hacker news with inline top comments    .. more ..    8 Feb 2015 Best
home   ask   best   4 years ago   
Email Encryption Software Relies on One Guy, Who Is Going Broke
points by r0h1n  2 days ago   445 comments top 96
agwa 2 days ago 13 replies      
Calling GnuPG "email encryption software" really understates its importance. It's also used in countless applications to encrypt data at rest, and GPG signatures are used to secure the distribution of software. For instance, GPG is an essential part of the package managers of Debian, Ubuntu, and RedHat.

Here is a link to the donation page: https://gnupg.org/donate/index.html

seizethecheese 2 days ago 5 replies      
Apparently Stripe and Facebook just stepped in to pledge $50K/year each.


teamhappy 2 days ago 1 reply      
I've been complaining about this on HN before; lot's of startups built chat apps on top of GPG during the whole Snowden thing and Werner can't raise $120,000.

I'm really glad Pro Publica picked it up, but I also think we need to change to way we think about critical software like GPG. The GPG Tools team (GPG for Apple Mail) recently stated they need to charge for the tool in the future because they simply can't handle to amount of work anymore (it's still GPL) the response from us was nothing but outrage.

// I just realized all of this is mentioned in the article. My bad.

smcl 2 days ago 4 replies      
I had no idea this project (and others) had so few contributors. I'd love to be involved in some Open Source project but I always feel like "yeh there's probably millions of people far more talented than me wanting to contribute" and I've no idea how to start. Some people suggest taking a look at the open bug lists for software you use frequently, but on the few occasions I've tried that (python, gcc, and a couple of others) I've ended up digging through lists of tough bugs each with fairly impressive sounding discussions by people who are way more familiar with the whole ecosystem than I am and it's sort of intimidating.

I did manage to do some isolated contributions to Open Corporates (http://turbot.opencorporates.com) where the community are super-welcoming and very patient, but I've felt a little isolated and like I'm not exactly giving much back. Apologies for the mildly-OT rambling.

lawl 2 days ago 5 replies      
I think the biggest problem is visibility for these projects.They need to be louder.In the case of openssl, I had no idea that they were severly underfunded (until heartbleed).

Same for GPG until now. I didn't hear they asked for donations.

And I doubt I'm the only one. So I quickly checked if maybe this was big on HN at a point and I just missed it.


Nope. It's not just me.

If not even the most technical people (that actually know what GPG and openssl are without looking it up) don't hear about this, how are regular people going to find out where to throw their donations at?

I think people would donate if they knew about it. I'm going to send this guy $100 and consider it a license fee, because he deserves it.

ChuckMcM 2 days ago 6 replies      
I wonder sometimes if this is the legacy that RMS was thinking about. Sometimes, in my more cynical moments, it seems like we have somehow managed to trick a whole generation of programmers into giving "free stuff" to the world, enabling the creation of the very successful mega corporations which have then kept the value for themselves.

Would it be impossible to create some sort of stipend program at FSF? After all the creation and maintenance of software is allowed to cost money under the GPL.

yegg 2 days ago 0 replies      
We are collecting nominations for our DuckDuckGo yearly FOSS donations at https://duck.co/forum/thread/11753/foss-donation-nominations.... The theme this year is mainstream privacy. This seems to fit well and we'd welcome others. Donations will go out soon.
cs702 2 days ago 0 replies      
"Update, Feb. 5, 2015, 8:10 p.m.: After this article appeared, Werner Koch informed us that last week he was awarded a one-time grant of $60,000 from Linux Foundation's Core Infrastructure Initiative. Werner told us he only received permission to disclose it after our article published. Meanwhile, since our story was posted, donations flooded Werner's website donation page and he reached his funding goal of $137,000. In addition, Facebook and the online payment processor Stripe each pledged to donate $50,000 a year to Kochs project."

The problem, in other words, was that lots of people like me, who depend everyday on gpg and are thankful for it, would have supported it over all these years if only we had known that its maintainer was barely scraping by on $25K a year.

Kudos to Pro Publica for bringing this to everyone's attention.

minopret 2 days ago 2 replies      
Can someone explain why GPG in the person of Werner Koch isn't substantially funded under FSFE?

My first thought was the Software Freedom Conservancy. The only reasons I see for them not to take GPG under their wing are lack of will (but why?), sense of funding priorities (but why?), or the possibility that some GPG constituents would be concerned about associating GPG strongly with a US-based organization.

mseebach 2 days ago 2 replies      
Given the general scarcity of talent in the business, it should really be trivial for a high end IT security consultancy to pay Werner a 3000/month (ie. enough to live on, if not extravagantly) retainer to be available ~10 hours a month to consult on encryption matters (or something like that).

I wonder if it all really comes down to "Really I am better at programming than this business stuff." or if there is some unstated dogmatism that gets in the way.

It seems to me there's a parallel to someone like Moxie Marlinspike who's vaguely in the same field, but seems to be doing very well for himself.

andrewla 2 days ago 6 replies      
For bitcoin donations, you can go to [1], which gives the address as 12LKeo24XCzgz6ASSxcUa8BvUfzkEyCpGq [2]. The address is not generated per user, and is dedicated to GnuPG.

[1] https://www.wauland.de/en/donation.nojs.html

[2] https://blockchain.info/address/12LKeo24XCzgz6ASSxcUa8BvUfzk...

_wmd 2 days ago 2 replies      
GnuPG sounds like a prime candidate for Linux Foundation's core infrastructure initiative. http://www.linuxfoundation.org/programs/core-infrastructure-...

If they're willing to fund a new NTP implementation then they should be able to drop a few coins in the GnuPG bucket too

moreati 2 days ago 3 replies      
In the last hour or so (I think since this hit the front page) there have been approximately 2000 of donations added to the drive at https://gnupg.org/, nudging it over 40000.

Please do your part, and keep that bar moving.

dredmorbius 2 days ago 0 replies      
The problem of reward for innovation is one that goes back a long ways under the market / capitalist system.

The tale of the unrewarded genius is legion, one set of substantiation is presented in Gregory Clark's A Farewell to Alms looking at key inventors of the early Industrial Revolution: John Kay (flying shuttle), James Hargreaves (spinning jenny), Richard Arkwright (spinning frame), Samuel Crompton (spinning mule), Reverend Edmund Cartwright (power loom), Eli Whitney (cotton gin), and Richard Roberts (power loom, machine tools).

Of the list, Kay, Hargreaves, and Roberts died in poverty. Crompton and Cartwright were granted substantial payments by acts of Parliament (5,000 and 10,000 respectively), Whitney made money through arms sales to the U.S. government, and of the lot, only Arkwright earned significant wealth, half a million pounds, after his patents stopped being honored by other manufacturers.

Invention and information goods fare poorly in economic systems.

Most of us are coloured by the experience of Microsoft from 1980 - 2000 or so, but what is generally not recognized is that Microsoft as a seller of "shrink-wrap" software was exceptionally anomalous. Most other pure-play software firms were nowhere near as profitable as Microsoft. Some technology companies had large revenues, but they were often based on hardware (Sun, HP), professional services (Oracle, Price Waterhouse), or both (IBM). Hardware does well, but has a small fraction of the profit margin of software, and professional services -- brains by the bucketful -- is very difficult to scale. Companies which do well at the latter almost always have a distinctly mafia-like reputation (IBM, EDS, Oracle, PWC, Accenture, etc.).

Werner's situation is unfortunate, and I really do hope he finds a way to survive. He's hardly alone, and frankly, the proprietary commercial model has proven highly problematic as well.

a3n 2 days ago 3 replies      
He's been voluntarily cheated. He should take a job, take care of himself (no one else will), and give gpg whatever time he has left, if he has the energy.
dchichkov 1 day ago 0 replies      
"Stallman urged the crowd to write their own version of PGP. 'We can't export it, but if you write it, we can import it,' he said."

"Inspired, Koch decided to try. 'I figured I can do it,' he recalled."

"Koch's software was a hit even though it only ran on the Unix operating system. It was free, the underlying software code was open for developers to inspect and improve, and it wasn't subject to U.S. export restrictions."

Brilliant :)

gommm 2 days ago 2 replies      
I've just donated. It's an important project and Werner Koch needs to be rewarded.

I feel that we, as a community, are really bad at supporting some of the opensource projects that powers our infrastructure. I'm not sure what can be done to improve this. Maybe we need a foundation that raises money for those projects and does the marketing needed to remind us to donate.

I for one wouldn't mind giving say 30 euros/month to be redistributed between projects like GPG, openssh, varnish, nginx, openssl...

tw04 2 days ago 2 replies      
It's a sad day when Farmville can become a billion dollar business and Werner can't feed his kids. I'm curious if he's truly living on ~$20k/year. That seems ridiculously low for life in Germany. Or if he's got other sources of income to bolster that.

Either way, what really needs to happen is companies that build programs off his work need to make a concerted effort to donate to the project. Heck, set aside a small percentage of revenue and consider it a cost of business.

unreal37 2 days ago 5 replies      
There does seem to be a need for an "Internet fund". Pick 100 of the core free technologies that everyone relies on and pay people to maintain them.
florianfunke 1 day ago 0 replies      
Here are Felix ("fefe") von Leitner's comments http://translate.google.com/translate?js=n&sl=de&tl=en&u=htt...Not that I would share his views, but he is a relatively well known German security expert and free software activist (dietlibc). He knows GnuPG pretty well and basically says: Werner, you don't deserve our donations, stop crying, get a day job and maintain GnuPG in your spare time.
nathan-muir 2 days ago 0 replies      
This feels like "WorldVision" for programmers. The wealthy pouring support on the forgotten, decrying the unjust conditions, only to forget about them and return to their normal lives.

Unlike the poor children of the world - Koch's decisions are wholly responsible for his current predicament.

The "market" doesn't care about individuals like Koch, and he chose to continue despite his efforts not being reciprocated/acknowledged.

I'd like to say that Koch should have abandoned the project, and if the market saw that maintenance/development of GPG was important, it would have happened.

However, it's not a perfect world - and there are probably plenty of pieces of critical software installed on our systems that are no longer maintained.

Would GPG have become one of these unmaintained codebases had Koch acted in his own self interest?

Or, would have another organisation/individual funded someone else to maintain and develop it?

redthrow 2 days ago 1 reply      
"He says he's made about $25,000 per year since 2001 a fraction of what he could earn in private industry"

The developer of git-annex assistant was happy when he received $20,000 on Kickstarter and he said with this money he could dedicate his time on this project for a full year. [1]

Maybe he could also start a Kickstarter/Indiegogo etc campaign so that he could hire another full-time developer? If enough people find this additional workforce on this project worthwhile, it will be funded.

[1] https://www.kickstarter.com/projects/joeyh/git-annex-assista...

jackreichert 2 days ago 0 replies      
It would be really great if you could run an apt-get/yum filter on your server and retrieve a list of donate links for the open source services you rely on.

Ideally, a GPL+donate-what-you-can would really help maintain these projects.

christop 2 days ago 0 replies      
Wow, and that was fast. Is there some sort of secret Silicon Valley startup hotline where these deals get set up?
rdl 2 days ago 0 replies      
Wow, they have done a pretty bad job of promoting their donation campaign. I use GPG, I love GPG, and I hadn't heard about it.

If they'd done it before 12-31, they could have easily gotten a lot more donations (due to tax year), especially from companies (who IIRC don't need it to be a 501c3).

Helping GPG market itself, especially for fundraising, would be a great way for a non-technical privacy advocate type to contribute meaningfully. I think a lot of those people exist.

BjoernKW 2 days ago 2 replies      
The problem boils down to "Really I am better at programming than this business stuff.".

Someone with his talent and expertise should have no problem with getting highly paid consulting gigs. Then he could continue working on GPG in his free time and even use the consulting income for hiring additional programmers to work on GPG. There are quite a few product-based businesses that could be built upon GPG as well (secure email, corporate communication tools, some kind of public-key-based social network come to mind ...). These could be used to support the continued development of GPG itself.

It's of course not as easy as it sounds. Not everybody wants to deal with 'all that business stuff' and that's fine but then by all means find someone who can help you with that part. If you want to change the world sometimes idealism alone just isn't enough. You also have to proactively deal with the everyday stuff like where the cashflow for paying the bills will come from next month.

There's also a problem with the purism put forth by some of the 'free as in freedom' enthusiasts, most notably Richard Stallman, who seem to gloss over the fact that coders have to make a living, too or who even frown upon making money with software altogether. Software eats the world but even RMS can't eat software.

How many successful larger companies come to mind whose business model is based upon open source? Red Hat, Ubuntu and that's about it. If we truly want to avoid dilemmas like this one we also need to think about how to successfully implement sustainable open source business models.

duckingtest 2 days ago 0 replies      
I think he should start a US nonprofit, or even better start cooperating with an international one, as that would allow people to deduct donations from their income. It's a lot easier to donate if you know that otherwise 30%-50% of that would go to the ever hungry state...

edit: It turns out every EU citizen can deduct a donation to GnuPG from their incomes!


Dowwie 2 days ago 0 replies      
In the meanwhile, a very funny card game about exploding kittens has raised more than 5 Million USD on kickstarter
excel2flow 2 days ago 0 replies      
For that matter, I don't know what I would do without BouncyCastle: https://www.bouncycastle.org/donate/index.cgi

This article made me think about donating.

kogir 2 days ago 2 replies      
This is sad but not super surprising. Historically, if you had money and wanted a reasonable UI and cleaner integrations, you bought PGP (now from Symantec). GPG was always for people unwilling to pay.

For the record I donated. I'm just pointing out that writing something that's bundled and distributed as part of something else means nobody thinks about your project, or in many cases even realizes they're using it.

guiambros 2 days ago 0 replies      
This is amazing news. Glad to see companies that benefit so much from free software helping to pay it forward.

Update, Feb. 5, 2015, 8:10 p.m.: After this article appeared, Werner Koch informed us that last week he was awarded a one-time grant of $60,000 from Linux Foundation's Core Infrastructure Initiative. Werner told us he only received permission to disclose it after our article published. Meanwhile, since our story was posted, donations flooded Werner's website donation page and he reached his funding goal of $137,000. In addition, Facebook and the online payment processor Stripe each pledged to donate $50,000 a year to Kochs project.

api 2 days ago 1 reply      
This is why "free as in beer" is a problem for "free as in freedom." Just to maintain things costs money because people take money to live, not to mention how much it costs to field things that are competitive on UI/UX and other metrics with big closed ecosystems.
joycey 2 days ago 1 reply      
Here's something I think should get more love and is pretty relevant: a service that will automatically pay a percentage of Bitcoin donations for every submission to a GitHub repository: https://github.com/WhisperSystems/BitHub

So if you donate to Open Whisper Systems, you can see that your donations are going directly to those that are contributing to the project, and you get paid more if you're contributing more. I've sent in a few PR's to their iOS repo, and it'd be awesome to see it implemented in other privacy OSS projects. It's obviously not a perfect system, but I think it's a pretty cool way of funding OSS.

danso 2 days ago 0 replies      
Hopefully this article leads to a call-to-arms in the dev community to come up with best marketing/fundraising practices. I know that the idea of meritocracy is very powerful (and not altogether wrong)...but it's a tragedy when great software doesn't get the minimal exposure because of relatively easy friction problems that can be fixed.

I think of all the random, stupid things I've backed on Kickstarter, simply because I saw it on a friend's Twitter feed...things like GnuPG may not get as much consumer reaction as most Kickstarter widgets, but there are enough developers with disposable income who would happily donate to open-source-in-need if such causes were just slightly more visible.

corin_ 2 days ago 2 replies      
Meta-question, ideally aimed at Daniel if you're reading this, but not interesting enough to email you plus wondering what community members think:

Normally I'd be against comments like "donated" that add nothing else, and would downvote them for that. But in this case, does seeing lots of other people say they've donated make other readers more likely to donate themselves? If so, does that outweigh the negative of the page filling up with otherwise-pointless comments?

I've not downvoted any, but would be interested in any opinions as to whether or not you have/would downvote them and why.

droque 2 days ago 0 replies      
I wonder if a patreon-like (or even patreon itself) would be more effective raising donations than just one-time donations. I know enough people that swear by gpg, so it doesn't strikes me as hard finding a base.
madhudj 1 day ago 0 replies      
Where can I see the list of all such Softwares (the essential and free) and the people behind them?

Is there a single place where the following details can be found?

Program Name, Company / Group Name, Description of the software, Link to their website, Yearly Budget (Required), Funded so far (out of the total yearly budget), How many people in the team?, Options to donate

I feel that the real problem is that the folks behind these amazing softwares are either too busy / too nice / too shy (for philosophical reasons) to promote, organize, gather funds? And in the busy world, their very existence is forgotten by the rest of us.

If there are none like this, why not we build one and I would like to start it so others can join in later. To help these guys around the year and not just when we get to see an blog post like this one.

Any thoughts / comments ?

csl 2 days ago 1 reply      
So I just donated 20 and I invite others to do it as well.

(And they use Stripe for payments, which of course is relevant here on HN. And as a first time user, it was a breeze to donate.)

kylec 2 days ago 1 reply      
I wish there was a sort of "Patreon for open source" nonprofit service where I can support projects like GnuPG, OpenBSD, etc all in one place.
microcolonel 20 hours ago 0 replies      
I've donated to the project in the past, I wasn't aware of just how far in the hole he was until today.

Also, I just cloned the repository and it's a bit of a mess, if anything I'm ashamed that I haven't been doing anything about it directly.

Samumu 2 days ago 0 replies      
Would it help if some highly visible figure like Snowden or Poitras weighed in in some interview? I mean, they probably have a lot on their shoulders already but I cannot see anyone else who would be more motivated and more efficient at this task.

I am probably missing something though. They must be somehow aware of the situation already and not consider it a top priority for some reason.

r0naa 2 days ago 0 replies      
I don't know much about the subject but what about flattr, aren't they trying to solve this problem?
frevd 1 day ago 0 replies      
The whole commercial industry is relying on open-source components, arbitraging what should cost money in the first place to build a business, then assuming that people do it for the fun primarily (which is not completely untrue), maintenance though costs money, but to give edits back should be the role of the earning community, not the original founder. Licensing might help here, just too many people are offering their works for free (read there will always be somebody with a free alternative). It's kinda weird to expect something else and proclaim free software..
hughes 2 days ago 0 replies      
Lack of funds doesn't even sound like the biggest problem here. If the project relies on one guy, what happens when he's gone? Seems like something this important should have a higher bus factor.


fellowshipofone 2 days ago 0 replies      
Just like many here, I had no idea, and this is so important. I hope HN community will blow up this donation page!
patronagezero 2 days ago 0 replies      
No worries, I'm sure everyone contributes more to their respective governments to break encryption than they'll every send to anyone seeking to protect it. Send more money to this guy if you want to feel better about your shitty (respective) country or self. Better yet, just donate to the EFF like a uselessly trendy dweeb. Being a decent citizen isn't about standing up for what's right or wrong (that makes you a terrorist), instead it's about sending money to your respective, government-approved cause.
anigbrowl 2 days ago 0 replies      
This is a clear example of market failure. When I've been grumpy over the last year over how torrent piracy affects indie cinema (the sector where I work) it's for similar reasons; putting work out there and depending on the goodwill of the public is simply not a viable economic strategy. It's a basic fact of human psychology that people gauge the value of something by what they paid for it, or even what other people would have paid with it and what they therefore feel they're 'getting away with' if they managed to obtain it without paying.

In December, he launched a fundraising campaign that has garnered about $43,000 to date far short of his goal of $137,000 which would allow him to pay himself a decent salary and hire a full-time developer.

Think of what Koch might be able to achieve if he were in a position to direct other people in addition to writing code, or even to write code without the distractions of a precarious financial life.

Innovators, whether in arts, technology, or whatever sector, do not like relying on donations or shaking a hat in front of people. It's a shitty, degrading way to work. Nobody becomes better at what they do through constant negative reinforcement of their economic inferiority; and yet the notion of even the most minimal royalty obligation or assertion of a private economic interest is enough to bring out glibertarians* in droves ranting about the selfishness and futility of trying to put a price on something that has zero marginal cost of distribution. Digital assets do have zero marginal cost of distribution, but they have significant fixed costs of creation, and the failure to acknowledge that by disavowing the notion of any property interest in digital goods are undermining the entire market concept in favor of a new variation of serfdom. Saying that society should change and institute a basic income guarantee is all very well, but that's not going to put food on the table for anyone in the near term (except possibly a few enterprising economic raconteurs who are willing to take up the role of court jester).

One possible option for Koch would be to crank out the next version of GPG; post a changelog of all the desirable new features/bug fixes etc., and then run a Kickstarter to raise the funds that would persuade him to release it - in other words, to withhold the new version until people put their money where their mouths are. But I'm pretty sure he doesn't want to do that, for 3 reasons: first, many people would just carry on with whatever they currently have, regardless of security liability etc., because what's already available is 'good enough'; two, he'd become the target of the internet hate machine, albeit on a smallish scale; and three, a bunch of indignant people would fork the existing code on Github and offer their innovations for free, a hundred flowers would bloom, and 3 months later 99 of them would have shriveled up and died, while the codebase would have have irreparably fragmented.

What we need is some sort of new economic model that does not force innovators to sacrifice their comparative economic advantage (ie their primary technical or artistic skill, on which they should be concentrating their efforts) on guilt marketing, public beggary, or drafting of grant applications.The copyright system could provide such a mechanism, but focusing only on the cases where it's broken or unfair to consumers has led many hackers and digiterati to throw the baby out with the bathwater, making things much harder on small-scale producers whose interestes the system was instituted to protect in the first place.

* people who identify as libertarians but who have little experience of structural economic disadvantage

in the economic sense of things that are literally good to have

colindean 2 days ago 0 replies      
If your company uses the fruits of this project's labor, your company should probably be reserving at last a little honorarium to the people behind it.

Give directly, or encourage them use something like Gratipay or Patreon or whatnot.

olla 1 day ago 0 replies      
I think we need a change in the way we look at open source software. It must not necessarily be free of charge. The real benefits of open source are often something other than being free of charge, like in this case. Maybe we need a new licence allowing charge for commercial use and giving benefits or discounts on the amount of contribution made to the project?
D4AHNGM 1 day ago 0 replies      
I noticed the rather pitifully empty donation bar last week, and made a mental node to chip in a little bit as soon as I could. Donated 5 today, and visited the website again just now and the donation bar is more than full, which is just incredible.

Werner's engagement on the mailing lists is awesome enough, let alone the software he writes. Genuinely glad for the guy that he's getting some of the financial support he needs.

MysticFear 2 days ago 1 reply      
Don't forgot to donate to ProPublica for covering an unsexy story as well.
GolfyMcG 2 days ago 0 replies      
Facebook and Stripe are stepping up:https://twitter.com/stripe/status/563449352635432960
harkyns_castle 1 day ago 0 replies      
Hopefully a sign of things to come. Way prefer to give my cash to someone that dilligently works away out of the public eye, but also gets some reward when its recognized. My cynical side says someone will pop out soon and say its compromised and he's had an NSL, but that part of me is killing me so I choose to hope not.
dataminer 2 days ago 0 replies      
Just donated, GPG is quite a critical part of open source ecosystem.

Please donate

pcthrowaway 2 days ago 0 replies      
> Like many people who build security software, Koch believes that offering the underlying software code for free is the best way to demonstrate that there are no hidden backdoors in it giving access to spy agencies or others.

I'm guessing this is a problem with the journalist misunderstanding the subject, who probably said publishing it as free software (which is not the same as giving it away for free) is the best way to demonstrate that it is secure.

beaknit 2 days ago 0 replies      
Just donate, for christ's sake
jakemcgraw 2 days ago 0 replies      
Just donated, and you should too!


sandGorgon 2 days ago 0 replies      
this is precisely the question I asked here - https://news.ycombinator.com/item?id=8863782

This is frustrating - a lot of these projects dont get funded just because of one reason: discoverability. People dont know that these projects need funding. OpenSSH was another. No telling how many others.

whatsgood 2 days ago 1 reply      
GNU is awesome in the way that 'Citizen Kane' is awesome. It is awesome because of what it accomplished given the context in which it was created. The context has changed but GNU, by and large, has not. "Free Software" gave us BSD and Linux, but it is also partially responsible for the privacy issues of Google and Facebook (neither of which would be as competitive if they had to pay licensing fees to Microsoft and Oracle, and they give their services away in exchange for monetizing user data), Heartbleed and similar bugs (these projects are not properly funded for security audits and/or maintenance), and the expectation that one should work for free (if you don't have a job the first thing you do is start working on open source projects to show what you can do). Richard Stallman is arguing for the freedom of software, not people. Unless we change society such that its citizens will be provided for regardless of how they spend their afternoons open source needs a new business model. As software becomes more pervasive finding alternative models will become more urgent. And, it's already very urgent.
lajarre 1 day ago 0 replies      
No one pointing to the fact that GPG has major issues like no perfect forward secrecy? Are we celebrating that big-brother money is funding a (out)dated technology??
whyleym 2 days ago 0 replies      
Just announced - "Stripe and Facebook are going to sponsor @gnupg development with $50k/year each." - https://twitter.com/stripe/status/563449352635432960
conductr 2 days ago 0 replies      
Could he not just change the license to require commercial usage by companies with more than $x annual revenue to pay $y in license fees?

Could still remain open source and free for majority of applications if x was high enough. Also, creates a system where those reaping the most also pay the most.

carrotleads 2 days ago 0 replies      
Never tell people / managers that you love your Job. That's one foolproof way for people to expect you to do it for free or close to it.

Your payment comes in the form of praise.

I think that was the mistake made here. A mistake made by many artists.

viccuad 2 days ago 0 replies      
Donated 20 euros. It's amazing, in some hours has one from 40.000 to 58.000!
bndr 2 days ago 2 replies      
I would like to repost a comment from reddit[1] that makes some good points:

"That title is pretty laughable.

Enterprise E-Mail Encryption solutions do NOT use gnupg, and most enterprise customers do not even use openpgp, they use X.509/SMIME.I know the world top 10 server side enterprise e-mail encryption solutions and the majority uses java with either bouncycastle or ajak encryption, for PGP or openssl/bouncycastle for SMIME. There are some solutions that use gnupg but those are very small and again - most people do not use openpgp in the business world. Mostly automotive uses it like Porsche, VW etc. for encrypting e-mail traffic.Gnupg is mostly used for e-mail by your skilled engineers in private or while communicating with kernel developers etc. Either by using enigmail/mutt/command line whatever.

Nothing based on e-mail would "break" if gnupg went missing.

Now lets get back to Mr. Koch - gnupg was sponsored by the German Government - in all these years - Mr. Koch tried to build a consulting company/enterprise solution out of it - but he failed because there were already existing solutions that were far better than anything he could come up with. Moreover asking Mr. Koch to fix specific bugs in gnupg which was as i said sponsored resulted in simply "pay me XXX amount or i wont do it" - thats how Mr. Koch worked.

Ask any code auditor/reviewer worth his salt and he will tell you gnupg is a mess, it is worse than openssl in most cases - why ? Ask Mr. Koch.

I just want to remind everyone carefully judge, before thinking about donating to Mr. Koch or his company. I already noticed he received well over 50k today just because of this false article.

This guy got funding multiple times from the german government for implementing and maintaing gnupg. This was never a fulltime job - adding patches and a few features is what any open source developer does in his free time. Mr. Koch tried to build a business upon this government funded software, and it failed. He already had multiple fundraisers in his careers to keep his company going. Does he deserve your money ? It is not like gnupg would be dead without him - he is not the only one doing anything - there are many developers in the community who are doing their share too.

Arent there other things more deserving of funding than the failed economical existence of one guy ? An open source developer that wants to contribute free software does not need your money to survive! Did Mr. Richard Stallman or Linus Torvalds ever beg people for money because they cant buy their next meal ? Did the BSD Foundation plea to you they cant make days end ? No - they never did - and they still were able to produce free open source software.

Mr. Koch does not deserve your money, if anything successors of him should receive funding if they need to - but not to survive - because they most likely got a real job already and doing this in their free time."

[1] http://www.reddit.com/r/programming/comments/2uw2gt/the_worl...

slowpoison 2 days ago 1 reply      
It's a bit disappointing that G10code[1] https identity verification fails. May be it makes sense given that he's short on $$$$.

[1] https://g10code.com/

vitd 2 days ago 0 replies      
I wonder if his software would be more well known if it were more useable? I've tried using it on a few occasions over the past 10-20 years and have had a very hard time doing so.
simonvc 2 days ago 0 replies      
peterwwillis 2 days ago 0 replies      
And this is the weird conflict with open source software. OSS is primarily written because somebody needed it and didn't have it. If they have it, and it works, they have no need to write it or support it. Eventually somebody stops supporting it, and then we all realize we're in trouble, somebody forks it and support is taken up by somebody who needs it.

