> This friend recommended nvd3.js, presumably because youre not making real graphs in 2016 unless your graphing library is <something>.js and requires at LEAST one other <something else>.js as a dependency. Everyone looks at you like what, you DONT already use <something else>.js? Jeez say goodbye to your Hacker News karma. Just apt-get install npm && npm install bower && bower install- NO STOP IT THIS ISNT WHAT TIM BERNERS-LEE WANTED.
edit: as huckyaus mentioned in a different thread, author did http://swagify.net/ as well. In completely unrelated news, I'm changing my handle to [Tr1Ck$h0t][LEGIT][60x7]$$$C30C0DER$$$, that will make me really popular among the cool kids.
I like this part. As a developer I've often looked at the network usage of large websites / web applications and it's always surprising to me just how...unoptimized it is as far as network connections go.
I mean Facebook loads decently enough and all I'm just surprised the first load isn't condensed into a small, handful of network calls to save on latency.
Great article. And a further reminder why Facebook kinda sucks.
Could these just be keep-alive requests? For example, the mobile app checks whether it's still connected?
On a side note,
> If youre wondering why the response starts with for (;;);, its to, among other things, encourage developers to use a quality JSON decoder, instead of like, yknow, eval().
This is wrong, as I commented on the linked StackOverflow post, perhaps a bit too strongly. But it's really frustrating to see that people have misconceptions because of incorrect answers on StackOverflow.
Oh and did not know about the Copy as cURL feature on Chrome!
SELECT uid, name, online_presence FROM user WHERE online_presence IN ('active', 'idle') AND uid IN ( SELECT uid2 FROM friend WHERE uid1 = me() )
Perhaps, buy some targetted ads about 'SleepCycle' and show them to the naughty ones who sleep less than 6 hours. :P
Nice with this data I might finally and truly finish my Social Alarm Clock idea and do so in which it truly improves the sound of your alarm clock; one that always makes you smile, laugh, etc.
There's been tons of social alarm clocks(from Justin Bieber to Nestle to Sony to Wakie, etc) since releasing sleep.fm in 2007 (a century ago in Internet years) yet no one has executed on the idea properly.
Data Science of the Facebook World
And how about for advertisers? "Get your sleeping pills here" type ads?
I also bet that Whatsapp has this feature since I often see "Last seen at ...".
Personally, I have chat off all the time on FB, and I don't have the Messenger (or FB) app on my phone either, so I guess I'm always sleeping :)
Thanks for all this amazing info!
peace - [2edgy4u][ev REE DAI][24x7BLAZEIT]|ggg10Bzzz|
Especially loved all the links to Facebook :D
p.s. I am hiring ;)
The Dangerous All Writs Act Precedent in the Apple Encryption Case
"Tim Cook, the C.E.O. of Apple, which has been ordered to help the F.B.I. get into the cell phone of the San Bernardino shooters, wrote in an angry open letter this week that the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. The second part of that formulation has rightly received a great deal of attention: Should a back door be built into devices that are used for encrypted communications? Would that keep us safe from terrorists, or merely make everyone more vulnerable to hackers, as well as to mass government surveillance? But the first part is also potentially insidious, for reasons that go well beyond privacy rights.
The simple but strange question here is exactly the one that Cook formulates. What happens when the government goes to court to demand that you give it something that you do not have? No one has it, in fact, because it doesnt exist. What if the government then proceeds to order you to construct, design, invent, or somehow conjure up the thing it wants? Must you?"
In my not-a-lawyer opinion, I think that Apple will absolutely take this as far as it can. With only an 8-member court, Anthony Kennedy becomes even more important than ever.
We should be lobbying SCOTUS harder now than ever before. We need them to rule against this far more than we need to be calling congress people.
We need the Supreme Court to act with the effect of precedent. But I'm not optimistic. We would need Roberts and Thomas to back off their national security platforms, and we need RBG and Kagan to understand the problem better.
Kennedy is a wildcard, but if we can explain the issue in plain English to those key people and get them to agree, this is doable. Alito and Sotomayor will fall in line.
If we do our jobs as members of the body politic, write amicus briefs, and hound the members of the court, this is doable.
Thomas and Roberts can be swayed. So can RBG and Kagan. It would be an easier 5-4 decision with Scalia still around, but this is possible without him, and we need to focus our efforts.
I'll be putting my money where my mouth is over the weekend and creating a website that submits comments to the individual justices. I'll also be asking for help/edits on the boilerplate I'm offering as a starting point.
Basically, the FBI shot themselves in the foot by changing the password for the iCloud account within a day or two of the incident, instead of consulting with Apple. This meant the phone couldn't auto backup data which is why the snapshot of the data is not necessarily the most recent. Had they not done this they would have been able to connect the phone to a power outlet and a wifi connection, and it would have uploaded the data to Apple's servers from which they could have asked Apple to acquire the data.
Both Apple and the FBI have been requested to appear before a bipartisan committee to answer specific questions about the case.
If so, in FBI logic, in the future there could be a more legitimate need for Apple to comply because a suspect could have a WMD. But so far no such threat exists.
However, let's distort the issue and exploit this opportunity now knowing few will go against law enforcement tactics against the San Bernardino killers?
Because they will need the power in the future but the public has to be scared into acting now to prevent the real hypothetical future attack?
He claims that the FBI already has all of the suspect's communication records as retrieved via service providers, but ignores the important detail that iMessage uses end-to-end encryption, rendering any such records unobtainable by the service provider.
Yes, the last backup was six weeks prior to the phone being seized, but this only means that the phone may well include six weeks' worth of pertinent evidence. And there is nothing to suggest that the FBI is only interested in messages between co-workers.
Ultimately, the phone's data would need to be decrypted and analysed to see if the first four assumptions that Snowden makes are actually true.
The final assumption is that there are other feasible technical measures that could be taken to crack this phone. This would perhaps be the most interesting point, but Snowden chose to not expand upon it at all.
I went to a RightsCon in the midst of the Arab spring. Talked to folks with friends that were being "disappeared" based on what was on their phone.
Meanwhile, David Chaum is suggesting a secret sharing scheme:http://www.therebel.media/david_chaum_restoring_internet_pri...
"Chaums proposed Privategrity system would use nine special servers in nine different countries to encrypt users' data. The theory is, the system would almost always prevent mass government surveillance but would allow government access to combat terrorism or child sex abuse."
I'm convinced they have a wish list in wait for every tragedy. Next on the list was getting a back door on every cellphone.
The FBI already have what they need, by illegal means. Unfortunately, due to security, they're stuck.
Any truth to this?
Around 10-15years ago privacy issues were almost unthinkable (phase #1) (average person didn't think about privacy too much), then wikileaks came out, then Snowden (phase #2, radical) and so on.
Sure FBI has access to phone calls in San Bernardino case, but they are making buzz in news, in order to step to next level, probably from sensible phase into popular, then naturally next step would be `policy phase` and surveillance would be totally legal and everyone will accept this, if not we, then next generation would accept it.
 - https://en.wikipedia.org/wiki/Overton_window
EDIT: Previous item: https://news.ycombinator.com/item?id=11120365
If Apple, as a legal "person" , can be compelled against their will to create something that does not exist at the government's will, then what is holding the government from compelling an individual to do the same?
It has been a long time since the citizenry last needed to fully engage the Check Boxes of Government: Soap, Jury, Ballot, Ammo. A lot of folks are having a hard time believing the last one is an option. Know Your Roots, indeed.
I'm sure if must be an early version of iOS 9. Probably lots of zero days (that are no longer zero days) available.
Given their budget and their ability to keep things under wraps (eg: consider the scope of PRISM and how they ran that for close to a decade), is it that crazy to think this is a debate they don't care about winning?
Teams at universities made 16 qbit machines something like 5 years ago. D-wave claims 512 qubits today. I don't think it's out of the question that NSA is far ahead of both of them. D-wave employs "100+ people" according to Wikipedia. NSA is estimated to have upwards of 30,000.
It makes a lot of sense, then. NSA got caught with their pants down, naturally backlash from it is still happening today. So if your opponents are going to be winning some ground back, the best PR move is to have them win ground that doesn't matter. (Or that won't matter in a couple years.)
I think these debates about the necessity of key escrow and modified firmware are conversations they're having with the intention of losing, to prevent meaningful pushback but to still provide the illusion of it.
It just doesn't make sense to me that they would invest billions into dragnet infrastructure with the knowledge that something as inevitable as letsencrypt or an iPhone passcode could make it all useless.
Edit: wording and some additional comments
1. Can't prove all when there's data that hasn't been retrieved (encrypted data). What they do have is irrelevant.
2. What they do have is irrelevant...is this a pattern?
3. What they do have is irrelevant. Also, coworkers aren't what they are looking for...wtf
5. Unsubstantiated and unlikely that Apple has a way to break it's own strong encryption. Apple probably can disable the bricking-by-attempts. If the FBI are so damn confident the 256-bit AES key can be bruteforced, they can damn well do it themselves.
The fact is that the world is divided between users of the Macintosh computer and users of MS-DOS compatible computers. I am firmly of the opinion that the Macintosh is Catholic and that DOS is Protestant. Indeed, the Macintosh is counterreformist and has been influenced by the "ratio studiorum" of the Jesuits. It is cheerful, friendly, conciliatory, it tells the faithful how they must proceed step by step to reach - if not the Kingdom of Heaven - the moment in which their document is printed. It is catechistic: the essence of revelation is dealt with via simple formulae and sumptuous icons. Everyone has a right to salvation.
DOS is Protestant, or even Calvinistic. It allows free interpretation of scripture, demands difficult personal decisions, imposes a subtle hermeneutics upon the user, and takes for granted the idea that not all can reach salvation. To make the system work you need to interpret the program yourself: a long way from the baroque community of revelers, the user is closed within the loneliness of his own inner torment.
You may object that, with the passage to Windows, the DOS universe has come to resemble more closely the counterreformist tolerance of the Macintosh. It's true: Windows represents an Anglican-style schism, big ceremonies in the cathedral, but there is always the possibility of a return to DOS to change things in accordance with bizarre decisions.....
And machine code, which lies beneath both systems (or environments, if you prefer)? Ah, that is to do with the Old Testament, and is Talmudic and cabalistic.
(from here: http://jowett.web.cern.ch/jowett/EcoMACDOS.htm )
Possibly my favorite part:
"What you say is very fine, Adso, and I thank you. The order that our mind imagines is like a net, or a ladder, built to attain something. But afterward you must throw the ladder away, because you discover that, even if it was useful, it was meaningless. Er muoz gelchesame die leiter abewerfen, s er an ir ufgestigen . . . . Is that how you say it?"
"That is how it is said in my language. Who told you that?"
"A mystic from your land. He wrote it somewhere, I forget where. And it is not necessary for somebody one day to find that manuscript again. The only truths that are useful are instruments to be thrown away."
The "mystic from your land" was Ludwig Wittgenstein, who said that in his Tractatus 591 years after that conversation was set, in modern rather than medieval German ("Er muss sozusagen die Leiter wegwerfen, nachdem er auf ihr hinaufgestiegen ist") - "he must, so to speak, throw away the ladder after he has climbed up on it".
For those who haven't read anything by Eco but want something more digestible on a Friday evening than a novel, I highly recommend his essay Ur-Fascism. Eco was brilliant and had a clear-eyed view on the lasting impact of the Middle Ages into today... and it's pretty clear how growing up in a fascist society impacted his views.
His reflections on fascism remain as important as ever.
RIP -- Mr. Eco. Your books instilled in me the love of reading when no one else could. I will always owe you one.
Umberto Ecos Antilibrary: Why Unread Books Are More Valuable to Our Lives than Read Ones https://www.brainpickings.org/2015/03/24/umberto-eco-antilib...
Mr. Eco you will be missed.
I read Baudolino some years ago, but didn't come away from it with the same sense of awe that I got from reading Name of the Rose, or Foucault's Pendulum.
If we still think of the totalitarian governments that ruled Europe before the Second World War we can easily say that it would be difficult for them to reappear in the same form in different historical circumstances. If Mussolini's fascism was based upon the idea of a charismatic ruler, on corporatism, on the utopia of the Imperial Fate of Rome, on an imperialistic will to conquer new territories, on an exacerbated nationalism, on the ideal of an entire nation regimented in black shirts, on the rejection of parliamentary democracy, on anti-Semitism, then I have no difficulty in acknowledging that today the Italian Alleanza Nazionale, born from the postwar Fascist Party, MSI, and certainly a right-wing party, has by now very little to do with the old fascism. In the same vein, even though I am much concerned about the various Nazi-like movements that have arisen hereand there in Europe, including Russia, I do not think that Nazism, in its original form, is about to reappear as a nationwide movement.
Nevertheless, even though political regimes can be overthrown, and ideologies can be criticized and disowned, behind a regime and its ideology there is always a way of thinking and feeling, a group of cultural habits, of obscure instincts and unfathomable drives. Is there still another ghost stalking Europe (not to speak of other parts of the world)?
Not a bad film too with Sean Connery and Christian Slater.
"On Friday (February 19) the author's reps officially confirmed that Umberto Eco is not dead. He joins the long list of celebrities who have been victimized by this hoax. He's still alive and well, stop believing what you see on the Internet, they said."
- Wikipedia reverted the notice of his death, saying it was a false rumor:
Edit: Now Wikipedia is saying that he's dead.
Edit2: Now the BBC is reporting his death: https://news.ycombinator.com/item?id=11137855
(Which he/they have, transporting/merging the comments with this story... that was kind of weird)
See also: http://www.apple.com/customer-letter/
So does it mean that Google will no longer index full WSJ articles or does it mean a change in the Google's policy?
From the ABA: "Exceeds authorized access is defined in the Computer Fraud and Abuse Act (CFAA) to mean "to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter."
To prove you have committed this terrible felony, the FBI will now demand that Apple assist in disabling the secure enclave of your device in order to access your browser history. But remember, they only need to do this because they aren't allow to MITM all TLS and "acquire" -- not "collect" -- every HTTP request your machine ever makes. </s>
(See the second precept here: https://en.wikipedia.org/wiki/Five_Precepts)
I think the relevant point, underscored by the author's last sentence, is it doesn't matter who you open a back door for - it opens the possibility for anyone to barge through.
EDIT: The "paste a headline into Google" trick still works for me, though. If this continues to be the case, they will keep indexing, of course.
Take a look, for instance, at the WSJ.com home page with an ad blocker turned on (note all the missing letters and scrambled up titles). They want me to pay, and they want me to see ads, and they want to track my behavior? Should I send them my DNA also?
Organizations like WSJ are exactly the disease that causes ad blockers to proliferate and ruin the web for all the decent publishers. They're at war with my privacy (by breaking their site intentionally when I visit with a blocker on). They want it all, ads, tracking, your private data, and subscription revenue, not to mention...
# Agenda-Driven Content
I mean, we're basically talking about NBC or Fox here, just on the web. Imagine every morning when you woke up you turned on the television and tune to some "news" show. After talking about the weather, they start talking about a lost pickle that is thought to be potentially alive and moving about with free will. Over the next two years, talk about the same pickle extends to every other TV show. Before you know it, everybody in the nation is talking about the same pickle. Years go by, and that pickle has become a part of our society, and that's not because people are born with an innate care the well-being of pickles, but because "news" shows taught them to be.
That's not a good position to be in. I have to believe I'm not the only one in here that doesn't watch any TV. So, why do we all treat the same media giants differently on the web? We crave their content so much that we build browser add-ons to get to their content, etc.
Additionally, I would like to point out that I wrote a Varnish extension for the express purpose of validating User-Agent strings through DNS lookups, and is available here: https://github.com/knq/libvmod-dns
It was built because we had specifically a problem with bad bots crawling a large site (multiply.com) and this was one of the easiest ways to filter out the bad bots from the good, and to enforce robots.txt policies on a per bot basis. It works very well, as you can do any kind of DNS caching internally and prevent this kind of behavior, if that's your goal.
Are they running afoul of Google policies and going to get pinged by Google?
I can't find the text from Google now (when can you ever find any docs at google?), but I am very certain I remember reading from them that you may not return different content to GoogleBot based on User-Agent.
That being said I do enjoy their content, save for maybe the op-eds.
Otherwise, why would expertsexchange be obligated to provide the answers at the very bottom? Did something change?
Those signatures could obviously leak, but on a per-domain basis. Perhaps the domains could have a secure way of bumping the valid key generation if they had a leak.
That is completely idiotic if there is a string you can put in a Mozilla browser config that is literally illegal to browse the web with.
Also, isn't it illegal to bypass computer security?
I then pasted the headline into google and clicked on it from Google results and did not get hit by the paywall.
Great idea here guys
I thought that google deemed providing search results which were behind paywalls as a "bad experience" for their search users, and would penalize websites for doing so.
Is this no longer the case?
Not an SEO Expert here, but wonder how and whether Google will end up handling that. I mean making an exception could also be considered abuse of power in some countries of the world. Don't have any strong opinion yet on that, just saying that because of how the EU exercised certain laws in recent years.
User-agents are notoriously unreliable.
2. The idea that this is somehow new is wrong. The way for a server to identify crawlers have "always" been to look at the user-agent, and, when done right, IP, verified either by net block owner or by doing PTR lookup and then checking that the A or AAA record for the claimed host points back at the same IPv4 or IPv6 address. Meanwhile, I do agree that paywalling is a more recent phenomenon, at least with regards to the extend it is popular among sites today, but the concept of presenting different data to crawlers and visitors arose much earlier and is something Google have been aware of and has made sure to delist such sites when found, whereas in fact Google has since then moved abit in the direction of allowing it in that they do so for Google News if declared as explained by others ITT.
So in my view, it seems that the author is jumping to incorrect conclusions based on an incomplete understanding of what's actually going on here. What then about the HN readership, how come this article became so highly voted and I don't see these issues raised by anyone else? Or maybe I'm just crazy?
