hacker news with inline top comments    .. more ..    16 Apr 2017 Best
home   ask   best   2 years ago   
How We Built r/Place redditblog.com
1134 points by dkasper  2 days ago   237 comments top 37
ChicagoBoy11 2 days ago 6 replies      
I love write-ups like this because they are such a nice contrast to the too-common comments on Reddit and HN where people claim that they could rebuild FB or Uber as a side project. Something as superficially trivial as the r/Place requires a tremendous amount of effort to run smoothly and there are countless gotchas and issues that you'd never even begin to consider unless you really tried to implement it yourself. Big thanks to Reddit for the fun experiment and for sharing with us some of the engineering lessons behind it.
seankimdesign 2 days ago 2 replies      
What a fantastic writeup. I had some vague ideas regarding the challenges involved to build an application of such scale, but the article really makes it clear for everyone the amount of decision points encountered as well as why certain solutions were selected.

I also like the way the article is broken down into the backend, API, frontend and mobile. This isolated approach really highlights the different struggles each aspects of the product has, while dealing with what is essentially a shared concern: performance.

What I also found interesting is the fact that they were able to come up with a pretty accurate guess in terms of the expected traffic.

> "We experienced a maximum tile placement rate of almost 200/s. This was below our calculated maximum rate of 333/s (average of 100,000 users placing a tile every 5 minutes)."

Their guess ended up being a good amount above the actual maximum usage, but it was probably padded against the worst case scenario. The company that I work for consistently fails to come up with accurate guesses even with our very rigid user base, so it's pretty impressive that Reddit could accommodate the unpredictable user base that is the entire Reddit community.

eatitraw 2 days ago 3 replies      
> We used our websocket service to publish updates to all the clients.

I used /r/place from a few different browsers with a few different accounts, and they all seemed to have slightly different view of the same pixels. Was I the only one who experienced this problem?

When /r/place experiment was still going, I assumed that they grouped updates in some sort of batches, but now it seems like they intended all users to receive all updates more or less immediately.

writeslowly 2 days ago 1 reply      
I thought it was interesting that one of their requirements was to provide an API that was easy to use for both bots and visualization tools. I remember reading some speculation when this was running that r/place was intentionally easy to interface with bots, while there were also complaints that the whole thing had been taken over by bots near the end.
ag_47 2 days ago 9 replies      
Now I'm curious, Are there any websites that do something similar to /r/place? (hackathon idea?)

Also, reminds be of the million dollar front page [1].

[1] https://en.wikipedia.org/wiki/The_Million_Dollar_Homepage

wyager 2 days ago 3 replies      
Why use Redis and multiple machines instead of keeping it in RAM on a single machine? I'm not claiming the Reddit people did anything wrong; they have a lot more experience than me here obviously. I'm just trying to figure out why they couldn't do something simpler. 333 updates/sec to a 500kB packed array, coupled with cooldown logic, should have a negligible performance cost and can easily be done on a single thread. That thread could interact via atomic channels with the CDN (make a copy of the array 33 times a second and send it away, no problem) and websockets (send updates out via a broadcast channel, other cores re-broadcast to the 100K websockets). Again, I'm not saying this is actually a better idea, this is just what I would do naively and I'm curious where it would fall apart.
vmasto 2 days ago 6 replies      
> Users can place one tile every 5 minutes, so we must support an average update rate of 100,000 tiles per 5 minutes (333 updates/s).

It only takes a couple of outliers to bring everything down. I'm not exactly well-versed in defining specs for large scale backend apps (not a back-end engineer) but it seems to me that preparing for the average would not be a wise decision?

For example, designing with an average of a million requests per day in mind would probably fail, since you get most of that traffic during daytime and far more less at the nightly hours.

Could anyone more experienced shed some light?

amyjess 2 days ago 1 reply      
So I got hit by an unfortunate bug on the first day of /r/place.

I was trying to draw something, one pixel at a time, and all of a sudden, after a bunch of pixels, it stopped rate-limiting me! I could place as many as I wanted! So I just figured that they periodically gave people short bursts where they can do anything. This was backed up by my boss, who was also playing with /r/place, saying that the same thing happened to him not long before that (yes, my whole team at work was preoccupied with /r/place that Friday). So I quickly rushed to finish my drawing.

And then I reloaded my browser... and it wasn't there. Turns out that what I thought was a short burst of no rate limiting was just my client totally desyncing from Reddit's servers. Nothing was submitted at all.

Not too long after that, another guy on my team got hit by the same bug. But I told him what happened with me, so he didn't get his hopes up.

nathan_f77 2 days ago 0 replies      
This is fantastic. I learned a lot, and it seems like they nailed everything.

I really enjoyed the part about TypedArray and ArrayBuffer. And this might be a common thing to do, but I've never thought about using a CDN with an expiry time of 1 second, just to buffer lots of requests while still being close to real-time. That's brilliant.

ziikutv 2 days ago 0 replies      
Startup tech writers, take note. This write up has been more helpful than many in the past. Thank you very much Reddit developers
nitwit005 2 days ago 4 replies      
Given the scale described, it sounds like they could have had a single machine that held the data in memory and periodically flushed to disk/DB to support failing over to a standby.
tupshin 2 days ago 2 replies      
Our initial approach was to store the full board in a single row in Cassandra and each request for the full board would read that entire row.

This is the epitome of an anti-pattern .I sincerely hope that this approach was floated by somebody who had never used Cassandra before.

Even if individual requests were reasonably fast, you are sticking all of your data in a single partition, creating the hottest of hot spots and failing to leverage the scale out nature of your database.

maaaats 2 days ago 3 replies      
Interesting how big the Norwegian and Swedish flags got, given our small populations.
pitaj 2 days ago 1 reply      
r/Place is really awesome. This is how you grow the community. The 2D and 3D timelapses are super cool to watch, as well. Glad Reddit decided to make this a full-time thing.
blurrywh 2 days ago 0 replies      
ThomPete 2 days ago 0 replies      
This is why experimentation is so important and why I always love when people do things just to do them.

It's literally like exploring the digital universe and reporting on some of your findings.

Great writeup!

brilliantcode 2 days ago 0 replies      
archagon 2 days ago 2 replies      
Thank you for the fascinating writeup! How long did the whole thing take to put together?
hopfog 2 days ago 0 replies      
This is amazing and I got so many ideas on how to tackle the scaling issues I have with my own multiplayer drawing website. In the aftermath of r/Place I went into some of the factions' Discord servers and posted my site, getting 50-100 concurrent users which caused a meltdown on my server. It was a good stress test but also a wake-up call.

Again, amazing write-up. Thank you!

a_bonobo 2 days ago 0 replies      
Weird question - why does that bash script use absolute paths for standard tools like awk and grep (/usr/bin/awk instead of just awk)? Is this some best practice I know nothing about?
svarrall 1 day ago 0 replies      
Anyone with any insight into how much something like this 'cost' Reddit, resource wise. Is the main outlay in time and the server costs already covered by their infrastructure or does the high traffic add enough to make a difference?
antoniuschan99 2 days ago 1 reply      
Looks impressive!

How big was the team? How long did it take to complete this project? Is the code going to be open sourced?

biot 2 days ago 1 reply      

 > At the peak of r/place the websocket service was > transmitting over 4 gbps (150 Mbps per instance > and 24 instances).
What does Reddit use for serving up this much websocket traffic? Something open source, or is it custom built?

77pt77 2 days ago 2 replies      
Now where can we get a dump of all the data.


timestamp, x, y, color, username

mozumder 2 days ago 9 replies      
> We actually had a race condition here that allowed users to place multiple tiles at once. There was no locking around the steps 1-3 so simultaneous tile draw attempts could all pass the check at step 1 and then draw multiple tiles at step 2.

This is why you use a proper database.

I'd probably add a Postgres table to record all user activity, and use that to lock out users for 5 minutes as an initial filter. Have triggers on updates to then feed the rest of the application.

Cofike 2 days ago 0 replies      
As someone looking to expand their knowledge of big systems and building at scale this kind of resource is invaluable!
calosa 2 days ago 1 reply      
If any data science-y folks want to work with the raw data, you can find it here... https://data.world/justintbassett/place-events
_hamilton 2 days ago 1 reply      
/r/place is probably the coolest project that happened this year so far.
the_arun 2 days ago 0 replies      
Good article. One security issue I see is - showing Nginx version in error page - nginx/1.8.0. No need to show details of webserver or its version!
rohankshir 2 days ago 1 reply      
anyone know what framework they used to do visualizations?
replface 2 days ago 0 replies      
johansch 2 days ago 1 reply      
The front-end UX for scrolling that bitmap was quite frankly horribly badly designed.
huangc10 2 days ago 3 replies      
Can someone link to the full resolution final image? Been trying to find it. Thanks!
webdwarf 2 days ago 0 replies      
It's awesome project!
GrumpyNl 2 days ago 1 reply      
Same was done in Holland several years ago. The one million pixels site. Each pixel was sold for a dollar. All was sold.
look_lookatme 2 days ago 0 replies      
This is all great, but your search never works, still. It has been like that forever.
subkamran 2 days ago 3 replies      
This is awesome but man, reading the canvas portion was a bit distressing. I wonder why they didn't use a game engine to do this? All the work they did has been implemented already in several JS game engines, such as the one I help maintain (it's free and OSS), https://excaliburjs.com. We support all the features they needed including mobile & touch support. They could have also used Phaser (http://phaser.io) too I bet... that has WebGL support for even faster rendering on supported devices.
Bob Taylor Has Died nytimes.com
807 points by my_first_acct  1 day ago   80 comments top 26
alankay1 1 day ago 2 replies      
Bob fully embraced the deeply romantic "ARPA Dream" of personal computing and pervasive networking. His true genius was in being able to "lead by getting others to lead and cooperate" via total commitment, enormous confidence in his highly selected researchers expressed in all directions, impish humor, and tenacious protection of the research.

He was certainly the greatest "research manager" in his field, and because of this had the largest influence in a time of the greatest funding for computing research. It is impossible to overpraise his impact and to describe just how he used his considerable personality to catalyze actions.

The key idea was to have a great vision yet not try to drive it from the funders on down, but instead "fund people not projects" by getting the best scientists in the world to "find the problems to solve" that they thought would help realize the vision.

An important part of how this funding was carried out was not just to find the best scientists, but to create them. Many of the most important researchers at Xerox PARC were young researchers in ARPA funded projects. Bob was one of the creators of this process and carried it out at ARPA, Xerox PARC, and DEC.

He was one of those unique people who was a central factor in a deep revolution of ideas.

chaostheory 1 day ago 2 replies      
"My bias was always to build decentralization into the net. That way it would be hard for one group to gain control. I didnt trust large central organizations. It was just in my nature to distrust them." -- Bob Taylor
gavinpc 1 day ago 3 replies      
Sad news.

My favorite Bob Taylor story is about the "class 1" versus "class 2" disagreement. Not sure which is which, but in the preferred case, the two parties are able to state each other's position to the other's satisfaction. One of his tricks as a manager was to help the parties get to that state.

This is either from Rheingold's Tools for Thought or Doug Smith's book.

update: kind of but not exactly like this great scene from Horace & Pete https://www.youtube.com/watch?v=3iRM1iN-3a4

lancefisher 1 day ago 4 replies      
If you're not too familiar with the story, Where Wizards Stay Up Late is a good history of the beginning of the internet. https://www.amazon.com/Where-Wizards-Stay-Up-Late/dp/0684832...
kleiba 1 day ago 1 reply      
I went to see Charlie Herzfeld, who was the head of ARPA, and laid the idea on him, Mr. Taylor recalled in an interview with The Times. He liked the idea immediately, and he took a million dollars out of the ballistic missile defense budget and put it into my budget right then and there. He added, The first funding came that month.

This must bring tears to the eyes of every researcher today.

edward 1 day ago 0 replies      
I've just added a photo from flickr to the Bob Taylor Wikipedia article.


(One of my hobbies is contact flickr photographers and asking them if they're interested in having their pictures used on Wikipedia.)

ayanb 1 day ago 0 replies      
A very succinct professional summary here:


>> In 1970, Taylor founded the Computer Science Laboratory (CSL) of the Xerox Palo Alto Research Center (Xerox PARC). Through the 1970s, CSL researchers became known worldwide for a number of important innovations necessary to the creation of the Internet. CSL invented and built Ethernet, the laser printer, and the PUP (PARC Universal Packet) protocol. PUP was introduced seven years in advance of the implementation of the Internet protocol, TCP/IP. Within Xerox, all of these technologies enabled the construction of the first internet.

neves 1 day ago 1 reply      
From a nice Alan Kay's post:

There were key figures. For example, Parc would not have succeeded without Bob Taylor, Butler Lampson, Chuck Thacker, and a few others.

The link: https://www.quora.com/What-made-Xerox-PARC-special-Who-else-...

19eightyfour 1 day ago 0 replies      
Respect to the black "top band" the HN site is wearing now. Have a pleasant journey, Mr Taylor.
trapperkeeper79 1 day ago 0 replies      
RIP. For you youngins ... you may want to read up on him. He is an example of a boss we'd be fortunate to get at some point in our life.
jmarinez 1 day ago 1 reply      
Doug, Marvin, Seymour and now Bob. All my heroes are passing away. Mainly Alan is left holding the torch.

We lost a giant.

For all the bs in the valley about changing the world, here's a man that truly did it.

And to the ACM - you should be ashamed of yourself. How do you give Tim Berners-Lee an award and not the team st Xerox Parc. For the web? Are you kidding me? It's going to take another 25 years to correct what he's done. I guess teams don't play in as well as allure of the single creator individual.

To Alan and those that are left from the group at Xerox Parc - thank you. For the team at HARC - let this be a reminder that time is short and there's ton to do.

An incredible amount of positive energy was rereleased in a new form back into the universe. May your legacy shape others.

drudru11 17 hours ago 0 replies      
There is an interesting interview of him transcribed by the Computer History museum. It changed my perceptions of who the players were in the original internet and TCP/IP designs... greatly.

I highly recommend the read. He deserves a tremendous amount of credit for the results of his participation in all the technologies we use today.

iokevins 1 day ago 0 replies      
A wide-ranging summary at The Computer History Museum's 05/13/2010 video, "Robert Taylor: Network Visionary":https://www.youtube.com/watch?v=Y0MsrrTo8jY

I echo luckydude's comment--sad to see him go. R.I.P.

ryanjl 1 day ago 0 replies      
I saw him interviewed in a documentary on Fandor called, 'The Net.' The interview took place in his home about 15 years ago. There were a number of topics, but I particularly remember how he spoke of how fear is borne out of ignorance. Well worth checking it.
bradneuberg 22 hours ago 1 reply      
I really wish we still had ARPA rather than DARPA. I'm blown away by the ambition of the projects DARPA does but it's hard for me to rationalize directly working on things that might end up in killing systems. Is there anything akin to ARPA today? Why did ARPA end up becoming DARPA (with the D meaning defense?).