I think this works. It's sad that it depends on exploiting the virtually unpaid work of a few committed die-hards. But basically, it's the only way we can have good gratis software without something stupid like bundling ads, lack of source code or 'services-based' models. It's clear from all the other unfunded OSS projects that corporate sponsorship isn't going to happen unless they're getting something in return.

pinjiz 2 days ago 1 reply      
Just donated 50, hopefully the goal of 120.000 will be exceeded!
dhfromkorea 2 days ago 0 replies      
This is an epitome that corresponds to Peter Thiel's thesis statement: contribution to a society and (financial) reward are independent variables.
mavsman 1 day ago 0 replies      
Unbelievable that this article gets this guy a paycheck. He deserves it but it's still amazing. We live in the future.
drodgers 1 day ago 0 replies      
"Mihai'); DROP TABLE Donors" (from the donors page) is an asshole.
ixtli 2 days ago 0 replies      
I donate to the EFF regularly and would really like to see them put some of their money towards this.
theklub 1 day ago 0 replies      
Its ok, he got like 200k in 24 hours so he's good now.
go1979 2 days ago 1 reply      
I like his office setup. Dual monitors, raised base for monitors, plexo? lamp, white board, real keyboard.
coldcode 2 days ago 0 replies      
Why is there no Kickstarter equivalent for ongoing open source projects instead of just new things?
gordon_freeman 2 days ago 0 replies      
when I first saw this post on HN, the donation was around 60% of the goal. Just now I see it exceeded 120000 of the goal. I bet HN readers donated a good amount today after reading the top-trending news. Great activism!
the-tesla-809 2 days ago 0 replies      
Is there some hacker group online that specializes on Crypto that can donate time and or money?
JeremyS 2 days ago 0 replies      
keyle 1 day ago 0 replies      
big shout to the journalist that actually reported the issue instead of vaporware shenanigans. @JuliaAngwin
finid 2 days ago 0 replies      
By itself, Google could pay that guy's salary and even hire another dev to help him. Red Hat could do the same. In fact there are any number of companies that can step in and do the right thing.
cha_os 2 days ago 0 replies      
Just donated and you should too... ;) Great project!
jtwebman 2 days ago 0 replies      
I am sure if he quit someone would pick it up.
JoachimS 2 days ago 0 replies      
The funding target has now been met!
jprince 2 days ago 0 replies      
Gave him 5$. Thanks HN for showing this.
0xdeadbeefbabe 2 days ago 0 replies      
So, it wasn't a donation, but Snowden that kept this developer going? I'm freaking out a little thinking this implies you can't buy dedication or even good software. Donating is a good thing of course, but it doesn't solve this really disturbing meta-problem.
dreamdu5t 2 days ago 2 replies      
This shouldn't be odd to anyone who's spent a large amount of time releasing open source. You just end up being used and uncompensated. At best you get a job offer from it.

It's really sad to me how many companies benefit from open source (including my own software) without the author ever being compensated.

It's hard for me to get motivated to do anything open source anymore because of the feeling that I'm just a gullible idiot in the end.

The feeling when I fix issues opened by people at VC-backed companies with millions of dollars is really really nasty. I always feel like such an idiot.

yeukhon 2 days ago 0 replies      
So why not hire the guy to work on this as a full time employee? Stripe / Facebook / Google or even Mozilla should have the money to hire him as full time and only work on GnuPG.
gojomo 2 days ago 0 replies      
The need here is characterized as 'money'. And yes, at a reductionist level, that's the issue.

But perhaps what GPG and Koch really need is management and marketing, to build sustaining, recurring support for the project.

That would involve getting this sort of attention on a regular basis, and asking for financial support in ever-improving ways. Also, having enough structure that key people aren't tripped up by local tax and legal issues, and the project is well-prepared to survive the surprises and tragedies that eventually challenge every longstanding effort.

Sometimes, a precocious developer or development team, or even volunteer advocates in the community, can do this themselves. But also some people have no talent or appetite for self-promotion and support work. The proclivity for these tasks may even be negatively-correlated with the particular technical abilities required in some domains.

GPG doesn't just need a fish today. It needs a fisherman... or fisherwoman.

javajosh 2 days ago 0 replies      
This is a terribly injustice, and points to a larger systematic problem, that we software practitioners benefit greatly from the efforts of others to whom we barely offer anything back.

And while the media can help (as in this case) what we should be looking for are systems to help with the situation. My ideal would be a system that monitors my package manager activity, and then using an algorithm I control, allocates "pieces of the pie" to each package I install and use. Then I determine how big the pie should be, and how it should be funded. E.g. if I'm working for a company, I'd request as part of my contract that I get a $200/mo software budget. Or I could just fund it myself.

If even a small fraction of us did something like this, the open-source world would blossom, and injustices like this one would be eliminated.

mwsherman 2 days ago 1 reply      
The question is the wrong one. The better question is: why does so much software choose to depend on an underfunded library?
snissn 2 days ago 1 reply      
why doesn't he watch some youtube videos on lean startups, write a business plan and raise some VC money?
ctdonath 2 days ago 1 reply      
But wait, I thought fame and accomplishment and helping lots of people were supposed to be enough for software authors, that somehow making people pay for software was evil, that it's OK if everyone just copies your source code and uses it, that an Open And Free Internet would be self-sustaining?


kentf 2 days ago 1 reply      
First Impressions Using React Native
points by jlongster  1 day ago   184 comments top 29
azakai 1 day ago 11 replies      
I think it's a very strong point that moving script code off the main thread can help achieve smooth UIs. No more GC pauses, no more slowdowns if the JS engine hits a snag, etc.

I think this is actually possible on the web as well. Someone could write a UI framework which runs JS in a Worker, and sends messages to the main thread, on which there is HTML and minimal JS to receive the messages and handle them.

I'm surprised this hasn't been done, or has it and I just haven't heard about it?

If you're worried about the overhead of transferring lots of messages from the Worker to the main thread, I think it can be pretty fast actually. I did an experiment with proxying WebGL that way, which is a fairly high-traffic API, with nice results,


For something rendering a UI, message passing overhead should be reasonable, especially if the framework is smart enough to only send over what changes (like React Native does).

jenius 1 day ago 3 replies      
> "This is solid engineering. And it completely reinforces the fact that React.js is the right way to build apps."

This just comes off as really weird to me. Why would any sane developer make a statement like this? It sounds preachy and brainwash-y and weird. If there's anything we learn as developers it's that there never is and never will be a single "right way" to do everything. Reading stuff like this makes me doubt the entire article.

There's a difference between writing objectively about something that's interesting that you enjoyed, and trying to lay down a dogma. TBH, the more of this article I read, the more my view of it's goals swayed towards the latter.

danabramov 1 day ago 4 replies      
Declarative UI is boss.

I know Andy (former UIKit team) was quoted in the intro thread but I'll do it again:

>I say with confidence as a former UIKit author: React's model for the UI layer is vastly better than UIKit's. React Native is a huge deal.


If you're averse to React because of JSX, mixing templates and views and similar superficial best practices, you're missing out. Engineers embracing React are not dumb. You should consider a possibility that they think it's good for a reason, and that reason is something you should learn about instead of armchair-rejecting it.

Try tuning out your inner rule-of-thumb linter for a weekend and really give it a try.

yuchi 1 day ago 2 replies      
Seriously please stop making assumptions on Titanium without knowing a thing about it.

> With the latter, you're also interfacing directly with native objects all the time, which is doomed to fail performance-wise. React Native actually performs the layout on a separate thread [...]

Wrong. With Titanium you work with proxies. And JS is in a separate thread. The only actual difference between ReactNative and Titanium on this side is the functional/fully-declarative/almost-stateless vs imperative DOM-like philosophy.

Let me slip this through: if you dont know something then dont make it look like you do.

Sorry for the rant. Im just very upset from yet another post like this.

api 1 day ago 1 reply      
I'm looking forward to desktop UIs also being supported by something like this -- e.g. native Windows, GTK+, and Cocoa widgets. Then we'd have a true framework for writing GUI apps that can share most of their code across the whole range of platforms, which would make me literally stand up and start singing right now. Lalalalalalala!

If you coupled this with conditional stuff around what kind of form factor you're on (screen size, etc.) you could design mobile first UIs that gracefully enriched on a larger form factor. Lalalalalala!

I don't know of Facebook cares, but I WILL PAY FOR THIS! For a well-engineered modern platform that did all of the above I would pay thousands of dollars. So if the choice comes down to staying free and abandoning this effort vs. making it a profit center, please for the love of all that is holy take my money.

Really when you look at the labor costs of developing parallel UI efforts on many platforms, a cross-platform dev system that delivered a high quality native-feeling experience across every major platform could be worth at least tens of thousands of dollars to millions of people.

saosebastiao 1 day ago 10 replies      
I love the concepts behind React, and I agree this is a huge deal...I just wish it weren't javascript. It is a terrible language, and the languages that compile to javascript are a poor substitute (bloated code sizes, interop issues, poor runtime performance, etc). For a framework that is all about state machines (a good thing! All UIs are state machines), I hate that there aren't better ways to model them in the language. I would kill to be able to do React in F# or OCaml.
jobu 1 day ago 1 reply      
Sounds amazing... What are the challenges, limitations, and tradeoffs for using React Native? There have been similar initial reviews of Titanium, Phonegap, and Xamarin, but in my experience they all have serious issues that make native development a better option in most cases.
abalone 1 day ago 1 reply      
Probably the most useful way to get a read on this is to compare it to Titanium, also a JS-to-native framework that runs JS on a separate thread. The biggest problems with Titanium were not performance. A couple of the most common complaints:

1) You don't have full access to native SDK functionality (e.g. all the latest cool things in iOS8). You're going through a cross-platform API wrapper and limited to the choices of the framework architect. So it can be frustrating to go down this path only to find you still can't quite get the native experience you want.

2) Debugging is harder because the native toolchain (e.g. Xcode) doesn't understand the framework. You have to rely on tools provided by the framework.

AFAICS the author doesn't address these issues. He seems to focus largely on the (theoretical?) performance optimization of not crossing the JS-to-native bridge as much in React... by being even more isolated from the native APIs and doing more work in JS. But even if true, performance was not the chief complaint with the closest predecessor to this.

jordanlev 1 day ago 1 reply      
> the mess of HTML and CSS get in the way of frameworks instead of helping them

I totally understand where the author is coming from, and do agree... BUT there is a flip side to this, which is that HTML and CSS enable us to come up with and implement totally unique designs and interfaces. The lack of standard layout and complex "widgets" is definitely a pain in the ass, but it also enables a lot of unique-looking websites and designs. It's kind of a pet peeve of mine when platforms/CMS's try to output markup instead of just providing data to the view layer... they are always outputting the "best practice" (if lucky) at the time they were built, and then a year or two later you want to do things a different way and you're stuck.

So I'm super excited about React.js and love the simple mental model with flux etc., but another part of me also worries that one can't dictate the markup exactly the way one wants because it has to be recognizable to the virtual dom as well (or the iOS view in native, or whatever other front-end React will output to).Maybe someone with more React.js experience can enlighten me about this though? (I've only dabbled).

mhd 1 day ago 1 reply      
So if this is native widgets etc., the main point is being able to write this in JavaScript, right? Anything in it for those who don't consider this inherently beneficial?

Souns a lot like GWT, s/Enterprise "architects"/Web "ninja"/ to me.

fidotron 1 day ago 1 reply      
OK, so how long before we backport the Android UI toolkit to WebGL using GWT and get rid of HTML and CSS altogether? Or even just write a sane new one?

Very interesting that this stuff comes from Facebook, who have very little concern about being indexable by search engines.

datashovel 23 hours ago 0 replies      
I get this weird feeling that React Native has been created as a stand-in until webview is truly ready to take over mobile. I can't imagine a scenario where by end of 2015 (or early 2016) mobile webview technology won't be sufficient for 99% of mobile apps.
jsprogrammer 1 day ago 5 replies      
The code style really reminds me of ExtJS circa 2.x (not sure what it's like now), which was pretty good at what it set out to do. However, React Native requires compiling down to various different platforms which means having to maintain multiple compatibility layers to continually shift to keep up with the native vendors. You're also pretty much stuck with proprietary distributors as well. Fun. Fun.

This does look interesting, but honestly, I think this can either already, or very soon, be replicated on the web, a platform which holds tremendous advantages that native will likely never be able to catch up to. Perhaps there's an argument that these apps can also be translated to the web when their time comes, but I wonder what sacrifices are being made in the name of going Native?

React Native seems to be an attempt to fight in the opposite direction (Web -> native) while the real momentum is going the other way (native -> Web), and the best part is, you don't even have to do anything to get it, the major players are building that open ecosystem for us.

swanify 1 day ago 0 replies      
As someone who has developed many apps using Appcelerator Titanium, I am looking forward to getting my hands on this to see where the differences lie.

I know that it has taken Titanium years to mature, so I wonder if it will take a similar amount for React to iron out the bugs - I'll be surprised / pleased if they hit the ground running.

Hopefully they'll hurry up and make it public!

pothibo 1 day ago 2 replies      
I'm assuming React Native can load external JS files over the network? If that's the case, then I understand why Facebook is building this.

They could have control of their application and behavior and make even more changes than before without re-submitting to the App Store.

akrymski 1 day ago 0 replies      
I can't help but feel that all this energy would be better spent on improving webkit itself (such as running JS in a separate thread to the UI)
Taig 1 day ago 0 replies      
For me the best of the web has always been HTML & CSS which I miss so often when dealing with native widgets or creating my own. The only thing that used to scare me off the web was JavaScript. Give me a HTML & CSS frontend, please. But let me keep my beloved Scala or Swift ;)
GrinningFool 1 day ago 0 replies      

    "React Native actually performs the layout on     a separate thread, so the main thread is as free     as it can possibly be to focus on smooth animations      (it also provides flexbox for layout,     which something that no other framework provides)" 
Interestingly - though perhaps increasingly less relevant - this is how BlackBerry 10 platform native QML-based applications work as well.

serve_yay 1 day ago 0 replies      
I'm still very excited to try it. I agree that this is the way forward for writing apps. I have attempted to write iOS apps before, and the problem is not objc, I actually kinda like objc. The problem is the damn view layer.
bsaul 1 day ago 0 replies      
Wonder if the ability to easily refresh the view will make a difference to ios dev used to the wysiwyg approach by xcode for building views.
falcolas 1 day ago 1 reply      
Didn't we do this already with Qt? Or Java? Or wxWidgets? Or OpenGL? Seems like cross-platform UIs have been a reality for quite some time.

What does React bring to the table that these do not?

arxii 22 hours ago 0 replies      
sounds interesting. not a fan on reacts workflow because i use jade templates w/ backbone that get compiled to html for me and its much less code, but separating javascript and native components into different threads is a great idea.

i believe we should be able to see javascript being used as a responsive language portable across all devices and being used to control native components as a separate layer.

im actually working with a flexbox xml/html wrapper framework for iscroll that i might use to build a responsive app that not only does pc animations but performs alot of nice mobile slider animations that seem to go at 60 fps on modern handhelds, but its up to emerging gapping technologies like cordova and this to make the use of future "responsive ui kits" which i believe should be emerging soon.

malandrew 1 day ago 1 reply      
This is yet another reason why you shouldn't use animations in CSS3 and should do them in JavaScript. I honestly don't understand how behavior (which is what animations are) got baked into a declarative style language.

Layout (which is also behavior if the layout changes with the dimensions of the viewport) and animations are two things that need to be removed from CSS and implemented in JavaScript.

regularfry 1 day ago 0 replies      
Soooo... Strap a code editor component on the front and call it Hypercard 9000?
crazychrome 1 day ago 0 replies      
Do a Ctrl + F, then type "android". How many matches have you seen amongst 122+ comments? 2, including this one!
crudbug 1 day ago 0 replies      
This made me think differently => JS can be used as a control layer and the native components are the data layer.
eclipxe 1 day ago 0 replies      
Why not Titanium?
coldcode 1 day ago 0 replies      
Will React's concepts every make it as truly native code I wonder?
zkhalique 1 day ago 1 reply      
OK this DOM stuff is great but what about the other HTML5 interfaces, like sending requests to the server, localStorage, etc. ?
YC for Hardware
points by sama  2 days ago   128 comments top 21
pcmonk 2 days ago 5 replies      
I'm a bit out of the loop on hardware startups, but has YC funded many successful hardware startups? The only one I've heard of is Pebble.

Lowering the barrier to hardware startups is an awesome thing, of course. Hardware has a greater potential to directly impact lives at this point than software. There's tremendous software power locked up in the small, awkward-to-use computing devices we call phones, tablets, laptops, desktops, and servers.

anujdeshpande 2 days ago 6 replies      
I read it twice to see if there was any mention of the word 'Shenzhen'. It's difficult to not keep that in the loop, for a hardware startup anywhere in the world. Even SF.
trsohmers 2 days ago 3 replies      
Is there any interest in (fabless) semiconductors? Traditionally thought as ridiculously capital intensive, there are a lot of new developments that have brought the time and costs involved down dramatically... My experience trying to fundraise for one shown there are a lot of misconceptions and (10-15 year) old ideas in the silicon valley investment space regarding fabless semi.
lnanek2 2 days ago 0 replies      
Interested hardware startups should be sure to check out Wearable World as well:http://www.wearableworld.co/

They have a similar focus on hardware, great numbers re the percent of each class that gets funded, and have had some big successes like the Skully AR-1 intelligent motorcycle helmet:http://www.skully.com/

WW recently toured the AQS facility in Fremont where a lot of well known products are being made like Makerbot and the Lift Labs tremor defeating spoon, and class members get frequent introductions to everyone from investors to Perkins offering billing for law services only on funding. It has been a pretty kickass program so far.

TheMakeA 2 days ago 4 replies      
Are any of these resources available for anyone who isn't already a YC founder? Does that make sense?

Wouldn't it be valuable to give interested folks who aren't yet in YC a place to do their prototyping, get discounts, and help, and then use it as lead gen for the next batch?

Think of all the companies that could exist but don't because they don't have access to these resources.

minimaxir 2 days ago 6 replies      
Wait, why is Tilt on the list of startups helping out with hardware expertise? Aren't they a crowdfunding company?


NextPerception 2 days ago 0 replies      
As a mechanical engineer who works in this area and already follows hacker news due to colliding interests, this is very exciting.
anujdeshpande 1 day ago 0 replies      
An interesting thing that YC could do for hardware startups is provide discounted copies or license servers for some of the most commonly required but exorbitant softwares : Altium, Solidworks, Autodesk inventor among others.
dthal 2 days ago 1 reply      
>and we dont shy away from expensive hardware--weve funded companies building things like nuclear reactors and rockets, which will require hundreds of millions of dollars in funding to succeed

How does this make sense for YC to do?

robwormald 2 days ago 2 replies      
This can't come soon enough. I'm helping out on a hardware 'startup' (though I guess we don't really use that term) - coming from software its an incredibly challenging realm to work in.

Simply getting a functional prototype without easy access to a 3d printer, $$$ in compiler licenses for BT stacks, freakin custom batteries, etc etc.

Our thing: https://www.fitguard.me/

Eleutheria 2 days ago 0 replies      
I'd like to see electric buggys for under $5K.

That would be really disruptive.


aceperry 2 days ago 0 replies      
Sounds great! Question I have is, are these services only available to yc companies? What about startups that are not a part of yc?
jfb 1 day ago 0 replies      
I would love to start a hardware startup (I even have an idea!) but I have no idea how to assess the feasibility of my idea, or how to hire h/w engineers. And it's not a billion dollar idea, so maybe it's not in the YC wheelhouse, but I sure as hell think it'd be fun.
zhanjie 1 day ago 0 replies      
AppreciateIm doing a hardware startup now,and I believe some areas in YC's RFSs will be solved better with a software&hardware model.
spiritplumber 2 days ago 0 replies      
Do I qualify? http://www.robots-everywhere.com The article is scant on details about who do I talk to.
cpg 2 days ago 0 replies      
This adds to the already exciting hardware situation.

I'm interested in the personal media/storage/app server space!

If you are hardware startup founder material and are interested, please get in touch.

swamp40 2 days ago 0 replies      
Are there any new advantages or opportunities for Bolt portfolio companies?
yousifa 2 days ago 0 replies      
This is wonderful! Can't wait to see what future batch companies look like
icki 2 days ago 0 replies      
From first paragraph: Bolts partners and engineering stuff

*i think you meant staff

oldpond 2 days ago 0 replies      
No mention of open hardware. Definitely a market there.
physcab 2 days ago 0 replies      
Thats horrible, but I don't see where it says Lockitron. If you thought Lockitron Bolt, I think thats different from the Bolt they were talking about.. https://www.bolt.io/
YouTube Ditches Flash, and It Hardly Matters
points by sinak  21 hours ago   172 comments top 21
geofft 20 hours ago 8 replies      
One thing to note is that (last I heard) both Chrome and Firefox sandbox EME modules fairly tightly. Flash is a browser plugin, which means that it usually injects code into the browser itself, and runs with full privileges on your computer, just as much as your browser does. This is what makes Flash such fertile ground for exploits of all kinds, and also makes it bad for your privacy because it has direct access to your webcam, microphone, clipboard, supercookies, etc. anything the browser can do, Flash can do without asking. If it asks, it's out of the kindness of its heart, not because the browser has any say.

Chrome and Firefox's sandboxes, meanwhile, are both open-source. You can inspect what powers the EME module might possibly have, and know that it can't gain any more. A vulnerability in the code is unlikely to be able to do anything other than pirate your download of Game of Thrones and that's assuming it even has general-purpose network access. Ideally, a vulnerability would be able to do nothing other than modify the video you see, but the remote site could achieve that by encoding a modified video in the first place.

As far as the general moral arguments about DRM go, it's true that the new boss is the same as the old boss. But the bulk of the EFF's argument against Flash in this blog post is about security, not about open content, and it's important to acknowledge that EME is a significant step forward. The new boss is sitting in a tightly locked cage.

slang800 20 hours ago 4 replies      
And through all this effort to "protect their content", they still haven't managed to stop people from bypassing the DRM and giving the videos away for free in torrents.

I have a hard time seeing how implementing DRM provides any value to media companies, other than a false sense of security.

dredmorbius 13 hours ago 2 replies      
EFF's view is that we've been sold down the river with EME (Encrypted Media Extension).

Except ... that I seem to be able to access most online video content (certainly on YouTube, Vimeo, and other major sites) via youtube-dl.

And hugely prefer to do so. It's much more useful for me to be able to queue, speed up / slow down, pause, resize and otherwise manipulate video with consistent controls than to have the limited (and varied) interfaces various online video / multimedia sites offer.

I've got a video playing as I write this, well, paused, at 133% playback speed, in a small 250px x 190px window -- when I can give it my focus again I'll simply mouse over it and tap 'space' to resume playback. If I want to skip back a few seconds, or a minute, the left or down keyboard arrows do that for me. As they do for all video I play. I can also normalized audio levels (many are too low, this one's actually got a tendency to clip), and more.

sowhatquestion 20 hours ago 2 replies      
I distinctly remember being upset about DRM in the '00s, back when it was being used to place onerous restrictions on content that people had ostensibly "bought" (CDs, DVDs, AAC audio files, etc.). Now that it's being used to prevent people from saving streams... I hate to say this, but please remind me why I should be upset? I never had any illusion of "owning" a stream. Not only that, I would rather stream than own in most cases.
hyperion2010 18 hours ago 0 replies      
Somehow this reminds me of my long running rage against all things webapp and javascript. Companies have started using the browser as a substitute for an OS because it is easier to distribute working code to multiple platforms on a browser. So what do the drm people target now? The browser: aka operating system 2.0. And the thing that is scary is that people don't realize this and think "oh, its just W3C, its just a single program on my computer, they aren't really attacking general computation!" Spoilers: browsers act as virtual machines for probably 90% of all calculations that run on an average pc these days.
spiralpolitik 8 hours ago 1 reply      
To be honest the W3C was between a rock and hard place here as all the other alternatives on the table were worse than this. If they had dug in we would have ended up with 2-3 proprietary DRM standards across the browsers or Flash would have lived on. Both are worse outcomes.

As for "the open web", nothing changes. Content that was DRM free will continue to be DRM free, content that wasn't DRM free will still remain DRM. If anything we are slightly better off as one more proprietary has bitten the dust.

As with a lot of things, the next steps aren't technical. Organizations like the EFF should be working with content providers to educate them on the benefits of being DRM free. A much harder task than firing off press releases.

t0mas88 15 hours ago 0 replies      
Adobe got Flash (once one of their main products) wrong on the security side so many times that we can't even keep count anymore. Let alone the horribly bad performance of flash and the hack-slack way they added features. Why on earth would anyone want to trust this company to build another proprietary blob of their sub-par code into all browsers? They've proven to be incompetent in many attempts, let's not give them a 32nd chance.
orblivion 11 hours ago 1 reply      
I think this article seems to act as though ditching flash just happened to coincide with adoption of this new EME thing. The issue is that no matter how much we kick and scream about user freedom, business interests are business interests. Economics are economics. There just isn't enough user demand for freedom to overcome the loss to businesses of losing control of their content. In order to win this, I think we may need to come to terms with this. Perhaps it means trying even harder to inform the public and increase demand for freedom, but maybe it means coming up with alternate ways to monetize, or alternate ways to produce which circumvent the need to monetize.
Tloewald 7 hours ago 1 reply      
Why don't the people with this point of view rail against proprietary fonts the way they do against video codecs? If we took the same approach to fonts then you'd only be allowed to use open source fonts and everything would look ugly. Instead we're allowed to deploy copy-protected fonts to render text nicely and no-one is unhappy.

If the ultimate issue is that people want to be able to steal video content with impunity, it all makes perfect sense. If the issue is technical or has to do with software freedom, I'm unconvinced. Not being able to open my old documents because Word 2025 isn't able to read Word 2004 documents is not the same thing as not being able to archive videos of Galavant that I don't have the right to keep.

kelnos 13 hours ago 1 reply      
It's a little weird that the EFF is using YouTube's move to HTML5 video by default to attack EME, considering that YT doesn't require EME...

(Yet, anyway.)

Jack000 11 hours ago 2 replies      
I kind of miss flash. Security issues aside, Actionscript 3 and the graphics api felt a lot easier to use than js/canvas and was more performant.

It felt like adobe just rolled over once Steve Jobs declared flash dead. They even bundled mcafee antivirus with the flash download, it's like they just want it to be over.

ChuckMcM 20 hours ago 0 replies      
Interestingingly it seems Youtube is still using Flash in its pre-roll advertisements unless I'm missing something obvious. Those videos get the 'f' from flashblock and won't view unless it is enabled.
silon5 14 hours ago 0 replies      
I notices Firefox sometimes starts busy looping on 2 cores while playing youtube (usually when "buffering"). IMO, they should really move the decoding threads into separate processes so they can be restarted easily (just like Flash was).
jsnk 21 hours ago 8 replies      
I hear what the proponents of non-DRM browsers are saying, but for media streaming companies content is their bread and butter. I am not sure what the alternatives are.

Content providers will stick with technologies like Flash because HTML5 alone could not provide EME. Lack of such feature set HTML5 backwards because huge content providers would shy away from using web as the dominant platform of media delivery.

userbinator 20 hours ago 1 reply      
AIUI, EME is basically a standard for interfacing DRM plugins, so instead of the one implementation (Flash) of it that was around before, we might end up with a wide variety of DRM modules? That certainly doesn't seem like a better situation than before, where basically all the RE efforts were focused on Flash's DRM.
AnthonyMouse 20 hours ago 1 reply      
Why are they calling EME "locks"? It isn't locking anything. It's obfuscation. The most relevant physical analogy would be smog. They should call it what it is; digital smog.
murbard2 10 hours ago 0 replies      
Security is what matters here, the DRM can be circumvented anyway.
blakeja 12 hours ago 1 reply      
Can I uninstall Flash at this point? What do I really need it for?
Aoyagi 12 hours ago 0 replies      
Well, hopefully using the Flash player remains an option.
ck2 17 hours ago 0 replies      
The nice thing about youtube is it also encodes most videos in webm format so it still plays on XP with Firefox and some old phones

Other sites like vimeo only do mp4

pkulak 20 hours ago 1 reply      
Yes, EFF, we're still not living in a content wonderland where Hollywood studios send their blockbusters to people's browsers in naked <video> tags. Shocking, I know.
Braid creator sacrifices his fortune to build his next game
points by jonas21  1 day ago   161 comments top 19
footpath 1 day ago 7 replies      
Here's a nice thread about Jonathan Blow's view on investing:https://news.ycombinator.com/item?id=2198255

you are better off taking the mental energy you would have expended on "investing" and subsequently worrying about your money, and instead funneling it into your creative endeavors. You will make more money that way, especially when you take a long-term view.


