hacker news with inline top comments    .. more ..    5 Dec 2015 Best
home   ask   best   3 years ago   
Swift is Open Source swift.org
1778 points by psuter  1 day ago   425 comments top 94
ruddct 1 day ago 3 replies      
A lot of folks to thank at Apple right now, can't wait until all of this propagates so we can take a look at what's new in Swift 3. Two thoughts:

- VERY happy to see the open sourcing of much of the Foundation libraries (which includes strings, dates, networking primitives, concurrency/task queues, I/O, etc). It'll provide a very strong start and make working with Swift immediately productive.

- Holy crap, there's a package manager. This has been sorely needed since about day one of Swift development, glad to see that it's been a priority as part of the effort to open source!

nikon 1 day ago 6 replies      
jdub 1 day ago 2 replies      
Apache 2.0 License + Runtime Library Exception + copyright owned by the contributor (i.e. no assignment or CLA) + good community structure and documentation + code of conduct... well done, Apple!
practicalswift 1 day ago 2 replies      
Happy to see that my collection of Swift compiler crashes (see https://github.com/practicalswift/swift-compiler-crashes) has been part of the official Swift repo since September 2014: https://github.com/apple/swift/commit/e5ca8be1a090335d401cd1... :-)

A previous HN thread about the swift-compiler-crashes project: https://news.ycombinator.com/item?id=9020206

bamazizi 1 day ago 1 reply      
The programming language eco system is really improving rapidly and efficiently. It seemed the developer's toolkit was limited by the languages created 20+ years ago but within the last few years we're seeing a renaissance in developer toolkits as well as development philosophies.

Languages like Go, Rust, and now Swift are not only great from almost every aspect over the last generation languages like C, C++, Java, but a lot noobs or scripting language developers are also converting to more low level languages. So the barrier to pick up a lower level language and become productive in it has really diminished.

Go has had a head start and introduced minimal simplicity. It's a great/powerful language and almost everybody can pick it up quickly within a few days. I wouldn't listen to people who dismiss the language for its lack of "features" and have never written more than "hello world" in it.

Swift is "important" because of Apple & iOS. It has a much steeper learning curve than Go and naturally it takes a few weeks of dedication to get comfortable with it. However, once you overcome the introductory challenge then you'll start to appreciate the language and its capabilities.

Already the job market for both languages are really high with higher than average salaries. So learning/mastering both Go and Swift is the best decision you can make.

justplay 1 day ago 3 replies      
I still remember max howel tweet[1] in which he publicly said that we was rejected by Google. Looking at his linkedin profile[2] , he was later hired by Apple in August 2015. Now he is biggest[3] contributed to Swift package manager. It is good to see that the person who has lot of experience in handing Apple and package system is handing this stuff. I guess, things happens for good.

[1] https://twitter.com/mxcl/status/608682016205344768

[2] https://www.linkedin.com/in/maxhowell

[3] https://github.com/apple/swift-package-manager/graphs/contri...

alblue 1 day ago 1 reply      
Fantastic news that Swift is now open-source, though it came about 4 hours too late for my GotoBerlin presentation on Swift 2 Under the Hood (on SpeakerDeck at https://speakerdeck.com/alblue/swift-2-under-the-hood-gotobe... if you're interested)

I've also open-sourced the SIL Inspector that I demonstrated (https://github.com/alblue/SILInspector) and written up a post on InfoQ covering the important points of this release


dangjc 1 day ago 4 replies      
Super excited! I will totally be exploring Swift for quantitative work. Julia has been great so far, but a lack of good IDE tooling is making a large codebase difficult to navigate and keep clean. Python has even less type safety than Julia. Swift has a REPL! Go doesn't, and its lack of generics makes writing most algorithms very limited (there isn't even a matrix 32 library, just 64 bit). Java has horrible native interfacing. C# is pretty anemic on Linux. C++ has too many gotchas, slow compile, to feel productive. Bonus: Swift libs will probably be very easy to deploy on both Android and ios.
ihuman 1 day ago 3 replies      
It looks like Apple is also releasing an official package manager for swift.[1] I wonder how that will effect Cocoapods.

[1] https://swift.org/package-manager

iheart2code 1 day ago 3 replies      
It's great to see them follow through with this. I remember when Steve Jobs went on stage and said that FaceTime would be an open standard. Haven't seen that happen yet.
glenntzke 1 day ago 2 replies      
I find the number of typo PRs to be amusing. Makes me wonder if there's a mass effort to slog through commented code just to jump into the contributor list.

Correct spelling is certainly good, but the interesting phenomenon is getting a PR merged in a high-profile project - however slight the change - as a badge of cool.


mwcampbell 1 day ago 3 replies      
Interesting that they rewrote the Foundation library in Swift for the open-source release rather than open-sourcing the ObjC one and bringing along the ObjC runtime. I wonder if this means they still believe the ObjC runtime and Foundation library are still worth keeping proprietary, or just that this is a step toward phasing out ObjC.
mojuba 1 day ago 0 replies      
Just re-stating the obvious, but it's also interesting how GitHub has become the default go-to of repos for everyone, like Google is for - well - googling. Kudos to both GiHub and git, you are simply awesome.
insulanian 1 day ago 1 reply      
With open-sourcing C# and Swift, the era of major closed source programming languages is now officially over.
hokkos 1 day ago 4 replies      
What kind of trolling is that ?

>I think we should use GPL v3 instead.


inglor 1 day ago 6 replies      
Am I the only one who finds it odd that while pushing two high level but performant languages (Objective-C and Swift) Apple wrote their Swift compiler in C++?
sebastiank123 1 day ago 2 replies      
Great news! Coding in Swift is fantastic and I would love to see it coming to more platforms, maybe even on servers. It could become a serious Javascript competitor due to its elegant syntax, the type safety and speed.
makecheck 1 day ago 3 replies      
There's one thing I can't understand about Apple's approach, and that is their pathnames.

As good as Swift is, putting it by default in asinine paths like "/Library/Developer/Toolchains/swift-latest.xctoolchain/usr/bin" doesn't help anybody (and a ton of stuff in OS X is like this).

A more Unixy way to do this would be /opt/swift-3.0/bin, where /opt/swift is a symlink to /opt/swift-3.0. Even Apple used to limit the path insanity to merely /Developer/usr/bin. Not sure what happened...

mingodad 1 day ago 3 replies      
Testing the binaries on ubuntu decompressed to to $HOME/swift and trying to execute swift:

Welcome to Swift version 2.2-dev (LLVM 46be9ff861, Clang 4deb154edc, Swift 778f82939c). Type :help for assistance.

 1> help
opening import file for module 'SwiftShims': No such file or directory

I could not find any mention to environment variables that could be used to override default locations, like SWIFT_LIBRARY_PATH or something like it.

iheart2code 1 day ago 0 replies      
The more I think about this, the more I wonder how existing third-party libraries will respond. Similar to Android and Java, I'd imagine we'll start seeing "vanilla" Swift libraries crop up that only use public/standard libraries and can work on iOS/OS X apps as well as open source projects.
renownedmedia 1 day ago 0 replies      

It's not just you! http://swift.org looks down from here.

blumomo 1 day ago 3 replies      
I would love to see Swift for Android programing. I'm already using Kotlin, a language very close to Swift, for programming our Android apps. But I find Swift niftier than Kotlin.
cbeach 1 day ago 2 replies      
Such good news. I've bet my career on Scala, but Swift is sufficiently similar in style that it will be an easy transition.

A language to write native (not VM-based) apps for the desktop, iPhone, iPad, Apple Watch, CarPlay and Apple TV is becoming very compelling indeed.

athenot 1 day ago 5 replies      
I wonder if Apple is positionning it as a competitor to Google's Go? They are hinting at a usage beyond just iOS and OS X.
SXX 1 day ago 0 replies      
Hope it's will have brighter future outside Apple ecosystem. It's nice to have more tools for server-side development, but wish it's will be better on desktop than ObjC / Cocoa / GNUstep was.
Ingon 1 day ago 0 replies      
One of the biggest things for me is that now I can draw upon the knowledge and knowhow of the people making Swift itself. Coming from Java, I'm used to reading the sources of all the things and now I can finally do it. So exciting, congrats to everyone involved!
kenbellows 1 day ago 1 reply      
So does this mean we might finally get officially supported iOS development on Windows and/or Linux soon?
sbarre 1 day ago 0 replies      
Must be brand new because the Github links on the site don't work (assuming they haven't made the repos public yet).
KevinMS 1 day ago 2 replies      
Somebody compare and contrast swift for backend development with golang, node, etc. Google is giving me nothing useful.
cdnsteve 1 day ago 3 replies      
How is developing on iOS these days? Swift seems like such nice a nice language.
connorshea 1 day ago 1 reply      
Swift Package Manager? It looks like Apple has developed their own version CocoaPods for Swift? Interesting.
BuckRogers 1 day ago 0 replies      
Congrats to Chris Lattner and the others at Apple who were promoting this! I've been watching Swift develop from the initial announcement because it would be a bit like C#. A great backend language that gives you first-class access on one of the most popular platforms.
ricksplat 19 hours ago 0 replies      
As a sometime Apple developer I do welcome this. Hopefully it will legitimise some of the grey (non-official) toolchains and support the development of tools and community that much of the rest of the software development world enjoys, and people won't be tied solely to Apple's own dev tools.

Does anybody else think it's a little strange though? To have open source tools solely to target a closed platform? I haven't used Swift myself but from what I've seen it seems to be something like Javascript with libraries for iOS, perhaps with a few semantic adjustments. Would that be a fair assessment?

I can't imagine it being used for much else beyond developing for iOS devices. Perhaps Macs. So while it's free as in "beer", but could it truly be said to be free as in "speech" in any substantial fashion?

giancarlostoro 1 day ago 0 replies      
I'm hoping to see builds for other distros and Windows as well. I'm curious what GUI applications would be like for Swift on Linux. I hope we see a great new platform for development with Swift :)
dubcanada 1 day ago 1 reply      
The site is barely even indexed by Google yet, and the github repo is not even done. I don't think it's ready yet.
zmanian 1 day ago 4 replies      
Wonders about the state of Swift on Linux? Was expecting this to be timed with the open source announcement.
cromwellian 1 day ago 1 reply      
This is pretty awesome. If all of the platform dependencies could be abstracted away, this could form the core of yet another cross-mobile-platform development framework, but with better performance and richer tooling.

I think it really depends on how much control Apple intends to exercise over the IP. Could someone fork it and use it to create a mobile platform that would be free from legal harassment if it competed with the iPhone?

sinatra 1 day ago 2 replies      
This is good news (hoping the github link etc will start working in a day or two)! One side effect of swift being open sourced is that more developers will start looking at it for server side development. However, I personally think that Swift will continue to have strong reliance on Apple (esp considering that most external Swift developers will come from iOS development). So, till I see Apple showing interest in Swift getting used on server side, I'll not use it there.
return_0e 1 day ago 1 reply      
The Swift port for Linux seems to only support x86-64 for now. https://swift.org/blog/swift-linux-port/ I would like to see how swift could run on Linux ARM devices (Raspberry Pi 2/Beagleboard/etc) and other platforms; given that the runtime is already on iOS devices. Kudos to Apple for open-sourcing Swift.
i_don_t_know 1 day ago 1 reply      
Very nice that you can debug functions in the repl and set breakpoints:


I don't know any other repl that can do that. I know you can debug in (some) lisps and smalltalk, but I don't know if you can set breakpoints too. Still a nice and welcome feature.

justplay 1 day ago 1 reply      
Scarbutt 1 day ago 2 replies      
A Golang killer?
crudbug 1 day ago 3 replies      
What was the design decision that required function declaration to be :

func hello(name: String) -> String { }

rather than,

func hello(name: String) : String { }

espadrine 1 day ago 4 replies      
Linux support is hinted at in examples:

 #if os(Linux) import Glibc #else import Darwin.C #endif

talles 1 day ago 1 reply      
atmosx 1 day ago 0 replies      
It's WAY too slow to load and most pages time-out for me... I understand the hug of death coming from HN and twitter and reddit (and God where from) but this is Apple-backed right?!
estefan 14 hours ago 2 replies      
Is it possible to write complex iOS apps using swift alone, without having to learn any Obj-C? Is there full library support, good ecosystem, etc.?
theflagbug 1 day ago 1 reply      
Shameless self-promotion: Here is a great way to learn Swift on your phone: http://swifty-app.com/
pjmlp 1 day ago 0 replies      
Congratulations on the efforts done by whole involved to make it open source.

But I wonder if it will fare better than Objective-C outside Apple eco-systems without the tools and OS libraries...

imranismail 21 hours ago 0 replies      
Been learning Elixir for the past few months and it's been a fun experience learning a functional language and OTP.

This might just be the thing to cross the "native" on my language learning checklist.

lassejansen 1 day ago 0 replies      
Interesting, the compiler seems to be implemented in C++.
golergka 1 day ago 4 replies      

This organization has no public repositories.

peterle 1 day ago 2 replies      
Initial commit was made 4,5 ago...Is it normal it takes so long for a language to become Open Source?

commit 18844bc65229786b96b89a9fc7739c0fc897905e

Author: Chris Lattner <clattner@apple.com>

AuthorDate: Sat Jul 17 23:50:59 2010 +0000

Commit: Chris Lattner <clattner@apple.com>

CommitDate: Sat Jul 17 23:50:59 2010 +0000

 initial swift test

AlphaSite 1 day ago 1 reply      
There is one more very interesting project under the swift umbrella: https://github.com/apple/swift-corelibs-libdispatch so now swift should have a useful approach to concurrency.
phatbyte 1 day ago 0 replies      
I love this! I got say, that I've been a fan of Swift since the day Apple announced it. It's a such a beautiful language, with so many new paradigms implemented, safe and easy to learn.

I really hope this boosts the widespread of Swift. I'd love to use it for back-end dev for instance.

trymas 1 day ago 0 replies      
Nice, I am excited.

And probably I am more excited not about the open-sourcing of it, but that there will be a package manager [0].

[0] https://swift.org/package-manager/#conceptual-overview

ehPReth 1 day ago 0 replies      
Here's an archive.is mirror of the swift.org index page: https://archive.is/L0J97
codingvelocity 1 day ago 1 reply      
Now that swift is opensource i'm looking forward to some better tools being released for it. Right now xcodes support of swift is pretty lacking. No refactoring, and compile errors are fairly ambiguous sometimes.

Since this has linux support i wonder if xcode or something similar will be ported to linux.

praseodym 1 day ago 0 replies      
Happily surprised by the fact that they merged 16 pull requests since the repo got open sourced :)
therockhead 1 day ago 1 reply      
Any news regarding Swifts ability to interoperate with CPP, like Objective C++?
tornilloo 1 day ago 1 reply      
I couldn't git with

git clone git@github.com:apple/swift.git swift

but you can use:

git clone https://...../apple/.... swift

and the same for the remaining libraries.

SXX 1 day ago 0 replies      
Wow. Less than 30 minutes pass and site already loading with huge delay.
pbreit 1 day ago 2 replies      
Would anyone use Swift if it wasn't necessary for iOS?
sandis 1 day ago 0 replies      
Repositories starting to go public now on Github - https://github.com/apple
piratebroadcast 1 day ago 1 reply      
Maybe now we can add a way to get a random value from an array like array,sample in Ruby. Lots of work currently to do such a simple thing in Swift.
lsm 1 day ago 0 replies      
Be patient guys. Good things come to those who wait.
symlinkk 1 day ago 0 replies      
Hopefully we'll see it on more platforms now!
jug 1 day ago 0 replies      
Wow, Swift.org is getting hammered right now.
truncate 1 day ago 0 replies      
Is it just me or is anyone else getting 404 for binary download (Ubuntu).
be5invis 1 day ago 1 reply      
So let's guess, will Microsoft create a Windows-supporting fork, just like Redis?
altonzheng 1 day ago 0 replies      
Wow, seems like Apple is following the steps of Microsoft now!
mikado 17 hours ago 0 replies      
Copyright 2015 Apple Inc. All rights reserved.Swift and the Swift logo are trademarks of Apple Inc.
jeremy_wiebe 1 day ago 0 replies      
Brutal to see all the comment spam on the pull requests.
merb 1 day ago 1 reply      
What means "swift is memory safe"? does it use a GC?
billybilly1920 1 day ago 1 reply      
Can this do GUI programming on Lin/Win? Or Are there usable gui libraries for doing cross platform development like QT?
ssutch3 1 day ago 0 replies      
Metal is just a graphics API (OpenGL) and not specific to Swift at all.
mnml_ 1 day ago 0 replies      
404 On the github repo
avitzurel 1 day ago 0 replies      
Not loading for me. Anyone experiencing the same issue?
mxx 1 day ago 1 reply      
Is it worth learning Swift? (eg. on Linux)
dbrannan 1 day ago 1 reply      
Can we get Adobe to open source the flash player plugin as well? Can anyone think of a reason Adobe continues to refuse?
singularity2001 1 day ago 2 replies      
@OP: Please change title to "Swift will be Open Source soon" until the git repositories become actually available.
anjanb 1 day ago 1 reply      
anyone knows about a port to windows x64 environment ?
melling 1 day ago 1 reply      
If you're new to Swift, I maintain a list of blogs, etc about Swift. I just past 2500 urls:


It can be viewed daily or weekly, if you're only interest in recent blogs:



Finally, all the data is on Github:


eccstartup 20 hours ago 0 replies      
mozil 1 day ago 0 replies      
cannot download snapshot now
sdegutis 1 day ago 2 replies      
They're releasing the source code to libdispatch? I thought that was one of Apple's trade secrets, and more applicable than just Swift apps since it's a C lib?
Twisell 1 day ago 3 replies      
I see this as an hilarious welcome joke from the community : https://github.com/apple/swift/pull/17

Its developer's way to say FIRST

alia20 1 day ago 0 replies      
999999999999999 wl
agp2572 1 day ago 0 replies      
Now all we need is a transpiler that converts Swift to Javascript.
artursapek 1 day ago 2 replies      
Ouch, I guess this leaked? Who is the OP?
tornilloo 1 day ago 0 replies      
Doesn't work in x86, ubuntu 15.10,bash: /home/user/Descargas/swift-2.2-SNAPSHOT-2015-12-01-b-ubuntu15.10/usr/bin/swift: no puede ejecutar el archivo binario: Formato de ejecutable incorrecto

Pentium(R) Dual-Core CPU T4500 @ 2.30GHz 2

envy2 1 day ago 2 replies      
Interesting that this domain is registered at GoDaddy via DomainsByProxy, and hosted on a SoftLayer IP block.

WebKit.org, for instance, is registered with CSC Corporate Domains the same as apple.com, and is hosted on an Apple-owned IP block.

Perhaps a (further) indication this isn't ready for prime time yet?

jorgecastillo 1 day ago 2 replies      
At first I was like 'AWESOME', than I was like 'oh fuck, not ready yet'. I am not upvoting this, until there is a GitHub repository that I can clone!
Entering Public Beta letsencrypt.org
1232 points by sinak  1 day ago   207 comments top 37
kubaw 1 day ago 4 replies      
You may also want to try alternative client from https://github.com/kuba/simp_le. It can be easily dropped into crontab and renew certificates when necessary.

Disclaimer: I'm the author of simp_le and developer of the official client :)

diafygi 1 day ago 9 replies      
FYI, if you don't want to install anything to try it out, you can use https://gethttpsforfree.com which is a browser-based ACME client. It doesn't ask for private keys, so you don't need to trust it.
pfg 1 day ago 1 reply      
Happy to see this project hit public beta! I've deployed Let's Encrypt on a couple of side projects during the last month or so, and my experience has been mostly positive.

The official client still needs some work, especially in terms of auto-configuration on apache, nginx and others, but it's getting there. Some say it's become a bit bloated, which is true to a certain degree, but probably necessary to achieve the goals they have set for it.

Luckily, Let's Encrypt is based on an open specification (ACME) and it's really easy to implement a custom client. There are already more than 10 client implementations out there[1], all created with different goals in mind - anything from a Ruby gem to a simple scripts to get your own CSR signed. If you're not running your typical LAMP or LEMP stack, and don't want to run the official client which is more of a certificate manager requiring root access, that's definitely something to look into.

Note that if Windows XP support is relevant for your use-case, you might want to hold off. There's currently a problem with how XP deals with name constraints, which means any application using Windows XP's SSL API (I believe it's called schannel?) won't work - for example Internet Explorer and Chrome. This might get fixed in the future[2]. Hopefully, that's not relevant to you. :)

[1]: https://community.letsencrypt.org/t/list-of-client-implement...[2]: https://github.com/letsencrypt/letsencrypt/issues/1660

mholt 1 day ago 1 reply      
Here's a Go client that has no dependencies and runs everywhere: https://github.com/xenolf/lego
hlandau 1 day ago 2 replies      
I'm the nth author of an ACME (Let's Encrypt) client. It's a single-binary Go client which you can build and upload to your server. It's designed to work like "make"; you tell it what hostnames you want certificates for, and it tries to satisfy those requirements.It can install a cronjob automatically for autorenewal, and the authorization process doesn't require downtime.


davexunit 1 day ago 3 replies      
The official lets-encrypt client has an extremely large dependency graph, and using the client requires server downtime since it takes over port 80. Can either of these things be improved?
barosl 1 day ago 0 replies      
For those concerned with the official client requiring `sudo`: there are already many alternative clients that are compatible with the Let's Encrypt server, mine included.[1]

I made my own client because I wanted to know what's exactly going on during the certificate issue process. I tried to make the code as simple as possible, so take a look if you have time![2] It's a simple single file script.

[1] https://github.com/barosl/letsencrypt-simple

[2] https://github.com/barosl/letsencrypt-simple/blob/master/let...

binwiederhier 1 day ago 1 reply      
In case anyone is looking for an actual cronjob example. This works wonderfully:

 #!/bin/bash cd /srv/cert/domain.xyz simp_le -d domain.xyz:/srv/www/domain.xyz/html \ -f key.pem -f cert.pem -f fullchain.pem \ && service apache2 reload
And in the crontab:

 43 1 * * * /srv/bin/cert-renew || true
EDIT: This is using the simp_le client (https://github.com/kuba/simp_le), not the official client. But this one is wayy easier to use.

EDIT 2: Guide here: https://blog.philippheckel.com/2015/12/04/lets-encrypt-5-min...

denisu 1 day ago 1 reply      
I have seen many howtos recommending to add a monthly cronjob for the certificate renewal on the first day of the month at 12am (0 0 1 * * or @monthly). It is probably better to renew the certificate on a random day/time (30 4 5 * *) to prevent excessive load on their servers.
sinak 1 day ago 1 reply      
EFF's post on the beta, including details on the roadmap: https://www.eff.org/deeplinks/2015/12/lets-encrypt-enters-pu...
Savagedlight 1 day ago 0 replies      
If you're using FreeBSD and NGINX you may like the guide I wrote the other day. :) http://savagedlight.me/2015/11/24/lets-encrypt-on-a-freebsd-...

PS: I also made a cron-callable script which checks the expirity time of the cert before telling letsencrypt to renew. It checks if the cert was renewed afterwards, and echos to stderr if renewal didn't take.

SwellJoe 1 day ago 1 reply      
This is among the most exciting things going on in the web world, for me. It's a pretty dramatic change that now every website can be encrypted, by default, and in a secure(ish) fashion (it doesn't really do much for proving identity, but SSL has been broken for that for years anyway).

I suspect integrating this has been the most requested feature for Virtualmin for the past several months (and we're about to roll it out, probably next week). For whatever reason, SSL is just always intimidating for people...even when it's been almost entirely automated, the back and forth between the CA and the server and dealing with private keys is a deal-breaker for a lot of non-technical users, so many of our users who are new to web server management have problems with SSL. It follows close behind DNS in terms of how much confusion it causes.

Anyway, I love that Mozilla and others took the initiative to pull this together, and used their not insignificant clout to push it to completion.

grizzles 1 day ago 0 replies      
Java: I made a cron friendly script to convert the letsencrypt keys to JKS format. https://github.com/ericbets/letsconvert
sleepychu 1 day ago 2 replies      
Any word on *.mydomain.tld certs from letsencrypt? That's the only thing stopping me from installing it today.
SCHiM 1 day ago 3 replies      
How does lets encrypt handle possible phising domains?

Even if there's zero mitigation I think the benefits will outweigh the downsides, but I wonder if there's anything that stops a criminal from registering a domain that is very similar to, say, that of a bank?

I know from experience (ethical hack) that the traditional authorities won't easily let you register 'suspicious' names like: <bank>-<name>.com where the original domain is <bankname>.com. Or something like that.

nodesocket 1 day ago 1 reply      
Anyway to get a wildcard SSL certificate from Let's Encrypt? Mine is coming up for renewal soon.
chmike 15 hours ago 1 reply      
Can we use the certificate for dovecot and postfix as well ?Would it be safe ? From the documentation it applies only to web servers.
esher 1 day ago 1 reply      
everyone interested in conspiracy, please read the comments over here: https://www.schneier.com/blog/archives/2014/11/a_new_free_ca... when bruce schneier wrote about let's encrypt.
gradi3nt 14 hours ago 1 reply      
Ignorant question: If they are making getting a certificate easy for everyone, what is to stop "bad guys" from getting certificates for their sketchy sites? I usually look to the green "https" in my uri bar for reassurance when I'm on an unusual site.
scoot 1 day ago 1 reply      
Dumb question time: Why would idenTrust, part of whose business is selling SSL certificates, cross-sign for Lets Encrypt, whose business is giving them away for free?
stevebmark 1 day ago 1 reply      
PSA: don't use ReadTheDocs for your documentation. Turns good projects sour with a nasty UI, poor features, and horrible SEO.
mei0Iesh 1 day ago 1 reply      
They keep trying to push the idea that letsencrypt should be ran as root. If you disagree with that, I ran it as a normal user using:

 letsencrypt -t --work-dir /tmp --logs-dir /tmp \ certonly --webroot /www/public -d example.com
Except on my system the letsencrypt command did not work. It failed with an "Operation not permitted". So I edited the webroot.py file, and commented out line 108 that said:

 # Remove execution bit (not needed for this file) os.chmod(path, filemode & ~stat.S_IEXEC)
It ran fine without root, sudo, or su.

Then I added this to nginx.conf:

 listen 443 ssl http2; ssl_certificate /usr/local/etc/letsencrypt/live/example.com/fullchain.pem ssl_certificate_key /usr/local/etc/letsencrypt/live/example.com/privkey.pem
It gets an A+ on ssllabs.com, and it works fine in the browser. When I click the lock it says "Let's Encrypt".

r1ch 1 day ago 1 reply      
Problems with a reverse proxy?

"There were too many requests of a given type :: Error creating new registration :: Too many registrations from this IP"

First time trying to sign up and only for a single domain.

tokenizerrr 1 day ago 1 reply      
Does anyone know if their server supports DNS validation yet?
rynop 12 hours ago 0 replies      
From what I can tell, this does not support generating an SSL cert for use with AWS ELB correct?
mei0Iesh 1 day ago 0 replies      
Now that it's public, and I verified it works...


xrstf 1 day ago 0 replies      
For those already using Let's Encrypt since the closed beta: Do not forget to remove the `agree-dev-preview` flags, as newer client version do seem to throw up if it's still set. I had `agree-dev-preview = True` in a config file and got an error about True being an invalid value.
awqrre 1 day ago 0 replies      
Can you use this on a shared host and avoid the certificate installation fee?
jstalin 1 day ago 1 reply      
Hoping for automation for Nginx...
AndyKelley 21 hours ago 0 replies      
Does it work without port 80? Many home ISPs block port 80 which would prevent homes from being able to use the service.
slavik81 1 day ago 2 replies      
I'm having trouble finding where it specifies what permissions I need to use Let's Encrypt. Can I get a certificate for my subdomain even if I don't control the full domain?
FPSDavid 1 day ago 2 replies      
Can't wait to start using this on nginx.
nulltype 1 day ago 1 reply      
Does renewing a certificate require completing a challenge, or is that only for the initial certificate?
arca_vorago 15 hours ago 0 replies      
What I would really like is wildcard certs for internal only use. For now, as I understand it, the only way to do so would be to temporarily port forward the internal server so it can reach out and close it later... Certs are not just for the internet websites, they are important for Intranets too.
SunDwarf 1 day ago 1 reply      
Works flawlessly on my site. SSLLabs recognises the cert. Super easy to setup.
wereHamster 1 day ago 0 replies      
How do I use it with Google Cloud HTTP Load Balancer?
pjbrunet 1 day ago 8 replies      
"We want to see HTTPS become the default."

Sounds fine for shopping, online banking, user authorizations. But for every website? If I'm a blogger/publisher or have a brochure type of website, I don't see point of the extra overhead.

Update: Thanks to those who answered my question. You pointed out some things I hadn't considered. Blocking the injection of invisible trackers and javascripts and ads, if that's what this is about for websites without user logins, then it would help to explicitly spell that out in marketing communications to promote adoption of this technology. The free speech angle argument is not as compelling to me though, but that's just my opinion.

Kazakhstan to MitM all HTTPS traffic starting Jan 1 telecom.kz
793 points by out_of_protocol  2 days ago   354 comments top 67
kazakh 2 days ago 6 replies      
Kazakh here. Fuck, what do we do? Any suggestions other than trying to raise awareness?

To give some context, the reason why they are getting away with such brute methods is that the most people wouldn't understand the full implication. I would be surprised if this would prove difficult to enforce - the first thing an ordinary person would do when, say, Facebook wouldn't load is to call up the Kazakhtelecom's support and the support guy would tell them to "press that button that says 'I trust this certificate'" and they would comply. There also hasn't been an uproar re government snooping into private citizens' communication, the kind that US had with Snowden etc., so a lot of people are likely to accept the "for your own security" talk at face value without much skepticism. It's also unlikely that even heightened awareness will inspire much backlash, as there is no real track record of grassroots organizing, even when the government tightens the screws. To its credit, the government has been quite skillful at balancing at just below the limit of pissing people off enough to make them go to the streets for the last twenty years (soaring oil prices in the last decade helped as well).

kaizendad 2 days ago 4 replies      
I really appreciate how they're doing this. The Chinese built up an amazing infrastructure for the Great Firewall; the Kazakhs just say "install our cert!" The Chinese spend billions and have to stay ahead of all of their citizens' clever new ideas at all times; the Kazakhs spend a few hundred and just need to point guns at their citizens until they install a cert.

Sure, it's going to be difficult to enforce, but it should also be quite cheap.

akie 2 days ago 1 reply      
Love the Orwellian Newspeak: a "National Security Certificate" to protect people accessing "foreign resources"... If you don't know anything about the subject it really sounds like they're doing you a favor.
davidu 2 days ago 8 replies      
Google, Facebook, Yahoo, Microsoft, Salesforce, Box, Dropbox, Twitter, etc. could have a very strong influence on changing this if they banded together to respond to this in some way.

The government might be doing what they think is right, but public backlash can change policy almost overnight. We saw this in the US recently with SOPA/PIPA. The "Internet" response was unprecedented.

The people of Kazakhstan can achieve the same outcome.

henryaj 2 days ago 4 replies      
"telecom.kz wants to use your location."


Quiark 2 days ago 2 replies      
Wow, I feel really sorry for all Kzakhstan citizens. Also, this is a great example of 'rubber-hose cryptoanalysis' - who cares about 4096 RSA or whatnot if the government can just beat you until you oblige...
jedberg 2 days ago 3 replies      
And everyone made fun of Netflix for implementing a secure protocol on top of http. Suddenly that seems really useful for people in Kazakhstan.



RyanZAG 2 days ago 3 replies      
Woah, it can't be stressed how bad this is. If this succeeds, other countries will definitely follow! If it can be shown to work, it will be demanded that this be implemented by pretty much everyone for difficult to deny political reasons (terrorists, children, crime, etc)

This feels like the first bullet in a new war that will occur in every parliament world wide.

exelius 2 days ago 1 reply      
While there are probably 100 different ways to avoid this and retain secure traffic, I would venture to guess that the average Internet savvy-ness of Kazakhstan is pretty low, so using any of them would single you out for additional government attention (whether you're actually doing anything illegal or not).

