hacker news with inline top comments    .. more ..    12 May 2016 Best
home   ask   best   3 years ago   
1
Introducing unlimited private repositories github.com
1532 points by fuzionmonkey  19 hours ago   612 comments top 118
1
hunvreus 17 hours ago 24 replies      
1. Take a gazillion dollars in funding on an over-hyped valuation,

2. Go through significant organizational changes that end up with the departure of a co-founder (and more suits in the building).

3. Notice that a significant segment of your growth (VC-funded startups) are running out of money.

4. Switch to a user-based pricing to generate more revenue for investors, but spin it as a freebie "Hey! Look at the cool unlimited shit! No, no! Don't pay attention to the fact you're gonna be charged 3 times as much as before for the same service".

The bottom line is that GitHub is free to do whatever the heck they want; if they believe that charging per user is going to make more (financial) sense to them, then they can go ahead and do it.

But I'd appreciate if their PR department didn't expect us to swallow this as a positive change. Most coders understand basic maths.

2
arnvald 18 hours ago 22 replies      
A small comparison:

Team | Cost Before | Cost Now

1 repo, 5 users | $25 | $25

1 repo, 10 users | $25 | $70

11 repos, 5 users | $50 | $25

11 repos, 10 users | $50 | $70

5 repos, 50 users | $25 | $430

50 repos, 5 users | $100 | $25

50 repos, 50 users | $100 | $430

I'm not sure how common are organizations with few users and large number of repose - I guess software houses that keep old projects (for maintenance and future requests from clients) fall into this category, but who else?

The other case where it becomes cheaper is personal accounts.

In all the other cases - it just looks like a raise of prices.

3
beberlei 12 hours ago 2 replies      
The incentive changes for this are so massive, nice "experiment" from an economics perspective.

1. penalizes OpenSource organizations that need a few private repos for password, server configuration or other things. Was 25$ before, now for example Doctrine with 48 collaborators it would be 394$. Even if just the admins have access to that repository.

2. penalizes collaboration, inviting every non-technical person in the company? 2-5 employees of the customer? not really. Will lead organizations to create a single "non-technical" user that everyone can use to comment on stuff. not to mention bots, especially since you need users for servers in more complex deployment scenarios.

3. rewards having many repos, small throw away stuff and generally will lead to "messy" repositories lying around everywhere that are committed on once or twice and never touched again. "Not having to think about another private repository", imho will produce technical debt for organizations.

4. users in many private orgs will need to pay or get paid for every organization each. I myself will be worth 45$ now for Github, being in private repositories of five different companies.

All in all, this just shows that Github does not care as much about open source anymore as it cares about Enterprise.

Btw: Mentioning the price jumps in repository usage of the old pricing is not really helpful. Consider a pricing that would be per repository (1$ for personal, 2$ for organizations) and doesnt have jumps and compare that to the new per using pricing. The new pricing only feels better for some, because you pay marginal costs for every single user instead of the old pricing where every 50 repositories you have to suddenly pay 100$ extra.

Edit: Forgot about bots, and deployment machine users (which even Github recommends for many scenarios)

4
biztos 14 hours ago 7 replies      
I find it interesting that so many people here are unhappy with the change. Sure, prices will go up for a lot of organizations, but is $9/worker/month really a lot to pay for all the stuff GitHub offers? At Bay Area prices isn't that about 5 minutes of developer pay per month?

For independent use it seems like a very positive change, in fact I'm guessing it's a direct challenge to GitLab. I was considering moving my stuff to GitLab simply because I'm tired of bundling experiments/prototypes into umbrella repos just to stay under the 10 repo limit at GitHub. For people like me this will be awesome, and I take it as a good sign that they're responding to the competition.

One thing I don't get however: how do they count shared access to private repos?

If I have a private repo and you have a private repo, and we each grant access to the other's repo so we can collaborate, do we now have two or four billing units?

They say "you can even invite a few collaborators" -- but how are you billed if it's more than a "few?"

I don't mind if they try to close the loophole of making up an "organization" out of a lot of "individual developers" but it seems a little vague.

5
gelatocar 18 hours ago 4 replies      
What about companies like Epic Games that have few repos but many users?

With their 2 private UnrealEngine and UnrealTournament repos they would have been paying $25 a month and under the new pricing structure will have to pay $815,913 per month...

edit: That's based on what I can see as a UE4 subscriber, 2 private repos and 90657 users.

6
grawlinson 18 hours ago 2 replies      
That's cool but seeing as Bitbucket has unlimited private repos for everyone, I'll be sticking with Bitbucket for private trash and Github for public trash.
7
sudhirj 16 hours ago 2 replies      
What's with all the negativity? This is really good pricing - all individuals now pay much less (a flat rate of $7), all small shops pay almost the same thing ($30 to $90 for 3 to 10 people). Both groups no longer need to think twice about creating repos, which has always been a huge pain that I've seen. I've even thought twice about microservices because the repo cost would be a pain.

This will affect enterprises - but then they're either already on Github Enterprise or are used to per user pricing anyway. Google Apps, Slack etc all have (quantitavely similar) per user pricing. Google doesn't charge you based on the number of emails you send, nor does Slack charge based on the number of private rooms there are - that would be dumb.

The band of companies between small shops and enterprises are likely to be affected, but then this is really employee lunch money.

8
rspeer 18 hours ago 1 reply      
This is, of course, a positive way to spin the fact that they're raising prices significantly for many organizations.

I'm glad there's at least a year that we can keep using the old plans.

9
bsnape 16 hours ago 3 replies      
This has almost quadrupled our monthly cost ($850 vs $2914). We have ~300 users which will have to be reduced massively to save costs - perhaps with non-engineers sharing accounts or having no access at all. I'm not sure if charging per user is really in the spirit of open collaboration that GitHub champions.

I slo wonder if charging per user rather than per repo will also discourage the creation of open-source repos from orgs? There's no longer a (reduced) cost benefit after all, even if that was a minor influence compared with the other benefits of open-sourcing your code.

10
kapv89 15 hours ago 2 replies      
Nothing beats https://bitbucket.org/ when it comes to free, unlimited, private repositories. It has seen the first hosted repositories of far more startups than github ever will. Which is special achievement in itself.
11
0xmohit 18 hours ago 1 reply      
With this change, BitBucket pricing [0] gets to appear pretty attractive.

(If you were an organization with few private repositories and large number of users, Github was earlier more affordable.)

[0] https://bitbucket.org/product/pricing?tab=cloud-pricing

12
bufordsharkley 18 hours ago 3 replies      
Have been using Github for a community radio station, have been encouraging all staffers to use github accounts to file issues against our private repos, etc. The friendly policies for many collaborators have made this attractive, even though most users have rarely interacted with the repos, if at all.

Now each user for the private repo has a significant cost (pretty significant for a non-profit community radio station); looks like we'll have to rethink this whole Github thing.

13
romanovcode 18 hours ago 4 replies      
I see absolutely no reason why one would pay GitHub for private repositories when there is Bitbucket, or much better alternative to GitHub altogether - GitLab.
14
rdancer 10 hours ago 0 replies      
This is an awful pricing model.

One-size-fits-all never fits all. Getting rid of tiers is nave and misguided. Even if just for anchoring and the illusion of choice in face of terrible choices, tiers are a necessity. Sales will suffer, customer satisfaction will suffer.

I don't care if existing private customers pay the same or less. The price points should have been retained, and customers let to switch to a lower tier if they wished. Capturing consumer surplus leads to increased revenue. Github needs that money; the more money they throw away foolishly, the closer they are to bankruptcy.

"Starting today"?! At least current developer plans have been grandfathered in, with a 12-month notice period. Still, if an org has been in the process of planning a move to Github, they will have to re-evaluate.

Github has been such a great platform. A major stumble like this, I'm worried they may not be with us for much longer.

15
patcon 12 hours ago 0 replies      
This is absolutely fucking atrocious news for any company who wants to run an agile operation.

I always framed the "Github vs Bitbucket" as an "agile vs enterprise" mentality -- BitBucket made you think hard about adding new people, and air on the side of limiting access -- ie. conceal by default. That's perfect for enterprise, but the worst fucking incentive ever for an org that wants to make as many projects as possible accessible to all company members. GitHub (in times past), removed this cognitive burden of thinking "does this person /really/ need access....?" -- ie. transparent by default.

But now they've fucked up.

I was always in favour of avoiding self-hosting when there was a great hosted service like GitHub available. But I would now never advise any company that I cared about to use GitHub. It will contort and twist the openness you wish to imbue in your growing company

16
therealmarv 14 hours ago 4 replies      
It seems most users here don't have gitlab.com in their radar and only mentioning Bitbucket as competitor. I've recently switched all my private personal repos to gitlab.com which also allows unlimited private repositories because gitlab.com seems to have better UI and more features than Bitbucket (when not buying any additional Atlassian Jira etc. products).
17
ThePhysicist 17 hours ago 0 replies      
It would be interesting to know how many users and repositories a typical organization has on Github.

To me, it looks like they're just "optimizing" their pricing, as I would guess that most large organizations using Github have significantly more users than repositories, especially with the recent trend towards "mono-repositories".

That said, SaaS pricing is really hard to get right from the beginning. I run a code analysis company (https://www.quantifiedcode.com) and we thought a lot about which kind of pricing would be the best for us and our users (we decided to use per-repo pricing). In the end, your pricing needs to support your business model, so it's normal to change it especially if you have a lot of data on how your users use your product.

I wonder though if this will drive organizations to other solutions like Gitlab or Bitbucket, as those are significantly cheaper and pretty easy to set up these days (and you get the extra benefit of a self-hosted solution that can be hosted in your own, secure infrastructure)

18
t3nary 18 hours ago 3 replies      
Does anyone know if this will effect student plans as well? So far it included a free micro plan with the usual 5 private repos. Would be pretty awesome, I just had to host a repo somewhere else a few days ago because I ran out of private repos.

Other than that it sounds like a great improvement, it'll make it a lot more likely that I'll pay for GitHub when I'm not a student anymore.

/edit: https://github.com/pricing makes it sound like this is for free student plans as well

19
caseymarquis 14 hours ago 1 reply      
The number of very small teams or individuals this encourages to start using github probably allows every organization who can't afford this to leave and github to still increase the money they're making. It seems like a good move based on my imagined profile of their user base. 1 million teens and young 20-somethings just decided they'll give 7$ a month to github.

For bigger organizations, this is practically no money compared to other software they're using. So they'll just take the hit.

Sounds like the only customers being lost were those using github for no-commit users. Is that really a huge segment? If so they just need a special account status to fix this.

I think the question is why this took so long.

20
tyingq 15 hours ago 0 replies      
If you happen to be a group that will be affected negatively by this move because you have a need for read-only users...

Gogs has mirror functionality where you could self-host access for those users in a fairly painless way. Screenshot of import screen: http://i.imgur.com/J4vWCIB.png

More on gogs here: https://github.com/gogits/gogs

(no association with gogs, just thought it might be helpful)

21
StevePerkins 10 hours ago 1 reply      
TL;DR - GitHub is switching to Bitbucket's pricing model, but with a monthly charge of $9/user rather than $1/user.

Seems bizarre to me. The "enterprise" market they're chasing are largely Atlassian customers already, and Bitbucket has a competitive edge there with its JIRA integration. GitHub's distinguishing characteristic was a different pricing model, that for some organizations makes more sense than Atlassian's does.

If they start competing apples-to-apples, but at 9x the cost, why would any enterprise use GitHub unless they have a hipster CIO/CTO who just thinks it's a "cooler" brand?

22
kuon 17 hours ago 1 reply      
Now I have to pay for external collaborators? Are you kidding me? We are a small team of 5, but making softwares for other, I'll have to move away from github with the new pricing, we have nearly ten people per repository that might just be exec who never accessed the repo but must have access to it.
23
napperjabber 43 minutes ago 0 replies      
Pretty sure this wont end well for Github. They seem to be making a lot of moves like this recently. It's only a matter of time until a mass migration begins IMO.
24
m4tthumphrey 13 hours ago 2 replies      
I find it quite hard to comprehend why people use Github for private repositories. There are many free alternatives. BitBucket seems to be the famous one, but Gitlab has grown into an amazing product with 3 different offerings; On premise community edition, on premise enterprise and hosted (like Github).

We have used the on premise community edition for about 3 years now. I first installed it when you had to run about a billion commands manually and it was great even then. Now you can install it with an apt-get and a few lines.

Lets not forget about the obvious negatives of Github (ignoring pricing).

1) Its hosted which means it can go down2) It is closed source3) Feature based is quite small (compared to Gitlab)

Gitlab is a regular release cycle, once a month which always comes with new features.

I personally think it is a no brainer.

25
pilif 18 hours ago 1 reply      
The linked page is telling us that eventually, only the new plans will be available. For my case (15 users in the organization, using the bronze plan with a lot of not-so-important repos on our own server), this will be a price increase from $300/y to $1380/y - nearly 5x more expensive.

I really hope the old plans stay around as long as possible.

Also, consider external collaborators that are part of multiple organizations: Github will now receive the $9/month per external collaborator and organization they are in. That's one hell of a deal for github.

26
stephenr 17 hours ago 0 replies      
Hopefully this opens the eyes of at least some people into realising that GitHib !== git, and GitHub !== dvcs (similarly, git !== dvcs). There are several alternatives out there, almost all of which provide more options at lower cost than GitHub.

I know, I know "everyone is familiar with github". If your developers can't function without GitHub specifically, you have a bigger problem than the new GitHub pricing.

27
lox 18 hours ago 4 replies      
Pretty angry that Github have made this change with no mechanism for adding machine users without paying a per month charge. It seems like a key feature, which is currently horribly painful to manage and now expensive.

How does everyone else create credentials that CI can use to checkout code?

28
ACow_Adonis 14 hours ago 1 reply      
As a solo developer who had currently paid up for monthly access annually, I feel obligated to feed back that this is pretty good news for me. Go github.

The 5 private repositories was a bit grating and making me considering a move elsewhere. I was going to have to consider changing how I stored/structured my projects in order to stay under what seemed to me to a relatively arbitrary limit, which interfered with some of my automated tools and how I'd set them up to assume a separate repository for each project.

I realise there are a number of bigger organisations for whom this realistically means a hike in prices, and I'm winning relative to their losing, but as someone who wants to keep advantages to the little guys (that's the genuinely little guys, not a bunch of 50-100 guys bankrolled by several SV millionaires/billionaires)...well, I feel its my duty to weigh in with positive feedback against what is probably going to be some negativity from the bigger guys...

29
ismyrnow 13 hours ago 0 replies      
Github is... adopting the old Visual Studio logo?

http://static.flickr.com/2768/4307936121_5b5e51a790.jpg

30
AndrewGaspar 18 hours ago 0 replies      
I'm glad. Occasionally I would delete abandoned projects to make space and now they can live forever to remind me of my failure!
31
BradRuderman 18 hours ago 2 replies      
Its unfortunate that this doesn't promote trying to get business users to look at the code. In our organization 3 or 4 users are read only and really just go in at times to check specific errors, or logic for certain SQL queries, they don't really contribute. We will now have to pay $9 per month for these type of "read only" users.
32
mattyohe 11 hours ago 1 reply      
All I ask is that Github implement Slack's Fair Billing Policy. Managing who at the organization can access a service is a silly task.

Unfortunately, it doesn't appear that this follows that model. They're open to feedback: https://github.com/contact

33
Ghostium 18 hours ago 1 reply      
Hmm, I still will use Gitlab instead of Github. Unlimited public and private repos for free is nice.
34
n9com 18 hours ago 1 reply      
This change worked out well for us. Gone from paying $200/month to just $25/month for our 5 person organisation.
35
andrewljohnson 9 hours ago 0 replies      
How many startups have a non-core-dev-advisor who they will now pay $9/month to get occasional comments from? Or not?

One downside of this change is if you have a private Github org, you are now incentivized not to add advisors/randoms to your org/repos. I wonder how much scurrying Github sees to remove errant users from orgs.

36
Cozumel 17 hours ago 1 reply      
'unlimited private repos' if you pay. BitBucket gives you them free and always has!
37
nateguchi 18 hours ago 3 replies      
I'm sure a lot of people will be moving from Bitbucket to this, Bitbucket's plans were great for hundreds of repos, but Github's ecosystem is definitely preferable.
38
jamies888888 17 hours ago 0 replies      
Very cleverly worded to sound like a price reduction when it's actually a price increase.
39
xchaotic 17 hours ago 1 reply      
So what makes them think that they can get away with it? There's already decent competitors - GitLab, BitBucket, Azure or you can just host your own git repos - gitlab will even give you a nice Web UI for it.Why do they think that people with stick with github, if we're talking $thousands/year then surely migrating to another git repo provider is worth it?
40
voltagex_ 18 hours ago 1 reply      
Is there a way to get billed annually for a personal account? Makes budgeting easier and also protects me against AUD/USD changes.
41
red_admiral 18 hours ago 2 replies      
For small private projects, gitlab.com has had unlimited private repos for $0/month for a while now.
42
dblock 7 hours ago 0 replies      
If someone is unsure about this math, our (we're https://github.com/artsy) bill goes up from 450$ to 1051$ per month.

But it's not about just the money, it's about incentives.

- We have large amounts of open-source code, so we were encouraged to open-source more to avoid jumping to the next tier.

- We're going to probably close access to a bunch of code to a big chunk of our organization. We have hundreds of humans. Whereas before we would give them permissions to view as a default and hope they look at our code one day or at least know that they can, or sometimes would get a link to look at a change from a discussion, we'll now have to have to see whether it's worth 9x100s of people every month.

I am not complaining, Github provides excellent service. Seems worth it at 5K$ a year and probably 10K$ a year, too. I wish it didn't just double though and was more gradual.

43
drinchev 16 hours ago 0 replies      
Wow. Companies definitely suffer. For me ( freelancing dev, working primarily with startups ) it's a huge win.

GitHub vs BitBucket was always about :

1) 3rd party integrations ( CircleCI - e.g. ) - sadly bitbucket is behind that.

2) Issue management. Bitbucket's default behavior doesn't support labels or any other way of managing the issues structure.

Now, honestly CircleCI + GitHub for 7$ is just extremely cheap. ( talking solo devs / small teams ).

44
throwaway2016a 13 hours ago 0 replies      
This change actually saved me a lot of money per month. We use micro-service architecture and furthermore do consulting work so we had a Platinum level plan with only 7 people with access. This greatly improved our billing situation.

Although I can very much see how it could go the other way.

45
partycoder 18 hours ago 4 replies      
I am strongly considering moving to gitlab.
46
nikolay 18 hours ago 1 reply      
This is way too expensive! Self-hosted GitLab is cheaper and has better uptime!

Not to mention, they should have made you pay only for users with commit rights!

47
imron 18 hours ago 1 reply      
The main image on that page looks remarkably similar to the 2010 Visual Studio logo:

http://blogs.msdn.com/b/samer/archive/2010/01/27/quick-share...

48
shrugger 13 hours ago 0 replies      
But why should I use Github over Gitlab? I don't care about popularity, Gitlab already offers the minimal set of features I care about, and has demonstrated a neutral business model.

Github had leaks coming out about how 'white men' aren't suitable to solve GH's business problems, why should I want to associate with an organization that discriminates people based on the color of their skin rather than by the contents of their code?

I'm glad that they are offering this, I think their customers will put this offering to good use, but it doesn't convince me.

49
discodave 18 hours ago 1 reply      
For comparison, quoting from the AWS CodeCommit pricing page...

AWS CodeCommit costs:

$1 per active user per monthFor every active user, your account receives for that month:

10 GB-month of storage

2,000 Git requests

And the 1 year free tier is:

5 active users50 GB-month of storage10,000 Git requests

50
konole 19 hours ago 0 replies      
51
imcotton 17 hours ago 0 replies      
GitLab gets 1 point without doing anything, oddly.
52
alanfranzoni 18 hours ago 3 replies      
Do outside collaborators count as paid users?
53
shepbook 8 hours ago 0 replies      
I think this is a clear win for individual users that have been paying for GitHub. For organizations, I'm curious how many organizations they have just bumped above the $300-500/month mark. A lot of companies allow managers discretionary spending limits that they can spend without requesting approval, and if makes me wonder if they just made a bunch of managers need to start asking for approval for their GitHub bill. Another comment mentioned that having it filter up that the cost of a service just increase several times, will likely result in people being told to investigate alternatives. If that's the case, there are a fair number of alternatives to go to, depending on your specific situation.
54
danpalmer 10 hours ago 0 replies      
I think the new pricing structure makes a lot of sense, however is awkwardly limiting in some respects that GitHub might not have considered.

We have essentially 2 classes of GitHub user on our organisation - developers, and non-developers. While our devs use GitHub all the time (and therefore are worth the $25 a month for the development team), our other users might edit a specific few config files, or jobs pages (for example) once a month - paying $9/month each seems quite overpriced.

We want to be an open company, one that doesn't keep secrets from employees, one that doesn't create unnecessary barriers to productivity, or have unnecessary process, so giving GitHub access to everyone in the company who wants it is important to us - this stops us from reasonably doing this. As a result, we likely won't be switching to the new pricing structure for as long as possible, which is a shame, because it would be nice to not have to think about private repos.

55
sandGorgon 16 hours ago 0 replies      
Thank you - this is very exciting. Bitbucket uses a per-user pricing and it has been extremely useful for us. People forget how useful it has been to not worry about the number of scratch repositories we can create as we experiment.Our main repo is a single monolithic repo. But do you not ask your consultants/outside resources to work on a company repo ? how do you price that I wonder.

I am not sure why people would like stuff to be priced per repo. It is a fairly unintuitive model for me and is a huge problem when you need to go an explain to the finance team that you need to spend more because you "created more repos"... say wut? Spending per user is a very clean way of pricing.

56
timvdalen 16 hours ago 0 replies      
While unlimited private repositories sounds good, this change means that our GitHub costs are now 2.3x higher.

If this is going to be enforced, we'll need to decide between cutting away users from the org or moving to a different platform.

57
tanepiper 16 hours ago 1 reply      
There is an element of "double dipping" here that I see as a problem.

I already pay $7 a month for my own personal Github account, and for me personally it's nice to have no limit.

But if we switch to the new model at work then not only am I paying my $7, but my company will have to pay an additional $9p/m for me to have access to the repos I use daily for work.

Even if they removed me from the organisation and added me as a collaborator this will be an additional cost.

They can spin it how they like but I suspect for a large number of organisations they are going to see quite an increase in cost from using Github.

58
derrekl 7 hours ago 0 replies      
There is one case we have where the newer per seat pricing doesn't facilitate how we're using github. One of our repositories is "docs" with a bunch of markdown files, pdfs, images, and other documents related to our tech. It's mostly used in a read only way by a bunch of non-developers while engineers contribute heavily to the documentation. Paying $9/month per biz person to be able to view the documentation is too much and will force that use case off to Confluence or some other wiki/documenting tool.
59
mark_l_watson 12 hours ago 0 replies      
This will help organizations that keep huge monolithic repos on GH - one of my customers does that. They have one repo that should be dozens of smaller repos.

I use GH for my open source projects and code examples for my books and I use Bitbucket (which is also a great service) for my private repos. I have always felt somewhat guilty with this setup, working both companies for free services.

60
spriggan3 17 hours ago 1 reply      
The pricing is clearly designed to make more revenue from businesses with a lot of users, which makes sense for Github but not for big teams in /mid sized shops who will be paying a lot more.
61
hartror 18 hours ago 0 replies      
Finally! While as others point out this can work out more expensive the improvement is is that it scales as my company scales and doesn't act as a disincentive to developers spinning up new repos.
62
manigandham 8 hours ago 0 replies      
It's amazing how cheap people/companies are if they're complaining about these prices.

$9/user/month for one of the best and easy-to-use platforms to store and manage your repos and help your software development, which for most companies is extremely important to their product.

Slack is $8/user/month and yet people have no problem with that pricing. Git is also extremely portable and easy to move and takes minutes to self-host so what's the problem here?

63
petetnt 19 hours ago 0 replies      
Links not up yet, but you can already switch your plan https://github.com/organizations/your_org/settings/billing/p... for unlimited private repositories at $25/month for your first 5 users. $9/month for each additional user. (Edit: Up now! Personal plans get upgraded to unlimited too!)
64
erikrothoff 15 hours ago 0 replies      
This is awesome! I'm currently paying 50 USD per month for more repos on my private account. Definitely the right way to go.
65
arc_of_descent 6 hours ago 0 replies      
So I have a normal user account at $7/month. Great, I now have unlimited private repos.

I also had an organization a/c (only 1 user) at $9/month. I switched to the $25/month, so yes, its now costing me more.

I understand math. Why not just give me $5/user? :)

66
piyush_soni 18 hours ago 0 replies      
Still, not even a couple of free private repositories?
67
oneeyedpigeon 15 hours ago 0 replies      
Misleading headline alert; should say "for paid accounts" I got way too excited there :-(
68
joeblau 15 hours ago 0 replies      
I just had a discussion with my buddy about repositories yesterday. He wanted access to some code I had for uploading CSV files to iCloud and it's hosted on a private repo on GitHub. He was saying "I still use BitBucket's private repos"; My response was that the GitHub community is a lot stronger. Outside of community, it was hard for me to convince him that GitHub is worth it.

I've been using GitHub for a few years now to host private and public repos and paid private repos was always a point of contention. Now that they are unlimited, I can say that GitHub is definitely going to be the home to all of my future projects. I really feel like GitHub has been kicking it up a notch in 2016. Awesome work team and thanks!

69
donatj 13 hours ago 0 replies      
We have a large number of people in our organization who have GitHub access who do not code and instead file or manage tickets. $9 a month just to be able to file a ticket is rather steep.
70
benguild 15 hours ago 0 replies      
This is nice. Now I won't have to keep deleting private repos to make room for new ones
71
geostyx 3 hours ago 0 replies      
I think I'll stick with my own private Gogs instance anyway.
72
willcodeforfoo 12 hours ago 0 replies      
This is awesome! I have wanted a different pricing structure for personal accounts for a long time.

And for those who have issues with the organizational changes, did you see?

> I am an existing organization customer and prefer the per-repository plans. Can I remain on my current plan?

> Yes, you can choose to continue paying based on the number of repositories you use. You can also upgrade or downgrade in the legacy repository structure based on the number of repositories you need.

73
Rapzid 18 hours ago 0 replies      
All those private repos and no way to organize them :( Where are the namespaces/projects github?
74
jrgifford 16 hours ago 0 replies      
Is there a definition of "a few collaborators" anywhere? How many people, and is it per repo or per paid account? Really need more information before I decide if GitHub continues to get my $7/month or not.
75
wickedlogic 9 hours ago 1 reply      
Comments here are mostly from a single org view, due to the many X increase for that orgs price (large teams only)... but if I work on n_orgs repos, I'm now worth 9-25*n_orgs to github. That is a big shift from a model where I had no direct value to them as a unit.
76
Twisell 17 hours ago 0 replies      
The main drawback of a lot of Cloud based business model I have seen is that nobody think its fine to pay for leechers.

The per user pricing is pretty reasonable but only when you think of seeders (publishers/editors/pushers call them as you like).

For instance I would love to subscribe to a BI cloud suite that really fit my need, but I'm basically the sole query editor and I have potentially 200 private readers + some public OpenData. I simply just can't come to my boss and ask that we subscribe to this service on a 200 users basis while only one users will really have the use of the license...

77
BinaryIdiot 11 hours ago 0 replies      
Looks like with our company the price goes from $25 a month to $133 if we move (or are forced to move) over to the cost-per-user model.

GitLab was already looking good, if we're forced to change well likely move to GitLab. Github's pricing was already overly expensive for what you get, in my opinion.

78
gommm 15 hours ago 0 replies      
That makes a lot more sense in term of pricing and if that had existed earlier, I'd probably not have bothered hosting my own gitlab repository. I like to have a lot of little repos even keeping some of my private experiments and so the limit of repositories never really made sense to me.

It might make sense however to not count collaborators with read-only access.

Of course, now that I have gitlab, there's very little reason for me to come back.

79
Illniyar 18 hours ago 1 reply      
Can two individual priced accounts collaborate on the same private repository?
80
NicoJuicy 6 hours ago 0 replies      
I really don't understand why Github sets their prices higher while GitLab ( mostly) is gaining more and more traction...
81
danvoell 12 hours ago 0 replies      
I hope this doesn't lead to less open sourced software. Since it will be easier to keep your code private.
82
chj 16 hours ago 0 replies      
self hosted gitlab, for about 10$/month you get unlimited repos, unlimited users.
83
ausjke 9 hours ago 0 replies      
bitbucket still sounds like a better deal as far as money goes, though github somehow catches all the eyeballs. bitbucket has been providing similar service for less since long time ago.
84
mikeflynn 5 hours ago 0 replies      
Sounds like a lot of companies are going to end up with multiple GitHub orgs.
85
gshulegaard 7 hours ago 0 replies      
So...GitLab looks better and better every day.
86
mikey_p 11 hours ago 0 replies      
I think this is great. I'm part of a small 2-person consultancy (my wife and I) and we've been abusing a user account for our business for sometime on the 'medium' plan since it would give us 20 private repos, although over the last 6 years, we're had to cycle stuff to backups, rotate it around in order to keep older client work in there.

It's been hard to justify upgrading to an organization for awhile, since our work is hit or miss and we both have other jobs form time to time. We aren't much in terms of load on Github, but we'd like to be able to store 40-50 private repos or add more without worrying about our limit. The new organization pricing makes tons of sense for us since it's very close to the old 'medium' plan we were using, instead of being 2.5 times as much, which we never felt we could justify.

87
tedmiston 11 hours ago 0 replies      
> Over the next few days, we will automatically move all paid accounts, from Micro to Large, to the new plan. If youre currently paying for one of those larger plans, look out for a prorated credit on your account.

Bravo, GitHub.

88
keithnz 16 hours ago 0 replies      
I like gitthub, I have my open source stuff with github, but when it comes to private repos, bitbucket just seems better pricing and in someways just a nicer and cleaner interface https://bitbucket.org/product/pricing
89
keithnz 16 hours ago 0 replies      
I like github, I have my open source stuff with github, but when it comes to private repos, bitbucket just seems better pricing and in someways just a nicer and cleaner interface https://bitbucket.org/product/pricing
90
emodendroket 12 hours ago 0 replies      
So basically they're going to start using the same model as BitBucket?
91
andreamazz 16 hours ago 0 replies      
As much as I would love to switch to GitHub for our private repos, it still is way more expensive than BitBucket.
92
benbenolson 11 hours ago 0 replies      
This is just another reason to move to something like Gitlab or just self-host your Git repos. It takes literally seconds to set up your own Git server, so why not?
93
kazinator 6 hours ago 0 replies      
For less than these price plans, you can have your own domain and server.
94
meetbryce 18 hours ago 0 replies      
Seems like a good move, it's unclear to me what the difference is between Personal & Organization.
95
alexchamberlain 7 hours ago 0 replies      
This is great for private accounts; it encourages better practice of smaller repos.
96
kaffeinecoma 14 hours ago 0 replies      
I'm really looking forward to no longer having to figure out which project I have to axe to keep my "small" plan under the 10 repo maximum. That was always annoying.
97
wtbob 12 hours ago 0 replies      
Definitely cool, but I honestly think that if your organisation needs more than a handful of repositories then it's very likely doing something wrong.
98
Aissen 18 hours ago 2 replies      
I know a lot of companies that are too cheap to pay for hosting (or even host in-house), and therefore use bitbucket with its unlimited private repos. It's their gateway drug, and once they get used to that, good luck having them move over to github.
99
jdudek 17 hours ago 0 replies      
Yay, no more using single repo with orphan branches to save on number of repositories :-)
100
aavotins 18 hours ago 0 replies      
Christmas is early this year.
101
z3t4 17 hours ago 1 reply      
What's the difference between a GIT server and say a HTTP server? To my understanding, Github are unable to scale GIT, so they have to price accordingly.
102
jonmaim 10 hours ago 0 replies      
Sorry it's too late, I already migrated to bitbucket 6 months ago.
103
edpichler 13 hours ago 0 replies      
To me this is a good change, I have lots of private repositories and a small team.
104
cloudjacker 11 hours ago 0 replies      
bitbucket: still unlimited free private repositories
105
ArtDev 7 hours ago 0 replies      
I will stick with GitLab.
106
samstave 8 hours ago 0 replies      
Well, I will say that this is a good thing, because when we had paid for ~20 repos at a last company, and eng made a new repo - number 21, that was then made public by default as we were out of private repos. FUCK THAT.

He made a mistake and checked in (yes this is on him) an AWS access and secret.

Within hours we have 1,500 machines launched in every region doing bitcoin mining....

Making a repo "public by default" is pure BS.

107
bfrog 12 hours ago 0 replies      
github, soon to be the next sourceforge
108
softinio 13 hours ago 0 replies      
This is fantastic news in my opinion.
109
sqldba 13 hours ago 0 replies      
I love the clickbait. It's missing 3 words - "for paid users". Everyone has clicked it to be disappointed. GitLab++.
110
CiPHPerCoder 12 hours ago 0 replies      
This change was beneficial to me.

Before upgrading, a grand total of 4 users had access to our private repositories, of which we were only using 7 out of 10. I was nervous about running out of repositories moreso than the cost of adding people.

(If we grow our team, it's because we have a lot of client work that's outside my immediate strong suits and we had to hire. If we do that twice, I'll gladly pay the extra $9/month.)

111
gohrt 7 hours ago 0 replies      
What's the delta from the old model?
112
jtchang 18 hours ago 2 replies      
Yay! No more bitbucket for all my private repos. I wonder if this change is because of competition?
113
mnml_ 16 hours ago 0 replies      
too expensive
114
samir16 14 hours ago 0 replies      
Its awesm
115
cwmma 14 hours ago 0 replies      
and bitbucket's sole reason for existing has gone away
116
jiang101 16 hours ago 0 replies      
I'm a member of a Github organisation with 63 members and 20 private repositories. As far as I can see, this changes our yearly cost from $600 to $6564.
117
Zypho 13 hours ago 1 reply      
Everyone who is crying right now would be crying more if Github were to make the price free for private repos because with that, the amount of open source libraries they use would be cut in half.
118
alchemical 12 hours ago 2 replies      
Honestly when I read the title I thought GH switched their business model and offered free users the ability to start a private repo, but this is not the case.

If it is the case that I have to pay to have privacy on Github, then it imposes a privacy-rich versus privacy-poor dichotomy which I am uncomfortable with. Now I know as far as these things go (GH can be subject to National Security Letters), that GH is not really absolutely private. (Backdoors into people's 'secret' GISTS anyone?).

GH had an opportunity here to change their business model so that free users can avail of private repos, and GH could still manage to bring in revenue. GH primarily makes the bulk of their income from what I call 'stakeholder accounts'. That is; those companies who simply couldn't function correctly if GH didn't exist. It is in these stakeholders that there is a symbiotic relationship of revenue for GH, and value for the stakeholder(s).

There are very little lone private individuals who have that kind of symbiotic relationship, and so at least give these low income users the same equal rights of privacy as behemoth tech organizations. It makes sense.

In terms of how GH gets revenue from these users, there are countless other ways to do this instead of relying on the monolithic device of a premium subscription model. Offer paid licenses for their proprietary GH clients. (A one off payment of $20.00 for the GH Windows client is something I would actually pay money for)...

2
Electron 1.0 is here github.com
641 points by alanfranzoni  19 hours ago   365 comments top 43
1
etatoby 8 hours ago 13 replies      
I'm happy and grateful for any and all open source software, because it enriches everybody, well beyond the scope of its creators. But someone has to say it:

Electron is the cancer that is killing desktop computing.

It all started years ago with Firefox, whose interface itself was built using web technologies, in a "brilliant stroke." DOM, CSS, Javascript... maybe not HTML per se, but an XML substitute, and so on. I dare anybody say that Firefox's interface has ever felt as fast as IE, Chrome, Opera, or Safari (on Mac.) It never did and still does not.

Then someone at GitHub had the bright idea to take this "winning" concept and apply it to a developer's text editor, of all things! I still cannot fathom how Atom can have more than 3 users. Every time I've tried it, I've ditched it after 30 seconds. Slooooooooooow!

Fast-forward to 2016: now I see new Electron apps popping up every other day. Even something as simple as a text-only WhatsApp IM client, which could be written in a dozen of C++ files, is a bloated monstrosity that eats RAM for breakfast and contains an entire Node.js interpreter and a Webkit layout engine.

Cancer, I say!

Kill it with fire!

2
grinich 18 hours ago 8 replies      
Our team at Nylas has been incredibly lucky to build on the shoulders of the folks at GitHub and I'd just like to thank Kevin, zcbenz, Jessica, and their entire team. They've been awesome to work with and super supportive of this new community.

Our early prototypes of Nylas N1 were built on Angular in the browser, and then Adobe Brackets, but we couldn't really get it to a level that felt great and worked offline. It wasn't until we decided to fork Atom (the previous base of Electron) that we started breaking past the "uncanny valley" of wrapped webviews and discovered an application stack that allowed quick cross-platform deployment alongside native code modules.

After building on Electron/AtomShell for 18 months and seeing the community grow, I can definitely say there is something really special here. We've still got a lot of work to do on N1 (email is hard!) but we're confident Electron is the right platform for this type of extensible app.

A secondary reason we open sourced N1 was to serve as a reference implementation of a large Electron app. There still isn't a great resource for "best practices" when creating complex Electron apps with lots of moving parts. Now that we've hit 1.0, I think it's time to change that!

If you have a free afternoon, I definitely recommend playing around with Electron. It will likely change your outlook on the future of desktop software. :)

3
StevePerkins 13 hours ago 8 replies      
I can definitely see a niche in which Electron serves well.

However, it seems weird that when talking about mobile apps, the PhoneGap/Cardova "web wrapper" concept is derided as awful compared to native code or maybe cross-plat frameworks. From my anecdotal experience, those same people tend to think that Electron or NW.js are the greatest thing since sliced bread.

Electron is PhoneGap for the desktop. That's not necessarily a bad thing or a good thing, it's just a thing that makes sense in certain use cases and not others. The fact that web wrappers have different levels of "street cred" across mobile/desktop contexts feels more subjective than objective.

I suspect it's simply a matter of the younger crowd having more exposure to native mobile development, and little or no experience with native desktop development... so this discrepancy reflects those different comfort levels.

4
Philipp__ 16 hours ago 3 replies      
While there are many awesome things about Electron, I still give native desktop app advantage. Native apps just feel better. It's all those ms (miliseconds) here and there that in the end make huge difference. Still best showcase is Sublime v Atom. I use Atom, because it's free and open-source, but when I fire up Sublime from time to time, it is amazing how better it feels. It feels right! Guess like everything else in life everything has it's good and bad sides.
5
bengotow 18 hours ago 3 replies      
I've been building on Electron for the last 18 months (@Nylas), and it's really impressive how far it's come in the last year.

Coming from native Mac OS X development, Electron is an breath of fresh air. There's an incredible amount of energy and momentum in the web development community these days, and things like Flexbox, ES2016, React, and ESLint make it possible to ship fast and iterate quickly. Who would have thought JavaScript would be achieving what Java/Swing set out to do in the 90's?

I've had a chance to work with the core team on a handful of bug fixes and new features, and they've been incredibly kind and welcoming. I think Electron will go far as an open source project, and I'm excited that GitHub is growing it beyond Atom.

If you're in the SF Bay Area and interested in learning more about Electron, there's a meet-up coming up later this month! http://www.meetup.com/Bay-Area-Electron-User-Group/

6
lpsz 16 hours ago 6 replies      
Am I the only one unhappy with the trend of moving toward web-wrapper applications? As a developer, I also love the idea of cross-platform, and of more elegant frameworks, but it pains me to run things that are slower or hog the battery.

* JavaScript-heavy Spotify now vs. Spotify a few years ago

* Atom vs. something like Sublime Text

* Or, Slack that takes the cake especially if you log in to multiple Slacks.

It's cool for developers. It's not cool for the users.

7
ksec 17 hours ago 2 replies      
I know this is not really electron's fault, but could there be way to shrink these run times to a lot smaller?

Like Whatsapp App on Desktop you literally have a 60MB download and 200MB install just for a screen that is EXACTLY the same as the Web Version of Whatsapp.

While I dont expect all the apps are like CCleaner or the old uTorrent which is only a few MB in size, 200MB is just redicously large.

8
gbugniot 18 hours ago 8 replies      
"Electron has lowered the barrier to developing desktop applications". Nope, I don't think so. Perhaps for web developers.

For non-web developers, there are already well-suited technologies to develop desktop applications: Swing, Qt, Cocoa, GTK, WPF/WinRT, and so on. Maybe theses technologies seem less sexy but there are here from the beginning to do that kind of job.

Please, use the right tool for the right job.

9
greenspot 16 hours ago 0 replies      
My biggest gripe with Qt is HiDPI support which was introduced just 6 months ago, so quite late. It feels cumbersome compared to HTML/CSS which have native HiDPI support built-in for years. Also the implementation in HTML/CSS is straightforward. You don't need to think about it a second, it just works. Actually this is my number one feature of web tech, it's HiDPI ready and websites and apps like Slack look always slick, crisp and clear, on any platform.

With Qt, just watch this 30 minutes presentation about Qt and HiDPI, while ok there are some parts which unnecessarily complicate matters: https://www.youtube.com/watch?v=2XPpp4yD_M4

10
e0m 11 hours ago 0 replies      
Think about how much time people spend in front of 24" screens with a keyboard. "Desktop", or whatever that evolves into, is overwhelmingly where real work still gets done. For as critical as that environment is in the modern workplace it's historically been drastically underserved by this community.

Yes, there are a lot of tools like Swing, Qt, Cocoa, GTK, WPF/WinRT, but their development communities are much smaller than the javascript/web ecosystem. They also create enormous portability problems, particularly in an environment (especially in the business world) so heavily dominated by Windows machines.

This community is acutely aware of what happens when the barrier to entry is lowered and the development tooling improved. The tooling that Electron provides via Chromium is also something that should not be understated. Chromium's dev tools are remarkable and improving every day. Few other ecosystems, especially old desktop ones, have debugging environments as rich. The painting performance / profiling tools alone go to great lengths to keeping everything running at 60fps. Furthermore modern CSS layout engines like FlexBox give you an enormous head start on a notoriously difficult problem and is a joy to work with when you don't have to worry about browser compatibility.

I will admit, the getting-started cost of Electron is high. Shipping all of Chromium and Node is no small feat and frankly probably not suited for a minor utility. However once an app crosses even a modest level of sophistication the benefits of this environment are definitely worth it. There are also several specialized tasks that Node probably isn't suited for. Luckily, since you have full process control and the ability to compile native modules any additional specialized task can be run on the side.

The past 18 months working with Electron at Nylas have been some of the most enjoyable development experiences of my life. Much of the crap that frustrates people out of web development (compatibility issues) go away. Being able to build an app at the core of people's day-long experiences is deeply satisfying and something I'm indebted to the Electron team for.

If you're in the Bay Area and still have questions or are just curious, come join us at the Electron Meetup on Wed May 25: http://www.meetup.com/Bay-Area-Electron-User-Group/events/23...

11
fsloth 19 hours ago 5 replies      
What do you think the suitability of Electron is for software that is designed to provide revenue with per seat licences and no service component? I.e. 'traditional desktop app'. It seems to me, given how easy it seems to be to copy and modify an Electron application a third party could always copy an application, whitewash it and capture a portion of the market.

The counter point to this is that ownership of the developer brand and distribution channel is which will always drive sales. I'm not sure which aspect is more important when planning a technology platform and revenue model...

12
porker 16 hours ago 0 replies      
Congratulations on reaching 1.0. Electron is really interesting, but until memory usage can be curbed, it's going to be a limiting factor.

I have been going back and forth with Slack over their desktop client; on Windows when signed into 5 groups it uses 1GB RAM. For a rich-chat client.

And if you're thinking "But RAM is cheap these days" -- well yes it is, but by the time you've got 15 Chrome tabs open, a Jetbrains IDE and 3 VMs, plus assorted other software running, 16GB disappears very fast...

13
albeva 18 hours ago 4 replies      
Slow, sluggish, resource hungry and looks alien everywhere. Yeah right. Progress ... If there is one thing its done is lower standard for native applications everywhere.
14
jokoon 6 hours ago 0 replies      
Burn this.

Instead, please, can any investor just hire any computer science PhD (who eventually specialized in compiler engineering), and tell him to work on PREPARSED or COMPILED HTML, and make a browser module out of it, for the sake of speed and memory footprint?