If creative endeavors are profitable, you can use the resulting money to fuel more creative endeavors, thus making the world a better place. Keeping money in a bank account or publicly-traded stock does not particularly make the world a better place.

Once I got approximately into the f-you money level of income, it became crystal clear how fictitious money is in the first place. I wake up one morning, and bam, I am wealthy! Why? Because someone said so and typed a number into a computer. Okay... that's kind of weird.

Given that money is so fictitious and somewhat meaningless, it is a shame to give into primal hoarding impulses, just so one can see the number in one's bank account go up like a high score in a video game. It's much better to make like Elon Musk and use your money for what it is: a way to wield influence to make the world more like you would like it to be.

jared314 1 day ago 1 reply      
Blow is also attempting to build a programming language [1], based on his experience in game development. While I don't agree with his direction, so far, watching the process is very interesting. The next Jai demo was announced for Feb 11th [2].

[1] Jai: https://sites.google.com/site/jailanguageprimer/



[2] https://twitter.com/Jonathan_Blow/status/563766250711425024

melling 1 day ago 4 replies      
One of the contributors is creating a video game from scratch in a series of videos.


He just did day 60 today. It's probably going to take at least a year. It's quite educational to start from scratch without any libraries.

justintime2002 1 day ago 13 replies      
"Jonathan Blow's beautiful, distinct 2008 platformer Braid is largely regarded as the original indie game"

Really? I find this difficult to believe, considering the success of Cave Story back in 2004.

bronz 1 day ago 1 reply      
I am really excited for The Witness. If you ever watch one of Mr Blows interviews on Youtube you will see why. His philosophy about video games is interesting and refreshing. Particularly, his thoughts on establishing a dialogue between the player and developer through small events and patterns in the game is very insightful and inspiring. I'm sure that The Witness will be a very thoughtfully crafted game and I am definitely going to buy it. Mr Blow, if you are reading these comments, I wish you the best of luck with this game.
espadrine 1 day ago 3 replies      
Jonathan Blow is also passionately into the creation of a new programming language to compete with C++, with an emphasis on performance and ease of use.


kelukelugames 1 day ago 6 replies      
I've followed Jonathan Blow for a while. He has a reputation for being condescending. If you follow him a Twitter then you might come to the same conclusion. But he has given some amazing talks.

https://www.youtube.com/watch?v=AxFzf6yIfcc <-compares games to televison


Breefield 1 day ago 2 replies      
Very stoked on The Witness but also Firewatch: www.firewatchgame.com

These are the kind of games I can get down with, a good slow ambiance based puzzle gamehad enough of RTS and FPS for the time being.

david_shaw 1 day ago 2 replies      
Interesting story, but I'd hardly call this "sacrificing his fortune." The title led me to believe that perhaps there was some sort of looming intellectual property or non-compete battle -- instead, he just spent his money in development efforts for his next game.

That said, the game looks great -- and I'm sure he'll be very successful with this one, too.

teddyh 1 day ago 0 replies      
Link to games own site: http://the-witness.net/
stegosaurus 19 hours ago 0 replies      
I think that the traditional investment mindset is suboptimal for most people. Especially the young.

For example, the advice to start early on a pension is commonplace. But the young often have low disposable income, and this cuts in to other possible uses of money that have far more return on low amounts of capital.

For example, taking a few months out to study in a different field. Building up a relocation fund so that you can move to a higher paying area. Working towards a property deposit. Buying cars outright instead of borrowing money to finance them.

Most of those have a far better return than a few percent per annum. It's just not clearly quantifiable. And that's not even going in to the riskier things like starting a business.

rbrogan 9 hours ago 0 replies      
He is featured in this nice documentary about indie games along with a couple of different development teams:


reledi 1 day ago 0 replies      
One of my favourite technical talks is by Jonathan Blow: http://the-witness.net/news/2011/06/how-to-program-independe...
simplicio 1 day ago 4 replies      
I always sort of wonder about stories like this, where fairly established game-devs have to rely on Kickstarter, or on their own funds to develop games.

Seems like someone like Blow should be able to attract some investors.

listic 1 day ago 1 reply      
Puzzles, puzzles everywhere. I've read the interview and didn't get it - what's so great in this new game that he is spending all his money on it.

I hoped there will be some ambition to the like of Ice-Pick Lodge https://www.kickstarter.com/projects/1535515364/pathologic or Tale of Tales http://tale-of-tales.com/videogames.php but nope, another game with puzzles.

alexvr 1 day ago 0 replies      
There's something really pleasant about graphics like those in The Witness and No Man's Sky.
frozenport 1 day ago 1 reply      
677/40 = 17 puzzles per hour?
DubiousPusher 1 day ago 0 replies      
"Jonathan Blow's beautiful, distinct 2008 platformer Braid is largely regarded as the original indie game..."

Nah, http://en.wikipedia.org/wiki/Cave_Story

sova 1 day ago 0 replies      
loved braid.

go jonathan

Anthem was the target of a very sophisticated external cyber attack
points by dev1n  2 days ago   195 comments top 38
Trisell 2 days ago 8 replies      
Having spent almost 4 years in healthcare IT. Very few healthcare organizations take security seriously. There is very much a security by anonymity ideal. I worked for a small medical company that had access to 20,000 PHI records, and I was explicitedly told, "why would anyone want to hack us, we are small potatoes." I left that company shortly there after.

Yet companies I work with now big and small look at security as just a bunch of checkboxes on a government audit form. As long as upper management continue to see security as a cost loss center, and continue to only do the minimum nessissary to pass said audits. These breaches will continue to happen.

danso 2 days ago 4 replies      
Looks like they misled the New York Times:


> Anthem learned of the hacking last week and called in Mandiant over the weekend. The company was not obligated to report the breach for at least several more weeks but chose to do so now to show that it was treating the matter seriously.

As user jakejohns has pointed out (https://news.ycombinator.com/item?id=9002003), the WHOIS points to a creation date for ANTHEMFACTS.com of `2014-12-13` with GoDaddy.

windexh8er 2 days ago 6 replies      
I feel most for those who have young children. If you consider the long term viability of SSN over the life-span of a person who is under the age of 5 today they'll likely have been exposed to a breach that will contain their dox a few times over by the time they reach a legal age - that is likely a conservative estimate given the frequency of these events. SSN is broken and we're going to see a lot of push back going forward as these people come of age.

TL;DRIf you're a parent, monitor your child's SSN for activity. Especially considering this is a healthcare breach, nobody is immune.

ipsin 2 days ago 1 reply      
"A very sophisticated external cyber attack" which is a "security vulnerability"... The more "sophisticated" they claim this "cyber attack" is, the more I think it's a garden-variety SQL injection fuck-up.

They've done a bad job of protecting their customer's data, and an even worse job of explaining what actually happened.

beeskneecaps 2 days ago 1 reply      
I like the two Anthem job reqs that were very recently added:

2/4/15 (umm, today): http://www.careers.antheminc.com/jobs/cloud-encryption-secur...

1/30/15: http://www.careers.antheminc.com/jobs/checkpoint-firewall-ex...

Could be a coincidence, but I wouldn't be surprised if they were compromised several days before this press release.

kevinchau 2 days ago 4 replies      
I hate the tone of that letter, has the typical PR tone all over it.

Basically to sum it up: "Your Social Security Number, Name, Birthdate, Address, and everything else needed to steal your identity is at risk. But don't worry! Your credit card number is safe."

jdp23 2 days ago 1 reply      
Privacy Rights Clearinghouse has a couple of excellent fact sheets on identity theft

https://www.privacyrights.org/how-to-deal-security-breach covers situations like this where there's been a security breach - how to order and monitory credit reports, put in a security freeze (which makes it harder to open up new credit cards or credit lines in your name), etc.

https://www.privacyrights.org/content/identity-theft-what-do... covers when you've actually been the victim of an identity theft

gergles 2 days ago 3 replies      
Good job issuing the release in the middle of the night to try to avoid the PR, too. What a trainwreck. Anthem basically passed out identity theft kits, and you can even sort by income to go after the rich ones first! (Why does Anthem know your income? It doesn't seem relevant to offer you health insurance products.)
jrapdx3 2 days ago 3 replies      
It makes me wonder. For several years the US government, Medicare, and private insurers have been pushing hard for health care providers to adopt Electronic Health Record systems. Now in the current phase "interoperability" of EHR systems is the catchword.

A question to ask is how secure is a large network of EHRs going to be? I don't know of data showing the frequency or severity of EHR security breaches but it would be surprising if there were not at least some. In any case, this kind of info would probably not be made available to the public, even though it should be.

Anthem's poor job of keeping confidential info private is especially distressing given the fact that many health insurers are also health care providers (e.g., hospital systems). Computer systems are very hard to operate securely, and after what happened, it's hard to trust these corporations will take the task seriously.

I've been quietly predicting that security of health information is going to become the Next Big Privacy Issue as the Internet of Medical Records grows ever larger.

imjustsaying 2 days ago 1 reply      
Why were they storing sensitive data of former customers?

It seems like a risk with no benefit, with the only justification being "all data could be valuable eventually so let's never delete even the personal sensitive data." Ironically, the data did eventually become valuable - to someone else.

jamra 2 days ago 0 replies      
I wonder why they needed to store SSNs online. They use SSNs to run a credit check and identity a person. Why then is it not stored encrypted and over an air gap? They can use email and phone numbers to recover passwords. This is absolutely ridiculous.

They said in an email that they would pay for one year of credit protection for all those that they say were victimized. I don't think that they are capable or trustworthy enough to state who was victimized. It looks to me that they are just ignoring their responsibility for this attack. They also stated that they do not think health records have been compromised. I believe that they are just trying to avoid HIPAA fees. If so much personal data was stolen, it is likely that health information was also stolen. Generally, the patient's personally identifiable information is stored more securely than their actual health record.

Now I'm off to get credit protection for me, my wife, and my one year old. Does anyone have any advice on where to begin?

anigbrowl 2 days ago 1 reply      
According to the media, even their CEO's records were taken: http://www.nytimes.com/2015/02/05/business/hackers-breached-...
chatmasta 2 days ago 0 replies      
Enterprise hacks are sadly becoming more common, and more sadly, it appears security is abysmal in all cases of large scale hacks. Many attacks of the past 24 months included simple exploits, social engineering or both. These are the kind of attacks a small group of rogue individuals can accomplish from computers anywhere in the world.

If small groups of individual "hackers" are capable of executing high-profile operations, just imagine the capabilities of nation-state cyberwarfare forces. The intelligence agencies of large governments employ thousands of professionals, all at least as qualified as the hackers behind these attacks. The difference is that government employees (or contractors!!) have no fear of legal repercussion restraining their operational activities.

When attacks like this move the market, any scrutiny of the attack must include analysis of market trading in the days following. Who profits from the drop in Anthem stock price? I imagine the SEC investigates this as part of due course, but one should consider that nation states are active investors in the stock market, whether directly or through hedge fund proxies. If a nation state can hack a large enterprise, and a nation state can trade large volumes of securities against that enterprise, then it follows that nation states can profit from cyber warfare.

The next five years are going to be very interesting.

siliconc0w 1 day ago 0 replies      
This is so infuriating. Good luck trying to do anything sensible like freezing your credit. Each credit bureau competes with the next for making the process as painful as possible. 500 errors, timeouts, invalid challenge questions, ambiguous or just broken password requirements. They don't give a fuck - you're not the customer. The customer is the debt industry that pays them for your info. Oh and they each charge $10 to freeze your credit but hey you can mail them a copy of a police report and they might waive it. I gots to shell out $30 because anthem fucked up assuming I can even get their broken ass web applications to take my money.
Elrac 2 days ago 0 replies      
This is a big company, publicly embarrassed by a breach in data security and worried about their stock price. Now they're in damage control mode.

Call me a cynic, but my intuition says the whole page is a lie. My guess is the data was simply pilfered and copied to a USB stick by a disgruntled ex-employee or even a corruptible current one.

Bud 2 days ago 1 reply      
Greeeeeeeeat. Anthem just became my health care provider. This fills me with confidence.

I'm especially unimpressed by Anthem's failure to hire a good copy editor for such a vital message, as evidenced by the painfully obvious error at the end of the penultimate paragraph: "share that information you" should read "share that information with you".

emeidi 2 days ago 2 replies      
High five to all the CISAs, CISMs, CGEITs, CRISCs and CISSPs at Anthem.
ebcase 2 days ago 3 replies      
Curious if the HN community has any recommendations for identity-theft monitoring services?

Each time this happens, the breached company partners with some firm or another to offer "one free year of identity monitoring" or somesuch. e.g. ProtectMyID after the Target breach.

Are there better alternatives to ProtectMyID?

AdmiralAsshat 2 days ago 1 reply      
Boy it sure does fill me with confidence to know that I am hearing about my personal information having been compromised through a news website rather than through the incompetent organization that allowed my information to be leaked in the first place...
kevinchau 2 days ago 0 replies      
While you are waiting for Anthem to drag their feet, here's a year of AllClearID Pro on behalf of Home Depot:


e40 2 days ago 0 replies      
What's the HIPAA fine for a breach of this size? Will be be levied?
dplarson 2 days ago 1 reply      
For those not aware, Anthem is also the insurance provider for the entire University of California system (http://www.ucop.edu/ucship/).
criticalthinker 2 days ago 0 replies      
If they had been using the free UAQUAS system license this attack would have never succeeded!

UAQUAS not only eliminates passwords, it also examines the IP addresses that connect to a host and ensure that they are connected to an authorized program or a current web session, and if not kills the connects and blocks that IP address.

Visit the uaquas.com website to learn how to protect yourself.

randomname2 2 days ago 0 replies      
Rumours say this has ended up on torrents, any truth to that?
Scramblejams 2 days ago 1 reply      
How about if companies holding sensitive data were required to subject themselves to pen test attacks by properly incentivized third parties? Even if an attack were not successful the deliverables would quickly tell an experienced hand whether the attempt had been sufficiently rigorous. And that would allow for a good audit mechanism.
christopheraden 2 days ago 0 replies      
I've been with Anthem since going back to the UC system.

Is there any way to check if I'm affected by the breach? University of California has not made an official statement regarding the breach whatsoever.

I'm looking for something similar to the way you could enter your email address and figure out if your Adobe account was hacked.

bibabo 2 days ago 0 replies      
Most companies only focus on perimeter defense and are soft bellies once opened up or to an internal job #sonylearning

And as long as it is not practice to sue companies and Cxx for negligence when they do not internally protect the data (no unencrypted data at rest) this will not change.

bsimpson 2 days ago 2 replies      
I know my credit card company allows me to set a password to prevent unauthorized access from someone who might have stolen this kind of data. Is there a similar system in place to make it harder for an identity thief to open accounts in my name or do other things that might damage my reputation?
Spoom 2 days ago 1 reply      
I'm in the process of getting Anthem to pay for my credit monitoring now. If you're in the same boat of not wanting to wait for a snail mail letter, call 1-877-263-7995 and escalate twice.
mparr4 2 days ago 0 replies      
I love the hero image.

Nothing says "state of the art" quite like a highly pixelated image on your "we got hacked" response letter.

feld 2 days ago 1 reply      
I'm just thrilled to recently be downgraded to an Anthem customer.

I miss my old insurance.

eyeareque 2 days ago 0 replies      
Sophisticated attack == SQLi || "someone opened a PDF with malware" ?
cm2187 2 days ago 2 replies      
I can't believe it has been at least a full week since the last announcement of a massive data breach...

I am concerned that if the industry doesn't fix this, regulation will.

kolev 2 days ago 0 replies      
So, to stress out that they are not morons, they call this "sophisticated". You can safeguard your personal info as much as you want, but these big data warehouse will always leak it!
kowsik 2 days ago 1 reply      
The security industry/products seriously need a make over. So much money spent and yet, hacks just keep getting bigger and worse.

[edit]: Disclaimer - I'm CTO at @menlosecurity.

troymc 2 days ago 0 replies      
My first thought upon reading this headline was, "The health insurers have an anthem??"
elwell 2 days ago 2 replies      
Turned 26 in January. Purchased Anthem medical insurance so I don't get penalized by Obamacare. Surprised how expensive it is, but bit my tongue and continue. Anthem gets hacked. My Name + SSN is probably somewhere it shouldn't be; ugh.
Scala.js no longer experimental
points by densh  2 days ago   130 comments top 18
noelwelsh 2 days ago 5 replies      
I was very sceptical of Scala.js, but decided to use it in a low risk project (http://github.com/underscoreio/doodle) to render to the HTML canvas and I am shocked at how well it works. The community is moving very quickly as well, and many advanced Scala projects have had the necessary tweaks applied to run in Scala.js.

Looking at broader trends, there is a clear movement towards static typing on the Javascript VM, as in-browser programs become more complicated. Google is developing SoundScript, there has been talk about gradual typing in ES7, Facebook has their type checker etc. To some extent I think adding static types to (the mess that is) Javascript is more work than may be worthwhile. I see the most practical developments in the alternative JS languages, such as Elm and Purescript, and now Scala.js, that start from a cleaner slate. The Javascript committee have done a shockingly good job making Javascript a compilation target with tail calls and so on in ES6.

apo 2 days ago 2 replies      
Let's say I want to use Scala.js to build, not an application, but a JavaScript library. The library exposes a JavaScript API that JavaScript code can call. The library's objects can be used in full from JavaScript.

Can I do this with Scala.js? If so, how?

Very few, if no, *-to-JavaScript cross-compilers can do this. For example, Dart might seem to be that language, but on closer inspection, it's not. Your library is locked inside a JavaScript VM-like data structure.

Although you can get a JavaScript object out of Dart-to-JavaScript compiled library, you need to manually hook up every function in its API yourself. In other words, it's not practical to use Dart to build a JavaScript library that exposes a sophisticated JavaScript API.

Is this possible in Scala.js?

jsight 2 days ago 3 replies      
I understand why these types of compilers lack reflection support, but it still bothers me (and general makes me want to avoid them). JavaScript is naturally a very dynamic environment, and both Java and Scala have some pretty strong dynamic capabilities of their own.

But somehow when they are combined (GWT or Scala.js) you end up with something that is more static than Java or JavaScript. I know the reasons have to do with the static compilation optimization, but I still think this is a huge downside relative to languages that are designed for the browser from the start.

scorpwarp23 2 days ago 2 replies      
That's exciting. I have worked extensively with Scala during my Master's project. What I'd really like to know is what this means in the context of the current trend of JavaScript (both client and server-side).

I'm currently working exclusively on MeteorJS, Node.JS and Angular and fail to see the relevance other than porting Scala applications to the web and making Web App development easier for developers familiar with Scala. However, without the kind of structure and inherent capabilities that a MeteorJS or DerbyJS offers, what's the USP here?

julius 2 days ago 4 replies      
This sounds great. I have not really used Scala before. 3 questions:

- How good do IDEs understand Scala these days? Compared to C#/Java, where IDEs instantly know a crazy lot about your code. I am looking at features like IntelliSense, marking wrong code, marking typos, marking unused code, telling me about unhandled Exceptions etc.

- Is there any difference, on the IDE side, between Scala support and Scala.JS support?

- Is a development cycle possible, where I save and I can instantly reload the page in my browser to see the differences?

- (Bonus Question) How well does it integrate with React. If my memory is not fooling me, Scala supports something like Inline-XML. Can I write React-Code, like I write JSX code with it? Any examples?

Taig 2 days ago 1 reply      
The "Hello World" example yields a 3500 LOC js file. I expected a high count but that still managed to shock me. Well, I'm still pretty excited about this announcement and looking forward to give it a try.
heathermiller 2 days ago 2 replies      
Or, said another way, Scala now officially runs on both the JVM and in the browser.
kybernetikos 1 day ago 1 reply      
> Its mostly about the strong typing for me. Nothing revolutionary about that idea, but its just as true on the client as on the server: having the compiler type-check your code makes it much quicker to get complex, sophisticated systems up and running.

I used to believe that this was obviously true. Then I went from doing a lot of programming in JS where even with a large codebase, I could see the code fail in seconds to programming in Scala where type errors would not always appear in the editor, but you'd have to do a compile step that takes ages to actually see them.

Now I'm much less sure about the benefits of typing. What is actually useful is fast failure and short iteration cycles. Seeing the errors as you write is the fastest failure there is, but if I have to run a 30 second build to see a type error, that is much worse than dynamic types but seeing the error in less than a second.

Its true that carefully thought about types can catch errors you might not see immediately, but you can fix this to some extent with putting effort into making sure your code fails fast, and adding unit tests and while this doesn't give you proof-level guarantees, for most practical work, with discipline, it's good enough (even if emotionally unsatisfying).

Maybe one day I'll find a system that lets me encode constraints into the type system and have it actually tell me about violations quickly, and I'll happily leave dynamic land behind (for most things), but I've come to the conclusion that arguing about type systems misses the point, and the point is that failing fast is better than failing late. Within a single environment, failing at application startup is better than failing at an arbitrary point in the future. Failing at compile time is better than failing at startup. Failing at edit time is better than failing at compile time. But if your compile time is slower than my runtime, you're losing.

drapper 2 days ago 3 replies      
More and more languages have that now (F#, Ceylon, Haxe,...), I wonder how well it works in practice, especially in terms of:

- libraries availability

- code size and speed

- debugging capabilities

- ...and interoperability with JS (I recall that F# uses TypeScript definition files, that's a nice approach)

Anyone has more experience with it?

mercurial 2 days ago 5 replies      
I'm curious to know the size of a scala.js hello world program.
aaronmck 2 days ago 1 reply      
I can't wait for nice bindings to a JS plotting library (something on top of D3). One of the big missing parts of Scala for analysis...
cmstoken 2 days ago 1 reply      
Looks like I'm gonna have to ditch React and IO now. I think those are getting outdated. Will be rewriting all apps in Scala.js.
therockhead 1 day ago 0 replies      
How much of Scala and its APIs can be used? For example can you use Scala Actors in Scala.js?
nowxue 2 days ago 0 replies      
This is awesome, thanks to the scala.js team and community for the hard work.
wampler 2 days ago 1 reply      
Is Scala.js recommended for small apps? Say something like Hello World?
joajoa 2 days ago 1 reply      
I know it's a shameless plug, but if you want to convert any Java bytecode with less semantic differences than scala.js and full reflection support you might want to give https://www.defrac.com/ a try.
kashif 2 days ago 0 replies      
oh god! it was fine as an experiment but...
725686 2 days ago 0 replies      
Stop the programming language proliferation madness!
UK-US surveillance regime was unlawful for seven years
points by owlmusic  1 day ago   62 comments top 13
ch215 1 day ago 5 replies      
The way this same story has been spun by the BBC worries me.

You'd think the news line has to be, as the Guardian and others are reporting, GCHQ mass Internet surveillance was 'unlawful'.

The Beeb did go with 'unlawful' in their original headline but the story has since been watered down with sheer wordiness.

'Unlawlful' now appears in the tenth paragraph, below an analysis panel, and is only then included in a quotation from a campaign group.

Nowhere in the article does the BBC succinctly say a tribunal held that GCHQ breached human rights law. It simply says the agency is now complaint (without saying that it was not for seven years).

To me at least, it seems the BBC is becoming less of a public-service broadcaster and more of a state one.

--GCHQ censured over sharing of internet surveillance data with UShttp://www.bbc.co.uk/news/uk-31164451

jackgavigan 1 day ago 2 replies      
So, one of the key things about this ruling is that it declares "that prior to the disclosures made andreferred to in the Tribunals Judgment of 5 December 2014, the regime governing the soliciting, receiving, storing and transmitting by UK authorities of private communications of individuals located in the UK, which have been obtained by US authorities pursuant to Prism and/or (on the Claimants case) Upstream, contravened Articles 8 or 10 ECHR".[1]

ECHR refers to the European Convention on Human Rights[2]. Article 8 covers privacy. Article 10 covers freedom of expression.

The Human Rights Act 1998 declares that "It is unlawful for a public authority to act in a way which is incompatible with a Convention right"[3] (and GCHQ is classified as a public authority) but I'm not aware of any legislation that would classify such actions as a crime. Therefore, while monetary damages may be awarded[4], it seems unlikely that anyone could be held personally accountable (in the sense of being charged with a crime).

Ironically, the Home Office just announced a public consultation on the draft codes of practice for interception of communications and "equipment interference" (which covers hacking).[4]

1: http://www.ipt-uk.com/docs/Liberty_Ors_Judgment_6Feb15.pdf

2: http://en.wikipedia.org/wiki/European_Convention_on_Human_Ri...

3: http://www.legislation.gov.uk/ukpga/1998/42/section/6

4: http://www.legislation.gov.uk/ukpga/1998/42/section/8

5: https://www.gov.uk/government/consultations/interception-of-...

junto 1 day ago 2 replies      
Whilst I applaud the ruling, I doubt it will make much of difference. The British government simply uses extensions to the "temporary" Terrorism Act 2000 and its modifications in 2001, 2005, 2006 and 2008 and/or RIPA.

I'm getting a bit tired of politicians standing up in the House of Common's, stating we need a "temporary" act to reduce liberty and privacy under the guise of terrorism, only to extend the rulings indefinitely. It's bullshit.

Also, with regards to RIPA, the section related to "Use of communication data" requires only "senior member of that authority", whilst wire taps and reading post requires authorisation from "Warrant from Home Secretary or Cabinet Secretary for Justice". The first one should also move under this authority and blanket surveillance should be banned.

Conspiracy theorist me says we should expect another "act of terrorism" on the UK mainland. This government needs to bolster its control, as they did in Australia, France and Canada. After every attack, the direct effect is that politicians start looking for ways to spin that into invasions of privacy and liberty. Every god damn time.

P.S. Interestingly, Germany is one of the few large European nations with troops in "Muslim lands", that has to date not had a major terrorist incident. They have a large Muslim population, which although largely very moderate and westernised, do have a minority of people who are preaching extremism. Also, many of the terrorist cells (including 9/11) have originated, or passed through Germany.

Allower 1 day ago 0 replies      
Terrible and completely misleading headline. The court ruled that the SHARING of surveillance data with NSA was unlawful until this past December. Its another meaningless verdict that effectively supports the gross invasion of individual privacy while claiming to oppose it.
zirkonit 1 day ago 1 reply      
was unlawful, is unlawful and will be unlawful.

It will not stop just because of the court decision. The rule of law is for mere mortals, and not the alphabet soup of intelligence agencies, unfortunately.

justcommenting 1 day ago 0 replies      
I hope other governments will take notice of this ruling in considering political asylum for the person who blew the whistle to expose these human rights violations on a massive scale.
ed_blackburn 1 day ago 0 replies      
One presumes that the court doesn't deems there's been a serious criminal action here. More the status quo isn't legal. I'd like to know if this means the current actions will stop. When? If the government will fight it. Or legislate around it? There needs to be an official response from someone will real authority. It's been judged as illegal...so what next?
ommunist 1 day ago 0 replies      
So, like @higherpurpose pointed out - ruling without enforcement is nothing in this case.

I seriously doubt GCHQ will transform their Cornwall facility into a tourist attraction like Bletchley Park, after NSA recently invested in it such fancy amounts of monies.

rcthompson 1 day ago 0 replies      
"... for seven years." Also probably all the other years.
lifeisstillgood 1 day ago 0 replies      
So roughly speaking, the US could spy on the UK but when they shared the data with the UK it was illegal for the UK authorities to "solicit, receive, store and transmit" that data.

However they previously had said that the new process of sharing data was now legal. In order to comply with the law GCHQ and the NSA have ... Made public the fact they are sharing information and how much.

Yeah, please take that one to a higher court and decide not on narrow technicalities but should we be doing this at all?

I am rather proud of Liberty (who I used to work for (IT and campaigns it's fun!) - it took a long time to get here.

GordonS 1 day ago 0 replies      
And will it stop? ... not a chance

Will anyone be held accountable and brought to justice? ... not a chance

higherpurpose 1 day ago 1 reply      
Such rules will need to be accompanied by consequences for those doing it. A ruling without enforcement isn't worth much. That said, this is a great, and perhaps quite surprising ruling, considering it's a secret Court.
fauigerzigerk 1 day ago 0 replies      
It is important to fight surveillance in the courts, but as they keep making ever more draconian and broad surveillance laws it will eventually become pointless. At the end of the day, this is a political question.

I'm not quite sure what we're dealing with here politically. I wonder whether this extent of surveillance is simply the will of the poeple or whether democracy has been subverted by a power hungry security aparatus.

