary under current OpenGL?

sheng 1 day ago 4 replies      
All the whining and complaining makes me wondering how anyone was able to write something with OpenGL at all. This is fascinating because a great amount of people were actually able to write awesome Games and Applications with this API.

Look at the whole lot of mobile devices. I have no numbers to base this statement on but I would be bold enough to claim that OpenGL is thanks to the multiplatform ability by far the most successful graphics API out there. The set of devices that brings some or another form of OpenGL support outnumbers other graphics platforms. This alone is a huge accomplishment. Heck, even Minecraft was able to run on PowerPC systems until they pushed the java version supported[1].

But now I need to look at the link and have to admit that the criticism is still correct. The API is still pretty rough and could see some improvements. I know this myself, I also played around with OpenGL at some point. There is a lot of boilerplate code that needs to be written before you can start yourself with the real game. This was always the case. This is why we always had an engine, a framework to built on.

But to say that it all is a huge pile of shit is a little bit harsh

[1] https://help.mojang.com/customer/portal/articles/884921-mine...

pjmlp 1 day ago 1 reply      
Now they just have to create ONE single API, instead of forcing everyone to write multiple code paths to target the various flavours, extensions and drivers workarounds.

Specific graphics APIs only matters when graphics middleware is not an option.

Which OpenGL always requires. Since the standard leaves out how image/shader/texture/fonts/GUI/math are handled.

I think the commoditization of engines will be the second coming of the OpenGL 2.0 - 3.0 stagnation, if they don't improve on these areas.

maaaats 1 day ago 1 reply      
We need OpenGL as an alternative. What would Direct3D have been today without competition? But at the same time, GL is such a PITA to use directly that I don't bother without some middleware abstracting it away.
illumen 20 hours ago 1 reply      

OpenGL is now available to more people than ever. By an exponential amount.

It is supported by all major browsers. From IE, to Firefox, to Chrome, to Android, to iOS, and more.

bhouston 1 day ago 1 reply      
Great article, thank you! Any news as to when we will get a WebGLNext?
frozenport 1 day ago 0 replies      
We all got messed up with the transition to OpenGL 4 and now we are gonna have another OpenGL? I don't see OpenGL getting out of this funk until the language you learn today will be useful tommrow. Perhaps, a new API is a step in the right direction but things are gonna hurt bad bad for years to come, especially when OEMs don't support the API.
shurcooL 1 day ago 1 reply      
My current approach is to use Go and target WebGL as the lowest common denominator, but with OpenGL (and/or OpenGL ES) backends as well.

That way graphics code written once can run on OS X, Linux, Windows, browser (including iOS).

fulafel 1 day ago 0 replies      
On Linux you could in principle use the lower level hardware specific command issuing APIs as well. Mesa is not a privileged library.
BadassFractal 1 day ago 6 replies      
The saying is that total rewrites are always a bad idea. It'll be interesting to see if this one would be an exception to the rule.
shmerl 1 day ago 0 replies      
Is there any ETA for OpenGL-next?
Stolpe 1 day ago 0 replies      
So basically, "OpenGL in 2015" will be great!
_random_ 1 day ago 0 replies      
Whoever doesn't force me to use C/C++ or JavaScript.
FBI and Secret Service Files: Aaron Swartz
265 points by signa11  2 days ago   125 comments top 7
pocketheyman 2 days ago 2 replies      
Kind of interesting, according to the case file, the PACER records were being pulled en masse during normal court hours (typically when courts are also accessing the PACER database). A user noticed that PACER was going slow and notified PACER of the apparent slowness. Looks like they investigated, shut the PACER system down and were able to detect the requests were coming from an Amazon Web Hosting account linked to Swartz.

I find this interesting because it wasn't some flag on the PACER system screaming "HEY SOMEONE IS DOWNLOADING THESE EVERY TWO SECONDS" but instead was noticed because some law clerk was irritated at how slow the server was at responding.

manifesto 2 days ago 7 replies      
A reminder: the petition https://petitions.whitehouse.gov/petition/remove-united-stat... has not been responded yet, after more than one and a half years.
nutate 2 days ago 4 replies      
Was there ever an argument beyond 'information wants to be free' to this? Let's say PACER docs were being pulled and hosted elsewhere. What if case information was updated as per part of the legal process, aka person X is now innocent. How does this change to past case documents get propagated to the 'illegal' mirror?

This is interesting because I think we do want an authoritative document store and that, yes, we hence need to pay for its upkeep. So if he had mirrored and hosted all of these cases, they would've been merely snapshots of past history, not the curated corpus that PACER has.

The same could be said of scientific papers where large retractions are handled by the journals, but may be lost by some mirrors.

Information quality, provenance and current validity is more important than the trope of 'wanting to be free.' Once information passes into the 'historical' realm, perhaps it should/must be free, but when we are in the malleable phase it's irresponsible to 'mirror once' without knowing how to get pushed (or pull) updates.

Look at how the Linux kernel mirror system works, push mirroring, etc. The scrape method doesn't pass the smell test if you really want to provide a service beyond point in time archiving (aka archive.org).

Regarding depression, suicide and unfair persecution I'll withhold comment.

vajorie 2 days ago 2 replies      
How come no one even bothered to remove his full address and ssn from the records?.. On the other hand, even the very names of people who approved and drafted the documents are removed.
herge 2 days ago 1 reply      
Wait, were the case files for Aaron Swartz classified or just never made public? What would be the reasoning for classifying his case? How was he a threat to national security?
yuhong 2 days ago 1 reply      
On PACER fees, IMO a good compromise is to only charge for the actual court documents retrieved. No charging for search results, docket listings etc, and there is already a $3 cap on documents.
jdong 2 days ago 3 replies      
What makes this case such a big deal? Swartz did something that was obviously illegal and got caught.
Faced with change, an all-female indie dev team evolves to a higher form (2013)
223 points by hnal943  3 days ago   196 comments top 16
dgreensp 3 days ago 6 replies      
Im certain that if I had children, I would be failing at my job.

Ive hit my 30s, a period when it seems as if all of my friends suddenly have kids. Thats a priority shift completely incompatible with my goals. Startups require that you give it all or go home, routinely requiring long nights, longer weekends, and blood and toil. If you arent willing to put in the hours, eager replacements are standing behind you. If I fail, the women I work with will be out of their jobs.

It's this fearful attitude, lurking in the minds of bosses and employees, that is the problem facing women in the workplace who want to have children, more than anything else. (For example, I put it at the root of poor leave policies.) It's called sexism when it comes from a man, but here (from a female boss) it's clear it's just culture (American culture?).

I just had my first kid, and my wife had to go back to work at six weeks. I'm a software engineer, and she's a medical device rep in trauma. Unlike me, she can't work from home, she carries a pager, and she can't choose her work hours or reduce them. She wasn't itching to go back to work either; she loved being at home with the new baby. However, you do what you have to do. Some new moms do quit their jobs, especially if they weren't making much more than they'd save on childcare by staying at home, or if it was a crappy work environment or an unfulfilling role anyway. However, for many, it's not an option not to work, and being a software developer is actually a pretty cushy gig that I would wish on moms everywhere.

If you're afraid for yourself or someone else of having kids, go out and talk to some power moms.

mikeleeorg 3 days ago 0 replies      
I'm pleasantly surprised the comments here aren't overly caustic.

And I really liked this article. As an entrepreneur who has structured my life around my family (i.e. work from home, flexible hours), I can empathize with Brianna and Amanda's points of views. The entrepreneur in me is obsessed with development and deadlines and shipping. The father in me is obsessed with spending time with my daughter. There are times when both are at odds, and while I like to say I always make the right decision, I don't. It's a tough struggle. And it's a struggle I am very conscious of, because I have competitors who don't have or want to deal with similar constraints.

But honestly, I often think these constraints make me a better entrepreneur than I used to be, because I am forced to be strict about my priorities and time. If something is a waste of time, I don't give it a second glance and move on to something else (HN notwithstanding, ahem).

up_and_up 3 days ago 1 reply      
> Im certain that if I had children, I would be failing at my job.

Quality not quantity.

I work as an engineer for an NYC startup and have 3 kids. No, its not easy, but yes you need to reset your priorities. Life becomes more focused on fewer activities. Once the kids get a bit bigger its not as time intensive.

I work roughly 6:30am - 8:30am and then 10am - 5pm M-F.

I have many other friends who are engineers at fast moving companies with 2,3,4 or more kids. Its definitely doable.

If your company is asking you to work hours and hours maybe there is something wrong with their product development process or business plan.

Stop worrying and start procreating!

mutagen 3 days ago 1 reply      
I'm glad I read this despite the link title, which is appropriately based on the article's sub-title (The title, "Choose Your Character", is even less descriptive). The article hits on some of the startup and indie gamedev work-life balance issues that affect everyone and some unique to women.
melling 3 days ago 0 replies      
I believe this team was interviewed on Debug.


hrktb 3 days ago 0 replies      
A bit OT, but I think it's refreshing to have a character like her in the tech seen, vocal and taking the spotlight in a lot of places.

At first I was thrown off by the very douchy looking attitude, it felt too much like overcompensating. And I'd hate to work in her company for so many reasons, the burning startup mindset being the main one.

But this article, as her Debug interview or the Isometricshow podcast also show other facets that are pretty fair, balanced and well thought. The podcast particulary brings hilarious and soul crushing moments alternatively, I'd recommand to anyone wanting to hear something a bit different.

incision 3 days ago 0 replies      
I'd liken worries about staying productive while raising children to worries about being able to run a marathon.

You're probably safely certain you couldn't do it tomorrow, but that says little about your ability to do it 9 months from now and nothing about what the next person is capable off.

Ask around and you'll find supremely productive people who do both.

jbrooksuk 3 days ago 1 reply      
Wow! It's lovely to see Brianna doing well, I interviewed her back in 2012 - http://james-brooks.uk/interview-with-brianna-wu/


robertfw 3 days ago 3 replies      
Here is the game in question: http://www.revolution60.com/

The feedback in the article was spot on. The characters look decidedly anorexic.

wmeredith 3 days ago 1 reply      
Regardless of subject matter, hot damn this person can write. I hope she's putting some of that spark into her games. That was riveting.
DarkIye 16 hours ago 0 replies      
This article is really long and has no easily discernable point. Can someone highlight it?
Paul-ish 3 days ago 2 replies      
How has the game and her indie studio fared today?
spopejoy 3 days ago 2 replies      
It's completely hilarious that this article would bring the anti-PC haters out of their cave. There is absolutely nothing in this article about PC, it breaks the script in numerous ways:

- referring to her employees as "girls" instead of women

- her conflicts about her employee's pregnancy

- fretting over the attention to female-image issues in games, wondering if "the only way to win this game is not to have women at all"

I guess as long as a tech writer dares to use the female first person, HN will be deluged with comments from "gahh I HATE politics" know-nothings plus their more anti-social brethren. It's even curious there would be such focus on the boss being childless, this is so not the point of the article. I would probably criticize her cheezy i'm-so-rad-on-my-red-motorbike aesthetic before even thinking about gender stuff.