PLEASE. I BEG YOU. DON'T EVEN TAKE CREDITS FROM ME. IT IS SO WE CAN SAVE THE WORLD.

15
webXL 7 hours ago 0 replies      
I just came across a great Electron app called Nativefier (https://github.com/jiahaog/nativefierhttps://news.ycombinator.com/item?id=10930718) last night. It's a super easy way to make dedicated browsers & launchers for certain web apps. (very anti-web, I know)

My first use case for it was making a dedicated Amazon Video client for my wife's laptop (although Nativefier doesn't have one of the necessary plugins) so we can have our regular Amazon accounts separate without switching credentials all the time. But I can think of a bunch more for this

16
mherrmann 11 hours ago 0 replies      
Electron is really cool, unfortunately its startup performance is slow (several seconds on a ~2010 machine). That's why I had to pick Qt for a file manager I'm launching... (https://fman.io)
17
john_reel 7 hours ago 2 replies      
Electron has gotten a lot of criticism for being bloated. Are there any good alternatives for making desktop apps that are scripting language based? Id especially like to use Lua(JIT), but Im not aware of anything anywhere near as reliable, cross-platform, easily deployed, and easy to build interfaces in as Electron. Im not the biggest fan of the JS and/or the JS ecosystem, but I would love the speed, lightness, and convenience of another language (just look at how fast and lean Lua with LuaJIT is!) with the power that some JS tools like Electron have to offer.
18
twotavol 6 hours ago 0 replies      
Every Electron application I've used has been sluggish and straight up pathetically slow compared to any native counterparts. I think there are two reasons its picking up steam:

* Your can now make your web devs (HTML/CSS/JS etc) do your application development as well

* General popularity of web development is exploding

* There's no comparable free, permissive native framework. The closest thing is Qt and its LGPL. No one wants to touch the GPL.

19
staticelf 17 hours ago 1 reply      
One issue I have with Electron is that if I put my computer to sleep without restarting it and have all the applications up all the time, Electron apps gets very slow and sluggish and lags very much. Slack is a good example of this.

I have to restart my computer every now and then in order to keep using Slack and Atom, because otherwise it lags so much. I don't know, I think I prefer UWP apps instead.

20
colordrops 18 hours ago 2 replies      
My team is trying to use Electron to build and deploy apps for Linux, Mac, and Windows, but running into issues with the Mac build. Getting a dmg built on Linux (our build server) is apparently not trivial. Is there a docker image or some other project that wraps all the dependencies up to build Electron apps for all major platforms?
21
kristianp 19 hours ago 2 replies      
It would be nice if Electron could enable cross-platform apps, written in languages other than javascript, that compile to native for the back end and to javascript for the front-end.
22
hs86 8 hours ago 1 reply      
Would a dynamically linked, system-wide Electron installation help with the extensive resource usage of Electron apps? It would decrease the installation size but what about the runtime performance?
23
crisnoble 18 hours ago 2 replies      
Is there a "built with electron" type directory out there somewhere?
24
calsy 18 hours ago 0 replies      
This is awesome! I wish I had something more constructive to say but thats all I could think of at the moment.
25
stuaxo 19 hours ago 2 replies      
Are there plans for electron with the servo browser ?
26
theknarf 14 hours ago 0 replies      
I like the idea of making desktop apps with html, css and JavaScript. I just wish that Electron/Atom wasn't so horrible slow. It shouldn't take me more time to open up a desktop app than a webpage.
27
pj_mukh 7 hours ago 1 reply      
Hmm? Slack's MacApp purports to use MacGap not Electron (https://github.com/MacGapProject/MacGap1).
28
iamcreasy 18 hours ago 4 replies      
Electron looks like it has for both worlds, but what is the drawback of this(kind of) system(s)?
29
Longwelwind 14 hours ago 3 replies      
I find it more comfortable to make a GUI using HTML/CSS, but I wish I could use a more modern and more reliable language than Javascript.

Is there an equivalent to this but with Python or C# ?

30
tmarkovich 11 hours ago 0 replies      
On a slightly unrelated note, I love the theme of the Electron plot. Is there any place where I could find it?
31
mgkimsal 12 hours ago 0 replies      
It's too bad the titanium platform with desktop/mobile/js/web combo never got more momentum. Building a 'web' app - with php or ruby - and bundling as desktop app was pretty darn cool. I only dipped my toes in around 2011 or so, and was sad to see it never get more traction. :/
32
marcosscriven 17 hours ago 1 reply      
One of the things I really like about Electron apps is they look good consistently across platforms, which is something I don't often see for cross-platform apps.

QT seems to be the other major cross-platform framework, but I've never seen one that looks good IMO.

Would be very curious if any fellow HNers could point to good alternatives (preferably C++ based, but as I allude to, I'd compromise by using something like Javascript if it meant a better real world outcome for the user).

33
marcosscriven 17 hours ago 1 reply      
Related to another comment I posted here, what's the opinion lately on native controls/UI widgets vs something cross-platform like this?

It always used to be argued (and maybe still is) that using the UI framework of the platform is preferable, but IMO the results of Electron apps I've seen look great, and I don't find them confusing to use.

The reverse seems to be true on mobile platforms, where people seem to be preferring native UI widgets and behaviour.

34
jweinstein 10 hours ago 0 replies      
Congrats to the Electron community!

We've been excitingly using Electron at Wagon to build SQL analytics tools. We're using Haskell + React + Electron as our primary technologies: wagonhq.com/blog/electron

35
felixrieseberg 18 hours ago 0 replies      
If you're based in San Francisco, come to our next meetup! We'll have a bunch of people working on and with Electron there.

www.meetup.com/Bay-Area-Electron-User-Group/

36
mixmastamyk 9 hours ago 1 reply      
Interesting, reminds me a bit of XUL and XULRunner from the old days, which sort-of failed. What does this have in common, or is different this time?
37
voltagex_ 18 hours ago 0 replies      
So CatLight [1] seems to be a C# app using Electron for UI. I'm assuming there's a local web server running, but I wonder how this works from a build perspective? I wonder if Electron can be built with MSBuild.

1: https://catlight.io/

38
cdnsteve 14 hours ago 1 reply      
I haven't used Electron, but what about mobile apps? I have a need for an app that works on desktop and mobile. So is the recommended option Electron for desktop and for mobile PhoneGap/Cordova?
39
iconjack 6 hours ago 1 reply      
Microsoft tried something similar years ago with HTML Applications (.HTA), essentially web apps that could talk to the file system. Didn't seem to work out, though.
40
robotnoises 12 hours ago 2 replies      
Anyone with experience with Electron and NW.js have an opinion on which is better?
41
dang 10 minutes ago 1 reply      
This breaks the HN guidelines, which ask you not to call names ("you are acting like a child", etc.) in comments here. Please post civilly and substantively, or not at all.

https://news.ycombinator.com/newsguidelines.html

https://news.ycombinator.com/newswelcome.html

We detached this subthread from https://news.ycombinator.com/item?id=11674670 and marked it off-topic.

42
uola 18 hours ago 0 replies      
To me, unless things have changed, electron is crazy. Many people today use some sort of abstraction layer that generates their html/css. I really hope they move towards interfacing js or node.js directly with skia (which is the graphics engine for chrome and used by, I think, sublime text).
43
rufb 15 hours ago 0 replies      
This reminds me of Shoes. Of course, Javascript isn't designed for simplicity like Ruby, and Electron is aimed at serious product development rather than novice and weekend programmers. The product design just isn't "there" yet if we are to measure it by _why's standards. But it's nice to see an ACCESSIBLE actively-maintained tool for making cross-OS apps that "just work" again.

In fact, _why released Shoes around 2007 and disappeared in 2009. To put this in perspective, Google Chrome and the 1st iPhone were released in 2008. The web standard mess (JS in particular) was only beginning to be untangled back in 2007. Maybe today's _why would have preferred to try and make Javascript more approachable rather than choose a simple language like Ruby and make it more powerful. I don't know.

At any rate, the trend for things like Electron is to become increasingly complicated to the point where it merits a mention in developers' CVs as it happened with Rails and Node and countless other frameworks before. Hopefully at this point there are players with stakes high enough at making things accessible to push for an entry-level version of Electron. Maybe Codecademy or one of its cousins.

3
A Farewell to FRP elm-lang.org
754 points by sharksandwich  1 day ago   233 comments top 46
1
ccapndave 1 day ago 7 replies      
I moved from React/Redux/Typescript to Elm a few months ago, and I'm now on my second serious project with it, making mobile application with Cordova. I've found it an absolute pleasure to use, and I especially like that you can be pragmatic about it; if there is something that is annoying to do in Elm then you can simply drop into Javascript/Typescript using ports.

Coming from languages like Actionscript/Javascript/Typescript/PHP I have found the whole Elm experience quite mindblowing; if it compiles, then it just seems to work. I hardly ever find myself poring over bits of code trying to debug a subtle error, and if I do the problem is going to be in the Javascript/Typescript bit.

Basically, I'm sold :)

2
junke 1 day ago 2 replies      
I am happy to see Elm evolving and it looks like a good framework, but there is a tendency in FRP articles to ignore prior work, as acknowledged at the end of the article:

> Note: Interested readers may find Lucid Synchrone interesting. Unfortunately for me, I had no idea my thesis had so much in common with synchronous programming languages at the time, but the connections are quite striking. I might argue that Elm was never about FRP.

My thesis was related to synchronous programming languages and articles about FRP tend to have too little to say about them, for my taste. Yes, there is a word or two in the related work, but also it looks like some wheels are being reinvented.

The subscriptions model reminds me of Esterel, which is imperative and uses await/emit pairs.In the domain of GUIs, which is related to Elm, there is ReactiveML (see "ReactiveML, Ten Years Later" (https://www.di.ens.fr/~pouzet/bib/ppdp15.pdf)).Look also at Lustre or Signal, with Signal allowing directives to define multiple execution units: this is used to generate concurrent programs exchanging values with message passing.

The domain is different, though. Synchronous languages do not target web interfaces. They are about embedded systems and as such, they are mostly static. On the other hand, they are compilable into a simple event loop with static memory usage and constant execution time. Maybe some of the existing research could be useful to something like Elm, even if it does not target the same problems.

3
zalmoxes 1 day ago 3 replies      
As someone who is just getting started with frontend development, I decided to go with Elm instead of learning JS and React. I found the whole experience very pleasant, even as a beginner.

Not only is the elm code I write reliable, but I've found that adding more features does not bloat my code. Refactoring a codebase as it grows in elm is pleasant, and following the Elm Architecture guides me on the correct structure for the app.

Over the weekend I made a small site to show all Elm conference videos in one place. If you want to play around with 0.17 this project is just a bit above a "Hello World" example. Send a PR! https://elmvids.groob.io/

4
e0m 1 day ago 2 replies      
There's also a lot of similarity with Rx.JS and observable based (aka "Reactor") patterns:

 Rx.Observable.fromTime().subscribe(tick) Rx.Observable.fromSocket(mySocket).subscribe(handleEvent)
https://github.com/Reactive-Extensions/RxJS

Regardless of the exact library or pattern, the broader concept of treating data sources as asynchronous event streams you can subscribe and react to definitely simplifies data flow and makes systems very robust.

An additional benefit of this pattern is the natural way it makes it easy to filter, chain, map, etc onto these subscriptions. Once again from the Rx world, http://rxmarbles.com/ does a great job visualizing these patterns.

5
timroy 1 day ago 3 replies      
This looks very cool.

In ClojureScript, we have the re-frame pattern/framework, which is built on Reagent, which is a ClojureScript wrapper of React.

re-frame is all about subscriptions, using a "big atom" to hold application state client-side. Seeing Elm implement the same subscription pattern makes it look pretty tempting.

My understanding is that ClojureScript and Elm have some similarities - functional, pleasant to work with - with one significant difference being that Elm is typed.

6
salimmadjd 1 day ago 0 replies      
Congrats to Evan. I'm still learning Elm and it has been such a pleasure. It's so much clearer to understand the code and go back to it later.I spoke with Evan at length at one of the regular Elm "hackathons" in SF and was so impressed how he thinks about long-term vision of Elm and prefers to take his time to ensure he gets it right to make Elm be around for a long while. Which is the reason I'm investing time into Elm. If you're in SF Bay area. Tomorrow (Wed) is the next Hack night a great place to talk to Evan and the small community around it.
7
Keats 1 day ago 3 replies      
I like Elm but its development really seems to rely on a single person. I saw this post on elm-discuss which is a pretty good summary of my thoughts https://groups.google.com/forum/#!topic/elm-discuss/AmxE3qAm...
8
malandrew 1 day ago 2 replies      
Since people in this thread are likely to be elm enthusiasts and know what's going on in the ecosystem, what is the largest high quality elm app you know about and what is the largest high quality elm app that is open-source that you know about?

I've been doing backend work for a while and I'd like to see what is possible these days with elm.

9
knewter 1 day ago 0 replies      
I'm super excited for this change. I've been watching and waiting for a few weeks. It's a big ordeal for me personally, because I've got 10 weeks of daily elm tutorial content I've written so far at http://dailydrip.com/topics/elm that I'm now re-writing, but the changes are all for the better and the language adoption is bound to go up over time.

If you haven't yet tried Elm, give it a shot. A co-worker (hi Heath!) showed it to me 4(?) years before I got interested in it, and I brushed it off as a toy because I was against Functional Programming at the time for terrible reasons. It's actually one of the 'this feels like the future' technologies that's re-shaping how I think about programming these days. Huge kudos for the release!

10
zachrose 1 day ago 5 replies      
I haven't dabbled in Elm much, but subscriptions look a lot like ordinary JS event handlers:

 Time.every second Tick
vs.

 Time.on('everySecond', tick)
Beyond baking an event emitter into the Time module and having a nice looking API, is there something I'm missing?

11
nilkn 1 day ago 7 replies      
What I really want is a language with Elm's type system, simplicity, and syntax, but aimed for backend software instead of HTML apps and with strong support for an Erlang-style actor model of multicore, distributed concurrency. Basically something like Elixir, but with Elm's syntax and type safety. In the meantime Elixir will do for me, but I'd really like more type safety without going full Haskell.
12
krisajenkins 1 day ago 0 replies      
This is marvellous. IMO Functional has always been a bigger deal than Reactive. Great to see more of that pursuit of simplicity paying off.
13
pklausler 1 day ago 1 reply      
Stupid question from an interested outsider: how's a "subscription" different from a good ol' callback?
14
rdtsc 1 day ago 0 replies      
There is a nice talk from Erlang Factory 2016 called

"Making the Web Functional with Phoenix and Elm"

https://www.youtube.com/watch?v=XJ9ckqCMiKk

15
iamwil 22 hours ago 1 reply      
I found that while things worked once it compiled, I spend most of my time staring at compilation errors, especially as I refactored. So I'm mostly trading time spend debugging subtle state errors with fixing compile type errors. It feels not as productive, since I'm usually looking at errors.

Also, I'm still new to FP, so if you go outside of the Elm architecture, you're going to run into problems, which you're use to solving with specific tools, but they won't be available. So you'll have to spend time learning how to compose things in a new way.

16
zellyn 1 day ago 3 replies      
Just out of curiosity. I'm trying to decide which client-side framework/language to dive into, and it seems that many people consider Om Next a really nice step forward, away from "giant blob of state". My (uninformed) observation is that Elm does things the way Om (previous) did it: is that correct? Is Elm aiming to incorporate Om Next's advantages?
17
TY 1 day ago 0 replies      
Say what you will about languages that compile to JS, but Elm code looks so elegant that I just want to use it for aesthetics alone. Major kudos to Evan for such a wonderful and powerful creation.
18
skybrian 1 day ago 0 replies      
From the Lucid Synchrone paper referenced in the article:

"Synchronous languages are based on the synchronous hypothesis. This hypothesis comes fromthe idea of separating the functional description of a system from the constraints of the architecture on which it will be executed. The functionality of the system can be described by makingan hypothesis of instantaneous computations and communications, as long as it can be verifiedafterward that the hardware is fast enough for the constraints imposed by the environment."

That sounds a lot like how functional programming works in a browser. If you assume function calls take zero time (or can be optimized so they're fast enough) then you end up with event handling and asynchronous I/O. Preemptive multitasking becomes a non-issue. But long-running computations (where you actually want to keep some CPUs busy for a while) need to be handled outside the system.

19
stepvhen 1 day ago 1 reply      
I got into studying FRP around 3 years ago for my senior project. Aside from a decent, clear explanation, there were hardly any actual implementations of this allegedly good paradigm (something Evan covered in his thesis, and the basis for Elm). It seemed like a paradigm that was full of promise and potential but failed to deliver in any worthwhile way.

(Such was the case for my senior project, studying the viability of Arrowized FRP in Elm. In short, I concluded that it was nothing but hell and nobody should bother.)

I am happy to seem Elm drop FRP, even if I wished it could be the savior of the method. At this point I think it's a troubled concept and should be limited to old theses.

20
vvanders 1 day ago 0 replies      
Woah, still reading but seems like a big change considering FRP was somewhat fundamental to Elm.

[edit] Looks like a solid change driving Elm towards easier usage, Signals and Mailboxes were definitely something that took a while to wrangle correctly.

21
daxfohl 1 day ago 1 reply      
Wow, this is a surprise. Kind of like a Haskell headline "A Farewell to Immutability". But sounds like the pros and cons have been well thought out for the intended use case.
22
sotojuan 1 day ago 0 replies      
Elm has always been "that language I dabble in every now and then but never have time for"... good to see it's evolving. Evan and Richard (creator and main evangelist, respectively) are a great team and I hope them the best (and I hope I get more time to mess around with Elm!).
23
d0m 1 day ago 2 replies      
One thing I'm wondering with elm is how does it deal with state across different components? I.e. where would you put the settings of the current user and how would you access that within one component? (By component I mean the (init,update,view,subscription))
24
john-kelly 1 day ago 0 replies      
Hey! CodeHS is working on an Elm Course. The vision of the course is to make a more approachable version of SICP.

The course is still in development, but let us know if you're interested!

https://codehs.com/info/curriculum/elm

25
wrong_variable 1 day ago 0 replies      
subscriptions are great for handling black hole callbacks - callbacks that you cannot return back control to the callie.

Examples of this would be web-socket , http-requests , etc.

however elm and cycle.js try to shoe-horn this idea everywhere - which I think is not needed.

Not every event needs to be subscribed to - it pollutes your global stream. Use global stream only when you need to deal with things that move out the execution context of your program.

26
gjolund 1 day ago 1 reply      
Doing away with signals is a great move, everything else about the elm architecture felt so intuitive.

I'm excited to give elm another shot, and I yearn for the future he describes where web assembly makes elm a viable js replacement.

27
mswift42 1 day ago 5 replies      
Does Elm have any nice interfaces for common JS frameworks? (like reagent / om in clojurescript, or angular2 for dart / typescript)
28
jweir 1 day ago 1 reply      
Has anyone upgraded a non-trivial app from 0.16 to 0.17? Is it pretty simple to rewrite moving from Signals to Subscriptions? Any advice?
29
jtwebman 1 day ago 0 replies      
I love Elm before but now it is even better! I'll make the switch even though I was almost done with my first app with it.
30
charlieflowers 1 day ago 1 reply      
So, is it still true to say, "You wish you could express your business logic with pure functions. But often you can't because the lack of immutability hurts performance in various ways. But ELM creates a 'sandbox' in which you can do so, by letting you write functions which work over time varying streams instead of stateful callbacks."

If not, which parts changed / how would you revise it?

31
empath75 1 day ago 2 replies      
Is parsing json still an ugly mess? That was what put me off actually using it for anything.
32
creshal 1 day ago 1 reply      
> A web handler threw an exception. Details:

> gen/pages/blog/farewell-to-frp.html: getFileStatus: does not exist (No such file or directory)

Some caching problem, it seems?

33
mhd 1 day ago 2 replies      
Has the elm installation on Linux improved in recent months? Last time I tried my system's GHC was too new to install it from source and the node installation went kablooey in weird parts(too recent ncurses, the automatic "reactor" browser repl not finding the Html package etc...)
34
tunesmith 1 day ago 1 reply      
Say a magazine company wants to regularly send issues to a customer, and the customer signs up. Who has the subscription, the customer, or the magazine company? Which one subscribes?

According to Rx, it's the magazine company. Which one subscribes? The magazine company subscribes. It took me a while to realize this when trying to learn Rx concepts, which made it really confusing, since I've always seen the customer as being the subscriber, subscribing and owning the subscription.

It looks like Elm is the other way around compared to Rx, I think.

35
rtpg 1 day ago 0 replies      
The chat client thing is pretty interesting, but there's this little bit:

> Use the browser API To get started you just create a new web socket! Well, then you need to open the connection. But do not forget to add an onerror listener to detect when the connection goes down and try to reconnect with an exponential backoff strategy. And ......

How does handling errors happen I wonder. If you take FB messenger for example, you would queue up a message but if the sending failed you would get an opportunity to retry/not send it at all.

I suppose in FB's case you could write your own subscription provider...

36
ryenus 1 day ago 0 replies      
FRP = Functional Reactive Programming

> When I started working on my thesis in 2011, I stumbled upon this academic subfield called Functional Reactive Programming (FRP). By stripping that approach down to its simplest form, I ended up with something way easier to learn than similar functional languages. Signals meant piles of difficult concepts just were not necessary in Elm.

37
avindroth 1 day ago 0 replies      
I have been learning some haskell, maybe I will dabble in elm. Watched a talk by Evan and was blown away by time-based sophistication.
38
hbrid 1 day ago 0 replies      
Looks very good. I got stuck learning elm at about the point I wanted to integrate a call to a javascript function. Can't for the life of me remember if that involved signals or not. Will definitely try the tutorial(s) again when I get some more time because I really was enjoying everything else about the language and developing in it.
39
kgr 1 day ago 0 replies      
FOAM is also subscription based, but then builds FRP on top of it:https://www.youtube.com/watch?v=-fbq-_H6Lf4
40
dreamdu5t 1 day ago 1 reply      
Looks like Elm moved closer to Pux's API by dropping the signals for `Html action`. Check out Pux if you're interested in the same architecture but for PureScript.

https://github.com/alexmingoia/purescript-pux

41
millstone 1 day ago 0 replies      
Can someone explain how the subscription API differs from signals, addresses, and ports? I'm not familiar with the "old" Elm so I can't judge what the change is like.
42
leejoramo 1 day ago 0 replies      
I wish Elm's blog had an RSS feed.
43
Learn2win 1 day ago 1 reply      
Are there type classes in Elm?
44
wyager 1 day ago 1 reply      
Elm is very cool and pleasant to use compared to JavaScript, but I have some reservations. The limited typeclass system (for numbers and such) seems... questionable. The interaction of what looks like pure declarative syntax and what is actually impure imperative semantics is confusing to me. I understand that the author wants to avoid monads and other perhaps somewhat confusing staples of functional IO, but I'm not sure the cost/benefit of doing it this way works out.

I will say that Elm is the best JavaScript-targeting platform I have tried! I have hopes for GHCJS, but it's not near Elm's level of readiness yet.

45
acqq 12 hours ago 0 replies      
For those like me who aren't familiar with Elm:

An Introduction to Elm

https://www.gitbook.com/book/evancz/an-introduction-to-elm/d...

46
miguelrochefort 1 day ago 0 replies      
Congrats, you just invented Reactive Extensions...
4
PostgreSQL Scalability: Towards Millions TPS akorotkov.github.io
516 points by lneves  2 days ago   210 comments top 16
1
gjolund 2 days ago 10 replies      
Postgres has been my DB of choice for nearly a decade. The only times I wind up working with another db are because:

(1 it is a better technical fit for a very specific problem

(2 there is already a legacy db in place

I have been voted down at a couple of startups that wanted to run a "MEAN" stack, invariably all of those startups moved from MongoDB or shutdown.

The only time I will advocate for anything other than Postgres is when Wordpress is involved. If the data model is simple enough then MySQL is more than up for the task, and it avoids an additional database dependency.

Thankfully all the ORM's that are worth using support MySQL and Postgres, so using both is very doable.

### Useful Postgres (or SQL in general) tools/libraries :

Bookshelf ORM http://bookshelfjs.org/

PostgREST automated REST API https://github.com/begriffs/postgrest

Sqitch git style migration management http://sqitch.org/

2
jasonmp85 2 days ago 1 reply      
Andres is a great coworker to have at Citus Data, though I first ran into him on the mailing lists shortly after starting at Citus myself. I was tasked with figuring out "why do certain read-only workloads fail miserably under high concurrency?"

I had never touched PostgreSQL before, nor any Linux performance tools, but I noticed that replacing certain buffer eviction locks with atomic implementations could drastically help this particular case. I emailed the list about it and Andres was someone who chimed in with helpful advice. I wrote up what I'd discovered in my deep dive here: http://tiny.cc/postgres-concurrency

Turns out Andres was already working on a "better atomics" patch to provide easier methods of using atomic operations within PostgreSQL's code base (my patch was a quick hack probably only valid on x86, if that). It's been useful in removing several performance bottlenecks andtwo years init looks like it's still paying off.

3
snhkicker 2 days ago 2 replies      
I don't know much but to me it seems PostgreSQL is probably one of the most open and supporting communities maybe this is reason alot of new faces are looking at it including me.
4
graffitici 2 days ago 8 replies      
Are there any best practices for using PostgreSQL for storing time series data? Would it be comparable in performance to some of the NoSQL solutions (like Cassandra) for reasonable loads?
5
bnchrch 2 days ago 0 replies      
PostgreSQL has continued to be one the best open source en-devours so far. An amazingly smart and welcoming community that turns out arguabley the best in class relational database. Kudos and keep innovating team PG.
6
jrcii 2 days ago 16 replies      
Slightly tangential but I'm genuinely curious, does any have a theory as to why nearly every RDBMS post on Hacker News is about Postgres and almost never MySQL or MariaDB? Considering the relative obscurity of the former it seems somewhat inexplicable.
7
devy 2 days ago 1 reply      

 In partnership with IBM we researched PostgreSQL scalability on modern Power8 servers. 
That statement and the linked Russian blog white paper[1] makes it seem like a Power8 specific and Power8 is a "a massively multithreaded chip"[2]. I wonder how far off it would be to x86-64?

[1] https://habrahabr.ru/company/postgrespro/blog/270827/

[2] https://en.wikipedia.org/wiki/POWER8

8
tormeh 2 days ago 5 replies      
How does PostgreSQL compare to VoltDB?

I'm trying to get a handle on the different databases, and VoltDB sounds exciting, but everyone's talking about PostgreSQL. Then there's Mnesia which I hear is, as all things Erlang, excellent, though it's kinda tied to Erlang.

I know it's hard to say what's best, but what would you say is the best DB for a completely new multilingual project that needs throughput but prioritizes low latency, for example?

Also, VoltDB is licensed under AGPL. Does this mean that it can't be used in commercial projects? Or is it OK as long as the other components are on different servers or similar?

9
Ono-Sendai 2 days ago 1 reply      
Sounds like the padding stuff is a false sharing issue. They might want to look into putting 128 bytes of padding between the data structures as well: http://www.forwardscattering.org/post/29
10
jlgaddis 2 days ago 3 replies      
Man, how I wish WordPress had originally chosen to use PostgreSQL instead of MySQL back in the day.
11
hbrid 1 day ago 1 reply      
Postgres is still going through the motions of a transaction for every query you issue it even if nothing else but that transaction is happening on the server. So obviously if you add extra load in the form of writes, you may slow your reads down, but this was not a full benchmark, but instead a comparison of the same workload running against multiple versions of Postgres.
12
hinkley 2 days ago 1 reply      
Always nice to hear about throughput improvements in Postgres.

How do these changes affect more heterogeneous workflows, of mixed reads and writes? A little better? A lot better? A little worse?

13
znpy 1 day ago 1 reply      
Dumb question: in this context, "TPS" means... ?

T<what?> Per Second?

14
ionheart 1 day ago 1 reply      
Big thanks for the community for the hardwork! I wonder if we set the "sync=off" in the test, will it be way higher than the OP results?
15
malloryerik 1 day ago 1 reply      
Any opinions about AWS' SQL database, Aurora?
16
gnarbarian 2 days ago 1 reply      
The more efficient we can be at completing TPS reports the better. I must spend upwards of 40% of my time on them.
5
We're considering banning domains that require users to disable ad blockers reddit.com
518 points by Hjugo  2 days ago   253 comments top 37
1
econnors 2 days ago 5 replies      
As noted other comments, this would only apply to the /r/technology subreddit. The general feedback is in favor of blocking these types of sites.

I'm pretty amazed at the current state of ads. With multiple ad exchanges, private sellers, and static brand deals, the entire serving process is a mess and users are paying for it. I don't think publishing websites are being malicious; they're incentived to make money and just haven't figured out how to do it at a high enough margin while keeping users happy. I just think the entire internet ad industry is in shambles and nobody really knows a solution that makes everyone happy.

2
alblue 2 days ago 3 replies      
The nub of the thread is: these sites have put up ad blocker blockers, so you can't see the content without disabling your ad blocker. And yet when you do you are either exposed to full screen or video auto play ads, or in some cases, malware: http://www.extremetech.com/internet/220696-forbes-forces-rea...

Given that Reddit is a large source of incoming referrals this stance (if implemented) might be a sufficient lever to send a signal to get those sites to improve their environment.

In any case since the sites are still able to use curated self hosted ads (ie not JavaScript redirects to externally hosted providers) they are able to sell static ad space to make money even with adblockers enabled.

It might be worth seeing what the outcome for the experiment is (if it goes ahead) and then seeing if the same logic would work for HN.

3
esoteric_nonces 2 days ago 3 replies      
Maciej (HN handle 'idlewords') has an interesting take on this that I'm struggling to find in my history right now. The basic idea is that all of the data these companies collect is still ultimately useless in practice. We still don't have advertising that is even close to being relevant.

But the data retains its toxic qualities (of being a database of every action I take on the Internet and some in the real world).

I fire up the YouTube homepage and all of my recommendations are for UK daytime TV. Celebrities, 'Jeremy Kyle' (the UK Jerry Springer), etcetera.

YouTube sends me adverts for female hygiene products and dog food. (I am male and I own no dog.)

Even when I get advertising that's not selling me stuff that would require I buy something else first (sex change, dog) it's invariably for something vastly overpriced or some sort of megabrand.

4
MichaelBurge 2 days ago 3 replies      
I wonder if you could sue a website for serving you malware.

Here's my idea for an ad company:

* People who want to post ads have to provide their name, address, verified email, and a security deposit(say $500). Larger volumes of ad purchases require either a long history, insurance, or a bank letter to vouch for you. If you load malware anywhere into the system, you get fined and your information gets turned over to the police.

* People who want to earn money with advertisements have to provide name, address, verified email, and a security deposit. The security deposit could be funded out of earnings(or not). Fraud is countered by randomly sampling websites and fining offenders if the ad isn't visible. Also they get their information turned over to the police if it was intentional fraud.

* Security deposits are returned within 1 month after the advertising relationship is terminated.

* Fines are paid out of the security deposit, and your access is restricted until you refill the account(possible with an even bigger deposit).

* People who are higher risk(from a shady lawless country, no history or background, etc.) have to pay a higher security deposit.

* Ads can be either text or banner ads. Anything Turing-complete needs insurance or a bank letter.

* If someone pushes through a porn ad to get advertised on the NYT by miscategorizing it, they get fined.

Now all the ads are guaranteed to be of high quality, and the websites you're advertising on are probably higher quality too.

5
Zelmor 2 days ago 3 replies      
Same should go for HN, really. Paywalls and adwalls are a great way to make me not even read the article and thread. Yet, they make frontpage due to buzz.
6
kinghrothgar 2 days ago 2 replies      
All of this was started by a false accusation. The same guy that posted the tweet that went vial later said he was mistaken:

http://www.ghettoforensics.com/2016/03/of-malware-and-adware...

"Here is what is clear:

The advertisement was not malware.

Forbes is still whitelisted from my ad-blocker.

We have no evidence of what exactly created this pop-up."

7
awinter-py 2 days ago 3 replies      
Hmm; how about a +5 point boost instead for sites doing paywall innovation? Free content isn't the end goal. Don't we want people to make a living off content? I can't imagine anybody here wouldn't pay 1 or 5 pennies for the second half of a useful article.
8
willvarfar 2 days ago 5 replies      
Tangentially, I would like Google to put a warning on navigating to a site that has served malware any time in the past month. This will increase the penalty of serving malware so much that sites will suddenly push back on the ad networks and improve quality dramatically.
9
SEJeff 2 days ago 0 replies      
I genuinely wish HN did this, but with uBlock origin, you can block most of the scripts that ask you to disable adblockers. In a cat/mouse game, the techies are going to win.
10
niccaluim 2 days ago 3 replies      
Have media companies ever considered something like the cable TV model? I'm thinking something like ten different sites form a network, and readers pay once (on a subscription basis) for access to the whole network instead of paying each site separately.

I definitely am not interested in subscribing separately to (e.g.) Wired, the NY Times, the Economist, WSJ, the New Yorker, etc. But I think I'd be totally down for a single rate that gave me ad-free access to some or all of those.

11
jimbobimbo 2 days ago 1 reply      
I wish search engines would start banning Forbes too: very often they're one of the top results, but their implementation of interstitial is broken and lands you on their home page instead of the page which search engine links to. And I don't even use ad blocker!
12
TheRealPomax 2 days ago 1 reply      
Why are people commenting here, instead of in the reddit request for comments thread? It's literally a call for you to leave your comments on this matter for reddit to read, doing so here is in this case about as counter productive as it gets...
13
threatofrain 2 days ago 0 replies      
What consumers want is a combination of product or service (1) database, (2) curation by category + quality, (3) recommendation, and (4) discovery. As an odd category, there may also be product sponsorship, like with Kickstarter.

Advertisements suck at all of these.

14
keypusher 2 days ago 0 replies      
This only applies to r/technology. Which is a large sub, but still a very small part of reddit.
15
cha5m 2 days ago 0 replies      
I honestly like the sites that block adblock. I only use adblock because it is so easy and has such massive benefits, but I still feel guilty than I am not supporting content creators.
16
phereford 2 days ago 1 reply      
This industry is ripe for innovation. I agree that the state of malware being served through Ad Exchanges is grotesque and I fully employ my ad blocker everywhere.

Here is the thing I just dont get. Why doesnt some tech savvy organization create a white label solution that companies can either slap a subdomain on and invite "Customers" to fill ad supply. Self host the curated assets through said white label solution. Moderate with sophisticated computers that are not subject to the vast majority of mal ware (excluding 0-day obviously), and move on. Im sure someone could easily serve the ads off of the main domain anyway to circumvent all of the ad blockers on subdomains.

This is a perspective from the outside looking in, but people seem to just complain about the problem instead of looking for solutions.

EDIT: BAH, so there is a conversation from last year. https://news.ycombinator.com/item?id=10221859

17
return0 2 days ago 2 replies      
Anything that expedites the process of moving from ads to paying "somehow else" for good content is good. But it falls on the technologists side to come up with something that replaces ads. Redditors are only curing a symptom.
18
xrisk 2 days ago 2 replies      
You should really post np.reddit links to prevent non-users of said reddit community from voting. It's the standard practice -- https://www.reddit.com/r/NoParticipation/wiki/intro
19
snappythrowaway 2 days ago 1 reply      
I would suggest a emoji based labeling system.Not too intrusive (grey scale) that somehow could signal if article is paywalled / blocking visitors with ad-blockers.

For a subset of users (either detected or by user preference), there might be another useful symbol as well for indicating if a website is not tor friendly.

20
jcoffland 2 days ago 3 replies      
I think HN should automatically penalize the scores of paywalled sites. Although I'm not sure HN's pro-corporate politics would ever allow it.
21
aaron695 2 days ago 1 reply      
How about they bugger off and not censor my content.

Power hungry censors from either the government or forums piss me off.

People who own forums have a right to regulate content, true.

But bullshit like this aint cool, I and the users are not babies, bugger off, we'll decide with votes.

22
pmontra 2 days ago 0 replies      
I second that.

I also don't like those sites that require JavaScript to read plain text content. Forbes is an example of both cases, with a twist. The text of the article is embedded in a script tag inside the HTML page and then added to the visible DOM. I could understand a SPA getting JSON from the server but here the content is already in the page.

23
therealdrag0 1 day ago 0 replies      
This week I noticed that StackOverflow has voting on ads. Hover over an ad and it shows thumbs up/down. I disable my ad-blocker on sites I want to support and just noticed this.

Seems genius to me.

24
moron4hire 2 days ago 1 reply      
You would think, if they have the ability to detect that a user has an ad blocker in place, they could just as easily redirect them to a subscription form for an ad-free experience, rather than block people and lose revenue completely.
25
xg15 2 days ago 0 replies      
"We're forcing our users not to post sites that would force them not to force the sites to not force the user's viewing habits by posting ads".

You know an arm's race is in progress when...

26
S_A_P 2 days ago 1 reply      
Ive actually implemented this locally. I reached a breaking point with some of the intrusive ads, so I block ads. If a site(such as Wired) asks me to turn that off, I add it to simple blocker and dont go back. The funny thing is a) I have a print subscription to wired but I cant access the site without turning off ad blocking, and b) I dont miss the online version. If Im just being honest with myself, its doing me a favor by preventing procrastination.
27
ctulek 2 days ago 0 replies      
Sidenote: we should call it ad-company blockers, not ad blockers
28
rdudek 2 days ago 0 replies      
uBlock Origin and enable the anti-adblock killer under 3rd party options seem to usually work great. I also run Privacy Badger add-on which allows me to disable certain scripts and trackers from pages. Works great.I'll subscribe to sites that I visit on daily basis if they offer it with option to disable ads. I have no problem with this. I don't want to be served idiotic malware from some ad-exchange.
29
mcbits 2 days ago 1 reply      
I share the sentiment of the proposal, but what I really don't understand is why user moderation fails to suppress those sites despite their tactics angering so many people.
30
_audakel 2 days ago 1 reply      
One easy way I have found to get around some of these site's blocks is disabling javascript in the chrome console and then reloading the page. it works a good amount of the time. you can also wget the page and pass in headers that your a google bot to bypass paywalls on sites like economist and wsj. (this was documented in a previous hn post exactly how to do this)
31
anonymousab 2 days ago 0 replies      
I should think flair would be enough. The community would naturally downvote those links when they thought the content wasn't worth it.
32
rodionos 2 days ago 3 replies      
Banning these sites altogether would be too much. Assign a pre-defined downvote so that the hurdle for ad-driven sources is higher to overcome.
33
tacos 2 days ago 0 replies      
Make it a user option -- sites really shouldn't be in the business of globally blocking domains. And then let me add sites to the .ignore file too, please.

Anyone got the list of sites HN currently blocks/penalizes/rewards? I'd love to tweak those options, and add marco.org and buzzfeed to my personal blocklist.

34
jasonkostempski 2 days ago 0 replies      
I'm not sure this would be possible via normal subreddit admin tools but I'd like to see this done as an user opt-in feature. Let people post those link if they choose to but also let users choose if they see them or if they get a notice when they try to post a link to one.
35
X86BSD 2 days ago 0 replies      
I personally do not mind the "Deck" ad network. To me that is ads done right.

I learned about the deck from daringfireball.

36
gjolund 2 days ago 1 reply      
A simple solution to publishers:

Curate your ads and serve them statically.

37
dredmorbius 2 days ago 1 reply      
Yes, ban both adblock blockers and paywalls.

The first are overtly refusing to accept users' terms. The second are trying to have their cake and eat it too: viral content propogation whilst refusing to present content to those who come at it via link aggregators and discussion sites such as Reddit.

Both actively thwart Reddit's intended aim: informed discussion of an article _by having read it_. If they don't want to participate, then don't participate.

Moreover, advertising, the advertising infrastructure, and multiple aspects of it are creating a seriously problematic WWW information structure: crap content, user-hostile design, hugely excessive bandwidth usage, slow browser response, and privacy and security risks galore. At the same time, the actual creative producers and journalists responsible for primary content are hugely undercompensated.

Eliminating the existing advertising regime would allow all of these to be addressed.

That said, high-quality information has a very serious revenue problem, and I'd like to highlight that.

It's a topic I've explored in some depth, "Why Information Goods and Markets are a Poor Match"(https://np.reddit.com/r/dredmorbius/comments/2vm2da/why_info...). Or if you prefer a real economist, Hal Varian's "Markets for Information Goods" (http://people.ischool.berkeley.edu/~hal/Papers/japan/index.h...).

A frequently proposed solution is micropayments. I don't see those as viable, Clay Shirkey, Nick Szabo, and Andrew Odlyzko have all written at length on why not.

Rather, a universal content tax or broadband tax seems an alternative. Phil Hunt of Pirate Party UK and Richard M. Stallman of the Free Software Foundation have suggested this, I'd made my own universal content proposal some time back (https://np.reddit.com/r/dredmorbius/comments/1uotb3/a_modest...)

I've also done some back-of-the-envelope calculations on amounts. _Total_ global ad spend in 2013 was $500 billion, online was $100 billion. If _only_ the world's richest 1 billion (roughly: US, EU, Japan, Australia) were to contribute to this, the tax would be $100/year to eliminate _all_ online adverts, and $500/year for _all advertising entirely_. The money could fund existing creatives -- writers, editors, film producers, journalists, and musicians -- at roughly _twice_ today's compensation.

It's worth a thought.

6
Concerns for global spread of Zika mean Rio de Janeiro Olympics must not proceed harvardpublichealthreview.org
416 points by bd  12 hours ago   198 comments top 21
1
askyourmother 11 hours ago 4 replies      
Come to Rio - watch the Olympians swim in the very dirty water they promised to clean but didn't! Catch zika, then fill out the police and insurance forms after you get robbed! Seriously though, Rio is a very very dangerous place to visit even for brasileros, let alone tourists, and the zika and chinkungya virus outbreaks are not helping either.

Watch it on TV, from far away.

2
ChicagoBoy11 10 hours ago 9 replies      
This article is idiotic if the main reason for cancelling the game is actually some "global spread" of Zika.

Rio is not some city in the middle of nowhere from which no flights are coming in and out of, and now suddenly this massive international influx of visitors will come in -- it is a world-class city, a financial hub of the largest country in the continent.

If we take London 2012 as a benchmark, estimates there are that the olympics yielded a 13% increase in foreign visitors from the previous summer. And that is London, a place where access from other destinations is cheaper, the infrastructure better, and a lot more appealing to U.S. visitors (due to some of the things cited above). It is completely reasonable to expect that the delta in Rio should be roughly the same, if not smaller.

The fact is that the"impact" on travel due to the Olympics will be negligible in a city like Rio -- and the economic impact is CERTAINLY negative, unless you are drinking the Kool-Aid of organizers.

I'm fine with cancelling the games, but claiming that not doing so will lead to a much riskier global health situation than the one we are already living is hogwash.

3
ehmuidifici 10 hours ago 1 reply      
Brazilian here, Ive been in Rio a couple of times (living in Sao Paulo right now, who also has problems w/Aedes Aegypti):

Come to Brazil if you wish, but take care. The Aedes Aegypti mosquito is all around and can spread not only Zika, but Chikungunya (kindly named "chico cunha") and Dengue.

Make good use of insect repellent, watch your stuff when walking on beaches (don't forget robbers and thieves) and think twice about trusting someone.

As someone said before, every city in the world has its problems and brazilian cities have them also.

Personally, I will not go to Olympics just because hotel prices on Rio skyrocketed and are almost impractical.

4
apalmer 11 hours ago 2 replies      
It should be considered, dont know if it makes sense but the pros and cons should be weighed and respected international health organizations should weigh in.

Overall though, think given the fact the facilities have not been fully constructed, the Brazilian government is on the verge of collapse, and the risks of being a major disease vector is plausible...

Should definitely consider delay or moving

5
wyldfire 10 hours ago 4 replies      
Ever since the news of Zika causing microcephaly came up I have been wondering whether it's a net benefit to humanity/homeostasis if we were to exterminate Aedis Aegypti. Can Zika spread among humans already? It would seem like a huge risk to the future of humanity if this infectious disease interferes with reproduction.

What's the worst-case scenario for letting Aedis Aegypti live? Is it better than the worst-case scenario for exterminating the species?

6
bhouston 11 hours ago 4 replies      
I was wondering about whether this would happen. I am not enough of an expert to make a call on this either way of course, but if experts decided this was the right call would it even be possible to cancel/reschedule the Olympics? Imagine the financial impact on Rio.
7
dsfyu404ed 11 hours ago 1 reply      
I wonder if the medical community is also working with the state department, airlines and travel agencies to make sure people get a stern warning before they buy plane tickets to Brazil and an even sterner warning when they get back.

