hacker news with inline top comments    .. more ..    21 Feb 2016 Best
home   ask   best   3 years ago   
Graphing when your Facebook friends are awake defaultnamehere.tumblr.com
1259 points by adamch  2 days ago   186 comments top 51
ceocoder 2 days ago 6 replies      
My favorite part -

> This friend recommended nvd3.js, presumably because youre not making real graphs in 2016 unless your graphing library is <something>.js and requires at LEAST one other <something else>.js as a dependency. Everyone looks at you like what, you DONT already use <something else>.js? Jeez say goodbye to your Hacker News karma. Just apt-get install npm && npm install bower && bower install- NO STOP IT THIS ISNT WHAT TIM BERNERS-LEE WANTED.

edit: as huckyaus mentioned in a different thread, author did http://swagify.net/ as well. In completely unrelated news, I'm changing my handle to [Tr1Ck$h0t][LEGIT][60x7]$$$C30C0DER$$$, that will make me really popular among the cool kids.

542458 2 days ago 10 replies      
Some people might take issue with it, but the writing for this had me in stitches. I very much agree with the author on graphing libraries - there are a few good simple ones, but as soon as you want anything unusual you have to jump to these big, hard to configure monstrosities. More than once I've just given up and written my own server-side generator.
BinaryIdiot 2 days ago 7 replies      
> If you reload the page youll see approximately fifty-bajillion network requests go off as Facebook desperately tries to load all the junk that it needs to display facebook.com.

I like this part. As a developer I've often looked at the network usage of large websites / web applications and it's always surprising to me just how...unoptimized it is as far as network connections go.

I mean Facebook loads decently enough and all I'm just surprised the first load isn't condensed into a small, handful of network calls to save on latency.

spydum 2 days ago 1 reply      
I like to do this sort of web spelunking all the time.. But the writing and humor really make this more enjoyable than it should be! Of course Facebook leaks info to you about your friends - that is the sole attraction for people to use it! Seems like you could turn this thing into a browser extension as well if you felt daring.. Like some sort of FB snooper.
jonesb6 2 days ago 1 reply      
"If you I dunno, didnt have a lot of friends in high school, you might recognise that as a UNIX time stamp - the time in seconds since midnight, January 1, 1970. "

Great article. And a further reminder why Facebook kinda sucks.

jacalata 2 days ago 5 replies      
As someone who is not personally humiliated by my interest in computers/tech/programming, I wasn't really entertained by the constant "oh yea lol it's cause I'm a waste of oxygen that I know that, don't you hate me as much as I hate myself?" Maybe I know too many nerds with actual self esteem issues to find it funny.
xiphias 2 days ago 0 replies      
So to make it useful it just needs to find the pairs of people who ,,go to sleep'' at the same time
christiangenco 1 day ago 0 replies      
This style of writing is so entertaining; it's like a funnier stream of conscious of what goes on in my head when hacking things like this together. If OP is the author, please write more.
WilliamSt 1 day ago 1 reply      
You should try to add some sort of tracking of when people start to write a message to you. If that's in any way possible. It would be really stalkery if you knew whenever someone started writing a message and perhaps decided not to send the message.
a_bonobo 2 days ago 1 reply      
>Similarly, Im not sure why there are these weird spikes every three minutes (+- ~1minute) sometimes.

Could these just be keep-alive requests? For example, the mobile app checks whether it's still connected?

gengkev 2 days ago 5 replies      
I don't have a Facebook account, but is there really no way to not share your available status to your friends? In Gmail you can simply sign out of Hangouts.

On a side note,

> If youre wondering why the response starts with for (;;);, its to, among other things, encourage developers to use a quality JSON decoder, instead of like, yknow, eval().

This is wrong, as I commented on the linked StackOverflow post, perhaps a bit too strongly. But it's really frustrating to see that people have misconceptions because of incorrect answers on StackOverflow.

buremba 2 days ago 5 replies      
It would be real creepy if someone does the same thing for Whatsapp, you can even predict who's talking to each other much better than Facebook. It's a bit harder to collect data from web.whatsapp.com because it's using Websockets but let me know if someone develop such tool and publish it on Github. :)
awjr 1 day ago 0 replies      
This is very well written, intelligent, and very entertaining. It's almost like he channelled Deadpool. Kudos.

Oh and did not know about the Copy as cURL feature on Chrome!

theon144 1 day ago 0 replies      
I know I'm in the minority here, but I just couldn't bear the writing style. I'm sure the content is interesting, but this article tries way too hard for my tastes. I had to give up after the first couple of paragraphs.
karlding 1 day ago 0 replies      
You used to be able to do this with the Facebook Query Language (FQL) that Facebook exposed, sending something like this query to the FQL endpoint.

 SELECT uid, name, online_presence FROM user WHERE online_presence IN ('active', 'idle') AND uid IN ( SELECT uid2 FROM friend WHERE uid1 = me() )
Unfortunately, the current version of the Facebook Graph API[0] doesn't have the online_presence field, so this is no longer possible. Maybe the Graph API will be updated in the future to also return the online_presence fields?

[0] https://developers.facebook.com/docs/graph-api/reference/v2....

anaphor 2 days ago 0 replies      
I did the same thing with the XMPP interface before they scrapped it and it was obviously much easier...also I used the built in graphing that's in Racket to visualize it. Also I made a thing to do desktop notifications whenever someone came online, which is actually kinda useful.
bijection 2 days ago 0 replies      
Antimatter15 has a pretty cool clock style visualization of this from 2012 [1]

[1] https://antimatter15.com/project/facebook-clock/

drdiablo 2 days ago 1 reply      
Nice work! I really like the idea that the web allows anyone to programmatically dig into the UI and extract data to do things. A friend and I actually made a whole API to interact with FB chat. You should check it out: https://github.com/Schmavery/facebook-chat-api. I'd really love to see what you can come up with, with some of the stuff we support.
glossyscr 1 day ago 0 replies      
"Graphing how addicted your friends are to Facebook and Facebook Messenger"
pranaysharma 1 day ago 1 reply      
Great work and nice style of writing...felt like nerd Deadpool ripping away FB :P
dclowd9901 1 day ago 0 replies      
> when its midnight and your x-axis formatting function doesnt convert UNIX times into JavaScript date objects properly because theres no timezone information and I dunno JavaScript was written by some guy in two weeks (yeah I aint afraid to call it out what of it) and your binary-search based conversion of sparse timeseries data into uniformly dense timeseries data is causing so many data points to be graphed that its slowly crashing Chrome and youre watching helplessly as your RAM goes up and Chrome wont close the tab and it just doesnt seem right that 2016, the year of the Linux Desktop has brought us this situation I mean I thought if you had enough <something>.js libraries this stuff was meant to just scale right up so tha-

So, did you forget everything you learned about memory management? Or do you think Javascript really doesn't have sound memory management principles? Hell, it's not like you need to retain references to rendered points. Just dequeue them. Browser graphing libraries render to canvas which is just pixels.

mattlutze 1 day ago 0 replies      
I followed his GitHub link at the bottom of the post and see that he's Australian. My preconceived stereotypes of Australians suddenly explains quite a bit of his writing style and humor, and makes the post that much more enjoyable.
gohrt 2 days ago 1 reply      
What determines whether the app is online? What happens when the user is using the phone but FB is in the background? Does FB get some kind of update when the user is active on device? Or do OP's friend live in the FB app all day long?
Wingman4l7 2 days ago 0 replies      
Reminds me of the old-school user tracker (whose name escapes me) that would give you a bar graph of your friend's online/offline presence when AOL Instant Messenger was the dominant chat client.
enig_matic7 1 day ago 0 replies      
So, I can mine when my friends are online.

Perhaps, buy some targetted ads about 'SleepCycle' and show them to the naughty ones who sleep less than 6 hours. :P

Matiss 2 days ago 0 replies      
This is awesome! Thank you for sharing the code for this. Overall I would say that this could be very entertaining to watch over multiple sites. Potentially gathering a good profile of your friends over time!
LargeCompanies 1 day ago 0 replies      
This is random, but....

Nice with this data I might finally and truly finish my Social Alarm Clock idea and do so in which it truly improves the sound of your alarm clock; one that always makes you smile, laugh, etc.

There's been tons of social alarm clocks(from Justin Bieber to Nestle to Sony to Wakie, etc) since releasing sleep.fm in 2007 (a century ago in Internet years) yet no one has executed on the idea properly.

dyscrete 1 day ago 1 reply      
Awesome and hilarious article. Id just like to note `for (;;);` is not to prevent users from using bad JSON parsers like `eval` but prevent older browsers with little to no cross domain policy from loading it with a script tag and doing evil XSS by overriding Array or Object constructors or prototypes to pull that data
soofy 1 day ago 0 replies      
Another neat FB analysis:

Data Science of the Facebook World


atrudeau 1 day ago 0 replies      
Cool hack and awesome, fun writing, but on a more serious note : how is knowing your friends' usage/sleep patterns useful in any way? Could it be used for some dark, machiavlique purpose?

And how about for advertisers? "Get your sleeping pills here" type ads?

dmichulke 1 day ago 0 replies      
Thank god HN doesn't have the same feature (ehh, I suppose at least). But how about linkedin and reddit?

I also bet that Whatsapp has this feature since I often see "Last seen at ...".

lewapkon 1 day ago 1 reply      
Are you aware that there is actually no requirements.txt in your repo?
mariust 1 day ago 1 reply      
This is crazy, I had this idea like 1 month ago and I thought I will find some free time to make this happen by the end of this month, I guess I should thank you :) Nice story by the way :)
zimpenfish 1 day ago 0 replies      
You can use the MQTT Facebook plugin for Bitlbee and get similar online/offline/active information right there in your IRC client without all the screen-scraping faff.
Buetol 2 days ago 3 replies      
Small tip: If you don't want to be tracked, you can also turn off the chat.
jordan801 1 day ago 0 replies      
Love it. I knew where you were going right off the bat, but your writing made me read through it. Now I feel like a secret agent. I'm not sure why.
davidwparker 2 days ago 0 replies      
Nice little investigating!

Personally, I have chat off all the time on FB, and I don't have the Messenger (or FB) app on my phone either, so I guess I'm always sleeping :)

merb 1 day ago 0 replies      
Not sure if this blog post is great because of the thing he is doing or the way he writes it.
Globz 1 day ago 0 replies      
Very good and fun to read article.

Thanks for all this amazing info!

peace - [2edgy4u][ev REE DAI][24x7BLAZEIT]|ggg10Bzzz|

obelisk_ 2 days ago 1 reply      
inb4 facebook resolves this issue by banning anyone who's connected 24/7. (that wouldn't solve the problem either way, btw -- a small group of people could conspire to pull this data at irregular intervals and then share the data with one-another to get a more complete picture while still staying reasonably undetectable if done right.)
beatpanda 2 days ago 1 reply      
seriously though how are you not already using D3
aham 1 day ago 0 replies      
This is brilliantly creepy, and so well written as to be both engaging and informative. Thanks!
vmateixeira 1 day ago 0 replies      
Very good post! And very well written, very humorous. Thank you for your teachings as well!
teen 2 days ago 0 replies      
You're really funny! Great post. Highcharts.js is the easiest js library to make quick charts btw.
meapix 1 day ago 0 replies      
I don't have facebook but my friends are on facebook.
pascalmahe 1 day ago 0 replies      
Loved the article. Great writing style!

Especially loved all the links to Facebook :D

AznHisoka 2 days ago 3 replies      
Does this work for anyone, even if you're not their friend?
brightball 1 day ago 0 replies      
Great writing style. Hilarious.
gchokov 1 day ago 0 replies      
Impressive. Kudos to the author.

p.s. I am hiring ;)

yojoma 2 days ago 0 replies      
This was hilarious and really cool!
david90 1 day ago 1 reply      
This is creepy, but yet very good illustration of social engineering
Snowden: FBI obscuring crucial details in Apple case twitter.com
618 points by Karunamon  1 day ago   200 comments top 23
citizensixteen 18 hours ago 3 replies      
More on All Writs Act of 1789.

The Dangerous All Writs Act Precedent in the Apple Encryption Case


"Tim Cook, the C.E.O. of Apple, which has been ordered to help the F.B.I. get into the cell phone of the San Bernardino shooters, wrote in an angry open letter this week that the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. The second part of that formulation has rightly received a great deal of attention: Should a back door be built into devices that are used for encrypted communications? Would that keep us safe from terrorists, or merely make everyone more vulnerable to hackers, as well as to mass government surveillance? But the first part is also potentially insidious, for reasons that go well beyond privacy rights.

The simple but strange question here is exactly the one that Cook formulates. What happens when the government goes to court to demand that you give it something that you do not have? No one has it, in fact, because it doesnt exist. What if the government then proceeds to order you to construct, design, invent, or somehow conjure up the thing it wants? Must you?"

ianamartin 20 hours ago 7 replies      
No tinfoil intended here, but it strikes me as very unfortunate that the Supreme Court Justice most likely to be opposed to this recently passed away last weekend.

In my not-a-lawyer opinion, I think that Apple will absolutely take this as far as it can. With only an 8-member court, Anthony Kennedy becomes even more important than ever.

We should be lobbying SCOTUS harder now than ever before. We need them to rule against this far more than we need to be calling congress people.

We need the Supreme Court to act with the effect of precedent. But I'm not optimistic. We would need Roberts and Thomas to back off their national security platforms, and we need RBG and Kagan to understand the problem better.

Kennedy is a wildcard, but if we can explain the issue in plain English to those key people and get them to agree, this is doable. Alito and Sotomayor will fall in line.

If we do our jobs as members of the body politic, write amicus briefs, and hound the members of the court, this is doable.

Thomas and Roberts can be swayed. So can RBG and Kagan. It would be an easier 5-4 decision with Scalia still around, but this is possible without him, and we need to focus our efforts.

I'll be putting my money where my mouth is over the weekend and creating a website that submits comments to the individual justices. I'll also be asking for help/edits on the boilerplate I'm offering as a starting point.

alblue 17 hours ago 1 reply      
I've written up a summary of the current situation for InfoQ here:


Basically, the FBI shot themselves in the foot by changing the password for the iCloud account within a day or two of the incident, instead of consulting with Apple. This meant the phone couldn't auto backup data which is why the snapshot of the data is not necessarily the most recent. Had they not done this they would have been able to connect the phone to a power outlet and a wifi connection, and it would have uploaded the data to Apple's servers from which they could have asked Apple to acquire the data.

Both Apple and the FBI have been requested to appear before a bipartisan committee to answer specific questions about the case.

notthegov 1 day ago 5 replies      
He is suggesting that the FBI sees this as an opportunity to set a precedent and doesn't care about the data?

If so, in FBI logic, in the future there could be a more legitimate need for Apple to comply because a suspect could have a WMD. But so far no such threat exists.

However, let's distort the issue and exploit this opportunity now knowing few will go against law enforcement tactics against the San Bernardino killers?

Because they will need the power in the future but the public has to be scared into acting now to prevent the real hypothetical future attack?

geographomics 14 hours ago 1 reply      
Snowden's analysis is rather lacking.

He claims that the FBI already has all of the suspect's communication records as retrieved via service providers, but ignores the important detail that iMessage uses end-to-end encryption, rendering any such records unobtainable by the service provider.

Yes, the last backup was six weeks prior to the phone being seized, but this only means that the phone may well include six weeks' worth of pertinent evidence. And there is nothing to suggest that the FBI is only interested in messages between co-workers.

Ultimately, the phone's data would need to be decrypted and analysed to see if the first four assumptions that Snowden makes are actually true.

The final assumption is that there are other feasible technical measures that could be taken to crack this phone. This would perhaps be the most interesting point, but Snowden chose to not expand upon it at all.

musesum 18 hours ago 4 replies      
Senator Feinstein wants with compel Apple to put in a backdoor though legislation: http://www.mercurynews.com/politics-government/ci_29527867/t...Would suggest anyone living in California let her know what you think.

I went to a RightsCon in the midst of the Arab spring. Talked to folks with friends that were being "disappeared" based on what was on their phone.

Meanwhile, David Chaum is suggesting a secret sharing scheme:http://www.therebel.media/david_chaum_restoring_internet_pri...

"Chaums proposed Privategrity system would use nine special servers in nine different countries to encrypt users' data. The theory is, the system would almost always prevent mass government surveillance but would allow government access to combat terrorism or child sex abuse."

trenchy12 1 day ago 1 reply      
The phone in question is a government issued work phone? Hadn't heard that before. Pretty big detail that isn't mentioned often.
nostromo 1 day ago 5 replies      
The intelligence community never lets a terrorist attack go to waste.

I'm convinced they have a wish list in wait for every tragedy. Next on the list was getting a back door on every cellphone.

ojbyrne 23 hours ago 2 replies      
It seems like "parallel construction."


The FBI already have what they need, by illegal means. Unfortunately, due to security, they're stuck.

meowface 21 hours ago 4 replies      
There are allegations that the FBI could easily decrypt the phone if they actually wanted to, found here:



Any truth to this?

ayyghost 1 day ago 5 replies      
I would like to see some clarification on point #5. The only other option I see for the FBI is to continue manually bruteforcing PINs, the arduousness of such a task being why they requested Apple's help in the first place. Is he talking about 0days?
tuyguntn 20 hours ago 0 replies      
Everytime I hear such stories remember about Overton window [1], its a way from unthinkable to policy,

Around 10-15years ago privacy issues were almost unthinkable (phase #1) (average person didn't think about privacy too much), then wikileaks came out, then Snowden (phase #2, radical) and so on.

Sure FBI has access to phone calls in San Bernardino case, but they are making buzz in news, in order to step to next level, probably from sensible phase into popular, then naturally next step would be `policy phase` and surveillance would be totally legal and everyone will accept this, if not we, then next generation would accept it.

[1] - https://en.wikipedia.org/wiki/Overton_window

ryan606 14 hours ago 1 reply      
If Snowden's allegations are true, then it seems pretty clear that the FBI already has all information they claim they need, and doesn't need Apple's help. Rather, this seems to be a "land grab" by the DOJ/BHO Administration to secure government access to all communication devices, all in the name of "National Security". Not unlike the 2001 Patriot Act. Very sad.
cat-dev-null 21 hours ago 1 reply      
Does anyone have additional follow-up details of the supposed black SUVs at Apple Cupertino? VEEP, POTUS, TLA, etc.

EDIT: Previous item: https://news.ycombinator.com/item?id=11120365

augb 11 hours ago 0 replies      
This may have already been stated, but in case it hasn't ...

If Apple, as a legal "person" [1], can be compelled against their will to create something that does not exist at the government's will, then what is holding the government from compelling an individual to do the same?

[1] https://en.wikipedia.org/wiki/Legal_personality#United_State...

MikeNomad 15 hours ago 0 replies      
The lies that so many of the citizenry buy into are far from nuanced. Rather, they are bald-faced. Often, the liars simply rely on Status Conferral, Ignorance, and Indifference to get by. I contend that Twitter is as much hindrance as help.

It has been a long time since the citizenry last needed to fully engage the Check Boxes of Government: Soap, Jury, Ballot, Ammo. A lot of folks are having a hard time believing the last one is an option. Know Your Roots, indeed.

blazespin 23 hours ago 0 replies      
Does anyone know which version of iOS 9 the device is? Plenty of security updates just in 9.2.1 alone:https://support.apple.com/en-ca/HT205732

I'm sure if must be an early version of iOS 9. Probably lots of zero days (that are no longer zero days) available.

nickysielicki 1 day ago 5 replies      
Maybe I'm too far-out there, but what do we really know about the NSA's quantum computing abilities?

Given their budget and their ability to keep things under wraps (eg: consider the scope of PRISM and how they ran that for close to a decade), is it that crazy to think this is a debate they don't care about winning?

Teams at universities made 16 qbit machines something like 5 years ago. D-wave claims 512 qubits today. I don't think it's out of the question that NSA is far ahead of both of them. D-wave employs "100+ people" according to Wikipedia. NSA is estimated to have upwards of 30,000.

It makes a lot of sense, then. NSA got caught with their pants down, naturally backlash from it is still happening today. So if your opponents are going to be winning some ground back, the best PR move is to have them win ground that doesn't matter. (Or that won't matter in a couple years.)

I think these debates about the necessity of key escrow and modified firmware are conversations they're having with the intention of losing, to prevent meaningful pushback but to still provide the illusion of it.

It just doesn't make sense to me that they would invest billions into dragnet infrastructure with the knowledge that something as inevitable as letsencrypt or an iPhone passcode could make it all useless.

Edit: wording and some additional comments

markman 8 hours ago 0 replies      
I think apple should tell the court/gov to fk off!
Shivetya 16 hours ago 0 replies      
I am more concerned about the idea that the phone password was changed after the government obtained the phone. How is that story not gaining more traction?
draw_down 14 hours ago 0 replies      
I don't think the backups they got are viable because apparently the suspect's employer changed the iCloud password.
mayneack 1 day ago 2 replies      
Off topic, but this is exactly the scenario that Twitter wants to replace by expanding the tweet size limit. Instead of a picture of text, we could expand to real (presumably searchable) text.
jack9 1 day ago 1 reply      
I'm a fan of snowden, but this is wrong on so many levels it's hard to understand why anyone thinks his points are valid? This is about privacy and technology - depending on the specifics. I'm not sure what these points are speaking to, because it's none of the relevant issues...I guess it's just to contradict the FBI?

1. Can't prove all when there's data that hasn't been retrieved (encrypted data). What they do have is irrelevant.

2. What they do have is irrelevant...is this a pattern?

3. What they do have is irrelevant. Also, coworkers aren't what they are looking for...wtf

4. Irrelevant...wtf

5. Unsubstantiated and unlikely that Apple has a way to break it's own strong encryption. Apple probably can disable the bricking-by-attempts. If the FBI are so damn confident the 256-bit AES key can be bruteforced, they can damn well do it themselves.

Umberto Eco has died bbc.com
539 points by kawera  1 day ago   126 comments top 22
zorpner 1 day ago 6 replies      
Umberto Eco on operating systems and religion, in 1994:

The fact is that the world is divided between users of the Macintosh computer and users of MS-DOS compatible computers. I am firmly of the opinion that the Macintosh is Catholic and that DOS is Protestant. Indeed, the Macintosh is counterreformist and has been influenced by the "ratio studiorum" of the Jesuits. It is cheerful, friendly, conciliatory, it tells the faithful how they must proceed step by step to reach - if not the Kingdom of Heaven - the moment in which their document is printed. It is catechistic: the essence of revelation is dealt with via simple formulae and sumptuous icons. Everyone has a right to salvation.

DOS is Protestant, or even Calvinistic. It allows free interpretation of scripture, demands difficult personal decisions, imposes a subtle hermeneutics upon the user, and takes for granted the idea that not all can reach salvation. To make the system work you need to interpret the program yourself: a long way from the baroque community of revelers, the user is closed within the loneliness of his own inner torment.

You may object that, with the passage to Windows, the DOS universe has come to resemble more closely the counterreformist tolerance of the Macintosh. It's true: Windows represents an Anglican-style schism, big ceremonies in the cathedral, but there is always the possibility of a return to DOS to change things in accordance with bizarre decisions.....

And machine code, which lies beneath both systems (or environments, if you prefer)? Ah, that is to do with the Old Testament, and is Talmudic and cabalistic.

(from here: http://jowett.web.cern.ch/jowett/EcoMACDOS.htm )

schoen 1 day ago 3 replies      
One remarkable thing about The Name of the Rose is that the characters in it don't think and talk like modern people who happen to have been transported into the Middle Ages. They seem to think differently -- about what's possible, what people can expect from life, how you know things, what counts as an argument...

Possibly my favorite part:

"What you say is very fine, Adso, and I thank you. The order that our mind imagines is like a net, or a ladder, built to attain something. But afterward you must throw the ladder away, because you discover that, even if it was useful, it was meaningless. Er muoz gelchesame die leiter abewerfen, s er an ir ufgestigen . . . . Is that how you say it?"

"That is how it is said in my language. Who told you that?"

"A mystic from your land. He wrote it somewhere, I forget where. And it is not necessary for somebody one day to find that manuscript again. The only truths that are useful are instruments to be thrown away."

The "mystic from your land" was Ludwig Wittgenstein, who said that in his Tractatus 591 years after that conversation was set, in modern rather than medieval German ("Er muss sozusagen die Leiter wegwerfen, nachdem er auf ihr hinaufgestiegen ist") - "he must, so to speak, throw away the ladder after he has climbed up on it".

fenomas 1 day ago 4 replies      
Foucault's Pendulum was maybe the most transformative book I've ever read - it changed how I think about literature (and of course the Knights Templar). Ah well, guess it's time to reread it. :(
nappy 1 day ago 0 replies      
It's sad to lose such a great thinker.

For those who haven't read anything by Eco but want something more digestible on a Friday evening than a novel, I highly recommend his essay Ur-Fascism. Eco was brilliant and had a clear-eyed view on the lasting impact of the Middle Ages into today... and it's pretty clear how growing up in a fascist society impacted his views.


His reflections on fascism remain as important as ever.

hodwik 1 day ago 0 replies      
I started reading Numero Zero for the first time a few days ago, and decided to stop, because I had a feeling he might be dying soon. It's the last book of his I have left to read, and I wanted to make sure I had something to read of his after he passed. Sorry I don't have to wait.

RIP -- Mr. Eco. Your books instilled in me the love of reading when no one else could. I will always owe you one.

officemonkey 1 day ago 3 replies      
Harper Lee and Umberto Eco in the same day. It's like when Shakespeare and Cervantes died on the same day.
pklausler 1 day ago 1 reply      
I'm going to re-read The Name of the Rose this weekend and raise a glass in thanks to all the pleasure that this wonderful writer has added to my life.
patkai 1 day ago 0 replies      
"The Antichrist can be born from piety itself, from excessive love of God or of the truth, as the heretic is born from the saint and the possesed from the seer. Fear prophets, Adso, and those prepared to die for the truth, for as a rule they make many others die with them, often before them, at times instead of them." Umberto Eco, The Name of the Rose, p. 491.
imrehg 20 hours ago 0 replies      
The concept of the anti-library definitely shaped my approach to knowledge a lot.

Umberto Ecos Antilibrary: Why Unread Books Are More Valuable to Our Lives than Read Ones https://www.brainpickings.org/2015/03/24/umberto-eco-antilib...

JoeDaDude 1 day ago 1 reply      
In addition to literary works, Umberto Eco also had a hand in designing a card game. The game used custom designed cards to represent characters and verbs which the players would use to tell a story.Some information (and photos) are available at Board Game Geek:


blackdev1l 1 day ago 0 replies      
It's 1:45 am here in Italy and this news is a true shock.
jplahn 1 day ago 2 replies      
We read Name of the Rose in my 10th grade English class and it was a tome that challenged us all for the couple of weeks that we pored over it. I love that book. I've read it one other time since then and it's amazing the number of layers that continue to appear when you read it a second (and, presumably, a third) time. When you spend so much time dissecting somebody's work, you develop a sort of relationship with them, one that forms easily when you have a teacher that distills a deep appreciation for the work you're knee deep in trying to understand.

Mr. Eco you will be missed.

koevet 20 hours ago 0 replies      
It's probably worth mentioning that very recently Eco, along with other writers such as Hanif Kureishi and Tahar Ben Jelloun, decided to leave his long-time publisher, Bompiani, and start a new publishing house, named "La nave di Teseo" (Theseus' vessel). It did that at 83, investing 2 millions euros in the process. Remarkable.
kh_hk 16 hours ago 0 replies      
Hearing the news I couldn't help but think about the first game I've ever played, "La Abadia del Crimen", a version of "The Name of the Rose", for Amstrad CPC.



ZephyrP 1 day ago 0 replies      
Foucault's Pendulum is one of the most interesting books I've ever read. He'll be missed.
rcurry 1 day ago 0 replies      
I can't believe how many legendary people have died in the last few months. I still remember reading Foucault's Pendulum when it came out in English - I was too young to really dig the story at the time, but I can recall struggling to get my head around some his prose because he was just on a whole different level from the other books I had been reading back then.

I read Baudolino some years ago, but didn't come away from it with the same sense of awe that I got from reading Name of the Rose, or Foucault's Pendulum.

PavlovsCat 1 day ago 2 replies      
I didn't read any of his novels (yet), but this I consider one of the most important documents I'm aware of.


If we still think of the totalitarian governments that ruled Europe before the Second World War we can easily say that it would be difficult for them to reappear in the same form in different historical circumstances. If Mussolini's fascism was based upon the idea of a charismatic ruler, on corporatism, on the utopia of the Imperial Fate of Rome, on an imperialistic will to conquer new territories, on an exacerbated nationalism, on the ideal of an entire nation regimented in black shirts, on the rejection of parliamentary democracy, on anti-Semitism, then I have no difficulty in acknowledging that today the Italian Alleanza Nazionale, born from the postwar Fascist Party, MSI, and certainly a right-wing party, has by now very little to do with the old fascism. In the same vein, even though I am much concerned about the various Nazi-like movements that have arisen hereand there in Europe, including Russia, I do not think that Nazism, in its original form, is about to reappear as a nationwide movement.

Nevertheless, even though political regimes can be overthrown, and ideologies can be criticized and disowned, behind a regime and its ideology there is always a way of thinking and feeling, a group of cultural habits, of obscure instincts and unfathomable drives. Is there still another ghost stalking Europe (not to speak of other parts of the world)?

vermontdevil 1 day ago 0 replies      
I liked the book, The Name of the Rose. Got me hooked on historical fiction books after such as Sarum among others.

Not a bad film too with Sean Connery and Christian Slater.

neemsio 23 hours ago 0 replies      
greenyoda 1 day ago 3 replies      
- This story claims it's a hoax:


"On Friday (February 19) the author's reps officially confirmed that Umberto Eco is not dead. He joins the long list of celebrities who have been victimized by this hoax. He's still alive and well, stop believing what you see on the Internet, they said."

- Wikipedia reverted the notice of his death, saying it was a false rumor:


Edit: Now Wikipedia is saying that he's dead.

Edit2: Now the BBC is reporting his death: https://news.ycombinator.com/item?id=11137855

davidw 1 day ago 1 reply      
I trust that dang et al will replace the link with one in English when it becomes available.

(Which he/they have, transporting/merging the comments with this story... that was kind of weird)

zouhair 1 day ago 0 replies      
Frigging 2016. The hecatomb year.
How Googles Web Crawler Bypasses Paywalls elaineou.com
611 points by elaineo  1 day ago   227 comments top 43
lloyddobbler 1 day ago 5 replies      
"Remember: Any time you introduce an access point for a trusted third party, you inevitably end up allowing access to anybody."

See also: http://www.apple.com/customer-letter/


slig 1 day ago 2 replies      
If they're now blocking clicks from Google, doesn't that mean that they're cloaking and violating the Google's Webmaster Guidelines [1]?

[1]: https://support.google.com/webmasters/answer/66355?hl=en

anewhnaccount2 1 day ago 1 reply      
If this is true, what WSJ is doing is called "cloaking" and should cause it to get de-indexed: https://support.google.com/webmasters/answer/66355?hl=en
eps 1 day ago 1 reply      
Correct me if I'm wrong, but wasn't there a long standing Google's policy that the version of the page served to their crawler must also be publicly accessible. That would then be the reason why WSJ articles were accessible through the paste-into-google trick, rather than because WSJ was incompetent and failed to "fix" the bypass.

So does it mean that Google will no longer index full WSJ articles or does it mean a change in the Google's policy?

zaroth 1 day ago 10 replies      
And congratulations, you have likely just "exceeded authorized access" and committed a felony violation of the CFAA punishable by a fine or imprisonment for not more than 5 years under 18 U.S.C. 1030(c)(2)(B)(i).

From the ABA: "Exceeds authorized access is defined in the Computer Fraud and Abuse Act (CFAA) to mean "to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter."

To prove you have committed this terrible felony, the FBI will now demand that Apple assist in disabling the secure enclave of your device in order to access your browser history. But remember, they only need to do this because they aren't allow to MITM all TLS and "acquire" -- not "collect" -- every HTTP request your machine ever makes. </s>

mbroshi 1 day ago 6 replies      
Am I alone in feeling like this is akin to a tutorial on how you can shoplift without getting caught? WSJ, for better or worse, does not want to give you content without your paying for it. If you take that content without paying, you are stealing. Just because you have figured out how to get past their security does not mean it's not stealing.

(See the second precept here: https://en.wikipedia.org/wiki/Five_Precepts)

mikemikemike 1 day ago 1 reply      
This is an odd debate. Let's say a restaurant declares "veterans eat free." This blog post is like a friend telling you "Hey if you tell this restaurant you're a vet they'll give you a free meal." No one said it's legal or ethical. It's lying to trick someone into giving you something at their expense.

I think the relevant point, underscored by the author's last sentence, is it doesn't matter who you open a back door for - it opens the possibility for anyone to barge through.

metafunctor 1 day ago 3 replies      
I'm pretty sure Google will soon stop indexing WSJ. Why index something if the vast majority of users cannot access the pages behind the links?

EDIT: The "paste a headline into Google" trick still works for me, though. If this continues to be the case, they will keep indexing, of course.

mangeletti 1 day ago 3 replies      
This is not meant to be purely controversial, but I thought long and hard about WSJ back a few months ago when HN mod (always forget his name) said to stop complaining about HN links being posted because paywalls were ok. I agree paywalls are ok. But some things are not ok.

Take a look, for instance, at the WSJ.com home page with an ad blocker turned on (note all the missing letters and scrambled up titles). They want me to pay, and they want me to see ads, and they want to track my behavior? Should I send them my DNA also?

Organizations like WSJ are exactly the disease that causes ad blockers to proliferate and ruin the web for all the decent publishers. They're at war with my privacy (by breaking their site intentionally when I visit with a blocker on). They want it all, ads, tracking, your private data, and subscription revenue, not to mention...

# Agenda-Driven Content

I mean, we're basically talking about NBC or Fox here, just on the web. Imagine every morning when you woke up you turned on the television and tune to some "news" show. After talking about the weather, they start talking about a lost pickle that is thought to be potentially alive and moving about with free will. Over the next two years, talk about the same pickle extends to every other TV show. Before you know it, everybody in the nation is talking about the same pickle. Years go by, and that pickle has become a part of our society, and that's not because people are born with an innate care the well-being of pickles, but because "news" shows taught them to be.

That's not a good position to be in. I have to believe I'm not the only one in here that doesn't watch any TV. So, why do we all treat the same media giants differently on the web? We crave their content so much that we build browser add-ons to get to their content, etc.

sylvinus 1 day ago 1 reply      
Well, that trick won't last long either. It's trivial to verify that an IP indeed belongs to Google:


kenshaw 1 day ago 0 replies      
Basically, the article is stating to change the User-Agent to GoogleBot or Bing or whatever other crawler UA you'd prefer. While that's doable, that's something that is easily detectable and prevented, as all of the big crawlers can be validated against DNS.

Additionally, I would like to point out that I wrote a Varnish extension for the express purpose of validating User-Agent strings through DNS lookups, and is available here: https://github.com/knq/libvmod-dns

It was built because we had specifically a problem with bad bots crawling a large site (multiply.com) and this was one of the easiest ways to filter out the bad bots from the good, and to enforce robots.txt policies on a per bot basis. It works very well, as you can do any kind of DNS caching internally and prevent this kind of behavior, if that's your goal.

jrochkind1 1 day ago 0 replies      
I thought Google specifically disallowed returning different pages based on User-Agent targetting googlebot, and this included paywalls.

Are they running afoul of Google policies and going to get pinged by Google?

I can't find the text from Google now (when can you ever find any docs at google?), but I am very certain I remember reading from them that you may not return different content to GoogleBot based on User-Agent.

matt_wulfeck 1 day ago 1 reply      
I like wsj but I only read maybe 1 article every other day. They need a more reasonable price point, especially since the market will almost bear no price at all.

That being said I do enjoy their content, save for maybe the op-eds.

crazysim 1 day ago 2 replies      
Doesn't this kind of also hurt SEO? I'm would guess Google has some automated system to detect and apply a negative signal to sites that provide different content to a Googlebot user agent than a non-Googlebot user agent. I guess these sites are counting that the other signals outweigh that negative hit.

Otherwise, why would expertsexchange be obligated to provide the answers at the very bottom? Did something change?

Gratsby 1 day ago 0 replies      
If you hit a paywall or a "sign up to access this content" message from a google search result, report it. Google will remove them from the search results, they will lose their largest traffic source, and they will address the issue. Or they won't because they have enough paying customers.
zem 1 day ago 1 reply      
i thought of doing that when the "search google" trick stopped working, but i decided it crossed the point where i would feel like i was unfairly circumventing their clear desire not to serve me the content. i've just added wsj to my mental ignore list and count it as a few more minutes gained to do something else.
jdunck 1 day ago 2 replies      
If Google (or any other crawler) wanted to play nice with paywalls, they could issue a public key for their bot, and put a signature in their User Agent string that the domain could then verify.