That said, there's a remarkable tendency in countries as corrupt as Kazakhstan for a "shadow" telecom network to pop up. Just run in some fiber from a neighboring country on the down-low and distribute locally via microwave dish. Yeah, it's not exactly difficult to locate a powerful dish, but it's also not glaringly obvious so you can usually pay someone to look the other way. After all, the government officials want to look into everyone's communication, but if their own communication was ever intercepted, they would be the target of blackmail! They want to use the information they gather to blackmail citizens like the Stasi, not the other way around.

Of course, the flip side of that are the mobile phone networks operated by the Mexican drug cartels and ISIS. But the only surefire way to avoid government surveillance of this sort is to bypass government regulated telecoms entirely.

zokier 2 days ago 2 replies      
Makes me wonder how long such policy would last if Google, Facebook, and Microsoft would ignore traffic from Kazakhtelecom MITM server (or just drop the whole Kazakhtelecom IP address space). Of course I'm not saying that they should do that.
jakobdabo 2 days ago 3 replies      
Google and Mozilla should blacklist the certificate once it's made public.
chatmasta 2 days ago 3 replies      
Why is Kazakhstan's cert any different than the hundreds of "trusted" root certificates that came preinstalled on my mac?

Looking at my mac's cert keychain, there are 185 trusted root certs. I don't know what any of them are or who has the private key to them.

My ISP could MITM my traffic whenever it wants to, if it has the private key of one of the hundreds of trusted root certs on my device.

DanielStraight 2 days ago 2 replies      
If we could rebuild the internet from scratch knowing that someone would try to do this, what measures could be put in place to make it impossible to MITM traffic (in other words, make it so the only option is to install monitoring software directly on the user's machine)? Is this something which even can be defeated with current cryptographic theory?
mhandley 2 days ago 0 replies      
Idiocy such as this is a strong argument for the use of PAKE rather than CA-based authentication. No need to trust anyone other than the site you're trying to connect to: https://en.wikipedia.org/wiki/Password-authenticated_key_agr...

TLDR: Basically, you prove to the website/mail server/sshd that you know your password, while the site simultaneously proves to you that they also know your password (and hence are actually the site you're trying to connect to), all without actually sending the password in either direction. The password is then used to bootstrap symmetric encryption keys.

danpalmer 2 days ago 4 replies      
This is what HTTP Public Key Pinning (HPKP) protects against.

It allows a server to specify the only set of certificates that a browser should accept. Meaning that MITM'ing is impossible, without a valid cert in the chain of one of the advertised trusted certificates from the server.

Chrome, Firefox, Opera, Chrome for Android, and the Android stock browser all support it.

I'm not sure how they intend to circumvent this problem, apart from perhaps just instructing users to not use those browsers? That's quite difficult to put into practice.

icco 2 days ago 0 replies      
TIL: "Kazakhstan is currently our 76th largest goods trading partner with $2.5 billion in total (two way) goods trade during 2013. Goods exports totaled $1.1 billion; Goods imports totaled $1.4 billion. The U.S. goods trade deficit with Kazakhstan was $295 million in 2013. - https://ustr.gov/countries-regions/south-central-asia/kazakh...
LoLFactor 1 day ago 0 replies      
For those of you looking for a mirror (copy) of the page before it was taken down, here it is:


airza 2 days ago 2 replies      
So like, what's the plan for people visiting Kazakhstan here? Install some rando's SSL certificate in your trust store or just not be allowed to access the internet?
binarnosp 2 days ago 3 replies      
So, the next step is encrypting the content before sending it through TLS...TLS over TLS
israrkhan 2 days ago 2 replies      
wait till private keys for the cert are leaked by some disgruntled telecom company employee.. Puts the whole country internet at risk.
sathackr 1 day ago 1 reply      
Link is 404'd

Here is the text of what was there.


Press centerCompany NewsInternet newsTV NewsPublishingVideo ArchivePhoto archivesOperatorsMain page Press center Company News Kazakhtelecom JSC notifies on introduction of National security certificate from 1 January 2016Kazakhtelecom JSC notifies on introduction of National security certificate from 1 January 2016From 1 January 2016 pursuant to the Law of the Republic of Kazakhstan On communication Committee on Communication, Informatization and Information, Ministry for investments and development of the Republic of Kazakhstan introduces the national security certificate for Internet users.

According to the Law telecom operators are obliged to perform traffic pass with using protocols, that support coding using security certificate, except traffic, coded by means of cryptographic information protection on the territory of the Republic of Kazakhstan.

The national security certificate will secure protection of Kazakhstan users when using coded access protocols to foreign Internet resources.

By words of Nurlan Meirmanov, Managing director on innovations of Kazakhtelecom JSC, Internet users shall install national security certificate, which will be available through Kazakhtelecom JSC internet resources. User shall enter the site www.telecom.kz and install this certificate following step by step installation instructions- underlined N.Meirmanov.

Kazakhtelecom JSC pays special attention that installation of security certificate can be performed from each device of a subscriber, from which Internet access will be performed (mobile telephones and tabs on base of iOS/Android, PC and notebooks on base of Windows/MacOS).

Detailed instructions for installation of security certificate will be placed in December 2015 on site www.telecom.kz.

PR department Kazakhtelecom JSC


Academy of Public Administration under the President of the Republic of Kazakhstan

Official site of the President of the Republic of Kazakhstan

- Write to usFAQSite mapReport an errorCareer with UsProcurementReference bookHelp 2010-2015,

hannob 2 days ago 1 reply      
This sounds pretty bad and we can just hope that this doesn't become the new norm.

What makes me kinda angry is however where this originates from: There are countless so-called "IT security" products that had this idea of MitM-ing all traffic before. Basically it's just the same idea on a bigger level.

wtracy 2 days ago 0 replies      
I once looked into getting a .kz domain. (I wanted to host comics on a site named "comi.kz".) It turns out that one of the requirements for getting a .kz is that the website be physically hosted inside Kazakhstan. (And yes, Kazakhstani hosting providers that do business with foreigners are expensive.)

Right now, I am very glad that I did not go down this route.

ocschwar 2 days ago 3 replies      
Wondering about a turtles-all-the-way solution:

A web-socket based protocol that opens up a new SSL session with non-MITM'd certificates.

So you'd open up the snoop-me HTTPS/1.1 connection, do some GETs, then say "GET /busy, yo", and start what looks like a video-chat conversation that is in fact a regular SSL connection with uncompromised certs.

(some protocol) over SSL over Web-Socket over bad-SSL over TCP/IP

egeozcan 2 days ago 6 replies      
> The national security certificate will secure protection of Kazakhstan users when using coded access protocols to foreign Internet resources.

How is this protecting users? They are outright lying here, if I understand correctly. Also why are they asking for my location?


rakslice_ 2 days ago 1 reply      
This is lame news.But what I'm curious about is: What are they going to do (if anything) to validate the upstream certificates?

- What will their upstream root certificate policy be?

- If they MITM any old upstream certificate, how will they mitigate the huge target they are painting on Kazakh Internet users?

cgcardona 2 days ago 0 replies      
FWIW there are 9.49 million Internet users in Kazakhstan according to wolframalpha.com


DonaldEFoss 1 day ago 0 replies      
While I applaud the privacy advocates, we knew this was coming when HTTP/2 (RFC 4750-4751) because an official standard in May 2015. The only way a country with limited bandwidth can operate a transparent proxy is to stick a new certificate in the root chain so that it can decode, cache and re-encode the traffic.

I don't like it anymore than anyone else, but I see a non-malicious purpose here.

RangerScience 2 days ago 1 reply      
This is extremely relevant to my interests but I don't actually understand what's happening here. Part of that is the awkward translation. Can I get a more detailed description and/or some links to help me understand?Thanks!
nashashmi 2 days ago 1 reply      
I wish somebody could tell me what this means half technically. My mind is wavering between this is a good thing because everyone's connection is becoming secure to not a good thing for reasons unknown.
mailslot 2 days ago 1 reply      
Why can't Internet companies simply block the entire backward country? I can't imagine Borat's motherland traffic monitizes well anyway. You want to MITM? Fine, build your own Kazakh Google.
jumasheff 1 day ago 0 replies      
Kyrgyz here.An evil lesson is soon learnt. It's highly possible that our regulators will try to push similar bill.
strictfp 1 day ago 0 replies      
And this, dear fellows, shows how effective it is to fight politics with technical solutions.
gf1 2 days ago 1 reply      
Could this be used by the Kazakh government to sign malware/spying packages and install them on their citizens' machines? Sounds like a super easy way to open that backdoor.

Or is this a different type of cert? I'm thinking along the lines of what Dell and Lenovo were yelled at for (although those were easy to rip off, but the government could possibly serve as the malicious actor here).

gesman 2 days ago 1 reply      
Google should come up with cheap satellite internet. This is the only way to bypass unruly governments.

But then you're on a mercy of Google Republic.

JumpCrisscross 2 days ago 0 replies      
To what degree has the U.S. government, through the NSA et al, provided moral cover for this sort of thing?
anovikov 2 days ago 1 reply      
Does it mean that using SSL the normal way will become impossible? I can't imagine this. How this can be enforced?
adm_hn 1 day ago 1 reply      
It seems they removed the page
coldcode 2 days ago 1 reply      
If all of their https traffic is compromised, would we not be able to break all of their financial traffic remotely?
xg15 2 days ago 2 replies      
Correct me if I'm wrong, but doesn't android display a rather ennerving "someone might be spying on you" warning when custom root certs are installed? I'm looking forward to the reactions when every (android-using) citizen of the country student gets that warning.
electic 2 days ago 1 reply      
My first thought, any tech company to setup offices in this country are probably out the window. However, more importantly, they just made it really easy for other governments to spy on them. In their zeal to protect national security, they have done just the opposite.
rdtsc 2 days ago 2 replies      
> secure protection of Kazakhstan users when using coded access protocols to foreign Internet resources.

I guess "coded" here means VPN as well...

Wonder how other countries' embassies will be connecting if they block all the encrypted connections? Everything through a satellite connection presumably.

flurdy 2 days ago 0 replies      
"from which Internet access will be performed (mobile telephones and tabs on base of iOS/Android, PC and notebooks on base of Windows/MacOS)"

So use Linux and you will be fine?

dendory 2 days ago 0 replies      
I wonder if non-TLS based VPNs could be used around that? And if those are blocked, how hard would it be to build a SSL over HTTP proxy outside the country?
dbalan 2 days ago 2 replies      
Slightly OT - if the bad guy can't fiddle with the trust store of your computer, whats his another methods of analysing a users traffic? Is https breakable by other means?
Sanzhar 1 day ago 0 replies      
Did they just delete those news? Can't find the link on the telecom.kz website any more?
mtgx 2 days ago 1 reply      
Is this different than the DoD having a root certificate in iOS (and I think Windows, too)? Couldn't the DoD also MITM the traffic any time they wish?
jstalin 2 days ago 0 replies      
So how about hacking and leaking their certificate and then making all Kazak government traffic vulnerable to public posting all over the internet?
kukabynd 1 day ago 0 replies      
Kazakh here as well.

Dont bother. Nothing will happen. Its just talk as always.

jjuhl 2 days ago 3 replies      
That's just wrong and a really unpleasant slippery slope.I hope this causes a huge backlash from users and the internet at large.
mdumic 2 days ago 0 replies      
They lack resources to crack it or otherwise do it in secrecy so they're demanding cooperation. Slick.
rikkus 2 days ago 0 replies      
Maybe this will be what the UK government do as a 'relaxed' version of 'ban all crypto'.
sbaha88 1 day ago 0 replies      
Would it affect vpn services as well? Sad to see more outrage here than in Kazakhstan
thewarrior 2 days ago 1 reply      
My prediction : Indian government takes up this idea in the next 12 months. If this works this idea will spread.
samat 1 day ago 1 reply      
Any proof for that?

Anyone has a copy of original article?

Link redirects to the main page of the website.

fishanz 2 days ago 0 replies      
I think this would break, for example, mobile apps which use certificate pinning.
Create 2 days ago 0 replies      
"SSL Added and Removed Here"


gideon_b 2 days ago 0 replies      
Aww but there's a kitten. This must be innocent.
voltagex_ 2 days ago 0 replies      
I wonder if they'll be checking the validity of the upstream cert?
aaronkrolik 2 days ago 1 reply      
How would this affect access to bitcoin/blockchains in Kazakhstan?
caf 2 days ago 0 replies      
Time for httpss:// (HTTP over TLS over TLS)!
fapjacks 2 days ago 0 replies      
This is such a bad idea!
sneak 1 day ago 0 replies      
All other countries have inferior surveillance.
multinglets 2 days ago 0 replies      
At least they're fucking telling people they're doing it.
cmdrfred 2 days ago 0 replies      
When I watched Borat I felt a little bad for the Kazakhstan government getting singled out like that for seemingly no reason. Now it feels incredibly satisfying.
bmahax 2 days ago 2 replies      
I don't agree with all the comments here.A sovereign state decided to ensure all outgoing traffic is protected by a secure signature that is not possessed by foreign intelligence agencies or hackers (well, that's the idea).

It is a very cheap and effective way to achieve this.

Spying on the population is not prevented by GeoTrust and Cie's loosy certificates, a lot of literature and real life examples already show that. This is a tragedy of the commons, until everybody has access to REAL security, then no country has interest in having foreign powers spying them while not even being to do what everybody else does.

In France, Germany, Italy, Japan, Korea, Australia, etc, all of your data is already analyzed and deciphered, they freaking work together to make it less obvious than Kazakhstan. Don't make any mistake and don't call for overthrowing the regime there, it makes no sense.

From a citizen PoV, they became almost as watched over as we are for WWW traffic, but their lives are still not as much tracked as ours since they do not have the means of our agencies. They are still better off than us.

A letter to our daughter facebook.com
782 points by arasmussen  3 days ago   517 comments top 84
prezjordan 3 days ago 17 replies      
> We will give 99% of our Facebook shares -- currently about $45 billion -- during our lives to advance this mission. We know this is a small contribution compared to all the resources and talents of those already working on these issues. But we want to do what we can, working alongside many others.

Ninety. Nine. Percent.

robert_tweed 2 days ago 5 replies      
Maybe I'm being too cynical, but this seems about as philanthropic as Ron Hubbard starting a religion.

Firstly, the donation is stock not cash, so the value of this foundation will be directly linked to the value of Facebook shares.

Secondly, it has been stated that one of the things this foundation will do is "participate in policy debates". If the headline was "Mark Zuckerberg to put $45 billion is stock behind lobbying effort to establish Internet.org as a monopoly in developing countries", that wouldn't sound quite so positive, would it?

ryandrake 3 days ago 13 replies      
Something's always bugged me about relying on philanthropy as a source of funding the public good, as opposed to the public funding the public good through taxation and the democratic process: In the former case, the public doesn't really have much of a say about where the help goes. We must rely on the judgment (and personal values) of a few rich people and hope they pick charities that maximize the benefit.

Would the outcome be better or worse if we had, say, a 99% tax bracket at >$N million, and let the public decide the best way to deploy that funding via the ballot box? Would that process better align with the values of a democratic society? Or would we just get more corporate welfare, bombers and aircraft carriers?

I'm not ragging on philanthropy--it's awesome that some of these billionaires understand the meaning of "enough" and choose to give away their fortunes to worthy causes. But is it best for society to leave it to a few lucky 'elite' to judge what is and isn't a worthy cause?

colmvp 3 days ago 2 replies      
I feel only on HN and Reddit can people find reason to criticize a guy who is giving away billions of dollars for humanity. Talk about not seeing the forest for the trees.
dhcar 3 days ago 3 replies      
This seems more like PR than a genuine letter to a child. Which is fine, but I wish they'd treat it as such.

They talk about facebook, donations, improving the world, their beliefs, etc. but very little on how to be a better person or how to enjoy life. Maybe I'm projecting, but what would you want to find in your pillow after moving in for your first day of college?

I hope they wrote their daughter a real letter. One directed to her and not something that will be tweeted by hundreds of news organizations.

cpursley 3 days ago 8 replies      
Why are the techno-barons so focused on human health? Not that there's anything wrong with these efforts, but human disease is much less of a threat to our species and planet than an ever-increasing human population. What I'm saying is that humans have little difficulty reproducing; it's a solved problem.

What's not a solved problem is our disappearing fisheries[1], rhinos going extinct all over the place[2], farmland desertification[3], tropical deforestation[4], ocean acidification[5]... From my back of the envelope math, it seems that longer lives and a larger population will exacerbate our environmental and resource issues.

I'd like to see billionaires purchase large tracks of land simply for preservation. Cleaning up industrial waste from rivers. Foot the salaries of anti-poaching efforts. Get clean fusion energy production up and running. That sort of thing. Perhaps we should get our planet's shit together before tackling immortality?

[1] http://www.washingtonpost.com/posteverything/wp/2014/06/03/t...

[2] http://www.cnn.com/2015/04/16/africa/kenya-northern-white-rh...

[3] http://www.bbc.com/news/world-africa-34790661

[4] http://www.theguardian.com/commentisfree/2015/oct/30/indones...

[5] http://fm.kuac.org/post/increasing-ocean-acidity-threatens-m...

chegra 3 days ago 2 replies      
Sometimes, I think people on HN probably think they get points for being the most cynical critic.

Can't we just say, "Dude we are happy for you, and thanks for the money."

And what happened to the rule about not saying stuff you wouldn't say to a person's face. Would you be calling Mark a narcissist to his face? Keep it civil people.

hellofunk 2 days ago 1 reply      
I'm signed up for CNN's "Breaking News" emails that are sent out whenever some earth-shattering crisis occurs or particularly important news that affects everyone. I received one of these email alerts upon the arrival of their daughter. This gave me a great sigh; good news for them, but how did it become worthy of worldwide immediate news notification?
djhn 3 days ago 1 reply      
Zuckerberg isn't planning on retiring.

He will rival Bill Gates in the magnitude of philanthropic contributions.

And in other news Facebook Notes is challenging Medium as the default one-column publishing tool.

Note as well, that of all the immaterial goods that have the potential to create immense value to people and humanity, education and health are the ones strongly highlighted. Global equality is there, but to a critic this too will be seen as another factor in building and supporting an ever-growing, and long-living, consumerist middle class.

There is very little said about freedom, democracy, privacy, justice or self-determination. Even if this reading is unfair, cynical or simply too demanding of what this text and announcement is. Not to mention detracting from what is otherwise a highly admirable act.

abalone 3 days ago 1 reply      
Couple problems with this otherwise well-intentioned effort:

1. It's a drop in the bucket compared to what governments spend on a regular basis trying to solve these problems. (Bill Gates has said as much.)

2. Private charity by the billionaire class is not a scalable solution. Historically most social advancement has happened through popular organization and government programs, not charity.

Silicon Valley itself is a product of government spending. The Internet and thus Facebook wouldn't exist without billions of taxpayer investment in early stage high risk research and procurement via DARPA and other government agencies. That continues today (just a couple examples: Siri and autonomous vehicles).

If we are serious about accomplishing social change and "long term investments over 25, 50 or even 100 years," the answers lie in greater government investment in these areas. Just like Silicon Valley. And that means all Silicon Valley companies should be paying back to the government just as they would an early stage investor. Not as a "noble choice" but as an obligation. (Currently they get the core tech pretty much for free.) That would drum up an order of magnitude more funding for much-needed social projects.

I'd like to hear more Silicon Valley CEOs talk about that.

rrggrr 3 days ago 2 replies      
I'm not trolling, as much as it will seem the opposite, but I feel compelled to wonder about postnatal mania (mild postpartum psychosis) as I read the letter. I wonder how different (or private) the letter may have been had it come four months from now. I wonder how many really significant acts of charity and kindness by the super wealthy and influential occur in the days following childbirth. Just wondering aloud here.
nbardy 3 days ago 0 replies      
Reading this is impossible to not to think of Bill Gates. Someone who realized the impact his money can have. Many people in this industry have been influenced by the actions of Gates, especially in the tech community. As a 20 something the money I make certainty pales in comparison to that of Gates or Zuckerberg, but even at a low rate for the tech industry it is much above that of my friends, many of who have worked much harder to get to where they are. It is difficult to be in a position to give help and refuse. Perhaps the effect Gates can have on the minds of the wealthy will be even greater than the already vast contributions he has produced.
webwanderings 3 days ago 1 reply      
Never much cared for Zuckerberg but this changes my perspective.

Off-topic: can Facebook please go ahead and literally kill the blogging industry by giving the ability for everyone to use these updated Notes section? As is, the majority of the referrer on the Internet is Facebook. They might as well get the blogs out of the way.

masterponomo 3 days ago 0 replies      
Just wow. I asked my parents how my birth changed their lives. They said they had to invest in some good ear plugs (for themselves) as a sleep aid, and that they lost a sock drawer until I graduated to the futon. While I did not spark the solving of the world's problems, at least I did have some small impact.
seanhandley 2 days ago 0 replies      
I find it disgusting that he's just had his first child and is already piggybacking a PR exercise off it.

In spite of the enormity of the announcement, to tie it up as "A letter to our daughter" is deeply crass and makes me feel queasy.

uptown 3 days ago 0 replies      
"As you begin the next generation of the Chan Zuckerberg family, we also begin the Chan Zuckerberg Initiative to join people across the world to advance human potential and promote equality for all children in the next generation. Our initial areas of focus will be personalized learning, curing disease, connecting people and building strong communities.

We will give 99% of our Facebook shares -- currently about $45 billion -- during our lives to advance this mission. We know this is a small contribution compared to all the resources and talents of those already working on these issues. But we want to do what we can, working alongside many others."

roymurdock 3 days ago 1 reply      
Mark has set some ambitious goals regarding poverty, disease, nutrition, and equality, and connectivity. I hope for all of our sake that he is successful in realigning many of the perverse short-term incentives through his and his Priscilla's generous contributions and efforts.

I wish he had spoken more about luck and balance. This is something that Bill & Melinda Gates, as well as Warren Buffet do very well. Understanding luck and balance is the key to empathy, which is also a phrase that is missing from this letter.

I also wish he had not marketed this press release as a letter to his daughter. Perhaps he has another, private letter that is actually more relevant and personal, but if I were Max, I probably wouldn't be thrilled to read this 20 years down the road.

But I'm sure he had a reason to release this letter as he did, and that he thought for a long, hard time before penning these words. Best of luck to the new father, mother, and daughter.

YorkianTones 2 days ago 0 replies      
Applause to the Zuck for the public commitment to invest 99% of his fortune in charitable causes.

Providing cheap, reliable internet to underserved areas of the planet seems like an achievable goal. Much of the technology is present, and so this goal can be attacked now given available funding. The technology should improve further and become cheaper in the near horizon. Go for it Zuck. Make a dent.

"Curing disease", however, or "learning and experiencing 100x more than we do today" - these trite and nebulous platitudes seem line lines stolen from HBO's Silicon Valley script. "Eradicating polio" is a concrete, well-scoped, measurable, and realistic goal (regardless of whether its is the best apportioning of resources). "Curing disease" is not. Does someone who's married to a doctor really believe that all disease is eradicable in the next 100 years? Must we resort to impossible moonshots and unqualified invocations like "Make the world a better place!"? Something like "colonize space!" is not a helpful goal; "build a habitation on Mars which produces enough food, water, and O2 to sustain 5 people for a year" begins to be.

This pedestrian rallying cry is a chaotic amalgam of cliches. I hope Zuckerberg puts more thought, organization, and direction into how he will invest his billions for the betterment of posterity.

zeofig 2 days ago 1 reply      
It astounds me that people are taken in by this. There are so many ways that Zuckerberg can manipulate this to his self-worshiping benefit that I can't even guess which ones he'll pick. Consider the type of charity Zuckerberg has previously favoured: totally monopolistic internet infrastructure in India. Sure, people get internet, but it'll Zuckernet from now until forever. Philanthropy is a broken system, because powerful philanthropists never really give away their money: they retain control of whatever the charity is used to build. When you have everything and it's not enough, that kind of control is worth a lot of dollars to you.
littletimmy 3 days ago 5 replies      
This leaves a bad taste in my mouth, for some reason. Must one's private life be this public? I get that Zuckerberg doesn't agree with privacy, but surely putting his daughter in the public limelight as soon as she is born is an imposition on her privacy.

Maybe I'm just getting old.

mei0Iesh 3 days ago 0 replies      
Some thoughts:

* Addressing a public press release to your private child's name

* Naming the initiative with your family's name

* Calling for "change now" as if the world isn't already working very hard every day towards progress

* Looks like a move out of a strategic playbook some advisers gave for "how to be President someday"

* Looks like they're marketing themselves as the royal family, like Facebook is the new kingdom

* Looks like that smug thing that's hip today where people compete to be most charitable

* Reminds me of the Melinda and Bill Gates thing, and the Google medical research thing

Part of this is the perspective of engineers who believe everything is solvable if you just build something to do it. If it isn't built yet, it must be because we're not working hard and fast enough. That if someone has billions of dollars, and are just willing to fund an initiative, they can take credit for curing all disease.

Part of it is the fear that's faced by people who felt invincible when they become old, or have a newborn infant. When you can purchase anything, the new difficulties are things like bacteria, viruses, and entropy. When you are a god in the eyes of the society and economy, yet a worm in the eyes of biology and ecology, there's no longer a clear path towards how to solve your daily concerns. If you're poor and need food, there's simple steps you can follow to acquire what you need. But when you're wealthy, what do you do to get well from illness, to escape the pains of aging?

These people, and much of the digital society today, need perspective and psychological understanding beyond what they have. But you won't see an initiative for that.

dpc_pw 3 days ago 2 replies      
Aren't this "foundations" essentially just tax loopholes for the rich?


read point 4.

jordigg 3 days ago 0 replies      
Hope many more will follow, my sincere admiration.

Here the SEC filling:http://www.sec.gov/Archives/edgar/data/1326801/0001326801150...

rrego 3 days ago 5 replies      
First time I've heard of Facebook Notes, which apparently aren't new at all. The notes that I do see aren't styled the same way as Zuckerberg's letter.
seanlinehan 2 days ago 0 replies      
> Can we truly empower everyone -- women, children, underrepresented minorities, immigrants and the unconnected?

Part of me thinks that Zuck means people without family or otherwise ties to wealth and influence. But another part of me thinks that he means those that aren't connected to the internet. If it's the latter, this is quite the bold statement. The implication would be that people without access to the internet are structurally disadvantaged. Which in a lot of ways are true. The internet enables anybody to acquire knowledge, skills, and relationships with an ease that is otherwise impossible. Thankfully, this bucket has a fairly clear solution path.

andr3w321 2 days ago 1 reply      
I'm all for rich people giving their mass fortunes to charity but they sure do seem to take a long time to do it. Bill Gates is STILL the richest person on the planet in 2015 and his wealth GREW $3.2 billion last year. Can we save the praise for giving away $44 billion until he actually gives it away?

Source: http://www.forbes.com/sites/kerryadolan/2015/03/02/inside-th...

nemo44x 2 days ago 0 replies      
New money mistake. You don't change the world by putting your money into non-profits but rather cultivating a dynasty that has tentacles in business, government and thus policy.

You consolidate this kind of wealth into the proper channels to influence public opinion and thus a much greater sum (measured in trillions) over a greater time to get the real change you believe in.

It's a good gesture but a losing strategy. But it's his money to do as he pleases so, cheers Zuck.

awl130 3 days ago 0 replies      
from an evolutionary psychology standpoint, we are all driven to constantly increase our social value (and indirectly that of our offspring). once you hit a certain level of wealth, it is rational for you to shift your attention from making more money. your social value is only increased by wealth up to a certain amount, after which the marginal returns in social capital approach zero for every additional dollar earned. to put it simply, how much more social value do you have with $1 billion versus $2 billion? The world is indifferent. At that point, you are simply a rich person.

once you reach such an inflection point of wealth, you must find an alternative means of increasing your social capital. there are two common ways: one is to demonstrate your evolutionary fitness in a field completely unrelated to how you amassed your wealth: many rich get into movie production, novel writing or other creative endeavor. These usually fail.

another alternative, the safer alternative, is to expend your remaining time and resources advancing social causes (running for an elected office certainly falls under this category). this is the simplest way for an adult, untrained in anything other than their primary business, to increase their social capital.

it's not a coincidence that zuck is still willing $450mm to his offspring--more than enough to hit that inflection point. he knows that any additional dollar beyond that inflection point provides marginal social value to his offspring.

lagudragu 2 days ago 0 replies      
Not to be cynical, but isn't this also just a method to ensure your company will remain for a longer duration? As a decline in facebook stock will indirectly hurt the philanthropic projects which are linked to it through his foundation. I would take his "pledge" more serious if he would invest actual capital (money, resources, ...) in such projects.
derefr 3 days ago 0 replies      
As far as I can tell, this is a speech directed at other billionaires, attempting to 1. put them in an idealistic frame of mind and then 2. making the suggestion that the natural outlet for that idealism is philanthropy, while 3. Putting his own money where his mouth is for some peer-pressure.

If that works, then this will singlehandedly be the highest-ROI "evangelism" anyone has ever done. Unlikely, though.

cup 3 days ago 3 replies      
"Medicine has only been a real science for less than 100 years, and we've already seen complete cures for some diseases and good progress for others."

Thats a bit unfair. Scientists have been painfully working to advance the field of medicine for centuries.

6stringmerc 3 days ago 26 replies      
Okay, maybe it's just me, but after reading the introduction and getting through the list of extremely difficult "Can we..." challenges followed by the "We must..." directives, the first quote that popped into my head was a variation of a poor man is crazy, but a rich man is just eccentric.

I get the desire to solve the world's ills, of society's shortcomings, of essentially fixing the thousands of years of evolutionary programming to craft a utopia. What sane person would sit down and say "You know, when I die, I want to leave the world a chaotic fireball of pain and suffering" in all seriousness? Maybe I'm significantly jaded, but I hope I'm not the only one who finds such a letter a little bit narcissitic, brought to you by the originator of one of the most narcissitic platforms of the modern era, and hosted on that very platform, naturally.

>Our generation grew up in classrooms where we all learned the same things at the same pace regardless of our interests or needs.

This isn't true at all. "Our" generation grew up with having to work to acquire knowledge. To spend time in the library. To sit down and read. To think. It took time, effort, opportunity, and personal investment - so much of which is no longer a priority now.

>The internet is so important that for every 10 people who gain internet access, about one person is lifted out of poverty and about one new job is created.

Citation needed. Like, really.

subdane 3 days ago 0 replies      
No pressure or anything. Love, Mom and Dad.
tmsh 2 days ago 0 replies      
"He has informed us that he plans to sell or gift no more than $1 billion of Facebook stock each year for the next three years and that he intends to retain his majority voting position in our stock for the foreseeable future."


What an amazing donation! But not for the foreseeable future. I don't care how multiplicative his voting shares are. If there is no plans to sell them in the foreseeable future, this is a pledge spread out across a generation, decades, while real problems are affecting us every year. Every year where he just capped himself at 1 billion dollars in donations.

Why are you applauding this?

harryf 3 days ago 0 replies      
> right now, we don't always collectively direct our resources at the biggest opportunities and problems your generation will face.

One of the biggest problems facing kids in the west is digital addiction. Society as a whole is still collectively in denial here as adults gain from it, from parents who get some peace while the kids play with the iPad to game developers pushing out endless FarmVille clones attempting to get kids hooked enough to convince their parents to approve some in-app payments.

The problem is already there - just need to look at the amount of Ritalin being subscribed - http://www.theguardian.com/society/2012/may/06/ritalin-adhd-...

gabea 2 days ago 0 replies      
It is unfortunate that we cannot accept the kindness and generosity from those who have been blessed with wealth and whom wishes to share it with others. Rather we ridicule them and surmise that they have some hidden agenda behind their desire to share.
7cupsoftea 3 days ago 0 replies      
This is very admirable. Hats off to Mark Zuckerberg. Very well done!
queryly 3 days ago 0 replies      
This is amazing. Money doesn't make us live longer, but does $45 billion help bring the future sooner? I bet it does. It will widen our horizons on what's possible. Everyone on earth will benefit from it.
cJ0th 2 days ago 0 replies      
Alternative proposal: Use that money to turn Facebook into a self-sustaining non profit that solely cares about maximizing its users experience and stop breaching privacy so that data can be sold.