Considering the political forces that need to be involved in moving (or not) the games it seems foolish to not have a safety net if "please move the games" doesn't work.

8
S_A_P 10 hours ago 0 replies      
Zika is already in Houston, Dallas and other Texas cities. I dont know if it is tourism that brought it here or not, but it has enough transmission vectors that its only a matter of time before its everywhere.
9
neves 7 hours ago 0 replies      
What will prevent the outbreak is the weather in Rio. The Zika mosquito takes 3 to 4 weeks to reproduce http://www.denguevirusnet.com/life-cycle-of-aedes-aegypti.ht...and it loves hot and wet weather.

The autumn in Rio is the coldest and driest in a long time http://g1.globo.com/rio-de-janeiro/noticia/2016/03/outono-no...When the Olympics arrive, the mosquito will be in their lowest population count.

If you consider that the Olympics tourists are rich ones, that will spend most of their times in air conditioned environments, the risk is really very low.

10
transfire 9 hours ago 1 reply      
What? Are they planning a culling, on which they will blame Zika and the Olympics? Otherwise, this make zero sense.

Despite all the hype, Zika is not the end of the world. Most people who get it hardly notice and get over it in rather short order just as one gets over a cold.

11
DannyBee 10 hours ago 3 replies      
Serious question: Has anyone seen an article or study about the microcephaly effects on pregnancy where the main population studied was not in brazil?

I have yet to see a study that links it to microcephaly for anyone who has not been in brazil for a long time.I realize the mosquito isn't common, but brazil also does things like: "secretly spray tons and tons of pesticide on their populus", etc.

Given these are all correlative studies, i'd love to see something from a country where there aren't a ton of possible other variables.

(especially given zika has been around and even common forever and it's only now that this seems to be an issue)

You know, before the tourism economies of all of these other countries are completely destroyed.

12
davesque 10 hours ago 2 replies      
So does "fold" just mean "times"? I always thought it meant 2^x times.
13
mc32 10 hours ago 0 replies      
That's not going to happen -- not when their economy is in a nosedive and they are embroiled in impeachment proceedings.

At most they'll spray and fumigate the skeeters for the few weeks the activities take place and then go back to "normal".

14
tim333 7 hours ago 0 replies      
It's kind of a shame that there is probably a solution to Zika sitting there waiting for regulatory approval in Oxitec's GM mosquitoes which were first successfully trialed in 2009. Maybe after another one or two million people have caught Zika they'll get around to using it.
15
sremani 10 hours ago 0 replies      
I am mixed about this whole episode, at one level there is bias against developing countries. On the other end, Brazil did not do any favors for itself, with zika, political turmoil etc. But they did pull of a FIFA world cup, so I am a bit more optimistic.
16
kordless 11 hours ago 0 replies      
Good luck on that. People in dissonance don't want to hear about it.
17
ck2 9 hours ago 1 reply      
Could people accidentally bring back live mosquitoes in their luggage and such that are carriers?

If so, could spread the world at lightning speed.

I think there is also concern for the athletes in that the water is absolutely filthy there.

18
msimpson 9 hours ago 0 replies      
Thanks to this article I am now aware of a man named Dick Pound.
19
mariusz79 10 hours ago 0 replies      
The show must go on.
20
mhurron 11 hours ago 2 replies      
> I live a longtime in Rio and never had Dengue, Zika

Don't be so sure about that. Most people who contract both of those don't know that they have them as the symptoms are so mild they are mistaken for a simple cold.

But no, it's just racists pretending that diseases can spread.

You can relax anyway, there is too much money to be made by those running the games in Rio to have it canceled. No one actually cares if people get sick.

21
ramon 10 hours ago 0 replies      
Just wanted to reply to all and say: If you are afraid of Zika, Dengue or whatever the mosquitos transmits, don't get out of your houses! I will go after those bastards!

Best to all,Signed: The mosquito killer! :p

7
Nestl Wants to Sell You Both Sugary Snacks and Diabetes Pills bloomberg.com
408 points by sergeant3  2 days ago   332 comments top 34
1
shawn-furyan 2 days ago 5 replies      
The offerings of humongous multinational conglomerations are not coherent. You could generate stories of this type all day, because the offerings of the likes of Nestle, GE, J&J, P&G, Coca-Cola, et. al. are the results of the efforts of hundreds of thousands of employees (for each conglomerate) subdivided into thousands of business units [read sub-companies], each with its own goals, challenges, and many existing within markets that are essentially disjoint from those of other business units under the same parent company.

This sort of story is pure narrative fallacy, because there is no person at Nestle that decided to exacerbate diabetes and then sell diabetes drugs to profit on the other end. Outside of that person existing, there's no story here. If you take away the conflation of a conglomeration with an entity of coherent offerings the premise crumbles.

2
cisstrd 2 days ago 3 replies      
Nestle is a very big company making all kinds of products, and since ever more people are following the health and fitness craze, there are so many people obsessed with health, they want to profit from it. They want to adjust their company in order to guarantee future profits, that's actually (a) the most normal thing in the world and (b) a form of following consumer's choice and wishes.

I don't see how selling sugary products for those who buy them and selling health products for those who prefer them is any kind of evil moral conflict. No matter if "health product" means low-fat low-sugar foods or pharmaceutical products.

Scepticism is good, control and regulation is good, blind condemnation is not, not sure what the article is representing. For me it actually is healthy scepticism, some of the comments here are more condemnation I presume.

3
jensen123 2 days ago 27 replies      
The other day I went to buy some canned refried beans. When I read the label, I noticed that it contained refined sugar. WTF?!? There should be no need for sugar in refried beans! After recovering from the shock, I went to another grocery store, where I found refried beans without sugar.

Why does this happen? Obviously, sugar tastes good. That has to be why companies add it to all sorts of things. However, if most people were like me, they would read the label and refuse to buy anything that unnecessarily contained sugar. The companies doing this would lose money, and soon stop doing it. But the opposite has happened. Why?

There can only be one explanation: most consumers are dumb. However, when you read about stuff like this in the mainstream media, it's always framed as if "big evil corporations" is the whole problem. That "average Joe" has a low intelligence is never mentioned. Of course, the media wants as many consumers as possible, too, so calling most of their potential readers/viewers stupid is probably a bad strategy, even though it's the truth.

4
kazinator 2 days ago 3 replies      
Yamaha wants to sell you noise-canceling headphones, and a motorcycle.
6
mhurron 2 days ago 8 replies      
Diabetes is not always a byproduct of over consuming sugar and a company producing sugary snacks and diabetes pills does not force or even encourage over consumption of sugar.

I don't see what the actual problem is.

7
cies 2 days ago 4 replies      
> Nestl Wants to Sell You Both Sugary Snacks and Diabetes Pills

...and they want to "own" the water.

https://www.youtube.com/watch?v=w_pb6r8VNWk

8
hammock 2 days ago 5 replies      
It's the Wall-e Scenario. If we can find a way to continue to consume cheap, shelf-stable, nutrient-dense food; while at the same time repairing our bodies from the side effects, we can be fat blobs living and consuming and growing the economy.

And whether that's unilaterally a bad thing may not be a settled question. The top 5 drugs in the US[1] are remedies for problems caused by advanced society - a statin, antacid, blood thinner, inhaler and antidepressant. They enable many of the affordances we provide for ourselves.

[1]http://www.m.webmd.com/a-to-z-guides/news/20110420/the-10-mo...

9
md224 2 days ago 1 reply      
> In a 2013 review of published research, scientists affiliated with Frances national scientific institute wrote that sugar and sweets can not only substitute [for] addictive drugs, like cocaine, but can even be more rewarding and attractive. Although sugar is clearly not as behaviorally and psychologically toxic, cravings for it can be just as intense, they said.

So... how do we measure behavioral and psychological toxicity? What does that actually mean?

Feels like they're trying to escape cognitive dissonance with weasel words here.

10
chris_wot 2 days ago 1 reply      
"On Oct 18 the US company Genzyme announced it had formalised an agreement to acquire Cell Genesys for approximately US$350 million. This move follows an agreement by the pharmaceutical division of Japan Tobacco, the world's third-largest tobacco company, to purchase the rights to therapeutic and preventive lung-cancer vaccines under development by Cell Genesys and another American biotechnology company, Corixa. If the vaccines are approved, Japan Tobacco will find itself in the unusual position of marketing products that cause, prevent, and treat the same disease."

Murray, S. (1999) Kill or cure, confused messages from Japan Tobacco. The Lancet, 354(9188), p.1456.

11
mheiler 2 days ago 0 replies      
Nestle is trying to avoid the trap Coke and McDonalds fell into: Only offering unhealthy food choices and loosing the young generation of health-conscious consumers. They can't go the Wholefoods way since organic is inherently more expensive and harder to scale. Nestle is a food-tech company that wants to feed the globe. Now they try to do it in a more healthy way. I don't know why Bloomberg is so negative about that.
12
0xmohit 1 day ago 0 replies      
This is analogous to cigarette companies selling nicotine gums. The largest cigarette company in India -- https://en.wikipedia.org/wiki/ITC_%28company%29 -- sells nicotine gums[1] too!

[1] http://www.kwiknic.in/

13
amelius 2 days ago 1 reply      
One of the supplements shown in the article is Deplin, which contains L-methylfolate, and supposedly helps with depression.

Any ideas on how this supplement works? And how many people would benefit from it?

14
wahsd 2 days ago 1 reply      
I wonder if it will ever hit the mainstream that Nestle put plastic filler in jar baby food in order to drive sales as babies would need to eat more baby food because they would simply pass the plastics. If anyone's interested in pursuing the story, they funded research into how much plastic could be added without causing health problems.
15
qaq 2 days ago 0 replies      
Nestle is generating a ton of money, and periodically invests in unrelated industries sometimes very successfully like with Alcon.
16
jlebrech 2 days ago 0 replies      
17
powera 2 days ago 0 replies      
What if the article were "Walmart Wants to Sell You Both Sugary Snacks and Diabetes Pills"? Because, I mean, Walmart does sell both of those in their stores.
18
bunkydoo 2 days ago 0 replies      
This is the same company whose CEO said water is not a human right... Would we honestly expect anything less from these guys?
19
z3t4 2 days ago 0 replies      
People simply do not have time to read the ingredients on every product they buy. Maybe force producers to show amount of sugar lumps on the label.
20
etaty 2 days ago 0 replies      
I think it's time to go either buy simple fresh product or go buy soylent joylent Huel and others.The food industries is only making us fat!
21
Amir6 1 day ago 0 replies      
A fantastic example of create a problem, solve it, make billions!
22
jamesrcole 2 days ago 0 replies      
Any company that sells sugary snacks does its best to get people to consume as many of them as possible, right?
23
thisjustinm 2 days ago 0 replies      
There's a lot of discussion on here about stupid consumers vs evil corporations, etc. As is often the case, the blame lies with just about everyone involved to some extent. The US government choose to promote a low fat diet with it's original nutrition guidelines in the 70s [4] which led the public to demand the food companies to produce low fat everything in the 80s and into the 90s. It's now emerged that there was little evidence to support the health benefits of a low fat diet.

When you remove fat from food it becomes unpalatable unless.... you add sugar. Thus the increase in added sugar in just about everything which has helped to contribute to the rise of obesity and metabolic syndrome and all the diseases that come with it from diabetes to fatty livers, heart disease, etc.

So who's to "blame"?

The government in some ways, even though they seemingly meant well when recommending low fat diets (they're just now beginning to recommend reduced sugar and ease up on fat warnings).

Food companies in some ways who seem to have known about sugar's addictive properties and engineered their food to keep you coming back for more rather than keeping you healthy [3].

Consumers in some ways for not reading labels, exercising more, reducing portions, etc. But who could blame you when the government and the food companies were trying to convince you that what you were eating was good for you? (unless you had time to dive into the research yourself but let's face it, that's not an option for 99% of people)

One of the best explanations I've read of not just why sugar (fructose to be specific) is bad for you (in the quantities Americans but also most of the world eats it at) is the book "Fat Chance" by Robert Lustig [1]. You can also get a glimpse into his arguments via his youtube lectures [2].

[1] http://www.amazon.com/Fat-Chance-Beating-Against-Processed/d...

[2] https://www.youtube.com/watch?v=dBnniua6-oM

[3] http://www.cbc.ca/news/health/food-cravings-engineered-by-in...

[4] http://time.com/3702058/dietary-guidelines-fat-wrong/

24
tcskeptic 2 days ago 0 replies      
So does almost every pharmacy in the US. (CVS, Walgreens, Walmart, Target, my local independent, etc.)

Who cares?

25
askafriend 2 days ago 0 replies      
They're just closing the loop, like an good entrepreneur would do.
26
marmaduke 2 days ago 0 replies      
This what they mean by "vertical integration" right?
27
devy 2 days ago 0 replies      
While Nestl's each subsidiaries and brands might have their own business motives to sell / market their own products (a lot of them have long been well-known consumer brands with a long history), the title does sound more troubling than it appears.
28
beyondcompute 2 days ago 1 reply      
The nature of unbounded capitalism in one sentence.
29
option_greek 2 days ago 0 replies      
One is for current users. Other is for future users :)
30
Havoc 2 days ago 0 replies      
Seems like a sound strategy.
31
jamble 2 days ago 0 replies      
The article was an interesting read until I hit the picture showing Deplin. I want to share my story about this drug. After having a DNA test done and finding out I had an MTHFR gene mutation, my psychiatrist prescribed me that orange pill. She had lots of samples, too, which I was grateful for as it was extraordinarily expensive. i.e. not covered by insurance since it's technically a "medical food". I paid for it anyways, because she sold it to me as "a magical cure" of sorts and I won't lie, that seemed appealing to me. Something new? After all this struggle? Sure, fuck it, let's try it. I will leave out my backstory and detail about my condition for the sake of brevity (something I'm not very good at).

5-MTHF did work for me, albeit at a MUCH lower dose of 5mg. Some people even get relief from 1mg. But... Deplin comes in 7mg and 15mg doses. My new doctors in Seattle (Naturopaths, not psychiatrists) have advised me that even 7mg is quite a bit of extra 5-MTHF. I don't know the scientific details behind this, but I know from experience, 15mg was entirely way too much for my body and I experienced excruciating periods of "overmethlyation" (extremely high anxiety, all sorts of sensory hallucinations, very uncomfortable!).

The doctor that did the DNA test advised 15mg. Not my psychiatrist. It was just a note scribbled on the front of the DNA results packet. I didn't know anything about 5-MTHF at the time so I did not argue and began on the 15mg. Psych didn't say anything, either: i was only her 3rd patient trying Deplin.

I was completely unstable until I titrated the dose 8 months later: I'd been mistaking most of the symptoms for benzodiazapine withdrawal and didn't think to blame the Deplin for being uncomfortable. I was too unstable to properly judge my mental state. at the time, I had subconsciously thought: why would I question the Deplin? My psychiatrist told me that it was made for people like me (who have the genetic defect). No way it could be hurting me.

I wonder how many other mental health patients are being tortured by a similar conundrum right now? (Tortured may seem a bit harsh, but overmethlyation is something I would not wish on my enemies...) Further, I wonder how many people are being suggested Deplin as they were Prozac, in a case where a doctor doesn't know anything about MTHFR gene and thinks it's just a fancy new drug to try out?

I wish there was more information about the supplement's effects and its dosages available for psychiatrists. About a year later, I began ordering 5-MTHF (the main component of the 'drug') from Amazon for 1/3 of the price. You can also get it made at compounding pharmacies for cheaper.

I feel terrible thinking about other people who may think they are locked into paying for Deplin because their psychiatrist does not know any better. I think what Nestle is doing may be good for profits, by making an illusion of a 'unique solution', but at the same time it makes my stomach turn. Thanks for reading.

32
boost_ 2 days ago 0 replies      
ITT: fat people making all sorts of excuse for Nestle

is this reddit?

33
Omarrjo 2 days ago 0 replies      
if you have pre-diabetes, type 2 diabetes Or you know someone with this conditions, You need to see this Video http://www.diabeteszone.info/
34
x5n1 2 days ago 0 replies      
Would it make you feel better if they had a subsidiary do it under a different name and you didn't know. Or even a different company do it? It's all the same economy stupid. You have a problem with the basic assumptions and ethics of the economy, nothing more.

The economy is sort of a blind watchmaker, it is optimized to produce profit for the Capitalist class and jobs for the worker class. Everything else does not matter to it. Whether it pollutes the planet, makes fatties, limits the chances of human survival. It knows nothing but to do the two above things. Everything else is someone else's problem.

And at the same time governments in the so-called free world have been advocating to help it do this more freely without any constraints from the would-be control mechanisms like pesky governments which would control this sort of behavior.

8
New GNU Emacs website gnu.org
543 points by rvern  3 days ago   222 comments top 32
1
justinsingh 3 days ago 8 replies      
Just an anecdote about the older site. I was in a comp sci class at school a year ago. My classmate next to me asked what editor I use because it was a Beginning C++ class, and I said emacs. He went to the website which looked incredibly outdated to the expectations of new programmers, and just felt uncomfortable giving it a try. He opted for an editor with a more modern website.

So with the new website, which looks good, maybe emacs will seem more accessible and worth giving a try to new programmers who cross paths with it. At the same time, maybe that sense of accessibility is misleading given the learning curve of emacs that isn't exactly beginner-friendly. Nonetheless, I like the site!

2
_asummers 3 days ago 5 replies      
As someone semi-new to using emacs, (I knew basic keybindings but never bothered to set up init files, etc.) coming from the IDE world, my biggest complaint was the amount of things I had to do to get vanilla emacs to behave in a civilized way, even using the GUI version. I spent hours scouring peoples emacs files on GitHub to try and find all the things that looked "obvious in retrospect" and settings that looked silly to have turned off by default (e.g. commands that act on regions should act on lines when no region is selected). Then my second biggest complaint was the analysis paralysis of all the plugins. I'm starting to get a stable emacs file, after a few months, but there's still several pieces of functionality I miss from my IDEs that I chunk out time every now and then to research and add. I think having a "if you're coming from IDEs you may want to install X Y Z" page would be helpful, as well as package download rankings so that people can find the popular projects (e.g. helm, use-package). It should also be prominently encouraged to use something like guru-mode where it disables the arrow keys to force you to use ctrl and meta as your movement keys.

Also you can pry Magit from my cold, dead hands.

3
indigo747 3 days ago 1 reply      
The site seems to be having some trouble, so from the Wayback machine:

The previous site https://web.archive.org/web/20150522051725/http://www.gnu.or...

The new site on the 20th of April https://web.archive.org/web/20160420170002/http://www.gnu.or...

4
Faaak 3 days ago 7 replies      
Looks nice, but having a 1.1MB webpage with 7 different fonts seems somewhat wrong to me... We should start thinking about mobile clients who have to pay these MB.
5
xvilka 3 days ago 4 replies      
It would be nice, if they will merge patches [1] for truecolor (16M colors) support in their console incarnation of emacs. Both Vim [2] and Neovim [3] already did this. Since most terminal emulators now support this mode [4], that will improve syntax highlighting and theme customizing to a new level.

[1] http://emacs.1067599.n5.nabble.com/RFC-Add-tty-True-Color-su...

[2] https://github.com/vim/vim/commit/8a633e3427b47286869aa4b96f...

[3] https://github.com/neovim/neovim/commit/8dd415e887923f99ab5d...

[4] https://gist.github.com/XVilka/8346728

6
jimjimjim 3 days ago 1 reply      
I switched back to emacs last month after 10 years in ides, vim and sublime and my hands still remember the key combinations. It's nice, like going back to an old favorite pair of shoes.Also good to see the changes like the elpa/melpa stuff.
7
satysin 3 days ago 11 replies      
Surprised to see the demo videos were captured on OS X and not GNU/Linux.
8
bitwize 3 days ago 2 replies      
It looks real snazzy and nice. But I always liked that the GNU project did not try to look like the latest fad out of SV. Their low-fi HTML4 approach meant they could be browsed in anything and still be perfectly readable.
9
ktamura 3 days ago 1 reply      
Another piece of "marketing" collateral that can help popularize Emacs is a "tour of Emacs" video. Awhile back, I watched Russ Cox's "Tour of Acme" video and became an Acme convert as a result.

In the end, an editor is a productivity tool, and the best way to evaluate it is seeing it in action as part of a workflow: video is an excellent format to capture and share this with newcomers.

10
sotojuan 3 days ago 1 reply      
Seems like GNU is going through a brand/design update. First Guile[1] then this!

[1] https://www.gnu.org/software/guile/

11
nanory 3 days ago 3 replies      
I think Vims website could do with a facelift too:http://www.vim.org/
12
kozikow 2 days ago 1 reply      
There is lots of IDE vs emacs discussion in this subject.I have been using primarily (IntelliJ+IdeaVim) and sometimes (Emacs+evil) for the last few years.

If I want to write big, complex change in a codebase in Java/Scala/Python/Javascript I would use IntelliJ. Yet IntelliJ doesn't work well in many corner cases, like very big codebases, projects in C/C++ or languages not officially supported by Jetbrains, cross language projects (even with IJ Ultimate), remote editing or just quickly opening some github repo without spending time on any project setup. And extra emacs packages like magit and org-mode are irreplaceable.

Given the emacs flexibility I was able to configure Emacs to implement majority of IntelliJ keybindings. There usually is an equivalent emacs function of package for IntelliJ behavior, e.g. M-x and IntelliJ "Find Action". Emacs helm works a lot like fuzzy matching in IntelliJ. Sometimes I only implement the "similar" behaviour, e.g. "Show usages" vs "Grep for text at point in current project" in IJ. I will be writing a blog post about it at kozikow.wordpress.com, but if you are interested now now I can send you my .emacs.d.

In this setup I can just setup "fast, always works and easy to set up, but not too powerful" code navigation using ctags/ggtags, grep/ag and projectile in emacs and avoid packages like EDT, eclim-emacs or Jedi that are more powerful, but sometimes require custom per repository setup, or are slow. I usually have both emacs and IJ opened and switch between the two. I have a keybinding in both editors for "open current file in the other editor" (emacsclient + external tool in IJ).

So in the spirit of motto of Spacemacs - "The best editor is neither Emacs nor Vim nor IntelliJ, it's Emacs and Vim and IntelliJ!"

13
bitfox 2 days ago 0 replies      
A lot of text editors have a 1% of emacs power but a great web site and a great interface. This help them to shine in the IDE/Editors jungle. So, this new interface, will help emacs (from a "marketing" point of view).

Personally, I think that Emacs is one of the best editors. Not so simple to use (you may think if you are going to start without a tutorial), but, definely... very strong and personalizable.

I prefer to not compare with IDEs. The advantages of IDEs is that they have a particular UI and a set of tools focused for a particular language/development tool. This will allow you to have an initial set of features. Ready to use. Without spending your time to work on personalization. You may think to IDEs as editors with a restricted set of features (compared with emacs).

14
benkuykendall 3 days ago 0 replies      
15
apatters 2 days ago 1 reply      
Does anyone know of a fun and engaging way to learn emacs, like VIM Adventures? I sit and stare at a list of emacs hotkeys any time I want to give it a shot and my eyes glaze over.
16
joshumax 3 days ago 1 reply      
Hmmmm, the website seems to be taking _forever_ to load

resists urge to make emacs joke about this

17
benbristow 3 days ago 1 reply      
Since when did FOSS have good design?

Joking aside, looks really nice!

18
Twirrim 3 days ago 1 reply      
It's interesting that they used jquery (MIT licensed) for the web page, and also interesting given RMS's dislike of the use of Javascript. http://www.gnu.org/philosophy/javascript-trap.en.html. MIT is GPL compatible, admittedly, so his main concerns about Javascript probably don't really apply here.
19
typon 3 days ago 1 reply      
This is the most beautiful thing I've seen from the GNU world. Usually all their websites and materials look like 1980s internet.
20
eulji 2 days ago 2 replies      
Anyone have an opinion about emacs on Windows ? I am forced to work on Windows and have no idea about the setup here.
21
necessity 2 days ago 1 reply      
"The best editor is not Emacs nor Vi, it's Vi + Emacs"

I've discovered [evil](https://www.emacswiki.org/emacs/Evil) a few days ago and I'm in love.

22
highCs 3 days ago 5 replies      
I'm in deep love with sublime. Can someone convince me that I should use emacs instead?
23
ultim8k 2 days ago 0 replies      
Cool! Congrats guys!
24
madspindel 3 days ago 1 reply      
What is the keyboard shortcut to exit the website?
25
soyuka 2 days ago 0 replies      
shit now we need a better one for vim
26
dang 2 days ago 0 replies      
Personal attacks are not welcome on HN, and the internet thing of beating on Stallman like this is distinctively unsavory. Please don't do it here.

(Obviously this has nothing to do with agreeing/disagreeing with his views.)

27
dang 2 days ago 1 reply      
> that simple observation seems to be quite a challenge for you.

> people like you

This comment breaks the HN guidelines by being personally abusive. Please comment civilly and substantively, or not at all.

We detached this subthread from https://news.ycombinator.com/item?id=11656193 and marked it off-topic.

28
dang 2 days ago 0 replies      
Please don't post uncivil, unsubstantive comments here.

We detached this comment from https://news.ycombinator.com/item?id=11656415 and marked it off-topic.

29
milkey_mouse 3 days ago 0 replies      
Slick
30
mback00 3 days ago 0 replies      
VI !!!

^_^

31
curryhowardiso 3 days ago 0 replies      
Omg now can someone please fix the apex domain?

I don't want to live in a world where I can't like formal verification and modern website design

32
mrmondo 3 days ago 0 replies      
Very slow to load on a mobile device, looking at the page size it seems quite heavy, especially for a site aimed at promoting or representing a text editor (and a lot more I know, I know).
9
Why do old statues have such small penises? howtotalkaboutarthistory.wordpress.com
392 points by okket  1 day ago   166 comments top 36
2
jgrahamc 1 day ago 3 replies      
Firstly, theyre flaccid. If you compare their size to most flaccid male penises, they are actually not significantly smaller than real-life penises tend to be.

So... they're not small. I guess most people haven't seen many average, flaccid ones. If most of your exposure to penises is hardcore pornography and Mapplethorpe that confusion is understandable.

3
pavel_lishin 1 day ago 1 reply      
The author mentions that David looks afraid from the front, but doesn't provide a photo, so I went looking: http://i.imgur.com/OVJdNac.jpg

He definitely doesn't look afraid from below. He always looked bored to me, but looking him in the eyes, he definitely looks concerned.

4
huffmsa 1 day ago 1 reply      
From a friend who studied "classics" as a degree, the Greeks thought massive schlongs were comical and bestial, as well as stole focus from the musculature and overall balance of the art.

Rome on the other hand considered itself a masculine nation, who's roads were broad and straight, never turning for nature.

Not that the Greeks couldn't have fun, they used statues with erect penises as road signs in Athens, famously knocked off by Alcibiades (in fact he was framed by a rival ) the night before the invasion of Sicily.

The David is a statue of a 14 year old, in addition to the reasons given in the article.

5
chimprich 1 day ago 2 replies      
I have an alternative theory: the extremities of the statue are more delicate and the most likely parts to get knocked off over time. The size of the penis is probably proportional to the chance of it being knocked off, so we see fewer surviving examples of more endowed statuary. This theory doesn't necessarily compete with the one in the article; canny sculptors may have gone for smaller dimensions to make their statues more robust as well as aesthetics.
6
justifier 1 day ago 0 replies      
semi offtopic because my anectdote is more about the compactness of the genitals than their size:

i used to live in firenze and there is a statue of neptune(o) in the palazzo vecchio

once i was walking past it with a friend and i told her it was one of my favourite statues in the city

and she surprisingly responded, 'of course it is'

i asked why it was so obvious and she said, 'well, look at his balls'

"what about his balls?"

'that's an old man with the balls of a prepubescent boy'

now, you could make an argument about the models used or some social aspect of the times or artist but i loved where she went from there

"interesting, go on"

'it's a clear fetishising of immortality, to think you can be old with such a tight young body is the pure representation of a god, the immortal'

wisdom of experience, strength of youth

(o) https://en.wikipedia.org/wiki/Fountain_of_Neptune,_Florence

7
pazqo 1 day ago 1 reply      
Not going to translate (this is Italian -and in particular Sicilian) and there are two sculptors arguing with the local priest about the size of the dong.

https://www.youtube.com/watch?v=0WKAjQKTz3w

8
drcross 1 day ago 0 replies      
I haven't seen this (my) theory mentioned but it's worth thinking about- sculptors of fine art were keen to differentiate themselves from poor cheap carvings that you can still get to this day in cheap markets in rural towns on the european continent. Go through stalls in Spanish seaside towns and you'll immediately find lewd phalic sculptures. They are made to shock the person receiving the gift. Proper artists wanted to go in the other direction, reducing the size of the genitalia so it's not a focus of the work.
9
leroy_masochist 1 day ago 0 replies      
Has anyone considered the possibility that the statues were in the pool? [0]

[0]: https://www.youtube.com/watch?v=ldUZvxjKMGs#t=1m18s

10
peter303 1 day ago 0 replies      
I suspect large dicks and boobs are a recent evolutionary development, but not that recent. You just cant run down dinner or walk that efficiently with all that junk flopping around. Many joggers probably have experimented once either in a college bare run or in the wilderness and found it tough :-)

Lice genetics suggests clothing is at least 80K years old even though the oldest needles are less than half that age. So people may have been engineering "support" to decrease the disadvantages of size. Nearly all the near naked jungle tribes seem to have support. I am suggesting size increased long before 2000 years ago, but not the entire history of the human race.

11
galfarragem 1 day ago 3 replies      
Women breasts are also small in old statues.

Maybe we can infer that sculptors didn't want erogenous zones to become too relevant and overshadow the statue as a whole.

12
tzs 1 day ago 0 replies      
Before searching the internet for the answer a couple years ago, my speculation used to be that artists were afraid to make well endowed statues because some wife or concubine of the emperor might make an unflattering comparison, and it was never a good idea in those days to get an emperor pissed off at you.
13
Raphmedia 1 day ago 1 reply      
Food for thoughts: When you fight naked or pantless against men with sharp sticks, you don't want a long penis that is easy to hit.
14
burfog 22 hours ago 0 replies      
Look, it's stone. It was carved with a hammer and chisel. There is no "undo" and you don't even know if there might be a hidden defect in the stone until it snaps. You can't glue a broken penis back on. If you break it, you keep it, unless you can find a buyer for a stone penis and the corresponding emasculated statue.

Some of these statues probably started off with huge penises. The stone broke, and thus the statues got downsized. It's that or lug a new boulder back to the workshop.

Statue buyers must have had a say as well, and vandalism is not a recent invention. People have been snapping parts off of art since before recorded history. If you were an ancient statue buyer, would you choose a design that will easily suffer damage at the hands of a 12-year-old kid? No way. Short is best. It's probably cheaper too.

15
amelius 1 day ago 0 replies      
I was hoping that this was sort of reflecting the norm :S
16
amelius 1 day ago 1 reply      
Since the sculptors in those days were mostly men, a better question might be why the female statues have such small breasts :)
17
alexandrerond 1 day ago 0 replies      
I've seen this question answered before and the explanation was that small flaccid penises imply a proportionally large change when they become erect. While an already large but flaccid penis would proportionally not change so much.

Greeks considered the difference between the size of a flaccid vs erect penis a sign of masculinity, and therefore tended to use small penises.

What's more glorious than knowing that the flaccid retracted penis of an amazing athlete will grow 4x when required (which is plausible). A larger non retracted penis wouldn't grow so much proportionally.

18
barking 1 day ago 1 reply      
Maybe the ones with big ones were vandalised?
19
snake_plissken 1 day ago 0 replies      
They could have been cold. If you have a penis and scrotum, you know what happens to them when you are cold. That picture of the statue of Laocon battling snakes with his sons in the article, they were probably battling the snakes in some dank, cold cistern right above the gates to Hades.
20
wiz21 1 day ago 0 replies      
I'd venture another explanation. When I compare myself to those "normal" statue, I don't feel inferior :-) The fat is that a statue is an idealization; so being the same as the idealized stuff is a warm comforting feeling...
21
mmagin 1 day ago 0 replies      
Am I the only one who misread this as "statuses" and thought it was about the Twitter 140 character limit?
22
junnan 1 day ago 0 replies      
There should be scientific studies telling us the average size of penises.
23
nxzero 1 day ago 0 replies      
Guess this begs the question of how "big is better" in pop-culture.

Anyone know?

24
amake 1 day ago 2 replies      
The linked article's title is "Why do all old statues have such small penises?". Why was the word "penises" censored on HN?

Edit: It's now been changed. It used to say "male genitalia" instead of "penises".

25
atomi 1 day ago 2 replies      
Who are all you people? What happened to HN?
26
i_have_to_speak 1 day ago 1 reply      
Well done, HN. You upvoted it. Now let's see you discuss it.
27
manojlds 1 day ago 1 reply      
Sorry, but why comment when you have read only the title and not the article? You are saying exactly what the article says in detail.
28
toypaj 1 day ago 0 replies      
it was cold when they were modelling
29
blackhaz 1 day ago 0 replies      
I think this is important in the penis enlargement era. Now I will sleep better.
30
HillaryBriss 1 day ago 0 replies      
> ... his small penis allowed him to remain coolly logical

This suggests an important new brogrammer interview question

31
neurobuddha 1 day ago 0 replies      
Not a lot of insight in this article. Is it on the front page for the giggles?
32
AbuAssar 1 day ago 0 replies      
we need NSFW tag!
33
samirillian 1 day ago 0 replies      
Clearly David was just a grower, rather than a show-er. Also, he is in what any athlete will recognize as "sports mode". Also, it looks bigger in person. Nuff said
34
EToS 1 day ago 3 replies      
Is this a worthy HN topic?
35
neugier 1 day ago 0 replies      
What this thread needs is a reference to the bitcoin blocksize debate.
36
saiya-jin 1 day ago 0 replies      
well obviously ladies didn't define aesthetic norms back in those days...

fiancee had the same question this weekend after visiting Louvre's antic section - the stuff is just too small given proportions of statues. i am a +-regular gym goer, so even if i don't want i see all the stuff in locker rooms/shared showers, and albeit some of it is this small (and smaller), most is bigger.

10
Show HN: BitKeeper Enterprise-ready version control, now open-source bitkeeper.org
369 points by wscott  1 day ago   269 comments top 34
1
bcantrill 1 day ago 8 replies      
The grand irony is that Larry was one of the earliest advocates of open sourcing the operating system at Sun[1] -- and believed that by the time Sun finally collectively figured it out and made it happen (in 2005), it was a decade or more too late.[2] So on the one hand, you can view the story of BitKeeper with respect to open source as almost Greek in its tragic scope: every reason that Larry outlined for "sourceware"[3] for Sun applied just as much to BK as it did to SunOS -- with even the same technologist (Torvalds) leading the open source alternative! And you can say to BK and Larry now that it's "too late", just as Larry told Sun in 2005, but I also think this represents a forced dichotomy of "winners" and "losers." To the contrary, I would like to believe that the ongoing innovation in the illumos communities (SmartOS, OmniOS, etc.) proves that it's never too late to open source software -- that open source communities (like cities) can be small yet vibrant, serving a critical role to their constituencies. In an alternate universe, might we be running BK on SunOS instead of git on Linux? Sure -- but being able to run an open source BK on an open source illumos is also pretty great; the future of two innovative systems has been assured, even if it took a little longer than everyone might like.

So congratulations to Larry and crew -- and damn, were you ever right in 1993! ;)

[1] Seriously, read this: http://www.landley.net/history/mirror/unix/srcos.html

[2] The citation here is, in that greatest of all academic euphemisms, "Personal communication."

[3] "Sourceware" because [1] predates the term "open source"

2
dsr_ 1 day ago 3 replies      
For people who don't know the history -- McVoy offered free bitkeeper licenses to various open source projects, and the Linux kernel switched to it.

After Andrew Tridgell (SAMBA, among other projects) reverse-engineered the bitkeeper protocol [1] in order to create his own client, the license was rescinded for everyone.

As a result, Linus wrote git.

[1] https://lwn.net/Articles/132938/

3
luckydude 1 day ago 0 replies      
Lots of cross platform goodies in there as well as some interesting data structures. For example, our list data structure is in lines.c, it's extremely small for a small list and scales nicely to 50K items:

http://bkbits.net/u/bk/bugfix/src/libc/utils/lines.c?PAGE=an...

4
civilian 1 day ago 1 reply      
I have some questions about Why.html: https://www.bitkeeper.org/why.html

> Spending a lot of time dealing with manual and bad auto-merges? BitKeeper merges better than most other tools, and you will quickly develop confidence in the quality of the merges, meaning no more reviewing auto-merged code.

Do you have examples of merge-scenarios that are a Conflict for git but resolve for BK?

> BitKeepers raw speed for large projects is simply much faster than competing solutions for most common commercial configurations and operations especially ones that include remote teams, large binary assets, and NFS file systems.

Is there a rule of thumb for what size of repos benefits from BK? (And I suppose size could either be the size of a current commit or the total size of the repo.)

Are there any companies like github or bitbucket that support BitKeeper repos?

5
to3m 1 day ago 1 reply      
1 year ago: https://news.ycombinator.com/item?id=9330482

What changed? Is BitKeeper still an ongoing business with some other model, or is that, as they say... it? I hope not.

6
stephenr 1 day ago 0 replies      
Amongst all the "too late I loves me some git" type comments, i figure I'd say thankyou and good luck with continued revenue.

I haven't read much about bk so far, so forgive my lazy web question: does/can bk operate over standard ssh as git/hg/svn can, or does it require a dedicated listening server to connect to?

Edit: answering my own question, yes it does support ssh as a transport

7
teddyh 17 hours ago 0 replies      
BitMover still holds all the copyright, and have all the developers. They obviously wanted to keep BitKeeper proprietary, and are only doing it now when facing irrelevance in the marketplace. If BitKeeper becomes popular again, whos to say they won't take development proprietary again? Sure, the community could fork the latest free version, but there isnt a free development community for BitKeeper theyre all internal to BitMover.
8
kazinator 1 day ago 2 replies      
How does BitKeeper scale to large projects? (Like, say, gigabytes of binaries.) This is a weak area of Git.

---

From the "Why" page:

BitKeepers Binary Asset Manager (BAM) preserves resources and keeps access fast by providing local storage as needed.

BAM is great for any organization that handles:

* Videos

* Photos

* Artwork

* Office files

* CAD files

* Any large binary files

9
paradite 15 hours ago 1 reply      

 $ bk clone bk://bkbits.net/bkdemo/bk_demo $ cd bkdemo # edit files using your favorite editor $ bk -Ux new $ bk commit -y"Comments" $ bk push
As a user whose first CVS was git, I am quite confused by this "quick demo", I have no idea what "-uX" means, no idea what "new" means, no idea what "-y" means and why it is immediately followed by quotation marks instead of being separated by a single space. If bk wants to get new users onboard, it needs a better quick demo that makes sense to new users.

10
educar 1 day ago 1 reply      
I half-expected 'very late' comments before I read the comments. I wasn't disappointed.

For those who commented that way, please reconsider this winner takes all approach to your outlook of the world. The world is better because of choice and it's in everybody's best interest to have more distributed version systems.

11
adrianN 1 day ago 1 reply      
Why would I want to use this over git or mercurial?
12
qwertyuiop924 1 day ago 1 reply      
Too late to dominate, but maybe not too late to cut itself a niche. It seems to have some advantages over the competition, and appears to be a reasonable contribution to the table. Besides, competition is always good.

At the very least, Bryan Cantrill will be happy :-D.

13
Annatar 17 hours ago 0 replies      
The biggest feature for me is the efficient handling of large binary files, because it means I could finally have a completely self-contained repository (clone and everything is in one place, plus free replication), but without the performance penalties which for example Mercurial incurs with binary files:

https://www.bitkeeper.org/why.html

I have to try it out just for that!

14
jeremycole 1 day ago 1 reply      
Huh. Thanks for doing this. As a MySQL employee in the early days I used BitKeeper and fell in love with it and kept using it as long as I could. I mainly use Git these days, but frequently miss BitKeeper -- BK felt a lot more natural to me than Git ever has.
15
sspiff 1 day ago 1 reply      
I'm wondering: how does it handle large binary files? Any better than git or hg without extensions?
16
rburhum 1 day ago 1 reply      
This is very cool... but also, kind of a bit late. The market already adopted git and the momentum is there. Unless there is a trivial way to switch back and forth from git or there is something that is orders of magnitude better, this is a decade too late.
17
drewg123 1 day ago 1 reply      
Can it import from git or SVN or mercurial?

Looking at the bk import man page, it looks like it cannot import from any modern VCS. I see only RCS, SCCS, CVS, and MKS as options. This is unfortunate, as I have a mercurial tree I'd like to import.

18
PuercoPop 1 day ago 2 replies      
Something I'm wondering and the man page doesn't clear, does it track files across renames or does it only track content like git?
19
jordigh 1 day ago 0 replies      
Well, that took a long time... I wonder what changed in the eleven years that Git and Mercurial were deployed to replace bitkeeper.
20
kingosticks 17 hours ago 0 replies      

 "The ability to seamlessly share only a subset of your source tree "
I've spent a good 10 mins trying to find anything specific in the documentation about this but come up empty. Is this just by virtue of using submodules, ssh and filesystem permissions or is there something more that I'm yet to find? The lack of fine grain security on modern VCS systems is one of the reasons our monolithic repository is still using CVS.

On a related note, the getting started documentation should be more prominent on the Web page.

21
okket 1 day ago 1 reply      
There is an official mirror on GitHub:

https://github.com/bitkeeper-scm/bitkeeper

22
prirun 23 hours ago 0 replies      
I think the same points made in Larry's 1993 paper could be made about various Linux distributions:

 Why a gazillion package managers? Why not a common filesystem layout? Why not a standard desktop?
IMO, Linus should enforce his Linux trademark by forcing every distribution to follow a set of standards. If they don't, they can't call it "Linux". If he got them in a room and said "This is the way it's going to be, or else", they'd do it.

23
foreign-inc 1 day ago 0 replies      
Some history from Linus himself https://www.youtube.com/watch?v=4XpnKHJAok8
24
loeg 1 day ago 3 replies      
Interesting FreeBSD 7 and 8 binaries available for download. Neither of those is a current supported release. It's like offering RHEL 3 or 4 binaries.
25
ausjke 23 hours ago 0 replies      
This predates git, in fact if it was open sourced from the start git may never have existed, sigh, how ironic.

If bitkeeper was open sourced it could be a powerhouse nowadays, open source and commercially. Now it is too late and honestly irrelevant.

26
rdtsc 1 day ago 0 replies      
I see this as "features" https://www.bitkeeper.org/why.html

See large repo support, security and others.

Is that geared towards comparing with Git/Github? Is there a more focused comparison with those. i.e. both comparing to git itself and to GaaS (Git as a Service).

27
paulasmuth 1 day ago 1 reply      
The nested repository feature sounds amazing. Dealing with both git submodules and git subtrees has been a huge pain for me.

I'm looking forward to trying this out over the weekend. Is there some kind of util/script to import history from git?

28
jwilk 1 day ago 2 replies      
"[...] Linus moved to it and most of the developers followed. They stayed in it for three more years before moving to Git because BitKeeper wasn't open source."

Um, the "because" part is not quite right.

29
benjarrell 1 day ago 1 reply      
Does this come with any sort of web interface?
30
gbraad 1 day ago 0 replies      
Great to see this finally happen... However, for 'us' Git remains a keeper.
31
devnonymous 1 day ago 1 reply      
Great news! Better late than never! I hope they (or a client of theirs) create a BK backed service soon. I for one, think we need more than just github and altassian in the market if only to ensure the businesses don't take their users for granted (hint: sourceforge)
32
talles 1 day ago 0 replies      
Too late?
33
ashitlerferad 1 day ago 1 reply      
Too late :)
34
ezoe 23 hours ago 0 replies      
It's too late.There is no reason to use non-git DVCS in 2016.
11
Teaching C regehr.org
352 points by mpweiher  1 day ago   144 comments top 21
1
robertelder 1 day ago 11 replies      
In my quest to learn C very well over the past few years, I've come to the conclusion that C is best understood if you think about it in terms of the way that an assembly language programmer would think about doing things. An example of this would be if you consider how switch statements work in C. Switch statements in C don't really compare to switch statements that you find in other languages (eg. https://en.wikipedia.org/wiki/Duff%27s_device).