EDIT: I must highlight the point about checking lot of boxes. In many discussions about features of programming languages, we get responses like, "language Y does that too. Why not choose that language?" Well, because we don't pick languages for one specific feature. We pick them for the combination of features.
The reason I will almost never use Go for web apps is because interaction with databases is limited (almost entirely) to raw queries. Maybe I'm spoiled by the likes of Active Record, Sequelize, Mini-mongo, Sql-alchemy, etc, but it's a huge drop in efficiency to spin my own SQL.
The point to take away here is that Go, more so then many other languages IMO, has its strengths and weaknesses. If you use Go in one of it's weaker use-cases you're gonna have a bad time. If you use Go for one of it's strengths you're gonna have a great time.
See you guys and gals in n weeks when we need to rehash the pros and cons of Golang again.
Am I being stubborn in my longing for an npm, Ruby Gems, or pip? Is there a reason why one of these hasn't emerged/been adopted by the community? (I'm aware of the 1.5 experiment with vendoring.)
Semver and pinning versions has always just made sense to me. I can easily adopt new features and fixes automatically without worrying about things breaking.
How does the community feel this far along?
What Go is lacking at this moment in my opinion is:
1) A comprehensive and mature web framework. Play w/ Scala is my go-to choice now, with Django a very close second.
2) A decent cross-platform GUI toolkit; heck, I'd settle with Qt and/or .NET bindings for Go. The power of Go is statically linked binaries, and I think the area of desktop applications will be easy to target if a good solution emerges.
if err != nil ...
I know you can do if ; err!=nil but that not that much better and you end up in deeply nested if blocks.
i have to mentally block out err !=nil to read any gocode linearly. How is this acceptable, I don't get it.
We recently scanned all the open source projects we could find and discovered that this snippet occurs only once per page or two
This seems false from my experience, def way more than 1 or 2 instances per page.
Still can't get over the moment I realized that in order to deploy my web server on an empty virtual box all I had to so was to build and upload. After all the languages and frameworks that required endless customization and setting up it was a true eureka moment.
1) Supposed I have a library that was written in C that receives a security update which is used in a Go program. Under what conditions do I need to get a recompiled version of the Go program.
2) Supposed I have a library that was written in Go that receives a security update which is used in a Go program. Under what conditions do I need to get a recompiled version of the Go program.
3) Is there a way to tell from the binary that the program was written in Go?
Trying to figure this out for my Sys Admin dealing with Vendors role.
Complexity isn't free. Java might have and abundance of tools, IDE's, language features etc, but you can't claim that matching up every Go feature or tool with something superior found among the huge Java universe makes Java superior in every way.
I find that there is an unfair assumption being used by the Java advocates, here which is that every software developer has a deep knowledge of Java.
As one of those people who can certainly write Java code, but who is not familiar with the Java eco system and has not spend a lot of time with I must say that Go to me is a clear winner.
My exposure to professional Java development has been quite frustrating compared to writing Go code. Every Java project I have gotten has used some different built tool: Ant, Maven or Gradle. They have also all seem to use different IDE's. The complexity of each of these tools is staggering. Considerable time has to be spend learning these tools.
Go in comparison is laughably simple. You can get productive in less than a week without ever having used the dam thing. The tools and the libraries are very quick to get into. In fact I find Go code so easy to read that although I am an iOS developer by trade, I frequently read Go code to understand how various algorithms and network stuff works.
An organization would easily be able to add people to a Go project without much previous exposure to the language. Adding people with limited Java knowledge to a Java project however would be far more expensive. Considerable time would be needed for training.
There is a lot of money to be saved from having a well thought out standard library combined with a simple language with simple well thought out tools.
As a Swift/Objective-C developer, my major gripes with my development process is actually the complexity of the tooling. Both Swift and Objective-C are fairly straightforward languages IMHO. In this regard I greatly envy Go developers although I do enjoy the strong typing and generics in Swift.
I went with Go because it was easy to use and understand. I could read other people's code easily( Even with a large code base, I have never found myself scratching my head trying to figure out my own code does), could set up my workspace in less than a minute and all the text editors I used (sublime, Atom, Vim) supported it. I Don't really care about the fancy IDE's. Just syntax highlighting and code completion is good for me.
I started learning go on September 2015. And I have managed to implement the porter stemmer algorithm and an inverted index in it. Miss generics but LOVE interfaces. The fact that any concrete type that implements method 1 satisfies interface 8 is awesome. You can easily reuse code from different package without changing anything.
Notably new this time is transparent http/2 support and tighter rules for integration with C.
0. could lto optimize or link against a shared library to reduce the titanic size of compiled programs and cut down on duplication of instruction. Therue is no practical sense in wasting memory and storage on systems with dynamic linkers: edge cases of including the world for rare situations but YAGNI in real production systems.
1. could output flat binaries and self-host runtime (panics) for practical kernel development in Go
2. Generics (both types and immutable constraints), I think C++1z has the right approach to this (and constexpr and constant arrays are nice and are able to provide more hints to the compiler).
I also wonder why Go wasnt developed as an IR compiler / llvm frontend, because it would've levered an existing debug and portability ecosystem with much less work.
However, the _language_ doesn't give me much programming pleasure alas. Since there is plenty of time for Christmas, here's my syntax wish list :)
'?': C's if-then-else operator.
Block-syntax for closures ala Ruby. Unifying blocks and closures makes creating DSLs easy, but doesn't add to cognitive load (no more than using anon funcs)
Pattern matching like Scala, ML, Rust.
Sum types -- (Yeah, I lied. Not just syntax enhancements), or at least discriminated unions. I'd like to see an example (in the FAQ entry on the topic) on why support for it is troublesome.
For 2017 Christmas, -------------------
Macros ala Nim.
Systemic support for Goroutines, including detection of conditions where a goroutine would never get scheduled. Erlang-like tools for built-in goroutine insight.
My ideal language would be an intersection of Nim+Go
Personally, I prefer to write code in a functional manner. While I've always thought Go looked like an amazing platform for programming in general, I haven't been keen on moving to another imperative language.
It seems the landscape for functional alternatives are mainly Scala and Clojure which are both based on the JVM and require a bit of time to learn the tooling. I am not a Java or JVM export, so I haven't been too inspired by this either.
That said, there were a few points I noted, based on a recent go I gave it (pardon the pun), at least in relation to my style of development for this project:
1. It's hard to tinker, mostly because it's fussy about what variables are defined or used. This is a strength in the usual course, but when one is trying to posit what a poorly documented 3rd party API is doing it can be a serious pain.
By tinkering, I found that I often had to comment out or uncomment lines, or handle or ignore errors. There was a lot of flipping up to the beginning of the file. I would spend so much time fiddling with the lines that I would at times forget what I was even trying to do.
I might just have memory problems, I acknowledge. :)
However, what would make sense is a go "mode" where it runs in a non-strict way, with what would ordinarily be errors being warnings. A "tinker" or "whirl" mode, so to speak, that softened the requirements so one could get a better sense of what was happening before committing to a design.
An interpreter mode might also be quite valuable, to address this problem and the ones below.
2. Error propagation - I see the point of errors being returned and the lack of a "throw/catch" style, and its benefit, but I feel it's a lot of typing for marginal gain. I usually end up with an error propagating a set of strings that ultimately conclude as: "Database error: transaction error: processing error: http error: reason", which is to say: equivalent but less information than a stack trace would give. I see the mandatory error acknowledgement simultaneously as a strength and a waste of time, and I admit being on the fence about it.
3. The next point I am not on the fence about: Debugging. It is not apparent how to get a stack trace, and the best option looks like including a third party application that generated errors. For the obvious and reasons below, this is a problem.
4. Package management: This was fussy and could be time-consuming. It is not apparent to me why one needs a GOROOT and a GOPATH. I think Python's virtualenv gets it right, by comparison. A second but related problem is package versions. Maybe I'm missing something, but making sure you get the latest semantically equivalent version (in the semver sense) was not apparent.
5. Package debugging: If you include a 3rd party package, and it's broken in any way, it's a veritable quagmire to identify and fix the problem. My experience was that the best way to debug a third party package was to block and copy all its bits and then debug it as a local source in your own. Obviously this is bad for a long number of reasons, and I might be missing something, but no more apparent option appeared when I investigated on how to tell what is even happening inside third packages.
6. Automated testing: I've not seen a test runner that reloads when source files change, particularly one that might be used with goapp from AppEngine, meaning go auto-testing can be quite a bit of patient thumb-twiddling as the binary reloads.
Which is all to say that there are some concerns about developing a larger project in this language, particularly if there is quite a bit of complexity that needs lots of testing or potential debugging and/or inclusion of many third party packages.
I've not reviewed the 1.6 notes, so perhaps these are addressed to some extent there.
In any case, none of the issues above is insurmountable, and overall I give the Go design a lot of credit for experimentation and interesting choices, but the issues I've seen above give me pause before committing a team to the language for the moment.
That seems a little bit distasteful.
A google seach show that you could build for NaCal in Go 1.3 but only run it in special builds not Chrome itself.
Does anyone know if that was included in this release?
Edit: Blog post up: https://blog.golang.org/go1.6 maybe change the article link to that?
Mods, maybe change OP link to this?
I'd love to hear any thoughts on how to make this less painful.
My first experiment with in-app advertising (promoting the beta version through a popup dialog) has gone well, with a 31% click-through rate, and of those 25% downloaded the beta.
I would love it if they'd make a "dark" titlebar version of the window chrome. My setup currently has windows without any titlebar at all (thanks to iTerm for that feature!), but it makes rearranging windows challenging.
I look forward to trying out the newer features!
Give George a donation through the Donate button on his site (https://iterm2.com/) to let him know how much we care about this tool. Takes 10 seconds if you have PayPal.
- It's called iTerm2 Version 3 now, rather than iTerm3- It's called iTerm2 Version 3 now, but the actual app version is 2.9
Couldn't find anything similar on Windows. I used MobaXTerm which is ok but never feels as polished and slick as iTerm. Especially iTerm's own fullscreen mode which allows to quickly alt-tab is great.
For someone who tmuxes for tabs and splits, what am I missing?
Its version names are confusing.
Does that mean my session is not really closed until 5 seconds after I closed it?
Anyone know how this works? From my basic (possibly incorrect) understanding, iTerm currently spawns a bash shell for each tab which in turn has its own children for its processes; so killing iTerm would kill all of its children. Does it use a separate daemon process to spawn children now?
I'm looking to replace TotalTerminal with iTerm (since TT doesn't work on El Capitan without making OS X less secure), and tried using a function key to hide/show a small iTerm window, but while that does work, the problem is that when it shows the small window, it also shows my regular large iTerm window as well (which I have always running) and the times when I want to show the small iTerm window I don't want the large iTerm window obscuring what's behind it.
Not sure if I explained that well, but that's what I'm hoping to find a way how to do: basically have a small, TotalTerminal-like iTerm2 window that pops up when I hit a certain keyboard shortcut, without also bringing up any other iTerm2 windows that I may have running in the background.
I'm also open to suggestions for other TotalTerminal replacements that work on El Capitan.
It does look very polished! Just two things:
When you choose "No title bar", the rounded corners and drop shadows all disappear so it looks a bit too "sharp".
And it would be really great if you can add an option to specify internal padding, similar to urxvt's internalBorder.
Great work and thanks again!
"iTerm2 can change your profile (for example, affecting the color of your terminal) when you ssh to a remote host, when you run sudo, or even depending on your current directory."
Like many people, I use profiles mostly to have different colors for different hosts. This will make my workflow a little easier and a lot more consistent Every. Single. Day.
I donated a while back and will be donating again tonight.
I've used this application for years now and without it, I would be useless.
I do 99% of my development within it, so it really is a super important tool for me and I'm very very excited to see it's continued improvement.
So far, this release seems it will finally make me switch.
Android, Samsung S4, Chrome V. 48.0.2564.96
ps. people should run iterm, and then press cmd-/ to see something fun! ive seen them change a few times.
And that Dill was partially based on her childhod friendship with Capote.
This seems to be well established now in pop culture and art, but I was completely unaware when I first heard.
The fact the world has such inspired people, despite their stressful surroundings was a blessing to us all in the form of great art.
That is one of my favorite quotes of all times, specifically taking into account the setting of the book.
That book by the "one-book literary wonder" was unforgettable for many things, including the fact that it was one of the first books I read twice. I'd say that that one work that stood strong for decades across generations should probably not be used to diminish the author using terms like "one-book wonder".
This is sad news indeed.
His courage in standing against racial injustice is notable, but the true depth of the character comes from his quiet strength and his unabashed dedication to his family and his fellow man.
He's always there for his children, tucking them in at night and encouraging them to be good to each other and their neighbors. He's always ready to impart wisdom and morality upon them in the most gentle manner.
But still there's that quiet strength, as in the scene when he shoots the rabid dog. Watching the scene through Scout's eyes, a powerful figure comes alive in the person of Atticus for the first time - showing us that a strong man is prepared to stand up both against moral and physical oppression.
As role models go, you could do a lot worse than Atticus Finch.
Has anyone read the newly released book? Thoughts?
A timeless storybook about bravery and courage in the face of blatant racism and discrimination. As a society, we should work towards ending racism and discrimination in all spheres and this book will surely play a part towards this goal ...
"Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity."
If this is true, it sort-of implies that Apple would have done it, but secretly, and they were forced to take their very public stance because of the FBI's posturing.
"How about we start with FBI mandated remote control gun disablers given that it's guns that killed these people? Oh, you're concerned that someone will figure out how to bypass it, and it won't just be the FBI disabling your gun?
Congratulations. You now understand my position."
"Law enforcement agencies have a legitimate need for evidence, which is all the more pressing in terrorism cases."
What makes a terrorism case more pressing? How many domestic terrorist attacks have had related followup attacks? How many domestic terrorist cases have been linked to other domestic terrorist attacks? How many domestic terrorist attacks have been carried out by the same set of individuals or groups?
The reality is that domestic terrorist attacks are not common or frequent, there is no urgency in investigating them because they do not lead to followup attacks. They're coordinated events, not a series of related events so there's no pressing urgency?
If this legal precedent gets set that the FBI can force US tech companies to break into their own customers' encrypted data, you can bet the industry will lose millions if not billions of dollars worldwide in tainted reputation.
Who's going to buy US companies' devices that claim privacy via encryption if they're easily backdoored at the FBI's request?
"Instead of the FBI making this request, how would you feel if the Government of China were asking? or Russia, or Syria? Do you want them to have the ability to read your encrypted data off your iPhone?"
It's also theoretically possible for hackers to steal Apple's private key from their servers, in the exact same way. As far as I see, there's no change to the threat model by Apple making a new software version, and signing it using the same process they use to sign other versions of iOS. It's useless if not signed, so the real worry is someone having the ability to sign it, and that applies exactly the same if Apple signs iOS or FBiOS.
This suggests the authors don't understand the technology well enough to know this.
edit: this is assuming the software is locked to a specific device. So the signing doesn't matter to any other device. If the software worked on all devices, then a leak of a signed version would be problematic. Although even if they couldn't lock it to device, they could make it only work for a short time, say a week, so if that signed version leaks later it would have no effects (I'm not sure if you can change the clock on a phone without unlocking it though).
In this case the cracking capability is for a locked phone in FBI possession. Let's assume the same technique isn't possible on newer phones. So what about the next case where the FBI wants remote access over LTE while the phone is unlocked / in use by the suspect?
If you can use All Writs Act to compel Apple to develop the first backdoor, then surely the same is true for the second.
- Doesn't an iPhone become completely secure if you prevent if from passively polling for OS updates. If the iPhone would only poll and install updates after user un-locks and allows, then there would be no way change the necessary software configuration without breaking the encryption. And the encryption can't be broken, thus if you could chose OS -level default "don't accept or even check for any updates without user permnission" you really would have an unbreakable device. But if they ever did implement this, it would be terrible for Apple's forced upgrades and their platform would fragment into many incompatible versions. I think everyone knows which option Apple will chose between: CompletelySecurePhoneOS or AbilityToForceUpgradesAndPatches.
- Correct me if I'm wrong but didn't Tim Cook initially state cracking this phone was impossible according to Apple's experts? And now it seems it's a quite reasonable issue of Apple signing an OS-update specific to this device's unique ID; so quite feasible. So was that a lie?
So many slippery slopes.
What happens when an entire nation threatens us ?
I am not a native English speaker. Why "it comply" and not "it complies"?
It's not good timing....
Kinda makes ya wonder what all that moneys spent on...
Who is to say that other state actors haven't done the same to chips produced by their companies? The truth is, the genie is out of the bottle.
A year and a half ago, I wrote a serious article on this: http://magarshak.com/blog/?p=169
I'm not into conspiracy theories, but I'm wondering on this one.
Why would the FBI, or Apple make this so public? The Apple letter seemed staged?
The federal government always seems to get what it wants in the end, especially if one has a lot to lose?
I imagine the conversation starts off with an indignant, appalled CEO.
"Hell No--I'm not giving you access to my customers data!"
Federal government counters with, "Do you want us to scrutinize your past, and present life?"
"Do you want us to look at every stock trade you ever made?"
"Do you want us to publicize the personal information we have on you already?
"You know we can make your life misserable? You know we can make your companies life misserable?"
No this isn't Russia, but our law enforcement branch of the federal government scares me, and I'm a nobody. There's been some deaths, especially in tech, that seem suspicious. The drug overdoses--guy in San Francisco that was about to give a talk on ATM hacking comes to mind.
That tech guy who died in that fiery car crash on Los Angeles.
(I don't want to argue with anyone. I have no evidence. Just a weird feeling. And yes, Tim Cook seems like a choir boy. He comes across as someone who doesn't even jay walk.)
My views on the general encryption controversy are:
1. Everyone must be free to make their technology as secure as they possibly can. There can be no mandated weakening of security, back-doors, or other requirements to make the information more easily accessible by law enforcement. On newer iPhones, Apple has patched up the flaw that the FBI wants their help with exploiting. They must continue to be allowed to do that.