If there's a bright side to all the defensiveness, it suggests that the recent focus on gender is working. Much like the Anita Hill hearings brought out all sorts of ugliness out on the way to sensible anti-harassment policies, we're witnessing the next evolution.

metafex 3 days ago 5 replies      
It's silly how much goes into correctness in games nowadays. You'd have to make an Asteroids clone just not to offend anybody (except sentient asteroids...).

Just make your game fun, challenging or whatever your goal is and have fun making it. And of course you can put in interesting looking characters, it's called art :)

Also, to the politics topic: Oh I hate that so much, it only takes one person to mess up whole teams and the worst thing is if it's one of your superiors. It's horrible when you can't do anything but change your job (been there, done that).

edit: to the downvoters, please read the whole thing and my response down there, if you still disagree, no hard feelings :)

edit 2: From the article, one of the points I was referring to

"Why are they all white? sneered a liberal friend of mine before launching into a 20-minute screed about how offended he was by the naked shower scene in Heavy Rain."

wmt 2 days ago 0 replies      
Are you sure you're on the right forum? The kind of hateful comments your every comment appears to be are not needed here.
foobarbecue 3 days ago 0 replies      
By "aspirational" I suppose she meant "inspirational"?

(As for the article itself, I only made it through a few paragraphs. I assume it was going to be about sexism and reproductive discrimination in the workplace, which I think is a serious problem. Part of this problem is solved in Sweden, where a couple can split maternity / paternity leave any way they like.)

Tim Berners Lee slams Internet fast lanes: Its bribery.
235 points by esolyt  2 days ago   86 comments top 15
josteink 2 days ago 1 reply      
So the man who decided that DRM in HTML5 was a good thing has an opinion on the well-being of the world wide web, eh?

Sorry if this sounds bitter. I'm just posting from a browser unable to access HTML5 content at a regular interval. It's an open source browser, and the suggested "fix" is always using a closed-source browser, OS or both.

I thought this web-thing was supposed to be open and cross platform?

jbza 2 days ago 1 reply      
I can't help but wonder if the fate of Internet infrastructure will follow that of transport infrastructure (Build-operate-transfer : http://en.wikipedia.org/wiki/Build-operate-transfer)

Based off history, it seems that private ownership of common property is doomed to fail.

7952 2 days ago 3 replies      
I am in favour of net neutrality but worry that everyone is defending a status quo that is still bad. For most consumers and buisness access to the net is hardly free in a financial sense. Entry level bandwidth on AWS/Azure/App engine is still very expensive and seems completely overpriced compared to storage.

For the consumer lack of last mile competition and monthly contracts make competition almost impossible on a day to day basis. An entrepreneur could setup a WiFi hotspot in an area with poor coverage but no one would use it because we are all trying to do everything on a 3g data plan.

I want competition for last mile access that allows the consumer to connect based on the best connection available regarldess of who has provided it. Companies should be paid for providing bandwidth and it makes sense to ask large players like Facebook and Nextflix to pay the bill ($0.2 per GB to guarantee a fast connection to the user should be reasonable). The only way to break the telcos is to fund open compeition.

twirlip 2 days ago 0 replies      
See, telling Congress that something is "bribery" and expecting Congress to think that's something bad is just wishful thinking on TBL's part, bless his heart.
linguafranca 2 days ago 3 replies      
How does this ISP issue affect the internet outside the US? I'm guessing it's not really going to change "The Internet" as a whole, just us in the US.
teddyh 2 days ago 0 replies      
More like a protection racket, really.
rayiner 2 days ago 7 replies      
M-W defines "bribery" in relevant part as: "money or favor given or promised in order to influence the judgment or conduct of a person in a position of trust."

It's only "bribery" if the recipient is in a position of trust. The ISP's are not. They are just businesses operating their wholly private networks. Paying someone to use their private property for your benefit isn't "bribery." It's a basic commercial transaction. E.g. it's not "bribery" for me to pay an Uber Black driver more than an Uber X driver to take me somewhere.

McCoy_Pauley 2 days ago 0 replies      
What ISP's say to companies who want to use the internet, "Either you pay us to access your customers, or we break your kneecaps." This is about both monopolies and mafia business tactics.
vrama 2 days ago 1 reply      
Internet has long provided the opportunity for a new comer to challenge the status quo because of net neutrality. Now we are creating a barrier of entry and it is going to be hard for new startups. American dream is correlated to equal opportunity for everybody irrespective of the background. That's what is stake at here.
yarrel 2 days ago 0 replies      
Simply use DRM. Some media can be marked as "slow download" and the web browser has to respect this.

Write it into the HTML spec et voila! One happy Tim Berners-Lee.

3327 2 days ago 0 replies      
Not to be feared. Let it pass. Please let it pass. This is all that is needed for a company like google or someone else to disrupt the system. This is the final chess piece for Verizon and similar scum to finally get run over.
RA_Fisher 2 days ago 4 replies      
If we don't allow ISPs to throttle things like Netflix, isn't the impact that all other packets might suffer latency? In that case, is NN a subsidy to large content producers?
zwieback 2 days ago 3 replies      
Did Tim envision internet bandwidth consumed by Netflix? Is the current mix of content we consume something he approves of?

Instead of staking out absolutist positions it would be helpful to come up practical solutions now. Some form of fast lanes is inevitable over time and just maybe it could improve the situation of people like me who would likely remain on the "normal speed" lanes.

nickik 2 days ago 1 reply      
I think that offering a range of diffrent models of threwput and latancy can only be good for the internet as a hole.

What I am conserned with is this, I want to tell the ISP what packets should run with what characterisitcs. I am completly against the ISP making deep packet inspection and deciding the selfs what packets to drop or dely.

I think like in everything else, when you have a finite resources you need a market. Having every packet be the same and then just randomly drop them, is just bad for the internet as a hole. We need QoS we need to be able for some services to run with priority.

When I play video games or skype I dont wanne wait, if I torrent every episode from a podcast the latency does not intrest me so much.

So Im am PRO net neutrality in this sence, the ISP is not allowed to look into my packets and change there priority.

Can the World Really Set Aside Half of the Planet for Wildlife?
236 points by benbreen  3 days ago   193 comments top 26
grondilu 3 days ago 5 replies      
> the sixth mass extinction event, the only one caused not by some cataclysm but by a single speciesus.

Not so sure. IIRC there are reasons to believe that the big one, the Permian-Triassic extinction, was due to methanosarcina, an archaean genus. OK, that's not a species but a genus, but still.

It's a bit naive to think that all extinctions events happen because of some geologic or celestial event. Sometimes, evolution goes terribly wrong and sh.t hits the fan. Either it is by releasing nefarious gazes in the atmosphere, or creating a Primate intelligent enough to rule and consume most of biosphere.

spodek 3 days ago 3 replies      
The question is not can we.

The question is what standard of living do we want for species in the long term.

We can always live more comfortably today by consuming non-renewable resources that make our world sustainably enjoyable, but at the loss of the benefit that resource would later give. Slash-and-burn farming does this. As do putting up a mall over untouched land, burning fossil fuels, and overpopulation, for example, all of which do the opposite of setting aside part of the planet.

Business people know the concept better than anyone. They know a company is in trouble if it sells an asset whose operation produces profit to pay for current operations.

We can set off as much of the planet as we like and live in as much abundance per person as the planet can sustain indefinitely, though not as much abundance per person as we can today by consuming non-renewable resources. Using up those resources today only impoverishes future generations.

We can do either. What do we choose?

drzaiusapelord 3 days ago 2 replies      
I can't imagine us doing something like this for animals when we can't even do it for Ukrainians. From a political perspective, aggressive nations will always be seeking out annexations/territorial control and limiting the amount of land for human use would only encourage this. I mean, we're already discussing oil territorial disputes in multiple locales as well as upcoming "water wars" as unavoidable.

I don't think humanity is up to the task. This proposal sounds like something out of a sci-fi novel where everyone is a Marty or Mary Sue or some benevolant engineer dictator is running the show. In real life, guys like Putin don't give two shits about life and will march troops on a whim to obtain resources.

junto 3 days ago 3 replies      
The joker in me wants to say that they already have more the half, but most of them can't swim.

The serious me thinks that trying to prevent a mass extinction is noble, and should be widely supported.

burtonator 3 days ago 6 replies      
It needs to be a HARD set aside.. perhaps only trials and fire roads too.

NOT what the US does with "national forest"... IE it's pseudo wilderness. They let ranchers use it to raise their cattle and lets companies harvest trees and mine it.

DodgyEggplant 3 days ago 2 replies      
We should consider a single plastic toy, bought from Amazon, used for a few months and thrown away: The material and minerals are taken from the ground, factories to produce it, ship to the harbour, overseas, to stores, to the consumer, and then - disposal? For what? Animals are living creatures, that inspired (and still inspire - so many movies, stories, sport teams, logos, metaphors) humanity for ages. Many, many daily things we can really live without. Think shoedazzle. Do we really need new shoes monthly, or "get obsessed"[1] about shoes? Can we at least buy something with better quality that lasts for years? This shopping and comforts have a cruel irreversible price tag on animals and wildlife. Add to this wars and conflicts all around the world, and the results are devastating.

[1] Home page of http://www.shoedazzle.com/

sxp 3 days ago 2 replies      
Humans only live on a small fraction of the planet even when you limit the area to dry land.


monsterix 3 days ago 2 replies      
It is possible.

One of the discussions that spurred here in my cubicle was: How? How can we set aside half of the planet for anything other than ourselves? It's impossible! With almost every nation, state or person out there worrying about their piece of land it surely must be impossible.

But not quite.

Use Nuclear Leakage & Irradiation. Like the one that led to the Red Forest in Chernobyl [1].

'Radiological Reserves' are probably the only way to set aside a large area for animals/plants with a guarantee that humans will not come by. Not in the next 10,000 years!

Eat that! :)

[1] http://en.wikipedia.org/wiki/Red_Forest

dfc 3 days ago 2 replies      
It is strange that modern agriculture employs crop rotation in order to increase yields but we do not do the same thing for harvesting food from the ocean. CBC's The Nature of Things recently had a series about the state of the oceans. During one of the episodes they showed the success of marine reserves in New Zealand. I am having trouble finding a good link but the turn around was amazing.

Currently less than 1% of the ocean is protected. Greenpeace has been campaigning to set aside a large amount of the ocean as a "marine reserve." http://www.greenpeace.org/international/en/campaigns/oceans/...

Htsthbjig 3 days ago 1 reply      
In the future, yes I believe so.

Today I believe there is no way.

The world approaches population stabilization. Japan 's population is going to go down. So is China, Germany, Spain...