Those signatures could obviously leak, but on a per-domain basis. Perhaps the domains could have a secure way of bumping the valid key generation if they had a leak.

hueving 1 day ago 2 replies      
Based on the comments here, am I to understand that constantly browsing the web with my user agent string set to a googlebot string, I am committing a felony? How would I even know which sites I'm gaining unauthorized access to?

That is completely idiotic if there is a string you can put in a Mozilla browser config that is literally illegal to browse the web with.

mchahn 1 day ago 1 reply      
Bypassing the paywall is more unethical that blocking ads. It is one thing to have control over your own browser but another to steal something from another site.

Also, isn't it illegal to bypass computer security?

chrishn 1 day ago 0 replies      
> Remember: Any time you introduce an access point for a trusted third party, you inevitably end up allowing access to anybody.


ikeboy 1 day ago 2 replies      
New workaround: paste the article title into archive.is. I don't know what they're doing but they have a workaround of some sort.
jgh 1 day ago 4 replies      
I just tried clicking on "Harper Lee, Author of To Kill a Mockingbird, Dies at Age 89" from wsj.com's homepage and got the paywall.

I then pasted the headline into google and clicked on it from Google results and did not get hit by the paywall.

throwaway21816 1 day ago 0 replies      
>Archaic news source does something to hurt their market penetration to internet

Great idea here guys

GigabyteCoin 1 day ago 1 reply      
I was under the impression that the "hack" whereby you searched for the article on Google and clicked through to that article (effectively skipping over the paywall) was a demand of Google's and not an oversight by the paywalled website.

I thought that google deemed providing search results which were behind paywalls as a "bad experience" for their search users, and would penalize websites for doing so.

Is this no longer the case?

tete 1 day ago 0 replies      
Doesn't Google usually try to punish websites that show users something different and even mentions that somewhere?

Not an SEO Expert here, but wonder how and whether Google will end up handling that. I mean making an exception could also be considered abuse of power in some countries of the world. Don't have any strong opinion yet on that, just saying that because of how the EU exercised certain laws in recent years.

Illniyar 1 day ago 0 replies      
Aren't you supposed to verify if a visitor is a googlebot by reverse lookup of the IP address? I.E.:https://support.google.com/webmasters/answer/80553?hl=en

User-agents are notoriously unreliable.

f137 10 hours ago 0 replies      
I wonder if anybody tried to do as suggested? I copied the files to Chrome as per instructions, and the paywall was still in place.
philip1209 1 day ago 0 replies      
I wonder how many Google Cloud customers use the servers to run spoofed Googlebot crawlers from the Google IP range in order to bypass paywalls and scrape large sites (like LinkedIn) without hinderance.
0xCMP 1 day ago 0 replies      
It's broken already. Tried to access an article about new china rules for online news and it pay-walled me. They're probably looking for clients coming from googlebot.com now.
mikestew 1 day ago 1 reply      
So does HN now choose to not post articles from the WSJ? I was comfortable with the "google it" trick, and frankly was a little annoyed with constant "paywall, wah!" comments when what should be by now a well-known workaround was available. But that workaround no longer works.
coverband 1 day ago 1 reply      
My Windows anti-virus deletes the linked sample code automatically upon download, marking it as "Trojan:Win32/Spursint.A". Did anyone have the same experience? (I was actually more interested in using it as a template for writing a simple Chrome extension.)
daveheq 13 hours ago 0 replies      
Possible in Firefox? Some people won't use Chrome.
yyin 23 hours ago 0 replies      
Does WSJ check visits from a Googlebot UA against a list of known Google IP addresses?
jasonwilk 1 day ago 0 replies      
I've noticed that this has stopped working on WSJ if you've already hit the paywall and try to google the article to bypass.
warrenmar 1 day ago 1 reply      
You can also access WSJ for free at the library.
jupp0r 1 day ago 0 replies      
It's not bypassing at all. Googles crawlers are deliberately let in because a paywall that nobody runs into is useless.
amelius 1 day ago 0 replies      
Fix: replace the user agent string by a cryptographic challenge/response scheme.
pmontra 1 day ago 0 replies      
They'll start allowing only some IP addresses search engines agreed with them.
spitfire 1 day ago 0 replies      
Is there a version of this available for Safari?
systemz 1 day ago 1 reply      
So their next move is check if IP is from Google
chinathrow 1 day ago 0 replies      
So soon they have to block anyone with a fake Google UA and whitelist the well known 66.249 IP range. Trivial.
dude_abides 1 day ago 1 reply      
Or simply use incognito mode and click on Google search result.
obelisk_ 1 day ago 1 reply      
1. Google's Web Crawlers are not "bypassing" paywall. It's the paywall that let's crawlers through. I.e. exactly the reverse of what the author implies with their headline.

2. The idea that this is somehow new is wrong. The way for a server to identify crawlers have "always" been to look at the user-agent, and, when done right, IP, verified either by net block owner or by doing PTR lookup and then checking that the A or AAA record for the claimed host points back at the same IPv4 or IPv6 address. Meanwhile, I do agree that paywalling is a more recent phenomenon, at least with regards to the extend it is popular among sites today, but the concept of presenting different data to crawlers and visitors arose much earlier and is something Google have been aware of and has made sure to delist such sites when found, whereas in fact Google has since then moved abit in the direction of allowing it in that they do so for Google News if declared as explained by others ITT.

So in my view, it seems that the author is jumping to incorrect conclusions based on an incomplete understanding of what's actually going on here. What then about the HN readership, how come this article became so highly voted and I don't see these issues raised by anyone else? Or maybe I'm just crazy?

Go 1.6 is Released golang.org
559 points by geetarista  3 days ago   350 comments top 29
sinatra 3 days ago 11 replies      
Go checks a lot of boxes for my ideal language for developing web services: Static type, C derived, has garbage collection, generates a single binary, supports concurrency very well, is opinionated, is small/simple, its community prefers to just use standard lib for most work, etc. Yes, Generics is an issue and so is debugging. But, overall, I can't think of many other options that check so many boxes.

EDIT: I must highlight the point about checking lot of boxes. In many discussions about features of programming languages, we get responses like, "language Y does that too. Why not choose that language?" Well, because we don't pick languages for one specific feature. We pick them for the combination of features.

jonesb6 3 days ago 8 replies      
The reason I love Go is that every time I pull it out, I write a small amount of it and it runs beautifully. For example my company has a critical micro-service implemented in ~300 lines of Go, it's been running for six months now without a single hiccup, highly performant, very sexy.

The reason I will almost never use Go for web apps is because interaction with databases is limited (almost entirely) to raw queries. Maybe I'm spoiled by the likes of Active Record, Sequelize, Mini-mongo, Sql-alchemy, etc, but it's a huge drop in efficiency to spin my own SQL.

The point to take away here is that Go, more so then many other languages IMO, has its strengths and weaknesses. If you use Go in one of it's weaker use-cases you're gonna have a bad time. If you use Go for one of it's strengths you're gonna have a great time.

See you guys and gals in n weeks when we need to rehash the pros and cons of Golang again.

nathany 3 days ago 1 reply      
There is a Go AMA on reddit for the next 24 hours.


eddiezane 3 days ago 6 replies      
I've really enjoyed the time I've spent with Go but feel like the state of dependency management has kept me away.

Am I being stubborn in my longing for an npm, Ruby Gems, or pip? Is there a reason why one of these hasn't emerged/been adopted by the community? (I'm aware of the 1.5 experiment with vendoring.)

Semver and pinning versions has always just made sense to me. I can easily adopt new features and fixes automatically without worrying about things breaking.

How does the community feel this far along?

Cyph0n 3 days ago 4 replies      
I can't wait to see what's new in 1.6! I really had a pleasure working with Go for my senior project last year. If I need to write either a server (HTTP or TCP/UDP), or a client application that must be easy to build and distribute, Go is my first choice.

What Go is lacking at this moment in my opinion is:

1) A comprehensive and mature web framework. Play w/ Scala is my go-to choice now, with Django a very close second.

2) A decent cross-platform GUI toolkit; heck, I'd settle with Qt and/or .NET bindings for Go. The power of Go is statically linked binaries, and I think the area of desktop applications will be easy to target if a good solution emerges.

dominotw 3 days ago 4 replies      
I've been writing some gocode recently and huge chunk of code is

if err != nil ...

I know you can do if ; err!=nil but that not that much better and you end up in deeply nested if blocks.

i have to mentally block out err !=nil to read any gocode linearly. How is this acceptable, I don't get it.


We recently scanned all the open source projects we could find and discovered that this snippet occurs only once per page or two

This seems false from my experience, def way more than 1 or 2 instances per page.

golergka 3 days ago 1 reply      
I just recently started with go, but I love how simple (apart from horrible $GOPATH) and effective that is.

Still can't get over the moment I realized that in order to deploy my web server on an empty virtual box all I had to so was to build and upload. After all the languages and frameworks that required endless customization and setting up it was a true eureka moment.

protomyth 3 days ago 4 replies      
Can someone give a decent explanation of the following:

1) Supposed I have a library that was written in C that receives a security update which is used in a Go program. Under what conditions do I need to get a recompiled version of the Go program.

2) Supposed I have a library that was written in Go that receives a security update which is used in a Go program. Under what conditions do I need to get a recompiled version of the Go program.

3) Is there a way to tell from the binary that the program was written in Go?

Trying to figure this out for my Sys Admin dealing with Vendors role.

jernfrost 2 days ago 0 replies      
Read the debate with Go vs Java here with interest. I'd like to add a point I think is missed by the Java crowd in favor of Go.

Complexity isn't free. Java might have and abundance of tools, IDE's, language features etc, but you can't claim that matching up every Go feature or tool with something superior found among the huge Java universe makes Java superior in every way.

I find that there is an unfair assumption being used by the Java advocates, here which is that every software developer has a deep knowledge of Java.

As one of those people who can certainly write Java code, but who is not familiar with the Java eco system and has not spend a lot of time with I must say that Go to me is a clear winner.

My exposure to professional Java development has been quite frustrating compared to writing Go code. Every Java project I have gotten has used some different built tool: Ant, Maven or Gradle. They have also all seem to use different IDE's. The complexity of each of these tools is staggering. Considerable time has to be spend learning these tools.

Go in comparison is laughably simple. You can get productive in less than a week without ever having used the dam thing. The tools and the libraries are very quick to get into. In fact I find Go code so easy to read that although I am an iOS developer by trade, I frequently read Go code to understand how various algorithms and network stuff works.

An organization would easily be able to add people to a Go project without much previous exposure to the language. Adding people with limited Java knowledge to a Java project however would be far more expensive. Considerable time would be needed for training.

There is a lot of money to be saved from having a well thought out standard library combined with a simple language with simple well thought out tools.

As a Swift/Objective-C developer, my major gripes with my development process is actually the complexity of the tooling. Both Swift and Objective-C are fairly straightforward languages IMHO. In this regard I greatly envy Go developers although I do enjoy the strong typing and generics in Swift.

kampsy 2 days ago 0 replies      
I fell in love with python because it was clean and easy to work with. Like most developers, I used to use c when I needed a performance boast. Then I got fade up and decided to learn a new language that could give me the feel of python and the performance of c. Two languages from a list of 10 passed the above criteria Go and Rust. Java did not even make the list because I Don't use languages that are owned by evil empire's(Oracle).

I went with Go because it was easy to use and understand. I could read other people's code easily( Even with a large code base, I have never found myself scratching my head trying to figure out my own code does), could set up my workspace in less than a minute and all the text editors I used (sublime, Atom, Vim) supported it. I Don't really care about the fancy IDE's. Just syntax highlighting and code completion is good for me.

I started learning go on September 2015. And I have managed to implement the porter stemmer algorithm and an inverted index in it. Miss generics but LOVE interfaces. The fact that any concrete type that implements method 1 satisfies interface 8 is awesome. You can easily reuse code from different package without changing anything.

alblue 3 days ago 0 replies      
Release notes are here:


Notably new this time is transparent http/2 support and tighter rules for integration with C.

dh997 3 days ago 1 reply      
Go CSP is minimal and ortongonal, I just wish it did three things:

0. could lto optimize or link against a shared library to reduce the titanic size of compiled programs and cut down on duplication of instruction. Therue is no practical sense in wasting memory and storage on systems with dynamic linkers: edge cases of including the world for rare situations but YAGNI in real production systems.

1. could output flat binaries and self-host runtime (panics) for practical kernel development in Go

2. Generics (both types and immutable constraints), I think C++1z has the right approach to this (and constexpr and constant arrays are nice and are able to provide more hints to the compiler).

I also wonder why Go wasnt developed as an IR compiler / llvm frontend, because it would've levered an existing debug and portability ecosystem with much less work.

sriram_malhar 2 days ago 1 reply      
Have been using Go since its release, and like the deployment experience, the feeling of solidity of putting together a tight system. The toolchain is great. 1.6 is yet another Solid release in that direction. Thank you all.

However, the _language_ doesn't give me much programming pleasure alas. Since there is plenty of time for Christmas, here's my syntax wish list :)

'?': C's if-then-else operator.

Block-syntax for closures ala Ruby. Unifying blocks and closures makes creating DSLs easy, but doesn't add to cognitive load (no more than using anon funcs)

Pattern matching like Scala, ML, Rust.

Sum types -- (Yeah, I lied. Not just syntax enhancements), or at least discriminated unions. I'd like to see an example (in the FAQ entry on the topic) on why support for it is troublesome.

For 2017 Christmas, -------------------

Macros ala Nim.

Systemic support for Goroutines, including detection of conditions where a goroutine would never get scheduled. Erlang-like tools for built-in goroutine insight.


My ideal language would be an intersection of Nim+Go

zenlikethat 3 days ago 0 replies      
Congratulations to the Go team! There are many excellent folks working on the Go language and it's been an absolute joy to work with in my experience.
ukd1 3 days ago 0 replies      
https://golang.org/doc/go1.6 - lists the changes
Exuma 3 days ago 3 replies      
I upgraded and it broke our app, something to do with the way it handles https has changed, not sure what
pori 2 days ago 1 reply      
Seen a lot of Erlang mentions in this thread. Is that the native alternative to Go?

Personally, I prefer to write code in a functional manner. While I've always thought Go looked like an amazing platform for programming in general, I haven't been keen on moving to another imperative language.

It seems the landscape for functional alternatives are mainly Scala and Clojure which are both based on the JVM and require a bit of time to learn the tooling. I am not a Java or JVM export, so I haven't been too inspired by this either.

bmh_ca 3 days ago 4 replies      
Go has a lot going for it.

That said, there were a few points I noted, based on a recent go I gave it (pardon the pun), at least in relation to my style of development for this project:

1. It's hard to tinker, mostly because it's fussy about what variables are defined or used. This is a strength in the usual course, but when one is trying to posit what a poorly documented 3rd party API is doing it can be a serious pain.

By tinkering, I found that I often had to comment out or uncomment lines, or handle or ignore errors. There was a lot of flipping up to the beginning of the file. I would spend so much time fiddling with the lines that I would at times forget what I was even trying to do.

I might just have memory problems, I acknowledge. :)

However, what would make sense is a go "mode" where it runs in a non-strict way, with what would ordinarily be errors being warnings. A "tinker" or "whirl" mode, so to speak, that softened the requirements so one could get a better sense of what was happening before committing to a design.

An interpreter mode might also be quite valuable, to address this problem and the ones below.

2. Error propagation - I see the point of errors being returned and the lack of a "throw/catch" style, and its benefit, but I feel it's a lot of typing for marginal gain. I usually end up with an error propagating a set of strings that ultimately conclude as: "Database error: transaction error: processing error: http error: reason", which is to say: equivalent but less information than a stack trace would give. I see the mandatory error acknowledgement simultaneously as a strength and a waste of time, and I admit being on the fence about it.

3. The next point I am not on the fence about: Debugging. It is not apparent how to get a stack trace, and the best option looks like including a third party application that generated errors. For the obvious and reasons below, this is a problem.

4. Package management: This was fussy and could be time-consuming. It is not apparent to me why one needs a GOROOT and a GOPATH. I think Python's virtualenv gets it right, by comparison. A second but related problem is package versions. Maybe I'm missing something, but making sure you get the latest semantically equivalent version (in the semver sense) was not apparent.

5. Package debugging: If you include a 3rd party package, and it's broken in any way, it's a veritable quagmire to identify and fix the problem. My experience was that the best way to debug a third party package was to block and copy all its bits and then debug it as a local source in your own. Obviously this is bad for a long number of reasons, and I might be missing something, but no more apparent option appeared when I investigated on how to tell what is even happening inside third packages.

6. Automated testing: I've not seen a test runner that reloads when source files change, particularly one that might be used with goapp from AppEngine, meaning go auto-testing can be quite a bit of patient thumb-twiddling as the binary reloads.

Which is all to say that there are some concerns about developing a larger project in this language, particularly if there is quite a bit of complexity that needs lots of testing or potential debugging and/or inclusion of many third party packages.

I've not reviewed the 1.6 notes, so perhaps these are addressed to some extent there.

In any case, none of the issues above is insurmountable, and overall I give the Go design a lot of credit for experimentation and interesting choices, but the issues I've seen above give me pause before committing a team to the language for the moment.

niccaluim 3 days ago 2 replies      
Not officially. "Go 1.6 is soon (but not yet)." - commit message from today.
helper 3 days ago 0 replies      
Rebuilding our integration docker image right now. If all our tests pass I expect to have go 1.6 binaries in production by this evening.
rphlx 2 days ago 0 replies      
> Source trees that contain a directory named vendor that is not used in accordance with the new feature will require changes to avoid broken builds

That seems a little bit distasteful.

jay_kyburz 3 days ago 1 reply      
Can anybody tell me if you can run Go in Chrome using the NaCL stuff? I remember there was talking of it a few years ago but I don't know if anything ever came of it.

A google seach show that you could build for NaCal in Go 1.3 but only run it in special builds not Chrome itself.

CSDude 3 days ago 0 replies      
I would just love some IDE-debug love and better packaging. More packages I use and more I distribute my files, compilation takes considerably longer. Maybe I do not know, but is there some process to compile some parts before hand and link only the changed resulting binary?
robbles 3 days ago 3 replies      
There was some discussion leading up to the release about whether to merge the "SSA" branch, which seems to be a refactor that allows for easier compile time optimisations but also slows compile times for the time being.

Does anyone know if that was included in this release?

kiril-me 2 days ago 0 replies      
Do you know any framework using http2 on go lang?
enneff 3 days ago 1 reply      
Binaries are up but not everything is fully updated yet. Announcement blog post coming shortly.

Edit: Blog post up: https://blog.golang.org/go1.6 maybe change the article link to that?

andreamichi 3 days ago 0 replies      
A draft for the 1.6 release notes: https://tip.golang.org/doc/go1.6
obelisk_ 3 days ago 1 reply      
Release notes: https://golang.org/doc/go1.6

Mods, maybe change OP link to this?

fuddle 3 days ago 1 reply      
Go is great, but I wish they would add terany operator support.
iTerm2 Version 3 Now in Beta iterm2.com
613 points by rickhanlonii  2 days ago   240 comments top 49
gnachman 2 days ago 36 replies      
(author here). I pushed out a promotion today to let users know about the new version before auto-updating everyone. It breaks backward compatibility with applescript, so it'll be a rough upgrade for some folks.

I'd love to hear any thoughts on how to make this less painful.

My first experiment with in-app advertising (promoting the beta version through a popup dialog) has gone well, with a 31% click-through rate, and of those 25% downloaded the beta.

swagtricker 2 days ago 2 replies      
Great app. This announcement reminded me that I use it every day & hadn't donated yet, so I did. $10USD won't be retirement money, but at least have a beer & tip your bartender:)
jpsim 2 days ago 7 replies      
I'm sure I'm missing iTerm2's big appeal, but every time I try to use it, I find myself going back to Terminal.app, which I find more responsive and just as featureful, especially when combined with zsh and a windowing manager. That's probably just because I'm familiar with it and I didn't come from tmux or anything similar, but I keep hoping I'll be "enlightened" at some point and realize the error of my ways ;)
venantius 2 days ago 0 replies      
I just donated $25. iTerm is an amazing piece of software and I honestly can't imagine living without it.
matt_wulfeck 2 days ago 3 replies      
Iterm2 was one of those things I was not expecting to miss so much when I switched to a Linux desktop. There's something about the look and feel of text that I'm used too. Don't get me wrong, there's good terminals for Linux, but I think iterm2 was the best. I'd gladly pay for a Linux port.
isomorphic 2 days ago 5 replies      
I love iTerm2, I keep up with the "current" beta versions, using them all day in production.

I would love it if they'd make a "dark" titlebar version of the window chrome. My setup currently has windows without any titlebar at all (thanks to iTerm for that feature!), but it makes rearranging windows challenging.

I look forward to trying out the newer features!

sstanfie 1 day ago 0 replies      
I'm sure if you're reading these comments, iTerm is the program you use the most on the Mac.

Give George a donation through the Donate button on his site (https://iterm2.com/) to let him know how much we care about this tool. Takes 10 seconds if you have PayPal.

dchuk 2 days ago 1 reply      
One of the best mac apps in existence but holy jeebus is the naming a mess:

- It's called iTerm2 Version 3 now, rather than iTerm3- It's called iTerm2 Version 3 now, but the actual app version is 2.9

glossyscr 2 days ago 4 replies      
iTerm is OSX' killer app.

Couldn't find anything similar on Windows. I used MobaXTerm which is ok but never feels as polished and slick as iTerm. Especially iTerm's own fullscreen mode which allows to quickly alt-tab is great.

sstanfie 1 day ago 0 replies      
Another suggestion: how about simply calling it "iTerm". This can be version 3. I know "iTerm2" was a fork of the defunct original iTerm. But now that you're pushing through to v3, in kind of makes sense to reclaim the title.
kaishiro 2 days ago 1 reply      
I played with iTerm2 for a while (coming from Linux) because I was told I had to have it. I switched back to Terminal.app after my last clean install because I didn't really see what I was getting.

For someone who tmuxes for tabs and splits, what am I missing?

AceJohnny2 2 days ago 1 reply      
So if I'm running iTerm2 Test release 2.9.date (current 2.9.20160206), does that mean I'm running the v3 beta?

Its version names are confusing.

_aarti 2 days ago 3 replies      
I have used iterm for a long time and I would like to donate to your project. I make all my donations with Patreon, would be great if you could add support for that, if it's not too much trouble. https://www.patreon.com/
hk__2 2 days ago 1 reply      
> Undo closing sessions, tabs, and windows. If you close a session by accident, you get five seconds to hit Cmd-Z to undo it.

Does that mean my session is not really closed until 5 seconds after I closed it?

Philipp__ 1 day ago 0 replies      
You guys deserve all the best. Will make the donation soon... (student here) I have never came across terminal app that is working with you... urxvt and many other on Linux were always working against me. This one was drag and drop and it works.
cooper12 2 days ago 1 reply      
> Session Restoration allows your jobs to keep running after iTerm2 upgrades, is force-quit, or crashes. It's like tmux without tmux!

Anyone know how this works? From my basic (possibly incorrect) understanding, iTerm currently spawns a bash shell for each tab which in turn has its own children for its processes; so killing iTerm would kill all of its children. Does it use a separate daemon process to spawn children now?

pmoriarty 2 days ago 2 replies      
Is there a way to make a previously hidden iTerm window show without also bringing any other iTerm windows to the front?

I'm looking to replace TotalTerminal with iTerm (since TT doesn't work on El Capitan without making OS X less secure), and tried using a function key to hide/show a small iTerm window, but while that does work, the problem is that when it shows the small window, it also shows my regular large iTerm window as well (which I have always running) and the times when I want to show the small iTerm window I don't want the large iTerm window obscuring what's behind it.

Not sure if I explained that well, but that's what I'm hoping to find a way how to do: basically have a small, TotalTerminal-like iTerm2 window that pops up when I hit a certain keyboard shortcut, without also bringing up any other iTerm2 windows that I may have running in the background.

I'm also open to suggestions for other TotalTerminal replacements that work on El Capitan.

sstanfie 2 days ago 1 reply      
Can we configure iTerm2 v3 now with a simple file? It's so difficult to programmatically create profiles, setup typefaces and colors.
octref 2 days ago 0 replies      
> iTerm2 has been updated for the modern Mac OS X "flat" look and is stunningly beautiful.

It does look very polished! Just two things:

When you choose "No title bar", the rounded corners and drop shadows all disappear so it looks a bit too "sharp".

And it would be really great if you can add an option to specify internal padding, similar to urxvt's internalBorder.

Great work and thanks again!

dsego 2 days ago 1 reply      
Didn't know you can ls and then cmd+click to open a folder/file. And alt+click positions the cursor. Nice touches.
fmela 2 days ago 1 reply      
This is fantastic. I love the new look, and the font rendering seems to be even nicer than before.
erikb 1 day ago 0 replies      
There are a lot of people expressing their love for the tool but until now I fail to see why. "Love" is not a good enough reason for me to exchange a seemingly good enough standard tool with something else. Also the situations in which I want to optimize the Terminal are few. Right now I can only think about copy&paste and as far as I can tell that is solved in the standard terminal already.
biztos 1 day ago 0 replies      
I'm late to the thread but just wanted to say THANK YOU for all the hard work in general; and especially now for this:

"iTerm2 can change your profile (for example, affecting the color of your terminal) when you ssh to a remote host, when you run sudo, or even depending on your current directory."

Like many people, I use profiles mostly to have different colors for different hosts. This will make my workflow a little easier and a lot more consistent Every. Single. Day.


blckshp 2 days ago 2 replies      
I have been a long time Visor/TotalTerminal user and wanted to try iTerm2 on 10.11 but was concerned with its use of the Sparkle updater framework. I could find no sign through all of my research if confirm if updates are performed through https instead of http and I declined to install it. I also couldn't find a way to contact the anyone to ask, so I'm glad you posted. So? What does it use? Don't you think this may be worth noting on the announcement or changelog?
jgworks 1 day ago 0 replies      
A quick and dirty one-liner to pull the newest xkcd:


yeukhon 2 days ago 0 replies      
Is there a screenshot for the new version...?
asd 2 days ago 0 replies      
Amazing work. This app has so many features that I think go unnoticed to many. I recommend going through all of the tips of the day (iTerm2 -> Show Tip of the Day) and perusing the various preferences available in the app.

I donated a while back and will be donating again tonight.

ozy123 2 days ago 0 replies      
Undo closed window is sweet. Nice work.
strages 1 day ago 0 replies      
It would be great having little video's of each new feature. For example with the automatic profile switching, or the marks/shell integration features.
slajax 2 days ago 0 replies      
Thank you for all the hard work of the iterm2 team.

I've used this application for years now and without it, I would be useless.

I do 99% of my development within it, so it really is a super important tool for me and I'm very very excited to see it's continued improvement.

spleeder 1 day ago 0 replies      
One of my favorite new features has got to be true color support.
pkmishra 2 days ago 0 replies      
Thank you so much for your hard work. It's default terminal for me.
monkmartinez 2 days ago 2 replies      
Zsh shell via iTerm2, coupled with prezto or Oh my Zsh == Nirvana.
joshontheweb 2 days ago 1 reply      
I just donated but do you ever consider charging? I think most here would pay. iTerm2 really is the best option and provides a lot of value to developers who make money using it.
Fizzadar 2 days ago 0 replies      
Awesome - I've almost forgotten Terminal.app exists these days. Shell integration is super exciting, I can see myself using that a whole lot in the coming months.
coldtea 2 days ago 1 reply      
I've been trying iTerm on and off (sometimes using it for months) but always went back to the Terminal.

So far, this release seems it will finally make me switch.

iso-8859-1 2 days ago 1 reply      
There is already the need for standardization on inline images, as notty uses another approach than iTerm2, which uses another approach than Terminology.
a-b 1 day ago 0 replies      
I'm waiting for mutt and weechat to adopt a new iTerm2 inline images feature. That would be epic!
machbio 2 days ago 1 reply      
I started using Mac since September - Iterm2 saved from the horrible Mac Terminal.. But why is there no option to rename Tabs ?
ronjouch 2 days ago 0 replies      
Kudos for the changelog starting with a very succinct summary + link, then expanding what changed :)
pholz 1 day ago 0 replies      
great app, i've been using it for a while (i also use terminator on linux). together with homebrew and fish it makes the osx command line experience fantastic!
sadiqevani 1 day ago 0 replies      
I freaking love it, especially tabs and fonts, thank you for the hard work man.
Ezhik 1 day ago 0 replies      
Why is it not called iTerm3?
hanniabu 2 days ago 2 replies      
Issue: On mobile the hamburger menu isn't expanding

Android, Samsung S4, Chrome V. 48.0.2564.96

aethant 1 day ago 0 replies      
Loving it so far! Thanks for all your hard work.
bechampion 2 days ago 3 replies      
that is the one thing i miss from osx .. i had all kinds of triggers on screen , specially colouring ip addresses , and urls and guids .. hope it comes to linux one day.
pvinis 2 days ago 0 replies      
iterm is the best terminal i have found. well done!

ps. people should run iterm, and then press cmd-/ to see something fun! ive seen them change a few times.

random3 2 days ago 0 replies      
Love iTerm2, upgraded and donated :)
obel1x 2 days ago 1 reply      
the linked filename says v2.9?
Harper Lee has died nytimes.com
455 points by lolptdr  1 day ago   163 comments top 18
haberman 1 day ago 12 replies      
I loved "To Kill a Mockingbird" so much when I read it as a kid. The moral of the story seemed really obvious. In the last few years I came across this article which blew my mind and changed my perspective about the book's meaning a lot:


616c 1 day ago 1 reply      
Nothing blew my mind in the last few years like discovering how close Harper Lee and Truman Capote were, as they were both authors I idolized at different stages of my life.


And that Dill was partially based on her childhod friendship with Capote.


This seems to be well established now in pop culture and art, but I was completely unaware when I first heard.

The fact the world has such inspired people, despite their stressful surroundings was a blessing to us all in the form of great art.

Goodbye, Harper.

rm_-rf_slash 1 day ago 0 replies      
They say an artist is never appreciated until they die, but I believe Harper Lee was one of the most rightfully appreciated authors of our time. Most of us have read To Kill a Mockingbird, at least, and for those of us who did, it was a powerful indictment of America's eternal and original sin of race and exploitation. A book or a death changes little in a broad cultural context, but it serves to remind us how we can and should all be better to each other. Rest in peace.
ldd 1 day ago 3 replies      
Real courage is when you know you're licked before you begin, but you begin anyway and see it through no matter what.

That is one of my favorite quotes of all times, specifically taking into account the setting of the book.

newscracker 1 day ago 0 replies      
> Until last year, Lee had been something of a one-book literary wonder. To Kill a Mockingbird, her 1961 epic narrative about small-town lawyer Atticus Finchs battle to save the life of a black resident threatened by a racist mob, sold more than 40 million copies around the world and earned her a Pulitzer prize.

That book by the "one-book literary wonder" was unforgettable for many things, including the fact that it was one of the first books I read twice. I'd say that that one work that stood strong for decades across generations should probably not be used to diminish the author using terms like "one-book wonder".

libeclipse 1 day ago 0 replies      
"Shoot all the bluejays you want, if you can hit 'em, but remember it's a sin to kill a mockingbird."

This is sad news indeed.

bfrancom01 1 day ago 2 replies      
I couldn't stand most of the books I had to read in high school, especially To Kill a Mockingbird. Others included The Great Gatsby, & Lord of the Flies. All awful books IMO, & still dreadfully awful. I can't believe American culture thought (still thinks?) those books were good. Luckily I read books that I liked on the side to make up for it.
orbitingpluto 1 day ago 0 replies      
It is some small comfort that her legacy cannot be further tarnished under the fiction of her consent.
seeing 1 day ago 0 replies      
Harper Lee's words: all I want to be is the Jane Austen of South Alabama.
padobson 1 day ago 1 reply      
Atticus Finch is maybe the greatest character in American literature.

His courage in standing against racial injustice is notable, but the true depth of the character comes from his quiet strength and his unabashed dedication to his family and his fellow man.

He's always there for his children, tucking them in at night and encouraging them to be good to each other and their neighbors. He's always ready to impart wisdom and morality upon them in the most gentle manner.

But still there's that quiet strength, as in the scene when he shoots the rabid dog. Watching the scene through Scout's eyes, a powerful figure comes alive in the person of Atticus for the first time - showing us that a strong man is prepared to stand up both against moral and physical oppression.

As role models go, you could do a lot worse than Atticus Finch.

grecy 1 day ago 4 replies      
To Kill A Mockingbird is still one of my all time favorite books and movies. Sad news.

Has anyone read the newly released book? Thoughts?

fbernier 1 day ago 3 replies      
Sad news, but on a totally unrelated note: Why is the date in the URL set to tomorrow?
jamesDGreg 17 hours ago 0 replies      
"Shoot all the blue jays you want, if you can hit 'em, but remember it's a sin to kill a mockingbird."
guylepage3 1 day ago 0 replies      
Harper Lee was one of my favorite authors when I was a child. A true legend.
CaiGengYang 1 day ago 0 replies      
Great book by a legendary author ---- I still remember I had to read the book during my secondary school days for my literature classes and we were tested on the material in the book during our finals. I really enjoyed the book (very poignant ending) and I would read the book multiple again and again during my free time.

A timeless storybook about bravery and courage in the face of blatant racism and discrimination. As a society, we should work towards ending racism and discrimination in all spheres and this book will surely play a part towards this goal ...

mignev 1 day ago 0 replies      
sad news :(
ck2 1 day ago 1 reply      
Author ONLY of "to kill a mockingbird" (seriously, she only ever wrote one book, weirdness)
huntleydavis 1 day ago 2 replies      
While this is tragic news, this really doesn't feel at all correlated to HackerNews.
Why Apple Is Right to Challenge an Order to Help the F.B.I nytimes.com
412 points by doe88  2 days ago   306 comments top 31
msravi 1 day ago 6 replies      
From here (4th para from the end): http://www.nytimes.com/2016/02/19/technology/how-tim-cook-be...

"Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity."

If this is true, it sort-of implies that Apple would have done it, but secretly, and they were forced to take their very public stance because of the FBI's posturing.

bsder 1 day ago 8 replies      
The best way to put this for the other side is:

"How about we start with FBI mandated remote control gun disablers given that it's guns that killed these people? Oh, you're concerned that someone will figure out how to bypass it, and it won't just be the FBI disabling your gun?

Congratulations. You now understand my position."

cptskippy 1 day ago 1 reply      
What bothers me most about this article is the following statement which is accepted without contest.

"Law enforcement agencies have a legitimate need for evidence, which is all the more pressing in terrorism cases."

What makes a terrorism case more pressing? How many domestic terrorist attacks have had related followup attacks? How many domestic terrorist cases have been linked to other domestic terrorist attacks? How many domestic terrorist attacks have been carried out by the same set of individuals or groups?

The reality is that domestic terrorist attacks are not common or frequent, there is no urgency in investigating them because they do not lead to followup attacks. They're coordinated events, not a series of related events so there's no pressing urgency?

moonshinefe 1 day ago 3 replies      
The fact that Apple has made this issue very public (with http://www.apple.com/customer-letter/) is unprecedented almost (Lavabit and SOPA had some similarities). I applaud them for taking a stand and not just giving in.

If this legal precedent gets set that the FBI can force US tech companies to break into their own customers' encrypted data, you can bet the industry will lose millions if not billions of dollars worldwide in tainted reputation.

Who's going to buy US companies' devices that claim privacy via encryption if they're easily backdoored at the FBI's request?

grecy 2 days ago 9 replies      
I've been explaining this case to others and I've come up with a good way to make them understand.

"Instead of the FBI making this request, how would you feel if the Government of China were asking? or Russia, or Syria? Do you want them to have the ability to read your encrypted data off your iPhone?"

buzzdenver 1 day ago 7 replies      
Doesn't the fact that Apple is capable of unlocking the phone mean that a backdoor already exists ? Then it's just a question of a lone wolf telling the FBI how to do it, maybe along with using some secret keys that could be stolen if Apple is hacked like Sony was. I would like a phone that is unhackable even by its creator. Anything else is just a question of time to get broken into.
ikeboy 1 day ago 1 reply      
> It is also theoretically possible that hackers could steal the software from the companys servers.

It's also theoretically possible for hackers to steal Apple's private key from their servers, in the exact same way. As far as I see, there's no change to the threat model by Apple making a new software version, and signing it using the same process they use to sign other versions of iOS. It's useless if not signed, so the real worry is someone having the ability to sign it, and that applies exactly the same if Apple signs iOS or FBiOS.

This suggests the authors don't understand the technology well enough to know this.

edit: this is assuming the software is locked to a specific device. So the signing doesn't matter to any other device. If the software worked on all devices, then a leak of a signed version would be problematic. Although even if they couldn't lock it to device, they could make it only work for a short time, say a week, so if that signed version leaks later it would have no effects (I'm not sure if you can change the clock on a phone without unlocking it though).

zaroth 1 day ago 0 replies      
The problem is not ability to search the device after it has been cracked, the problem is specifically does the government have the power to force companies to develop backdoors for their own devices?