Ross Ulbricht Convicted of Running Silk Road as Dread Pirate Roberts
points by DavidChouinard  3 days ago   277 comments top 17
comex 3 days ago 3 replies      
This is a good explanation of how the defense totally screwed up:


Basically, the evidence was massively damning, so their only serious hope of winning was by challenging the curiously nonspecific way the FBI found the Silk Road server; but they gave up their ability to do so for some dubious benefits.

freakyterrorist 3 days ago 3 replies      
Hardly surprising, his defense was in tatters after having his experts denied and his line of inquiry into mark karples blocked. The prosecution tracing bitcoins directly from silk rd to his personal wallet was just icing on their cake. This is a warning to everyone involved in these enterprises, OPSEC OPSEC OPSEC!!!
rdl 3 days ago 2 replies      
Anti-forensics seem like a good idea if you're running a transnational drug empire. A simple electronic leash would have gone a long way; some level of compartmented logins, such that when you're sitting in a cafe you're not always logged in with all of your credentials (probably separated by VMs), would be the next step after that.

Using online tools correctly to becoming a subject of in-person investigation would have been of course great, too, but there should be strong backstops before "convicted" as well.

(Or you could just not do the crime.)

recibe 3 days ago 0 replies      
Ross made the decision, now Ross pays the price.

Lots of people could have done this, and lots of people were smart enough not to.

brotoss 3 days ago 5 replies      
So is life in prison a possibility?
tindrlabs 2 days ago 0 replies      
Ross actually lived above me in college. Very surreal to see this all going down.
notadocta 3 days ago 1 reply      
I want to feel bad for the guy, almost, but I don't.

I just wish he got away with it, I wish he were smarter about it.

damon_c 3 days ago 1 reply      
Obviously he broke the law and was not the most morally pure individual.

But, what about 100 years from now? Do you think the people of the future will think we are being silly to put him in prison for 25+ years for running an unregulated online marketplace?

eyeareque 3 days ago 1 reply      
The story of Silk Road and Ross Ulbricht will make for a great movie.
rasputhin 2 days ago 0 replies      
I Dont this Mr Ulbricht stood a chance. That case was decided before it began.
mark-r 3 days ago 3 replies      
Extradition is a thing too. You don't have to live in the US to break laws in the US, and you can bet that the government would have stopped at nothing to shut him down.
jqm 3 days ago 6 replies      
He seems like a smart guy and a good guy overall...(yes, I know he allegedly attempted to hire a hit-man and we can't tolerate crime etc. etc.).

It's a shame to see his entire life wasted for an (admittedly rather large) youthful indiscretion. I keep thinking there has to be a more efficient, a more just way of discouraging criminal activity.

As an aside... Sometimes it apparently doesn't pay to be overly smart. Or rather, smart enough to get into trouble, but not smart enough to avoid the dangers.

jMyles 3 days ago 8 replies      
It's hard for me to have anything but contempt for this entire proceeding. None of these actions are a crime in a free society. And if they were, there'd be no need to dictate what can and can't be introduced as a defense. No "politics?" What garbage. Every line of code that DPR wrote was political.

Free Ross.

bunkydoo 3 days ago 0 replies      
Could have seen that coming long long ago.
pcrh 3 days ago 1 reply      
Looks like he's going to have to learn how to break out of jail...
ffn 3 days ago 0 replies      
RIP in pieces, Dread Pirate Roberts, the Blackbeard of our era. May we meet again in 5 or so years on the silver screen.
lectrick 3 days ago 0 replies      
> and even tried to arrange the murder of five people who threatened the anonymity of buyers and sellers.

1) No one was murdered

2) If drug trade was somehow regulated legally and decriminalized like in Portugal instead of being outright illegal, there would be no perverse incentive to murder to begin with... and there would probably also be no incentive for a Silk Road

When is US law going to realize that overly strict punishments (come on, does this guy really deserve life in prison?) simply create a perverse incentive to harm in order to ensure people stay quiet, and that creating black markets results in negative externalities? If the punishments were less severe (or even simply allowed but highly taxed/regulated) then there would be less murder of witnesses, period.

I can't find a tremendous amount of evidence around this, except for this: https://www.econ.berkeley.edu/sites/default/files/yablon_dan...

(I think I'm becoming libertarian?)

Show HN: I rendered the Go gopher using Go
points by fogleman  1 day ago   47 comments top 22
shurcooL 1 day ago 0 replies      
The code is really nice and clean [1], great job for someone's first Go project! I think it's a great example of how Go's simple and clean language design can lead more people to write high quality, readable code.

Question, I see you're using your own Vector and Matrix types and methods. Have you considered using an existing vector math library like mathgl [2]? Nothing wrong with your decision, I just wanted to hear your thoughts.

[1] http://gotools.org/github.com/fogleman/pt/pt

[2] http://godoc.org/github.com/go-gl/mathgl/mgl64

jjmanton 1 day ago 1 reply      
Fogleman, you are an incredible developer. I hope to one day have your motivation for side projects like this.
akc 1 day ago 3 replies      
What do rendering times in Go look like, compared to a similar C implementation?
daddykotex 1 day ago 1 reply      
Wow, the quality is impressive. I had no time to look at the code, but what are your inputs?

Do you read a file that contains anything you need to render, if so, can you produce said file with another 3D software?

ukandy 1 day ago 0 replies      
"Disclaimer: This is my first time using Go."

"Hello World" wasn't challenging enough for you then!

Nice work.

agildehaus 1 day ago 0 replies      
Not very often I can look at a library and easily follow the code. I may spend a couple afternoons reading it just to understand how this works. Very nice.
userbinator 21 hours ago 0 replies      
How big is the binary? I had to ask since you linked to the site of iq, the guy who wrote the insanely awesome Elevated 4k demo [1] and several other nice 4k procedurally-generated graphics [2].

[1] http://www.pouet.net/prod.php?which=52938

[2] http://www.iquilezles.org/prods/index.htm

benreic 1 day ago 1 reply      
I was surprised at how little code it takes to generate the gopher, using your library, that's cool.

I started generating the gopher locally abd let it go through one iteration, taking 4:34, until I realized it takes 1000 iterations to fully render :) I killed it.

rcarmo 18 hours ago 1 reply      
This is very nice. I wonder how hard it would be to turn this into a network renderer (I suppose farming out sections to other machines is challenging with path tracing, but may be wrong).
kylestlb 1 day ago 0 replies      
Looking at your code makes me wish I could have used Go instead of c++/glut for my graphics course projects back in school.
rmcpherson 1 day ago 0 replies      
I'm getting runtime errors when trying to run the example locally, and compile errors for others (e.g. suzanne.go, 'not enough arguments in call'). Was there a recent update that broke the code?
fogleman 1 day ago 0 replies      
Here he is from another angle: http://i.imgur.com/oOnadne.png
smothiki 1 day ago 0 replies      
I always looked go as a programming language to develop systems and tools but , this is very interesting . Would be interesting in a benchmark results of rendering with other languages .
josh2600 1 day ago 0 replies      
Every time I see the Go gopher I think of Gopher[0] immediately.


pests 1 day ago 0 replies      
Very lovely.

The only reason I'm commenting is to point it might have been easier for users if you linked to the project homepage rather than the readme file itself.

allending 1 day ago 1 reply      
> Disclaimer: This is my first time using Go.

Is it your first time writing a path tracer? Because this is pretty awesome.

ProfOak_ 1 day ago 0 replies      
Initially I saw the title expecting ascii art. Then I saw the amount of points, and clicked the link and I was supremely impressed.
phkahler 1 day ago 1 reply      
How many rays/sec are you getting per core? What kind of acceleration structure? How many primitives in the scene?
rplnt 1 day ago 2 replies      
> import "github.com/fogleman/pt/pt"

How does this work?

rjammala 1 day ago 0 replies      
Very nice work!
sdsk8 1 day ago 0 replies      
Fogleman,any plans to rewrite craft in go?
tinyProton 1 day ago 0 replies      
Please excuse my ignorance, but what does Weiner mean?
New High-Tech Farm Equipment Is a Nightmare for Farmers
points by wycx  2 days ago   162 comments top 20
sandworm 1 day ago 4 replies      
A DRM exception for farmers? Why them and not the rest of us?

Farmers are the classic American go-to for everything politics. Be it guns, corn in Coke, pollution standards, healthcare, immigration ... everyone is ready to pity the poor farmer. I understand the rational. Farmers make the food we eat. They also embody an American fantasy harkening back to the old west. But this is also who I see red flags whenever I hear farmers brought up in reference to a law.

Farmers are the purchasers of equipment used in their business. Why give them a pass to bypass DRM but not the fishermen? Fishermen make food. Maritime law affords them special treatment in a similar manner as land use laws treat farmers. Surely fishermen have an equal tradition of self-sufficiency and are also deserving of an exception. And then come the taxi companies who have long maintained their own fleets. Soldiers? Surely we first need an exemption for the armed forces.

I cannot think of any profession without a tradition of maintaining its own equipment. That's probably because DRM is new tech. So it's impossible for anyone to have a tradition of accommodating and obeying DRM. As we all suffer it, we should all be free of it. No exemptions.

Let us instead pity the poor metal worker whose CNC machine cannot be moved across the shop floor without triggering its GPS-dependant DRM.


noonespecial 2 days ago 5 replies      
Where I work now, I'm basically paid to break into this stuff for a living. Its nothing but a mountain of 10-20 year old "protected" protocols. All of which are now unsupported, obsolete, or completely forgotten by long out of business companies.

If the farmers think its bad now, just wait a few years. DRM hurts everyone. Its like toxic waste. A huge externalized cost that lets a company eke out a small short term extra profit at the expense of society at large. We need "clean air act" level legislation to fix it. We've actively done the opposite.

Trisell 2 days ago 9 replies      
The other issue I think will be longevity. I grew up on a farm, and every piece of machinery that we used was older then I was by about 10 years, at least. Farmer's expect to purchase a tractor, and then run that piece of equipment for the entire life of the FARMER.

It feels like the tractor manufactures today are catering to the mega farms, not the smaller farms that make up a larger portion of our farming infrastructure. And the small farms only buy a new tractor every 10 - 20 years. Not every 3 - 5 years for a tax break.

jonah 2 days ago 0 replies      
Wired (and iFixit) are getting activist about DMCA exceptions. This is great. A couple weeks ago Kyle Weins wrote[1]:

"No one has yet been prosecuted for hacking their own car, but they could. And as locks become more prevalent, the EFF and iFixit are willing to bet that, eventually, some carmaker will bring the DMCA hammer down on a hobbyist's head. So we're are taking a stand now."

"Want to speak out in support of this DMCA exemption? Tell the Copyright Office that car owners should be able to repair and modify their own automobiles. You've got until February 6 to make your voice heard."

HN discussed that article too.[2]

[1] http://www.wired.com/2015/01/let-us-hack-our-cars/

[2] https://news.ycombinator.com/item?id=8936382

chris_wot 1 day ago 3 replies      
It sounds like there is a market for either a. Tractors with very limited electronics, but easily repairable, or b. Hi-tech tractors that are completely open systems.

What you have here is an industry ripe for disruption. John Deere makes enormous amounts of money on farm capital expenditure but also operational expenditure. But their service is crap (two days for a sensor to be fitted? Someone tell the weather not to rain or disrupt harvest, John Deere's equipment needs time to be repaired!).

In a market economy, one would think that someone would see an opportunity and, you know, compete.

agoetz 2 days ago 3 replies      
Modern EPA requirements mean that it is impossible to design a compliant off highway commercial vehicle without relying on advanced electronic process controls. Your grandfather's tractor might be repairable with baling wire, but it also releases a ton more diesel particulates.


There's no incentive for companies to publish information on their vehicle bus interfaces, since it would basically give away trade secrets to competitors.

rjdagost 1 day ago 5 replies      
Allow me to play devil's advocate here. I used to work for a company that produces measurement equipment for professional technicians. It's big, complicated, dangerous, and expensive equipment that is comparable in cost to the tractors discussed in this article. The products employ a number of measures to prevent end-users from tampering with things that shouldn't be tampered with (especially the firmware). Partly this is to discourage piracy. But mainly this is done because the equipment is quite complicated and there are not many people in the world who understand the technology well enough to make repairs on their own. It's very easy to cause unintentional errors that can cause much more serious damage than the original minor problem. And when the failure of your equipment can cause serious property damage, injury, or death are you going to make it easy for people to modify your product's firmware?
freshhawk 1 day ago 0 replies      
"But under modern copyright laws, that kind of repairing is legally questionable."

Questionable? If it becomes politically unpopular enough, they will certainly jail people for it. It's explicitly illegal but those laws are not evenly enforced. They seem to acknowledge the DMCA but then fall back to the "questionable" position saying it's "entirely possible" the farmer becomes a criminal. This is video game console modding, they are even using pirated proprietary software.

INAL, am I misunderstanding the state of things? Is there some reason, besides the political weakness created by going after farmers, that this is "questionable"?

ejain 2 days ago 1 reply      
I was under the impression that farms increasingly rely on the "Tractor as a Service" business model, i.e. they pay someone who has a fleet of the latest tractors (incl operators) to harvest their fields etc.
raincom 2 days ago 1 reply      
This sounds like the same experience people have with their out-of-warranty german cars. Either take it to the stealership or buy diagnostic system made by non-VW guys. Even if you have the diagnostic system to read codes from ECU, you are left wih testing many sensors: whether the sensor needs to be replaced or cleaned. But one has to know the details of resistance etc to test the said sensor.

And these sensors are not cheap. They cost more than a tire!!

merrua 2 days ago 1 reply      
What's built not to be repaired, is bad value for money.
swamp40 2 days ago 2 replies      
Let me play devil's advocate here and suggest a few reasons why bypassing this "minor hydraulic sensor" might not be the smartest move.

1) Someone might get hurt.

2) Some really expensive part of the machine might get damaged.

It is within the realm of possibility that the engineers who designed this system knew what they were doing when they decided to shut down an entire machine when a single "minor hydraulic sensor" goes bad.

Jemaclus 2 days ago 3 replies      
As a web developer by trade, if I wanted to get involved in a project like this, having zero farming experience, where would I start?
acd 1 day ago 0 replies      
Not being able to fix things yourself is bad for the environment. Things that you use and throw is by design bad.DRM also means not being able to improve on the product created by the corporate entity.

As hackers we need to be able to tinker and repair the things we have bought. Components that we by need to be recycled. Your old cell phone and laptop needs to be converted to a new one not thrown on the junk yard as trash or end up at tash dumps in Africa or China.

TeMPOraL 1 day ago 0 replies      
This is the classic, unfortunate reality - the disconnect between what is legal and what is right. Yes, the companies are well within their rights to restrict access to the internals of products they sell. But by doing that, they are just being total assholes. In this case we have companies literally providing negative value (relative to older, non-DRMed equipment) and charging more.
wahsd 1 day ago 0 replies      
The problem is the pervasiveness of our new business models that depend on perpetual dependence and licensing. It is rather ironic that in the country most obnoxious about freedom and personal property, we never really own anything; we are a culture that has been groomed on dependence on the corporate matrix.
georgeecollins 1 day ago 0 replies      
The same issue exists, on a larger scale, for cars. Manufacturers have a motivation to lock you into dealer maintenance and DRM on the electronics is a great tool for this. We need to be the ones to educate consumers that its good when thing are hackable.
fredgrott 2 days ago 0 replies      
Its designed to protect the income revenue stream of farm implements dealer at expense of the farmer whether they are single or a corporation.
logfromblammo 2 days ago 1 reply      
This is just the sort of issue that inspires open-source hardware movements like the one that produced this: http://opensourceecology.org/wiki/Lifetrac

The most recent iteration is no match for the big commercial farm equipment, but it does have the notable advantage that being able to build it yourself necessarily means that you can diagnose its problems and repair it on the same terms.

Aardwolf 1 day ago 0 replies      
Not easy of course, but how about throwing out the computer, keeping the chassis and engine, and controlling it by another, open source, computer.

Would that be legal circumvention of the DRM?

Introducing node-firefox
points by cleverjake  2 days ago   50 comments top 11
camhenlin 2 days ago 8 replies      
I am kind of disappointed in the naming of this. There's another project named Node-WebKit: https://github.com/nwjs/nw.js/tree/master It allows you to build a native app using node and webkit.

Reading the name of this project got my hopes up, thinking I was going to have the option of using Firefox instead of Webkit as my rendering engine. Oh well.

binarycrusader 2 days ago 1 reply      
I was hoping (sadly) that based on the name, this meant there was a port of node.js to spidermonkey by the Mozilla team. Other posters have mentioned this as well.

This is sort of a "lazy web" request, but does anyone know why node.js needs v8 specifically? Would it really be that hard to support node.js on spidermonkey?

yeldarb 2 days ago 1 reply      
Can anyone sum up what this is? I got through the first 6 paragraphs and still don't have a clue.
adrusi 2 days ago 6 replies      
Maybe this isn't the best place to ask, but how is the performance of Firefox OS? Its mostly marketed for low-cost devices, how well do apps based on web tech actually run on these relatively slow SoCs? Firefox for android performs admirably for webpages on my nexus 5, but I have yet to find an interactive web app, whether in Firefox or packaged as a Cordova app (and therefore WebKit+v8), that doesn't feel very sluggish.

I love the concept and philosophy of Firefox OS, but none of that matters if its too slow to use.

If performance is actually acceptable on these devices, then what tricks are they using to make it faster than on higher end android devices?

ArtDev 2 days ago 0 replies      
"You can also install and run Web apps on your Windows, Mac, or Linux desktop using Firefox"

This is brilliant.

_almosnow 2 days ago 3 replies      
v8 powering Firefox, who would've known...
jtwebman 2 days ago 2 replies      
Are people building Firefox OS Apps?
Ygg2 2 days ago 1 reply      
Well, in Mozilla's defense, they did want him to stay, but not as CEO.
hitlin37 1 day ago 0 replies      
that name is confusing.
revskill 1 day ago 0 replies      
The site is terribly slow. I don't know how a software could be good if its main site is in that slow quality. Bad developers or bad policy ?
josteink 1 day ago 0 replies      
> Also, support on platforms other than Mac OS is largely lacking.

I realize you have to start somewhere, but for a foundation which claims to value freedom first, it seems like first targeting a fully open platform like Linux with a cross-platform toolkit like Gtk or Qt would make more sense.

TLDR: Not going to spend $1000+ to get a new machine which runs a lesser free Unix just to run Mozilla-tools.

CPU Backdoors
points by 2510c39011c5  3 days ago   48 comments top 14
Animats 2 days ago 1 reply      
An obvious place for a backdoor is in remote management CPUs embedded in the network card.


Network cards which support RMCP/IPMI protocol are obvious points of attack. They can reboot machines, download boot images, install a new OS, patch memory, emulate a local console, and control the entire machine. CERT has some warnings:


If there's a default password in a network card, that's a backdoor. Here's a list of the default passwords for many common systems:


"admin/admin" is popular.

The network card stores passwords in non-volatile memory. If anyone in the supply chain gets hold of the network card briefly, they can add a backdoor by plugging the card into a chassis for power, connecting a network cable, and adding a extra user/password of their own using Linux "ipmitool" running on another machine. The card, when delivered to the end user, now has a backdoor installed. If you have any servers you're responsible for, try connecting with IPMI and do a "list" command to see what users are configured. If you find any you didn't put there, big problem.

CERT warns that, if you use the same userid/password for multiple machines in your data center, discarded boards contain that password. So discarded boards must be shredded.

tomerv 2 days ago 5 replies      
While the main point of the article is interesting, some of the details don't really make sense.

For example, it would be difficult to make an instruction like fyl2x or fadd cause a privilege level change. The reason is that floating point instructions are executed on a separate unit (the FPU), with a separate decoder. This unit would not have the means to communicate back information such as "change privilege level" (normally it can only signal floating point exceptions, and other than that its only output is on the floating point registers). It would make more sense to encode the backdoor on an illegal opcode, i.e. an opcode that under normal conditions would generate a UD# exception, but with the correct values in the registers it would trigger some undocumented behavior.

Another question is how to hide this backdoor in the microcode. Presumably, at some point someone might stumble upon the backdoor and ask around about it. If the backdoor depends on some "magic values", it would be relatively easy to spot just by looking at the microcode.

There's also the point that the author mentioned of "fixing" the processor at some point during the production process. I don't think that the author understands the way mass production of microchips works. It's very much not possible to do something like this while keeping the production price on the same level (or someone noticing this extra step in the production process).

All in all, it sounds much easier to find security bugs in other parts of the system.

agumonkey 2 days ago 1 reply      
The Novena laptop seems almost devoid of backdoors. http://www.wired.co.uk/news/archive/2014-01/20/open-source-l...
ce4 2 days ago 0 replies      
A serious flaw in AMDs System Management Unit Firmware was very recently discovered:


rdl 3 days ago 3 replies      
Wow..light involved in the lithography process causes wear on the lenses? To what degree?
bizarref00l 2 days ago 0 replies      
Another recent article on HN https://news.ycombinator.com/item?id=8813029 on Intel Management Engine.
gaius 2 days ago 0 replies      
A CPU backdoor is impossible only in the sense that, say, sending a submarine to tap an undersea cable is impossible...
crucini 3 days ago 1 reply      
Cool article. I didn't understand how the privilege escalation would be exploited. Obviously if the attacker already has access to the box, he can get root with this exploit.

I think a chip backdoor could also be based on information leaking rather than executing arbitrary code.

The steps would be:1. Identify critical info, like crypto keys, from heuristics. This means keeping a special buffer, since you don't know at the beginning of an RSA operation that it's an RSA operation. The heuristics are not perfect, of course, but work with standard apps like Firefox, GPG and Outlook.

2. Exfiltrate the info. Via spread-spectrum RF, timing jitter in packets, or replacing random numbers in crypto. The article implies that since OSes and apps mix the hardware RNG with other sources, there's no point in subverting it. But the CPU can recognize common mix patterns, like in the Linux kernel, and subvert the final output.

In this case the output entropy is good, but also leaks some secret to a listener who has the right keys.

dracolytch 2 days ago 1 reply      
CPU backdoors are a very real concern, but not only in the CPU but in the growing complexity of the motherboard chipset. For example, a malicious memory controller could manipulate data on the way to the CPU, causing a faithful CPU to do malicious things.

For highly secured systems, this is of growing concern. With the amount of stuff made in China the supply chain is considered a considerable attack surface which has to be considered when sourcing electronics.

GigabyteCoin 2 days ago 1 reply      
Given the fact that the NSA targets linux users [0], is it really that far fetched that they could be adding backdoors to CPUs ordered by certain NSA targets?

I'm assuming most linux enthusiasts build their own rigs, as do I.

[0] http://www.linuxjournal.com/content/nsa-linux-journal-extrem...

stephenmm 2 days ago 0 replies      
It seems very unlikely that someone would be able to "apply the edit to a partially finished chip". The adding of a fix like this is probably some of the most scrutinized processes in hardware design. After spending years designing and verifying chip functionality and getting the timing exactly right before production starts there is a very high bar for getting these fixes in to the production flow because if the fix screws anything else up you are FUBARed. Given that, it is probably the hardest place you could ever try and put a back door.
justcommenting 2 days ago 1 reply      
for many modern desktops/laptops (including recent Apple machines, which i don't think was the case even just a few product cycles ago), Intel's vPro appears capable of many forms of surveillance/subversion.

in terms of understanding/mitigating these types of threats, i wish an open, crowdfunded project to reverse engineer the contents of intel's microcode updates existed to the point they were understandable by the tech press.

i also wish an easy-to-use package for blacklisting cpu-based and crypto-related kernel modules (like aes-ni) existed for a broad range of processors..

and of course only somewhat relatedly, i continue to wish the man page for random(4) would be rewritten in light of the risk of these types of backdoors.

2510c39011c5 2 days ago 0 replies      
here is another article about CPU backdoors,


and the discussion in the comment section of that one is good and contains some interesting pointers for further sources on this topic...

Also, here is a phrack article "System Management Mode Hack" on how to exploit Intel system management mode (with code at the end of the article).


higherpurpose 2 days ago 0 replies      
Who needs dirty trace-able CPU backdoors when Intel's SGX technology will allow them perfect plausible deniability to give NSA (or China if they force them by law) the key to all "secure apps" that will be using the SGX technology:

> Finally, a problem that is hard to ignore today, in the post-Snowden world, is the ease of backdooring this technology by Intel itself. In fact Intel doesn't need to add anything to their processors all they need to do is to give away the private signing keys used by SGX for remote attestation. This makes for a perfectly deniable backdoor nobody could catch Intel on this, even if the processor was analyzed transistor-by-transistor, HDL line-by-line.


Microsoft Acquires Calendar App Sunrise for North of $100M
points by jonas21  3 days ago   109 comments top 25
aresant 3 days ago 4 replies      
Very interesting.

A key feature of Sunrise is ""Users can access their calendars from Google, iCloud, and Microsoft Exchange, as well as connecting to a wide range of other third-party apps. "

Microsoft clearly understands that data-portability is becoming a major feature / factor in purchasing decisions.

Google, on the other hand, keeps trimming portability - particularly with MSFT.

In august, for instance, they killed Google Calendar Sync which made for simplified syncing with Outlook Calendar. (1)

If portability is what's driving this acquisition and strategy I am excited to see what's coming next.

(1) https://support.google.com/calendar/answer/6054804?hl=en

justin 3 days ago 2 replies      
Congrats to the Sunrise team! They built the calendar app I always wanted Kiko to be. Pretty cool to see startups succeed in this space.
sz4kerto 3 days ago 4 replies      
We can expect something similar to what happened to Acompli: rebranding first, quick release then a probable tighter integration with MS products.

It's incredible though that a calendar app is worth >$100M.

habosa 3 days ago 1 reply      
I see some comments like 'how can a calendar app be worth $100M?' but I'd suspect those people have never used Sunrise.

When you first download Sunrise you think 'wow, I can actually enjoy my calendar app!'. It's beautiful, fast, works on every platform and with every calendar provider.

Then you integrate it with all of your other services and you see how calendar can rival email as the center of your digital life. If you think about it, we should be checking our calendars to find out what we need to do, not our email.

Congrats to Joey (shoutout to HackNY!) and the rest of the team. This is a great reward for building a great app in an essential category.

sergiotapia 3 days ago 0 replies      
Tried to use it, but god damn!

"Sunrise Calendar will receive the following info: your public profile, friend list, email address, birthday, work history, education history, events, groups and current city and your friends' birthdays, work histories and education histories."

Yeah, not gonna happen.

cheriot 3 days ago 2 replies      
Does anyone know what's different/interesting about their calendar? The company home page and app store pages don't bother with a product overview.
tdicola 3 days ago 2 replies      
Wow what drives up the valuation that much, is it a big userbase, lots of investors to pay back, or something else?
mcmancini 3 days ago 1 reply      
As with Acompli, Sunrise looks nice and has some nice features, but I can't get over the privacy/security problems. I'm interested to see how Microsoft can improve things.
harisamin 3 days ago 0 replies      
Met one of the founders at a google business growth event. Really well spoken and nice guy. Good for them. Happy for the team :)
tw04 3 days ago 1 reply      
I think this was the wrong purchase. Sunrise has no ability to dial conference calls from the calendar, the #1 feature for business users. And based on their response to my RFE, they have no plans of implementing it. I don't understand why they didn't go for tempo calendar. Sunrise looks nice, but the feature set is severely lacking compared to its competitors.

Oh internet warriors, I'd love to hear why my opinion is "wrong" rather than trying to bury a legitimate comment that applies directly to the discussion at hand.

Raphael 3 days ago 1 reply      
I would have made a calendar app if I had known it would be worth that much.

Edit: It features the JQueryUI date picker. Funny how such value can come from free software.

gtirloni 3 days ago 1 reply      
Just noticed they require read and write access to public and private repositories for GitHub integration. Is it really necessary?
SeanKilleen 3 days ago 1 reply      
One of my most indispensable apps on iOS. I use it multiple times per day. I hope the excellent integration remains. My guess is that Sunrise will stay on its own or become the next version of Outlook's calendar on iOS (which is fine by me as long as it remains free and usable with my Google Calendar as well.)