Alan Kay seems to be here commenting; any insights from you Alan on the conversion of ARPA to DARPA and good non-defense alternatives to what DARPA does now?

bebop 21 hours ago 1 reply      
Does he have any writings of his own? I went looking but Robert Taylor is a hard name to get good results for.
Lotus123 1 day ago 0 replies      
Was listening to Walter Issacson's book The Innovators today afternoon about the birth of xerox Parc. AWhat a coincidence. RIP
nickpsecurity 1 day ago 0 replies      
Damn, people were just praising his work on the other thread:


Then I see the black line and same name. Sad. Least he got to execute his vision, innovate, help change the world, and live a long life before he died. Best any of us can hope for.

dmazin 19 hours ago 0 replies      
damn. I was just reading about him this morning (in Where the Wizards Stay Up Late).
modarts 1 day ago 0 replies      
luckydude 1 day ago 1 reply      
This may downvoted (it's sort of off topic), and that's OK, but as I get older the speed at which people I know or admire go and die just gets faster and faster. Sort of sucks.

That said, if I could say one thing to young people about people dieing, it's this: find the people who matter to you and get a video camera and go get them to talk. Apply some wine if that helps, whatever. Get them loose and get them to talk. Ask them how they got to be where they are, ask them what they would like to pass on, let them talk. Old people are just you only ahead of you.

What I would give to have had the balls to go do that with Dennis Ritchie. I didn't know him that well, we talked about Unix stuff quite a few times but I doubt he would remember me. But I'm sure, 100% sure, that he would have let me go get him to talk on camera.

whitehat2k9 1 day ago 3 replies      
Is this why there's a black bar at the top of HN now?
chris_wot 1 day ago 2 replies      
Until they are rate limited, which is almost immediately.
killin_dan 1 day ago 1 reply      
haimez 1 day ago 1 reply      
Every week, some poor soul will sacrifice the entirety of their karma to the horde of unwashed masses. Perhaps these masses will know JavaScript particularly well. Maybe Java. It doesn't matter, we will have no peace.
ngcc_hk 1 day ago 0 replies      
Somebody must behind all these. Whilst without jobs none would happen (his personal computer and windows interface well known, but next was involved in www as well).

But somehow other than unix, there are many missing links. This is one Key one.

Thanks Robert. Unless if matrix come, thanks.

PhantomJS: Stepping down as maintainer groups.google.com
849 points by wfunction  3 days ago   224 comments top 43
franciscop 3 days ago 2 replies      
IMO it'd be a really smart move for Google to hire Vitaly to help with the launching of this feature and things around it. He has done a great job with PhantomJS.

Even an acquisition[1] of PhantomJS would totally make sense, then let him keep working on it but based on headless Chrome and with real resources.

[1] Careful how you spin it for this route, learn from TJ/Express https://medium.com/@tjholowaychuk/strongloop-express-40b8bcb...

d--b 3 days ago 2 replies      
Wow, I'm very impressed. At this stage it is a very wise decision to step down and to focus onto something else, rather than to hold on to a project that will eventually disappear. It takes a lot of courage to move on from a project that had to be maintained for several years and that had such a reach.

We can only be thankful for all the good work that went into PhantomJS, and wish the maintainers the best of luck in their next endeavors.


avaer 3 days ago 7 replies      
Open source software has to be one of the least efficient markets out there.

If you sum up the very real value PhantomJS has delivered to very real companies over the last several years, napkin math tells me we wouldn't have the project being abandoned for being a "bloody hell" to work on.

hpaavola 3 days ago 2 replies      
Also Firefox will get headless mode in few releases https://bugzilla.mozilla.org/show_bug.cgi?id=1338004
askmike 3 days ago 1 reply      
Though a collaboration between the two projects might not be out of the question: https://groups.google.com/d/msg/phantomjs-dev/S-mEBwuSgKQ/PQ...
z3t4 3 days ago 1 reply      
> I even bought the Mac for that!

I did too, then found out you also needed a dev license for users being able to run your app. Supporting Mac/OSX is damn expensive if your app is free.

Globz 3 days ago 1 reply      
PhantomJS enabled us at the time to bootstrap a big project at work where at the end workflow the app had to turn HTML orders to PDF on the fly, eventually we moved to WKHTMLTOPDF (https://wkhtmltopdf.org/) which is much less hungry with resources but nonetheless PhantomJS played a huge role during the early days of the project and was easy to setup. If I remember correctly the only down side was to find the correct format for our HTML template so PhantomJS would render proper page break and repeat the header for super long orders.

I can understand why stepping down is the right decision, maintaining such project by himself is an amazing feat on its own and even more when it proves to be useful for so many companies. Sadly when it becomes your second job you might always be on the lookout for a clean exit and such opportunity just became a reality.

Good luck in your future projects Vitaly!

Doctor_Fegg 3 days ago 5 replies      
> Chrome is faster and more stable than PhantomJS. And it doesn't eat memory like crazy.

Wait, can someone tell me where to download this doesn't-eat-memory-like-crazy version of Chrome? Activity Monitor is showing me 2GB of Chrome processes right now and that's even with The Great Suspender having paused almost all my tabs.

tempodox 3 days ago 1 reply      
Wow, that was a quick reaction.

Thanks to the maintainers for all the good work!

To me, it's always a sad occasion to see diversity diminished. Nothing against Chromium, but I hope it won't be the one browser to rule them all. It's always good to have alternatives.

mrfusion 3 days ago 2 replies      
Naive question here. What makes headless mode so difficult?
tal_berzniz 3 days ago 1 reply      
Thank you for PhantomJS! Been using it for testing, generating PDFs and screenshot.
JepZ 3 days ago 0 replies      
I am happy for the guy as he seems to be able to let go without letting anybody down (which seems to be important to him). At the same time, it is sad when people have such a pressure for something they probably started as a fun project.
bigato 3 days ago 2 replies      
Question for those of you more involved with such headless tasks. Do you think that chromium and firefox supporting headless will induce a surge in bots crawling the open web from now on?
kyriakos 3 days ago 0 replies      
With chrome headless we still need an api like phantomjs or slimerjs to have the same functionality.
malinens 3 days ago 1 reply      
My colleague from automatic testing says that phantomjs actually is much more stable than chrome...
tomphoolery 2 days ago 0 replies      
Good riddance! PhantomJS is a non-stop firehose of random errors and productivity breakdowns. It's also a way better JS driver than anything else out there. I'm glad Google is following in their footsteps and integrating Phantom's features directly into Chrome, where it will be supported by a large team and (hopefully) headless use of the Blink engine will be standardized so your test integrity doesn't depend on a patch version upgrade of your underlying JS implementation.

So, cheers to you Vitaly and anyone else who's helped make Phantom & Poltergeist into my favorite Capybara web driver!

lambduh 3 days ago 0 replies      
It's both sad to see an incredibly useful project be sunsetted and exciting that it's no longer needed. I remember a project that used phantomjs to scrape an old government camping site to build a compatibility layer on top.

Thank you, if you're reading.

est 3 days ago 1 reply      
This is sad, phantomjs is better stripped than Chromium headless, if you ever try to install Chromium on servers without X, it requires shit ton of dependencies, while phantomjs was properly modified requires only minimal library.
Hernanpm 3 days ago 5 replies      
Besides testing, my team uses phantomjs to convert pages to PDF and also to convert javascript generated charts to images. This is sad news, I'm don't think chrome eventually will add support for.
redsummer 3 days ago 22 replies      
I'm curious - What is the utility of headless browsers?

Are there people who earn money by getting it to automatically fill out forms, enter competitions etc?

tannhaeuser 3 days ago 0 replies      
Many thanks to the maintainer for his work. I think this isn't unexpected, and actually encourage other unpaid maintainers to follow. Reason I'm thinking this is that the current state of voluntary support is unsustainable anyway, and by letting it go we maybe could make the market for dev tools economically viable again.
sitepodmatt 2 days ago 0 replies      
You deserve a nobel peace prize.

I recall fondly informally introducing colleagues to chrome dev tools, injecting jquery via a booklet, and querying the dom like xml xpath. Then taking this headless (server-side) with almost minimal wrapping due to your work.

Hail you and damn regexp.. :)

rogerwang 2 days ago 0 replies      
NW.js v0.23 will support headless with Chromium 59. I've been collecting feature requests and sharing the plan. Please see https://github.com/nwjs/nw.js/issues/769#issuecomment-259867... and https://github.com/nwjs/nw.js/issues/769#issuecomment-294064...
ohitsdom 3 days ago 1 reply      
PhantomJS is a great tool, I implemented it as a PDF report generating system. But will Chromium be able to replace it in this regard? Will Chromium have paging features? Will it be able to repeat table headers when a table body content extends to the next page?
nashashmi 3 days ago 2 replies      
Anybody know how to port code from using PhantomJS to headless Chrome? I have been using CasperJS that wraps to PhantomJS. PhantomJS had its own set of commands. headless chrome will have to be different one way or another.
elchief 2 days ago 3 replies      
I found PhantomJS pretty unusable for my use-case. It always spits logs to stdout and there's no way to change that. Filed a bug and he said "fix it yourself"...sorry I don't know Qt.
logn 2 days ago 0 replies      
I maintain a web driver too (Selenium-based) and have been wondering about how it would compare to Selenium ChromeDriver headless. Mine is built in Java and uses Java's embedded WebKit. If anyone has feedback this is where I'm discussing it, https://github.com/MachinePublishers/jBrowserDriver/issues/2...
novaleaf 1 day ago 0 replies      
I run phantomjscloud.com, I guess this is the writing on the wall and I better start building another [chrome] back end soon. Probably a name change is in order too!
kyledrake 2 days ago 0 replies      
PhantomJS was the first thing we used for Neocities screenshots and I've always had a special affection for this project for that reason. Neocities really wouldn't have been possible without the ability to do screenshots.
aaossa 3 days ago 0 replies      
I think is a wise decision too. As an OSS collaborator is hard to explain how important/demanding this work is. I really understand his feeling, and I hope that more people like him could collaborate in OSS projects. Thanks for everything!
eric_b 3 days ago 1 reply      
This is a great move. I appreciate what Phantom (and the maintainer) were trying to do, but I have always loathed PhantomJS. It has never worked well. In fact, I'd been away from it for some time, but just last night needed to install it to run some tests and it caused massive frustration.

I pulled a Node repo that ran tests using Karma (why people use Karma is a complete mystery to me). I pulled the repo, ran `npm install` and then `npm test`. Sure enough Karma explodes out of the gate.

Phantom can't start. I'm on Windows 8.1. I debug for an hour, eventually finding a magic custom binary Ariya created. I then have to copy this binary to the `/node_modules/karma-phantom-launcher/node_modules/phantomjs2-ext/bin` directory.

All this to run some Jasmine specs.

If Chrome headless support is really as good as "works just like Chrome without the GUI" then I will be one happy camper.

nrook 2 days ago 0 replies      
Is there any way to donate to the PhantomJS project? This seems like a good time to throw some money their way, in thanks for what the maintainers (mostly Vitaly over the past few months, at least, it looks like) have done.
bluepeter 3 days ago 0 replies      
Where's Ariya in all this? He seems to have also completely abandoned Phantom...?
stretchwithme 2 days ago 0 replies      
I appreciate all the hard work.

In my last job, I used PhantomJS with highcharts to provide a web service for generating charts. And used it with the poltergeist gem for headless testing.

runnr_az 3 days ago 0 replies      
Hey dude... thanks from a grateful dev in Scottsdale, AZ. Your hard work enabled a lot of really cool stuff for us! Good luck in your future adventures!
sillero 3 days ago 0 replies      
Thank you for your work Vitaly, it's truly inspiring, you've made a difference for the community. Good luck on your next project.
amiga-workbench 3 days ago 0 replies      
Thanks for the work, PhantomJS made generating screenshots to show different UI states in bulk effortless.

It has saved me days of effort over the last year.

gildas 3 days ago 0 replies      
Thanks Vitaly for your work! SEO4Ajax would certainly not exist without PhantomJS. It helped us to deliver the service efficiently at the time.

Unfortunately, we had quite a few compatibility issues with it leading us to migrate to Chrome (with xvfb) one year ago. Since then, we must confess that we are very happy of this choice. Chrome is indeed very stable, fast and more importantly for us, always up-to-date.

m4k 3 days ago 0 replies      
Have been using PhantomJS since couple of years for data scrapping. It's a really good project.
frik 3 days ago 1 reply      
That's quite sad.
shaggyfrog 2 days ago 4 replies      
seleniumuser 3 days ago 2 replies      
How does this news fit in with Selenium?
chatmasta 3 days ago 1 reply      
That sucks for any scraping use case. I have to imagine google has built in some way to detect headless browser mode serverside, even if only they can access it.
Chrome 59 has cross-platform headless support chromestatus.com
823 points by vvoyer  3 days ago   151 comments top 38
bluepnume 3 days ago 7 replies      
This is fantastic. I'm using a combination of Chrome and PhantomJS for karma testing right now, for https://github.com/paypal/paypal-checkout and https://github.com/krakenjs/xcomponent. There are hundreds of tests opening up hundreds of iframes and popup windows, and sending a lot of cross-window messages, and that ends up being really memory hungry.

Chrome deals pretty well with garbage collection, so long as I'm careful to de-reference closed windows properly, and only uses a maximum of 150mbs. PhantomJS eats up almost 6GB of memory before it's done, which makes it almost unusable on machines with less memory or CI boxes. Travis is a no-go.

I'm hoping running Chrome in headless mode should give a nice speedup for our tests.


Turns out even a closed popup window or iframe keeps a huge amount of memory hanging around. Who knew.

nreece 3 days ago 4 replies      
I've been testing Chrome headless extensively for the past few months, and while it's a good step, but it's not stable for high-volume or even diverse set of webpages.

Memory usage is pretty high, lot of heavy webpages result in crashes/hangs, there are many inconsistencies between features available in full version and headless, their debugging protocol has different APIs that work on headless/non-headless in Linux or Windows, and so on.

Of the bugs I've submitted, some have been fixed in the upcoming M59, so other critical ones may take longer due to their backlog. I suppose for now (maybe until M61-62), Chrome full with xvfb or even PhantomJS are better options. When you realize that Chrome is about the same size (by LoC) as the Linux kernel [1], you can't help but wish for a leaner & faster headless browser.

There seems to be some work going on building Firefox pure headless as well. Great overall, as long as all the browsers try to follow the RemoteDebug initiative [2].

[1] https://josephg.com/blog/electron-is-flash-for-the-desktop/

[2] http://remotedebug.org

callumprentice 3 days ago 1 reply      

I've been working on a fully open source Windows/macOS library (via Chromium Embedded Framework) that allows you to render pages to memory (and then of course to bitmaps, textures etc.) as well as inject synthesized mouse/keyboard/JavaScript events. It currently uses (what amounts to) Chrome 57.

Looks like this might make my project obsolete.

MichaelApproved 3 days ago 2 replies      
A lot of phantom js talk here makes me want to recommend http://ghostinspector.com

It's a phantom js (and other headless browser) web service. Using the site, you can quickly create different tests, scheduled tests, chained tests, keep screen shots, create videos of multi step tests, and have historical information of it all.

Can't say enough good things about the site.

Edit: also there's a great chrome extension that will record your mouse clicks and keyboard commands to make creating a test that much simpler.

masterleep 3 days ago 6 replies      
Please let this be capable of generating PDFs from HTML from the command line.
vvoyer 3 days ago 2 replies      
Also checkout https://github.com/cyrus-and/chrome-remote-interface for an easy way to fully control those headless instances
skibz 3 days ago 0 replies      
The feature I was most interested in when they announced this last year was virtual time. The Developer Resources link has it listed (https://chromium.googlesource.com/chromium/src/+/lkgr/headle...) but it's a broken link, unfortunately.