The issue that many students face in learning low level C, is that they don't learn assembly language programming first anymore, and they come from higher level languages and move down. Instead of visualizing a Von Neumann machine, they know only of syntax, and for them the problem of programming comes down to finding the right magic piece of code online to copy and paste. The idea of stack frames, heaps, registers, pointers are completely foreign to them, even though they are fundamentally simple concepts.

2
dbcurtis 1 day ago 2 replies      
Let me add the perspective of an old dinosaur that learned to program before C had been invented.

C maps nearly 1:1 onto simple processor and memory models, and most importantly, gets out of your way and lets you get on with solving your system programming problems. Before C, just about any meaningful system programming task required a dive into assembly language. In that context, C was a huge win. It is also what makes C the langauge of choice for embedded development today.

Of course, system programming problems are not the bread-and-butter of most develpers today -- and a good thing, too. We can now build on top of solid systems and concentrate on delivering value to the customer at much higher levels of abstraction: the levels of abstraction that are meaningful to customers.

I dearly love Python because it allows me to work at levels of abstraction that are meaningful to the user's problem. I dearly love C when I want to wiggle a pin on an ARM Cortex-M3.

In my mind, CS education should start by teaching problem decomposition and performance analysis using a language like Python that provides high levels of abstraction and automated memory management. Then, just like assembly language was a required CS core course back in my day, students today should spend a semester implementing and measuring the performance of some of the data structures that they have been getting "for free" so that they understand computing at a fundamental level. Some will go on to be systems programmers, and will spend more time at the C level. Some won't ever look at C again, and that is OK.

In the end, CS education is about how to solve problems through the application of mechanical computation. The languages will evolve as our understanding of the problems evolve and our ability to create computing infrastructure evolves. CS educcation should be about creating people who can contribute to (and keep up with) that evolution.

3
parr0t 1 day ago 0 replies      
I'm currently at uni studying CS and recently finished my 'Programming in C' unit. The teacher from the get-go said it would be challenging compared to other languages that we had used to date (mainly Java) and that quite a few students struggle with it. Once I got my head around pointers and debugging through GBD/Valgrind the unit came immensely enjoyable and rewarding.

We didn't use any fancy IDE's and were told to stick to VIM, we also had to compile with the flags -ansi -Wall -pedantic which alerted you to not only errors but warnings when we compiled our code if it didn't meet the C90 (I think) standards. It was a lot of work crammed into 13 weeks but it had one assignment which I thoroughly enjoyed.

Tic Tac Toe (Ramming home using pointers, 2D arrays, bubble sort for the Scoreboard).

Debugging a bug-riddled program (My favourite).

Word Sorter (Using dynamic memory structures, memory management by having no leaks, etc).

The debugging one was very different from most other assignments I had done at uni to date and the teacher said he recently introduced this assignment because the university had received feedback that students debugging skills weren't the greatest. They could write what they were asked to just fine, but when it came to debugging preexisting issues quite a few struggled. We got given a program with around 15 bugs and you got marks depending on what was causing the bug and a valid solution to fix it. This forced us to use tools such as GBD and Valgrind to step through the program and see where the issue was and to be much more methodical.

I really enjoyed C and when I find a bit of time outside of work and study I'd like to explore it more.

4
fdej 1 day ago 5 replies      
The core of what makes C elegant is that basically everything that looks atomic is atomic, in the sense of taking O(1) space and memory (at least until C99 introduced its abominable variable-length arrays, and perhaps some other features I'm forgetting about).

Absent macro obfuscation, it is easy to reason about what a snippet of C does and how it translates down to machine code, even taken out of context. In C++, something as innocent as "i++;" could allocate heap memory and do file I/O.

The downside is that C code can become quite verbose, and to do anything useful, it takes a lot of ground work to basically set up your own DSL of utility functions and data structures. For certain applications, this is an acceptable tradeoff and gives a great deal of flexibility. I think teaching this bottom-up approach to programming can be quite useful - in a way, it mirrors the SICP approach, albeit from a rather different angle.

The question is, why are there not more languages that have the same paradigm, but also add basic memory safety, avoid spurious undefined behavior, provide namespaces, with a non-stupid standard library, etc.?

5
fisherjeff 1 day ago 1 reply      
A long-standing gripe of mine: When I clicked through to his example "cute little function" in Musl, I found myself mentally adding comments to work through all the "cuteness". If that's the case, IMO, it's either too cute or needs more comments - not sure how much time I've spent picking apart kernel code just to figure out what the hell some of it does, but it's definitely not time well spent.

EDIT: Meant to add: fantastic article, wish my Intro to C instructor had read it...

6
latenightcoding 1 day ago 5 replies      
Great post!Univiersites tend to teach a very small subset of C, just enough to make a tic tac toe application or something silly.

I learned C by myself many years ago but it's only until recent I have been using it for big projects.

Reading Redis' source code was a great aide, xv6 is also amazing to learn systems programming.

Learn C The Hard Way is also a good read, but not as your main book, since it goes too fast.Other invaluable resources are: Beej's Guide to Network Programming and Beej's Guide to Unix Interprocess Communication

A good advanced book is Advanced Programming in the Unix Environment

7
nickpsecurity 1 day ago 0 replies      
Although a C opponent, I find this to be a good writeup. I hope more C students see it. Particularly, the author focuses on introducing students to exemplar code, libraries with stuff they can study in isolation, and making habit of using checkers that knock out common problems. This kind of approach could produce a better baseline of C coder in proprietary or FOSS apps.

Only thing I didn't like was goto chain part. I looked at both examples thinking one could just use function calls and conditionals without nesting. My memory loss means I can't be sure as I don't remember C's semantics. Yet, sure enough, I read the comments on that article to find "Nate" illustrating a third approach without goto or extreme nesting. Anyone about to implement a goto chain should look at his examples. Any C coders wanting to chime in on that or alternatives they think are better... which also avoid goto... feel free. Also, Joshua Cranmer has a list there of areas he thought justified a goto. A list of great alternatives to goto for each might be warranted if such alternatives exist.

Only improvement I could think of right off the bat on the article outside including lightweight, formal methods like C or stuff like Ivory language immune to many C problems by design that extract to C. Not saying it's a substitute for learning proper C so much as useful tools for practitioner that are often left out. Astre Analyzer and safe subsets of C probably deserve mention, too, given what defect-reduction they're achieving in safety-critical embedded sector.

8
s_m_t 20 hours ago 0 replies      
I love K&R, 21st century C, Understanding C pointers, Deep C secrets but I think they are a little complicated for beginners. I wouldn't bother opening them until you have written a couple of small programs in C or you have good experience in other languages.

When I first learned C in highschool I got a few books on C which all seemed to have the word 'Beginner' in the name. 'Absolute Beginners Guide to C' is one I remember in particular. I think having multiple books is pivotal because as a beginner if you encounter an explanation that doesn't make sense to you it is very hard to reason around it. You probably have very little prior knowledge, almost everything you know and learn up to the point where you get stuck will be contained in that single book, and if you don't know any other languages you can't make any connections to help yourself out. The reason the second, third, or fourth book is so important is that it will have a slightly different explanation that might make something click in your brain.

9
acbart 1 day ago 0 replies      
Although this is an interesting post, I'm disappointed from a pedagogical point of view. The article covers these topics, in this order:

1. What book do we assign?

2. What should we lecture?

3. What sort of code review work should we have students do?

4. What kind of assignments should we use? But only to say that he won't cover it in the article!

This is the almost the exact opposite order of what is most useful in terms of learning. Yes, some people (especially auto-didactic and well-focused students) are able to learn tremendous amounts on their own through books. But they are a relatively poor tool for teaching, compared to active learning methods. Lecture can be great, but usually is passive and worse than useless.

I want to acknowledge the importance of defining what you will teach and what successful (end-of-course) students look like and how to assess them. After you've decided that, it is proper to devise assignments and assessments, and then to decide on lectures and supplemental materials that support students in completing the assignments and assessments successfully. The time students spend should be active and practical - not that readings can't be provided, but they should be on-point and meaningful. Proper application of Instructional Design principles and theories of learning can make a world of difference for students.

But kudos for thinking about it, kudos for thinking about feedback mechanisms, and kudos for

PS: Obviously, I believe C has a great place in the curriculum - shouldn't leave undergrad without it!

10
haberman 1 day ago 0 replies      
I thought this was an excellent post. C has changed in lots of important ways in the last 10-20 years. The changes are both convenient (far better tooling) and inconvenient (much less forgiving of undefined behavior). Those of us who use C professionally have had to pick up most of these changes by osmosis. This was a really great run-down on how you'd bring a newbie up to speed with the state of the field.
11
kbenson 1 day ago 0 replies      
'"even what seems like plain stupidity often stems from engineering trade-offs"'

This has truly become something I try to keep in mind, considering a) I've later, sometimes long after starting on someone else's code base, learned a useful rationale for why they did some of the previously more inscrutable things in their code, and b) ended up writing a few things like that myself.

Documentation is key to understanding these systems, but it isn't sufficient. Often you are presented with a nicely documented mega-function, which while anyone can read through, but is very hard to reuse a portion of when needed. In breaking it apart into smaller chunks, you necessarily scatter some of the reasoning about why a particular approach was taken from where it was originally used, or at least where the weird behavior is required. You can either reproduce large chunks of the documentation at many different points in the code base, and hope it doesn't get out of date as the systems it describes in other files is slowly changed, or keep the documentation as fairly strictly pertaining to the code immediately around it, in which case the knowledge of how the systems interact can get lost.

Whenever you encounter code that seems to make no sense, it's better to assume there's some interesting invisible state that you need to grok, than that the programmer was an imbecile or amateur. The latter may be true, but assuming that from the beginning rarely leads to a better outcome.

Edit:

I'll share my favorite example of this. At a prior job, we had a heavily used internal webapp written in Perl circa 1996. It was heavily modified over the years by multiple people, but by the time I was looking in on it in 2012, it was a horror story we used to scare new devs. The main WTF was that it was implemented as one large CGI which eschewed all use of subroutines for labels and goto statements, of which there were copious amounts. The really confusing part was that they were used exactly as you would expect a sub to be used, just with a setting a few variables and a jump instead, so we always scratched our heads as to the reasoning for this. There was even a comment along the lines of "I hate to use goto statements, but I don't know a better way to do this, so we're stuck with this."

Fast forward a couple years, and I'm migrating the webapp to a newer system and Perl, and I discover the reason for this. At some point it was converted to be a mod_perl application, and the way mod_perl for Apache works is to take your entire CGI and wrap it in a subroutine, persist the Perl instance, and call the subroutine each request. The common problem with this is that because of this any subroutines within your CGI can easily create closures if they use global variables. The goto statements really were intended to be used just like subroutines, because they were likely switched to in an attempt to easily circumvent this problem. Now, there are better methods to combat this, such as sticking your subroutines in a module, and having your CGI (and then mod_perl) just call that module, which is what I ended up converting the code to do, but the real take-away is that the original decision, as impossible to defend as it seemed, was actually based in a real-world trade-off, and at the time it was done may have actually been the correct call.

12
satysin 1 day ago 2 replies      
If part of a CS course I think C is an excellent first language. Perhaps not for someone wanting to learn about software development on their own though.

It seems to me that while we know how to teach C properly today not many places do because they don't do as they say.

13
lunchTime42 1 day ago 0 replies      
There is not one C. There are multitutdes of C. C is a recombination of the Programming language with the Compiler with the Plattform with the Code Convention of choice with the librarys chosen with the OperatingSystem (if there is one).

And C needs knowledge in all fields recombined to be really used freely. Know one of those fields not - and you will be like a wanderer on a frozzen lake, doomed to trust those who know to guide you by ramming posts of no return where the ice gets thin.

Its also about taking a sledgehammer to all those certaintys people have about computers from marketing and personal experience as consumers.

14
feklar 23 hours ago 0 replies      
The Harvard CS50 course on edx does a pretty good job of teaching C, esp if you do the recommended reading/psets of "hacker level" which is from the book Hacker's Delight 2.

There is some initial magic, where they have you import cs50.h which is full of black box functions in the beginning but other than that it's a good example of teaching beginner C.

15
foyk 12 hours ago 0 replies      
"This claim that positive signed overflow wraps around is neither correct by the C standard nor consistent with the observed behavior of either GCC or LLVM. This isnt an acceptable claim to make in a popular C-based textbook published in 2015."

Perhaps someone could explain what I'm missing. It's exactly the behavior that I see using gcc-4.8 and Apple llvm-7.3.

16
andrewfromx 1 day ago 2 replies      
CS degree from pitt.edu 1996 and C was not required. But a friend an I took it as an elective. We did not want to get out of school with CS degree and no C.
17
lil1729 19 hours ago 0 replies      
All good points. But teach all these in one semester? Poor students..
18
awinter-py 1 day ago 0 replies      
first piece in a while to make me optimistic about college curriculum priorities.

Not sure it's possible to teach green frosh 'why does industry use an old language' and the static analysis ecosystem (easier to teach skills than wisdom). But I applaud these people for trying. This feels like real programming.

19
Paul_S 1 day ago 0 replies      
Knowing assembly is a good first step and a prerequisite to be useful in an embedded project.
20
ape4 1 day ago 0 replies      
For all assignments, tell the students to use the most appropriate language. Plot twist: all assignments are for high level applications and C isn't the most appropriate.
21
orionblastar 1 day ago 0 replies      
I find that many books that teach C either assume the reader knows how to program, or are too complex for them to understand.

I was going to write a Kindle book in the beginner's guide to C using Code::Blocks and its IDE because it is FOSS cross platform software. I found out it is a lot harder than I thought it was.

I learned C in 1987 at a community college still have the book on it that is written for Microsoft C, and we used Turbo C and Quick C for some of the assignments. Most of the programs I wrote can still compile and those that get errors or side effects can be debugged easily.

12
Why OpenBSD Is Important to Me ggr.com
358 points by quisquous  2 days ago   152 comments top 16
1
cisstrd 2 days ago 5 replies      
I am an OpenBSD user, there is no OS I'd rather use currently (obviously) and I am sure there is no OS with a greater focus on security and clean code, the project as a whole deserves a great deal of respect and admiration for setting the bar when it comes to security, and for being the originator of great products that are used outside the boundaries of OpenBSD itself, however (with all due respect) what the author portrays here is paranoid philosophical mumbo-jumbo I'm normally used to from radical FSF-devotees.

Yes, there are NSA scandals, yes, the US government has repeatedly overstepped boundaries, yes, caution and scepticism is a very healthy and good thing, but on the other hand there are GNU/Linux distributions taking security somewhat seriously, they have to, they too work with open source code, have a lot of users, and review said code, I doubt someone is interested in your specific data, I doubt using a GNU/Linux distribution or some other BSD OS is some risk one shouldn't take, I doubt we should all have to automatically strive for an "ethical" all Free Software life or otherwise we are in risk of somehow being under totalitarian control, I doubt Apple and Microsoft are totally out to get you and by definition filled with evil backdoors the NSA uses to spy on _everyone_... I doubt they only do malicious things,... and talking about security, it's not all in the Software, a lot is in users' behaviour... not talking about him specifically, but "We are all spied on by the NSA, please like me on Instagram and follow me on Facebook for hourly updates on my life so we can join in the fight against totalitarian control"...

As you have guessed by now I am some kind of allergic to this... those idealistic over-simplifications... drawing everything in black and white...

Some of the OS X users I know are incredible technology-orientated and privacy concerned people, should I draw the conclusion they are being overly naive by not using OpenBSD for everything? I don't think so, they are just not suffering from paranoia, are pragmatic and living in the real world...

2
pyritschard 2 days ago 1 reply      
We also owe the OpenBSD team OpenSSH, which greatly benefits from their attention to detail and commitment to small improvements towards better security.

Of course software is never perfect, but it's nice to know the (small) subset of OpenBSD developers working on OpenSSH are still working on keeping the proverbial doors locked.

3
drblast 2 days ago 1 reply      
I just want to shake the hand of the person who made the OpenBSD installer the way it is.

In case you haven't used it, it's dead-simple, command-line based, and it may take a few times to get it right if you don't know what you're doing. It's nearly featureless.

But after you figure it out, you can automate installs, and roll your own distro by changing the contents of tar files, or add your own software and configuration the same way.

It's quite possibly the most satisfyingly transparent OS install method I've ever used.

4
leaveyou 2 days ago 2 replies      
I wanted multiple times to study the OpenBSD source code and I've downloaded it but I never managed to navigate through it, to find the "head and the tail" or to find a reasonable "map" of the source code. I would like for example to follow the execution path in the source code, from the boot up to the login prompt. Does any documentation like this exist or could anyone give me some hints ? Thanks
5
jayofdoom 2 days ago 4 replies      
Probably worth noting as well how many software products OpenBSD has contributed back to the overall free software world; things like OpenSSH, (edit: NOT OpenSSL), a more secure ntpd and inetd.

Even if you don't run OpenBSD, you benefit from it.

6
niroze 2 days ago 1 reply      
Great opinion piece. I think this is mostly the opinion of anyone that really discovers OpenBSD and gets caught up in it. Security does matter, and the developers accept nothing less than what they want.

My main problem with OpenBSD development is that all development is decided solely by the developers and there doesn't seem to be much care for what others want.. which is fine, they're doing all the work for peanuts.

Sometimes you just have to do things that aren't well suited for OpenBSD (imagine updating and ensuring hundreds of OpenBSD machines are up-to-date, and running high performant threaded applications). Many things work, but that is all they do. Sure it may be much more secure than other unix or linux offerings, it may be all there is. Much of the ports are just "get this to compile and work". That isn't always good enough. Truly evaluate if it fits your needs. If there is something you want on the platform, it may be up to you to fix it.

--

Unrelated, I find it interesting that NetBSD isn't mentioned once in this entire thread.

7
executesorder66 2 days ago 6 replies      
I'm curious why the author says Linux is "insecure, anti-secure, and anti-privacy software"Can anyone explain this?

Also, why OpenBSD specifically, and not FreeBSD for example?

8
Spooky23 2 days ago 2 replies      
End of the day, OpenBSD is a great example of the value of competition, and the necessity to maintain market rules that encourage it.

How awesome is it that we have dedicated operation system geared towards the niche of the market that cares deeply about security?

9
stcredzero 2 days ago 0 replies      
To paraphrase:

Speaking freely is essential to democracy. The more restricted your conversations, the more careful you are about what you say. And being careful leads to less candor, less criticism, and less innovation. Thought and free speech are the breeding ground for new, sometimes controversial ideas. They are how we prototype, think new ideas through, refine them, and get them ready for wider distribution and discussion.

The actions of many 21st century activists seem to be diametrically opposed to this ethos and designed create a social landscape of civic censorship and extra-legal punishment for "thoughtcrime." I think a society with laws supporting free speech on the books, but largely made of authoritarian and censorial organizations is no more democratic in spirit than the Jim Crow south was inclusive with its "technically" enfranchised non-white population. (It doesn't so much matter what laws are on the books, if society at large thinks something opposed.)

For democracy to work, there needs to be freedom to dissent. I think many young people who grew up with web forums were exposed to so much draconian censorship, they've come to unconsciously feel that censorship is a key means of expressing power and "justice." I just hope that enough of them work out how intellectually bankrupt such a society would be.

10
OneTwoFree 1 day ago 1 reply      
> Plenty of hardware in my life has backdoors (I'm looking at you Intel[1])

That same libreboot article[1] says that AMD is not any better. Is there any alternative I'm not aware of? An ARM Chromebook is unfortunately not fast enough for me.

[1] https://libreboot.org/faq/#intel

11
anthk 1 day ago 0 replies      
>Plenty of hardware in my life has backdoors (I'm looking at you Intel). But I'm slowly replacing the bad stuff with the good stuff, as I'm able to find OpenBSD (and open hardware) based solutions for my remaining use cases.

Use a blobless OS like Trisquel, Guix and get libre hardware from the FSF.

12
zymhan 2 days ago 1 reply      
I'm just getting started on setting up an OpenBSD router that I want to be the basis for making sure much of my data is secure. I figure I can start with the edge of my network and work in. And for such an important device as an internet gateway, I want to be able to trust it.
13
update 2 days ago 1 reply      
> I imagine the NSA has a bag full of OpenBSD exploits [...]. But OpenBSD has gifted to the world a fighting chance--

Doesn't the former sentence negate the latter?

At this point, it seems just about all systems are hackable, given enough resources.

14
lasermike026 2 days ago 0 replies      
Carry on. I'm with you.
15
arjun1296 1 day ago 1 reply      
Does OpenBSD have good SMP support yet?
16
zxcvcxz 2 days ago 1 reply      
I don't know how anyone can lump Linux in with Windows when it comes to security from NSA spying and then say OpenBSD is a good alternative.

HN seems to love the anti-Linux FUD though. Anything that further fractures the OSS community is upvoted fast.

I like the BSDs too, but there are a ton of reasons Linux is the most popular kernel in the world, it's not just because the NSA makes it so.

13
The NYPD Was Ticketing Legally Parked Cars; Open Data Put an End to It iquantny.tumblr.com
294 points by danso  3 hours ago   65 comments top 13
1
danso 2 hours ago 1 reply      
For people who skip straight to the comments: I couldn't fit it into the title, but the other half of the OP's title is that the author confronted the NYPD with his data analysis and they thanked him and spoke positively about the effect of open data:

> Mr. Wellingtons analysis identified errors the department made in issuing parking summonses. It appears to be a misunderstanding by officers on patrol of a recent, abstruse change in the parking rules. We appreciate Mr. Wellington bringing this anomaly to our attention...

> Thanks to this analysis and the availability of this open data, the department is also taking steps to digitally monitor these types of summonses to ensure that they are being issued correctly.*

Sure, it's easy to pay lip service to open data and transparency...but I've found for the most part that bureaucracies are generally OK with open data after it's been ingrained in their culture (which is why it is so amazingly easy to get data from Florida -- they have an IT system that is optimized to handle it -- the employees don't mind fulfilling the requests since it's no skin off their back).

Bloomberg got the ball rolling, and hopefully the momentum continues...I'd be happy with NYC agencies tolerating open data as a status quo...Looking forward to the day when bureaucrats and citizens can get to the point where transparency isn't seen as a zero-sum game.

2
thevibesman 30 minutes ago 0 replies      
In 2011, I was given two parking tickets when legally parked in Boston.

The first ticket was issued for parking in resident street parking without a permit. I was actually parked just after the sign delimiting the resident parking area[1]. I photographed where I was parked and sent in an appeal which was accepted.

A month later, I was parked in the same non-resident street parking and I was issued a ticket for failing to pay a parking meter; the number of the meter I supposedly failed to pay was a LONG block and a half away from where I was parked. Again, I submitted an appeal, but this time it was not accepted.

The friend I was visiting when I received these tickets was a producer for a local television news station. She told the story of these two tickets to their investigative reporter who was interested in the story and was going to inquire about it with the Boston PD. Apparently she didn't get anywhere with the story, but Boston PD did stop sending me failure to pay notifications for the fine.

[1]: This non-resident street parking was not metered.

(EDIT: Foot-note formatting)

3
ghaff 2 hours ago 1 reply      
As the article explained, tickets had been voided when cases were disputed as widely happens in just about every city.

Honestly, if I were a public official reading the comments here, I'd be inclined to just go "Why do I even bother? I explained how, even though the people who hand out most of the parking tickets were educated about the change, many police officers weren't. We'll fix it now."

Sure, rerun the analysis a year or two down the road. If things don't change, that's a story. But this strikes me as a nice use of open data and a reasonable response from the NYPD. You can argue that they should do pro-active refunds but a lot of addresses will have changed and it would be otherwise difficult and expensive. I'm honestly not convinced that's a reasonable expectation.

4
kevin_thibedeau 6 minutes ago 0 replies      
The T intersection at Virginia Avenue is not legal. The ramps serve an unmarked crosswalk as exists at all intersections in NY state.
5
mynameisnoone 2 hours ago 1 reply      
NYPD ticketed Casey Neistat for not riding in the bike lane, a viral video put an end to it. ;)

http://youtu.be/bzE-IMaegzQ

6
wheelchairuser 1 hour ago 2 replies      
It seems that there are multiple failures here. 1. Designated approved cutouts should be an easier process to obtain (just try getting a stop sign/crosswalk approved in the city and you'll understand the black hole that is the DOT approval process)2. Over eager officers issuing tickets.

Pedestrian cutouts are there for a real purpose, namely accessibility for people with disabilities and wheelchairs.While it sucks for cars to get ticketed, I for one share no compassion with those people blocking cutouts in general, because they are not offering courtesy for those people who require these cutouts to live.

Edit: For those suggesting that the crosswalks in the middle of the block go "nowhere" consider the following. a wheelchair user parks his/her car and exits the car. he/she will have to cross all the way to the ends of the block in order to get out of the street into safety. even it may seem like it's going nowhere, there is a real functional purpose.

7
jasonjei 2 hours ago 2 replies      
Did NYPD refund fines from erroneously paid citations?
8
yomly 1 hour ago 0 replies      
After recently dealing with the various governments / nationalised businesses from a number of countries I can safely say that I am well and truly fed up with their inane bureaucracy.

This article doesn't surprise me: where the recent swath of internet companies seem to extoll individual agency/ownership, nationalised companies seem to preach the exact opposite - a problem is never the individual's responsibility and people seem perfectly happy to ship a borken status quo. As such, ludicrous oversights like this are a regular occurrence rather than a gross intolerable negligence.

This is not even yet mentioning how awful the UX is for the customer who has to interface with these institutions.

While it may be very easy to discard my point as rife with cliches, it's worth noting that we have become very spoilt by ruthlessly frictionless (yet equally effective) customer-facing tech products. The opportunities to streamline processes and save time and money for state-owned interfaces (both online and offline). As an example, I recently had to queue in a hospital with my sick mother for an hour, to be told that that individual couldn't process our particular issue and that we would have to join the back of the adjacent queue (not there was zero signposting whatsoever). This is one example and not a criticism on healthcare, but what happened to service-driven processes?

Instead we, the public, have to live with the dire reality of inefficient (and increasinly apparently indifferent) government services as the gap between private and state run services continues to expand as we grow increasingly disenfranchised.

9
bpchaps 57 minutes ago 0 replies      
I've been working on something like this for over a year now for Chicago. Most of that time's been spent just simply doing data cleanups.

My most recent update from Monday: https://plot.ly/~red-bin/6.embed

Pretty fucking proud of that, not gonna lie.

10
PhasmaFelis 51 minutes ago 1 reply      
That's a shame. Parking in front of a handicapped-access ramp is a shitty thing to do even if it is legal.
11
fsaneq2 2 hours ago 2 replies      
We need this in SF. SFMTA ticketed my car for no reason before; I tried their "appeal" process, only to get a response that sounded like they didn't even read what I said.
12
jrockway 2 hours ago 3 replies      
Why risk parking in a questionable area like a ramp cutout when some streets have an entire extra parking lane (indicated by a picture of a bicycle)?
13
guelo 3 hours ago 1 reply      
I don't think that's what "systematically" means.
14
Scala Native github.com
325 points by virtualwhys  7 hours ago   182 comments top 12
1
openasocket 6 hours ago 2 replies      
Is this a "true" Scala? As in, if I write a Scala program that only uses the scala stdlib, will it run on both the JVM and Scala native with no modifications to the source? Or, is it more like "a Scala" in the same way you would say "a Lisp"? I think a lot of the design decisions for Scala were made so that Scala would work on the JVM and easily inter-op with Java. It might make more sense to modify the language slightly to better suit the native environment. I'm seeing some hints to that on the page with the "@struct" and "@extern" decorators.
2
densh 7 hours ago 12 replies      
Hi all, I'm the author of the project and would gladly answer any questions.
3
dsabanin 7 hours ago 1 reply      
Really excited about this. This is another reason why Scala is an extremely valuable tool these days. With Scala JVM, Scala.js with React Native and now with Scala Native (LLVM), there'll be literally nothing you can't do well with it.
4
spriggan3 7 hours ago 2 replies      
Just saw this on twitter. Scala, you have my attention. There were a lot of talks about "the tools of yesterday" and "the tools of the future" lately. Scala getting closer to the metal, without the JVM is a significant step toward "the tools of the future".
5
abc_lisper 6 hours ago 2 replies      
Hi, Some questions

- Can this reuse existing Scala code?

- How does it compare against Rust/GO/Swift? Why use this over them?

- How about libraries?

6
OhHeyItsE 6 hours ago 3 replies      
Otherwise known as "Haskell"?
7
gnufied 5 hours ago 3 replies      
So, is this "released" yet? There are no downloadable installers or even instructions to compile.
8
smegel 6 hours ago 2 replies      
What about GC?
9
partycoder 6 hours ago 1 reply      
In a way, simple Scala code resembles Swift, as commented by this person:https://leverich.github.io/swiftislikescala/

Now the type system of course is entirely different.

10
jiang101 7 hours ago 0 replies      
Wow, they're even planning to provide a native version of the runtime library? That will be more than nice.
11
airless_bar 5 hours ago 6 replies      
Not the author:

> - Can this reuse existing Scala code?

I think that's the plan. Would be a pretty pointless exercise without that, right? :-)

> - How does it compare against Rust/GO/Swift? Why use this over them?

Rust: Scala and Rust have different niches. Rust is more focused on low runtime overhead, while Scala is more focused on low development overhead. This means Rust can be potentially faster to run, but Scala is faster to develop.

Go: Go is utter shit that only survives due to the devs name-dropping "Google" every 5 minutes.

Swift: Scala is more mature, simpler, better designed. Not a knock against Swift, but there is a difference between a language where changes have been tried experimentally for years before either adopting or removing them, and Swift where things get added at a frightening rate.

> - How about libraries?

Libraries without Java dependencies should work, libraries with Java dependencies depend on whether their Java dependency is provided by Scala-Native (just like on Scala.js).

12
dang 3 minutes ago 1 reply      
Personal attacks are not allowed on HN. We ban accounts that do this, so please don't do it again. Instead, please (re-)read the site guidelines and make sure your posts are civil and substantive.

https://news.ycombinator.com/newsguidelines.html

https://news.ycombinator.com/newswelcome.html

We detached this subthread from https://news.ycombinator.com/item?id=11678838 and marked it off-topic.

15
How I Got the $84k Hepatitis C Drug for $1500 by Buying It from India alternet.org
349 points by mataug  3 days ago   340 comments top 34
1
corvallis 2 days ago 8 replies      
Something to keep in mind is the population that typically has chronic Hep C requiring this drug. It's IV drug users who share needles. Think they have $84K? Nope. Think they have insurance? Nope. Guess who pays for it. Oh that's right, it's Medicaid! It's you, the taxpayers. Where is there a large concentration of people that have Hep C? Prisons. Guess who pays for it then? Still you! The prison systems are obligated to provide health care and treatments in accordance with community standards of care, which they do. They have treated many people already who meet the criteria of disease progression to qualify for it. Still think Gilead should be charging this much for it here and not elsewhere?
2
cowsandmilk 2 days ago 1 reply      
(1) As someone who was following the market when Gilead paid $11 billion for PharmAsset, it was not a sure thing that it would be first to market or a premier drug. They announced $137/share on November 21 for a stock that opened at $65.49 on November 11. People like to point out how much money Gilead made on the deal, but that is Monday morning quarterbacking on something where they easily could have lost billions.

(2) The article claims Harvoni was acquired. That is not really true. Sovaldi (sofosbuvir) came from the Pharmasset acquisition. Harvoni is a combination of sofosbuvir with ledipasvir, a drug discovered at Gilead.

The combination of the two is a key part of the treatment; sofosbuvir was still taken with interferon (and ribavirin) for genotype 1 HCV, the most common form.

Treatment for genotype 1 HCV, without interferon required ledipasvir. The notion that Gilead contributed nothing scientifically to Harvoni is false; they provided a crucial component to the all-oral treatment of HCV genotype 1.

3
YPCrumble 2 days ago 3 replies      
Gilead has developed the first drug since penicillin to cure a major disease and people think the price tag is too expensive.

In the modern world, it's not ideal to create a drug to cure something. Once people are cured they no longer need your drug. That's why we have so many drugs like Lipitor and Viagra that treat symptoms but do not cure.

The "problem" with Sovaldi/Harvoni is that the patient only takes it for ~90 days, and then they're cured.

The drugs are cheaper than regular treatment of Hep C - which ends in liver transplant. Do people think the price tag was just random? No, it's because this is a price at which the taxpayer saves money by curing the disease vs. blood transfusions, liver transplants, lost economic value, etc.

Not to mention that the waitlist for a liver transplant is getting halved as we cure Hep C.

As we slam Gilead the other really evil pharma companies like Pfizer are taking notes and patting themselves on the back for creating drugs whose end goal is to addict the consumer.

4
markvdb 2 days ago 3 replies      
This is yet another perverse collision of care and market regulation. Other examples abound. Why do we accept this? Do we even dare think of alternatives?

What if western governments stop enforcing drug development intellectual rights? Not going to happen before hell freezes over, but let's have a short thought experiment.

Quality health care for all would probably blossom thanks to more access to affordable drugs than ever. Drug development would probably slow down significantly without compensating measures. But would that be so bad? Medical research is increasingly a game of diminishing returns... Many but the rarest disease puzzles have been solved already. And the huge profit margins show the current drug development system has proven inefficient handling these rare corner cases. Think https://en.wikipedia.org/wiki/Alexion_Pharmaceuticals . With more patents starting to expire, the existing drug development model will only get more inefficient...

Aren't there more efficient ways to incentivise drug research?

Crazy idea... Bootstrap an open source drug with maecenate and/or public funding, or market an existing generic with a sympathetic history. Make it super easy for people to donate something extra on top of the drug price. Think a tip at the pharmacy, directly to the researcher's drug development budget. Their drug cured them or their loved ones! Put a picture of the research team on the packaging. Show people these researchers are heroes.

5
surrealvortex 3 days ago 11 replies      
I'm conflicted about this article. On the one hand, the pharmaceutical companies gouging ordinary Americans is abominable. Doing something to circumvent their greed is something to support.

On the other hand, if enough people exploit loopholes like this, and the pharma company actually felt a significant drain in revenue, they may decide not to license the manufacture of these drugs in India at lower prices. If $84,000 seems unreasonably high in the US, imagine how out of reach it will be in India, where the cost of living is much lower.

6
cheriot 2 days ago 3 replies      
Eminent domain is not just for land. In extreme cases like this where a profit motive is the only thing keeping us from curing huge numbers of people, the US government should write a single check, take the rights, and start handing out pills.

As far as the company is concerned, that could even be a preferable outcome. Cash now and the marketing benefits to promote its other drugs.

Edit: Just a reminder that eminent domain requires paying the property owner. https://en.m.wikipedia.org/wiki/Just_compensation

7
y04nn 2 days ago 1 reply      
The pharmaceutical industry is disgusting me.Their goal is no more to cure people but to generate that maximum amount of cash for shareholders.To chose a price point, they don't look at what research has cost, but what people, government aid and insurance are willing to pay for it and choose chose a price that max out the benefit. In developed country it becomes ridiculous.

As a note, when they have to make risky research they put the risk into a spin-off company with investors that share the risk, and this is how you end up with Gilead buying this probably co-founded research company.

8
golergka 2 days ago 0 replies      
OK, let me be a devil's advocate for a minute, before we get the pitchforks once again. Let's remember this:

> Gilead Science was first out the gate, bringing the new hep C drugs Harvoni and Sovaldi to market in 2014 and 2015, respectively. And they worked great: More than 90 percent of patients taking the new drugs saw the hep C virus wiped out in three months, and without the side effects that made interferon treatments so intolerable.

So, Gilead is exactly the company that created these drugs from the very beginning. I'm looking at it this way: in 2013 (situation A), there was no cure ("cure" is a simplification, of course, but for this kind of analysis it's not an important detail.). In 2016 (situation B), there is a cure, but it costs $86k.

Now, the moral question here is very simple: when you change the world (as Gilead did) from situation A to situation B, is it net good or net evil deed? In which world of these two would you prefer to live?

9
mirimir 3 days ago 1 reply      
Yes, way to go! There are honest online pharmacies, but finding them is nontrivial. And there are numerous competent generics manufacturers in India. They've captured a large share of the global generics market in recent years.
10
PieterH 2 days ago 2 replies      
Surprised no-one has pointed to the real culprit here: the patent system, which allows individual companies to own knowledge like this and sell it at any rate it desires... private taxation by and for the rich, on the rest of society.
11
foxylad 2 days ago 1 reply      
There is obviously something unbalanced in the pharma business, and I think it is one of the corner cases where unbridled capitalism fails - perhaps because it is a need, not a want, so it is not discretionary spending.

My instinct is that pharma development should be carried out by universities (the state), so it's benefits can be shared with all citizens.

12
hyperliner 2 days ago 2 replies      
I really think this article is spot on taking on an issue that I believe will become more and more pressing over time as baby boomers continue to retire.

However, this line felt of out of place:

- "And then there's Gilead. It didn't even develop Harvoni itself; it made a business decision to pay $11 billion to buy the company that did so it could be first to market and reap the rewards, $26 billion worth. There is something obscene about that. A billion-dollar profit would have been a very respectable return on investment, but Gilead is getting much, much more than that"

I mean, why is that obscene? We have seen crazier returns in [insert latest "stupid" app that made billions]. These drugs are difficult to manufacture AND to market. I am sure that if the return would have certain, then the seller would not have sold the company for that amount and would instead reaped the presumed returns.

I think pharma is entitled to big returns because their business is really risky.

I don't know where the answer is. Maybe it is government-driven pharma (yeah like the federal government is ever going to be good at anything), or a SpaceX for Pharma.

13
hourislate 2 days ago 2 replies      
I was under the impression most Pharma Companies will give it to you for free if you don't have insurance and can't afford it. Maybe it's different if you have insurance and they won't pay for it.

The article is unfair mentioning Shkreli. He has always offered his drugs for free to anyone that couldn't afford them. It has always been his policy and continues to be so.

I think it was the Insurers and their paid for Politicians that created the stink. To this day I still haven't heard of one person that had to pay the $750.00 a pill but just their co-pay and if they had no insurance they got it for free.

Surprised this drug isn't available for free for those without insurance or is it?

14
anne-marie37 16 hours ago 0 replies      
I had no side effects either. I did 12 weeks with Ledifos (generic Harvoni), and zero viral load from week 4. I'm SVR4, but still waiting to get SVR12, fingers crossed! :-)

I bought Ledifos in Hyderabad, through med tour agency. The trip cost me just over 2600$, tickets included, and I only paid once in India. The guys are mellow, everything went very smoothly: hotels, doc, prescription, pharmacy, all is done in 3 days (www.cure-hepc.com). I know you can do cheaper if you just buy online, but when you pay online you never know if it's a scam.

15
MichaelBurge 2 days ago 5 replies      
A quick Google search shows that they paid $11 billion for the company that sells the drug(Sovaldi), and earned $1.3 billion off of it[1] in 2016. They make half of that in the US, and something like 10% of it in all places that aren't the US, Europe, or Japan.

That's a 12% return in 2016, which isn't nearly as good as the comments in this thread would have you believe. It's an okay return, but it wouldn't really be a good investment unless they can grow those sales more. It looks like they have had some growth compared to last year, so maybe it will end up working out for them. It's certainly not "100x in profits".

A Google search shows the disease is ultimately hard-to-transmit and preventable[2]. $84,000 seems like a fair price to me for this particular case. Google says the total cost of raising a child is "$245,340", so paying a 30% premium in rare cases doesn't seem unreasonable.

A separate complaint is that the financial industry isn't covering this case well. If you expected your insurance to cover it and they don't, that is an entirely separate issue than the price of the drug. Even if they don't, it seems like there should be a market for people wanting loans to pay for cures: It seems really hard to underwrite such a loan, but it could probably be done.

What does good insurance from a reputable insurance provider that reliably pays out their claims in cases like these cost?

(Edit) I may have misread the earnings report, thinking it was for the previous year rather than the previous quarter. So the percentage is closer to 50%, and a commenter clarified that they also had another product.

[1]Earnings:

http://investors.gilead.com/phoenix.zhtml?c=69964&p=irol-ear...

Purchase price:

http://investors.gilead.com/phoenix.zhtml?c=69964&p=irol-new...

[2] Going down the list on one site that lists transmission methods: Don't have sex with weirdos carrying diseases; don't share needles with druggies; go to a licensed upscale commercial tattoo parlor instead of some shady cheap one

16
mhalle 2 days ago 0 replies      
Our medical and social systems are ill-equipped to deal with cures for widespread diseases, which is what Harvoni and its related drugs are. We are used to paying for disease on time: relatively small amounts of money for periodic treatments that might last a lifetime, however long that lifetime may be. And we (at least in the US) often think more about the value of the treatment to the patient rather than the value of a healthy person to society.

These questions of cost and value go far beyond HCV. It is a popular, medical, and entrepreneurial dream to cure cancer wholesale with a single easy course of treatment. While cancer isn't a single disease, perhaps we should begin asking now how we could assess the value and pay the price for such a "miracle" should a cure for any of the most common cancers be developed.

17
seshagiric 2 days ago 0 replies      
Not sure if there is one in the USA, however in India the law does impose a maximum price for critical and life saving drugs (hypertension, heart related, diabetes etc.). There is ongoing process for adding some cancer drugs too to this list. I think the key here is that businesses should be allowed to make a 'reasonable' profit.
18
Scoundreller 3 days ago 1 reply      
> took the pills for 83 days (saving one for possible testing just in case)

I would try to arrange testing before starting therapy, or at least at the point of starting therapy. There are labs that will run the test for a few hundred dollars (and a lot less if you know someone at a university, it could even be an analytical chemists' bachelor degree project).

19
walterstucco 2 days ago 1 reply      
Guess who can get them for free? those living in civilized countries with universal health care systems.
20
pramttl 2 days ago 0 replies      
I was once prescribed 4 tablets of Albandazole (a drug for worms treatment) just before my health insurance was active on file. The drug was costing over 700$ without insurance and my health center asked if I would like to wait for my student health insurance to show up as active. I said, yes (ofcourse) shocked at the price of the drug (being an international student in US from India). Even after my insurance I paid 35$ co-pay. The same drug costs <1$ in India. Even the co-pay is over 35 times the cost of the drug in India. I was trying to contrast some figures:

Salary ratio: ~5:1 (Software engineer, Google based on Glassdoor); Albendazole drug cost ratio: ~700:1

21
jfountain2015 2 days ago 0 replies      
There is an excellent Radiolab piece on this:

http://www.radiolab.org/story/what-year-life-worth/

22
erikpukinskis 2 days ago 0 replies      
Ironically, if the rights were owned by Skreli, Smith could've gotten the drugs for free.
23
xbmcuser 2 days ago 0 replies      
I see a good opportunity here build a 40-50 patient facility in touristy place like Thailand. It would cost about $250-350k then charge patients $4500 for a 3 month stay including medicine, food and board. Because of cheap labour and food your expenses won't be more than $20k per month. You would me making a profit with 40% occupancy with 85-95% you could recover your investment in under a year.
24
fractal618 2 days ago 0 replies      
Hey everyone, look!

We're getting ripped off!

Here's how they're doing it!

We're all in this together!

We have the high ground!

Here's what we have to do!

Look another episode of Game of Thrones is on!!

Who's fucking who?

25
known 2 days ago 0 replies      
Here is current price for Sofosbuvir in Indiahttp://www.medplusmart.com/compositionProducts/Sofosbuvir-40...
26
tn13 2 days ago 0 replies      
> In the United States, there is nothing stopping pharmaceutical companies from charging whatever they think the market will bear.

That is how it should be. The moment government controls prices, it will slow down overall capital investment in invention of new drugs. I think $80k price is perfectly fair given the scenario.

Until Giliad Science invented that medicine the alternative to the medicine was assured death by cancer. Have you ever paid medical bills for cancer ? $80k does sound like a reasonable amount to pay for one's life in a developed country like USA. In India value of life is much less and I am not surprised Indians are willing to pay much less for their life.

Poor Indians are benefiting at the expense of rich Americans. Indian would prefer to die than borrow and buy a $80k medicine.

I think if Americans can save money by offshoring the cheap call centers to India they can also save money by getting their health treatment in India. The thing to remember here however is that if you die in an operation theater in USA your family might get millions in compensation. In India you have to say bad luck and move on. The pills that you buy from India could be nothing but horseshit packaged in wrappers and you can basically do nothing even if you find it out.

US is at the forefront of drug inventions because markets are allowed to function, surely companies are making ton of profits but I suggest you try setting up a company and invent the same drug and sell it for cheaper price. Inventing drugs is like a startup, a giant number of research projects fail, handful of succeed. People remember Facebook and its obscenely rich Zukerberg they don't remember Bozo inventor of JokerBook, a social network for clowns.