Congratulations to the team!

walterbell 3 days ago 1 reply      
We need support for CalDav open-source servers, e.g. owncloud, zimbra. Nov 2014 status was "not yet": https://twitter.com/mathur_anurag/status/434729199144689665
nilkn 3 days ago 1 reply      
While I'll always be amazed to see apps like this selling for such huge sums of money, I have to say Microsoft has good taste in apps. First Accompli, now Sunrise. They're basically going down the list of my favorite third-party Android apps.
vassvdm 3 days ago 0 replies      
Congrats Pierre, Jeremy and team!
dmix 3 days ago 1 reply      
One reason why: to integrate with Cortana https://en.wikipedia.org/wiki/Microsoft_Cortana
bmoresbest55 3 days ago 0 replies      
I just started using this app. I hope that they don't shutdown the service and make it Microsoft only. Keep with the way Skype is going. Fingers crossed.
xe4l 3 days ago 0 replies      
This acquisition likely had a bit to do with the access sunrise has to so many non-microsoft calendar accounts.
ForFreedom 2 days ago 0 replies      
MSFT should integrate sunrise into Outlook(Accompli) and provide it as a stand alone.
frio 3 days ago 0 replies      
I'm not surprised. The calendar in the new iOS Outlook app is almost 1:1 with Sunrise's UX.
desireco42 3 days ago 0 replies      
While congrats and good for them, it seems that some companies have money to burn.
eriksie 3 days ago 0 replies      
Best calendar app for android.
hobonumber1 3 days ago 1 reply      
I use Sunrise and I hope they dont shut this app down, but I'm pretty sure they will.
slykat 3 days ago 7 replies      
Anyone concerned they will pull gCal support to drive customers towards MSFT products?
An alloy of iron and aluminium is as good as titanium, at a tenth of the cost
points by RachelF  2 days ago   94 comments top 17
damoncali 2 days ago 4 replies      
Cool, but I wonder about stiffness. When I was an aero engineer, we tended to use aluminum because most of our designs were limited by stiffness, not strength. Since aluminum is lighter than either steel or titanium, you can take advantage of geometry (which greatly impacts stiffness) without sacrificing weight. Strength was only rarely the bottleneck. Interestingly, the stiffness to weight ratio of aluminum, steel and titanium are all approximately equal.

We did occasionally use titanium, but usually some sort of steel was a better choice when strength was the issue. It's just the way it works out. It's also worth noting that for the work I did, cost was never an issue (NASA) - material costs were basically insignificant. We could use whatever we wanted.

VBprogrammer 2 days ago 6 replies      
'As good as' is a silly phrase to use in metallurgy. Are we talking machinability, castability, tensile strength or hardness. Not to mention less obvious issues like food safety or resistance to corrosion?

There are very many alloys of both aluminium and steel all of which have there uses. To say this one is as good as titanium means very little.

wycx 2 days ago 2 replies      
Now that nature lets you read articles for free you can actually go and read the original paper.

In the paper the authors had to heat treat the steel at 900 C for 15 mins to generate the microstructure that gave the properties they wanted.

So, what does welding do to the microstructure? Does this material need to be heat treated again at 900 C after welding? Does the the hard-but-brittle B2 intermetallic reform in the HAZ?

phkahler 2 days ago 1 reply      
So the steel companies are finally getting scared enough to innovate. There are people trying to dramatically reduce the cost of titanium, Ford is dumping steel for aluminum, composites are even replacing aluminum in aircraft. Steel is starting to look like a relic of the 1700's rather than the great material it has been for so long.

When I worked in EVs, one of the old timers (a guy almost 80 years old) told me the best steel for the motors should have some Boron in it. Some particular alloy that would have lower core loss at higher frequencies. But none of the big steel companies were interested in making it for us. They just wanted to make what they make.

So even if it's not as great as it sounds, I'm glad somebody is doing something with steel.

trhway 2 days ago 5 replies      
>By manipulating the structure of steel on a nanometre scale, Dr Kim has produced a material which has the strength and the lightness of titanium alloys but will, when produced at scale, cost a tenth as much.

i wonder what if the same to be applied to titanium.

>Steel is useful because it is strong and cheap. But it is also heavy. It has, therefore, always been useless for applications such as aircraft.


"The MiG-25 was constructed from 80% nickel steel alloy, 11% aluminium, and 9% titanium."

alricb 2 days ago 0 replies      
Some data:

The yield strength of that new material is from about 1 GPa to 1.4 GPa, vs. 830 MPa for Ti6Al4V (Steel and Aluminium vary, depending on the alloy).

It has a density of 6.82 g/cm3, vs 4.43 for the titanium alloy, 7.85 for ordinary steel or 2.70 for 6061 Aluminium.

Apparently Ti6Al4V costs around $20/kg, so the new alloy would cost around $2/kg, vs. around $2.70/kg for 6061 Aluminium or $0.85/kg for cold-rolled steel.


As for the modulus of elasticity, it isn't mentioned in the article. The usual figure for steel is 210 GPa. The titanium alloy is around 114 GPa, and 6061 Aluminium is 69 GPa.

The low density is fairly big new. Compared to mild steel, you can have a 15% larger volume for the same weight, so you might be ahead on stiffness even if the MoE is smaller.

nakedrobot2 2 days ago 2 replies      
Not a moment too soon for the Tall Tower Project. http://hieroglyph.asu.edu/project/the-tall-tower/
Animats 2 days ago 1 reply      
It will be good if this is real. Nature articles about nanotechnology which claim "huge breakthrough to be commercialized real soon now" are all too frequent. Then we never hear about the technology again.

For aerospace, the big advantage of titanium is a high melting point. This material won't have that, which is probably why the authors talk about automotive applications. For automotive applications, a question is whether these new properties will survive ordinary manufacturing processes. Casting, probably not, but maybe the process can be applied to castings later as a heat-treating step. What about rolling and stamping?

upofadown 2 days ago 1 reply      
With aircraft the basic issue is strength to weight, not just weight. If the material is stronger you can use less of it. The trend today is to make aircraft out of really strong fibres embedded in plastic.
daniel-levin 2 days ago 2 replies      
Since the original paper is behind a paywall (at least for me), can anyone explain the specifics of what the researchers did to produce this new alloy?

>> Dr Kim and his colleagues have, however, found that a fifth ingredient, nickel, overcomes this problem.

I'd imagine that it didn't take a world-class team of scientists to have come up with the idea of alloying using nickel. There is no way materials scientists and metallurgists hadn't tried this by now, so what did they do differently?

jcrei 2 days ago 1 reply      
Made me think of Rearden metal from Atlas Shrugged
tsotha 1 day ago 0 replies      
>An alloy of iron, aluminium and carbon (steels other essential ingredient) is too brittle to be useful. Adding manganese helps a bit, but not enough for aluminium-steel to be used in vehicles.

>Dr Kim and his colleagues have, however, found that a fifth ingredient, nickel, overcomes this problem.

As far as I know turbine blades are typically made of iron-nickel alloys. What is the new part of this discovery?

ohitsdom 2 days ago 1 reply      
Every year I am reading these kinds of articles, keep thinking we are going to have amazing materials in 5 years.
gaius 2 days ago 3 replies      
This, if it works, is worth quite literally millions as times as much as another "social network" or stupid app, but I'll wager the team aren't "acqui-hired" for $19Bn.
ris 2 days ago 0 replies      
Which is all great but as far as I'm aware one of the major reasons for titanium's use was its high melting point. Nothing is said of how this compares here.
chromaton 2 days ago 0 replies      
Has anyone tried a titanium-iron-nickel alloy?

I would have thought every alloy combination would have been tried by now, but I guess there's still new things to be learned.

dschiptsov 2 days ago 0 replies      
Rearden metal?)
TurboTax halts all state e-filing amid data breach probe
points by anigbrowl  1 day ago   102 comments top 16
clogston 1 day ago 1 reply      
Lots of speculation in this thread. Here's my hypothesis.

Federal tax return fraud is huge. It's a growing problem that the IRS is struggling to cope with and it's been going on for years. State tax return fraud has been largely non-existent... so non-existent in fact that USA Today reported the state of Minnesota got suspicious when there were 2 reported cases of fraud[0].

So what's going on and why is TurboTax being called out by these states? First off, know that when a tax return is e-filed either to the fed (who also handles most state e-filing) or directly to the state, every software provider transmits an identifier along with it. So if you get a bunch of bogus tax returns submitted it's trivial to see where they're all originating from. Second, the rise in federal tax return fraud has grown steadily in relation to the number of software providers offering a free option... the reason we haven't seen state fraud as rampant is because it has always cost money to prepare your state return with software. But what's new this year besides a dramatic increase in state tax return fraud? TurboTax's Absolute Zero campaign. That's right, a whole lot more people can file their states taxes for free using TurboTax's software. That may seem great at first blush if you qualify, but an unintended consequence of that is it's now a completely free roll for a fraudster to file a state tax return IN ADDITION to a federal one.

[0] http://www.usatoday.com/story/money/personalfinance/2015/02/...

valar_m 1 day ago 3 replies      
The title of the article is misleading. "Data breach" implies a release of sensitive data, which is not what appears to have happened.

Intuit said its TurboTax unit took action Thursday after seeing attempts to use stolen personal information to file fraudulent returns for tax refunds.

The tax-software company said that after a preliminary examination with Palantir Technologies, which provides security and antifraud services, it believes there wasnt a breach of Intuit systems and that the information used to file fraudulent returns was obtained from other sources outside the tax preparation process.

bdcs 1 day ago 2 replies      
As far as I know, TaxACT[0] is the only tax software whose parent company doesn't actively lobby against tax filing simplification. I haven't used them nor do I have any stake in them, but I figure it is good for people to know of this TurboTax alternative.

[0] http://www.taxact.com/

ad_hominem 1 day ago 1 reply      
There was some discussion relating to this on /r/personalfinance earlier today: http://www.reddit.com/r/personalfinance/comments/2uzfel/minn...
ChuckMcM 1 day ago 2 replies      
If you're wondering what folks are going to do with that treasure trove of Anthem data, I've got two ideas:

1) File fraudulent tax returns

2) Fill bogus prescriptions

omgitstom 1 day ago 4 replies      
Out of curiosity, if someone e-files fraudulently for you, are you held liable by the IRS if you are audited?
8ig8 1 day ago 0 replies      
From the TurboTax blog:


(Shouldn't this be the proper link for the HN post?)

DrJosiah 1 day ago 0 replies      
With the language being used to describe what's going on, combined with the numbers that Alabama is estimating, it smells a lot like malware-infected PCs combined with the desktop edition of Turbotax (which offers free e-file if you buy the software).

That would explain:* why it seems to be only hitting Turbotax users* the availability of 2013 data (Turbotax users usually buy every year)* the availability of logins to these sites

While I wouldn't go so far as to say that this is the source of the data/problem, malware + desktop app + efile through Turbotax online fits the public information really well.

rmc 15 hours ago 1 reply      
I'm not USAian, so I'm not familiar with the US system. But why would criminals want to fill in someone elses tax details?!
Potando 22 hours ago 0 replies      
If people can anonymously get money from refunds, doesn't that mean they're also using a fake ID to open their bank account, meaning the bank is being negligent and now "knowing its customer"? Or does the IRS pay people with cash?? Something's missing here.
iscrewyou 1 day ago 1 reply      
So, what is the best way to find out if you are the victim?

Call IRS? (Assuming you haven't filed it yet)Check TurboTax? (Essentially filing yours and wait for it to be rejected?)

Maybe TurboTax should have a tool that checks against their system(based on SSN and some credit history questions, etc) to see if you(the fraudster in this case) has filed your taxes or not.

sp332 1 day ago 5 replies      
If Intuit wasn't breached, that means the problem could affect everyone in those states, not just TurboTax users.
mark-r 1 day ago 0 replies      
Maybe somebody's figured out an automated way to harvest the data from infected individual PCs? Then they use that information to file new returns.
nodesocket 1 day ago 3 replies      
Why doesn't the IRS issue pin codes to every registered social security number or entity? They don't even have to mail the pins. A simple web portal, where you log in, enter your SSN or EIN and it sends the pin via SMS or e-mail. Pins reset every year.
peterwwillis 1 day ago 1 reply      
How to file fraudulent tax returns:

  Step 1. Take someone's W2.  Step 2. File.
Why would they stop all state filing because of this?

orionblastar 1 day ago 0 replies      
Yeah this happens more than just with Turbo Tax.

It used to be a scam that prisoners did by requesting 1040 forms and having some help on the outside to make bank accounts to direct deposit the money for refunds into it. They would get fake W2 forms and make them from fictitious companies and enter a large withholding tax on them. File the 1040EZ form with the standard deduction and file a state form too for extra money. Everything was done via postal mail before Turbo Tax and others provided e-filing.

A friend of our family had someone file taxes as her, and we think the SSN got stolen from the church we go to by ex-employees because they need it for donation tracking. She hadn't filed taxes in a while and Turbo Tax would not help and she was seeking an accountant to find out someone else already filed taxes as her.

I buy the desktop Turbo Tax edition and I try to file early before anyone else can file as me. I am disabled and don't make a lot, but there have been many data breaches that include SSNs over the past decade or so. When I had a student loan, someone stole a laptop with a harddrive on it that had SSNs and other info on it from the company that managed my student loan.

Actually if people are getting SSNs from outside of Turbo Tax they can e-file with the other tax filing software as well.

Negotiators Lose Last Chance to Salvage the TPP by Caving on Copyright Extension
points by CapitalistCartr  2 days ago   172 comments top 13
k-mcgrady 2 days ago 12 replies      
>> "If the copyright holder is an individual, the minimum copyright term would extend to the lifetime of the creator plus 70 years after her death."

I'm quite a big supporter of copyright but that's absolutely ridiculous. I think the lifetime of the creator is very reasonable. I can even understand throwing in a decade after that so that the family of a creator who dies young/suddenly are supported for a while. 70 years is 3 or 4 generations of family.

thechao 2 days ago 2 replies      
What about a contract like this: the copyright holder declares the value of the copyright (on the quarter; on the year; but the declared value may only increase); we then tax them on that value---say 1%. The flip side is that the copyright may be purchased 'into the public domain' by simply paying the full amount of the copyright to the owner of the copyright. (The owner has no right of refusal; however, they may increase the value of the copyright by paying the difference in taxes.)

For patents, have the tax be $300 for each year of the age of the patent. Surely, a patent is worth $300 in its first year; and, any patent that is still 'interesting' after 10 years is worth at least $3000?

Multinational patents/copyrights are payed to the originating country, so that there's no multiple payment issue.

Estragon 2 days ago 1 reply      
The EFF is correct that this is a travesty, but the real scandal is the undemocratic way the TPP is being negotiated in the first place.
transfire 2 days ago 4 replies      
We need a more nuanced copyright system, that takes into account the on going use of a work. I can completely understand the Disney should still have a copyright on the image of Mickey Mouse. But only b/c it is still relevant to their on-going business. The idea of somehow putting a value on a copyright, so the public could conceivably buy it out once it's value falls into an affordable range, that makes a lot of sense, but how to do that fairly?
oliwary 2 days ago 0 replies      
This[1] linked chapter in Lawrence Lessigs book "Free Culture" is absolutely fascinating, well worth the read if you have the time.

[1] http://www.authorama.com/free-culture-18.html

walterbell 2 days ago 0 replies      
Are the criminal provisions for archivists and DMCA-for-cafes still present?


If the US gets its way, then criminal penalties will apply even against users who were not seeking financial gain from sharing or making available copyrighted works, such as fans and archivists, write Jeremy Malcolm and Maira Sutton of the Electronic Frontier Foundation (EFF). Such a broad definition is ripe for abuse.

... while the last leaked draft of the TPP, dated November 2013, showed strong international opposition to this criminalization plan, Canada now seems to be the only serious hold-out. This may, suggests James Love of Knowledge Ecology International, be because this new draft gives some countries extra time to implement the agreement meaning that current governments wont necessarily have to carry the can for their decisions."

The European version of TPP is called TTIP: http://www.computerworlduk.com/blogs/open-enterprise/ttip-up...

junto 2 days ago 4 replies      
Can someone explain to me what the carrot and/or stick is, in getting these countries to sign this agreement?
malandrew 2 days ago 0 replies      
TBH, I would imagine that the reason that there is no requirement to renew copyright is because Big Content knows people are lazy and that the more content from the past stays copyrighted by default (even if the author doesn't care to assert that right) means there will be less free content to compete for attention in the future.

Not requiring formal registration and renewal is a clear attempt to reduce the commons, not merely protect the copyrights owned by Big Content.

vinceguidry 2 days ago 0 replies      
> multinational entertainment conglomerates, who have twisted what is notionally a trade negotiation into a special interest money-grab

Honest question here, is there really a difference between the two? Is there some doctrine somewhere that specifies exactly what constitutes a trade negotiation and what is considered corruption of said negotiation? I see these kinds of statements thrown around a lot without a lot of justification.

rwmj 2 days ago 0 replies      
Good essay somewhat related to this, about being pro-market but anti-business:http://stumblingandmumbling.typepad.com/stumbling_and_mumbli...
yuhong 2 days ago 0 replies      
Not that the TPP is a good thing, but personally I think that the fight to not extend copyright terms beyond the term US have now is more important.
abandonliberty 2 days ago 0 replies      
Article title is wishful thinking. There's no sign the TPP is failing.

If they're arguing about a last chance of salvaging legitimacy for the TPP process, I think that was a long time ago.

danbmil99 2 days ago 0 replies      
Sad (libertarian!) panda.
Practical Data Science in Python
points by doh  2 days ago   33 comments top 5
gallamine 2 days ago 4 replies      
It might be useful to those not familiar with it, but this blogpost was written using IPython Notebooks - you can code, plot and then render to HTML all in the browser. Most of my data science work is done using this format. If Python isn't your language of choice, there are lots of plugins for Python Notebook to let you effectively do in-browser REPL with plotting and documentation: http://ipython.org/notebook.html

It's changed the way I work (and blog)

neverminder 1 day ago 3 replies      
There's this thought constantly bugging me - Python is popular among data scientists, but it also happens to be quite a slow language (roughly speaking) in comparison to the likes of Java or Go for instance. Hypothetically speaking, would it not be more beneficial to use something like Rust instead?
mslate 1 day ago 0 replies      
I gave a strikingly/humorously similar talk at a meetup in Boston ~1.5 years ago:


afarrell 1 day ago 1 reply      
If you're coming from web development and used to using virtualenv, anaconda has environment management too. Run $(conda install conda-env). You can still pip install things into conda environments too. you'll probably want to $(conda install binstar) and search for various packages with that don't come in stock anaconda. For example, you can $(conda install --javascript node)
onderkalaci 1 day ago 0 replies      
For the ones who are seeking for data science in Python, that is great. Thanks for sharing!
The volume is too damn high on flights
points by jaf12duke  1 day ago   171 comments top 30
nakedrobot2 1 day ago 7 replies      
The PA when heard over the headphones (when watching a movie, etc.) is even worse - I wouldn't be surprised if it was over 100dB. Sometimes a movie has quiet audio, or quiet moments requiring you to turn up the volume a lot. More than once I have been painfully ear-raped by the flight attendant PA system in my earphones for this reason.

Just another instance of outrageously bad customer service in the airline industry. I'm convinced at this point that they simply despise their entire customer base.

Alupis 1 day ago 7 replies      
Few thoughts:

> and opened the decibel meter on my iPhone

These are notoriously inaccurate. To get accurate decibel readings, the mic must be calibrated to absolute known levels (something your App can't do). The App's are basically just comparing relative sounds (this sound is more prominent than this other one, and therefore must be louder... after establishing some relative baseline). Real decibel measuring equipment is very expensive and requires re-calibration routinely. So, measuring 80db could easily be in a swing of +/- 10db's (or more).

> 150dB: Jet take-off at 25 meters (eardrum rupture)

That's not quite accurate. Long term exposure could lead to damage over time, but for comparison a shotgun is typically measured at 165db when it's up against your shoulder and face. Yes, you wear hearing protection (nick-named "ears" if you are a frequent shooter) but your eardrumps aren't rupturing immediately if you take them off.

> What shocked me was the volume of the PA system

Yes, it's loud -- by design. The PA system is not there just to provide something to listen to in case you are bored. In a best case scenario, it's there for the usual "buckle-up" talk and for the pilot to give a greeting. In the worst case scenario, it's there for emergency instructions (a time when panic and passenger noises are likely to get quite loud on their own).

rottyguy 1 day ago 9 replies      
I've always wondered why bars crank up the music so high to the extent you're yelling to convey conversation to the person next to you. One of my friends hypothesized that it was done to focus patrons on drinking and not chatter, but socializing is a big part of the bar scene...

Anyone know?

pngat2x 1 day ago 2 replies      
OSHA probably wouldn't have much to say The peak he measured would only be outside of their guidelines if the attendants screamed for the entire LAS-SFO flight and then he hopped on a plane and immediately flew back with the same treatment.

Table G-16 - Permissible Noise Exposures


nate_meurer 1 day ago 2 replies      
My comment from another thread on this subject:


Earplugs! I bought a box of foam earplugs that has supplied me for years now. I cut them in half; half an earplug is the perfect length for unobtrusive everyday wear.

I have quantities of half-earplugs stashed in all my pants pockets, in my car, my work bag, and in a little container on my keychain. I wear them in the car, on planes, at the shooting range, when grinding coffee, and especially when putting away dishes. Fucking clanging-together dishes are the loudest things I encounter in my regular routine.

For my kids I bought silicone putty plugs. They work perfectly for little ears, and I keep them with the foam plugs. My kids know where the big orange jar of earplugs is, and they've acquired some of my discipline.

jaxbot 1 day ago 2 replies      
I can second the author's conclusion. I fly regularly and have noticed in the last 6 months, PA systems have become much louder than usual on most flights. It's especially bad if you have headphones plugged in to the XM radio -- they don't seem to have separate volume controls for the PA speakers and hardwired headphones.
userbinator 1 day ago 2 replies      
I've had the opposite experience - PA systems so quiet they're drowned out by the plane's noise. Perhaps he was sitting very close to one of the speakers. Given that the announcements are usually important, not continuous but made in short bursts, and that volume level (99dB) is discomforting but only harmful with prolonged exposure, I don't think it's too loud. The whole idea of an announcement is to get the attention of the passengers - including those who may be asleep. Missing an important announcement may have safety implications.
binarymax 1 day ago 1 reply      
I also use earplugs and over ear noise cancelling headphones during flights. They work very well. I rarely fly United but I've noticed that some airlines are definitely worse than others when it comes to PA.

I haven't used it on flights yet but did some research and splurged on the Faber Acoustical SoundMeter (https://itunes.apple.com/us/app/soundmeter/id287615105?mt=8&...). I bought it since I live on a busy road and lots of sirens go by, adding to the general traffic whooshing. Sirens are in the high range and go over 100. Its a good app to have to check whether I'm going crazy or if it is really loud in place where I'm feeling overwhelmed with sound.

I will be sure to try it out next time I fly and provide some data. Maybe we can crowdsource samples of airline loudness.

xenonysf 1 day ago 1 reply      
So when are we all starting to measure sounds around us (including cafes, vehicles, cities) and create a map of quietest things and places?
ChuckMcM 1 day ago 0 replies      
I think the author answered their own question with this statement: "Ive been on flights where the sound of the flight attendants over the PA system was loud enough to sound like the attendant was shouting directly into my ear despite having two layers of sound protection."

The PA system in the airplane is part of the safety equipment, the crew uses it to inform the passengers during an emergency what they should do to prepare. Everyone knows that during a flight people will have noise cancelling earphones on and possibly dual layers of protection. Also the ambient noise in an aircraft with its nose pitched down at a steep angle or in an uncontrolled spin is likely to be quite high. The PA has to cut through all of that in order to communicate with you.

I agree it would be nice if they didn't use full emergency power during non-essential communication, but the FAA considers the safety briefing to be essential communication so you are out of luck there.

louprado 1 day ago 0 replies      
Preferably, limit announcements to the bare minimum and use pre-recordings. There is too much variability in voice intensity. A pre-warning chime before an announcement would reduce stress and allow time to cover our ears. It would also spare me from apologizing to passengers since I scream when I am awoken abruptly. Thanks for the data Darren.
thanatosmin 1 day ago 0 replies      
This is exacerbated by the absolutely intrusive use of the PA system--rather than just for safety announcements we now have the pleasure of enduring credit card and frequent flier program ads.
uptown 1 day ago 2 replies      
Sort of off-topic, but maybe somebody commenting on audio acoustics and decibels will know -- When you call a business and they pipe their automated music into the call while you're on-hold, why is the audio quality of that music frequently horrible? You'll get fuzzy music, or drop-outs of the music track - but when a human picks up the phone, it tends to sound just like most other phone calls. It seems like such a basic solvable problem, but I don't know where to attribute the blame.
k2enemy 1 day ago 1 reply      
I've noticed this too. On my last few flights it has been so loud it caused physical discomfort (to me) and made my toddler cry.
ufmace 1 day ago 2 replies      
I could believe it. I just flew Spirit (never again, for reasons in addition to this) a couple of weeks ago, and they spent the last 20 minutes or so of the flight hawking some kind of credit card deal. Even wearing earplugs barely put a dent in the volume.
mixmastamyk 1 day ago 0 replies      
I use a pair of sony extra-bass earbuds that are thicker and have a bit of extra foam around the earbud to reduce noise. The work great in the airplane, knocking off about 50% of the outside volume. I leave them in the whole flight as they cut out most of the engine vibration as well. Also wear them in a crowded office, at home with kids, or coffee shop etc when I need to focus.

Most of the time I'm not even playing music, but people assume so and will interrupt you a bit less often. Also helpful when making calls, etc.

joshuaheard 1 day ago 1 reply      
They probably do it because no one pays attention to the announcements anymore. It's the same reason they (used to) turn up the volume on TV commercials.

Has the author tried asking the flight attendants to turn the volume down?

grandalf 1 day ago 0 replies      
I've experienced airline PA announcements to exceed the pain threshold many times. It's utterly ridiculous how loud they are.

In my opinion, the less that is broadcast over the PA the better.

JshWright 1 day ago 0 replies      
I recently flew Delta (I generally stick with American/USAir) and noticed this. On several occasions I noticed folks physically cringing and plugging their ears during PA announcements.
lfam 1 day ago 2 replies      
This is a pet peeve of mine that I developed while doing video production in the live event industry. Unfortunately almost nobody cares about protecting their hearing.

Pretty much everyone in food service in the US exposes themselves to dangerous audio levels throughout their work shifts. My coworkers with SPL meters routinely measured sound pressure levels above 105 dB for hours at a time. But try wearing earplugs as a waiter or bartender... you will be treated like a lunatic.

quinndupont 1 day ago 0 replies      
To take the edge off the sound (but only slightly... still able to carry on a conversation) and to prevent my ear drum from exploding I wear Ear Planes[1]. They aren't perfect, but I do find they help, say, maybe 40% of the pressure issue.

1] http://www.cirrushealthcare.com/EarPlanes-Adult-P49.aspx

shutupalready22 10 hours ago 0 replies      
I think the correct response when the PA system is used at excessive volume is to scream loudly asking that it be turned down. When this becomes a socially acceptable (or simply common) response, airlines will have to stop.
mschip 1 day ago 1 reply      
I used to work for a major jet engine manufacturer. Noise reduction is right up there with fuel consumption in consideration with new model development. Not because of complaining passengers though.. A lot of the push comes from certain airports that aren't far enough outside of major cities (I can't remember which ones exactly, I think it was mostly a few major asian cities). They actually restrict certain models from using their airport.
suvelx 1 day ago 0 replies      
Recently spent over 48 hours in the wonderful company of Cathay Pacific. Their announcements (and especially their English announcements) are always a quiet high-speed mumble. 10/10 would (try to) listen to them again.

Everything else was terrible.

SunShiranui 1 day ago 5 replies      
I've always wanted to buy some good earplugs to protect my hearing from noisy environments (es. near public transport in the city). Does anyone have a product they recommend?
ehosca 1 day ago 0 replies      
there's a big difference between Peak and RMS measurements.
Zigurd 1 day ago 0 replies      
I have for a long time used unobtrusive IEMs with Comply tips (MEElectronics, small, black, with a memory wire that guides the headphone wires over and behind the ears). They shut out the world very effectively, and are cheap enough that it's not a tragedy to lose them. I have never had a flight attendant bug me about them.

United is particularly bad about cranking their PA system up into distortion screeching range. It's pure sadism.

beachstartup 1 day ago 0 replies      
a pet peeve of mine is when they do this in restaurants when calling out order numbers. they CRANK the fucking volume and then YELL into the microphone to call out order numbers when everyone is standing right at the counter!
dothething 1 day ago 0 replies      
Hacker News on Friday is always the worst.
6stringmerc 1 day ago 4 replies      
Having many, many years of travel experience leads me to one Occam's Razor type observation:

If people would actually pay attention to a safety briefing instead of playing with their gadgets / not taking off their headphones, then the flight crew wouldn't be trying so hard to get the attention of the passengers.

With this unpopular opinion, I'll see myself out the nearest exit, which is actually located behind me.

At some startups, Friday is so casual that its not even a workday
points by petethomas  12 hours ago   158 comments top 31
Jemaclus 8 hours ago 2 replies      
Back when I first got into the start-up scene, I used to work long hours because everyone else did. At some point, I realized that literally nothing has to be done RIGHT NOW OH MY GOD RIGHT NOW. Almost everything can wait until tomorrow morning. Sure, there are some high-priority bugs that are breaking the site that need to be fixed ASAP, but during normal operating procedures, once that clock hits 5pm, I should start wrapping up my work so that I can pick it up fresh in the morning.

I don't take my work home with me, I don't check my work email when I'm at home. It's just not worth the stress to me.