Mostly, I'd like to know how the control of the virtual time system would be exposed. Would it be through the C++ API, or could it be made available through the debugging protocol?

ctphipps 3 days ago 5 replies      
Any way of scripting this to automate button clicks etc? I use PhantomJS for this now but found it to be incredibly unstable for complex pages.
fake-name 3 days ago 0 replies      
Shamelessly bumping my project to produce a nice python API for the Chromium/Chrome-remote-debugger-protocol: https://github.com/fake-name/ChromeController

I'm trying to replace PhantomJS in my infrastructure with chromium. Not having to build my own chromium will be a very nice thing.

swah 3 days ago 2 replies      
Related: I want to take screenshots of a few news websites for a little fake news project of mine, and most approaches return something completely different than what I'm seeing when I open Chrome.

Limited height would be better/ok (something like the first 3000 pixels).

Low volume / can be slow (30 seconds would be ok).

Those news websites many times have infinite scrolling.

I've tried:

- phantomJS (rendering sucked, tried every technique I could find to wait for JS to load)

- wkhtmltopdf (almost ok, generates a huge 30M image with all the height, no antialiasing it seems)

- https://github.com/gen2brain/url2img (this was the best so far, uses Qt bindings but not the latest version)

- actually run a headless browser in DigitalOcean with xvfb-run and take a screenshot: I failed at this

What I didn't tried was Selenium, because it seemed even harder.

How would you guys do it?

vmasto 3 days ago 0 replies      
I've been trying to test audio and video with headless browsers (namely PhantomJS) but have experienced extreme difficulty, I wonder if headless Chrome is able to support/supports already HTMLAudioElement or HTMLVideoElement or any media interface that would make, for example, testing YouTube or SoundCloud embeds easier.
yarp 3 days ago 2 replies      
Any chance for webgl here? Would be nice for automatic screenshots and webgl tests.
Bahamut 3 days ago 0 replies      
Oh my goodness I have been waiting for this day for a while - we ran into PhantomJS problems with keyboard/mouse eventing and the HTMLVideoElement for testing, this sounds like it should be the cure for our woes of having to hack around PhantomJS's deficiencies.
iAm25626 3 days ago 1 reply      
Nice!! Would creating WebRTC data channel be possible?

server side SCTP to client(p2p over SCTP/data channel) would be cool.

arrowgunz 3 days ago 2 replies      
What does this mean for Electron and other apps that depend on Electron?
vvoyer 3 days ago 0 replies      
Almost one year old but there was a talk on headless chrome at the Blink conference (BlinkOn 6):

Video: https://youtu.be/GivjumRiZ8c

Slides: https://docs.google.com/presentation/d/1gqK9F4lGAY3TZudAtdcx...

More links:Headless Chrome architecture: https://docs.google.com/document/d/11zIkKkLBocofGgoTeeyibB2T...

Mailing list: https://groups.google.com/a/chromium.org/forum/#!forum/headl...

All of those links are on https://chromium.googlesource.com/chromium/src.git/+/master/...

est 3 days ago 0 replies      
Is it possible to install Chromium on a server without X environment? Last time I checked it requires a shit ton of dependencies.
mstade 3 days ago 0 replies      
Fantastic news, not a minute too soon! Can't wait to get rid of PhantomJS. Now if only this was a standard feature of all browsers...
livoras 3 days ago 0 replies      
PhantomJS has plenty unsolved issues(up to 1.7k+), a replacement instead of combination might be a better choice.
ericb 3 days ago 2 replies      
Would this run as a chrome driver for Selenium? What is needed to make this work with Selenium?
tianlins 2 days ago 0 replies      
How fast is headless vs. normal? According to


the chrome browser spends a decent amount of time on other steps such as parsing HTML. I wonder how much time could be saved by not rendering pages into pixels.

du_bing 2 days ago 0 replies      
It seems that Chromium 59 still can not be installed on Raspberry Pi, or anyone has done it?

It will be great to use this headless Chromium on Raspberry Pi to execute some routine web browser jobs.

Does it support the extensions installed on Chromium? Curious.

retube 3 days ago 1 reply      
This page doesn't load for me (IE behind corp firewall). How does one drive/automate a headless browser? What kind of API is there?
brendandahl 2 days ago 0 replies      
For those interested, Firefox is also going to support a headless mode. The current nightly supports headless SlimerJS on Linux and more platforms will come soon.


hackcasual 2 days ago 0 replies      
laurencei 3 days ago 0 replies      
Can anyone confirm - would this work with a Flash/SWF application? i.e. could I use the headless mode to interact with the Flash Application to run some commands and retrieve the output?

I tried googling around but didnt find much to say either way...

stheakanath 1 day ago 0 replies      
Is this confirmed to work with Flash? I know selenium did not support Flash so it caused some dev issues.
smackfu 3 days ago 2 replies      
Have people found many issues that come up in Chrome but aren't found in PhantomJS? We used to use a headless browser but switched to PhantomJS and haven't had any real issues.

(We should probably run under the real IE but jut haven't been bothered.)

wslh 3 days ago 0 replies      
How fast is the debugging mode? I tried the first debugging protocol when Chrome added it and it was very difficult to use. I assume this time is different?
amingilani 3 days ago 0 replies      
Does this mean I no longer need to use phantomjs for my tests?
hbakhtiyor 3 days ago 0 replies      
i use when they announced headless mode on linux, and built generating thumbnails from captured screenshots of websites and uncovering the technologies used on websites

and the api is available for free, https://github.com/letsvalidate/api

armitron 3 days ago 2 replies      
Doesn't seem to work on OSX. Connecting to debug port from a different chrome brings up an empty page.

Running Version 59.0.3069.0 (Official Build) canary (64-bit)

_pdp_ 3 days ago 0 replies      
This is great if the headless mode supports the web extension API because it means that we can run our security tools almost as command line tools.
0xFFC 3 days ago 2 replies      
Can somebody explain to me what is this good for?

Thank you.

zigomir 2 days ago 0 replies      
Not sure if this can enable SSR (server side rendering) for any client side lib?
MR4D 3 days ago 0 replies      
Given the rough comments on the Electron story earlier, this should be welcome by all.
unixhero 3 days ago 1 reply      
What is the use case for headless Chrome?
softwarelimits 3 days ago 0 replies      
is this is chromium, too?
A Competitive Programmer's Handbook cses.fi
1028 points by aaggarwal  1 day ago   150 comments top 28
hal9000xp 1 day ago 3 replies      
There should be references to problems for each topic at online judges. Like this one:


Learning algorithms per se is only a small part of training. Much bigger part of training is learning how to recognize these algorithms in problems.

After reading about some algorithm, I always solve a couple of related problems.

P.S. Looks well-written. Bookmarked. I appreciate the effort of the author to create this book.

boltzmannbrain 1 day ago 9 replies      
Positive correlation between Competitive Programmers Handbook and software engineer interviews? Yes.Positive correlation between being a strong competitive programmer and a strong software engineer? Doubtful.
elnygren 1 day ago 0 replies      
This book is being used for an optional undergrad algorithms course at University of Helsinki. We have programming competition style assignments: pass/fail tests on a server with time and memory limits. Really fun challenges (and hard!!). Nice to see the author getting some recognition at HN :)

You can find the course material and assignments from https://cses.fi/alon/ - however, it's all in Finnish.

ScottBurson 20 hours ago 0 replies      
I have to tell a story I heard once about Brian Reid [0]. He was in one of these competitions -- this would have been sometime in the 1970s -- and they were given a deck of data cards and told to sort them. Most of the contestants started to write a sorting program in Fortran; Reid looked at the size of the deck and decided he could sort it by hand. He did, and won.

[0] https://en.wikipedia.org/wiki/Brian_Reid_(computer_scientist...

atemerev 1 day ago 1 reply      
OK, who has published cheat codes for most programming interviews?

Seriously, if you can program at all, and want to be a better programmer (like, really well paid one), this is the greatest single thing I ever saw for this purpose. Just run through all examples and understand how they work, and you are already in top 1%.

Then, you can move to SICP and Project Euler in your spare time.

alexee 1 day ago 1 reply      
There is also https://e-maxx-eng.appspot.com/(translated from russian, original: https://e-maxx.ru/algo/)
user5994461 1 day ago 9 replies      
Competitive programming = coding challenges, like Google Code Jam and HackerRank.

Nothing to do with getting a better job or a better salary.

TheAlchemist 1 day ago 0 replies      
For those interested -> TopCoder annual competition just started (Marathon track which is usually 2 weeks length optimization problems):https://community.topcoder.com/longcontest/?module=ViewProbl...
aaggarwal 1 day ago 0 replies      
The author originally released the book here (http://codeforces.com/blog/entry/50728).
signa11 1 day ago 0 replies      
in a similar vein there is : https://cpbook.net/ which is also pretty cool. will take look at this also. thank you :)
grepthisab 20 hours ago 1 reply      
I really like this. I don't like how you handle array indices though. The book is written in C++, yet you initialize all arrays where the first element is at index 1, which makes things really confusing, or at least annoying to think about when converting from your text to an IDE.
uptownfunk 1 day ago 0 replies      
Excellent writing, clear and easy to understand. Would appreciate the links to example problems as others have mentioned (and solutions too if available). Seems like an interesting book to keep me sharp for if/when I ever go on the job market. Well done.
z3t4 1 day ago 0 replies      
i love solving problems. but hate solving programming riddles with artificial rules. it feels much more like work then actually real work does.
wwarner 19 hours ago 0 replies      
everyone should read this. btw, the problems at http://train.usaco.org/usacogate are really fun.
SnowingXIV 1 day ago 0 replies      
Really into how this is written. I don't understand much (any) c/c++ but I'm familiar with ruby and JavaScript so basic programming functions I'm aware of. This book still is making sense and hitting on issues that I've always been interested in calculating O(n) and others.
balazsdavid987 1 day ago 0 replies      
This is a well-written book, very nice work!
xsegfault 1 day ago 0 replies      
Good review for algorithms and data structures. Hopefully we can get a printed copy later.
arvinsim 1 day ago 1 reply      
Another good resource for clearing technical whiteboarding tests.
mattdodge 1 day ago 1 reply      
Great timing considering Google Code Jam Round 1 starts tonight too
jiangplus 1 day ago 0 replies      
At first glance, I saw String Theory and was about to laugh, but then I found it was String Algorithm and Game Theory :D
bmay 1 day ago 0 replies      
Thoughts on this vs. Steven Halim's handbook?
mrcactu5 1 day ago 0 replies      
i like this book because it has certain time and resource constraints in mind. that maybe a typical professional programmer does not have. but maybe someone from another subject can learn.
fosco 1 day ago 1 reply      
this is great!

that being said, I really like text files.

Does anyone know if there is a way to migrate the pdf to a text file [omitting figures/pictures] ?

BatFastard 1 day ago 0 replies      
Thanks for sharing, will look it over and send you some feedback.
hkon 1 day ago 0 replies      
Great. Thanks!
camperman 1 day ago 0 replies      
Not only is this an excellent introduction to competitive programming, it's also a very nice overview of some of the nuts and bolts of C++. I recently have had to deal with a large C++ codebase and this is a really good little refresher.
dimitar9 1 day ago 1 reply      
great stuff.read this,understand this and you'll get google offer for 350k per year.
Zarov 1 day ago 0 replies      
Thanks for this, it may be exactly what I was looking for :)
Introducing Increment stripe.com
565 points by sinak  2 days ago   105 comments top 30
jacquesm 2 days ago 5 replies      
Feedback in case anybody from stripe is tuned in: I'd love to read these stories but not 6 around the same theme all at once. Like that it will take years (at your rate of publication, 4 times per year) to cover even the basics of running a complete operation. Please consider mixing different aspects for a single issue, both in the name of variety and to cover some ground in a reasonable time.

Other than that: thanks for publishing this, I've often wondered why there isn't a central repository (like a wiki or something like that) with the various recipes you can use to tackle a given problem and what works and what doesn't in practice.

timdorr 2 days ago 1 reply      
> Susan Fowler joined Stripe to found and edit Increment and the first issue launches today.

BTW, this is the same Susan Fowler of ex-Uber fame: https://www.susanjfowler.com/blog/2017/2/19/reflecting-on-on... Congrats on the new position, Susan!

I'd be interested in hearing what it's like moving from a code-focused job to a content-focused job. Seems like a very unique shift!

drinchev 2 days ago 6 replies      
Side-topic alert.

Stripe is my top design company these days. Just looking at their landing pages [1], [2], I'm deeply impressed by their effort on making the web beautiful.

Huge inspiration for me. Kudos to their front-end / design teams.

1: https://stripe.com/atlas2: https://stripe.com/connect

sytse 2 days ago 3 replies      
Thanks Stripe for advancing the industry by generating this content. I'm impressed with how broad they interpret their mission of increasing the GDP of the internet. Their Atlas program is the best example.

BTW on https://stripe.com/about I only found "Help us build the universal payments infrastructure of the internet." but it is listed on https://stripe.com/press

Disclosure: I'm interviewed in one of the pieces https://increment.com/on-call/the-benefits-of-transparency/

nrook 2 days ago 2 replies      
I was surprised to see no discussion of an oncall bonus or compensation in the first issue of Increment. This is a practice which is uncommon but not rare in the industry; Google, for instance, offers generous compensation to developers with a serious oncall shift.

It would be interesting to see a discussion of this topic, but I suppose this is expected if a publication is published by a company rather than by laborers directly.

siliconc0w 2 days ago 1 reply      
Great work - love reading this stuff.

As a sort of mini-rant - with so much 'incident transparency' with Slack, Email, Dashboards, Hangouts, etc high-sev issues can devolve into all hands events if you haven't nailed the culture as well. These can be intensely political - where you got random managers/execs who haven't touched code in years in the Slack channel trying to look engaged and competent offering suggestions like, "Have we tried rolling back the release?" and the smart engineers who could actually fix the problem are afraid to do anything because everything they do is broadcasted to the entire company. It's relatively easy to adopt the tools and processes of successful tech companies but it's hard to get the culture.

criddell 2 days ago 2 replies      
I thought this might be the micropayment service that I've been waiting for. Turns out, it's a newsletter.
necubi 2 days ago 3 replies      
Any chance of getting this in kindle/e-reader compatible format? The website is beautiful, but reading long-form content is so much nicer on e-ink.
_hamilton 2 days ago 0 replies      
I need a physical copy of this 'magazine' so I can read it on the pooper. :) Thanks Stripe.
Zaheer 2 days ago 0 replies      
Impressed by Stripe's marketing strategy. With the acquisition of IndieHackers.com and now this, they're taking content marketing to the next level.
aero142 2 days ago 0 replies      
One of the things that stuck me when reading Susan Fowler's Uber article, was just how well written it was. It gives me a lot of hope for this magazine.
iamleppert 2 days ago 0 replies      
Not sure what to make of this, given the redundant, monochromatic content about being on-call. It doesn't appeal to me. A magazine format is not appropriate for such a narrow focus. You're not going to gain the continuing readership without a sufficiently broad appeal.

Also, the introduction of putting down the rest of the industry while simultaneously extolling your own ideas is very off-putting, especially if we haven't heard them yet. The strength of the Stripe brand matters not; I do not know who you are.