Perhaps that's not as fancy as investments in health, education or the environment but at least it seems very doable and could solve one problem (excellent means for human communication) for good.

bikamonki 3 days ago 0 replies      
Dear Max, you are filthy rich. I accidentally created a very successful social network. People mostly use it to post cat pics, drowned babies, whine about everything and the best possible selfies they can take, or you know, post stuff that is addictive to humans. We then sell ads and well, make tons of cash. I say accidentally created because there where already social nets out there but mine was just out at the right time and had the right funding and coaching we needed. Well, honestly, I also had to screw a couple of guys to get here. Anyway, Maxy, all this is ancient and boring stuff. The deal is that since I have tons of cash and success people think I am smart, I think am smart too, so I ought to know a thing or two about how to solve real world problems. I mean it can't be that hard: it is just a matter of developing tech. Billy is throwing 2B to energy research, I can do just the same, see daddy will be a hero too! Anyway dear, this posting personal stuff on Facebook fever just got me and I love you and it is so cool Shakira just likes this post. Also, the post generated a billion views, we sold them ads at premium: your first day on Earth Maxy and you are one million dollars richer! Ok, thats it. Love. Dad.
aswanson 3 days ago 1 reply      
I have had some problems with the way his company operates sometimes but I can't find a single thing he said I don't emphatically agree with here. Hat tip, Mark Z.
uhtred 3 days ago 0 replies      
I'm so glad I'm not on Facebook.
canes2001 3 days ago 0 replies      
Many wealthy citizens have only used their wealth to enrich themselves and their families. It is nice to see someone that is focused on making the world a better place.
altonzheng 3 days ago 0 replies      
Okay yeah there might be a lot of flaws or criticisms about this, but at the end of the day, this is a net win for society. Go Mark and Priscilla!
Mark1999 3 days ago 0 replies      
Thanx Mark. Now that your CIA financed endeavour became a money making machine, you find it is about time to contribute some sort of "philanthropy" to the world. It is no wonder the millions of serfs don't waste any time to congratulate you on this great action of yours. Please, a word from the world to American based institutions: Please, stop saving the world. Really, look at what your government is doing to Syria, etc supporting terrorists through CIA controlled channels. And for God's sake! Read the reports from World Bank before posting this "i will save the world" letter: Poverty and inequality have risen during the last years, not decreased!
fantasticsid 3 days ago 0 replies      
Reading some of the comments make me sad. This has happened so often lately..
zobzu 3 days ago 1 reply      
When I read this stuff (as in the letter) I just think one thing:

You guys are so full of yourselves.

pgodzin 3 days ago 0 replies      
Interesting how internet connectivity is mentioned without a reference to internet.org after that got a lot of net-neutrality heat. Regardless, great to see so much money being invested in so many great causes.
ausjke 3 days ago 2 replies      
A great read indeed, plus a nice picture.I'm going to print out this and read along with my next generation.

I'm thinking about starting to use facebook again, left it a few years ago.

FussyZeus 3 days ago 0 replies      
When things like this pop up, as well intention-ed as they may be, I just think to myself, if this were just a regular guy and not famous, would anyone give a shit?
throwaway999888 3 days ago 0 replies      
> Today your mother and I are committing to spend our lives doing our small part to help solve these challenges. I will continue to serve as Facebook's CEO for many, many years to come, but these issues are too important to wait until you or we are older to begin this work. By starting at a young age, we hope to see compounding benefits throughout our lives.

In other words, I'm getting in on this philanthropy thing at a much younger age than Bill Gates.

poub 2 days ago 0 replies      
I would have loved having parents writing such beautiful letter to me for my birth.Its an extraordinary beautiful welcoming.
fijal 2 days ago 0 replies      
I think a bad sentiment here is mostly generated not about what Mark says on his post, but what he does otherwise. We've seen a fair share of controversy regarding facebook, privacy practices etc, we've seen a fair share of controversy regarding internet.org.

I for one find it all skeptical - I don't see how his ideas would align with facebook goals as a company

keane 3 days ago 1 reply      
Disappointed once again in the immediate cynicism here but by now I should know not to be surprised by it in any community where nothing is sacred.
DyslexicAtheist 2 days ago 0 replies      
I'm so excited about the trickle-down economics that I can hardly curb my enthusiasm
sakopov 3 days ago 0 replies      
Oh lovely. This is the same man who called his users dumb fucks in the infancy of his company. Now he's worried about future generations and pushes his corporate agenda innocently using his newborn. Facebook is like a goddamn cult that acts like God's gift to humanity.
NN88 3 days ago 0 replies      
this melodramatic bs
jordigh 3 days ago 0 replies      
> Your generation will set goals for what you want to become -- like an engineer, health worker, writer or community leader.

Realistically, we can't all avoid being garbage collectors or street sweepers, can we? Or will automation really replace all unsavoury jobs with high-paying professions?

kafkaesq 3 days ago 0 replies      
Can we truly empower everyone -- women, children, underrepresented minorities, immigrants and the unconnected?

Yes you can, Mark: Stop requiring people to use real names. And stop caving in requests from authoritarian governments that want to do their dirty work for them.

astaroth360 3 days ago 0 replies      
Well, I'll say that I appreciate the effort on Zuck's part, but somehow I still can't make myself like the guy :\

Oh well, I guess I don't have to like him to appreciate that kind of cash going into worthy causes.

zurn 2 days ago 0 replies      
Wow, addressing climate change and unsustainable resource consumption are absent from the list and "protecting the environment" is once mentioned in passing.
tmsh 3 days ago 0 replies      
I think this letter and http://givingpledge.org/ are good.

But we all give away wealth when we die. To someone or another.

The pledge is not necessarily one of generosity other than looking past one's family. Which is something, but less impressive along the generosity dimension than giving away more earlier (while that money has a very real opportunity cost to you).

That said, if I had billions of dollars, I'd be investing in my own research and not giving it away. But that's just me.

seansmccullough 3 days ago 0 replies      
His daughter is clearly not the intended audience of this post. In fact, the fact he is having a kid has nothing to do with this post.
jordache 2 days ago 0 replies      
so you equate to internet monolopy as impactful as curing diseases?? So the dude is doing something else you find objectionable, but it doesn't come close to good stuff he is trying to accomplish.
breakyerself 3 days ago 0 replies      
Well I hope he learned something from the boondoggle his grant to Newark schools turned out to be.
SCAQTony 3 days ago 0 replies      
He just put his baby into the public eye; now it's paparazzi bait like some Prince's kid in England
ForFreedom 2 days ago 0 replies      
Kayne and Kim named their son, NorthMark and Priscilla named his daughter MAX.
salgernon 2 days ago 0 replies      
In the end, the only thing anyone has to give is their time.

How many billions of hours are spent daily on Facebook? His fortune is won on the backs of those poor fools.

It ain't gonna happen, but shutting down Facebook now would be a greater philanthropic act. (Yea and obviously OtherFacebook would come online.)

dimdimdim 3 days ago 0 replies      
As I said in previous post --- if I were writing a letter to my son, it would be a private affair and not posting it worldwide on FB.

Also, there is a huge difference between pledging to donate during our lifetime and "donating". Anyone can make that pledge and then decide a comfortable schedule.

o0-0o 2 days ago 0 replies      
This would have been a lot more genuine if he had just wrote the letter - tucked it away - and then let his actions do the talking.

When a choice is between doing the right thing loudly, and doing the right thing quietly, the amount of noise you make is the inverse of the size of your dick.


msoad 3 days ago 1 reply      
This is really cool. I kind of missed notes in Facebook. How do you create one?
charlie_vill 2 days ago 0 replies      
Thank you Mark.
melted 3 days ago 0 replies      
I like Zuck. He seems to have picked the right role model to follow (Bill Gates). I just hope he cashes out before a credible competitor takes over.
saccrant 3 days ago 1 reply      
Time to short Facebook stock.

Given stock is the best way to motivate executives, when the guy on top is giving all of it away you know where the stock price is going.

frame_perfect 2 days ago 0 replies      
Actions speak louder than words.
anon4this1 3 days ago 1 reply      
I'm dismayed by the lack of focus on the environment here. Humans as a species are doing just fine. Health gains just marginally improve that. We need to focus on finding balance with nature that doesn't involve mass extinctions and subjugation.
orionblastar 3 days ago 0 replies      
It is a lot of promises that are hard to keep.

They think they can just throw money at a problem and it will eventually go away given enough time.

They think people in communities will give up their bigotry against certain groups without a fight. They think everyone in the future will adopt the same worldview that they have. They think that they can solve poverty by giving everyone an Internet connection on the planet and most people who are poor are illiterate and can't read and write.

Like I said a lot of promises.

Some problems can't be solved with money, it takes innovation, it takes a new way of thinking, it takes doing things in a way nobody thought of yet.

Students who are poor and have family problems have emotional and psychological problems that hinder their learning. No matter how much money you spend on their school, as Gates has learned, their test scores don't go up. https://www.washingtonpost.com/news/answer-sheet/wp/2014/06/...

This effort by the Gates Foundation proves that building better schools does not give the students a better education.

You see they made the mistake of throwing money at a problem in order to solve it. Five years later and a disappointment in what they had created.

Parents of the students get by with low paying jobs, because there is a wealth inequality in our nation. It leads to poverty, family issues, emotional and psychological problems none of which building new schools could address. All of which factor into having a hard time learning and getting better test scores.

Why is there a wealth inequality and people have to settle for low paying jobs?

Technology has automated most of the good paying jobs so they can be done with computers for free. Microsoft and Facebook for example earn money from technology that does work for others for free and earns money. Websites can operate 24/7 and replace people who take phone calls or work at a desk to fill out forms.

Also we used to have factory jobs until we shipped those jobs to China because the labor cost less over there.

Getting a good education is only possible if you have a good enough credit rating to get a student loan, if your family is poor and struggles and misses paying bills, you will have a bad credit rating and not be able to get a student loan for college. Not getting good enough grades will lead to a lack of scholarships and other things.

People who can't get a college education face a life of hardship working low paying jobs just to get by. Not everyone can become a computer programmer after being a dropout, and then join a startup. Some have to work retail jobs in the service industry and 2 or 3 of those jobs. Not having time to raise their children properly. Not able to help with homework because they work overtime to get enough money to pay the bills.

These factors have not been addressed in the future plans for fixing our education system.

Sure you can learn a lot on the Internet and even use it to earn money, but most people just use it for entertainment value and communication. So there are distractions to learning on the Internet. But what happens when the freelance market suddenly gets 3 billion more lower wage contractors in it all competing for the limited amount of contracts?

I wish I knew how to solve these problems, but I learned from experience that you can't just throw money at them and solve them.

You need the government to help out with some sort of basic income program to lift people out of poverty as good paying jobs are scarce because of automation or AI advances. I expect that to get worse in the future.

You need better mental health clinics to address the emotional and psychological problems associated with poverty for the students to be able to learn better. You need to find money for tutors to help them with homework when their parents cannot. You need to teach poor students stress management and test anxiety management so that they can o better in tests and learn better study habits and score higher.

I've found at least with my son, that the Internet is a distraction for him. Time he could have spent studying for tests, he instead watches Youtube videos and plays video games. I've tried to help him as best as I can, but now he is failing chemistry as a junior in high school but passing his other classes because they are not as hard.

We are one of those poor families because I ended up on disability in 2003 and don't earn as much as I used to as a programmer. There is only so much I can help my son, he makes decisions for himself, but I cannot force him to study more or do better on his tests. I feel as if I didn't go on disability we'd be better off and I'd be able to hire a chemistry tutor for him to get his grades up. I forgot as I took chemistry in 1985, and it was so long ago. It is harder to raise a child than you think, esp if you are on a limited income. The school he goes to is a good one with good teachers and modern equipment and they use iPads for ebooks and learning, but it is not enough and still students struggle with their classes.

No matter what you do there will still be problems as no system is perfect, and students will still get low mtest grades no matter how good a personalized system you develop. The Dewey System was developed for personalized learning and it failed. https://en.wikipedia.org/wiki/John_Dewey

Most of what they are trying to do has already been tried and failed. It is like trying to go against human nature and change the way human beings behave so they can learn better. But human beings cannot be reprogrammed like robots, and almost all of these theories go with the case that human beings can be reprogrammed like robots to create a better community for better learning.

It is like trying to solve a social problem using technology thinking, you need to think in terms of society and the way people work, which is not the same way technology works. You need to lead social reforms in communities in a way that makes sense to everybody and not just people on a certain political spectrum that leaves out all others. You will face a resistance to change, as many won't want to change. People will come up with conspiracy theories over the changes, etc.

It is a good start to build a different system of education and try to make new communities for education for everyone, but money alone won't solve it, you need the cooperation of everyone in the community to change the way their human nature works and give up on the old ways of doing things. Some won't want to give up on the old ways.

supergirl 3 days ago 0 replies      
Every rich guy thinks he knows what's good for the world. And why announce this together with the birth? Should the world celebrate this miraculous event that also led to our salvation?
jpeg_hero 2 days ago 0 replies      
Patrick Bateman -- World problems speech


hvis 3 days ago 2 replies      

"Please log in to continue."

Seriously? One might think they would prioritize raising awareness over increasing Facebook userbase.

wityak 3 days ago 1 reply      
Expensive shot at Bezos and his distate of charity. Well played, Zuck.
gesman 3 days ago 0 replies      
Adorable baby girl, welcome to the world.

PS: stress and toxicity quite often are the real causes whereby the few diseases Mark mentioned is a consequence.

bababouy33 3 days ago 0 replies      
Wow, that's a lot of pro-facebook comments for a "Hacker news" site. Shouldn't you people be browsing reddit or better yet, facebook?
How to be like Steve Ballmer medium.com
734 points by drb311  1 day ago   177 comments top 33
bigdipper 1 day ago 4 replies      
Let me add some color to the speculation here, I worked under Ballmer for sometime leading a product.

Ballmer was a math genius, he was also a spreadsheet whiz and knew as much as a CFO did at anytime. His memory was that of a thousand elephants, and could recite forecasts, actuals and numbers for multiple years in one go.

Microsoft played in the enterprise space, and Ballmer was a marketing genius when it came to enterprise positioning. I credit him with driving the attach revenue concept within the enterprise. Companies that bought Windows, bought office, bought Exchange server, bough maintenance and more.

Even more, he was a relationship marketing genius. He had a photographic memory and remembered names of people he would meet once and recall entire conversations after months/years. And this was globally, he took the company global in a very aggressive way.

He rewarded people, both Bill and Steve weren't stingy about doling out stock - unlike Jobs. This kept a strong talent pool of A players at Microsoft.

He had a strong penchant for the enterprise and where he started faltering was when the Internet started maturing and consumer experiences started converging with the enterprise.

Nevertheless, this man took Microsoft from $15B to $70B in revenue and you can't belittle that.

loeber 1 day ago 5 replies      
Something rarely mentioned: Ballmer could've been a first-rate mathematician. He graduated magna cum laude with an AB in math, and beat Bill Gates on the Putnam exam, finishing well within the top 100 contestants that year.
brudgers 1 day ago 1 reply      
Ballmer was the "business guy" at the startup that created the greatest ever amount of money for its founders and employees by holding off an IPO and raising a minimal amount of outside investment. The amount of equity he and Gates retained allowed Microsoft to take a long term rather than a quarter by quarter Wall Street driven approach for about twenty years following the IPO.

If Microsoft is currently undergoing a renaissance, it may be because Ballmer got the supertanker turned onto the right heading. Unlike the much beloved Sun, Microsoft is still around and its works are trending toward the right side of history while Sun's legacy is increasingly sliding into the pale of Oracle.

MichaelGlass 1 day ago 1 reply      
"Heres somebody wholl wear their mediocrity with such energy, with such boundless enthusiasm and unbridled passion, that nobody else even tries to compete.Youre not Steve Jobs. Youre mediocre, like me. Youre reading shabby online articles about how to be like somebody else. Do you think Steve Jobs did that?"

A+ Be all the Balmer u can be. Balmer forever and ever.

SonicSoul 1 day ago 2 replies      
fun read but i'm not convinced about the advice. I'm sure Balmer is a smart guy and lucked out by joining MS as #30 (is it really so unlucky to be #30 at MS?). He was also outspoken, loud, and perhaps had some leadership qualities lacked by other nerds at that moment. And now it's easy to pick him apart and "be more like Balmer" but I doubt mirroring his annoying personality will get you far.

Next time you give a presentation, repeat the same key word or phrase at least 5 times. Preferably 10.

i think Balmer succeeded despite this behavior, not because of it.

When you sense a gap thats closing push yourself in with full energy. Love the party, get into it, then make it your own

the "make it your own" is almost like saying "tell a funny touching story that everyone will love".

Imagine you areor bethe tallest person in the room. (Create situations where youre standing and theyre sitting?)

this reminds me of the NLP craze back in the day, i.e. micro behaviors that are subconsciously making you more attractive / easy to relate to / superior etc. Dubious at best.

* not to dismiss micro behaviors completely. There are numerous TED talks about body language that present convincing evidence that it works. I think they are especially applicable if you're the kind of person that tries to occupy least space and remain un-seen in meetings. For an average person I just think this is a minor tweak, not the big change standing between you and tres commas club.

allenbrunson 1 day ago 2 replies      
i was prepared to snark. i don't like steve ballmer, i don't want to be like him. i don't like what he stands for. i can't think of one positive thing about the guy, other than perhaps his loyalty. but this article has a bunch of interesting insights nonetheless, delivered in a funny way.
volandovengo 1 day ago 4 replies      
Despite his public perception, he's incredibly intelligent. He has an IQ of 150.

His strategy of being a fast follower worked great for Microsoft when it had crappy competitors - it was ill equipped to deal with good ones like Apple and Google.

someear 1 day ago 0 replies      
Dude has passion. Worked at Microsoft for a few years, and even though I didn't agree with many of his decisions...he does what he loves, and loves it so much, that it passes on to others as well. We need more of that everywhere, in every aspect of life, not just business.
hoodoof 1 day ago 3 replies      
Ballmer was there since the earliest days of Microsoft. Only a fool would somehow think he just came along for the ride.

Gates chose to give him a large slice of equity because he saw that he wanted something that Ballmer had and as far as I can tell that worked out extremely well.

I won't argue that Steve Ballmer was the technical creative genius that Microsoft needed but to suggest that in some way he stumbled in and rode the gravy train, well I don't buy that.

The new generation probably have little concept of how absolutely and totally Microsoft dominated the computer industry, in a way that no company does now (nope, not even Apple dominates today anything like the way Microsoft dominated in the 80's and 90's). It was Microsoft's world in a very real way. There were two men behind that complete domination - Steve Ballmer and Bill Gates. The cynical (and there are many) might say "well it's Ballmer that lost that domination", but I wonder if such ongoing utter domination was even possible in the greatly expanded industry post WWW, regardless of who the leader was.

Steve Ballmer is more than worthy of admiration, if you were smart you'd try to learn from him rather than portraying him as a buffoon sidekick to Bill Gates. To evaluate him in this way just displays ignorance.

I think Gates brought on Ballmer as the business partner he needed, not the business partner he started with (Paul Allen). I'm not knocking Paul Allen but Bill Gates felt he needed Ballmer as his partner and as far as I could tell Ballmer and Gates were a powerful team, not Dean Martin and Jerry Lewis.

And when compared with Steve Jobs, it's worth remembering that Steve Ballmer and Bill Gates comprehensively beat, pounded and dominated Steve Jobs' Apple until "Steve's return". Apple was on the brink of going out of business when Steve returned and stayed in business because Gates and Ballmer provided Apple with $150M to stay in business - a wise move at the time because Microsoft was in trouble with the justice department and needed to ensure that there were companies still in existence that could even vaguely be argued to be valid competitors to Microsoft.

Many, many entrepreneurs tried and failed to get the better of Gates and Ballmer until eventually a perception formed that you were an idiot if you tried to compete with them. VC's wouldn't invest in anything that was even seen as potentially an area that Microsoft might be interested in being involved with. Ballmer is one of the most formidable and, in his time, feared businessmen ever.

Ballmer is one of the greatest business people of all time even if he doesn't have the romantic and charismatic story of Jobs or Gates.

Respect is due.

exelius 1 day ago 6 replies      
So Ballmer is the ultimate PHB?

This is a great way to build a career, but if you look at his track record at Microsoft, I'm not sure Ballmer is the guy we want to be emulating. He was hard-headed, amazingly risk-averse when it came to Microsoft's core platforms, and was not a great manager (he was unable to control a lot of the culture problems that plagued Microsoft in the early 2000s).

It's fine to make bold moves that fail, but Ballmer's failed moves weren't really all that bold. They were big, but not incredibly bold, and were often doubling down on a failing business inside Microsoft.

rthomas6 1 day ago 1 reply      
You know, in the same vein... Salieri was a pretty decent composer. He got some fame and recognition. Maybe it's not so bad to be a Salieri and not Mozart, because he's still a hell of a lot better than most.
kareemm 1 day ago 0 replies      
The one thing Ballmer did right was double down when he saw a huge, once in a lifetime opportunity.

Warren Buffet and Charlie Munger say that without their top 20 performing stocks, they'd be also-rans. Which really goes to show that when you find a great opportunity in life, you should go at it as hard as you can.

pcunite 1 day ago 0 replies      
The photo of Gates and Ballmer is from this article, online here:


CurtMonash 1 day ago 0 replies      
IIRC, Ballmer at one point went double or nothing, margining his stock to double his position. That explains half of his stake right there.

That's when he was worth $100 or $200 million, not long after the IPO.

Jim Treybig of Tandem Computers did something similar when he lost half his stock in a divorce.

m52go 1 day ago 0 replies      
> Go to the mirror and practice these faces.

Great piece. This article is worth a click for that lead image alone. I really wonder what the context was for such an expression.

srameshc 1 day ago 0 replies      
I would have passed this article anywhere else if not for Hacker News. This is a great insight and great way to work on your personality.
NickHaflinger 1 day ago 1 reply      
'SteveB went on the road to see the top weeklies, industry analysts and business press this week to give our systems strategy. The meetings included demos of Windows 3.1 (pen and multimedia included), Windows NT, OS/2 2.0 including a performance comparison to Windows and a bad app that corrupted other applications and crashed the system. It was a very valuable trip and needs to be repeated by other MS executives throughout the next month so we hit all the publications and analysts.'

'The demos of OS/2 were excellent. Crashing the system had the intended effect to FUD OS/2 2.0. People paid attention to this demo and were often surprised to our favor. Steve positioned it as -- OS/2 is not "bad" but that from a performance and "robustness" standpoint, it is NOT better than Windows'.


"I have written a PM app that hangs the system (sometimes quite graphically)."


talles 1 day ago 2 replies      
I thought the article was serious until I reached the "Steve Ballmer mission pack". Author can't be serious.
l33tbro 1 day ago 0 replies      
The Charlie Rose interview is a pretty decent insight into the man. Certainly shuts up the armchair quaterbacks here with 20:20 hindsight calling him an idiot for certain career moves.


rogerbinns 1 day ago 0 replies      
It all comes down to sales being easier to measure than other parts like development. Something like "doubling revenue" can be reasonably objectively measured. Trying to do the same thing for a developer is way too hard: double X? halve X? where X is lines of code, bugs, hours of attendance, appraisal scores, or other measurements don't remotely cut it, and are easy to game. (Revenue can also be gamed to some degree, but people/companies parting with cash is a higher hurdle.)

That let him make a measurable deal with Gates & Allen. A new developer as employee #30 doesn't have anything comparable.

keepitsurreal 1 day ago 0 replies      

Am I doing this right?

CurtMonash 1 day ago 0 replies      
Anyhow -- Steve had all the personality at the Windows 1.0 launch. Well, Steve and John Dvorak. Mike Maples and Jon Shirley, however, seemed like bigger deals in the company than Steve a while each.

Steve is basically a great salesman. He's both a huge extrovert and a great listener. He's delusional enough to completely believe, yet well smarter than other similarly delusional people. I presume he has all the sales process mechanics mastered too, but I don't actually know that for a fact.

ape4 1 day ago 2 replies      
from wikipedia: In 2007, Ballmer said "There's no chance that the iPhone is going to get any significant market share. No chance."[55]
umaguma 1 day ago 0 replies      
Did Ballmer ever do any programming?

If not, why?

Did he just have no curiosity or interest?

Sounds like he had far more capacity for maths than Jobs.

kozukumi 1 day ago 0 replies      
My personal opinion of Ballmer is that he was/is brilliant but he failed to prioritise in the right areas during the mid 2000s. He did well with investing in Azure and cloud tech but he was an idiot for letting Sinofsky run Windows into the ground with Windows 8.
rajacombinator 1 day ago 0 replies      
This just shows that terminal net worth is not that important.
0mbre 1 day ago 0 replies      
So introvert vs extrovert?
x0 23 hours ago 0 replies      
You forgot "do a line of coke before giving a presentation"
visakanv 1 day ago 1 reply      
> i was prepared to snark

I don't know why but this just got me laughing so hard. I'm thinking about one of those infomercials. "They laughed at me when I sat at the piano... but when I started to play!"

It's like the Hacker News slogan or manifesto or something. HACKER NEWS: WE'RE PREPARED TO SNARK.

cookiecaper 1 day ago 0 replies      
Awesome article.
rbanffy 1 day ago 0 replies      
jheriko 1 day ago 5 replies      
its a shame this is a joke.

you really could learn better from ballmer than from jobs imo.

i'd much rather be successful for the like ballmer than jobs. cult following is creepy, and recieving kudos even when you do nothing makes it easy to lose perspective.

jobs was great at what he did, but massively overrated thanks to the excellent work of the apple marketting guys. those guys are absolutely amazing at what they do. its a shame they don't get more credit.

Leaked Documents Reveal Police Department Planted Drugs for Years, DA Complicit henrycountyreport.com
572 points by coloneltcb  3 days ago   250 comments top 35
hackuser 3 days ago 21 replies      
It seems like there is a smoking gun in this case (though I didn't review the evidence thoroughly). Widespread availability of video recording and distribution has provided many more smoking guns. Certainly, there are many more incidents where no smoking gun evidence is available.

For a long time, black Americans have been claiming that such things happen and were widely ignored or disbelieved. It was and is a grave error - I can't imagine how many victims there are. This raises critical questions:

1) Why did our society make this error?

2) How do we prevent making the same mistake in the future, regarding other issues?

3) About what issues are we making the same mistake right now?

Also: What do we do about the legions of victims? Ignoring them yet again would be a crime.

datashovel 3 days ago 3 replies      
Keep the leaks coming world!

The joke is that anyone who is truly qualified to run for office doesn't want the job.

I hope that the more leaks like this that come out, more qualified people will realize they can't just stand by idly thinking the system will just fix itself.

I imagine Snowden leaks alone have gotten far more "qualified" people engaged in civic activities than we'll ever truly comprehend, and have taken a bit of the "fear of rebellion" out of those who might not have spoken up in the past.

cjslep 3 days ago 2 replies      
Is it bad that this honestly doesn't surprise me? In 2005 my 15 year old self was passing through Northern Georgia to see grandparents, and we hit traffic at the only town stoplight because a Grand Wizard and lots of KKK members were rallying in the streets celebrating running the last minority out of the county. As a white middle class guy, that was quite the contemporarty class on race relations.

Racism is alive and well in the South, and it is slow to change because the communities are small and not super interested in the internet justice movements.

banku_brougham 3 days ago 2 replies      
If this story is not picked up in the larger media I will be disgusted, but I'm happy to see this come to light. Trust is a huge part of the police/citizen relationship, and it's in a bad state.
dragonwriter 3 days ago 0 replies      
Note that as well as the DA being complicit, the involved supervising officers are the current department chief and the state Director of Homeland Security.
NN88 3 days ago 0 replies      
This is explosive. The white supremacist implications here are undeniable. Director of AL homeland security? Good god

This is LITERALLY as bad as it looks.

The evidence is astounding.

aagha 3 days ago 0 replies      
A ton of the comments below are about how cops are abusing their power. The other group that seems beyond the reach of justice are district attorneys.

The system is setup so that DA's watch out for cops' backs and the cops for the DA's. Cops would be less likely to engage in bad behavior if they knew that DA's were less willing to support it.

Oh, and then there's the private prison system...

markman 1 day ago 0 replies      
I'm reading these comments somewhat in disbelief. Put the torches down people. You know it took me the better part of 40 years to realize that if one is the greatest guy in the world 95% of the time and a complete asshole 5% of the time guess what that makes you? A complete asshole. Especially ally to the people that only see you during that 5%.

Well the same holds true for the police. These travesty could and probably is only perpetrated by a tiny percentage of officers yet Now with the release of this story(has anyone -confirmed it's legitimacy?) at least those commenting have already confirmed judged and condemned the bulk of every police department in the nation as shoot to kill monstrous overlords. I'm sorry but that's just not the case.

dre85 3 days ago 0 replies      
I just read the title and it immediately reminded me of Dave Chapelle..."just sprinkle some crack on them and leave".
pipermerriam 3 days ago 1 reply      
This is an honest question.

Realistically, how do we dismantle the police state. It seems like the NSA, FBI, and some not insignificant percentage of the police forces have gone entirely rogue or lost track of their mission entirely.

It feels hopeless. So much outrage but so little actual ever changes. Does anyone have any ideas because I'd love to hear them.

tptacek 1 day ago 0 replies      
The SPLC has retracted their links to this story amidst doubts about its veracity.


cygnus_a 3 days ago 2 replies      
Another reason to decriminalize drugs in favor of self-help programs.
gravypod 3 days ago 0 replies      
I hope that there will be an investigation into who has been effected by this.

I look forward to seeing the details from the future court dates that result from these findings.

Zigurd 3 days ago 0 replies      
At some point the limits of immunity have to be tested. Can a DA operate with such malintent and get away with it? The cops? At what point can they be stripped of immunity and pursued by their former employer for creating a huge liability?
agf 3 days ago 0 replies      
Dan Quan, a co-worker of mine, spoke about his experience as a police officer, and the mentality he saw from other officers, in his talk at Rocky Mountain Ruby, "Policing and Pairing: An Unlikely Preparation" (https://www.youtube.com/watch?v=NgGaO92oIGg). While not the main subject of the talk, it's an interesting first-person perspective.
williamle8300 3 days ago 0 replies      
The website was down. Here's the wayback link:


DanielBMarkham 2 days ago 0 replies      
Try googling "Alabama Justice Project", which is the group responsible for this release.

I got three news items, 2 from today. One empty blog set up months ago. Poking around some more, I get Jon Carroll, the author of "The Henry County Report", breaking the story from the Alabama Justice Project, which he is also involved in. I see the Southern Poverty Law Center mentioned in a couple of the dozens of copy-links from this story, but nothing on their site.

I'm not saying this report is fake, or even trying to discredit Carroll. But you gotta admit this is a really weird way to break a story of such huge magnitude. Sure would be nice to have some other outlet check the facts on this. There are a lot of people implicated in this article, and the author uses phrases such as "slam shut case" which leads me to think he has an agenda. Combine that with the weird provenance? I get uneasy. We got one lone wolf and 47-thousand mainstream news outlets copying what he's putting out.

News ain't what it used to be.

anvil_jones 3 days ago 1 reply      
What is the Alabama Justice Project. 99% reliability on a POLYGRAPH test?

I wish I could read more of the article since it seems to be down and google webcache isn't the best. How come none of these cases have been covered by any other organization? Wouldn't a pending lawsuit against the police organization be news?

Surely there is corruption/racism in the police department. But is this article valid?

cheez 3 days ago 2 replies      
Thank god for whistle blowers.
cryoshon 3 days ago 0 replies      
Systemic severe racism over the course of 20 years? A cover up by the police? Par for the course in the USA, and it's disgusting. The justice system in this town has been an injustice system for as long as some of the people who live there can remember.

There may be riots because of this. They will be justified.

lectrick 2 days ago 0 replies      
Someone whose very job demands a high standard of integrity, acting in this fashion... This is what a horrible human is.

Michael Magrino, cited in that article many times, seems to be the person behind http://mandmprivateeye.com/ so perhaps he's already moved on from straight-up police work to private investigations.