I love my job, I love my work, I feel like I'm contributing to making the world a better place -- it's just not 100% of who I am. I have a dog, a girlfriend, a handful of close friends, a few engaging hobbies, and a ton of books to read and miles to run. I'm more than my job, and once I can pay the bills, the rest of the money is just a nice to have -- but not nice enough to give up my health and sanity.

Then again, I'm extremely lucky to be in this situation, and a lot of people aren't. Some of my coworkers work long hours still, but they seem happy about it. As long as that's true,... well, whatever floats your boat, right?

morgante 42 minutes ago 1 reply      
While I certainly commend them for being able to make this work (we need more innovation in management practices across the board), it does seem like there's a bit of a holier-than-thou trend in this comment thread.

As the founding engineer at my current startup, I have tremendous flexibility in setting my own hours but I willingly and intentionally work 60+ hours a week. Not because any manager pushes me to. Not because I even have to. Simply because I genuinely enjoy it.

Indeed, work is probably the most enjoyable thing in my life. On a given Friday, I'd rather be building products at work than watching a movie or engaging in some other leisure activity. Some of us don't have wives, children, or friendswe just want to spend our time executing.

Would Treehouse be accepting of that? If not, they're just choosing to enforce a different paradigm of work rather than giving their employees true freedom.

falcolas 11 hours ago 9 replies      
If you're getting your work done, on time, and to the quality specifications, who the hell cares how many hours in the week you work?

We're working on computers, doing work which does not benefit from typing for N hours straight; there is no meaningful correlation between quality/quantity and hours worked.

I wish more people realized this.

not_a_test_user 11 hours ago 5 replies      
I can't believe how negative the article's comments are. Is everyone so addicted to work?

I would understand if I could work at top performance 10-12 hours a day, 5 days a week but that's just not possible for me. In the end driving developers to exhaustion is worse for everyone, with subpar code that'll probably require refactoring Monday morning.

blahedo 8 hours ago 2 replies      
Two things in the article that I found interesting but were not highlighted:

> "But he soon found himself working that same intense pace until his wife asked him why he was working more and making less. She suggested taking Fridays off."

So the central concept of this workplace format, around which this entire article is based, was the idea/inspiration of Ryan Carson's wife, whose full name is not even mentioned. (Her first name is Gill, but is her last name Carson? Unclear from the article.) Not that it's a purely original idea---other companies have done four-day workweeks before---but it was obviously one that hadn't occurred to this particular founder. Three cheers for Gill possibly-Carson!

> "With Treehouse, Carson said he hopes to, again, buck conventional start-up culture, and not cash out by selling the company, the brass ring for most start-ups, but continue to run it as a sustainable business."

Let's hope that also starts a trend. I'm so heartily sick of companies building a great product and actively recruiting user bases to use and love that product, only to shutter it and throw all the users under the bus when the founders achieve their real goal, which is getting the attention of Google or Facebook or whoever and getting acquihired or otherwise bought out. I know that individual founders and other startup workers will often (indeed almost always) say that they really do care about their users, but as a collective structural pattern in the way that SV startup culture seems to work, it sure doesn't look that way from afar. So three cheers for (the currently-stated intentions of) Ryan Carson!

jstoiko 10 hours ago 4 replies      
I feel like some people have built this fantasy that working at startups is like vacations.

These people probably work their ass off during their 40, 60, or maybe 80 hrs on the job. So they dont understand when they ear that startups' work schedule is more relax because they cannot relate to it. However, when they leave their desk, it's over, they're up to something else and they probably even force themselves not to think about work anymore.

Startups take a relaxing approach to work hours because the (right) person who works there lives and breathes startup 24/7.

It's easy to say when you're a founder (disclaimer: I am one). But it is something I have witnessed in (good) startup employees as well. They think about it all the time.

@falcolas is right, who the hell cares how many hours in the week you spent executing your tasks? Shouldn't the time "thinking" about work be valued as much as "executing" the work? Don't we all "think" better outside of execution time?

commondream 10 hours ago 5 replies      
I'm Treehouse's CTO and cofounder. I'll try to answer anything I can.
woodchuck64 10 hours ago 2 replies      
Fatigue is such a killer of creativity and innovation. When I'm tired I feel my brain deliberately shying away from anything but the familiar and rote. How many great ideas have been sacrificed to stay an extra hour at work instead of using that hour for rest and replenishment?
ripberge 10 hours ago 3 replies      
Treehouse is actually in a very luxurious position right now. They've raised a bunch of VC and this is a fairly new niche they operate in and more and more of society is recognizing how valuable these skills are. They can work minimal hours, see a lot of growth and everyone is happy.

Fast forward five years from now. There are going to be a ton of tough competitors in this space and eking out revenue growth month over month is going to be much harder. However, in five years they probably have the added pressure to start thinking about something called profitability.

The going is going to be a day of reckoning here when the harsh realities of cut throat competition set in. That just hasn't happened yet.

heynk 10 hours ago 1 reply      
At my last job and now at my current job, I negotiated from full time work to less than full time work. Last time, I didn't work Fridays and now I work 20 hour weeks. In each case, I am absolutely more productive (per hour) that I honestly don't know if I get any less work done. On top of that, I have much more creativity and energy. From this experience, I'm always on the side of pushing for less work hours per week as a standard.
vjeux 10 hours ago 1 reply      
> These days, on Fridays, he gets his two young sons off to school and spends the day hanging out with his wife, Gill. Its like dating again. We go to coffee shops. We read books together. I really feel like Im involved in my kids lives and my wifes life,

This assumes that your wife is not working. I've tried taking some days off like this and, in the middle of the week everyone works, so you don't get to hang out much

unimportant 11 hours ago 0 replies      
Some startups are so casual, that work is not considered work and more of a paid hobby, with unpaid overtime being insisted upon...
epberry 10 hours ago 1 reply      
"...as a thunder lizard, the tech worlds name for the tiny handful of start-ups that actually become $1 billion businesses." I thought we were calling these unicorns? Maybe I'm behind the times terminology wise.
colmvp 10 hours ago 0 replies      
> As far as Im concerned, working 32 hours a week is a part-time job, Arrington, said in an interview. I look for founders who are really passionate. Who want to work all the time. That shows they care about what theyre doing, and theyre going to be successful.

Efficiency is key, not some arbitrary limit of working hours.

Chances are yes, as a founder you aren't going to work just 32 hours a week. But it also depends on the state of the company.

And quite frankly, sometimes you can't solve problems by sitting at your computer or even talking to others in the office. Sometimes it involves taking a break and chilling out or exercising.

xivzgrev 10 hours ago 0 replies      
I've been waiting for an article like this. There really is an ethos of working yourself to death, and on surface it can make sense. If you put in 80 hours per week and your competition puts in 60, you'll win because you'll learn more quickly than your competition. But I don't think that accounts for efficiency. If you work 80 hours per week, is every hour equally productive? And if so, are you working on the most valuable things? (Eg can you delegate, outsource, etc?). People like to think so but it's far from a universally held belief.On the flip side, if you work 32 hrs per week, you're pretty much forced to be focused and productive. You'll still have same goals, how do you achieve them in half the time each week? You cut out things.I just graduated from one of the many bootcamps, and about half of students "worked" about 45 hrs per week, vs other half who worked 60+ hrs. And there's been zero difference thus far on who has gotten jobs more quickly. Ok I'm done with my soapbox but I wish more people in valley would consider worldview espoused in this article.Also with the Michael Arrington comment, I don't think most investors give two shits how long you work as long as you are delivering that up and to the right growth.
sandworm 6 hours ago 0 replies      
In my work (legal) i often find myself overdressed and overstressed about decorum and timetables. But corporate decorum, working 9-5 m-f, has a place.

I remember one incident where a thursday meeting at a startup was canceled because a department head wanted to turn an already long weekend into a 4day holiday. I put my foot down. Fridays are not weekends. If they are, then thursdays become fridays and you'll start skipping them too. That meeting consisted of me in a suit, in an empty office, talking to two people via skype. I call that a victory because the meeting at least happened. (The truth is that all the low level employees on the first floor were there and working. They cannot afford to skip out on work.)

Casual is all well and good until it creates unpredictability and disorder. Contrary to popular myth, things actually get done in meetings. Not every decision can be made while scaling the in-office climbing wall. Some decisions require people sitting down at a table to hammer through a series of points.

Does that thing that happened last night on the server qualify as a breech? I don't care that tomorrow is a friday. Neither will your backers, nor the FBI, when they haul you in to explain why you couldn't be bothered to take a decision until after your ski weekend.

stillsut 6 hours ago 0 replies      
Pretty simple: if a developer can be 10x-100x as productive than the average developer, you don't really worry about only getting 80% of their required time.

So if this perk gets Treehouse talent that is +30% more productive, even if they lose -20% of productivity from Fridays off, they still win.

One caveat, so much of programming is loading things into your head, I think three days off every week would be difficult for anything sophisticated being developed.

AndrewKemendo 10 hours ago 1 reply      
My question is, what do you tell customers that demand responses Friday through Sunday? I mean if something breaks I am sure people come in/do remote work, so that's not the cases I am talking about. I assume this only works for companies that have non-critical or fully automated products where users don't have any person to person interaction built in anywhere.

I ask because I would love to implement something like this, but we get requests for service or user questions every day - and a three day turn around time on a user issue is terrible customer support - especially if they have other work riding on it. I realize treehouse is different in this respect.

It seems like the more employee focused you are the less responsive to customers you can be.

bdcravens 10 hours ago 0 replies      
I really don't get much "work" done in the office; most of my work gets done at 2am or on the weekends. (We talk alot and strategize, so technically that's work I suppose, but the actual coding usually happens elsewhere)
kvcrawford 5 hours ago 2 replies      
I, for one, immediately checked for Treehouse's open positions. In a world where retention and recruiting are huge challenges for tech, a strong work-life balance policy is very powerful.

Too bad they don't have a need for a front-end engineer right now. I would be all over that.

Keep up the good work, guys!

arturnt 8 hours ago 0 replies      
An average work day isn't filled with 100% development. You have breaks for lunch, coffee, people asking you questions, meetings, ping pong, etc. For a good workplace a chunk of your time is a social experience like any other. That means if you spend about 2-3 hours a day total socializing, then the 5 hours a day you spend working. For startups, sometimes you have time sensitive releases so that number goes from 5 to 10, but it's still only about 50 hours of actual development per week even though it's 65 with all the other stuff included.

Treehouse has managed to make a 4 hour week work since everyone is working remotely, so that social aspect is not as prominent and consumes less time. For people who have kids spending time for the kids becomes more important than the social experience at work as it should. The 4 day work week all of a sudden makes sense since they have bundled those 3 hours / day of a work social time into one day of a kids time.

itbeho 10 hours ago 2 replies      
Interesting how the companies discussed are outside of SV.
cubano 10 hours ago 3 replies      
Wasn't there a thread recently here that discussed how everyone was expected to work 60-hour weeks by their managers or face heaps of wraith?

So what is it...32 or 60?

The only answer can be "it shouldn't matter!", if you work in an industry where you can just as easily work from home as work from your desk.

I am speculating, but I would think that most of the IT developers at Treehouse work well over 40 hours a week.

rajacombinator 5 hours ago 0 replies      
I love reading about work style experiments like this and think they're great in some situations. But they make more sense for serial founders who have cashed out before or established cash cows like Google/Apple/Facebook. New founders who are all in on a business can't afford to work 4 days a week because the clock is ticking.
varunjuice 7 hours ago 0 replies      
This is just recognition of the fact that productivity is divorced from # of hours at the office, or # of hours spend "working'
fndrplayer13 10 hours ago 0 replies      
Its good that places like this exist. My experience thus far has shown me that different developers might go through different phases of their careers in terms of how much they like to work. I think the article touches on this a bit, noting that most of these people are married and have families. I'm married, but I still totally feel the urge and drive to work on software all the time. And its not that I love work, its that I love writing software. I could see that drive tailing off with kids and those kinds of deep commitments, though.
JohnLen 2 hours ago 0 replies      
Productive works that matters. Not the working hours.
free2rhyme214 6 hours ago 0 replies      
This is a nice way for Treehouse to differentiate itself for talent but this is blown out of proportion like Tim Ferris's 4 Hour Work Week.

Employee culture is important but to be honest I only care about how well the founders are executing their original vision then all the yoga classes, free food, Friday's off, beer pong, maid service and other things companies are offering.

32 hours a week is nice for some but that doesn't always equate to marketplace monopolization.

Then again since Treehouse is competing with others this may not be their goal anyways.

spiritplumber 7 hours ago 0 replies      
We work five days a week, one of which is shared so we can talk. Which five days is up to the person.

Of course since I'm a cofounder I work pretty much 24/7 but such is life...

zaroth 11 hours ago 3 replies      
I wonder if they pay part-time salaries to reflect the work hours. Certainly an interesting trade-off. If you have kids and a stay-at-home spouse I can certainly understand the appeal! Otherwise, perhaps not so much...
monsterix 10 hours ago 4 replies      
Now this could be an early sign of a bubble in the making. Here's why:

1. The bay believes that solofounders are a bad deal - mostly - because starting a company is a lot of work. And so it is - a lot of work!

2. Now here we have a handful of _startups_ that confess there's isn't enough work to keep everyone in the nimble team up on toes for even forty hours a week! This contradicts with 1.

Sure it means team happiness and all that. Fine.

3. For each _startup_ that has confessed situation at 2. there should be at least 'X' times the number of start_ups who do not accept this reality. I don't know what that number 'X' would be but let's take it 10.

Which means what - a bubble?

[Left open]

Learn Physics by Programming in Haskell [pdf]
points by lelf  2 days ago   52 comments top 14
stolio 2 days ago 4 replies      
If you're into physics I'd recommend solving some problems using whatever language, but especially functional languages (i.e. Lisps, Haskell, etc.) because you have some big "A-ha!" moments as to what the math really means. Like when you program an integral from scratch for a mechanics problem and you go "Oh that's why we use an integral here!" There are also many problems (i.e. n-body orbital dynamics) where brute-force computation is the only way to get to a solution. Finding the path Rosetta/Philae took to comet 67P comes to mind.

There's an older course that's a bit of a sequel to Structure and Interpretation of Computer Programs (SICP) called Structure and Interpretation of Classical Mechanics (SICM). I've never done it but always thought it looked like fun. (If you're into Scheme or Lisp)

course: http://ocw.mit.edu/courses/earth-atmospheric-and-planetary-s...

book: http://mitpress.mit.edu/sites/default/files/titles/content/s...

evanb 2 days ago 0 replies      
Please don't link straight to PDFs on the arXiv.

Link instead to the abstract:


flannelhead 2 days ago 2 replies      
I'm a physics sophomore, and I would be very glad to see more programming, especially FP, integrated to physics courses. During my studies, I've programmed some simulations related to the physics courses I've taken. My main purpose has been to gain a deeper, more practical insight on the subject which would've otherwise remained quite theoretical and distant.

For example, I made a little rollercoaster simulation to demonstrate the power of Lagrangian mechanics and generalized coordinates to myself. On the electrodynamics course I programmed a solver for Poisson's equation using the finite difference method to see a little more than the few simple geometries we calculated by hand. That kind of voluntary activities have greatly motivated me and helped me to understand various concepts.

On some courses we already have some simulation work and numerics in homework problems. Maybe deeper integration of programming into teaching requires time and, more importantly, a driving force and resources behind it. Then, of course, not everyone would be happy to see that kind of integration I'm sure some would feel like they're forced to learn to program. And, as it has been seen on our entry level numerical physics course, learning programming, numerics and physics the same time is really quite hard.

Given those shortcomings, I still feel this is the way to go for future physics education. A gentle introduction and slowly teaching programming alongside physics would be the key, I think.

jonjacky 2 days ago 1 reply      
This 1994 paper (using Scheme) might be pertinent:

Fields in Physics are like Curried Functions or Physics for Functional Programmers: http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

bkcooper 2 days ago 1 reply      
I am intrigued by this approach (I have Structure and Interpretation of Classical Mechanics on my lengthy to-read pile) but I do wonder whether expecting ~sophomores to be trying to pick up Haskell and the physics at the same time is a bit much.

The aspect of this that interests me most is related to a classic observation that, for most people learning physics, it's hard to separate difficulties with the physical content and difficulties with the mathematical content. The distinction between these is vague, but the separations like "set up the differential equation" vs. "solve the differential equation" that this functional style suggests seem like a good approximation to "physics" vs. "math."

noobermin 1 day ago 4 replies      
The thing is from my experience, most computational individuals would be strongly opposed to FP. They may not have been raised on for loops, but once they learn about for, good luck on having them warm up to the idea of map and reduce.

I think the only way you'd succeed is by snatching their young before they go down that path. I don't really see many people warming up to new things aimed at them like Julia or even not-so-new stuff like numpy/matplotlib and friends. If it isn't Fortran or C or matlab, it doesn't ring well with them. Of course, the new kids who don't know programming (or physics yet, perhaps) are ripe for indoctrination of your religion as opposed to theirs.

cubano 2 days ago 2 replies      
Man, do I feel old.

Back in undergraduate school, we were taught to learn programming (FORTRAN) through physics, not the other way around.

The idea that the process could be turned around really hammers home how much things have changed due to the access to computers at a young age that most kids have nowadays.

jaked89 2 days ago 3 replies      
"One obvious use of types in physics that we have not explored in this work is the expression ofphysical dimensions (length, mass, time) and units (meter, kilogram, second).

...This is not trivial to do with Haskells typesystem because one wants multiplication to multiply the units as well as the numbers."

F# supports units:https://msdn.microsoft.com/en-us/library/dd233243.aspx

al2o3cr 1 day ago 1 reply      
The linked paper doesn't address the elephant in the room - numerical integration is a finicky process to work with in many systems. Students who are still working to understand the underlying concepts are not going to be helped by things like non-energy conserving integrals. [1]

The lack of units in the type system also means the error-preventing properties of static typing are somewhat limited here; it's possible to write code that assumes F=a/m without any complaint from the compiler.

[1] http://en.wikipedia.org/wiki/Energy_drift

JadeNB 2 days ago 0 replies      
Continuing my mission to promote links to abstracts over links to PDFs: http://arxiv.org/abs/1412.4880 .
mattegan 2 days ago 1 reply      
At Georgia Tech, the labs associated with Physics I and II have a large programming portion. They had us use VPython [1], which is a strange package which includes a version of python and a graphics library. It worked pretty well, and I got a good kick out of it. They had us model gravitation of planets (using discrete time steps). In Physics II one of the assignments was to create vector field displaying a magnetic field, and then animate a magnet around the field in a circle.

I think the programming might have been a little too complex for some, as some people took physics first or second semester before having a programming class, and it became difficult for the TA's to help people with their code as they taught how to accomplish things, not accomplish it in a clean manner.

Overall though, I think it added a good bit of value to the course.

[1] : http://vpython.org/

swatow 1 day ago 0 replies      
I think the problem with this sort of thing is it doesn't capture the beauty and elegance of either Haskell or physics. Take the first line

  data Vec = Vec { xComp :: Double    , yComp :: Double    , zComp :: Double }
The author has just defined a 3d vector. But there is no "3" in the above because Vec is hardcoded to be three dimensional. The physics student is probably interested in what aspects of physics are special to 3 dimensions, and which generalize to higher dimensions. I think geometric/Clifford algebra somewhat answers this, but my knowledge is limited. Anyway, functional programming is still at the stage when the things that it can express about mathematics, are actually pretty obvious already. I have high hopes for the future (e.g HoTT), but for now functional programming is much more exciting for programmers than physicists or mathematicians (who aren't logicians or category theorists).

howeman 2 days ago 0 replies      
Just don't run your pendulum simulation for too long if you're using the Euler method!
eli_gottlieb 2 days ago 0 replies      
Neat. I'll have to try that out some day.
Cards Against Humanitys Private Island
points by colinprince  3 days ago   45 comments top 15
cbd1984 2 days ago 1 reply      
Reminds me of the Klondike Big Inch promotion Quaker Oats ran in the 1950s:


Here's what happened:

> Ronald Bottrell, my source at Quaker Oats, said that in the early 1960s, all the land reverted to Canadian-government ownership. The reason: nonpayment of taxes.

> ``The individuals who had received the deeds in the cereal boxes had become the owners of the land,`` Bottrell said. ``Obviously, none of them ever paid taxes on it. So the ownership of the land went back to Canada. The promotion was long over, anyway.``



> Although the deeds were a campaign promotion, many people took ownership of the land seriously. One man wrote Quaker Oats to announce that he had collected 10,800 deeds and was now the owner of 75 square feet of land. Another man, accused of murdering his wife, used his deeds to secure the services of a defense lawyer. The lawyer asked to be excused from the case when he learned the land consisted of 1,000 inches.



bradleyjg 2 days ago 3 replies      
Laphroaig does something like this for their fan club. Sign up and you get a plot of land for life on their grounds. For rent they will pay you a dram whisky annually, but you have to go collect it in person. They are located on the Isle of Isley off the coast of Scotland, so unfortunately I haven't been able to collect my rent yet. Hopefully someday.
manachar 2 days ago 1 reply      
They probably spent less to buy the entire island of Hawaii 2 than it costs to buy the average house on Oahu or Maui.

Bonus: I now own land on Maui, Hawaii 2, and Islay. Luckily two of these do not require taxes and one provides rent that can be redeemed in person in the form of a dram of Laphroaig.

sekasi 2 days ago 4 replies      
I'm sorry if I misunderstood this article.. but they took their $70k of profit and donated it to wikimedia, then took all profit from the 'gift' idea and bought an island.

So these dudes essentially give away the vast majority of their profit yeah? What am I missing? Don't get me wrong, it's incredible.. but at the end of the day, very few forms of altruism exists and I feel like I'm overlooking some part of the equation. Where's the sinister ending? :)

freshyill 2 days ago 2 replies      
I know there's got to be a lot more involved with buying/owning an island than just coming up with the money (a boat, for one), but it's fun to think about the fact that you can buy an island in Maine for roughly what a decent house costs around a lot of major cities in the US.

Granted, the really nice islands with really nice houses on them will cost a heck of a lot more, but it's still fun to think about.

hoopism 2 days ago 0 replies      
I have relatives in Liberty ME and we Kayak (usually on the coast) quite often.

We'll have to add this to our spots and check it out...

Also, there was an article a while back on HN about some friends who bought an island:https://news.ycombinator.com/item?id=6395148

Wonder how that's going... http://tynan.com/island2

finnn 2 days ago 0 replies      
What is going on with the timezones in that email exchange? First one is in -0500, second one doesn't specify a timezone and third one is in +0000
cju 2 days ago 0 replies      
This island's shape reminds me of Corsica (https://en.wikipedia.org/wiki/Corsica).
PureSin 2 days ago 0 replies      
It was a big surprise to receive that in the mail. Wasn't sure if it was a joke or serious but after looking for it on Google maps I think I have a future trip planned.
personlurking 2 days ago 0 replies      
I always enjoy looking at islands for sale online. There are quite a lot of them available for purchase at around $100k. One can dream...
harkyns_castle 2 days ago 0 replies      
Be nice to see more and more bits of land claimed, and just let live. I'd sign up for that.
speeder 2 days ago 0 replies      
This remembered me of a nobility title scam coming from Scotland.

In Scotland for some weird combinations of their laws, and UK laws that I don't remember properly anymore, anyone can get a "nobility" title by owning land there, except UK laws say nobles are only those that can be peers in the parliament (House of Lords), and that scottish title is NOT one of them.

Some scammers then sell those titles attached to a square foot of land, and charge crazy prices (ie: much, much, much more than buying a square land of foot yourself in Scotland), then claim the buyer is an actual noble (like I said, the buyer isn't, although the title IS legitimate, in UK it does not count as a nobility title)

People that work with actual nobility title frequently get annoyed with those scammers and try to convince UK government to shut them down.

throwawaytwo 2 days ago 2 replies      
he said. she said. 10 years later.


Given how little we know, it's impossible to know what happened or who is right and who is wrong.

zkhalique 2 days ago 0 replies      
rrival 2 days ago 0 replies      
"Hawaii 2" is one of my favorite things from 2014.
How startup Fab died
points by prostoalex  1 day ago   122 comments top 34
andrelayer 1 day ago 5 replies      
I was employee #30 something at Fab and had a decently unique vantage point for a while. I would say the problem was one of ambition. We had a working $100M company, however Jason and all of the investors decided that that was not enough and that we needed to be a $10 Billion company. I actually don't see that much wrong with this, it's just a bet they all bought into and they all were smart enough to understand the risks. The bet failed. Simple as that.
gnufrra 1 day ago 1 reply      
I am the first employee of a startup with less than 10 employees. We are a direct competitor of Fab latest incarnation Hem (One Nordic).

We have been around for more than 2 year now. Our revenues are in multi-million and most importantly we are profitable.

Lucky to be working with founders who believe in reaching profitability first. We are a data driven company from the get go. Which allowed us to make smart decision while been super lean.

rwhitman 20 hours ago 0 replies      
In memorial of Fab, let's all take a little time machine back to this HN gem when @betashop (Jason) wrote a blog post [1] defending allegations in Bloomberg [2] that he blasted the entire staff of Fab several times with threats they'd be fired, and then proceeded to continue to defend the practice in person right here [3]

[1] https://web.archive.org/web/20130806013728/http://betashop.c...

[2] http://www.bloomberg.com/news/articles/2013-06-24/fab-com-s-...

[3] https://news.ycombinator.com/item?id=5942543

lordnacho 1 day ago 1 reply      
So they had a shop that was known for unique designs, sourced from small manufacturers. Wouldn't they naturally think that was a limited market, which you couldn't turn into another Amazon?

Also, if you're having the producer send stuff to the buyer, why do you need a European acquisition? Just hire some people who speak the languages, maybe open a small London/Berlin office, put in the translations, and maybe find a few local products. Why go out and buy three copycats?

What I really don't get is what was so special about Fab. It's a shop on the internet that sells goods. Aren't there vast numbers of similar businesses? What was the magic about them? Just good taste?

_ak 1 day ago 0 replies      
What I was told by people how things were going in the Berlin office, I seriously wonder whether the Europe business hadn't failed if the employees had actually focused on working instead of just partying.

It even went so far that an HR person bragged about how drunk everybody got the night before, and how hungover she was, in front of a whole room of people expecting to undergo a day-long recruiting process.

IgorPartola 1 day ago 6 replies      
Sometimes I wonder if the key to a successful startup is controlling expenses. I have seen so many companies who spend $750k on a "state of the art ecommerce backend" just to sell a half dozen SKU's. Or they are a tech company with 0 technical staff (outsource everything to contractors). They almost never do well. Instead, the companies that seem to consistently do well tend to be the ones that have tiny budgets, are located in inexpensive places to live with lots of talent, and do things such that their liabilities are tiny.
hga 1 day ago 3 replies      
Micro tl;dr: Build a company with a successful business model, and then pivot away from it, plus get concerned about someone trying to replicate your success in Europe and prematurely enter that market.
rogeriolou 20 hours ago 1 reply      
I'm not the least bit surprised. I met one of the founders (I can't remember which of the two) at a conference in 2010. We were seated at the same table during lunch, and judging from the reactions of the other people at our table, it was a big deal that we were seated with one of the Fab founders. Everything about Fab was supposedly awesome. The growth. The revenue. I chatted with the founder and my one take-away was: Even after everything he told me, I had absolutely no idea what Fab did or what it was about. Yes, of course it's an ecommerce site, that much is clear, but the founder totally failed to actually explain how Fab was different from any of the other many ecommerce sites that are not considered to be the holiest thing since the Eucharist. I really thought at that moment, this company is doomed.
IanDrake 1 day ago 2 replies      
I see this a lot these days. Great sub-100 million dollar businesses that fail because investors believe they can make it a 1 billion dollar business.
grandalf 1 day ago 0 replies      
I'd argue that Fab never really had a business, it just had investors willing to finance a growth hacking strategy.

For enough investor dollars you can buy sales and create a convincing hockey stick graph sufficient to attract more investors.

I think investors should insist on a few weeks every few months with ZERO marketing spend so that the cycle can be broken long enough to accurately measure organic growth. Inevitably the founders try to misattribute paid growth for organic growth.

The result would not be investors pulling out, it would be a more rational focus on retaining customers and building a sustainable business. Optimistic metrics don't do anyone any favors.

nsxwolf 1 day ago 1 reply      
I'll tell you why it died. I kept seeing ads showing an interesting looking product, but clicking on them wouldn't take me to that product. The product was unnamed as well, so I couldnt even search for it.

What was the point of that?

subpixel 10 hours ago 1 reply      
One thing that has gone unmentioned: when you run flash sales that promote other retailers' products, you're strengthening your competitors' business as much as your own.

For example, it was very common to see discounted jewelry or apparel on Fab from brands with a much deeper collection on their own site. It's 2011-2014, of course I'm going to Google the designer or brand, find their own site, and make an informed decision about what to buy.