That said, Stripe is a great company and I'd love to hear more about how they are doing things. But please, if you want me to pay attention to you, sans the hubris self-congratulatory tone.

VikingCoder 2 days ago 0 replies      
There are multiple ways to successfully organize teams of software developers.

What matters most is that the choices are consistent and coherent.

It's nice to read about practices that work in one environment, but you have to keep in mind how they integrate in to the big picture of all of the choices.

For instance, some teams branch everywhere, for everything. Which is fine, and some people do it to great success.

Some teams develop at head, for everything. Which is fine, and some people do it to great success.

But the tools you need to build around those two approaches are totally different. Reading about the tools and techniques, without understanding how they all fit together, and trying to adopt them because they work for other people, could be a recipe for disaster.

xbeta 2 days ago 0 replies      
Interesting, Will Larson [1] was also a manager at Uber, probably worked with Susan in the past.

[1] : https://www.linkedin.com/in/will-larson-a44b543/

reledi 2 days ago 1 reply      
Any plans to have a physical copy with subscription?
danellis 1 day ago 0 replies      
Why package articles up into a quarterly "magazine"? That doesn't make much sense on the Web. Why not publish the articles in a blog?
sebringj 2 days ago 0 replies      
Netflix never pre-announced their series of extremely useful videos because they were just useful and people watched them in droves often being top results on Hacker News. Youtube + articles are nice for that sort of thing and I don't see a reason to deviate from that if the content is actually worth viewing.
noir_lord 2 days ago 3 replies      
I like that the "Ask an Expert" about on-call emergencies section has an answer from Phil Calado (Director of Product Engineering at DigitalOcean)

Made me chuckle.

[1] https://www.digitalocean.com/company/blog/update-on-the-apri.... (for anyone who missed them nuking the production db).

dhruvp 2 days ago 0 replies      
I love how Stripe does so many things that provide value to the developer community from their awesome blog posts to their open source retreats and now finally to this magazine. They're a model to me of how to earn the good will of your users through providing authentic value.
mempko 2 days ago 2 replies      
Some of the best content of this type I've seen is from the ACM. If you are not a member I really encourage you to join.
19eightyfour 2 days ago 0 replies      
I love how Stripe is transitioning into a services company for internet companies, particularly startups.
arkaniad 2 days ago 1 reply      
This seems like a cool idea. I do wish there was an RSS feed available for me to add to my feed reader, though.
blizkreeg 2 days ago 2 replies      
Unrelated q: is increment.com an off-the-shelf magazine theme or custom development?
randomerr 2 days ago 0 replies      
It seems like a different view on Agile.
elastic_church 2 days ago 1 reply      
Nice, I'd been wishing for a "devops" book full of case studies - what situations teams were in and how they handled it. Occasionally you get an engineering blog post, but most of those are just boasting unilaterally about a solution, and not any critical discussion of the problem or the myriad of bandaids most of us have to deal with.

This might be a step in the right direction.

LoSboccacc 2 days ago 0 replies      
rip high scalability blog
dominotw 2 days ago 1 reply      
what an unfortunate name. sounds like excrement.
mattste 2 days ago 1 reply      
This is awesome. Is there an email form where I can sign-up to get an alert when a new issue is released?
snackai 2 days ago 1 reply      
Would really prefer Stripe to release more payment options like Bitcoin or Paypal, or adding more countries and their more local payment options.
edoceo 2 days ago 0 replies      
Will Stripe discuss their choice to selectively enforce their own TOS? I'm sure many start-up business would like to know how to pick and choose when they enforce their own TOS
United removes first-class passenger to make room for 'higher-priority' traveler latimes.com
534 points by 4ad  3 days ago   448 comments top 46
tici_88 3 days ago 18 replies      
Travelling in the US or with US airlines is not looking very good right now. Not just the United incident(s) but also TSA, Trump travel restrictions, flights constantly overbooked, massively late etc.

I wonder if it will start impacting traveller and tourism numbers at some point. I think anyone who doesn't really need to be in the US and/or is planning travelling with kids is likely to have some second thoughts at this point.

Recently Canada's girl guides cancelled all trips to the US: http://www.telegraph.co.uk/news/2017/03/14/canadian-girl-gui....

I wonder if this is a first step of a large trend yet to develop.

jhulla 3 days ago 1 reply      
Comment might be buried... But, the problem is the baroque overlaid combinations of [seat class, fare class, FF status, standby, cash vs FF purchase, time of arrival at gate, etc.] intersecting with [connecting flts, equipment, weather, etc.] leads to a large range of predictable conditions with uncertain outcomes. E.g. only one seat remaining, who gets it: passenger needing to make intl connection on a FF ticket or cash paying high status passenger?

This is a global optimization problem that can be easily solved - but there are many cases where on the ground discretion is required [last minute aircraft change, weather delay]. Poorly paid, under trained and under motivated staff will always drop the ball in this situation.

The solution for United here is two fold 1) Increase training, comp, authority and motivation of gate agents to solve problems with minimal disruption. This used to be the case a bankruptcy ago. This setup is not likely to return due to a simple reason: cost. United in bankruptcy blew up the pension promises to some of their most experienced staff. They left.

2) The best outcome for United is to reduce the complexity of their product so that customer expectations of service align with the company's ability to deliver.

tl;dr: United's service is too complex for their gate agents to deliver. Service should be simplified.

ptero 3 days ago 3 replies      
At the moment I wish United gets beaten up well for forced passenger removal earlier this week. However, IMO this article just tries to pile onto the "United stinks" meme and is poorly written (more emotions than facts). Some things missing (for me):

1. When did this happen? The article makes it look like this just happened, but does not mention a date. I suspect the omission is on purpose (if so, boo!; if not, sorry, but please add event date).

2. The fact that the guy bumped off is rich is irrelevant (and going on and on about it dulls the message).

3. The fact that the seat the guy was downgraded was noisy (people arguing on both sides) is irrelevant.

IMO the main point is valid -- the person was first to the seat and in general whoever gets into the seat first keeps it in case of a seat collision or a duplicate ticket. He should not have been asked to free it to another passenger (who should have been downgraded instead and compensated somehow). But conflating this with unrelated issue to get on a "United stinks" meme is a cheap trick. My 2c.

Belphemur 3 days ago 2 replies      
What a lack of professionalism.

The customer even paid premium price to be in first class and instead of being notified at the gate, like any respectable airline would do, he's asked to give his seat to somebody "more important" than him when already seated.

It doesn't make any sense, if that "more important person" came later, he should be the one getting compensated by the airline especially when the problem occurred because United needed to change the plane for a smaller one.

You don't kick customer, you compensate them.

tech4all 3 days ago 3 replies      
I don't develop games... But if I did I would create a game called "United flight agent". You would be standing in the aisle facing the rear of the plane. Each round you would have a goal number of passengers to forcibly remove.

You would walk up and down the aisle and punch out selected passengers. Once you had suitably subdued a passenger you click a security badge and the "Airport Rental Security" guys come and drag the passenger off.

The game timer would be a chart of United's share price. The round is over when the price hits zero.

The price could rise and fall with certain events:. A passenger stumbling back on the plane for instance.

The game would end immediately if you punched a baby - even United agents don't punch babies!

Feel free to run with it!!

jeswin 3 days ago 3 replies      
I'm appalled by how this frontal assault on human dignity is shielded by law. What many of us learned this week is that it seems to be perfectly legal to bump off poorer or less privileged people specifically from a plane.

This is boat allocation on Titanic all over again.

paulgb 3 days ago 2 replies      
He and the doctor may have a solid legal case: http://lawnewz.com/high-profile/united-cites-wrong-rule-for-...

I hope for United's sake these are anomalies and not a pattern of behavior.

olodus 3 days ago 2 replies      
>Instead, the service rep offered to refund Fearns the difference between his first-class ticket and an economy ticket

So he paid the cost of first class but flied economy and when they get called out on it they think all they need to do is compensate for the difference? With the way he was treated?! How can you call yourself "Customer care specialist" and think that is a way to treat customers?

ijafri 3 days ago 0 replies      
In Pakistan Citizen didn't let a minster on board a flight, after it got delayed due to him. Citizen abused him and he had to leave the plane. I meant United is demonstrating something even worse than would happen in our 3rd world country, and all I get it now, the 1st World only got bit of money and tech and at the end of the day, they are just as big an assholes as we are.

First they beated a customer and now another one was moved to economy in order to make room for a certain high profile.. !!! So you truly see, this is the so-called first world, racism against minorities and immigrants despite 'they' invaded Red Indians land, and now they are demonstrating same 'social class' discrimination, that's common place in the 3rd World, minus the $+Tech, and there you have even worse of the 3rd World.

adekok 3 days ago 3 replies      
Can someone read this:


and explain where it allows them to refuse transport to a well-behaved passenger after boarding?

Rule 21 seems to apply, but nothing there looks like "United can refuse to transport you 'just cause'".

I've seen lots of people claim this behavior is legal, all without a shred of evidence to back them up.

boomka 3 days ago 0 replies      
By the way, in the case of Dr Dao it was also not overbooking that caused him to get bumped off, but airline's assignment of lower priority to him than someone else. Just like in the parent article.

There were other misreportings as well, not to mention that some news outlets ran character assassination stories and almost nobody emphasised that Dr Dao was a senior.

The best piece I've seen deconstructing this is http://www.nakedcapitalism.com/2017/04/united-passenger-remo...

marcosscriven 3 days ago 1 reply      
The crux of the article, for me, is this:

"What United and all companies need to do is to train and empower workers to deal with specific issues as they arise, she said. Dont just follow whatever is written in your policies."

Unfortunately that's so often the case - one may as well be conversing with a robot in many customer service situations. I can only imagine it's just as frustrating for the disempowered service reps.

bedhead 3 days ago 0 replies      
Jeff Bezos' annual letter, released yesterday, had a good line (one of many) that immediately made me think of this United situations and broadly the crazy rules we've created for air travel and the culture that surrounds it all:

"Its always worth asking, do we own the process or does the process own us? In a Day 2 company, you might find its the second."

11thEarlOfMar 3 days ago 2 replies      
Been flying for 25 years, 1.5 million miles total, most of that on United. US airlines have been through hell over the last 16 years. Bankruptcies, union battles, fierce competition, and not to mention, the real threat that someone could blow up or intentionally crash the plane they're flying, all contributed to a mentality that the employees have to stick together to survive.

The end result is that US airline employees see their loyalty to each other as more important than customer service.

This mentality enables the micro-selling, endless class stratification, rigid authority and the generally unpleasant demeanor of staff. They're really not friendly in the US, and strikingly different from, say, Asia-based carriers.

davidf18 3 days ago 0 replies      
Actually, the Obama administration allowed United to take over Continental when we already had so few competing airlines in this country as it is, so Obama should be blamed. We need more competition, not less.

With the consolidation of airlines, it is much harder than it was to say you don't want to fly with them anymore and they know it.

The case with the passenger being dragged off the plane was not regular United but some lower-cost airline that has a close business relationship with United.

The CEO should have set up an on-call executive that can quickly deal with situations like these two cases. It would not be very hard to do.

davidf18 3 days ago 0 replies      
I have a good story to tell about El-Al (Israeli) airlines and US Air.

I was on a connecting flight on US Air to Newark to take El-Al. The US Air flight left late and arrived late. Israeli security escorted me and 2 other passengers onto the El-Al plane to Tel Aviv but the luggage did not make it.

El-Al opens all bags that don't travel with the passenger in a bomb chamber which is located at JFK. So it took 3 or 4 days to get my luggage. El-Al gave me $75 even though it was not their fault. US Air paid suit, shoes, etc. that I had to purchase.

jsemrau 3 days ago 3 replies      
Time for regulating the oligopoly of the airline industry. Obviously the safety of passengers can not be ensured anymore.


yeukhon 2 days ago 0 replies      
So two days ago my 2-month old Dell UltraSharp monitor broke with flickering and some cosmetic damage. I reached out to Amazon rep because I bought from there. The repr and I spoke and did some testing. Eventually he said he would help me make an exception by sending me a replacement without any fees, a pre-paid return label, and do a two-day guarantee shipment, despite the return window has already passed (it was April 6th, last week).

I got my new monitor today, and I am happy.

The repr said because of my purchase history. I am a good customer to them, someone who have bought probably couple thousand dollars worth of goods from Amazon over the years.

AWS itself also offered to eliminate all of the charges on my account after a huge spike on billing (which is believed to be the results of network attacks) under no questions.

This is how you build a $300B company. You take constant short-term losses over long-term gains.

United Airline has a long fucking way to learn how to treat its customers. If customer B's flight had a mechanical failure, should do this:

UA: "Sorry, we have a mechanical problem, do you wish to take the next flight? We will offer you a voucher."

B: "No. I need to get there on time."

UA: "Do you wish to take an economy seat? Our first-class is full."

B: "No. I am a priority seating customer." (<--- does this shit even exist?)

UA: "I understand. We will ask if anyone on the current flight is willing to give up."


UA: "Okay no one. Increasing. We still have a few minutes left to auction a seat for an economy seat swap."

UA: "Sorry Sir / Madam. No one is willing and the flight is destined to leave now, so we can't hold up the 365 passengers onboard. We are sorry for your inconvenience, we will see if other airlines have seats available and we can help arrange a flight for you based on your continued support of United Airlines."

Now either B take it or leave it. Done. One airplane's delay is a delay for other 100 flights waiting to leave the airport on time.

Win 100 customers over 1 customer.

This is grade-school manner, fucking grade-school manner. Change your policy now if you are so serious about good customer service and fear of law suits.

Actually now I come to think of it, airlines should build an auction/seat auction app.

tlrobinson 3 days ago 0 replies      
Forcing passengers to relinquish seats they've already sat down in is clearly a terrible policy. Once you're in your seat you should be "locked in", except in exceptional circumstances. Pulling someone out of a seat has a much higher emotional (and PR) cost than denying someone boarding in the first place.
JustSomeNobody 3 days ago 2 replies      
If I paid full-fare and I'm already seated, who could possibly be more important than me?
mintplant 2 days ago 0 replies      
> Fearns requested a full refund for his flight from Kauai and asked for United to make a $25,000 donation to the charity of his choice. This is how rich guys do it.

It bugs me that so much of the emphasis in this article is on the idea that they dared to do this to someone wealthy.

4ad 3 days ago 1 reply      
Note: this is a different guy. After just a few days after the previous fuckup, they pull the exact same shit AGAIN. Unbelievable...
jccalhoun 3 days ago 0 replies      
Flying always makes me wish workers of the world really would unite...

That being said, the way this article is written makes me want to kick the author off of a plane while in flight.

"Fearns requested a full refund for his flight from Kauai and asked for United to make a $25,000 donation to the charity of his choice. This is how rich guys do it."

This is how rich guys do it? Really? ugh.

musesum 2 days ago 0 replies      
User surly UX. Was going to book an impromptu multi-legged trip between San Francisco, Iowa and Arizona.

American Airlines quoted a price, but the only available seats cost (around) $33 - $58 extra for each flight -- total was $200 extra. Bait and switch? So, I switched to Delta.