2. The government must be able to demand, with a court order predicated on probable cause, that companies provide any and all information that they have that could be useful in circumventing their security features. This can be everything from technical specifications and threat-model analyses, to lists of unpatched vulnerabilities and code-signing keys.
3. It seems to me that American companies have a moral obligation that goes beyond the legal obligations in point #2. They should be actively assisting the government in recovering information, especially when concerning issues of national security. In extreme circumstances, like total war, this should definitely be legally mandated. I'm undecided as to what the policy should be generally. On a practical level, it's probably not feasible for the government to, e.g. start hacking around the iOS codebase themselves, so just information might not be enough.
I'm not too troubled by this court order, especially given the particular circumstances. The right to make products as secure as you can, even from yourself and the government, is what's really important to defend. Trying to argue that the tech industry shouldn't help, even in this case, is not only the wrong position in my book, but a sure way to lose the bigger debate.
Apple's definition of "backdoor" is highly suspect. A backdoor is if I ship my product with an intentional vulnerability, so that I can hack into it later. Apple's not being forced to add a backdoor, it already exists because the security features break down against an adversary that has Apple's private key, at least for the default 4-digit PIN configuration. Now the government is asking them to use their own capabilities to help hack this phone. Of course, Apple didn't create this backdoor for malicious reasons, they just didn't include themselves in the threat-model, greatly simplifying updates and other security features, and allowing the walled-gardenness of iOS. It's also central to the walled-garden. Curiously, this is in direct contradiction to their claim for some time now, that they were designing iPhones such that they themselves can't break into them.
Now put yourself in a Congressman's shoes. The FBI has been telling you for years that tech companies are being purposefully antagonistic to their legitimate search and seizure authority. That the tech companies are purposefully designing features with the sole intention of shutting the government out. Now here's a case where there was no mandated backdoor, the government was able to devise an exploit method, and they got a court order from a judge to make Apple use it on a dead terrorist's phone. "Mandatory backdoors would hurt everyone's security", one of the arguments that we've been winning with, now sounds like a bullshit cover for "we are against any government surveillance". Can you smell the legislation coming yet?
Disclaimer: These are obviously my own personal views and nothing else. They do not necessarily reflect the opinions, policies, or practices of anyone but myself.
(Reposted from https://news.ycombinator.com/item?id=11131456 with additional)
You can then add it as a simple href to the readme.md.
It also means that you can have multiple templates depending on what a user wants to do, just by having multiple links and changing the content of the `body` parameter.
Simplest way to get going on this is to use http://urldecode.org to write the markdown you want and then hit the encode button, take the result and add it after `body=`
We also use it to auto-assign labels using `labels=` in the URL
The usual complain goes like this "You need to do X because I want to be able to do Y." In the complainers mind there is the untested idea that having X will enable him to do Y which solves his unspoken problem Z that he isn't even aware off. The thing is, at this time you don't know Z. You don't know if Y is really solving Z. And you don't know if X is really solving Y. And neither does he. But if you want him to use your tools he doesn't need to worry about that as much as you.
What happens if you just go like "Okay, user wants X, here is X!" is that the users will continue to complain (maybe even more) because Z is still not solved, and because there was no testing and planning involved X is actually creating another problem Z2 that nobody had before. At least that's my experience with an open source project I managed for about 3 years.
What I found actually needs to happen is to discover Z and to discover a way to solve it in the context of the project (which other people may not be as aware of as you are), and with an at least minimized chance of creating more problems. Then this actual solution needs to be sold to the users, because they are not aware of Z, so they think they don't care that you solved Z. But only after doing all that people will stop complaining (not even remembering that there was a problem and how much pain you went through to solve it of course).
Hope that makes sense and explains why I start to worry now, when everybody starts cheering. What I hoped would happen is that you don't hear much about the suggested changes, some other changes happen a few weeks down the road, and then the complains stops without anybody noticing. A success would be that you don't read about github anymore after 1-2 months. People cheering and github saying "Hey we did X" is a really bad thing.
Next item, be able to star issues.
That would help a lot and we are able to avoid +1 comments.
So there is more to come
EDIT: Missed the fact that the feature is opt-in by the repo owner, which makes things more expected depending on the nature of the repo. Although now thinking about it, the separation is still not a bad idea.
I think the concept of having a file in source code is flowed for DVCS unless you have so called "source" branch that you can define that is a default source of such information.
I hope they address the other issues as fast as this one. Rating system is the next one on my list.
two years and that's what we get? meanwhile my bigger diffs are still garbage. and we have to use other companies to have a simple agile board... and don't even get me started on decent branch management and rebases...
sigh. really hate that my employer buys that
I am an Apple hater BUT I have to say very proud of the new Apple and actually saying they made a mistake and apologizes. This and the fight for security are both things as a self proclaimed Apple Hater applaud Apple for doing. Good job!
Seriously though, this seems like a consumer-friendly decisions, as was the iOS backdoor/San Bernadino press release yesterday and it's nice to see.
Is it more tractable or less tractable for someone to brute-force the 4 digit pin than the TouchID? I.e. if someone wanted to get into my phone, and they removed the official TouchID sensor and now it falls back on a 4 digit pin, does that do them any good?
I wonder if I could get the old behaviour back - if someone was tampering with my phone by removing the sensor, is there any way of bricking the phone until I can get it to an apple store?
I broke my screen and home button and had them replaced before I went on vacation. Luckily I had read about the error 53 issue before attempting to upgrade my jailbroken device.
I'm very surprised Apple would respond so well to an issue typically caused by 3rd party repairs.
Does that mean Error 53 stemmed from Apple having distrust in their supply chain? Interesting.
The last time this occurred, it was over illegally claiming iPhones and other Apple devices were out of warranty when they weren't, and misleading consumers that to get any form of warranty service after one year they would need to purchase an Apple extended warranty. They were not only fined millions, but were forced into printing a humiliating retraction on their website and in the press - one that basically was reported on worldwide.
I'm not at all surprised they backed down this quickly this time around. It's almost certain they would have been found to have committed the offence of third line forcing, to which there are very, very steep fines.
New personal rule: never update the phone again... ever.
There are rules and there is implementation. Reality in China is not so cut and dried.
I share pbkhrv's sentiment about this possibly being a preparation for a rash of bad economic news late this year. I have it on very reasonable authority that the RMB will tank at least 15% by end of year.
The view from here in China is basically the same as ever... nobody with money really cares about foreign journalism and reporting, only food prices (steadily increasing), education (crisis), health (crisis), pollution (huge) and inflation (big). Transport is also a problem. They just try to get their money out.
The Chinese government has a difficult job. They don't really do too badly when all things are considered.
When you double the size of a plane it it becomes 4-times heavier (Observe what it takes to fly a B-52).
The PRC seems to be circling the wagons to protect from some unknown enemy that the free flow of information will allow the arrows to strike.
- Increase anti-foreign rhetorics in media. Don't like it, Microsoft? tough
- Ban Foreign services. Don't like it, Uber? tough
- Devalue Yuan by 50%. Don't like it, Apple? tough
- Nationalize foreign assets. Don't like it, Ford? tough
While China doesn't have the benefit of Google in the short term, by blocking them it gives it a chance for local companies to develop the technology and catch up.
Also take the example of TOMs shoes giving away free shoes replacing local markets and producers. These poor countries of weak governments, and even a small foreign company can impact the local the economy in uncertain ways. http://www.economist.com/blogs/freeexchange/2014/10/economic...
If you can understand this you can understand the viewpoint of Chinese officials. We come in with the viewpoint of "how can I have my fair and equal opportunity to extract wealth from China" while the capitalists in China are thinking "how can I extract wealth from China and prevent the foreigners from doing so." In reality the playing field isn't level. Our counterparts in China don't have the same education, quality of life, and financial status. Therefore a foreign company with foreign talent would already enter the market with an upper hand. By the time local companies are ready, they'd be fighting an uphill battle against foreign incumbents, or worse yet, not develop at all.
If you're familiar with Star Trek, there's the concept of the Prime Directive. It's principle is that the developed races must never contact or interfere with an undeveloped race because doing so would alter their natural development.
Foreign companies don't have an inherent right to the Chinese market. If they feel they do, or want to enter, it's because they feel there is profit in it. The profit comes from exploiting the opportunity in the local market, and in an underdeveloped market such opportunities are ripe. This isn't exactly fair if mature companies are allowed unfettered access.
Maybe they got tired of having banned content mirrored by un-blocked IP ranges and constantly having to hunt them down.
When China was the huge success story it was, until recently, they were far more tolerant of criticism. Even then, the Chinese Government would clamp down very quickly on criticism. Right now their tolerance is pretty much zero. They do not want to admit or even hear that they have done anything wrong or that China has significant problems.
They also greatly fear any kind of mass action. During the boom years, with high employment and everyone happy, there was little chance of mass action. Now with entire industrial areas becoming ghost towns, high unemployment, no pensions and growing poverty, mass action becomes a real threat.
According to this story [http://www.independent.co.uk/news/world/asia/china-set-to-ba...]:
'This ban covers words, pictures, maps, games, animation and sound of an "informational and thoughtful nature" -- unless they have approval from the State Administration of Press, Publication, Radio, Film and Television.'
Still it's very onerous but not a complete shutdown.
Will the foreign websites published in Mandarin be banned to view from mainland China?
Seems like a contradiction. Are you publishing online, or in China?
Unbiased journalism seems such a quaint concept these days, and as the divisions between right and left take on an almost war like characteristic, everything becomes propaganda.
Hell, I might even move to China to get away from it all.
"How do you license media in an age when everyone could become a writer and publisher?" As far as I can imagine - you don't, that's the thing! Maybe they won't do you anything for now, but if they don't like what you're publishing they will have a ready-available "legal" reason for detaining you for publishing without a publishing license (which of course could be claimed to be totally unrelated to your published content)!
The Daily Mail truly doesn't give a shit. About quality, about copyright, about decency. It seems to be working for them.
Is something like this enforceable?
I would probably have handled this much less maturely, haha. What would be the legality of displaying some really graphic image (like goatse) to only 10% of users when you detect you're within an iframe? :P
Ripping the source code of the visualization is so scummy though. I wish I could say I can't believe the Daily Mail, but this article isn't even surprising...
Why I Would Do That: They were successful in their defense of the rights of the Beastie Boys and reached a settlement that included a public admission of guilt.
Long-Term Goal: To discourage such behavior through numerous examples of punishment using established rules.
I know people who have had other things like photos from flickr stolen by them.
They are disgraceful!
I wonder if they've configured everything correctly to ensure that an embedded iframe can't find its way to the user's Daily Mail cookies or credentials?
I think the people most concerned about following the rules are small-medium businesses that are big enough for someone to try to sue, but not big enough to have an army of lawyers that makes them practically invincible from all claims that don't originate from a similar Super-Massive-Corp. Business insurance is pretty meaningless for practically any claim that doesn't involve unsafe facilities, and they often include clauses similar to "If you lose in the wrong way, you owe us all the money we paid for your defense".
There's an impression that since big media outlets are such big targets, they're careful about this type of stuff, but it's not true at all. They're only careful when it's another SuperMassive's copyright. They know that a legal fight with them is not possible for any other creator, and they know that they can get an immediate benefit by violating your copyright. They'll rip your stuff off, they may take down the thing they didn't have a license for after you complain, and they'll just laugh at you because they know an attorney is going to charge tens of thousands to even start proceedings against someone as big as them.
We need to fix the way legal costs work.
Regardless of whether you find their behaviour acceptable, those are two very, very different things.
0. Register the copyright within 3 months after you publish the project.
1. Register online at https://eco.copyright.gov/ - it costs $35 (or so) and is not particularly difficult to do.
1.1 registration is not difficult, but it is tedious and involves navigating a super-old government website that kinda sucks.
2. You can also hire a lawyer to register for you, which costs around $200-300.
3. Once you have the copyright registration, you can write a polite letter to whomever is stealing your stuff (or write a nasty letter, depending on your mood).
4. You can force them to pay you compensation for stealing your copyrighted content.
5. If your stolen stuff is being hosted by a third party provider (like imgur or whatever), you can send the host a DMCA takedown request, and the host will quickly remove the offending content.
that is just US law. Milage may vary in other countries.
edit - a lot of downvoting on this comment. Too snarky? Too anti-open-source? i thought this is useful info. Sorry to offend!
"So how did Daily Mail embed the visualization without the word poop popping up on an empty page? They downloaded all the files from my server on to their own server and deleted the snippet that brought up a poop alert. That way they didn't have to deal with those pesky safeguards I setup.
In other words, The Daily Mail deliberately stole my work."
In general, you can't assume people won't deep-link your content, and that includes embedding. Taking steps to protect against or take advantage of traffic spikes is the responsibility of a content provider.
This, of course, wouldn't protect against DM just straight yanking all his assets and hosting them itself, which should be clearly immoral (and possibly illegal, depending on jurisdiction). But "framers gonna frame" is a fair thing to assume about the nature of web content, along the lines of "<img> tags are cheap and if people see something funny on your site, they're gonna use 'em to share it."
If you want to actually make a difference, talk to your solicitor. You might even get some money out of it.
That gave me chills.
The entire startup experience, the essence of being an entrpepreneur for me is in that moment when your brain subconsciously processes all the data around a problem and throws out something obvious and audacious in the same breath. And before you can conciously object BAM you have said it outloud and the adventure begins.
An example of how to actually live "your" own life in this world...not paying a great deal of attention to uninteresting things that others bring up; rather molding those same things so that they become interesting, and illuminate parts of your life and the lives of others...
In my estimation, my life is what it is--one I'm very happy with--because of my having just that attitude...
And, yes, I totally agree:
>>Paul : When I was a kid at Christmas, the Sears Catalog was your reference work.<<
> Most people won't admit how they got their current jobs unless you push them up against a built-in wall unit and punch them in the stomach until they spill their drink and start yelling, "I'LL NEVER INVITE YOU TO ONE OF MY PARTIES AGAIN, YOU DRUNKEN FOOL!"
> I think the reason these annoying people won't tell me how they got their jobs is because they are embarrassed to admit luck was involved.
> I can't blame them. Typically the pre-luck part of their careers involved doing something enormously pathetic. Take me, for example. I'm a successful cartoonist and author because I'm a complete failure at being an employee of the local phone company.
TLDV: Innovation is not driven by narrowly focused heroic effort. We'd be wiser and the outcomes would be better if instead we whole-heartedly embraced serendipitous discovery and playful creativity. We can potentially achieve more by following a non-objective yet still principled path, after throwing off the shackles of objectives, metrics, and mandated outcomes.
This also matches my experience 100%. All my best discoveries are accidental.
Interesting quote. There must be some organisation to early startups, otherwise they wouldn't work. Is the chaos just a description of what cannot be observed and described?
Fantastic read. Liked the bit about straw-drawing to talk to customers.
Aaron : Yeah. This is such an interesting thing because its so opposite from what you tell people a lot of the time, what YC tells people, certainly, of Dont do things just because theres a business there, right?
This is it, right here. If you want to know what most successful businesspeople have in common - not the unicorns - it's that they were prepared to sell their first venture and/or give away a lot of equity to the right people to make it work. Once they have the money, comnections and track record, they can have much more control in their next company.
We went a completely different route. We've tried to change the world... :)
-Alan Watts, The Way of Zen
And here I got so much work with full time studying that I can barely finish reading a single book alongside. How can people say university is enjoyable, fun, lots of spare time? For me it's just endless hard work and barely any breaks inbetween.
The Secret Service is extremely competent when it comes to computer forensics, and when they don't know what to do, they don't guess, the consult with experts.
The FBI is the opposite in every way, mostly because of budget constraints and the subsequent lack of training. I hope that this is a good learning opportunity for them and a chance for them to increase their training budget in this area.
But then again obviously FBIs long term goal is to break in all the phones regardless of the circumstances.
Some are saying the password reset requested by the FBI prevented a backup and closed the "front door" they already had, forcing the Apple backdoor.
The simplest possible explanation for them shutting themselves out has to be incompetence rather than malice, right?
U.S. dollar is the criminal and terrorist currency of choice. We must therefore, of course, break the dollar.
You don't put rookies on this and I'd seriously be surprised if the NSA wasn't involved in this matter personally.
The government wants a back door installed into all iPhones period. I mean how do you expect apple to build a tool that can bypass the same security features the government is trying to deal with right now without them inadvertently letting everybody and their mother know that there is some fatal flaw in the security layer of every modern iphone and/or iTunes.
There's no magic way to fine tune a tool like this and if out spy agencies don't know this then god help us all. Isis is probably gonna win. rolls eyes
I mean jail breaking is one thing. This is vault busting and once people know there's a bug and where to look they will find it and exploit it.
And apple's only remedy will be to patch the backdoor. Which is obviously what the gov is trying to prevent apple from being able to do by getting a precedent established in the courts that wags a finger at Apple saying "ah, ah, ah you didn't say the magic word"
The gov doesn't want to be Samuel l Jackson anymore. They want to reverse the roles and this case is the perfect cover. Just like the gov exploited the bombing on 9/11 to pass the patriot act. This is no different.
"The County was working cooperatively with the FBI when it reset the iCloud password at the FBI's request."
From a technical perspective, it seems very simple and easy to replicate before actually doing it and locking yourself out completely like they seem to have done.
The new wave of vision services are amazing. There are a lot of players in this field, including IBM Watson, which has a suite of vision APIs available with similar features.
One key differentiator of the Watson offering is that we have a trainable API called Visual Recognition . The pre-trained APIs are excellent and have broad uses, but it's amazing to see the results from even basic training to identify image tags directly relevant to your use case. There is a demo  that allows you to try it out by creating a new classifier right in the web page.
You can find some demos at:
http://vision.alchemy.ai/#demo - example images that demonstrate facial detection and identification, label extraction, object identification, and so on.
Another demo at http://visual-insights-demo.mybluemix.net/ uses the Visual Insights  API to identify a set of relevant tags.