Designers know this, and are savvy enough to use other channels to promote their own, where they charge the sort of prices they can build a business on. I'm willing to bet that Fab made quite a few designers more money via these sort of implicit referrals than via discounted flash sales.

Hindsight being 20/20, if Fab wanted to build a billion dollar business, they should have bought an e-commerce startup, not other retail operations. That's the only way they could have captured more of the value they were creating. Say they managed to buy Shopify. A, they'd be swimming in revenue. B, Shopify would have the marketplace they failed to make work on their own.

Asparagirl 10 hours ago 0 replies      
I was an early Fab customer and they did feature some unique and interesting gifts. The daily e-mails were also beautifully designed, to the point that Fab eventually sued or threatened to sue a different company who had ripped off the look and feel. But over time those Fab e-mails started featuring more and more tchotchkes and mass-produced junk, I guess in an effort to push more products. So when I read in the article that...

"Shellhammer has since started a new company, Bezar, that's almost an exact replica of what Fab used to be."

...I signed up for Bezar right away. Because Goldberg may lack business savvy, but no one denies that Shellhammer has excellent taste. And I need some wall art for my house.

EDIT: It was "Touch of Modern" who was sued by Fab for supposedly ripping off their design elements, but I don't know if the lawsuit was successful or not. Details: http://pando.com/2012/08/16/breaking-down-fabs-copycat-claim...Touch of Modern appears to still be in existence.

aaronbrethorst 1 day ago 0 replies      
Most interesting line of the article to me:

    "Fab had product market fit, but Fab    didn't understand its product market fit,"    a former Fab employee said.

AndrewKemendo 1 day ago 2 replies      
Jason can talk and sell you water ... He convinces himself that what he's going to do is going to work ... Jason had so much energy and passion that he drove you to want to do something.

I read this kind of thing from people all the time and it confuses me. I'm not sure if it is just who I have been around in my life, but I don't think I have ever met anyone that inspired that kind of blind devotion. Am I alone in never having experienced that?

bsdpython 1 day ago 0 replies      
I thought raising so much money so fast, hiring so many people so fast and burning money so fast died out in 1999. I guess I'm surprised that investors didn't demand a more airtight and proven business model before investing post Series A.
tribeofone 1 day ago 1 reply      
Get ready to hear alot more stories like this in the next two years.
jamesmcq24 21 hours ago 0 replies      
Another possible reason they failed - What a horribly, horribly slow website.

After reading this article I visited fab.com as I'd never visited before. Saw some interesting products, some I might buy, but loading a single page of items shot my fan speed up and froze the page for a good 7-8 seconds while what I guess is their javascript "enhanced" the page.

Awful, awful user experience. I couldn't last more than 3 pages of items before giving up. It doesn't matter what your product is if you annoy the hell out of your customers with badly designed technology.

ecaron 1 day ago 0 replies      
The similarities between Fab & Jobster shouldn't be overlooked. And a lot of the lessons from 2007 (http://mashable.com/2007/12/13/jobster-ceo-steps-down/) seem to be forecasted in 2013 (http://www.inc.com/magazine/201303/how-i-got-started/jason-g... / http://thisweekinstartups.com/jason-goldberg-of-fab-twist-31...) and now history has repeat itself again.

Best of luck, Jason, at your next thing!

jonathanjaeger 23 hours ago 0 replies      
They aggressively spent money on Facebook ads at the beginning and it seemed at first like a winning strategy. But if lifetime value < cost of acquisition you're burning through money. We saw it in daily deals and then we saw it in Fab. Fab just didn't know their LTV at the beginning and seemingly didn't care. Add to that a business that relies on third party manufacturers/designers and a low gross margin and it's a tough business to make profitable.
itsbits 9 hours ago 0 replies      
I had an offer from Fab before I decided to join else where as UI dev. I was impressed with their site. But during F2F with Jason, I didn't get proper answer for whats the plan when other online stores like Amazon joins competition.
crucifiction 22 hours ago 1 reply      
I can tell why it failed just from that document capture they posted. Does that look like the kind of document that a CEO who knows what he is doing and is able to turn something into a billion dollar company would be producing for his execs? Its bullet point garbage.
bruceb 1 day ago 1 reply      
"Fab acquired three similar European startups that year in all-stock transactions. It bought Casacanda in February 2012, Llustre in June 2012, and True Sparrow Systems in November 2012."

True Sparrow Systems is a web development company in India not a flash sales site. Hope the rest of the facts are correct in this story.

Animats 1 day ago 1 reply      
This class of startup is a chicken run. "Fab would feature and sell third-party items from small design shops all over the world" is not exactly a novel idea. There are hundreds of catalog houses in that space. Some of their glossy catalogs are probably in your recycling bin right now.So there's an expectation that growing too fast to get a predominant marketing position is a winning strategy. Only one company wins that game. The others die.
dennisgorelik 21 hours ago 0 replies      
It is Jobster.com [1] fiasco all over again:

Goldberg got $50M in investments ($200M+ for Fab), spent most of it, produced no good product and sold his company for peanuts.

Would investors ever learn or will they invest into Goldberg again in a few years?

[1] http://en.wikipedia.org/wiki/Jobster

emergentcypher 1 day ago 2 replies      
What was Fab, exactly?
TheAcen 16 hours ago 0 replies      
Ah, I remember Fab. I liked it a lot for browsing and such. But I can't recall ever purchasing anything off it.
rasz_pl 20 hours ago 0 replies      
There was a documentary about Fab on TV:


damonpace 1 day ago 0 replies      
It seems they poured the gas on before the engine was actually running.
rokhayakebe 1 day ago 0 replies      
You know, I am not all that mad at these guys. This is crazy, but when I compare it to the millions people spend on lottery to enrich a handful, sports to enrich a few hundred, and movies to enrich a few dozens, I find it not too bad (but still a little bad) that people are spending millions to try and create value for many customers, thousands of employees, and enrich thousands.
pearjuice 16 hours ago 0 replies      
So about these investors, did they just throw away a few hundred million dollar? Or do they somehow have contracts which define that they with future business operations should get the money back? Loans? Or is it just free money provided as-is? On what terms do they invest?
fsaezc 1 day ago 0 replies      
wow. Had already forgotten about them.
hackaflocka 1 day ago 0 replies      
First, let me unequivocally state that I'm not a homophobe by any means. A large number of the founders and initial employees were gay men, with strong ties to NYC Media and Wall St. They were hyped as being the Queer Eye for the Straight Guys of eCommerce. The people who were going to save boring straight people from themselves. The entire thing was a ponzi scheme designed to create a lot of hype, and take money from fools. By the looks of it they succeeded.
impostervt 1 day ago 1 reply      
The main picture on the page is a really, really badly done photoshop. I'm kind of surprised they'd use it.
Im an Anti-Braker
points by mzs  1 day ago   212 comments top 24
dang 1 day ago 1 reply      
This is not a good HN submission. It doesn't teach us anything; its purpose is to arouse indignation in favor of what one already believes.

In other words, it's a riler-upper. Please don't post riler-uppers to Hacker News.

joezydeco 1 day ago 24 replies      
We need to think of a better way to convince parents to vaccinate their children than hitting them with sarcasm. While these are fun to read from our smug pro-vax point of view, they provide no effect on everyone else.

We need to show parents what life was like before the polio vaccine. Before measles/mumps. Hell, before smallpox. Part of the problem is that younger parents don't believe that these diseases were all too real and way too common before the treatments. There aren't many polio survivors around anymore, and the only place you'll ever see measles is on Brady Bunch reruns.

transfire 1 day ago 4 replies      
I know this will be down voted, nonetheless, after reading many of these threads it is clear to me that most pro-vaxxers are horribly uneducated about the facts, and simply go around parroting others and making holier than though smug comments. If they would actually take the time to listen they would see that most so called "anti-vaxxers" are nothing of the sort. While there will of course always be the few that are extreme about it, most are simply concerned about safe delivery and over vaccination for the sake of pharmaceutical company profits. They want better oversight and safe guards. They want to spread vaccination schedules out and not have to get any that aren't absolutely necessary. If these concerns were addressed, the die-hard "anti-vaxxers" would be such a small number as not to matter for herd immunity.
lisper 1 day ago 3 replies      
Not all anti-vaxers are stupid or ignorant, some of them simply have a different quality metric. I've had extensive correspondence with a former colleague who fully accepts all the science, but simply believes that natural immunity is "better" than artificial immunity, and that a 0.1% mortality rate (which is about what measles produces) is an acceptable price to pay. We both accept the science, but he likes the odds and I don't. I have no idea what to say to someone like that.
kyledrake 1 day ago 4 replies      
In snow in the winter, slamming on the brakes actually can prevent you from stopping your car. I grew up in Minnesota, where you learn how to deal with this very quickly.

If you've never driven in snow/ice before, there's a situation where the brakes can "lock up", causing your tires to freeze instead of slowly spin down. For some physics reason I don't entirely understand, the tires have better friction with a slippery surface when they're still spinning, so when they stop spinning your car just turns into a giant hockey puck, and you can no longer stop the car without getting the tires to spin again.

Newer cars have what's called an "Anti-Lock Braking System (ABS)", but it usually doesn't work very well. I'm pretty sure it's just there for the people that have never driven in snow before. It's actually worse to trigger it sometimes.

If you've never driven in snow before and just moved to a place where it does, find an empty driveway and learn how to pulse the brakes. Seriously could save your life.

nostromo 1 day ago 1 reply      
If you want to convince skeptics to get vaccinated, being insufferably smug is probably the worst way to go about it.
alttab 1 day ago 0 replies      
The analogy doesn't really hold up. And I love it how you can be so right, so unwaveringly correct as to leave no air or room for debate. While illustrating a point poorly the author just comes across like an asshole to anyone that doesn't completely agree with him. Circle jerk much?
chrisBob 1 day ago 0 replies      
I have a strong personal stake in this one right now. I am the parent of a 2 month old who can not get the MMR vaccine for another 10 months. Knowing that I have to take my daughter on a commercial flight in the next few weeks scares me, especially with the recent news of the outbreaks.

Maybe education about protecting infants could go a long way to change people's minds. Maybe there needs to be more legal action against the anti-vax movement. http://www.forbes.com/sites/dandiamond/2015/01/28/measles-is...

TeMPOraL 1 day ago 1 reply      
Anti-vaxx movement seems to be a symptom of a deeper problem - I see it as a combination of people being increasingly unable to comprehend the world around them and growing mistrust toward the authorities.

The second one is perfectly understandable - politicians cheat us all the time. Journalists lie in every other sentence. Big companies consistently spew bullshit. A lot of small companies are run by fraudsters. The fundamental trust of society toward its structures is broken. It's easy to assume that politicians and businessmen try to push things for profit and not for the social benefit.

That itself is not enough for a movement like anti-vaxxers though. I'm pro-vax, but not because I trust the government or pharmaceutical companies. There's definitely a lot of fraud, bribery and fudging results there. But the general scientific idea is sound, and it adds up to other things.

It's the kind of feeling I believe big part of population doesn't have. That things add up. I believe in mainstream science because it's coherent, logical and agrees nicely with observable reality. I understand some genetics, know enough maths to have a feel for exponential growth, etc. But many people don't really understand anything about the world (yay education!), it must seem like a black box for them. Some things happen because they happen. When you eat dirt you get sick, etc.

Along with anti-vaxxers, I often talk with anti-GMO and anti-nuclear people. The situation is always the same - they don't trust the autorities and they don't understand a thing about the topic domain. "Nuclear energy" is the scary thing. Chernobyl. Soviet lies. Fukushima. Japanese lies. It's hard to make them do the math and understand that this is our only viable option for now. They don't trust governments and they don't have enough knowledge to evaluate the topic themselves - so they don't trust the solution.

I'm afraid that as a civilization, we're going to really hurt ourselves beacuse of trust issues. That's why in my books, lying to people is one of the biggest sins. It's literally destroying humanity's ability to work together.

jacquesm 1 day ago 0 replies      
The biggest problem with the anti-vaccin groups is that not only does it negatively affect their children (which is bad enough), it also negatively affects others due to reduced herd immunity. In other words, those that have had ineffective vaccinations or that are simply more susceptible are also at an elevated level of risk.
leichtgewicht 1 day ago 0 replies      
The sarcasm was completely lost of me because of the brakeless bicycle movement: http://en.wikipedia.org/wiki/Fixed-gear_bicycle#Brakeless I thought he is just a crazy bad-ass.
transfire 1 day ago 0 replies      
rkroondotnet 1 day ago 0 replies      
Here is a good article on non-medical exemption rates http://www.motherjones.com/environment/2014/02/vaccine-exemp...

TLDR:Oregon, Michigan, Idaho and Vermont are the worst offenders with over 5% of their kindergarten students having nonmedical exemptions.

allthatglitters 1 day ago 0 replies      
After reading the 123 comments so far of this delightful discourse, I'm curious why no one has mentioned how we handle the immigration issue and vaccination? Does ICE check the health records or what? I guess those legally entering with visas etc are good... dare I mention illegals?
sidcool 1 day ago 1 reply      
I actually and really went through half the article thinking 'Wow, what an interesting point of view!'. It was only in the last couple of paragraphs that I realized the satire. I am not a very bright person.
sanderjd 1 day ago 0 replies      
I thought it was going to be a metaphor about central banking systems and the gold standard. Perhaps this is generally a style of argument that works against any sort of "things used to be better" viewpoint.
ColinDabritz 1 day ago 1 reply      
Delightful. Satire is an excellent way to illuminate inconsistent or unreasonable positions.
engendered 1 day ago 5 replies      
The whole vaccination thing has taken a turn much like the AGW debate -- it has become religion, and people define themselves by their (painfully simplified) position on it : I have Facebook friends who post such clever articles and meme images daily, literally preaching to the converted for absolutely no gain but their own smug sense of superiority.

But here's the thing -- vaccinations carry risks. Of course they do. They have massive upsides, but they invariably have downsides, bad reactions, and so on, and it is the utter foolishness that so many try to paint it otherwise. The net result is of course a major positive -- if 1% of the population has an adverse reaction, but 10% avoids getting a painful disease, then a win for the whole (even if it sucks if you're the 1%) -- but it is infantile if not ignorant to not only pretend these risks don't exist (which is ridiculously common), but to actually question people's own assessment of their risk profile.


All of those incidents might very well be entirely coincidental. Or maybe they aren't. Such is the nature of massive, widespread immunizations, where the abnormal immune system of one person might be sent spiraling out of control, while another might suffer a critical allergic response.

Despite endless evidence to the contrary, many seem to believe we have a complete understanding of medicine and the human body. In some ways we remain hacks, and more often than not luck upon our algorithms. But this blind march really makes the movie "The Children of Men" seem more like a prophecy than a fiction.

EDIT: -2 within a minute. HN has taken a perilous dump into garbage land -- the classic ignorant back-slapping and sophistry -- as more and more entirely ignorant people get down arrow rights.

gear54rus 1 day ago 0 replies      
An exemplary piece. For a second there, I thought he was serious.

For the added effect, we don't have that kind of movement where I live so it was not immediately on my mind.

sergiosgc 1 day ago 1 reply      
What is the "braking" distance for a 120km/h to complete stop operation? How do you go from the ~6km/h you get at 850rpm in first gear to complete stop?
xai3luGi 1 day ago 0 replies      
classic vindictive "well then why dont everybody"republican lowest common denominator derivative calculator math at best... seen it a thousand times...
carsongross 1 day ago 0 replies      
I wonder how many kids will end up dead due to these shitty, point-and-laugh, self-congratulatory articles, rather than positively and honestly engaging the anti-vax sides concerns.
smileysteve 1 day ago 1 reply      
While I appreciate the satire, there is a legitimate argument that bad drivers brake too much.

Braking, brake lights, etc create a change that cascades to other drivers. The driver in front of you on the highway is predictable UNTIL they put on their brakes via their relative distance. If you have to put your brakes on on the highway (in the left lane) you are following too closely.

justizin 1 day ago 0 replies      
"Waaah, wahh, my corrupt mechanic who installs my brake pads calls me ignorant because I'm a know it all, but I don't fucking work on cars for a living."

Shut the fuck up. You hit a cyclist with that car and I will throw you under it, motherfucker.

Seriously, the notion that brake pads are a conspiracy by auto mechanics is simply.. Words cannot.

Let's try this:

  In driver's ed, they tell you not to use the brake as a solution to all problems.  If you cannot follow those instructions, you should not operate a motor vehicle.  Do not modify the motor vehicle to remove essential safety equipment because YOU cannot fucking drive.

The man who brought us the lithium-ion battery has an idea for a new one
points by mocy  2 days ago   81 comments top 13
ylem 1 day ago 1 reply      
I remember looking at his work when I was a grad. student. Some of it was amazing. For example, I remember once he set up an apparatus to grow crystals using chemical vapor transport. To know when it was finished, he sealed wires to inside the quartz tube (as an open circuit) and connected them to a battery and a light bulb. When the crystal (which was conducting) grew large enough between the leads, the light bulb would turn on. It was elegant and simple. (Usually this type of synthesis occurs in a furnace where you can't tell the progress and just have to guess and take it out). We still refer to the "Goodenough-Kannamori" rules of thumb when we're trying to use heuristics to guess how an oxide will order magnetically. He's had a truly impressive career...
anigbrowl 2 days ago 1 reply      
tl;dr the path he has chosen involves one of the toughest problems in battery science, which is how to make an anode out of pure lithium or sodium metal. If it can be done, the resulting battery would have 60% more energy than current lithium-ion cells. That would instantly catapult electric cars into a new head-to-head race with combustion. Over the years, numerous scientists have tried and failedit was lithium metal, for instance, that kept setting Stan Whittinghams lab on fire at Exxon in the 1970s.

It's a very interesting profile/historical review of this great scientist and his work, but if you were curious about the actual headline, the lede was buried almost at the end.

mschuster91 2 days ago 9 replies      
What I'm worried about is the waste of lithium and other battery/accumulator metals. In theory, people should turn electronic devices and batteries to recycling facilities, but a large part of the population ignores the rules and throws their gadgets into the trash when broken...

I wonder if someday we will find a way to "separate" trash on atomar level (i.e. put arbitrary stuff in on one side, get raw atoms on the other side)...

breckinloggins 2 days ago 2 replies      
A note for those who go looking for the technical details: there aren't many here. According to the article, Dr. Goodenough is being tight-lipped about his work.
kevin_thibedeau 2 days ago 6 replies      
> Without it, we would not have smartphones, tablets or laptops, including the device you are reading at this very moment.

Yes we would. All these things existed without Li-ion. The power/space budget would be more constrained but it was perfectly achievable. What wouldn't work is senselessly burning cycles running managed code in a VM with heaps of battery sucking DRAM. People today have no concept of how much computing power is wasted as excess heat because of modern software development practices.

cko 1 day ago 3 replies      
Kind of off-topic, and I'm sure I'm not the only one thinking this, but is it common to have clarity of mind at age 92? Is it mostly genetic or is it more like "keep challenging your mind and get enough sleep"? Anyone have good links?

At 29, I'm (probably prematurely) worried about cognitive decline. I only started challenging really myself last year.

justizin 2 days ago 1 reply      
> "Goodenough in his lab at the University of Austin."

There is no University of Austin, it's the University of Texas at Austin, or "UT Austin" - same as there is no "University of Berkeley", but instead, "Cal". ;)

JDiculous 1 day ago 1 reply      
Wish society would incentivize more smart people to tackle these important problems rather than go into finance, management consulting, working at the next hot tech startup, etc.
jamespitts 1 day ago 0 replies      
The QZ article gets much of its information from this March, 2001 oral history interview:


His recollections are very detailed, and you can clearly see what a genius John Goodenough is. Many early computing and defense industry interviews have a similar feel as this one -- so wonderful to read and be inspired by material like this.

swamp40 2 days ago 1 reply      
I cannot decide if that Soundcloud laugh was completely distracting, or whether it improved the storytelling.
higherpurpose 2 days ago 4 replies      
> But Goodenough is equally dismissive of such tinkering and its measly 7% or 8% a year in added efficiency.

7% extra efficiency per year means electric cars will have twice the capacity in 10 years...and then double up again in 10 more years...and so on. That's a far greater rate of improvement than for gasoline-powered cars, even if we're impatient and we want our $10,000 500 mile on a charge EVs now.

> But the path he has chosen involves one of the toughest problems in battery science, which is how to make an anode out of pure lithium or sodium metal. If it can be done, the resulting battery would have 60% more energy than current lithium-ion cells.

I don't know how "real" its technology is, but SolidEnergy promises a 50 percent increase in energy density using an "ultra-thin metal anode". The company promises commercialization for phones in 2016 and for EVs in 2017.


gregorkas 1 day ago 0 replies      
But.. the one we had was Goodenough.. yeahhhhh
hayksaakian 1 day ago 0 replies      
tl;dr version:

> Although Goodenough will not spell out his precise new idea, he thinks he is on to something

A Xenon flash will cause the Raspberry Pi 2 to freeze
points by voltagex_  3 hours ago   49 comments top 15
tdicola 1 hour ago 1 reply      
Oh neat, I just reproed it with a Pi 2 and a Canon Speedlight flash. I'll put my scope on the power lines and see what's happening when you flash the board. Sounds like from the thread one of the power ICs is photo sensitive.

edit: Wow yeah, here's a look at the 3.3V power line when you flash the board, it drops almost down to 0V and then wildly fluctuates for about 100 nanoseconds: http://imgur.com/hG86pRy

edit 2: Another interesting measurement, with the board _totally unplugged_ and flashing it you can see a big voltage spike on the 3.3V rail. Up to 6-7 volts or so for a few nanoseconds: http://imgur.com/td262QK

I guess not only can you learn about electronics but also Einstein's photoelectric effect with the Pi 2!

ChuckMcM 1 hour ago 0 replies      
That is fun, reminds me of the 'yelling at the drives slows them down' video.[1]

[1] https://www.youtube.com/watch?v=tDacjrSCeq4

swamp40 2 hours ago 3 replies      
A xenon tube is a spark gap.

If there's anything in this world noisier than a spark gap, I don't know what it is.

I think the first radio transmitters were spark gaps.

The energy flies thru the air, and is coupled onto the power line.

The power supply doesn't cope well with the oscillations, and hiccups.

I see the notes about U16 being photosensitive, but if it is a black epoxy like most IC's, I'm not buying that light gets into it.

It's possible that blue tack shields the EMP a bit.

dietrichepp 2 hours ago 0 replies      
Reminds me of old EPROMs. You can buy special "light sensitive" transistors, but they're really just ordinary transistors with a window in the case, since ordinary transistors are light-sensitive. You can even use an ordinary 1N4148 diode as a solar cell, it just doesn't generate much power.

The fix is simple: apparently, you just have to cover U16, which controls the power supply.

mholt 2 hours ago 1 reply      
Shortcut to a video of this phenomenon: http://youtu.be/wyptwlzRqaI?t=1m29s
tonteldoos 11 minutes ago 0 replies      
A computer with actual strobe-induced epilepsy. Looks like the singularity is closer than we thought.
yuhong 54 minutes ago 0 replies      
As a side note, the power supply chip directly uses the 5V from USB, right? Wonder if it is tolerant of 3.3V as common when running from batteries.
thought_alarm 2 hours ago 3 replies      
Why would a switched-mode-power-supply chip be photosensitive?
psgbg 33 minutes ago 0 replies      
nh 2 hours ago 1 reply      
Good find OP! I wonder how many electronic devices would have similar problems if we took out the covers?
nacs 2 hours ago 0 replies      
This was clearly designed to sell more opaque cases. /s

Or to look on the upside, the Pi now comes with a free photodetector.

ozy23378 2 hours ago 0 replies      
That Pi isnt very photogenic.
thrownaway2424 2 hours ago 1 reply      
That comments thread contains a head-smacking quantity of ignorance. "Is it the light or the EM pulse?" What?
Alupis 1 hour ago 2 replies      
I just ordered two of these, and they will arrive on Tuesday.

Makes me sad because I'm imagining a Raspberry Pi 2.1 release in the near future now...

pmalynin 2 hours ago 2 replies      
Explanation:Camera's have capacitors that charge up in order for the flash to happen. They are usually quite powerful. Now during the discharge (aka flash) what you have is very high energy electrons flowing across the wire creating aa magnetic field, coupled with the electric field of the electron you get a mild EMP.

And if it is light sensitivity then it should be tested with a bright continuous light

Confessions of a Congressman
points by anigbrowl  20 hours ago   148 comments top 26
GabrielF00 11 hours ago 0 replies      
You also have the phenomenon of Congress doing politically divisive things just to score points. For instance, the House just voted to repeal Obamacare for the 56th time. Why do it a 56th time? Even John Boehner says that it's so that freshman Republicans can go back to their districts and tell voters that they voted to appeal Obamacare.[1]

Similarly, there's now a special House committee to investigate Benghazi, even though there have already been investigations by four other House committees (Oversight and Government Reform, Intelligence, Armed Services, and Foreign Affairs).

[1] http://www.theatlantic.com/politics/archive/2015/02/why-repu...

KwanEsq 17 hours ago 6 replies      
>We are still, despite our shortcomings, the most successful experiment in self-government in history.

I'd like to know what metric they are judging that by.

chrisan 14 hours ago 3 replies      
> 9) Congress is still necessary to save America, and cynics aren't helping

> Discouragement is for wimps. We aren't going to change the Constitution, so we need to make the system we have work. ... Our greatest strength is our ability to bounce back from mistakes like we are making today. ... The point here isn't to make us something we're not. The point is to get us to make sausage again. But for that to happen, the people have to rise up and demand better.

How exactly are we supposed to get them to "make sausage again" when #2-8 pretty much list out why they aren't going to make sausage?

Have we not been demanding better? Any laws we might want of them to limit 2-8 is going to require the people who benefit the most from 2-8 to vote against themselves.

Articles like this is exactly why I'm discouraged and each voting cycle I get less and less inclined to go out and vote and just stay home and code.

Shivetya 13 hours ago 2 replies      
5) We don't have a Congress but a parliament

This is the true problem of Congress. It no longer is a separate part of government but merely and extension of the political parties. The ACA is the best example of this effect.

2) Congress listens best to money

The only way to fix this is to government fund all elections with a set amount of money and do not permit direct donations to political parties. However we must not ban paid political speech, only speech that targets a specific person pro or con; excepting someone already in office, negative ads should be always permitted against them

throwaway344 19 hours ago 2 replies      
I'm instinctually skeptical of anonymous articles. I always worry the publications are just making it up. It just seems unverifiable. I wonder if my conspiracy voice talking.
malandrew 18 hours ago 6 replies      
Can someone do a stylometry analysis on this? There should be a large enough corpus of writing from every congressperson to identify the author.
karmacondon 15 hours ago 3 replies      
I'm not sure if anyone has ever done this before, but it might be worth considering what the US Congress has done correctly. Namely, they haven't really screwed things up. America is still here, and is still the most powerful and respected* organization of humans to ever exist. That does count for something.

There was talk here not too long ago about comparing programmers who fly by the seat of their pants and end up looking like heroes to programmers who write solid, maintainable and reliable code. The boss notices when you pull an all nighter and crank out thousands of lines of code to solve a P1 critical bug. But they notice less often the programmers who write good code that doesn't produce a lot of bugs in the first place. Congress is kind of like the second programmer. Their bosses, the voters, generally pay no thought to their passing of procedural matters, vetting various candidates, oversight meetings and routine votes. C-SPAN viewership will attest to this. People only care when there is drama, scandal or crisis. It's a surprisingly thankless job, and like the all the rest of us congress people tend to focus on money as a meaningless way to keep score.

On balance, the entire US government has done more good than bad. This generation was handed a finely tuned machine with one mandate: Don't fuck it up. And they haven't so far. Of course things could always be better. I wish that congress would do the things that I want them to do, and not the things that other people want them to do. But they haven't caused me any problems in particular, and haven't harmed most of the people that I know. It's very easy to complain about how someone else does their job, but obviously difficult to do it better ourselves. We have the option of firing hundreds of them at a time. We're just waiting for them to give us a reason to do so.

* "respected" in the "envied and feared" sense, not the "what a nice bunch of people" sense

rattray 15 hours ago 0 replies      
A piece on the salaries of ex-gov lobbyists, which may be germane: http://sunlightfoundation.com/blog/2014/01/21/revolving-door...
chernevik 10 hours ago 0 replies      
"The only threat a lot of us incumbents face is in the primaries, where someone even more extreme than we are can turn out the vote among an even smaller, more self-selected group of partisans."

From this the rest follows. Lobbying is a sweet gig because Congress is stabilized to a predictability sufficient to justify organizational investment. Congress is 'parliamentarized' because the national parties are organized around their constituent interest groups. Etc.