But Delta's antique web design wouldn't allow a change. So, I attempted to talk to a Human. Voice menu was a bit schizoid: transitioning from voice to a touch-only menu. Love the response: "your selection was invalid" Who designs these things? A Lost in Space fan? https://www.youtube.com/watch?v=OWwOJlOI1nU

Then I get to the part where it says: "You may choose to have us call you back ... or stay on hold ... wait time is over 3 hours". So, I cancelled.

technofiend 3 days ago 0 replies      
United has an interesting way of dealing with elite status these days... sure you still have silver, gold, platinum but then you have the real elite flyers.

You might be the first person in boarding group one, but you'll still be eclipsed by the 1K / Global Services / Polaris flyers who are the true elite both in status and in total dollar spend. They don't even bother to wait in line - they just show up when boarding starts and are shuffled to the front of the queue (along with a friend if they want), no questions asked.

Based on those layers it wouldn't particularly surprise me if one day as a mere Gold flyer I get bumped for higher tier elite. United has made it clear total dollar spend is how they judge the true status of flyers.

nkkollaw 3 days ago 1 reply      
This getting ridiculous.

The removal was awful, and they did deserve all the bad press. This article however is just trying to ride the wave to get some clicks.

There are millions of people who travel every day. Stuff like this must happen hundreds of times every day on pretty much every airline.

Zigurd 3 days ago 3 replies      
While this might or might not be technically legal, what shocks me is the response you'll see on online fora, that passengers should just shut up and comply, and that failure to do so is childish.

These posts are often at great length, and laden with appeals to authority. Some might be trolls. But others appear to be by people who genuinely value an environment where the lowliest airline employee, no matter how poor their judgement, no matter how absent their discretion, is more right than any customer. Munoz's email to employees, of which I've not seen a retraction, takes this line wholeheartedly. It's a trait that suffuses the industry. Who the hell ARE these people?

golergka 3 days ago 0 replies      
So, this is a guy who apparently wasn't VIP enough:

> Fearns, 59, is president of TriPacific Capital Advisors, an Irvine investment firm that handles more than half a billion dollars in real estate holdings on behalf of public pension funds.

gmarx 2 days ago 0 replies      
These things don't matter and the airlines know it. People will continue to fly. I guarantee that a year from now if United is the most convenient flight to a place that guy needs to go, he will fly United.

We simply aren't in the "free market competition" will fix it zone with air travel. I hate air travel and do everything I can to avoid it for work. Most people think I'm crazy. Why wouldn't you jump at the chance to fly to an obscure town in India on the company dime!?!?!?

So do not expect this to affect anything unless the government gets involved

imjk 3 days ago 0 replies      
This happened to me once with Delta Airlines a few years back. I was ticketed for an upgrade to first class (via Medallion status), but when I went to board I was told that the stewardess had given the seat to another customer and I was moved to a middle seat in the back. As someone who tends to be non-confrontational and the fact that it was a short flight, I just went with it. I did complain when I got back via their feedback form and they compensated me with 7500 miles, which I now realize was woefully inadequate, but I didn't have much recourse.
h1d 3 days ago 1 reply      
This is just golden...

"placing him in the middle seat between a married couple who were in the midst of a nasty fight and refused to be seated next to each other."

Crews don't even try to move them to be seated next to each others.

hocpoc 3 days ago 0 replies      
I had to re-check (twice) if the news in the satire column. I literally cannot believe you would kick someone paying your company $1000
ryan606 3 days ago 0 replies      
United CEO Oscar Munoz was formerly a top executive at railroad CSX. It is any wonder that he treats his passengers as FREIGHT, not as PEOPLE?

My wife and I try to fly Southwest whenever possible. They are the only airline (perhaps the only transportation organization) whose employees actually care about their customers' travel experiences.

hilbert42 3 days ago 0 replies      
If that happened to me, I'd be incandescent with rageand I'd sue at the first opportunity. I can only hope Fearns makes the airline pay many, many times over.

It seems the only thing these carpetbaggers understand are lawsuits where they lose.

Its CEO deserves the bootit happened on his watch!

phkahler 2 days ago 0 replies      
Somehow I feel like this all comes back to banking and the finance industry. The issues in these cases all come down to money. They overbook flights to maximize resource (plane) allocation. This one was a case of having to swap in a smaller plane. It all comes down to how expensive airplanes are and the fierce competition among carriers that leads to a system with little redundancy. But think about that - how can there be such intense competition in an industry dealing with such high-priced equipment? Granted, a solution to this pinch is probably going to mean higher average fares. But I'm starting to look toward a much bigger picture to see how this comes about. Any thoughts on this?
metaphorm 2 days ago 0 replies      
The air travel industry is a leading indicator of creeping authoritarianism in our society. I'm very glad that this story is getting the kind of media coverage that it is. This needs to be examined and resisted.
whack 3 days ago 1 reply      
I've traveled on flights frequently for over a decade, and I've never had an airline refuse to seat me for a flight I had a ticket for. I don't use frequent-flyer, and just buy the cheapest tickets available on Expedia. The only saving grace I can think of is that I always get to the airport way before anyone else does. Have I just been getting lucky all this time? Short of being a frequent flyer or buying expensive tickets, is there any way I can make sure I don't get bumped off a plane I have tickets for?
MayeulC 3 days ago 0 replies      
People usually like to interact with other people for that "human touch", and even quote it as a reason why they won't lose their job to automation.

I think I would rather interact with a robot than with a crew that has procedures so rigid (and dumb) that they are not allowed to have empathy.

I think that's sadly representative of the corporate mindset brought to the extreme. The consumer is not king anymore, it's a product.When did this start? I wonder.

EtherOr 3 days ago 2 replies      
I wonder if this is a staged attempt (on the part of United, if not also the passenger) to prove that the prior instance was not about race or class (e.g. economy vs. first). "See, we do it to everyone!" Could this latest behavior be used as defensive evidence in a court case alleging discrimination?
imroot 2 days ago 0 replies      
I think the "higher priority" traveler might have been a FAM -- an air marshal -- who was assigned to the flight at the last minute. Even more so if he had an aisle seat.
nonbel 3 days ago 0 replies      
Either this is awful reporting or I missed it. Did the event described here occur before or after they dragged the doctor off the plane?
agumonkey 3 days ago 0 replies      
Incredible how loss of temper is reaching any space of society these days. Feels like a worldwide fever.
hilbert42 3 days ago 0 replies      
If that happened to me, I'd be incandescent with rageand I'd sue at the first opportunity. I can only hope Fearns makes the airline pay many, many times over.

It seems the only thing these carpetbaggers understand are lawsuits where they lose.

Its CEO deserves the bootit happened on his watch!

apostacy 2 days ago 0 replies      
Some people are getting hit with paywalls. So here is the full text of the article:

Its hard to find examples of worse decision-making and customer treatment than United Airlines having a passenger dragged from an overbooked plane. But Uniteds shabby treatment of Geoff Fearns, including a threat to place him in handcuffs, comes close.

Fearns, 59, is president of TriPacific Capital Advisors, an Irvine investment firm that handles more than half a billion dollars in real estate holdings on behalf of public pension funds. He had to fly to Hawaii last week for a business conference.

Fearns needed to return early so he paid about $1,000 for a full-fare, first-class ticket to Los Angeles. He boarded the aircraft at Lihue Airport on the island of Kauai, took his seat and enjoyed a complimentary glass of orange juice while awaiting takeoff.

Then, as Fearns tells it, a United employee rushed onto the aircraft and informed him that he had to get off the plane.

I asked why, he told me. They said the flight was overfull.

Fearns, like the doctor at the center of that viral video from Sunday night, held his ground. He was already on the plane, already seated. He shouldnt have to disembark.

Thats when they told me they needed the seat for somebody more important who came at the last minute, Fearns said. They said they have a priority list and this other person was higher on the list than me.

Apparently United had some mechanical troubles with the aircraft scheduled to make the flight. So the carrier swapped out that plane with a slightly smaller one with fewer first-class seats.

Suddenly it had more first-class passengers than it knew what to do with. So it turned to its How to Screw Over Customers handbook and determined that the one in higher standing more miles flown, presumably gets the seat and the other first-class passenger, even though hes also a member of the frequent-flier program, gets the boot.

I understand you might bump people because a flight is full, Fearns said. But they didnt say anything at the gate. I was already in the seat. And now they were telling me I had no choice. They said theyd put me in cuffs if they had to.

You couldnt make this up if you tried.

It shouldnt make any difference where a passenger is seated or how much he or she paid for their ticket. But you have to admire the sheer chutzpah of United putting the arm on a full-fare, first-class traveler. If theres anybody whose business you want to safeguard and cultivate, its that person.

So how could United possibly make things worse? Not to worry. This is the airline that knows how to add insult to injury.

A United employee, responding to Fearns complaint that he shouldnt have to miss the flight, compromised by downgrading him to economy class and placing him in the middle seat between a married couple who were in the midst of a nasty fight and refused to be seated next to each other.

They argued the whole way back, Fearns recalled. Nearly six hours. It was a lot of fun.

Back in Southern California, he consulted his lawyer and then wrote to Uniteds chief executive, Oscar Munoz, who commended airline workers after the passenger-dragging incident for continuing to go above and beyond to ensure we fly right.

Fearns requested a full refund for his flight from Kauai and asked for United to make a $25,000 donation to the charity of his choice. This is how rich guys do it.

He received an email back from a United corporate customer care specialist apologizing that Fearns apparently had an unpleasant experience. But, no, forget about a refund.

As for that charitable donation, what are you kidding? A hard no on that.

Instead, the service rep offered to refund Fearns the difference between his first-class ticket and an economy ticket about a week later, as if that wasnt the first thing they should do in a situation like this and to give him a $500 credit for a future trip on the airline.

Despite the negative experience, we hope to have your continued support, the rep concluded. Your business is especially important to us and we'll do our utmost to make your future contacts with United satisfactory in every respect.

I reached out to United and asked if anyone cared to comment on Fearns adventure in corporate catastrophe. No one got back to me.

Julia Underwood, a business professor at Azusa Pacific University, said Uniteds actions in both the dragged-off-the-plane episode and with Fearns reflect a coldhearted mindset utterly devoid of compassion for customers.

Theyre so locked into their policies, theres no room for empathy, she said.

As a result, Underwood said, situations that should be manageable spiral out of control and result in unnecessarily messy PR disasters.

What United and all companies need to do is to train and empower workers to deal with specific issues as they arise, she said. Dont just follow whatever is written in your policies.

I couldnt agree more. United is neck-deep in trouble this week because its workers are clearly out of their depth in handling out-of-the-ordinary events. You have to think someone on the flight crew would have been able to step up, if given the trust and authority to do so by the carrier.

Fearns said three different members of the crew on his middle-seat, economy-class return to L.A. apologized for how he was treated in Hawaii. But they said they were unable to do anything.

Hes now considering a lawsuit against United and he certainly has the resources to press his case.

I asked if hell ever fly United again.

Fearns could only laugh. Are you kidding?

4ad 3 days ago 0 replies      
Original title is "United passenger threatened with handcuffs to make room for 'higher-priority' traveler", but it's too long for HN so I had to shorten it.
stuaxo 3 days ago 1 reply      
Browsing that on firefox on mobile was terrible, about part way down the page a fullscreen video overlay appears that I couldn't work out how to close.
Remove United from your flight results dropunited.com
528 points by accountnumber  3 days ago   277 comments top 39
hamami 3 days ago 3 replies      
While I didn't have terrible experience comparable to some recent events, I also want to share mine. Last year when I was flying United I printed my boarding pass from one of the kiosks at the airport, and it assigned me to a seat where there's slightly more legroom, normally I believe these are upgrade seats, but I assumed there's no other seats so it gave me that one. After I and several others boarded the plane, one of the agents comes to me and wants to see my boarding pass. At this point it's a little awkward for him to ask for this but OK whatever, I give him my pass and he walks off with it without saying a thing. A minute or two later he comes back and gives it back to me and doesn't give me any explanation why he asked for it in the first place. 5 minutes later another agent comes to me and says in a rude manner I sat in someone else's seat and asking me to leave that seat. Well guess what, the first agent swapped my boarding pass with a different one before returning it to me. I didn't make a big fuss about it but let them know that I knew what they did. In fact I'd be fine if they just explained the situation and said there's been an error with the seat assignment. They're not just violent and inconsiderate but also very good con artists..good job losing a customer for good..
rm999 3 days ago 5 replies      
The comments in here are oddly fatalist about the whole thing. We put a lot of trust in airlines; and not just in safety or to get us somewhere, but we also give them an unusual number of legal protections once we're in their care.

When the drama first started I kind of wrote it off: "this must have been a misunderstanding compounded by a single employee's stupidity". But when I found that it was not only condoned, but fully defended by the company top-down, red flags went off. Then, the inevitable outrage led to past stories resurfacing, with a pattern of absurd insensitivity (abused dogs, broken guitars, sexist clothing policies, etc). Then, I started remembering some terrible experiences I've personally had on United. Like the time they left me stranded in India for 2 days (rumor is the staff did this on purpose to protest some new policy around maximum flight times), then made me wait 3+ hours to get approved for a hotel room at 1 am even though I was flying business class (which would have been wrong even if I wasn't business class!) Or the time a gate agent lied to me about contacting a connecting flight, leading me to miss an entire day on my Thailand trip. I have many more of these.

My point here is that United really does seem to have ingrained issues that directly harm their customers. This toxic culture doesn't benefit them in any way, but if nobody cares they'll have no incentive to stop.

sitepodmatt 3 days ago 15 replies      
United screwed up by not having a decent incentive system in place to avoid deplaning people. People have presented many options, including taking a ballpark figure on checkin, or whilst on the airplance a speaker announcement anyone to travel later for $800, wait a minute, $1000, $1200, okay great thanks folks.. That was extremely badly handled and shocking that no process was in place for this - as last minute crew travel as probably quite common - also that onboard manager laughed in someone's face when they offer to deplane for $1600. A complete #fail at management level developing these processes.

That said, it wasn't united that removed the guy, so had American or Southwest got to the point of needed to removing a non-co-operative passenger (it seems that point is less likely to occur) it would probably of been the same police team that actioned it. People need to remember that.

Also, this idea that he was targeted due to being Chinese has no supporting evidence, its more likely it was first row of people with less/no airline status (given the extra legroom seats in front were probably reserve for gold members).

United screwed up on processes, gate management, and their apology. But this was the police/airport-security that should shoulder most of blame for the social outrage..

cloudwizard 3 days ago 1 reply      
My story about United was when I was flying from Vancouver to SFO. For some reason, we could not land at SFO so we ended up in Oakland. I said fine. Let me off and I will catch a cab.

They said that the plane was too big for Oakland. We sat on the runway for 2 hours then flew back to Vancouver with nothing put warm coke. By the time we got to Vancouver, it was late so so all airport and hotel food was closed. We had vouchers but nothing available to spend it on.

Of course they lied about the plane being too large, another airline flew the same plane to Oakland regularly. i had to spam fax their customer support line to get vouchers.

gabaix 3 days ago 1 reply      
I was once in a small crash flying United. There was no major injury, but a lot of scare and a day of travel lost. United took good care of us, then I receive a 'sorry, here's $50 in credit' mail. I was stunned by how small the amount was.