It would be good if Americans learn to appreciate what they have rather than complain about everything.

27
bradleybuda 2 days ago 0 replies      
Leaps in technology, finance, and engineering cure man of previously incurable disease. He is pissed.
28
calvinbhai 2 days ago 0 replies      
Health insurance in US charges you 10 monthly premium, to provide a $100 pill for $10, while it is available for $1 in India.

Dental insurance is as bad. Travel to India + dentist costs are often cheaper than one time treatment costs.

29
ChicagoBoy11 2 days ago 0 replies      
Nobody here is making the pretty obvious point: Yes, it is wonderful to blame the drug companies (who invented the damn cure in the first place!) for greed -- it feels great. But the real important question you have to ask is HOW ON EARTH do they get away with charging $84k for a year of treatment?!?!?!?!

If they are charging this amount of money, it is because someone, somewhere, in some deep and mischievous and evil place inside those big pharma buildings, has crunched a lot of numbers and figured out this is the "correct" price for them to charge for this drug. That is their income-maximizing price. And THAT is what's insane.

Blaming them for "greed" is idiotic. But you have to scratch your head and think of how on Earth the best strategy for them is to sell a product with a price tag that no individual could really afford!!! That's the real mystery, and when you start asking THAT question, perhaps you end up realizing that the answer isn't so clear.

For starters, maybe ingenious strategy devised by our hero in the article, and the Indian government's positions in generic were foreseen by one of the thousands and thousands... upon thousands of lawyers, and business experts, and consultants that these companies hire, so they quickly realized that the name of the game HAS to be that they need to squeeze everything they can out of the U.S. market to make up for the hits everywhere else.

"But wait, no one will be able to afford the drug," exclaimed one novice executive at the pharmaceutical. "Not to worry," the senior counsel said, "we have medicaid in the U.S., and that's where most of our customers will come from. You see, the government will effectively be our client, and since they won't have an option not to offer this treatment, all we need to do is ensure we have amazing terms with this ONE customer and we'll be aaaaaaalllll set." Etcetera, etcetera, etcetera.

Don't blame the pharma companies. We have ZERO competition in many dimensions of healthcare. We have a drug approval process that costs billions of dollars for a single drug to get through, and the academic evidence is quite clear that it is actually killing more people than it is purportedly saving. I had back surgery three years ago, and a line item in my medical bill was "juice - $25." I stayed in the hospital for 19 hours. It cost me $40,000 FOR NO GOOD REASON whatsoever. I also had shoulder surgery overseas, with a Harvard medical-school trained doctor who operates on world class professional soccer players. I was in a phenomenal hospital for two days, in a private room, with nurses checking on me every hour, the works. The sticker price? $7,000. Without a penny of gov't subsidy.

Big Pharma isn't the issue. Our policies towards healthcare are crippling us to no end.

30
nsajko 2 days ago 0 replies      
We could make pharma companies be government contractors so the "intelectual property" would be a owned by the state.That would probably be a bit better than what we have now.
31
WalterBright 2 days ago 1 reply      
Keep in mind that the potential for huge profits was what motivated private investors to fund development for a cure. Without that, Hep C would still be a death sentence, regardless of how much money you had.
32
zaroth 2 days ago 0 replies      
If you remove a bunch of constraints, you can imagine governments paying for country-wide license to the patent, and then individuals just pay enough to cover manufacturing and delivery. I'm not sure if there was any payment that went along with granting India the $1000 price. I know India carries a big-stick of "invalidating" the patent. Sure, they could have just taken the IP for themselves, which basically means Americans just bare a larger share of the overall cost. The fact is that this drug is tremendously valuable for India, so I'm glad they were able to come to some pricing agreement.

Selling those drugs back into the US market clearly goes against the pricing agreement. Based on what I read in those articles about Paul Le Roux, these online drug outfits have way more volume than you might expect, and they apparently can run for a long time before being shut down. This is partly a submarine ad in that sense, even naming sources. You also might expect customs to intercept these packages, but when Le Roux can share the same FedEx account number across all their pill shipments, clearly inspection is expected to be lax. So the result is these pills could actually be pouring back into the country, and hiding within the inventory being sold for consumption actually inside India. It seems like Gilead revenue is strong for now, I don't know if they consider this to be a significant risk.

In some cases insurance will not cover if you are not showing symptoms. But if they do cover it, you will be on the hook for just the out-of-pocket maximum for that year. Any other health care you receive that year will be free, so that could also help justify the cost. But in this case the insurance company didn't want to cover it anyway, so the patient was forced to pursue a gray market purchase. I'm pretty sure Gilead is pushing hard for insurance companies to cover anyone with detectable disease regardless of symptoms, and ultimately that's what we want. There's a huge population that avoided the prior treatments, but would jump on this in a second.

Everyone who has HepC should get this drug. But if we can't afford to cure everyone today, how do prioritize access? And how do you limit access to an FDA approved drug for a diagnosed illness anyway, when the alternatives are more expensive and less effective? Well I guess in some places, like the NY AG is requiring coverage for commercial insurance plans. NYT reports that Medicaid is still denying coverage until the disease has advanced.

We want people to pay the "right" price for this drug, really a miracle cure which is lowering the cost of treatment actually. So how do you price it? The price to the insured patient today will vary based on the financial means of the patient. The revenue to Gilead is negotiated with insurance companies / benefit management companies, and is far below the sticker price.

33
ptaipale 2 days ago 2 replies      
I actually wouldn't expect that Indian prisons provide any effective medication against hepatitis C. You might get it if you buy it yourself, and bribe the prison staff to allow you to have it.

Sorry: this is not based on any real experience or references, just the overall assessment of how India stands currently.

34
Scoundreller 3 days ago 2 replies      
The article is already off to a bad start, assuming the existing therapy they're talking about is Pegetron:

> The interferon-based treatments weren't successful half the time, and the side effects were so debilitating few patients could endure the months-long punishing protocol.

If the success rate is 50%, I would say that's pretty good, especially since we're talking about treatment, not just managing the disease (as we can only do nowadays with HIV). And from the product monograph: "The most frequently reported adverse reactions were mostly mild to moderate in severity and were manageable without the need for modification of doses or discontinuation of therapy. "

But no doubt, the pre-existing therapy sure has a pile of side-effects.

16
Save Firefox eff.org
333 points by DiabloD3  6 hours ago   153 comments top 19
1
azakai 5 hours ago 6 replies      
> [The W3C] needs to hear from you now. Please share this post, and spread the word. Help the W3C be the organization it is meant to be.

This isn't about the W3C.

This is about EME, and about the companies that created it and promoted it: Google, Microsoft and Netflix (as you can see on the spec, for example https://www.w3.org/TR/encrypted-media/ ).

Telling the W3C not to do DRM is not going to be effective. The only thing that can work is to put direct pressure on the parties behind EME, and their products: Google and Chrome, Microsoft and IE/Edge, and Netflix.

Not only is it not effective to focus on the W3C, it's counterproductive - it shifts the blame away from the real culprits just mentioned. If you lobby the W3C against EME but still use products from the companies that created EME, you're sending mixed messages at best.

Furthermore, even if somehow we got the W3C to not do EME, it wouldn't matter. Google, Microsoft and Netflix would still be implementing it. They would just find another standards body.

2
fpgaminer 1 hour ago 0 replies      
Media DRM is not and never was primarily designed to prevent piracy. Rather, DRM is used by content producers (Fox, Disney, Warner, etc) to assert control over the rest of vertical market. This article is a prime example of this. Thanks to DRM the movie studios force browser vendors to sign agreements to get access to the CDM, and from that agreement they can assert control. They can subtly suggest, for example, "Hey, Mozilla, could you revamp your plugin API to make blocking ads harder? It's fine if you don't, but, oh, by the way, your CDM agreement expires next month. Looking forward to seeing you at the re-negotiation meeting."

The same thing goes for encryption on Blu-ray discs, which forces Blu-ray player manufacturers to sign agreements with them. HDCP on HDMI and DisplayPort asserts control over TV manufacturers and infests video cards.

This is the same industry that pushed the DMCA on us, extends copyright in perpetuity, sues families because their kid downloaded an MP3, would like nothing more than SOPA to pass, etc, etc.

I know that the comments here like to demonize Google, Microsoft, Netflix, etc. Honestly, I don't believe it's their fault; Netflix in particular. Netflix is in no position to fight this. If they say no, the media empire will pull all their licenses and the company will collapse. And Netflix is already fighting for its life against these same companies for net neutrality (the major ISPs are owned by the media empire...). Google is leashed by its need for advertising revenue. Microsoft is beholden to its customers, who want access to DRM'd content.

In other words, we shouldn't be taking our fight to the W3C, Google, Microsoft, Netflix, etc. The media empire is the real enemy here. And there's hope. The rise of cheap, digital cameras and distribution platforms like YouTube and Twitch have enabled a wide array of independent artists to create AAA content mostly unbeholden to the incumbent media giants. Some of the best and most entertaining content I've watched has come from Patreon funded YouTubers. If that was the only content that the world watched, the media empire would starve and whither away, and DRM along with them.

3
jflatow 4 hours ago 3 replies      
> This system, "Encrypted Media Extensions" (EME) uses standards-defined code to funnel video into a proprietary container called a "Content Decryption Module." For a new browser to support this new video streaming standard -- which major studios and cable operators are pushing for -- it would have to convince those entertainment companies or one of their partners to let them have a CDM, or this part of the "open" Web would not display in their new browser.

This is the crux of the issue. The W3C is creating a standard which gives control to the publishers over which browsers can display their content.

Whether that's "right" or "wrong" is worth debating, but sometimes the real issue at stake gets obscured in these discussions.

4
k-mcgrady 4 hours ago 3 replies      
Honestly, I'm not against online/streaming content being protected with DRM. I don't think it's very effective but it doesn't effect me as I don't own the content so I don't really care.

This seems to be a step to far though. The browser should be a standards based 'viewer' that anyone with the will and the time can create. Let's say Netflix implements this DRM. They account for more than a third of internet traffic. If your browser can't support Netflix it's dead in the water.

This is open to so much abuse. The gatekeepers (it seems to be the entertainment companies in this case) get to choose which browsers live and die. As we've seen over the last 20 years competition in the browser space is very important - without Mozilla stepping up and competing with IE I can't imagine the sorry state the internet would be in today.

Edit: Once again, the DMCA rears it's ugly head. Time and again it seems to be the thing that is abused to screw over consumers. Maybe that's what we should actually be fighting against.

5
hsod 4 hours ago 2 replies      
> This system, "Encrypted Media Extensions" (EME) uses standards-defined code to funnel video into a proprietary container called a "Content Decryption Module." For a new browser to support this new video streaming standard -- which major studios and cable operators are pushing for -- it would have to convince those entertainment companies or one of their partners to let them have a CDM, or this part of the "open" Web would not display in their new browser.

Isn't this just a standardization of the status quo, with Flash/Silverlight? Why is it that I always feel like I'm being sold a bill of goods when I read EFF pieces?

6
Ileca 4 hours ago 1 reply      
You can test your convictions by disabling DRM content in Firefox. Uncheck "Play DRM content".

Unfortunately, convictions won't have consequences on future decisions because the standard is here and the more you wait the more it becomes embedded. W3C allowed it to come to light when various plugins wouldn't make DRM viable or at least more difficult to implement and reach general agreement. Now, even if you can opt out with Firefox, Netflix really don't care about that because you decided to disable it so you are a bad client anyway. I understand why the article is talking about pop-ups because the moment Firefox decided to implement it, we lost the fight. I use Firefox but lately, I am saddened by their lack of strong convictions and how they tend to follow google a little too much. (At least, FF sandboxed the CDM, while not perfect, the other browsers didn't do it, isn't it?)

7
maker1138 4 hours ago 0 replies      
The biggest problem is intellectual property. Copyright lasts life + 70 years and patents last 20 years. That's a long time to have a legal monopoly on something, and is partly why companies are so big and can behave so badly.

Innovation comes through competition, not monopoly. Ideally, we'd eliminate patents and copyrights altogether, but as a compromise, I think having terms of 3 years, with no renewals, is fair. That way a business can capitalize on what it creates and get a 3 year head start on competition, but you still get competition fairly soon which benefits consumers.

8
usernamebias 5 hours ago 2 replies      
Can someone explain why we're stoking the fire this late in the game, not that it shouldn't be?

Firefox implemented this since May 12, 2015 -- https://blog.mozilla.org/blog/2015/05/12/update-on-digital-r...

Chrome's had it since v 42

https://www.chromestatus.com/feature/6578378068983808

9
xori 3 hours ago 0 replies      
I'm interested to see how effective the EME is to prevent illicit copying of media. YouTube and Netflix both use DRM now but it doesn't stop youtube-dl or pirate WEB-DL rips from netflix from existing.
10
xvilka 3 hours ago 0 replies      
There is a way to protect the content by adding per-user (subscriber) watermarks in the video/audio streams. Thus, no one will need these shady CDMs and Co. Of course, you say, you can try to find those watermarks/etc. But in the same way you can try to circumvent CDM code as well. Still, it will allow to eliminate proprietary extensions from the web standards.
11
pmoriarty 1 hour ago 0 replies      
Better solution: repeal the DMCA.
12
jakobdabo 4 hours ago 1 reply      
Isn't it trivial to reverse engineer the DRM module to create its clean room open source implementation thus effectively deprecating it?
13
_nato_ 4 hours ago 1 reply      
Can someone clarify what is meant by `publisher' in this piece?
14
wahsd 3 hours ago 0 replies      
I just found out that Firefox removed the 3D Inspector with v.47. It's a shame because that was an excellent tool for auditing and inspecting. If you haven't had the chance, give it a whirl.
15
Karunamon 4 hours ago 6 replies      
Let's get something straight here. This EME debacle was never a choice between DRM and no DRM, it was a choice between DRM in a consistent standard vs DRM with a thousand ad-hoc plugins.

The browser without EME will be pilloried by its users for not supporting the content they want to access. Users use a browser to access content, not to support philosophical positions on what software should and shouldn't do.

The lesser of two evils was chosen. You don't have to like it, but that's the reality of this situation. It is not realistic to suggest that the largest browser vendors not support user demanded content.

Speaking of philosophical positions, most DRMed content accessed by a user in a browser is going to be of the streaming variety, i.e. something that DRM isn't preventing you from doing something you're otherwise not supposed to be doing anyways.

16
neurobuddha 5 hours ago 1 reply      
Doesn't Mozilla have a lucrative deal with Yahoo? I mean Yahoo!
17
shams93 2 hours ago 0 replies      
Servo might save it the c++ codebase for firefox is a nightmare but servo could wind up taking back the crown from chrome.
18
0x0 4 hours ago 1 reply      
If firefox really cared about its users maybe it should stop force-feeding "value-adds" like Hello and Pocket down everyone's throat by default.
19
binaryanomaly 4 hours ago 1 reply      
As much I would love to... Just recently switched from FF to Chrome since the latter just works technically a lot better :-(

Hope the new servo engine can make FF shine again otherwise I fear the worst.

17
Panopticon: A libre, cross platform disassembler for reverse engineering panopticon.re
351 points by adamnemecek  2 days ago   81 comments top 15
1
jbaviat 2 days ago 5 replies      
Great work. Therefore that's one more disassembler in the wide. Some of the great open source ones, reverse oriented, that I have been able to test are:

Metasm: https://github.com/jjyg/metasm/

Radare: http://radare.org/

Capstone: http://www.capstone-engine.org/

Capstone is based on LLVM, that you cannot beat in term of architectures and industrial quality, and has great plugins, which make it kind of my favorite.

Of course, for non-scripting needs, you need decent graphical interfaces, as provided by these ones:

IDA: https://www.hex-rays.com/products/ida/

Hopper: http://www.hopperapp.com/

IDA is clearly the best, but Hopper is a fair choice if you need it and you can't afford IDA license for personal use.

[Edit: add forgotten IDA and Hopper...]

2
joshuamcginnis 2 days ago 2 replies      
Let's assume you have reversed engineered some kind of boolean check and you now want to patch it to always return true or false. What does that process look like at a high level?
3
dikaiosune 2 days ago 1 reply      
Requisite Rust fanboy'ing: GitHub stats say 90% Rust code.
4
martanne 2 days ago 1 reply      
Does somebody know how it compares to radare2?
5
umanwizard 2 days ago 3 replies      
Anyone know how this compares to IDA Pro ?
6
bogomipz 2 days ago 1 reply      
The project states:

"Panopticon is a disassembler that understands the semantics of opcodes. This way it's able to help the user by discovering and displaying invariants that would have to be discovered "by hand" in traditional disassemblers."

Doesn't every disassembler have to understand the opcode semantics in order to disassemble and make sense of them or am I misinterpreting that statement?

Also can anyone explain what the "invariants" are? When I hear the word I can only think of loop invariants and I'm guessing that is not what the author means here.

7
aantix 2 days ago 1 reply      
On a side note; the visual callgraph is interesting.. It'd be interesting for other IDEs to implement something similar with a historical listing of input/output values for the corresponding displayed methods.
8
munin 2 days ago 1 reply      
I noticed that this only supports AVR. what is your plan to support x86? would you think about linking against some external code that provides semantics for x86?
9
simplexion 1 day ago 0 replies      
I like the About me:

Hey I'm Kai Michaelis, I'm in an IT-Security Masters program in Bochum, Germany and work part-time for people who use the term Cybersecurity unironically.

10
shabbyrobe 1 day ago 0 replies      
Slightly OT, but are there any good libre tools for reverse engineering binary file formats rather than executables?
11
teacup50 2 days ago 1 reply      
GPL means I can't use it as a library unless I also GPL.

No thanks.

12
chris_wot 1 day ago 1 reply      
What is the best guide to learning how to reverse engineer programs?
13
partycoder 2 days ago 0 replies      
I like "ht editor".
14
flanfly 2 days ago 0 replies      
Btw, that guy isn't me.
15
searine 2 days ago 2 replies      
>Panopticon

Good lord what a cliche name.

18
Back door found in Allwinner Linux kernels theregister.co.uk
272 points by tbrock  22 hours ago   76 comments top 17
1
userbinator 14 hours ago 5 replies      
Especially after seeing that "rootmydevice" string in the code, I think there's much to be said for this in relation to today's world of locked-down devices which resist control from even their owners. Given that their SoCs are meant for such devices, maybe it's AllWinner (or someone at the company)'s way of rebellion against that. If so, I'm glad that there are still people out there who do not believe in the user-oppressing culture of "security" that seems to have become the norm and are actually trying to do something about it. Maybe it really was just a debugging oversight, but either way, I'm not outraged by it --- contrary to what the media seems to say. This is a local privilege escalation for software intended to run on a device that you --- and only you --- are supposed to own anyway.

Relatedly, here is a post 6 years ago by someone putting in a root backdoor in a device he designed --- and explaining how to use it:http://www.bunniestudios.com/blog/?p=1140If that was today, someone would discover it, scream "backdoor! security vulnerability!", and it would be all over the news like this one. And that makes me very sad.

2
consp 17 hours ago 1 reply      
Well... they were mostly know for GPL violations and less-than-propper support for everything they claimed (try reading the SoC spec for the A20. If you can find it. Other examples include GPS support, proprietary drivers without support, not releasing sources, etc.).

But apparently they stepped up their game. Even for debugging this is an odd one.

3
andrey_utkin 16 hours ago 2 replies      
> Although it doesn't appear to have made it into the mainstream kernel source

Now, who wants to blame upstream kernel maintainers for not merging in all the dirt around and requiring high quality of code submissions?

4
kazinator 11 hours ago 1 reply      
What are the permissions on /proc/sunxi_debug/sunxi_debug?

Anyone know?

This could be locked down so that, say, only processes which are members of a certain group can open a file descriptor to this proc entry.

This is a lot of unnecessary effort to implement something that can be obtained with a simple /bin/rootmydevice executable that is chmod u+s. (Though it is somewhat more streamlined: no intervening process execution is required).

Which, in turn, is a lot of effort to reinvent sudo.

(But of course, those are arguably front doors; you can easily scan the filesystem image for items that have u+s perms.)

I would do this kind of hole differently: why not just hack the kernel so that any process can do setuid(0). Or, slightly hide it: say, setuid(-42) gives you root privs.

5
dfritz 14 hours ago 1 reply      
And everything hidden in this undocumented monster-commit:

https://github.com/allwinner-zh/linux-3.4-sunxi/commit/7cc9a...

He should have added:

3. add a backdoor;

6
wicket 11 hours ago 0 replies      
There's even a bug in this back door (assuming The Register accurately copy and pasted). They're setting the effective UID to 0 twice instead of setting saved GID to 0. Not that it makes much difference but it does show a further example of their incompetence.
7
0x0 17 hours ago 1 reply      
8
alwaysdownvoted 11 hours ago 2 replies      
I like to compile and install my own OS images on the hardware I purchase. Of course the smartphone industry does not make that easy, if at all possible.

Hence I am forced to choose other form factors.

It would be nice to flash my own choice of BIOS. As far as I can tell this is still not too common. That is a project to which I am willing to devote large amounts of time should the information needed ever become public.

It seems the newer the hardware the more complicated and difficult this becomes. By my estimation, there is certain value in older hardware because it is not as complicated and can be easier to control.

Here is an idea that stays with me year after year: another open source OS project that chooses a single item of hardware and supports only that item.

Silly fantasy: Perhaps a deal is struck with one or more factories that can produce it. Perhaps the terms could be public. Maybe user-developers become faithful and loyal buyers of the hardware, because they like the control. Perhaps they directly pay the costs of production through donations. I have no idea what would happen. That's the point of trying it.

Building this sort of symbiotic relationship between open source user-developers and a single hardware manufacturer based on a single item, one could reason it is in the best interest of the manufacturer to open the specs to the developers, if not the public.

I leave it to you to list all the many reasons this is not worth doing. Then sit back and enjoy the status quo.

But for those of you who are avid users of an open source OS, I ask you to consider:

Do you ever get tired of watching the project trying to keep pace with new hardware? How do you feel about when the manufacturers will not disclose the specs? Are you OK with binary blobs in your "open" system? How about not knowing whether your OS of choice is going to work with your new hardware? What if there was one item of hardware that you could be absolutely sure was always going to work with your preferred open source OS, and to its maximum capacity?

OK, you may now return to chasing the new (locked-down) hardware. Thank you for your time.

9
jjawssd 11 hours ago 1 reply      
This is excellent news for those that value individual freedom and the right to modify the devices you paid for.
10
y04nn 14 hours ago 1 reply      
Just tested it on Orange Pi, it's too easy. Does that means that all Allwiner based tablets and phones are vulnerable?
11
wicket 11 hours ago 2 replies      
Anyone know how long the Allwinner kernel source had been available for before this was discovered? They were previously known for GPL violations.
12
hbrid 17 hours ago 1 reply      
Please turn JavaScript on and reload the page.

DDoS protection by CloudFlare

...um, no!

13
jamiesonbecker 10 hours ago 0 replies      
The best backdoor is the backdoor that is labeled debug.
14
hathym 13 hours ago 0 replies      
15
cia48621793 11 hours ago 0 replies      
This is China.
16
markokrajnc 18 hours ago 4 replies      
Chinese espionage at work... I wonder how many foreign agencies can access my phone: USA, UK, China, Russia, ...
17
jiang101 16 hours ago 0 replies      
A root backdoor for debugging ARM-powered Android gadgets managed to end up in shipped firmware and we're surprised this sort of colossal blunder doesn't happen more often.The howler is the work of Chinese ARM SoC-maker Allwinner, which wrote its own kernel code underneath a custom Android build for its devices.Its Linux 3.4-based kernel code, on Github here, contains what looks to The Register like a debug mode the authors forgot to kill. Although it doesn't appear to have made it into the mainstream kernel source, it was picked up by firmware builders for various gadgets using Allwinner's chips.It's triggered by writing rootmydevice to the special file /proc/sunxi_debug/sunxi_debug. That gives the current running process root privileges. If that file is present on your device or single-board computer, then you need to get rid of it. This is the code that checks for the magic write:if(!strncmp("rootmydevice",(char)buf,12)){ cred = (struct cred )__task_cred(current); cred->uid = 0; cred->gid = 0; cred->suid = 0; cred->euid = 0; cred->euid = 0; cred->egid = 0; cred->fsuid = 0; cred->fsgid = 0; printk("now you are root\n");}Tkaiser, a moderator over at the forums of the Armbian operating system (a Linux distro for ARM-based development boards) notes there's a number of vulnerable systems in the field.As tkaiser writes, echo "rootmydevice" > /proc/sunxi_debug/sunxi_debug" "from any process with any UID will get root, and it's probably remotely exploitable if combined with networked services that might allow access to /proc."He adds: This security flaw is currently present in every OS image for H3, A83T or H8 devices that rely on kernel 3.4.As well as all Orange Pi images except for Armbian's freshly patched 5.10, these vulnerable gadgets include ARM dev boards from FriendlyARM, SinoVoip (its M2+ and M3 Banana Pi boards), Cubietruck, and LinkSprite's pcDuino8 Uno.There are probably other products out there using the Allwinner SoC and the dodgy code. Tkaiser pointed out that FriendlyARM was also quick to issue a patch.
19
Introducing WhatsApp's Desktop App whatsapp.com
305 points by andersonmat  1 day ago   214 comments top 28
1
tostitos1979 23 hours ago 13 replies      
Why is Facebook/WhatsApp doing the tether to the phone crap? I have a few seniors in the family who have no need of a cellphone (stay at home most of the time). Everyone else in the family uses WhatsApp and these poor people are left out of the look. It is completely stupid as far as I can see. What is the phone requirement buying them?
2
jeffjose 1 day ago 6 replies      
No linux version. I was almost convinced that this was going to be another Electron app (after slack went that route)
3
aiNohY6g 18 hours ago 3 replies      
1/ phone tethering is the price to pay for end-to-end encryption: the support of multiple devices is not compatible with perfect forward secrecy, as the former require the asynchronous push of messages to all devices while PFS requires synchronicity (at least some kind of, as explained in their white paper here: https://lobste.rs/s/sx2f0r/whatsapp_encryption_overview_tech...

2/ if you don't like the Desktop App (or are using Linux), you can use https://web.whatsapp.com/ and/or the Chrome extension WhatsChrome https://chrome.google.com/webstore/detail/whatschrome/bgkodf...

4
haphazardeous 16 hours ago 1 reply      
Since when it became fashionable to use a wrapper of your web site? "Because the app runs natively on your desktop, you'll have support for native desktop notifications, better keyboard shortcuts, and more." I think Firefox is perfectly capable of doing any of those. I just hate it someone comes up and says 'Look we built a native app' I'm sorry but no you haven't! If I wanted to use your web page I can do that I don't need you to wrap it and ship it as a native app. Disappointed.
5
blackoil 1 day ago 3 replies      
This is not an independent app. It is still tethered to the phone, and can't work without it :(
6
Julio-Guerra 20 hours ago 2 replies      
It seems to be nothing more than https://web.whatsapp.com/ in a web view. So I can't really see interest.
7
Longhanks 1 day ago 0 replies      
I hate Websites selling themselves as "Desktop apps". I'd much rather have a native interface, me and my battery would say thank you for that.
8
shoggs 1 day ago 4 replies      
This just seems to be exactly like the Whatsapp Web running in the browser. I don't understand what benefit comes from the native client.
9
joeyspn 16 hours ago 2 replies      
Why is the app closing completely if I press 'x'? wouldn't be much better to stay in background mode like Slack does (well and many other chat clients)? It's annoying...

I'll keep using my custom wrapper with NW.js (apparently this uses electron) until this behaviour is implemented...

10
jrbapna 18 hours ago 2 replies      
I was excited when I saw the headline but the phone teathering is a deal breaker.

I removed whatsapp from my phone precisely because it took up too much space, with all the photos and videos being shared daily. It's a shame really.. a desktop app would've been a great alternative

11
aluhut 18 hours ago 0 replies      
Well, at least it's not a Chrome Add-On. Still useless for me because of the tether to phone point.

Now please Signal. Give me something we can all work with.

12
Strom 1 day ago 4 replies      
Windows 8 minimum? Is this an UWP app or what's the reasoning here?

Edit: I downloaded and successfully launched this on Windows 7. It seems like a standard Electron app. Now I wonder if the Windows 8 requirement is purely for tech support reasons, or if there's some specific feature that would fail on Windows 7.

13
Propen 14 hours ago 1 reply      
What's different compared to using nativefier on web.whatsapp.com? I've been using that for a while now
14
ascorbic 20 hours ago 1 reply      
When I saw this I was excited that maybe I could finally switch from Telegram. But no, it's tethered. I don't want to have to always make sure my phone is charged and with signal. I really don't get it. I get they can't do it the telegram way, by storing plaintext on the server. However I don't get why they can't do it like iMessage and encrypt the messages with each registered device's key. Perhaps moxie can explain why they can't do this.
15
pmlnr 19 hours ago 1 reply      
How about introducing open protocols instead?
16
everyone 14 hours ago 0 replies      
An old friend of mine suggested I try out Viber or Whatsapp to contact her. I had a look at them, but they want full access to all the contacts on your phone, its all or nothing, you cant use either to communicate with select people. So I elected not to use them. Just gonna use email.
17
_wmd 1 day ago 2 replies      
Is anyone qualified to comment on what this will do with my OS X address book and similar data should I open it?

edit: on the plus side, looks like it's just their web app repackaged using Electron. Still not sure what all these helpers are for though

18
jeena 18 hours ago 1 reply      
Meh, no Linux support, so I'll still be using Viber even though my siblings in Germany and Switzerland always try to get me to install WhatsApp instead, appearantly it is super big there. Here in Sweden noone ever asked me to install it.
19
dewey 19 hours ago 0 replies      
Even if it's "just a wrapper" the native notifications are worth it for me. I really wish iMessage would have a web view like WhatsApp that you can just open on another computer though. Even if it's not a Mac.
20
xerophyte12932 19 hours ago 0 replies      
So what is the benefit of this over the Web version? Same UI, both need the internet, both have desktop notifications, both need your cellphone to be connected to the internet. Not to mention, no linux version
21
joe_fishfish 18 hours ago 0 replies      
... And there's STILL no official iPad version.
22
syn_33 1 day ago 2 replies      
Still tethered to a phone... i'll just keep using this https://github.com/Aluxian/WhatsApp-Desktop
23
miseg 16 hours ago 1 reply      
If I leave my job, can I "log out" of the app on my work machine without access to that machine?
24
Tiktaalik 1 day ago 5 replies      
Nice. Maybe with this I can convince my friends to move over to WhatsApp from Google Hangouts. The lack of desktop app support for Hangouts has been driving me nuts.
25
a_imho 13 hours ago 0 replies      
the page is broken on Debian 8 / Iceweasel with ABE. Is it an outdated setup? Many times I feel people are fixing what is not broken to end up with something inferior.
26
colordrops 1 day ago 0 replies      
This is nearly identical to the WeChat desktop app. Looks like Whatsapp did some "innovation arbitrage".
27
ksec 19 hours ago 0 replies      
Why does it not Support Windows 7? Isn't that like 70% of Windows Market?
28
tfranco 23 hours ago 3 replies      
Is this a rip off from ChitChat?

https://github.com/stonesam92/ChitChat

20
Prison phones are a predatory monopoly One family fought back and won theverge.com
233 points by some-guy  8 hours ago   70 comments top 15
1
avs733 3 hours ago 3 replies      
While I find the conversations in here interesting from an economics perspective they are not solutions to the real problem. This is not a function of cost between inmate, provider, and family alone. These phone systems have a real and tangible cost on society as a whole. An enormous body of research [1] showing that offenders with better/more familial contact while incarcerated have vastly lower recidivism rates.

This is literally companies causing harm (and not just economic) harm to societies citizens at large. I respect jlafon's point of view but I can't agree. The fact that a system you create is difficult to adminster should not mean that the cost of dealing with it should be passed along to your 'customers' (gagging as I use that word). When a group of people chooses to put others in a position of limited power they have a responsibility to protect them from harm. Treating prisoners as a revenue stream at all is immoral and I believe unconstitutional. The argument that they should pay or do anything to contribute to their imprisonment is vapid and ugly. If we aren't willing to shoulder the burden of imprisoning them then we shouldn't do it. We absolutely should not be charging them or their families usury amounts of money to satisfy rules and situations we created.

Letting prisoners use the phone is labor intensive? Why? because you created rules and a system where it is. To spin it as more complicated or containing 'reasons' is post hoc justification nonsense and should be treated as such.

[1] Summarized here: https://www.prisonlegalnews.org/news/2014/apr/15/lowering-re...

2
jlafon 4 hours ago 6 replies      
First of all, I'm not defending what is obviously predatory. However, there is more involved then what you might think at first glance. Right or wrong, correctional facilities have reasons to discourage phone calls (context: I put myself through college working at a maximum security prison). Calls are supposed to be monitored (usually done manually) to prevent criminal business from being done on prison phones - and there are never enough people to listen to all calls. There are never enough phones either, which frequently causes tension between inmates using phones and those waiting for them. In higher security levels phones are labor intensive. An officer has to escort a (potentially dangerous) person from their cell to the phone, and stand there for the duration of the call. And to the article's point, it's such a problem that prepaid phone cards are a form of currency on the inside.
3
c3534l 5 hours ago 5 replies      
Why have we decided that the way to treat criminals is to systematically destroy their social support system for profit? This sounds like a terrible idea, and a direction that doesn't seem to be improving the American prison system in the least.
4
koolba 5 hours ago 7 replies      
If you give out monopolies, then this is what happens. Here's a simple idea to fix this: capitalism.

Mandate at least two providers at each prison and let them charge whatever they want. Let them race to the bottom so you get the same cheap voip rates the rest of the country has access to.

Oh and if they collude on pricing, throw the management in the same prison.

I bet they'd also start competing on the features the prison cares about too. Like tracking who's calling who, speech to text transcripts, and service levels.

Problem with this approach is that it doesn't allow for the cronyism that is ripe in this type of industry.

5
ndespres 6 hours ago 1 reply      
Thanks for sharing. I'm glad this is staying on our radar lately.

There was another link discussed here recently (https://news.ycombinator.com/item?id=11648361) about how these exorbitant prison phone calls are being replaced with video calls- and ONLY video calls. In the linked article we have this quote: The alternative to high rates isnt lower rates, the association has suggested the alternative is that phone calls in jails will be done away with entirely. "Absent these commissions," association president Larry D. Amerson wrote in a comment to the FCC, "counties would need to either increase taxes for the system or jails could potentially cease to provide inmates with this service." So either continue to support this monopoly, or don't speak to or see your brother/cousin/mom in jail at all.

Here in New Jersey where I live, as of yesterday you can no longer visit an inmate in a couple of our prisons, in person. Instead, you can pay Securus for a video connection to the inmate you'd like to speak with. I think if more people who were not directly connected to the System via a friend, family member, or personal experience were aware of what's going on, they would be appalled. Instead we conveniently pretend this stuff isn't happening.

From the linked article: [Securus'] Smith defended his companys profits on many of the same grounds other inmate phone companies do. The contracts, he says, are a source of funds for crucial corrections services like health care. "Its really a public policy issue," Smith says. Securus also provides security services, recording calls sent through its system and intervening to break up any illegal plots that it detects. "We really feel like we perform kind of a noble service for society," he says.

What he's not saying is that local municipalities can also get a kickback from the money paid to contact prisoners. So not only does it fund healthcare within the prison system (which of course are also increasingly privatized, so how much of that money do you think can be claimed as profit by the company running the prison), but to fix potholes etc in the local town.. on paper, at least.

What I wish these stories left me with is what to do next. Who do I call, petition, or vote for to get this changed?

6
hermannj314 6 hours ago 1 reply      
Our local jail charges for personal visitation, you get 2 visits per week free but can pay a "nominal" fee to stream additional conversations over the Web. Let's just say that fee was ridiculous. I can't find the link for it was $30 for 15 minutes I think.

As a former foster parent that was just trying to connect with the birth parents while they awaited trial, yeah those prices suck.

But hey, who cares about people accused of crimes, right? That's the American way.

7
electic 5 hours ago 1 reply      
I think this is a very unique article from a web design perspective. The counter on the left hand side, indicating the time you've been reading, and how much your charges would be if you spent that time on the phone is genius. It really hammers in the point of how unethical this practice is.
8
Overtonwindow 3 hours ago 0 replies      
It's getting worse. Prisons are now forcing inmates and families to use video visitation, eliminating all in person visits.

http://www.businessinsider.com/video-visitation-is-ending-in...

9
rbobby 5 hours ago 0 replies      
What a horrible thing to do to innocent American families. Bad enough their loved ones have fucked up mightily enough to be incarcerated but now the state gouges the hell out them just to talk to each other.

This is not how a government should treat its people.

10
mynameisnoone 1 hour ago 0 replies      
Hillary (and other politicians on both sides, from local to federal) get a ton of for-profit prison money. No wonder.

EDIT: VICE did a piece in 2014 on people getting locked up because they could not pay their parole fees. Yes, debtors' prison, where parolees pay (or not) for the privilege of freedom. https://news.vice.com/article/debtors-prisons-are-taking-the...

11
mason55 4 hours ago 0 replies      
I shared an office with a guy who did a couple years for white collar crime. He got out and started a business that placed local voip numbers near prisons then patched the calls through to long distance numbers. He charged way less than the prisons were charging for long distance calls.

He was making a ton of money last I talked to him.

12
njloof 3 hours ago 0 replies      
Can't we just let them have cell phones and let law enforcement tap them by getting a warrant?
14
Zigurd 5 hours ago 1 reply      
Think what a thrashing, including calling out the founders and management, companies like uBeam and Theranos get here. Ghouls like prison telcos are 100X worse. Where do we get people who run these operations? Who are they and what makes them tick?
15
kingmanaz 1 hour ago 0 replies      
Seems most of mankind's daily labors are inclined toward predatory monopoly these days; either creating their own or wage-slaving toward preserving another's. One laughs with today's comedians as they parody the manners of yesteryear, those musty, pinkies-out concepts of gentlemen and gentlewomen, that gullible faith in the golden rule, yet one's teeth are soon sent gnashing when those many insurances which buttress men's insolence are found to be effected by the same selfish, hard-hearted men as oneself.

Rather than Thoreau's "quiet desperation", the masses instead seem bent toward lives of "clawing desperation".

21
Twitter open-sources a high-performance replicated log service github.com
288 points by spullara  1 day ago   112 comments top 17
1
boredandroid 1 day ago 0 replies      
Several people asked how this compares to Kafka (I'm one of the people who created Kafka at LinkedIn). Here's my take:

I think the motivations they list are:1. Different I/O model2. Was started before Kafka had replication (the first release of Kafka with replication was in late 2013 I think)

The I/O model I'm less sure about, we looked at similar things for Kafka and they didn't seem worth it (basically you're doing a ton of stuff at the app level that the OS does pretty well--namely caching and buffering linear I/O), we'd have to look at actual benchmarks to know.

Here is my take on the pros and cons of the core tech.

Pros:- Seems to have better built in support for fencing/idempotence- Better geo placement?

Cons:- Lots more moving pieces. Already people are irritated that there are both Kafka nodes and ZK to set up. This system seems to split this over separate physical tiers for serving, core, storage, and zookeeper. My experience has been lot's of tiers is generally a big headache.

Neutral:- There seems to be a built in achival to HDFS. I think if the consumer is fast and efficient then you don't need to reach around your consumer api which will be high latency (since you have to wait for files to be closed out).

There is also a bunch of stuff Kafka does that I'm just not sure about how complete it is in DistributedLog:- Clients in a bunch of languages- Integration with all the major stream processing frameworks- Log compaction http://kafka.apache.org/documentation.html#compaction- Connector management http://www.confluent.io/blog/announcing-kafka-connect-buildi...- Quotas/throttling- Security/ACLs

2
duggan 1 day ago 1 reply      
People talk about Zookeeper as a negative, but in a quorum it's been one of the most stable and reliable pieces of software I've deployed, despite being a bit frustrating to set up / configure. Netflix's Exhibitor[1] is an indispensable addition to it.

Also, once you're on the Big Data train, a lot of things like to plug into Zookeeper, so it becomes more of a convenience.

Kafka, and presumably DL, are at their most useful when you're pushing the limits of NIC and/or HDD performance for throughput. Zookeeper's configuration is a footnote in the complexity of managing one of these systems, and lets them avoid implementing their own byzantine coordination system. Also, folks seem to appreciate Aphyr's opinion, and he states it pretty plainly: Use Zookeeper. Its mature, well-designed, and battle-tested. [2]

[1] https://github.com/Netflix/exhibitor

[2] https://aphyr.com/posts/291-jepsen-zookeeper

3
tcoppi 1 day ago 4 replies      
This could be an interesting competitor to Apache Kafka, which is singularly unique in this space as far as I'm aware.

On another note, I find it somewhat funny that these are called "log" services, logging is probably the least interesting use case for these things I can think of. A better description in my mind would be as a distributed event processing framework, since what they are really doing is distributing discrete events in a reliable manner.

4
heavenlyhash 1 day ago 2 replies      
This looks potentially fantastic. If I could beg one wish from the developers of this (and almost every other project anywhere near this space), though, it would be one tiny piece of documentation:

What's your unique ID scheme?

Let's say I'm willing to believe[1] that you've got Durable and Consistent down, once messages make it committed in to the system. What's the story for messages on their way in? My application logs are buffered to the local disk, now I'm streaming them into central storage, and halfway through a TCP connection that's shuffled 2mb of thousands of messages into storage, the connection terminates -- unexpectedly, midmessage. Could the service have committed more messages than it acknowledged? Or many less than I've sent? Both could be true from the network standpoint.[2]

So, what I need to know, and what should be very easy to answer, front-and-center in your docs, pretty please:

1) Where should my log uploader resume?

2) Is there any danger of repeatedly entering some lines?

3) If I have log lines that are legitimately duplicates, will they be stored at the correct count?

These are questions that may have a different answer than the durability after data makes it fully into the system. It also may provide useful information about how complexity the code in a submitting client is, because good answers tend to require some kind of ID sequence being assigned on submitting clients, afaict. And it's really just plain critical to sanity.

----

[1] well, no, I'm not, "trust by verify" in all things etc etc; but let's suppose that's more believable and something I have to mechanically verify anyway, and doesn't have an obviously observable boolean at the protocol level as to whether it's going to work well or not, and system internals simply don't have such a sordid history of being over-simplified until they're broken like client interfaces so often are, so...! We'll handwave that to a later and more involved step of quality investigation.

[2] https://en.wikipedia.org/wiki/Two_Generals'_Problem

5
ryanobjc 1 day ago 7 replies      
I was interested until I saw the Zookeeper dependency.

I have had too many deployment nightmares with Zookeeper. I would prefer to avoid it as much as possible, plus systems software in Java, sigh.

6
DenisM 1 day ago 2 replies      
Speaking of logs, I want to put some logging in place for my web server. I log every single request with extensive details, so I can debug things later if needed. It's several gigabytes per day now, so I can no longer just dump it on disk as I did for the last couple of years.

Since I'm on AWS EC2, I want to try this:

 - Write the logs to local SSD, asynchronously so as not hold back the http request. - Have a separate cron job that loops through the log directory and scoops up all the files. - The job will then stuff those files into a Kinesis Firehose. AFAIK, Kinesis Firehose does not require any capacity provisioning, unlike the Kinesis Streams, so I'm set "for life" (up to 5MB/second) - The firehose will accumulate the logs and put them into S3. Hurray unlimited storage! - S3 will trigger a Lambda. - Lambda will parse through the log from S3, pull out interesting properties (IP address, user id, session id, etc) and stuff them into a DynamoDb table. - If I need to see data from one user/ip/session I will use DynamoDb to find the right S3 blobs. - If I need to reprocess the logs to extract a new piece of data that I did not foresee earlier, I can run a map-reduce task
Except the last piece, this looks like something I can half-ass in a couple of days and forget about it for another couple of years.

Any opinions? I don't really want to use a SaaS log service because gigabytes per day.