In this case the cracking capability is for a locked phone in FBI possession. Let's assume the same technique isn't possible on newer phones. So what about the next case where the FBI wants remote access over LTE while the phone is unlocked / in use by the suspect?

If you can use All Writs Act to compel Apple to develop the first backdoor, then surely the same is true for the second.

chrischen 2 days ago 3 replies      
This is also a great product move by Apple, as if they win it shows even the FBI can't access your locked phone.
stillsut 1 day ago 0 replies      
Couple of thoughts:

- Doesn't an iPhone become completely secure if you prevent if from passively polling for OS updates. If the iPhone would only poll and install updates after user un-locks and allows, then there would be no way change the necessary software configuration without breaking the encryption. And the encryption can't be broken, thus if you could chose OS -level default "don't accept or even check for any updates without user permnission" you really would have an unbreakable device. But if they ever did implement this, it would be terrible for Apple's forced upgrades and their platform would fragment into many incompatible versions. I think everyone knows which option Apple will chose between: CompletelySecurePhoneOS or AbilityToForceUpgradesAndPatches.

- Correct me if I'm wrong but didn't Tim Cook initially state cracking this phone was impossible according to Apple's experts? And now it seems it's a quite reasonable issue of Apple signing an OS-update specific to this device's unique ID; so quite feasible. So was that a lie?

rrggrr 1 day ago 0 replies      
Let iPhone users opt-in and you'll find far fewer proponents of backdoor encryption than will be reflected in Congress. I wouldn't be surprised if most in the LE and Intel communities didn't opt-in. Why? Perhaps because the USGOV has yet to prove they can keep their own data secure. The Office of Personnel Management hack, Clinton official emails on a private server, and many more instances have shaken the faith in USGOVs ability to be an effective steward. I'm in favor of master keys for the FBI after they prove to the public, in a transparent and accountable manner, that those keys can be kept unassailably secure from misappropriation or abuse.
cmurf 1 day ago 0 replies      
What if Apple's coerced firmware update bricks the phone? That's destruction of evidence they'd need immunity from. What trust and conflicts arise when a company has blanket immunity from such evidence being destroyed?

So many slippery slopes.

geggam 1 day ago 0 replies      
When two nuts with rifles trigger a "National Security" problem I think the problem is with the Nation not the people.

What happens when an entire nation threatens us ?

mrb 1 day ago 4 replies      
Off topic, but: "Apple is doing the right thing in challenging the federal court ruling requiring that it comply"

I am not a native English speaker. Why "it comply" and not "it complies"?

TheAppGuy 1 day ago 1 reply      
I've got a feeling we're being manipulated by someone with an agenda at play.
InTheArena 1 day ago 1 reply      
The guy who wrote the two most important 4th amendment case opinions over the last thirty years (both in favor of privacy rights, both by 5:4 votes), and who had the longest record of cracking down on laws that were being stretched to cover uses never imagined (which by definition, the Writs law is being abused) just died.

It's not good timing....

GnarfGnarf 1 day ago 2 replies      
Why doesn't the FBI copy the contents of the terrorist Farook's iPhone to a second iPhone (after all, it's only a hard drive). Make ten attempts on the second iPhone, brick it, then copy the contents again, try the next ten digits, and so on until they hit the combination?
LeicaLatte 1 day ago 1 reply      
Curious if Apple is breaking any user agreements if they end up doing this. Sharing information on servers is one thing. Sharing a key which enables access to all future communication too is different. Does their EULA cover such scenarios? Can it open them up to possible lawsuits from its users?
clumsysmurf 2 days ago 7 replies      
One thing I hope can be clarified: Is the FBI asking Apple to patch iOS on this one device, one time only (in a way that can not be reused) ... or are they asking Apple to provide a "reusable" patch / modification that allows future devices to be accessed?
jy2947 1 day ago 0 replies      
I may be wrong - but I have a feeling that, technology companies like apple and google are developing software on device to make user data so protected that they will say "I can not technically to crack my software" even ordered by a Judge (presumably for legit reason), thus the DOJ is using this case trying to prevent it from happening. And, if this is the case, then personally I am at the DOJ side, because I recognize this is a less ideal world (actually I think it is even worse), and this country is technically in a war.
mgleason_3 1 day ago 2 replies      
Given the powers and size of the national security budget and the NSAs in particular, why do they need Apple? Shouldnt the NSA be able to crack this on their own?

Kinda makes ya wonder what all that moneys spent on...

j_m_b 1 day ago 0 replies      
Glad to see this from the editorial board of the NYTimes
Tepix 1 day ago 0 replies      
Has there been any precedent of (the|a) government forcing someone to sign a piece of code against their will?
botw 1 day ago 0 replies      
I wonder why the head of FBI didn't ask Tim Cook first in private. or I missed something?
redindian75 2 days ago 4 replies      
Wonder why can FBI just hand the phone to Apple keep the phone just get the data we don't needed specifics.
tosseraccount 1 day ago 1 reply      
Apple indeed may have a right to refuse the administration.Does the administration have the right to remove Apple Computer from the GSA government purchasing schedule?
EGreg 1 day ago 0 replies      
All they need to do is compel companies (by hook or by crook) to install backdoors in their algorithms or hardware.




Who is to say that other state actors haven't done the same to chips produced by their companies? The truth is, the genie is out of the bottle.

A year and a half ago, I wrote a serious article on this: http://magarshak.com/blog/?p=169

Shivetya 1 day ago 0 replies      
So here is a simple question. How will we know if the US becomes successful in having manufactures put in a backdoor? Can it be done to the current 6 models through a software update?
marincounty 1 day ago 0 replies      
Does anyone feel this whole incident is a carefully staged by the FBI and Apple?

I'm not into conspiracy theories, but I'm wondering on this one.

Why would the FBI, or Apple make this so public? The Apple letter seemed staged?

The federal government always seems to get what it wants in the end, especially if one has a lot to lose?

I imagine the conversation starts off with an indignant, appalled CEO.

"Hell No--I'm not giving you access to my customers data!"

Federal government counters with, "Do you want us to scrutinize your past, and present life?"

"Do you want us to look at every stock trade you ever made?"

"Do you want us to publicize the personal information we have on you already?

"You know we can make your life misserable? You know we can make your companies life misserable?"

No this isn't Russia, but our law enforcement branch of the federal government scares me, and I'm a nobody. There's been some deaths, especially in tech, that seem suspicious. The drug overdoses--guy in San Francisco that was about to give a talk on ATM hacking comes to mind.

That tech guy who died in that fiery car crash on Los Angeles.

(I don't want to argue with anyone. I have no evidence. Just a weird feeling. And yes, Tim Cook seems like a choir boy. He comes across as someone who doesn't even jay walk.)

marcoperaza 1 day ago 1 reply      
TLDR for what follows: Mandated backdoors must be a red line, but this is not a request for a backdoor and actually seems pretty reasonable. Trying to argue that the tech industry shouldn't help, even in this case, is not only the wrong position in my book, but a sure way to lose the bigger debate.

My views on the general encryption controversy are:

1. Everyone must be free to make their technology as secure as they possibly can. There can be no mandated weakening of security, back-doors, or other requirements to make the information more easily accessible by law enforcement. On newer iPhones, Apple has patched up the flaw that the FBI wants their help with exploiting. They must continue to be allowed to do that.

2. The government must be able to demand, with a court order predicated on probable cause, that companies provide any and all information that they have that could be useful in circumventing their security features. This can be everything from technical specifications and threat-model analyses, to lists of unpatched vulnerabilities and code-signing keys.

3. It seems to me that American companies have a moral obligation that goes beyond the legal obligations in point #2. They should be actively assisting the government in recovering information, especially when concerning issues of national security. In extreme circumstances, like total war, this should definitely be legally mandated. I'm undecided as to what the policy should be generally. On a practical level, it's probably not feasible for the government to, e.g. start hacking around the iOS codebase themselves, so just information might not be enough.

I'm not too troubled by this court order, especially given the particular circumstances. The right to make products as secure as you can, even from yourself and the government, is what's really important to defend. Trying to argue that the tech industry shouldn't help, even in this case, is not only the wrong position in my book, but a sure way to lose the bigger debate.

Apple's definition of "backdoor" is highly suspect. A backdoor is if I ship my product with an intentional vulnerability, so that I can hack into it later. Apple's not being forced to add a backdoor, it already exists because the security features break down against an adversary that has Apple's private key, at least for the default 4-digit PIN configuration. Now the government is asking them to use their own capabilities to help hack this phone. Of course, Apple didn't create this backdoor for malicious reasons, they just didn't include themselves in the threat-model, greatly simplifying updates and other security features, and allowing the walled-gardenness of iOS. It's also central to the walled-garden. Curiously, this is in direct contradiction to their claim for some time now, that they were designing iPhones such that they themselves can't break into them.

Now put yourself in a Congressman's shoes. The FBI has been telling you for years that tech companies are being purposefully antagonistic to their legitimate search and seizure authority. That the tech companies are purposefully designing features with the sole intention of shutting the government out. Now here's a case where there was no mandated backdoor, the government was able to devise an exploit method, and they got a court order from a judge to make Apple use it on a dead terrorist's phone. "Mandatory backdoors would hurt everyone's security", one of the arguments that we've been winning with, now sounds like a bullshit cover for "we are against any government surveillance". Can you smell the legislation coming yet?

Disclaimer: These are obviously my own personal views and nothing else. They do not necessarily reflect the opinions, policies, or practices of anyone but myself.

(Reposted from https://news.ycombinator.com/item?id=11131456 with additional)

buzzdenver 1 day ago 1 reply      
I wouldn't be surprised at all if Apple already gave a version of the OS to the FBI that enabled them to brute force the password for that one phone with the condition that they publicly put up this show as if they were not cooperating.
Issue and Pull Request templates github.com
515 points by joshmanders  3 days ago   135 comments top 26
jamesRaybould 3 days ago 3 replies      
There is already a way of doing this using the URL like: https://github.com/jamesRaybould/go-mssqldb/issues/new?body=...

You can then add it as a simple href to the readme.md.

It also means that you can have multiple templates depending on what a user wants to do, just by having multiple links and changing the content of the `body` parameter.

Simplest way to get going on this is to use http://urldecode.org to write the markdown you want and then hit the encode button, take the result and add it after `body=`

We also use it to auto-assign labels using `labels=` in the URL

erikb 2 days ago 1 reply      
Now I actually start to worry. Did anybody here ever have the problem of making people happy with a software project?

The usual complain goes like this "You need to do X because I want to be able to do Y." In the complainers mind there is the untested idea that having X will enable him to do Y which solves his unspoken problem Z that he isn't even aware off. The thing is, at this time you don't know Z. You don't know if Y is really solving Z. And you don't know if X is really solving Y. And neither does he. But if you want him to use your tools he doesn't need to worry about that as much as you.

What happens if you just go like "Okay, user wants X, here is X!" is that the users will continue to complain (maybe even more) because Z is still not solved, and because there was no testing and planning involved X is actually creating another problem Z2 that nobody had before. At least that's my experience with an open source project I managed for about 3 years.

What I found actually needs to happen is to discover Z and to discover a way to solve it in the context of the project (which other people may not be as aware of as you are), and with an at least minimized chance of creating more problems. Then this actual solution needs to be sold to the users, because they are not aware of Z, so they think they don't care that you solved Z. But only after doing all that people will stop complaining (not even remembering that there was a problem and how much pain you went through to solve it of course).

Hope that makes sense and explains why I start to worry now, when everybody starts cheering. What I hoped would happen is that you don't hear much about the suggested changes, some other changes happen a few weeks down the road, and then the complains stops without anybody noticing. A success would be that you don't read about github anymore after 1-2 months. People cheering and github saying "Hey we did X" is a really bad thing.

jakozaur 3 days ago 3 replies      
Great job!

Next item, be able to star issues.

That would help a lot and we are able to avoid +1 comments.

VeejayRampay 3 days ago 0 replies      
Well done Github. Simple and elegant solution that I hope will help people a lot.
swang 3 days ago 5 replies      
Kinda meh on adding it to the repo since it's yet another file I have to "manage" that isn't really part of the working code.
anonicode 3 days ago 1 reply      
> This is the first of many improvements to Issues and Pull Requests that we're working on based on feedback from the community

So there is more to come

minimaxir 3 days ago 1 reply      
The template is more for actual issues with the software than to-do lists/user grievances, the latter of which I see used more frequently in GitHub Issues. Maybe it's time to separate GitHub Issues into Issues and Discussion.

EDIT: Missed the fact that the feature is opt-in by the repo owner, which makes things more expected depending on the nature of the repo. Although now thinking about it, the separation is still not a bad idea.

_ikke_ 3 days ago 1 reply      
steveklabnik 3 days ago 0 replies      
I have a PR open for Rust to use this. I and others are very skeptical in general, but there's some interesting discussion so far: https://github.com/rust-lang/rust/pull/31732
lr 3 days ago 1 reply      
I asked Craigslist to do this years ago for the "for sale" sections, so that people included the number of doors on a car, the color, etc., and the kind of heat in an apartment, and so on. Such a simple thing, and would make searching so much better, and the service in general better.
colinodell 3 days ago 1 reply      
pull_request_template.md also works.
tobr 3 days ago 2 replies      
So, the issue template is just a default text that individual users can modify, delete, or otherwise disregard?
fiatjaf 3 days ago 1 reply      
I want to know how this works: http://gitmagic.io/
marcinkuzminski 3 days ago 1 reply      
How does that work with branches ? Is there a master branch required to have this file, what if project doesn't have master branch ?

I think the concept of having a file in source code is flowed for DVCS unless you have so called "source" branch that you can define that is a default source of such information.

arnarbi 3 days ago 1 reply      
Why isn't this in a separate branch akin to gh-pages, or a separate repository akin to the wiki data?
logn 3 days ago 1 reply      
The problem I have with this is, I don't want a template for the comment a contributor leaves on a PR; I want to display a message to them before they submit a PR. It's not a standard way to display messages, requiring users to read editable text (that has no clickable URLs) and then delete that text after they read it and submit.
kuschku 3 days ago 0 replies      
Itd be interesting if itd provide a separate input box for each section of the template maybe even a graphical editor for lists if the template specifies a list.
atrotors 2 days ago 0 replies      
Well, it seems like the open letter is working!

I hope they address the other issues as fast as this one. Rating system is the next one on my list.

rurban 3 days ago 1 reply      
I'm excited, but the PULL_REQUEST_TEMPLATE.md name is too long for root. What about PULL_REQUESTS.md and REPORT_ISSUES.md?
VeilEm 3 days ago 1 reply      
Doesn't seem to work on enterprise github yet. :(
pducks32 3 days ago 1 reply      
I'd like them to choose a folder name that isn't specific to a site. .github would look silly on hit lab but I like the idea of having a serrated folder.
dang 3 days ago 0 replies      
Url changed from https://github.com/dear-github/dear-github/issues/125 to the announcement post.
shmerl 3 days ago 1 reply      
What about attachments to issues? Using gist for it is simply annoying.
EC1 3 days ago 1 reply      
There's a special place in hell for people that make jokes and post massive animated memes in issues.
thescribe 3 days ago 4 replies      
This sounds like more 'enterprise' bureaucracy. Coming soon, overly complicated paperwork.
gcb0 3 days ago 0 replies      
talk about moving slow.

two years and that's what we get? meanwhile my bigger diffs are still garbage. and we have to use other companies to have a simple agile board... and don't even get me started on decent branch management and rebases...

sigh. really hate that my employer buys that

Apple Apologizes and Updates iOS to Restore iPhones Disabled by Error 53 techcrunch.com
395 points by aj_icracked  2 days ago   192 comments top 17
baldfat 2 days ago 6 replies      
> Apple Apologies

I am an Apple hater BUT I have to say very proud of the new Apple and actually saying they made a mistake and apologizes. This and the fight for security are both things as a self proclaimed Apple Hater applaud Apple for doing. Good job!

illumin8 2 days ago 4 replies      
This seems like the right thing to do - disable the unauthorized Touch ID sensor, but don't brick the phone. The secure enclave is still intact and secure, and if you want Touch ID back, you can get it repaired with authorized parts.
mbrd 2 days ago 0 replies      
Anyone else get the impression that the head of PR at Apple was on vacation and returned this week to put out all the fires?

Seriously though, this seems like a consumer-friendly decisions, as was the iOS backdoor/San Bernadino press release yesterday and it's nice to see.

roddux 2 days ago 1 reply      
Nice move, it's pretty cool of them to offer reimbursement to people who bought replacement phones in the meantime.
jasonjei 2 days ago 1 reply      
Some part of me believes that the old Apple that Steve Jobs was in control would have stood his ground with "Error 53." The Tim Cook Apple is a lot more compassionate with respect to these sort of things.
CountSessine 2 days ago 3 replies      
Maybe this is a silly question, but does anyone know how secure the TouchID on the iPhone is compared to the 4 digit pin? I remember from a comment in the Android source that the android 5 face recognition is about equivalent to a 3 digit pin. Is TouchID more secure or less secure than the 4 digit pin?

Is it more tractable or less tractable for someone to brute-force the 4 digit pin than the TouchID? I.e. if someone wanted to get into my phone, and they removed the official TouchID sensor and now it falls back on a 4 digit pin, does that do them any good?

I wonder if I could get the old behaviour back - if someone was tampering with my phone by removing the sensor, is there any way of bricking the phone until I can get it to an apple store?

aj_icracked 2 days ago 1 reply      
I am a little torn on this given there isn't a cited source and I don't know if Apple would give TC (or anyone) an exclusive on this. If it's true we're dancing in the streets though!
gradients 2 days ago 1 reply      
Wow- this is great for me. I have been sitting on iOS8 for some time now because of this.

I broke my screen and home button and had them replaced before I went on vacation. Luckily I had read about the error 53 issue before attempting to upgrade my jailbroken device.

I'm very surprised Apple would respond so well to an issue typically caused by 3rd party repairs.

iBzOtaku 1 day ago 0 replies      
Boy, lately things haven't been going well for Apple.
TazeTSchnitzel 2 days ago 1 reply      
> This test was designed to check whether Touch ID works properly before the device leaves the factory.

Does that mean Error 53 stemmed from Apple having distrust in their supply chain? Interesting.

maerF0x0 2 days ago 3 replies      
Anyone else find it suspicious that this comes the day after court order to backdoor their devices?
profeta 2 days ago 0 replies      
So they pleased users and complied with that judge order in one bat?


jsudhams 2 days ago 4 replies      
Does apple make lot of money or loose lot of money on repairs? Or else they should let third party repairs.Typically for product companies it is better if they have ECO system of repairs/service by third party so that they them selves don't have to support for long which costs lot of money. Other than life safety devices others should allow customer who want to repair their product should be allowed.
wfunction 2 days ago 2 replies      
Who actually buys the explanation that this was not intended to leave the factory?
dismal2 2 days ago 0 replies      
If you have a smartphone and think you have any sort of privacy, you're delusional
chris_wot 2 days ago 0 replies      
Yes, well, it probably helps to know that the Australian Competition and Consumer Commisioon (ACCC) was investigating Apple for abuse of market power over this issue.

The last time this occurred, it was over illegally claiming iPhones and other Apple devices were out of warranty when they weren't, and misleading consumers that to get any form of warranty service after one year they would need to purchase an Apple extended warranty. They were not only fined millions, but were forced into printing a humiliating retraction on their website and in the press - one that basically was reported on worldwide.

I'm not at all surprised they backed down this quickly this time around. It's almost certain they would have been found to have committed the offence of third line forcing, to which there are very, very steep fines.

hackaflocka 2 days ago 1 reply      
But wait, they earlier said it was an intended security feature. Now they're saying that it was a factory test not intended to go public?

New personal rule: never update the phone again... ever.

Beijing is banning all foreign media from publishing online in China qz.com
485 points by vincvinc  1 day ago   253 comments top 34
rdlecler1 1 day ago 4 replies      
Any non-Chinese company that insists on tying its fortune to the Chinese market is taking on tremendous risk. The goal posts are always changing , you need to constantly worry about IP theft, you can easily get on the wrong side of the government, and they strongly protect local interests. Investment is welcome, but as soon as you actually start making a lot of money and recouping your investment some barrier of sorts is bound to appear and you'll be phased out in favor of a local player. This is going to come back to haunt China at a time when growth is slowing and when they are going to need investment the most.
dageshi 1 day ago 9 replies      
Sounds like the normal thing in China. Make something illegal, don't enforce it, if someone's saying something you don't like then enforce it specifically against them, keeps everyone else in line.
11thEarlOfMar 1 day ago 4 replies      
This is pure insanity: "Quartz contacted the Ministry of Industry and Information Technology from Hong Kong asking for further clarification on how the rules would work, but the ministry said it could only reply to faxed questions that came from a reporter with a mainland press card."
contingencies 2 hours ago 0 replies      
I've worked for foreign publishers here in China. I've worked for foreign publishers that have been raided and shut down by the publishing bureau in China. I've continued to work for the same foreign publishers, operating essentially the same business, even after they were raided, and seen them continue successfully for more than a decade.

There are rules and there is implementation. Reality in China is not so cut and dried.

I share pbkhrv's sentiment about this possibly being a preparation for a rash of bad economic news late this year. I have it on very reasonable authority that the RMB will tank at least 15% by end of year.

The view from here in China is basically the same as ever... nobody with money really cares about foreign journalism and reporting, only food prices (steadily increasing), education (crisis), health (crisis), pollution (huge) and inflation (big). Transport is also a problem. They just try to get their money out.

The Chinese government has a difficult job. They don't really do too badly when all things are considered.

SCAQTony 1 day ago 8 replies      
I am not a sociologist, political scientist, or an economist. It appears that China is too big to govern and has become a diseconomy of scale. China has 160 cities with over 1-million people in them (US has 10 cities) and I think it's a miracle that the lights still work and they have running water.

When you double the size of a plane it it becomes 4-times heavier (Observe what it takes to fly a B-52).

The PRC seems to be circling the wagons to protect from some unknown enemy that the free flow of information will allow the arrows to strike.

sharetea 1 day ago 3 replies      
And so it starts. Economic collapse will prompt the dictatorship in China to

- Increase anti-foreign rhetorics in media. Don't like it, Microsoft? tough

- Ban Foreign services. Don't like it, Uber? tough

- Devalue Yuan by 50%. Don't like it, Apple? tough

- Nationalize foreign assets. Don't like it, Ford? tough

Animats 1 day ago 7 replies      
China's leadership seems to be becoming more paranoid. Yet China has no serious external enemies other than the ones they make for themselves, the economy is stressed a bit but production is in great shape, and the standard of living has been rising for years. Why?
song 1 day ago 1 reply      
Well, ever since the change of government China has been closing back on itself again and censorship has been stronger and stronger. It's not surprising and tells me I made the right choice to leave the country in 2013...
chrischen 1 day ago 2 replies      
Any move China takes that blocks foreign competition can be seen as an extreme version of an import tariff. Instead of protecting low level industries like corn producers either subsidizing domestic production or taxing foreign imports, China focuses on higher level industries like technology companies, culture companies, etc.

While China doesn't have the benefit of Google in the short term, by blocking them it gives it a chance for local companies to develop the technology and catch up.

Also take the example of TOMs shoes giving away free shoes replacing local markets and producers. These poor countries of weak governments, and even a small foreign company can impact the local the economy in uncertain ways. http://www.economist.com/blogs/freeexchange/2014/10/economic...

If you can understand this you can understand the viewpoint of Chinese officials. We come in with the viewpoint of "how can I have my fair and equal opportunity to extract wealth from China" while the capitalists in China are thinking "how can I extract wealth from China and prevent the foreigners from doing so." In reality the playing field isn't level. Our counterparts in China don't have the same education, quality of life, and financial status. Therefore a foreign company with foreign talent would already enter the market with an upper hand. By the time local companies are ready, they'd be fighting an uphill battle against foreign incumbents, or worse yet, not develop at all.

If you're familiar with Star Trek, there's the concept of the Prime Directive. It's principle is that the developed races must never contact or interfere with an undeveloped race because doing so would alter their natural development.

Foreign companies don't have an inherent right to the Chinese market. If they feel they do, or want to enter, it's because they feel there is profit in it. The profit comes from exploiting the opportunity in the local market, and in an underdeveloped market such opportunities are ripe. This isn't exactly fair if mature companies are allowed unfettered access.

outside1234 1 day ago 0 replies      
How is this not a World Trade Organization treaty violation? Serious question.
xjp250 1 day ago 1 reply      
Xi Jin Ping is worse than King jong un. He is a stupid and arrogant leader. He want people in China to call him "(xi big big)", but actually we like to call him "(xi bao zi)"
qihqi 1 day ago 0 replies      
It looks like China will change the 'blacklist' model of the Great Fire Wall to a 'whitelist' model. That is the only way they can enforce this law.

Maybe they got tired of having banned content mirrored by un-blocked IP ranges and constantly having to hunt them down.

SeanDav 1 day ago 0 replies      
From the Chinese government point of view they have several good reasons (for them) for doing this, chief among them (in my opinion) saving face and controlling mass opinion.

When China was the huge success story it was, until recently, they were far more tolerant of criticism. Even then, the Chinese Government would clamp down very quickly on criticism. Right now their tolerance is pretty much zero. They do not want to admit or even hear that they have done anything wrong or that China has significant problems.

They also greatly fear any kind of mass action. During the boom years, with high employment and everyone happy, there was little chance of mass action. Now with entire industrial areas becoming ghost towns, high unemployment, no pensions and growing poverty, mass action becomes a real threat.

superbatfish 1 day ago 2 replies      
This seems like a huge deal. How does this not have 100's of upvotes on HN? Am I missing something?
est 1 day ago 2 replies      
please note this also includes online gaming. Blizzard, Valve and Steam would be in some trouble
MrKristopher 1 day ago 0 replies      
To me this looks like a big win for companies based in China. The social media companies for the billion people in China will be employing local people, and the advertising revenue will stay within China.Not that this is the main goal of the ban though..
natch 1 day ago 1 reply      
There are some qualifiers around this alarming headline.

According to this story [http://www.independent.co.uk/news/world/asia/china-set-to-ba...]:

'This ban covers words, pictures, maps, games, animation and sound of an "informational and thoughtful nature" -- unless they have approval from the State Administration of Press, Publication, Radio, Film and Television.'

Still it's very onerous but not a complete shutdown.

ommunist 11 hours ago 1 reply      
This is imperial. I especially like the notion that Ministry only answers to reporters with mainland press pass. The China is the center of the civilized world again, the world where the US is a barbarian outskirt.

Will the foreign websites published in Mandarin be banned to view from mainland China?

vpalan2 1 day ago 1 reply      
If I wanted to do massive, irreparable harm to China, this is the law I would pass. And yet, they have done this willingly to themselves, without hesitation or incident.
paulddraper 1 day ago 1 reply      
"banning all foreign media from publishing online in China"

Seems like a contradiction. Are you publishing online, or in China?

longcheng 1 day ago 1 reply      
Chairman Mao once said, "our enemy would attack us with pen & gun". Looks like Beijing is taking the pen away from its enemy. :-)
nvk 1 day ago 0 replies      
They have to handle the devaluation of the Renminbi and a slumping economy somehow /s
smegel 1 day ago 1 reply      
I would say bad China, but given how polarised and politicised the Western media is, I find it hard to fault them.

Unbiased journalism seems such a quaint concept these days, and as the divisions between right and left take on an almost war like characteristic, everything becomes propaganda.

Hell, I might even move to China to get away from it all.

_snydly 1 day ago 1 reply      
Will Hacker News be blocked? It looks like it's currently available: http://www.blockedinchina.net/?siteurl=news.ycombinator.com
ajeet_dhaliwal 1 day ago 1 reply      
Seems absurdly broad, if this article is correct. Doesn't this basically mean Chinese would be unable to read or view anything we can? Including this site? With the exception of Chinese published/created information.
rahimzayid 18 hours ago 0 replies      
This is not that rare .. pretty much the same applies for Arab countries in my eys.
davesque 1 day ago 0 replies      
And people wonder why their stock market is tanking...
pbkhrv 1 day ago 0 replies      
This might be one of the things they are doing to prepare for a wave of negative news about the state of their economy.
restalis 1 day ago 1 reply      
"acquisition of an online publishing license"!?

"How do you license media in an age when everyone could become a writer and publisher?" As far as I can imagine - you don't, that's the thing! Maybe they won't do you anything for now, but if they don't like what you're publishing they will have a ready-available "legal" reason for detaining you for publishing without a publishing license (which of course could be claimed to be totally unrelated to your published content)!

venomsnake 1 day ago 0 replies      
I think that China's openness (or lack of) in internet affairs is strongly correlated with the health of their economy. It could be a nice proxy.
a3n 1 day ago 0 replies      
And this is the country that we're looking to, to bring North Korea back into the fold.
lukasb 1 day ago 1 reply      
does that mean no Stack Exchange?
invaliddata 1 day ago 1 reply      
Does anyone know to what extent this affects news organizations in Hong Kong?
curt15 1 day ago 1 reply      
The govt is just aiming to completely rewrite history. Tiananmen square? Never happened!
The Daily Mail Stole My Visualization Twice flowingdata.com
447 points by thehoff  1 day ago   137 comments top 29
NelsonMinar 1 day ago 1 reply      
A few years ago the Daily Mail ran an article about a visualization I made. They obeyed my CC license, so I have no complaint as serious as Yau's. But the article was just full of errors, including spelling my name wrong in three different ways. I wrote the article author and pointed out all the errors and he responded "No copy editing! It's a tight budget."

The Daily Mail truly doesn't give a shit. About quality, about copyright, about decency. It seems to be working for them.

nicky0 1 day ago 2 replies      
Send the Daily Mail an invoice for their use of your work. Pick a reasonable price and bill them. Then if you don't pay you've got something tangible to sue them about.
ollybee 1 day ago 2 replies      
I use this plugin (also available for Chrome) to redirect to pictures of tea and kittens should I accidental click on a Daily Mail link. https://addons.mozilla.org/en-GB/firefox/addon/kitten-block/
andy_ppp 1 day ago 7 replies      
What does the law say about putting a license on use of things like this "Embedding this content into your site without written permission from the author will involve a 100000 fee for it's use. You agree by embedding this content that you abide by these terms."

Is something like this enforceable?

squeaky-clean 1 day ago 2 replies      
> I made an alert pop up that said poop whenever someone loaded the Stuff.co.nz page. Like I said, I'm sophisticated.

I would probably have handled this much less maturely, haha. What would be the legality of displaying some really graphic image (like goatse) to only 10% of users when you detect you're within an iframe? :P

Ripping the source code of the visualization is so scummy though. I wish I could say I can't believe the Daily Mail, but this article isn't even surprising...

jrs235 1 day ago 3 replies      
How would the Daily Mail feel about (and what would they do) if someone constantly scraped their website and redistributed the content? Perhaps a fun side project called TheLessAdsDailyMail.com?
6stringmerc 1 day ago 1 reply      
What I Would Do: Find out what law firm represented the Beastie Boys when they went after GoldiBlox.

Why I Would Do That: They were successful in their defense of the rights of the Beastie Boys and reached a settlement that included a public admission of guilt.

Long-Term Goal: To discourage such behavior through numerous examples of punishment using established rules.

andy_ppp 1 day ago 1 reply      
The morally corrupt posing as moral guardians.

I know people who have had other things like photos from flickr stolen by them.

They are disgraceful!

azalutsky 1 day ago 0 replies      
You must be really good at creating visualizations. :) way to go sir!
adjohu 1 day ago 0 replies      
autorespond *@dailymail.co.uk I hereby deny permission to reuse content from my website.
beckler 1 day ago 2 replies      
sounds like someone needs to set his X-Frame-Options header.
fixermark 1 day ago 2 replies      
It suddenly occurs to me that in addition to it being rude to deep-link someone's content via <iframe>, it may be dangerous to Daily Mail's security model.

I wonder if they've configured everything correctly to ensure that an embedded iframe can't find its way to the user's Daily Mail cookies or credentials?

tonyle 1 day ago 0 replies      
This reminds me of the days of flash. There use to be a ton of sites stealing other people's flash games. You could buy flash obfuscater and de-obfuscate programs. People would steal your game code and re-skin the game,etc. Then the new strategy was to put the ads inside the video game.
alex_hitchins 1 day ago 0 replies      
I would suggest doing something like Nanex does with their graphs and images, use watermarks or some other identifying mark that is clearly unique to you. This way, they may think twice about clearly showing work that is not theirs.
wnevets 1 day ago 1 reply      
the daily mail is awful, I wish people would ignore their garbage.
suyash 1 day ago 0 replies      
First things first: How did you even track who was using your Visualizations? Can you explain so others can learn from the lesson as well.
jwatte 1 day ago 0 replies      
If they actually downloaded and republished your dikes, then that is clear copyright infringement. Which is both a crime, as well as cause for civil action.You could report them to the DA (or whatever is the equivalent where you or they live.)It would be interesting to see how that went!
eddiecalzone 1 day ago 0 replies      
The Oatmeal was recently linked to without permission by the Huffington Post. Matt Inman had a predictably brilliant response.


vermontdevil 1 day ago 0 replies      
The Flowing Data is great. Yau really builds great visual charts of various data.
Sir_Substance 1 day ago 0 replies      
Remember to disable your ad blocker when on dailymail.co.uk to fund this high quality content, it's not cheap to make! Wouldn't want them to have to close up shop!
autotune 1 day ago 0 replies      
Perhaps the solution would be to embed a link to your site within the content you create itself, be it visualizations or whatever else?
cookiecaper 1 day ago 0 replies      
This kind of thing is beyond rampant at all levels.

I think the people most concerned about following the rules are small-medium businesses that are big enough for someone to try to sue, but not big enough to have an army of lawyers that makes them practically invincible from all claims that don't originate from a similar Super-Massive-Corp. Business insurance is pretty meaningless for practically any claim that doesn't involve unsafe facilities, and they often include clauses similar to "If you lose in the wrong way, you owe us all the money we paid for your defense".

There's an impression that since big media outlets are such big targets, they're careful about this type of stuff, but it's not true at all. They're only careful when it's another SuperMassive's copyright. They know that a legal fight with them is not possible for any other creator, and they know that they can get an immediate benefit by violating your copyright. They'll rip your stuff off, they may take down the thing they didn't have a license for after you complain, and they'll just laugh at you because they know an attorney is going to charge tens of thousands to even start proceedings against someone as big as them.

We need to fix the way legal costs work.

hjek 1 day ago 1 reply      
Why is it any worse to link to a page than to put it in an iframe? (The author's page header was still on there, so there's a clear attribution.) Why is the author so dissatisfied with his page getting so many views? I'd assume that's the point of putting things on the internet.
joepie91_ 1 day ago 1 reply      
They embedded/copied/proxied it. They did not 'steal' it.

Regardless of whether you find their behaviour acceptable, those are two very, very different things.

teachingaway 1 day ago 2 replies      
If you put a lot of effort into a project and don't want it stolen, please REGISTER THE COPYRIGHT.

0. Register the copyright within 3 months after you publish the project.

1. Register online at https://eco.copyright.gov/ - it costs $35 (or so) and is not particularly difficult to do.

1.1 registration is not difficult, but it is tedious and involves navigating a super-old government website that kinda sucks.

2. You can also hire a lawyer to register for you, which costs around $200-300.

3. Once you have the copyright registration, you can write a polite letter to whomever is stealing your stuff (or write a nasty letter, depending on your mood).

4. You can force them to pay you compensation for stealing your copyrighted content.

5. If your stolen stuff is being hosted by a third party provider (like imgur or whatever), you can send the host a DMCA takedown request, and the host will quickly remove the offending content.

that is just US law. Milage may vary in other countries.

edit - a lot of downvoting on this comment. Too snarky? Too anti-open-source? i thought this is useful info. Sorry to offend!

Raphmedia 1 day ago 7 replies      
Didn't you read the article at all? It's only a few paragraphs:

"So how did Daily Mail embed the visualization without the word poop popping up on an empty page? They downloaded all the files from my server on to their own server and deleted the snippet that brought up a poop alert. That way they didn't have to deal with those pesky safeguards I setup.

In other words, The Daily Mail deliberately stole my work."

fixermark 1 day ago 3 replies      
I can't help but think that it would make sense for Mr. Yau to either (a) Change the server setting to emit the X-Frame-Options: DENY header or (b) monetize views on his graphic.

In general, you can't assume people won't deep-link your content, and that includes embedding. Taking steps to protect against or take advantage of traffic spikes is the responsibility of a content provider.