A few weeks later a passenger created a Facebook group, and we all started to share our experience. United caught wind of it, and sent us $500 credit almost right away, with bigger apologies for the incident.

petilon 3 days ago 3 replies      
When you are bumped on an overbooked airline, here's what you should know:

Airlines start offering compensation and travel that is less than what is required under the FAA rule hoping that people who haven't been properly informed about their rights will take the cheap offer. When this doesn't work they slowly raise the offers.

The FAA rules provide that a passenger who has a reservation and who is asked to give up their seat because the flight is overbooked is entitled to a lot of money and the airline is required to fill them in on their rights right away. In writing.Compensation depends on how quickly the airline can get one to the next place one is booked to, and can reach 400% of your paid fare or up to $1,350 if they cannot get you to your next destination within four hours. If they can get you somewhere you are booked to within an hour or two, the compensation is much less.


mvpu 3 days ago 1 reply      
Incidents like this are a wake up call to process driven cultures. If the flight crew really cared about the passenger, they would have handled it differently. If the CEO really cared, he would have personally apologized to the passenger and taken care of him by now. No amount of process and regulation can build a brand as much as culture does. That's why I'm a loyal Southwest customer. They've never let me down when it comes to common sense and empathy.
cottsak 3 days ago 0 replies      
FFS! HTTPS please! It's a browser extension. No one wants MitM extension shit downloading onto their device.



shas3 3 days ago 1 reply      
United has a history of being a company with a crappy culture. Basically, Uber today is the United of the tech world and United has been the Uber of the airlines industry for the last few decades. Stacking metaphors, even when there were many fish in the aviation sea, United was the rotten one.

Holman Jenkins wrote an informative and funny piece in today's WSJ on this: https://www.wsj.com/articles/make-america-great-boycott-unit...

myrandomcomment 3 days ago 1 reply      
I do 100K miles a year on JAL. Rockstar airline. In the US go out of my way to fly Virgin even when I have top status on One World and could fly American. I took the American Tokyo-SF flight one as JAL was so booked. Never again. I will stay in another day.

A co-work of mine just went to Japan for the first time and he has status on One World. I talked him into the JAL flight. He was amazed at the difference.

America air carriers suck.

sfilargi 3 days ago 8 replies      
I understand the sentiment, but if I would stop using every corp that fucked somebody up, I would probably have to move somewhere where there is no civilization.
jaredsohn 3 days ago 0 replies      
It would be nice if it indicated which sites were supported within the webstore. From looking at the manifest.json in the source, it looks like: {Google Flights, Expedia, Kayak, Google search}
rpmcmurphy 3 days ago 3 replies      
I hate to be the one to point this out, but this is a case where people vote with their wallets for the absolute cheapest product, and then are angry to get what they paid for. They buy discounted non-refundable inflexible strings-attached fares, and then are shocked to discover than when push comes to shove, strings are attached (such as lowest priority on rebooking).

If you absolutely need to get there on time, or need flexibility, buy a non-discounted fare. Yes, it costs more, but you will be at the head of the line if there is a mechanical problem, weather cancelation, equipment replacement, etc, all of which the airline has limited control over.

Also, a bit of perspective, the last US commercial airline accident with fatalities was in 2009, and tens of millions of people have traveled safely to their destination since then, not so with any other mode of transportation.

kkotak 3 days ago 0 replies      
Bottomline is most humans don't care about other humans that they don't know. United will live on. I for one, wanted United to go out of business when they took away my 4 yr old daughter's OPENED yogurt container (that she was eating out of) on an international flight after realizing that we forgot to order kid's meal for her and that they had given one to her by mistake.
rajathagasthya 3 days ago 0 replies      
So is United going to sue the guy who created this extension? Just like they did with the guy who created a website for cheap tickets using "hidden city" ticketing [1].

[1] - http://money.cnn.com/2014/12/29/news/united-orbitz-sue-skipl...

rbcgerard 3 days ago 0 replies      
At the end of the day the problem is:

- the service provided has become essential (airlines, cell phones, home internet, etc)

- it's provided relatively cheaply to a large group of people

- there are few alternatives (and in many cases no alternatives)

- barriers to entry are high -but profit margins are low or cyclical, or you need scale to compete

All of this leads to customer dissatisfaction, we need the service, our particular business doesn't matter, competitors are unlikely to enter the space, and perversely since there are few to no alternatives as long as people are equally dissatisfied the few players just swap customers for no real net loss

anigbrowl 3 days ago 0 replies      
More of this kind of thing please. A+ for concept, execution, and presentation.
iplaw 3 days ago 0 replies      
I fly quite a bit for my business, sometimes traveling with a premium carrier in first or business class, but equally often with low cost carriers.

Out of all airlines, United has given me the most problems. Due to my "priority status" with most airlines, I am likely sheltered from the brunt of the harassment, but I often witness other passengers dealing with toxic attendants, overbooking situations, crew movement taking priority, and so on.

Emirates is my primary international carrier. However, for many of my international trips out of DFW, United is one of the only premium carriers available.

Truth be told, my best experiences have been with Virgin and Southwest.

Virgin is now my go-to carrier when flying longer-haul domestic between destinations within their market. The Wright Amendment previously crippled Southwest's usefulness but, since it's removal, I find myself flying with them more and more often. Love Field, due to its size and location, provides such a painless travel experience in and out of Dallas. The alternative is flying via DFW, which necessarily adds over an hour of traffic delay each direction and maybe half an hour of TSA delay, even with pre-approval, when compared to Love Field. Saving 2.5 hours each time I fly is quite the value proposition.

Given these United revelations, for international flights, I will try to book with other carriers more often - Luftahansa, Japan Airlines, Korean Air, Qatar Airways, AeroMexico, etc.

TL;DR: United truly is the worst. Virgin and Southwest are good. Use Emirates for international.

fapjacks 3 days ago 0 replies      
The last time I flew United is also the day I vowed never to fly United ever again. A couple of months ago, I was flying out of SFO. I always bought the priority boarding just because I get anxious when I have to wait for things. Anyway, I was at the front of the boarding line and watched this whole thing unfold. The United gate agents were being really short with people before boarding began. Once boarding began, and some people were scanning their boarding passes, the head gate agent decided that every passenger (every single one) needed to put their carry-on into the stupid metal sizing box. But by the time he had decided this, one of the first class passengers had already gone onto the plane. The gate agent said "sir" half-heartedly down the hallway to the plane, but he must have already boarded. The gate agent guy got extremely mad, started yelling about the passenger, and got on the phone and called the airport police. Boarding had been completely stopped at that point, and we all waited for the police to pull this first class passenger off the plane. The guy was completely innocent, and it delayed our flight by perhaps half an hour. It was astonishing, even after my previous pattern of waiting four or more hours for delays on what should have been a short commuter flight.
partiallypro 3 days ago 0 replies      
This will have almost no effect, travel sites like Kayak, etc list United, and guess what? United is often one of the cheapest options, so it gets the sale. Nice concept, but it won't have an effect. What -might- have an effect on United is that the man just so happened to be Chinese and they want to expand into China. Otherwise, as heartless as it is to say, if United is $100 cheaper, I'm going to buy a ticket from United instead of Delta, SouthWest, etc; as will thousands upon thousands of other people.
ram_rar 3 days ago 4 replies      
If I keep dropping airlines for every unpleasant experience, I ll run out of options for flying. I have had bad experiences (not of this magnitude) , but dropping UA from my search list is not a viable option. Its an airline, not a restaurant. Having said that, I do hope UA bleeds through its nose while settlement.
portal_narlish 3 days ago 1 reply      
On a trip to Europe last winter, United Airlines lost my luggage during a connection at ORD. I landed in Germany in the dead middle of winter without any clothing, and not a single United employee in person or on the phone could tell me what had happened. Two days later, after dozens of calls and an accumulated 8 hours on the phone (90% of that time was spent on hold), my luggage was finally found. But the issues didn't end there. The flight number of the flight I was told the bag would come in on was incorrect, twice, and their incident tracking website (BagTrack) did not update once during the entire fiasco. My luggage was delivered 4 days late, unannounced, by a random third party courier. Mind you, this happened merely 12 hours before we had to leave the city we were staying in.

I spent over a thousand dollars in the first couple days attempting to repurchase the contents of my bag, assuming it was lost for good. The only silver lining to this nightmare of an experience was the fact that United refunded me the cost of replacing my clothes... a whopping 6 months after filing a claim. Needless to say, I'm ecstatically cheering on their demise.

tootie 3 days ago 6 replies      
Why is United taking more blame than the Chicago PD?
madiathomas 3 days ago 1 reply      
I need this kind of extension for companies I don't want to do business with. Also need it for news sites with Adblock blockers. I don't want to see news sites like forbes when searching for news. Is there a plug-in that removes certain sites from my google search results?
usmeteora 3 days ago 0 replies      
I understand that corporations like airlines are doing difficult things that very few groups are doing, and theres alot of logistics involved, including but not limited to spiky gas prices and coping with the disparities between dozens of international policies and financial regulations.

Stuff happens and people and companies mess up soemtimes. (to be clear, I don't consider this most recent event with the doctor a mess up, its an unexcusable event and way to treat a human being, and they deserve the criticism and then some)

but it's not the fact that United airlines is constantly late for its flights, overbooking, switching gates due to disorganization leaving customers on connecting flights on their same airlines scrambling across multiple terminals only to find they were 2 minutes late and United doesnt have the courtesy to acknowledge their own systematic failure and wait for its customers, or the fact that its providing horrible customer service all around.

It's the ATTITUDE they have about it. Everytime a company messes up, you have an opportunity to actually leave a really great impression by handling it well. Alot of good reviews on Amazon, restaurants and otherwise actually result form an initial messup, but the customer going out of their way to comment with how they were impressed they were with the way they handled it.

United has a blatant "we provide this to you and you obviously dont have any other choice, so deal with it" attitude. And while its somewhat true, its rubbing salt in the wound of its customers and being semi belligerantly braggatory about their stance to abuse its customers because it's one of the only choices around.

They don't notify customers when planes are late, they don't apologize, they don't initialize alternate routes, they don't apologize when they kick you off flights, they dont work with other airlines to reroute you and will make you wait days to get another flights. They don't wait for you when their own planes arrive late and other ones reroute to a new terminal for a connecting flight. Their customers are in a constant state of scramble and uncertainty.

This attitude has never worked out well in history in capitalistic environments or otherwise.

This on top of the interview I saw of the CEO yesterday and his passive attitude about the whole thing, in addition to the leaked emails telling the United Airlines employees they did the right thing, is just the icing on top of the cake failure (thats all I got right now).

pdxandi 3 days ago 0 replies      
I just booked my next work trip and even though United is the primary airline, I went out of my way to fly on a different airline. I've personally had really bad experiences with their flight staff and gate agents and this last weekend made me feel it's worth rewarding airlines like JetBlue with my business.
avenoir 3 days ago 0 replies      
I'm a little bit surprised that nobody addressed overbooking in this particular situation. It's not just United, it's all airlines that overbook their flights and it's hard for me to believe that it's a completely legal practice.
throw2bit 3 days ago 2 replies      
All airlines in North America sucks. Take cue from Emirates and learn from them. See how they treat economy class customers. I wont think twice to fly Emirates , Etihad or Qatar.
kensai 3 days ago 0 replies      
Hey, watched the demo of the service. Well, you may argue here that it makes a disservice as it drops the cheapest flight.
tobyhinloopen 3 days ago 0 replies      
Added to support the cause. I don't even fly, just want to increase the number of downloads :)
fixxer 3 days ago 1 reply      
If I removed every airline that sucked from my flight results, I'd be driving to Paris.

I hope this reaction keeps going because I'm gonna load up on United stock. In 6 months, all these noise makers will be gone and we'll all realize United is equivalent in shittiness to AA, Delta, etc etc.

peterburkimsher 3 days ago 0 replies      
"Is there a doctor on board?" "Not any more."
usmeteora 3 days ago 0 replies      
meglev trains anyone? Japan has some that go 400mph
smokeyj 3 days ago 2 replies      
JoshTriplett 3 days ago 0 replies      
From the title, I'd hoped this was a campaign to get travel sites to drop United, not just an extension for one browser to hide search results from yourself only.
hartator 3 days ago 0 replies      
I find that amazing that people manage to forget AA is way worse than United on so many levels.
farzadb82 3 days ago 0 replies      
The thing I don't like about such plugins is that it suppresses the conversation surrounding the practice of forced removals and overbooking in general and the incident in particular.

A much better approach would be to be vocal about your choice and why it was made through common social media outlets. Even simple posts that express your decision to boycott and why help drive conversation around what's happening.

Besides, if you genuinely intend to boycott United why would filtering results make a such difference? Are people worried that seeing their prices may convince them otherwise?

daxfohl 3 days ago 1 reply      
If only there were a chrome extension to keep from getting shot by the police while unarmed. Or your kid gassed to death by your president.

And what about Delta, the kids they kicked off their flight for not adhering to dress code? Drop those flight results too? Maybe Rainman had it right, Quantas and only Quantas?

What's next, the #PassengerConvenienceMatters movement? And then the conservative response #ALLConvenienceMatters?

Perspective on these stupid incidents, that the passengers signed on to when they bought the tickets is entirely overblown. And pisses me off. </rant>

speakerjack31 3 days ago 0 replies      
I would like to first say that what happened to the guy was horrible and don't condone anything United did to him but I feel like this whole thing is blown out of proportion.

First they can legally bump you from a flight if they need to[0]. You have no right to walk on the plane and rosa parks your seat despite already paying for the said seat. This should have at least been explained to the passenger and the passenger should have said that he needed be on the plane for medical emergency. Was it an medical emergency? Not sure - he might have been in alot of trouble with his boss or something but no one has mentioned that he in fact had to be on the plane no matter what. Regardless I haven't seen a video of the interaction before he went wailing flailing through the seats.

This was a huge failure on part of the managers at United and they should be sacked as soon as this court case is dealt with. The fact is that they laughed in the face of passengers when someone mentioned they would have gotten off the plane for $1000 abhorrent. I imagine this is where they will lose in court.

[0] https://thepointsguy.com/2017/04/your-rights-on-involuntary-...

Jeff Bezos Annual Letter sec.gov
537 points by djyaz1200  3 days ago   253 comments top 20
x2f10 2 days ago 15 replies      
I might be shunned for beating the dead horse, but while he talks about 'True Customer Obsession', he allows counterfeit goods erode his customer's trust in Amazon. I'd argue Amazon's 'process as proxy' in dealing with counterfeits is the careless return process. 'Oh, it's counterfeit? We're sorry! Here's your money back!' does not solve the issue. Sure, thanks for the $10 back, but now I must think twice (or thrice!) before ordering from Amazon. Once my Prime membership lapses, I will not renew.

The 'process' for dealing with counterfeits is broken. When the customer has to think about "the chances of counterfeit" or dealing with the return of counterfeit products, it's NOT customer obsession.

I respect Jeff, TONS, but come on. You're talking the talk, but you're not walking the walk.

mstank 2 days ago 8 replies      
"A common example is process as proxy. Good process serves you so you can serve customers. But if youre not watchful, the process can become the thing. This can happen very easily in large organizations. The process becomes the proxy for the result you want. You stop looking at outcomes and just make sure youre doing the process right. Gulp."

Seems like this is exactly the kind of issue companies like United Airlines suffer from.