As we reduce illness in Africa and increase automation people need less children.

Population will get a peak and then not grow anymore.

If we solve fusion energy we will be able to plant vegetables or plankton underground, in floors, in a much more efficient way, as we will be able to have a stable temperature all day long, with pests controlled without using chemical products, just controlling physically the access, and very near the places they are consumed.

tatterdemalion 3 days ago 1 reply      
I think the only ultimately sustainable solution is not to "set aside" any percentage of the planet for wildlife, but to develop ways of living that are not based on a differentiation between spaces of civilization and spaces of wilderness. Our species is naturally a node in a complex set of ecological systems, and instead of trying to detach ourselves from that system we should find a way to achieve our goals while living within it.
bmh100 3 days ago 0 replies      
There are fundamental cultural issues that will need to be addressed for civilization to reach sustainable, large populations. Yet, even if we do undergo a mass extinction, it may be slow enough that we can actively intervene in the ecology to prevent the collapse of civilization. With the rise of synthetic biology, advanced genetic engineering, realistic ecological simulations, and perhaps AI-engineered organisms, it may be exiting. We could be on the cusp of an unprecedented explosion in new genes, phenotypes, biochemistry, and general biodiversity.
zaroth 2 days ago 0 replies      
"Without any human intervention, here is a forest with tall, straight trees that are rather widely spaced, plenty of sunlight and lots of open, grassy meadows. Longleaf branches out only after its high overhead, where glistening needles up to two-and-a-half-feet long are arrayed in pomponlike sprays. Below the branches is empty space a hawk can glide through."

Sounds beautiful!

jccooper 3 days ago 0 replies      
See also: http://www.americanprairie.org/ -- an effort to link public and private lands to create a 3 million acre preserve of the Great Plains ecosystem. That's pretty big, but not even close to the scale this article considers.
chiph 3 days ago 0 replies      
He needs to talk with the Florida DOT about building wildlife bridges so the animals can safely cross roads and rail lines.
nroets 2 days ago 0 replies      
A good starting point would be scrapping agricultural subsidies. Since South Africa scrapped it, a lot of farm land was turned into wildlife farms.
futbol4 3 days ago 1 reply      
according to NOAA http://www.noaa.gov/ocean.html 71% of the earth is Ocean leaving only 29% land. So the goal is for 14.5% of the earth to be set aside for Wildlife? That is a terrible title for an article. 14.5% != 50%
naringas 3 days ago 0 replies      
>Can the World Really Set Aside Half of the Planet for Wildlife?


rasz_pl 3 days ago 0 replies      
just nuke some land, worked great for wildlife in Cernobyl
thisjepisje 3 days ago 0 replies      
Majority of the planet is ocean, so maybe they could.
lotsofmangos 3 days ago 0 replies      
We could set aside 90%, if we turned agriculture over to nuclear powered subterranean farms.

It isn't so much what can we do, as what can groups of people be bothered to do collectively and whether anyone else is going to complain.

kolev 3 days ago 0 replies      
Our society is very irresponsible. Every holiday is a nightmare for the planet. The tons of junk, wrapping, and throwaway stuff we consume will be ridiculed from future generations. Not to mention the time and energy (literary, too) wasted for shopping. I stopped buying birthday decorations and try to educate my kids to stop having these merchant-inspired "festivities". All junk from Easter, Thanksgiving, Christmas, and the endless kids' birthdays piles up to a ton per year. Be responsible as we're leaving a huge liability to the future generations and our children and grandchildren, which we care the most about! I'm really disappointed at the Waste Management Recycling Centers who refuse to take anything, but CRV just recently. I invest time and pile up tons of non-CRV recyclables and they do not take it anymore.
squozzer 3 days ago 1 reply      
I guess it depends upon how many humans one must move or exterminate.
ilaksh 3 days ago 2 replies      
Not sure why I bother trying to talk to you people anymore, but I will go ahead and throw out an idea that I assume you will simply reject because it goes against your belief system.

We should not worship nature to such a high degree. Yes, we should try to conserve wild areas as a buffer against mistakes and for basic enjoyment. And we are not doing a good enough job of that.

But the assumption is that basically the wild areas have some sacred process or system going on that we cannot possibly ever aspire to understanding or surpassing.

First of all, there is absolutely no separation between the "wild" world and the "human" world. The idea of a natural world that is separate from a human world is an oversimplification that has become misleading.

Everything in the world, including people and the things that we make, from human feces, to plastic trash bags to rocket ships and computers, is the result of the same natural physical laws and processes involved in the universe.

The planet sees itself with billions of eyes. The planet thinks with billions of tiny minds.

The cities, roadways, and agricultural fields that cover increasingly large areas of earth are part of the natural evolution of the planet.

Its hard to really convey especially since we are so far down the line of nature worship, but part of what I am trying to get across is that humans have already surpassed nature in some ways, and if we haven't already done so then we can create environments that do.

I think it will be easier to appreciate this type of thing once we become a multi-planet species. Or at least get a colony on the moon or something.

Because part of the nature worship is the reality that we only have one biosphere to support us. We need to fix that.

But another thing -- this does tie into Malthusian population control, eugenics, classism, etc. There is an inherent disgust for the dirty masses that is hidden behind the earth worship. We have to remember the value of human life.

transfire 3 days ago 4 replies      
This will only become possible when a couple for important milestones are reached --and they a biggies. First we have to get rid of a lot of the roads. And that can't happen until personal flight becomes common place. Second human population has to stop growing, in fact it needs to shrink even now. We are already reaching upper limits on agricultural and water availability. Unfortunately, while the former is difficult enough, the later is near impossible due to the dominance of infantile religions.
No, You Cant Manufacture That Like Apple Does
223 points by brk  4 days ago   101 comments top 18
mgkimsal 4 days ago 5 replies      
It's pretty much the same in software too. I often get requests for functionality and when I say "no, we can't do that", I get "Why not? Amazon does it".

Hrmm... Amazon has dozens of people working and supporting just that one feature. You're trying to engage me to do an entire project. On a fixed budget. With a fixed time frame. And you've changed your mind 3 times in the last 3 weeks on key points.

Of course, yes, there are amazing things you can do with software that weren't remotely feasible even just 5 years ago. But there's always a moving target - the market leaders (Apple, Google, Amazon, etc) are constantly pushing the boundaries of what's considered 'normal', and most people have 0 idea of the real cost and effort involved in having the functionality come across as polished and error free as the big boys.

josefresco 4 days ago 3 replies      
Forget fancy techniques, just scale alone is enough to shock you when looking into manufacturing. We got quotes from various providers at $4-$12/part. Meanwhile, in grocery stores, department stores, even dollar stores we would see similar products (using the same materials) being sold for $1-2.

The difference is mostly related to the number of parts being ordered. For a startup, ordering 100,000+ parts just to get pricing reasonable is a no-go unless you (or your backers) take a major risk.

Makes you feel like getting off the ground is almost impossible, when you can't even get your wholesale cost below the retail cost of similar products.

foofoo55 4 days ago 1 reply      
The main point is that manufacturing, especially high-volume, consumer, apple-quality products, is very hard and requires serious expertise. Such startups should bring in such mechanical & production engineering expertise, because the hardware becomes as important as the software & electronics.

The irony is that many software startup wizards brush off mechanical design the same way that naive managers treat software development. "It's just a [box/case/app/website], how hard can it be?"

taylodl 4 days ago 1 reply      
Thanks to follow-up research after reading this article I now know what an ejector pin mark is, and now that I know I see them everywhere! Gah!
serve_yay 4 days ago 3 replies      
The more you know this sort of thing the harder it becomes to believe that Apple makes the same things everyone else does but with fancy marketing.
noir_lord 4 days ago 2 replies      
$12 for a box at scale, well damn!

Use 100% recycled cardboard and print the box in a single color water based bio-degradable ink.

Then claim you do this to save the environment, win-win ;).

zwieback 4 days ago 0 replies      
Not mentioned is the challenge of managing a good CM in China or Malaysia. If you're small you get what everyone else does, at higher prices. If you're huge you can groom your CM and make sure you get what nobody else does, at a lower cost. Of course sooner or later the manufacturing knowledge leaks out so it's a rat race even for someone like Apple.
eitally 4 days ago 0 replies      
This is why -- for example -- Flextronics opened their Lab IX [1] in SV last year. In cases where hardware ideas are good ones, it makes a lot of sense for the guys with the manufacturing expertise to get in the loop early on. They can incubate, invest, and indulge in some of the wild stuff innovators want but can only be executed with $mm of equipment.

[1] http://www.labix.io/

psychometry 4 days ago 1 reply      
There are so many acronyms in this article that aren't defined. Maybe I'm not the intended audience for this article, but it's pretty hard to understand when you don't know what CM, CNC, or BOM mean. Is it really so hard to use the <abbr> tag?
qwerta 4 days ago 3 replies      
Article does not mention capacitive touch screens. Apple basically build its own factories (and subsequently entire industry) to manufacture for iphone 1.
lazylizard 4 days ago 3 replies      
but apple is not the only large luxury goods manufacturer, right? how does louis vuitton do their thing? or leica? or rolex? if anything, aren't lv and rolex the orginals at mass producing/marketing luxury goods?

separately, i imagine not just leica, but the entire optics industry has answered the question of precision/quality at scale before?

and finally, there're more , right? like mercedes-benz, bmw, lexus, porsche, medical instruments, the aerospace industry... don't all of them have to solve 'quality at scale' problems?

and at smaller scales..parker pens? zippo lighters? swiss army knives?

and then..something like http://www.muji.us/store/ could be good enough as far as the perception of quality goes?

ashish01 4 days ago 5 replies      
Then how did Nest do it?
niels_olson 4 days ago 0 replies      
Aren't turbine blades also grown from crystal before machining? Even Apple doesn't do that...
whizzkid 4 days ago 2 replies      
This article actually misses some key points while it is telling the truth.

Most of the things mentioned in the article is correct BUT,

If you are going to make a product and you think that your product is going to be as revolutionary as Apple was at the beginning, then don't worry. You will be good to go.

If you can provide a unique, mind blowing product just like Apple Lisa in 1983, you can sell it for really unrealistic prizes.

Apple Lisa was sold for US$ 9,995 at the time it was released. You could buy a new house around $86000.

So the question is not how expensive is going to be, the real question is,

Is your product mind blowing?

DarkIye 3 days ago 0 replies      
Seriously? Most founders' ideas hinge on their hardware product looking sleek? This is progress?
at-fates-hands 4 days ago 1 reply      
When did Apple go from manufacturing ordinary hardware to making that leap where they had the financial resources to truly make something incredibly unique and beautiful? Was it one product one year, or did happen over a span of years where they had smaller increments of change?