I'm not trying to pick on Google for shutting things down; I would feel similarly if this API were from Microsoft or Facebook. It's not the first time there's been an API that I think is really cool, but was very apprehensive about actually using for anything serious.
I played with IBM Watson visual recognition API and it didn't look like it did what I needed it to (recognize a hand drawn image of a cat for example -- it just kept labeling it only as a 'cartoon').
Bummer. At least the first 1000 images are free so I can prototype it out of curiosity.
1) by using the service you grant Google use of the uploaded images. (e.g. they can use your image to increase their corpus, improve the service or use it for advertising, or use it to extract street numbers for their maps, or its always private and never stored)
2) What the resulting copyright is of the returned data. If you were to build a database based on the results, what license or copyright status this would be. Would all rights belong to me, or would Google claim rights over the results.
It's potentially a game changer, plenty of industries have piles of scanned documents. Cheap OCR means this data suddenly becomes accessible even if the value per individual document is low (i.e. for input into machine learning).
In training an AI system with hundreds/thousands of bits of data, no single piece of training data makes much of a difference. If one of my images on the web that I had captioned with the keyword 'dog' was used to train this system about what a dog looks like, is the model they end up with a derivative work of my captioned image? Yes, but my data would make up an infinitesimally small part of that model. Yet, in aggregate, the trained model might almost wholly rely on lots of copyrighted, rights-reserved images.
Would the resulting model be a copyright infringement? It would seem as though no rights owner would have a substantial enough claim. Yet, without all of the copyrighted works, perhaps the model would be ineffective.
While this technology is fascinating, I can't help but feel a little unsettled reading that.
Can someone who has this active shed some light?
disclamer: I work for them.
Errata: I'll need a research team and a year and a half.
I assume the actual request is more technical then, because the overview they gave here explains the things you would want to do if you knew nothing about the encryption and wanted to brute-force. Reduce password attempt timeouts, allow automating the password attempts, and don't melt-down after too many failures.
EDIT for the downvoters, my point about non-white people is that terrorist attacks by white people, such as all the mass shootings, don't seem to trigger the grand plans that these national security types like to execute.
It can't be that difficult, if you have FBI-class resources and some help from the NSA, to lift the components and make them work on a copy of the encrypted data.
It seems as though all the debates and analysis on this topic have already occurred. Yet, here we are again: a law enforcement agency demanding special privileged access to privately owned consumer electronics because it might contain useful crime fighting information.
It seems to me that the U.S. needs to have a broader discussion about what levels of government surveillance and intrusiveness into private lives we are comfortable with.
The outside threat of terrorism is now the club being wielded to force the issue, but is there really any evidence that this type of increased access helps? We had the Boston Marathon attack, in which two brothers immigrated from Chechnya, a known breeding ground for some of the most brutal terrorists in the world, the Russians actually phoned to warn us about them, and nothing was done.
Similarly, there was chatter in 2000-2001 about an attack involving passenger jets, reported by Israeli and German intelligence agencies. Yet, nothing was done. One would have thought it common sense to scrutinize foreign nationals, especially from Muslim countries with a lot of hostility toward the U.S. among the populace, who were involved in aviation. Reportedly, the Israelis even were monitoring a couple of the 9/11 hijackers in the U.S. at one point.
Should we not be streamlining our intelligence bureaucracies to avoid another Marathon fiasco, before sacrificing what little remains of our privacy on the altar of national security?
How/when can I run a phone OS that simply isn't subject to such known flaws and corporate manipulation? What are my options?
I don't think there's much difference between a backdoor and that. A backdoor can be "just a vulnerability", and that's what the FBI is asking Apple to create - a vulnerability in its security system.
It's kind of like saying "we don't want Apple to break its AES-GCM encryption, we just want it to replace it with RC4." Or "we only want Apple to support export crypto protocols as well, so we can downgrade to them when we do our attacks".
Whether we call it a "backdoor" or "vulnerability" or "just don't make it that secure" thing, the end result is the same. The FBI wants Apple to weaken its security, and that weaker security can and will be exploited by malicious actors, too (even if you're assuming it won't be abused by the FBI and the police itself, which of course it will be).
2) Apple already has the software they were asked to create.
"In a secret meeting convened by the White House around Thanksgiving, senior national security officials ordered agencies across the U.S. government to find ways to counter encryption software and gain access to the most heavily protected user data on the most secure consumer devices, including Apple Inc.s iPhone, the marquee product of one of Americas most valuable companies, according to two people familiar with the decision."
I'm 3 years in to a project where I've taken the approach of having my "app" as its own package. Flask is then a thin wrapper that instantiates the app and then exposes the views to talk to it. I handle validation / sessions / config etc within Flask.
It's extremely flexible. I have some stuff that runs off as worker processes. No problem - the core is the same, the wrapper around it is different. I also have a boot.py that I can call so I'm working directly with the app in ipython (again, it's a wrapper that starts the app).
I'm currently reworking the structure for capacity planning, which is mostly just a matter of splitting the Flask app into 2 apps for handling different parts of the work.
Because my core app is decoupled from the web app it's all really easy to do.
- It is both 'out of my way' and flexible enough to scale up. I.e. you can start with a 5 LOC hello world, but it still handles a large app with lots of components well (Blueprints).
- It doesn't force a data model / DB onto me - I can just plug in whatever I have (unlike Django).
- It doesn't even force a templating engine onto me - I always use mustache instead of jinja2 (it's extremely tiny, tidy and portable to any language, so it's much easier to port code to other devices / platforms).
- wanna just get started? `sudo pip install Flask && python ./hello.py` --> served on localhost:5000. I recently started a project while in a meeting with someone complaining about some complex app we had - built a prototype with him together that could replace the entire thing and solves problems we had in 2h. Having a foolproof starting point without any configuration and then being able to build up from there is essential.
Anyone looking to get into webscripting/webapps should definitely take a look at flask, its python based, good for prototyping or production apps and has tons of useful documentation.
This is what it always come down to for me. I know that when we can get our app running efficiently with reasonable memory requirements on a single core, then scaling it is really just about launching processes and load balancing them. Scaling out boxes is always easier than scaling out code -- for better or worse.
I'm not talking about load balancing servers mind you, but applications on any given host. Two layers of load balancing. When I'm comfortable with the resource requirements I launch as little or as many of the app in a predictable manner across any number of nodes. It's comforting to know that given X, Y core and ram, I can run N services.
I've used Dancer quite a bit. Some for larger apps (30+ pages)
This is how I typically lay out a Dancer app. Starting with a top level directory of application name, say "MyApp", I put the routes in different directories instead of jumble them all up in one file. As an example, lets use an app that handles and tracks customers and orders. So something like this:
MyApp/ Routes API Component Customer.pm Order.pm Customer.pm Order.pm API.pm Customer.pm Order.pm
Routes/Customer.pm would handle basic requests like GET /Customer/list and POST or GET Customer/1
While routes handling json/ajax only requests (from jquery ect) would be in Routes/API/Customer.pm. Routes/API.pm would be an api for stuff that doesn't directly involve a Customer or Order object (perhaps returning json from an inventory table or something)
This is just sorta a method I made from various best practices from other frameworks. Perhaps its barftastic, but I haven't been complaining about it.
Flask-Diamond establishes some common practices so that you are not starting from scratch for each and every new Flask app. In a research context, I might scaffold multiple new apps per month, so this has been a huge time saver for me. This has also made Flask teamwork much easier.
Here's a tldr:
Logging requests to a flat file on a t2.small instance: Django: 519.93 trans/sec Falcon: 2083.19 trans/sec
Flask is great for small projects, and also scales to large apps like https://wakatime.com
I've also had good experiences with bottle (http://bottlepy.org/docs/dev/index.html) for building internal apps for companies. The limited amount of users means I don't have to worry much about scaling and bottle with Paste server works pretty nicely. Jinja2 templates can also be used with bottle which is a plus. It's also pretty easy to compile this setup into an executable so it can run off someone's Windows machine and no need for a separate server. This setup makes a really convenient internal-use app which is easy to send to end users for deployment.
I'm in the process of writing my first webapp, and thses days it's a bit strange seeing a popular framework not being updated (even if it's just for bugfixing) a few times a year.
Disclaimer: You can architect beautiful apps in apps, its just easy todo it wrong.
GLOBALS:Flask has a lot of globals (from flask import g, request, current_user, etc.) A better web handler function looks like this handle(request) -> response. Any other web framework that I know does it like this. Much better. Flask promotes touching the 'request' object everywhere. Example: https://github.com/lepture/flask-wtf/blob/master/flask_wtf/f.... Flask is not functional, its inherently statefull with globals.
MIDDLEWARE:Flask promotes writing middleware as decorators functions, while it looks nice, it not really useable anywhere else, and its not really a standard. At least you can still use WSGI middleware.
BLUEPRINT are nice, but have issues:When you create a blueprint, for a sub app, you cant set error handlers. They only work on app level. Also (small issue) You cant add blueprint specific middleware.
Better way to create 'sub apps': Use a new WSGI App.Or use a sitemap where you bind functions to paths.
SITEMAP @route has disadvantagesFor big apps, its nice to have a single routes.py file where you can see all urls the app supports, and which methods to handle those. The @route is nice to use initially, but imho for big apps it becomes messy. Also it promotes circular imports:
view.py: from init import blueprint #circular import! blueprint.route('/test/') def f(): pass init.py: blueprint = new Blueprint from . import view assert view # ensure the handlers are initiallized
In my experience, any sufficiently large Flask project contains an ad hoc, bug-ridden, slow implementation of half of Django.
What JS framework do you tie it to, if you use Flask to just create an API/manage sessions?
And why should Flask be used instead of asynchronous Tornado or Node.js?
Can anyone provide a few good open source flask projects worth reading?
The next realisation you'll come to is that all that stuff has already been written by someone else as addons. So you try that but eventually you'll find you are in so much pain from problems with integrating addons that you will realise that you would be best off with something that has all the basic functionality "batteries included". So then you'll try to find projects on github that have already baked together Flask plus all the plugins into a boilerplate project. Then you'll find that there's many ways to bake all that stuff together and start to wonder if maybe you're now using a framework. But the boilerplate Flask with addons integration doesn't feel like it has a really well thought out consistent overarching model.
So you'll then look at full featured integrated frameworks like Django where it's all integrated according to an architectural vision (perfect or otherwise is a matter of opinion) and although you might mot like some of the components, at least its all built in. Flask still carries of cruft and mental model though, because it is from earlier days of web development when you built the front end in the back end using things like Jinja templates.
And then one day you'll need to build just a simple REST API without all the bells and whistles needed in a web application. So you can then look at Falcon which is extremely minimalist for developer who know they don't want any extra web application stuff at all including things like back end UI generation with templates. It's a sharp knife because there's almost nothing in it, and never attempted to provide the features needed to build user oriented web applications, so it has a very small mental model to grasp.
Bottle and Flask are great for finding your feet in web development without being forced to learn too many concepts all at the same time.
Django or Pyramid or something full featured for web application development
Falcon for REST API development
If you are willing to take on the cognitive load of going straight to your destination, I would recommend beginners start with Django or Pyramid or Falcon. If (and this is entirely reasonable) you need to get going in Python web development without being overwhelmed by the concepts, go to Bottle or Flask but move on as soon as you can.
If you love Flask and have the skills and competence to craft your own architecture and carefully selected from a menu of addons that suit you and know how to whittle out unneeded functionality, then Flask is the right choice for you.
the snippets page is really helpful
also, I've some boilerplate
even though it hasn't gotten attn in a while
Flask is plagued with abandoned plugins from a cesspool of weekend contributors which you rely on for basic things such as authentication and ORM. Tough enough as it is with all the outdated documentation for each of the plugins you need.
So my recommendation based on 2 years of working with Flask is don't fucking do it, unless your product doesn't extend beyond couple of HTTP endpoints served over uwsgi + nginx for your internal applications.
I really wish I'd spent all that time I spent on Flask on Node.js, python was the wrong medium to distance myself from PHP frameworks.
Gone are the need to spin up Vagrant, docker, mysql/postgresql. I just upload the specific script I want and bam. Npm modules and pip modules too.
I've in the process of migrating to AWS and leaving Flask. Great initiative, ruined by abandonware plugins and modules, certainly not attractive to entice developers to build their own wheels.
The biggest mistake you could do is basing speed and agility as basis for going with Flask. It is the complete opposite. I think using Laravel or even CodeIgniter will significantly cut development time.
Regardless, I'm done with the whole server/client frameworks and have migrated to AWS without any servers to maintain or setup. There's even frameworks for "Serverless" architecture now which makes me shake my head.
So get over it. IPv6 is not meant to be usually exposed to endusers. Use hosnames. Use DNS, or mDNS or LLMNR on small networks without a resolver. Etc.
The only reason I can think of is psychological: People dont want to learn new things, so they find reasons to dislike the new thing to be able to pretend they dont need to learn it.
Also, the double-click argument is crap for two reasons: Firstly, it can be fixed by configuring your local software, and secondly, IPv4 addresses also had this so-called problem.
> IPv6 is still in the early stages of adoption
It really, really isnt. It might look that way to you, in the US, at your home endpoint, but move to the backbone or outside the US and you get a very different picture. ARIN in the US just happened to be the last of the RIRs (except AFRINIC in Africa) to run out of IPv4 addresses, so the US was able to put off switching for longer than most, and the whole of the US is now consequently behind the curve.
ip6emoji("fe8000000000000003ceecdfffe30c27",Char(0x2800)) => ""
deadbeef000000000000000000000001 2607f2f8a36800000000000000000002 fe8000000000000003ceecdfffe30c27 fe800000000000000000000000000001 2607f8b040078090000000000000200e
$ dig -x 2600:3c03::f03c:91ff:fe93:50b0 ; <<>> DiG 9.9.5-3ubuntu0.7-Ubuntu <<>> -x 2600:3c03::f03c:91ff:fe93:50b0 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40052 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;0.b.0.5.3.9.e.f.f.f.1.9.c.3.0.f.0.0.0.0.0.0.0.0.3.0.c.18.104.22.168.2.ip6.arpa. IN PTR ;; ANSWER SECTION: 0.b.0.5.3.9.e.f.f.f.1.9.c.3.0.f.0.0.0.0.0.0.0.0.3.0.c.22.214.171.124.2.ip6.arpa. 18272 IN PTR itchy.jrock.us. ;; Query time: 0 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Fri Feb 19 22:34:49 EST 2016 ;; MSG SIZE rcvd: 118
I think this article has a lot of really practical ideas that would help a lot.
I suppose the only other thing Id want to allow in an IPv6 address is a Perl-like underscore anywhere for visual separation that acts like a comment; e.g. Perl lets you say things like 1_000_000 to mean 1000000. The article suggests a single dot but I think that could still be combined with visual underscores for things like "dead_beef_._0001".
That is the MAIN reason why its deployment and adoption rate has been a long clusterfuck.
> Im sure there was a reason for this choice, but to us after using IPv6 for years it still seems utterly arbitrary.*
If I had to guess, I would say they're there to chunk things up for reading aloud.
"Read me that address off the console."
"...a bunch of zeroes, then 1."
They also make it harder to lose your place when reading it back.
Edit: he hasn't even mentioned zone IDs represented by a % which would make him even more angry if he had to figure them out
tl;dr use mdns. You should never have to type an IP. Yes the mdns software sucks and has a huge attack surface because it's bloated.
BTW, don't most home routers etc take a hostname and add it to a .local DNS domain stored on the router?
but yeah, whenever I see an ipv6 format address, it takes way too long to parse it out. unless you were a network engineer at some point, it's not going to become second nature any time soon.
String representations of IPV4's aren't all of equal string length either.
IPV6 can't be shortened into, for example, dead.beef.de, because it's ambiguous as to whether that would be a domain name, or an IPV6 address. Likewise, other suggestions make it ambiguous with an IPV4, or even if not technically ambiguous, likely to break some existing code.
Raw IP's aren't exposed to the masses often anyway, so the bulk of the downsides of the current compromise should be constrained to just technical people. They will just have to figure it out.
Yes, we'd barely introduced fire then, we certainly didn't have the technology to double click to highlight a word...
No case issues, semicolons don't appear in dns or ipv4, no shift key required.
The article should have started with this. Could have saved me countless seconds of skimming the article while summarizing in my head "boo hoo, I haven't figured out how to make my workflow any better after 2 years."
literals were introduced because the order of parsing for an email host is first "Domain" for any non literal, then literal which defaults to IPv4 [127.0.0.1], then a literal prefix was added for IPv6 and any future registered protocol "[IPv6:::]"
the order for parsing for a URI is:
// host = IP-literal / IPv4address / reg-name
// IP-literal = "[" ( IPv6address / IPvFuture ) "]"
ipv6 just happens to use a colon which conflicts with the port delimiter from authority in a URI so it's a literal and not a registered name
// [ userinfo "@" ] host [ ":" port ]
> why not re-use the dot from IPv4 notation
because you have conflicts from "0.0 -> 0.0.0.0" to "255.16777215 -> 255.255.255.255"
0-9 conflicts with an IPv4 decimal
a-f conflicts with GTLDs
the only reason your blobs don't have a conflict with an IPv4 Historic is because hexadecimal notation starts with 0x
> try double clicking on those
try double clicking on any of these valid characters from "reg-name"
// unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
// sub-delims = "!" / "$" / "&" / "'" / "(" / ")" / "" / "+" / "," / ";" / "="
or these from IPvFuture
// IPvFuture = "v" 1HEXDIG "." 1( unreserved / sub-delims / ":" )
if you want to develop your own "standard" either use the literal IPvFuture, or use a Registered Name
non literals IPv4, IPv4Historic, and Domain names are valid registered names, but domain names aren't even part of the URI standard
the only reason you would have conflicts with domain names is because they're de facto parsed after an IP, so a double dot would probably be discarded as invalid, which is why punycode exists for unicode
if at that point you didn't have any conflicts it would be a registered name, but you wouldn't have any way to resolve them
lastly, if you want to fix the nonissue of double clicking use a registered name, if you chose to use underscore you may have conflicts with dns
edit trying to figure out newline parsing
I live in SF too; for ~10 years. I have never seen it this bad. The City passed a "sit/lie" law a couple of years ago.. but it's never enforced. The City is spending $1M/month ... for housing 225 people. Do the math, and you'll see how ridiculous is that. At that rate, how much do you think the City can spend on the homeless? It has 7000 homeless, and counting.