This, of course, wouldn't protect against DM just straight yanking all his assets and hosting them itself, which should be clearly immoral (and possibly illegal, depending on jurisdiction). But "framers gonna frame" is a fair thing to assume about the nature of web content, along the lines of "<img> tags are cheap and if people see something funny on your site, they're gonna use 'em to share it."

lmm 1 day ago 1 reply      
As soon as you searched you saw that many other people had written this kind of thing, and yet that hadn't done any good. What made you think this post would make any more difference than the previous ones you found?

If you want to actually make a difference, talk to your solicitor. You might even get some money out of it.

Paul Graham on Doing Things Right by Accident themacro.com
360 points by runesoerensen  3 days ago   86 comments top 18
peterclary 2 days ago 3 replies      
Off-topic but: Hooray for transcripts! I can see the benefits of being able to hear the pauses, tone, inflections, etc. but even leaving aside the deaf and hearing-impaired, there are so many advantages to having the text (it's searchable, you can read it while listening to music, it's quicker to read it than to listen to it).
aresant 3 days ago 1 reply      
"Plus, then, I had given this talk about the Harvard Computer Society, and I said, If you want to raise money, raise money from people who made the money doing startups. And then, they can give you advice, too. And I suddenly noticed, they were all looking at me. And I had this horrifying vision of them all e-mailing me their business plans. Which is funny, because thats what YC turned into."

That gave me chills.

The entire startup experience, the essence of being an entrpepreneur for me is in that moment when your brain subconsciously processes all the data around a problem and throws out something obvious and audacious in the same breath. And before you can conciously object BAM you have said it outloud and the adventure begins.

Outdoorsman 3 days ago 2 replies      
>>Paul : It is actually a trick for interviews. If someone asks you a boring question, just answer the interesting one they might have asked, and nobody complains.<<

That's classic...

An example of how to actually live "your" own life in this world...not paying a great deal of attention to uninteresting things that others bring up; rather molding those same things so that they become interesting, and illuminate parts of your life and the lives of others...

In my estimation, my life is what it is--one I'm very happy with--because of my having just that attitude...

And, yes, I totally agree:

>>Paul : When I was a kid at Christmas, the Sears Catalog was your reference work.<<

Terr_ 3 days ago 3 replies      
This reminds me of a bit from "The Dilbert Future" (1997):

> Most people won't admit how they got their current jobs unless you push them up against a built-in wall unit and punch them in the stomach until they spill their drink and start yelling, "I'LL NEVER INVITE YOU TO ONE OF MY PARTIES AGAIN, YOU DRUNKEN FOOL!"

> I think the reason these annoying people won't tell me how they got their jobs is because they are embarrassed to admit luck was involved.

> I can't blame them. Typically the pre-luck part of their careers involved doing something enormously pathetic. Take me, for example. I'm a successful cartoonist and author because I'm a complete failure at being an employee of the local phone company.

pkrumins 3 days ago 5 replies      
That reminds me of this amazing talk called Why Greatness Cannot be Planned:


TLDV: Innovation is not driven by narrowly focused heroic effort. We'd be wiser and the outcomes would be better if instead we whole-heartedly embraced serendipitous discovery and playful creativity. We can potentially achieve more by following a non-objective yet still principled path, after throwing off the shackles of objectives, metrics, and mandated outcomes.

This also matches my experience 100%. All my best discoveries are accidental.

notahacker 2 days ago 1 reply      
Reading about how his original motivations were purely pecuniary, he was keen to sell his company as quickly as possible and his ambition was to go back to essay-writing and hobbyist programming, I can't help thinking young PG probably wouldn't get accepted into YC these days...
bootload 2 days ago 1 reply      
"Early-stage startups are just fast-moving chaos. That is a constant. That was true in Henry Ford's day, it was true when we started YC."

Interesting quote. There must be some organisation to early startups, otherwise they wouldn't work. Is the chaos just a description of what cannot be observed and described?

Fantastic read. Liked the bit about straw-drawing to talk to customers.

S4M 2 days ago 1 reply      
I find interesting the part where PG says that a startup either makes its founders rich either goes down, and basically discards the possibility that it ends up to be just enough to pay its founders a good salary. I think it can be a pretty nice outcome but then again YC must select founders who are very ambitious.
EGreg 2 days ago 0 replies      
e-commerce was not my lifes work. I didnt actually want to spend my life working on this. I did it to get money and make that money.

Aaron : Yeah. This is such an interesting thing because its so opposite from what you tell people a lot of the time, what YC tells people, certainly, of Dont do things just because theres a business there, right?

This is it, right here. If you want to know what most successful businesspeople have in common - not the unicorns - it's that they were prepared to sell their first venture and/or give away a lot of equity to the right people to make it work. Once they have the money, comnections and track record, they can have much more control in their next company.

We went a completely different route. We've tried to change the world... :)

alanwatts 2 days ago 0 replies      
"Superior work has the quality of an accident"

-Alan Watts, The Way of Zen

Kenji 2 days ago 3 replies      
I can't believe one of the founders was doing this alongside grad school and PG was like yeah you know, you have a lot of spare time there.

And here I got so much work with full time studying that I can barely finish reading a single book alongside. How can people say university is enjoyable, fun, lots of spare time? For me it's just endless hard work and barely any breaks inbetween.

ArkyBeagle 2 days ago 1 reply      
It's amazing the lengths to which people will go to avoid Windows programming. I know I have :)
z3t4 2 days ago 0 replies      
I love listening to (success) stories. You should make more of those.
lsniddy 2 days ago 0 replies      
luck = opportunity + preparedness
vidoc 2 days ago 3 replies      
Full-of-himself !
JohnD19 2 days ago 3 replies      
I stopped reading this "treatise" when in the first paragraph Aaron spoke highly of the war criminal Donald Rumsfeld.
darshanp 2 days ago 0 replies      
One of the best things I've read in a long time. Paul Graham is God!
San Bernardino County tweets it reset attacker iCloud password at FBI's request sbsun.com
309 points by randomname2  12 hours ago   138 comments top 16
jedberg 10 hours ago 7 replies      
I've worked with the FBI and the Secret Service investigating computer crime.

The Secret Service is extremely competent when it comes to computer forensics, and when they don't know what to do, they don't guess, the consult with experts.

The FBI is the opposite in every way, mostly because of budget constraints and the subsequent lack of training. I hope that this is a good learning opportunity for them and a chance for them to increase their training budget in this area.

vermontdevil 10 hours ago 0 replies      
Wonder if folks realize this is the work phone not the personal one. The personal phone was destroyed by the terrorists. I doubt there's anything of value on the work phone.

But then again obviously FBIs long term goal is to break in all the phones regardless of the circumstances.

randomname2 11 hours ago 6 replies      
Also reported by Reuters: http://mobile.reuters.com/article/idUSKCN0VS2GC

Some are saying the password reset requested by the FBI prevented a backup and closed the "front door" they already had, forcing the Apple backdoor.

The simplest possible explanation for them shutting themselves out has to be incompetence rather than malice, right?

cmurf 3 hours ago 0 replies      
What's with this stupid 'terrorist's communication device of choice' meme? Oh wait, it's not a meme because no one but the FBI uses it, it's a propaganda ploy. Let's test this:

U.S. dollar is the criminal and terrorist currency of choice. We must therefore, of course, break the dollar.

Ok, fail.

mortdeus 3 hours ago 0 replies      
You people seriously want me to believe that it was the fbi's incompetence that led to the gov throwing away their only get in free card for the most popular American phone used to coordinate the only substantial ISIS affiliated attack on US soil. Come on now, do you guys seriously think that this was unintentional?

You don't put rookies on this and I'd seriously be surprised if the NSA wasn't involved in this matter personally.

The government wants a back door installed into all iPhones period. I mean how do you expect apple to build a tool that can bypass the same security features the government is trying to deal with right now without them inadvertently letting everybody and their mother know that there is some fatal flaw in the security layer of every modern iphone and/or iTunes.

There's no magic way to fine tune a tool like this and if out spy agencies don't know this then god help us all. Isis is probably gonna win. rolls eyes

I mean jail breaking is one thing. This is vault busting and once people know there's a bug and where to look they will find it and exploit it.

And apple's only remedy will be to patch the backdoor. Which is obviously what the gov is trying to prevent apple from being able to do by getting a precedent established in the courts that wags a finger at Apple saying "ah, ah, ah you didn't say the magic word"

Please goddamnit!

The gov doesn't want to be Samuel l Jackson anymore. They want to reverse the roles and this case is the perfect cover. Just like the gov exploited the bombing on 9/11 to pass the patriot act. This is no different.

DrewHintz 7 hours ago 0 replies      
Here's the tweet:

"The County was working cooperatively with the FBI when it reset the iCloud password at the FBI's request."


doxcf434 6 hours ago 1 reply      
I wonder what data the FBI thinks is on the phone that wouldn't be available via other means such a call logs, email, cell tower pings.
dawnerd 9 hours ago 2 replies      
Honest question: If the county reset the password, couldn't they reset it again and gain access?
obsurveyor 11 hours ago 1 reply      
Why would you ever do this with the real device without thoroughly testing the circumstances with a stand-in first?

From a technical perspective, it seems very simple and easy to replicate before actually doing it and locking yourself out completely like they seem to have done.

sktrdie 11 hours ago 1 reply      
Any details on this? How did they reset it if iCloud is using standard encryption techniques?
ktRolster 7 hours ago 1 reply      
The FBI is looking worse and worse here
nxzero 8 hours ago 0 replies      
Oh, shit, FBI is either stupid, or more likely, has the data and playing the field.
largote 5 hours ago 1 reply      
What kind of work-issued device is not put on an enterprise management policy? (a.k.a. the employer should be able to unlock it)
lasdfas 8 hours ago 1 reply      
Why can't the FBI just work directly on the phone hard drive (removed the hard drive from the phone and connect it to another computer)? Why are the going through IOS operating system?
awqrre 8 hours ago 2 replies      
I don't really understand how a backdoor doesn't already exist if Apple can reset passwords for encrypted data...
pteredactyl 9 hours ago 0 replies      
Your tax dollars at work...
Google Cloud Vision API enters Beta googlecloudplatform.blogspot.com
343 points by axelfontaine  2 days ago   104 comments top 26
abtinf 2 days ago 2 replies      
Disclosure: I am an evangelist for the Watson Developer Cloud suite of services at IBM.

The new wave of vision services are amazing. There are a lot of players in this field, including IBM Watson, which has a suite of vision APIs available with similar features.

One key differentiator of the Watson offering is that we have a trainable API called Visual Recognition [2]. The pre-trained APIs are excellent and have broad uses, but it's amazing to see the results from even basic training to identify image tags directly relevant to your use case. There is a demo [3] that allows you to try it out by creating a new classifier right in the web page.

You can find some demos at:

http://vision.alchemy.ai/#demo - example images that demonstrate facial detection and identification, label extraction, object identification, and so on.

Another demo at http://visual-insights-demo.mybluemix.net/ uses the Visual Insights [1] API to identify a set of relevant tags.

[1]: https://www.ibm.com/smarterplanet/us/en/ibmwatson/developerc...

[2]: https://www.ibm.com/smarterplanet/us/en/ibmwatson/developerc...

[3]: https://visual-recognition-demo.mybluemix.net/

tegansnyder 2 days ago 3 replies      
I've been using this since the private beta to enrich my eCommerce crawlers with product identifiers not found on the content of an eCommerce product page, but found in the product image itself. Imagine a part number or UPC displayed on a product box, but nowhere in the HTML content of the product page. Using the Google CV OCR feature I can extract meaningful product data from an image to compliment my existing crawl data. It works great.
jfoster 2 days ago 15 replies      
I feel like this is some really compelling tech. It would be so amazing to build stuff with this in mind. I wouldn't be comfortable doing it, though. This sort of API is available only until Google decide that they don't want it to be available. There's not really anything close to equivalent that you could drop in to replace it if it were being shut down, the price were being hiked, or you had some sort of other issue with it.

I'm not trying to pick on Google for shutting things down; I would feel similarly if this API were from Microsoft or Facebook. It's not the first time there's been an API that I think is really cool, but was very apprehensive about actually using for anything serious.

netinstructions 2 days ago 3 replies      
I was looking into label detection APIs (and Google's offerings as well) for a silly game/website I was thinking of writing, but $5 per 1000 images is way too steep, especially if each user is submitting 1-5 images per interaction with the website. The $2 per 1000 images price they mention on the blog post is only if you're doing 5+ million images a month.

I played with IBM Watson visual recognition API and it didn't look like it did what I needed it to (recognize a hand drawn image of a cat for example -- it just kept labeling it only as a 'cartoon').

Bummer. At least the first 1000 images are free so I can prototype it out of curiosity.

chippy 2 days ago 2 replies      
I couldn't find a specific legal SLA for this new service. Does anyone know if:

1) by using the service you grant Google use of the uploaded images. (e.g. they can use your image to increase their corpus, improve the service or use it for advertising, or use it to extract street numbers for their maps, or its always private and never stored)

2) What the resulting copyright is of the returned data. If you were to build a database based on the results, what license or copyright status this would be. Would all rights belong to me, or would Google claim rights over the results.

ig1 2 days ago 1 reply      
If the OCR is good then they're totally burying the lede, it's pricing is 100x cheaper than commercial OCR APIs.

It's potentially a game changer, plenty of industries have piles of scanned documents. Cheap OCR means this data suddenly becomes accessible even if the value per individual document is low (i.e. for input into machine learning).

jfoster 2 days ago 4 replies      
I don't know for certain, but I suspect that Google utilized images from the web in training this system. Even if they didn't, suppose they had. I think this can raise an interesting question around copyright.

In training an AI system with hundreds/thousands of bits of data, no single piece of training data makes much of a difference. If one of my images on the web that I had captioned with the keyword 'dog' was used to train this system about what a dog looks like, is the model they end up with a derivative work of my captioned image? Yes, but my data would make up an infinitesimally small part of that model. Yet, in aggregate, the trained model might almost wholly rely on lots of copyrighted, rights-reserved images.

Would the resulting model be a copyright infringement? It would seem as though no rights owner would have a substantial enough claim. Yet, without all of the copyrighted works, perhaps the model would be ineffective.

stevesearer 2 days ago 1 reply      
I would definitely pay for a WordPress plugin that uses this as I manually tag photos on my site with a lot of standard things this could probably just knock out in a flash.
jrnkntl 2 days ago 2 replies      
Just tried a couple of images with digits to test out the OCR w/ the TEXT_DETECTION setting, unfortunately it assumes what it reads is a defined language with words. I am looking into using this for digit-recognition and only digits, but that doesn't seem to be a use case (as it is now). Does anybody know of another service/API that can do reliable digits-only OCR on (not the finest clear quality) images?
swampthinker 2 days ago 0 replies      

While this technology is fascinating, I can't help but feel a little unsettled reading that.

mayank 2 days ago 0 replies      
Interesting that this is released in source closed, API-only form, rather than the open-code model taken by TensorFlow. I wonder how far you could approximate the model by training a learner on the API responses.
Jabbles 2 days ago 2 replies      
Is the best way of sending an image still base64 encoding it in JSON?
dzhiurgis 2 days ago 1 reply      
Is there any website where can I just upload a pic and see how it works without trying to figure out how to access their API?
SuperPaintMan 1 day ago 0 replies      
There is mention of GCV being able to calculate various image properties (dominant colour, being the example) yet there is no reference to what it actually returns in the API docs.

Can someone who has this active shed some light?

miltonmoura 2 days ago 1 reply      
This is great news. I have been working on a Swift framework for using this API in OSX and iOS (https://github.com/mgcm/CloudVisionKit) and I was wondering when it (the API) would become available for public use.
dk8996 2 days ago 0 replies      
At Cortex (http://www.meetcortex.com/) we are using this and technology like it to help brands be smarter about marketing content on social media. Really cool stuff.
misiti3780 2 days ago 0 replies      
When I hit "go to api console" i get the following: https://www.dropbox.com/s/xsysabgywa4t5mm/Screenshot%202016-...
ahamino 2 days ago 0 replies      
Affectiva offers SDKs for facial expression and emotion analysis from images that work in realtime and offline without having to send images to the cloud.


disclamer: I work for them.

kevando 2 days ago 0 replies      
Google is scary good at releasing scary technology in a friendly box.
chenster 2 days ago 0 replies      
Would it be possible to do product recognition such as brand and model from images without label?
kauegimenes 2 days ago 1 reply      
Anyone tried using the API to solve captchas?
afro88 2 days ago 2 replies      
Does something like this exist for sound? Any open source projects worth looking at?
piyushmakhija 2 days ago 0 replies      
Can we find the dimensions of things in a photo using this api?
misiti3780 2 days ago 0 replies      
Am I the only one that signed up but cant have access to it ?
nchiring 2 days ago 0 replies      
High price. May be suitable for MVP.
alwaysdoit 2 days ago 0 replies      

Errata: I'll need a research team and a year and a half.

Secret Memo Details U.S.s Broader Strategy to Crack Phones bloomberg.com
272 points by plhetp  1 day ago   144 comments top 13
kbenson 1 day ago 3 replies      
> Knake said that the Justice Departments narrowly crafted request shows both that FBI technical experts possess a deep understanding of the way Apples security systems work and that they have identified potential vulnerabilities that can provide access to data the company has previously said it cant get.

I assume the actual request is more technical then, because the overview they gave here explains the things you would want to do if you knew nothing about the encryption and wanted to brute-force. Reduce password attempt timeouts, allow automating the password attempts, and don't melt-down after too many failures.

guelo 1 day ago 2 replies      
I wonder if these "national security" people sit around longing for the next non-white person terrorist attack in order to spring their plans into action.

EDIT for the downvoters, my point about non-white people is that terrorist attacks by white people, such as all the mass shootings, don't seem to trigger the grand plans that these national security types like to execute.

coldcode 1 day ago 1 reply      
"My guess is you could spend a few million dollars and get a capability against Android, spend a little more and get a capability against the iPhone. For under $10 million, you might have capabilities that will work across the board". Go ahead, good luck - Apple
Zpalmtree 1 day ago 2 replies      
This may be a stupid question and obviously Apple would never do it, but if Apple decided they wanted to ignore these requests, and stopped selling Apple devices in the US until the government backed down, do you think public opinion would force the government to comply? Just wondering how much power such a huge company has.
bmay 1 day ago 4 replies      
Are there any open source alternatives to the iPhone that might take off because of these happenings?
rbanffy 1 day ago 1 reply      
Simple question: what prevents the FBI from removing the components from the phone and using software they themselves wrote to drive the hardware crypto and decode the data they want?

It can't be that difficult, if you have FBI-class resources and some help from the NSA, to lift the components and make them work on a copy of the encrypted data.

ipsin 1 day ago 0 replies      
Just in case I'm missing it, the story is that there's a National Security Counsel "Decision Memo" defining a strategy, but that memo has not been leaked?
blisterpeanuts 1 day ago 5 replies      
The Clipper chip initiative[1] from the Clinton era completely failed, for two reasons: one, the technology was proven to be flawed, and two, privacy advocates shot it down.

It seems as though all the debates and analysis on this topic have already occurred. Yet, here we are again: a law enforcement agency demanding special privileged access to privately owned consumer electronics because it might contain useful crime fighting information.

It seems to me that the U.S. needs to have a broader discussion about what levels of government surveillance and intrusiveness into private lives we are comfortable with.

The outside threat of terrorism is now the club being wielded to force the issue, but is there really any evidence that this type of increased access helps? We had the Boston Marathon attack, in which two brothers immigrated from Chechnya, a known breeding ground for some of the most brutal terrorists in the world, the Russians actually phoned to warn us about them, and nothing was done.

Similarly, there was chatter in 2000-2001 about an attack involving passenger jets, reported by Israeli and German intelligence agencies. Yet, nothing was done. One would have thought it common sense to scrutinize foreign nationals, especially from Muslim countries with a lot of hostility toward the U.S. among the populace, who were involved in aviation. Reportedly, the Israelis even were monitoring a couple of the 9/11 hijackers in the U.S. at one point.

Should we not be streamlining our intelligence bureaucracies to avoid another Marathon fiasco, before sacrificing what little remains of our privacy on the altar of national security?

1. https://www.eff.org/deeplinks/2015/04/clipper-chips-birthday...

pc2g4d 1 day ago 0 replies      
I think this issue is important and I hope Apple prevails over the FBI. However, I'm also left feeling that they're subject to this request only because of what amounts to a security flaw in their own devices.

How/when can I run a phone OS that simply isn't subject to such known flaws and corporate manipulation? What are my options?

mtgx 1 day ago 3 replies      
> What the court is ordering Apple to do, security experts say, does not require the company to crack its own encryption, which the company says it cannot do in any case. Instead, the order requires Apple to create a piece of software that takes advantage of a capability that Apple alone possesses to modify the permanently installed firmware on iPhones and iPads, changing it so that investigators can try unlimited guesses at the terror suspects PIN code with high-powered computers. Once investigators get the PIN, they get the data.

I don't think there's much difference between a backdoor and that. A backdoor can be "just a vulnerability", and that's what the FBI is asking Apple to create - a vulnerability in its security system.

It's kind of like saying "we don't want Apple to break its AES-GCM encryption, we just want it to replace it with RC4." Or "we only want Apple to support export crypto protocols as well, so we can downgrade to them when we do our attacks".

Whether we call it a "backdoor" or "vulnerability" or "just don't make it that secure" thing, the end result is the same. The FBI wants Apple to weaken its security, and that weaker security can and will be exploited by malicious actors, too (even if you're assuming it won't be abused by the FBI and the police itself, which of course it will be).

treebeard901 1 day ago 0 replies      
Two interesting possibilities to consider: 1) The government has already gotten past the iPhone security and read the data.

2) Apple already has the software they were asked to create.

sarciszewski 1 day ago 1 reply      
Warning: Autoplay video.
MCRed 1 day ago 2 replies      
My Facebook feed is full of people ragging on Trump for being on the wrong side of this issue, but they are silent about Obama:

"In a secret meeting convened by the White House around Thanksgiving, senior national security officials ordered agencies across the U.S. government to find ways to counter encryption software and gain access to the most heavily protected user data on the most secure consumer devices, including Apple Inc.s iPhone, the marquee product of one of Americas most valuable companies, according to two people familiar with the decision."

Building Large Flask Apps in the Real World etscrivner.github.io
349 points by shinryuu  3 days ago   167 comments top 27
aidos 3 days ago 8 replies      
> In the end you should be aiming to design your application to depend on Flask as little as possible.

I'm 3 years in to a project where I've taken the approach of having my "app" as its own package. Flask is then a thin wrapper that instantiates the app and then exposes the views to talk to it. I handle validation / sessions / config etc within Flask.

It's extremely flexible. I have some stuff that runs off as worker processes. No problem - the core is the same, the wrapper around it is different. I also have a boot.py that I can call so I'm working directly with the app in ipython (again, it's a wrapper that starts the app).

I'm currently reworking the structure for capacity planning, which is mostly just a matter of splitting the Flask app into 2 apps for handling different parts of the work.

Because my core app is decoupled from the web app it's all really easy to do.

m_mueller 3 days ago 3 replies      
Here's why I use Flask for every web project:

- It is both 'out of my way' and flexible enough to scale up. I.e. you can start with a 5 LOC hello world, but it still handles a large app with lots of components well (Blueprints).

- It doesn't force a data model / DB onto me - I can just plug in whatever I have (unlike Django).

- It doesn't even force a templating engine onto me - I always use mustache instead of jinja2 (it's extremely tiny, tidy and portable to any language, so it's much easier to port code to other devices / platforms).

- wanna just get started? `sudo pip install Flask && python ./hello.py` --> served on localhost:5000. I recently started a project[1] while in a meeting with someone complaining about some complex app we had - built a prototype with him together that could replace the entire thing and solves problems we had in 2h. Having a foolproof starting point without any configuration and then being able to build up from there is essential.

[1] https://github.com/muellermichel/guetzli

condescendence 3 days ago 1 reply      
Flask is just awesome, I've never messed with a framework that's made things so simple yet doesn't take away from functionality if you're looking to build more complex apps.

Anyone looking to get into webscripting/webapps should definitely take a look at flask, its python based, good for prototyping or production apps and has tons of useful documentation.

matt_wulfeck 3 days ago 0 replies      
> Scaling in terms concurrent users also has little to do with the web framework and more to do with your understanding of load-balancing, caching, databases, etc.

This is what it always come down to for me. I know that when we can get our app running efficiently with reasonable memory requirements on a single core, then scaling it is really just about launching processes and load balancing them. Scaling out boxes is always easier than scaling out code -- for better or worse.

I'm not talking about load balancing servers mind you, but applications on any given host. Two layers of load balancing. When I'm comfortable with the resource requirements I launch as little or as many of the app in a predictable manner across any number of nodes. It's comforting to know that given X, Y core and ram, I can run N services.

esaym 3 days ago 3 replies      
I think Flask is like Ruby Sinatra and Perl Dancer.

I've used Dancer quite a bit. Some for larger apps (30+ pages)

This is how I typically lay out a Dancer app. Starting with a top level directory of application name, say "MyApp", I put the routes in different directories instead of jumble them all up in one file. As an example, lets use an app that handles and tracks customers and orders. So something like this:

 MyApp/ Routes API Component Customer.pm Order.pm Customer.pm Order.pm API.pm Customer.pm Order.pm
(templates should have a similar layout in a separate 'Views' directory)

Routes/Customer.pm would handle basic requests like GET /Customer/list and POST or GET Customer/1

While routes handling json/ajax only requests (from jquery ect) would be in Routes/API/Customer.pm. Routes/API.pm would be an api for stuff that doesn't directly involve a Customer or Order object (perhaps returning json from an inventory table or something)

And if you get tired of requesting json just to convert it into html with javascript and you want the power of a template (without a SPA); I fetch that stuff with jquery .load() using the 'Component' routes (dynamic parts of a webpage). For example, perhaps when making a new quote, you select a specific customer and you want open orders to be displayed in a popup or inline div somewhere. Using jquery .load(), you would just easily fetch /API/Component/Customer/Open-Orders/<cust id#>, ect and then just inline the returned html. If you stick to a rule of "components can only return html and not cause a page refresh", you will keep from getting too big of mess with them.

This is just sorta a method I made from various best practices from other frameworks. Perhaps its barftastic, but I haven't been complaining about it.

idm 3 days ago 0 replies      
I've used Flask for several dozen projects, mostly in the data science space. I combined the reusable bits to create http://flask-diamond.org - and I've written lots documentation to help people get work done using it.

Flask-Diamond establishes some common practices so that you are not starting from scratch for each and every new Flask app. In a research context, I might scaffold multiple new apps per month, so this has been a huge time saver for me. This has also made Flask teamwork much easier.

encoderer 3 days ago 1 reply      
The post mentions Falcon at the end. At Cronitor, I rebuilt our ping tracking endpoint (peaks over 100r/s) with Falcon, breaking it out of Django, and I wrote a blog post about it:https://blog.cronitor.io/scaling-django-breaking-out-not-bre...

Here's a tldr:

 Logging requests to a flat file on a t2.small instance: Django: 519.93 trans/sec Falcon: 2083.19 trans/sec

welder 3 days ago 0 replies      
Flask is awesome! Here are some must-use libraries along with any Flask app:

https://gist.github.com/alanhamlett/ecb3656a1d1bfb3feb31 requirements.txt)

Flask is great for small projects, and also scales to large apps like https://wakatime.com

jqm 3 days ago 1 reply      
Falcon (http://falconframework.org/ mentioned at the bottom of the article) does look interesting.

I've also had good experiences with bottle (http://bottlepy.org/docs/dev/index.html) for building internal apps for companies. The limited amount of users means I don't have to worry much about scaling and bottle with Paste server works pretty nicely. Jinja2 templates can also be used with bottle which is a plus. It's also pretty easy to compile this setup into an executable so it can run off someone's Windows machine and no need for a separate server. This setup makes a really convenient internal-use app which is easy to send to end users for deployment.

kunoo 3 days ago 6 replies      
A bit off topic, but does anybody know why development looks stopped since 2013? http://flask.pocoo.org/docs/0.10/changelog/

I'm in the process of writing my first webapp, and thses days it's a bit strange seeing a popular framework not being updated (even if it's just for bugfixing) a few times a year.

TeeWEE 2 days ago 2 replies      
While flask is a nice framework, it has some problems. I worked with numerous python web frameworks, mainly webapp2 and flask. So some things i don"t like about flask:

Disclaimer: You can architect beautiful apps in apps, its just easy todo it wrong.

GLOBALS:Flask has a lot of globals (from flask import g, request, current_user, etc.) A better web handler function looks like this handle(request) -> response. Any other web framework that I know does it like this. Much better. Flask promotes touching the 'request' object everywhere. Example: https://github.com/lepture/flask-wtf/blob/master/flask_wtf/f.... Flask is not functional, its inherently statefull with globals.

MIDDLEWARE:Flask promotes writing middleware as decorators functions, while it looks nice, it not really useable anywhere else, and its not really a standard. At least you can still use WSGI middleware.

BLUEPRINT are nice, but have issues:When you create a blueprint, for a sub app, you cant set error handlers. They only work on app level. Also (small issue) You cant add blueprint specific middleware.

Better way to create 'sub apps': Use a new WSGI App.Or use a sitemap where you bind functions to paths.

SITEMAP @route has disadvantagesFor big apps, its nice to have a single routes.py file where you can see all urls the app supports, and which methods to handle those. The @route is nice to use initially, but imho for big apps it becomes messy. Also it promotes circular imports:

 view.py: from init import blueprint #circular import! blueprint.route('/test/') def f(): pass init.py: blueprint = new Blueprint from . import view assert view # ensure the handlers are initiallized

ccanassa 2 days ago 0 replies      
I spend the last 3 years on the microframework bandwagon, and now I am quite pleased to be back writing Django code.

In my experience, any sufficiently large Flask project contains an ad hoc, bug-ridden, slow implementation of half of Django.

nerva 3 days ago 3 replies      
So what's a good (clean) way to create the frontend for Flask apps? I have a decent sized Flask app and I've created a mess with all the templates, static CSS/JS now.

What JS framework do you tie it to, if you use Flask to just create an API/manage sessions?

nawitus 3 days ago 7 replies      
How do you load balance a Flask application since it's single threaded? For optimal performance shouldn't there be a single Flask instance (process?) for each request being processed? What kind of load balancers are usually used with Flask and how do they decide to spawn new Flask instances?

And why should Flask be used instead of asynchronous Tornado or Node.js?

itajaja 3 days ago 0 replies      
Shamelss plug: We are using flask-resty [1] for our microservices and it's awesome. it uses sqlalchemy and marshmallow and the resulting code is very terse and declarative.

[1] https://github.com/4Catalyzer/flask-resty

foxhop 3 days ago 1 reply      
I do not use flask for large applications, I reach for Pyramid instead.
abledon 3 days ago 0 replies      
If your interested in websockets for flask, Miguel Grinberg has a straightforward implementation:


avyfain 3 days ago 0 replies      
I have been working with flask over the last 6 months and the deeper I dive the more I feel like there are 100 ways to do each task.

Can anyone provide a few good open source flask projects worth reading?

akoumjian 3 days ago 1 reply      
This was a good general list of things to consider for scaling any web applications. What I've noticed though is that all my flask apps, after adding in all of the standard components, eventually converge on a Django-esque setup anyway. So now I just use Django, and if I don't want to use a particular component (ie: orm, templates, whatever) I don't, or I swap it out. On the other hand, if I do want to use those components, they are right there.
andrewstuart 3 days ago 2 replies      
Bottle and Flask are similiar and a great place to learn and start your journey with Python web application development. It is pseudo-minimalist though, so either you must almost immediately start reinventing the wheel to build basic stuff that you will need (as a novice developer I started by writing my own sessions and cookie handler).

The next realisation you'll come to is that all that stuff has already been written by someone else as addons. So you try that but eventually you'll find you are in so much pain from problems with integrating addons that you will realise that you would be best off with something that has all the basic functionality "batteries included". So then you'll try to find projects on github that have already baked together Flask plus all the plugins into a boilerplate project. Then you'll find that there's many ways to bake all that stuff together and start to wonder if maybe you're now using a framework. But the boilerplate Flask with addons integration doesn't feel like it has a really well thought out consistent overarching model.

So you'll then look at full featured integrated frameworks like Django where it's all integrated according to an architectural vision (perfect or otherwise is a matter of opinion) and although you might mot like some of the components, at least its all built in. Flask still carries of cruft and mental model though, because it is from earlier days of web development when you built the front end in the back end using things like Jinja templates.

And then one day you'll need to build just a simple REST API without all the bells and whistles needed in a web application. So you can then look at Falcon which is extremely minimalist for developer who know they don't want any extra web application stuff at all including things like back end UI generation with templates. It's a sharp knife because there's almost nothing in it, and never attempted to provide the features needed to build user oriented web applications, so it has a very small mental model to grasp.


Bottle and Flask are great for finding your feet in web development without being forced to learn too many concepts all at the same time.

Django or Pyramid or something full featured for web application development

Falcon for REST API development

If you are willing to take on the cognitive load of going straight to your destination, I would recommend beginners start with Django or Pyramid or Falcon. If (and this is entirely reasonable) you need to get going in Python web development without being overwhelmed by the concepts, go to Bottle or Flask but move on as soon as you can.

If you love Flask and have the skills and competence to craft your own architecture and carefully selected from a menu of addons that suit you and know how to whittle out unneeded functionality, then Flask is the right choice for you.

m_mueller 3 days ago 1 reply      
Is it really best practice to initialize the logger in each python file? Seems strange to me, I've always just initialized in the main routine(s) and the logger that you set up like this is available from everywhere as a singleton (`import logging ; logging.info("hello world")`).
mattbillenstein 3 days ago 2 replies      
+1 flask-classy -- feels a bit like the old pylons which was a very simple and powerful framework
a_c 2 days ago 0 replies      
The "Architecture The Lost Years" talk is a real gem
auvrw 2 days ago 0 replies      
in addition to the flask documentation


the snippets page is really helpful


also, I've some boilerplate


even though it hasn't gotten attn in a while

acidity 2 days ago 0 replies      
Another one that I have used in multiple of my projects: https://github.com/mattupstate/overholt
bkovacev 3 days ago 1 reply      
What do you guys think of webapp2 framework? How does it compare to flask?
jorgecurio 3 days ago 4 replies      
Don't be fooled by the "micro-framework" line. My experience of building SaaS on top of Flask is that you are going to have to reinvent the wheels for a lot of things.

Flask is plagued with abandoned plugins from a cesspool of weekend contributors which you rely on for basic things such as authentication and ORM. Tough enough as it is with all the outdated documentation for each of the plugins you need.

So my recommendation based on 2 years of working with Flask is don't fucking do it, unless your product doesn't extend beyond couple of HTTP endpoints served over uwsgi + nginx for your internal applications.

I really wish I'd spent all that time I spent on Flask on Node.js, python was the wrong medium to distance myself from PHP frameworks.

All in all, 4 years have passed since my search of alternatives to LAMP. And finally, it wasn't some open source framework or asynchronous javascript to save the day, it was Amazon Lambda + API Gateway.

Gone are the need to spin up Vagrant, docker, mysql/postgresql. I just upload the specific script I want and bam. Npm modules and pip modules too.

I've in the process of migrating to AWS and leaving Flask. Great initiative, ruined by abandonware plugins and modules, certainly not attractive to entice developers to build their own wheels.

The biggest mistake you could do is basing speed and agility as basis for going with Flask. It is the complete opposite. I think using Laravel or even CodeIgniter will significantly cut development time.

Regardless, I'm done with the whole server/client frameworks and have migrated to AWS without any servers to maintain or setup. There's even frameworks for "Serverless" architecture now which makes me shake my head.

The IPv6 Numeric IP Format Is a Usability Problem zerotier.com
308 points by LukeLambert  1 day ago   181 comments top 37
mrb 1 day ago 2 replies      
The author suggests using deadbeef.1 instead of dead:beef::1. But his scheme cannot work. If you see deadbeef.ad there is no way to tell if it refers to his IPv6 notation, or to a domain under the .ad TLD (many other ccTLDs are valid hexadecimal numbers). And you can't replace the dot with a colon (because many of his other complaints were caused by colons). You can't use a character other than dot or colon (because so much network software is written assuming IPs/hostnames can only contains alphanumeric, dash, period, or colon chars that it would be too painful to introduce a new character).

So get over it. IPv6 is not meant to be usually exposed to endusers. Use hosnames. Use DNS, or mDNS or LLMNR on small networks without a resolver. Etc.

teddyh 1 day ago 7 replies      
What is the rational reason, if any, for gripes like these?The time to have this discussion would have been in like 1993 or so. Now, IPv6 is what we have, and the standards are what they are, flaws and all.

The only reason I can think of is psychological: People dont want to learn new things, so they find reasons to dislike the new thing to be able to pretend they dont need to learn it.

Also, the double-click argument is crap for two reasons: Firstly, it can be fixed by configuring your local software, and secondly, IPv4 addresses also had this so-called problem.