AndrewKemendo 2 days ago 3 replies      
You have to admire the grit and tenacity it takes to maintain that kind of ethos for 23 years straight.

What Jeff is basically saying here in this letter is that the pedal is to the metal, forever: We can't have process as the foundation because it ossifies the organization! Be nimble to the rules of the game.

When translated however, that means you are either empowering your organization to change and make new processes at scale and speed, or you have whatever the default process of solving problems from scratch each time. It's the anarchist's dilemma. That is a tough organization to live under if you aren't built for that, and one that only a certain type of people can thrive in.

I mean the majority of people, leaders even, when they get to some level of success will put the brakes on and coast, doing exactly the things Jeff describes: building processes to take the cognitive load off of decision making and making life just slightly easier. They build processes for "efficiency", so that they don't have to go back and do all the hard work of understanding the problem from scratch each time. The problem though, as Jeff points out is that "The process" becomes an 80% solution to 80% of the problems it's applied to (leading to 36% failure rate).

So just think about how you could - for 23 straight years - recruit, retain and develop a cadre of managers, engineers, interns, staffers etc... that in the majority of cases fall into the mindset of constantly sprinting - basically an Olympic marathoner running a 5 min mile marathon. As a leader I admire that ability.

joshaidan 2 days ago 9 replies      
I encountered "process as proxy" today dealing with Cisco. We were requesting a replacement for a defective part, they asked us for our serial number, which we provided, but then responded to us that our serial number was invalid. Likely because it wasn't registered. We were told that we had to contact our sales manager, or open a TAC with a different department because they department only deals with technical issues.

Could they not have done something to help us, maybe forwarding the ticket to the department that could register the serial number, to help us rather than just leaving us stranded? It's as though they want to follow process rather than helping the customer.

OoTheNigerian 2 days ago 0 replies      
This paragraph from his first letter to shareholders best illustrates how far Amazon has come.

"We established long-term relationships elationships with many important strategic partners, including America Online, Yahoo!, Excite, Netscape, GeoCities, AltaVista, @Home, and Prodigy."

ChuckMcM 2 days ago 2 replies      
I wrote an email to Jeff suggesting that Day 2 might be started by losing control over what is sold in his shop.

I really respect the way he thinks about the company and I have bought stock in it as a reflection of that respect. My hope is that he will be able to match 'focus on the customer' with 'don't sell the customer counterfeit or shoddy crap'. With their investment in Machine Learning one would hope they could train that engine to predict where crappy product is going to come from and reject it before it gets into the pipeline.

bambax 2 days ago 0 replies      
From then 1997 letter:

> We established long-term relationships with many important strategic partners, including America Online, Yahoo!, Excite, Netscape, GeoCities, AltaVista, @Home, and Prodigy.

Every single one of those partners either folded or fell into utter irrelevance. The only one surviving is Amazon itself.

Don't know what to make of it, though.

Gormisdomai 2 days ago 2 replies      
Reposting this thought from the other discussion[0]:

>Third, use the phrase disagree and commit. This phrase will save a lot of time. If you have conviction on a particular direction even though theres no consensus, its helpful to say, Look, I know we disagree on this but will you gamble with me on it? Disagree and commit? By the time youre at this point, no one can know the answer for sure, and youll probably get a quick yes.

This sounds really powerful but also like it might be open to abuse (for example degenerating into passive agressiveness/half commitment). Does anyone use something similar in their own workplace? Does it work?

[0]: https://news.ycombinator.com/item?id=14103818

sb8244 2 days ago 1 reply      
I often say that we don't need to agree, just commit together. I particularly like disagree and commit better. It seems like it would shorten time to decision as long as no one takes it personally.
zeteo 2 days ago 1 reply      
Conspicuously missing are a couple of other ingredients of Amazon's success. There are plenty of companies out there with "customer obsession" and a "day 1" mentality. There are few others with such good investor relations that money keeps pouring in after two decades of paltry or negative earnings [1]. With this kind of "infinite runway" you can sometimes afford to lose $100 million over three months to drive a competitor out of the market [2]. You can also afford to negotiate sweetheart deals with UPS and FedEx that will offer you delivery rates and speeds available to few other companies [3].

[1] http://www.slate.com/blogs/moneybox/2013/01/29/amazon_q4_pro...

[2] http://www.slate.com/blogs/future_tense/2013/10/10/amazon_bo...

[3] https://sellerengine.com/should-you-use-amazon-discounted-up...

curiousDog 2 days ago 1 reply      
Day 1, no processes, pedal to the metal are great for the business owner but suck for the proletariat. Contrast this to Google where for the most part Software engineers are happy to work.
dirtyaura 2 days ago 0 replies      
Earlier thread about the letter https://news.ycombinator.com/item?id=14103818
skrtskrt223 2 days ago 0 replies      
As an employee of the amazon returns facility a lot of the issue is because of employee error, which is the lack of opening the box and making sure it is the right item being returned, part of the process is sending ot to liquidation to where it is sold at discount prices, warehouse deals sellable to where it becomes a sale although it has cosmetic issues, brand new sellable, and destroy. If they check the box and it is caught as being the wrong item, it is investigated on amazons part to see if it was a item sent back by mistake, an item that was sent out by mistake, or if the costumer is trying to pull a fast one. If it is the wrong item it is an easy fix as long as amazon sells the item that was returned.
jtraffic 2 days ago 1 reply      
Does this come across as oddly inconsistent to anyone else?

"These big trends are not that hard to spot (they get talked and written about a lot), but they can be strangely hard for large organizations to embrace. Were in the middle of an obvious one right now: machine learning and artificial intelligence."

"Another example: market research and customer surveys can become proxies for customers something thats especially dangerous when youre inventing and designing products. 'Fifty-five percent of beta testers report being satisfied with this feature. That is up from 47% in the first survey.' Thats hard to interpret and could unintentionally mislead."

What about ML as a proxy for customers?

smaddali 2 days ago 1 reply      
I particularly like the concept of 'Day 1'.No matter what stage you are in as a business or individual, it is still day 1 for rest of your life. Taking long term view , keeping where you want to go in focus is really important.
kirykl 2 days ago 0 replies      
Exactly. The purpose of process is to stabilize things enough to see where systemic improvements need to be made. Not to follow it blindly as a path to success.
avar 2 days ago 2 replies      
Odd to see Bezos cite number of Oscars & Emmies as a measure of competence, as opposed to revenue. A lot of movies that win awards aren't particularly good investments.
plcancel 2 days ago 0 replies      
With Easter just around the corner, I thought he would've at least mentioned Day 3.
perseusprime11 2 days ago 0 replies      
United can learn a thing or two from Jeff Bezos's annual letter about customer obsession. Trust your customers rather than treating them like idiots and with suspicion.
m3kw9 2 days ago 0 replies      
All the counterfeit talk, what is out there that is less counterfeit and as convenient? Lets hear some fine alternatives
Saturn moon 'able to support life' bbc.com
481 points by interconnector  2 days ago   250 comments top 18
_rpd 2 days ago 1 reply      
Here's the paper mentioned in the article ...

Cassini finds molecular hydrogen in the Enceladus plume: Evidence for hydrothermal processes

> Saturn's moon Enceladus has a subsurface ocean covered by a layer of ice. Some liquid escapes into space through cracks in the ice, which is the source of one of Saturn's rings. In October 2015, the Cassini spacecraft flew directly through the plume of escaping material and sampled its chemical composition. Waite et al. found that the plume contains molecular hydrogen, H2, a sign that the water in Enceladus' ocean is reacting with rocks through hydrothermal processes (see the Perspective by Seewald). This drives the ocean out of chemical equilibrium, in a similar way to water around Earth's hydrothermal vents, potentially providing a source of chemical energy.


smdz 2 days ago 11 replies      
I always had this question - Can life exist outside our perception of biological life?

Intelligent life might be an anomaly, and rare in the universe - but is it possible that life exists outside our perception of biology? Afterall everything is just rules and actions that lead to predictable reactions (unless quantum physics says something else)

I look at artificial life - that exists in virtual environments. It looks like life - but we know it isn't for real. It cannot replicate/grow outside its environment. But that argument could be used to for all non-human life on Earth, if humans never existed.

Even stuff like mars rover could be engineered to mine, manufacture and duplicate - eventually creating a colony of rovers that populate the planet and consume the planet's resources. Well, that might look like semi-intelligent life - but we know it isn't - or is it life?

nzonbi 2 days ago 12 replies      
If life is there, completely disconnected from earth life, it would be dramatic. That would mean that our solar system, has life on at least two, out of nine planets. That would seem to indicate that life is a fairly common things on planets. It would allow to adjust the drake equation, to easily predict millions of planets with life. And that would mean a high probability of many advanced, intelligent civilizations on the universe.
gonvaled 2 days ago 5 replies      
able to support life ... as we know it.

The universe being so vast and so diverse, most life forms will probably escape our comprehension: completely different chemistry, environments (pressures, temperatures), time scales, state of matter (plasma based life forms?), or even energy based ones.

We are not even looking for such different life forms, since we have already concluded that:

- life must be water based

- life must be carbon based

- life must be based on dna (or simillar)

Which leads (given our limited knowledge of the chemistry of these substances) to the conclussion that life must be extremely similar to Earth's.

I see a lack of imagination here.

PaulHoule 2 days ago 0 replies      
Not a huge surprise. Most likely our kind of environment is an unusual place for life, it might be much more normal for life outside the frost line to run on geothermal energy (where there are 10 or so bodies with liquid water) as opposed to the one small rock that didn't get all the water boiled away by the sun.
aphextron 2 days ago 1 reply      
The fact that Cassini is still out there doing groundbreaking science is just mind blowing to me. That thing launched when I was in middle school.
rbanffy 2 days ago 0 replies      
This makes Tethys and Rhea very tempting places for permanent occupation - they have abundant ice on the surface (easy to dig if you have a power source) and the delta-v's between them and the surface of Enceladus are between 1000 m/s and 3000 m/s, something chemical rockets can do easily.
pasbesoin 2 days ago 0 replies      
Just in the last day or so, reporting on some experiment supposedly demonstrating that asteroid impacts on Earth are/were capable of creating the amino acid precursors to RNA.

Yeah, really, this demonstrates nothing, on its own. But, interesting to think about.

yomly 2 days ago 2 replies      
So here's an orthogonal question. In a field like space navigation, where your findings come back after an expedition planned 5-10+ years ago how do you be "agile"?

What is the go to project management style? Can we learn from these disciplines for alternative practices to building software?

dave_ant 2 days ago 1 reply      
Is there tectonics on that moon ? Isn't it too small for that ? The same goes for Europa... Is there real tectonics there ?

If there is no tectonics in place and you have a "closed" big bucket of water constantly filled up with chemicals from hydrothermal vents during billions of years, wouldn't the water become completely soaked and kind of slimy ? Not the best place for life, even for extremophiles...

I also found an interesting article on the probable high acidity of Europa ocean, that would make it not suitable for harboring life : http://www.space.com/14757-europa-moon-ocean-acidic.html

I guess it could also apply to Enceladus ocean. Can someone elaborate on that ?

P.S.: English is not my native language, sorry for any grammatical incoherence :)

troels 2 days ago 0 replies      
If it turns out that there is no life there, maybe we should try to transplant some?
julienchastang 2 days ago 0 replies      
For those interested in this topic, I recommend "Astrobiology: A Very Short Introduction" by David Catling. Catling details nine celestial bodies in the solar system that could potentially harbor life, and discusses Enceladus is some detail.
ende 2 days ago 1 reply      


AnimalMuppet 2 days ago 0 replies      
Well, Enceladus has an energy source that could perhaps be a source of energy for some kind of living organism. "Able" kind of says that all you need for life is some kind of available energy, which... let's just call that "unproven".
mavhc 1 day ago 0 replies      
The Ion Neutral Mass Spectrometer ion collector has an open-source mode, confused me for a moment, they mean open ion source of course.
svisser 2 days ago 0 replies      
Coincidentally a book was written a few decades ago called "Ringmakers of Saturn" which discusses the presence of alien life around Saturn as well.
SticksAndBreaks 1 day ago 0 replies      
Could we have a research station beneath the ice ?
known 2 days ago 0 replies      
If it supports life, why there is no life in that moon?
What made Xerox PARC special? Who else today is like them? quora.com
504 points by mpweiher  2 days ago   218 comments top 43
Animats 2 days ago 8 replies      
"You know what makes the rockets fly? Funding." - The Right Stuff.

What really made PARC work is that they were funded to develop the future of computing by building machines which were not cost-effective. It was too early in the mid-1970s to develop a commercially viable personal workstation. But it was possible to do it if you didn't have to make it cost-effective.

That's what I was told when I got a tour of PARC in 1975. They had the Alto sort of working, (the custom CRT making wasn't going well; the phosphor coating wasn't uniform yet) the first Ethernet up, a disk server, and I think the first Dover laser printer. All that gear cost maybe 10x what the market would pay for it. But that was OK with Xerox HQ. By the time the hardware cost came down, they'd know what to build.

Previous attempts at GUI development had been successful, but tied up entire mainframe computers. Sutherland's Sketchpad (1963)[1] and Engelbart's famous demo (1968)[2] showed what was possible with a million dollars of hardware per user. The cost had to come down by three orders of magnitude, which took a while.

Another big advantage which no one mentions is that Xerox PARC was also an R&D center for Xerox copiers. That's why they were able to make the first decent xerographic laser printer, which was a mod to a Xerox 2400 copier. They had access to facilities and engineers able to make good electronic and electromechanical equipment, and thoroughly familiar with xerographic machines.

Ah, the glory days of Big Science.

[1] https://www.youtube.com/watch?v=6orsmFndx_o[2] https://www.youtube.com/watch?v=yJDv-zdhzMY

jacquesm 2 days ago 7 replies      
To be like Xerox PARC today you'd have to move back to the time when Xerox did what they did there. It's not just the company or the people but the total environment in which that took place.

Once the canvas is no longer blank it becomes a lot harder to be that innovative. All kinds of brakes on the system engage almost automatically: conventions, languages, processors, window managers have all become a lot less open to really new concepts.

The biggest changes of the last couple of years are deep learning coupled with the advent of GPUs that have computing power that was only affordable to universities not that long ago for very little money. Possibly that will engender a totally new computing environment in which our 'old' stuff no longer matters as much and we'll be more free to pursue things that are less anchored in the practical requirement to make money.

I suspect the whole 'deep learning' revolution will be as big as the original invention of the transistor or the web. It won't give us full AI but maybe by the time we've mined that for all it's worth we won't feel the need for it anymore.

CalChris 2 days ago 1 reply      
I'm less of a PARC fan and more of a Lampson fan. In fact, I'm a huge Butler Lampson fan. I've read his PARC valedictory Hints on Computer System Design many times and he's updated it recently. He went from PARC to DEC SRC (maybe 5 miles). I saw him give a talk at SRC and for about 15 minutes afterwards, I understood.

Hints is the favorite paper of a lot of my heroes like John Regehr.




From SRC, he went to Microsoft and he also taught at MIT.


tostitos1979 2 days ago 3 replies      
Microsoft Research Silicon Valley (MSR-SVC) used to be like PARC of old. Too bad it was shut down a few years ago. I don't know if any place comes close. To be fair, there are pockets of awesomeness at places like IBM T.J. Watson and MSR Redmond .. you need to be lucky enough to work with the right group of people.