I'm curious to know how a company can get to a point and say, "Ok, we can do something really cool, on a massive scale and make it successful." Is a slower transition, or more of an abrupt change that takes place?

snowwrestler 4 days ago 2 replies      
Surprising statement that the box might be the most expensive single element of the iPhone.
ww520 4 days ago 0 replies      
Build a Facebook lite for such and such...
sshrc make your ssh sessions feel like home
233 points by Russell91  3 days ago   43 comments top 20
DrewRWx 2 days ago 1 reply      
Ouch, this is a better version of what I submitted a few days ago [1]. I guess that's what I get for trying to emulate the unwieldiness of ssh_config.

[1] https://news.ycombinator.com/item?id=8324538

gburt 3 days ago 0 replies      
I feel like this should be out of the box ssh functionality. This is exactly what I've needed my whole sshing career.
c3RlcGhlbnI_ 2 days ago 0 replies      
I made myself a simpler version of this a while back. I would simply put the rcfile in a folder and then host that folder with:

  python2 -m SimpleHTTPServer 12345
Then you can just use something like the following function to get a remote session:

  sshrc() {    ssh -R 12345: -t ${*:1} 'bash -c "bash --rcfile <(curl -s"'  }
This has some nice side effects in that you can then just host your vimrc the same way. I think you can get vim to load plugins from a http runtime path too, but I have never looked into it.

Doing it this way has its own quirks though.

derekp7 2 days ago 0 replies      
Something similar, which allows you want to extend shell scripts to a remote system transparently is "rpcsh" -- take a look at:https://gist.github.com/derekp7/9978986

This function allows you to push out local functions, variables, and arrays to a remote system. There is an updated version in the client script for my backup utility (snebu), which also includes getting remote variables returned to the local shell script, and also bouncing through sudo.

Should I move this to a regular project on Github, or keep it in the gist?

TravisLS 2 days ago 0 replies      
Well, this post read my mind. Literally my first thought waking up this morning was "why don't I have some way to use my .vimrc over ssh?" I open up Hacker News and voila!

Very nice - clean and simple.

possibilistic 1 day ago 0 replies      
I was thinking of putting together a crude hack to implement just a subset of what this offers. I cannot thank the authors enough. I'm trying this out the moment I get home.

I feel as though we should have had first-class support for portable environments all along, and it shocks me that we haven't considered building this kind of facility before. This could be a game changer. Like vim package managers and other sensibly modern things, I totally expect to see this evolve to become the new norm.

I see this kind of configuration:

* global personal configs (lightweight, truly global settings for work and home)

* local overrides (work, home, per machine, non-SSH)

* remote overrides (SSH machines)

Global configs should be portable everywhere. For everything else, I see a system capable of merging several such configs and matching the current environmental and capability context.

donw 2 days ago 1 reply      
Fantastic. Looks like a perfect complement to my Workspace[1] script, and way easier than having to git push/pull my dotfiles directory.



laumars 2 days ago 1 reply      
I do something like this manually. I set up an alias on my home that copies a locally stored environments file onto any server I ssh onto.

Pretty simple stuff to set up, but allows for some pretty powerful configuration

jamiesonbecker 1 day ago 0 replies      
Love the elegant simplicity. Should we add something like this to Userify (https://userify.com) or perhaps offer to pull your dotfiles (.bashrc, .vimrc, etc) from Github?
larrybolt 2 days ago 1 reply      
I wonder if it would be able to make it work with mosh (http://mosh.mit.edu/), which would be awesome!
jph 2 days ago 0 replies      
Eureka! This so simple to use and so useful -- I'll use sshrc every day now. And the embedded xxd -ps is a clever copy. Great idea Russell. Thank you.
jeroenjanssens 2 days ago 0 replies      
As a complement to this nice tool, I can recommend sshfs [1], which enables you to mount a remote machine as a local folder.

[1] https://www.digitalocean.com/community/tutorials/how-to-use-...

alexbel 1 day ago 0 replies      
Is it possible to source my dotfiles?

Something like this:

# .sshrc

source ~/.bashrc

source ~/.alias

nha 2 days ago 2 replies      
What would it take to adapt this to also source other config files ? I'm thinking about gitconfig and vimrc, but I'm sure there could be more.
userbinator 2 days ago 1 reply      
"make your ssh sessions feel like"
1945 2 days ago 1 reply      
I wanted this 10 years ago, thank you!
bsg75 2 days ago 1 reply      
Are there any security implications using this? It sounds very handy if not.
dobrescu 2 days ago 0 replies      
this is pretty awesome! any hint on how to load the vimrc config by default without the actual :so?
spc476 2 days ago 2 replies      
How is this any different than .bashrc or .bash_profile?
linguafranca 2 days ago 1 reply      
I've seen tool after tool that tries to make SSH'ing into a remote machine more "comfortable", but I honestly don't do enough remote work over SSH to make it worth the time required to set it up. I probably spend an hour or two over SSH per week, and Ubuntu's minimalist shell defaults are perfectly fine for the little work I do.
Bad Notes on Venture Capital
220 points by brentm  4 days ago   84 comments top 21
grellas 4 days ago 4 replies      
With seed funding, founders need to accomplish several goals: (1) raise early money as a bridge to Series A to avoid having to take large money right up front when valuation is at its lowest and the dilutive hit will be at its maximum; (2) keep equity incentives priced relatively low so that a quality team can be assembled without giving its members tax grief; (3) keep transaction costs in raising the money reasonable; (4) move to close relatively quickly to avoid getting sucked into the fundraising time sink.

Convertible notes and convertible equity (SAFEs) both allow founders to meet these goals in ways that equity rounds simply do not. In this sense, they have incredible value as tools to be used by an early-stage startup.

Are they perfect tools? Well, no. Each has its own limitations and problems and each can be abused on either the company side or the investor side. Founders routinely used to take uncapped convertible notes, build value, stretch out the process, and leave the investors getting ever-diminishing rewards all the while that their money was being used to build that value. Investors wised up and began insisting on caps to avoid such abuses. They wanted to protect the idea that they would get significant extra rewards for taking the earliest-stage risk. It was not enough, e.g., to get a 20% price discount at Series A if you convert at $20M pre-money valuation when the company was probably worth no more than, e.g., $5M at the time you invested the seed money. The investor insisted on locking in that ceiling on valuation as a means of self-protection. Does this result in occasional windfalls to bridge investors who take capped notes (or SAFEs)? Yes, it does. Does this arrangement have attributes of something that resembles a liquidation preference in its functioning? Well, yes, it does. Ditto for the full-ratchet anti-dilution attributes. These things are very real attributes that do affect the value of using these tools for founders and their companies. They add to the negative side of the ledger.

But let us say that your startup had to give four times the value in Series A preferred stock relative to other investors to the hypothetical investor noted above ($20M valuation, $5M cap). What does this mean? If that early investor put in $300K and the Series A round was for $7.5M, the early investor might have gotten a windfall but the impact on the round is small because the dollars involved are not large. And if the venture did not do well and the Series A round priced at $3M, then that same investor would still get something like a 20% discount off the lower valuation instead of having had to peg his fortunes to the $5M value used for the cap as he would have had to do had he taken equity. But so what? The dollars are still small and it doesn't matter relative to the value and utility offered by using the convertible note (or SAFE) tool. And, for every "windfall" gained by such investors, you have all sorts of cases where the failure rate is particularly high because of the extreme risks existing at the earliest stages before it is even determined that a company is truly "fundable."

The value of notes and SAFEs is flexibility. Your occasional investor will get special advantages but these are not unduly costly to you as a company. And you have a good measure of control over how you do things. Your first note can be capped but, as you gain traction, later notes can be uncapped. You can raise money at any time without having to worry about creating tax risks and without having to mess up your equity pricing. You can do the number of notes and in the amounts you immediately need. You don't have to go through endless negotiations over the sorts of things that can accompany an equity round (especially protective provisions and similar restrictions on what a company can do). You avoid giving your new investors a veto right or other significant say on what you can do in future rounds, as you would normally have to do if you did an early-stage equity round using preferred stock.

Basically, there is a whole different dynamic in using notes/SAFEs versus doing an equity round. And, in most cases, it is a useful and valuable dynamic for founders and their companies notwithstanding the trade-offs. In this sense, the main idea of this piece that I would strongly disagree with is its suggestion that using convertible notes is somehow a sucker deal. It can be if done wrong but it most often is just the opposite.

Another metric for measuring the relative value of these tools is to see who is using them. Convertible notes have had massive and widely dispersed use now for many years. The most sophisticated investors have had no problem with them in general, and that includes the VCs who lead Series A rounds in which converting noteholders get the benefits of their caps and take more relative value in the round than the VCs themselves do.

As with anything else in the startup world, founders need to use good judgment. The points made in this piece are informed and technically accurate. And they do underscore some clear disadvantages in using notes/SAFEs. My point is that, notwithstanding these defects, notes/SAFEs retain great utility for founders in the context of the broader issues they need to address (minimizing tax risks, keeping stock price low, keeping transaction costs down, etc.). And so this is a good piece to add to your knowledge base but it should not deter you from using non-equity forms of seed funding as long as use of these tools meets your bigger goals. You have control at that stage. Use that control wisely.

patio11 4 days ago 7 replies      
Is there an entrepreneur willing to say "Yep, tried them, got bitten in the hindquarters", even anonymously? I don't necessarily disbelieve here but it strikes me that VCs have the curious property of always giving fundraising advice which is in the interest of VCs. I acknowledge that somewhere in this wide world there may actually be a VC motivated primarily by friends-and-family getting appropriate compensation for risky investments but that is not the way I will bet.

My understanding -- limited, in that I've been a party to two but from the other side of the table -- is that a major reason they became popular is because they take the fangs out of collusive behavior by investors. The Valley had evolved a "Well, I'll invest if you get a lead" "Well, I'll lead if you close $X" system which froze out a lot of companies if the founders didn't have deep, pre-existing social networks. "You want a lead!" sounds a lot like wistful nostalgia for this gatekeeping behavior. I understand why a gatekeeper would see it that way. I don't understand why the gated would.

AVTizzle 4 days ago 2 replies      
Posts like this make me realize how amateur and inexperienced I am. Seriously.

I've taken it for granted for the past 3 years now that convertible notes were universally regarded as the best and smartest form of fundraising for seed rounds, just based on what I've found and read in various places online (lots of it here on HN, for that matter...)

And here we have Suster laying out clearly the opposite side of the argument in a way that humbles me. This is clearly an area that I have a lot to learn from people much smarter than I.

Most YC companies go on to raise rounds using YC's SAFE, which is an adaptation of convertible notes, right? If so, I'd love to hear a YC partner (or partners) address these points.

abalone 4 days ago 1 reply      
Here's the thing that's left out of this investor-friendly analysis, and why Suster is wrong about the "irrationality" of no-cap deals: For smaller angels, access to the deal itself is valuable.

Small investors don't have access to Series A. That's why the analogy with the stock market is broken:

"Can you imagine investing in the stock market where your price was determined at a future date and the better that company performed the HIGHER the price you paid for that investment."