7
crgwbr 1 day ago 1 reply      
Anyone know how this similar and different from Kafka? Or why Twittered decide to build their own instead of using and contributing to Kafka?
8
tlrobinson 1 day ago 1 reply      
How does this compare to Kafka?
9
vruiz 1 day ago 0 replies      
For those who like to watch talks, I found one on youtube:https://www.youtube.com/watch?v=QW1OEQxcjZc
10
moondowner 1 day ago 2 replies      
By checking out the code quickly it looks like it's built on top of Apache Bookkeeper http://bookkeeper.apache.org/ ?
11
stemuk 1 day ago 0 replies      
I am not that into this topic, but could you compare DL to Soundclouds Roshi[0], and if not, whats different? Thanks![0] https://github.com/soundcloud/roshi
12
hvmonk 1 day ago 0 replies      
I wish they had kept some of the commit history - would be tough to parse the project without it.
13
trungonnews 1 day ago 1 reply      
Does DL has a limit on the number of partitions like Kafka?
14
merb 1 day ago 3 replies      
100% Java. I'm wondering.Why doesn't this has any Scala?
15
swang 1 day ago 1 reply      
What? No bird related name for this project?!
16
alphadevx 1 day ago 2 replies      
Wonder how it compares to Facebook Scribe?
17
throwaway_xx9 1 day ago 6 replies      
No, actually Java is a bane to the database world.

Cassandra doesn't work, and Hadoop is a complete waste of hosts for most companies (hence the move to Spark.)

22
Former Facebook Workers: We Routinely Suppressed Conservative News gizmodo.com
318 points by uptown  2 days ago   346 comments top 52
1
throwit992 2 days ago 13 replies      
I have no great love of conservative politics, but there's a convincing argument to be made that their ideas and views are routinely suppressed by media outside of explicitly partisan media outlets (i.e. Fox News or talk radio).

There are a number of studies that back up this claim. A 2008 study[0] found that 88% of journalists donate to the Democratic party. Jonathan Haidt has shown[1] that non-economics social sciences skew more than 14-1 liberal to conservative (and that universities have not always been so skewed).

For anyone who believes these statistics are not based on overt discrimination based on political viewpoint, a recent study[2] showed that discrimination by party is stronger than that of race. The study did so by reproducing a landmark study that demonstrated the existence of unconscious racial bias (the implicit association test), but instead using political indicators. They found that partisan political positions triggered implicit associations 50% stronger than that of racial biases. There is also a recent book called "Passing on the Right"[3] which provides some personal narratives of conservative academics.

If you're relying on academic knowledge to provide you a sense of reality, you're viewing reality through a lens that is biased to a 93% degree towards one political pole, and then receiving that knowledge through a media system which is biased to an 88% degree towards that same political pole.

Even if you, like me, generally believe that the liberal political position is correct, ideological conformity of this magnitude should frighten you.

[0] http://www.washingtonexaminer.com/article/130902

[1] http://heterodoxacademy.org/2015/09/14/bbs-paper-on-lack-of-...

[2] https://pcl.stanford.edu/research/2015/iyengar-ajps-group-po...

[3] https://www.insidehighered.com/news/2016/03/30/new-book-deta...

2
s3r3nity 2 days ago 1 reply      
[Disclosure: I'm an ex-FB employee.]

This is a bit of a click-bait title, and is somewhat true -- but not in the way you think.

When FB was developing hashtags and content features, there was a concern that it is tough to find a middle-ground between 100% purely algorithmic generated content (i.e. leverage tastes data and supply articles suited to your interests) and 100% curated content (i.e. leverage tastes data, but only show articles from "reputable" sources and/or highly rated content, over shitty blog posts from amateurs.) The latter tends to do really well for engagement, as users can trust that the content they're seeing is reputable and popular. However the big concern that a number of us were raising was that tech companies have employees that are very biased in ways that they cannot control: they're younger, more liberal, and somewhat higher income, than the average FB user.

In my time there, I never heard of _explicit_ suppression of any viewpoints - with the exception of recent disagreements around the "Black Lives Matter" protests, the first time that I encountered a situation where disagreeing meant you were labelled a "racist" - but I can see why well-intentioned product and policy decisions led FB content down this hole.

3
pavlov 2 days ago 1 reply      
The American two-party system is so weird. It tries to condense a complex matrix of sometimes-overlapping and fluid opinion scales -- socially conservative vs. socially liberal, globalist vs. protectionist, environmentalist vs. laissez-faire capitalist, and so on -- into one binary value. And somehow people have become convinced that not only is such a binary scale meaningful, but also the only available choice.

In many European democracies there's a functional multi-party system where parties appear and disappear over time to reflect voters' opinions. For example, there might be a protectionist right-wing party that's favored by farmers, and another one that supports free trade and listens to big business. Same happens on all the axes. Governments are formed as coalitions of these "SMB-sized" parties based on the votes. It's not "winner takes all", but rather "winners and not-so-bad-losers negotiate to find common ground".

What if the Republican and Democratic parties would break up into 6-10 new parties to better represent the actual opinions of the existing divisions within these parties?

Statistics like "88% of journalists are anti-conservative" show how difficult it's to say anything meaningful about a polarized political field. To look at it another way, that 12% is roughly the level of support that extreme right-wing political parties enjoy in Europe these days. Lumping 88% of European voters together as one party would be ridiculous because that party would contain both former communists and free-trade globalists.

4
bunkydoo 2 days ago 1 reply      
I hate how Silicon Valley culture makes it seem like they are all for freedom of information and how the big bad government is censoring and surveilling things from a bunch of innocent hackers (startup guys) when in reality if given the opportunity this crowd does the EXACT same thing. I have limited respect for either party
5
patrickg_zill 2 days ago 4 replies      
The issue is that FB advertises itself as "conduit" or "network connection". You log in, communicate with people and the site tools, FB runs ads on your eyeballs, etc.

Similar to how I give my electricity provider money, and they give me electricity.

Now FB clearly sees themselves as (let's be honest) a "power broker" or "rain maker". Not the same as "utility" or "network connection" or "conduit".

6
welanes 2 days ago 0 replies      
I, and most of my friends, are liberal minded. After The Guardian established a policy of (ironically) closing comments on their Comment Is Free section when the article relates to refugees or Muslims, I decided to include sites like Fox, Breitbart etc. into my daily feed. (I found the reflex to stifle debate deplorable and wanted to step outside the echo chamber).

Discussions with friends have become more interesting for sure as I reveal their biases.

From defending real violence over threats of violence, (Trump rallies and protests) to ignoring crime statistics, to just being woefully ignorant of what position the other side actually holds, it's incredible to see just how steadfast the Left can be in their ignorance.

7
jrehor 2 days ago 0 replies      
Reading this must make China feel they made the right decision in banning Facebook. Not that they care about liberal v. conservative, but having their population manipulated by a cabal of Ivy Leaguers is a non-starter. The Chinese will run their own manipulation program, thank you very much.

Other governments may be starting to come to the same conclusion.

8
ape4 2 days ago 1 reply      
Some newspapers have well known left or right leanings. But its declared and out in the open. Most people thought Facebook news was organically trending. That's the difference here.
9
nil_is_me 2 days ago 3 replies      
It has been blatantly clear something is up with their Trending algorithm when you notice there is a Trending: Hillary Clinton header on top of every single shared Bernie Sanders article. Never once have I seen a Trending: Bernie Sander header.
10
Gratsby 2 days ago 2 replies      
This seems like a story built specifically for a segment on Fox News where the newscasters feign shock and horror that their news topics aren't being covered by "mainstream media".

Of course trending news is curated. All hell would break loose otherwise.

There is no shortage of rabid political content conservative or otherwise on Facebook. A good part of the end user community would rather not deal with it.

11
gourou 2 days ago 0 replies      
It's crazy how Facebook and Google could tip the scale during Election Yearhttp://www.politico.com/magazine/story/2015/08/how-google-co...
12
exabrial 2 days ago 4 replies      
It really bothers me that acceptable forms of protests are now: intimidation(1), harassment(2), and subversion(this).

If your cause is just, isn't a non-violent protest enough? Speaking about it, voting with your dollar, etc?

1) http://gizmodo.com/okcupid-tells-users-not-to-use-firefox-be...

2)https://en.wikipedia.org/wiki/IRS_targeting_controversy

13
kaendfinger 2 days ago 2 replies      
Regardless of political opinion, I think it's disgraceful to only show biased views.
14
notliketherest 2 days ago 2 replies      
The problem is, as a private company, should Facebook choose to manipulate it's news feed algorithm to promote one candidate or the other, or for whatever reason, this would be its prerogative under the First Amendment.I personally choose to not use Facebook specifically for these reasons. Even though I know many Facebook employees personally, I don't trust it's employees to divorce their own interests and their powerful position as Facebook's curators.
15
lazzlazzlazz 2 days ago 4 replies      
> It was absolutely bias. We were doing it subjectively. It just depends on who the curator is and what time of day it is, said the former curator.

> Other former curators interviewed by Gizmodo denied consciously suppressing conservative news, and we were unable to determine if left-wing news topics or sources were similarly suppressed. The conservative curator described the omissions as a function of his colleagues judgements; there is no evidence that Facebook management mandated or was even aware of any political bias at work.

It sounds like any issues were from curators who weren't being adequately supervised, instead of top-down orders from executives at Facebook.

This is different than what the current Hacker News headline suggests. Can we all collectively read the article and understand that the issue is different than our preconceptions lead us to believe?

16
thesimpsons1022 2 days ago 1 reply      
Every once in awhile a Red State or conservative news source would have a story. But we would have to go and find the same story from a more neutral outlet that wasnt as biased.

How awful.

17
carsongross 2 days ago 3 replies      
I am a conservative and I see nothing wrong with this. It is their software and their servers, after all.

I want a collapse in trust in the major social networks. This is the internet we are talking about. Let them suppress, and let them see what happens.

18
maldusiecle 2 days ago 1 reply      
I'd be interested to know a little bit more about how this relates to the news sites that are covering the story. Breitbart isn't much better than a tabloid--arguably worse, even. It's equivalent to leftwing sites like Alternet, which I also wouldn't expect Facebook to be comfortable linking to.
19
morgante 2 days ago 2 replies      
Keep in mind that this allegation is coming from a single conservative curator who no longer works there.

And even he seems pretty indecisive about it being an institutional bias: "Id come on shift and Id discover that CPAC or Mitt Romney or Glenn Beck or popular conservative topics wouldnt be trending because either the curator didnt recognize the news topic or it was like they had a bias against Ted Cruz."

If Facebook is trying to suppress conservative news, they're doing a terrible job of it. I see far more Trump than I would like.

20
littletimmy 2 days ago 0 replies      
The more I hear about what Facebook has become, the less I like it.

Previously we heard that they run experiments to alter users news feeds to see if they could alter their mood, now we learn they're engaging in what is basically propaganda by suppressing certain viewpoints. And all this for what? So that you can be advertised to while you waste your time on the internet. What a terrible company. Speaks ill of humanity that it is so popular.

21
throwaway2016a 2 days ago 3 replies      
Anecdotal: apparently this isn't work for me. My news feed is FILLed with conservative election news. How can I enable this feature ;)
22
DanielBMarkham 2 days ago 3 replies      
People are people. In a way this isn't news at all.

The problem is that these companies are hiding behind the "But it's all just an algorithm" defense, when, in fact, as we all suspected, there are real people behind the scenes slanting things.

My gut tells me that a lot of tech companies are subtly controlling the types of news their consumers get. Overall this is probably a good thing -- helps keep the quality high. But I'm a libertarian. If a bunch of left-leaning folks start controlling what I consume from a political angle and not just quality angle -- and then lie about it? Really pisses me off.

Yes, you're a private company. Do whatever you want. It's the lying that's the problem here -- and the implication that the electorate needs people better than they are to control and guide what they're allowed to talk about.

I bet we continue to hear about this, and in places most people would never suspect, over the coming decade or two. This is unacceptable, and something is going to need to give somewhere.

23
brown9-2 2 days ago 2 replies      
Let's actually examine the claims:

Among the deep-sixed or suppressed topics on the list: former IRS official Lois Lerner, who was accused by Republicans of inappropriately scrutinizing conservative groups; Wisconsin Gov. Scott Walker; popular conservative news aggregator the Drudge Report; Chris Kyle, the former Navy SEAL who was murdered in 2013; and former Fox News contributor Steven Crowder.

What scandals were being discussed yet suppressed from the "trending news" list out of these examples? How many of these examples are actual news stories? The IRS thing turned out to be overblown bullshit, what about the rest of them?

When was the last time you heard your friends talking about Scott Walker, the guy who flopped in the polls and dropped out of the race before a single primary?

It shouldn't be surprising if these curators decided to wait to see if a story being shared from breitbart.com was reported by bigger news outlets first. Many of these so-called conservative media outlets have a terrible record on reporting actual news.

It is possible that Facebook suppresses actual news. It is also possible that this source (falsely) believed that not-really-news-or-trending stories were "suppressed" when in fact they were just not popular or smelt like bullshit.

24
oarsinsync 2 days ago 1 reply      
TL;DR 'Trending News' is actually 'Curated News'
25
hugh4life 2 days ago 0 replies      
I always use uBlock's "element picker" to block out trending topic lists as I find them somewhat manipulative.

1) I do sometimes suspect biased curation 2) They can be astroturfed 3) Even if spontaneous there's a virtual mob mentality that comes with trending topics.

Trending topic lists are ok if they're on their own separate page but when you have it upfront the subtext is "this is what you must care or know about".

26
partiallypro 2 days ago 0 replies      
I am confused why Facebook needs news curators to begin with? Why can't the news just be organic entirely and use ML to curate it per person. I can understand blacklisting certain sites or topics just for pure sanity or appropriateness. Having people as curators just seems like wasted capital.

Anyhow, I find this abhorrent, but I think Facebook has every right to do it as a private entity. I don't think they have a social responsibility to be 100% even. What does bother me is that they claim to be evenhanded, I do want transparency, especially when you are basically the monopoly in social media (excluding Snapchat and Twitter, they own everything.)

This also presents a problem, I think with Twitter's new algorithmic timeline and why the real-time feed is vastly superior for their model (I'll beat this dead horse until Jack realizes how dumb it is.)

27
nil_is_me 2 days ago 2 replies      
What happened to the other thread on this?
28
VladKovac 2 days ago 0 replies      
If you actually read the article it says "there is no evidence that Facebook management mandated or was even aware of any political bias at work". In other words this title is click-bait bullshit, it was up to the curators discretion.
29
zepto 2 days ago 2 replies      
Note that the source for this is a single self-identified conservative ex-contractor.
30
HillaryBriss 2 days ago 0 replies      
> When users werent reading stories that management viewed as important, several former workers said, curators were told to put them in the trending news feed anyway.

Maybe a goal here is to try to ensure that the FB community does not _appear to outsiders_ to be a right-wing, conservative, un-cool community.

If the FB user base were seen as a collection of mainstream, or even right-of-center, people, it would be bad for business. A lot of observers and decision-makers in industry might spend their ad dollars somewhere else.

31
6stringmerc 2 days ago 0 replies      
>The former curators, all of whom worked as contractors, also said they were directed not to include news about Facebook itself in the trending module.

Heh, not really a big surprise to me. Rule probably doesn't apply to whenever MZ makes a big announcement though. Betting those got stuck high in the rankings from day 1. Anyway, sounds about right for any image-protective service, or, you know, typical state-run-media censorship.

32
api 2 days ago 2 replies      
What if it were liberal news? This is basically the filter bubble problem. All filters have biases whether they are human or algorithmic.
33
xmstr 2 days ago 0 replies      
Any news outlet or aggregator that's claims it is unbiased is probably lying. If there are humans involved there will be bias.
34
PaulHoule 2 days ago 1 reply      
So what.

The day Bill Clinton got elected, Rush Limbaugh started counting the days of "America Held Hostage".

Today Fox News leads every day with how there is a Nggr in the White House and we all hate Obama and everything he stands for, and it is a tragedy we will get four years of Hillary because the Republicans are so screwed up, and...

Right wing "thinkers" get unlimited funding from the likes of the Koch Brothers and free copies of their books get mailed to all the public libraries in America. Even on "liberal" CNN they regularly have panels of "conservative thinkers", and the Economist features a "conservative thinker" who is a Senator from Nebraska.

When they bring a "liberal" on it is always somebody who works for a campaign or the Democratic party.

Conservatives get all the breaks but they are always bitching they aren't treated fairly. It worked for Nixon but hasn't worked for any Republican candidate ever since.

35
vox_mollis 2 days ago 1 reply      
Quite interesting that two highly-active posts on this topic have been very rapidly removed from the frontpage.

Clearly something the community would like to discuss; clearly something HN doesn't want discussed.

36
thecity2 2 days ago 0 replies      
Facebook's trending news algorithm is just Soylent Green, after all?
37
mc32 2 days ago 1 reply      
Yes they are a private publicly traded company and they are within the law to manipulate news or whatever they want with their platform in most places at this time. However, if they were to become a clearinghouse for information I would think eyes of scrutiny would descend and look at how they attempt to manipulate news and opinion.

It's not clear who (in the hierarchy) is behind the decision to shape the news nor is it clear why they would mainly suppress conservative stories over liberal stories. Are liberal sources less prone to exaggeration? Or would they simply upset their audience less?

Interesting never the less. And certainly this could have serious repercussions on how news is consumed and perceived.

38
pklausler 2 days ago 4 replies      
Perhaps Facebook was suppressing "news" items contradicted by empirical reality, and this policy disproportionately affected conservative positions.
40
cloudjacker 2 days ago 1 reply      
This is routine on all media sites and social networks, nothing to see here.

Also way cheaper than funding a super pac am I right

41
dba7dba 2 days ago 1 reply      
NEWS sites that filter out news to meet its own agendas? Expected.

But let's stay focused on the topic, Facebook.

42
lettergram 2 days ago 1 reply      
Interesting, just last week my friend and I were debating how much Google and Facebook can influence an election.

We agreed it would be catastrophic if either decided to lean one way or the other...

Facebook is essentially suppressing free speech. Although, it has somewhat a right to do what it wants, it is skewing what other people share with one another (which is a big deal)

43
bobwaycott 2 days ago 4 replies      
This is obviously very bad from the standpoint that the trending news section is ostensibly supposed to be organic, based on user behavior, and free of biasexcept that which is inherent in the users themselves sharing things to be picked up as "trending". It appears that "trending news" has really been "curated news". Not cool at all.

More concerning than trending news actually being curated news is learning that negative stories about Facebook were allegedly actively suppressed. Doublenotcool at all.

However, that there is "conservative news" and "liberal news" is even more bothersome. Especially that it's offered as something anyone should find to be acceptable as an idea at all.

> But we would have to go and find the same story from a more neutral outlet that wasnt as biased.

This is delivered as if it is inherently a bad thing, when it most assuredly is not. When I come across a story about anything, I actively prefer to find it covered by a neutral outlet that isn't as biased. This is, to me, a good thing, and what news should be. News should be information about events. If I want opinionated and editorialized news, I'd go after an opinionated and editorialized source. They abound. That anyone who calls themselves a journalist would call out the suppression of "conservative news" or "liberal news", instead of calling out the elevation and coupling of inherent bias in reporting as the problem itself, strikes me as more than worrisome.

To my thinking, there is a difference between news that is of interest to [insert ideological group identification] and news that is delivered through the bias of [insert ideological group identification]. I would love it if there was a way to identify and filter news from a neutral outlet with less (ideally no) bias. I recognize that is largely impossible, as we cannot rid ourselves of our biases very easily. However, we can recognize our biases and seek to counterbalance them. We can also make attempts to actively omit them from news coverage. An outlet can report on facts.

That said, it appears this story highlights both: a biased suppression of news that is of interest to conservatives and news that is delivered through the lens of conservatively biased opinion and sources. The former is entirely bad, as it actively omits information that a group would like to know. The second is far less onerous to me, as I personally would love it if there were algorithmic delivery of actual news from outlets that eschewed biased delivery and editorializing.

Edit: It is made clear in the article that part of the problem stems from Facebook's desire to compete with Twitter for real-time trending news. This is unsurprising, as should the outcome be to readers and users. Facebook created a tool to allow humans to modify news in the trending section that wasn't organically trending. Someone thought this would be a competitive net positive because it could allow Facebook curators to keep up with breaking news that was "all over Twitter". That Facebook hired curators, and that one or more of those curators then divulged information about this tool being used to subjectively inject or suppress stories seems entirely unsurprising. The tool obviously should not exist. Creating it was a very dumb move. Not militantly monitoring and correcting its misuse was even dumber.

44
chris_wot 1 day ago 0 replies      
See also: http://finance.ninemsn.com.au/careers/careersnews/9117323/fa...

Facebook deleted my friend John Dickson's post, so this happens. I don't agree with John's post, but I don't expect civil (if I feel misguided) discourse to be deleted. I want to be able to speak to the person and state my position, and have them clarify there's, and so on - you know, free discourse and dissemination of ideas!

45
angersock 2 days ago 2 replies      
Mmmm...yes....truly those backwards conservatives don't have any real news.

/me swirls whiskey and tips fedora

Seriously, do you even recognize how condescending you sound?

46
notliketherest 2 days ago 2 replies      
Just a rant because I'm sick of the hypocrisy and double standards being perpetrated by the media and ignoramuses and I guess Facebook too - Black Lives matter is a racist, anarchist organization that engages in illegitimate and illegal protests, and whoever is funding them should be investigated and stand trial for supporting terrorist organizations.
47
kelukelugames 2 days ago 3 replies      
Do you believe facebook does this? It's a Gawker article.
48
icomefromreddit 2 days ago 0 replies      
It seems the consensus in this thread is the justly moral superiority and the infallibility of the left over the always faulty right.
49
jackmaney 2 days ago 0 replies      
I fail to see an actual problem with this.
50
HillaryBriss 2 days ago 0 replies      
FB must avoid the outward perception that its members are a collection of right-wing cranks. That perception would be bad for business.
51
jessaustin 2 days ago 0 replies      
Is this even in the top fifty of shitty things facebook does? I ask that as someone who has visited the site four or five times in my life. Every time has confirmed how horrible it is. Every item about FB I see in the rest of the media is a complaint of some sort. What is going on?
52
deleterious 2 days ago 1 reply      
Since 99% of "conservative" news is manufactured by corporate America, then manipulated, packaged, (Often repackaged.) and presented by Faux News, I'm actually okay with this. It may be supporters of Drumph and company learn the hard way just how almost everything we enjoy as Americans is very much at jeopardy because of Corporate America pushing their agenda and only their agenda through their media outlets. In other words, enjoy your market and real news manipulations. Drumph supporters if successful will earn it!
23
Redis Loadable Modules System antirez.com
293 points by djanowski  1 day ago   59 comments top 19
1
educar 1 day ago 2 replies      
The docs explain the module system (https://github.com/antirez/redis/blob/unstable/src/modules/I...) but it doesn't quiet explain what the system is for. I couldn't quite get that from reading the blog post or the doc page. Specifically:

What kind of modules did you have in mind when designing this? Are any of the below possible?

* ldap backend login system

* multi-tenant redis

* alternate db format/file system.

* implement a new redis data type. say built-in date support

* can i implement new commands and operators on said data types

An of course, thanks for this fantastic software. We use it everyday. Will read in more detail about this over the weekend :-)

2
astrodust 1 day ago 0 replies      
There's been a lot of unusual features I've been hoping Redis will support but obviously given their edge-case nature it's unlikely that they'd ever be implemented.

This is great to see. Instead of cluttering up the core engine with junk people can mix in their own functionality.

3
aaw 1 day ago 2 replies      
This looks interesting. I've only glanced at the docs, but it looks like this module system lets you define new commands but not necessarily new data structures (since you'd have to implement RDB/AOF serialization for those).

Are there plans for that? It's probably possible to do most of that with this module system but you'd have to serialize the data structure into a string and "type X" wouldn't return your custom data structure type.

4
BadgerEmeritus 1 day ago 0 replies      
This is great and long awaited, please consider some kind of a namespacing scheme for module-defined commands though, or things can easily become messy.In the module example the "hello." prefix is specified for all defined commands - it would probably be better to specify it once on module initialization and have all commands defined by the module prefixed with it automatically, the module registries could then manage the prefix registration/allocation to module authors.
5
avar 1 day ago 1 reply      
Since Redis is BSD licensed I wouldn't be surprised if this is the start of popular paid-for proprietary third party modules.
6
derefr 1 day ago 1 reply      
If these modules are going to be as fast as the native commands, is there any reason to not lift the entire native command set out into a set of "base" modules?
7
spullara 1 day ago 1 reply      
I once built something like this for Redis but never really thought he would do it!

https://github.com/spullara/redis/tree/plugins

8
shawn-butler 1 day ago 6 replies      
How people can code on airplanes amazes me. I have tried but the cramped space, the constant interruptions.. I never get much done.
9
akbar501 1 day ago 1 reply      
@antirez, is Redis 4.0 going to be part of the more rapid release schedule (will we see it in 3, 6 months) or are major upgrades still annual releases (we'll see 4.0 in 12 months)?
10
manigandham 23 hours ago 1 reply      
https://github.com/RedisLabsModules/redex

Shows some sample modules from Redis Labs called RedisEx, pretty useful stuff (although most of these should really be in Redis by now but at least it's an option to include as modules).

11
evantahler 22 hours ago 0 replies      
So who is adding node.js support?!
12
MasterScrat 16 hours ago 0 replies      
Someone should really implement an interval module.

This custom implementation was pretty good: http://blog.togo.io/how-to/adding-interval-sets-to-redis/

13
maerF0x0 1 day ago 1 reply      
they also announced a couple of "hubs" for hosting/discovering these plugins, plus a vetted one by redislabs
14
lsiebert 18 hours ago 0 replies      
Super excited to hear about this at Redis Conf, looking forward to implementing a few ideas.
15
halayli 1 day ago 1 reply      
I bet a package manager will follow it. redis install moduleX and then we'll have lib and target dependencies.
16
therein 1 day ago 0 replies      
Sounds exciting. Hopefully it won't be as under-appreciated as Apache Traffic Server's plugin system.
17
awinter-py 1 day ago 1 reply      
databases (redis included) are awesome. It's always surprising to me that we don't run web apps directly on the database; they're high-performance, durable and parallel, and for some apps are already the perf bottleneck.

I think the only reason we don't is that deployment and testing isn't straightforward. Fingers crossed antirez will get this right.

18
angelbob 1 day ago 1 reply      
I'm hoping there's an easy way to turn this off for the foreseeable future, to avoid all the obvious security holes this is likely to introduce.
19
MBCook 1 day ago 2 replies      
I tried to read the article but I couldn't. It's all one big <pre> block. The word wrapping is wrong on input! Individual paragraphs are groups of individual lines and extra long lines that the browser wraps for you. So you end up with lines in the middle of paragraphs that only have one or two words.

Net result is it's very hard to read.

I tried Safari's reader mode, but that was even worse. Because all formatting comes from happenstance in the <pre> tag reader mode loses all formatting. The entire article (and code!) becomes one long block of text.

I'm continually amazed at people's attempts to reinvent text layout in the browser.

24
Java Polyfill for the Browser javapoly.com
327 points by velmu  3 days ago   86 comments top 30
1
jerluc 3 days ago 1 reply      
To others trying to use this demonstration:Be patient with the page, as it has to download quite a few JAR files in order to be ready to compile and run any test code. To verify that the javapoly is ready to run your code, open the web developer console and wait for it to say "Java Main started". Additionally, first-time compilation will also need to download additional JARs for the demo code to run. Generally speaking though, the compilation time is a good 5-10 seconds on my computer for the demo code, so be sure to not just spam the compile button like I did :)

 ----
Just a friendly note to the author of this page:The total download size of this page's underlying Java resources are much larger than I realized (maybe a collective 30-40MB). Given that I waited almost 5 minutes after clicking "Compile & Run!" for nothing to happen (because I had clicked it well before the runtime JARs had fully downloaded), I would suggest to at least add a progress bar or something to let users know when they can actually compile and run the demo code, in addition to some acknowledgement that the code is compiling. This is definitely an interesting project though.

2
jvilk 3 days ago 1 reply      
Lead author of Doppio here! This is quite cool. I don't recognize the authors of this work, so I was unaware of the project and was surprised to see it on the front page of HN!

If you find any issues with Doppio or have any requests, feel free to open up an issue on our GitHub issue tracker.

3
huskyr 3 days ago 1 reply      
Maybe someone could make Rhino[0] run in this, so we can run Javascript in Java in Javascript! Yo dawg!

[0]: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Rh...

4
grizzles 3 days ago 1 reply      
I have an experimental version of chromium running with the JVM somewhere on my HD. It's pretty easy to do with CEF/JCEF.

Two thoughts:

I always imagined something like this should use the <object src="app.jar" /> tag. If you consider that someone could build a browser again with java in it, (like I have) then it would be good to design a polyfill such that, it allows for a native version to exist (and then doesn't run) Also using the same mimetype for jars, classes and source files seems non optimal.

It would be really good if gwt,doppio,teavm all agreed on a single api facade for targeting the browser API. I think that would really put some steam behind the underlying idea here.

5
cateye 3 days ago 0 replies      
This should have a DK: prefix= data plan killer. I was browsing on my phone and realized that it was downloading a lot of libraries. It can be especially a problem when data roaming in Europe.
6
aiaf 3 days ago 0 replies      
Should show a loading progress indicator for the demo because that took ages & I thought it was broken until I inspected Console.
7
AshleysBrain 3 days ago 2 replies      
Huh - could this run existing Java tools like Google Closure Compiler in the browser? That would be handy for simplifying distribution, especially since the Java installer started bundling crapware.
8
karussell 2 days ago 2 replies      
What is the difference of this to doppio? A new approach from some of the doppio authors?

Also if someone says this is useless an interesting use case could be e.g. a hybrid navigation applicationhttps://karussell.wordpress.com/2014/05/04/graphhopper-in-th... or portable native apps using a webview

BTW: I got lots of errors in the Firefox console saying 'Error: Assertion failed: A non-running thread has an expired quantum' although the example works (should have a progress bar :))

9
emeryberger 3 days ago 1 reply      
It's nice to see this work taking Doppio into new places. For an overview of Doppio, BrowserFS and the DoppioJVM, here's a video presentation mostly based on a talk given by John Vilk at PLDI 2014. Unfortunately, there's no audio, but the slides should be easy enough to follow.

https://vimeo.com/106106738

FIXED - forget this video, watch John deliver it at Microsoft Research! http://research.microsoft.com/apps/video/default.aspx?id=238...

10
roywiggins 3 days ago 1 reply      
My browser hangs for ten seconds as soon as I try to load the page, followed by an unresponsive script error.

I'm on a pretty anemic computer, but there's got to be a way to keep my browser responsive while it loads in everything it needs.

11
expertentipp 2 days ago 1 reply      
My browser froze when loading the website which apparently uses the polyfill. Everything as expected.
12
epicureanideal 3 days ago 1 reply      
Excellent execution, and very cool idea.

Somewhat in jest let me say, "People are complaining that JavaScript is a terrible language. Great, let's put Java in the browser." Now we have an even worse language to code in for the browser.

Note: jvilk explains the perfectly valid reason for this library in another comment below.

13
kodfodrasz 2 days ago 0 replies      
<script type="text/java" src="http://www.yourdomain.com/jimboxutilities.jar"></script>

having text/java as MIME type - instead of at least looking up the correct one in Wikipedia makes this implementation look quite uggly on the first sight.https://en.wikipedia.org/wiki/JAR_(file_format)

Also I cannot imagine a single valid usecase for this.

14
cel1ne 2 days ago 1 reply      
Kotlin, the "better Java" language by JetBrains, can also compile to JavaScript.

http://try.kotlinlang.org

15
elwell 2 days ago 1 reply      
I suppose Clojure devs needn't learn ClojureScript anymore. ;)
16
binoculars 2 days ago 2 replies      
There's a good reason every major vendor killed off Java applets in the browser. This is probably the worst idea since Windows 95 on the Apple Watch.
17
sspiff 2 days ago 1 reply      
License is ISC, in case anyone is wondering.

They don't mention it anywhere, but you can find it in the package.json file in their git repo.

18
karussell 2 days ago 0 replies      
If someone wants to jump directly to the sources :)

http://git.javadeploy.net/jimsproch/JavaPoly/tree/master

20
loxs 3 days ago 1 reply      
I'm always amused when a new and "better" (browser) technology's website makes my browser hang up.
21
amelius 3 days ago 1 reply      
The most difficult part (I think) of writing a JVM is the concurrent garbage collector. Is this making use of Javascript's garbage collector to do the heavy lifting? Or do they implement their own GC in Javascript? Also, I'm wondering how they are handling concurrency.
22
jrowley 3 days ago 1 reply      
It'd be interesting to see if they could get multithreaded support with web workers. Good stuff!
23
tempodox 2 days ago 1 reply      
Every time I read polyfill I think it has to do with pixel graphics.
24
code_sloth 3 days ago 2 replies      
The only thing that came to my mind was "why put yet another abstraction in the browser?".

Then I realised the answer was probably "because they could".

Someone will write a C compiler in Java and stuff it in the browser next...

25
vaibhavkul 2 days ago 1 reply      
It would be interesting to see how this performs, when it comes, in WebAssembly.
26
lemonade 2 days ago 0 replies      
Other useful hint to authors: the Starter Pack seems to be missing on the server ...
27
fallenshell 2 days ago 0 replies      
You can kiss your data plan goodbye after visiting this. Exercise caution.
28
huula 3 days ago 0 replies      
Cool! It would be great if it could a little bit faster tho.
29
boredatnight12 2 days ago 0 replies      
Madness. No thanks!
30
homero 3 days ago 0 replies      
Wow speechless
25
How Breakfast Became a Thing priceonomics.com
246 points by samsolomon  2 days ago   193 comments top 25
1
bbarn 1 day ago 13 replies      
I started to read this with some interest, as someone who's spent many hours thinking about and trying different metabolic strategies, diets, etc..

Then about 30 seconds in my reading got disrupted by a fucking light-box asking me to sign up or log in or god knows what.. my instinct to close tab won out over my curiosity. Please stop this pattern. If you really think your content is worth having to (whatever)wall from the public, do so, but don't make me get into it and then shove something mid word into my face. This is the digital equivalent of giving me a magazine to read, waiting until you're sure I've got my eyes on it, then shoving a business card in my field of vision and telling me what you do for a living. It's a low rent tactic, annoys rather than grips your users, and it reeks of desperation to monetize.

2
jcoffland 1 day ago 5 replies      
It's just amazing how much "common knowledge" about food has been shown to be completely wrong:

 * Breakfast is the most important meal [0] * Saturated fat is bad [1] * Carbs are evil [2] * You regain more weight after a fast diet [3]
Many will argue but studies have show each one of these to be wrong.

[0]: https://www.washingtonpost.com/news/wonk/wp/2015/08/10/the-s...

[1]: http://www.eufic.org/page/en/show/latest-science-news/fftid/...

[2]: http://www.nature.com/nutd/journal/v6/n2/full/nutd20162a.htm...

[3]: http://www.thelancet.com/journals/landia/article/PIIS2213-85...

3
Aelinsaar 2 days ago 4 replies      
Dropping breakfast from my diet as a regular thing, something as simple as just getting started later in the day on eating, has been incredibly helpful in losing (and maintaining lower) weight. It's not the only thing of course; generally eating smaller portions, and moving my butt more are the other two keys. Obsessing over exactly what I'm eating and how much has never helped, but just eating less... it sounds simple, but it's what works.
4
nihonde 1 day ago 2 replies      
In Japan, I learned what a truly healthy breakfast is.

Most days I eat a bowl of brown rice with a raw egg stirred in and a dash of high-quality soy sauce and topped with natto. Some days I'll also grill salmon or smelt. On the side, I usually have tsukemono (pickled vegetables) and miso soup.

Protein, probiotics, pickles...once you get used to it, the idea of eating sweet desserts for breakfast (which is what most people eat) seems counterproductive.

(By the way, it's probably true that many people in Japan eat the same crap as Americans do for breakfastthere's no shortage of bread, donuts, etc.)

5
Guildpact 1 day ago 5 replies      
I eat cereal and milk as a dessert at night in place of something like ice cream, because that is what it is. People who eat cereal for breakfast are no better than people eating donuts or other sweets, it is just an awful way to start your day because of the blood sugar spike and then drop which creates hunger pangs.

You can combat it by having a proper breakfast focusing on protein and low glycemic index carbs, eggs, steel-cut oats, omelettes, etc. A favorite of mine is proatmeal, make some oats and then mix in BSN Syntha-6 vanilla ice cream protein powder, absolutely delicious. The other way to combat it as suggested by people in this thread is to drop breakfast all together besides maybe having coffee and a granola bar.

6
thomasjudge 1 day ago 4 replies      
How did priceonomics become a thing.. this seems like a clickbait site for the more intellectual crowd, less trashy than say buzzfeed, but ultimately not really delivering much in the way of genuine insight. It probably doesn't hurt that the name recalls "freakonomics", another brand which, while occasionally interesting, is far past its pull date as well..
7
aznpwnzor 2 days ago 2 replies      
I was just bringing this up as a possible thing the other day at work. It was always weird to me how marketed breakfast was. The irrational vitriol I received only further convinced me how much breakfast (specifically grains heavy) is due to marketing.
8
awinter-py 1 day ago 0 replies      
For mice (and presumably for certain other mammals), 12-hour daily fast seems to have positive outcomes.

http://well.blogs.nytimes.com/2015/01/15/a-12-hour-window-fo...

The study suggests this is true even if you cheat on the weekend.

I'm super-dubious of evidence showing that breakfast improves school outcomes (except where it helps meet kids' calorie needs). You know what else boosts school outcomes? Sedatives, because school is hella boring. That doesn't mean sedating kids or adults is a good idea.

9
hyperchase 1 day ago 6 replies      
I need to eat around 3000 calories per day to support my powerlifting training, and if I don't eat something first thing in the morning with a shitload of carbs -- usually something like rolled oats, berries, and a few bananas -- then I'm usually gassed and feeling like crap by 10.

A few friends of mine fast intermittently and train in the morning before eating but it's beyond me how that is not just pure torture.

10
jmarinez 1 day ago 2 replies      
I've dropped breakfast for about a month now and I feel so much better. I'm eating a heavy lunch and then dinner. Lost weight and it wasn't on purpose. As a result I've been questioning a lot of our norms. Not only when we eat, but what we eat and why. Loved the article.
11
hyperpallium 2 days ago 2 replies      
When I was multiday camping and bicycle touring over mountainous terrain, I tried skipping breakfast once (it takes extra time), and it left me strikingly weak.

Very different energy demands from office work.

12
dpweb 2 days ago 3 replies      
Obesity problem as well. I know some people don't like to hear it, but breakfasts can easily go 800 calories and up. You are starting off the day in surplus.
13
hasenj 1 day ago 1 reply      
Misleading title. Many cultures have a concept of a morning breakfast meal.

Title should be: How cereal became a thing in America.

Where I grew up, breakfast was just eggs, bread, and tea (or milk-tea).

14
musgrove 1 day ago 1 reply      
I'm more interested in how breakfast food became mostly garbage for so many Americans. May as well eat a Snickers, chili dog and a Coke from the gas station when you get up.
15
OneTwoFree 1 day ago 0 replies      
I don't drink coffee at all. I eat a vegetarian sandwich every morning when I go to work, it gives me a good start for the day, I feel sharp and focused all morning. Sometimes when the sandwich shop is closed I buy something like a chicken sandwich, and that makes me more sleepy and tired.

Lunch is usually a big pile of rice with some vegetables and meat. Wow, this makes it reeeally hard to stay awake at the afternoon, but there aren't many options for lunch near the workplace.

For dinner, my wife cooks something also usually rice with some meat and veggies. But about 1 hour before I plan to go to sleep I eat 1 or 2 bananas. I always had hard time sleeping, and I read that bananas are good for sleeping because it contains potassium. For me it works. Although this might be completely placebo, because bananas don't work for my wife.

16
biswaroop 1 day ago 3 replies      
This may be an argument against breakfast for the sedentary, but athletes on extended training programs usually need to eat in the morning. You're much more likely to hit the wall on an empty stomach, a few hours into your training.
17
wslh 1 day ago 0 replies      
I find more insight and less conspiracy in "History of breakfast" from Wikipedia[1]. The Wikipedia article talks about different perspectives before 1800 since it is not clear why the article is talking about the American breakfast instead of focusing on different cultural perspectives (e.g. "Before cereal, in the mid 1800s, the American breakfast was not all that different from other meals").

[1] https://en.wikipedia.org/wiki/History_of_breakfast

18
raz32dust 1 day ago 0 replies      
Title is misleading. It should be titled "How cereal became a thing". But that is kinda obvious and no one would probably click it then.
19
iomind 1 day ago 0 replies      
If you have ever chance to read any ancient Greek historian, you would notice breakfast was a big deal back then. Xenophon for example mentions it about every time he describes how the morning starts in an army camp. This is just another click-bait article, don't fall for it.
20
chestervonwinch 1 day ago 0 replies      
I was surprised to see no mention of Edward Bernays:

https://www.youtube.com/watch?v=6vFz_FgGvJI

21
feritkan 1 day ago 0 replies      
Breakfast is not a new thing, or it has anything to do with cereal or milk or donuts.. Just google image search Turkish Breakfast...
22
usaphp 2 days ago 4 replies      
I dont know why but if I skip breakfast I will 100% get a headache later during the day. Not sure why it's happening...
23
infectoid 2 days ago 0 replies      
Personally I feel best with a very small breakfast (maybe just a coffee), large lunch and small or no dinner.
24
jerryhuang100 2 days ago 0 replies      
this article kind of lags for a while (at least several months) as in march 2015 Bloomberg business wk just ran a cover story of the declining cereal sales across the board:

http://www.bloomberg.com/news/features/2015-02-26/for-kellog...

and the last several paragraphs about "breakfast-denying" seem biased as there are more studies to support the importance of breakfast.

25
bonniemuffin 2 days ago 2 replies      
And yet, cereal is in decline, apparently because pouring two things into a bowl is too much effort, among other reasons. http://www.nytimes.com/2014/09/11/business/cereals-struggle-...
26
Zenefits Was the Perfect Startup, Then It Self-Disrupted bloomberg.com
271 points by hgennaro  2 days ago   218 comments top 18
1
GavinB 2 days ago 21 replies      
So a company that blatantly cheated will pay some fines and still be worth billions. The founders and early employees will all be rich, or richer than they were when they started. The investors will get a very healthy return.

The lesson: break the rules and grow so fast that by the time regulators catch up, you can put on a show of reforming and still keep most of the value that you created.

Admirable disruption or horrible cheating? I don't know how to feel about it.

2
tyre 2 days ago 3 replies      
They are anything but the perfect startup.

As an early ZenPayroll engineer, I'm biased but also informed. That company was a shitshow from day one. Their recklessness caused a few sleepless nights for our team including one time they overwrote every bank account number (by scripting our front end, after asking SMB users for their passwords and storing them in spreadsheets.) This caused tens of millions of dollars in failed transactions. For _payroll_.

Rule 1 of startups: build something people loved. The last line of the article:

 Unless something else goes really wrong with Zenefits, well stick with them for a while, says BlogMutts Yates. Its too much of a hassle to switch.
They are the epitome of what's wrong in Silicon Valley, not what is right. Not caring about employees, setting a bar for professionalism as high as a reality TV show, and, to quote Thomas Hobbes, "restless desire of power after power, that ceaseth only in death." Not to mention ethics violations and breaking laws that (unlike Uber and taxis) are on the books to protect protect health insurance.

This was not a grey area.

The Valley has yet to prove that it can build sustainable companies. We can get to about 6 years of hyper-growth, but outside of that it is really questionable. Look at Square, Twitter, and Box post-IPO or the myriad large startups that refuse to IPO. You've got Google, Apple, and Facebook, but that's hardly proof of repeatable success.

3
robbiemitchell 2 days ago 2 replies      
> There wasnt even an IT person to fix the printers. Conrad hadnt forgotten to fill these positions. The way he saw it, Zenefits was full of gifted engineers; if their computers werent working, they should be able to fix them. Of course, time spent futzing with the Wi-Fi was time not spent building the product or dealing with customers. To Conrad, that just meant the engineers needed to work harder.

> Zenefits uses its own product to manage its employees, and Conrad controlled the account, which meant he personally approved every benefits change or vacation request for hundreds of (later, more than 1,000) employees. We have people in HR now, but they actually dont have access to the HR system, Conrad said in an interview at TechCrunch Disrupt last year. I do all of it myself. Im a little crazy.

Forget the Chrome extension, this is simply psychotic behavior.

4
drostie 2 days ago 5 replies      
So, the difference between a "hacker" and an "engineer" has always been this idea that the engineer is designing something which is principled at all levels, whereas the hacker is putting together something which works in the most obvious cases but doesn't necessarily cover all of their bases. In practice, I think we all know that a little of both is best; ideally you can throw something together with copy-paste programming to sign a new client, say, and then you can rethink it from the ground up once you've got that proof that someone needs it. Hacking is much cheaper than principled design.