Many of the homeless used to live in City housing, but got kicked out due to drug and alcohol habits. What's the solution here? You can't incarcerate them. You can't force them to use detox clinics, etc.
If the person refuses help, and refuses to follow the rules of whichever shelter they're in, then s/he has no more right to live in SF! As a last resort, the City is within rights to just kick you out. No one is entitled to live in SF. You can't just show up and setup tent in a public space; that public space belongs to the rest of us too!
I hate the climate of hostility towards anyone who remotely points this problem out. The reaction and tone of this article is exactly why I hate looking at Twitter now. It has become a platform for lecturing and shaming other people for stepping out of a very oppressive and narrow range of opinion or expression.
I now find articles like this and these daily recurrent societal witch hunts to be infinitely more offensive than anything this guy wrote. I don't want to live in a self imposed culture of toxic silence so no, Hacker News, I will not join in with your witch hunt and participate in group shaming of some random guy who wrote a bad letter.
That seems unfair. Shkreli made the news for doing things that would have a tangible effect on peoples lives, and doing those things with a smile. Let's compare Shkreli raising the prices on life-saving drugs to the first paragraph of Keller's blog post:
>> "I am writing today, to voice my concern and outrage over the increasing homeless and drug problem that the city is faced with. Ive been living in SF for over three years, and without a doubt it is the worst it has ever been. Every day, on my way to, and from work, I see people sprawled across the sidewalk, tent cities, human feces, and the faces of addiction. The city is becoming a shanty town Worst of all, it is unsafe."
It's ridiculous and frankly narcissistic the way that he makes it about him and how it effects his life, to be sure. But, his three personal examples (from just this past weekend!) did a good job of driving home for me how interactions with the homeless are different in SF than they are in my area (northeast).
The guy could use a talking to about punching down but I haven't really heard too many people defending SF's handling of these types of issues either so I can't rip him for trying to bring more attention to the topic.
I spend a couple of weeks in SF this month, and was shocked at the level of homelessness that we find even in very well off districts. This is not something that is common in the big cities of the world. The city is OK with tents everywhere, but that's not really that good for the people that are now homeless either: Living on a tent on the street will not help their mental health, their self esteem, or their chances of getting out of that hole.
I don't think the problem is really the fault of the tech people moving in, and I sure don't blame the homeless themselves. The problem, once again, falls into the people that want to keep the city the way it was, and to avoid building, when the city faces other pressures that are unavoidable. San Francisco MUST build.
Until people change their mind, we'll see both more gentrification and more homelessness, until the city reaches a point where the combination of prices and homelessness makes the city life into a dystopia: Maximum inequality, brought in by policies trying, but failing, to make the city be inclusive. I sure hope San Francisco voters change their mind before it gets to that.
SF has the worst homeless problem I've ever seen in the first world, and it rivals the worst of what I've seen in the third world.
It's a disgrace and it sucks and I don't have to like it. Whatever the local/state government is doing isn't working. And sure, maybe a lot of the homeless are just normal folks down on their luck.
But as others have pointed out in this thread, a lot of the homeless are also:
* There by choice
* Violent criminals
* From out of state
* Mentally unstable
I can have empathy for them and also want them not to piss and shit in public, beat me up, steal from me, turn a quaint downtown into a war zone (Santa Cruz), ad infinitum.
He is being self centred in his viewpoint but he's also not unique. Most people pay extra, and as a result work harder and longer, to live and work in neighbourhoods which allow them to ignore the plight of others.
I do hope the response to this is genuine agreement that things need to change because it benefits everyone, followed by associated action, instead of just hysterical and shallow "omg I can't believe he said that".
A: Allowing people trapped in unproductive countries to move to US/Canada/Europe would significantly improve their quality of life.
B: But think of burden to the welfare state! We wouldn't be able to afford the flood of people moving here for benefits.
A: Simple, just don't allow them benefits. Many people would still move to US/Canada/Europe even if excluded completely from the social safety net (or voting, etc.).
B: The thought of so many destitute people being in my country and not receiving help makes me uncomfortable.
The predominant attitude people hold toward the poor/disadvantaged outside their country is no different than Keller's: I simply do not want to be confronted with this. I'd prefer to not see it and pretend it wasn't there.
(Please do not take this as an argument for open borders, it is just an attempt to highlight a hypocrisy.)
I can't even begin to describe to you how difficult it is to wade through the pervasive ignorance on this issue, ignorance that is expressed by basically anybody who has not had direct contact with San Francisco's homeless population.
You need to understand that unless you have studied San Francisco's problem specifically, you are very likely harboring some ignorant, harmful opinion about homeless people, and you owe it to yourself and to them to educate yourself. This report is a good place to start: http://sfgov.org/lhcb/sites/sfgov.org.lhcb/files/2015%20San%...
If you care at all about fixing this issue, don't sit around with your other tech industry friends and try to be boy-genius saviors. Seek out the people who have been working on this issue for a long time, who understand it, who can explain to you why it's a problem and why it's so hard to fix.
The Coalition on Homelessness in San Francisco is a really good start. They've been doing so much with so little for so long that they can now do everything with nothing, and they would welcome help from people who are willing to humble themselves and get to work.
We can make this city a better place if we just decide to work together.
It's not clear what the solution is to this complex problem.
I live in an area affectionately known as the 'tender knob'. We've had people defecate on our steps, tear open our garbage bins and leave litter everywhere, and shoot up drugs and leave dirty needles in our outside stairwell. Before moving to SF from NY, I had never seen people defecate on the middle of the sidewalk in the afternoon. The owners of our duplex live upstairs and they've been brought to tears having to deal with this on a weekly basis. I wouldn't feel safe having children in this area.
Yes there are homeless people who had some bad luck and are just trying to get back on their feet. Most people are sympathetic to that. But it's different in SF. Walking around you can't help but feel that many, if not most, of the people are chronically homeless drug addicts who have passed the point of no return. That's the problem we need to deal with.
Moreover, there seem to be strong network effects at work here. You might argue that by not 'pushing out the homeless', that you're actually maintaining a dangerous, self-reinforcing, social environment that is constantly attracting new members. In effect, are we making the problem far worse?
Let's fight for the right of people, who are mostly struggling with mental illness and addiction to live in the street.
That sure feels noble I guess.
How about making appropriate institutional care available so these folks wouldn't have to sleep in the streets?
In my town, there's an article in the paper today decrying the fact that a local institution is no longer venting waste heat that kept vent grates warm, so people cannot sleep outside.
Is nobody trying to treat or house these people?
Shouldn't people take this piece and use it as further evidence that there is a problem that needs to be fixed, rather than merely a culture war they can take part in?
As usual, everybody want's to talk about how much of a 'bro' this guy is, but nobody gives a shit about improving the lives of the homeless.
Also, I think we are judging this guy too harshly because of his privilege status. But I cant tell you that I live in Mexico, the third freaking world, and even people living on $4 don't want to see homeless people showing their genitals at them.
It's really a specifically Bay Area, or maybe a West Coast problem. It's utterly out of control. It's complex, it's hard to solve, it involves many many factors. But at the end of the day, it's still true that Bay Area natives are completely oblivious to just how ridiculous the homeless problem is, here. It's the first thing EVERYONE notices when they visit here, and we all just ignore it like it's normal.
I'm sick of it too, though I hope for a compassionate solution, on the other side of it, if I had run out of money and was living on the streets, I would most likely leave the Bay Area on foot and head for some place that isn't the most expensive city in the fucking country. I mean, is it surprising people can't afford places to live, here?
I don't know what the solution is, but after living here for 18 years and seeing the problem only get worse, not better, I completely agree something has to change, here.
I saw the quote in the headline and thought, that is some seriously unfortunate wording. I get what they mean, but putting it in the first person like that makes it sound like the problem is the seeing, not the pain, struggle, etc.
Then I read the actual letter. It's not unfortunate wording! They actually intend to say that the problem is the seeing! This person doesn't care in the least about these people, he just wants them out of sight!
In this context it seems to be intended as some kind of slur, or there is at least some negative connotation here. It's a man who works in tech who... what exactly?
1: San Francisco is a great city and the winters won't kill you, so it's an attractive destination for everyone, especially the homeless.
2: Some people prefer to be homeless. No amount of detox or "good drugs" will ever change them.
I have a radical idea: pay homeless people to be homeless somewhere else. Give them a monthly income, distributed at a location outside of the city (and has to be picked up in person so people can't game the system), under the condition that they are never to return unless they can show any proof of residence. They can request limited exceptions to visit friends and so on, but once their city visa expires, they leave on their own recognizance. Honor system with one strike to lose their benefit permenantly.
Tech folk, instead of sinking tens of millions into fucking glyphy and Yo and other pointless shit that won't make money, try investing in this instead. You don't need a government program to make this happen, just money. You can use arrest records or other public info to spot violators, and it's not like you're preventing their freedom of movement, you're just giving them an incentive to keep getting free money.
Doesn't even have to be that much. Life is cheap when you don't pay rent.
He really seems to think that homeless people grow on trees or something instead of realizing that they lived in the city before he did.
The problem with this open letter is it is written with contempt and a complete lack of awareness of the author's own privilege. The "I don't want to see it, I earned my right to be here, make it go away" sentiment shows how little the author has thought about the problem and his own standing in the world.
Has he ever tried hanging out and having a conversation with any of these people? I do it all the time here in New York and used to do it a lot in SF (a city I now avoid because of people like the author). I recently had a great conversation about physics with a homeless man on Skid Row. The point is maybe he needs to stop, have a conversation, and find some empathy.
Most homeless shelters are dangerous places and are filled with restrictions, so many homeless people prefer the freedom of the street. Urge your local government to invest in long term housing for the homeless and not just shelters. Lift restrictions on building in SF to create more housing in general. Support mental health facilities. There is a lot of work to be done, but saying you earn a good living and therefore shouldn't have to see it isn't good enough. If you want that life move to a gated community, not a major city.
Seriously, fuck all this misplaced outrage and fuck these kinds of character assassinations of people with differing opinions. We're entering an age where it will be impossible to take a position that goes against the mob's mentality. The chilling effect will be severe and we will all be worse for it.
Many homeless people are down on their luck, have mental illness problems or both. Many homeless people can also be rude, aggressive, and can deteriorate the quality of life in a city by littering, urinating publically, etc. The two aren't exclusive. Many people are caught in a form of dialectical thinking between privileged/unprivileged oppressor/oppressed. Life is more complicated.
What strikes me as ridiculous with the situation in San Fransico is that it's so economically wasteful given that the city has become one of the most desirable place to live in the country,
The Coasian solution would be for the residents to pay the existing homeless to move out of the city and then proceed to police it more thoroughly. I'm convinced there is a price at which everyone involved, including the homeless would be better off. The problem is that, besides the coordination cost involved, the idea feels icky and unconscionable.
Semi-surprised to see this crop up again when the outrage over these incidents was pretty severe and infamous.
Justin Keller is a terrible "face" for the debate (and so is Edna Miroslava Raia for the opposition). The facts are that San Fran has an economic problem and a homeless problem. Those problems are not mutually exclusive, but neither are they the same thing. Justin shouldn't have to worry about being accosted, and he shouldn't "have to see the pain, struggle, and despair of homeless people"but because the problem should be solved, not swept under the rug.
The homeless don't have a whole lot of say in the policies that affect them, such as affordable housing, policing that concentrates them in particular areas (most noticeable recently with the super bowl) and so on.
One reason among many that tech folk are noticing more homeless people is that the techies are moving into poorer neighborhoods (eg Market street and the TL) and causing rents to go up. Police officially or unofficially try to create homeless zones, and these become concentrations of addiction, disease, and filth.
I have lived in major cities all my life that had varying degrees of homelessness. From my trips to SF I have been shocked to see the consistent and prevalent anti-social behaviour of the homeless.
Mental illness is obviously a large problem, but I would expect to see similar levels between the SF homeless and comparable cities.
Not trying to bait or take sides here, genuinely interested in what causes the difference in behaviour of SF homeless and their equivalents in other major cities.
The mayor should be held accountable. And there is a problem with homeless people throughout downtown San Francisco. If such a massive amount of money weren't being spent, then I would understand but their budget is huge with no results.
None of us like seeing homeless people but the problem is not that they are unsightly or annoying - the problem is why are they homeless to begin with and what is such a wealthy city doing to help? If you're only thinking of your own selfish needs then it makes sense to just "sweep up" people on the streets and send them somewhere out of site. Perhaps a good whack on the head with a night stick will dissuade them from returning. If you have no heart or compassion then it probably seems like a great idea. But if you have any sense at all then perhaps you can try to use some of your privilege to find real solutions to homelessness and perhaps lend a hand rather than try to swat them away.
I hope to god this guy didn't come from affluence.
This guy seems thoroughly unsavoury.
It's a straight up ad-hominem attack against Justin Keller, instead of criticising his writing it attacks his character.
I sincerely hope this is the end of Michael E. Millers career as a reporter.
And before you downvote me, read the article and focus on the parts that aren't quotes. The author goes to great lengths to paint Keller as an asshole while completely ignoring what he actually wrote.
San Francisco, like many other towns, is a troubled place if you look closely. Homelessness is a complex and overwhelming problem with no easy solution. Addressing it in a practical, effective, and humane way will take concerted action by government and the residents of this city together. There's no other way.
As real as the author's discomfort and frustration may be, his words stink. Here is someone who neither recognizes the full potential of his undeniable privilege, nor sees its true limitations. He wants change, but having already paid for it, is entitled to it (he seems to say), and so the burden rests on others to fix the problem.
Justin Keller knows what a good society should (literally) look like, but he doesn't understand how to get there. I'm hoping he doesn't lack the empathy and humanity his words and tone suggest.
That was quite the zinger!
And that Detroit is/has bulldozed 20 or more square miles of empty homes.
There are also some who just want to be left alone. Around here they live in the National Forests up in the Cascade Mountains. The problem for them is age. Right now the reclusive Vietnam Vets are coming out of the woods. They are just too old to survive out there on their own out there.
On the whole safe housing is showing to be very important first step. Homeless life does include a community on the street. It is typically a community that is not going to be supportive of positive change. Each member is experiencing their own untreated issues.
Removing the negative social elements and temptations first appears to be one of the important benefits. If you're an addict having friends offering you a hit is not very helpful.
Thus, for my wife, building relationships with housing agencies and businesses is a big deal. The landlords/managers with endless patience, understanding, and strong boundaries seem to do best.
This really is a good example of how toxic outrage culture gets in the way of solving problems. Maybe this guy was self-centered talking only about how much trouble the homeless cause him. Okay, say he was. And? If he's cowed into silence by the great armies of Twitter, has that put one more street person into an apartment or methadone clinic?
I'm reminded of that flap about a British business that had homeless people sleeping on the benches on their property, and switched them out for benches it was not possible to sleep on, and was lambasted for it. It really is a singularity of modern awfulness: we won't do anything to make people not be homeless, but we'll yell at (some other) hapless person across the city until they surrender and make sure the homeless have cold metal benches in front of their building to freeze to death on, as is their human right.
I can't help but think the Bay Area's escalating tension over income disparity, and the politics surrounding it, is a seed for far uglier conflicts in the coming years. Thankful I'm a distant bystander and not a participant.
Once I almost got mugged in a VTA train station, by two teenagers. Thankfully I escaped the situation on arrival of an elderly couple in time.
Like always I understand these people aren't there by choice and might have their own reason for why things turned out that way. Can anybody give a socio economic perspective on why these people are like this in a first world rich country like the US?
Also the more I learn about the American culture, the more I realize the only change I see between India and the US is the infrastructure, everything else, all other problems seem to be the same. We are not so different after all.
cognitive dissonance is high in that post
I think the vilification is comical. Not super impressed with the need to dig into his background to find examples of how much of a "tech bro" he is.
This reads differently if it's not coming from the mouth of a hated-elite.
I don't want to go back to the ole 80's DARE drug war but I have to wonder if opioid abuse was even mitigated a little or rehab improved what kind of impact that might have on the homeless population.
I guess what do people think is fueling SF's homeless population increase?
If you combine that with 'homeless policing', you're then saying that if you don't work hard, you'll be abused by society.
I don't have an answer for this but I dislike euphemisms like 'they prefer this lifestyle'. If you can't work (anyone who understands mental health will realise that "can't" actually is a meaningful word in this context) then you have no other options.
This is an appalling, narcissistic rant that attracted scorn towards an entire class of workers from journalists across the world. There should be a strong effort to combat the stereotype that all workers in the tech industry share Justin's lack of empathy and tone-deaf view towards social affairs.
Before you write angry (mostly useless) blogs.
The media, collectively, has it in for us. They keep using borderline derogatory labels for us in their articles like "coder" and "techie," and they publish hit pieces like the linked article smearing us as if we were some evil 1%, despite almost none of us making as much as the average dentist.
They are stripping us of what little prestige and respect we once had, and we are just letting them do it. And there's no shortage of programmers willing to argue with you that it's not even happening, and that there's nothing wrong non-technical English majors with an ax to grind attempting to re-brand us "coders" and our profession "coding."