The reality is angels don't have the option of purchasing the stock after the seed round. So, it can make perfect economic sense for an angel to pay a premium to get access to a deal. And if that premium comes in the form of pre-paying for a chunk of the Series A (one way to look at a no-cap deal), that can make sense -- perhaps even more sense that an enhanced seed valuation would. A discount would be sweetener on top of that. But to be clear: there is a rational case for smaller investors taking no-cap deals in order to get a chunk of the next Facebook, which they otherwise wouldn't be able to get.

Seed rounds present a unique intersection point for founders & smaller angels where their interests overlap. I think the bigger-sized investor community are somewhat threatened by that, and that's why we're seeing such a sophisticated campaign against no-cap convertible notes. But the climate is now competitive enough and small-angel platforms are getting enough traction that you can sense their anxiety that no-caps may be coming back, to the great benefit of founders.

joshu 4 days ago 0 replies      
So here's how the preference multiplier happens: when the company raises an equity round, you calculate the new share price, and the noteholders are assigned the investment's worth of shares. However, because of the change in value, they would get more preferred shares per dollar invested than the new investors.

So generally you get just the original price's worth of preferred and the rest is common.

jsun 4 days ago 0 replies      
Wow. this is misleading. Convertible notes are the best things to happen to startup founders in the history of fundraising.

Take a modern convertible note to an angel investor from the pre-bubble 90's and they'd laugh you out of whatever coffee shop you happen to be sitting in.

All of the "examples" shown in the blog post make irrational arguments. Show me one scenario (in numbers) where using a convertible note for a seed round was suboptimal compared to an obtainable equity deal.

If I didn't know better I'd think this was an example of a VC trying to smear an awesome instrument so hopefully they won't have to compete with investors willing to write them.

Brushfire 4 days ago 1 reply      
The benefit of convertible notes / SAFE's is that you get the invested cash IMMEDIATELY. This is a non-trivial benefit for most startups.

When raising a full round of capital, say 1M, you don't get any of it until you 'close', after everyone is committed.

Convertible notes allow entrepreneurs to build progressively towards a close, without waiting for all the cash to come in -- which might come too late. So, sure, if you're flush with cash, then convertible notes are a worse idea relative to a priced round. But when is that ever the case when fundraising?

randylubin 4 days ago 1 reply      
It's my impression that everything he says, if true, can also be applied to YC safe. Is that correct?


tptacek 4 days ago 2 replies      
The second vignette in this article has Suster suggesting that convertible notes carry liquidation preferences and anti-dilution. Does he mean that some subtle property of convertible notes create those terms in practice, or does he literally mean that if you read the note paperwork you'll find a 2x liquidation preference and a full ratchet?
lightedstar 4 days ago 0 replies      
Why don't convertible notes in the friends in family scenario just set a multiple that will be suitable in the case equity is diluted? In this case it seems the main interest in supporting an entrepreneur they believe in and getting their money back - ideally at a better return than they'd get elsewhere. For example, would a 2x return on a convertible note pose any real problem to investors in subsequent rounds?

Glad to see so much discussion about it. After taking Venture Deals with Brad Feld and Jason Mendelson through Kauffman Fellows Academy / Novoed, I'm quite curious about trends on this topic.

tsunamifury 3 days ago 0 replies      
All of this is a distraction game played by VC's to avoid the real point of entrepreneurship.

Make a product worth something to a target market. Sell it or get enough traction. Find a company who would like to buy you or go public based on your growth.

All this other stuff is a distraction created to keep you from focusing on what you are here for. To build great things and sell it for profit.

Otherwise... whats the point. The best negotiating term is having a great product. You won't raise your way to a product/market fit.

sandGorgon 3 days ago 0 replies      
Does anyone have a valuation model spreadsheet that accounts for multiple rounds of convertible note financing, and purposed towards a Series A conversation ?

As a founder, I have tried searching for these but never managed to find one.

I'm not sure if it is an India thing, where investors actively discourage convertible notes because of the availability of several pounds of equity flesh in exchange for angel stage funding.

vasilipupkin 4 days ago 0 replies      
How often do companies that end up doing a round below the original cap ( effectively a down round ) actually recover and do well? Does this really matter? Seems like it is such a big risk to investors to invest below the cap that they should be appropriately compensated for it, which is what the discount accomplishes
ForHackernews 4 days ago 3 replies      
I don't really understand any of this. What are "convertible notes", what's a "cap"? Is there a beginners glossary somewhere?
jacquesm 4 days ago 0 replies      
Super good piece, required reading for anybody currently founder or co-founder of a start-up and considering convertible notes.
rahooligan 4 days ago 2 replies      
according to this the main problem with notes is a down round can get you into a lot of trouble because of the liquidation preference multiplier. but what if you never have a down round? if you can avoid the down round, it seems like convertible notes are still preferable. down rounds are bad even with priced seed rounds.
AndriusWSR 4 days ago 1 reply      
Any more good pieces regarding this topic? Super interesting!
taytus 4 days ago 0 replies      
Only morons start a business on a loan - Mark Cuban https://www.youtube.com/watch?v=KYneLGRTgy8
api 4 days ago 0 replies      
Check my understanding?

So convertible debt isn't really debt-- it's an equity investment with deferred closing and terms. Right?

I can see then how this can lead to bad outcomes for the entrepreneur (behaves like a full ratchet if there's a cap) or bad outcomes for the investor (you've deferred the conversation and agreement on expectations). But at the same time it is in some ways simpler, and you get the cash immediately. Right?

Hmm... this is interesting. He suggests setting a price. So let's say I want to raise convertible debt... he's suggesting that one instead says "I'm raising one million at X" and sell convertible notes with a fixed price instead of a cap? What would that look like?

notastartup 4 days ago 0 replies      
does this mean that the founders in that story accept money based on the agreeement that whatever the VC thinks their stake is is what will be the valuation? I'm a little fuzzy on how this works.
mmphosis 4 days ago 2 replies      
VC wants to make money.

VC wants to make money off of your work/startup/company.

VC makes money using the given terms.

When it comes right down to it. The money they "give" is not given. It is a loan with terms and conditions. You need to be aware of this. You need to know what a loan is. It is money you are borrowing that you must pay back WITH INTEREST. Find out how much interest that is.

"Its like we need a finance 101 course for entrepreneurs"

Debt money is bad. I realize a lot of people will tell you that this is how the world runs, or this how they run their business, or I got successful in business taking out a big loan, etc and so on. Like the gambler, they don't tell you about all the losses.

Save your money. Keep your work/startup/company.


I've read that Microsoft has always had enough money in the bank to operate for a full year without making any money.

Rust lifetimes: Getting away with things that would be reckless in C++
224 points by dbaupp  2 days ago   90 comments top 11
missblit 2 days ago 2 replies      
In C++ if the string is a rvalue reference you could std::move it into part of the return value. Think a signature like

    template<typename T>    std::pair<std::string, std::vector<std::string_view>>    tokenize_string(T &&str);
This would be efficient when the user passes a temporary, and it would be safe.

Which isn't to say the Rust solution isn't totally cool. Being able to easily check this class of errors at compile time is probably a lot nicer than needing to learn all the relatively complicated parts that would go into a easy to use / safe /efficient / still slightly weird C++ solution.

svalorzen 2 days ago 5 replies      
Or, you know, instead of returning two C pointers which in modern C++ makes no sense, return a vector of `std::pair<size_t,size_t>` with position and length of each substring, and if needed use `std::string::substr` to extract the parts you need.
bsaul 2 days ago 2 replies      
Which makes me wonder :

1/ could you build the same unsafe behiavor in Rust if you wanted to by not specifying lifetime constraints ?

2/ If yes, shouldn't lifetime constraints be mandatory ?

enjoy-your-stay 1 day ago 0 replies      
In C++, the best way to hand out pointers to anything where the creator may not necessarily be the last one referencing that object or chunk of RAM is to use reference counting, which would have solved the posters' problem.

It would mean that you would have to wrap the incoming string in a class, and probably add the tokenize_string method to that class. Then you would also have to wrap the results vector in a class that then addrefs the original string wrapper class.

But after that, handing out pointers to the contents of the string would be no problem as the results class would addref the string class and then release it when done ensuring that the string wrapper class remains alive as long as the results object has not gone out of scope.

Of course Rust's approach of alerting you when your code path causes dangling pointers is also interesting, but I wonder how that would work if you were to link against a static library that handed out references to internal objects like that - could the compiler see the scoping problem?

asuffield 2 days ago 4 replies      
There's an obvious extension here for lifetime inference - the example given doesn't need to be an error, it could compile correctly by increasing the object lifetime to the outer block. I don't know offhand whether there is a universally correct inference algorithm for that (if every other language feature was static then unification would solve it easily, but the other language features are not static and I don't know how it would interact with rust type inference).
shmerl 1 day ago 0 replies      
> The function get_input_string returns a temporary string, and tokenize_string2 builds an array of pointers into that string. Unfortunately, the temporary string only lives until the end of the current expression, and then the underlying memory is released. And so all our pointers in v now point into oblivion

So what stops you from returning a shared pointer in case of get_input_string? Then take over that ownership and use it. It's still a potential problem that v is logically disconnected from lifetime of that pointer, but at least you could avoid the problem you described.

keeperofdakeys 2 days ago 0 replies      
Just as an aside, the &str is not stored as two pointers, but a pointer and a length.
overgard 2 days ago 2 replies      
This seems like the kind of place where std::shared_ptr would really shine. The author's point on the danger of pointers is well taken, but some of the new pointer types get around a lot of these issues. You couldn't use it to point into the middle of the string, but if you paired it with some offsets you wouldn't have to worry about the ownership of the pointer anymore.
GoGolli 2 days ago 0 replies      
Rust is the best complicated language I have seen!!!!!!
Yardlink 2 days ago 4 replies      
Is there are reason this language exists? They're solving a problem that's been solved many times over for at least 2 decades in the form of managed languages.
linguafranca 2 days ago 6 replies      
I'm hearing an awful lot about Rust on HN, even though afaict it still does't have a basic http package yet, limiting the main types of apps I would build with it. Maybe I'm in the minority, but perhaps we can slow down on Rust news until it's a little closer to usable?
The DEA failure that prevented a potentially major medical breakthrough
204 points by Alex3917  1 day ago   70 comments top 9
chroma 23 hours ago 9 replies      
If you haven't tried MDMA, I strongly recommend it.[1] I've used it twice in the past six years, and it has completely changed how I interact with others. Rolling on MDMA drastically curbed my social phobias. All of my negative social emotions: my neuroticism, my self-consciousness, even bitter emotions such as envy; all of them disappeared on MDMA. Afterwards, I felt as if I'd been cured of a mental illness. While I'm certainly not as outgoing and selfless as I would be on MDMA, I've moved my typical behavior closer toward that. It has made me a healthier, happier human being. More importantly, my interactions help others much more than they used to.