> IPv6 is still in the early stages of adoption

It really, really isnt. It might look that way to you, in the US, at your home endpoint, but move to the backbone or outside the US and you get a very different picture. ARIN in the US just happened to be the last of the RIRs (except AFRINIC in Africa) to run out of IPv4 addresses, so the US was able to put off switching for longer than most, and the whole of the US is now consequently behind the curve.

elcritch 1 day ago 5 replies      
If you're really adventurous, you could just use Braille which has 255 Unicode symbols. Ahem

ip6emoji("fe8000000000000003ceecdfffe30c27",Char(0x2800)) => ""


 deadbeef000000000000000000000001 2607f2f8a36800000000000000000002 fe8000000000000003ceecdfffe30c27 fe800000000000000000000000000001 2607f8b040078090000000000000200e 

At first I was just playing around, but after a bit it begins to resemble one of those binary clocks. It even becomes somewhat natural to read. Might actually use this for myself... something nice about the 2x4 bit block patterns. 64bit pointer addresses?

victorhugo31337 1 day ago 0 replies      
Finally, someone said it! I've always felt that the biggest hurdle in IPv6 adoption is the complicated address notation.
__david__ 1 day ago 0 replies      
Better not tell this guy about abbreviating ipv4 addresses. http://127.1/ or http://2130706433/ might blow his mind.
jrockway 1 day ago 0 replies      
If the colons make you sad, don't worry, the addresses are represented with dots in some places. For example, DNS:

 $ dig -x 2600:3c03::f03c:91ff:fe93:50b0 ; <<>> DiG 9.9.5-3ubuntu0.7-Ubuntu <<>> -x 2600:3c03::f03c:91ff:fe93:50b0 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40052 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;0.b. IN PTR ;; ANSWER SECTION: 0.b. 18272 IN PTR itchy.jrock.us. ;; Query time: 0 msec ;; SERVER: ;; WHEN: Fri Feb 19 22:34:49 EST 2016 ;; MSG SIZE rcvd: 118

makecheck 1 day ago 5 replies      
Another potential problem with the sometimes-length-varies aspect to IPv6 addresses is that serious software bugs can be hidden. An array allocated to an insufficient size may work for quite a long time with the vast majority of addresses that take advantage of shortening tricks like "abcd::::", and fail only when presented with an address string that uses the maximum possible IPv6 address length.

I think this article has a lot of really practical ideas that would help a lot.

I suppose the only other thing Id want to allow in an IPv6 address is a Perl-like underscore anywhere for visual separation that acts like a comment; e.g. Perl lets you say things like 1_000_000 to mean 1000000. The article suggests a single dot but I think that could still be combined with visual underscores for things like "dead_beef_._0001".

Piskvorrr 1 day ago 3 replies      
Aaand that's why we have DNS. Solved decades ago, next.
jsz0 1 day ago 0 replies      
Most of these issues mentioned are created by trying to treat IPv6 like IPv4 instead of adopting modern techniques for IP address management, automation, named objects in network device configs, etc. I've only been using IPv6 in production for about a year and it's already second nature to me.
vidoc 1 day ago 0 replies      
the double-click thingy can be remedied on xorg by adding 58:48 to the X resources, e.g:

XTerm*VT100.charClass: 33:48,35:48,37:48,42:48,45-47:48,64:48,95:48,126:48,43:48,58:48

pmarreck 1 day ago 3 replies      
The FIRST problem is that IPv6 wasn't designed to be backwards-compatible with IPv4.

That is the MAIN reason why its deployment and adoption rate has been a long clusterfuck.

mintplant 1 day ago 0 replies      
> Then theres how the :s are used. For a full-length un-shortened IPv6 address, they are supposed to appear every 16 bits like:

> dead:beef:0000:0000:0000:0000:0000:0001

> Im sure there was a reason for this choice, but to us after using IPv6 for years it still seems utterly arbitrary.*

If I had to guess, I would say they're there to chunk things up for reading aloud.

"Read me that address off the console."

"Okay, d-e-a-d..."

"Got it."



"...a bunch of zeroes, then 1."

They also make it harder to lose your place when reading it back.

feld 17 hours ago 0 replies      
Actually the IPv6 address allows you to put a lot of useful detail into your address scheme. If this is supposed to be a complaint from a network admin he simply doesn't know how to plan an IPv6 deployment properly.

Edit: he hasn't even mentioned zone IDs represented by a % which would make him even more angry if he had to figure them out

tl;dr use mdns. You should never have to type an IP. Yes the mdns software sucks and has a huge attack surface because it's bloated.

x0 1 day ago 0 replies      
Thank you! Finally, someone else is saying what I've been thinking.
digi_owl 1 day ago 0 replies      
Sheesh. Best i recall, they chose this pattern because it matched the notation used for MAC addresses. And a IPv6 network can in essence self-assemble by using said MAC as a basis for the IPv6 address.


BTW, don't most home routers etc take a hostname and add it to a .local DNS domain stored on the router?

killface 1 day ago 0 replies      
I've mostly avoided IPv6 because AWS uses IPv4 and it works fine.

but yeah, whenever I see an ipv6 format address, it takes way too long to parse it out. unless you were a network engineer at some point, it's not going to become second nature any time soon.

runjake 1 day ago 0 replies      
I deal with IPv6 day in and day out and I don't share the same confusion and annoyances the author does. Sure, there's a learning hurdle, but once you're over it, it's fairly smooth.
tyingq 1 day ago 0 replies      
I don't see any of it as an issue.

String representations of IPV4's aren't all of equal string length either.

IPV6 can't be shortened into, for example, dead.beef.de, because it's ambiguous as to whether that would be a domain name, or an IPV6 address. Likewise, other suggestions make it ambiguous with an IPV4, or even if not technically ambiguous, likely to break some existing code.

Raw IP's aren't exposed to the masses often anyway, so the bulk of the downsides of the current compromise should be constrained to just technical people. They will just have to figure it out.

cm2187 1 day ago 3 replies      
What's the point of using non standard ports with IPv6? If a machine can have a million different IPv6, why would one even bother using a non standard port?
paulannesley 1 day ago 0 replies      
Interesting; Mac OS double-click highlighting doesn't actually handle all the examples given in the article. e.g. deadbeef00000000.1 works, but deadbeef.1 doesn't. I guess the first segment needs to contain a digit, which perhaps triggers a mode where the period is interpreted as a decimal point.
lamontcg 1 day ago 0 replies      
"Last but not least, nearly all graphical terminals refuse to highlight IPv6 addresses with a simple double-click. This issue might not have existed in the mid-late 1990s"

Yes, we'd barely introduced fire then, we certainly didn't have the technology to double click to highlight a word...

kaydo_com_au 1 day ago 0 replies      
I don't see any problems with the current IPv6 apart from backward incompatibility with IPv4. If IPv6 is difficult to start with, I would recommend to look at MAC address, Wi-Fi address, Bluetooth address first and then you will understand more about IPv6
castratikron 1 day ago 0 replies      
As I understand it a lot of work went into making SLAAC in order to overcome the hassle of having to manually handle these IPv6 addresses. The idea is that you shouldn't usually have to type in a full IPv6 address by hand.
nemith 1 day ago 0 replies      
Good points, just 25 years too late. This shouldn't be a post in 2016.
acscott 1 day ago 0 replies      
Upper estimation of human population is 7.4 billion. With average number of devices at 5, that is 37 billion. In decimal that is 11 digits. In HEX (89D5F3200) that is 9 digits.
csours 1 day ago 1 reply      
Imagine reading IPv4 addresses over a crummy radio on a loud manufacturing plant floor while troubleshooting connectivity issues. Now imagine reading an IPv6 address in the same conditions.
feld 14 hours ago 0 replies      
No mention of ipv6buddy.com in the comments is a real shame
exxo_ 1 day ago 0 replies      
You can already have dots in IPv6 addresses if it's an IPv4-mapped/compatible address (e.g. ::FFFF:
emmelaich 1 day ago 0 replies      
How about base32 with semicolons for separators?

No case issues, semicolons don't appear in dns or ipv4, no shift key required.

epx 1 day ago 0 replies      
People complain too much about anything...
imoverclocked 1 day ago 0 replies      
"Yes, this is very likely a pointless bunch of gripes."

The article should have started with this. Could have saved me countless seconds of skimming the article while summarizing in my head "boo hoo, I haven't figured out how to make my workflow any better after 2 years."

ck2 1 day ago 1 reply      
To make things worse are vanity ipv6 addresses

 2001:4b10:bbc::1 2a03:2880:2110:df07:face:b00c:0:1

emansom 1 day ago 1 reply      
This is satire, right?
bekreyev 22 hours ago 0 replies      
You can write everything as you like in DNS.IPv6 is not a problem.
bekreyev 22 hours ago 0 replies      
You can write as you like in DNS.IPv6 is not a problem.
jacksonsabey 1 day ago 1 reply      
> To fix the ambiguity, brackets were introduced

literals were introduced because the order of parsing for an email host is first "Domain" for any non literal, then literal which defaults to IPv4 [], then a literal prefix was added for IPv6 and any future registered protocol "[IPv6:::]"

the order for parsing for a URI is:

// host = IP-literal / IPv4address / reg-name

// IP-literal = "[" ( IPv6address / IPvFuture ) "]"

ipv6 just happens to use a colon which conflicts with the port delimiter from authority in a URI so it's a literal and not a registered name

// [ userinfo "@" ] host [ ":" port ]

> why not re-use the dot from IPv4 notation

because you have conflicts from "0.0 ->" to "255.16777215 ->"

0-9 conflicts with an IPv4 decimal

a-f conflicts with GTLDs

the only reason your blobs don't have a conflict with an IPv4 Historic is because hexadecimal notation starts with 0x

> try double clicking on those

try double clicking on any of these valid characters from "reg-name"

// unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"

// sub-delims = "!" / "$" / "&" / "'" / "(" / ")" / "" / "+" / "," / ";" / "="

or these from IPvFuture

// IPvFuture = "v" 1HEXDIG "." 1( unreserved / sub-delims / ":" )

// unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"

// sub-delims = "!" / "$" / "&" / "'" / "(" / ")" / "" / "+" / "," / ";" / "="

if you want to develop your own "standard" either use the literal IPvFuture, or use a Registered Name

non literals IPv4, IPv4Historic, and Domain names are valid registered names, but domain names aren't even part of the URI standard

the only reason you would have conflicts with domain names is because they're de facto parsed after an IP, so a double dot would probably be discarded as invalid, which is why punycode exists for unicode

if at that point you didn't have any conflicts it would be a registered name, but you wouldn't have any way to resolve them

lastly, if you want to fix the nonissue of double clicking use a registered name, if you chose to use underscore you may have conflicts with dns

edit trying to figure out newline parsing

SF tech bro: I shouldnt have to see the pain, struggle, despair of homeless washingtonpost.com
299 points by gallerytungsten  2 days ago   493 comments top 86
Afforess 2 days ago 22 replies      
To play devil's advocate, he's right. He shouldn't have to see the pain, struggle, and despair of homeless - the city government should be providing affordable housing and shelters for the homeless. That it hasn't is a failure of the local government, and should be addressed. Much of the reason that affordable housing is out of reach of many in San Francisco is due to government regulation, not market capitalism. Extremely restrictive construction laws and absurd rent controls distort the housing market, which is driving the expensive home market and massive rents. A large portion of the blame for this situation falls to the government - they wrote the laws, they built this disaster.
discardorama 2 days ago 3 replies      
I think he does have a point... but he could have put it better.

I live in SF too; for ~10 years. I have never seen it this bad. The City passed a "sit/lie" law a couple of years ago.. but it's never enforced. The City is spending $1M/month ... for housing 225 people[1]. Do the math, and you'll see how ridiculous is that. At that rate, how much do you think the City can spend on the homeless? It has 7000 homeless, and counting.

Many of the homeless used to live in City housing, but got kicked out due to drug and alcohol habits. What's the solution here? You can't incarcerate them. You can't force them to use detox clinics, etc.

If the person refuses help, and refuses to follow the rules of whichever shelter they're in, then s/he has no more right to live in SF! As a last resort, the City is within rights to just kick you out. No one is entitled to live in SF. You can't just show up and setup tent in a public space; that public space belongs to the rest of us too!

[1] http://sanfrancisco.cbslocal.com/2016/02/10/san-franciscos-p...

dederp 2 days ago 2 replies      
I read his article. He is right, San Francisco has severe, unbelievable problems with homelessness and drugs which are so painfully obvious to anyone who has ever visited I felt like I was reading something out of the twilight zone.

I hate the climate of hostility towards anyone who remotely points this problem out. The reaction and tone of this article is exactly why I hate looking at Twitter now. It has become a platform for lecturing and shaming other people for stepping out of a very oppressive and narrow range of opinion or expression.

I now find articles like this and these daily recurrent societal witch hunts to be infinitely more offensive than anything this guy wrote. I don't want to live in a self imposed culture of toxic silence so no, Hacker News, I will not join in with your witch hunt and participate in group shaming of some random guy who wrote a bad letter.

anoonmoose 2 days ago 2 replies      
>> "Move over Martin Shkreli. You now have competition for the title of Americas most reviled millennial."

That seems unfair. Shkreli made the news for doing things that would have a tangible effect on peoples lives, and doing those things with a smile. Let's compare Shkreli raising the prices on life-saving drugs to the first paragraph of Keller's blog post:

>> "I am writing today, to voice my concern and outrage over the increasing homeless and drug problem that the city is faced with. Ive been living in SF for over three years, and without a doubt it is the worst it has ever been. Every day, on my way to, and from work, I see people sprawled across the sidewalk, tent cities, human feces, and the faces of addiction. The city is becoming a shanty town Worst of all, it is unsafe."

It's ridiculous and frankly narcissistic the way that he makes it about him and how it effects his life, to be sure. But, his three personal examples (from just this past weekend!) did a good job of driving home for me how interactions with the homeless are different in SF than they are in my area (northeast).

The guy could use a talking to about punching down but I haven't really heard too many people defending SF's handling of these types of issues either so I can't rip him for trying to bring more attention to the topic.

hibikir 2 days ago 3 replies      
The sad part about the blog post is that it does identify a big homelessness problem, but does so in a way that is callous and doesn't really help.

I spend a couple of weeks in SF this month, and was shocked at the level of homelessness that we find even in very well off districts. This is not something that is common in the big cities of the world. The city is OK with tents everywhere, but that's not really that good for the people that are now homeless either: Living on a tent on the street will not help their mental health, their self esteem, or their chances of getting out of that hole.

I don't think the problem is really the fault of the tech people moving in, and I sure don't blame the homeless themselves. The problem, once again, falls into the people that want to keep the city the way it was, and to avoid building, when the city faces other pressures that are unavoidable. San Francisco MUST build.

Until people change their mind, we'll see both more gentrification and more homelessness, until the city reaches a point where the combination of prices and homelessness makes the city life into a dystopia: Maximum inequality, brought in by policies trying, but failing, to make the city be inclusive. I sure hope San Francisco voters change their mind before it gets to that.

joeguilmette 2 days ago 3 replies      
I was in Chinatown talking to my grandmother on my cellphone. A homeless person walked up and punched me in the face.

SF has the worst homeless problem I've ever seen in the first world, and it rivals the worst of what I've seen in the third world.

It's a disgrace and it sucks and I don't have to like it. Whatever the local/state government is doing isn't working. And sure, maybe a lot of the homeless are just normal folks down on their luck.

But as others have pointed out in this thread, a lot of the homeless are also:

* There by choice

* Violent criminals

* From out of state

* Mentally unstable

I can have empathy for them and also want them not to piss and shit in public, beat me up, steal from me, turn a quaint downtown into a war zone (Santa Cruz), ad infinitum.

m1sta_ 2 days ago 0 replies      
Is there anyone here who does want a group of homeless persons lining the streets of their commute, or outside their homes and workplaces?

He is being self centred in his viewpoint but he's also not unique. Most people pay extra, and as a result work harder and longer, to live and work in neighbourhoods which allow them to ignore the plight of others.

I do hope the response to this is genuine agreement that things need to change because it benefits everyone, followed by associated action, instead of just hysterical and shallow "omg I can't believe he said that".

koolba 2 days ago 3 replies      
I don't want to see homeless people, drug deals, vomiting drunks, or pantless vagrants on my commute to work either. Does that make me heartless? I would hope not because otherwise these problems are not going to be solved. You need people who do NOT want to see that kind of crap on a daily basis to do something about it.
kauffj 2 days ago 3 replies      
It's ironic that Keller will get so much shit dumped on him for making the same exact argument that people make against more permissive immigration. Compare:

A: Allowing people trapped in unproductive countries to move to US/Canada/Europe would significantly improve their quality of life.

B: But think of burden to the welfare state! We wouldn't be able to afford the flood of people moving here for benefits.

A: Simple, just don't allow them benefits. Many people would still move to US/Canada/Europe even if excluded completely from the social safety net (or voting, etc.).

B: The thought of so many destitute people being in my country and not receiving help makes me uncomfortable.

The predominant attitude people hold toward the poor/disadvantaged outside their country is no different than Keller's: I simply do not want to be confronted with this. I'd prefer to not see it and pretend it wasn't there.

(Please do not take this as an argument for open borders, it is just an attempt to highlight a hypocrisy.)

beatpanda 2 days ago 0 replies      
I was the editor of the Street Sheet in San Francisco for a little over a year before going back into software engineering.

I can't even begin to describe to you how difficult it is to wade through the pervasive ignorance on this issue, ignorance that is expressed by basically anybody who has not had direct contact with San Francisco's homeless population.

You need to understand that unless you have studied San Francisco's problem specifically, you are very likely harboring some ignorant, harmful opinion about homeless people, and you owe it to yourself and to them to educate yourself. This report is a good place to start: http://sfgov.org/lhcb/sites/sfgov.org.lhcb/files/2015%20San%...

If you care at all about fixing this issue, don't sit around with your other tech industry friends and try to be boy-genius saviors. Seek out the people who have been working on this issue for a long time, who understand it, who can explain to you why it's a problem and why it's so hard to fix.

The Coalition on Homelessness in San Francisco is a really good start. They've been doing so much with so little for so long that they can now do everything with nothing, and they would welcome help from people who are willing to humble themselves and get to work.

We can make this city a better place if we just decide to work together.

stochastician 2 days ago 1 reply      
Note that SF already spends a large amount on the homeless http://www.sfchronicle.com/bayarea/article/S-F-spends-record... and that at least some politicians are starting to take notice http://ww2.kqed.org/news/2016/01/25/s-f-supervisor-scott-wie...

It's not clear what the solution is to this complex problem.

rdlecler1 2 days ago 1 reply      
SF does have a much bigger homeless problem than other cities, and whether it is cause or effect, it's at least correlated with significant and chronic drug use.

I live in an area affectionately known as the 'tender knob'. We've had people defecate on our steps, tear open our garbage bins and leave litter everywhere, and shoot up drugs and leave dirty needles in our outside stairwell. Before moving to SF from NY, I had never seen people defecate on the middle of the sidewalk in the afternoon. The owners of our duplex live upstairs and they've been brought to tears having to deal with this on a weekly basis. I wouldn't feel safe having children in this area.

Yes there are homeless people who had some bad luck and are just trying to get back on their feet. Most people are sympathetic to that. But it's different in SF. Walking around you can't help but feel that many, if not most, of the people are chronically homeless drug addicts who have passed the point of no return. That's the problem we need to deal with.

Moreover, there seem to be strong network effects at work here. You might argue that by not 'pushing out the homeless', that you're actually maintaining a dangerous, self-reinforcing, social environment that is constantly attracting new members. In effect, are we making the problem far worse?

alistproducer2 2 days ago 1 reply      
I recently quit Facebook because I wanted avoid the state of permanent outrage that platform has come to feed off. Some random guy says something reprehensible and we're all suppose apply their comment to an entire group and get into a discussion about said generalized group. Rinse and repeat. It's old and pointless. HN is way better than this.
Spooky23 2 days ago 2 replies      
Homeless activists are the most annoying do-gooders of them all.

Let's fight for the right of people, who are mostly struggling with mental illness and addiction to live in the street.

That sure feels noble I guess.

How about making appropriate institutional care available so these folks wouldn't have to sleep in the streets?

In my town, there's an article in the paper today decrying the fact that a local institution is no longer venting waste heat that kept vent grates warm, so people cannot sleep outside.

lowpro 2 days ago 0 replies      
Even though Justin seems like an asshole, I wish the Washington post and other news sources would try to objectively report the news instead of joining the bandwagon and making fun of the views of others. This type of subjective reporting doesn't lead to civilized discussion where you actually address the other sides views, not their delivery.
Fede_V 2 days ago 1 reply      
I'm just struck by the total lack of compassion towards your fellow humans. Levinas used to say that ethics was recognizing the obligation that we have towards people that are suffering - I just wonder how someone who is not a sociopath can see a suffering person on the street and feel slighted because their view was ruined.
lhnz 2 days ago 3 replies      
Certainly not very compassionate, but is it true that the homeless in San Francisco have a drug problem that is making the area unsafe?

Is nobody trying to treat or house these people?

Shouldn't people take this piece and use it as further evidence that there is a problem that needs to be fixed, rather than merely a culture war they can take part in?

As usual, everybody want's to talk about how much of a 'bro' this guy is, but nobody gives a shit about improving the lives of the homeless.

armandososa 2 days ago 0 replies      
I went to SF (and to the US) for the first time last month and I too was baffled by the amount of homelessness I saw, which is more striking when contrasted to the wealth and beauty of the city (which I loved).

Also, I think we are judging this guy too harshly because of his privilege status. But I cant tell you that I live in Mexico, the third freaking world, and even people living on $4 don't want to see homeless people showing their genitals at them.

VonGuard 2 days ago 1 reply      
While this guy maybe went about saying it wrong, he has a point. There really is no other place on Earth that puts up with the level of homelessness we see here in the Bay Area. New York, Boston, Chicago, none have anywhere near this many homeless people. All over Europe, there are few homeless people.

It's really a specifically Bay Area, or maybe a West Coast problem. It's utterly out of control. It's complex, it's hard to solve, it involves many many factors. But at the end of the day, it's still true that Bay Area natives are completely oblivious to just how ridiculous the homeless problem is, here. It's the first thing EVERYONE notices when they visit here, and we all just ignore it like it's normal.

I'm sick of it too, though I hope for a compassionate solution, on the other side of it, if I had run out of money and was living on the streets, I would most likely leave the Bay Area on foot and head for some place that isn't the most expensive city in the fucking country. I mean, is it surprising people can't afford places to live, here?

I don't know what the solution is, but after living here for 18 years and seeing the problem only get worse, not better, I completely agree something has to change, here.

mikeash 2 days ago 1 reply      
Holy shit.

I saw the quote in the headline and thought, that is some seriously unfortunate wording. I get what they mean, but putting it in the first person like that makes it sound like the problem is the seeing, not the pain, struggle, etc.

Then I read the actual letter. It's not unfortunate wording! They actually intend to say that the problem is the seeing! This person doesn't care in the least about these people, he just wants them out of sight!

randomname2 2 days ago 6 replies      
What is a "SF tech bro"?

In this context it seems to be intended as some kind of slur, or there is at least some negative connotation here. It's a man who works in tech who... what exactly?

sandworm101 2 days ago 2 replies      
The shame is that this individual is far from unique, and not just in SF. I run into people daily who speak of homelessness as a conscious lifestyle choice. I know of one SF attorney who constantly rants about how the homeless there all earn 50k a year. They build up these fantasy worlds to justify their perception of themselves as moral millionaires. They believe wealth to be the inevitable result of a heightened morality. Anyone without wealth is therefore morally backward and deserving of suffering. Give them a few years. Their bubbles will burst soon enough.
rm_-rf_slash 2 days ago 1 reply      
For all the shelters, clinics, and every other initiative to help homeless people "get back on their feet," we shouldn't forget two simple facts:

1: San Francisco is a great city and the winters won't kill you, so it's an attractive destination for everyone, especially the homeless.

2: Some people prefer to be homeless. No amount of detox or "good drugs" will ever change them.

I have a radical idea: pay homeless people to be homeless somewhere else. Give them a monthly income, distributed at a location outside of the city (and has to be picked up in person so people can't game the system), under the condition that they are never to return unless they can show any proof of residence. They can request limited exceptions to visit friends and so on, but once their city visa expires, they leave on their own recognizance. Honor system with one strike to lose their benefit permenantly.

Tech folk, instead of sinking tens of millions into fucking glyphy and Yo and other pointless shit that won't make money, try investing in this instead. You don't need a government program to make this happen, just money. You can use arrest records or other public info to spot violators, and it's not like you're preventing their freedom of movement, you're just giving them an incentive to keep getting free money.

Doesn't even have to be that much. Life is cheap when you don't pay rent.

sp332 2 days ago 2 replies      
How can he live in SF for years and think it's a free market? I live across the country and even I know that the housing market there is artificially constrained.

He really seems to think that homeless people grow on trees or something instead of realizing that they lived in the city before he did.

mjbh7k 2 days ago 0 replies      
Does anyone remember Leo, the homeless man that was given the chance to learn how to code? The libertarian tech utopia press loved it, but Leo never claimed his money and decided to keep living on the streets [1]. Homelessness is complex and is not a simple problem to fix.

The problem with this open letter is it is written with contempt and a complete lack of awareness of the author's own privilege. The "I don't want to see it, I earned my right to be here, make it go away" sentiment shows how little the author has thought about the problem and his own standing in the world.

Has he ever tried hanging out and having a conversation with any of these people? I do it all the time here in New York and used to do it a lot in SF (a city I now avoid because of people like the author). I recently had a great conversation about physics with a homeless man on Skid Row. The point is maybe he needs to stop, have a conversation, and find some empathy.

Most homeless shelters are dangerous places and are filled with restrictions, so many homeless people prefer the freedom of the street. Urge your local government to invest in long term housing for the homeless and not just shelters. Lift restrictions on building in SF to create more housing in general. Support mental health facilities. There is a lot of work to be done, but saying you earn a good living and therefore shouldn't have to see it isn't good enough. If you want that life move to a gated community, not a major city.

[1] http://www.businessinsider.com/leo-the-homeless-coder-2015-2...

marknutter 2 days ago 3 replies      
This fucking sucks. I know Justin personally, and to see the vitriol being spewed forth at him makes my stomach churn. His blog post was clearly written out of frustration, and lacked nuance, but in no way does it justify the response it has received. None of these scathing articles or drive-by tweets are asking for clarification. Instead, his character is being assassinated as an extension of the growing fervor around income inequality and political correctness. If you have a problem with Justin's blog post, then write your own opinion about the problem and maybe highlight some potential solutions. Because if you're just using it as an opportunity to get your daily boost of self-righteousness you're just as complicate as the rest of us who are happy to go on about our daily lives ignoring problems like homelessness.

Seriously, fuck all this misplaced outrage and fuck these kinds of character assassinations of people with differing opinions. We're entering an age where it will be impossible to take a position that goes against the mob's mentality. The chilling effect will be severe and we will all be worse for it.

murbard2 2 days ago 1 reply      
Many people react with horror to the idea of policing homelessness. Yet, when given a choice to live between two identical cities, one permissive towards homelessness and the other not, I bet the vast majority would choose the latter.

Many homeless people are down on their luck, have mental illness problems or both. Many homeless people can also be rude, aggressive, and can deteriorate the quality of life in a city by littering, urinating publically, etc. The two aren't exclusive. Many people are caught in a form of dialectical thinking between privileged/unprivileged oppressor/oppressed. Life is more complicated.

What strikes me as ridiculous with the situation in San Fransico is that it's so economically wasteful given that the city has become one of the most desirable place to live in the country,

The Coasian solution would be for the residents to pay the existing homeless to move out of the city and then proceed to police it more thoroughly. I'm convinced there is a price at which everyone involved, including the homeless would be better off. The problem is that, besides the coordination cost involved, the idea feels icky and unconscionable.

Andrex 2 days ago 2 replies      
Getting flashbacks here.



Semi-surprised to see this crop up again when the outrage over these incidents was pretty severe and infamous.

basseq 2 days ago 1 reply      
I'm kind of disappointed in the Post on this one. From reporting on internet outrage to repeating another publication's "tech bro" slur, this isn't set up to engender a real debate.

Justin Keller is a terrible "face" for the debate (and so is Edna Miroslava Raia for the opposition). The facts are that San Fran has an economic problem and a homeless problem. Those problems are not mutually exclusive, but neither are they the same thing. Justin shouldn't have to worry about being accosted, and he shouldn't "have to see the pain, struggle, and despair of homeless people"but because the problem should be solved, not swept under the rug.

scelerat 2 days ago 0 replies      
Most of San Francisco's homeless, around 70%, were living in San Francisco at the time they became homeless. Nearly half lived in San Francisco longer than ten years [1].

The homeless don't have a whole lot of say in the policies that affect them, such as affordable housing, policing that concentrates them in particular areas (most noticeable recently with the super bowl) and so on.

One reason among many that tech folk are noticing more homeless people is that the techies are moving into poorer neighborhoods (eg Market street and the TL) and causing rents to go up. Police officially or unofficially try to create homeless zones, and these become concentrations of addiction, disease, and filth.

[1] https://www.stanthonysf.org/san-franciscos-2015-homeless-cou...

alva 2 days ago 1 reply      
Does anyone have an answer to why so many of the homeless in SF behave in such a way?

I have lived in major cities all my life that had varying degrees of homelessness. From my trips to SF I have been shocked to see the consistent and prevalent anti-social behaviour of the homeless.

Mental illness is obviously a large problem, but I would expect to see similar levels between the SF homeless and comparable cities.

Not trying to bait or take sides here, genuinely interested in what causes the difference in behaviour of SF homeless and their equivalents in other major cities.

pfarnsworth 2 days ago 0 replies      
San Francisco spends $250M/year on homeless people, with zero metrics to figure out if the programs are working and zero accountability.

The mayor should be held accountable. And there is a problem with homeless people throughout downtown San Francisco. If such a massive amount of money weren't being spent, then I would understand but their budget is huge with no results.


bobbyadamson 2 days ago 0 replies      
What is this thing where people use the word "bro" to dissociate themselves from their colleagues who they don't like/make offensive remarks? The community is not spotless and that doesn't make those people "bros". Oh and by the way, can we discuss the fact that we have a homeless problem? You know, an actual problem? Since that seems to be brought up as little as possible in an article written essentially to hold up the argument that this "tech bro" is a shitty "tech bro" by the way did we mention he's a bro?
jakejake 2 days ago 0 replies      
Well like many people, this guy is pointing out a true and real problem. SF is a world class city but there are an unusually high number of drug addicts and homeless people walking the streets. But the author lacks any understanding of the root causes and, comically doesn't see his own role in the problem.

None of us like seeing homeless people but the problem is not that they are unsightly or annoying - the problem is why are they homeless to begin with and what is such a wealthy city doing to help? If you're only thinking of your own selfish needs then it makes sense to just "sweep up" people on the streets and send them somewhere out of site. Perhaps a good whack on the head with a night stick will dissuade them from returning. If you have no heart or compassion then it probably seems like a great idea. But if you have any sense at all then perhaps you can try to use some of your privilege to find real solutions to homelessness and perhaps lend a hand rather than try to swat them away.

doki_pen 2 days ago 1 reply      
"The wealthy working people have earned their right to live in the city. They went out, got an education, work hard, and earned it. I shouldnt have to worry about being accosted."

I hope to god this guy didn't come from affluence.

tempodox 2 days ago 1 reply      
Justin Keller's own words about this seem to imply that he thinks Democracy is a state of decay in politics: http://justink.svbtle.com/open-letter-to-mayor-ed-lee-and-gr...

This guy seems thoroughly unsavoury.

iblaine 2 days ago 0 replies      
It is a strange situation to see lavish tech offices with homeless people sleeping on sidewalks. One minute you'll be making your way through tents set up on sidewalks and the next you'll be inside a plush cafeteria with an endless supply of free food. It's a shocking contrast.
mikeboydbrowne 2 days ago 0 replies      
I don't like the article's tone. I agree that he could have expressed his thoughts more sensitively, but I think this article uses his post as a way to demonize "tech bros" instead of focusing on the actual issue. The Washington Post could have published something on San Francisco's homelessness problem, but instead decided to pick the low-hanging fruit and demonize an entitled tech worker who might have a point.
ryanlol 2 days ago 0 replies      
Wow. This is article was a completely disgusting read.

It's a straight up ad-hominem attack against Justin Keller, instead of criticising his writing it attacks his character.

I sincerely hope this is the end of Michael E. Millers career as a reporter.

And before you downvote me, read the article and focus on the parts that aren't quotes. The author goes to great lengths to paint Keller as an asshole while completely ignoring what he actually wrote.

PaulHoule 2 days ago 0 replies      
That's why I stopped going to conferences in San Francisco. If you don't like it, don't be there. Grow a spine and tolerate the cold.
kaiku 2 days ago 0 replies      
How much better this letter would be if it were reframed: we can't ignore the pain, struggle, and despair of the homeless; we need to do more to help and here's what I plan to do.

San Francisco, like many other towns, is a troubled place if you look closely. Homelessness is a complex and overwhelming problem with no easy solution. Addressing it in a practical, effective, and humane way will take concerted action by government and the residents of this city together. There's no other way.

As real as the author's discomfort and frustration may be, his words stink. Here is someone who neither recognizes the full potential of his undeniable privilege, nor sees its true limitations. He wants change, but having already paid for it, is entitled to it (he seems to say), and so the burden rests on others to fix the problem.

Justin Keller knows what a good society should (literally) look like, but he doesn't understand how to get there. I'm hoping he doesn't lack the empathy and humanity his words and tone suggest.

kelvin0 2 days ago 0 replies      
Tech Bro? This of course is to be interpreted as being pejorative, and also automatically creates a category of 'bad' people that are stereotypical 'bros'. Journalistic 'faux-pas' in the best of cases ...
feintruled 2 days ago 1 reply      
Justin Keller thinks life comes with customer support

That was quite the zinger!

danjoc 2 days ago 1 reply      
I just wanted to add, there are six empty homes for every homeless person in the US.


And that Detroit is/has bulldozed 20 or more square miles of empty homes.


rogersmith 2 days ago 0 replies      
This just in, SV is fertile ground for self-absorbed, self-righteous and inhumane assholes who think they are making the world a better place when they're really just doing the opposite. Read all about it.
innertracks 2 days ago 0 replies      
My wife is a social worker for the VA. Her job is housing homeless vets. From what I hear, clients typically struggle with mental illness, PTSD, military sexual trauma, and more. Some have what they need to get back on their feet and some are probably never going to because of mental illness. Yes some, and it sounds like a minority, have learned to manipulate the system as part of their survival strategy.

There are also some who just want to be left alone. Around here they live in the National Forests up in the Cascade Mountains. The problem for them is age. Right now the reclusive Vietnam Vets are coming out of the woods. They are just too old to survive out there on their own out there.

On the whole safe housing is showing to be very important first step. Homeless life does include a community on the street. It is typically a community that is not going to be supportive of positive change. Each member is experiencing their own untreated issues.

Removing the negative social elements and temptations first appears to be one of the important benefits. If you're an addict having friends offering you a hit is not very helpful.

Thus, for my wife, building relationships with housing agencies and businesses is a big deal. The landlords/managers with endless patience, understanding, and strong boundaries seem to do best.

13thLetter 2 days ago 0 replies      
Great: now that we've all gotten to enjoy a Two Minutes' Hate against the official evil figure of the dreaded !!TechBro!!, we can all go home and step over the derelicts lying in the doorways of our gated communities, happy that we've really helped those poor unfortunates.

This really is a good example of how toxic outrage culture gets in the way of solving problems. Maybe this guy was self-centered talking only about how much trouble the homeless cause him. Okay, say he was. And? If he's cowed into silence by the great armies of Twitter, has that put one more street person into an apartment or methadone clinic?

I'm reminded of that flap about a British business that had homeless people sleeping on the benches on their property, and switched them out for benches it was not possible to sleep on, and was lambasted for it. It really is a singularity of modern awfulness: we won't do anything to make people not be homeless, but we'll yell at (some other) hapless person across the city until they surrender and make sure the homeless have cold metal benches in front of their building to freeze to death on, as is their human right.

rwhitman 2 days ago 0 replies      
It's fascinating to watch San Francisco rapidly transform from being the utopian refuge of American progressives in the late 20th century, into a libertarian city-state in the 21st.

I can't help but think the Bay Area's escalating tension over income disparity, and the politics surrounding it, is a seed for far uglier conflicts in the coming years. Thankful I'm a distant bystander and not a participant.

kamaal 2 days ago 0 replies      
As an India currently here for work in the Bay Area, when I saw the homeless people in SF, I saw scenes very similar to the ones I see back home in any major Indian city. I've also seen a lot of ill people(intoxicated/under the influence of drugs?) near bus stops too.