This article (and the comments) are relevant:
His main fault here is assuming that this also means, while ironically citing free market economics, that he's rich enough to have some sort of right not to see homelessness, mental illness, and poverty, day to day. That's a whole other level of wealth and power right there. Mid-priced (in San Francisco, anyway) restaurant? $20 theater tickets? That gives him some sort of insulating privilege from life? If you're Barack Obama, yes, the intrusion of a drug-addled crazy person bursting past secret service and into the restaurant you're dining in may be cause of serious concern. If you're a Saudi oil merchant, you can pay to stay at and go to places with tighter security, or bring your own. Heck, you can afford move to and work from areas with fewer of these problems in the first place, commuting around on your own private jet, being carefully shuttled from one multi-million dollar private residence to the other.
Your personal wealth doesn't give you the right to see and interact only with people who are within your same circles of success. If you want to start judging the personal success of others, holding yourself above them, and claiming your right to class insularity, there are probably some billionaires out there who would laugh in your face, if they cared enough, which they don't, because they'd rather they didn't see you at all.
In all my years in living in SF, or the bay area at large, I have never once had an altercation or otherwise problem with a homeless person.
In fact, I give them stern talkings to occasionally; Two days ago there was a homeless person on Market whos pants were falling down - I told him very sternly "Pull your pants up" and he did so.
There was a drunk guy wobbling down by the ball park and I commanded him to drink some water and gave him a bottle of water.
I almost always give away any left over food I have to homeless people I pass if I have left a restaurant.
I've told homeless people to not pee on certain places etc...
I have found when you interact with them in a straightforward way, and dont act fearful or contemptuously of them - they are just people who have a shitty support system (gov and people included) - but they still need a bit of direction.
Obviously it's fucked that so many people are homeless in San Francisco. Everybody blames us (techies with loads of money) for the homeless problem because we gentrifying the shit out of the place with all our money. And then this guy comes out and says this shit, and that only reinforces the narrative that we're the problem. And that's shit for us.
But why don't we do something about it? We don't want to be seen as the cause of the homeless problem, and surely we don't want assholes like this speaking for us. But people are right that we are rich compares to most people. Why not use this as an opportunity to show people that we can be part of the solution? Being rich doesn't have to make us evil, and anyway what's the point of being rich if we can't use our wealth to help the people who need it?
And it's not just our wealth: what about our skills? Take Homes Not Jails, for example. They're one organisation off the top of my head that does work that directly houses homeless people. They're renowned by squatters all over the world for the work they do to get homes for homeless people in San Francisco. But I just checked, and it looks like their website (http://homesnotjailssf.org/) is down? Surely one of us techies could get in contact with them and offer to help fix their website, or even just pay their hosting costs and domain name renewal for a few years? I've been involved in organisations like that and that kind of stuff can be a real hassle.
I'm sure there are countless grassroots organisations like this that are already working to help homeless people that probably don't even have proper websites and shit, that desperately need money. Fuck this guy, it's not worth wasting our time arguing over his stupid words. Let's show people that he doesn't represent us with our actions!
again, I hope he was joking but honestly probably wasn't - I fear this lackadaisical 'tech can solve all of MY problems' attitude is prevalent (we should also consider how we can solve the problems of others)
After high school, for about four and a half years, I was homeless.
I'm really good at programming computers, if it wasn't for that I might be homeless still.
I had emotional and social problems that I've been able to overcome. I'm one of the lucky ones. Many of the people I knew are dead, but in this age of instant connectivity and paranoia about surveillance I'll never know the fates of most my friends. We might as well be a lost tribe, uncontacted in the primeval forest. Except of course, that we weren't lost. Our lives played out in the same great concrete jungle/stage that yours does. Very few people wanted to find us.
That brings up an important thing, and this is as good a place to say it as any.
From the utmost bottom of my heart: Thank you.
To all those who gave of themselves and helped a random, smelly, weird homeless kid who you'll never see again, THANK YOU. I owe you my life. If it wasn't for the people who live the truth of our inherent connection with each other, who are moved by compassion and empathy to help selflessly, without asking for anything in return, I would certainly be dead, or worse: homeless and crazy in San Francisco. (heh heh)
I'll never cease from helping everyone around me so long as I draw breath because I owe the world my life.
If you have not been as fortunate as I have then here is the reason why you should do the same anyway:
We are one.
That homeless person there? That's YOU.
She's your mother, he's your father, that guy mumbling and shitting over there, he's your own son.
This is both metaphysical and very physical and real. The idea that we are separate individuals who can cordon off the parts of the world that we don't like is not real, not true. It's a "category one" error.
Here's a secret I learned on the street: The single most horrible sin we commit daily is to pass by a homeless person without acknowledging that person's humanity.
It's a monstrous crime.
You feel it every time, deep down, and it hurts, right there in your very soul.
There's nothing you can do or say, no ration argument you can make, that can obviate that bond. Nothing breaks it. As long as you draw breath you are owned and owed, one of us. Truly there are no individuals, to think so is fantasy, to live it, nightmare.
It seems like you grow callous but you don't, not really. Down under all that other B.S., not even that deep really, you feel it still. To turn away from another is like killing a part of yourself.
Homelessness is a symptom of a sick society. It's not the city government's problem, it's the whole city's problem, indeed the whole nation, the whole planet. We have emotional scars that prevent us from forming a coherent response to the situation (that's the only way so much money could be spent and have so little effect on the problem.) The issue isn't a matter of money (we have SO MUCH) it's a matter of spirit.
The individual homeless people would disappear as if by magic if we could just get our minds aligned with our hearts, because there is plenty of actual help and resources.
The very essence of the homelessness problem is that we, as a society, have to "break ourselves" and become humble. That's the only way for us to be vulnerable enough to reach out and heal the psychic and spiritual wounds at the root of it. An example: Try to imagine D. Trump manning a homeless food serving line. He's wearing an apron and spooning out hearty soup to people and he really gets it. What doea THAT do for your noggin?
P.S. Bonus campfire story: Here's hoping YOU never get, like, schizophrenia or something and wind up homeless yourself. It could happen. One of the scariest things that can happen to you is to get to know a few homeless people who were once JUST LIKE YOU! Mwoooo-hahhahahaha! Homelessness is something that only ever happens to someone else. Right? Nothing so tragic could ever happen to YOU to break you down and leave YOU shambling and covered in your own mess in a city full of people who don't care. Of course not, you're a good person. Homeless never happens to good people. That wouldn't make sense, would it? That wouldn't be fair. We all know the world is a fair place, right?
Let's talk about something else.
Anyone thinking of moving to SF should simply be shown this thread so they can see what kind of people they will be around all day.
Hey Washington Post, why not write an article about this site. Start with this thread.
Here's a winner https://news.ycombinator.com/item?id=11127645 I hope I'm not oppressing him by linking to it)
Some comments here use a lot of words to essentially say they don't feel any collective duty to help homeless people. Fine, if that's what you believe. But I'd ask you say that loud and clear, stand up and be judged.
Because I believe we collectively have a responsibility to each other, and government is one institution that reflects that responsibility (among its other roles). As a friend once said, simply: "I believe you can judge a society by how it treats its least-fortunate."
Now, the situation in SF is special; yes, it's got mild weather and a decent social safety net (by US standards, not European), which makes it a destination of sorts. But this is also why Justin K addressed his post to the wrong people: this isn't an SF issue, it's a state and national issue. And it's an issue that's heavily entangled with substance abuse and mental illness.
And it's only made worse by bad behavior and bad politics. For example, Nevada bused mentally ill homeless people to SF (often without medication or any contact person):
The reason California in particular has such a large population of mentally ill homeless people is thanks to a few extra years of Reagan, who famously shuttered all the mental hospitals in California while governor (before defunding initiatives for mental health care and research at the federal level as president):
So, do you think this is all of our problems, or somehow this is an example of individual responsibility? I venture how you feel about that question is probably heavily correlated with whether you think success in business is a product of pure hard work, or if there's a contribution from luck and civil institutions. And this isn't some low-stakes game of political philosophizing; the policies that have exacerbated homelessness in SF and California in general are rooted in the same political philosophy that motivated this short-sighted, self-centered, fundamentally heartless post. Politics matter.
In other words: if you think like Justin that SF is 'ruined' for you by problems of homelessness, and the city should do more to fix it... then you're simply not thinking hard enough, and not taking responsibility for your role as a citizen of San Francisco, California, the US, and the world.
And as a Bay Area native and SF resident for 10 years, I'd kindly ask you to leave, or at least stop writing stupid things publicly, and leave the debate over difficult civil and social issues to people who are more thoughtful and compassionate -- a couple of core San Franciscan values that I particularly treasure.
 "Almost two out of three respondents (63%) reported one or multiple disabling conditions." from here: http://www.sfgov3.org/modules/showdocument.aspx?documentid=4...
Also, can people just move out of SF? I don't care which group it is (tech, or the people who have been displaced directly or indirectly by tech), but it seems like at least one group needs to just move out.
The other issues also need to be treated. Those are comparatively complex issues... Homelessness is, by comparison, not complex. Put people in houses. As evidenced by examples in Utah (and apparently Canada too, about which I was unaware until this thread), this is the fiscally smart move. The smart move and the right move aren't always in alignment, so this should be a no-brainer.
There are likely no homeless people who actually prefer to be homeless. There are people whose lives have been so massively changed by their circumstances that adjusting to a more comfortable housing situation might take some adjustment, and probably some therapy, assistance, and monitoring.
The sticker shock of doing this is what seems to keep it from getting fixed at once, as it's apparently much easier to periodically ask for money to develop ineffective piecemeal solutions.
The letter to Ed Lee reads like a parody. It will doubtless be forgotten, but I hope that's not the case. It should be one of a few artifacts used to encapsulate the historic moment we're living in.
'Worst of all, it is unsafe.' Sure, it sucks that it's a safety hazard to area residents. Is that really the worst part though? If you think the worst part of the homeless crisis is that it makes you and your well-to-do neighbors unsafe, you should probably ask yourself what exactly makes you so important.
'My girlfriend was terrified and myself and many people ran out of the theater.' I can't judge anyone for what scares them, and sure, the incident sounds like it would have been a surprise... But this guy makes it sound like an actual monster came into the theater and ran everyone out. A homeless person came in and did something that interrupted the film. Things like this will occasionally happen in a city that has a terrible homeless problem. Justin Keller's reaction is everything you need to know that he doesn't have the emotional or psychological maturity necessary to process homelessness as an issue separate from the effect it has on himself.
San Francisco is a city rich with ideas and capital, but I don't know how you can incentivize tech-community participation in solving this crisis. I keep thinking that we've reached peak obliviousness, and then something like this letter comes along, and frankly I didn't expect to find so many people here basically affirming the sentiments. I really worry that this is how a sizable portion of SF's tech community feels, whether they admit to it or not.
To highlight how bad the problem has become: just yesterday I was out walking in the streets when two homeless men began to harass me for cigarettes and coin. Of course - not being obliged to share either the men proceeded to become irate and things escalated into a pushing and shoving altercation.
Yet another time, when I was leaving Tadich Grill in the cities' financial district - a distraught, and clearly high man was standing right in front of the restaurant, yelling and screaming about cocaine. He even attempted to pull his pants down to show his genitalia before the police finally arrested him.
I may be able to tolerate the foul smelling clothes, the colorful language, and the general indecency - but what I cannot stand is having to watch as the city I once loved is destroyed by human rif-raf. It has honestly gotten to the point where I can't even enjoy a movie without being harassed and no one seems to care.
But I'm not going to let them continue to flood our streets with crime and human filth. If nobody wants to help solve this problem then I'll do everything myself, and I think I know the perfect way to do it. I have all the tools I need at my disposal. Bitcoin will provide the means to secure resources and onion routing will cover my tracks. The problem is: I need access to a vast dataset to track the exact where-abouts of the cities' homeless population so that I can identify and eliminate them - which is where you come in.
I need everyone who reads this to install my app and tag where you last saw a homeless person. If everyone in SF uses this app I'll be able to produce a real-time map of all the homeless in the city (and as we know - homeless people can't afford phones so the data will even out.) This is phase 1. Phase 2 requires a little explanation. In phase 2 a network of weaponized drones will be controlled remotely and used to eliminate the homeless problem. Since this will obviously cause public outcry -- it is paramount that the operators of these drones aren't arrested. Fortunately, the app also creates an onion-based meshnet that allows the drones to be controlled with low-latency from any point in the city -- and you can't arrest an entire city for using an app so you will all have plausible deniability.
This plan might seem drastic but we no longer have a choice. The residents of this amazing city no longer feel safe, and I know people are frustrated about gentrification happening in the city, but the reality is: we live in a free market society. The wealthy working people have earned their right to live in this city. They went out, got an education, worked hard, and earned it. I shouldnt have to worry about being accosted. I shouldnt have to see the pain, struggle, and despair of homeless people to and from my way to work every day. I want my parents when they come to visit to have a great experience, and enjoy this special place.
The city needs to tackle this problem head on because it can no longer ignore it and let people do whatever they want. It is a very difficult and complex situation, but somehow during Super Bowl, almost all of the homeless and riff raff seem to up and vanish. Im willing to bet that was not a coincidence. Money and political pressure can make a difference. So it is time to start making progress ourselves, or we as citizens will make a change in leadership and elect people who can.
Democracy is not the last stop in politics. In-fact, the order of progression according to Socrates via Plato in the Republic goes: timocracy, oligarchy, democracy, and finally tyranny. Socrates argues that a society will decay and pass through each government in succession, eventually becoming a tyranny.
The greater my city, the greater the individual.
Welcome to the revolution.
We think SF is ideal due to the culture, weather, and resources. We also believe that an influx of homeless can assist in lowering property value/home prices which is much necessary in SF.
Maybe a publicity stunt that backfired a little.
On the other hand maybe he is so sheltered as to think this is an actual problem he's helping solve...
-HN also covers stories about the human side of technology
-The story is happening in SF, which is very close to Silicon Valley
-The vitriol being spewed is coming from a member of a tech startup
It's quite appropriate on this forum.
Ubuntu 16.04 also comes with enhanced BPF, the new Linux tracing & programming framework that is builtin to the kernel, and is a huge leap forward for Linux tracing. Eg, we can start using tools like these: https://github.com/iovisor/bcc#tracing
Is ZFS the right tool for this?
ZFS on Linux had issues with ARC (especially fast reclaim) and some deadlocks and AFAIK cgroups are not really supported - e.g. blkio throttling does not work.
Would be great is they got this ironed out but I would be wary. Still great news!
On the other hand, I've always wished we could get a modern re-take on ZFS. As anyone who's tried it will tell you: dedup in ZFS essentially doesn't work. ZFS, internally, is not built on content-addressable storage (or, it is, but since splitting of large files into blocks doesn't take any special actions to make similar blocks align perfectly, it doesn't have anywhere near the punch that it should). As a result, dedup operations that should be constant-time and zero memory overhead... aren't. Amazing though ZFS is, we've learned a lot about designing distributed and CAS storage since that groundwork was laid in ZFS. A new system that gets this right at heart would be monumental.
Transporting snapshots (e.g. to other systems for backups... or to "resume" them (think pairing with CRIU containers)) could similarly be so much more powerful if only ZFS (or subsequent systems) can get content-addressable right on the same level that e.g. git does. `zfs send` can transport snapshots across the network to other storage pools -- amazing, right? It even has an incremental mode -- magic! In theory, this should be just like `git push` and `git fetch`: I should even be able to have, say n=3 machines, and have them all push snapshots of their filesystems to each other, and it should all dedup, right? And yet... as far as I can tell , the entire system is a footgun. Many operations break the ability receive incremental updates; if you thought you could make things topology agnostic... Mmm, may the force be with you.
 https://gist.github.com/heavenlyhash/109b0b18df65579b498b -- These were my research notes on what kind of snapshot operations work, how they transport, etc. If you try to build anything using zfs send/recv, you may find these useful... and if anyone can find a shuffle of these commands with better outcomes I'd love to hear about it of course :)
I am dreaming I suppose.
I'm currently setting up a couple servers using LXC with btrfs.
I ending up choosing LXC (as opposed to LXD, docker, rkt, etc.) because I wanted something relatively straight-forward. I just wanted some containers I could create, log in to and configure.
If this was a bigger deployment, I'd take the time to use docker or something else. But for now, just being able to get going quickly is nice. For backup / failover, I can btrfs send / receive the containers to another host and start them there.
With that out of the way, ZFS is by far and away the best filesystem for container workloads. Hopefully we will get deeper quota and I/O throttling support soon.
I have been using ZoL in production for many years now thanks mostly to the work of Brian Behelendorf and Richard Yao. So if you find yourselves here thanks for all the work you have put into making ZoL awesome.
I'm surprised their lawyers gave an OK, where FSF, SFLC and friends have given a thumbs down. If their interpretation is good, suddenly the large AIX/Solaris dominated storage boxes open up to a LOT of ubuntu-based/ubuntu-derived competition.
I'm not going to comment further on any implications of Debian/Ubuntu's decisions, since IANAL.
At least in my caseand I think this isn't so unusualthere is a steep learning curve: for most people there's just not enough reason to stick with it. That said, at this point I can hardly imagine something more worthwhile. After acquiring some facility with it, my everyday experience with life feels more substantialmore 'real.' There's a kind of energy, curiosity, and enthusiasm that now often presents itself which I hadn't seen in a long timemaybe since I was ~22 or so (I'm 30 now). I also feel way less need to do things like smoke/drink, and have a restored sense of smell and taste. If you've felt like the world's turned grey at some point, give it a try.
This is my favorite source of info on the subjectvery substantial content, yet light and even entertaining at times: https://www.youtube.com/watch?v=FEw2mHpVv9A
We often find ourselves in stressful or difficult situations, we are constantly bombarded by external worries, and we think it is difficult to deal with our problems. However, no matter how big external issues are, the way that we ultimately interpret these problems is up to our mind. At times we might find a dark joke about death incredibly funny, and at other times it may make us cry. Meditation takes a break from dealing with these interpretations of the world for a moment (instead concentrating on something basic like breathing) and in doing so, gives us a way to acknowledge the fact that our interpretations of the world are all in our head. So even if we can't extend full control over them, these thoughts and feelings are still ours and we might have some influence over them, and it turns out even briefly having this feeling can affect your mind in the long term.