It is a tragedy that some parts of the US government try so hard to restrict this drug. I fully agree that it is a powerful, dangerous drug. Still, for most purposes, the benefits almost certainly outweigh the harms. I think future generations will look back on this as a moral failing of our time.

1. In moderation, of course, and mega-caveats for anyone who has a family history of schizophrenia. MDMA is not good for your brain. However, I think for many people it may be necessary to use the drug to open a figurative door. I wish better drugs existed, but research in the field has been stifled.

eksith 23 hours ago 3 replies      
I often wonder if our civilization is in some sort of false vacuum.

While it's true our lives are better than in the Middle Ages, stories like this and the myriad of misconceptions and outright lies that follow cannabis really demonstrate, superstition still rules law. We've clothed ourselves in technology, but not wisdom.

SeanDav 17 hours ago 0 replies      
That last line is just astounding:

The drug that had been mislabeled as MDMA and proven so horribly toxic that it had stopped Michaels study cold; the drug that was far more toxic than actual MDMA, methamphetamine, already was a prescription medicine.

bsaul 19 hours ago 1 reply      
Before young people here start harlem shaking their brain, remember that if you're here, there's a high chance that your brain is your work tool. It's what you make your living with. So take good care of it, and be cautious.

I don't know a drug smart enough to recognize bad memories from good ones. Most of those Dr Frankenstein's pills effects have been found by random, and as this article shows research on effects is very much a work in progress.

jrapdx3 21 hours ago 1 reply      
FWIW I just got home from a professional meeting at which a topic was the pros and cons of cannabis legalization (as in WA or CO).

The relevant part of that presentation was the potential real therapeutic value of some of the 400 or so component compounds resident in the natural botanical plant material. The problem was that studying the possible effects is impeded by the requirement for special permission to use cannabis (or fraction thereof), since its a Schedule 1 drug.

Furthermore, the only legal source of cannabis is that which the federal government supplies (grown in Mississippi), which is very limited. That's a shame since preliminary studies suggest certain compounds in the plant may indeed have therapeutic applications.

Other countries have gone further in studying cannabis (Israel was mentioned by the presenter), but until the DEA policy changes, study will remain minimal in the US.

Unfortunately, removing restrictions in individual states is not very helpful since cannabis preparations produced in one state can't legally be shipped to other states, a severely inhibiting factor for medical research.

Similarly, risks and benefits of MDMA have had minimal systematic evaluation. Anecdotal reports are not considered "evidence" in the world of science, as everyone reading here should know. The only way certain drugs will be studied is to work toward changing DEA policy, there's no getting around it.

asnyder 23 hours ago 1 reply      
I highly recommend watching Peter Jenning's informative and entertaining documentary "Ecstasy Rising" which outlines much of what this article describes but with a bit more investigatory goodness.


themartorana 15 hours ago 0 replies      
They did the same thing to research in to Ibogaine.


jpatokal 23 hours ago 2 replies      
So administering meth instead of MDMA was a colossal fuckup, but why is that a "colossal DEA failure"? The fault seems to lie squarely with the researcher in question and/or their supplier, unless you buy into the conspiracy theory that the DEA was behind switching the drugs.


imperio59 22 hours ago 6 replies      
Are you kidding me? LSD/Acid lodges itself in fatty tissue and can cause people to re-experience acid trips at random when those acid crystals dislodge themselves years later...

If you want to really fuck up your life then go ahead and take LSD. Can you imagine years after taking a drug and driving down the interstate and having a flashback and getting into an accident? What about holding your 3-month old and dropping them because you just had an acid flashback?!

This is total BS. People who are stressed out need better nutrition, sleep, and to get people who are stressing them out off their backs. What they DON'T need is an acid trip.

Another Patent Troll Slain. You Are Now Free to Rotate Your Smartphone
203 points by VanL  13 hours ago   19 comments top 6
crhulls 3 hours ago 3 replies      
Startups can pool together to fight these guys. My company, Life360 got sued after raising $50m. They thought this meant we had money to write checks from, but instead we decided to use it to fight.

We're basically being sued for allowing you to click a marker on a map initiating a phone call.

This obviously should never have been patented, so we are doing all the legal defense work and sharing it with the startup community.

See www.stopagis.com if you want to see how we really pissed off our troll.

And public shaming also works, the CEO of our troll didn't own his domain, so we bought it and drive traffic to the site whenever people search for his name (Malcolm Beyer www.malcolmbeyer.com). They don't like that we "aren't playing by the rules".

r00fus 5 hours ago 5 replies      
"Rotatable sued us and immediately asked for $75,000 to go away. We refused. And we fought. Its Rackspace policy to not pay off patent trolls, even if it costs us more to fight. Eventually Rotatable offered to just walk away but we refused again. Just as we promised last year, we challenged the patent and the USPTO invalidated it.

This means that Rackspace will not pay one penny to this troll, nor will Apple, Netflix, Electronic Arts, Target, Whole Foods or any of the other companies sued by Rotatable for how they use screen rotation technology in their apps."

It surprises me why there aren't joint defense funding efforts in place to put these industry pests to bed... Clearly Apple, Google and Microsoft would have been next on Rotatable's target list if Rackspace had caved - and like weeding, rooting them out early will prevent infestations.

Is it because the big corps perhaps view the trolls as worth their pain - what function could they serve?

ps4fanboy 5 hours ago 1 reply      
This has really bought rack space a lot of good will in my mind. Everytime I read an article like this I find myself wanting to do business with them more and more.
arbuge 5 hours ago 0 replies      
>> We are still fighting some of the trolls that have come after us and we expect to win those cases too. Without changes in the law we believe that the only way to end the plague of patent trolls is by fighting every troll that comes at us and we encourage all others to do the same.

Needless to say, Rackspace can afford this strategy whereas smaller companies, who have no full-time attorneys on staff and little funds to retain outside counsel, generally cannot. A change in the law is needed to legislate patent trolls out of existence is still needed, basically yesterday.

luxstyle 5 hours ago 1 reply      
Why do trolls still try to sue Rackspace? They publicly proclaim their anti-troll policy. If 88% of these cases kill the troll when they go through the courts fully, I would stay well away from them if I was a patent troll.
dthunt 2 hours ago 0 replies      
I am a strong advocate of the following principle:

Defeat your enemies.

Rackspace deserves some big props, here. More should follow their example.

Alibaba Raises $21.8B in Initial Public Offering
212 points by SuperKlaus  4 days ago   106 comments top 10
skuhn 4 days ago 18 replies      
Alibaba going for a higher selling price just makes the continued undervaluing of Yahoo itself increasingly hilarious. At some point, I would think someone will want to buy them for all of this free money they have sitting around.

  YHOO market cap : 42.3bn  + liabilities : 3.7bn  = 46bn (to own outright)

  Cash on hand = 1.1bn  + Other assets = 15.3bn  + Cash from Alibaba sale = 8.3bn  + Value of remaining Alibaba stock = 22bn  + Value of Yahoo Japan stock = 9bn  = 55.7bn (of value, if you can unlock it)
So simply by buying them, firing everyone and selling everything in a firesale, without even cashing those checks from advertisers, you can make $9.7bn. Seems like a sweet deal.

bane 4 days ago 4 replies      
Gosh....that's barely more than WhatsApp. Woulda done better selling it to Facebook.

More seriously, the Economist put a valuation at $55-$120b. This puts it at $168b. Or 9 WhatsApps. The IPO was expected to raise $20b, so this is really good.

It took 3 years after founding in 1998 to reach profitability.

It defies most conventional notions of a startup, despite having started in somebody's apartment. It's unbelievably unfocused, it does pretty much every kind of business you can do on the Internet.

It might be one of the first Asian-style conglomerates to be born on the Internet.

There are plans for it to open brick and mortar stores.


piettro22 3 days ago 0 replies      
Well....you guys have to look at the bigger picture: Alibaba was rejected by HK stock market the first time around, then Jack decided to take it to NYSE. Of course 21B is nothing in comparison to the other big brothers like Facebook, but ask yourself this question: what really is Alibaba doing in China? For one, Alibaba is about trading on the international scene, and its seed Taobao is like eBay China version; then they are into car manufacturing as well, not to mention Alipay being the paypal of modern day China....clearly, that 21B he raised can't even cover a lot of the expenditures for development. What Jack really is doing is to get his company that global recognition. Any of you can name ONE brand/company that based in China on top of your head? Well, that's what Jack is trying to do. You think he's unfocused? How about this: for someone who owns the e-commerce platform of the world's 3rd biggest country, he is utterly focused on becoming "China's international brand." Don't forget, China is the jumping board, and Jack is the pioneer. Once he claimed first, who will remember the ones from the subsequent ranks?
pstrateman 3 days ago 1 reply      
This seems like a pretty bad deal for foreign investors.


aresant 4 days ago 1 reply      
"[Yahoo] will have raised nearly $8.3 billion through the offering"

If I'm reading that right Yahoo stands to triple their cash position almost overnight which today stands at around $4b.(1)

Given Marissa Meyer's appetite for acquisitions this puts them into a potentially interesting new ballpark of scale.

(1) http://finance.yahoo.com/q/bs?s=yhoo

dave1619 4 days ago 1 reply      
Here's a link to the Alibaba IPO Roadshow Presentation,https://www.youtube.com/watch?v=sa9R2SqZsHM

I highly recommend watching it. To save time, watch it on Chrome at 2x speed.

jacoplane 4 days ago 0 replies      
Planet Money had a decent piece on Alibaba recently: http://www.npr.org/blogs/money/2014/09/03/345310125/episode-...
baddox 4 days ago 1 reply      
> Though it did not claim the title of biggest initial public offering ever, Alibaba will still lay claim to having held one of the biggest stock sales on record, surpassing offerings from Facebook and General Motors.

If you're curious (I was), Wikipedia puts the Agricultural Bank of China as the largest IPO, with Facebook at number 6.


lurkylurk 3 days ago 2 replies      
A bit off topic: Is there a good site to keep track of all tech IPOs and including historical data and upcoming/withdrawn IPOs?
vrama 3 days ago 0 replies      
Yahoo can buy 30 tumblrs with the alibaba money. That's neat.
Transducers by Rich Hickey at Strange Loop [video]
199 points by sgrove  3 days ago   50 comments top 9
tel 2 days ago 4 replies      
First, to be clear, I really liked this presentation. The criticism below is both technical and small---all in all I greatly enjoy Rich Hickey's work and generally admire his ability to talk compellingly about complex technical topics.

That said.

I somewhat disliked Hickey's presentation of typing transducers here. I feel as though he builds a number of strawmen toward typing and then tries to knock them down and suggest that either Clojure has some kind of mystical mechanism that is ineffable to types or that the exercise of typing transducers is wasteful. I disagree on both accounts, I suppose. I think types are useful for analysis and teaching.