Once I almost got mugged in a VTA train station, by two teenagers. Thankfully I escaped the situation on arrival of an elderly couple in time.

Like always I understand these people aren't there by choice and might have their own reason for why things turned out that way. Can anybody give a socio economic perspective on why these people are like this in a first world rich country like the US?

Also the more I learn about the American culture, the more I realize the only change I see between India and the US is the infrastructure, everything else, all other problems seem to be the same. We are not so different after all.

rubiquity 2 days ago 0 replies      
Why hasn't this submission title been renamed to be less link baity? His status as a "bro" is irrelevant.
doki_pen 2 days ago 0 replies      
"we live in a free market society" "AH! GOVERNMENT! PLEASE SAVE ME!!!"

cognitive dissonance is high in that post

nxzero 2 days ago 0 replies      
Irony is that even being homeless is a prefect example of free market economies at work. The homeless exploit access to public/private/natural resources. Until a living wage is a right, those unable to work are given fair housing, etc. - the volume of people becoming homeless will only increase.
yangmaster 2 days ago 1 reply      
I think if he hadn't gone on his moral high-horse and ranted about "free market societies" and "revolutions" he would've avoided much of the controversy. I sympathized with his actual grievances, but not his armchair ranting in the second half of his article.
radikalus 2 days ago 0 replies      
I'm on his side. =\

I think the vilification is comical. Not super impressed with the need to dig into his background to find examples of how much of a "tech bro" he is.

This reads differently if it's not coming from the mouth of a hated-elite.

agentgt 2 days ago 0 replies      
I can't speak for SF's homeless but here in New England it seems the drastic increase in homeless has not really been from gentrification but rather the opioid problem. The disturbing thing is (and yes its anecdotal based on Waltham, MA) it seems to be an increase in younger-not-that-poor-to-start off with people.

I don't want to go back to the ole 80's DARE drug war but I have to wonder if opioid abuse was even mitigated a little or rehab improved what kind of impact that might have on the homeless population.

I guess what do people think is fueling SF's homeless population increase?

nkrisc 2 days ago 1 reply      
Somebody got a zero on their empathy roll.
stegosaurus 2 days ago 0 replies      
The implicit assumption is that if you don't work, hard, you don't get a home.

If you combine that with 'homeless policing', you're then saying that if you don't work hard, you'll be abused by society.

I don't have an answer for this but I dislike euphemisms like 'they prefer this lifestyle'. If you can't work (anyone who understands mental health will realise that "can't" actually is a meaningful word in this context) then you have no other options.

francasso 2 days ago 0 replies      
It has always been a great cause of reflection to me that when reality catches up with us our reaction, most of the time, is denial and refusal. The entrepreneurial spirit should aim at solving the problem. Complaining is not the most creative solution.The mentality according to which "we work hard and we earned the right not to see the pain of homeless people" is just naive. The only thing you earned the right to is what life gave you, and this is true for both sides.
capkutay 2 days ago 0 replies      
People shouldn't confuse this as an opportunity to comment on the government's obvious short-comings to alleviate homelessness and poverty in SF.

This is an appalling, narcissistic rant that attracted scorn towards an entire class of workers from journalists across the world. There should be a strong effort to combat the stereotype that all workers in the tech industry share Justin's lack of empathy and tone-deaf view towards social affairs.

pj_mukh 2 days ago 0 replies      
For the record, when you see someone mentally ill on the street. Do this: http://brokeassstuart.com/blog/2016/02/18/what-to-do-when-so...

Before you write angry (mostly useless) blogs.

gregp4 2 days ago 2 replies      
The second article from a major media outlet about this guy? Yes, he's inconsiderate, but so what? If it were a blog post from a lawyer or school teacher, would the Post or the Guardian have cared? Would we see articles about a "Law Bro?"

The media, collectively, has it in for us. They keep using borderline derogatory labels for us in their articles like "coder" and "techie," and they publish hit pieces like the linked article smearing us as if we were some evil 1%, despite almost none of us making as much as the average dentist.

They are stripping us of what little prestige and respect we once had, and we are just letting them do it. And there's no shortage of programmers willing to argue with you that it's not even happening, and that there's nothing wrong non-technical English majors with an ax to grind attempting to re-brand us "coders" and our profession "coding."

This article (and the comments) are relevant:



erroneousfunk 2 days ago 2 replies      
So this guy went to school, worked hard, and now makes enough money to pay rent and feed himself in one of the most expensive cities in the US. small golf clap

His main fault here is assuming that this also means, while ironically citing free market economics, that he's rich enough to have some sort of right not to see homelessness, mental illness, and poverty, day to day. That's a whole other level of wealth and power right there. Mid-priced (in San Francisco, anyway) restaurant? $20 theater tickets? That gives him some sort of insulating privilege from life? If you're Barack Obama, yes, the intrusion of a drug-addled crazy person bursting past secret service and into the restaurant you're dining in may be cause of serious concern. If you're a Saudi oil merchant, you can pay to stay at and go to places with tighter security, or bring your own. Heck, you can afford move to and work from areas with fewer of these problems in the first place, commuting around on your own private jet, being carefully shuttled from one multi-million dollar private residence to the other.

Your personal wealth doesn't give you the right to see and interact only with people who are within your same circles of success. If you want to start judging the personal success of others, holding yourself above them, and claiming your right to class insularity, there are probably some billionaires out there who would laugh in your face, if they cared enough, which they don't, because they'd rather they didn't see you at all.

return0 2 days ago 0 replies      
I have no idea how things are in SF, but i can see how "the other bros" in SF found a scapegoat to cover up their own indifference to these people. At least this guy complained. Did "the righteous ones" do anythign for the homeless?
samstave 2 days ago 1 reply      
I'm 41, was born in SF and have been living back in the bay area since 97.

In all my years in living in SF, or the bay area at large, I have never once had an altercation or otherwise problem with a homeless person.

In fact, I give them stern talkings to occasionally; Two days ago there was a homeless person on Market whos pants were falling down - I told him very sternly "Pull your pants up" and he did so.

There was a drunk guy wobbling down by the ball park and I commanded him to drink some water and gave him a bottle of water.

I almost always give away any left over food I have to homeless people I pass if I have left a restaurant.

I've told homeless people to not pee on certain places etc...

I have found when you interact with them in a straightforward way, and dont act fearful or contemptuously of them - they are just people who have a shitty support system (gov and people included) - but they still need a bit of direction.

duairc 2 days ago 1 reply      
Okay, I think we can all agree this guy is an asshole, and surely doesn't represent the views of most techies in San Francisco, right?

Obviously it's fucked that so many people are homeless in San Francisco. Everybody blames us (techies with loads of money) for the homeless problem because we gentrifying the shit out of the place with all our money. And then this guy comes out and says this shit, and that only reinforces the narrative that we're the problem. And that's shit for us.

But why don't we do something about it? We don't want to be seen as the cause of the homeless problem, and surely we don't want assholes like this speaking for us. But people are right that we are rich compares to most people. Why not use this as an opportunity to show people that we can be part of the solution? Being rich doesn't have to make us evil, and anyway what's the point of being rich if we can't use our wealth to help the people who need it?

And it's not just our wealth: what about our skills? Take Homes Not Jails, for example. They're one organisation off the top of my head that does work that directly houses homeless people. They're renowned by squatters all over the world for the work they do to get homes for homeless people in San Francisco. But I just checked, and it looks like their website (http://homesnotjailssf.org/) is down? Surely one of us techies could get in contact with them and offer to help fix their website, or even just pay their hosting costs and domain name renewal for a few years? I've been involved in organisations like that and that kind of stuff can be a real hassle.

I'm sure there are countless grassroots organisations like this that are already working to help homeless people that probably don't even have proper websites and shit, that desperately need money. Fuck this guy, it's not worth wasting our time arguing over his stupid words. Let's show people that he doesn't represent us with our actions!

lfender6445 2 days ago 0 replies      
its amazing to me that with all the money and talent in the bay area, that noone has made progressive efforts in solving some of the problems with homelessness and helping others get back on their feet.
huac 2 days ago 0 replies      
a friend of mine who interned in SF last summer has a (satirical, I pray) startup idea: 'uber for harassing homeless people' - just geolocate yourself and your walking route before leaving, and a team will clear the homeless and from your path

again, I hope he was joking but honestly probably wasn't - I fear this lackadaisical 'tech can solve all of MY problems' attitude is prevalent (we should also consider how we can solve the problems of others)

jdlyga 2 days ago 0 replies      
This is something you won't hear in New York. There's a lot of homeless shelters, and the people you see on the street tend to be kind of nuts.
asadlionpk 2 days ago 0 replies      
Relevant tweet (by myself after visiting SF) San Francisco: Billionaires inside the building, disrupting the world.Homeless sleeping outside in the cold.
convexfunction 2 days ago 1 reply      
"Bro" is an interesting word. At this point it seems to be broad enough to just mean "outgroup"; apply to any context as needed.
NumberCruncher 2 days ago 0 replies      
This thread sounds like people living in sodosopa blaming Kenny for beeing poor. Tanks god for not being a part of it! Go Redskins!
carapace 2 days ago 0 replies      
I'm from San Francisco. I grew up here and I've lived here most of my life.

After high school, for about four and a half years, I was homeless.

I'm really good at programming computers, if it wasn't for that I might be homeless still.

I had emotional and social problems that I've been able to overcome. I'm one of the lucky ones. Many of the people I knew are dead, but in this age of instant connectivity and paranoia about surveillance I'll never know the fates of most my friends. We might as well be a lost tribe, uncontacted in the primeval forest. Except of course, that we weren't lost. Our lives played out in the same great concrete jungle/stage that yours does. Very few people wanted to find us.

That brings up an important thing, and this is as good a place to say it as any.

From the utmost bottom of my heart: Thank you.

To all those who gave of themselves and helped a random, smelly, weird homeless kid who you'll never see again, THANK YOU. I owe you my life. If it wasn't for the people who live the truth of our inherent connection with each other, who are moved by compassion and empathy to help selflessly, without asking for anything in return, I would certainly be dead, or worse: homeless and crazy in San Francisco. (heh heh)

I'll never cease from helping everyone around me so long as I draw breath because I owe the world my life.

If you have not been as fortunate as I have then here is the reason why you should do the same anyway:

We are one.

That homeless person there? That's YOU.

She's your mother, he's your father, that guy mumbling and shitting over there, he's your own son.

This is both metaphysical and very physical and real. The idea that we are separate individuals who can cordon off the parts of the world that we don't like is not real, not true. It's a "category one" error.

Here's a secret I learned on the street: The single most horrible sin we commit daily is to pass by a homeless person without acknowledging that person's humanity.

It's a monstrous crime.

You feel it every time, deep down, and it hurts, right there in your very soul.

It hurts.

There's nothing you can do or say, no ration argument you can make, that can obviate that bond. Nothing breaks it. As long as you draw breath you are owned and owed, one of us. Truly there are no individuals, to think so is fantasy, to live it, nightmare.

It seems like you grow callous but you don't, not really. Down under all that other B.S., not even that deep really, you feel it still. To turn away from another is like killing a part of yourself.

Homelessness is a symptom of a sick society. It's not the city government's problem, it's the whole city's problem, indeed the whole nation, the whole planet. We have emotional scars that prevent us from forming a coherent response to the situation (that's the only way so much money could be spent and have so little effect on the problem.) The issue isn't a matter of money (we have SO MUCH) it's a matter of spirit.

The individual homeless people would disappear as if by magic if we could just get our minds aligned with our hearts, because there is plenty of actual help and resources.

The very essence of the homelessness problem is that we, as a society, have to "break ourselves" and become humble. That's the only way for us to be vulnerable enough to reach out and heal the psychic and spiritual wounds at the root of it. An example: Try to imagine D. Trump manning a homeless food serving line. He's wearing an apron and spooning out hearty soup to people and he really gets it. What doea THAT do for your noggin?

P.S. Bonus campfire story: Here's hoping YOU never get, like, schizophrenia or something and wind up homeless yourself. It could happen. One of the scariest things that can happen to you is to get to know a few homeless people who were once JUST LIKE YOU! Mwoooo-hahhahahaha! Homelessness is something that only ever happens to someone else. Right? Nothing so tragic could ever happen to YOU to break you down and leave YOU shambling and covered in your own mess in a city full of people who don't care. Of course not, you're a good person. Homeless never happens to good people. That wouldn't make sense, would it? That wouldn't be fair. We all know the world is a fair place, right?

Let's talk about something else.

doki_pen 2 days ago 0 replies      
We should create a place were we can put them all so we don't have to see them! Let's call it, a ghetto! </sarcasm>
whybroke 2 days ago 1 reply      
From the posts here I can see that Justin's mentality is not remotely unique.

Anyone thinking of moving to SF should simply be shown this thread so they can see what kind of people they will be around all day.

Hey Washington Post, why not write an article about this site. Start with this thread.

Here's a winner https://news.ycombinator.com/item?id=11127645 I hope I'm not oppressing him by linking to it)

ryandamm 2 days ago 1 reply      
Let's cut through the nonsense, and say what we're really talking about explicitly, and out loud: Is homelessness our responsibility, or not?

Some comments here use a lot of words to essentially say they don't feel any collective duty to help homeless people. Fine, if that's what you believe. But I'd ask you say that loud and clear, stand up and be judged.

Because I believe we collectively have a responsibility to each other, and government is one institution that reflects that responsibility (among its other roles). As a friend once said, simply: "I believe you can judge a society by how it treats its least-fortunate."

Now, the situation in SF is special; yes, it's got mild weather and a decent social safety net (by US standards, not European), which makes it a destination of sorts. But this is also why Justin K addressed his post to the wrong people: this isn't an SF issue, it's a state and national issue. And it's an issue that's heavily entangled with substance abuse and mental illness.[1]

And it's only made worse by bad behavior and bad politics. For example, Nevada bused mentally ill homeless people to SF (often without medication or any contact person):


The reason California in particular has such a large population of mentally ill homeless people is thanks to a few extra years of Reagan, who famously shuttered all the mental hospitals in California while governor (before defunding initiatives for mental health care and research at the federal level as president):


So, do you think this is all of our problems, or somehow this is an example of individual responsibility? I venture how you feel about that question is probably heavily correlated with whether you think success in business is a product of pure hard work, or if there's a contribution from luck and civil institutions. And this isn't some low-stakes game of political philosophizing; the policies that have exacerbated homelessness in SF and California in general are rooted in the same political philosophy that motivated this short-sighted, self-centered, fundamentally heartless post. Politics matter.

In other words: if you think like Justin that SF is 'ruined' for you by problems of homelessness, and the city should do more to fix it... then you're simply not thinking hard enough, and not taking responsibility for your role as a citizen of San Francisco, California, the US, and the world.

And as a Bay Area native and SF resident for 10 years, I'd kindly ask you to leave, or at least stop writing stupid things publicly, and leave the debate over difficult civil and social issues to people who are more thoughtful and compassionate -- a couple of core San Franciscan values that I particularly treasure.

[1] "Almost two out of three respondents (63%) reported one or multiple disabling conditions." from here: http://www.sfgov3.org/modules/showdocument.aspx?documentid=4...

hardwaresofton 2 days ago 0 replies      
My bet is that lots of people think like this (with similar levels of selfishness and narcissism), but wouldn't dare say it in a public forum.

Also, can people just move out of SF? I don't care which group it is (tech, or the people who have been displaced directly or indirectly by tech), but it seems like at least one group needs to just move out.

asgfoi 2 days ago 0 replies      
Don't touch the Rolex.
ndkdjdjd 2 days ago 0 replies      
While I agree that what he wrote was very insensitive and naive, aside from condescending him and the "tech bros" the article completely undermines the fact that there is indeed a major homeless problem in SF. Having lived in many major cities I can attest that I have not seen anything quite like it.
firstworldman 2 days ago 0 replies      
The solution to homelessness is compassion. Frankly, it's outright disturbing how complacent we have become with homelessness in our culture. The problem isn't that these people abuse drugs or alcohol, or that their mental health goes untreated -- the problem is that they don't have homes. And that is a very bad thing for anyone to endure. People should not let that happen to other people.

The other issues also need to be treated. Those are comparatively complex issues... Homelessness is, by comparison, not complex. Put people in houses. As evidenced by examples in Utah (and apparently Canada too, about which I was unaware until this thread), this is the fiscally smart move. The smart move and the right move aren't always in alignment, so this should be a no-brainer.

There are likely no homeless people who actually prefer to be homeless. There are people whose lives have been so massively changed by their circumstances that adjusting to a more comfortable housing situation might take some adjustment, and probably some therapy, assistance, and monitoring.

The sticker shock of doing this is what seems to keep it from getting fixed at once, as it's apparently much easier to periodically ask for money to develop ineffective piecemeal solutions.

The letter to Ed Lee reads like a parody. It will doubtless be forgotten, but I hope that's not the case. It should be one of a few artifacts used to encapsulate the historic moment we're living in.

'Worst of all, it is unsafe.' Sure, it sucks that it's a safety hazard to area residents. Is that really the worst part though? If you think the worst part of the homeless crisis is that it makes you and your well-to-do neighbors unsafe, you should probably ask yourself what exactly makes you so important.

'My girlfriend was terrified and myself and many people ran out of the theater.' I can't judge anyone for what scares them, and sure, the incident sounds like it would have been a surprise... But this guy makes it sound like an actual monster came into the theater and ran everyone out. A homeless person came in and did something that interrupted the film. Things like this will occasionally happen in a city that has a terrible homeless problem. Justin Keller's reaction is everything you need to know that he doesn't have the emotional or psychological maturity necessary to process homelessness as an issue separate from the effect it has on himself.

San Francisco is a city rich with ideas and capital, but I don't know how you can incentivize tech-community participation in solving this crisis. I keep thinking that we've reached peak obliviousness, and then something like this letter comes along, and frankly I didn't expect to find so many people here basically affirming the sentiments. I really worry that this is how a sizable portion of SF's tech community feels, whether they admit to it or not.

donpark 2 days ago 0 replies      
It's not about who is right nor his right to express his opinion but what leads to better system.You can be right yet be toxic at the same time.Truth can kill. Lies can heal.Timing and situation matters. Ignore and suffer.
anonDuck 2 days ago 0 replies      
I thought Reno and other cities were also dumping a lot of homeless to sf. They had a bus pack of homeless sent to us. They purposely do that to get rip off their homeless on street. That's pretty fuck up
Uptrenda 2 days ago 0 replies      
To the people of SF, I am writing to you today to voice my concerns and outrage over the cities' increasing homeless and drug problem. I've been living among you in SF for over three years now, and without a doubt this is the worst it has ever been. Every day, on my way to, and from work, I see people sprawled across the sidewalk amongst crude tent cities that reek of urine, the signs of addiction etched clearly into their faces. This city is ... rotting ... worst of all, it is unsafe.

To highlight how bad the problem has become: just yesterday I was out walking in the streets when two homeless men began to harass me for cigarettes and coin. Of course - not being obliged to share either the men proceeded to become irate and things escalated into a pushing and shoving altercation.

Yet another time, when I was leaving Tadich Grill in the cities' financial district - a distraught, and clearly high man was standing right in front of the restaurant, yelling and screaming about cocaine. He even attempted to pull his pants down to show his genitalia before the police finally arrested him.

I may be able to tolerate the foul smelling clothes, the colorful language, and the general indecency - but what I cannot stand is having to watch as the city I once loved is destroyed by human rif-raf. It has honestly gotten to the point where I can't even enjoy a movie without being harassed and no one seems to care.

But I'm not going to let them continue to flood our streets with crime and human filth. If nobody wants to help solve this problem then I'll do everything myself, and I think I know the perfect way to do it. I have all the tools I need at my disposal. Bitcoin will provide the means to secure resources and onion routing will cover my tracks. The problem is: I need access to a vast dataset to track the exact where-abouts of the cities' homeless population so that I can identify and eliminate them - which is where you come in.

I need everyone who reads this to install my app and tag where you last saw a homeless person. If everyone in SF uses this app I'll be able to produce a real-time map of all the homeless in the city (and as we know - homeless people can't afford phones so the data will even out.) This is phase 1. Phase 2 requires a little explanation. In phase 2 a network of weaponized drones will be controlled remotely and used to eliminate the homeless problem. Since this will obviously cause public outcry -- it is paramount that the operators of these drones aren't arrested. Fortunately, the app also creates an onion-based meshnet that allows the drones to be controlled with low-latency from any point in the city -- and you can't arrest an entire city for using an app so you will all have plausible deniability.

This plan might seem drastic but we no longer have a choice. The residents of this amazing city no longer feel safe, and I know people are frustrated about gentrification happening in the city, but the reality is: we live in a free market society. The wealthy working people have earned their right to live in this city. They went out, got an education, worked hard, and earned it. I shouldnt have to worry about being accosted. I shouldnt have to see the pain, struggle, and despair of homeless people to and from my way to work every day. I want my parents when they come to visit to have a great experience, and enjoy this special place.

The city needs to tackle this problem head on because it can no longer ignore it and let people do whatever they want. It is a very difficult and complex situation, but somehow during Super Bowl, almost all of the homeless and riff raff seem to up and vanish. Im willing to bet that was not a coincidence. Money and political pressure can make a difference. So it is time to start making progress ourselves, or we as citizens will make a change in leadership and elect people who can.

Democracy is not the last stop in politics. In-fact, the order of progression according to Socrates via Plato in the Republic goes: timocracy, oligarchy, democracy, and finally tyranny. Socrates argues that a society will decay and pass through each government in succession, eventually becoming a tyranny.

The greater my city, the greater the individual.

Welcome to the revolution.

HelpingHand30 2 days ago 1 reply      
Our startup (launching this spring) helps struggling homeless relocate to SF. We charter buses and assist homeless men & women in moving out of terrible conditions (often colder cities) so they can start fresh in the Bay Area. Our goal is to transplant 100 homeless by the end of this year!

We think SF is ideal due to the culture, weather, and resources. We also believe that an influx of homeless can assist in lowering property value/home prices which is much necessary in SF.

pj_mukh 2 days ago 5 replies      
Any data to back this up? Can't really go on anecdotal stories or EMS accounts (who only see emergency situations by design).
FussyZeus 2 days ago 4 replies      
I wonder if this was s stunt to get attention on his company? This seems so cartoonish, I mean you could picture wealthy people thinking this way but to me it almost seems too insensitive.

Maybe a publicity stunt that backfired a little.

On the other hand maybe he is so sheltered as to think this is an actual problem he's helping solve...

artmageddon 2 days ago 2 replies      
It qualifies for a number of reasons:

-HN also covers stories about the human side of technology

-The story is happening in SF, which is very close to Silicon Valley

-The vitriol being spewed is coming from a member of a tech startup

It's quite appropriate on this forum.

ZFS is the FS for Containers in Ubuntu 16.04 dustinkirkland.com
277 points by doener  2 days ago   276 comments top 25
brendangregg 2 days ago 3 replies      
This is great news, and we're already using ZFS in production on Ubuntu in a few areas at Netflix (not widespread yet).

Ubuntu 16.04 also comes with enhanced BPF, the new Linux tracing & programming framework that is builtin to the kernel, and is a huge leap forward for Linux tracing. Eg, we can start using tools like these: https://github.com/iovisor/bcc#tracing

ThePhysicist 2 days ago 4 replies      
ZFS is nice but as far as I understand the Linux version does not yet have support for copy-on-write clones using e.g. "cp --reflink=always", which to me was reason enough to choose BTRFS instead. Apart from this the two systems seem to be quite comparable (from my limited user perspective), with BTRFS having quite good Linux support as well. Maybe someone more experienced with the COW functionality could comment on that as it would be very interesting to hear how other people deal with this.
baldfat 2 days ago 9 replies      
I don't understand why BTRFS isn't gaining more support in Linux. I prefer BTRFS to ZFS with Fuse.
melted 2 days ago 2 replies      
Apple should replace the abomination that is HFS+. They almost did a few years ago, but pulled the code at the last moment.
mark_l_watson 2 days ago 4 replies      
Sorry in advance if this is a stupid question: my main Linux system is a laptop with a small SSD drive. I would like to organize my entire digital life on a 2 TB external USB drive, and be able to maintain a clone of everything on at least one other 2 TB USB drive.

Is ZFS the right tool for this?

nisa 2 days ago 1 reply      
Let's see how this works out. It's probably better and more stable than btrfs but this is not complicated...

ZFS on Linux had issues with ARC (especially fast reclaim) and some deadlocks and AFAIK cgroups are not really supported - e.g. blkio throttling does not work.

Would be great is they got this ironed out but I would be wary. Still great news!

shmerl 2 days ago 1 reply      
OpenZFS, not ZFS. Those are different beasts now.
heavenlyhash 2 days ago 2 replies      
This is great news. Among other incentives, ZFS has some truly excellent features for improving reliability. ZFS's built-in checksums, for example, can result in much happier stories during the onset of disk failures: where a RAID array can quietly return incorrect sector contents without noticing, and be unable to correctly differentiate between the correct and not-so-correct sectors in the event of disk loss followed by disagreements discovered during rebuilds, ZFS simply does the right thing by making checks during normal operations, and uses the same checks to confidently do the right thing during recovery. And snapshotting. Oh, snapshotting.

On the other hand, I've always wished we could get a modern re-take on ZFS. As anyone who's tried it will tell you: dedup in ZFS essentially doesn't work. ZFS, internally, is not built on content-addressable storage (or, it is, but since splitting of large files into blocks doesn't take any special actions to make similar blocks align perfectly, it doesn't have anywhere near the punch that it should). As a result, dedup operations that should be constant-time and zero memory overhead... aren't. Amazing though ZFS is, we've learned a lot about designing distributed and CAS storage since that groundwork was laid in ZFS. A new system that gets this right at heart would be monumental.

Transporting snapshots (e.g. to other systems for backups... or to "resume" them (think pairing with CRIU containers)) could similarly be so much more powerful if only ZFS (or subsequent systems) can get content-addressable right on the same level that e.g. git does. `zfs send` can transport snapshots across the network to other storage pools -- amazing, right? It even has an incremental mode -- magic! In theory, this should be just like `git push` and `git fetch`: I should even be able to have, say n=3 machines, and have them all push snapshots of their filesystems to each other, and it should all dedup, right? And yet... as far as I can tell [1], the entire system is a footgun. Many operations break the ability receive incremental updates; if you thought you could make things topology agnostic... Mmm, may the force be with you.

[1] https://gist.github.com/heavenlyhash/109b0b18df65579b498b -- These were my research notes on what kind of snapshot operations work, how they transport, etc. If you try to build anything using zfs send/recv, you may find these useful... and if anyone can find a shuffle of these commands with better outcomes I'd love to hear about it of course :)

e40 2 days ago 1 reply      
Anyone know of Red Hat has plans to include it in default installations?
wstrange 2 days ago 3 replies      
Oracle could put this whole legal wrangling to rest by changing the license to GPL.

I am dreaming I suppose.

weitzj 2 days ago 3 replies      
And what about machines without ECC RAM? I thought this is the idea for using ZFS in the first place.Or is the ECC "requirement" only important for raidz?
dekhn 2 days ago 1 reply      
I'm a conservative user, so I don't change my filesystem until my preferred distribution (Ubuntu) supports installing an FS to the root with a provided, supported kernel module. This is a huge deal for me; I will probably install a new FS on my main file server and move from ext4 to zfs.
acd 2 days ago 0 replies      
ZFS is great, happy its included in Ubuntu 16.04 by default.
obelisk_ 2 days ago 1 reply      
Anyone know if this applies for Lubuntu as well? I use Lubuntu on my rencently bought new desktop for the default of LXDE. I intend to upgrade my desktop on which I put Lubuntu 15.10 (I bought a computer without OS so as not to pay the Windows tax) to Lubuntu 16.04 because I understand it'll be based on LXQt, the successor to LXDE (and it's not a matter of newer is better -- I am a fan of Qt) and also because I think Lubuntu 16.04 will be an LTS release and I've been very happy with the stability of Lubuntu 14.04 LTS which my previous main computer was and is running.
jgworks 2 days ago 1 reply      
Does this include a fix for this bug?


ansible 2 days ago 2 replies      
Huh, well that's interesting news.

I'm currently setting up a couple servers using LXC with btrfs.

I ending up choosing LXC (as opposed to LXD, docker, rkt, etc.) because I wanted something relatively straight-forward. I just wanted some containers I could create, log in to and configure.

If this was a bigger deployment, I'd take the time to use docker or something else. But for now, just being able to get going quickly is nice. For backup / failover, I can btrfs send / receive the containers to another host and start them there.

sengork 2 days ago 0 replies      
I wonder how this would work under shared storage model for container clusters (eg. Mesos). NFS does not cut it for all use cases (eg. DBs).
wmf 2 days ago 2 replies      
This post only mentions LXD. Will ZFS be used for Docker?
satbyy 2 days ago 1 reply      
For those who missed it, Debian Project Leader Neil McGovern gives details [1] about how licensing issues were resolved so that ZFS can be in Debian now. It is distributed as source-only dkms module.

[1]: http://blog.halon.org.uk/2016/01/on-zfs-in-debian/

jpgvm 2 days ago 2 replies      
Shame how most of the conversation devolved into licensing rubbish. Almost none of us are qualified to speak on that, leave it to the lawyers - which I assure you Canonical did too.

With that out of the way, ZFS is by far and away the best filesystem for container workloads. Hopefully we will get deeper quota and I/O throttling support soon.

I have been using ZoL in production for many years now thanks mostly to the work of Brian Behelendorf and Richard Yao. So if you find yourselves here thanks for all the work you have put into making ZoL awesome.

anilgulecha 2 days ago 4 replies      
This can be game-changing for the NAS/SAN industry.

I'm surprised their lawyers gave an OK, where FSF, SFLC and friends have given a thumbs down. If their interpretation is good, suddenly the large AIX/Solaris dominated storage boxes open up to a LOT of ubuntu-based/ubuntu-derived competition.

Exciting times..

robbyt 2 days ago 5 replies      
How is this possible, legally? Based on my basic understanding of the ZFS license, it's not possible to legally distribute ZFS and GPL code (linux kernel) together.
davexunit 2 days ago 4 replies      
Sorry to be a downer folks, but Canonical is violating GPLv2 by merging ZFS into their kernel tree. The CDDL and GPL are incompatible.


mikegerwitz 2 days ago 3 replies      
There's a number of licensing comments here. Linking with CDDL modules is explicitly mentioned by the FSF:


I'm not going to comment further on any implications of Debian/Ubuntu's decisions, since IANAL.

dkarapetyan 2 days ago 0 replies      
Ubuntu is always slightly behind and slightly ahead of the curve. Why are they digging their heels in with lxd when docker and rkt make so much more sense?
How Meditation Changes the Brain and Body well.blogs.nytimes.com
341 points by prostoalex  1 day ago   193 comments top 34
westoncb 1 day ago 10 replies      
I've had serious anxiety issues and meditation has been the only thing to help significantly. I've spent ~1.5 hours/day meditating for the past six months or so, and I've studied meditation literature pretty seriously for about the past year.

At least in my caseand I think this isn't so unusualthere is a steep learning curve: for most people there's just not enough reason to stick with it. That said, at this point I can hardly imagine something more worthwhile. After acquiring some facility with it, my everyday experience with life feels more substantialmore 'real.' There's a kind of energy, curiosity, and enthusiasm that now often presents itself which I hadn't seen in a long timemaybe since I was ~22 or so (I'm 30 now). I also feel way less need to do things like smoke/drink, and have a restored sense of smell and taste. If you've felt like the world's turned grey at some point, give it a try.

This is my favorite source of info on the subjectvery substantial content, yet light and even entertaining at times: https://www.youtube.com/watch?v=FEw2mHpVv9A

personjerry 1 day ago 4 replies      
For those of you who consider meditation a bunch of mumbo-jumbo, I get it, for I felt (and sometimes still feel) the same way. But let me try to phrase meditation in the terms I understand it as.

We often find ourselves in stressful or difficult situations, we are constantly bombarded by external worries, and we think it is difficult to deal with our problems. However, no matter how big external issues are, the way that we ultimately interpret these problems is up to our mind. At times we might find a dark joke about death incredibly funny, and at other times it may make us cry. Meditation takes a break from dealing with these interpretations of the world for a moment (instead concentrating on something basic like breathing) and in doing so, gives us a way to acknowledge the fact that our interpretations of the world are all in our head. So even if we can't extend full control over them, these thoughts and feelings are still ours and we might have some influence over them, and it turns out even briefly having this feeling can affect your mind in the long term.

A side effect of meditating is that you might learn to replicate the sense of "stepping outside the situation" even outside of meditation, allowing you to relax and consider the big picture rationally in intense moments in which you might've been originally felt too caught up "in the moment".

glossyscr 1 day ago 4 replies      
First time I meditated was one month ago. 20 Minutes. It was a pain, doing nothing, just breathing, keeping focus on your breath and body. I was suffering every second, doing nothing, having no thoughts, no mind wandering. It was so hard and awfully boring. Once finished I went back to my Macbook welcoming me with an open Facebook tab from my last session. My first thought:

I didn't do that shit for 20 minutes to be now on Facebookand closed the tab.

AnthonBerg 1 day ago 1 reply      
Meditation didn't "click" for me for a long time because it wasn't ... aggressive enough.

A friend taught me this: Sit or lie still. Burn your body with a white-hot fire, starting at your toes. Incinerate yourself. Visualize intense fire with a child's pure unfettered imagination. Let that fire burn your body slowly, creeping up inch by inch with its quiet impersonal anger. When your body has burnt up, the fire quiets down and the weightless ash blows away. Then you open your eyes.

This worked for me - I felt it! - and opened up meditation for me. I have since had very good success with the Headspace app, for instance.

Another important thought for me was "Meditation is watching your thoughts go by like the bubbles in a glass of champagne."

Overall, in a nutshell, what meditation has done for me is: There is more of what should be. There is less of what shouldn't be.

erdojo 1 day ago 9 replies      
There is also a growing body of evidence that for some people mindfulness and meditation can cause intense and lasting anxiety and exacerbate depression. (Just one of several recent stories on the subject: http://www.theguardian.com/lifeandstyle/2016/jan/23/is-mindf...)

That has been my experience. I've done meditation retreats and the like. I do find it slows down my mind, but can also surface things that frankly I'm perfectly happy to leave under the surface.

I also don't believe every trauma or internal struggle can be answered or managed, or should be at a given time. Sometimes the best sanity-preservation mode is to ignore it until enough time has passed when we have the mental tools to face it. Mindfulness and meditation both make it hard to bury stuff til you're ready to mentally dig it up. Perhaps day-to-day stress benefits most from it.

I think it's a great idea for some people and I can see the attraction. But I also get tired of people suggesting it to me.

Massage on the other hand...that's like miracle medicine.

achow 1 day ago 1 reply      
The original research paper from Sci-Hub: http://sci-hub.io/10.1016/j.biopsych.2016.01.008

For those who are not aware of Sci-Hub:

Setting knowledge free: Sci-Hub is The Pirate Bay for research papers http://www.digitaltrends.com/cool-tech/Sci-hub-research-pira...

stevenkovar 1 day ago 2 replies      
For those who "don't have time" or find it difficult to get into a mindful state while doing meditation: try it while performing some sort of routine task (something we do on 'autopilot').

 During a drive or commute While you play a video game or sport When you're cleaning your house
If you experience a side-thought like the clichd, "did I leave the stove on?" answer it ("no, I surely didn't") or eliminate it ("I don't remember, but I'll find out when I get home") and move on to the next thought. Eventually you'll run out of these side-thoughts.

Some people find it helpful to run through Maslow's Hierarchy as a guide for this mental checklist: (https://en.wikipedia.org/wiki/Maslow%27s_hierarchy_of_needs)

It might take a few tries, or maybe many, to run through this subconscious checklist of side-thoughts, but the goal is to run out of them. Then you're left to yourself, no side-thoughts to distract you.

This, in itself, can be worrisome because many people aren't comfortable with what it feels like to "just be," so hack your discomfort by creating another checklist: how does this make me feel physically? Is this state of mind stressful to me? What would it feel like if it wasn't? How would it look if I were the kind of person who handled this particular stress easily?

Point is, don't rush it.

Give it several tries. You probably need more repetitions to consciously break down your own checklist of thoughts.

Much of meditation's benefit (to myself) is in learning to handle decisions and worries as they happen, and removing them from my checklist of things to meditate over when I actually do take the time to meditate later in the day. Most things people worry over don't matter.

Hopefully my lens helps someone.

hellofunk 1 day ago 5 replies      
I often hear people say, "hm, I'll go meditate on that..." Or a guy I know who says he meditates on his ideas for his art. But actually, that is the complete opposite of what meditation is supposed to be. When properly meditating, the goal is to not concentrate or think about anything.

I just point this out because the basics of what meditation actually is are widely misunderstood by most Westerners -- and even some I met in Asia.