This certainly wasn't what the Founders hoped for. And party organization and factionalism have been the most malign factors in American history. If you think it's bad now, just thank God you aren't in the middle of a Civil War. Factionalism poisoned the Constitution even before it got started, by forcing into the document an unprincipled carve-out for slavery and a logically absurd and emotionally nauseating 3/5 "representation" for slaves.

And what's to be done about it?

The Founders were insanely smart political people, and it's a good rule of thumb that if they didn't have a constitutional answer for a political problem, there is no such answer. This guess is fortified by the failure of Abraham Lincoln, the greatest de-bugger in human history, to solve the problem. I'm not saying it's impossible to solve factionalism by some constitutional / legal hack, but I'm not holding my breath.

I think our only hope is _culture_. Our ability, as citizens, to recognize our own individual partisanships and check them. And to recognize them in our fellow citizens and resist them. We have to recognize that in our current political system, real power doesn't lie in Congress, or the Presidency, but in whatever people and forces are shaping the ideologies around which these parties are organized. We have got to identify those forces and examine their motives and prepare to break with them when they aren't serving their stated goals. For all power in all places is corruptible. We have got to start paying attention to the use of language, not to understand problems, but as a tool for political organization. We have to start recognizing the political and organizational dangers of those ideas and dreams we hold dearest, and find ways to guard against those dangers.

tldr;It is ultimately our government. Its flaws ultimately proceed from us.

quadrangle 9 hours ago 1 reply      
Maybe doing away with Robert's Rules style bullshit would help some. Everything about the manner in which congress operates is basically designed for partisan gridlock. All sorts of organizations today realize this and use neutral facilitation and better open discussion and decision processes. Under congressional rules, members have to propose bills first rather than agree about problems and then discuss solutions and come to consensus.

Also, score voting would solve a lot: http://rangevoting.org/

lordnacho 16 hours ago 3 replies      
If most of the seats are safe, why do they need to spend 50-75% of their time finding money to defend them? Is it all spent in primaries?
rwmj 16 hours ago 2 replies      
"We aren't going to change the Constitution" .. why not?
lovelearning 14 hours ago 2 replies      
If it's so bad, why did the author run for Congress at all? I wish (s)he had explained their motivation to run for office.
crazy1van 11 hours ago 0 replies      
> We have a parliament without any ability to take executive action. We should not be surprised we are gridlocked.

I think the vast majority of new laws don't serve the people's interest. So I welcome the gridlock.

maxerickson 14 hours ago 1 reply      
I enjoy the tension that exists between the first two points.

Interpreting with some hostility, Congress is not out of touch with people that have money back home. Which means they are probably mostly out of touch with people back home.

javajosh 18 hours ago 2 replies      
Agreed about the credibility of an anonymous article. Vox would do well to explicitly vouch for it.

But this throw-away line struck me as valuable:

>Why try to get on a good committee if you have already ceded authority to your unelected, unaccountable party leaders?

This, it would seem to me, is the most troubling aspect of all of this (to put it mildly). If the tacit assumption is true (that congresspeople cede their authority to unelected party leaders) then we do not live in a democracy, we live in something like a kleptocracy.

w_t_payne 12 hours ago 0 replies      
Hmmm. Not with a bang, but a whimper.
archlight 16 hours ago 0 replies      
it floats up with best timing as House of cards 3 due to release this month
cubano 10 hours ago 0 replies      
tl;dr; Everything about Congress is utterly and hopelessly skewed towards corruption.

Wow, surprise.

No wonder approval ratings are so low.

DanielBMarkham 11 hours ago 1 reply      
We're missing some other important insights here:

1) Congress is in a bed of its own making. Most all of the problems listed here were created by Congress itself. And it could change any of them with a few simple votes. But it will not, because Congress has always sought out the least risky structures. No matter what this congressman might say, the behavior is obvious: nobody wants to be a Congressman making the tough choices; running with the herd is much safer.

2) Congress doesn't seek out the money, the money seeks out the Congress. The congressmen just go and ask for it. Congressmen aren't on TV with a telethon to save orphans from cancer -- they are not begging for bucks. Instead, there's a ton of money out there already from lobbyists and PACs that are just waiting for the right politician to come along. It's not begging -- it's more like auditioning for a part. The key question is this: can you stick with the national message, keep the troops fired up, and still take this money? If so, take it! You need it. If not? You've got some more auditions to do. There's plenty of folks wanting to influence the sausage making. It's a numbers game.

It's important to understand this distinction because the driver here is the political power that Congress wields, not the guys with the checkbooks. If, by some miracle, you could pull all the money out of politics? It'd be the same old dance, just with government contracts and cushy political jobs. This has been going on since Washington was president. The problem now is that the stakes are tremendously higher now than they used to be. Political power always trumps money -- that's why money chases it. That's why politicians continue to create new structures where their power can be exercised.

3) While the smart people may not run, there are a ton of folks who have already struck it rich and now just want another feather in their cap. Congress is the way to do that. One senate majority leader said that running the senate was like having to manage 100 little Napoleons.

4) Yes, in the overall the Congress may be having problems getting together, but the individual role of Congressman is a pretty cool gig. All government agencies have special hotlines for you to get special attention. You get to ride around in helicopters, meet foreign leaders, magically make investments that soar, get schmoozed by celebrities -- the perks go on and on. So let's not blow smoke up anybody's posterior: if the job wasn't attractive, most of the people who are currently congressmen would step down. That's not happening.

5) Congress is not only necessary to save the country, they've been sleeping on the job. You can be cold and bitterly truthful without being cynical. Things are broken for a reason. Understanding those reasons is the first step in fixing the system. I worry that people who hate on cynics are really just saying "Become emotionally fired up and follow us on faith. We'll get you there!" Sorry, I don't do that -- and I think we're nearing the end of that attitude being helpful. In fact, it's beginning to sound like cheerleading on the Titanic. Let's be blunt and honest. If the republic depends on my losing my critical thinking skills then it's in worse shape than I think. Honesty, learning from history, and being aware and critical of the many ways governments screw up is what created the structure of the country, and its the only true way forward. You cannot fix something you are not prepared to talk honestly about.

vacri 13 hours ago 0 replies      
"and we try to do our best", followed by an article where everyone follows the same rutted path like sheep instead of trying to break the mold. If they were trying to do their best, they wouldn't engage in filibustering and brinksmanship.

Then, near the end: "lower pay than a first-year graduate of a top law school". $174k? That's your typical graduate salary from a top law school? Yes, perhaps. If you choose the cream of the crop, in the most expensive state, with the largest firms. It's a silly comparison anyway, because first-year graduates are in their early 20s, and politicians are, for the most part, middle aged. Talented middle-aged people aren't becoming politicians because they're instead drawn by the lure of being a junior lawyer?

I mean, seriously, no-one believes that the only financial benefits federal politicians get is their salaries. Hell, the Australian Prime Minister is paid 25% more than the POTUS (or at least was, before our dollar dropped), but the current and past presidents aren't exactly strapped for cash.

briandear 15 hours ago 2 replies      
A strange contradiction: the author claims that low pay is a problem with attracting talent but then explains how it's a stepping stone to lucrative lobbying jobs. I don't think there's a single person who would turn down a Congressional seat because they pay isn't high enough. Congress should have a salary that's equal to the median salary of a DC school teacher. In fact Congressional pay should be statutorily pegged to the average salary of cops, firemen, school teachers and mid-career soldiers. Those people don't get a raise, then neither should Congress.

Better yet, let's tie Congressional pay to fiscal performance: for every percentage the deficit exceeds the budget, congressional pay decreases by the same percentage. If they don't pass a budget, then they don't get paid at all. Maybe Congress (and the Executive) ought to feel the he same pain or pleasure they inflict upon the country.

barsonme 18 hours ago 2 replies      
A better title: "9 obvious political facts we hashed together to make a cool headline."

1) Of course. Everybody is short-sighted and the goal is to keep the constituents at bay for the next election cycle. Wait long enough, and you're basically set depending on how deep of a shade your district is.

2) Well, yeah. Nobody donates except for old people (barely), rich people, and unions/corps. A house campaign in a "safe" district in my state costs over $8M, and very little of that comes from your "average" citizen. Thus, fundraisers with rich people. It's an arms race, because you don't want to be caught without money unless your opponent goes balls-to-the-wall -- then it can be used to your advantage. ("Hey, look, he's a corporate/union/out of state shill!") edit: also, sorting remits sucks. Super boring because most is pennies save for a few large checks.

3) This one is probably one of the worst depending where you come from. A state like mine doesn't have many issues, whereas some of the states with a very black and white demographic makeup (I mean that in more ways than one) have a lot more issues.

4) Yeah. It's frightening almost. Still, it depends on the data sets. Many state parties have POS data sets that still rely on a top-down method of data insertion that sucks. Also, the more rural you get the less accurate the data is. (Although, there are other methods of voter ID for rural voters.)

5) Part of this is due to the polarization of the U.S., but yeah. I mean, theoretically we're supposed to have a slow-moving congress, and separation of powers (exec, leg, judicial) is a good thing.

6) Ooooh yeah. Get on the (depends if you're talking about state or national congress) finance committee, ways and means, etc and all of sudden you're powerful. I should mention, though, that at the local level committee meetings are taken much more seriously.

7 and 8) Yeah. One of the best ways to make connections is through politics. I know people who are absolutely useless but make nearly six figures because they worked on a campaign, ran one, worked as an la, and finally got a position on a "policy group" or as a staffer. All of a sudden you have a bunch of people vouching for you, regardless of your competency. If other professions worked this way (e.g. doctors, lawyers) we'd all be dead or in jail.

9) Apathy is the killer. Nobody cares anymore, and it's sad. If people would care, learn about the issues and people, show up to local hearings, actually do things then we'd see real change. If people wouldn't be so polarized and view the world as black and white maybe we'd end up voting clowns out of office... although, that does require people to actually vote.

mikerichards 13 hours ago 0 replies      
Congress is still necessary to save America...

When you think like that, then you're part of the problem, not part of the solution.

zaroth 15 hours ago 0 replies      
This was a funny statement;

  Without crooked districts, most members of Congress  probably would not have been elected.
I can say with certainty that without crooked districts every member of congress would still have been elected. I mean, I get what Anon is trying to say, but it hints at a very slanted / anti-voter world view. This is my surprised face :-|

powera 18 hours ago 1 reply      
I'm also very skeptical that it's actually a congressman; if the person is this bitter about Washington why did they just spend so much effort getting elected 3 months ago?

Beyond that, members DON'T vote with party leadership 99% of the time. If you count enough procedural votes it might feel that way, but that's just silly.

This emphasis on "talent" in Congress also seems like it's not from a Congressmen.

I suppose this could be a particularly unambitious backbencher from a safe seat (which would also explain why they don't care about committees).

CrunchBang Linux: The end
points by _JamesA_  1 day ago   96 comments top 40
slfnflctd 1 day ago 5 replies      
What a bummer. CrunchBang succeeded more for me in the first install attempt on older, weirder hardware than any other distro I tried (including things like Puppy Linux, Damn Small Linux or even Debian with defaults). I have it set up as a dual-boot 'failsafe' OS on a couple old WinXP machines, one of which I use daily.

For getting up & running quickly with minimal hassle, while still being rich in features and easy for noobs on basic tasks, I have found nothing that compares-- not sure what I'm going to replace it with yet, would love it if anyone has suggestions.

laydros 1 day ago 0 replies      
I had a feeling this was coming, based on the fact Corenominal is mostly running Jessie with Gnome in some of his recent posts, and the lack of development around the Jessie based version.

I think Corenominal is a stand-up guy in general, and great for the GNU/Linux community. I think he is also leaving the project at the right time, before he has to face the demons of init that are in Jessie, and now that vanilla debian with xfce or lxde is much closer to the user-friendly and complete desktop that #! was so great for.

All that positive stuff said, this kinda sucks. I was really looking forward to the next version. I agree with many others that it isn't pointless yet, there still isn't anything quite as polished while still being super lightweight.

sauere 1 day ago 1 reply      
This is sad. I am using CB on my Notebooks and i love it. It's preconfigured setup was the perfect sweet spot between a Debian-minimal install and the somewhat "bloated" big distros out there.
cms07 1 day ago 0 replies      
I used CrunchBang for quite a while, and it's sad to see it go, but I completely understand why the maintainer doesn't want to do it anymore, even though I disagree with his statement that CrunchBang no longer has value.
darkFunction 1 day ago 0 replies      
Oh man. CrunchBang is my go-to distro when I need something lightweight that just works out of the box. The default install is a great, well-featured system.
novalis78 1 day ago 1 reply      
Crunchbang is my most favorite distribution. For the last 2 years I found it perfect for my needs, especially on slightly older machines. Originally I came from SuSe, moved on to Red Hat and Fedora, then played with Gentoo for a while. Ubuntu is great, but with each version the out-of-the-box experience became less and less desirable. Crunchbang (which I discovered on HN, btw) was minimalist (but not painfully so) and shared Ubuntu's robustness.
perturbation 1 day ago 3 replies      
Posting from a Crunchbang desktop - not the best thing to be the first thing to read as I get up in the morning.

I expect I'll be able to do some apt-repo magic and switch over to Debian when the next stable release comes out, but I hope there's not too much breakage when I do.

macco 1 day ago 1 reply      
I was a humble #! user for some time. But thinking about it, this little distros a getting less important, cause the big ones got a lot better.

Thinking about it, it is a good thing the #! creator focuses on someting different/new. We have to many distros anyway.

nailer 1 day ago 0 replies      
As a mid-level Unix person (around 18 years) I'd heard 'hash bang' and 'shebang' but never 'crunch bang' to describe the interpreter before.

I wonder where the term 'crunch' for pound/hash came from?

Edit: looks like it's been around a while: http://ss64.com/bash/syntax-pronounce.html

LukeB_UK 1 day ago 1 reply      
Google cache because their site seems to be struggling: http://webcache.googleusercontent.com/search?q=cache:http%3A...
muyuu 1 day ago 0 replies      
AFAIK he made no money whatsoever out of it. If it's not necessary for him any more, and doesn't make him any value, it's hardly difficult to understand he doesn't want to continue working on it.
jblow 1 day ago 0 replies      
I have great respect for anyone who undergoes a big project. So I am sad that this project is coming to an end, and I hope his future endeavors go well.


From my perspective as someone who keeps going back to Linux and trying to use it every 18 months or so, the #1 problem today is that there are WAY too many distros -- and as a result, all of them are broken. What really needs to happen is for the Linux community to put a great deal of elbow grease into a small number of distros.

Because I only try Linux every year or two (and give up on it every time), I see isolated snapshots of how usable the OS is, and from my perspective, it's gotten less stable and less usable over the past 5 years. (Six months ago I had to try 4 different distros before one would even install correctly on one of my two test laptops, for example).

In terms of mainstream distros that are actively trying to appeal to end-users (not counting fringe research projects), how many is enough to provide good variety? I am thinking 3-5 maybe?

Instead, this is the situation: http://en.wikipedia.org/wiki/List_of_Linux_distributions

Does anyone think that is an efficient way to produce quality results?

Edit: It's also worth keeping in mind that the Wikipedia list is sort of the minimal list of versions. For example, if you go to the Linux Mint homepage, you get 4 different versions to choose from: http://www.linuxmint.com/

johnatwork 1 day ago 0 replies      
To me #! was quite good for my needs, I'm quite sad to see it go. As someone who's not quite adept at using Linux, it was configured enough that I wasn't lost following instructions.

I will surely miss it.

ethagnawl 1 day ago 0 replies      
I've been running #! for the last 1.5 years and it's been a pleasure to work with.

Many thanks to @corenominal and the other contributors for their efforts over the last few years.

samspenc 1 day ago 4 replies      
I never used CrunchBang, but heard quite a bit about it, and like an big open source user/supporter, I'm sorry to see CrunchBang go.

But honest question: with the rise of Ubuntu, Debian and a few other "alpha" Linux versions, does it make sense to put in effort and keep an alternative Linux version running? I've always toyed with making my own Ubuntu variant with custom window manager, but never got around to it.

oldpond 1 day ago 0 replies      
I loved crunchbang. The installer was great. It got from zero to everything you needed for a development box in 15 minutes. Thanks for all your work!
kancer 1 day ago 0 replies      
I've been running Crunchbang for two years. It is the only distro that had working media buttons, multi touch trackpad, close lid -> sleep working out of the box on my T420. Not sure if any of this changed but all the other distros I tried required me to write config files and bash scripts. Sad to see it go.
undersuit 1 day ago 0 replies      
I run Debian, but the Crunchbang Forums have been a great place for me to learn. I'll find tips, pearls of knowledge passed down from the masters, and even whole config files for programs that barely get represented in the normal linux distros.

Crunchbang served as repository of knowledge for a minimal desktop Linux and hopefully the community keeps the forums active.

spiralpolitik 1 day ago 0 replies      
Sad news. CrunchBang was a great little distribution. A couple of rough edges, but it was a refreshing change from Ubuntu or Debian.
nadams 1 day ago 3 replies      
Disclaimer: I've heard lots of great things about #!. However, I have never had the chance to try it myself.

I kind of figured distributing the distro over torrent only was a bad idea. For the kids sitting at home - torrenting isn't a bad thing (generally...usually). However, when you are sitting at work and they are monitoring traffic - downloading a torrent is a quick way to summon the overlords (even if you were in a technical position like I was - there are some things that they will look the other way, such as downloading the NT password reset disk, but downloading a torrent would not be one of them). And no, I wasn't about to "sneak" in a burned copy of #!.

In today's day and age of CDNs and cloud storage I found it highly suspect that they couldn't find someone to mirror it (even uploading to sourceforge). I'm not claiming there was anything wrong with #! but offering a torrent only download makes me cautious.

zeroviscosity 1 day ago 0 replies      
All good things must come to an end. I've been a dedicated #! user for years. I have it on my work desktop, my home desktop, my Macbook Pro, my Macbook Air and my home media server. In other words, I'm a bit obsessed with it. I really appreciate all that @corenominal has done and wish him all the best.
morganvachon 1 day ago 1 reply      
Sad, sad news. It's the only Debian based distro that I've found to be nearly perfect out of the box for my workflow. I had a feeling this was coming for a while (as most #! users probably did), and I've mulled over trying to emulate its interface and approach using another major distro (Slackware) as the base. But the two, Debian and Slackware, are just so different that it's beyond my ability to commit the amount of time needed to do it properly.

Given the impending systemd switch in Debian, I probably would have had to give up using #! going forward anyway. Still, it kills me to see it possibly disappearing one day soon. I hope Corenominal can pass the torch to the community in a way that allows it to live on in some form.

aroch 1 day ago 2 replies      
Archbang is still under active development, thankfully
stolio 1 day ago 0 replies      
That's a bummer. I used to run Debian with OpenBox so I'd often end up sifting through the old CrunchBang forum threads to fix stuff. Just an amazingly nice and supportive community.

Running Debian/OpenBox was pretty cool. I'd imagine if you keep your config files, especially rc.xml and the startup scripts, you could home-roll something quite similar to #!. Although running OpenBox by yourself can be a massive time-suck.

talles 1 day ago 1 reply      
Noooo, #! is one of my favorite distros. Used for quite a while in the past.

I stopped using when they switched the base system from Ubuntu to Debian (I know, shame on me) :(

carlivar 1 day ago 1 reply      
I appreciate the philosophy of CrunchBang, but for my recently-built Linux desktop PC I tried it out. Spent two days trying to get sound to work correctly. Really brought me back to my struggles with Linux 10+ years ago. Gave up and went with a mainstream distro where sound Just Worked.
logn 1 day ago 0 replies      
The web site is slow under the load.


seldonPlan 1 day ago 1 reply      
The link seems to be dead for me. What was the reason #! is ending? I really enjoy this distro. Very sad to see it gone.
ykzrtj 22 hours ago 0 replies      
A real waste. So I'll go ahead with my eulogy. #! to me was more than an operating system or Debian with slick OpenBox configs. #! was the community, the aesthetics. It represented a bold idea and executed it flawlessly. I really hope the community can take on the mantle, and trudge on. I disagree that #! has no more value. On the contrary, I think its value was already starting to increase in the recent years.
danneu 1 day ago 0 replies      
Crunchbang is the only lightweight distro that completely worked on my 2008 10" Atom netbook. I used that thing for three years when I was a student.

It's my favorite distro, I'm thankful for it, and it's sad to see it come to an end.

thatsjustcrazy 1 day ago 0 replies      
A sad day indeed. Brings me back to my days of obsessively sampling every flavor of Linux out there.
vohof 1 day ago 0 replies      
CrunchBang was my togo distro as well. Everything's nicely setup. But when I tried ArchLinux, I never looked back. CrunchBang has a very awesome community!
rak 1 day ago 0 replies      
At one point this was my favorite distro and my favorite irc channel to hang out in. It showed me a lot about the possibilities of configuring a minimal system.

Sad to see it go. Thanks for everything.

chanux 1 day ago 0 replies      
I used crunchbang once and loved it! Also I've picked up a lot form the forum. Even though I had to be with ubuntu for reasosns, it's really sad to see #! go.
forlorn 1 day ago 1 reply      
So, no other maintainers are willing to continue working on it?
johntaitorg 1 day ago 0 replies      
Nooooo Crunchbang is perfect
william20111 1 day ago 0 replies      
very sad to see this happen. Hopefully somebody takes over and guides the project from here. They have made a great distro with the openbox wm.
arca_vorago 1 day ago 0 replies      
I really liked CrunchBang, especially the setup scripts, which I think shouldn't be too hard to port over to a debian minimal install anyway.

For those of you looking for similar alternatives, ArchBang is pretty awesome, but I have been increasingly interested in Alpine Linux for it's native grsec implementation. I'm experimenting with using it in virtual network labs and it has worked pretty awesome so far.

pearjuice 1 day ago 2 replies      
I never really got the popularity of CrunchBang it was basically a Debian minimal with a "sudo apt-get install openbox tint2 conky" post-install script.
emehrkay 1 day ago 0 replies      
Funny how branding works. Having never heard of, or forgotten about, CrunchBang, for a split second I thought "Tech Crunch has a linux bistro? Must be for that tablet that they made a few years ago." I recently encountered this with Plan B Burgers in DC.
Metaprogramming Elixir
points by kungfooguru  2 days ago   21 comments top 6
dpeck 2 days ago 4 replies      
For anyone looking to learn more about Elixir/Erlang, here's a dump of links that I posted recently to the local Atlanta Elixir Meetup group.

Roughly in the order I'd recommend consuming them.

Dave Thomas - Power of Erlang, Joy of Ruby - https://www.youtube.com/watch?v=lww1aZ-ldz0

Dave Thomas Elixirconf Keynote - Think Different- http://www.confreaks.com/videos/4119-elixirconf2014-opening-...

elixir-lang.org tutorial - http://elixir-lang.org/getting_started/1.html

Programming Elixir - https://pragprog.com/book/elixir/programming-elixir

Awesome Elixir - Curated list of great libraries - https://github.com/h4cc/awesome-elixir

Elixir In Action - http://www.manning.com/juric/

Learn You Some Erlang For Great Good - http://learnyousomeerlang.com/

Erlang and OTP In Action - http://www.manning.com/logan/

I haven't had a chance to read McCords new book, but having read his code and interacted with him a fair bit in #elixir-lang the last few months I can only assume I'll be adding it to the bottom of this list as an important intermediary step to becoming proficient in Elixir along with learning OTP.

bradfordarner 2 days ago 0 replies      
I got the book last weekend. Chris has done a wonderful job!

For me, metaprogramming is one of the things that was a deciding factor with Elixir, in addition to all the other functional programming aspects that are part of the language. I'm most definitely not an amazing polyglot with a wide degree of experience with every single functional language out there, but this feature pushed me to invest time to learn Elixir. Metaprogramming has saved me immense time in numerous applications in Ruby. So, I consider it a critical thing to learn.

Of course, after investing time in Elixir you very quickly learn the power of the Erlang VM. Elixir is like a gateway drug! I now have a consistent mix of Erlang and Elixir syntax in the stuff I'm playing around with. One of the chief complaints for people with Erlang is the syntax. Elixir makes the entire proposition of learning Erlang far more appealing...and then you really it is all actually Erlang under the hood!

And, one of the big things that Elixir adds on top of the Erlang VM is metaprogramming. There aren't a lot of great sources out there on the subject. Chris's book is a great addition to the slowly growing Elixir library.

chrismccord 2 days ago 0 replies      
Author here. Fun to see this getting some HN love. Those who want a glimpse of what Elixir metaprogramming is all about can check out my Erlang Factory SF talk which gives a nice overview of Elixir's macro system:http://www.chrismccord.com/blog/2014/03/13/write-less-do-mor...
thisishugo 2 days ago 0 replies      
The first rule of Macros is: don't write macros.

However, if you are going to use (and abuse) this powerful feature of Elixir, I can't think of anyone better than Chris McCord to help guide you on your way. Chris' talk on Macros[0] at Erlang Factory last year was not only highly education, but also very entertaining. If that video doesn't convince you, I recommend you take a look at the Phoenix web framework codebase[1]. Chris is an incredibly talented programmer, and an incredibly helpful, and patient guide to those less skilled than he attempting to contribute code to his projects (I know this because he held my hand through getting a pull request merged into Phoenix some months ago when I was still playing with Elixir).

[0] http://vimeo.com/88885763

[1] http://phoenixframework.org

rjsamson 2 days ago 0 replies      
I bought the ebook last weekend and I have to say that Chris has done a really great job here. For anyone looking to get deeper into Elixir, this is a great read - can't recommend it enough!
alanpeabody 2 days ago 1 reply      
Even coming in with a few years experience in Clojure and having spent time writing macros in Elixir I have found this to be a really worthwhile read (so far).

That said, this should not be your first Elixir book (as Chris points out in the book's introduction). It should be your second, especially if you are interested in writing libraries.

I Visit Libraries to Sell Bitcoins to Random People from the Internet
points by danso  3 days ago   82 comments top 8
Potando 3 days ago 5 replies      
"nothing could be done over the phone, though I was welcome to walk into a branch and try my luck there" - This is sadly common with UK banks. They want you to go to the branch for all sorts of things that really don't need it, but the branch is always closed or overcrowded when you have time to get there. It doesn't help that you have to use your own branch, not any of the others - as if they don't have a computer network between them? Or perhaps they feel the local staff somehow remember who you are and what your tedious banking problems are? Somehow they decide there's no need to be open in the morning, evening or Saturday afternoons, even though they're turning people away and squeezing the bloated queue inside the doors so they can get ready to close. I was also overseas when I was told the only way to get the few thousand pounds from my account was to go the the branch. Eventually they found another way.
timdierks 2 days ago 3 replies      
I am not a lawyer, but the author should consult one. Money transmitting businesses are heavily regulated in the United States, and operating such a business without registration and compliance with regulations may be illegal.

These laws are not a joke; there's a reason that all the mainstream Bitcoin businesses have these constraints, registrations, and rules, despite the way they impede customers and businesses: "know your customer", anti-money laundering and Patriot act constraints on terrorism funding are very real and serious interests of government units with powerful enforcement powers.

Be warned that this is not the same as selling lemonade in the government's eyes.

devindotcom 3 days ago 3 replies      
How interesting. Makes me want to set up a similar service where I am. $500 minimum, mark it up a steady 10% based on price when the order is placed, and offer to buy the coffee when you meet at the local cafe to make the swap.

Hard to make a living unless you're doing it full time, but the hobby would pay for itself and then some, and you'd meet some interesting people and learn your way around the ecosystem.

As for the money... keep the cash! Use the cash! Cash is convenient, cash is universal! I've been thinking about going all cash for anything but purchases that must be made online, and even those can be made with prepay cards that can be bought with cash. edit: a moment of thought reveals you have to put the cash back into the system somehow or another in order to fund more bitcoins. So, there's that fantasy shot.

Shinkei 3 days ago 6 replies      
So can anyone explain why banks would suddenly close an account like that in the UK? Would they do that in the US? He is despositing a lot of cash and electronically transmitting money from that account. Wouldn't any small business that does a lot of cash transactions run into this same problem?
Buge 2 days ago 2 replies      
Counterfeit money is a bit risk when doing this. There have been several stories of localbitcoin sellers receiving counterfeit money.
joosters 2 days ago 1 reply      
I don't get it: They say that they started using Bitcoin to help transfer money overseas, yet later in the article they talk of using TransferWise to move money abroad (which deals in pounds and dollars, not Bitcoin)

If bitcoin's strength is meant to be its low cost for moving money around, how come even this Bitcoin peddlar cashes out back into fiat to move it?

legulere 2 days ago 1 reply      
> I knew I was playing in a grey area

For me it looks like this is obviously illegal because he conducts a business without registering one.

edward 2 days ago 0 replies      
       cached 8 February 2015 03:11:03 GMT