What I'm taking away from this article is that this is also true at the CEO level. Conrad sounds like a hacker's philosophy, writ managerial. If there's a regulation that your browser spend 52 hours on a web page, here's a script to make your browser browse that web page for 52 hours, clicking aimlessly among the pages. You're welcome; you've got other crap to do. Or, if you don't have a license to sell this thing -- well, you still seem to be able to sell, so let's just do it the way that works for now, as a proof-of-concept, and we can always do-it-right later.

And that's not a bad thing! It works great for software! But it looks from the article that therefore the hiccup that the company faced was somewhat predictable given the personality of the CEO. It's hopefully an instructive lesson for any venture capitalists who don't already realize that you need that both-hacker-and-engineer versatility up-top. Because it's the exact sort of hiccup you get when your software team is hacker-only and always put under pressure to get more done, but never under pressure to do it right. Eventually the code spaghettifies to deal with all of the real-world problems, and the sooner you can catch it before it becomes a hairball, the better.

My job right now is, I maintain a big data processor. I can freely testify that there are still a ton of quick hacks that are stuck in various places. But every week or so, I get a little downtime -- and when I don't spend that peeking into Hacker News, I spend it trying to modularize the hackery and then swap in carefully-reasoned modules for quick-hack modules.

I implore other software engineers to do the same; and I will definitely start thinking of more management-level decisions this way, in terms of "quick clever hacks" versus "careful design."

5
untilHellbanned 2 days ago 1 reply      
> Dalgaard says. I dont think Ive ever seen anyoneand Ive seen a lot of peoplethink as comprehensively as [Conrad] did about the market he was going after and how to build his product.

And this level of gullibility mixed with greed is why the world economy is so jacked up.

Did you stop to think its because you know nothing about insurance? Conrad went to Harvard? So that he was kicked out of his previous company didn't signal anything? All I see is investors acting like Hugh Hefner going for the startup equivalent of the blond-haired, big-boobed 22 year old. Hollywood/Playboy is actually a good analogy because in those cases nobody cares about the young hot thing's backstory either. Fake boobs/law flouting masks everything.

6
wpietri 2 days ago 0 replies      
"Zenefits says it regrets any factual exaggerations that occurred under prior leadership."

Nice bus you have there, Zenefits! But is it really big enough that all your problems will fit under it?

7
mcguire 2 days ago 0 replies      
"Zenefits sold its product all over the country, and its managerial chaos seems to have kept it from properly tracking who passed their state exams or got reciprocal licenses."

It's a pity that there is no way to track such things in software.

8
serge2k 2 days ago 0 replies      
> The Star Wars-themed conference rooms will soon be renamed after inspirational entrepreneurs

Because that was the problem.

9
jpwagner 2 days ago 1 reply      
10
jgalt212 2 days ago 1 reply      
This question is a bit troll-like, but how did the law-stretching/break of AirBnB and Uber not have the huge negatives consequences for them as it did for Zenefits.

One can make the argument that AirBnB has tried to finesse things more than Uber, but in any case I do think Zenefits/Uber/AirBnB would make a good B-School regulatory case study.

11
driverdan 1 day ago 0 replies      
> And yet, despite his downfall, Conrad is still a coveted name in Silicon Valley. People want to meet the man who created a $60 million company in just three years and made good on his promise to shake up the insurance industry. Dalgaard says hes been getting e-mails from people eager to work with Conrad since the day his resignation went public.

This just shows how many unethical, delusional, or ignorant people there are. The guy sounds like a nightmare to work for and completely threw the law and business ethics out the window. Who in their right mind would work for or with him?

12
ScottBurson 2 days ago 0 replies      
From an investment philosophywe look for the magnitude of the genius, as opposed to the lack of issues, says Andreessens founding partner Ben Horowitz.

Fascinating quote. I'll remember it.

13
jheriko 1 day ago 0 replies      
seems like a lot these companies riding the 'disrupt' bandwagon are basically just cutting corners and not doing their due diligence - then operating illegally.

its really quite sad that vcs apply pressure to do this... but then i guess thats what you get if you make your business beholden to something so manifestly interested in the bottom line at the expense of everything else.

14
tedmiston 2 days ago 0 replies      
Does anyone else notice the ability to select text in this article intermittently not working after a minute or two on the page?
15
tedmiston 2 days ago 1 reply      
Does Conrad's resignation mean forfeiting his own equity?
16
foreign-inc 2 days ago 2 replies      
Is yc going to return their stake in Zenefits? Sama & co always seem to be pretty big on ethics. Or, are they going stop talking about Zenefits and forget them? What Zenefits did is illegal by their own admission.
17
throwaway6191 2 days ago 0 replies      
This article is hitting a dead snake over and over again.

I don't see anything in this article that hasn't been mentioned in the previous coverage by Buzzfeed.

18
MattBearman 2 days ago 6 replies      
Having just read The Website Obesity Crisis[0] I was instantly intrigued by the video loop at the top of this article, so fired up Chrome's network inspector.

Not only is it 6.7Mb, but it's sent using streaming (Status: 206 Partial Content), and for me at least, every time the video reaches the end, it's loaded again, and not from cache.

I didn't actually read the article, but according to Read-o-meter[1] it would take around 18 min, during which time the 15 second video would play 72 times, consuming 482MB of data!

0 - http://idlewords.com/talks/website_obesity.htm#crisis

1 - http://niram.org/read/

Edit: Ha, caught out by my own dev setup, ie: disable cache when dev tools is open. My bad, feel free to ignore everything I said :)

27
Twitter Bars Intelligence Agencies from Using Analytics Service wsj.com
218 points by bootload  2 days ago   90 comments top 19
1
npx 2 days ago 7 replies      
I'm not convinced that the goal here is actually to obstruct intelligence agencies, I think they'd just use a shell company or flatly demand access if they wanted it. As far as I'm aware, the Library of Congress is archiving all tweets.

It feels like a cheap way to generate press portraying Twitter as a staunch defender of liberty. I'm not sold.

2
ErikAugust 2 days ago 4 replies      
Full article was behind a paywall, but:

The subheadline here is actually: "Social media firm cuts access to Dataminr, a service used to identify unfolding terror attacks, political unrest"

So, Dataminr is a startup that had the firehose to do that kind of analysis.

All this could be is them putting a company that is built on top of Twitter out of business. They have done this plenty of times. Seems pretty heavily spun to make it sound like they are taking some sort of moral high ground.

3
spenvo 2 days ago 1 reply      
> Twitter said it has a long-standing policy barring third parties, including Dataminr, from selling its data to a government agency for surveillance purposes. The company wouldnt comment on how Dataminra close business partnerwas able to provide its service to the government for two years, or why that arrangement came to an end.

So why was the exception made to this policy?

> In-Q-Tel, a venture-capital arm of the U.S. intelligence community, has been investing in data-mining companies to beef up the governments ability to sort through massive amounts of information. In-Q-Tel, for example, has invested in data-mining firms Palantir Technologies Inc. and Recorded Future Inc.

> U.S. intelligence agencies gained access to Dataminrs service after an In-Q-Tel investment in the firm, according to a person familiar with the matter.

> When a pilot program arranged by In-Q-Tel ended recently, Twitter told Dataminr it didnt want to continue the relationship with intelligence agencies, this person said.

VC funds led by US agencies that operate on a quasi-legal and opaque basis is the worst form of crony capitalism

Open version of the article http://www.wsj.com/article_email/twitter-bars-intelligence-a...

4
aioprisan 2 days ago 2 replies      
Is this any more than a way for Twitter to claim the moral high ground while having no actual impact on what these agencies do or if/how they use Twitter's data?

At the very least they'll use a company like Palantir. Is a third party's use similarly regulated, so that Palantir couldn't simply relay that data themselves?

If not, then this was clearly not thought out (unlikely) or it's been thought out but a choice was made to still allow for that use case (more likely).

5
Aelinsaar 2 days ago 2 replies      
Will this in any way actually impede intelligence agencies from getting that information if they want it?
6
awalton 2 days ago 0 replies      
So Palantir's business gets better?

What about any of a thousand front companies these Intelligence Agencies run for plausible deniability purposes?

This move does pretty much nothing.

7
8
chrissnell 2 days ago 0 replies      
Weren't Twitter's employees being threatened by ISIS? If my employees were being threatened by a transnational terrorist group, I wouldn't hesitate at providing firehose-style data to a gov't agency, especially considering these are public tweets that we're talking about here.
9
throwaway99998 2 days ago 1 reply      
This accomplishes nothing. Palantir provides this same service on top of GNIP data. Here's a live demo from one of Palantir's own conferences: https://youtu.be/h2NA48iypME?t=559
10
kabdib 2 days ago 0 replies      
Twitter must be such a popular target for the Intelligence crowd that I wonder how the heck they coordinate all those NSLs and whatnot. Is there a clearing house in the USG that handles that?

"Look, that's like the fifteenth request for the 'Whole Banana' this week. We're gonna have to --"

(telephone murmurs)

"Fine, so you have a nosebleed level pay grade. Sir. But there's more Twitter bandwidth going to you folks in DC than there is to all of the /real/ users of Twitter. It's embarrassing. Why can't you just go down the street and ask the CIA?"

(angry murmurs)

"Or the FBI. I hear they have a special on faking evidence with parallel reconstruction this week. Want the promo code?"

11
beshrkayali 2 days ago 0 replies      
What is this, a joke? As if any intelligence agency would request access to Twitter analytics service under official intelligence agency business name...
12
crusso 2 days ago 1 reply      
Shouldn't HN have a policy against posting articles that are behind a paywall? Yes, I know that you can jump to google and search for the article to try to avoid the paywall - but shouldn't a news aggregator make a statement about letting paywalled news sources be on their own?
14
known 2 days ago 0 replies      
15
neurobuddha 2 days ago 0 replies      
Twitter is infamous for censorship and shadowbanning non-politically correct views. Lately they have been suppressing Bernie Sanders supporters[1] and anti-Hillary activists[2].

Twitter is a truly two-faced Orwellian enterprise that is completely in the back pocket of Big Brother.

[1] https://www.change.org/p/petition-request-twitter-not-to-sup...

[2] http://www.vocativ.com/290811/twitter-accused-of-censoring-a...

16
gamebak 2 days ago 2 replies      
Why do you people upvote articles where we have to pay to read them ?
17
ManlyBread 2 days ago 0 replies      
This is a PR move, they won't be able to stop them completely.
18
deadtofu 2 days ago 1 reply      
Anyone have a non-paywalled link?
19
gesman 2 days ago 0 replies      
...ok ... How much?
28
Ask HN: How do I deal with the first sexual harassment complaint at my startup?
391 points by milfseriously  1 day ago   559 comments top 119
1
patio11 1 day ago 16 replies      
Lawyer lawyer lawyer LAWYER lawyer LAWYER.

I think the consensus in the grown-up business world is "fire immediately for cause." I would bet substantial money that when you lawyer lawyer lawyer they will advise you to do that and document the heck out of it. The calculus is really, really simple: if you don't, then you will with probability approaching one get this incident or a similar incident cited during a threatened employment practices lawsuit, and your lawyers will sigh and say "OK, settle for $250,000. You can choose to fight it but the odds are not in your favor."

I get that you feel this may cause problems for your innocent employee. If it helps you contextualize this, maybe think of it less in terms of "Our departing employee has transgressed against our innocent employee, who let me into her confidence about that" and more in terms of "Our departing employee demonstrated judgement flagrantly incompatible with professional employment."

Would you be worried about this if he had been embezzling? "I'm just telling you on an FYI basis boss but I don't want to cause social issues." That's not really how we deal with embezzlement, right. You embezzle, you get fired. Immediately. The embezzlement is not a crime against the person who discovers the embezzlement. They're welcome to an opinion on what the best course of action is, but regardless of what that opinion is, the course of action will be a swift firing.

As to messaging to the rest of the company, again lawyer lawyer lawyer, but "X made comments of a sexual nature to another employee. As a consequence, we fired him. If you have questions or concerns, speak to me later. Moving on."

2
ChrisDutrow 1 day ago 2 replies      
As someone who's done a lot of hiring and firing, the part that stands out most to me is not the sexual harassment part, but the fact that he was just hired and already is causing problems.

Normal people tend to be cautious and respectful at first. By immidiately jumping in and pushing boundaries, this person is demonstrating that he doesn't care about your company, he doesn't care what you or anybody there thinks about him, and he doesn't care if he breaks things and gets fired.

I would fire him as soon as I could without the lawyers getting up in arms. People like this tend to be very destructive. The smart ones will wreak havoc in your organization for years before you figure it out.

3
tptacek 1 day ago 2 replies      
I agree with Patrick: you should terminate the employee, immediately. Try to understand how lucky you just got here. Here's a simple tweak to the story you told that creates a nightmare scenario: the person who reported this to you, who was called a "milf" by the bizdev guy, was on a PIP.

I disagree with Patrick on the mechanics, subject to one condition:

If, like a sane person, you consulted a lawyer before you began hiring people, and so you're offering a standard employee agreement --- the kind every competent firm in the industry offers --- then the answer here is:

Just fire, and move on.

I don't know that "with cause" adds much.

The principle here is pretty straightforward. You got lucky this time. A new hire crossed a serious line, and the person they irritated came to you directly with a complaint, rather than through their lawyer. You will not get lucky next time. And next time, there will be a history that you'll be accountable for.

4
Mz 1 day ago 13 replies      
So, I am female. When working at a Fortune 500 company, I once emailed a colleague and copied our two bosses. I advised him to never speak that way to me again.

It went to HR. I got interviewed. I assume he got interviewed. He was not fired. He never spoke that way to me again. I eventually reestablished trust with this man and we got on well. I suspect he got sensitivity training. I was not told what went down. It was all handled very discreetly.

Please do get HR involved. Please do not listen to the people here who are advising you to nuke the man from orbit, it's the only way. Doing that will only deepen the problem. Men and women need to learn to interact at work. Promoting fear and loathing will not further that larger goal.

You get his side. You do some training. If it continues to be a problem, sure, fire him. But please do not use final solution/terrorist tactics. This only hurts women in the long run. Men need to learn better manners. Cutting their nuts off for a faux pas doesn't teach them that. It promotes a hostile environment between the genders. It doesn't create a more civil environment.

5
darkerside 1 day ago 6 replies      
Not a lawyer. When the female employee says she doesn't want to cause trouble, it just means that, if you are going to do something about this situation, then you better own it. Make this a problem between you and the employee who acted inappropriately. i.e. if/when he demonstrates understandable reasons for acting the way he did, you don't turn this around on her.
6
poof131 1 day ago 0 replies      
1. While you need a lawyer for advice and to cover your ass, lawyers cant lead. Lawyers offer advice and dot is. Weak leaders delegate their responsibilities to lawyers.

2. You need to assess your culture. Is this one bad apple or is this something larger. The work hard, party hard, live in the office startup culture can be a breeding ground for this. Not that you cant have this environment and succeed, but you need to understand it and put checks and safeguards in place. One option is to designate a sexual harassment rep and make sure everybody knows this persons roll and that they can talk to them, possibly anonymously.

3. Talk to your female employee and let her know you have to do something. You cant ignore it as that effects the company and thus everyone. Get her opinion about how much of a problem his continued presence in the office will be. She may not want him to be fired as she may feel partially responsible (not saying she is in any way, but we dont know how shell feel).

4. Talk to the bizdev employee. Document the meeting and any outcomes or remediation. Is this a problem of just being junior and not yet having the ability to separate barroom behavior from the work place. Why did you hire this person? Are those qualities still there and does this person have potential? Only you know.

Talk to a lawyer, but remember, you are the leader, they are not. Walk through the steps and make the tough decision about what is best for everyone. Reactionary firings can be almost as negative on your culture (not your liability though) as doing nothing. Be the type of leader who talks to their people and tries to come to a decision that is best for everyone. Dont be the leader who makes reactionary decisions behind closed doors.

Also, dont talk about kicking someones ass. As a leader, this is almost as bad as calling someone a MILF. Step back from your emotions. After a decade in the military, part of it working in legal, Ive seen a lot worse: rape, child porn, attempted murder, grand theft, fraud. While obnoxious, calling someone MILF is pretty far down on the scale. This makes it tougher in some ways since firing isnt automatically the only response.

7
nzoschke 1 day ago 0 replies      
Lawyer is good advice.

If it's not acceptable in the company then you should tell him to leave.

If you don't you poison your culture.

The employee now knows that she will still need to "deal with" harassment at this organization. Her outlook on the company culture will be forever changed. And she will share this experience with her friends and potential recruits forever.

Likewise the harasser will know that there are not serious consequences for unacceptable behavior and will continue to "get away with" things. He will repeat the behavior among his friends and towards future staff. They may not have the confidence to report it.

This is one of the root causes of the gender imbalance in the work place.

Harassment is never ok.

This needs to be explicit and you should work hard to build a team where there is complete trust that violations will not occur.

8
mmcclure 1 day ago 1 reply      
Ok everything about this situation aside, it feels like a bold move to post about this publicly on HN, particularly when you're concerned about trust issues. I honestly can't believe I don't see any other comments along these lines.

You run a startup. A lot of people read HN in general, but I have to assume startup employees are _even more_ likely to read HN. As such, it doesn't feel crazy that one or both of these employees might see this considering it's sitting on the front page and doesn't seem to be going anywhere.

So...there is a lot of commentary here about how you should handle this situation, but in my opinion, posting pretty specific details about it publicly was among the very worst first moves you could make.

9
thonos 1 day ago 0 replies      
Don't fire without talking first. I'm not saying your innocent employee is lying but try to get both sites and possibly some proof (the messages).

/ EDIT: I missed the part where he said that he saw the evidence - sorry.

Why I'm saying this is because I was in a similar situation once. Employee X didn't like me without me knowing. At a party (alcohol involved) we talked a little (normal things, nothing sexually, personal, private or anything like it) and that was it. On the next day I got asked into the office and have been told that multiple people filed a sexual harassment claim against me. No names who that could have been, no proof, but I was guilty.

They told me that I either have to leave the company or send a public (anonymous) apology for the bad things I did. (They didn't even tell me the things I did)

Until today I can still only guess who it was and it perplexes me that "multiple people" filed that claim against me. After talking to my better friend coworkers it seems like all people that could have filed that were friends with that one employee X that didn't like me.

Long story short, I still don't believe I did anything that could have been even remotely near sexual harassment but I'm feeling horrible. Maybe the worst memory in my entire career. Every time there is a harassment training I get reminded of what happened and that there are indeed people out there that call me a "sexual harasser".

10
ReadingInBed 1 day ago 0 replies      
One thing to remember if you keep him on and he continues this behavior you might not find out about it for a while. People won't always speak out and tell you. What happens when he starts harassing your new hires? If he is new to the company and already this bold what happens in a year or two?
11
wilsynet 1 day ago 0 replies      
When an employee makes you aware of a possible occurrence of sexual harassment, your obligation as the employer is to investigate and take appropriate action.

Tell the employee that your company isn't one that believes this kind of behavior is acceptable, tell her you're going to talk to a lawyer, tell her you need to investigate this, and that she isn't causing trouble and you're glad she brought this to your attention.

Get an HR professional, lawyer or not, and deal with this immediately.

Let me assure you, when she said she doesn't want to cause trouble, she didn't mean she wanted you to do nothing. It means she wants you to do something, and she doesn't want to be blamed, she doesn't want the office to talk about it, and she wants you to own it.

If you do nothing, one day, if she (or someone else) ever decides to file a lawsuit for sexual harassment and fostering a hostile work environment against your company, you saying "but she told me she didn't want to cause any trouble" is not an excuse to sit idly by.

12
PhilWright 1 day ago 1 reply      
I think the reaction of this thread is a little over the top. Lets calm down and be professional and adult before we convict someone based on scant information. I know it is fun to rail on someone but firing a person is not a minor issue and could potentially destroy someone's career.

The information we are presented with is minimal. This is perfectly understandable but it means that no one in this thread has anything like enough detail or context to make any judgement on firing someone.

What if the man was simply making a pass at someone he liked but unfortunately was clumsy and inept at doing so? Should it never be possible for a man to ask a woman from work out on a date? What if the woman has a reputation of being a social justice warrior that hates men and loves any excuse to complain about any perceived slight. We have no idea on the ages or marital statuses of the two people. What if he is a married middle aged man with three kids and she is a young intern? That makes it sound a lot more creepy. What if they are both single and the same age and seem to have the same hobbies? Does that change things a little? You cannot judge this scenario based on a couple of sentences from the OP.

My point is not to defend him, I have no idea if he is a predatory creep or a good guy that made a simple mistake. But then neither does anyone else here. Get a lawyer so you can follow a sensible policy of sitting down with the accused and ask about his side of the story. Depending on the response determines your next action.

13
hermannj314 1 day ago 3 replies      
Please get someone from HR involved. Do not immediately fire the employee as this could lead to severe financial problems for you. Despite the peasant with pitchforks in this comment section, wrongful termination / paying unemployment / litigation, etc. is also something you may want to avoid. This employee of yours may not be aware of the policy or the law and is possibly entitled to progressive disciplinary action based on your employment policies (and I disagree with those below that said sexual harassment was somehow equivalent to murder and embezzlement - WTF?). From what I read sexual harassment laws might not even apply to your business if you have fewer than so many employees, I am not a lawyer or an HR professional, so don't listen to me.

The employee did something wrong, no sensible person doubts that, but not necessarily something that allows you to fire them without consequences for you. You need to speak to HR and then if necessary your legal representation.

14
kfcm 1 day ago 0 replies      
I'm going to address how to handle the employee who came to you in confidence.

You need to sit down with her--before you do anything--and inform her you need to do something and why. Tell her you understand she came to you in confidence, but this behavior can not be tolerated. She might be able to brush it off, but the next employee the biz dev person harasses might not be so understanding and file a sexual harassment lawsuit against the company.

And if it's discovered YOU knew of his behavior and did nothing.....

15
HighPlainsDrftr 1 day ago 0 replies      
Consult your lawyer.

I've attended a few sexual harassment training's over the years. There are no clear cut rules. In fact, in my first training, harassment couldn't occur until the other sex said "stop, no, etc." In the last one I attended, things aren't so clear cut, and it seems like the lawyers have made sexual harassment so unclear that the only ones who can determine it are the lawyers themselves.

It doesn't matter that it was after work, using a non-work communication medium. It still could be or maybe its not harassment.

You are going to have to talk with her and let her know that you have to act upon this. You don't know what is going to happen. At a bare minimum, something is going to his HR file. At worse, a lawsuit is going to happen.

16
cdumler 1 day ago 0 replies      
First of all, talk to a lawyer.

One thing that is really overlooked about harassment is that it's not about a single event. Realize a few things:

* She's saying that it's ok because in the real world most companies will protect the man over the woman. Women who want to get ahead learn to never put her neck out too far. All too often, clearly bad behavior will result in "training" for the guy. (After all, she was a hottie asking for it, am I right?) Do you really want accept an apology for her that it's not a big deal that she was harassed at work?

* Workplace harassment happens because most guys know they _can_ get away with it. More importantly: if this was the line cause a stir, the he'll just be more subtle next time. It's boundary testing that is no different from a four-year-old. It _will_ get around, because this guy will associate with others who don't mind his behavior. Do you really want to be known for that type of environment?

* Once the workplace accepts an event, it becomes that much harder to rationalize dealing with equal or less events. You'll have people actually arguing that Henry wasn't punished when asked Sally out, why are you punishing me? And, he could have valid precedent. Do you really want to be dealing with the fine lines between behaviors?

Fundamentally, sexual harassment erodes trust. If you have a workplace that has clear line between humor and personal relations, that creates teams who understand and care about each other: you can joke about sexual innuendo, personal problems, etc. When someone is unhappy with something, he or she feels safe to speak up. Encourage people being humble and considerate. If harassment is allowed, at best it just causes drama. At worst, it causes power problems that kill trust, brings in more people who causes problems, and the real possibility that someone could own your start up by lawsuit.

17
JSeymourATL 1 day ago 0 replies      
> I want to fire him immediately. If I do, she'll know and it will be a violation of the trust she placed in me.

Beyond creating a potential legal liability-- the biz dev guy demonstrated poor decision quality, bad peer relationships, and questionable business acumen. All cause for performance dismissal. He caused the true breach of trust. You can leave your female employee entirely out of any discussions.

18
kbart 1 day ago 6 replies      
I'm not familiar with US customs, so little confused here: is asking your co-worker out is considered a sexual harassment? Or is it the "milf" part?
19
falcolas 1 day ago 1 reply      
Based on the training I've received - document the incident, talk to the problem employee and remind him that this is not appropriate business behavior, and warn him that a repeat performance will not be tolerated, nor will any attempts at retribution aimed at the company at large, or the female employee. Provide training to the company at large, so they know what is, and what is not acceptable in a business. Get training yourself so you know the law and how to handle this in the future.

I disagree with the chorus of "Fire him now!" in the other comments; startups hire a lot of folks straight out of college, so there's a significant chance that the employee in question has never been informed of what is, and is not, appropriate when they want to pursue a romance with someone from the office. What may be acceptable in a college classroom is very different from what is acceptable in an office.

Mistakes happen, words and body language which were not included in the chat log may have been misconstrued... you have one side of the story right now. Get both sides, and give the opportunity for the man to learn.

Involving a lawyer to ensure that you're on the right side of the law is, of course, a damned good idea. Especially if you end up deciding that you want to go down the road of firing.

20
salesthrowaway1 1 day ago 1 reply      
As an experienced biz dev person, I feel like I understand this type of employee and have worked with them many times. Based on the feedback from your female employee, it sounds like her concern is this happening to other people who doesn't "know how to deal with it" and that is why she got you involved. She doesn't seem concerned with short term repercussions, more about this employee's attitude needing adjustment for him to fit in long-term. She sounds like a very thoughtful person.

I think whatever solution you decide, you should keep her in the loop. You can't violate her trust if you are transparent about her with what you are doing.

As for the solution, it is easy to want to fire this employee. However, I think it would be the wrong thing to do. Many people are immature and the tech industry has given many people the wrong impression about how much of a party certain roles (sales) are. I'm absolutely not condoning his behavior, but based on the female employee coming to you in confidence and "not wanting to cause problems" it sounds like she doesn't believe he should be terminated for this.

What I think you should do is immediately document this incident. Document it well, and file it in his HR file. Tell your female employee that his behavior is unacceptable, and you are going to speak to him with HR about acceptable and unacceptable communication between employees.

Then you watch and see if he improves, and maintains an acceptable level of respect and decency while hitting his quota and contributing to the company's success. If he does not to this, then you have plenty of cause to eliminate him.

21
everly 1 day ago 3 replies      
It's baffling/hilarious/concerning to me that there are multiple commenters saying they're not able to see the harassment and asking for clarification.
22
Baghard 21 hours ago 0 replies      
> Over the weekend, he sent some messages that were inappropriate ... on Whatsapp

So, not during working hours, not using work-related tools, he send some inappropriate messages. It's not a big deal.

> these things aren't acceptable in the company we're building.

Sure. But this conversation did not happen in the company, not during work hours, and not using work tools. You were made privy of a very personal conversation happening between adults outside of work.

> The employee came to me in confidence

And you posted about it in great detail on Hacker News, making it a topic of water cooler conversation of about 80% of startups world-wide.

> she'll know and it will be a violation of the trust she placed in me

Exactly.

> So what do I do HN?

Preferably nothing at all. Don't make a big deal about what your employees do in their spare time.

> she shouldn't have to deal with it

She shouldn't have confided in you, because you can't seem to handle it. This dude is poison now. He may as well be fired. And your employee made it a business issue, which is a big thorny issue. You shouldn't have to deal with it, but now you do.

Good luck!

23
anjc 1 day ago 3 replies      
I'm baffled by this thread.

Yes it might not be appropriate and yes it might necessitate action, but fire him immediately when the "milf" handled it, ended it, and the situation was finished? He didn't push it further than his perception of her comfort level.

Furthermore, the term "MILF" has transcended its literal meaning. It doesn't, at this stage in time, literally mean "I want to fuck you". It's a normal Pop Culture term now which is synonymous with "attractive", is in every tabloid, on every reality show, blah blah. I'm not saying that it was appropriate to say it to her, but it isn't the aggressive, invasive term that is being suggested in this thread.

I can only guess that this occurred in the US; you all make it sound like a seriously stressful environment to be in.

24
762236 1 day ago 2 replies      
It sounds like you already made the decision: you call one your 'employee', but not the other.
25
Brushfire 1 day ago 0 replies      
1. Talk to your attorney, yes.

2. Probably: fire this guy. This isnt someone you want at your company. When you fire him, you wont announce to the rest of the company why. And you can have a conversation with the victim employee to let them know why you did it: you don't want abusive people on the team, and that you value every employee and also have to look out for everyone and the entire business. The employee will respect you more for taking action, trust me.

26
pbhjpbhj 1 day ago 2 replies      
Just to play devil's advocate: how hard is it to spoof whatsapp/slack messages if one wanted to get someone fired?

If he denies that he sent the messages, or says he sent messages but the content has been altered where could the employer go then? "She's trying to get me sacked because ...". Where could you go from there to prove he committed an offense against propriety/policy?

Also, a perhaps more realistic issue is the move to WhatsApp could be seen as a move to personal interaction away from business interaction - if the employee alleged to have committed sexual harassment called her a milf once in a private conversation that was not a work context do they deserve to be fired?

Did he stop when asked, doesn't that mean it's not harassment? Still could be inappropriate and ultimate lead to firing but to me harassment is an ongoing series of incidents.

27
sizzzzlerz 1 day ago 1 reply      
Nip this in the bud right now! This isn't the guy's first attempt at harassment (there is no other word for it) and it will not be his last. If you have a no-tolerance clause in your employee manual, fire the guy. If not, a serious discussion is in order and, depending upon how it goes, either the guy is immediately fired or is placed on double secret probation for some period of time. Explain that if this happens again, he's gone, immediately. No appeal. No reprieve.

Seriously, you need to protect your company and yourself from these things. A seemingly minor event can go nuclear on you quicker than you could ever believe.

28
rsp1984 1 day ago 4 replies      
I am not a lawyer, but:

Apart from the "Milf" comment I don't see much in your description of events that would qualify as sexual harassment (at least not from my European view of things). Certainly unprofessional but not quite sexually harassing. As far as I understand, the transgressions were "only" verbal and there was no other inappropriate behaviour.

Here's what I would do: Collect all the facts and evidence about the BD person's inappropriate behaviour. This may involve talking to your employee about this again. Then take some quiet hours in the evening to review all of the facts. If, and only if, you come to the conclusion that the BD person's behaviour clearly qualifies as sexual harassment, get lawyers involved (and probably eventually fire).

If on the other hand you come to the conclusion that the comments were inappropriate but not sexually harassing, have a private and very serious and straight talk with your BD person about the events and that there is 0 tolerance for that behaviour, then move on. And of course fire the guy immediately if it ever happens again.

29
davmar 1 day ago 0 replies      
Very rarely do biz owners regret firing people too early - it's usually done months too late. Don't wait for this to happen a second time and for your valuable long term employees to leave because you didn't take action.

Don't let cancerous employees into your organization. Don't allow him to harass another one of your employees.

Fire him.

30
shrugger 1 day ago 0 replies      
Really can't stress it enough that you need to lawyer up before literally anything else.

Do not talk to them, do not go into work, take sick days if you have to, don't respond to emails, phone calls, ABSOLUTELY NOTHING until you have talked it all out with your lawyer, and then do exactly what he instructs you to do.

Don't let this destroy your dream, friend! Especially over someone else's bad choices. Be safe, lawyer up, get this taken care of and move on with the work.

31
whatok 1 day ago 0 replies      
People in this thread asking about "whats wrong with calling someone a milf" really feed into the tech is sexist stereotype
32
tomchristie 1 day ago 0 replies      
* Immediate dismissal - the language isn't in any kind of gray zone - completely inappropriate. This person will damage your company if you keep them on.* Make sure they're not able to make a scene. No access to email or the premises at the point of dismissal. You don't want them causing further damage to the team.* Make it clear the issue is wholly between you and them, this is your action, decision and responsibility.
33
balls187 1 day ago 0 replies      
You're in a bit of a quandry. He should be go, but it's not going to be easy.

If you fire him for this instance, you could be sued for wrongful termination, and in which case you would have to produce those whatsapp messages, and convince your employee that they were harmful.

> He asked to take the conversation off Slack (moved to Whatsapp) and asked if they could hang out (she said, "sure as friends in work context"), referred to her as a milf (ugh...), and asked if he could tell her a secret (she refused)

My interpretation was this person used Slack (work resource) to ask a coworker to switch to Whatsapp (non-work resource), during the weekend (non-company time). He proceeded to make inappropriate comments on whatsapp.

I'm not a lawyer, but from limited research, it seems that a few sets of inappropriate text messages (of which you dont approve of, but the recipient doesn't mind) sent over the weekend does not constitute workplace sexual harassment.

The employee has said "it's not a big deal." which even though you don't like it, means it's somewhat out of your hands.

The quandry is, the bizdev person is probably a bad fit for your company. You should get rid of him, but would need something more substantial in order to standup to a wrongful termination suit.

34
d4rkph1b3r 1 day ago 0 replies      
This guy should be fired both for harassment and incompetence.First of all, this guy is supposed to be biz dev. We are not talking about a rude comment by an engineer, people skills and sensitivity/understanding of business etiquette is part of his job.Two, this is not a "faux pas". He did not say "your dress looks hot" or "will you go out with me" or any number of less than polite come ons that people use outside of a work context. Instead he made an explicit comment to someone he barely knows. This shows clear lack of judgement.
35
beilabs 1 day ago 2 replies      
Have you a sexual harassment policy? Did they agree to it when they took the job?

Fire that person immediately, it's a clear breach. You need to show your employees that you will support them when something like this happens.

This may not be the first time this has happened, might only be the first time that you have heard about it. You need to be proactive in creating a safe work environment and as the founder that is your responsibility.

36
apalmblad 1 day ago 0 replies      
Hire slow, fire fast.

He's new. If he's still in a probationary period - either by statute or contractually - get rid of him. If he's not, and he's a brand new employee, consider adding wording to future contracts regarding a probationary period.

Obviously, still talk to a lawyer.

37
ada1981 1 day ago 0 replies      
I spend a good deal of my time working with high powered men on how to actually develop intimacy with themselves and with women as well as training companies and organizations on how to build cultures of intimacy, vulnerability and strength.

For many high performing men, their shadow side is that they view themselves and thus, their world as objects.

That your culture manifested this sort of dynamic to me is a weak signal about deeper issues in your organization, leadership and overall company. From my vantage point, the least of your problems is how to protect yourself from the fallout of this situation legally and you may want to take a deeper look at the root cause of this, lest you begin a game of cultural wack-a-mole, firing away manifestations of a deeper cultural issue.

I don't mean this to come off as blaming you, but rather, there is an element of you in all of this that you do have control over -- some of that will be in how you handle the situation and the other will be in your understanding of the dynamics inside of you that led to you co-creating it.

Happy to gift you a culture session if you want to discuss it more deeply.

38
lakeeffect 6 hours ago 0 replies      
I'd love to see a follow up of your decision and out comes. Possibly a tellHN later on. The advice in these situations seems pretty consistent in this unfortunate situation. Document, Lawyer, fire, support. If you do follow up id be particularly interested in the outcome of the support piece of the puzzle and how to balance group dynamics associated with the affected party in the aftermath. Any kick back...etc.
39
unfunco 1 day ago 0 replies      
If the person is new employee, presumably you have a probation period clause in the contract, and at the end you can state that it's just not working out, protecting both the accuser and and the accused from knowing circumstance?

You absolutely have to get rid of that type of person, it's already moved outside of work context to a personal context (WhatsApp), which implies that the author of the messages is not comfortable talking about what he's talking about in the context of a work environment because he knows it is wrong, and because he is willing to take that risk, it signals a danger.

You should speak to a lawyer about removing the person from the company in a quiet way (which I think is what the accuser would prefer to protect her complaint) since he is new, it's generally easier than ridding the company of a long-standing employee. Probation clauses are common in the United Kingdom, I'm not sure about the U.S. so this advice might be awfully inaccurate.

If you have seen proof, the accused needs to be removed. He is toxic if you know for sure of the correct circumstance.

40
sharemywin 1 day ago 0 replies      
What's this guy going to say to one of your business partners/customers? Not that your employees don't matter but if he can't control himself around other employees he can't do it anywhere.
41
Chris2048 12 hours ago 0 replies      
Going to one of the founders over a weekend WA conversation, even bringing evidence, sounds like she's trying to get the guy fired. This isn't something that should be allowed to happen covertly, because it's ripe for abuse.

Other posters mention the phenomenon of avoiding interacting with women at work. The threat of "she secretly went to top brass, and I was fired without defence or cause" is exactly what might justify this.

The trust she placed in you is the trust that you'll keep her name out of this, but if she's getting someone fired, that's not ok without a more objectivity around the details. One side of the story is not objective - even is that one side turns out to be accurate, you can't know this in advance.

42
rwmj 1 day ago 1 reply      
I've had a similar experience at a start up I once worked at.

We hired our first network administrator to replace developers like me who had been doing the same sort of job.

The day that he started the job, we received an email that someone using our gateway IP address had posted to Usenet [this was a while back] the IP and root password of some other company's public webserver, with a message to the effect that people should "f--- it up". The email also stated that the root password seemed to work, and we verified that.

We quickly worked out that the server was our new employee's previous workplace, and we sacked him and walked him out on the spot. He didn't receive any pay or benefits. We also documented everything on paper in case there was some legal problem (which didn't happen, of course, but you never know with some people).

So my advice is:

* Document everything. On real, physical paper. Sign and date each page.

* Fire them, now.

43
cmdkeen 1 day ago 0 replies      
Also it is worth saying that an employee coming to a manager / founder / owner to report a problem "in confidence" is not the same as you not being able to do anything about it. You need to manage that person as well so that they know that they've a) done the right thing b) aren't at fault for whatever the consequences are and c) that you / the company do care about them.

Even if you weren't to fire the person (and as a brand new hire firing seems a better option) then you would need to provide specifics when having the conversations that would follow. Mainly because all you have so far is an allegation, making your mind up (not the same as considering options) beforehand is not good.

Regardless of whether you fire the employee or not the key thing is to prepare for the conversation. If you're a founder speak to your co-founder(s), if you're a manager don't just speak with HR and have them in the room for the meeting but prepare with them. Have your opening statement well rehearsed, consider different conversational flows and how you might react to them. This isn't a thing to do on the fly.

44
ergothus 1 day ago 0 replies      
Do nothing is not an option (not that you seem to consider that an option), because even if she truly is fine, the next employee he harasses may not be.

An HR rep is, frankly, usually pointless, unless you have high quality HR with specialized training. They do serve as a verifying party though.

Me? I'd interview this guy (not alone) to see if I thought he could learn (as atrocious as his behavior reportedly is, I've been very surprised by what lessons have simply never been communicated). If you don't have full confidence he can improve, he's a liability to you and should go.

I'd also lead this off by talking with the female employee about what you want to do - It's not just about her (although she certainly deserves respect), but about what kind of a company you want to have - which employees are protected and which ones are not. Hopefully she'll understand.

45
jomamaxx 1 day ago 1 reply      
Write it all down, consult a lawyer. Have a heart to heart with the guy and assess whether he just didn't understand or is a true creep. Let him know it doesn't fly and that you'll be keeping an eye on him, talk to the girl make sure she's cool with it.

Adults, move on.

All of you 'fire' 'lawyer' 'criminal' people are ridiculous.

It's a single word, out of work.

Imagine if two employees are dating. They are staying in each others flats. They get in a fight at work. Words are spoken. Is that harassment?

We are human before we are corporate warriors. We say and do odd things.

If you are a human leader you'll be able to handle the situation without a single thought moving forward.

Though I'd recommend putting it all in writing and documenting everything for legal purposes.

If you are a good leader, this thing will never bubble up again.

You have a product to build, focus on that.

46
matt4077 13 hours ago 0 replies      
This is actually a chance to set your startup's atmosphere for years to come you should actually send the guy a gift basket.(1) Talk to the reporting employee to explain why (2) has to happen.(2) Fire him, for cause, publically, immediately. (3) Deal with any consequences of not talking to a lawyer first.

If you're at the scale where a wrongful termination suit isn't an existential risk to the company, you'll get bonus points if you actually lose in court.

As an employee, I'd work on weekends & nights for a boss who has a well-adjusted moral compass and will sometimes disregard business interests to act on it.

47
cj 7 hours ago 0 replies      
Personally I would fire him after explaining to the victim that there's zero tolerance for sexual harassment (after consulting our lawyer - have to do these things by the book).

Ultimately it's up to you and how you want to define your company's culture.

48
whiddershins 1 day ago 2 replies      
It was very interesting for me to observe my own reaction to this thread.

When I first read what you wrote, I though "fire. immediately." I think I was just angry that someone would be so off the mark when they are a new hire. And the milf thing made me genuinely angry.

But as that anger passed I realized how much of a gross overreaction that is. People pursue workplace romance all the time. The thing that sucks about approaching someone is when it is welcome, you are golden, and when it is unwelcome, you are a creep. It is incredibly hard to get through an unwelcome approach without any awkwardness.

So really, this guy needs to learn manners, and to chill out.

Unless he continually repeats the behavior, I don't see why there's any real long term problem.

49
ryanmarsh 1 day ago 0 replies      
> she really doesn't want to cause problem

> made it clear that it's not a big deal and she knows how to deal with it

Last year I watched an emotionally strong friend reduced to a terrified sobbing mess before he gathered the courage to go to his leadership about a sexual harassment issue with his direct superior. I know you won't take her grace for granted but please consider that how she really feels may be different than what she says in order to maintain professionalism.

50
techjuice 1 day ago 0 replies      
Sexual harassment is always a big deal due to it being illegal according to Title VII of the Civil Rights Act of 1964 - https://www.eeoc.gov/eeoc/publications/fs-sex.cfm

You will need to insure your company, employees and yourself are legally protected by visiting an attorney as soon as possible. As it appears you do not have the standard company guidelines and procedures in place for investigating and terminating employees found violating law. Your attorney should be able to help you draft the proper paperwork and procedures to accomplish this in your company policy and employee training.

When you talk with your attorney there may be more things that are required to do legally (filing a police report, filing charges, having the employee harassed file charges if she wants too, etc.). The attorney will be able to walk you through everything you need to do. As it may not be a big deal to your employee now, but that could change down the road, especially if it unfortunately picks up again or escalates. Now would be the best time to resolve the issue while it is only at the texting phase, as things would go downhill for your entire business quick if it were to escalate in the near future.

I hope you are able to get this sorted quickly as it is very important to have something like this in a well known zero tolerance policy that everyone knows about on their first day on the job during their on boarding process.

51
DenisM 1 day ago 0 replies      
IMHO, harassment is only the tip of the problem. Team members should respect each other's right to pursuit of happiness. If you draw the line here, the MILF comment is so out of line, there is really no question about what to do, only how to do it.
52
yaur 1 day ago 0 replies      
INAL, but here's what I think

> I'm really upset by this guy's behaviour and I want to fire him immediately.

If you are in the US, which that u in behavior suggest that you might not be...

If you have an established HR process you have to follow it. Otherwise fire him discreetly and then let people that hes moved on in a few days. Don't tell either him or the employee that came to you that it has anything to do with their interaction and if he asks specifically during the firing process turn the tables on him and feign unawareness and ask what the hell he is talking about. I wouldn't out her or acknowledge that you are aware of the incident to him at all.If the employee who confided in you asks if that why he was fired, just tell her that its a confidential matter and you really can't go into it.I live and work in at will state and wouldn't bother to lawyer up if I went this route (though it wouldn't be a bad idea), but I would wait til I was calm enough to leak that he had done something really upsetting.

If you want to make an example out of him (or keep him around) you definitely need to lawyer up.

53
ksou32 1 day ago 0 replies      
Fire him, give no reason.

A dumbass like that can easily cause major problems down the line

54
jwatte 21 hours ago 0 replies      
She may say it's not a big deal, but it is. An employee who doesn't understand "no" is a liability, now and in the future.That being said, details matter, and you should deal with this using your HR and legal counsel. HN is not the right place for this kind of advice.
55
nerd-fight 1 day ago 0 replies      
Agree with Patrick on your next steps. So go do that.

My breakdown of the reasons to terminate:

1. New employee did not follow broadly understood/legal courtship protocol with female colleague. [e.g.: On tinder/okcupid/etc., you can try your luck with "DTF?" or "You're a lovely MILF." Doing the same with a work colleague (regardless of whether on the clock or not) is broadly accepted to be harassment. Why? Because the parties are both colleagues who have to work together. On okcupid, a recipient of "DTF?" can immediately block the sender. Not so easy to do a colleague. Our legal system protects workers from harassment. "MILF" isn't just a query about going out for coffee. It is a GOTO jump over many protocol stages without ACKs from recipient.