A side effect of meditating is that you might learn to replicate the sense of "stepping outside the situation" even outside of meditation, allowing you to relax and consider the big picture rationally in intense moments in which you might've been originally felt too caught up "in the moment".
I didn't do that shit for 20 minutes to be now on Facebookand closed the tab.
A friend taught me this: Sit or lie still. Burn your body with a white-hot fire, starting at your toes. Incinerate yourself. Visualize intense fire with a child's pure unfettered imagination. Let that fire burn your body slowly, creeping up inch by inch with its quiet impersonal anger. When your body has burnt up, the fire quiets down and the weightless ash blows away. Then you open your eyes.
This worked for me - I felt it! - and opened up meditation for me. I have since had very good success with the Headspace app, for instance.
Another important thought for me was "Meditation is watching your thoughts go by like the bubbles in a glass of champagne."
Overall, in a nutshell, what meditation has done for me is: There is more of what should be. There is less of what shouldn't be.
That has been my experience. I've done meditation retreats and the like. I do find it slows down my mind, but can also surface things that frankly I'm perfectly happy to leave under the surface.
I also don't believe every trauma or internal struggle can be answered or managed, or should be at a given time. Sometimes the best sanity-preservation mode is to ignore it until enough time has passed when we have the mental tools to face it. Mindfulness and meditation both make it hard to bury stuff til you're ready to mentally dig it up. Perhaps day-to-day stress benefits most from it.
I think it's a great idea for some people and I can see the attraction. But I also get tired of people suggesting it to me.
Massage on the other hand...that's like miracle medicine.
For those who are not aware of Sci-Hub:
Setting knowledge free: Sci-Hub is The Pirate Bay for research papers http://www.digitaltrends.com/cool-tech/Sci-hub-research-pira...
During a drive or commute While you play a video game or sport When you're cleaning your house
Some people find it helpful to run through Maslow's Hierarchy as a guide for this mental checklist: (https://en.wikipedia.org/wiki/Maslow%27s_hierarchy_of_needs)
It might take a few tries, or maybe many, to run through this subconscious checklist of side-thoughts, but the goal is to run out of them. Then you're left to yourself, no side-thoughts to distract you.
This, in itself, can be worrisome because many people aren't comfortable with what it feels like to "just be," so hack your discomfort by creating another checklist: how does this make me feel physically? Is this state of mind stressful to me? What would it feel like if it wasn't? How would it look if I were the kind of person who handled this particular stress easily?
Point is, don't rush it.
Give it several tries. You probably need more repetitions to consciously break down your own checklist of thoughts.
Much of meditation's benefit (to myself) is in learning to handle decisions and worries as they happen, and removing them from my checklist of things to meditate over when I actually do take the time to meditate later in the day. Most things people worry over don't matter.
Hopefully my lens helps someone.
I just point this out because the basics of what meditation actually is are widely misunderstood by most Westerners -- and even some I met in Asia.
I find it helpful to remember that the sentient fraction of matter in the universe is vanishingly small, so your ability to experience is truly a blessing. Mindfulness occurs almost by accident if you just focus on savouring your experiences.
As written in another post: I started one month ago and then I was frequently meditating with Headspace (which is awesome btw).
While meditation helped me to go through hard times it never solved the underlying problem. It's like taking painkillers without addressing the real cause. I solved the real underlying problem few days ago and I feel like god again.
My startup is actually working on something very similar called neurofeedback. Which is very similar to meditation, in that we help users better control the subprocess of their mind. It's not perfect, but it actually helps significantly with people with epilepsy manage seizures (by helping them realize when it is going to happen).
Other conditions, specifically ADHD and anxiety have also been shown to be treatable (to a degree) using this treatment. Treatment using neurofeedback for depression has also been shown to be better than placebo.
Unfortunately, there is limited research funds to study this, and there really should be more. My startup is gearing up to do trials shortly, hopefully to make this treatment more available.
One alarming detail about the article, however is the mention of "dose", which I think reflects the general Western, mainstream attitude to meditation. Mindfulness and meditation is being perceived as a tool of "relaxation", "reducing stress", dealing with anxiety, and so on. And it might be because of being "marketed" as such.
However, although meditation can in fact help you deal with stress and make you more relaxed, reducing it just to "benefits" is missing the point. After all, it is actually "you" who is dealing with stress, being more relaxed, etc.
Meditation is about paying attention to your thoughts without anyjudgment, experiencing your immediate thoughts and feelings directly,facing yourself, gently watching your unpleasant feelings, thoughts,memories and embracing them with all their both unpleasantness andpleasant joy. In the end, you get more and more in touch with yourselfand the reality, and become more alert, observant, thoughtful, compassionate, etc.
And that actually makes it a practice of not running away from stress, anxiety, sorrow, but in contrast, facing all that with a gentle attitude.
Finally, it is a constant and long-term practice, not something like a "pill" with "doses" to deal with whatever "symptoms".
2010: 30 min
2011-2014: 10 min
2015-present: 0-10 min
these are my daily averages. i have one rule: before I go to bed, I must assume the lotus position on the floor in front of my bed.
2015 was particularly a challenging year for me (startup problems), and it was all i could do to even assume the lotus position for a second. so for much of 2015 i really didn't meditate, which was ironically when i probably needed it the most. such is my life.
it takes around 4 minutes for me to reach what i call stage 1. this is when all the normal chatter in your mind ceases and your breathing is synced (i've also noticed that it takes around 40 breaths, which is roughly 4 min, so sometimes for shits and giggles i just count to 40). after much trial and error i've noticed i don't even need to do anything; it's the mere passage of 4 minutes that gets me to stage 1.
thereafter is when the real effort begins. it is a constant effort to reach what i call stage 2, or what i consider the beginning of true mindfulness, which means you are neither thinking of the past nor the future. i would say i only enter stage 2 at seconds at a time, only to fall out again into stage 1 (usually by an intruding thought, and that thought is usually "oh, i've got it!").
to be honest, i don't know what the effects have been for me. i seriously don't feel any different. anyway, how are we to separate the effects of meditation with the normal process of maturation or aging? am i getting calmer because of meditation or because i am getting older?
i take it on faith. faith in data and science. our personal experience with meditation cannot be the guide with which we measure it's effectiveness, because subjective experience is exactly that. i liken it to flossing. i floss my teeth every day but still have worse gum recession than those who do not. my periodontist and dentist chalk it up to genetics, because that is the best they can conjecture based on the current science. we can measure flossing easily; without a brain scanner in our basement we cannot so measure effects of meditation. so from the research i take it on faith that the effects must be beneficial on my brain.
It is a matter of practice, same as for sport. If you go only one time at gym, you will not get so much results.
It would be ideal to meditate twice a day, 20 minutes. If you can move your energy from one chackra to another it is even better. You can also think of chackras as your gland system, it doesn't matter if it sounds crazy for you we have 7 whirls of energy in our (physical) body, if it makes you feel good, it is ok.
In my personal experience I found that meditation is healthy, so I recommend it. However keep in mind that there is much more than meditation, which is just the first step.
In case no one else has recommended it yet - I highly recommend a 10-day Vipassana meditation course: https://www.dhamma.org
They are free and not affiliated with any religious organization. But be warned - it isn't easy! I like to call it "meditation boot camp." It breaks you down, but you grow and learn from the experience. It really is one thing you can try that can have a significant impact on your life and change its course. It is a unique experience - you can't read or write or speak for 10 days.
Guru:Smart Meditation Timerhttps://appsto.re/us/ukUP-.i
It's a little different from other practices, in that it is more "active" (you'll see what I mean) than just sitting there and watching your breath. It takes just 15 minutes once you learn it, and the sense of peace and focus I have after doing it for several months is incredible.
I highly encourage everyone to start meditating.
I mean sure, yeah, but...
so does walking in nature, poverty, cocaine, testosterone, inactivity, porn, drugs, focus, menstruation, Alzheimer's, cellphones, the Internet, The Knowledge, programming, football...
changing it's structure is how the brain reacts to basically any regular stimulus. Thats how it works.
Also n=35, t=3days seems insufficient to rule out any sort of confounding factors.
I don't envy the job of law enforcement. It must feel like at times that everyone is standing in your way. But where does it stop?
If only we could track everyone all the time...
If only we could watch everyone in their homes all the time...
If only we could open everyone's safes whenever we needed to...
Yes, you could solve many mysteries with all of the keys. But it's not your information. You're not owed it. No one is owed the answer to any question.
I hope law enforcement understands someday what a destructive request they've made, but I'm guessing like anything else addictive, that one taste will just lead to more.
It's also important that he's speaking out in opposition to these government tactics. Hopefully Zuckerberg will follow suit but if history tells us anything it's that Facebook is rather compliant and doesn't take security seriously.
As of December 1, 2015, WhatsApp has a score of 2 out of 7 points on the Electronic Frontier Foundation's secure messaging scorecard. It has received points for having communications encrypted in transit and having completed an independent security audit. It is missing points because communications are not encrypted with a key the provider doesn't have access to, users can't verify contacts' identities, past messages are not secure if the encryption keys are stolen, the code is not open to independent review, and the security design is not properly documented
Or ... something "fishy" is going on and this article is just a bait by Apple to let its customers believe they do care about privacy ... while in reality the situation might be entirely different. And the "best" thing is that ordinary people will never know for sure, because with Apple's proprietary software philosophy, there is no way to tell.
The NSA has [most likely] found a way to penetrate Apple/Google/MS/FB for specific targets i.e. they can get the info on any specific person/group covertly. The attack surface is just too large - TAO, Zero-Days, Insider threats, Financial threats, etc. The problem with that is things like needing "Parallel Construction " to legally prosecute.
What the FBI is now doing is using a recent horrible tragedy to force SV companies to establish a precedent. Make no mistake, this has been long time coming. The Feds want to set a precedent both legal and 'cultural'. Ultimately Apple might cave, but the fact that they are raising a stink is very good news. Time for other heavyweights to join the chorus.
Ex-GlusterFS person here (used to work at Red Hat on the project side, leaving mid last year).
"Small file access", and "lots of files in a directory" have been a pain point with GlusterFS for ages. The 3.7.0 release had some important improvements in it, specificially designed to help fix that:
The latest Gluster release is 3.7.8 (the same series as 3.7.0), and is worth looking at if you're needing a good distributed file system. If you have something like 1Mill files in a single directory though... hrmmm... NFS or other technologies might still be a better idea. ;)
It was the whole shebang: Kernel panics, inconsistent views, data loss, very slow performance, split-brain problems all the time. Our set up IIRC was very simple: two bricks in a replicated volume. It worked so poorly that we had to take it out of production. Some of our experience can be explained by GlusterFS performing poorly under network partitions, but nothing could justify kernel panics. It blew my mind that Redhat acquired that company and product.
Edit: I hope there's been a big improvement to the reliability and performance of GlusterFS. Can anyone with more recent experience running it in production comment?
Unfortunately, I hit a roadblock in relation to enumeration of huge directories: Even with just 5K files in a directory, performance started to drop really badly to the point where enumerating a directory containing 10K files would take longer than 5 minutes.
Yes. You're not supposed to store many files in a directory, but this was about giving third parties FTP upload access for product pictures and I can't possibly ask them to follow any schema for file and folder naming. These people want a directory to put stuff to with their GUI FTP client and they want their client to be able to not upload files if the target already exists. So having all files in one directory was a huge improvement UX-wise.
So in the end, I had to move to nfs on top of drbd to provide shared backend storage. Enumerating 20K files over NFS still isn't fast but completes within 2 seconds instead of more than 5 minutes.
Of course, now that we're talking about GlusterFS, I wonder whether this has been fixed since?
Overall, I feel AWS S3 is a better (or at least simpler) approach. Just acknowledge that files are not locally stored and use them as is. AWS is experimenting EFS as well, which we found not as desirable as well.
Edit: I am not saying that you cannot make GlusterFS or EFS perform great. My appoint it that it's hard to do so, and might not worth the effort to develop such a system given that S3 can serve most needs of distributed file storage.
We've been using it in production for a few years now and having a single namespace that can basically grow ad infinitum has been pretty neat.
If you want a trouble free Gluster experience stay away from MANY small files and replicated volumes.
My solution was to mount an EBS on the "worker box," along with an NFS server. Each "ingress box" runs an NFS client that connects to the server via its internal VPC IP address, and mounts the NFS volume to a local directory. It works wonderfully. In three months of running this setup, I've had no downtime or issues, not even minor ones. Granted I don't need any kind of extreme I/O performance, so I haven't measured it, but this system took less than an hour to setup and fit my needs perfectly.
Is anyone here running a GlusterFS setup with high read/write volume on small files successfully? If so, what's your secret?
So, here is the link to the star of the show: https://www.redhat.com/en/technologies/storage/gluster
- Vlad Tsyrklevich: http://tsyrklevich.net/tbb_payload.txt
- Gareth Owenson: http://owenson.me/fbi-tor-malware-analysis/
- My own analysis based on running it in PANDA: https://www.reddit.com/r/ReverseEngineering/comments/1jpln2/... you can also get the recording of the shellcode executing and step through it here: http://www.rrshare.org/detail/26/ )
It's not big, and we have a pretty good idea what every piece of it does.
Of course, I suppose we don't know that the malware it used in this case is the same as the one in the Freedom Hosting case, so I guess it would be nice to compare and contrast them.
Regardless, I think someone with expertise should be allowed to review any code developed by the government in such operations only to ensure it does not somehow violate the rights of innocents
The word "pedophile" should be defined as someone with a sexual attraction towards children. It doesn't describe behavior: people can choose to not act on the attraction, and many, invisible as they are, in fact do not. Also, the people operating and visiting that hidden service could have had other reasons for visiting. They are not necessarily all pedophiles.
The claim is that IPFS could replace HTTP, the web, and so on. The only thing I see, however, is a distributed filesystem, which is only one part of the puzzle. Real-world applications require backend systems with access control, mutable data, certain information being kept secret, and so on - something that seems fundamentally at odds with the design of IPFS.
How would IPFS cover all of these cases? As it stands, it essentially looks to me like a Tahoe-LAFS variant that's more tailored towards large networks - but for it to "replace HTTP", it will have to not only cover every existing HTTP usecase, but also do so without introducing significant complexity for developers.
Seriously, I'd like to see an answer to this, regardless of whether it's a practical solution or a remark along the lines of "this isn't possible". I'm getting fairly tired of the hype around IPFS, with seemingly none of its users understanding the limitations or how it fits (or doesn't fit) into existing workflows. I can't really take it seriously until I see technical arguments.
My biggest concern is that in the end IPFS isn't even really "permanent" in the way I understand it. Objects added to IPFS still need someone to in a sense "seed" them for that content to be available. What advantages does that give over just hosting the internet over static torrents?
1 - https://github.com/ipfs/specs/tree/master/libp2p
This was funny. Suppose you wanted to build a node that linked to itself. You'd have to find a fixed point in the combination of functions that adds other data to the link and hashes it. Finding a fixed point of a hashing function is hard.
The only way we are able to productively use git is because there is a convention to have some state in a non content-addressable location (.git/refs, .git/HEAD, etc...).
Saying that IPFS could replace the web means either: 1) Introducing shared mutable state; or 2) full knowledge of everything on the network.
I'm guessing that the existing web is what provides that layer right now. Is there any work going on for novel IPFS-based content discovery mechanisms?
Another thought: Given the content-addressable, immutable nature of this graph, how does one discover that a new version of something is available without a central authority? How could we discover the tip of a blockchain with IPFS alone?
Some more links for people to check out:
## (upcoming) IPLD "merkleized JSON" format:
- improves upon our basic format to make it much more pleasant to build things on top of ipfs.
- JSON meets CBOR meets Merkle-linking
- mini-spec: https://github.com/ipfs/specs/blob/master/merkledag/ipld.md
## answers to some common questions i've read on this page:
- content model / replication: https://github.com/ipfs/faq/issues/47
- how resolution works: https://github.com/ipfs/faq/issues/48#issuecomment-152917088
- how IPNS / mutable linking works: https://github.com/ipfs/faq/issues/16
- this is a very poor answer, sorry, i'll write up a post or paper on it.
- for now if interested, see the QConf slides below, specifically slides ~110 to ~130 -- the DNS, IPRS, SFS/Mazieres linking, IPNS parts.
## These repos have interesting "lab notebook" style discussions:
## deep dive talk at stanford:
- video: https://www.youtube.com/watch?v=HUVmypx9HGI
- slides: lmk if you want them, i'll pdf them up
## talk at ethereum's devcon1 covering blockchain uses
- video: https://www.youtube.com/watch?v=ewpIi1y_KDc
- slides (interesting bits start at slide ~70): https://ipfs.io/ipfs/QmUgRq7QfmRbPw5kXqwSs1TRtPDBXMoDNiYwJQg...
## talk at qconf sf (similar to above)
- in this talk i discuss a bunch of datastructure stuff, including using IPFS for PKI, for arbitrary dns-like records, for name systems, for CRDTs, and so on.
- unfort video will be released in march: https://qconsf.com/video-schedule
- slides (intersting bits starts at slide 80): https://ipfs.io/ipfs/QmPpYmdSEKspjgXxVyGK9UMHV54fKZS8MwJjppg...
"testing 123\n" isn't anywhere, and "Hello World" (and its hash) is pictured twice. I'm sure that the testing.txt arrow should just be pointing to a node with a different hash and content.
I can't think of a better example of a company that needs to shed worthless baggage and focus on high value propositions.
And I am gobsmacked Yahoo has not at least made an attempt at a real social network. They have hundreds of millions of users, at the point they are in giving all their users an automatic account on Yahoo Social might be a dick move, but it's time start taking risks and see what unfolds.
- wasn't able to turn the company around
- wasn't able to monetize tumblr
- wasn't able to capitalize on Alibaba shares
- wasn't able to deliver return to investors
- was able to parachute out of Yahoo with hundred million dollars+
Someone tell me, what CEO out there actually does anything that justifies their insane pay grade because often it looks like someone just waving a baton thinking he/she's a conductor despite how much the orchestra sucks.