Kinnard 3 days ago 0 replies      
I hope everyone who has heard the cry of a victim claiming to have been framed and ignored it reflects on having done so.
xexers 3 days ago 0 replies      
Is there a better source for this story?
NN88 2 days ago 0 replies      
Heres all the documents:


rdlecler1 2 days ago 0 replies      
This is terrible and it undermines The entire justice system. This is treason against the constitution.
inthewoods 3 days ago 1 reply      
I can't see the article when I click through - anybody got a mirror?
icewater0 3 days ago 0 replies      
Hmm. I cannot reach the site.
idibidiart 3 days ago 0 replies      
Bring the motherblowers down!
fencepost 3 days ago 0 replies      
(reposting a comment I put elsewhere with direct links to exhibit documents)

The Internet Wayback Machine has it from today

Archive.org has https://web.archive.org/web/20151202021559/http://henrycount... , this is just one of the versions they picked up today.

The article links to a variety of scanned documents hosted elsewhere, which look like excerpts from a full document dump. Exhibits 8 & 9 do not appear to be linked from the Henry County Report page.











(edit: note that the documents numbered 144484-144489 are unrelated, mostly Italian?)

policestate101 3 days ago 3 replies      
America is a police state, ruled by a corrupt elite Willing to break laws, rewrite them if possible, create secret ones when needed, they will torture, murder, commit war crimes, this the country Americans reside in, only they do not want to except this increasingly glaring truth.

What happens instead is people who speak out are ignored, derided, and silenced.

krapp 3 days ago 0 replies      
Huh. I see someone posted an article about police corruption to Hacker News...

- declaration that the US is a police state? Check.

- assertion that all police are criminals? Check.

- call for the repeal of all drug laws? Check.

- argument about whether or not black people are genetically predisposed to violence and criminality? check.

Now all this thread needs is a tangential discussion about the Second Amendment and I'll have bingo.

dang 3 days ago 8 replies      
We detached this subthread from https://news.ycombinator.com/item?id=10660295 and marked it off-topic.

You reveal your lack of good faith with the slur, "the criminality of the black community". If you were genuinely interested in factual exploration, that's where you'd be least likely to go.

mintplant 3 days ago 1 reply      
> Once the examiner has an adequate series of charts to evaluate, he will begin the scoring process. This is done most often using a numerical scoring method which evaluates the subject's physiological responses to the Relevant and Control questions. The computer polygraph may also use an algorithm developed by the Johns Hopkins University Applied Physics Laboratory or other researchers to score the examination. The examiner can use this algorithm to independently score the examination or for quality control purposes to verify his own determination.


If you look closely, you'll notice that that's a copyright notice for a piece of software evaluating the results. The test isn't necessarily being run by JHU APL, but the software was developed there.

See also: http://www.jhuapl.edu/ott/technologies/technology/articles/P...

dzhiurgis 3 days ago 1 reply      
After the collapse of Soviet Union, in my country there was explosion of mafia. Police were incapable and this is exactly how police dealt with them. Draconian drug laws meant that cops could easily put gangsters to jail for a long time.

Basically if thugs play dirty, cops are playing dirty as well.

Signal Desktop whispersystems.org
546 points by marksamman  2 days ago   275 comments top 36
darklajid 2 days ago 10 replies      
I'm feeling dirty, because I don't like to be that negative, especially if we're talking open-source software. And I feel that I kinda hold this project to higher standards: If I compare this to WhatsApp/Telegram/Threema/Whatever, I inheritently, somewhat subconciously expect more from Signal.

And I'm disappointed. I tend to repeat the 'central server' and 'a phone number is not an address and not public information, it certainly is no identity' criticism.

When I read the headline/title, I thought 'Now maybe that would be enough to be ~good enough~ to ditch Telegram' in spite of these problems (which Telegram has as well, ofc). But really. A Chrome app. And works only (yeah, I think I said it before: Phone numbers suck) as a secondary client. And only if the first client is Android?

I seriously don't get it. And it certainly is not for me: I don't like that browser (I do have it installed for testing and to follow it at times, but there's no 'app' I'd run in Chrome). I don't want to tie something to my phone and I don't think that it should matter what platform my handset runs on - SailfishOS looks nice, FxOS progresses slow but ticks a good number of boxes for me.

Full circle to the first line: I don't _like_ to be negative and the headline gave me hope for a couple seconds. Unfortunately this release just deepened my belief that Signal wasn't meant to be for me.

hackuser 2 days ago 3 replies      
> Signal Desktop is a Chrome app

That surprises me. I don't trust Chrome for confidentiality; I assume it collects data for Google and I don't know that it protects my data from others.

If Chrome isn't trustworthy for confidentiality, it would seem to fatally cripple the security of Signal Desktop. However, I believe the people at Whisper Systems would see that obvious flaw so I suspect that I'm misunderstanding something - what is it?

rmchugh 2 days ago 1 reply      
Loving moxie's namedropping of oldschool revolutionaries:

Maria (Masha) Alexandrovna Kolenkina was a Russian socialist revolutionary from a merchant family in Temzhuk, a small town on the Sea of Azov. (1850-1926)Vera Ivanovna Zasulich was a Russian Menshevik writer and revolutionary. (1849-1919)Nestor Ivanovych Makhno or Bat'ko Makhno was a Ukrainian anarcho-communist revolutionary and the commander of an independent anarchist army in Ukraine during the Russian Civil War of 19171922. (1888-1934)(all above from Wikipedia)

sigmar 2 days ago 4 replies      
I don't understand why it prompts me to invite other people after putting me in line. Why would I email/tweet my friends to join this service if it isn't even ready for me? Seems rude to bother a friend with joining an internet line just so that I can get a better position in the line.

I love signal on android and have been looking forward to this, kind of rubs me the wrong way when I'm put in "line"

leonhandreke 2 days ago 2 replies      
Why incentivize spamming my friends with links before I've even seen the app, only to refer them to a waiting line? Sure, launch day momentum and all that, but I wish that as an entity that wants to be "the good guys", they can find a way to gain a broader audience for their app based on the app itself, not the buzz around it.

On a sidenote, does anyone know who funds their full-timers? https://whispersystems.org/workworkwork/ says they're not VC funded. But then who pays them?

phantom_oracle 2 days ago 4 replies      
I have a question about this...

Say a team of volunteers were willing to spend time to make something like a QT- or GTK-based native desktop application instead.

How much more difficult would this be compared to what they did/used now? (the chrome-app) ?

Also, will it take significantly longer to build such a native app?

Anybody with experience building native apps, please share.

aw3c2 2 days ago 2 replies      
This is a Chrome app. I miss the days of native apps. :(
gue5t 2 days ago 7 replies      
Why are all these encrypted chat programs (Signal, Telegram, &c.) still centralized and not TOR-style onion-routed?
chadk 2 days ago 1 reply      
All good with the Android, but disappointed this is Chrome. You would think they would have a FF plugin by now!
codemac 2 days ago 2 replies      
The join the beta button isn't working? I click and nothing happens.

I looked at the page source, but then I realized I don't know how the fuck javascript works.

finnn 2 days ago 2 replies      
>Don't leave your friends behind, invite them to signup with this unique link. The more friends that join, the further you will advance in line for the beta.

That's annoying.

hedgehog 2 days ago 5 replies      
Note: Android only.Edit: In the sense that it only works with the Android version of the app.
klapinat0r 2 days ago 0 replies      
This is slightly off-topic, but I hope moxie (or an employee of WhisperSystems - nothing official needed) wouldn't mind chiming in:

Since I loved the fact that I can run my own TextSecure server, I'm wondering why Signal does not run a similar model?

I'm curious which considerations went into this decision.

welly 2 days ago 0 replies      
Sadly, as much as I'd like to use Telegram or Signal rather than the usual suspects (sms, whatsapp, facebook messenger), it would require someone on the other end to receive my messages.

The likelihood of convincing my friends/family to use a messaging app that isn't any of the usual suspects is low to none. And none of my bleating about privacy issues will convince them otherwise ("I've got nothing to hide, doesn't bother me").

tdkl 2 days ago 0 replies      
Since when are browser apps "desktop" apps ?
NfnK2ECvNE 2 days ago 0 replies      
I agree with some of the folks here. I have the utmost respect for Signal and Marlinspike but this seems like a weird direction for this to go in. A Chrome app? Tying it to the Chrome App Store? Requiring a Google email for the beta group? Just seems out of place for Signal.
mrmondo 2 days ago 1 reply      
Requiring a google email address and chrome for a secure messaging system? Very strange move.
AdmiralAsshat 2 days ago 0 replies      
Any plans to make a Firefox add-on?
riquito 2 days ago 0 replies      
How much money do you need to develop and maintain a Firefox version? Can I donate? I don't want to help to enforce this idea that Chrom* is the only browser that can run certain things, is against my believes.
thursdaydecide3 2 days ago 1 reply      
This is slightly off topic but am I the only one surprised at the litany of permissions they require for the android app? Some make sense (like SMS or camera) but device & app history/location/identity/device ID & call info/contacts/calendar/microphone/phone seems like a smash and grab. I saw moxie speak at a conference once and he specifically called out the device id/call information permission as evidence that google doesn't care about your privacy, so why is his privacy-enabling app requiring it?? I thought these were supposed to be the good guys (and girls)? The good guys (and girls) don't do 'collect it all.'
fiatjaf 2 days ago 0 replies      
Why is there a queue for entering beta when it is possible to get the source and install on Chrome right away?
fiatjaf 2 days ago 1 reply      
Why do I need a phone number?
Spakman 1 day ago 0 replies      
I love Signal and advocate it wherever possible. After following along on the GitHub tickets for this project, I'm happy to say thank you and congratulations on the beta release folks!

I'm probably about to ask this on the mailing list soon anyway, but in case there is any hidden knowledge here:

1. There was talk of server federation long ago. Is this still part of the long term plan?

2. There was talk of not using a phone number as a required identifier. Is this still part of the long term plan?

kristofferR 2 days ago 2 replies      
Why make it a Chrome app instead of a node-webkit app?
dates 2 days ago 0 replies      
I got excited about signal after watching this video, which explains pretty well the challenges of encrypted communication and how Signal addresses them (it might be basic stuff for people super familiar with the topic though):https://www.youtube.com/watch?v=tOMiAeRwpPA
degenerate 2 days ago 0 replies      
If I wanted someting that looked like skype, I would just use skype. These bubbly colorful interfaces make me sad on the inside :(
AndyMcConachie 2 days ago 1 reply      
Why should I use this instead of Jabber/XMPP over TLS? Can someone sell me on this that knows how both work?


thecoffman 2 days ago 1 reply      
Shame that its Android only. Was really looking forward to giving this a try!
knocknock 2 days ago 1 reply      
I'm assuming this works similarly to WhatsApp Web (https://web.whatsapp.com/)
Sephr 2 days ago 1 reply      
Call it what it really is: "Signal Phone Remote". This is not Signal Desktop if you need a non-desktop to use it.
wepple 2 days ago 0 replies      
This isn't working for me - the code that is supposed to show up for me to scan doesn't work, I just see:


wepple 2 days ago 1 reply      
This isn't working for me, the code I'm supposed to scan won't show up, just


(I installed from github)

mtgx 2 days ago 0 replies      
I assume it doesn't have video support yet. Any chance it will within a year?
morsch 2 days ago 0 replies      
I've been looking forward to this! Thanks for all the hard work.
joshtgreenwood 2 days ago 0 replies      
The header photo looks like a Windows screen photoshopped into OSX.
jmnicolas 2 days ago 1 reply      
> Signal Desktop is a Chrome app which links with your [Android] phone,[...]

Unless your "adversary" is not the NSA, I wonder what's the point of encrypting your communications when those coms are taking place on technologies (iOS, Android, Chrome) from companies that are members of the Prism program.

The 99% (of startups) justinkan.com
519 points by thatha7777  2 days ago   167 comments top 23
downandout 2 days ago 6 replies      
This gives an interesting glimpse into the prognostication abilities of supposedly brilliant VC's. It also shows the the near-impossibility of cashing in private company shares, at least through VC's. In addition to this story, the Sony hack revealed that Evan Spiegel of Snapchat wanted to cash in about $40 million worth of shares just after he spurned Facebook's $3 billion offer. He was also roundly rejected. Had someone bought those shares, they would have been worth around $200 million today.

So anyone thinking that they're going to get much liquidity as a private company founder should think again. If the Snapchat and Twitch guys were rejected, the odds are not good that you will be the exception.

noname123 2 days ago 3 replies      
Would love to see a series of good curves:

(1) of all startup's started by people who working in the industry, quit FT jobs to do startup or put in serious moonlighting hours in startup; total earnings - opportunity cost, annualized:

(total income from startup - opportunity cost of hours worked on startup) / years spent

Maybe this data-set should be split further into bins of founders whose last title prior to startup were only individual contributors, or were executives, their age and pedigree etc.

Would love to see the distribution + standard deviation say, for computer programmer who quits the job to do a startup would gain or lose in earnings per year.

(2) of funded all startup; the alpha of investment: total return on investment - (S&P500 Index return in duration of funding to IPO/exit) / (S&P Index Return)

Maybe this data-set should be split further into bins of people involved: founders, first 10 percentile employees by join date, second 50 percentile employees and so forth...

Would love to see the distribution of return on investing in startup's as an investor vs. investing in S&P500.

srameshc 2 days ago 3 replies      
Why the hell is this so negative ? He is very clear "This is for all the founders who know they have built something that people want, but the rest of the world hasnt recognized it yet." It must be tough as a founder to prove yourself and others that there is an certain value to his/her business. Isn't a good exit is what an investor's or founder's option ?
hakcermani 2 days ago 0 replies      
Watching people play video games is a niche is now Im in charge of our consumer, marketplace and esports investing. Fuck them. Build your business. Thank You Justin, just what I needed today !
joefkelley 2 days ago 1 reply      
I kind of don't understand this post.

Surely Twitch is an example of the 1%, not the 99%?

Not that I disagree with the end sentiment - I'm currently at a startup that was acquired as part of the 99%, but I don't think this is the most effective person to be saying this.

perryh2 2 days ago 2 replies      
For those that don't know, Justin's new app The Drop is pretty cool. It's like reddit for EDM. https://thedrop.club
jacquesm 2 days ago 0 replies      
That's the most clear use of 'fuck you money' that I've ever seen.
rajacombinator 2 days ago 0 replies      
Nice. Sadly it's super rare to see anyone who's made it deviate from the script and share authentically like this.

I suspect this is more a case of "VCs colluding against founders" than "VCs being too dumb." When you have a legit $100 mil valuation, SOMEONE will buy those shares, unless you're blocked from selling.

lepunk 1 day ago 1 reply      
"...but there are hundreds if not thousands more startups that will make their founders and investors rich."

I think the correct word here would be "richer". For VCs 5x return on an investment while desirable, it's not the ideal outcome.

Consider a VC invests in 100 companies during X years, $1 million each. Ballparking here but 80 of these will be a total failure. 19 of them will make 5x return. That is -$100 million spent and $95 million gained. So if the last one is "only" a 5x return the VC gets their money back (-inflation, time spent, etc). Thats why they are looking mostly for Ubers and AirBnbs imho

xiaoma 1 day ago 0 replies      
The interesting question to me is if Twitch would have done as well if he hadn't gotten rejected 9 months earlier. Unfortunately we can't spin up another universe, alter that one variable and run a test.
Animats 2 days ago 4 replies      
It's depressing that Amazon paid four times as much for this business as Bezos did for the Washington Post.
arikrak 2 days ago 0 replies      
90-99% of startups fail[1], which should be mentioned in a post with that title.

[1] See e.g. https://s3.amazonaws.com/startupcompass-public/StartupGenome...

angryasian 2 days ago 0 replies      
I'm unaware of the timeline but I'm curious was he trying to sell shares in JTV or did twitch eventually spin off to a separate corporate entity from JTV. It makes a huge difference because JTV was a huge liability nightmare.
free2rhyme214 2 days ago 0 replies      
I love Justin Kan's writing. If you read this Justin keep writing more man!
feverishaaron 2 days ago 1 reply      
These investors aren't paying enough attention to their children / their colleague's children.

I would think that this guy's fame would have made this market opportunity super-obvious.


With his own personalized collection of Minecraft toys and all:


netcan 1 day ago 0 replies      
Questions for YC (I think):

(1) Is this a good thing? IE should founders, employees, VCs or other shareholders be able to cash in shares? (2) Is this fixable in some way?

known 1 day ago 0 replies      
"No one can make you feel inferior without your consent." --Roosevelt
ryporter 2 days ago 2 replies      
At the time he attempted to sell his shares, Twitch had raised $42 million, and had been valued at around $100 million several months earlier [1]. He is complaining about the gall of VCs not to buy his shares at a price that would imply a valuation of less than $194 million (and presumably not that far below). I do not believe that this is a good attitude for entrepreneurs to internalize.

[1] https://www.pehub.com/2014/08/amazon-pays-970-mln-for-twitch...

CPLX 2 days ago 2 replies      
What the hell is he talking about?

Is the summary of that article something like "this one VC didn't buy shares from me but then I got rich so fuck the haters 99% of you are going to be rich too" or something?

The article is like a word salad.

antoniuschan99 2 days ago 0 replies      
Tl Dr:

About Twitch.tv - Watching people play video games is a niche is now Im in charge of our consumer, marketplace and esports investing.

Fuck them. Build your business.

Makes sense :)

voynich61 2 days ago 2 replies      
"I was successful even though there was a long time that I thought I wouldn't be all that successful, and I've gotten to where I am because I believed in myself."

I paraphrase, but Poe's Law is in full effect here.

api 2 days ago 1 reply      
"I tried to sell some of my startup shares for below what the market turned out to be willing to pay for them, but people said no because it wasn't trendy and it sort of hurt my feelings, but then I got rich so haha!"

I feel really sorry for you bro. If you want some consolation you're free to PM me and we can totally hang out and you can buy me a house.

zillionize 2 days ago 1 reply      
"There is a tremendous amount of excitement about the top 1% of startups, but there are hundreds if not thousands more startups that will make their founders and investors rich."

I cannot agree more with Justin and we have had several investment cases like that.

PHP 7 Released github.com
447 points by legierski  2 days ago   303 comments top 42
trm42 2 days ago 11 replies      
PHP 7 makes life a lot better for PHP devs in many ways but one awesome thing is it obsoletes bunch of out-of-date tutorials by finally removing the old Mysql extension \o/


I actually met a young aspiring web developer who still learned DB-access with mysql_* functions. I urged him to switch to a sane framework like Laravel. Oh boy he was happy in a month and learned bunch of best practices quickly.

Flimm 2 days ago 0 replies      
ausjke 2 days ago 0 replies      
Been learning php on and off for a while, happy to see this release is out. Most likely I will use PHP for my future projects instead of the alternatives.

Languages are learning from each other these days, the new PHP definitely benefited from this trend and is actively evolving itself, which is the major reason I'm to stick with it.

Some PHP developers recommended nodejs over PHP for the future to me, after a few experience I feel PHP may be better for long-term maintenance. Renovation is good, it's just that javascript may have too much of it for me to chew on nowadays.

Wish there will be a light-weight version of PHP, something like micropython or Lua, so I can use it on low-end systems when needed. PHP is still very demanding on resources comparing to other languages, even nodejs can be used on IoT devices with restricted mem/cpu power.

egeozcan 2 days ago 4 replies      
Why do they keep adding global functions like "intdiv"? For example in JS, it being another language with a similar compatibility burden, they are moving most of the global functions (like parseInt) to "namespaces" (like Number.parseInt) while keeping global references there. When I open the docs (for example, the array functions page[1]), I get frightened by the global functions which do not seem to share a naming convention on first glance.

disclaimer: I haven't written anything significant with PHP since too many years.

[1]: http://php.net/manual/en/ref.array.php

RohithMeethal 2 days ago 2 replies      
I wish every PHP developer would reread the docs and start using new features available instead of just continuing with what they know already just because it works. And of course if there was any way to remove all those old tutorials out there.
lsaferite 2 days ago 4 replies      
I was so excited when I saw this post. Then I realized it's another 'too early' post claiming the tag == release. It's not released until it happens on the PHP site. This is just a tag in the repo. Sure, it likely won't change now, but it could.
longwave 2 days ago 2 replies      
The performance improvements in this release will hopefully encourage people to upgrade, even if the new features don't. Common PHP applications run 70%-100% faster on PHP 7 than they did on PHP 5.6, comparable with or better than HHVM.
DigitalSea 2 days ago 2 replies      
Probably one of the biggest releases since 5 in my opinion. Scalar and return type declarations being added in are a couple of massive additions. For a language that used to cop a lot of flak, PHP sure has grown to become a mature and quite decent language.
allan_s 2 days ago 0 replies      
The scalar and return types are really a great improvement IMHO, I can't wait for Doctrine to fully support it for code generation.

But one thing which is missing is the nullable types, as currently it's either you always return a string and you can use scalar typing, or you sometimes return null and you can't use it (which I'm okay with)


With this, it will permit to have even better static analysis "a la" HHVM/hack (i.e detecting that you haven't check for is_null in your code

datashovel 2 days ago 1 reply      
The one thing I'd love to see is a native concurrency story with PHP. I'd put my vote in specifically to have Communicating Sequential Processes. I think that feature alone would take the language to another level. I know they've got stream_select, et al. and I've really enjoyed pecl event, reactphp, and of course there's HackLang's Async / Await if you want to convert, but having some modern / native constructs would be nice to have. Does anyone know if that's on the horizon?
cdnsteve 2 days ago 1 reply      
I'm actually excited for this release!

- Type declarations (this is a HUGE move forwards).

- Grouped use statements, not sure if I like how that looks

- ?? will shorten statements

- Anonymous classes seem a bit odd looking to me

- Unserialize filter is a nice security bump

Anxious to try it out and see the speed improvements I've been hearing about too.

defenestration 2 days ago 2 replies      
Congratulations to the PHP community with this milestone!

I wonder if people who switched to HHVM, will start using PHP again. HHVM has offered much faster performance than previous versions of PHP. The speed of PHP 7 is at par with HHVM.

motiejus 2 days ago 3 replies      
OK, great! Clicking the main page[1], see the top of README:

"build error".

Wait, what? You just released it, it should definitely work! Clicking that icon[2], checking the failed build[3]:

ERROR: no certificate subject alternative name matches

requested host name `pear.php.net'.

To connect to pear.php.net insecurely, use `--no-check-certificate'.

Really? See what's in http://pear.php.net/

> The server running pear.php.net had a fatal hard disk failure and gets replaced by a new machine this week. Until the new machine is setup, this page is up to let you continue installing PEAR packages via the PEAR installer.

In 2015? Cool.

Connecting to the https website ...

% openssl s_client -connect pear.php.net:443...Certificate chain 0 s:/CN=mail.cweiske.de

So you're using CN=mail.cweiske.de for pear.php.net. I don't even know what to say.. Well, happy hacking!

[1]: https://github.com/php/php-src[2]: https://travis-ci.org/php/php-src[3]: https://travis-ci.org/php/php-src/jobs/94372493

sarciszewski 2 days ago 0 replies      
The feature I'm most excited about is the availability of a simple, sane, and correct CSPRNG:

 string random_bytes(int $numBytes); int random_int(int $min, int $max);
If you want to use this interface in a project that needs to be compatible with PHP 5, there's always https://github.com/paragonie/random_compat

captn3m0 2 days ago 0 replies      
Have been waiting for this anxiously. I've been running a few test builds on it occasionally, but its nice to have the guarantee to shift prod systems to it.

New Features list is at https://secure.php.net/manual/en/migration70.new-features.ph...

My favorite is scalar typehinting by far.

almsgiver 2 days ago 1 reply      
A tag is not a release, it should be officially released tomorrow.
cdnsteve 2 days ago 3 replies      
jafingi 2 days ago 0 replies      
It's really a great release! Great work by all the contributors.
mei0Iesh 2 days ago 0 replies      
Yay, null coalesce operator! That shortens a lot of common redundancy. When will there be a FreeBSD port?
samuell 2 days ago 0 replies      
To me, PHP is still interesting, because of the ProcessWire CMS/CMF [1], which is basically the next best thing afte sliced bread (A generic hierarchical content structure, with a jquery-inspired PHP template API, giving FULL flexibility to customize your design and presentation to anything you like ... even REST apis are just a few lines of code in a template. Add to that dozens of dozens of extremely nicec features built in, such as automatic thumbnail resize through API methods such as <img src="{$image->size(90,90)->url}"> ... and you have something immensely powerful).

[1] http://processwire.com

drakonka 2 days ago 0 replies      
Congratulations and thank you to everybody who has contributed. I've been running PHP 7 for my hobby project for the last couple of months. The update was refreshingly painless and I've had zero compatibility troubles so far.
ck2 2 days ago 0 replies      
PHP 7 literally cuts the load in half for PHP code which means hundreds of thousands of servers can either now save power or serve nearly twice the number of connections.


almost as fast as hhvm but much easier to adapt

jwdunne 2 days ago 0 replies      
I've been anticipating this for a while. Some great additions, especially scalar type hinting and type hinting on return types. The ability to enable stricter typing via a directive is also great. It's a shame internals voted down short-hand syntax for anonymous functions, including implicit closure over outer scope variables - a function with closures in PHP can get ugly very fast. Using higher-order functions becomes far more unwieldy.
mrmondo 2 days ago 4 replies      
As a person with more of an ops background can someone explain to me why / when PHP might be a viable language? My experience with hosting PHP apps has historicity been one of fending off security issues and I think that often in the past PHP was often a language for designers that didn't have experienced programming skills, it feels like designers have now shifted to using Node for this?
oblio 2 days ago 0 replies      
Can anyone closer to the subject provide some info about this: https://www.reddit.com/r/programming/comments/3v4l98/php_7_r...?

That comment looks a bit scary if it's true :(

timmy_ 2 days ago 1 reply      
I use PHP for my freelance work mainly because I have no option on hosting. I never got the appeal for PHP (besides being cheap to host). All my personal projects are either done in Python or Node + (Angular, react & now Vue)

Python: PURE elegance

Node: io breeze

PHP: ?

Q: is the "module" system still achieved by dumping file content or is there a linking system?

awalGarg 2 days ago 0 replies      
Great release! I think the BC breaks are all justified :)

And all the shared hosts around still stuck at 5.3 or so, this is your time to move forward. At least start offering a PHP7 version, if not a straightway upgrade.

Huge thanks to the internals for their hard work.

GigabyteCoin 2 days ago 1 reply      
Are they skipping 6.X releases or something?

The latest release according to php.net [0] is 5.6.15 which come out October 29th of 2015.

[0] https://secure.php.net/releases/

jimaek 2 days ago 1 reply      
Cant wait for php-memcache and a few other extensions to support PHP7 to move our projects
adrianmacneil 2 days ago 1 reply      
Given how dependent php is on hosts to upgrade, and how slow php hosts traditionally move, it would seem that php would benefit from a 7-to-5 transpiler, similar to Babel for JS. Does anything like this exist already?
sarciszewski 2 days ago 0 replies      
By the way, PHP 7 has been tagged but not yet released.
dutchbrit 2 days ago 0 replies      
Cool stuff, PHP 7 looks very promising, especially when it comes to speed. In some cases even faster than HHVM.
jpmw 2 days ago 2 replies      
I left the PHP community years ago, but...but...where is PHP 6? What was the reason to skip it?
josu 2 days ago 1 reply      
What effect will this have on Wordrpess?
darkhorn 2 days ago 0 replies      
It has not been released yet.
gustavofulton 2 days ago 0 replies      
Is it the final release now?
jjuhl 2 days ago 3 replies      
Why, ohh why, won't this freak of nature (language) just die :-(
velmu 2 days ago 0 replies      
razvan_moldovan 2 days ago 0 replies      
yeeeeh :D great work
debacle 2 days ago 0 replies      
A very lost opportunity to create a new stdlib and eventually phase out the old, shitty, procedural one.
circa 2 days ago 0 replies      
I haven't worked with PHP in quite some time now but I am happy to see its still kicking. Although it does bring back some haunting memories from versions 3 and 4.
Open source software for developing world hospitals hospitalrun.io
438 points by daleharvey  20 hours ago   109 comments top 30
baldfat 16 hours ago 7 replies      
Sorry another story about my journey with my son while he battled cancer.

Closed Proprietary image formats and systems HURTS patients. We used the local hospital for Chemo and everything else at the Children's Hospital 1.5 hours away for his legs and lungs. I would always have to wait 20-30 minutes to get a DVD of the studies (PET, CT Scan or MRI even ultrasound, but those are worthless) and then bring them to the doctor. The doctor would be forced to use whatever the portable image viewing program that came on the DVD and then they had to be sent to the IT Department to be imported into their system.

We would be there to remove some horrible tumor but before half his surgeries (I can't count how many surgeries he had) we would have to go in the day before (3 hour round trip) to get the expensive scan done again. One time I had a scan at 11 PM - Midnight and then drive home around 2 AM and be back at the hospital at 7 AM check in for a 10 hour surgery. ALL BECAUSE THE FORMATS ARE CLOSED and SYSTEMS could not connect so that my son's records were all the same every where. I carried 20 DVDs with me all the time just in case.

In case you are wondering my son unfortunately passed away after almost 5 years of fighting. If you are ever interested in giving to a cancer society please consider stbaldricks.org. Most charities give 0% or 2% to pediatric research and that is why we went over 20 years without a new chemo for children till last year, which St Baldrick's funded the research for this amazing new drug to fight a different type of cancer my son did not have.

radoslawc 19 hours ago 3 replies      
That reminded me about story my friend told me some time ago. He's IT specialist in hospital, they were having some problems with x-ray machine with server based on windows XP and thin clients as viewing stations. Eventually it was replaced with debian based workstations and haven't look back ever since. After this he told me about interesting case with it, there was patient complaining about middle foot pains, on previous setup x-ray photos showed nothing, after switching to debian workstations they were using aeskulap dicom viever (http://aeskulap.nongnu.org/index.html) which had more adjustments for viewing those files, like hue, saturation, color and so on, so after opening those photos with aeskulap and fiddling a bit with parameters it clearly showed that patient has broken bone in foot but in unweighted position it was almost invisible line on black and white default viewer.
melbourne_mat 12 hours ago 2 replies      
I've been volunteering in hospitals in a developing country for a while now and the information systems they use here are really bad.

With an eye on replacing said information systems, I've had a look at the open source medical records / hospital management systems available. When I looked at the details these systems are often not great replacements. So you're replacing aging, poorly written information systems with aging / non user friendly / difficult to customise information systems.

I would like to suggest some things for you guys:

1. Instead of creating one large hospital management system from scratch, how about smaller systems that can be linked together? eg. patient records system / laboratory system / pharmacy dispensing system / billing system / etc. The systems I mention here have fairly minimal dependencies between each other. This gives you the time to create a best of breed system before moving onto other stuff. It also allows hospitals to be able to use your stuff without ripping out everything they already have!

2. Think about how a hospital would customise your system. New fields, forms, reports, workflows, logic, etc. And how these customisations would survive an upgrade of the core system.

Anyway, I hope you have success with the project and I wish you luck. I'll definitely be keeping an eye on it!

UserRights 17 hours ago 2 replies      

Please avoid too much diversification by reinventing wheels, instead please contribute to one of these projects.

Mobile first is a basic requirement in developing countries.

watty 15 hours ago 5 replies      
Looks great. Why such emphasis on "Ember"? Does the target audience really care what front-end framework is used?
Maarten88 18 hours ago 2 replies      
This is a great initiative, I logged in the beta and tried a few things, which mostly worked, although somewhat slow. Probably a lot of hospital administrators active now :-)

What surprised me most is that the UI does not seem to be mobile responsive, and does not work well on smartphones. I would have guessed that in developing countries mobile use would be hugely important?

diptanu 17 hours ago 0 replies      
How does this compare to OpenMRS? Hospitals because they have to obey a lot of goverment regulations needs to customize a lot of things, records and reporting so we did a lot of work around the plugin architecture in OpenMRS, does this have similar extension mechanisms too?
paulojreis 17 hours ago 1 reply      
I'd be very, very happy to contribute to this.