2. New employee is either ignorant of work-based courtship protocol, new employee actively chose to disregard it, or perhaps new employee was drunk during the exchange. It doesn't really matter. Either way, the guy does not meet the standards to work in a professionally run company.

3. By so flagrantly violating a commonly understood protocol [workplace courtship] very early in his employment, the guy is demonstrating to his boss that he is not worthy of trust and responsibility. Terminate him.

As for those few of you who think the guy should be given a break, this is corporate worker bee 101 stuff. Sure he is sexually interested in a colleague. There is no problem with that. The thing that is for very good reasons, your fellow workers are protected from harassment. Dating a fellow worker requires running a very different courtship protocol than picking up someone in a bar or over tinder.

Unless you feel qualified to run corporate-dating-protocol from start to finish (what will you do post hook-up/break-up?), please consider the advice of our forebears: don't dip your pen in the company ink.

56
woodman 1 day ago 0 replies      
I might be missing the obvious here, but why did she confide in you if she didn't want something done? Unless you two are drinking buddies and she was just unburdening herself, you have to assume that she is asking for your help - and the double speak is an attempt to emotionally protect herself from the inevitable.
57
ascendantlogic 1 day ago 0 replies      
Sorry, but the person's gotta go. Get your lawyer on the phone, get the documentation ducks in a row, then let the axe fall. If you let the harassed employee know before hand is up to you, but I probably would a day or so before so they could prepare, change their phone number or something if they wanted, etc.
58
BFatts 1 day ago 0 replies      
Seeing as he's new and she's not - kick him to the curb. Get rid of him before he causes more headaches for you.
59
OliverJones 1 day ago 0 replies      
I've been through this kind of thing. It's very unpleasant, frightening even. Hang in there!

From your critical incident report here there was no inappropriate physical contact or attempted coercion between these two people. Make sure that's correct. If your senior HR person or some other executive of your company is experienced with this (meaning: has done it before) have her/him conduct an investigation. If you don't have experience in house get your lawyer to do the investigation. Get it done; don't let it sit.

Base your decision about disciplining or terminating the guy with bad boundaries on the results of the investigation. Ask your investigator how to confront him, and follow that advice. As hard as it is to imagine right how, anti-harrassment discipline is a dish best served cold, not hot. It's also best served promptly.

You need to do the anti-harassment seminar. You need to let your whole team know this kind of stuff is not condoned or ignored in your company, because it's not who you are. Your lawyer's office can probably provide the seminar. (Our lawyers did a great job with our seminar.)

You need to establish a policy about harassment if you don't already have one. There are plenty of good template policies around. If you work with a payroll service they probably have one you can use. And you need to require all your people to take the seminar. It should be part of your onboarding process.

If you sack this guy don't worry about a wrongful termination suit. Do what's right for your business. You'll have the investigation paperwork, and the state commission on such matters will very likely look at it and say "case closed," if the guy bothers to go after you.

Also don't worry about people in your company worrying about who's going to get whacked next. Just make it clear that respect, civilized behavior, and good interpersonal boundaries are a vital part of your company culture. You could even go so far as to say "no aholes."

Good luck. But you won't need luck. You'll just need the strength to get through it, which you have.

60
Tharre 1 day ago 0 replies      
First of all, the most important thing: talk to a lawyer. The real ones that demand money, not random people from the internet. Sexual harassment is a particularly nasty thing, because no matter what you do, judges will always be biased against you:You did nothing? How dare you accept sexual harassment at your company!You fired him? How dare you fire that innocent guy groundlessly!

Second of all, you need to listen to his side of the story as well. People are probably going to down-vote me for this one but taken out of context text messages don't mean very much. His friends could've played a very bad joke on him, the messages could be forged or he could've made an honest mistake.

Hell, if I were in your place I even would give the guy a second chance if he honestly apologized. But do make sure you watch him closely if you decide to take this route. These people do not tend to improve.

61
unstatusthequo 1 day ago 0 replies      
I'm a partner at a global law firm. We handle these pretty routinely for both publicly traded and private companies alike. There are some funky theories in this thread. Happy to help if you want to get in touch.
62
BatFastard 1 day ago 0 replies      
Are you using a co-employer? Like Insperity?

If so take it to them immediately.

If not welcome to lawyer hell.

This is one great things about using a co-employer, HR in a bottle.

63
smilesnd 1 day ago 0 replies      
Most humans are dicks. That is my general rule when dealing with these things because it is true. But, should you do anything about it? From what I can tell this didn't happen during business hours or at work. This was a conversation between 2 adults where one was a dick. I would thank her for the heads up and do what she wishes and stay out of it. If it does become a problem or shows up at work then document the hell out of it and lawyer up.
64
kawera 1 day ago 0 replies      
Talk to your lawyer. And fire him anyway, there is no reason to keep a person like this in your team, it will get worst. Then send a short and non-inflammatory message to the rest of the company so everybody will know you won't tolerate this kind of behavior and act swiftly on it.
65
allworknoplay 1 day ago 0 replies      
If someone hasn't said this already, I'd look at firing him as a "teachable moment". It's not a negative, but rather a sign of unity, positivity, support, and togetherness.

Framed correctly, anyone in the company who hears even a rough "person was let go for a serious HR violation" (a lawyer will clarify who can hear what) will come away from the experience with increased rather than diminished confidence in their colleagies and your leadership.

EDIT to add: Also, she's not causing trouble, he is. Very simple.

66
return0 1 day ago 0 replies      
This thread has become legal drama material. You have to scroll a lot of pages for some sensible opinions. I don't think the OP solved his problem.
67
alansmitheebk 1 day ago 3 replies      
Is it sexual harassment B/C he asked her out or B/C he used the term "MILF" or B/C she wasn't interested? Did the whatsapp portion of the conversation occur at work or outside of work? Does your company have a policy that forbids coworkers to date?

My former boss dated an employee who worked in a different department. People at work knew and it was not considered a problem. No one got fired or sued. I guess I'm trying to understand the difference here. It seems to me the major difference is that in this case the woman wasn't interested. So is the takeaway here that if you ask out a woman you work with she will either say yes if she is interested or you will potentially be fired if she is not?

68
8d11a455d235f38 1 day ago 0 replies      
You need to listen to guy's side of story. When I first came to this country, people told me never ever date anyone from work. I was focused on my career and too scared to mess up. I met some wonderful people at work, we made friendships, and some are still friends.

But sadly I took that advice too closely to my heart. Many of my crushes ended up dating someone else at work or outside. Some even found their life partners at work. It seemed only I followed this advice. As introvert, it was hard for me to meet people outside of work context.

The guy probably had no clue that he was making her uncomfortable. He needs training, not a life time of loneliness.

69
Coding_Cat 1 day ago 0 replies      
Even if the harrased employee has no problem with it, it is clear you personally do and what will you do when you end up expanding or replacing existing members of the team and he continues his harrasment?

If nothing else, that guy is a liabillity (and a dick).

70
lbcadden3 1 day ago 0 replies      
She told someone up the management ladder. The business is now financially libel if the situation is not aggressively corrected.

This can also apply to customers, not just co-workers.

Lawyers, good lawyers that know harassment law.

Worked for a company that had to settle a lawsuit before I started there. Management meetings every six months on this the entire 5 years I worked there, part of the settlement.

I have fired a coworker and banned a customer for this.

In US.

71
cossovich 1 day ago 0 replies      
Eeek, please tell me you've anonymised the key details... HN isn't really a great place for discussing sensitive/confidential information.
72
giis 22 hours ago 0 replies      
>I've seen the evidence of the texts in question.

Is this smartphone? If so, ensure its not a rooted device, where users can insert/delete things as they want.

--Let me add another view. Involve HR and talk to him first. If he admits truth then ask him to resign. If he didn't accept, listen to his version of story and ask him for proof. Then decide.

73
tmaly 1 day ago 0 replies      
You really do not need something like this derailing your startup. Hire a lawyer, and follow their advice.

Large companies like Intel give each employee rigorous sexual harassment training, but this is not something startups can always afford to do.

74
blazespin 1 day ago 0 replies      
Man, talk about CYA answers. A lawyer is probably going to give an answer that covers their butt. They're going to chose the lowest risk legal route.

Your employee came to you in confidence. If there is a legal way out of this that doesn't break that (maybe requires a bit of extra work), I'd chose it.

You have to realize how this could blow back on her in a big way.

75
rmason 1 day ago 0 replies      
By all means see a lawyer. Have the lawyer draw up an agreement of severance where he agrees not to contest the firing and not share any trade secrets.

Then immediately let him go and offer him 3-4 months of severance. Generous enough that he will sign it and immediately get out of your life. Then buy a sexual harassment video course that all new hires are required to view on their first day. Good luck!

76
bhouston 1 day ago 1 reply      
I guess going forward, there should be clear employment policies that forbid this type of behavior so the soon to be departing employee can not state that he was unaware that this was not apprioriate behavior.
77
junto 17 hours ago 0 replies      
Isn't he in his probationary period anyway? If he is I don't believe you need a specific reason other that "not a good fit for the company".

As @patio11 said though. You need legal counsel.

78
sixtypoundhound 1 day ago 0 replies      
SEE YA!

Door. ASS. Way Out. Consult a Lawyer if you feel like it.

This kind of thing doesn't get better.

79
spriggan3 1 day ago 0 replies      
IANAL so talk to your lawyer first. Second write a policy regarding sexual harassement, make it sign by every employee, so it's clear this kind of behavior should not be tolerated.

The thing is if goes out of hand and for whatever reason the victim changes her mind and decides to sue you on the ground that you did nothing to prevent it you're f--cked. I've seen this before. So it's really about covering your ass and the reputation of your business. I think there are enough examples ( Github, Google ...) to prove my point.

80
dman 1 day ago 0 replies      
Talk to your lawyer.
81
Havoc 1 day ago 0 replies      
>referred to her as a milf

Ouch. Office romance happens...a lot...but this guy just sounds tactless & doesn't know when to back off.

82
mr-ron 1 day ago 0 replies      
By bringing it to you, it is now your problem. You can't have him on your team continuing to think what he did was ok.

At the very least you need to bring it directly to him.

83
joantune 1 day ago 2 replies      
What happened to no harm no foul and a slap on the wrist this time and a clear policy to everyone that if it happens again by anyone, it won't be tolerated.

Why do you guys jump to the extremes?

I'm not in the US lawyer up of A though, but common sense should apply.

That said, ask a lawyer first, because clearly that is the land where we get our funny 'news' of 'someone when to court because of ludicrous action X, and won'.

84
ChoGGi 1 day ago 0 replies      
"told me she really doesn't want to cause problems with the team."

What people say and what people do are two different things, that and it could open you up to further legal issues.Talk to a lawyer, then talk to him (preferably with the lawyer).

85
chase_meridian 1 day ago 0 replies      
As a female startup founder I can't tell you this emphatically enough: fire him. Your judgement and opinion of this dude will always be clouded by this incident and it opens you up to a lawsuit both things you do not want to deal with, fire him.
86
SerLava 1 day ago 0 replies      
Tell her that you understand she doesn't want him fired, but that you need to protect all your other employees. He just started. It's not about her- it's about people who won't report it.

People who join your company later will be scared of existing employees, and probably won't report it. You can't be party to this.

87
dragonwriter 1 day ago 0 replies      
Definitely talk to a lawyer if you don't already have clear HR processes to handle this. It doesn't seem to me like a particularly egregious case, but mishandling it could be trouble down the line in a number of ways, and you need not only to handle it, but to be more prepared to handle -- and if possible prevent -- the next one.
88
babo 1 day ago 0 replies      
Get him out, this will not change. Ask your layer how to make it but you as a founder has the right to select who to work with.
89
empressplay 23 hours ago 0 replies      
Fire them. If you don't, and they harass someone else, and it comes out they did it before and you didn't fire them, you will be held responsible and it will be extremely expensive!

Fire them!

90
Frozenlock 1 day ago 2 replies      
Wow.

So few information, but so many people ready to fire his ass.

At this point, I wonder if we should have men/women segregation in the workplace. This is the logical conclusion if you want to avoid this kind of problems.

91
IANAL 1 day ago 0 replies      
"The employee in question has made it clear that it's not a big deal and she knows how to deal with it"

Get that in writing, keep an eye on the situation and move on. Get rid of that person for another reason.

92
Zelmor 1 day ago 0 replies      
This is a bannable offense. Fire him and let your employee know that she did the right thing reporting such a thing. She did nothing wrong and should not feel bad about other peoples' behaviour.
93
protomyth 1 day ago 0 replies      
Lawyer

"it will be a violation of the trust"

Tell her that you really need to make sure there are no future problems with the team and that is why you must fire the new biz dev. He broke faith, not you or her.

94
empress_nikki 1 day ago 0 replies      
here are all the ways that people traditionally deal with sexism in the office. This vid from DevOPs Days Con, explains the pros of cons of each method. Going forward, implementing what you learn from this will go a long way.https://youtu.be/M2mnDiWJhOY?t=2h27m26s
95
sverige 1 day ago 0 replies      
So many comments saying "Fire the guy" without any kind of investigation. And almost universal acceptance that what the woman said is the end of the fact-finding needed to make a decision.

In previous lives as a senior manager and litigation paralegal, I have had to deal with dozens of sexual harassment claims, including the kind that end up at the EEOC and a few that resulted in lawsuits. A good friend and former coworker is a regional HR manager for a Fortune 100 company, and he has seen everything under the sun.

OP, the only reason to do anything is because you're the founder and she brought it to you. You don't have to do anything other than document her conversation with you, but if you decide to stick your nose into it, here's what my thought process would be:

First, even if it's a small startup, OP cannot discuss with the accuser what action he takes with the accused beyond "I'll handle it." While this may baffle many here, it's really none of her business since it involves the accused's relationship with his employer. If he ends up firing the guy, she can put 2 and 2 together, but he cannot provide details of disciplinary action.

Second, he cannot announce to the rest of the employees that he fired the guy for sexual harassment, only something along the lines of "he no longer works here" with maybe some generic fluff about pursuing other opportunities. It's none of their business either.

Third, he needs to talk to the guy. "But she showed him the texts!" someone exclaims. "He called her a MILF!" That's one side of the story. Let's hear the other side before jumping to conclusions. This all happened outside the work context. We don't really know what the hell happened, only third-hand reporting of one of the participants.

Fourth, let the HR person talk to the lawyer, if OP's startup is big enough to have a dedicated HR person. If not, then yes, talk to a lawyer, but make sure they've got some litigation experience. Too many HR lawyers are just overpaid risk managers who don't have any clue of when to fight and when to fold and pay.

Which brings me to my last point: I know it may be unpopular to say, but sometimes women lie and manipulate just as well as men do.

At my senior manager job, I was accused several times of sexual harassment, even though I scrupulously avoided any kind of personal conversation that could lead to any hint of anything sexual with all coworkers, whether direct or indirect reports, peers, or superiors. I never met behind closed doors with women, except my boss, and she always left the blinds open and people felt free to interrupt at any time. And yet, I was accused. None of those accusations withstood scrutiny, but they were a gigantic PITA.

One crazy person even reported me to the FBI, after the EEOC found nothing actionable! (Seriously. The issue was that I was her last resort for altering an unfavorable survey given to her by a customer, and I refused to do so, for sound business reasons.)

Texts can be faked. We don't know enough to know whether the accuser's story is absolutely true and complete, and we certainly don't know her motives.

OP, find yourself someone with serious experience in employment law in your jurisdiction to give you counsel. Pay their fees. Stop trying to do it on the cheap by asking here, since it will do you no good and quite possibly do great harm to follow 90% or more of the advice in this thread.

Edit: added paragraph about doing nothing, and fixed "autocorrect."

96
forestjc 1 day ago 3 replies      
is it really sexual harassment? He tried clumsily to make a move on her and she declined, if he tries again it's a red flag, but if he stop his behavior you have nothing to worry about
97
pbarnes_1 1 day ago 0 replies      
Are you serious?

Terminate. The end.

98
traviswingo 1 day ago 1 reply      
First of all, talk to your lawyer. This is something that should have already been in place and there should be literature to give to each employee during their on-boarding.

Second, if the harassed employee does not wish you to do anything, the best thing to do is to indirectly address the situation with a company-wide seminar/meeting about the topic. List off all the things this employee did that are intolerable - he'll get it really fast.

99
jrochkind1 1 day ago 0 replies      
Tell him don't do it again, or he'll be fired?

And check with your lawyer. Get a lawyer if you don't have one.

100
johnnyg 1 day ago 0 replies      
Lawyer + document + fire him.

This is a no brainer.

101
jomamaxx 1 day ago 0 replies      
It's a very interesting case, I wonder if there are any lawyers who would care to comment?
102
dav 23 hours ago 0 replies      
Man I'd Like to Fire
103
whatok 1 day ago 3 replies      
Any ideas why your employee brought it up to you (management) but does not want you (management) to do anything about it?
104
tamana 22 hours ago 0 replies      
You should not have posted all that detail here.
105
fullshark 1 day ago 0 replies      
Not share the incident on here for starters.
106
Glyptodon 1 day ago 0 replies      
Fire him. This doesn't have to cause team problems or violate any trust.
107
jessfraz 1 day ago 0 replies      
Fire him
108
ilaksh 1 day ago 1 reply      
I don't know if what he was doing was 100% harassment or not but that word makes it at least hard to argue its not.

The sad reality is that if a man makes advances towards a woman at work and she isn't interested, it is very possible he will end up being terminated for 'sexual harassment' regardless of what words he uses. Because sexual harassment effectively really boils down to any unwanted advance or even flirtation. It shouldn't be that way, it should be about actual harassment, but very few people are able to make such a distinction in a fair way.

So I don't think that in the current environment any sort of flirtation at work is really a safe maneuver unless the woman makes obvious advances first.

I have a feeling people will slam me and this comment but I haven't been downvoted very much this week so I guess it is time.

109
orionblastar 1 day ago 0 replies      
Yeah talk to a lawyer first, listen to all of the people that say talk to a lawyer.

Actually it is up to her to file a complaint with you or HR. If she does not want to file a complaint, just add it to the employee's annual review that he used inappropriate words with another employee. If he is still on probation as a new employee it could violate that probation and you could fire him for that.

You have to ask yourself how valuable is this new employee to your team and company? Can he get some sensitivity training to learn not to speak that way to a female employee? If he is very skilled and valuable you might want to suggest the sensitivity training for him, if not he broke probation and can be fired for it.

You don't have to use the employee's name that he sexually harassed. In fact if you are in a state that has a no fault clause in the hiring and firing, you could fire him without giving a reason. Just say something like his position was removed due to budget problems, then create a new position to replace it with a different name.

110
DyslexicAtheist 1 day ago 0 replies      
watch Silicon Valley :-)
111
kazinator 1 day ago 2 replies      
> Please provide one example of using the term "MILF" in a professionally appropriate way.

"Team, some numbers are in. It seems our hot-milfs.xxx domain is bringing in more ad revenue than the rest combined."

112
patio11 1 day ago 5 replies      
This will inevitably conclude with your employer settling a claim of retaliatory treatment subsequent to reporting sexual harassment for a sum of +/- $500k and with you being fired. Your competent legal advisor will, accordingly, recommend against retaliating against the reporting employee, even if you consider this issue beneath your notice. The laws of the United States on this matter are relatively well-settled and they do not agree with your opinion on this matter.
113
dragonwriter 1 day ago 3 replies      
If you fire someone for reporting sexual harassment, they have an open-and-shut retaliation case against you. You've just vastly magnified your legal problems if you do this.

I'm sorry you have had personal issues in your life stemming from your wife dealing with sexual harassment issues from the HR side, but your emotional reaction based on that experience isn't likely to be the basis for sound advice.

114
Frozenlock 1 day ago 2 replies      
While your business might be your life, for most of your employees it's only a job.

This means that for most of them, it must be pleasant. They must be able to joke around and even, occasionally, flirt. If you try to turn every social interaction into a perfectly professional unfriendly and unsexualised environment, you will very quickly find that you are the only one left.

This is even more relevant in a small startup.In my experience, the worst kind of work environment is a startup trying to act like a big multinational. None of the perks, but all of the soulless experience.

I have nothing against firing someone for bad behavior. However, with the little info you provided us, there is nothing serious.

Make sure the new employee knows that her colleague didn't like his approaches and that it won't happen again.

You should also try to get both sides of the story.

Finally, you did say this:

> The employee in question has made it clear that it's not a big deal and she knows how to deal with it (...)

How is she going to react if you fire his ass? Wouldn't it be acting like she can't take care of herself?

115
littletimmy 1 day ago 1 reply      
When you say, referred to her as a milf, do you mean to her face? Or to someone else in a private conversation?

If you take that out of the picture, then talking on Whatsapp, and asking to hang out, and telling a secret, do not constitute any sexual harassment. This is particularly true if we are talking about just one conversation after which the person did not persist. Should investigate that milf comment, however.

I am rather surprised by the number of people just saying that he should be fired. Really? Showing the littlest bit of attraction and then getting shut down is not harassment. You want to take away a person's livelihood for that?

116
logfromblammo 1 day ago 2 replies      
From a legal standpoint, you need do nothing. He is not in any position to commit quid pro quo harassment. So far, there is no evidence of hostile workplace.

What your female employee has done is to cover her own ass in case the new male employee engages in any work-inappropriate behavior. If she comes to you again, and claims harassment, you are primed to believe her immediately and take immediate, appropriate action at that time.

Don't fire him. Don't kick his ass. Don't have a meeting with HR. Write down, "Ms. Y stated on [datetime] that Mr. X propositioned Y to upgrade beyond a work-only relationship, and Y declined. Y presented sufficient evidence to substantiate this claim." Attach a copy to both of their personnel files.

In two weeks, six weeks, and twelve weeks, proactively hold 1-on-1 meetings with all your employees, including Mr. X, and ask them if they feel as though Mr. X is assimilating well into the workplace. If no one has any complaints, even after you go fishing for them, there is no evidence of hostile workplace, and you have no further business with your employees' personal relationships.

It isn't your business to manage your employees' personal lives. It is your business to provide them with a safe, cordial, and productive work environment. It isn't your business to remediate unsavory bro-havior. I don't like how sales and biz dev tend to work in the real world, but I know that sometimes that kind of behavior is beneficial to a business. I just don't hang out with that sort of people in a social context. I prefer that their oily schmoozing be directed at potential customers, and I'm sure they prefer that I not ruin their good time with my dry-toast nerdity.

Personally, though, I would question the judgment of a biz dev employee whose first act in a new camp is to dig his latrine next to the watering hole. Aren't they supposed to cultivate new business relationships outside the company?

117
SFJulie 1 day ago 0 replies      
Don't use a lawyer. Read the penal text. Make yourself an opinion. And act according to the rules and preferably use written procedures without shaming.You can however make an "unrelated" meeting if you want to make yourself clear stating the law, and the process your company is following.

https://www.eeoc.gov/policy/docs/harassment-facts.html

118
x5n1 1 day ago 7 replies      
I really don't understand the environment around sex and relationships in the work place. It's messed up. Someone should be able to express interest and the other person should be able to refuse it. Simple as that. But instead there is a whole drawn out ritual around these things. It's not really grown up thing that adults do, instead any male is looked at as an aggressive offender looking to rape someone, unless the female is interested and the male is supposed to know how at this moment the female is feeling. And the female is apparently always fearing rape unless she is interested. I am sort of creating hyperbole, but it seems as if the undertone is like that. On the surface I guess it's that well I am uncomfortable with how the other person is acting, but that should be resolved with some training or something, as when someone is rude to someone else and they don't appreciate it. But so it goes.
119
NateDad 1 day ago 0 replies      
Fire him. Period. He'll do this to someone else who might not report it.

Anyone who calls a woman a milf to her face has NO respect for women, and will cause problems with women at the company in 1000 other small ways (and possibly big ways).

Be that guy that says he's not going to let this shit slide, and then actually follows through.

Of course the woman said she doesn't want to cause trouble... she's trying to cover her own ass to make sure that you're not going to get mad at her (yes, I'm sure it crossed her mind). She reported it to you for a reason. Because it was completely unacceptable.

Fire him. Fire him. Fire him.

And then explain to the rest of the company exactly why he was fired. And that you're not going to tolerate that behavior. You can leave out details of who and why, even white lie if there's only one woman on the team, that it was a friend or something...

If you work in a state without at-will employment, you might need to talk to a lawyer... hopefully your HR team can help you figure out the safe way to do it. But do it. Even if it's not safe. Do it because it's the RIGHT thing to do.

29
The cave divers who went back for their friends bbc.com
300 points by JacobAldridge  2 days ago   170 comments top 19
1
jcoffland 2 days ago 11 replies      
I find the sentimentality towards dead bodies difficult to relate to. I would be fine with my body being left and would not want someone else to die attempting to retrieve it. I suppose my friends and family might not feel the same.
2
kfk 2 days ago 2 replies      
OK, before people start saying why the hell would you do such a sport. Not the same but similar - I did caving for a big part of my childhood until I was 20. I miss it. The connections you build with the people you do this are very strong, your life depends on it. The places you see are mind blowing - try running into a 60m dive after entering a small hole of maybe 30 cm of diameter, or visiting a room bigger than a stadium at -500m. And there is a certain romance around it - places with names from people that discovered them long ago, places yet to be found, old guys telling gone stories of exploration. Up in the mountains, maybe 1 hour from my old home back in Italy, there is still a search for a special entrance to a big cave system (runs 1 km deep) in order to do explorations also during the winter (a big lake inside the cave closes the "classic" entrance after summer), this search has been going on for 20+ years now, still searching.
3
mikkom 2 days ago 2 replies      
There is a documentary coming in 2016 about this dive, here is the english website:

http://divingintotheunknown.com/en

There was also an excellent article about the dive (with lots of pictures and videos that they recorded during the dive and interactive map) at the biggest newspaper in Finland, unfortunately only in finnish.

http://dynamic.hs.fi/2014/syvalla/

4
wazari972 2 days ago 5 replies      
It's surprising to see such an article #1 in HN ... right after a long weekend of cave diving training!

It's a sport that requires a lot of preparation, planning, risk estimation and counter-measures. My hobby cave dives are nothing like such explorations, but the principles are the same.

In the end, when you go diving, the level of risk is close to 0: one regulator may fail (risk around 1/100 if well checked), two won't fail during the same dive (risk of two failures 1/100 x 1/100 = 1/10000 which is negligible--if I got the figure right, I didn't double check! EDIT: it's rather 1/1000 x 1/1000 = 1/1.000.000). And we use two independent air tanks, and with air reserves managed with one regulator fault in mind, as well as the 'little' panic induce by the regulator fault. That's called the 1/4 rule, we use it in France in FFESSM diving organisation.

5
kogepathic 2 days ago 2 replies      
I understand that people take pleasure in doing this sport because it's physically challenging and they find the challenge exciting.

> more than 11 hours after setting off on a dive that was supposed to take five hours.

I mean this is just insane. I can't even imagine trying to do something in which any mistake could instantly cause my death for 11 hours straight.

> "There are lots of questions - the original questions - about where the cave goes, and where the water comes from, and they are still there," he says. "And I am not afraid of the cave."

I appreciate this attitude, but I'm wondering if it would diminish the sport at all to have autonomous vehicles explore the cave before a dive.

It doesn't remove the physical challenge of the sport itself, but it could help divers prepare for tough portions of the dive.

e.g. at 110m depth, narrow passage. Single file proceeding with X minutes budgeted for issues.

6
pi-rat 2 days ago 1 reply      
An article from a Norwegian newspaper about the original incident, with visualisation of their diving profile, timelines, etc:http://www.vg.no/spesial/2014/dodsdykket/index_eng.php
7
gommm 2 days ago 1 reply      
I'm not a diver so what I'm about to say may sound incredibly naive but I'm surprised they don't use more advanced communication tech when diving than just relying on light signal.

They could use some kind of haptic feedback system working to communicate between each other through RF waves. If one person presses a button, the other members feel a vibration or some similar haptic feedback. This would allow people to signal danger more easily. It would also make sense to have a notification signaling when any member is outside of the RF range.

Having such a tech would have allowed Gronqvist to have directly been alerted when Huotarinen became stuck either by Huotarinen alerting him or by the notification that Huotarinen was outside of the RF range (which would probably not carry very far in that situation). If other members had been alerted faster, Huotarinen would have had less time to start panicking and would maybe not have needed that cylinder of gaz.

So, maybe I'm incredibly naive and there's a good reason but it seems stupid and dangerous to rely on a torch to signal distress (which is often not going to be visible to members in front of the group).

8
spraak 2 days ago 2 replies      
One of the pictures is captioned

> The Plurdalen Valley

Which is funny because the -en in Norwegian means 'the' and 'dal' means valley. So in a way it says 'The the Plura valley valley'

9
gadders 2 days ago 2 replies      
This is a good long form article about another cave dive body recovery effort: http://www.outsideonline.com/1922711/raising-dead
10
barking 2 days ago 1 reply      
Very brave men undoubtedly. I can't think of a sport that I'd enjoy less though.
11
SeanDav 2 days ago 1 reply      
An even more impressive, and tragic, story at over 270 meters depth, in one of the worlds deepest sinkholes:

http://www.outsideonline.com/1922711/raising-dead

12
f_allwein 2 days ago 0 replies      
vaguely related: the largest successful rescue mission of a scientist who was injured in a cave in Germany http://www.bbc.co.uk/news/world-europe-27914426
13
konschubert 2 days ago 3 replies      
It seems quite egoistic to take such extreme risks for leisure if you have a wife and possibly kids who love you.
14
ohitsdom 2 days ago 1 reply      
> "This incident happened, and then they've made a film and they all come out as heroes," he says. "But these two people should never have died in the first place."

What should the divers have done to avoid this? Were they just not experienced enough for a dive of this magnitude? One mentions they should have done a practice run, but what does that mean? How do you practice for a dive?

15
avar 2 days ago 0 replies      
For people interested in getting into diving as a sport I recommend reading "Diver Down: Real-World SCUBA Accidents and How to Avoid Them" by "Michael Ange" (just search on Amazon).

It contains numerous case studies of diving screwups that either ended in death or near-death and what can be learned from them to avoid those situations.

16
ey0001 2 days ago 0 replies      
Is it because of the water pressure that the guy who died couldn't stop ingesting the water?
17
Overtonwindow 2 days ago 0 replies      
Incredibly brave people. I don't know about the rest of you lads, but I don't have the balls nor the fortitude to even attempt such a feat of humanity. My hats off to them all.
18
stuff4ben 2 days ago 0 replies      
The article hints at them having done something wrong and that it could have been prevented. Any divers/cavers know?
19
known 2 days ago 0 replies      
99% people do NOT donate their organs posthumously
30
After reading Rails is yesterdays software, I need to reply codethinked.com
250 points by D_Guidi  13 hours ago   198 comments top 32
1
danenania 11 hours ago 13 replies      
Moving on from Rails sounds great until you try to build a serious web app with one of the alternatives. While I think that many of the architectural criticisms are valid, Rails demonstrates the primacy of ecosystem and strong conventions over language design and cs theory.

'Tomorrow's' languages and frameworks would do well to take heed. Winning this war has as much to do with culture and marketing as algorithms and data structures.

Clojure, for example, is a much stronger programming language than Ruby on paper, but for a straightforward web app, you'll likely spend at least twice as long to get something working--and while it will be based on better engineering principles, it will also take new engineers much longer to grok since it doesn't follow any universal set of conventions.

With Rails, you end up in the weeds in the long run, but the alternatives put you in the weeds right off the bat (with the promise of eventual salvation). The reality of most product development (ymmv) is that the former is highly preferable to the latter.

2
blub 12 hours ago 10 replies      
This is the old "use the right tool for the job" cop-out. The original post went deeper than that. I would summarize it like this: can modern complex, large-scale web apps be built with the tools we have today, be they Python, Ruby or Javascript?

Or do we need an entire new class of tools which have traditionally been used to build large scale systems in the past?

It's a multi-faceted question of type systems, tooling, packaging, dependency resolution and others. And as web apps continue to evolve, my guess is that the current tools will be considered lacking.

It used to be that picking "the right tool" meant choosing between Ruby, Python, PHP, JS. In the future it might mean using (gulp) Java + WebAssembly or a combination of other unusual tools. This would be quite game-changing for most web developers. ;)

3
Benjamin_Dobell 11 hours ago 7 replies      
Recently I upgraded a project from Rails 3.2.x to 4.0.x... 4.0.x -> 4.1.x... 4.1.x -> 4.2.x

It was, and still is, a nightmare.

Technically speaking Rails itself upgraded in a reasonably straight-forward way, just follow the documentation (well and a few blog posts here and there for the things missed in the official docs). But all the additional Gems, and dependencies of those Gems (and so on) made the process excruciating. Many things broke in subtle ways at runtime (no compilation, so no compiler errors) and there was no clear path to upgrade; because whilst Rails' upgrade path is documented, there's a plethora of Gems that also needed to be upgraded separately (some in contradictory manners).

You might wonder why I was so out of date in the first place. Two reasons:

1. I inherited this code-base.

2. I've attempted this (or a similar) upgrade about 5 other times in the past; spending hours upon hours debugging crashes (or just weird behaviour) with enormous stack-traces where my application's own code often doesn't even appear in the stack trace. It's only now after making several failed (or rather overly time consuming) attempts I was able to come up with a "workable" upgrade path.

Gems dynamically generating methods left, right and centre, Gems replacing methods of seemingly unrelated classes (when they definitely do not need to), and crazy "conventions" that hide all the actual logic make debugging any sizeable Rails project a complete disaster. Don't even get me started on the poor performance, much of which is to do with poorly designed Gems and not even the Ruby interpreter's fault.

That said... I still turn to Rails when I want to get a new project (with users, database, login, admin etc.) up and running quickly. It's a shame, but in terms of development speed, it's hard to beat Ruby (and Rails). For small projects Sinatra is very solid, and Padrino is interesting - but honestly I can't wait for the day I can move to a compiled language and still achieve this sort of development speed.

4
cdnsteve 11 hours ago 5 replies      
"makes it easy to install 1,000 gems into your project without a single line of configuration, is exactly why its hard to debug".

This "let someone else do the work, get it from a gem" mindset is what kills long lived projects. It has nothing to do with the tools and everything to do with experience.

You don't need 1000 gems. Managing anything more than core dependancies in a project can easily create exponential bugs and consume all your resources to fix. Remember left-pad?

This is true in any language and ecosystem and has nothing to do with rails/gems/ruby. The same is with Python, JS, PHP.

Senior/Lead devs need to carefully curate what a projects foundation is. A strong, well designed foundation means you have something solid to build on. If you don't understand what's in your deps, haven't read their code, see how often it's updated and how many people actively use it, and can say you are using 80% or more of the code in it then don't use it.

Writing your own code is often the best route since it fixes your exact use case, no matter the language, libraries or frameworks being used.

5
hashkb 12 hours ago 1 reply      
Author is being nice, but I'm happy to point out that author of replied-to post is revealing they are a frustrated novice. All the focus on "Rails made programming cool" tells me "I do things for dumb reasons." Clear case of chasing the dragon.
6
noamsml 11 hours ago 0 replies      
I feel like this is a terribly lacking reply. I'm not a trend-person by any mean: I'm a deep-backend developer, and my main language right now is Java[1]. However, when I have to maintain rails apps, even well-written ones, I find myself frustrated. I think ceding the advantages of a compiler is a fundamental mistake. Compilers and static checkers make for better software more easily; they don't replace tests, but they complement them and constitute compilable documentation for your code, enhancing its maintainability considerably.

[1] I write in Java because I work for a Java shop, but even if I had my choice of languages, I'd probably be using either Swift or a compile-to-JVM language.

7
ryanmarsh 10 hours ago 1 reply      
Many of the complaints against Rails in this HN discussion are around code base maintainability, gem proliferation, and amateurs.

Any tool that allows the rapid (almost effortless) accretion of complexity will suffer these problems. It goes with the territory.

8
rco8786 12 hours ago 0 replies      
Reposting a reply I put on the original submission, but pertinent here as well:

Use whatever tools/framework you want. Whatever it is you use, you will eventually become [the original] OP.The reality is that every language/framework has warts. As you use it and get deeper into it, you will uncover these warts. Eventually, all you can see is the warts.

It's important to take a minute every once in a while and look at the thing you built from a user's perspective. See what problem you've solved for people, or just what cool new thing you've built. Staring at a bug backlog and a mountain of tech debt will always get you down about your project, but that's the reality of programming...bugs and tech debt.

9
lr4444lr 12 hours ago 1 reply      
The author leaves the business needs completely off the table, even though it would help his case. If you have a limited amount of time to launch your product in your current round of funding, and you want a framework that helps a small number of tech employees build working first generation critical features reasonably quickly, handle a large number of tasks not critical to the company's value proposition reasonably well, can be maintained and scaled on a variety of PaaS options well long enough until the company is profitable enough to move to the next phase of tech infrastructure, is Rails attractive software? I'm not an expert with it, and I don't even enjoy using it, but I believe it is.
10
n0us 12 hours ago 3 replies      
Some software does become "yesterday's software." I'm looking at you Cold Fusion, Flash, COBOL, the Abacus. I don't think Rails belongs in this group. I recognize that it's a good framework even if I don't personally like.
11
willvarfar 11 hours ago 0 replies      
The problem I feel with Ruby and RoR apps is that people bang gems together without knowing how those gems do what they promise to do, what those gems depend upon, what those gems monkey patch, what they change.

Further down the road, maintenance drowns you.

I've rallied against this mindset before, e.g. regards security http://williamedwardscoder.tumblr.com/post/43394068341/rubys...

I find large Python apps fairly unmaintainable too, but to a much lesser degree.

12
mberning 12 hours ago 0 replies      
I personally love ruby and rails and still find it to be extremely effective and adaptable to most web development tasks.

As people flee the platform a huge amount of opportunities are going to open up for that still enjoy the platform. I can't wait.

13
padseeker 8 hours ago 0 replies      
I have to say I'm loving reading the thoughtful and insightful comments on this thread.

With any programming language and/or framework you have to pick your poison. Rails backloads a lot of big development obstacles that ultimately you may never actually encounter in the life of your app. The issue regarding gems can be aggravating. But the speed in which you can get your app built cannot be understated. Rails is not a one size fits all, and you might eventually outgrow rails (i.e. Twitter). Be grateful the framework got you to the point you could outgrow it, rails helped you get there.

14
0xfaded 10 hours ago 0 replies      
Dynamic languages reduce the formal overhead required to develop new ideas.

I can't imagine that an "eliminate boilerplate via convention at the cost of explicitness" mentality would have evolved independently in a world where assurances are earned by proving extra properties to the compiler.

However mordern compiled languages now formalise the shortcuts afforded by dynamic languages, e.g. type inference, generics, implicit conversions, typesafe macros, type classes, etc.

Similarily conventions popularised by rails-esqe frameworks are being formalised using the tools listed above.

I fall into the scala camp, but have used rails at a previous job. My guess is I need 1.5x scala lines vs Ruby which I believe is a justified cost. Opinions of course vary.

15
brightball 11 hours ago 1 reply      
At the moment, the alternatives mentioned to Rails aren't actually alternatives. You are still going to make major trade offs in productivity compared to Rails...

Unless he's talking about Elixir and Phoenix, which IMHO is the future of web development.

16
carsongross 12 hours ago 5 replies      
I've got my problems with Rails: routing is overly complicated, the asset pipeline can be tricky, and so on.

But Rails is very good at producing HTML and, in particular, partial chunks of HTML. As the current thick-clients-in-javascript trend cools off (it's happening, this was at the top of /r/webdev yesterday: https://www.reddit.com/r/webdev/comments/4iphv4/12_year_of_p...) people are going to migrate back to HTML as a transport for web apps, using libraries like http://intercoolerjs.org. (Disclosure: I developed it)

Rails is well positioned for that.

17
mpdehaan2 11 hours ago 1 reply      
In the original article, he indicates Swift, Rust, and Go are tomorrow's languages. The issue really is that the level of support in the various frameworks, the eons of bug-crushing and feature additions, and the libraries available, are going to be behind for some time. This is why I'd still gladly pick Django today.

What is "the future" isn't really so interesting as what is productive.

Yes, performance matters a bit, but development time is usually much more expensive than adding a few nodes to an autoscaling group, and not worth the cost of using less fleshed out libraries.

18
lo_fye 7 hours ago 0 replies      
PHP is the day before yesterday's software, but it still gets a shitload of profitable work done.
19
aeze 12 hours ago 1 reply      
Fully agree with the post. Any time you're making decisions based on some dogma versus 'what is the best way to solve my current problem' you aren't guaranteeing an optimal solution.
20
qaq 11 hours ago 0 replies      
The thing is in many cases you had to make a choice between performance and productivity. Withthings like Elixir/Phoenix you don't really have to make that choice. Maturity argument again is moot as you are building on top of Erlang/BEAM that's very mature and has very good tooling. For people coming from Ruby the syntax also makes transitioning less of a pain.
21
shams93 8 hours ago 0 replies      
I've seen the biggest benefit from a client heavy approach even with rails. Make the api the core of your system, makes it easier to refactor down the road into microservices. For a lot of web apps there is no real need for server side templating, once you get beyond server templating its easier to make native versions of your app or use xamarian to access the same api from a common c# codebase for native. Place your business logic in the api and there's really nothing for someone to steal from view source because your clients are just REST wrappers.
22
zacharypinter 11 hours ago 0 replies      
It seems to me that a version of the Innovator's Dilemma might apply to software frameworks as well.

By the time a project gets large enough it starts optimizing for its major stakeholders. New use cases or new ways of rethinking common use cases come along, and the small libraries that approach it from scratch have a narrowly-defined advantage. If the advantage is significant enough (e. g. virtual dom for browser UI), then new frameworks start being written around them, bringing back some but not all of the features of the older frameworks.

At some point (different for each user/use case) the newer frameworks have enough functionality that people start considering them over the older ones for new projects. When enough of that happens, the older frameworks start looking like yesterday's software.

23
janvdberg 12 hours ago 0 replies      
In the comments of that HN post this link was posted which I found highly informative regarding the matter: https://speakerdeck.com/tehviking/surviving-the-framework-hy...
24
agmcleod 12 hours ago 0 replies      
I agree with this quite a bit. Even in my own projects, I love using Rails for web stuff, but I would never use Ruby for games. It's a pain to distribute working binaries, and really is not an ideal language for games.
25
methehack 10 hours ago 0 replies      
Anyone finding any of this resonating really owes it to themselves to try elixir / phoenix and, at the very least, keep an eye on it.
26
xaduha 11 hours ago 1 reply      
Rails wasn't even the best choice when it appeared.
27
payne92 10 hours ago 0 replies      
As more of the computational elements of UIs shift from server-side HTML to client-side Javascript, server-side frameworks like Rails, Django, PHP, etc. become less relevant.

Fast forwarding, many apps are (or will be) big JS blobs using APIs/microservices back to the server. In that version of the future, frameworks like Rails can get in the way more than they help.

28
mmedley 7 hours ago 0 replies      
It simply boils down to what you're most proficient with. Depending on the problem, you're likely to encounter some technologies are better suited than others. That to me is where you'll get the most bang for the buck, being able to decide on the right tool for the problem.
29
dschiptsov 11 hours ago 1 reply      
There is, perhaps, a law, such that any project with a strong tendency to pile up more crap instead of reducing it to "just right, when nothing else could be removed" (a-la 9P2000 protocol, and few foundation libs of Plan9) will end up in a J2EE-like pile of collective stupidity.

At least, everything in nature tends to get reduced to a local optimum by a straightforward optimization process of trial and error. There is no way to make a reliable and efficient complex system by piling up more and more crap.

And, funny enough, JavaScript will be even worse - it already makes J2EE look not that bad.)

30
k__ 9 hours ago 1 reply      
why do most people only see the extremes?

you don't have to use bleeding egde libs instead of rails...

hapi instead of koa

react instead of cycle

ember instead of react

etc...

31
vox_mollis 11 hours ago 3 replies      
I've come to the conclusion that those who defend weak/dynamic type systems and other unsafe toolchains simply buy into the fallacy of the uber-developer: the belief that while other, lesser developers need static typing and analysis, I'm so superior that I will never introduce those class of bugs, ever.
32
troxwalt 12 hours ago 1 reply      
Great follow up article. Choose the right tool for the job.
       cached 12 May 2016 02:11:01 GMT