CuriouslyC 1 day ago 1 reply      
Just a small note, you don't have to do nothing to practice mindfulness, I do it all the time while driving, walking, or doing anything that I have on "autopilot". All you need to do is be non-reactive; when you experience something (including a spontaneous thought), stop your mind from automatically pulling up associated thoughts and memories.

I find it helpful to remember that the sentient fraction of matter in the universe is vanishingly small, so your ability to experience is truly a blessing. Mindfulness occurs almost by accident if you just focus on savouring your experiences.

rsaarelm 1 day ago 1 reply      
I really liked the recent book The Mind Illuminated by John Yates as a basic meditation guide. Goes from the basics to advanced concentration, has detailed practice instructions for each stage, and is grounded in cognitive science with basically zero mysticism in the mix. An earlier short article http://dharmatreasure.org/wp-content/uploads/LightOnMeditati... describes the same 10-stage model the book is about.
glossyscr 1 day ago 5 replies      
Meditation is a work-around only.

As written in another post: I started one month ago and then I was frequently meditating with Headspace (which is awesome btw).

While meditation helped me to go through hard times it never solved the underlying problem. It's like taking painkillers without addressing the real cause. I solved the real underlying problem few days ago and I feel like god again.

lettergram 1 day ago 0 replies      
None of this really surprises, a lot of what meditation is, is controlling stress and focus. By learning to control those, everything from the different chemicals released in your body to the actual neural structures can change.

My startup is actually working on something very similar called neurofeedback[1]. Which is very similar to meditation, in that we help users better control the subprocess of their mind. It's not perfect, but it actually helps significantly with people with epilepsy manage seizures (by helping them realize when it is going to happen)[2].

Other conditions, specifically ADHD and anxiety have also been shown to be treatable (to a degree) using this treatment[2]. Treatment using neurofeedback for depression has also been shown to be better than placebo[3].

Unfortunately, there is limited research funds to study this, and there really should be more. My startup is gearing up to do trials shortly, hopefully to make this treatment more available.


[1] http://synaptitude.me/blog/neurofeedback-in-200-words/

[2] http://synaptitude.me/blog/literature-overview-of-using-neur...

[3] http://www.karger.com/Article/Abstract/322290

stronghead 1 day ago 0 replies      
Try this cool app: http://www.calm.com/ I also enjoiy using another app called Pause, developed by Monument Valley team.
raldu 1 day ago 1 reply      
It is very surprising that researchers could measure changes just after three days!

One alarming detail about the article, however is the mention of "dose", which I think reflects the general Western, mainstream attitude to meditation. Mindfulness and meditation is being perceived as a tool of "relaxation", "reducing stress", dealing with anxiety, and so on. And it might be because of being "marketed" as such.

However, although meditation can in fact help you deal with stress and make you more relaxed, reducing it just to "benefits" is missing the point. After all, it is actually "you" who is dealing with stress, being more relaxed, etc.

Meditation is about paying attention to your thoughts without anyjudgment, experiencing your immediate thoughts and feelings directly,facing yourself, gently watching your unpleasant feelings, thoughts,memories and embracing them with all their both unpleasantness andpleasant joy. In the end, you get more and more in touch with yourselfand the reality, and become more alert, observant, thoughtful, compassionate, etc.

And that actually makes it a practice of not running away from stress, anxiety, sorrow, but in contrast, facing all that with a gentle attitude.

Finally, it is a constant and long-term practice, not something like a "pill" with "doses" to deal with whatever "symptoms".

awl130 1 day ago 0 replies      
2009: 1 hr

2010: 30 min

2011-2014: 10 min

2015-present: 0-10 min

these are my daily averages. i have one rule: before I go to bed, I must assume the lotus position on the floor in front of my bed.

2015 was particularly a challenging year for me (startup problems), and it was all i could do to even assume the lotus position for a second. so for much of 2015 i really didn't meditate, which was ironically when i probably needed it the most. such is my life.

it takes around 4 minutes for me to reach what i call stage 1. this is when all the normal chatter in your mind ceases and your breathing is synced (i've also noticed that it takes around 40 breaths, which is roughly 4 min, so sometimes for shits and giggles i just count to 40). after much trial and error i've noticed i don't even need to do anything; it's the mere passage of 4 minutes that gets me to stage 1.

thereafter is when the real effort begins. it is a constant effort to reach what i call stage 2, or what i consider the beginning of true mindfulness, which means you are neither thinking of the past nor the future. i would say i only enter stage 2 at seconds at a time, only to fall out again into stage 1 (usually by an intruding thought, and that thought is usually "oh, i've got it!").

to be honest, i don't know what the effects have been for me. i seriously don't feel any different. anyway, how are we to separate the effects of meditation with the normal process of maturation or aging? am i getting calmer because of meditation or because i am getting older?

i take it on faith. faith in data and science. our personal experience with meditation cannot be the guide with which we measure it's effectiveness, because subjective experience is exactly that. i liken it to flossing. i floss my teeth every day but still have worse gum recession than those who do not. my periodontist and dentist chalk it up to genetics, because that is the best they can conjecture based on the current science. we can measure flossing easily; without a brain scanner in our basement we cannot so measure effects of meditation. so from the research i take it on faith that the effects must be beneficial on my brain.

Tharkun 1 day ago 2 replies      
If you're looking for a low-entry start to meditation, Headspace is a great little app. It starts off easy, with 10 10 minute guided sessions.
fibo 1 day ago 1 reply      
There is much more than meditation, there are many excercises you can do to feel better, to "connect with your soul".

It is a matter of practice, same as for sport. If you go only one time at gym, you will not get so much results.

It would be ideal to meditate twice a day, 20 minutes. If you can move your energy from one chackra to another it is even better. You can also think of chackras as your gland system, it doesn't matter if it sounds crazy for you we have 7 whirls of energy in our (physical) body, if it makes you feel good, it is ok.

In my personal experience I found that meditation is healthy, so I recommend it. However keep in mind that there is much more than meditation, which is just the first step.

ca98am79 1 day ago 0 replies      
I have/had pretty bad panic disorder. There were times I panicked all night and didn't sleep at all. I also wouldn't leave the house, and ended up at the emergency room a few times. I tried therapy, medication, etc.. Meditation is the only thing that worked. It has really helped me in many other ways, also.

In case no one else has recommended it yet - I highly recommend a 10-day Vipassana meditation course: https://www.dhamma.org

They are free and not affiliated with any religious organization. But be warned - it isn't easy! I like to call it "meditation boot camp." It breaks you down, but you grow and learn from the experience. It really is one thing you can try that can have a significant impact on your life and change its course. It is a unique experience - you can't read or write or speak for 10 days.

orasis 1 day ago 1 reply      
So I wrote a super geeky meditation timer that predicts your mood and learns how long you should meditate:

Guru:Smart Meditation Timerhttps://appsto.re/us/ukUP-.i

amelius 1 day ago 1 reply      
Does anybody here have experience with a meditation headset? (I.e., biofeedback device for the brain
alexmak 1 day ago 0 replies      
I've done various meditation practices in the past, but found this one to be the most effective: http://www.ishafoundation.org/us/ishakriya/learn-online/

It's a little different from other practices, in that it is more "active" (you'll see what I mean) than just sitting there and watching your breath. It takes just 15 minutes once you learn it, and the sense of peace and focus I have after doing it for several months is incredible.

pat_space 1 day ago 0 replies      
For anyone looking for a data-driven example, check out Wim Hof. This article does a good job of explaining his method at a high level. http://highexistence.com/the-wim-hof-method-revealed-how-to-...
vinayakg 1 day ago 0 replies      
I have been practicing Heartfulness mediation for quite sometime and have got immensely benefitted by it. It offers a simple and practical way to learn relaxation and heart based meditation.Anyone willing to try can go and check http://en-in.heartfulness.org/experience-heartfulness or try the iOS/Android app.
crusso 1 day ago 0 replies      
Sam Harris' Waking Up presents a non-woo-woo look at meditation. His background as a neuroscientist really gave the subject the scientific perspective that I appreciate. https://www.samharris.org/waking-up
qwtel 1 day ago 0 replies      
Having just doubled my workout routine I'm quite impressed how working out changes the brain and body.
Dowwie 1 day ago 0 replies      
David Levy, a Stanford computer science PHD that worked at Xerox PARC research for decades before moving to academia is now a thought leader in the field of "Mindful Tech", a different way to interact with technology. I am reading his new book about it and find it valuable.
SeeDave 1 day ago 0 replies      
I like to meditate on the bus on my way into the office. I have noticed a significant increase in my ability to "get things done" when stressed as well as my ability to take in sights and sounds.

I highly encourage everyone to start meditating.

agumonkey 1 day ago 1 reply      
I don't know how unrelated it is but I found playing polyrythmic percussions (4 limbs involved, doesn't have to be loud) often lead to a zen state. Dealing with many different parallel momentums and abstracting over them as one just massage your brain.
Avshalom 1 day ago 0 replies      
to paraphase myself:

I mean sure, yeah, but...


so does walking in nature, poverty, cocaine, testosterone, inactivity, porn, drugs, focus, menstruation, Alzheimer's, cellphones, the Internet, The Knowledge, programming, football...

changing it's structure is how the brain reacts to basically any regular stimulus. Thats how it works.

Also n=35, t=3days seems insufficient to rule out any sort of confounding factors.

z3t4 1 day ago 0 replies      
I find working out or playing computer games meditating as I can completely let my thoughts go.
qkhhly 1 day ago 2 replies      
While meditation may be helpful in managing stress and other aspects, I am skeptical that it will work if you just meditated for three days.
perseusprime11 1 day ago 0 replies      
You guys should try the Headspace App. Really useful for me.
0xdeadbeefbabe 1 day ago 0 replies      
When I don't meditate in the morning I try to make up for it by meditating in the car. One day I was meditating in the car trying to drive mindfully, trying to feel each bump and notice what my body was doing. While I was driving 25 in a 25 zone a toddler wandered out into the street in front of me. I'm glad I was paying attention.
alanwatts 1 day ago 0 replies      
For anyone interested, here are some of the resources I used to learn about mindfulness:



Jan Koum: I couldn't agree more with everything [Apple] said facebook.com
253 points by envy2  3 days ago   73 comments top 13
gry 3 days ago 2 replies      
Jan Koum is a WhatsApp co-founder. WhatsApp is notable, I think, in this debate specifically because WhatsApp partnered with Moxie's Open Whisper Systems for end-to-end encryption.


dclowd9901 2 days ago 1 reply      
It's gotta be so frustrating. Here's this little thing that could answer all your questions, maybe. If you could just open it, you could easily solve many mysteries. And the only people who can help won't.

I don't envy the job of law enforcement. It must feel like at times that everyone is standing in your way. But where does it stop?

If only we could track everyone all the time...

If only we could watch everyone in their homes all the time...

If only we could open everyone's safes whenever we needed to...

Yes, you could solve many mysteries with all of the keys. But it's not your information. You're not owed it. No one is owed the answer to any question.

I hope law enforcement understands someday what a destructive request they've made, but I'm guessing like anything else addictive, that one taste will just lead to more.

ryanSrich 3 days ago 4 replies      
I really respect Jan. I saw him talk at Startup School a few years ago and what really impressed me was his non-traditional path to becoming a tech billionaire. He had a long career at Yahoo! before founding WhatsApp. He's a role model we should be looking at. Not young college kids who can dupe old investors into giving them millions for vaporware.

It's also important that he's speaking out in opposition to these government tactics. Hopefully Zuckerberg will follow suit but if history tells us anything it's that Facebook is rather compliant and doesn't take security seriously.

redthrow 3 days ago 1 reply      
WhatsApp doesn't seem very secure:

As of December 1, 2015, WhatsApp has a score of 2 out of 7 points on the Electronic Frontier Foundation's secure messaging scorecard. It has received points for having communications encrypted in transit and having completed an independent security audit. It is missing points because communications are not encrypted with a key the provider doesn't have access to, users can't verify contacts' identities, past messages are not secure if the encryption keys are stolen, the code is not open to independent review, and the security design is not properly documented


akerro 2 days ago 1 reply      
Why should I trust a company that works with NSA and makes money on information about me to protect my privacy and "fight" government. I see his post as nothing more than PR move - "we're the good guys" - before we find out that they cooperated with agencies. Am I alone in this opinion?
zepto 3 days ago 5 replies      
Will Google step forward too?
meerita 2 days ago 1 reply      
Imagine if Donald Trump reaches the White House what would happen. I bet an scenario of much more hardcore surveillance.
philip142au 2 days ago 0 replies      
and Microsoft said?
envy2 3 days ago 0 replies      
Jan Koum is WhatsApp's co-founder and current CEO, and a Facebook board member. I had this in the original title but it seems to have gotten removedsorry!
munchbunny 3 days ago 1 reply      
I noticed several people asking, and was wondering myself: Jan Koum is one of the WhatsApp cofounders.
wesleytodd 3 days ago 1 reply      
Is this someone I should know about?
pbasista 3 days ago 4 replies      
What is suspicious about this Cook's statement is that he was able to publish it. I believe this kind of government requests is usually made with a strong non-disclosure agreement with severe consequences if disclosed. So, either the consequences were not that bad or Apple has chosen to ignore them for the good cause.

Or ... something "fishy" is going on and this article is just a bait by Apple to let its customers believe they do care about privacy ... while in reality the situation might be entirely different. And the "best" thing is that ordinary people will never know for sure, because with Apple's proprietary software philosophy, there is no way to tell.

suprgeek 3 days ago 0 replies      
This specific encryption debate is THE TURNING POINT around this debate.

The NSA has [most likely] found a way to penetrate Apple/Google/MS/FB for specific targets i.e. they can get the info on any specific person/group covertly. The attack surface is just too large - TAO, Zero-Days, Insider threats, Financial threats, etc. The problem with that is things like needing "Parallel Construction [1]" to legally prosecute.

What the FBI is now doing is using a recent horrible tragedy to force SV companies to establish a precedent. Make no mistake, this has been long time coming. The Feds want to set a precedent both legal and 'cultural'. Ultimately Apple might cave, but the fact that they are raising a stink is very good news. Time for other heavyweights to join the chorus.

[1] http://thefreethoughtproject.com/parallel-construction-law-e...

Google and Red Hat announce cloud-based scalable file servers googlecloudplatform.blogspot.com
224 points by Sami_Lehtinen  2 days ago   78 comments top 20
justinclift 2 days ago 3 replies      

Ex-GlusterFS person here (used to work at Red Hat on the project side, leaving mid last year).

"Small file access", and "lots of files in a directory" have been a pain point with GlusterFS for ages. The 3.7.0 release had some important improvements in it, specificially designed to help fix that:


The latest Gluster release is 3.7.8 (the same series as 3.7.0), and is worth looking at if you're needing a good distributed file system. If you have something like 1Mill files in a single directory though... hrmmm... NFS or other technologies might still be a better idea. ;)

gamegod 2 days ago 4 replies      
I worked with a GlusterFS deployment in production about 2 years ago, and it was such a nightmare that I both feel compelled to write about it and never touch anything made by that team ever again.

It was the whole shebang: Kernel panics, inconsistent views, data loss, very slow performance, split-brain problems all the time. Our set up IIRC was very simple: two bricks in a replicated volume. It worked so poorly that we had to take it out of production. Some of our experience can be explained by GlusterFS performing poorly under network partitions, but nothing could justify kernel panics. It blew my mind that Redhat acquired that company and product.

Edit: I hope there's been a big improvement to the reliability and performance of GlusterFS. Can anyone with more recent experience running it in production comment?

pilif 2 days ago 2 replies      
Last time I tried GlusterFS was in 2012. The way it worked was very impressive back then and I would have loved to actually put it into production.

Unfortunately, I hit a roadblock in relation to enumeration of huge directories: Even with just 5K files in a directory, performance started to drop really badly to the point where enumerating a directory containing 10K files would take longer than 5 minutes.

Yes. You're not supposed to store many files in a directory, but this was about giving third parties FTP upload access for product pictures and I can't possibly ask them to follow any schema for file and folder naming. These people want a directory to put stuff to with their GUI FTP client and they want their client to be able to not upload files if the target already exists. So having all files in one directory was a huge improvement UX-wise.

So in the end, I had to move to nfs on top of drbd to provide shared backend storage. Enumerating 20K files over NFS still isn't fast but completes within 2 seconds instead of more than 5 minutes.

Of course, now that we're talking about GlusterFS, I wonder whether this has been fixed since?

goodcjw2 2 days ago 2 replies      
Basically, GlusterFS is trying to solve a hard problem: make distributed/remote filesystem to feel like a local filesystem for applications built on top of it. For the client, you can choose from NFS, SMB or its homemake fuse client, which makes the remote system accessible as if everything is on local file system. I used to build similar systems in house and find it extremely painful to design and maintain, we did lots of custom hacks to make our system to suit our need. GlusterFS, as a general solution, won't have that much flexibility and may or may not suit your custom needs.

Overall, I feel AWS S3 is a better (or at least simpler) approach. Just acknowledge that files are not locally stored and use them as is. AWS is experimenting EFS as well, which we found not as desirable as well.

Edit: I am not saying that you cannot make GlusterFS or EFS perform great. My appoint it that it's hard to do so, and might not worth the effort to develop such a system given that S3 can serve most needs of distributed file storage.

prohor 2 days ago 3 replies      
I'm not sure what is announced here. Gluster FS is for few years already (version 3.6 now), while the article doesn't mention that there is started any managed service based on it. It is more like reminder that you can set up distributed file system on your cloud servers using Gluster. Not even any step-by-step tutorial how to do that.
thrownaway2424 2 days ago 3 replies      
I see that the GlusterFS FAQ says it is fully POSIX compliant. That's a pretty good trick. Ten years ago or so I had a suite of compliance tests I would use to embarrass salesmen from iBrix and Panasas. The only actually POSIX-compliant distributed filesystem I could find in those days was Lustre (unrelated to Gluster, despite the naming). Lustre works well but it almost impossible to install and operate.
Nux 2 days ago 0 replies      
Gluster is not for the faint of heart, but as far as distributed filesystems go it's probably the easiest to set up and deal with.

We've been using it in production for a few years now and having a single namespace that can basically grow ad infinitum has been pretty neat.

If you want a trouble free Gluster experience stay away from MANY small files and replicated volumes.

chatmasta 2 days ago 1 reply      
I needed a shared volume across multiple EC2 instances in a VPC. My use case is that multiple "ingress" boxes write files to the shared volume, and then a single "worker" box processes those files. This is a somewhat unusual use case in that it means one box is responsible for 99% of IO heavy operations, and the other boxes are responsible only for writing to the volume, with no latency requirements.

My solution was to mount an EBS on the "worker box," along with an NFS server. Each "ingress box" runs an NFS client that connects to the server via its internal VPC IP address, and mounts the NFS volume to a local directory. It works wonderfully. In three months of running this setup, I've had no downtime or issues, not even minor ones. Granted I don't need any kind of extreme I/O performance, so I haven't measured it, but this system took less than an hour to setup and fit my needs perfectly.

cgarrigue 2 days ago 1 reply      
It's a bit light for a press release. Considering RedHat is officially promoting AWS on their website, providing more information to let people know whether the offering on Google Cloud will be better or similar would have been better.
objectivefs 2 days ago 0 replies      
If you are looking for a POSIX compatible file system for GCE or EC2, we think our ObjectiveFS[1] is the easiest way to get started and use. It is a log structured filesystem using GCS or S3 for backend storage and with a ZFS like interface to manage your filesystems.

[1] https://objectivefs.com

jqueryin 2 days ago 0 replies      
Before reading the article, I was going to ask if it solves the "high read access of many small files" I/O problem, but alas, it's on GlusterFS, so only insomuch as Gluster has been making improvements these last few minor releases.

Is anyone here running a GlusterFS setup with high read/write volume on small files successfully? If so, what's your secret?

godzillabrennus 2 days ago 0 replies      
Glad to see Gluster is still making waves. I was an early customer. It's impressive when a brand survives acquisition much less a transition into a new type of offering like this. Kudos to everyone who helped make Gluster special!
melted 2 days ago 1 reply      
I wonder why they even did this. They already have a state of the art distributed filesystem (Colossus) which doesn't have any scalability problems at all, since they use it for everything.


profeta 2 days ago 0 replies      
you can see why google is such a good marketing company. None of the links in the article is not to their own products.

So, here is the link to the star of the show: https://www.redhat.com/en/technologies/storage/gluster

amelius 2 days ago 0 replies      
I'm wondering if there exist better (simpler) solutions than GlusterFS for the case where files are strictly write-once.
jpgvm 2 days ago 0 replies      
GlusterFS is basically synonymous with pain. Use at your own peril.
stevenking86 2 days ago 0 replies      
secopdev 2 days ago 1 reply      
cdnsteve 2 days ago 5 replies      
File storage in 2016? Why not just use S3? If file storage even a problem anymore?
Judge Rules FBI Must Reveal Malware It Used to Hack Over 1,000 Computers vice.com
209 points by 56k  16 hours ago   69 comments top 7
boosting6889 11 hours ago 6 replies      
The Justice Department contends that the act of viewing a child porn image revictimizes the child each time the view occurs and is the basis for arguing that viewing child porn is not a victimless crime. Yet the FBI seized a server and allows such images to be downloaded and viewed thousands of times over a 2 week period. This would be like seizing the operators of an underground rape dungeon where patrons pay to rape children - and allowing such an establishment to run for 2 extra weeks to catch the patrons, regardless of any collateral damage that occurs to innocent children as a result. People would be up in arms over this. So, does viewing an image of child porn cause additional harm to the child in the image or not? Which is it? (This of course excludes instances where the viewer is paying/supporting production of the material)
moyix 8 hours ago 1 reply      
Unless this is different from the shellcode they used when taking down Freedom Hosting, I'm not sure what releasing it would do. There are already numerous analyses of the code:

- Vlad Tsyrklevich: http://tsyrklevich.net/tbb_payload.txt

- Gareth Owenson: http://owenson.me/fbi-tor-malware-analysis/

- My own analysis based on running it in PANDA: https://www.reddit.com/r/ReverseEngineering/comments/1jpln2/... you can also get the recording of the shellcode executing and step through it here: http://www.rrshare.org/detail/26/ )

It's not big, and we have a pretty good idea what every piece of it does.

Of course, I suppose we don't know that the malware it used in this case is the same as the one in the Freedom Hosting case, so I guess it would be nice to compare and contrast them.

spdustin 14 hours ago 4 replies      
Imagine a later hardline: "FBI Ordered to Reveal the Code Used to Backdoor San Bernadino Suspect's Phone"
bpicolo 11 hours ago 1 reply      
"Sure, here it is compiled to assembly and stripped of all comments." is sort of what I'd expect
Shivetya 14 hours ago 1 reply      
I am more concerned that there is no limits to what they can do in regards to a honeypot (trap/etc). You would think child porn would be one thing they would not go this far with.

Regardless, I think someone with expertise should be allowed to review any code developed by the government in such operations only to ensure it does not somehow violate the rights of innocents

singletonaccnt 14 hours ago 5 replies      
So the headline uses the word "pedophiles", but in the article the word is nowhere to be found. Maybe that's because this sting isn't necessarily about pedophiles, but about people watching and trading child pornography. Using "pedophiles" only serves to reinforce the stigma of a already heavily stigmatized minority.

The word "pedophile" should be defined as someone with a sexual attraction towards children. It doesn't describe behavior: people can choose to not act on the attraction, and many, invisible as they are, in fact do not. Also, the people operating and visiting that hidden service could have had other reasons for visiting. They are not necessarily all pedophiles.

ikeboy 13 hours ago 1 reply      
An introduction to IPFS medium.com
261 points by bergie  1 day ago   51 comments top 10
joepie91_ 1 day ago 10 replies      
So, the same question and point of criticism that I've brought up in past discussions about IPFS, and that so far has not yet been sufficiently answered by anybody:

The claim is that IPFS could replace HTTP, the web, and so on. The only thing I see, however, is a distributed filesystem, which is only one part of the puzzle. Real-world applications require backend systems with access control, mutable data, certain information being kept secret, and so on - something that seems fundamentally at odds with the design of IPFS.

How would IPFS cover all of these cases? As it stands, it essentially looks to me like a Tahoe-LAFS variant that's more tailored towards large networks - but for it to "replace HTTP", it will have to not only cover every existing HTTP usecase, but also do so without introducing significant complexity for developers.

Seriously, I'd like to see an answer to this, regardless of whether it's a practical solution or a remark along the lines of "this isn't possible". I'm getting fairly tired of the hype around IPFS, with seemingly none of its users understanding the limitations or how it fits (or doesn't fit) into existing workflows. I can't really take it seriously until I see technical arguments.

matthewbauer 1 day ago 3 replies      
I really like that IPFS is trying to change the way we think about the internet and HTTP. That being said, I'm very skeptical of a lot of the design choices. It seems like it's just trying to incorporate a lot of the latest buzzword technologies without any real consideration why. I get that blockchain, Git, BitTorrent are all powerful but that doesn't mean that mixing them all together into IPFS is going to be useful. Most likely it will end in a sort of internet Frankenstein's monster: overly complicated and lacking real benefits over traditional HTTP, FTP, and the rest.

My biggest concern is that in the end IPFS isn't even really "permanent" in the way I understand it. Objects added to IPFS still need someone to in a sense "seed" them for that content to be available. What advantages does that give over just hosting the internet over static torrents?

kodablah 1 day ago 0 replies      
One of the things I am most looking forward to is the abstraction into libp2p[1]. I am wanting to try out my own ideas but I don't want to hassle w/ building my own Kademlia DHT or NAT traversal.

1 - https://github.com/ipfs/specs/tree/master/libp2p

ThrustVectoring 1 day ago 2 replies      
>It is left as an exercise to the reader to think about why its impossible to have cycles in this graph.

This was funny. Suppose you wanted to build a node that linked to itself. You'd have to find a fixed point in the combination of functions that adds other data to the link and hashes it. Finding a fixed point of a hashing function is hard.

filearts 1 day ago 2 replies      
What I didn't see answered in the article was how content is discovered.

The only way we are able to productively use git is because there is a convention to have some state in a non content-addressable location (.git/refs, .git/HEAD, etc...).

Saying that IPFS could replace the web means either: 1) Introducing shared mutable state; or 2) full knowledge of everything on the network.

I'm guessing that the existing web is what provides that layer right now. Is there any work going on for novel IPFS-based content discovery mechanisms?

Another thought: Given the content-addressable, immutable nature of this graph, how does one discover that a new version of something is available without a central authority? How could we discover the tip of a blockchain with IPFS alone?

Sami_Lehtinen 13 hours ago 1 reply      
Just pointing out that GNUnet and Freenet both allow pretty much similar feature set. I've studied both extensively, and after checking out IPFS, I don't get what's new. Except all the 'hype' around it, which is generally something which I as tech nerd dislike. Another problem with distributed solutions is often performance, some tasks just become surprisingly expensive.
beagle3 1 day ago 1 reply      
"Private", as opposed to the "public" IPFS , but essentially the same ideas: https://camlistore.org/ from Brad Fitzpatrick of livejournal fame
_prometheus 1 day ago 0 replies      
Thanks very much to Christian and John for writing a much needed detailed article :)

Some more links for people to check out:

## (upcoming) IPLD "merkleized JSON" format:

- improves upon our basic format to make it much more pleasant to build things on top of ipfs.

- JSON meets CBOR meets Merkle-linking

- mini-spec: https://github.com/ipfs/specs/blob/master/merkledag/ipld.md

## answers to some common questions i've read on this page:

- content model / replication: https://github.com/ipfs/faq/issues/47

- how resolution works: https://github.com/ipfs/faq/issues/48#issuecomment-152917088

- how IPNS / mutable linking works: https://github.com/ipfs/faq/issues/16

- this is a very poor answer, sorry, i'll write up a post or paper on it.

- for now if interested, see the QConf slides below, specifically slides ~110 to ~130 -- the DNS, IPRS, SFS/Mazieres linking, IPNS parts.

## These repos have interesting "lab notebook" style discussions:

- https://github.com/ipfs/notes/issues

- https://github.com/ipfs/apps/issues

## deep dive talk at stanford:

- video: https://www.youtube.com/watch?v=HUVmypx9HGI

- slides: lmk if you want them, i'll pdf them up

## talk at ethereum's devcon1 covering blockchain uses

- video: https://www.youtube.com/watch?v=ewpIi1y_KDc

- slides (interesting bits start at slide ~70): https://ipfs.io/ipfs/QmUgRq7QfmRbPw5kXqwSs1TRtPDBXMoDNiYwJQg...

## talk at qconf sf (similar to above)

- in this talk i discuss a bunch of datastructure stuff, including using IPFS for PKI, for arbitrary dns-like records, for name systems, for CRDTs, and so on.

- unfort video will be released in march: https://qconsf.com/video-schedule

- slides (intersting bits starts at slide 80): https://ipfs.io/ipfs/QmPpYmdSEKspjgXxVyGK9UMHV54fKZS8MwJjppg...

symlinkk 1 day ago 1 reply      
Probably a dumb question but how does this compare to http://storj.io/?
nickysielicki 1 day ago 0 replies      
The graph to describe the directory is a misprint, right?

"testing 123\n" isn't anywhere, and "Hello World" (and its hash) is pictured twice. I'm sure that the testing.txt arrow should just be pointing to a node with a different hash and content.

Yahoo is shutting down about half of its content verticals capitalnewyork.com
214 points by coloneltcb  3 days ago   188 comments top 23
snorrah 3 days ago 14 replies      
What the fuck is a content vertical?
smegel 3 days ago 8 replies      
This might be the first good move Yahoo has made since Mayer took over.

I can't think of a better example of a company that needs to shed worthless baggage and focus on high value propositions.

And I am gobsmacked Yahoo has not at least made an attempt at a real social network. They have hundreds of millions of users, at the point they are in giving all their users an automatic account on Yahoo Social might be a dick move, but it's time start taking risks and see what unfolds.

jharohit 2 days ago 0 replies      
Quite happy to see the "content verticals" being scrapped (food, travel,etc.) and retained (news, finance, fantasy sports,etc), respectively, are exactly amongst those I had summarized with a product analysis of Yahoo 2 years ago (I was hoping to get a job in Yahoo's product team - which I didn't). As in my analysis, I think it's a great start but there are still a LOT more products that can be dropped while some of the strong ones boosted. Here is the product analysis - https://medium.com/@jharohit/a-new-yahoo-part-1-5b9288595635...
AznHisoka 3 days ago 11 replies      
What about Yahoo Answers? I hate seeing their results show up in the top 3 when I do a Google search. They're always low quality and not useful.
jorgecurio 3 days ago 5 replies      
Let's just recap what happened to Yahoo since Marissa took over:

- wasn't able to turn the company around

- wasn't able to monetize tumblr

- wasn't able to capitalize on Alibaba shares

- wasn't able to deliver return to investors

- was able to parachute out of Yahoo with hundred million dollars+

Someone tell me, what CEO out there actually does anything that justifies their insane pay grade because often it looks like someone just waving a baton thinking he/she's a conductor despite how much the orchestra sucks.

Maybe if it actually began investing what it paid out to a revolving door of CEOs looking to make a cool hundred million dollars....just then Yahoo will be a stock worth buying.

dfar1 3 days ago 2 replies      
"We know you come to Yahoo because of our distinct voice and unique blend of original content, aggregation and personalization."

That made me lol. They should just keep their gossip columns (half the news on the front-page). The comments on those articles are always entertaining.

batmansmk 3 days ago 2 replies      
The name Mayer is not present in that article. That's definitely PR for the investors. Maybe to prepare a transition?
inesf 2 days ago 0 replies      
I'd say this is an unavoidable decision. Look into the stock price of Yahoo Inc. on Yahoo Finance, you will find out Yahoo should specialize its business/ contents a long time ago. If you set the range from 2000 to 2016, you will find a great drop there!


tn13 3 days ago 0 replies      
I guess a lot of Yahoo! employees will now be in mood to leave the company and this means a lot for other companies in bay area.
Laaw 3 days ago 1 reply      
Hope they don't axe their fantasy offerings, I much prefer their site to the other options for my fantasy football.
mbritton72 3 days ago 2 replies      
Guess I should pull down all my Flickr images and back them up.
kafkaesq 3 days ago 1 reply      
By the time anything is thought of a "content vertical" it's pretty much past its time, on autopilot editorially-wise, and generally worth disregarding anyway.
sandymcm 2 days ago 0 replies      
I love that the goodbye memo from Dan Tynan is an advertisement for his talented team. Classy.
crackpotbaker 2 days ago 1 reply      
I'm interpreting that the moment when Yahoo started falling apart was when they fired their whole vowpal wabbit team.

If you can't value the state-of-the-art research being done in your labs, then you don't really value a thing.

PhasmaFelis 3 days ago 2 replies      
I can never figure out what it is Yahoo _does_. Their original core business (search) was demolished by Google many years ago. Their website looks exactly like any of a thousand different sketchy, clickbaity news aggregators, and all of the couple dozen "content verticals" in their sidebar are the same thing, only focused on a specific topics. They've also got a few services that other companies do substantially better (Mail, Weather, Flickr...) The only thing I see that's really relevant is Tumblr, which I hadn't even known was owned by Yahoo.

Is that what Yahoo is these days? Clickbait news and Tumblr? How are they still regarded as a major tech company?

cphoover 2 days ago 0 replies      
"vertical" might be the douchiest corporate speak word I know of.
known 2 days ago 0 replies      
Copy/Compete; Yahoo is doing neither;
SatoshiRoberts 3 days ago 1 reply      
Will fantasy football get cut soon?
minimaxir 3 days ago 2 replies      
Better title: "Yahoo is shutting down about half of its content verticals"
glibgil 3 days ago 0 replies      
OedipusRex 3 days ago 1 reply      
Does anyone have concrete evidence that Tumblr didn't get axed? I don't think the article said anything about it, unless that falls under "lifestyle".
cant_kant 3 days ago 3 replies      
Yahoo has digital magazines ?

Why would a search company have junk like that ?

How much other worthless baggage do they have ?

vidoc 3 days ago 0 replies      
> David Pogue is one of a kind the most gifted tech reviewer on the planet, and easily the most entertaining.

Wanted to LOL at this as the other time, i watched one of the 'life hacking' shows of this moron, and he demonstrated how to find out whether an egg is hard-boiled ... by spinning it...

Technical interview performance is kind of arbitrary interviewing.io
256 points by leeny  3 days ago   235 comments top 32
brightball 3 days ago 6 replies      
With programmers, the single easiest way to identify good candidates (in my experience) is sheer interest in what they do / desire to learn. This is a learn everyday field and if you're interested in what you're doing, you're going to do a lot better at it. It's hard to apply yourself mentally to something that you don't have a good level of interest in. Given that it's a learn everyday field, people with that level of interest will realistically be able to learn anything they need to do solve the problem you're hiring them to solve.

The only real differentiating factor is your tolerance for ramp up time. I expect a programmer to be able to pick up a new language or database within a couple of weeks (tops) in most cases. If I'm hiring full time, that's something I'll tolerate. If I'm hiring a contractor, I'm going to be uneasy about paying high hourly rates for him to learn the job.

The single most effective way that I've found to interview for "interest" is to just get them talking about something they've done before and ask them to go deep into the details. You get everything you need from watching somebody talk, with a smile on their face, about how they solved some problem in a creative way that makes them show some pride. Doesn't really matter what the problem was, if it was a business problem, code problem or hardware problem. The important thing is the level of attention to detail in addressing it.

I've been using this technique for about 8 years now and while I don't make it the exclusive criteria for hiring, every person I've ever hired who has passed that part has ended up in my "great hire" category.

staunch 3 days ago 2 replies      
Most interviewers don't ask enough technical questions to have any idea what a candidate knows or doesn't know. If their one or two questions happen to be something the candidate knows well, they'll call them a genius. If they happen to not know, they'll label them an idiot.

You can learn a lot more from 20+ rapid fire questions than forcing a candidate to eek out an answer to something they're not familiar with. And once you establish the areas they're familiar with, you can ask them truly useful questions.

The key is to look for people who have strengths and not worry at all about gaps in their knowledge. Anyone who has earned genuine expertise in one area will be able to do so in other areas.

The other big mistake most interviews make is forgetting about the "Curse of knowledge" https://en.wikipedia.org/wiki/Curse_of_knowledge

I've seen people research the answer to a question before an interview and then expect candidates to be equally informed without that advantage.

senekerim 3 days ago 2 replies      
I have been to lots of interviews, on both sides of the table. I find most interviewers unprepared to evaluate the person for the role, and instead exercise their own biases, stroke their egos, etc. It's largely a voodoo practice that we'll look back and laugh at as a civilization at some point..
maxaf 3 days ago 12 replies      
Take home tests FTW. The thinking goes as follows:

1. If the candidate can't be bothered to complete a 2-4 hour (depending on claimed seniority) code test in the language of their choice, we can't be bothered to talk to them.