It seems you have a nice focus in usability - efficacy, efficiency and satisfaction. For me, it seems vital to make IT useful and not a burden, reducing clinicians wasted time on non-clinical duties and their general distaste with the software they have to use. I'm a UX PhD, I have experience working with very particular groups of users, and I would be very motivated in working for better healthcare.

burrox 9 hours ago 0 replies      
Ohh wow this looks very nice. Unfortunately I can't login for some reason.

So I am actually finishing the development of a similar system for a group of anesthesiologists that needed a custom app to keep track of their patients and their pain medication.

Had I known of this project before I would have actually considered contributing/forking it to handle their use cases. See this hits pretty close home since I'm Colombian and hospitals here have terribly outdated systems.

I love the idea of the app working offline and syncing when internet is available since mobile networks here aren't verye reliable. One problem is,as others have mentioned, having it work on mobile is very important. I don't think it really is because of lack of PCs and desktops it's just that doctors are always running all over the place and it's more convienent for them to log the information on a smartphone/tablet.

Anyways my next project is also on the medical field and will have a wider scope so I'll keep an eye on this project for when the time comes, I'd love to contribute eventually.

DadFoundMy 19 hours ago 1 reply      
At quick glance this seems to be fantastic! Software like this is what brings out the great nature of open source. This project reminds me of the eye tracking system that gained popularity a few weeks ago.

EDIT: Here's a link to the referred to project https://github.com/OptiKey/OptiKey/wiki

guatebus 16 hours ago 2 replies      
While I don't agree with many of the specifics of the HL7 spec[1], I guess the community behind this project should decide if this system will conform or not.

[1] http://www.hl7.org/implement/standards/

dubcanada 15 hours ago 1 reply      
I can't seem to login, I enter the doctor username and password press submit and it refreshes the page and nothing shows.
siculars 6 hours ago 0 replies      
I worked in this space for a very long time. Here are my thoughts on health data integration [0]. In a nutshell:

"At it's core the government need only do one thing to encourage innovation in the interoperability space and it is this:

The government, by means of regulation and incentive, ensure that any vendor of data systems that create or store data make adequate interoperability features and documentation available for said system.

I call this the Core Mandate. The core mandate must be unequivocal with no loopholes. What do I mean by "interoperability features"? Simply:

- If a system creates data, the ability to read that data is fully described in documentation.

- If a system stores data, the vendor will provide an API and/or SDK, with accompanying documentation, such that authenticated requests may create, read, update or delete that data programmatically as appropriate.

A system is defined as any software application or hardware device."

[0] http://siculars.posthaven.com/health-data-integration-regula...

mathnode 19 hours ago 1 reply      
Imagine if this got better than systems that are on offer when this requirement goes out to tender for the NHS institutes in the UK?

So long as it doesn't do over night batching, it's already decades ahead. I wish I was joking.

reubano 15 hours ago 2 replies      
Nice project... here are my observations thus far

 - login screen takes several seconds to load - not usable on screens/mobile devices - seems like every click makes multiple server requests (and loads for up to several seconds)
Also, would like to hear your thoughts on building a new system vs building on top of the many available open source medical systems.

privong 12 hours ago 0 replies      
I'm not in this area, so I don't know much about it, but can anyone compare this with GNUHealth[0]? At first glance, they seem to be trying to do many of the same things.

[0] http://health.gnu.org/

mathiasrw 14 hours ago 0 replies      
I like the "Why HospitalRun?" at the bottom of the link...


sidcool 17 hours ago 0 replies      
Great effort. A similar open source campaign is being run under OpenMRS, called Bahmni (http://www.bahmni.org/)
daleharvey 20 hours ago 0 replies      
Quite proud to see PouchDB being used for things like this, it looks like pretty much a perfect use case.
andrewclunn 14 hours ago 0 replies      
This can only be done in developing markets because the health privacy regulations and mandatory screening laws cripple the ability of the Western medical industry to adopt open source solutions.
martijn_himself 18 hours ago 1 reply      
This is great. I recently had to create a prototype application for a charity with offices in a developing country and this would have been a perfect fit. I don't have access to GitHub at the moment but I wonder how far along their implementation of the 'off-line first' sync mechanism is, this is a non-trivial thing to implement.

I had a quick look at the demo and it looks like the development is in the early stages- a bit of (hopefully constructive) feedback: I think they (you?) may be trying to attempt to do (and cover) too many clinical disciplines at the same time- maybe implement individual modules (like patient registration) and test them in all (old!) browsers in more detail before moving on to the next. Also think long and hard about how you implement your data model (clinical indicators e.g. blood pressure often have a context and are temporal values, how do you model these?). This is a great effort and has lots of potential.

EDIT: also, the name seems to suggest to me like there is a run on hospitals- but that may be a personal thing.

pjmlp 19 hours ago 2 replies      
While this is a good idea, how are the health compliance requirements enforced?
daveguy 12 hours ago 1 reply      
A somewhat related commentary article on why electronic health records (EHR) are difficult to work with: they are focused on billing not patient care. Doctors would prefer a care-oriented system. This could be a great inroad for open source.
srameshc 14 hours ago 0 replies      
This is a great initiative and I hope entire world adopts to such open standards for patient record management which can be freely transferable to other hospitals/doctors when needed or when approved by patients.
mavhc 19 hours ago 1 reply      
Looks like it's way more open source than the two "open source" school MIS systems I looked at, one had no code available, the other an old version dumped on github, but not linked from their main page until you signed up.
mtgx 17 hours ago 0 replies      
Coxa 19 hours ago 0 replies      
Just after a first glance this looks really interesting! Brilliant idea.
nickysielicki 11 hours ago 0 replies      
Anyone else remember this CVE? Open (eg: passwordless) telnet on a blood infuser.


aayala 14 hours ago 0 replies      
Anybody remember Care2x ?
hienchu 19 hours ago 2 replies      
Why is it so similar to codio.com homepage?
Three Stories justinkan.com
381 points by tzier  3 days ago   47 comments top 11
dcx 3 days ago 2 replies      
"Gen George C. Marshall received a report from a general on his staff that some of Marshalls officers had morale problems. General Marshall said, 'Officers dont have morale problems. Officers cure morale problems in others. No one is looking after my morale.'"


pkfrank 3 days ago 3 replies      
The pizza delivery messenger service is clever and hilarious.
jacquesm 3 days ago 2 replies      
I can relate to all of these because I've lived through all of these, fortunately not as much in the public eye as Justin and his team (the web was much smaller back then) but this brought back a whole bunch of memories.

Thanks Justin (assuming you read HN) for writing these up.

navitronic 3 days ago 2 replies      
A modern alternative to the pizza delivery message would be to use uber to book a car near the location and upon the allocation of the driver, contact them and ask them to deliver the message.

and then drive around the block a few times for their trouble.

cassieramen 3 days ago 4 replies      
It's always interesting to think about the key moments in a start-up's life. Those ride or die moments that lead to great success or losing the Jonas Brother. I wonder how many a startup gets? How many are created by action or by luck? Do all startups have a couple of key moments they can look at as lynch pins to their success?
AznHisoka 3 days ago 3 replies      
Would there still be any objection to making money from a porn site if it gave them 40% of their revenue?
noahlt 3 days ago 1 reply      
I've always wondered this about the pizza-delivery story: how did they know the address where Kyle was staying?
pbreit 2 days ago 0 replies      
"we had an unlimited vacation policy, which translated into passively discouraging people from taking vacation"

I've never heard this described so succinctly and perfectly!

hamburglar 2 days ago 0 replies      
Such a great summary of "unlimited vacation":

> Because we were young and terrible managers, we had an unlimited vacation policy, which translated into passively discouraging people from taking vacation.

sagargv 2 days ago 0 replies      
Where was twitch.tv hosted before the acquisition? Bandwidth on AWS would've costed a bomb.
bambax 2 days ago 0 replies      
Great stories and great writing; thanks for sharing.
Machine learning works spectacularly well, but mathematicians arent sure why quantamagazine.org
365 points by retupmoc01  17 hours ago   123 comments top 24
j2kun 14 hours ago 3 replies      
I can chime in for the theoretical computer scientists. Deep learning (in its simplest form) corresponds to the class of circuits whose gates are linear threshold functions. Our primary goal with such functions is not to show what problems can be solved by small circuits using linear threshold gates, but what problems cannot be solved with such circuits.

Until last week [1], it was an open problem whether every function with n inputs that is computable in nondeterministic time 2^O(n) could also be computed with a two-layer circuit using only O(n) gates (that is, a deep net with just one hidden layer with a linear number of gates). This is an embarrassing state of knowledge.

Now we know the following slightly less embarrassing thing: there is an explicit function, computable in linear time, that needs at least n^3/2 gates in a two-layer deep net (modulo some log(n) factors), and another function that needs n^3/2 gates in a three-layer deep net (with the additional restriction that the output gate is a majority vote of the previous layer).

This is still a long way away from truly understanding the representational power of deep nets, but it's the first general progress that has been made since the early 90's.

[1]: http://eccc.hpi-web.de/report/2015/188/

rdlecler1 14 hours ago 4 replies      
One problem with understanding ANNs is that the weight matrix carries a lot of spurious interactions. Running perturbation analysis you can see that many of the interactions do not contribute to the information processing of the circuit. This is the same for Gene Regulatory Networks. I wrote a paper published in Nature's "Systems Biology" entitled Survival of the Sparsest Gene Networks are Parsimonious. It's been cited ~130 times. There I represent an algorithm to evolve the connectivity of the network. What you find if that a network will tend to remove spurious interactions if the system is allowed to evolve. Because there will be very few network topologies that are both sparsely connected and functionally equivalent (think of how many ways you could create a minimally complex 8-bit added) there is likely only a small handful of non-isomorphic network topologies for any given function. With these sparse networks we should get a better grasp on the functional circuits that drive them. When the networks appear fully connected, at least in each layer, that circuitt does not reveal itself.
vonklaus 12 hours ago 2 replies      
There was a great article called The Space Doctor's Big Idea, published in the New Yorker a few months back. It explained Einstein's theories in the top 1000s English words used in America.

While sone might wave their hands and call this an eli5, it was quite well done and between that and some xkcd comics I was able to learn enough to ubderstand how orbit works and a few other awesome facts.

I am interested in finding something similar for machine learning. I am not embarassed to admit that, Super-Linear Gate and Super-Quadratic Wire Lower Bounds for Depth-Two and Depth-Three Threshold Circuits, is just way too complex for my casual interest but would like to know more about how AI/ML works conceptually. Clearly the discipline underpins a bunch of services I use regularly and as computing and techniques improve it will start playing a more conspiscious role.


dave_sullivan 12 hours ago 5 replies      
In addition to "We need a cluster for deep learning", the second most popular mostly untrue thing I hear is "We have no idea how neural networks learn".

However, there are many papers that explore various ways to make a network learn, and they keep improving on performance, suggesting they're on to something. There are also many papers that discuss possible theoretical implications of experimental results.

But what does Knowing Why The Network Works mean exactly? "It works because universal approximation and gradient descent", but that's not a very satisfactory answer. "It works because it starts at a general solution and, over the course of many iterations, takes many small steps in an ever changing direction defined by a gradient approximation generated by looking at the difference between an average error and a target output (which should trend towards 0)".

What would a satisfactory "why" even look like exactly? As in, what form might it take compared to some other scientific discipline where we do know what's going on?

Personally, I think the whole thing is a red herring -- people in the field have some idea of how neural nets work, and there are many disciplines considered by many to be mature sciences that are far from settled on a grand theoretical scale.

That said, the theory I'm most interested in is recent attempts to connect a memory module to neural networks so they can "learn" to store important/complex/distributed information that can be recalled with high accuracy later. That will make it easier to do things like ask a neural network to remember your name, or where you left your keys, or whatever.

wsxcde 12 hours ago 3 replies      
To take the discussion on a slight tangent, how uncommon is this phenomenon? An applied tool works really well but nobody knows why. I can give another example from the domain of formal verification: SAT solvers which are at the core of most modern verification/synthesis tools.

You can download open source SAT solvers today that work spectacularly well on "real" SAT instances with millions and millions of variables and clauses. Yes, SAT is the quintessential NP-complete problem and in fact it is pretty easy to come up with a SAT instance with only a few tens of variables/clauses that would kill these solvers. But somehow these "hard" instances almost never occur in practical problems generated in hardware/software verification/synthesis as well as ton of other applications (planning, constraint programming etc.)

So this must there is some characteristic of the problems that we generate in practice that makes them "easy" but we don't have a good understanding of what this characteristic is. All we know, for now, is that we've somehow stumbled upon a near-perfect set of heuristics that work amazingly well on the SAT instances we encounter in practice.

cdavid 15 hours ago 1 reply      
Note that the writer is the famed Ingrid Daubechies, who was one of the main driver behind wavelets and early works on sparse representations.
abrichr 15 hours ago 3 replies      
> In practice, neural networks use only two or three layers...

The famous AlexNet [1] that blew away the ImageNet competition in 2012 contained 8 layers; more recent networks have even more.

[1] http://www.cs.toronto.edu/~fritz/absps/imagenet.pdf

algomanic 15 hours ago 1 reply      
The fact that the class of NN functions is universal is almost vacuous: the basic idea is that if you allow a "neuron" for every point in your input space then you can mimic any function you like (i.e. each neuron handles a single input). Obviously such representations become arbitrarily large.

Which almost immediately suggests a solution to why NN learning works: the processes that produce the types of datasets humans are interested in are produced by (effectively) polysized networks and you can probably say things like the probability of recovering a polysize function from polysize samples is high.

amelius 11 hours ago 1 reply      
This is the reason I am not so much interested in this field. It is too much "let's try this and see what happens" rather than really engineering a solution.

I guess more people feel that way, and I guess that is a good thing, otherwise everybody would now be working on AI, since it is such a promising field.

jacquesm 15 hours ago 0 replies      
I love her definition of big data.

Another bit that stood out for me:

> Youre awarded an extremely generous grant that allows you to give 200,000 people a 500-question personality test, with answers that vary on a scale from one to 10.

Dating sites like OkCupid should have such data.

shas3 8 hours ago 0 replies      
I think another interesting analogy (in terms of field-development trajectory) to deep learning is the whole idea of l1-regularized regression or LASSO or sparsity priors or sparse signal processing ([1] goes by many names depending on which field you work in). The whole idea is that by penalizing 'dense' solutions to a regression problem, you can 'promote' 'sparse' solutions like the ones that occur in many many applications. This had been used by various communities with some theoretical justification for years, at least since the 1970s. However, the real theoretical breakthroughs framing this problem in something close to the rigor and usefulness of Shannon's sampling theorem, came in 2004 from two papers independently: David Donoho; and Emmanuel Candes, Justin Romberg, Terence Tao. Theoretical CS community also got close to the answer in their work in the late 1990s and early 2000s in many papers on random projections and sketching. There are many connections between deep learning and ideas in the broad area of sparse regression. But one epistemological point of intersection is how theoretical results pertain to asymptotically large cases, but in applications work very well even with much smaller systems.

[1] https://en.wikipedia.org/wiki/Compressed_sensing

princeb 15 hours ago 2 replies      
there are a number of features in machine learning that seem to have counterparts in statistics - stuff like m-like estimators as kernels (I think - correct me if wrong), information criteria for feature selection, that have existed a long time ago.

maybe it's the combination of sheer computing power and availability of data that allows better models. maybe we've never looked at algorithmically generated models because we also want a narrative (commonsensical explanation) to the model, not just a matter of algorithmically finding correlations between jelly beans and acne, say.

part of me thinks, ok the machines found something. now can we actually use that to understand the world, rather than build more recommendation algorithms? (haha). I'm not sure what an advisor will say about a doc student who says, let's just throw reams of data at a machine until we find a meaningful correlation, and then let's reason from the correlations (my guess is 'no', that's not really the scientific method is it).

I'm hopeful, and I don't think the answer to the question will come from academia.

the_duck 10 hours ago 2 replies      
>In the last 15 years or so, researchers have created a number of tools to probe the geometry of these hidden structures. For example, you might build a model of the surface by first zooming in at many different points. At each point, you would place a drop of virtual ink on the surface and watch how it spread out.

It sounds to me like this 'ink drop' is a metaphor to explain some state-of-the-art dimensionality reduction technique. Does anyone know the common name of this technique?

joakleaf 14 hours ago 2 replies      
Neural networks is advanced curve fitting -- That's why.

It isn't really all that magical or mysterious.

zepolen 13 hours ago 1 reply      
Thought about how cool it would be to use machine learning to generate machine learning algorithms and how that could be the basis of artificial "life".

Maybe start with a minimal implementation 'bootstrap protozoa' that can evolve to highly complicated forms.

Then realised that since Machine Learning processes takes a long time that would take forever making auto evolving computer life forms a long way away.

Although if it were possible, in the same way we became sentient based on very simple inputs, that could also mean computers, with a sufficiently complex process, could too...

jheriko 4 hours ago 0 replies      
maybe i am missing something here... i really don't know.

it might not be rigourous, but for standard, deep neural networks its intuitively obvious enough that you can reinvent the idea from scratch in your bedroom in a time before the internet just by getting a vague description of the idea and thinking about how it /could/ work.

proving convergence may be difficult, but its not particularly challenging to see why it happens imo. :/

a lot of the things the article points at are utterly irrelevant to the subject. e.g. sigmoid functions, depth of networks.

i think there are some bold baseless claims here - for instance linearly interpolating data points is pretty simple as a way to approximate a function, and its not hard to see how neurons can provide this with linear activation functions and some very naive back propagation. (e.g. evenly dividing error and correcting weights towards the correct result)

if this didn't converge /that/ would be surprising.

deepnet 6 hours ago 0 replies      
Deep Neural Networks learn layers of linear functions - represented by adjustable 'learning' weighted connections.

Each layer of neuron activations is a new representation of the data - produced by the weighted connections.

Function compositions of linear functions are still only a linear function.

Each neuron in a layer sums it's weighted inputs this summation is a non-linearity that allows layers to be composed - function composition.

This is famously expressed in Minsky and Papert's 1968 'Perceptron': a single layer of network weights is incapable of learning XOR.

One analysis is that Neural nets transform the shape of the data until a single line on a twisty high dimensional manifold produces the desired distinction. http://colah.github.io/posts/2014-03-NN-Manifolds-Topology/

A single layer network is a universal approximator and a net can be trained or distilled from another net - but deep nets are overwhelmingly better at the initial learning and discovery.

Neural nets have been related to Kadanof's spin glasses, suggesting learning is alike to phase transitions or sand pile collapse where small local changes can produce profound global changes.https://charlesmartin14.wordpress.com/2015/04/01/why-deep-le...

Generally when training nets the learning initially learns a lot very quickly, most of the error vanishes at the start.

Word2Vec demonstrates that nets learn very powerful representations, that word2vec vector algebra is semantic points to unexpectedly powerful representations.

Similar semantic vector math can be performed on images and the same vectors can translate modalities, e.g. text to images.https://github.com/Newmu/dcgan_code#arithmetic-on-faces

Natural Evolution produces efficient solutions.

I propose the successes of deep learning so far are partially explicable because they are working within human culture and perception, relearning our very efficient solutions - akin to distilling a deepnet into a shallow one.

This hypothesis will be tested if embodied deep neural nets using re-inforcement learning discover their own efficient solutions to performing tasks in the real world - robotics.

IMHO Peter Abeel's deep net, learning to robustly output robot motor torques directly from camera pixels will show if embodied deep nets can do discovery rather than relearning what we know. http://www.cs.berkeley.edu/~pabbeel/research_rll.html

cschmidt 13 hours ago 2 replies      
Can anyone give me a pointer on what techniques the author is talking about for unsupervised learning at the end of the article?
tianlins 10 hours ago 0 replies      
it seems like a general phenomenon that our scientific understanding decreasing with the complexity of the system. in classic physics, we could have very clean equations capturing the dynamics of a system. this is not true any more in chemistry/biology/social science. modern deep learning pipeline, compared to its shallow counterparts, gains more complexity, so it's not surprising at all to me that we are not able to understand it well at the moment.
sonabinu 16 hours ago 1 reply      
It would be interesting to see what the purists arrive at
tacos 14 hours ago 1 reply      
As for "spectacularly well" -- well, the person behind the curtain wiggling the levers retains a lot of influence. Garbage in, garbage out, remember?

I'm reminded of the time Google Translate autodetected "Gesundheit" as Spanish. And Gmail kindly offering to translate "hahaha" from Portuguese, putting an ad for coconuts next to it.

Data science is improving, but you might be surprised how slowly. Especially in the consumer space, because the metrics on effectiveness are so warped.

Voice recognition of numbers only, over a phone connection, can be below 40% accuracy! Much of the perceived success of these systems comes not from the core machine algorithm, but from clever human tweaks around it. Also end-users who are happy with what they get, not quite realizing how goofy it all is if they were to get a glimpse of the raw data.

powera 10 hours ago 1 reply      
My super-hand-waving explanation of why machine learning works:

MNIST is a handwritten digit database. Each 784-pixel image (28x28) corresponds to a digit from 0 to 9. As a pure mathematical construction, there are at most 2^784 inputs possible, and a small number of possible outputs.

So if you have 784 completely different ways of analyzing the image, and you combine them in the right ways, you will get roughly an approximation of an answer. This is a tautology if the 784 ways are "the value of each pixel" and the combinations are "magic", but if you have more "intelligent" combinations you should have combinations that are less magic. And in this case, since humans can generally determine the digit value from a 7-light display, it seems reasonable that there exists some way to have "intelligent" combinations such that they combine to form a neural network that solves the problem of digit identification.

And that (still hand-wavy) explanation can also plausibly describe how a human would describe identifying a number. If I ask you "why is this a 1 and not a 3", you might say "because it's straight" or "because it's narrow" or "because it doesn't have a point in the middle" or any number of other descriptions of the object. So you can envision a 2-layer network where the middle layer calculates this (and due to the structure of images, in practice it might better be a 3 or 4-layer network. but the important point is that the search algorithms don't rely on it or you knowing what these middle layers are ahead of time)

Which only leaves the question of how "neural network learning" is supposed to find this. And there are a few heuristics which combine to (in practice) be a very effective search. We have back-propagation (which is much easier with automatic differentiation), so we can adjust the entirety of the network based on the output. (and it's an axiom that if you have a lot of things, they will be similar in the ways they are the same, and different [hopefully in some regular way] in the ways they are not the same). We have drop-off, where we attempt to prune connections that are irrelevant. We can add new connections to see if they are relevant. We can do any number of hill-climbing algorithms on the output of the fitness function. And, as a valid search algorithm, it tends to converge to a valid result.

Obviously none of this is at all rigorous, but if you know the math here enough I don't think you're asking the questions in this article.

calewis 12 hours ago 0 replies      
Skynet is coming.
darkhorn 12 hours ago 0 replies      
As far as I know no mathematician was able to graduate from statistics department as second major or (second) minor (whatever you call it in English). I mean in my university. I hope you get the idea; it looks like statistics is hard for mathematicians, at least for most of them. Thus, I don't understand why they talk about this statistics topic with mathematicians but not statisticians. Yeah, may be should ask to a statistician! Duh!
Dwarf Fortress 0.42.01 released bay12games.com
327 points by robinhoodexe  2 days ago   162 comments top 19
epaga 2 days ago 11 replies      
For anyone who is thinking about giving it a spin for the first time, do yourself a favor and don't get this .01 version. Either wait for a few patches or download the far more stable and mature 0.40.24 (http://www.bay12games.com/dwarves/older_versions.html)

Dwarf Fortress is basically a perpetual beta with lots of major bugs as it is, but especially brand new major versions like this one usually have multiple game-breaking bugs, including crashes, corrupted saves, etc. It would be a shame if people willing to give it a try would give it up due to the poor quality of the initial release of a new major version.

Dwarf Fortress is a truly unique game and really worth putting in the effort to learn simply due to the stories it generates as you play.

Here's an example of a story that happened to me. https://www.reddit.com/r/dwarffortress/comments/1mb0cw/the_s... Note this story is in no way embellished by me. Everything described there was actually simulated within the game.

ndarilek 2 days ago 4 replies      
Does anyone know enough about how this game works internally to know if alternative interfaces and presentations are possible?

I'm blind, and have wanted to play this game ever since I heard of it years ago. I used to play console-based roguelikes, and while they were a bit slow to interact with, RLs were a refreshing tactical change from text-based IF.

Reading lots of DF stories would suggest that there's some sort of internal eventbus-style system by which the characters themselves interpret their surroundings, and if you could hook into that, you could describe the world textually to some extent. You might even add audio cues for certain events to increase the non-visual fidelity of the UI.

I see in some of the below comments that there's a text-based mode. Might give that a try to see if it's playable on the same scale as Nethack/Angband were for me.

hodwik 2 days ago 8 replies      
This is why text-based games are king. One dot release and we're seeing a mountain of new features.

I've always dreamed of getting together a big budget to make a text adventure (e.g. Zork) of incredible scope, both in depth and "interactibility" -- a complex object typologies system, bring in learning chat bots for NPCs, and a system where users can add new objects, rooms and descriptions while they play, a complete object relational system (so it can tell "on", from "next to", from "above"), a very complete state system and so on.

Perhaps an "adjectives system", so it knows a huge amount of adjectives relating to any one object, and can generate simple novel sentences about that object on repeat views.

I think that at some point someone will be crazy enough to do it, and it's going to be most excellent.

snake_plissken 2 days ago 0 replies      
Dwarf Fortress is a truly special endeavor. The gameplay is unique and engrossing. And completely maddening, in a the best way. The quirky bitmap graphics are mesmerizing. Each time you start a new game, it's a new world with new areas to explore and new chances to make your kingdom last longer than the last one. But the music! Amazing! Honestly the music is my favorite part.

In a lot of ways DF is similar to the early days Minecraft. It was just "special". You can get lost in it for hours on end.

Girlfriend - "You want to go out tonight?"Me - "Nah I'm good. I am just going to play Dwarf Fortress for 10 hours..."Girlfriend - "Well I am going to go to Dim Sum Garden!"Me "Iiee decisions, decisions!"

KirinDave 2 days ago 2 replies      
If you'd like to learn to play the game, it's not easy. I've created a multipart video tutorial to help you sort of find your feet, learn a few of the keybinds, and get a checklist of things you need. It also talks about how to get better graphics and an isometric view.


Enjoy all the fun. Dwarf Fortress is one of the only single player games that has held my attention consistently over the years. I suspect you might find it engaging as well.

dpeck 2 days ago 3 replies      
I admire the forever project, and the dedication of the brothers. I've played the game way too much in the past, but I grew increasingly frustrated with the single threaded model combined with their disinterest in fixing it.

Building an expansive fortress and number of dwarfs is a lot of fun (honestly, probably the most fun I've had with a game since Dungeon Keeper and Settlers way back) but then FPS starts dropping and you find yourself doing dumb things to counteract that. The fun bits fade away and it gets tedious.

To me, DF is best looked at and enjoyed as an amazing art project and an inspiration for other game devs.

aresant 2 days ago 1 reply      
>First time playing dorf

>Make a nice, tidy fort, everything is going great

>Out of booze and its winter

>Oh well, the farms still working>suddenly

>Urist McFarmer has gone berserk!>and, soon after

>New migrants have arrived.

>there are like 3 children with them

>they are on the entrance, where theres a gigantic moat and a bridge

>Urist McFarmer is on the other side

>he pulls the lever to the bridge

>all of the children are on the bridge

>they fall down

>they are all still alive, they fell like 12 z-levels though

>the moat is almost completely red

>theyre crawling around, everything is broken oh god

>Urist McFarmer is finally put down by one of the miners

>children arent even starving or dehydrating, theyre just crawling there

>have to lock up the non-important people in a room so that they dont diminish the food reserves

>the nobles are sad now, the miasma is getting to them

>dump the corpses in the moat, including urist mcfarmer

>the children are puking and still crawling, not even starving or dehydrating, just endless agony

>the migrants are still on the other side, they die too

>the only people left alive are a few miners and a farmer

>and the children

>they never die

via http://dfstories.com/

aymeric 2 days ago 7 replies      
It is unfortunate that a game as famous as Dwarf Fortress only makes so little in money: http://www.bay12forums.com/smf/index.php?topic=152358.0
AndyKelley 2 days ago 1 reply      
I tried to play this game, and I think that the interface is a complete bottleneck. Once you have more than 12 dwarves, which you are completely intended to do, it's tedious and difficult to access them, organize them, and generally, the interface to the simulator you have is like drinking through a straw. I think the fun would be massively improved with making it easier to interact with the simulator.
ctdonath 2 days ago 1 reply      
Summary of the maddening complexity of Dwarf Fortress: http://dwarffortresswiki.org/images/4/40/FunComic.png
vessenes 2 days ago 0 replies      
The only thing that is frustrating for me about DF (well ex-game frustration, not in-game) is that getting visualizations and interface changes in is gated by Toady. I dearly wish that this part could be taken over by the open source community; it would let him keep writing the simulator, and we would get some amazing VR-friendly worlds on top of the simulator.

I know that he doesn't want to support an open developer community because he, you know, wants to write his simulator and make it even more incredibly awesome than it is, but if only there were a way to get that code unlinked and into an API, it would make millions of people very happy.

lips 2 days ago 1 reply      
Home of the best bug tracker ticket titles evar:

"Lye in wood barrels can't be used for making soap"

"Dwarves upset from not seeing family not in fort"

"Zombies start conversation with necromancer adventurer who tries to sleep in their house"

awakeasleep 2 days ago 3 replies      
People who really 'got into' DF- What age were you when it clicked?
sageabilly 2 days ago 0 replies      
Anyone else compare every other game they play to Dwarf Fortress? The only game I've ever played that even comes close (IMHO) is The Long Dark, and that's only because I know the studio pours their heart and soul into the game.

So glad this is still going. I hope development never stops!

codewithcheese 2 days ago 2 replies      
I've seen some mods that make Minecraft beautiful, I wonder if the same can be done for DF?
jmnicolas 2 days ago 0 replies      
There has been a lot of articles about emacs on HN recently, so now I wonder why Dwarf Fortress is not an emacs mode ;-)
dccoolgai 2 days ago 0 replies      
Word to those who want to begin their DF journey: counter to what you might expect for a text-based game, DF can chew a lot of CPU cycles. I always pick small world size and very short world history at worldgen, bc the larger/longer worlds have a lot more stuff for the game to keep track of and can slow it down, IME.

Strike the earth!

listic 2 days ago 2 replies      
What language is Dwarf Fortress written in?

It is closed source, isn't it? I assume it is, like ADOM, to keep the secrets. Though there is an obvious solution: you could separate the game data from the engine, and open-source the engine, for public benefit and participation.

nodivbyzero 2 days ago 0 replies      
Is Dwarf Fortress open source?
Trojan found in Filezilla downloaded from SourceForge filezilla-project.org
326 points by yitchelle  1 day ago   206 comments top 30
scrollaway 1 day ago 10 replies      
Something came up last time Sourceforge was discussed here, namely "why are projects still using it?"...

I'm the project lead for LXQt (http://lxqt.org). We inherited some infrastructure legacy from LXDE, which was hosted on sourceforge. Today, we have moved most of the legacy to Github but we're still using Sourceforge's mailing list system.

We're moving to a self-hosted mailman3 instance but it's been excruciatingly painful. Email is not fun to deal with.

So I'm pitching this to bored devs and entrepreneurs: Help us, and many other projects, by creating a "Github for mailing lists" with a web client featuring a clean high quality UI, easily browsable/linkable archives, etc. Make it open source, make it self-hostable, stuff in enterprise support. Make it quick and easy to create new lists.

This model can work. It's not unheard of either (cf. Discourse), but it just hasn't been executed properly yet, or is forum-only and does not support email properly. Right now, the UX of mailing list software is like IRC's. Very raw. If it were made more seamless, more approachable, overall easier, it would have a similar effect as Slack has had on unthreaded-async-topical-conversation.

PS: You should change your adblocker to uBlock Origin. It blocks Sourceforge as a malware risk.

DanBC 1 day ago 2 replies      
> If someone really wanted to download FileZilla and skip the malware do just that.

> Then after installation is complete install Malware bytes and Avira. Scan with both and restart the computer.

> Then run with ADWcleaner and and remove the infections and restart. should be good from there and enjoy FileZilla.