The two major points he seems to make is that in order to "properly type" transducers you must

    1. Index the type of the "accumulation so far" so        that it cannot be transformed out-of-order    2. Implement early stopping "without wrapping anything       except for the reduced value"
There may be other critiques as well, but I want to examine these two in the context of Haskell.

With respect to the first point, the major concern appears to be prohibiting behavior loosely described as "applying the reducing function, say, 3 times and then returning the first resulting accumulation". In some sense, the idea is to force us to be faithful in passing on the accumulating parameter. In code, a pathological setting is the following:

    transduce :: (r -> a -> r) -> (r -> a -> r)    transduce reduce accu0 a =       let acc1 = reduce acc0 a          acc2 = reduce acc1 a          acc3 = reduce acc2 a      in  acc1
The concern is unfounded in a pure language, however, since calling `reduce` can have no side effects. This entails that all possible effects on the world of calling `reduce` are encapsulated in the return and, therefore, we can completely eliminate the steps producing `acc2` and `acc3` without worry.

    transduce :: (r -> a -> r) -> (r -> a -> r)    transduce reduce accu0 a =       let acc1 = reduce acc0 a      in  acc1
Now, there may be concern here that we still want to index the `r` type somehow to allow for changes of accumulation to occur. This is not the case (in this simple model!) as in order to achieve the "baggage carrier independence" property the `r` type must be left unspecified until the transducer is actually applied. The cleanest way to do that is to use a higher-rank type (Hickey mentions these briefly and offhandedly toward the end of his talk)

    type Transducer a b = forall r . (r -> b -> r) -> (r -> a -> r)
which thus prohibits the implementer of a Transducer from affecting the values of `r` in any way whatsoever---they must be left anonymous until someone decides to use the Tranducer on a particular collection of values `a`.

(It must be noted that the model given above is isomorphic to a "Kleisli arrow on the list monad" which I described a little bit here http://jspha.com/posts/typing-transducers/. It should also be noted that this model includes neither (a) the ability to use local state to capture time-varying transductions or (b) the ability to terminate early)

With respect to the second point, I'd like to suggest that there is a difference between the semantic weight of wrapping the result types in an Either in order to indicate early termination and the implementation weight. I completely agree that using an Either to implement early stopping (as it's easy, if finicky for the library implementor, to do) will involve wrapping and unwrapping the "state" of the transduction continuously. I also would like to suggest that it's a very natural way of representing the "accumulation | reduction" notion Hickey uses in his own "Omnigraffle 8000 type system".

We really would like to capture the idea of the transducer state as being "either" in-progress or fully-reduced and act accordingly. If Clojure's implementation of that requires fewer runtime tags than an Either, so be it, but I personally fail to see a semantic difference except in the way one can play fast-and-loose with dynamic types over static types to begin with.


So, I gave above an implementation of Transducers in types which has some of their properties, but certainly not all. In fact, I abused the fact that there is no ambient state in Haskell in order to ensure that a certain property would hold (notably this doesn't require a type system at all, just purity). I also argued that using Either is a perfectly natural way to implement early termination in such a transduction pipeline.

I've also made an extension to the `(r->b->r) -> (r->a->r)` mechanism which enables local state to be enabled for various components of the transduction pipeline. A version without early termination is available here:


Notably, this uses most of the same typing tricks as `(r->b->r) -> (r->a->r)` but adds a "reduction local hidden state" variable which lets us implement `take` and `partition`. This takes Hickey's notion of needing to be explicit about the state being used to a whole new level.


So what is the point of all this?

I'd like to argue that Transducers do not present such a mysterious mechanism that they cannot be sanely typed in a reasonably rich language. I believe that I can capture most of their salient features in types without using the dependent indexing Hickey suggested was necessary.

More than this, the compartmentalized, hidden reducer-local state in the Gist implementation allows for each reduction step to include fairly exotic local states in their state machine. You could implement a kind of type indexing here if desired and no end-user would ever know of its existence.

I also absolutely concede that many type systems people regularly use could not achieve this kind of encoding.

Finally, what I really want to say is that type systems are not something to be denigrated. I believe some of the earliest "transducers v. types" argumentation took a nasty turn as amateur type theorists (myself included) rushed to write things like "Transducers are just X".

I want to apologize for any kind of bad feelings my own writing in that thread may have stirred up. I try not to be haughty or dismissive with this kind of writing, but I also make mistakes.

So what I'd really like to suggest is that types should not be taken as reductivist on interesting techniques like Transducers but instead as a tool for analyzing their construction and either improving it or better teaching it. Hickey himself often turns to some kind of "pseudotyping" to talk about how Transducers work---formalizing those notions should only lead to greater clarity.

Of course, implementations will differ in small ways. As I've noted abundantly here, a major difference between the Haskell and Clojure implementations is driven more by Haskell's purity than its typing. Hopefully, however, exploration of alternative implementations and the rich analysis produced by their typing can help to introduce new ideas.

For instance, the Gist implementation, if you strip the types away, is an interesting divergence in raw functionality from Clojure Transducers---if Clojure Transducers are "reduction function transformers" than the Gisted Transducers are "Moore-style (Infinite) State Machine transformers" and that difference allows the implementer to be extra explicit about the use of local state.

I'd rather see discussion about whether such InFSM transformation techniques have a place in Transducers literature than a fight over whether or not its possible or reasonable to "type transducers".

hawkice 3 days ago 2 replies      
I enjoyed the discussion of the types. I dig haskell (and clojure), and I think this is perhaps the perfect lens with which to view how to make choices between them. You can have an insanely complex typesafe haskell transducer, a still very complex but unsafe haskell transducer, a weaker and less flexible version of transducers with a simpler type encoding in haskell, some combination of those ideas, OR...

you just test your code out in the repl while developing in clojure and just kinda rely on the fact that core infrastructure or popular libraries will generally work.

rovjuvano 1 day ago 0 replies      
Correcting two flaws with this leads to an interesting result:1) no error handling, at all, anywhere, not just missing from the presentation, but not in the code. transduce just wraps reduce. FAIL!!!2) the 'result' parameter unnecessarily pollutes the interface. reduce can be reduced to foreach (doseq) with state and be implemented like other tranducers that require state.

Correcting for these two errors:a) the 0-arity init function is removedb) the 1-arity completed function becomes 0-arityc) the 2-arity reducing function becomes 1-arityd) a 1-arity error function is added.Since these functions cannot be distinguished by arity alone, we give them names: call the reducing function 'onNext', the error function 'onError', and the completed function 'onCompleted', and optionally, group the three functions into an object and voila, we have Rx Observers.

Hickey's twist here is composing Observers instead of Observables. Whether this buys you anything worthwhile is debatable.

Two derivations of Rx often accompany it's introduction:1) Observable being the dual of Iterable2) Observables being Promises with multiple return values.Thanks to Hickey, we can add Observers being an abstraction from reduce/fold (along with it's many other names).

kazagistar 2 days ago 2 replies      
I'm still a little confused and will have to go over some code or something to really understand the limitations of what transducers can do... can any transducer be used in a "parallel" context (like map and filter) or are they limited to a linear context (like the fold makes me suspect)?
raspasov 2 days ago 0 replies      
Great talk by Rich on transducers, instrumental in understanding the "hows" and "whys" behind the concept.
atratus 2 days ago 0 replies      
Removing conj is what finally made it click
iamwil 2 days ago 2 replies      
Transducers really sound like monads. Are they the same thing?
scythe 2 days ago 1 reply      
I threw together a toy implementation in Lua:


Granted, none of the cool out-of-order-iteration is there, but the reverse composition looks natural to me now, so I can sleep at night.

Animats 2 days ago 1 reply      
I think somebody just reinvented data flow programming.
Node.js Best Practices
215 points by finspin  3 days ago   61 comments top 10
Touche 3 days ago 5 replies      
Notice something not on the list of best practices: documentation. While Node itself has excellent docs (for the most part), the Node community is terrible about documentation. If you're lucky you'll get a single README.md file with the basics covered.

Pick any category of module and there's a good chance the most popular modules have little documentation; certainly nothing close to comprehensive.

general_failure 3 days ago 1 reply      
Just a few comments:

> if (!(this instanceof MyClass)) return new MyClass();

If you really want, just throw an exception and kill the program at compile time. Catch programming errors in testing and not do some magic to 'autocorrect' code.

> var localFile = fs.createWriteStream('localFile.tmp');

Always catch 'error's in stream objects. Otherwise, it might thrown an exception at runtime.

localFile.on('error', /* do something */)

Coding style:In most cases if you write you code properly, you don't need to nest more than 3-4 levels. If it gets deeper split it out into separate functions. Otherwise, it's a perfect job for async.series.

whatthemick 2 days ago 1 reply      
I'm personally not a huge fan of the eventemitter for cases where an event is only ever emitted once (an sql query is done or similar).

For 2.0 of Sequelize we've moved almost the entire codebase to promises and will encourage users to interact with Sequelize with promises.

Kiro 3 days ago 3 replies      
I'm coding a fairly large application in Node and have never heard of EventEmitter or Streams. Does that mean I'm doing something wrong? The impression I get from the article is that it's such a fundamental patterns that every serious application should use it.
pavlov 2 days ago 0 replies      
Not that long ago, anonymous functions and closures were the height of fashion in every language.

Now the recommendation is to name your functions and avoid closures. This brings us right back to what C programmers have been doing with function pointers since forever. Not that this is such a bad thing.

pedalpete 3 days ago 2 replies      
When they say 'avoiding closures', how does that relate to functions in your module? Your module is often exported as a function, so are they suggesting that every function be exported? I suspect I'm not understanding the logic behind 'stack based'. Why is it better to have your functions not contain other functions (or is it not be contained?)
donbronson 3 days ago 4 replies      
Anyone have more insight into the statement "Avoid closures"? Or rather, an alternative to having private functions?
_random_ 2 days ago 0 replies      
0. Avoid using it, unless truly necessary.
EGreg 3 days ago 0 replies      
Very useful!
passfree 3 days ago 2 replies      
I have one word: CoffeeScript.
The Cargo Cult of Game Mechanics
193 points by baoyu  20 hours ago   197 comments top 19
lmm 15 hours ago 5 replies      
The author seems to have completely missed the biggest gaming sensation of recent years - Minecraft is exactly the kind of game he's talking about (so is Kerbal Space Program). That list of "classics" also seems very parochial - more like "the best games when I was growing up" than any kind of "all time greats".

Freedom and choices can be used as artistic elements. I'd cite e.g. Saya no Uta or Phantom of Inferno as the purest form of this - the interactivity of these "games" is absolutely minimal from a conventional "gaming" point of view, but it's vital to the narrative. You couldn't make these as movies, because the whole point is to make you complicit in what's happening, because the outcome is a result of your choices.