Maybe if it actually began investing what it paid out to a revolving door of CEOs looking to make a cool hundred million dollars....just then Yahoo will be a stock worth buying.
That made me lol. They should just keep their gossip columns (half the news on the front-page). The comments on those articles are always entertaining.
If you can't value the state-of-the-art research being done in your labs, then you don't really value a thing.
Is that what Yahoo is these days? Clickbait news and Tumblr? How are they still regarded as a major tech company?
Why would a search company have junk like that ?
How much other worthless baggage do they have ?
Wanted to LOL at this as the other time, i watched one of the 'life hacking' shows of this moron, and he demonstrated how to find out whether an egg is hard-boiled ... by spinning it...
The only real differentiating factor is your tolerance for ramp up time. I expect a programmer to be able to pick up a new language or database within a couple of weeks (tops) in most cases. If I'm hiring full time, that's something I'll tolerate. If I'm hiring a contractor, I'm going to be uneasy about paying high hourly rates for him to learn the job.
The single most effective way that I've found to interview for "interest" is to just get them talking about something they've done before and ask them to go deep into the details. You get everything you need from watching somebody talk, with a smile on their face, about how they solved some problem in a creative way that makes them show some pride. Doesn't really matter what the problem was, if it was a business problem, code problem or hardware problem. The important thing is the level of attention to detail in addressing it.
I've been using this technique for about 8 years now and while I don't make it the exclusive criteria for hiring, every person I've ever hired who has passed that part has ended up in my "great hire" category.
You can learn a lot more from 20+ rapid fire questions than forcing a candidate to eek out an answer to something they're not familiar with. And once you establish the areas they're familiar with, you can ask them truly useful questions.
The key is to look for people who have strengths and not worry at all about gaps in their knowledge. Anyone who has earned genuine expertise in one area will be able to do so in other areas.
The other big mistake most interviews make is forgetting about the "Curse of knowledge" https://en.wikipedia.org/wiki/Curse_of_knowledge
I've seen people research the answer to a question before an interview and then expect candidates to be equally informed without that advantage.
1. If the candidate can't be bothered to complete a 2-4 hour (depending on claimed seniority) code test in the language of their choice, we can't be bothered to talk to them.
2. If the candidate does reasonably well by completing the code test somewhat on time (with a fat margin allowed for them, well, having a life) and within parameters of the task, they're invited for a mostly non-technical onsite meet-and-greet.
3. During the meet-and-greet we make sure that the candidate isn't an axe murderer, is able to hold a quasi-technical conversation, and that both sides aren't immediately scared of each other.
4. The meet-and-greet can also include some low-key architecture discussion. Any nerds worth their salt will be able to conduct this line of questioning without making it obvious that an interview is taking place. Hopefully this isn't a critical step, as a good take-home code test will require the candidate to spend a little time designing or architecting their solution.
After the above has taken place, it should be pretty clear whether the candidate in question is a fit or not. Note that this process is by design missing the useless traditional CS questioning component, contrived problem solving exercises, or a whiteboard code beatdown.
If I had it my way I would do away with the interview process altogether and do something more akin to an internship. Potential employees could start their engagement with a company by working (for pay, mind you) on a very limited basis to solve actual problems that need solving (i.e. "write an algorithm that's 10% more efficient", "create a tooltip that's aware of the viewport in React", etc). Based on their output their engagement could be ramped up until they are brought on as a full time employee. That way it ends up being completely merit based. You can either solve these problems or you can't. And whether or not they ultimately end up becoming an employee doesn't end up mattering because both parties are compensated along the way.
This would obviously put the burden on the company to boil its problems down into smaller, isolated efforts but that's something all companies should be trying to do anyways. In the end, they just want some code written that will end up solving some problem for their customer.
tptacek summarized this in his hiring post:
My personal conclusion is that most companies don't want this for two reasons:
1. culture fit is more important for people in a rigid hierarchical structure, partly because an out of the box thinker could be dangerous for that structure. too much questioning authority, too much pointing out flaws. It's much easier to have a good worker bee than wondering why you need 40 employees to build an automated gif platform.
2. in most companies everyone is very reluctant to make decisions. for example management struggles with clear direction because it opens them up to the question of liability. if they make a decision and it's wrong they might get fired. HR works the same way, if HR passes a resume along they want it to hit a list of keywords, so they can cover their asses if he turns out to be a bad hire.
Basically everyone is so scared to make a mistake that they make a lot more mistakes trying to avoid them.
The opening of the cracking the coding interview she talks about how they don't really care about false positives and negatives, they just want those to stay below a certain threshold. But consider the hiring scale of google compared to a small company and suddenly those things matter.
One bad hire can be toxic. And basing your hiring strategy on something a huge behemoth with infinite money does is kind of silly imho
For example, so I set a test where you have to write some Java, if half the candidates haven't written any Java, they'd all surely do worse on the test than the other half?
Or is their a belief in the industry that there's some scale on which we can absolutely rank all developers - front end, back end, full stack, mobile, desktop, embedded? That sounds like a surprising belief which would require extra-ordinary evidence?
1. The population is heterogeneous: interviews test different skills. All interviews don't test the same set of skills, which is mandatory to compare interview scores because scores are aggregates of these skill tests. Different job opportunities means different skills to test, so it seems reasonable to assume that people evaluation vary for different job opportunities, and thus their scores vary for different interviews.
2. The observations are not statistically independent: past interviews may influence future interviews. People may get better at passing interviews or conducting interviews over time. This would impact their score. It would be good to study the evolution of individual scores over time.
While (1) should strongly limit the conclusions of the study, the complete analysis may simply be irrelevant because of (2) if the statistical independence of observations is not demonstrated. Sorry guys but this is Statistics 101 introductory course.
If you don't have confidence in someone's ability based on their experience and their interview but you did like them, give them a task to accomplish offline. See if their results are anything like your results would be, and bring them in to see how they respond to feedback both negative and positive.
I've seen too many interviews that go along the lines of "How would you rate your Java on a scale of 1-5?" "5" "So how would you fix the problem if your cache hit rate on SomeObscureCommercialProduct went from 94% to 82%?" "Forget that guy. Huge ego. Doesn't know anything."
I did run into one company that had an interesting process for technical validation. They actually hire people for two weeks as contractors and have them work with the team. Then they hold a vote and decide whether to extend an offer.
1) They usually just measure the amount of effort a person has put into studying interview questions. Whether or not the ability to do this translates to being a better engineer is debatable.
2) An interviewer almost always exercise some form of personal bias, whether it be educational, personal, etc. This doesn't always show up in written feedback, but the interviewers with stronger personalities usually dominate interview debriefs, and often influence others into hire/no-hire decisions. This is especially prevalent in smaller startups where the process is more informal, things move quickly, and decisions are based more on gut feelings.
I appreciate there is an appendix addressing this issue, but it does not absolve the issues the analysis, especially since the appendix uses a "Versus Rating" to justify the statistical accuracy of the system, which is also calculated somewhat arbitrarily (since the Versus Rating is derived from the calculated interview score, wouldn't it be expected that the two have a relationship?)
The fact that the results of the non-arbitrary score are centralized around 3 out of a 4 max (instead of the midpoint of 2) implies a potential flaw or bias in the scale criteria. (The post notes that people who get a 3 typically move forward; maybe selection bias is in play since companies would not interview unskilled people in the first place)
That's not to say that the statistical techniques in the analysis themselves are unimpressive though. I particularly like the use of FontAwesome icons with Plot.ly.
Fundamentals: CS basics. I don't nitpick on details. It's more around if you've heard about it or not and if you could figure out how and when to use it.
Structure: I want to see a structured approach to problem solving. Doesn't matter if your code is perfect. Doesn't matter the programming language you want to use.
Curiosity: You need to be curios about things. Asking the "why".
I've turned down candidates who had impressive technical resumes, who had worked in startups that sold, who had been hired on as consultants at various places, etc, because they were unable to solve simple algorithms in a simple manner, and their code was atrocious. Does this mean they're "bad developers"? No. If we were a consulting firm or a startup they might well be worth it; where the important thing is getting code out the door quickly, and to have something that works, even if it's not easily maintainable. But I was hiring for a position that required someone who would keep solutions simple and maintainable ('craftsmanship' rather than productivity, if you will. Note that the former does not necessarily preclude the latter, but it's the trait that was necessary, and was lacking).
Google optimizes for people with strong algorithmic knowledge. It's debatable whether they need everyone to have that, but certainly, many shops don't. Again, I've hired people with no formal CS background, because most of my job's problems don't require you to have deep algorithmic knowledge (the ones that do we can have others address, or work together on).
We know that people can fail one technical interview, while being radiant in another, and the reality is that what we're looking for, and what others are looking for, are often different. That creates a lot of variance in the data when we compare them.
'Programming' is necessary but not sufficient for product engineering and that is what most of these interviews are trying to tease out. Good companies will balance out 'programming' with other rounds like 'technical design' or 'pair programming' or even non-technical rounds with business analysts or product to gauge general ability.
I'm curious about the interviewer community. Specifically things like how are they vetted and how often they come to conduct interviews. It would be cool if there was a community of interviewers for the betterment of the process, but I could see their retention for conducting interviews to only be 1 or 2 before they drop out. I see in the appendix that there are those that do more, but no indication about what percent leave quickly.
A better drinking game might be when a candidate offers a data structure they know nothing about. Would a red-black tree work here? No.. I guess not.
1) Take home test: OK for performance metrics, bad for "getting to know" the candidate, and terrible for selling the candidate on your company
2) Daylong interview: Expensive, requires interrupting our team, needs a fully planned and well executed itinerary - but is perfect for getting to know someone, getting the feel for their personality and interests, and is the best way to sell someone on the opportunity.
3) Work sample: we usually do this for interns and pair it with a ~1 hour conversation (either before or after, doesn't really matter to us) on what the company is like and what they would be working on. Obviously, work samples suffer from the same deficiencies as a take home test for cultural fit and the like, but it's the best we can do for interns!
There might be some merit to why they are doing this but it's impossible for me to engage companies that discount real world product experience in favor of rote memorization.
So far it's a pretty tough nut to crack, lot of product manager interviewers don't seem to know what they are doing, instead relying on law of large numbers and how great their fucking product is blah blah blah (it isn't).
It's a bit worrying since some companies seem to be hiring product managers for some subjective end goal of an improved product and improved sales....they want one person to take the credit from, and the same person to take all the blame...another huge red flag when managers outright tell you they have no idea what to do so they just get someone else to outsource their thinking.
I don't necessarily dispute this state of affaire, but does anyone know how it compares to other fiels/professions? How about interviewing a lawyer? Or a doctor? Or an account manager? Or a product marketer? Are developers the only one with a "broken" interview process?
Does interviewing.io have any plans to collect employee performance metrics from companies that hire via their platform? Is that something companies would be willing to cooperate with?
I've been impressed. They've been very straight forward regarding tech eval with no trick questions and respectful of time. Their interview process is selling me on the company.
For some reason white boards intimidate me. I have terrible penmanship and complete lack of planning how much space I need for writing things. Then there is the fact the markers seem to have a hi failure rate when ever I use them.
Perhaps I'm the only one that feels that way. I have even begged some interviewers that I would prefer them just watching me use a laptop but the offer is typically refused. Maybe things have changed now?
I've been recruiting for a long time, and I'm rarely shocked about the result of an interview - maybe a few times a year. There are tons of possible explanations for that, and lots of possible explanations for your results as well.
Keep up the great work.
Instead, the team hiring should themselves interview candidates and make decisions on who to hire, because it requires personal knowledge that you can't get from tests.
I travel a decent amount, and one of my great joys is being on a plane without wifi but with inseat power (Civ V on the mac is a ridiculous power hog), and knowing that I've got X hours of civilization to play with no one to bother me.
My strategy isn't great, I have everything set to Random, and I just drop into whatever situation and work it. At the end of a flight, I close that scenario, and rarely pick it back up - I start a new one. And I feel relaxed and my mind is clear. It's amazing.
- "Washington spawned too close for comfort; they're a threat to my peoples' long term security. Annihilate them first."
- "Hmm, the Mayans have some strategically valuable territory..."
- "Hey, the Persians are way back in the Renaissance, while I'm in the modern era, and they have luxuries I need. Let's send a few battleships over there."
I still recall being able to recount all of the 7 wonders, all of the large Greek city states, and all that other countless historical context that the developers packed into the game that gave me a slight leg up in middle school history class.
And of course I'll encourage my children to play someday. No childhood is complete without having to fight back Gandhi's unrelenting hordes of musketmen with stealth bombers.
I still play the newer versions now and then, but the original stands out as a paragon of game design. It was grid based, so unit movement was easy with keystrokes. That along with hot keys for everything meant that you could play a complete game without a mouse. This was particularly useful at keeping the endgame speedy. Something that I think is missing in later versions.
This seems unusual; I can point to several popular 90's games that peaked there and never recovered (Roller Coaster Tycoon, Age of Empires II, and arguably SimCity 4 if you include the early naughts). I wonder why; as a player, the Civ model seems preferable (you always have modern versions and new, but not heretical, variety).
Anyone know how I can get Civ III on a Mac?
It's been "not available" here forever: http://www.aspyr.com/games/sid-meiers-civilization-iii-compl...
I've tried playing the Windows version via Parallels but it fails out during load.
But didnt that article seem to stop all of a sudden? I checked twice on my phone to see if i missed a more button.
Didnt civ 4 get an award for audio?(and i loved the music on 4, was so disappointed with 5s audio), the article left me with a , meh, what about. . . ! for so many things.
Being only 32 i would imagine a great article to show me things i didnt know.
Sigh. The temptation to play more right now is strong, but i need to get this work done :-)
web version: https://play.freeciv.org/
Civilization II was easily the best game in the series. It's sad that Civ V, as pretty as it is, is so freaking horrible.
You've Played 786 hours
Last Played Today
I'm sure when Civ 6 comes out we'll have people complaining because it's not like 5 or 4 or whichever one was their favorite, but I like that they change every time. If I wanted to buy a new game every year that was the same as the previous one, I'd be playing Madden.
It wasn't the best gaming experience though. Each turn took like forever (well, minutes), after a few hours we had to pause the game and agree on when to continue the next day.
Still, finding an opponent "on demand" was something that did hint about what was to come later.
(well, there were BBS "door games" earlier, but not really "real time" in the same way)
I think this is in part due to Civ's design of each player gets all their moves consecutively, rather than in parallel. Although it would change gameplay Civ could take advantage of multi cpu by either staging decision trees based on likely actions taken by the player and other civilizations or creating multiple rounds of actions in each turn which are executed in parallel.
This would have the added advantage - if "they" chose to code it this way - for hardcore civ players to offload compute to AWS or other services. I would love to crank up a world domination Civ game with 50+ entities that doesn't take minutes per turn.
Wishful thinking for Civ VI but there you go.
On past experience - they'll fold the functionality of one into the other - partially and imperfectly leaving users irritated once more.
Still - it's not like I'd be safe from this anywhere else. Products from smaller companies are in constant danger of aquihire shutdowns or similar.
And open-source has still yet to produce UX that's much better than 'parity with the mainstream from a few years ago'.
More here: https://nylas.com/n1
(I work at Nylas.)
I ask because I don't want to link my 15 year-old Hotmail account to it if that's the case. I'll just stay with the web client.
I wonder if those of us who already have third-party email accounts in the Gmail app will be automatically upgraded to this.
It seems like for Gmail to provide this functionality, it needs to copy your external email to Google's servers and do server side processing.
I can't imagine that it does spam protection, Google Now cards, and search all client side.
From what I gather those permissions were requested by the exchange server, so my university would be the one to blame. Why a server would ask for this permission is beyond me.
Is it at all possible to make it "an @gmail address" to match the article?
Inbox is worse for me (although I realise probably not for most) because automated emails are usually really important for me as they are telling me something stopped working, but emails from people might not be that important because I get hundreds a day.
Between the issues with the Gmail web client, and the problems I have with Inbox, the whole "Gmail" product is one of the worst products that I have to use, and I try to distance myself from it with good email clients as much as I can.
(1) It is true that this is more likely to turn GitHub into a generic file-dump place similar to DropBox. GitHub's infrastructure is sufficiently good to handle this, and this new addition is unlikely to disrupt the workflow of veteran users. However, since it is likely that some companies will use GitHub for file dumping, GitHub will be justified in charging companies a fee for particularly large repositories -- capitalizing on the file-dumping. I sense an alternate revenue stream coming in for GitHub.
(2) I've often run into situations in which I had written a small script and wanted to quickly turn that into a GitHub repo. To do so, I'd have to go through the online interface to initialize a new repo, and then make a folder on the command line, type a few commands, etc. Though it's a very short process, I couldn't understand why I couldn't just use the online interface to type up a readme and then drag-and-drop my script into the repo. The update smooths this work experience.
(3) Obviously, it'll make GitHub far more accessible to less technical users -- some users are intimidated by the Git learning curve, and this update makes them much more likely to use GitHub (and then slowly learn the ropes of using it via the command line).
(4) By inviting more non-technical users as in (3), it becomes more likely that (1) succeeds.
It may be enough to remove the must-be-programmer-who-understands-git barrier to entry, anyways.
EDIT: GitHub Pages still requires specific file naming for posts and YAML front matter, so it's not perfectly non-programmer friendly. It might be a good idea to write a tutorial as a blog post/screencast, though.
Slightly brings up an interesting point. With native apps, I usually review release notes upon updating. Webapps get to release whenever they please to little notice of the end user (for better or worse). With releasing new webapp functionality, bug fixes, etc "continuously" I think some cool bits get overlooked...
That seems to me like it would be much more valuable, specially for community projects.
It was something we were waiting for for a long time. Now GitHub is light years ahead of its competitors because of this -seemingly small, but actually important- UX change.