Do people really think this works? I mean, there's no-one on HN who thinks this works, right?

agildehaus 1 day ago 5 replies      
SourceForge and Filezilla are both on their way out, hence their owners desire to monetize their remaining users while they still can.

WinSCP is a decent alternative. As is Swish:


morganvachon 1 day ago 0 replies      
I stopped using Filezilla on Windows a while back, due to this and other issues (passwords stored in plaintext, etc.) and switched to PSFTP and PSCP, which are MIT licensed and offered directly from the developer's page[1]. However, reading this article reminded me that Filezilla was actually still installed on that box, just not in use, so I decided to uninstall it while it was on my mind. Immediately after uninstalling it, it tried to force a shutdown on my computer. The only reason I was able to stop it was because I had a process running in the background that wouldn't terminate and I was given the choice by Windows to force shutdown or cancel.

Now, I've only ever installed it from ninite.com[2], so I know it didn't initially have the Sourceforge trojan/adware junk. However, I've since allowed it to download its own updates instead of doing it manually through the Ninite downloader. I've never, ever seen a program I've uninstalled via the Windows Control Panel with the ability to force a shutdown or restart without first notifying me or giving me the option to postpone. I'm starting to think there's something nefarious in Filezilla itself, perhaps in one of those "direct from the developer" updates, not just the Sourceforge wrapper.

Another interesting thing is that the built in Filezilla updater will first uninstall the app before reinstalling the updated version, and it never tried to restart or shutdown the computer during those updates, only during uninstallation from the Control Panel.

[1] http://www.chiark.greenend.org.uk/~sgtatham/putty/download.h...

[2] Ninite strips out any malware or other crap from the installer and only installs the pure program with default settings, in the background, and sources the app directly from the developer's site when possible. It's my go-to tool for essential Windows utilities.

vermilingua 1 day ago 4 replies      
As far as the password storage goes, you are not up-to-date. They are stored base64-encoded now.

Yes, much better.

discreditable 1 day ago 0 replies      
The linked thread is from 2015-04-20. SourceForge has been bundling adware with Filezilla since then and continues to do so. Here's a VirusTotal analysis of the current installer: https://www.virustotal.com/en/file/16e0ecda06ed98f835e449e1e...

If you want clean software you must not install directly from Sourceforge.

jug 1 day ago 1 reply      
AFAIK this practice (and not on the FileZilla project alone) is why uBlock Origin is blocking SourceForge.
gargalatas 1 day ago 3 replies      
Unfortunately Filezilla has this trojan for some years now! The trojan send all your identities to a server. This is tested 100%. We had many passwords stolen this way and we are 100% sure that it's filezilla.

Just take this test: Try to download the Filezilla and when the download page shows click on the Direct Link. Then compare the two executables, one that downloaded automatically and the one that it downloaded via the direct link.You will see that the direct download is clean but the other has the SF icon and it has a virus!

CM30 1 day ago 0 replies      
So SourceForge has gone from terrible to (somehow) even worse than that.

It makes me wonder; why don't we have a good site for Windows programs yet?

Ideally, it'd be run by volunteers (not a company with a profit motive), would manually moderate the programs posted them (and remove any adware/spyware/bundled programs by force if necessary) and tell every malware ridden sleazy ad network to sod off.

It exists in more niche subject areas. If I look for game making resources, a lot of those sites actually do proper moderation and try and make sure viruses aren't present in uploads. Places like MFGG are pretty good about this. So why don't we have that for software in general?

I mean, there's GitHub and package managers, but it's disappointing how this market has no honest people in it.

elipsey 1 day ago 1 reply      
The Filezilla forum admin in that thread obstinately blames users for "accidentally" accepting a bundeled "offer", when users are clearly warning project admins that the installer is infected with malware.

Does sourceforge share revenue from bundeled installs with projects?

Jonnerz 1 day ago 1 reply      
It's done intentionally to make the owners a bit of money. They have direct download links on their website (click show all on download page), avoid the green Sourceforge link.
jmnicolas 1 day ago 5 replies      
No way I'm supporting this kind of behavior. Can you suggest an alternative to FileZilla ?
nissehulth 1 day ago 0 replies      
Older thread about Sourceforge: https://news.ycombinator.com/item?id=9623142

Just don't use them.

jedicoffee 1 day ago 0 replies      
"While the SourceForge Installer may present third-party offers,"

Don't worry, it's just an "offer". They're totally not distributing malware via their installer.

halfdan 1 day ago 1 reply      
Absolute money quote: "As far as the password storage goes, you are not up-to-date. They are stored base64-encoded now."
cpach 1 day ago 0 replies      
About two hours ago I pondered installing the Diffuse merge tool[0] on a Windows box. Then I noticed that it was hosted on Sourceforge and thought "nah, not really worth the risk". Now that I see this post I feel even more content that I avoided Sourceforge.

[0] hxxp://diffuse.sourceforge.net/

robgibbons 1 day ago 0 replies      
It's funny, I literally just messaged the maintainer of the Minibian project, politely asking that he move the Minibian project away from Sourceforge, when I saw this post on HN. It's too bad to see Sourceforge ending up like this, after it was so useful years back.
jdeisenberg 1 day ago 0 replies      
Slightly O/T, but has anyone experienced similar problems with downloads from PortableApps.com? They use SourceForge as well, and I am now hesitant to recommend PortableApps to friends and co-workers.
rietta 1 day ago 0 replies      
It would seem that more projects would benefit from running their own free software on their own virtual server infrastructure. A decade ago, there was GNU Mailman and it's still around - http://www.list.org.

Yes, this means that a self-contained project needs the funds for basic hosting and also someone with system admin experience. But that should not be unreachable for major projects.

jron 1 day ago 1 reply      
Tim Kosse has really tarnished the reputation of FileZilla by ignoring the SourceForge malware problem.

Chrome and Firefox should add SourceForge to their malicious site list.

acd 1 day ago 2 replies      
There is a safer way install FileZilla through ninite installer or chocolately


Chocolatey nuget is similar to Linux package managers but for Windows programs

https://chocolatey.orgchoco install filezilla

chris_wot 1 day ago 1 reply      
This has been known about for some time. The Filezilla guys know about it.


aw3c2 1 day ago 0 replies      
> 2015-04-20
jokoon 1 day ago 2 replies      
Clicking on the download link ws blocked by ublock origin. Weird.
FussyZeus 1 day ago 0 replies      
Refuse to download anything from SourceForge anymore. Sad too, used to be the best out there back in the day.
nthcolumn 1 day ago 0 replies      
People are still using SourceForge? :O
Karunamon 1 day ago 1 reply      
What really gets me is the glib attitude of the FileZilla maintainers to this news. Whether trojan or adware, the "just uncheck the boxes" mindset is rather insulting.

Move your stuff off Sourceforge! What the hell is wrong with your people?

kyriakos 1 day ago 0 replies      
you can get a clean version from fosshub
rbanffy 1 day ago 1 reply      
Are we still using FTP?
rogeryu 1 day ago 1 reply      
That article is from April. Good to know about it, but is this news?
Labella.js placing labels on a timeline without overlap twitter.github.io
369 points by callumlocke  1 day ago   77 comments top 22
jbranchaud 1 day ago 2 replies      
It'd be cool if the creator used some filler text on the labels generated on the home page so that we could see what it looks like that way.
iheartmemcache 1 day ago 2 replies      
Man, I've been searching for a way to do this (generate declaratively images for flow-charts, graphs, etc) which are aesthetically pleasing enough to embed into case studies and white-papers for ages. DIA is functionally sufficient but aesthetically awful when you end up embedding it into a nicely styled InDesign, LaTeX, or Quark publication. I'm going to be pairing this with PhantomJS and making a command-line front-end -> svg over the weekend.
shseham 1 day ago 3 replies      
How complex would it be to do it without taking in the min/max width parameters? It soon becomes insanely complex when you want draw a graph with nodes of variable width and height. Say for example if you wanted to add text inside the boxes and you want the box width to be determined based on the text. I have previously tried to adapt the default tree layout algorithm (ReingoldTilford?!) in D3 and failed miserably. http://bl.ocks.org/mbostock/4339184
scrollaway 1 day ago 5 replies      
Boy does that freak out with 200+ labels. :)

Looks fun, though.

samuell 1 day ago 0 replies      
Thought I read "lalibela" first :) (Those famous buildings carved out of rocks, a loooong time ago, in Ethiopia https://en.wikipedia.org/wiki/Lalibela)
plaid_dev 1 day ago 1 reply      
Can someone briefly explain, at a high level, the positioning algorithm that one would use to solve a problem like this?

ReingoldTilford was referenced below but doesn't seem applied in this case.

I've attempted to look through the code here but comments are limited and it is pretty imperative.

vlad 1 day ago 0 replies      
Someone sent me a direct link and I had no idea what "Labels should be beautiful" meant.

The slogan should be changed to "Labels on a timeline without overlap", just like the hacker news thread title. :)

macca321 1 day ago 0 replies      
I would like something like this for things placed anywhere on a screen. The use case is hitting the alt key and displaying labels with the keyboard shortcuts for buttons.
mstade 1 day ago 0 replies      
This looks really good. I wonder, how well would it work with a network rather than just a single line? I'm thinking about something like a git network graph.
haldean 1 day ago 0 replies      
I wrote a simple thing to do a similar operation for photos that are in-line with text on my website; I wrote a little bit about it at http://haldean.org/hooke if people are interested!
Ciantic 1 day ago 2 replies      
How come the labels are sideways in left/right position? It feels like it defeats the purpose.
maneesh 1 day ago 1 reply      
How do you add text to these labels?
chdir 1 day ago 1 reply      
Wouldn't it look more readable if the connectors are straight lines with 90 degree bends instead of curves (like a neatly laid out circuit or wire diagram or tube network).

The current version is artsy. Thanks for sharing this though. Looks very cool.

dvdplm 1 day ago 1 reply      
Is this restricted to a straight line or can it be used to label any svg (?) path?
gotchange 1 day ago 0 replies      
Any specific use case for this plugin?

What about the restrictions on the height imposed on the labels?

xomateix 1 day ago 1 reply      
The simple example link from the github page (http://twitter.github.io/labella.js/easy.html) is a 404.
estefan 1 day ago 1 reply      
Sounds like a disease.
thejerz 1 day ago 1 reply      
Is there a way to lay out the nodes vertically instead of horizontally?
dvh 1 day ago 2 replies      
Labela.js - placing labels on a timeline without overlap
idibidiart 1 day ago 1 reply      
WHOOPS! Set Labels to 200 instead of 20 and click Generate Labels. The diagram is not only incomprehensible, it actually wobbles, flickers and shakes as you scroll.

You need something better than a linear progression of ticks if you want to track and label lot of events that have happened.

idibidiart 1 day ago 2 replies      
"Shakes, wobbles and flickers" when user is scrolling while algo is running with 200 points, which isn't a huge number of points if you consider other means of showing time series data. Positioning algo is dumb if it doesn't take UX into account when number of points is relatively large. It should pause while the user is scrolling.

Also, it is a futile to suggest that automatically placing labels is scalable for any number of labels beyond 40 or so. The resulting diagram beyond 40 or so points is incomprehensible. I tried 200, but 50 or 70 would also most likely result in messy diagram.

HTTP/2 is here. Goodbye SPDY? Not quite yet cloudflare.com
262 points by akerl_  1 day ago   67 comments top 14
xpose2000 1 day ago 6 replies      
In terms of optimal performance for end users... I should now be hosting all files on my own server w/ Cloudflare rather rather something like Google's CDN? For example, jQuery. Reason being, is that those files will all load in parallel on my own domain, whereas for another domain like Google, it'd have to renegotiate an SSL connection and wait a bit longer?

Is this correct? Or is there more to it than that?

Cshelton 1 day ago 2 replies      
I really wish Microsoft gave HTTP/2 support to IE 11 on windows 8/8.1.Any insight as to why they decided not to support it on IE 11 for windows < 8.1 would be appreciated.

Many of our users are stuck with windows 8/8.1, or even 7 for many more years unfortunately. Some of them won't even have another browser as an option(enterprise...).

NoGravitas 1 day ago 1 reply      
I'm quite surprised that there are a lot of browsers in the wild that support SPDY, but not HTTP/2, given auto-updating. But that's what their numbers show. Maybe mobile skews this?
therealmarv 1 day ago 3 replies      
Hmm, does anyone know how to support SPDY and HTTP/2 on a nginx>=1.9.5 and which has only module "ngx_http_v2_module" build inside? What is the configuration for nginx to support SPDY and HTTP/2 ?
ropiku 1 day ago 1 reply      
Does anyone know if they support HTTP/2 on the backend side too ? They didn't with SPDY and I think it would help to multiplex connections all the way.
tgb 1 day ago 2 replies      
Those page load improvement numbers seem ridiculously good (factor of almost 2 versus HTTP 1.1). Are they really expecting that to hold up in real world cases?
adamowen 1 day ago 0 replies      
For comparison, I enabled HTTP/2 via CloudFlare on a dev site. Results: http://blog.adamowen.co.uk/deploying-http2-using-cloudflare-...
joeblau 1 day ago 1 reply      
Just tested my side project https://www.gitignore.io and it now has sub second loading time. Unfortunately, adding Google analytics doubles the loading time to about 1.8 seconds.
xyproto 1 day ago 0 replies      
Here's a small utility for checking if a web server offers HTTP/2:https://github.com/xyproto/http2check
danielsamuels 1 day ago 1 reply      
Is it possible to use HTTP/2 without SSL yet? I tried it a few weeks ago and my browser was just downloading a 4KB file with some random bytes in it, I assume this was the server response but it wasn't clear.
tracker1 1 day ago 2 replies      
Am I correct in assuming this means that cloudflare reads html to determine other files that need to be sent (css, js, images)?
mei0Iesh 1 day ago 1 reply      
I'm using HTTP/2. Here's some quick stats:

 # tail -n100000 access.log | grep 'jquery.js' | grep 'HTTP/1' | wc 3,095 # tail -n100000 access.log | grep 'jquery.js' | grep 'HTTP/2' | wc 6,074

raullen 1 day ago 0 replies      
Google's HTTP loadbanlancer and CDN have supported H2 for a long while.
ape4 1 day ago 0 replies      
Both? Yuck.
Jury Duty medium.com
364 points by eropple  1 day ago   209 comments top 21
YorkianTones 23 hours ago 6 replies      
"Edith looks up from a game of solitaire and casually mentions that she actually thinks the murder was committed by the accomplice, who was never found and is not on trial. But since the defendants lawyer did such a poor job exonerating him, she concludes, shes going to deliver a guilty verdict. My jaw drops. No one questions her obviously flawed reasoning, because shes on their side."

This, for me, was the most terrifying bit in the article. To convict a man of murder, and to send him to life in prison or perhaps to his own death, when you think he's innocent? It shocks me what people are capable of sometimes. But this article doesn't shock me, because I know what people are capable of. Kudos to the author for sticking to his moral compass in the face of adversity.

ketralnis 20 hours ago 4 replies      
I sat on a civil jury trial between a boilermaker in the Navy that had been exposed to asbestos and developed mesothelioma, and a company that made asbestos insulation.

Neither side could actually put the man and the company or its insulation in the same room at any point in the past. Lots and lots of companies made this type of insulation. (In an "accidental" outbust from one of the attorneys that we were instructed to ignore, we learned that he was in fact suing most of them.) The Navy kept meticulous records about where he had worked, and both the Navy and the company did the same about work orders and where the insulation had been installed. The best evidence the man had was "I saw their truck in the parking lot once".

This type of civil trial only required a 9/12 majority and the other jurors really only saw this as a chance to stick it to the company. "Of course this man should be repaid for the damage done to him!" Any sort of nuance like, "okay sure but should this company be the one to pay it?" was totally lost. He's hurt, so somebody should pay up. That was it. That was their justice. The jury instructions like the actual claims to damages were totally ignored.

I sure hope I never have a jury deciding my fate.

wtbob 14 hours ago 3 replies      
I've served on two juries, one for murder and one for a far lesser offense. In one the defendant was a fairly wealthy young man; in the other a poor woman. One defendant was guilty; the other not.

My experience in both those trials was nothing like the author's here. Indeed, I wonder how much of his experience was due to his own concern about things like race and politics instead of, y'know, guilt and innocence. Perhaps had he not been looking down on his colleagues and arguing from emotion, but rather from facts, he could have convinced them to find not guilty.

In both cases, we started with a preliminary vote. In both cases, we argued cordially, with a deep and abiding interest in justice and what the right thing would be. We took turns arguing against our own positions, in order to try to better discover the truth of the matter. We were scrupulous in our decisions, and I feel confident we chose correctly both times.

Both experiences were profoundly inspiring. I'd do it again in a heartbeat.

As an aside, I won't claim that the author is lying, because this may vary from state to state, but after both of my cases the judge and both sides of lawyers came in and spoke with us, asking questions about the case and our decisions; there was no notion of post-decision jury confidentiality the author alludes to.

Also, we were intructed in both cases to use our life experiences, not ignore them as the author indicates. Again, this may vary from state to state. Suffice it to say that the system the author depicts is not the one I experienced twice.

rayiner 1 day ago 4 replies      
> In the end, only two men of color make it to the jury, and I am one of them. The other is Latino. There are two Latina women, one African-American woman, and one Asian woman. The remaining six jurors are white.

Thats basically the racial composition of the U.S. Indeed, people of color are over-represented in that jury.

piker 1 day ago 0 replies      
This article is an interesting narrative depicting the exact sort of nuance that the term "reasonable doubt" is intended to elicit once criminal prosecution reaches jury deliberation. As others have noted, this seems a somewhat comfortable result, albeit at a human cost. Justice delayed/served.

The author touches on it, but another interesting aspect of the criminal justice system is the funding, politics and police practices that motivate the prosecution of minor crimes that never see a court room. Many unnamed players in this story had vested financial and political interests in particular outcomes. In this case, the stakes were large enough that the jurors lost sleep and distressed over the details. One wonders if softening the charges to lesser charges would have weakened his resolve.

It's poetic that at trial, the defendant, the witnesses, the prosecutor, the defense attorney, the judge and the jury cannot lie. Police, however, are trained to do so during investigations as a best practice in pursuit of justice. That fact probably contributed to the author's initial distrust in the system, sewing the seeds of this mistrial.

RyanZAG 19 hours ago 5 replies      
As a non American, the USA justice system honestly sounds like the worst possible system for justice imaginable. I don't think I could design a worse system if I tried. Do you all just keep the system because it keeps so many people employed following the pointless bureaucracy of it all?

The people making the decisions have no training in law at all, yet they have to decide if the law was broken. They get a brief spoken explanation of the law, but only after they have been given the testimony. Why would you not have someone trained in the law decide if the law was broken? Why would you not allow the jury to interrogate the witnesses when they must bear the responsibility of the decision? The idea seems to be that random people off the street will somehow be more willing to consider all angles and if they disagree, you get another random sampling and try again. Try enough times and eventually you'll get a bunch of people who are annoyed enough by being forced into jury duty to just agree so they can go home. Real justice right there.

You might say that the jury system allows for a justice even if the judge is compromised. But obviously it doesn't - the judge controls what information can be fed to the jury and the jury must make the decision based off that evidence. If the judge is biased, the jury will be forced into a particular decision anyway. Why not just have the judge do their job and have an appeals system and punishments on the judge for bad decisions? And yes, that system works fine. See the current Oscar Pistorius trial for a working system (imo).

noonespecial 22 hours ago 0 replies      
"It is better that ten guilty persons escape than that one innocent suffer."

It takes a lot more courage to let a possibly guilty person go free than to convict a possibly innocent one.

Always show up for jury duty if you can.

jvvw 16 hours ago 1 reply      
I did jury service a couple of years ago in the UK - obviously a different system to the US. I came away feeling although in many ways a jury is a terrible way of deciding verdicts, that it is probably better than any of way of making a decision - in the same way that democracy can be considered the worst form of government apart from all the others that have been tried. Our jury did feel like a good cross-section of people (even if many of them had flawed ideas of logic) and that the value of the jury lay in the collective decision-making not in a simple aggregation of the individual decisions.
thwyperson 1 day ago 5 replies      
Not quite jury duty but this story did strike a chord.

I'm someone who strongly believes, in theory anyway, in the presumption of innocence and that everyone is entitled to a strong defense. A prosecutor should have to earn a conviction. However I also feel strongly that perpetrators of some crimes, upon conviction, should face harsh punishments.

Earlier this week, we got a message from a defense attorney inquiring about our services to assist with a criminal case. There were no other details left, so we googled the attorney and found that this attorney is involved in a very high-profile criminal case defending someone accused of an extremely heinous crime. It's a Law and Order-type crime, and it happens to be in one of the category crimes that I find to be particularly egregious.

I'm torn. The part of me that believes in the right to a strong defense wants to assist, not necessarily because I support the defendant, but because the prosecutor shouldn't be a rubber stamp. The other part is wondering what happens if I help defendant get off and he hurts someone else.

We left a message with the attorney asking for more detail and haven't heard back. It may be that the attorney found someone else, decided our field won't help, or maybe just can't afford us. But if we do hear back, if we are able to assist, and if the attorney does want to retain us, I don't know how we'll respond.

I hope I have the courage to say yes. But I don't know that I do.

(throwaway account to mask my normal HN identity).

amateur_soclgst 1 day ago 4 replies      
Wait so this article is basically him saying that the system worked?

That's the impression that I got. Even disregarding his early learnings towards high-school level leftist protest and mistrust of the government, doesn't his careful consideration of the case show the reasons why we use a jury system? Even if the 'mob' e.g. the other jurors decide that a person is guilty, one or two reasonable arguments can decide otherwise.

It seems to me that everything worked out as it should. I wouldn't feel bad if I was the author. (oh and he'll be back in court, serving a case in most states only gives you a 3-5 year reprieve from jury duty)

shiro 21 hours ago 1 reply      
"I imagine what an inverse 12 Angry Men would be like, starting with 11 jurors ready to acquit and Henry Fonda as the only one willing to convict. "

There's a Japanese film, 12 Tender Japaneses, which is exactly that---at the beginning everybody casually votes to acquit except one who insists more discussion. It's of course an homage to Reginald Rose, but it also depicts very well how typical Japanese people behave when they face to make a decision. (And there's a twist in plot so it's not just a reverse of 12 Angry Men, anyway).

fengwick3 1 day ago 2 replies      
Despite the other negative comments, I actually find this a vicarious account of the judicial system - a poignant reminder that behind any democratic system lies humans.
jerf 14 hours ago 1 reply      
A general comment on a lot of the comments here: You can make anything look good by only considering the positives, you can make anything look bad by only considering the negatives. Rather a lot of the latter going on here. To come to a proper decision about what is better, you need to consider both the negatives and the positives of multiple alternatives.

Before rushing to condemn jury trials, I'd also recommend considering that it is a deliberate creation, and that you ought to consider the forces involved in that creation and where it came from before rushing to condemn it. For instance, many are suggesting we can just leave it to one judge, but if you are, for instance, concerned about systemic racism, why would you leave the entire decision to one possibly-racist judge? Wouldn't you be better off in a process which makes it so that the prosecution has to collect 12 racists onto the jury, procedurally battling the defense all the while, instead?

Part of the reason that the jury system exists is precisely that the mental model of a judge as a disinterested, literally inhuman arbiter of absolute truth was concretely, repeatedly disproved by history. The reason we have a "justice system" at all is precisely that we don't have access to perfect humans. If we did, there would be no problem to solve with "judges" or "juries" or anything else in the first place; we'd just consult the perfect humans! If your "better than a jury" model upon closer examination implicitly contains perfect humans in it, throw it out; your model is already worse than what we have, because at least what we have has the virtue of existing, and yours can't even reach that bar.

Look... at the risk of being a bit harsh... condeming jury trials, then offering as an alternative a system that implicitly contains "perfect humans" in it is frankly being every bit as irrational, unrealistic, and disconnected from reality as the humans that just disappointed you in the jury trial description you just read.

If that sucks... yeah, it sucks! But unfortunately, "it sucks" is not actually a logical argument that "it" can't exist, nor is it any form of evidence that there is anything better than "it". If you're going to produce evidence of a better system, it's going to be a great deal harder than merely saying "this system sucks", unfortunately.

MaysonL 22 hours ago 0 replies      
And of course, even though this jury didn't convict the defendant, seemingly correctly (at least from the author's perspective), it's entirely possible for the prosecutor to move for a retrial, and this time keep all the black men off the jury, and get a conviction. Or if the defendant isn't out on bail, or maybe even if he is, to convince him to take a plea bargain to second degree murder, or manslaughter.
cgm616 22 hours ago 2 replies      
It's interesting to look at if this article is fiction or non-fiction. It is certainly amazing writing with a strong message, but seems to be so strange to be non-fiction.

Then again, I knew about some of this from the excellent Illustrated Guide to Criminal Justice, so I wasn't totally surprised.

In the end, does it even matter if it happened?

masterponomo 16 hours ago 0 replies      
When I sat on a jury in 1989, the main goal of most of the jury was to get the decision over with in time to pick up their kids from school. We quickly found for the plaintiff against the main defendant. There were a slew of co-defendants, who aside from the reading of the charges had not been mentioned at all during the trial. No evidence, no description of their supposed involvement, nada. The foreman started to copy our verdict onto the forms for them as well. I objected, pointing out that we had only discussed the one defendant and needed to consider the others separately. Much protesting and eye-rolling ensued, but the urge to leave won out and the jury agreed to find all of the co-defendants not guilty. I was pleased with the outcome but appalled by the process. I would hate to be judged so carelessly by my peers. Yes, having 12 jurors does increase the odds of having someone put on the brakes and insist on proper procedure, but it is by no means guaranteed.
pc86 13 hours ago 0 replies      
It is an absolute failure of voir dire that this person made it onto the jury. A few select quotes:

> The judge has already instructed us directly that we are not to do any research on the law while sitting on this jury. This is the first of several times I will violate those instructions.

> a jury...is not quite about justice but instead about the direction of the tide.

> I do believe in jury nullification. And I think the American carceral state is so corrupt that Im starting to doubt if I could bring myself to render a guilty verdict under any circumstances.

To clarify the above, any mention of jury nullification is a sure-fire way to get removed. And if you're not 100% sure you could render a guilty verdict "under any circumstances," you have absolutely no business sitting on a jury.

> I keep thinking of Walter Scott, whose uniformed murderer is seen on camera shooting him while he runs away, and who plants a weapon on his freshly killed corpse.

Blatantly false.

> I dont necessarily have a problem with ignoring the judges edict

> Outside of court, I tell everyone I cant talk about the case. Then I usually talk about the case a little.

> because [a coerced confession] was not presented by the defense, its merely a conspiracy theory and we cant consider it. Secretly, Im considering it too.

> Henry and I splinter off from the others. Jurors arent supposed to talk about the case outside of deliberations. We talk about the case.

> Again I violate the judges instructions

> An accusation from another juror: You lied during voir dire!

peteretep 23 hours ago 1 reply      

 > as concerned as he was by the possibility of a false > conviction without also being concerned by the > possibility of a false acquittal.
Isn't that a natural consequence of innocent until proven guilty?

facepalm 17 hours ago 2 replies      
Non-American, don't know how the system works - how come they can eliminate people from the jury pool? I would have expected the jury selection to be completely random? There is no way the system can be fair if they get to select the jury.
powera 1 day ago 6 replies      
This guy seems like a terrible, terrible juror. Bragging about violating the rules, annoyed because the judge is called "your honor", implying that a jury with 6/12 people white is somehow a sign of massive racial bias?

What is supposed to be redeeming about this article? I'm not reading it all unless there's something somebody says is worth reading.

EDIT: It gets more readable in the jury section, but I still don't get what if anything this guy is trying to say, other than simply "it's like The Breakfast Club".

powertower 23 hours ago 1 reply      
A couple of things stand out for me here -

> Perhaps this was the time to mention that having witnessed the murders of Eric Garner and Walter Scott on video made personal experience unnecessary.

Eric Garner said "I can't breathe" 11 times.

Any person that has experienced a chokehold, knows that if you can't breath, you can't move air in and out of your lungs and throat, you can't say anything, not even "I can't breathe" 1 time. Certainly not 11 times - unless it was a purely stationary-type hold.

Also, chokeholds which result in death leave physical damage, that was not present in the autopsy (no damage to the windpipe or neckbones).

Eric Garner was not "murdered", he died in the ambulance from the situation exacerbating his health complications.

Anyone who thinks he was literally "murdered" is racially motivated to see it as such, not based on facts nor common-sense, the later which the author brings up multiple times.

Second, as this is written anonymously and rolls a "white-jury" racial narrative from the start to the end, you have to consider that 9 out of the last 10 racial incidences (of the national news proportion) ended up being hoaxes done to validate someones need for there to be racism where there was none. At some point you get tired of the lies. And there is absolutely nothing in this story that allows the reader to verify it.

The Fall and Rise of SVG siliconpublishing.com
264 points by maxdunn1  9 hours ago   79 comments top 19
davidjgraph 8 hours ago 7 replies      
"Rather than embracing SVG as an alternative, Microsoft pursued a blatant copy of Flash in their too-late-to-the-table Silverlight effort."

The author seems to have missed, apart from an initial mention, VML out completely. VML was Microsoft's SVG alternative in IE 5 through 8, not Sliverlight. Sliverlight was a Flash alternative.

VML, although badly documented, can/could do much of what SVG can do, in a few cases it does it better. It was also pretty complete with IE 6 in 2001. SVG had the first very basic version in Firefox 1.5 at the end of 2005, and needed Firefox 3.0 in 2008 before you could say it was reasonably complete. MS thought they had a head-start and could win the vector battle.

The key thing, as well, with VML is that it was built into IE natively. Getting Adobe SVG or Sliverlight added onto IE into large corporate environments was near on impossible. We, fortunately, decided we didn't trust Adobe prior to them killing the IE SVG plugin and were running fully on VML at that point.

The last 10 years of my working life have been based around SVG and VML, my co-founder and I would tell you a similar story. Especially, regarding word-wrap in SVG, it's our top pain point as well. It forced us to use HTML as foreign objects in SVG to get word wrap. Of course, IE never supported FOs, Edge has only just added it.

leeoniya 8 hours ago 1 reply      
An article about rise of SVG with numerous images of SVG drawings, and not a single one of them is an actual SVG :)
NelsonMinar 5 hours ago 0 replies      
I think a lot of credit for SVG's resurrection goes to Mike Bostock for making it the core of his visualization technology. Obviously D3 is the big SVG thing now, but his 2009 work on Protovis also relied on SVG, as did Polymaps in 2010.

I argued with Mike back then that SVG was a bad choice because it didn't work in MSIE and it was sort of a forgotten technology everywhere else. Fortunately he didn't pay any attention to me. SVG is particularly handy because it lets Javascript create and alter graphics using a DOM representation. That's something you really can't do in Canvas or WebGL without reinventing parts of what DOM does.

pdkl95 3 hours ago 1 reply      
I suggest that SVG missed it's true calling - as a modern vector animation platform. D3 is a good example of that kind of use, but I think it had a lot more potential. The ability to debug your graphics as elements can be very useful, and you get a lot of functionality built-in (e.g. DOM events).

As an example, see this unfinished asteroids SVG I wrote in '09 (before <canvas> was generally available):


(seriously, it's not actually a finished game - damage is disabled, there's no levels/etc, but you can move with the arrows, shoot with space, (useless) shield on x)

The problem was the (slow) reflow every time you changed the DOM. I tried a few ideas to batch changes or pre-allocating elements, but browsers just couldn't run it consistently smooth enough at the time. It's somewhat better now - maybe I should actually finish it...

Cymen 6 hours ago 2 replies      
For SVG to truly rise, it needs better font/text support. It should be easy to programmatically determine the width of a string of text in a given font. Unfortunately, it is not. You can go look how libraries like D3.js do it. But ultimately, pixel-perfect text with SVG is difficult/impossible. I'd really like to know if I'm wrong about that.

On the positive side, ReactJS plays great with SVG. I'm working on some basic line charts that I want ReactJS-managed so I can render them server-side too. My line chart isn't done but I tried the server-side rendering and it's working great.

erikpukinskis 8 hours ago 1 reply      
The only thing holding back SVG is laptops. Most phones have enough pixel density that SVGs look great and are the right choice for most non-text, non-photo assets. But pixel density is low enough on most laptops that they look fuzzy. Low-end tablets have the same issue but no one really cares about hi-if experiences on those devices.