But not every story has to be about such things. Many of the best-loved gaming classics - Ocarina of Time, or even FF7 - are those cinematic games, that maybe have puzzles (almost minigames, really), but where the overarching narrative is purely linear.

If you can take a movie, or a movie-like narrative, and by sprinkling a few puzzles or quicktime events turn it into something more engaging, a better way to tell your story - why the hell not? Why is that not a perfectly valid form? Criticizing a game for being cinematic seems as pointless as criticizing a sculpture because it could have been done as a painting.

jules 17 hours ago 8 replies      
For me there are 4 properties that make a game great.

Number 1: breadth of options. Games like rollercoaster tycoon are fun because you have an incredible range of options. There is no linear progression from start to finish with only a few choice points in between that have little impact. There are choices everywhere. The opposite is a game like mario, where there are almost no choices.

Number 2: reflexes. Games like pong and mario are fun because they require actions at the right timing. Turn based games do not have that.

Number 3: collection. You collect items or upgrades or in game currency that help you later. Although I have never played it myself, an example is World of Warcraft. You collect items, money and levels. There is something satisfying about this. Game designers often exploit it to make a game addictive.

Number 4: human adversaries. Playing against AI or against some in game metric (e.g. get X amount of people in your rollercoaster park) is not very fun. Playing against human opponents is much more fun because they are unpredictable and intelligent. It's not enough to just compete, there has to be interaction. If you put 2 games of tetris next to each other where the players compete for the highest score that's not good enough. First person shooters have this point right. The decisions of the players influence each other, rather than only competing via a score. Chess & go are the epitome of this.

The games that come closest to hitting all these points are real time strategy games. You have a large amount of options. Not as much as in a sandbox game like rollercoaster tycoon, but still far more than in the average game. You need reflexes to react to threats. You collect resources, upgrades and units. Last but not least, you have human opponents who also have a large amount of options that you need to react to. Not as strategic as chess, but far more so than your average game.

Sadly rts appears to be a dying genre...

voyou 16 hours ago 1 reply      
The article advocates "building a game that's meant to be played rather than just reacted to." That sounds right, but, then, it's sufficiently general that I'm not sure who would disagree with it.

The last paragraph of the article seems to equate "a game that's meant to be played" with "real sandbox simulation, autonomous agents and language-capable AI", and that seems like a narrow idea of what "playing" means, one which equates interactivity (which is the distinguishing feature of games) with choice or nonlinearity. Providing players with lasting choices is one way in which you can use interactivity to structure an experience, but it's not the only one. There's some interesting comments on this in a review by Emily Short of the IF game "Howling Dogs": http://emshort.wordpress.com/2012/10/10/if-comp-2012-howling...

"Howling Dogs" is something of a masterclass in the different ways games can use interaction, and I'd recommend people check it out as a supplement to the vision of gaming put forward in this article.

agentultra 11 hours ago 2 replies      
Game developers are exploiting game mechanics and human behavior to raise funds, market, and capitalize on their investments.

Other mediums have had their brush with economy too. Painters once had to labor under the patronage of certain religious institutions in order to earn their keep and try to make their art on the side. Writers have always had to suffer in some level of Dante's hell, specially crafted for writers, in order to make bread. The poets never made any money and were free.

Can a commercial game developer produce a work of art? Perhaps. We hang those works of religious patronage in the most esteemed museums in the world today. Publishers have capitalized on literature before. Music has tried to make it into a machine. Significant works have been produced even when money has been involved.

Have video games produced a significant work of art yet? In my opinion, no. A significant work of art is a psychic program that mutates the human brain that interprets it. The less variation in the outcome of that mutation amongst a significant population of individuals the closer it is to expressing some universal truth of our condition. You can point to a work of Van Gogh, Kafka, or Mozart and explain its significance. Anyone who has experienced that art may have some personal interpretation of the experience but the significance of it remains much the same amongst a very large population of individuals. I haven't played a video game which has communicated such an idea through my interaction with it.

Many games have borrowed or stolen ideas from other media in order to express their authors' intent or idea: but that isn't novel or new to video games as a medium.

Will video games produce a movement? I think we're seeing some of that. We're seeing examples of games that show indications that we're developing a vocabulary capable of expressing ideas and emotions through interaction and interplay of strategy, choice, and value. However I don't think we've seen our Mozart or our Kafka -- yet.

Until then... grind on. We just need to keep making them and experimenting. And I don't think it's valuable to point out that a game is AAA or indie. We still consider The Last Supper to be a great work of art even though it was essentially commissioned by the church at the time. The new religion is Capitalism. In time we may view some of these games today as beautiful.

Though for now it seems like they're mere amusements.

cwyers 13 hours ago 0 replies      
I feel like this article suffers a lot from multiple rant syndrome, which is what happens when you get partway through a rant and are so locked into full-on rant mode that every time you mention something that pisses you off you go off on a siderant about it. I'm only about 80% sure which of his rants is the one that embodies his main point.
erikb 18 hours ago 6 replies      
The tl;dr to me feels like this: The games when I were young were cooler.

He argues against it and brings good arguments for what made the games of his youth cool, it's still missing the point. Guys ten years older than him won't enjoy the 90s titles as much, considering them too fancy etc. They would have also reasonable arguments why the 80s titles were better. The same goes if you ask a currently 14 year old child about the games he plays. He probably ignores most (like we do) and can state why he enjoys the ones that are good in his eyes.

Imho you can spend all your life being sad about missing the old days and hoping someone revives them, but instead it make you more happy to learn what makes the great new games great in their own regard. They won't be great in the same way Fallout 1 was great. They will be great in other regards, and discovering these can be as entertaining for a 40 year old as it is for a 14 year old guy.

protonfish 13 hours ago 1 reply      
I think the desire to make games "open-ended" is inherently flawed (if you also want players to enjoy themselves.) The more complex and unpredictable a game becomes, the more difficult it is to balance. A certain (probably small) number of paths will be gravitated to leaving most stories unexplored and ending up equivalent to a linear story line (with a lot more work.) One way to attempt to fix this is to create multiple balanced paths (essentially a "choose your own adventure.") This can be brute-forced by adding more and more optional story lines, but in the end it is just many linear stories which is functional equivalent to selecting from different games to play.

It is fun to think about creating a virtual world that is as rich and complex as the real one, but we already live in a reality that often sucks so hard we want to retreat into fiction. Stories with minor interactive components are a fine genre (if well done and compelling) as are puzzle and action games. The fact that they are different than reality is their primary feature, not a flaw.

sergiosgc 18 hours ago 1 reply      
I, for one, like the chutes and doors that lock behind me, reducing the search space when I inevitably get lost after missing an essential key needed to progress. Yes, there's the Internet and walk-throughs and YouTube, but that kind of defeats the purpose. It means the game complexity has exceeded the fun threshold.

And I also disagree that linear level design prevents good story building (not story telling) by the player. Good examples abound, one of them being Mass Effect, which the article criticized.

eswat 15 hours ago 0 replies      
Good article and pretty timely with the release of Destiny, which suffers greatly from the issues mentioned here: masking addictive random-number-generator gameplay and lackluster storytelling with great visuals and promises that this is just the foundation and the game will become much better with DLC. Many things that Bungie had been famous for doing, such as great story telling and smart AI, were completely absent with this game.

And they made $500 million on the first day despite this

Cakez0r 15 hours ago 1 reply      
> For a while, there was a really good match between the complexity of the game world and the way it was represented, and I don't think it's a coincidence that this window is where we find many beloved gaming classics.

I thought this point was very insightful, and not one that I'd considered before.

Osmium 12 hours ago 1 reply      
"but they lack lasting power once you stop playing."

This sounds like a good litmus test for me. If you're still thinking about a game many months after you finish it, then it's probably something more than a mere diversion. In this sense, perhaps, the best game reviews should be retrospective, rather than reactionary on the day of release.

gabzuka 17 hours ago 2 replies      
OT, but the root site (http://acko.net/) has some great web animation work
Paul_S 12 hours ago 3 replies      
I violently agree with the author.

I have something to add specific to competitive FPSs (or any other multiplayer game with a player results table) like Quake and UT. It's my personal measure of whether an online FPS is any good and there's a distinct difference and it's testable (somewhat objectively if you get many people to do this).

1. Play the game without any prior knowledge - just launch the game and play (obviously, look up the controls first).

Good FPS: you end up bottom of the table with negative points having killed almost no one and probably dying from environmental hazards. In team games your own team is likely to vote-kick you.

Bad FPS: you end up middle of the table and have managed to kill people from all over the table.

2. Play the game after putting in an hour.

Good FPS: you started contributing to the team effort and whilst still near the bottom you get in some kills. You know all the mechanics and none of the high level strategies.

Bad FPS: you finish the game at random positions of the table, even near the top. You don't know all the mechanics.

3. Play the game after putting in 10 hours.

Good FPS: you consistently finish in the middle or higher up - but the point is your position is stable. People playing for the first time pose no threat to you.

Bad FPS: you're still all over the place, sometimes at the top other times at the bottom and you sometimes get killed by people who are playing the game for the first time.

The reason it ties in to OP is that this used to be the norm in FPS games, now accessibility is king.

verroq 18 hours ago 5 replies      
>The role of game mechanics should not be the oppressive tyrant telling you to fetch and grind and be thankful for your crumbs of XP and DPS as the scenery blazes past.

That's generally not true at all. It may seem that way, but level systems are similar to a proof of work scheme. Player puts in some time and receives some fair reward for his time. Level systems are a way to facilitate this transaction without invoking pay2win overtones.

spydum 15 hours ago 1 reply      
I think the indie crowd is actively working against these game mechanics. A great example: http://fullbright.company/gonehome/

One of the main founders of the company is an incredibly bright guy named Steve. He made an interesting wager many years ago:http://www.fullbrightdesign.com/2008/02/wager.html

Seems he's now out to prove it false, and making good progress.

aniijbod 12 hours ago 0 replies      
It seems to me that if there was ever anything in the cannon of collective behaviour which didn't seem to the participants to be a game, but nonetheless actually happened to have some of the most uncannily engaging 'game mechanics' ever to grace a non-game, it is that decidedly odd phenomenon that is the cargo cult.
rwallace 9 hours ago 0 replies      
I've seen this article template rerun any number of times over the last couple of decades.

"Why don't we enjoy the video games of today as much as those we played when we were twelve years old? It's because the video games of these decadent times lack [insert whatever the particular author's imagination can come up with by way of special sauce whose secret has been lost]."

Sorry, no. It's because we're not twelve years old anymore.

CmonDev 15 hours ago 0 replies      
Making an issue

"...in a market that moves very fast, saturated with product..."

even worse

"...there has been a counterpoint: the wave of DRM-free indies..."

Look at Steam Greenlight.

Havvy 18 hours ago 0 replies      
Overall good article and food for thought, but the last paragraph is a non-sequiter compared to the paragraphs that came before it.
       cached 23 September 2014 04:11:01 GMT