2. If the candidate does reasonably well by completing the code test somewhat on time (with a fat margin allowed for them, well, having a life) and within parameters of the task, they're invited for a mostly non-technical onsite meet-and-greet.

3. During the meet-and-greet we make sure that the candidate isn't an axe murderer, is able to hold a quasi-technical conversation, and that both sides aren't immediately scared of each other.

4. The meet-and-greet can also include some low-key architecture discussion. Any nerds worth their salt will be able to conduct this line of questioning without making it obvious that an interview is taking place. Hopefully this isn't a critical step, as a good take-home code test will require the candidate to spend a little time designing or architecting their solution.

After the above has taken place, it should be pretty clear whether the candidate in question is a fit or not. Note that this process is by design missing the useless traditional CS questioning component, contrived problem solving exercises, or a whiteboard code beatdown.

marknutter 3 days ago 1 reply      
Technical interviews are a form of hazing. Engineers often suffer from imposter syndrome, especially during an interview. Those who have already been hazed and accepted to the club will turn around and put potential candidates through the same humiliating process. And what's worse is that demonstrating you have superior capabilities in one area or another can be seen as a threat to the interviewer and they may give you a thumbs down based purely on their own insecurities. What ends up happening is that, just like in college fraternities, is that everyone ends up being similar, both culturally and in terms of abilities.

If I had it my way I would do away with the interview process altogether and do something more akin to an internship. Potential employees could start their engagement with a company by working (for pay, mind you) on a very limited basis to solve actual problems that need solving (i.e. "write an algorithm that's 10% more efficient", "create a tooltip that's aware of the viewport in React", etc). Based on their output their engagement could be ramped up until they are brought on as a full time employee. That way it ends up being completely merit based. You can either solve these problems or you can't. And whether or not they ultimately end up becoming an employee doesn't end up mattering because both parties are compensated along the way.

This would obviously put the burden on the company to boil its problems down into smaller, isolated efforts but that's something all companies should be trying to do anyways. In the end, they just want some code written that will end up solving some problem for their customer.

rjzzleep 3 days ago 0 replies      
Constantly confused by this, so much arguing back and forth, and yet the single easiest way to deal with this is a stripped down real world problem and then giving it to a whole bunch of different candidates. Some people adopt this some people don't some people argue that it's meaningless, and go back to the standard silly interview patterns of algorithm questions and meaningless complex fizzbuzz alternatives.

tptacek summarized this in his hiring post:


My personal conclusion is that most companies don't want this for two reasons:

1. culture fit is more important for people in a rigid hierarchical structure, partly because an out of the box thinker could be dangerous for that structure. too much questioning authority, too much pointing out flaws. It's much easier to have a good worker bee than wondering why you need 40 employees to build an automated gif platform.

2. in most companies everyone is very reluctant to make decisions. for example management struggles with clear direction because it opens them up to the question of liability. if they make a decision and it's wrong they might get fired. HR works the same way, if HR passes a resume along they want it to hit a list of keywords, so they can cover their asses if he turns out to be a bad hire.

Basically everyone is so scared to make a mistake that they make a lot more mistakes trying to avoid them.

The opening of the cracking the coding interview she talks about how they don't really care about false positives and negatives, they just want those to stay below a certain threshold. But consider the hiring scale of google compared to a small company and suddenly those things matter.

One bad hire can be toxic. And basing your hiring strategy on something a huge behemoth with infinite money does is kind of silly imho

richardwhiuk 3 days ago 1 reply      
Isn't this exactly what you'd expect? e.g. if get a random cohort of developers who all of their peers would say are amazing, if I subject them to a series of tests, they will do differently well at the different tests?

For example, so I set a test where you have to write some Java, if half the candidates haven't written any Java, they'd all surely do worse on the test than the other half?

Or is their a belief in the industry that there's some scale on which we can absolutely rank all developers - front end, back end, full stack, mobile, desktop, embedded? That sounds like a surprising belief which would require extra-ordinary evidence?

mentatseb 3 days ago 1 reply      
The conclusion is misleading due to 2 wrong assumptions:

1. The population is heterogeneous: interviews test different skills. All interviews don't test the same set of skills, which is mandatory to compare interview scores because scores are aggregates of these skill tests. Different job opportunities means different skills to test, so it seems reasonable to assume that people evaluation vary for different job opportunities, and thus their scores vary for different interviews.

2. The observations are not statistically independent: past interviews may influence future interviews. People may get better at passing interviews or conducting interviews over time. This would impact their score. It would be good to study the evolution of individual scores over time.

While (1) should strongly limit the conclusions of the study, the complete analysis may simply be irrelevant because of (2) if the statistical independence of observations is not demonstrated. Sorry guys but this is Statistics 101 introductory course.

Xyik 3 days ago 0 replies      
Not too surprising when you consider there isn't really a standardized guideline and every interviewer asks questions of varying difficulty. Sometimes interviewers don't even ask candidates the same question and tailor them based on the candidate's resume and experiences. I've had interviews as simple as writing a function that outputs if two strings are anagrams, and other interviews that test dynamic programming knowledge and other interviews that tested my knowledge of concurrency. At the end of the day, its luck of the draw which interviewer you get and what questions he decides to ask you.
Gratsby 3 days ago 0 replies      
Technical interviews are silly exercises IMO. You have a multi-month ramp up period and you have all kinds of environment specific things to deal with at just about every employer. Nobody in real life gets asked to program on stage or forced to answer esoteric questions as if your in some sort of math competition.

If you don't have confidence in someone's ability based on their experience and their interview but you did like them, give them a task to accomplish offline. See if their results are anything like your results would be, and bring them in to see how they respond to feedback both negative and positive.

I've seen too many interviews that go along the lines of "How would you rate your Java on a scale of 1-5?" "5" "So how would you fix the problem if your cache hit rate on SomeObscureCommercialProduct went from 94% to 82%?" "Forget that guy. Huge ego. Doesn't know anything."

I did run into one company that had an interesting process for technical validation. They actually hire people for two weeks as contractors and have them work with the team. Then they hold a vote and decide whether to extend an offer.

dms105 3 days ago 1 reply      
The real weaknesses of technical interviews are:

1) They usually just measure the amount of effort a person has put into studying interview questions. Whether or not the ability to do this translates to being a better engineer is debatable.

2) An interviewer almost always exercise some form of personal bias, whether it be educational, personal, etc. This doesn't always show up in written feedback, but the interviewers with stronger personalities usually dominate interview debriefs, and often influence others into hire/no-hire decisions. This is especially prevalent in smaller startups where the process is more informal, things move quickly, and decisions are based more on gut feelings.

grillvogel 3 days ago 1 reply      
technical interviews are a joke. the majority of the time they exist so the interviewer can try to feel smart and subject the interviewee to whatever whimsical problem they found on the internet. how often do you do group coding in a whiteboard in your actual job? at one interview I was criticized for sitting and thinking about a problem for a minute without just blindly jumping into attempting to solve it. also tons of people are great at solving toy interview problems but can't debug their way out of a paper bag.
minimaxir 3 days ago 2 replies      
The headline is "interview performance is kind of arbitrary," but the data solution proposed in the article is "interviewers rate interviewees in a few different dimensions," which is not any less arbitrary.

I appreciate there is an appendix addressing this issue, but it does not absolve the issues the analysis, especially since the appendix uses a "Versus Rating" to justify the statistical accuracy of the system, which is also calculated somewhat arbitrarily (since the Versus Rating is derived from the calculated interview score, wouldn't it be expected that the two have a relationship?)

The fact that the results of the non-arbitrary score are centralized around 3 out of a 4 max (instead of the midpoint of 2) implies a potential flaw or bias in the scale criteria. (The post notes that people who get a 3 typically move forward; maybe selection bias is in play since companies would not interview unskilled people in the first place)

That's not to say that the statistical techniques in the analysis themselves are unimpressive though. I particularly like the use of FontAwesome icons with Plot.ly.

kbd 3 days ago 2 replies      
I had a really bizarre interview recently where, after the initial recruiter phone screen, I was rejected based on an in-person half-hour very simplistic paired coding exercise, only met with one person, and wasn't asked about my (imo very strong) resume once. I must have said something foolish at some point, which is on me, but the point is: interviews can be hit or miss. Fortunately you only need one hit.
mirceal 3 days ago 0 replies      
3 things I search for:

Fundamentals: CS basics. I don't nitpick on details. It's more around if you've heard about it or not and if you could figure out how and when to use it.

Structure: I want to see a structured approach to problem solving. Doesn't matter if your code is perfect. Doesn't matter the programming language you want to use.

Curiosity: You need to be curios about things. Asking the "why".

lostcolony 3 days ago 0 replies      
It may not be arbitrary, but if so it's buried deep in the data.

I've turned down candidates who had impressive technical resumes, who had worked in startups that sold, who had been hired on as consultants at various places, etc, because they were unable to solve simple algorithms in a simple manner, and their code was atrocious. Does this mean they're "bad developers"? No. If we were a consulting firm or a startup they might well be worth it; where the important thing is getting code out the door quickly, and to have something that works, even if it's not easily maintainable. But I was hiring for a position that required someone who would keep solutions simple and maintainable ('craftsmanship' rather than productivity, if you will. Note that the former does not necessarily preclude the latter, but it's the trait that was necessary, and was lacking).

Google optimizes for people with strong algorithmic knowledge. It's debatable whether they need everyone to have that, but certainly, many shops don't. Again, I've hired people with no formal CS background, because most of my job's problems don't require you to have deep algorithmic knowledge (the ones that do we can have others address, or work together on).

We know that people can fail one technical interview, while being radiant in another, and the reality is that what we're looking for, and what others are looking for, are often different. That creates a lot of variance in the data when we compare them.

aprasad91 1 day ago 0 replies      
This is why we at Lytmus believe the most effective way to assess a candidate is to see how they perform on a real work sample. We've built up a virtual machine based platform that allows candidates to showcase their skills in a real development environment with working code cases (web, mobile, data, systems, etc.). Most interviewing methods like algorithmic challenges often only provide signal into a discrete skill that can be acquired through practice, whereas what matters is whether or not you can actually work on real world projects, understand an existing code base and perform on the job as opposed to on an interview coding challenge. Google's SVP of People Ops Laszlo Bock also writes about the ineffectiveness of indirect tests and their weak correlation with on the job performance.
siliconc0w 2 days ago 0 replies      
I dunno - if you look at the data, there are fairly clear clusters of people who are 'probably good' and 'probably not so good'.

'Programming' is necessary but not sufficient for product engineering and that is what most of these interviews are trying to tease out. Good companies will balance out 'programming' with other rounds like 'technical design' or 'pair programming' or even non-technical rounds with business analysts or product to gauge general ability.

kearneyandy 3 days ago 0 replies      
Great post and awesome interactive graph! props

I'm curious about the interviewer community. Specifically things like how are they vetted and how often they come to conduct interviews. It would be cool if there was a community of interviewers for the betterment of the process, but I could see their retention for conducting interviews to only be 1 or 2 before they drop out. I see in the appendix that there are those that do more, but no indication about what percent leave quickly.

A better drinking game might be when a candidate offers a data structure they know nothing about. Would a red-black tree work here? No.. I guess not.

pklausler 3 days ago 2 replies      
I have learned that an (in)ability to program "in the small" correlates very well with an (in)ability to program in the large, and now ask mostly simply questions whose answers are things like one-line Boolean predicates to test for well-defined conditions. It is paradoxically easier for an inept candidate to fake his way through an algorithm design question than it is to fake the coding of a simple test for "determine whether two closed intervals [a,b] and [x,y] overlap each other".
JasonCEC 3 days ago 1 reply      
As a potential candidate, all of the standard complaints ring true - but once you're on the other side of the equation, and need to hire people... your ability to create new interviews is not nearly as wide or as clear as it would seem from the outside.

1) Take home test: OK for performance metrics, bad for "getting to know" the candidate, and terrible for selling the candidate on your company

2) Daylong interview: Expensive, requires interrupting our team, needs a fully planned and well executed itinerary - but is perfect for getting to know someone, getting the feel for their personality and interests, and is the best way to sell someone on the opportunity.

3) Work sample: we usually do this for interns[1] and pair it with a ~1 hour conversation (either before or after, doesn't really matter to us) on what the company is like and what they would be working on. Obviously, work samples suffer from the same deficiencies as a take home test for cultural fit and the like, but it's the best we can do for interns!

[1] https://gastrograph.com/blogs/gastronexus/interviewing-data-...

jorgecurio 3 days ago 0 replies      
Technical interviews are part of why I've moved away from engineering positions. I'm looking at product management jobs thinking that I could use what I learned past 6 years working on a SaaS alone. However, I found the exact same shit, even more technical interview questions that require whiteboard code writing.

There might be some merit to why they are doing this but it's impossible for me to engage companies that discount real world product experience in favor of rote memorization.

So far it's a pretty tough nut to crack, lot of product manager interviewers don't seem to know what they are doing, instead relying on law of large numbers and how great their fucking product is blah blah blah (it isn't).

It's a bit worrying since some companies seem to be hiring product managers for some subjective end goal of an improved product and improved sales....they want one person to take the credit from, and the same person to take all the blame...another huge red flag when managers outright tell you they have no idea what to do so they just get someone else to outsource their thinking.

dudul 3 days ago 4 replies      
In the HN echo chamber, there isn't a day without some blog post/article describing how our interview process is BS, interview is broken, etc.

I don't necessarily dispute this state of affaire, but does anyone know how it compares to other fiels/professions? How about interviewing a lawyer? Or a doctor? Or an account manager? Or a product marketer? Are developers the only one with a "broken" interview process?

LanguageGamer 3 days ago 1 reply      
The problem is, whether or not interview performance is consistent, we still don't know how or when it's correlated with performance if hired, and that's the sort of thing you would need to actually help people making better hiring decisions.

Does interviewing.io have any plans to collect employee performance metrics from companies that hire via their platform? Is that something companies would be willing to cooperate with?

innertracks 3 days ago 0 replies      
Just finished 2nd phone interview (it was somewhat technical) yesterday with a company and an online timed tech test this afternoon. First interview was with an internal recruiter and was non-technical.

I've been impressed. They've been very straight forward regarding tech eval with no trick questions and respectful of time. Their interview process is selling me on the company.

alive2007 3 days ago 0 replies      
Minor question; is it just me or is the "Results of Interview Simulations by Mean Score" a bit difficult to parse? I understand that observing the behavior of any singular cohort involves looking at the endpoints of the cohort's curve at the horizontal line 'x=n', where n is number of simulations you wish to observe (the right point of the curve at x=n is P(fail) of the worst performer in the cohort at n simulations, the left point of the curve at x=n is the P(fail) of the best performer); which is why the gap between endpoints within a singular cohort decreases as n increases. But it seems kind of counterintuitive to observe any other kind of trend -- shouldn't the information be graphed as P(fail) being a function of # of simulations, as opposed to the other way around, seeing as the latter is the independent variable?
uiri 3 days ago 0 replies      
The data seems to show the opposite to me - despite scores being all over the place, the mean is very reliable. When a 2 or lower is considered a fail, those who consistently rate ~2.5 fail about half of their interviews while those who consistently rate ~3.0 fail only 10%. Of course, the probability that a candidate failed an interview approaches 1 as they are subject to more and more interviews. That the test has both false negatives and false positives does not invalidate the test. In fact, that the test is accurate despite the false positives and the false negatives ought to do the opposite. If a single bad interview invalidates a candidate for company A, that doesn't mean that the candidate won't go on to pass all of their interviews with company B.
agentgt 3 days ago 0 replies      
I haven't interviewed in some time but one thing I absolutely hate about technical interviews is "white board" coding.

For some reason white boards intimidate me. I have terrible penmanship and complete lack of planning how much space I need for writing things. Then there is the fact the markers seem to have a hi failure rate when ever I use them.

Perhaps I'm the only one that feels that way. I have even begged some interviewers that I would prefer them just watching me use a laptop but the offer is typically refused. Maybe things have changed now?

fecak 3 days ago 1 reply      
Great post as always Aline. I'd be most curious as to how well anonymity was kept. Did interviewees identify their employers, schools, or any other information that might create bias while in the interview itself?

I've been recruiting for a long time, and I'm rarely shocked about the result of an interview - maybe a few times a year. There are tons of possible explanations for that, and lots of possible explanations for your results as well.

Keep up the great work.

dilemma 3 days ago 0 replies      
The problem with hiring is that hiring decisions are centralized, causing huge workloads for the decision maker. To reduce the load, arbitrary processes and voodoo tests are used, always with the same poor results.

Instead, the team hiring should themselves interview candidates and make decisions on who to hire, because it requires personal knowledge that you can't get from tests.

robodale 3 days ago 0 replies      
Good, because I suck at technical interviews, but built my own SaaS offering (working the corporate job until my customer base is large enough).
macscam 2 days ago 0 replies      
super true, and probably easy to bypass if you're a data viz wiz. It's more burdonsome for web devs who don't have the math / algorithms chops, but I know I have to learn it.
Civilization: 25 years, 33M copies sold, 1B hours played, and 66 versions venturebeat.com
248 points by blammail  2 days ago   188 comments top 33
mattzito 2 days ago 6 replies      
I started playing civilization when I was 12 or 13 (Civilization 1), and still, to this day, the closest thing I have to meditation is playing Civ V.

I travel a decent amount, and one of my great joys is being on a plane without wifi but with inseat power (Civ V on the mac is a ridiculous power hog), and knowing that I've got X hours of civilization to play with no one to bother me.

My strategy isn't great, I have everything set to Random, and I just drop into whatever situation and work it. At the end of a flight, I close that scenario, and rarely pick it back up - I start a new one. And I feel relaxed and my mind is clear. It's amazing.

kinghajj 2 days ago 5 replies      
Nobody else has mentioned this, but something Civ has taught me is how to appreciate realpolitik. Nothing makes it more clear than when you catch yourself having thoughts like:

- "Washington spawned too close for comfort; they're a threat to my peoples' long term security. Annihilate them first."

- "Hmm, the Mayans have some strategically valuable territory..."

- "Hey, the Persians are way back in the Renaissance, while I'm in the modern era, and they have luxuries I need. Let's send a few battleships over there."

ekianjo 2 days ago 6 replies      
I highly prefer Colonization to all the Civilization episodes I have played. Colonization feels more focused, more tangible, and yet still manages to be a great management game with credible threats with multiple parties: natives trying to fight back for their land, other European powers trying to establish successful colonies on their own, and ultimately the royal power you will fight against to secure your Freedom. The tension gets really high, really quick. And there is no "shortcut" you can take to have a technological advance versus your enemies.
ra1n85 2 days ago 2 replies      
Amazing series.

I still recall being able to recount all of the 7 wonders, all of the large Greek city states, and all that other countless historical context that the developers packed into the game that gave me a slight leg up in middle school history class.

And of course I'll encourage my children to play someday. No childhood is complete without having to fight back Gandhi's unrelenting hordes of musketmen with stealth bombers.

dcw303 2 days ago 2 replies      
I came perilously close to failing several university assignments thanks to an unhealthy obsession with original Civ. And I loved every minute of it.

I still play the newer versions now and then, but the original stands out as a paragon of game design. It was grid based, so unit movement was easy with keystrokes. That along with hot keys for everything meant that you could play a complete game without a mouse. This was particularly useful at keeping the endgame speedy. Something that I think is missing in later versions.

phillco 2 days ago 2 replies      
My favorite thing about Civ is that its creator has kept control over it, and continues to evolve it. We'll probably be enjoying a new Civ in 2026. The charm is that it's the same game in many respects parts evolve, but the core remains.

This seems unusual; I can point to several popular 90's games that peaked there and never recovered (Roller Coaster Tycoon, Age of Empires II, and arguably SimCity 4 if you include the early naughts). I wonder why; as a player, the Civ model seems preferable (you always have modern versions and new, but not heretical, variety).

brandnewlow 2 days ago 3 replies      
I've played 1-5 extensively and Civ III is the most fun by far.

Anyone know how I can get Civ III on a Mac?

It's been "not available" here forever: http://www.aspyr.com/games/sid-meiers-civilization-iii-compl...

I've tried playing the Windows version via Parallels but it fails out during load.

marak830 2 days ago 2 replies      
Gods the amount of time i spent on civ.

But didnt that article seem to stop all of a sudden? I checked twice on my phone to see if i missed a more button.

Didnt civ 4 get an award for audio?(and i loved the music on 4, was so disappointed with 5s audio), the article left me with a , meh, what about. . . ! for so many things.

Being only 32 i would imagine a great article to show me things i didnt know.

Sigh. The temptation to play more right now is strong, but i need to get this work done :-)

pella 2 days ago 3 replies      
free & opensource version: http://www.freeciv.org/

web version: https://play.freeciv.org/

domtron_vox 2 days ago 2 replies      
My father still plays civ 1. His windows 94 broke down a number of years ago. He was so sad about not having civ 1 so I set the game up for him in dosbox.
minikites 2 days ago 1 reply      
Civ 2 and Alpha Centauri are still the best balance of simplicity vs fussiness in my opinion. I like Civ 5 quite a lot but there's a lot of fussing about with the resources like horses or oil and there are a lot of edge-case city improvements.
jcadam 2 days ago 3 replies      
Played the original Civilization on an Amiga and have played every release since (including CivNet).

Civilization II was easily the best game in the series. It's sad that Civ V, as pretty as it is, is so freaking horrible.

cmdrfred 2 days ago 0 replies      
In my opinion this is the best game humanity ever managed to design. I've never played anything that I've enjoyed more.
dinosaurs 19 hours ago 0 replies      
The Civ series has always been on my radar as they seem to be quite interesting games. I remember going through the tutorials of either 4 or 5 but I never really got hooked. Not for a lack of trying, but I just didn't know what to do in the games. I always felt like I needed more guidance or something. Are there guides out there to help learn how to play these games? I might try 5 again after reading this!
locusm 2 days ago 1 reply      
The way Civ let you email a multiplayer round was awesome when connectivity was an issue.
jack9 2 days ago 0 replies      
After I graduated to dwarf fortress, I never looked back.
Smircio- 2 days ago 0 replies      
Im still trying to tell myself that the time played clock is because I left it open all night on accident... a few times...I didnt.
presty 2 days ago 0 replies      
Sid Meier's Civilization V

You've Played 786 hours

Last Played Today

dudul 2 days ago 1 reply      
By far the game I wasted the most time in my life :) Managed to kill my addiction and stop after Civ 4.
acheron 1 day ago 1 reply      
I like how so many of the posts in this thread are "[this one] was the best!", but I'm pretty sure I've seen all 5 of the main games held up and possibly one about Alpha Centauri too.

I'm sure when Civ 6 comes out we'll have people complaining because it's not like 5 or 4 or whichever one was their favorite, but I like that they change every time. If I wanted to buy a new game every year that was the same as the previous one, I'd be playing Madden.

nissehulth 1 day ago 0 replies      
I think Civ.Net was the first game I played on the internet against someone I didn't already knew. Could have been early 1996.

It wasn't the best gaming experience though. Each turn took like forever (well, minutes), after a few hours we had to pause the game and agree on when to continue the next day.

Still, finding an opponent "on demand" was something that did hint about what was to come later.

(well, there were BBS "door games" earlier, but not really "real time" in the same way)

phodo 2 days ago 0 replies      
One of the greatest games of all time - recently added windows 10, bootcamp, virtualbox... just to be able to re-enjoy the original classic version again. Future versions don't do justice to the original.
scurvy 1 day ago 0 replies      
My first intro to overrun bugs. I couldn't otherwise have found myself yelling "effing Ghandi" so often.
Yhippa 1 day ago 0 replies      
Count me in as another person who was hopelessly addicted as a kid. I remember one summer in middle school I would hit the power button on my PC and play this game until dinner. What's different about this game was that I would play it and not feel bad that I spent so much time doing it. Few games are like that for me today. This has to be one of the best dynamic puzzle or strategy games of all time.
technofiend 1 day ago 1 reply      
Civ is hella fun but it doesn't scale well - massive games become untenable due to app slowness and memory footprint.

I think this is in part due to Civ's design of each player gets all their moves consecutively, rather than in parallel. Although it would change gameplay Civ could take advantage of multi cpu by either staging decision trees based on likely actions taken by the player and other civilizations or creating multiple rounds of actions in each turn which are executed in parallel.

This would have the added advantage - if "they" chose to code it this way - for hardcore civ players to offload compute to AWS or other services. I would love to crank up a world domination Civ game with 50+ entities that doesn't take minutes per turn.

Wishful thinking for Civ VI but there you go.

tamana 1 day ago 0 replies      
All I want is an orthogonal perspective UI with Civ I or Civ II rules, minus Civ I's bugs. I find the freeciv angled view unusable.
fergie 1 day ago 0 replies      
I hate to think how many of those hours I am responsible for...
megablast 2 days ago 1 reply      
You can see the video here:


msh 1 day ago 1 reply      
Does anyone have a good suggestion for the most civilization like game for iOS?
touristtam 1 day ago 0 replies      
The serie in its latest iteration is hugely underwhelming.
z3t4 1 day ago 0 replies      
Civ I is impressive, even to todays standards (mobile gaming
talles 1 day ago 0 replies      
I used to play Civilization II... damn I feel old.
ausjke 1 day ago 0 replies      
first time heard of this, how does this compare to mindcraft? is this good for young kids?
Gmailify: The best of Gmail, without an gmail address gmailblog.blogspot.com
242 points by livingparadox  3 days ago   129 comments top 26
andybak 3 days ago 9 replies      
So mixed messages again. Is 'Inbox' the next-gen Gmail interface or a hobby project that will get closed down in a year? Momentum has slowed and I've become so dependent on it's workflow I'd be gutted if this was the case. However - I don't believe Google will maintain two email clients in perpetuity.

On past experience - they'll fold the functionality of one into the other - partially and imperfectly leaving users irritated once more.

Still - it's not like I'd be safe from this anywhere else. Products from smaller companies are in constant danger of aquihire shutdowns or similar.

And open-source has still yet to produce UX that's much better than 'parity with the mainstream from a few years ago'.

grinich 3 days ago 1 reply      
If folks are looking for an open source alternative to this, you should consider N1 and the Nylas sync engine.

With N1, you can run the entire stack yourself, or use our hosted version. Plus, N1 is built to be extended by developers using JavaScript, so you can build anything you want into it.

More here: https://nylas.com/n1

(I work at Nylas.)

AdmiralAsshat 3 days ago 2 replies      
Does linking another e-mail to my Gmail mean that Google will go harvest all of the e-mails from the Inbox of that account in order to deliver targeted ads?

I ask because I don't want to link my 15 year-old Hotmail account to it if that's the case. I'll just stay with the web client.

Animats 3 days ago 2 replies      
Aw, I thought it was going to be a way to get the functionality of Gmail without Google.
andersonmvd 3 days ago 2 replies      
"Gmailify : The best of Gmail, without an gmail address" because for Google doesn't matter if you use @gmail or not. What matters is the permission to read your inbox and harvest your messages. Please prove me I'm wrong.
jakebasile 3 days ago 3 replies      
This means that Yahoo and Outlook users have access to Google Now email-based cards before those of us using Google Apps.
xd1936 3 days ago 0 replies      
They already had this, only without the server-side processing for Spam filters and Google Now features. The Gmail app in Android has had the ability to bring in other email accounts for months; This seems like the next logical step. Super cool option to have.

I wonder if those of us who already have third-party email accounts in the Gmail app will be automatically upgraded to this.

pritam2020 3 days ago 0 replies      
Yahoo mail has done it last year. They even have this on the web client on desktop.http://techcrunch.com/2015/12/10/yo-dawg-i-heard-you-like-ya....
chrisamiller 3 days ago 2 replies      
I assume that under the hood, they've just set up Gmail as an IMAP client that accesses your other account?
ForHackernews 3 days ago 0 replies      
Shorter: "Let us read your email, even if you don't use a gmail address."
ocdtrekkie 3 days ago 0 replies      
I think it's kind of demonstrative of where Google's at with privacy now, that they don't see fit to mention the practical reality that this involves Google indexing and data mining all of your email from another provider. Many of us can make that common sense leap, but in the past Google respected your privacy at least to mention it outright.
herbst 3 days ago 0 replies      
I just want to add that you can email forward your domains (for example included free in namecheap domains) and use mailgun to send from them all within Gmail/Inbox. That way you can manage multiple different domains at one place comfortably. (And like the main argument in the article get the superb spam filter)
eachro 3 days ago 1 reply      
One of my aunt uses a yahoo mail account that I periodically maintain for her. It's unbelievable how much spam makes it through their filters. I'm talking about stuff that ends up in your inbox, not your spam folder. I'm looking forward to gmailifying it for her.
Johnie 3 days ago 1 reply      
I wonder how this actually works.

It seems like for Gmail to provide this functionality, it needs to copy your external email to Google's servers and do server side processing.

I can't imagine that it does spam protection, Google Now cards, and search all client side.

tonylemesmer 1 day ago 0 replies      
Its not working for me on my own hosted email. There is no "gmailify" option. Am I missing something or does gmailify ONLY work for hosted-non gmail accounts e.g. Yahoo, Outlook etc. ?
levesque 3 days ago 5 replies      
After reading this I tried to install an exchange account on my gmail app. It asked for a bunch of extra permissions for the specific exchange account, including the permission to "Erase all data" from the telephone, resetting it to factory settings. Not gonna happen.

From what I gather those permissions were requested by the exchange server, so my university would be the one to blame. Why a server would ask for this permission is beyond me.

madspindel 3 days ago 2 replies      
Is it using Push-IMAP? Because your IMAP accounts in your regular @gmail.com account often has a delay like 30 minutes or more.
gloves 2 days ago 0 replies      
Honestly, I only use gmail because I have to - I find outlook a far better interface.
jlarocco 3 days ago 0 replies      
Ugh, I really hate to complain about this, but "an gmail address" in the HN headline is hurting my brain.

Is it at all possible to make it "an @gmail address" to match the article?

danpalmer 3 days ago 2 replies      
I still don't quite understand what's great about Gmail. Everyone goes on and on about how amazing it is, and I'm sitting here having to refresh the page every 5 mins because it won't update, or it's lost a toolbar button.

Inbox is worse for me (although I realise probably not for most) because automated emails are usually really important for me as they are telling me something stopped working, but emails from people might not be that important because I get hundreds a day.

Between the issues with the Gmail web client, and the problems I have with Inbox, the whole "Gmail" product is one of the worst products that I have to use, and I try to distance myself from it with good email clients as much as I can.

praveenster 3 days ago 0 replies      
Will there be relevant ads on the side for gmailified email from other providers?
tinhangliu 3 days ago 0 replies      
I will try it now and share my experience here
Touche 3 days ago 1 reply      
No support for JMAP accounts?
anonfunction 3 days ago 0 replies      
So it's android only?
muddi900 3 days ago 1 reply      
Can run a gmail instance on my own server? No? Well thanks but no thanks.
finishingmove 2 days ago 1 reply      
"Gmailify links your existing account to Gmail" -- okaaay. At least it's stated clearly in this case. The whole merge-with-Google thing (which they've also been known to do as opt-out, albeit not in this particular case) is exactly the reason why I'm avoiding a lot of Google's services, and why I respect (and trust) Microsoft more in recent years. It just saddens me that Outlook for Android is so bad in some things, it's basically unusable (e.g. you can't follow links from emails).
Upload files to your repositories github.com
275 points by Oompa  2 days ago   87 comments top 25
johnloeber 2 days ago 5 replies      
I think this is a great step, for several reasons -- both corporate and user-facing.

(1) It is true that this is more likely to turn GitHub into a generic file-dump place similar to DropBox. GitHub's infrastructure is sufficiently good to handle this, and this new addition is unlikely to disrupt the workflow of veteran users. However, since it is likely that some companies will use GitHub for file dumping, GitHub will be justified in charging companies a fee for particularly large repositories -- capitalizing on the file-dumping. I sense an alternate revenue stream coming in for GitHub.

(2) I've often run into situations in which I had written a small script and wanted to quickly turn that into a GitHub repo. To do so, I'd have to go through the online interface to initialize a new repo, and then make a folder on the command line, type a few commands, etc. Though it's a very short process, I couldn't understand why I couldn't just use the online interface to type up a readme and then drag-and-drop my script into the repo. The update smooths this work experience.

(3) Obviously, it'll make GitHub far more accessible to less technical users -- some users are intimidated by the Git learning curve, and this update makes them much more likely to use GitHub (and then slowly learn the ropes of using it via the command line).

(4) By inviting more non-technical users as in (3), it becomes more likely that (1) succeeds.

minimaxir 2 days ago 2 replies      
This feature has interesting synergy with GitHub Pages, where .md files can simply be dragged-and-dropped into a folder to get published as a blog post on the web.

It may be enough to remove the must-be-programmer-who-understands-git barrier to entry, anyways.

EDIT: GitHub Pages still requires specific file naming for posts and YAML front matter, so it's not perfectly non-programmer friendly. It might be a good idea to write a tutorial as a blog post/screencast, though.

whorleater 2 days ago 2 replies      
This is actually a pretty good step. Most programmers are already using some kind of UI/command line to push to Github, but having a simple drag and drop for uploads will get those who are less technically inclined on our teams to actually use version control more. At least I really hope I can stop dealing with the "asset_1", "asset_1-2", "asset_1_USETHISONE" that some people do.
cdnsteve 2 days ago 2 replies      
All I want is a Wiki search.... pretty please.Wiki file uploads (images) at very minimum that aren't commited to git. The process now is to create an empty issue, drag the file over, copy the URL and paste it into the Wiki page.
ErikRogneby 2 days ago 2 replies      
Has anyone seen a way to disable this feature at a repo or org level? I'm not crazy about master getting treated like Dropbox.
tlrobinson 2 days ago 0 replies      
To clarify, by "upload files" they mean adding and committing new files to a git repository. At first I thought there was some other way to add files to a project.
douche 2 days ago 3 replies      
Hmm, it almost seems like the recent brouhaha lit a fire under GitHub...
juandazapata 2 days ago 7 replies      
I like how Github is taking note about the lack of innovation, and doing the right thing; but I'd like to see the blog post announcements AFTER the feature is implemented. It's like saying "Oh, you're thirsty? I'm going to give you a glass of water, but not yet, next week"
petetnt 2 days ago 1 reply      
This new feature makes it quite easy to use a GitHub repo as a generic file dump / share place.
kekub 2 days ago 0 replies      
Finally you can have all kinds of creatives using github without telling them how to use the command line or even the github desktop apps. Thank you github.
milge 2 days ago 0 replies      
Github has needed this for awhile. I was using Cloud9 for awhile to push changes to github when all I really wanted was this feature.
djadmin 1 day ago 0 replies      
Can anyone explain what's going on here https://github.com/wardowsmcc/badass ?
r0m4n0 2 days ago 2 replies      
Awesome... I can think of 4 or 5 times I have been away from my laptop but still need to update a photo for a client. Glad to see this, otherwise I would have never known it had been added!

Slightly brings up an interesting point. With native apps, I usually review release notes upon updating. Webapps get to release whenever they please to little notice of the end user (for better or worse). With releasing new webapp functionality, bug fixes, etc "continuously" I think some cool bits get overlooked...

Joeboy 2 days ago 1 reply      
Github pages is now the right way to set up a reasonably-smart-n00b-editable website, IMO.
hasenj 2 days ago 1 reply      
Why doesn't github have a proper discussion forum per project? I don't consider the "issues" a proper discussion forum.

That seems to me like it would be much more valuable, specially for community projects.

baristaGeek 2 days ago 0 replies      
Already tried it, and I absolutely love it!

It was something we were waiting for for a long time. Now GitHub is light years ahead of its competitors because of this -seemingly small, but actually important- UX change.

rwinn 2 days ago 1 reply      
I'm a bit confused, this is a simple git add or some sort of integration with git lfs they released last year?


dogweather 2 days ago 0 replies      
I'd really like to know the inside details: what changes have they made to release new features quickly like this? Have they been bogged down in process? Or just lack of pressure to release improvements?
krisdol 2 days ago 2 replies      
Just to be clear, this appears as if it's some kind of web wrapper to `git add file.ext && git commit -m "<my message>" && git push`?
nibs 2 days ago 1 reply      
Fun fact: you can hack this right now by dragging and dropping a file (ie. image) into the issues submission box and then using that URL in your code to display images.
bluedino 2 days ago 1 reply      
Wait, so you couldn't add a file via the web before? I haven't used github except for pulling the source to projects but I would expect this was feature #1.
beeforpork 2 days ago 0 replies      
Upload from the browser? O tempora o mores!
ocdtrekkie 2 days ago 0 replies      
As someone who makes a lot of casual edits via the web interface, I was really sad that to fix an image file once, I had to install the desktop client and clone the entire repo. This is a great change.
UncleSam 2 days ago 0 replies      
This is awesome! I was just barely wanting to upload a file to one of my repositories, but I didn't feel like cloning it to this computer.
       cached 21 February 2016 05:11:03 GMT