I think it often comes down to what's the easiest asset workflow that gets us a good result. From that perspective, 1x raster + 2x raster is less work than 1x raster + SVG

ingenter 6 hours ago 1 reply      
I see a big security problem with SVG: browsers allow executing scripts in SVG files in site security context, so you have to check for a lot of script execution vectors in SVG before you allow uploading user files.



donbronson 8 hours ago 6 replies      
Where is native support for iOS and Android? Why do we bother generating the same assets for different screen densities? Am I the only one who wants SVGs on mobile?
lechevalierd3on 8 hours ago 1 reply      
No mention of retina screens?In my experience it has pushed to use font and svg on the web.
Spoom 7 hours ago 1 reply      
We use SVG all over the place, but then we have the great privilege of being able to tell our clients to only use modern browsers. It's pretty nice to be able to specify one graphic for use at all pixel densities that never gets blurry.
jzcoder 5 hours ago 0 replies      
Corel had a serious SVG effort during this early period around 2002-2004. They created a SVG Viewer and tooling around an initiative known as Smart Graphics.

Here's a Press Release about it:http://www.corel.com/uk/pdfs/press/79.pdf

LarryMade2 6 hours ago 0 replies      
I think another factor in the rise of SVG was it being used in illustration programs most notably Inkscape and its predecessor Sodipodi.
dnautics 7 hours ago 0 replies      
One of the early successes of svg, iirc, was its adoption by Linux window managing software.
criddell 4 hours ago 1 reply      
Google renders their homepage with SVG now, don't they?

Right click on google.com and do a view source.

coldtea 7 hours ago 0 replies      
I have worked with SVG extensively, mostly through Raphael but also with Snap and D3.

It might not be a perfect standard, but it's a glorious feature set the web needs.

jarek-foksa 7 hours ago 0 replies      
I'm currently working on an SVG authoring tool written in JavaScript. You can check the project on https://chrome.google.com/webstore/detail/boxy-svg/gaoogdonm...
mxfh 7 hours ago 0 replies      
Or also read W3C's version of the SVG Origin Story:


colbydehart 5 hours ago 0 replies      
Should this be called the rise and fall and rise of SVG?
idibidiart 6 hours ago 1 reply      
1. ForeignObject support still sucks.

2. WebGL and even Canvas are significantly more performant. I realize that's comparing apples and oranges... Still, if I had a choice for any data visualization project today I'd use WebGL rendering, or ThreeJS etc.

Google Deceptively Tracks Students Internet Browsing, EFF Says in FTC Complaint eff.org
212 points by pavornyoh  3 days ago   96 comments top 12
arebop 3 days ago 3 replies      
According to the FAQ, "Its also possible that Google does not use student data for any of these purposesbut unfortunately, Google has refused to articulate the reasons" so it seems like the EFF's position on Internet-hosted applications is that the specific uses of each kind of data should be described in a privacy policy.

I think it's a tenable but extreme position, because basically they are objecting to Google reserving the right to develop new features in an empirical/data-driven way.

I think most people don't think of e.g., their privacy w/r/t tax data being compromised when their tax prep software company mines it to make data entry simpler, or to make it easier to understand the consequences of various filing choices by visualization, etc. Similarly, I don't think Google is invading my privacy when it takes my search queries and uses not only to produce SERPs for me but also to notice that when people type cyombinator it is likely a typo for ycombinator.

chestnut-tree 3 days ago 2 replies      
It's depressing how perfectly normal and natural the idea of tracking users has become.

I know this isn't a popular opinion on Hacker News, but why should there be any tracking whatsoever when using an OS? Are people saying that they're perfectly fine for their Windows/Mac/Linux distribution to track everything they do? The apps they use? The sites they visit? Because that's basically what ChromeOS does. It even tracks the documents you print to your desktop printer (routed through Google's cloud print service).

You aren't even anonymous when you use ChromeOS - you must be signed into your Google account. Just as a reminder, your Google account = your name, your date of birth, your location and optional phone number. In other words, some of your most personal and private information all tied to the activity you conduct on ChromeOS.

Google states that it does not read the content of your emails in GMail (emails are scanned by computer), but you could argue that your browsing habits are just as private and personal. No such assurances on how they handle this data. Does Google disassociate the identity of the user from their activity? If not, then who sees this data at Google? How long is this data kept for? These are important questions, but you won't find answers in Google's privacy policy. (And you're unlikely to find many in the tech community asking Google about them either.)

I would never recommend an OS that tracked the activity of students so relentlessly, especially when many students are too young to understand the horrendous privacy implications of using ChromeOS. Other companies like Microsoft are rightfully criticised for their tracking in Windows 10, yet Google gets a completely free ride. It's just baffling.

newman314 3 days ago 3 replies      
While I think it's great (but insufficient) that students and kids have greater privacy protection than adults, it begs the question why all of us shouldn't enjoy the same level of protection.

Just because one becomes an adult does not mean that an adult is less deserving of the same level of protection.

thomaskcr 3 days ago 1 reply      
Is the EFF's problem that this information is stored on Google servers?

Syncing settings to an account seems like one of the prime selling points for a school using chromebooks. A child loses their chromebook, or gets issued a different one the next September all their favorites, apps, etc are there ready to go when they sign in.


blfr 3 days ago 2 replies      
Chrome's sync data is supposed to be encrypted at least with your Google account password. They could be doing all that (mining, tracking) but there is a clear, legitimate purpose to this feature: providing the same environment across computers.
gmisra 3 days ago 2 replies      
People seem to be conflating "tracking user behavior" with "tracking user behavior without consent or transparency". Yes, there are plenty of people opposed to the former, but that is a moot point with respect to Google.

The latter, however, is symptomatic of a much bigger issue: there is a pervasive belief amongst many of the silicon elite that users simply aren't capable of making effective decisions regarding tracking, and therefore it is best if they are not allowed to make those decisions. I have heard this directly from many people, and each time it leaves me surprised.

If Google were to provide real transparency into the information they track about me, that would be fantastic. I likely wouldn't even look at it, but I would know that organizations like the EFF and ACLU would serve as ombudspeople for the public. Furthermore, whichever of the big internet players does this first will likely generate a tremendous amount of brand loyalty and free marketing.

I suspect current behavior won't change without legal intervention, which will potentially be adversarial, which is a shame since there are people at these companies who are much more qualified than lawmakers to anticipate and plan for the future.

It's amazing that a company (and industry) that self-identifies so strongly with taking novel approaches to solving hard problems can get mired in such status quo bias.

MattHeard 3 days ago 0 replies      
" Googles Sync feature for the Chrome browser is enabled by default"" since some schools require students to use Chromebooks, many parents are unable to prevent Googles data collection."

Doesn't "enabled by default" mean that parents should be able to disable the sync feature?

That being said, I would assume that any tracking features would be separated from syncing features on a machine built for a student. Google appears to be attempting to correct that, after EFF's prompt: "Google told EFF that it will soon disable a setting on school Chromebooks that allows Chrome Sync data, such as browsing history, to be shared with other Google services."

Navarr 3 days ago 0 replies      
> EFFs filing with the FTC also reveals that the administrative settings Google provides to schools allow student personal information to be shared with third-party websites in violation of the Student Privacy Pledge.

What? Is the EFF complaining here that Google gives schools the ability to share their student's data with third parties and that is wrong (by Google)?

free2rhyme214 3 days ago 1 reply      
"If Google wants to use students data to improve Google products, then it needs to get express consent from parents.

This is true.

pjc50 2 days ago 0 replies      
An example of student privacy invasion using good old fashioned paper surveys and leading questions: http://www.thecanary.co/2015/12/01/children-branded-potentia...

Note that "The surveys were supposed to be anonymous, and when concerns were raised about pupils being identified, assurances were made they would be destroyed." turned into the survey results being handed to the thought police.

(There are various programs trying to combat "islamic extremism" in schools in the UK, all of which seem to be proceeding in clunky bureaucratic ham-fisted ways.)

dang 3 days ago 2 replies      
We detached this subthread from https://news.ycombinator.com/item?id=10659147 and marked it off-topic.
marincounty 3 days ago 2 replies      
Off topic comming up. I feel the one thing that will really get Google in trouble is this hypothetical senerio--right out of a bond movie:

Google has the ability to look at all our internet history. They have the ability to read our emails. That can match up ip addresses with street address. They can most likely figure out what most people do for a living. (yes, some of this spying in illegial, unless advertising purposes?)

Could you imagine looking at the Internet history, and emails of the Titans of business around the world? Looking at the information that stock/investment types pass around.

Looking at all this information, collating it, data mining it, etc., and then buying and selling stocks/bonds/etc.?

Yea, I know it's illegial. It just seems like it would be tempting? I know the SEC is probally, or I hope they are, watching out for this kind of hypothetical behavior, and no--I don't think the founders of Google would ever even think about doing someting like this. If I worked there, and had access to sensitive files on those servers; It just seems like it would be hard to not look at that information, and make a few bets? Yea, I know they have great internal security, and have strict policies, but there's always a guy who would be willing to break the rules? I don't think I could not look at that information, and try to predict the future? (In reality I would never do anything like I proposed, but it sure would be tempting?)

Introducing the IBM Swift Sandbox ibm.com
228 points by julianozen  14 hours ago   54 comments top 12
hmottestad 11 hours ago 4 replies      
It's on Bluemix!!!

Here is my experience with Bluemix:

1. We needed to get bills to send to our accounting department. There is no way to get this out of Bluemix. We needed to contact 5 different people and send 2 different support tickets.

2. At one point we couldn't log into our accounts, the authentication server was down.

3. The docker container doesn't always get internet. Also it sure as hell is guaranteed to not have internet if you restart it.

4. If you use their SAAS databases, then some of them you can connect to from the outside world, but some you can't. And there is no way of knowing which.

5. Just because IBM makes a product available doesn't mean it works. We used NodeRED together with the IBM developed database connectors for DashDB. That connector will timeout after ~24 hours and then not throw any errors when you keep writing to it. Took 3 days to figure this out and fix it.

6. Their deploy system is nice, pity it brings down your service for 5-10 minutes even for deploys that are literally 100 lines of java code.

7. It's painfully slow to push images to their docker hub. Took 3 hours to upload an image with ubuntu and java. And our uplink is 50mbit.

amasad 10 hours ago 3 replies      
I'm also planning on adding support for Swift to https://repl.it once I figure out how to implement a proper REPL with it.
Apocryphon 11 hours ago 0 replies      
Looks like we're finally seeing the fruits of the Apple-IBM global partnership.
king_magic 11 hours ago 1 reply      
This is really cool to see. Really hoping to see something similar appear for Swift on Azure or AWS. Also really hoping to see Swift web frameworks begin to appear, now that Swift is open-sourced & running on Linux.
msoad 10 hours ago 1 reply      
How funny the server is down. This shows IBM cloud quality somehow.


fauigerzigerk 10 hours ago 4 replies      
This seems to be down. I'm getting 500 errors or a blank/blue page. I hope this wasn't supposed to be a demonstration of IBMs scalability prowess.
asadlionpk 4 hours ago 1 reply      
We also added support for swift in https://codepad.remoteinterview.io/

Collaboration enabled REPL is there too (enter 'swift' in the shell).

sosedoff 11 hours ago 2 replies      
If you're looking for something similar for other programming languages too, check out https://bit.run/. It supports Ruby, JS, Go, Python, Rust, PHP and many more.
Shivetya 11 hours ago 5 replies      
I am looking for a new language to learn, preferably more PC style platform focused, would this be a good language to learn?
schnevets 9 hours ago 2 replies      
I wonder if this was announced as a reaction to Swift going open source. I could see some IBM team working on this system as a POC, and suddenly being given an urgent deadline to coincide with the license change.

Gain from the momentum and maybe turn a pet project into something bigger. I guess that's the benefit of having tens of thousands of developers...

jacques_chester 4 hours ago 0 replies      
There was a half-joke on Wednesday that we should do a Swift buildpack for Cloud Foundry.
melling 10 hours ago 0 replies      
Swift is gaining momentum fast. It has a big advantage because it's arguably the best way to write iOS apps. It'll replace Objective C as a top 5 used language.

In fact, a quick check of Tiobe shows Objective C heading down fast with Swift about to pass it on its way up:


Show HN: Acme-tiny, a tiny 200-line Let's Encrypt client github.com
264 points by diafygi  14 hours ago   50 comments top 16
macns 10 hours ago 1 reply      
I'd love to see this paired with your https://gethttpsforfree.com/ which was very easy and pleasant to use (loved the: This website is static, so it can be saved and loaded locally. Just right-click and "Save Page As.."! at the bottom of the page).

I guess this tool is what's needed next to get the auto-renewal crontab

wiml 9 hours ago 1 reply      
Also along these lines is https://github.com/kuba/simp_le , which is quite a lot larger than acme-tiny, but still much closer to something I'd want to stick in a crontab.
diafygi 13 hours ago 2 replies      
Fun fact. There's really nothing stopping you from using a PGP/smartcard/HSM keypairs for the ACME account key. Would love to see someone adapt this or another client to use a yubikey or other hardware key.
kingkilr 11 hours ago 1 reply      
Please be careful using urllib2, unless you are on Python 2.7.10+ or 3.5+ it does not do HTTPS certificate validation.
andmarios 3 hours ago 0 replies      
I think this is a nice option. I gave it a try and read the source code. :)I opted for acmetool[1] though, which albeit much larger (and thus much more difficult to verify), is easier to use [2].

The more impressive option I've seen is caddy server [3] which sets up everything automatically. You start the server and it automatically requests certificates, serves your content (static, fcgi, proxy etc) through TLS and redirects plain traffic to SSL. You don't even need to know what let's encrypt or ssl is. It has a bug though, every time you start the server it requests a new certificate, so after a few restarts you will get your domain temporarily banned from let's encrypt.

[1] https://github.com/hlandau/acme.t or `go get github.com/hlandau/acme/cmd/acmetool`

[2] acmetool quickstart && acmetool want example.com www.example.com

[3] https://github.com/mholt/caddy

a2tech 13 hours ago 2 replies      
I set this up yesterday and it worked great.

I went from a blank slate on lets encrypt, to deployed SSL cert in less than an hour. Most of the time was spent discovering that 1) acme-tiny requires Python 2.7 or above to be installed and 2) you need to create the .well-known/acme-challenge/ directory structure manually.

After that it was all smooth sailing.

jo909 12 hours ago 2 replies      
After trying a few other Clients, which all were too complicated to get to work on my ancient Debian, i sucessfully used this one. I only needed to patch some sting formatting (replace {} with {0}, {1} etc). And install argparse from pip.
lemming 12 hours ago 0 replies      
Thanks for this, diafygi. I set this up this afternoon with Ansible, and it's working really well. Very nice indeed.
treeform 7 hours ago 0 replies      
I have just used this script and it worked great. I used the lets encrypt normal client and it felt very bloated for me: virtual env, docker, tons of dependences. I hope lets encrypt folks put their client on a diet.
dochtman 12 hours ago 1 reply      
This is awesome! I have had a Let's Encrypt private beta email sitting in my email for a while, but didn't want to install the client because it has so many dependencies.

Are you sure it does all the proper SSL verification, that is, what versions of Python is it safe to use this with given the likes of PEP 476?

anebg 11 hours ago 0 replies      
Just stopping by to say thanks. I used this yesterday and it worked great -- simplicity wins.
jc4p 12 hours ago 1 reply      
I miss you Daniel <3
teamhappy 12 hours ago 0 replies      
Looks great! Thank you.
ilaksh 7 hours ago 2 replies      
How do we know that Let's Encrypt isn't an NSA/CIA program? Like a way to make it easier for agencies to MITM or something?
Google Cloud Vision API changes the way applications understand images googlecloudplatform.blogspot.com
258 points by ingve  2 days ago   72 comments top 16
nicklo 2 days ago 8 replies      
I wonder what this means for computer vision startups like http://clarifai.com?

Its hard to compete with Google on a task like image classification when Google has immense computational resources, tons of data, and hoards of top researchers.

abtinf 2 days ago 3 replies      
It's exciting to see more of these services come to market.

IBM Watson has a suite of vision APIs available that have some similar features.

For example, the demo at http://vision.alchemy.ai/#demo has example images that demonstrate facial detection and identification, label extraction, object identification, and so on.

Another demo at http://visual-insights-demo.mybluemix.net/ uses the Visual Insights [1] API to identify a set of relevant tags.

And the recently released Visual Recognition [2] API allows you to train the model with your own dataset. Demo: http://visual-recognition-demo.mybluemix.net/

Disclosure: I am an evangelist for the Watson Developer Cloud suite of services at IBM.

[1]: https://www.ibm.com/smarterplanet/us/en/ibmwatson/developerc...

[2]: https://www.ibm.com/smarterplanet/us/en/ibmwatson/developerc...

Veratyr 2 days ago 1 reply      
I wonder what this'll mean for startups like https://imagga.com/ and how pricing will change.

Also wonder if they'll bring the ability to train your own classifiers using their networks...

bcherny 2 days ago 2 replies      
I wonder how long it will take for someone to integrate this with Google recaptcha...
meirelles 2 days ago 0 replies      
Finally Google is releasing their best dog food as cloud service. Is better than "copy" AWS.
obulpathi 2 days ago 1 reply      
Wondering how this can be used for specific content detection! Say I want to take pictures of a crop using a drone and analyse the pictures for pests and disesases etc ...
davidbarker 2 days ago 3 replies      
I've been going round in circles for the last 15 minutes, trying to sign up for access. I've tried every ID I can find in my account for the "Google Cloud Platform user account ID", but none seem to be working, and it won't allow me to submit the form without a valid ID.

Is anyone else having the same issue/know where I can find this ID?

datashovel 1 day ago 0 replies      
The default assumption with cloud apis is the company offering the service will not use data for internal consumption (even when it comes to training ML models?). I'm assuming this will be the case with this one also?
joefkelley 2 days ago 1 reply      
I wonder if there is an API to train this on a custom dataset.

They have a few built-in models, but those seem pretty limiting in terms of uses cases. I can think of a lot more where you would want to be able to train on your own specialized images and labels.

mrfusion 2 days ago 1 reply      
Where can I see the couple hundred lines of Python code that powers the robot?
datashovel 1 day ago 0 replies      
I know this may not be useful early on, since Google may not have a lot of this kind of data that would make image recognition more useful, but I think it makes sense to have a plan for eventually making it possible for developers to integrate depth information. For example for those who have an XBox Kinect, or more recently a "Project Tango" tablet.
tianlin-shi 1 day ago 0 replies      
This seems like a warning sign for all horizontal companies that claim to solve AI/CV/ML in X years. If you don't focus on a specific vertical, Google will beat you.
rugdobe 2 days ago 0 replies      
worth mentioning: https://www.projectoxford.ai/ from Microsoft
Narkov 1 day ago 0 replies      
What about a speech recognition API? That would be awesome!
it_learnses 2 days ago 0 replies      
Can this tell you approximate volume or quantity?
anindyabd 2 days ago 2 replies      
Great! The recognition seems fairly accurate, based on the examples they provided (haven't used Google Photos myself much, though). I'm still wary, though; I really hope we won't see a repeat of the labeling black people as gorillas fiasco, which happened as recently as earlier this year: http://mashable.com/2015/07/01/google-photos-black-people-go.... The article mentions that Google was looking into how these mistakes can be prevented... I wonder what they did/are doing?
French Uber drivers have created their own Uber theverge.com
204 points by kawera  19 hours ago   184 comments top 25
joshstrange 13 hours ago 5 replies      
If the app works then great but I'm not about to herald this as some great accomplishment. There is a reason Lyft/Uber completely steamrolled the taxi industry (aside from skirting regulations that were arguably bad to start with) and it's because they provided a 10000x better experience over calling a taxi dispatcher and waiting for cab (if it even shows up). I hated using taxis but Uber/Lyft changed all of that fixing all the problems with the taxi industry.

Plain and simple the taxi industry had a monopoly, got lazy, didn't innovate, and didn't give a shit about their customers. I relish watching them burn down in the same way I enjoy watching Google Fiber trouce it's competition.

Now if drivers want to create an app to compete with Lyft/Uber then more power to them, if they want to run it as a non-profit then great, just as long as their app isn't a buggy/crashing POS then I'll use it but I'm not holding my breath for that to happen. The best I saw from a cab company was a mobile website that asked for your location and allowed you to dispatch a cab after typing a short message. TWICE they never showed and once they didn't even read the message as I had scheduled the cab for a specific time and they showed up 45min early and called to ask where I was...

habosa 11 hours ago 6 replies      
I use Uber a good amount (~10x a month) and while I like the service I just don't see why everyone is so impressed with the company. Let's consider what people like about Uber:

"It's so much more convenient to use an app than a taxi dispatch" - totally true. The taxi industry was definitely lazy. But now most Uber markets also have a competitor to dispatch a taxi by phone (Flywheel, etc).

"The drivers are not (jerks|unsafe|scary|etc)" - at this point half of the smart taxi drivers have gone to Uber, there's not much of a difference in driver quality.

I think the real thing that nobody else can do that Uber does is sell you a cheap ride. Uber is cheaper than a taxi in almost every city (30% in my experience). If taxis were 10% cheaper than Uber, I'd go to Flywheel immediately. How did they achieve this low price? Simple: by ignoring laws, not paying for expensive regulations, and passing more costs on to the driver.

This is not impressive to me. I could think of 10 industries that could easily be 'disrupted' if you add the rule 'You're allowed to ignore all existing laws and regulations'. I could provide you with a $20 massage ... assuming you don't want a licensed massage therapist. How about a $10 light repair ... assuming you don't want a real electrician.

You might respond: "but habosa, who cares? You're getting a good ride at a lower price with more convenience". My frustration comes from the precedent this sets. Uber says that if you have enough VC funding, you can make lawbreaking and regulatory blindness a central pillar of a billion-dollar company. There are a lot of people who have invested in credentials such as taxi medallions (or the equivalent in other industries) because they didn't have a hundred million dollars of VC funding to shake off the lawsuit. And some Uber-like company can come into their space and instantly devalue their investment. I don't believe the ends justify the means because soon there will be an Uber we don't like, and there will be nothing we can do about it.

SlashmanX 14 hours ago 3 replies      
Every time I see an article about Uber or taxi drivers I feel thankful that I live in a place where apps like Hailo exist. Every time I read the comments on these types of articles I see people pointing out what the people want/need and how taxi companies could make it work while thinking to myself "Hailo already does this".

It was created by ex-taxi drivers too and every taxi driver I talk to speaks very highly of them and how they manage to satisfy both drivers and passengers. Hopefully they can manage to expand further

Sarkie 17 hours ago 1 reply      
Maken 15 hours ago 1 reply      
"Angry French Uber drivers have created their own Uber"

Now that's a misleading title. These guys seems perfectly reasonable, and it is clearly an alternative platform that suits better their own interests than Uber, not something done by an angry mob.

comboy 17 hours ago 6 replies      
I still don't understand why Uber couldn't let drivers set their own fares. It seems to me that it should create a healthy market that in the end would be great outcome for consumers.

E.g. some hours are much less profitable for Uber drivers - so they set the fare higher and thanks to that you can always find a driver when needed. On the other hand, higher current fare works as an invitation for the new drivers. It auto adjusts to drivers/users availability in given region.

48snickers 10 hours ago 1 reply      
From the article: "The geolocalized app offers the same basic services as Uber; users can hail black cars, rate their drivers, and drink free bottled water."

Does the app also remove drivers with consistently low ratings from the system? From where I stand, _that_ is the killer feature of Uber. In the early days, I was happy to pay a premium to Uber not to put up with the typical crap you get from cabbies in Los Angeles. For example, swearing the entire duration of a cab ride from LAX to El Segundo or Manhattan Beach because they were hoping to go for a longer ride.

I've never had an Uber or Lyft driver that was anything but pleasant to talk to.

davidf18 11 hours ago 1 reply      
The taxi drivers in Paris are much more likely to compete if they think of what the customer wants which is lower fares and a quicker ETA in a reliable taxi. With the new app, since they are not paying the 20% fee of the Uber drivers, they should undercut Uber by 20% thus attracting more customers and making up in volume money they lose by having lower prices.

The VTC app should also implement the equivalent of Uber pool which is greener than regular taxis while being able to offer customers even lower rates while improving driver income.

NYC does have a taxi app for e-hailing called Arro which is able to compete with Uber when Uber uses "Surge pricing" since the taxis don't charge surge pricing.

HappyTypist 16 hours ago 4 replies      
This is called disintermediation. In short, unless you can convince at least 51% of the drivers to join your platform in a very short period of time, your offering will be inferior (longer ETAs, lower earnings per hour for drivers) due to the network effect. As times go on, your drivers will leave the inferior platform. This is assuming that your app is at least good as Uber's.
AYBABTME 15 hours ago 3 replies      
The main issue with "each their own app" is that as a person who travels, I'm not going to install one-app-per-city. I'll just use Uber.
ucaetano 16 hours ago 3 replies      
"Whereas Uber takes a 20 percent commission for every trip in Paris, VTC Cab charges its drivers a monthly fee of 250"

So the drivers need to make at least 1,250/month for this model to be better than Uber (for the driver)? Not to mention that it has a higher upfront cost.

Sounds like most drivers would rather pay 20% on whatever they make than pay an upfront fee with no guarantee of revenue.

repomies691 16 hours ago 2 replies      
What's the user experience like? There is a lot of talk about these "worker-own" apps/networks, however I very much doubt that they are able to compete with the uber level of service in the longer run. You need lots of software engineering etc skills to run this kind of service smoothly.
jordanthoms 11 hours ago 0 replies      
It's great that they are deciding to compete in the marketplace rather than the courtroom.

It'll be interesting to see if the zero-commission model works for them though - The 20% Uber takes is actually fairly reasonable (and much less than what a traditional taxi company takes from their drivers) when you consider CC fees & Collections, customer support costs, customer acquisition costs, marketing, etc is all covered by that. Uber is spending huge amounts of money on growing the customer base (which is good for drivers as they have a liquid market of ride requests coming in all the time), and a service like this will most likely not be able to invest as much in that since they don't have the commission and investment to pay for it.

hackuser 10 hours ago 1 reply      
It seems to me Uber's management openly disregards their workers (but tell me if I'm wrong) and they openly disregard other social goods such as the law. I see this in actions and occasionally in words too.

If Uber becomes the dominant service, which due to the network effect would be the only place to find customers/drivers, what will they do to their workers?

There's no reason to think Uber will, out of the goodness of their hearts, do any less than use their full market power to take as much as possible from their workers.

ogrisel 16 hours ago 0 replies      
I installed the app and the estimated trip prices seems from 1.5x to 2x more expensive than for competing services.
takee 12 hours ago 3 replies      
> He says it costs more than $200,000 a year to maintain the app, which was developed by Multi Brains LLC, and his organization has begun buying ads on Google and Facebook.

That sounds a tad bit less (even assuming 250K, to account for "more than") considering it includes salaries for >2 app developers, hardware/AWS costs and marketing costs which seem to include Google and Facebook ads. What am I missing here?

kennydude 12 hours ago 0 replies      
App looks pretty nice which makes a change. Here (Newcastle, UK) a lot of taxi companies have their own apps which are not even stable hence Uber is useful (the only reason I actually use Uber)
joshmn 11 hours ago 0 replies      
I bet they didn't think they had to run and operate a business.

The common thinking of "oh, it's in the app store, now I can sit back and relax" is ludicrous.

CodeWriter23 11 hours ago 0 replies      
I am most curious about how the numerous seasoned VCs who have poured money into Uber, failed to recognize the thin barriers to entry for a would-be competitor.
ape4 9 hours ago 1 reply      
Add in Bitcoin for a lower barrier to entry for Uber-like services.
xorcist 14 hours ago 0 replies      
How is this different from any other taxi app? Why is this their "own Uber"?
guinness74 16 hours ago 0 replies      
With blackjack, and hookers.
dbg31415 10 hours ago 0 replies      
Of course they did.
fit2rule 16 hours ago 1 reply      
And so goes the free market, in its most refined form .. how easy it is, after all, to simply clone a service in some other language, some other framework, and continue to deliver to customers.

What bothers me most is how the OS vendors are asleep at the wheel, again. These kinds of services - "I am [here] and want [blah]" - are broadly applicable. "Word"-"Summoning" apps are a dime a dozen. Shouldn't this be a builtin by now?

baby 16 hours ago 2 replies      
It's a non-profit => unfair competition

But they don't get the huge 20% commission on the ride? Well that's amazing.

Also looking at how much it cost them to maintain the app, if they have 1000 drivers subscribing for just a month they already have reached a turn over.

I just hope it offers the same kind of experience Uber does: drivers are ranked, and thus can't act like taxi drivers.

PS: in Romania the rate/km is written on the cab. Even similar taxis can have very different rates. Most people don't see that and get screwed afterwards. In Vietnam they use fake counters and increase the price x10. I welcome any solutions to these problems (and Uber is def. one)

Django 1.9 Released djangoproject.com
264 points by jsmeaton  3 days ago   88 comments top 14
jsmeaton 3 days ago 2 replies      
This might be a good time to mention that Django is always trying to raise funds: https://www.djangoproject.com/fundraising/

The really quick turn around on tickets and pull requests is largely thanks to the Django Fellow, who is paid to manage the community. The last two or three releases have been on time because of the Fellow. The Fellow is funded via Django Software Foundation fundraising activities.

If your company is deriving financial benefit from using Django, consider asking your company to sponsor the fellowship program, so that we can ensure that bugs are getting fixed, releases are happening on time, and security releases are being processed as a priority.

(Disclaimer: core member).

jkarneges 3 days ago 4 replies      
Before anyone says something about Django not being hip enough for realtime stuff, just know that you can layer Pushpin (http://pushpin.org) in front of it. This may sound like a bandage but it's actually good design, regardless of programming language.

Disclaimer: author.

FabioFleitas 3 days ago 1 reply      
jMyles 3 days ago 1 reply      
If you are deploying a new django project, let me suggest hendrix (twisted + django) as your WSGI publisher.

hendrix makes concurrency simple, fun, and fast using Twisted, which is battle-tested and experiencing an amazing renaissance of young talent (as evidenced by the amazing vibes in the Twisted room at the PyCon sprints).


dudus 3 days ago 2 replies      
I'm curious what the redesigned admin looks like, does anyone have screenshots?
mangeletti 3 days ago 0 replies      
Thank you everyone who committed their time and code to this release.
rafaquintanilha 3 days ago 2 replies      
This is still better when you are able to experiment versions without quirks and workarounds. Hail virtualenv.
japhyr 3 days ago 1 reply      
I just got around to skimming the release notes, and I'm curious about running tests in parallel. I'm looking forward to upgrading, and seeing if this has a meaningful impact on my tests. I don't have a large number of tests yet; my project runs its full test suite in ~10 seconds at the moment. But I'm well aware this should grow significantly as my project matures.

Does anyone have any sense yet of how this affects the speed of the test suite in your real-world projects?


snogglemedia 3 days ago 4 replies      
Is the Django team planning anything big for a 2.0 release?
theli0nheart 3 days ago 0 replies      
Music to my ears! I literally just installed 1.9rc2 thirty minutes ago. Congrats to everyone involved in the release.
sparkling 3 days ago 12 replies      
Not looking to start a fanboy-war here; but i would like to hear some opinions. If you were to start a new small to medium sized web app today, would choose Ruby on Rails or Django?
cdnsteve 3 days ago 0 replies      
Parallel tests, curious if folks are seeing a big difference in their existing testing suite?

On_commit sounds nice.

collinmanderson 3 days ago 0 replies      
This is the second perfectly on-time major release in a row. Way to go team!
johndevor 3 days ago 1 reply      
What does the new admin style look like?
Facebook Sponsors Let's Encrypt letsencrypt.org
211 points by therealunreal  1 day ago   49 comments top 9
Cherian 1 day ago 4 replies      
Before the skeptical comments rush in, can we for a moment take a step back and appreciate this. Facebook has a lot of leaders who has worked in the industry for long and I am sure they understand the value as much as we do. Theres a very strong possibility that FB did this without any motives.
toomim 1 day ago 3 replies      
And the bigger news is that letsencrypt starts its public beta today! You don't need to buy SSL certs anymore! Wow! Someone submit this story!
brwnll 1 day ago 2 replies      
Is there any indication what the sponsorship money of Let's Encrypt goes toward?

Corporate sponsorship looks to be somewhere around $2m/year.

Is the money needed for scaling? Hiring engineers? Broadening product line?

Someone1234 1 day ago 5 replies      
I wonder why, really. I read Facebook's statement. But everyone always has internal motives (in particular when money is involved), and I wonder what Facebook gains from this?

I know why EFF/Mozilla does it (charity), Akamai do it ($$$ for them), Cisco might also profit from it somehow (e.g. upgraded enterprise appliances to support HTTPS on the proxy), but Facebook? I don't get Facebook's play here.

obeone 1 day ago 2 replies      
Being careful not to look a gift horse in the mouth, but...It is interesting that Facebook ($300 Billion market cap) decided to support at the $150k level instead of the $350k level (i.e. saving themselves from a rounding-error $200,000 additional commitment).

It cost them more than that to make the decision and the press release.

estefan 1 day ago 1 reply      
Cool project. I hope nginx support for the client isn't far away.
gmisra 1 day ago 1 reply      
Taken in isolation, this is a laudable move. But shouldn't it be evaluated within the context of their own internet.org initiative?

For those unaware, internet.org does not support TLS/HTTPS for most connections. It is probably the single largest attempt in history to remove secure access from a population, just in the name of advertising instead of national security.

merpnderp 1 day ago 1 reply      
React, Casandra, Flux, and tons more, Internet.org and now this? I can now feel a little less bad that every time I click like, that at least my personal information is supporting some great projects.


electriclove 1 day ago 0 replies      
Why not a Platinum sponsor?
Car turns driver in for hit-and-run wpbf.com
224 points by anigbrowl  21 hours ago   236 comments top 10
djsumdog 18 hours ago 18 replies      
You know how to reduce drunk driving? Invest in public transportation.

Poor people won't be able to afford self driving cars for quite some time. The US is a country where it's very difficult to live without a car, except in certain major cities.

I'm not excusing this woman's behaviour. She lacks major responsibility. But the world is full of irresponsible people, and building good public infrastructure helps in so many ways that there's no excuse not to build it.

Carrok 19 hours ago 0 replies      
Best line of the article:

> It was later discovered that Bernstein had been involved in another accident prior to the one with Preston and was fleeing from that incident.

So this hit and run was just the result of fleeing from a different hit and run.

> She said she had not been drinking and didn't know why her vehicle had called for help.


paulsutter 18 hours ago 1 reply      
The emergency call was apparently triggered by the airbag deployment[1]. For some cars, when the airbag deploys, a representative comes on the speakerphone to ask if everyone is ok, and whether they should call the police or an ambulance. It appears that the Ford system places the call automatically.

[1] http://corporate.ford.com/microsites/sustainability-report-2...

jusben1369 13 hours ago 1 reply      
I was recently at a dealership looking at a new car. The sales rep was showing me all of the phone and technology integration. He talked about how you could see incoming call/texts/emails etc on the display. Then he got a bit cagey about how you can enable and disable that feature. He looked at my slightly perplexed (naive?) face and said "Sometimes men don't like to have this information come up when driving with their wives" This sort of reminds me of that story.
bitJericho 18 hours ago 1 reply      
Well the day I let my car make decisions for me is the day I walk, or have a self driving car:)
Shivetya 18 hours ago 2 replies      
Well with self driving cars coming, will they be able to determine if they should let you take control? The technology to monitor eye movement is there and being able sense alcohol on your breath would not be that hard to pull off just by it sampling.

Listened to the whole 911 and the patience of the operator was just great.

"Sorry Mr. Peters, I cannot allow you take control of the car at this time, continued attempts to do so will result in total shutdown or notification of the authorities"

4684499 16 hours ago 4 replies      
Car's behaviors like this should be authorized by the owner.
ableal 19 hours ago 0 replies      
Featuring auto-playing video advertising from "a personal injury lawyer" yakking, with hand in pocket, in front of "IF YOUR NOT HURT" slides ...
x5n1 19 hours ago 2 replies      
if a self-driving car hit someone, and then called the cops on the driver. now that would be something out of a good sci-fi novel.
dang 20 hours ago 1 reply      
Kickstarter is Debt bolt.io
250 points by proee  2 days ago   57 comments top 18
bhouston 2 days ago 8 replies      
Just to be clear though debt is actually a preferred type of financing because it is one of the cheapest forms.

A venture investor is expecting a 10x return on their investment. That means they are expected a much greater realized interest rate than debt - money that effective comes out of the pockets of the business owners.

If you can get debt, if is often preferred if you can figure out how to manage the default risk.

You do not give up equity (which could be worth a massive amount), rather you only have to pay back the debt at some future time with some much minor interest.

Also interest is often tax deductable, thus debt has further tax advantages.

One Nobel winning economic theory leads to an optimal capital structure of 100% debt: https://en.wikipedia.org/wiki/Modigliani%E2%80%93Miller_theo...

Example: Apple is buying back shares (the opposite of equity funding), while issuing massive amounts of debt.

karmacondon 2 days ago 2 replies      
This article, and it seems the whole blog, is an amazing resource for anyone considering a hardware startup. Very clear and very helpful.

The funny thing is that kickstarter's official policy is that they are not a pre-sale platform. But if they were serious about this, they wouldn't let campaigns offer the product being developed as a "reward" in exchange for money. It's like amazon saying that they aren't a book seller, but they will give you a $30 book as a "reward" for donating $30.

I'm not sure if I fully understand the title of this post, though. The author points out that Kickstarter funds are to be used only for production related costs and therefore should be considered debt (they must be repaid, unlike equity). But, in reality I don't think that there are any legal or even ethical stipulations placed on money raised from Kickstarter. The money is being donated, and unlike business debt can be used in whatever manner without having to be repaid. Wasting Kickstarter money may or may not affect someone's reputation for awhile, but it doesn't show up on a credit score.

For this reason, it's always seemed to me that crowdfunding is the best way to raise money for anything. If you can do a crowdfunding campaign, do it. Most certainly for hardware. Then get a line of credit if you can, and raise money from VCs as a last resort [1].

[1] Other than Bolt of course, because their blog is so awesome that I'm thinking about pitching them right now.

xsmasher 2 days ago 1 reply      
Compared to three years ago, there are fewer game Kickstarters that offer physical rewards, and that's a good thing.

A lot of early campaigns wound up with a bunch of orders for physical goods (deluxe editions, t-shirts, figurines) that have a high marginal cost. Later (smarter) campaigns are offering digital art books and soundtracks instead, which have almost no marginal cost.

In short, don't get into the T-shirt / CD business TOO, in addition to your main product, if you can avoid it.

FussyZeus 2 days ago 1 reply      
I've kickstarted a few things, but only with tiny amounts ($24 and $12) and only for things that I couldn't find in the open market. I think Kickstarter has great potential and has brought about numerous things, but just like any tool it's got people who know how to use it and do well, and people who don't and blow their foot off.

This goes both ways: A lot of the large kickstarters that make the news usually have gotten gobs more money than they ever thought possible from way more backers than they thought they would get. Then they're buying offices, cars, some fancy headquarters and all this other bullshit they didn't need.

Were I to do that, not one sodding penny is going anywhere that isn't directly related to getting my backers what they paid for. I get that kickstarter isn't a store (people love to say that) and it's a risk, but just because the risk isn't yours doesn't mean you shouldn't mitigate it. You're spending other people's money for Christ's sake.

By the same token, there were a lot of people who got burned on obviously fake/impossible projects but quite frankly, that falls into the category of stupid tax for me. A fool and his money are soon parted, etc. etc.

I do wish there were more legal routes for burned backers though, in the current system the backers are taking all the risk and if someone's kickstarter goes tits up they just walk away, usually hardly affected (and potentially Internet famous). I understand that's the risk involved, but it effectively puts the people in charge of decisions in charge of managing the risk taken by people they have no legal obligations too, which never goes well. (See the Banking collapse.)

ThrustVectoring 2 days ago 1 reply      
This relates to why Kickstarter campaigns can be very lucrative to run - you raise funds without relinquishing any of your equity, which can later be sold for massive amounts of money (see: Oculus getting sold to Facebook)
jacquesm 2 days ago 1 reply      
This should be required reading for anybody doing a hardware startup, not just those using kickstarter.
orky56 2 days ago 1 reply      
In summary:

1) Kickstarter is debt financed by consumers directly (B2C) motivated by early access to product.

2) Factory financing is debt financed by production motivated by early fulfillment.

3) Purchase order financing is debt financed by consumers indirectly through retailers (typically) (B2B2C) motivated by early access to consumers.

4) Venture debt is debt financed by investors motivated by continued confidence in company.

ascorbic 1 day ago 0 replies      
Just over a year ago I ran a Kickstarter campaign[1] that raised just over 45k (about $70k). Because I was applying for R&D tax credits, I filed a tax return before I shipped the products. This caused a bit of a puzzle for my accountants. In the end they decided that they'd just not book the Kickstarter money as income at all until I shipped each reward.

It's good that the author mentions factory financing. It's not something I'd thought of before, but it ended up being a crucial part of my project's success. My CM initially gave me the standard 50% upfront/50% ex works. As the time to ship drew closer, it became clear that cashflow would be very tight. Luckily my CM was very flexible, and agreed to extended terms for the final 25%, which gave me time to sell a few more flashes and cover the last payment. Choose your CM wisely! I'm going to be placing an order for a second batch soon and will be angling for better terms still.

[1] https://www.kickstarter.com/projects/vela/vela-one-the-world...

MarkvW 2 days ago 0 replies      
Kickstarter is UNSECURED debt. Almost certainly unsecured debt, positioned well below undersecured secured creditors with liens on everything.

Kickstarter is tiny unsecured debt. Debt that is not economically worth any collection effort.

Kickstarter is all about faith and trust. Good luck with that.

ryporter 1 day ago 0 replies      
Another possible source of purchase order financing is existing investors. For example, I am a major investor in (and a board observer of) a young startup that is just ramping up production. I've indicated to them that, should the need arise, I would be willing to provide some financing to help bridge a gap in their cash flow. Obviously, I would have to be very careful not to massively concentrate my financial risks (or to throw good money after bad, if a loan is needed because the company is struggling). However, no bank is going to know them as well as I do, and, if it really is just a cash flow issue, then I am highly incentivized help them out. Any interest I would collect on such a loan would pale in comparison to the increase in the valuation of my stake in the company.
analog31 2 days ago 1 reply      
Granted, not taking enough risk is probably one of the reasons why I'm not rich. (Another reason is that I haven't had any great ideas). But in my risk-averse world, I have always thought that the idea of taking pre-orders is more to secure customer commitment, rather than to fund production.

I have a hobby business in a niche where I've seen a few small entrepreneurs take pre-orders (often 50% down payments), spend the money, go broke, and face a bunch of angry customers. They can't deliver product, and they can't refund the money. It's possible that those were cases where something like a family emergency pulled them under.

But watching those failures taught me the lesson -- similar to what the OP suggests -- that down payments are a loan from the customer. In my own case, I decided that it was preferable to risk my own money than somebody else's, and I kinda crawled out of the starting gates by doing all of my own production using small runs of parts. Thus my margins were lower, but my risk was commensurately lower too.

As it turns out, my business easily saturated its own world market quickly enough that I still sell a few units a week but am glad that I didn't try to scale up too soon. My only regret is that I have so far missed the chance to learn how to scale up a hardware business.

Paul_S 2 days ago 1 reply      
This is pretty much spot on but not necessarily for long. I'm really saddened by how badly kickstarter is being abused. There was a time when they could've put in vetting into the process but it's really late now. I fear people have grown wise to the fact that from their perspective this is essentially a costly way to pre-order in the best case scenario and a costly mistake in the more common case.
aikah 2 days ago 0 replies      
Depends on the project. If you are promised a physical product , then it is a sale :


I think that link provide an accurate description of what some transactions on KS are legally.

The problem is that KS TOS are vague on purpose, entertaining the confusion as backers have no legal status (hence the endless debate about what "backing" is), which is illegal in a lot of European countries. One day however even US justice will have to decide what is the legal status of backers once and for all.

steve19 2 days ago 1 reply      
It's not debt, there is no interest. It's just a liability. No different to Amazon taking a pre-order on an upcoming book.

Judging how many largish kickstarters end in disaster, I am not surprised the people running them don't use accountants.

adventured 2 days ago 0 replies      
This is plainly wrong. Kickstarter isn't debt, it's sales.

Both are obligations, but that is where the similarities end. Not all obligations are debt, unless you want to back the meaning all the way out such that it's no longer relevant to the kind of debt one would discuss around a business.

Sales and debt serve two different roles within a normal business and come with important, different legal requirements and nuance.

Easy proof: Kickstarter doesn't have the same legal protections that typical debt contracts do, not even remotely close. Kickstarter has legal protections a lot closer to what a sale comes with.

Schiphol 1 day ago 0 replies      
I thought the author might be making a pun with "Kickstarter is dead". It this something native English speakers hear too?
miseg 1 day ago 0 replies      
This may not be relevant on a "start ups" site of HN, but some people argue that debt is inevitable to grow any business, which I would argue against.
samfisher83 1 day ago 0 replies      
Debt usually has highest preference during liquidation. I don't see how kickstarter is like debt.
The Moral Character of Cryptographic Work ucdavis.edu
226 points by cscheid  1 day ago   90 comments top 15
pcl 1 day ago 2 replies      
From the abstract:

Cryptography rearranges power: it configures who can do what, from what.

I'd argue that the reverse is really the issue that needs more attention. Online systems that do not provide strong cryptography rearrange power, as compared to their offline equivalents.

It was not feasible to scan all phone calls for keywords in 1970, since that required effort from humans to do the patching and listening. The power dynamic changed when our industry brought those calls into a centralized, trivially-storable clear-text format. Encrypting the conversations is simply a partial return to the status quo of a few decades ago.

AdmiralAsshat 1 day ago 10 replies      
They lead one to ask if our inability to effectively address mass surveillance constitutes a failure of our field. I believe that it does. I call for a community-wide effort to develop more effective means to resist mass surveillance.

What's funny is that you could talk to any number of law enforcement officials who believe that the moral failing is on the cryptography community for not providing a "backdoor" into encrypted communications. Or to restate, "Please, Apple, think of the children!"

Morality is, unfortunately, subjective. Part of the argument is in convincing your opponent that your morality is superior to theirs. Or, perhaps, that their stance violates their own sense of morality.

tptacek 3 days ago 1 reply      
For anyone here who doesn't know who the author is, Phil Rogaway is one of the most important academic cryptographers; he's responsible for OAEP, PSS, OCB, UMAC, FPE, and the constructions behind XTS, the universal standard for disk encryption.

The meat of the paper is in Sections 2 (where the unintended power dynamics of some modern academic crypto research projects is discussed) and 4 (where he provides suggestions for important practical projects academic cryptographers should tackle). Sections 1 and 3 are written for an audience of academics who might be less familiar with the political implications of crypto than the typical HN reader.

Essentially, Rogaway is trying to convince mathematicians to embrace the practical and political impact of their work.

Colin Percival gets a nice mention towards the end of the paper. I'd be over the moon if I were him. Congrats, Colin!

pdkl95 1 day ago 0 replies      
> This makes cryptography an inherently political tool.

It always was.

Many developers like to stay out of politics. Concentrating on difficult technical problems is hard enough; adding in politics is therefor adding in unnecessary complexity. As the wonderful Tom Lehrer put it in his song "Wernher Von Braun"[1],

 Don't say that he's hypocritical, Say rather that he's apolitical. "once the rockets are up, who cares where they come down? That's not my department," says Wernher von Braun.
The problem with this is similar to the problem of abstaining from the vote: it's absolutely not a neutral position. Choosing to abstain from politics in general, like those that choose to abstain from the vote, is de facto a vote for the status quo and majority rule.

Not only is cryptography an inherently political tool, almost all software is political.

Software does not exist in a vacuum; the entire point of most software is that it has an impact on business, society, and the world. With the discovery of the General Purpose Computer, this impact can be very large.

It's easy to see why cryptography disrupts existing power structures. It should be similarly easy to see how software already overturned the traditional power structures in places like the stock market, manufacturing, and retail.

So please, consider what impact your software might have when you are writing it, or if someone already has a goal in mind. Maybe, in some cases, it's better to walk away. It;'s a hard question, but the answer is not to say "I'm staying out of politics". To quote Quinn Norton and Eleanor Saitta from their talk[2] at 30c3, there is "no neutral ground in a burning world".

[1] https://www.youtube.com/watch?v=QEJ9HrZq7Ro#t=16

[2] https://www.youtube.com/watch?v=DWg2qEEa9CE

dang 1 day ago 1 reply      
Posted a few days ago at https://news.ycombinator.com/item?id=10655418, but got so little discussion that we won't treat it as a dupe but have instead merged the threads.
jroitgrund 17 hours ago 0 replies      
The biggest thing I took away from this was reading the slides and seeing the FBI's suicide letter to Martin Luther King.

I didn't know about that, and reading that right after seeing the jury dury article on the front page today is chilling to say the least.

moyix 3 days ago 0 replies      
This is an important message to consider, and not just for cryptography. Everyone can benefit from thinking about the moral and social consequences of what problems they choose to work on, who they do them for, and what values the institutions they contract with hold.
jvvw 16 hours ago 0 replies      
This was one of the factors (certainly not the only one) that made me move out of the field of cryptography - I was doing work related to attempting to break a major cryptosystem and I realised that I wasn't completely sure what the right course of action was ethically in the slim chance that I succeeded. My background was in pure mathematics and up until I moved into cryptography, it seemed obvious that openess of information was an obvious good. However, once in the crypto field, it became much a much more ambiguous issue.
PhaseMage 1 day ago 0 replies      
I completely agree that Cryptography researchers should evaluate their work against their moral values. I feel the same thing about pretty much all engineering... I've been focusing on trying to design moral networking protocols.
zby 22 hours ago 0 replies      
Cyber-security in general is political. This guy is a cryptographer - so it is natural that he formulated this for his own area - but it is too narrow.

Hackers are now routinely the foot soldiers of the cyber-war of everyone against everyone - we need to think more about our own rules instead of following orders.

bryanhm 22 hours ago 1 reply      
Here we have what I think is a display of an intelligent mind specialized in one area, funded by a state institution, and weak at resolving moral conflicts. Computer scientists (and any self-respecting scientists) HAVE to separate their ethics from the interests of state institutions. Phrases in the paper resembling something like "where the cryptographer has a duty to serve the public and keep their self-interest in check" indicate this. I've read a paper recently on designing systems to have security exceptions for law enforcement and calling them "exception requirements" or something to that effect. This is the sort of thing a good study of ethics can help to resolve.
gcb0 16 hours ago 0 replies      
everyone has those talks 30yrs ago when crypto was labeled munition by the usa.

if this article has any content that warrant discussion, is how out of touch with reality the social sciences are.

... and sadly, yet another proof of how necessary Snowden was.

kluck 21 hours ago 0 replies      
It is the responsibility of the inventor to think ahead as far as possible about how an invention may do good and/or harm.
NHQ 1 day ago 0 replies      
sneak 1 day ago 2 replies      
So I guess we have a moralimperative to fork Chrome to actually enforce cert pinning even against locally-installed roots, then?
Anti-Disassembly techniques used by malware malwinator.com
179 points by cpeterso  3 days ago   25 comments top 8
jacquesm 3 days ago 5 replies      
Many of these techniques were pioneered by games programmers. The idea was that games should be played, not cheated and the same reverse assembly tricks apply and so the same counter-measures apply as well. One game that I'm familiar with had a never ending Matroshka like structure where each pass through a decryption routine would yield just another pile of gibberish and another chunk of code.

The game took a couple of seconds to start up due to this and it needed tremendous patience to get to the end. I gave up after the 50th or so level of trash, never figured out how many there were, for all I know it would have been the next one, or there may have been a few hundred more. One particularly depressing thing was that at level 40+ or so a message appeared at the beginning of the hexdump: "Does your mother know you're doing this?"...

userbinator 3 days ago 2 replies      
I wonder what is it about overlapping instructions that seems to confound even well-established (and expensive!) disassemblers like IDA Pro, since it's basically a solved problem; a long time ago, I wrote a disassembler that would just attempt to disassemble all the paths, and if instructions overlapped then it presented the alternate "streams" side-by-side until they merged together again. The first example would come out looking like this:

 40100E jz 401011 401010 call 8B4C55A0 | 401011 mov eax, [ebp+0C] | 401014 mov ecx, [eax+4] 401015 dec eax 401016 add al, 0F | 401017 movsx edx, byte ptr [ecx] 401018 mov esi, 70FA8311 | 40101A 40101C
This was in the early PC/XT days, so it handled 8088 and .COM files only, and only needed ~128KB of RAM to run (I remember it also swapped to disk(ette) when needed.) I probably still have the source (in Asm, naturally) and binary somewhere amongst all my 5.25" floppies...

kazinator 3 days ago 0 replies      
Overlapping instructions were used in some 8 bit microcomputers to fit code into a small memory. For instance, Apple II cards have a 256 byte window for a tiny I/O driver (the address of that window being slot-position-dependent, so the code has to be relocatable: plug the hardware into a different slot and the code moves.) Some cards use overlapping instructions in order to fit this constraint. (Cards can also provide a 2048 byte ROM. However, that was mapped to a fixed memory location shared by all the slots. Before anything jumps there, it has to ensure that the correct slot's code is currently selected for visibility.)

Interestingly, in nature there are some viruses which similarly have overlapping sequences in their DNA. That is to say, one entry point codes for a protein and then another entry point codes for another, and the sequences overlap.

seccess 3 days ago 2 replies      
An interesting thing worth mentioning here is that many of these techniques work because x86 is a variable length instruction set. A fixed length instruction set (ie, ARM) specifies jump targets as instruction offsets, not byte/word, so you can't jump into the middle of an instruction.
nes350 3 days ago 0 replies      
Similar (I think) techniques were once used by Skype[1]. I wonder how much they've changed in the past few years.

1. https://www.blackhat.com/presentations/bh-europe-06/bh-eu-06...

ant6n 3 days ago 1 reply      
I guess that's why QEMU translates small linear segments of machine code, i.e. code up to the next branch or jump.
StripeNoGood 3 days ago 0 replies      
Look at the Obfuscator from PELock


it does even more anti-re damage and it's been on the market for about 5 years?

rasz_pl 2 days ago 0 replies      
what a terrible website, minified obfuscated js keeps auto scrolling to the top, menu is broken, looks like js was tested on 'one true browser' only, reminds me of the good old IE or nothing days :(. Do NOT touch my document.documentElement.scrollTop :(
Is the new Zuckerberg fake charity an estate tax avoidance scheme? harvard.edu
230 points by zdw  1 day ago   201 comments top 23
ilyanep 1 day ago 21 replies      
Man, is anyone else seriously bummed out by how cynically everyone is viewing this announcement?

There's a rich guy who founded an organization, ostensibly with the hopes of doing something good with all that money that he owns. Maybe the organization doesn't go anywhere, or maybe he winds up paying less in taxes. Can't we all hope for the other side of the coin -- that he does wind up doing good for the world? Why not wait and see?

luckydude 1 day ago 11 replies      
I posted this on a different thread. I think it is tax avoidance.

One way to look at this is that Zuckerberg just robbed the treasury of $45B. Part of that would have come in through capital gains taxes and the rest through the estate tax.

What they do with that money is up to them, not the state. It's a pretty sweeping end run around the taxation system.

Maybe we'll get lucky and he'll use the money to good end like Gates is doing. And maybe not.

This is a heck of a tax code we've got, it's trickle down on a grand scale.


ganeumann 1 day ago 2 replies      
Greenspun would read the worst into whatever Zuckerberg did here, as seen by him starting the post criticizing the timing of Zuckerberg's marriage.

Why not assume the best? Zuckerberg said he planned to give away 99% of his wealth to help other people. That's a good thing. Why criticize him now? If he ends up not doing it, criticize him then. If all he was doing was trying to avoid some estate taxes, he could have done that without any announcement at all, certainly drawing less scrutiny.

Scrutiny is important here, because the IRS could disallow the application of the LLC estate planning loophole here just by saying so. The 40% discount for non-management shares is an accounting judgement, not a law, and not one the IRS need accept if it believes the sole purpose is to evade taxes.

onewaystreet 1 day ago 1 reply      
I wonder how many wealthy people are reading all of this criticism of Zuckerberg and are thinking to themselves: "On second thought, I'll just buy another boat." Remember how cool it was when Larry Ellison spent $500 million on that Hawaii island?
Gustomaximus 23 hours ago 2 replies      
More generally I've never understood why charity is tax free. When I or others to give money to charity that is great and I support that. But why do so many expect they can take from the governments pocket when funding a cause they believe in? Dont get me wrong, I understand 'the logic' to encourage charitable giving this is a net positive.

In my home country charities are often abused by business and individuals. Given increasing sophistication and selfishness of individuals non-profits and charities should be taxed like any other organisation. Ideally real charities would have very low tax rates anyway. They typically distribute income to causes creating expenses against income, basically turning them into very low margin and subsequently low tax business. And those that abuse this structure or hoard income can pay tax like any other business. Little bit controversial I know but I find this tax-free relationship is taken as 'its the way it is' without further thought.

sremani 1 day ago 1 reply      
If it were are tax avoidance scheme, Mr.Zukerberg would have been well served if it was all kept silent from public. For all his flaws, Mr.Zukerberg seems to be a guy who cares, and he will have my benefit of doubt until proven other wise. The vitriolic reaction to his announcement is uncalled for.
55555 1 day ago 0 replies      
There's no way to know; only time will tell. He either genuinely wants to maximize his charitable contribution to the world, or he just wants to avoid capital gains and estate taxes, and the smart choice of action (that which he has taken) is the same in either case.
stillsut 10 hours ago 0 replies      
At issue here is _not_ whether this one instance (Zuck) is a tax coward or a much needed 21st century philanthropist. Instead this is about whether our tax-code can raise tax rates on business-owning millionaires and billionaires to arbitrarily high levels and capture the desired revenue.

Economic historians have documented this type of tax avoidance in previous era of high taxes. When an executive was taxed 90% of his income, his salary was greatly decreased and instead got 2-weeks time on the company's (pre-tax) yacht.

These type of "global charities" are very disturbing at this moment when it is becoming clear that tax rate will need to be increased substantially in the future to pay for our growing deficit. Which means it will become increasingly desirable to be employed or make deals with one of these shell corporations (zero tax), while all the boring but actually essential things like construction will face huge tax burdens.

Ultimately, the big fear is that it will become completely rational to spend more effort trying to game the IRS then it will to do IRL value-add. (see Michael Lewis's piece on Greece in the run-up to '08 to see what this looks like)

peterjlee 1 day ago 0 replies      
I don't think Zuckerberg is trying to avoid estate tax but even if he is and if he's doing it legally, this is something we should complain to the Congress for writing bad tax code.
ricksplat 12 hours ago 0 replies      
There probably is a sneaky aspect to all this, but having seen the benefits of private philanthropy up close (to whit: Gates Foundation providing otherwise unaffordable HIV medication in southern Africa) I'd be slow to dismiss outright. It's not ideal, but for the people to whom this matters it makes not a jot of difference.
csmajorfive 23 hours ago 0 replies      
It would be pretty strange to tell the IRS that he's discounting the transfers 40% after publicly stating "we receive no tax benefit from transferring our shares."

If you believe in the government's ability to allocate money, you should probably believe in its ability to collect it, too.

umaguma 15 hours ago 0 replies      
A letter apologizing for his wrongs, announcing that Facebook will no longer collect personal information and that it will exist for users not advertisers, as well as promising to refrain from ever using the word "hacker" again to refer to himself or anyone at Facebook.

"Move fast and break things." Privacy: broken.

Won't fix. Sorry.

punee 19 hours ago 0 replies      
Okay, so now I'd like someone honest to read this whole thread and tell me with a straight face that Hacker News is "full of libertarians", as I read here from time to time.

I mean, there's someone here who doesn't understand why some people try to lower their tax bill by "taking from the government's pocket", and it goes completely unnoticed.

I can't be the only one to find this hilarious?

zkhalique 1 day ago 0 replies      
Somehow from what I know of Mark Zuckerberg, he's not exactly looking to sit on all those billions. The motives the article is imputing to him are wrong.
necessity 23 hours ago 1 reply      
If it is, good on him. Estate tax is just tax on something that has already been taxed.
gopi 23 hours ago 0 replies      
Foundation or LLC, when Mark dies only 1% of his wealth will be passed to his kids...If this is not Generosity i don't know which is
tzs 20 hours ago 1 reply      
> The letter to our daughter works pretty well as comedy, e.g., Medicine has only been a real science (emphasis added).

I'm not sure what the author is trying to say here. He cut out important context. The "..." was "for less than 100 years". While one might quibble with the exact number, Zuckerberg was reasonably in the ballpark.

> It also works pretty well as a dictionary example of optimism, with Zuckerberg imagining that a $1 billion annual budget is going to move the needle (NIH spent $31 billion in 2010, according to Wikipedia, and the drug companies keep telling us that they are spending some of their Irish dough on research)

The Gates Foundation spends about $4 billion a year, spread over many different kinds of initiatives. Their health spending is "only" about $1 billion a year, and they move the needle there. I see no reason the Zuckerbergs can't move the needle at $1 billion per year as long as they don't spend in too many disparate areas.

Here's an article from NPR that explains why it can be more effective to do charity and activism through an LLC instead of through a non-profit foundation: http://www.npr.org/2015/12/03/458276386/facebook-founder-to-...

Some excerpts:

 "A foundation itself is not allowed to do what the Internal Revenue Code defines as lobbying," he says. "If you're trying to achieve a social end through advocacy, you're going to find yourself very constrained, whereas if you're just paying it out of your own pocket if you're a company or an LLC, there are really no constraints at all, at least imposed by the tax code." In a public letter to their newborn daughter, Chan and Zuckerberg said about their philanthropic goals, "We must participate in policy and advocacy to shape debates."

 Mollie Cullinane, who runs a law firm that specializes in philanthropic giving, says creating an LLC instead of a nonprofit looks like a move by Chan and Zuckerberg "to get more deeply involved in advocacy and promotion of certain causes that other charities and foundations can't speak out about as loudly."

 But beyond politics, there are other ways an LLC will give the couple philanthropic flexibility. "There's a whole new area opening up, so-called impact investing, where you invest in a for-profit organization that has a social mission," Brest says. So the couple might invest in clean energy companies, for example, and could make money off those investments. Foundations can do some of that. But, Brest says, "you are freer from any restrictions if you simply do it through a private company."

zatkin 1 day ago 0 replies      
Has there ever been a multi-billionaire/millionaire that did the same thing?
dang 21 hours ago 2 replies      
We detached this subthread from https://news.ycombinator.com/item?id=10674462 and marked it off-topic.

This is the sort of reflexive hit-meme that people trot out at every opportunity, but it adds no information and leads to no insightful discussion. It's merely a way of being uncharitable, and like most predictable things, is utterly tedious, which means it shouldn't be here.

Those of you who disagree are invited to imagine the world repeating the most misconstruable thing you said when you were 19.

logicallee 1 day ago 0 replies      
no, next question.
x5n1 1 day ago 0 replies      
$45 billion dollars for me. $0 for the US government. Why did they give me this tax avoidance loophole? Same reasons those "dumb fucks" gave me all their personal information, I guess. It's good to be King.
facebookcia 1 day ago 0 replies      
> The letter is a significant addition to the literature of comparative American victimhood: Can we truly empower everyone women, children, underrepresented minorities, immigrants and the unconnected?

Expect FWD.us and similar outfits to be showered with cash.

gizi 1 day ago 6 replies      
Wait a second. Mark did not steal his money. It is his money. Hence, he does what he likes with it. If you believe the estate tax department should have his money, let them set up a Facebook project. What is stopping them from creating similar value? Are they really waiting until someone else does it, to leech from him?
       cached 5 December 2015 05:11:03 GMT