Edit: I should point out that while it is awesome to work in such a storied place, there is some stress associated with it. Read about the weekly "Dealer" meetings at PARC.

mseebach 2 days ago 1 reply      
"Who else today is like them?"

I don't know, but for sure, they're not in computing. PARC was special, among many other reasons, because it existed (and had the vision and the funding) in the early, gold rush era of computing. Google Research isn't it, not because they're not generously funding important and worthy research, but because computing as a field is too far along for them to have a chance of introducing truly fundamental research in the area. Self-driving cars comes close, no doubt hugely important, but even they have a quite incremental feel to them, especially next to inventing something like the graphical user interface.

aerovistae 2 days ago 4 replies      
This link led me on to a little bit of wikipedia reading where I learned something that really surprised me: according to wiki, Xerox today still employs more people than either Microsoft or Apple, 130k to their 115k each. Am I the only person who finds that shocking? I had no idea they were still so huge. And this despite their market cap being a hundredth of Apple or Microsoft's.
Dangeranger 2 days ago 1 reply      
There are some especially qualified answers on Quora. But to have your question answered by Alan Kay on the topic on Xerox PARC is truly special.
zengid 2 days ago 3 replies      
I've been reading the book he mentions, "The Dream Machine", by Mitchell Waldrop. It has been a great read so far (I'm a little past the point of the creation of ARPA), particularly the section about John McCarthy developing LISP and conceiving of the architecture for time-sharing.

Reading it has felt like I'm paying my respects to the pioneers of our field, because I am humbled by what they achieved.

fuzzygroup 2 days ago 3 replies      
Id strongly recommend the book Dealers of Lightning. Now I should comment that Alan Kay was at Parc and its where he did amazing work that holds up to this day so pay the most attention to his answer of course. But I learned a ton about Parcs history from Dealers of Lightning.

Id also point out that Bob Taylor apparently had a hard limit of 50 researchers because he felt that was all he could manage. This meant that he, by this criteria, had to get the absolute best, smartest scientists / researchers he could find. If you look at the sheer number of absolutely brilliant people assembled at Parc during the same time period, it is astonishing: Alan Kay (smalltalk), Butler Lampson (alto, *), Bob Metcalf (ethernet), the founders of Adobe (postscript), Charles Simonyi (bravo which later became Microsoft Word), etc. Close to 100% of modern computing directly came from Parc.

steveeq1 2 days ago 0 replies      
For those interested, more answers from alan kay available here: https://www.quora.com/profile/Alan-Kay-11
grabcocque 2 days ago 3 replies      
1) Smart people who have great ideas

2) A business model that has no need of those ideas

3) Management who have absolutely no idea how to capitalise on those ideas outside of a core business?


That's Google. Google are Xerox.

jtraffic 2 days ago 1 reply      
A desire to recreate great things from the past always comes with some hindsight bias. What we'd like is a dataset about hundreds of labs like PARC and what happened to them. Of course, we could never get it, so we have to work with our observed history. But sometimes, in the case of these big labs, I wonder how much we can conclude.

I recently read The Idea Factory, about Bell Labs, and it has great insights, to be sure, but enough information about the causality to recreate Bell Labs? I don't know.

Maybe it really does come down to one thing, like funding, as the top comment (currently) on this thread suggests. But I doubt it.

When I was younger, my siblings and I played this game that we sort of made up as we went (too detailed to explain), and it was awesome. Years later, in a bout of nostalgia, we tried to recreate it and it was just awful. Enough small details had changed that it didn't work. One of the important details that changed was a total lack of spontaneity. All of us knew what the outcome should be like, and it made us behave differently. I don't think big orgs are at all immune from this effect of expectations.

Don't get me wrong, I'm obsessed with the famous labs like anyone, a big fan of Alan Kay, etc. I just think somebody needs to call attention to a giant hurdle in learning from them.

sounds 2 days ago 3 replies      
> Who else today is like them?

> PARC still exists, but Google advanced technology projects is probably the closest. Neither of these is that close to the old Xerox PARC since they tent to focus on near term commercializable projects.



While I can see how Google is an engine of scientific progress, Silicon Valley is bigger than Google. Stanford deserves a lot of credit.

Without diving into "what makes Silicon Valley Silicon Valley," I think I should point out that Stanford has consistently produced disruptions since at least Xerox PARC's founding.

(Obligatory: I have only ever visited Stanford, long after graduating from a different university.)

JustSomeNobody 2 days ago 1 reply      
>There was no software religion. Everyone made the languages and OSs and apps, etc that they felt would advance their research.

I feel like there is a lot of software religion in this industry today, however it is mostly perpetuated by mediocre developers.

cpr 2 days ago 0 replies      
I can vouch for the "fund people, not projects" aspect of ARPA funding in the early 70's.

I was a lowly undergrad but working with Tom Cheatham (who ran the grad Harvard Center for Research in Computing Technology) and others, and helping in minor ways with their annual ARPA proposal. ARPA pretty much was sending money our way, and we just had to cast the annual work in terms of what was "hot" at the time (mostly "program understanding" at Harvard) to get the funds.

jv22222 2 days ago 1 reply      
> The commonsense idea that computer people should not try to make their own tools (because of the infinite Turing Tarpit that results). The ARPA idea was a second order notion: if you can make your own tools, HW and SW, then you must!

All the best breakthroughs of my career have come from a build don't buy bias.

RcouF1uZ4gsC 2 days ago 0 replies      
To like PARC you need the following things:

1. A monopoly that prints money

2. Company desire to investigate cool stuff

3. No pressure to productize the research

4. Smart people hired and given lots of leeway.

I think parts of Google, Microsoft,AT&T, and IBM are/have been like this.

Simorgh 2 days ago 0 replies      
As mentioned by Alan right at the beginning of his answer, the true visionary behind our current technological age was Licklider. He was an ARPA researcher who, it is argued [1], initially dreamt up the connected network we now know as the internet. Interestingly, when an early iteration of the 'net was put to UCLA academics, they refused to get involved!

[1] Sharon Weinberger, The Imagineers of War (2017).

surfmike 2 days ago 1 reply      
YC HARC (https://harc.ycr.org) has a lot of talented people working on PARC-like problems. Alan Kay has close contact with a lot of the team as well.
dpflan 2 days ago 0 replies      
Related to this special time in computing that Kay discusses is the book "What the Doormouse Said?" It's a good, relatively quick read about the rise of personal computing in the 1960's.


zem 2 days ago 1 reply      
i wonder why he (presumably) did not think "dealers of lightning" was a good book. not read "the dream machine" yet, but i thought "dealers of lightning" was a great look at the history of xerox parc.
jacinabox 2 days ago 1 reply      
It is special because it happened in a different era and its technological and cultural ideas are no longer legible. Time was computers were for mathematics, now they are Potemkin villages and vehicles for almost stunning cultural paranoia and new sectarian hatreds.
derstander 1 day ago 0 replies      
I was working as my department's internal R&D director a couple years ago and I was interested in the first question as well. Note that that position probably sounds way more important than it actually was. Coincidentally, it was at one of the places Alan Kay mentions in an answer to the linked Quora question.

I pretty much focused on 3 different entities: DARPA, Xerox PARC, and Bell Labs. These are the books I read to try to answer that question:

[1] Dealers of Lightning. https://www.amazon.com/Dealers-Lightning-Xerox-PARC-Computer...[2] The Department of Mad Scientists. https://www.amazon.com/Department-Mad-Scientists-Remaking-Ar...[3] The Idea Factory. https://www.amazon.com/Idea-Factory-Great-American-Innovatio...

I personally thought that having access to a diverse set of disciplines & skills and a reasonable budget were two of the more important things.

wonderous 2 days ago 0 replies      
Organization succeed when people understand and believe in WHY they do what they do and how.

PARC's mission was to "create the architecture of information" in a way that enabled strategic business growth.

In hind sight, it's obvious how important this was, but back then, it was just a belief, and one that turned out to be adopted in mass.

If you want to be like PARC, understand WHY you do what you do and how in a way that makes sense strategically for the organization, it's members, and those it impacts.

coldtea 2 days ago 0 replies      
>What made Xerox PARC special?

All expenses paid, pure but pragmatic research without having to rush to market and add buzzwords and marketing-inspired crap. Oh, and no compartmentalization between teams and narrow-focused projects either.

>Who else today is like them?

Nobody. Google research labs for example is more like a "throw something out there as a marketing gimmick to show we do 'innovation', and see if it sticks" affair.

partycoder 2 days ago 0 replies      
Xerox was an immensely profitable business once. Being first to market with photocopiers, and keeping a large market share for a long time.

In the Palo Alto Research Center (PARC), they had the right team, the right ideas and research was absolutely going in the right direction.

For instance, they had former SRI International researchers that participated in the Douglas Engelbart's "oN-Line-System", presented in 1968 in what is now known as "the mother of all demos" (https://www.youtube.com/watch?v=yJDv-zdhzMY, https://en.wikipedia.org/wiki/The_Mother_of_All_Demos).

Their achievements include the creation of the excellent Xerox Alto computer system featuring a GUI and a mouse as input device, which inspired the Apple Macintosh and MS Windows (a story dramatized in multiple occasions, notably in the classic "Pirates of Silicon Valley").

Xerox leadership failed to visualize how innovations like the Alto could be converted into profitable products... even if it looks self-evident today. That's a once in a lifetime opportunity that they let go and as a result other companies heavily profited from PARC's findings and continue to do so today.

In addition, photocopiers are no longer at the center of business activities, and usage paper is decreasing. This makes Xerox a company of the past, like Kodak or Blockbuster (not trying to be offensive, but it is fair to say so).

carapace 2 days ago 0 replies      
Kay's own Viewpoints Research Institute is worth mentioning in this context.http://www.vpri.org/
Stranger43 2 days ago 1 reply      
It's probably not anywhere in america.

Szhenzen is pretty close to being the global center of hardware innovation and getting into software in a climate where state funding and commercial enterprise is merged in a way california havent seen since the rise of modern liberatarian economics in the 80ies.

The birthplace of the web at CERN is also still in play as a center where lots of things happens.

And thats before we head into the fringes where the oil exploration industry is leading in VR research almost as an afterthought of having to process and visualize the kind of big data most big data start ups only dreams about being able to handle.

Remember that Xerox wasn't an IT company but a printing/photocopier copier so it's just as reasonable to expect that the next big leap will come from someone that is not currently seen as an IT giant, as to go looking within the Californian IT industry.

_pmf_ 2 days ago 1 reply      
I'll say it: Microsoft. They have a lot of research stuff that never makes it onto (mass) products. It's atrange that Apple does not publish its internal research projects; maybe they are more focused on actual direct applicability, which is decidedly un-PARC like.
GrumpyNl 2 days ago 0 replies      
They did great groundwork for Apple, they monetized on it while Xerox was left behind empty handed.
11thEarlOfMar 1 day ago 0 replies      
I've always wondered what enabled Xerox PARC to 'succeed' and Interval Research to languish. PARC was developed more or less organically where IR was an intentional construction. To me, that contrast is a proxy for other regions attempting to re-create Silicon Valley.


bane 2 days ago 1 reply      
There's a few, not quite the same, but bits of pieces of places like this exist. Monopoly driven companies like Google or Microsoft have nice R&D arms, car companies can get involved in weird things. There's the big research universities, who are these days just as commercial as PARC ever was. There's also DoE National Labs who, because of the downturn in the nuke business, get involved in all kinds of cool R&D and are surprising to most people only semi-government. And finally there's pure government R&D centers, mostly in the military.
77ko 10 hours ago 0 replies      
Zzz, suuwuuuojuuusujuuojoljllujluo ass washhhhhl
mozumder 2 days ago 1 reply      
A similar organization today is DARPA.

You can submit proposals to them and they may fund you.

gradstudent 2 days ago 0 replies      
> Fund people not projects the scientists find the problems not the funders. So, for many reasons, you have to have the best researchers.

> Problem Finding not just Problem Solving

Lessons not yet learned

icelancer 2 days ago 0 replies      
I try to run the R&D side of my sports science business like Xerox PARC. I take a ton of inspiration from them.
tyingq 2 days ago 0 replies      
Different space, but after reading Alan Kay's answer, the only current entity that comes to mind is CERN.
kilroy123 2 days ago 0 replies      
I'm not sure what places are like Xerox PARC now, but I want to create something like it again in the near future. Only for space-related ventures.

My uncle was on the original PARC team so I'll see if I can get an answer from him to answer the quora question.

agumonkey 2 days ago 0 replies      
I remember thinking a lot about PARC when visiting biohacklabs. The feeling of random ideas implemented by people of various skills organically without clear goals. Lesser costs, new designs, new implementations.
morphle 2 days ago 0 replies      
We are (playing the Wayne Gretzky game of invention).
0xdeadbeefbabe 2 days ago 0 replies      
Bob Taylor made it that way.
bitwize 2 days ago 2 replies      
A blank check from the Feds in the hopes that giving money to smart people will make tgem develop something we could use to blow up the Russkies. That's what made Xerox PARC.
milesrout 2 days ago 2 replies      
Yeah people go on and on about how much 'amazing' stuff Google does or Microsoft does as if they just have a knack for picking the right people.

No, they have some good people and a huge amount of money gained from monopolies, which are by definition not legal.

Monsanto Weed Killer Roundup Faces New Doubts on Safety in Unsealed Documents nytimes.com
401 points by geoka9  3 days ago   237 comments top 28
abandonliberty 3 days ago 3 replies      
I've been researching this.

1. Glyphosate (roundup) use is two orders of magnitude higher than originally approved.

2. Due to the emergence of glyphosate-resistant weeds, the dosage has been increased substantially.

3. It is now also usually combined with other compounds to increase effectiveness, which affects how it breaks down and affects both the food and environment.

4. It is now also used for 'green burndown'. To help dessicate the crop. AKA they use it to kills crops to speed harvest, resulting in significantly elevated levels in your food.

Start with the wikipedia page: https://en.wikipedia.org/wiki/Glyphosate

Go on to a letter of concern published in the journal of Environmental Health signed by 14 experts in the field. https://www.ncbi.nlm.nih.gov/pubmed/26883814

Realize that little to gain from raising these concerns, while there are many wealthy parties with vested interests in not finding these results. There's little funding behind this. Governing bodies (e.g. in Germany) are still relying on findings from labs with clear conflicts of interest.

djsumdog 3 days ago 3 replies      
It's difficult to judge long term toxicity in humans. You don't immediately keel over and die when you smoke a cigarette, and the correlation between lung cancer and cigarettes needs a fully understandable cause. That's how the industry slipped by for years.

Likewise, most European countries do not fluoridate their water and the correlation doesn't seem to show any significant difference in dental health. The anti-fluoride people state these numbers, and then go and use the same bad logical to attribute fluoride to a host of ailments that are loosely correlated without any causation links.

Can fluoride in water lead to osteoporosis in older adults? Well we don't know, and these types of studies are very difficult to conduct because there are tons of variables. Many people drink from a combination of fluoridated and non-fluoridated water supplies and beverages throughout their lives. People move in and out of municipalities with different water treatment techniques. People have different intakes for calcium, iron, fibre, carbs throughout their entire lives. People have different genetics. When it comes to long term toxicity, it's really difficult to narrow down factors because you can't control for everything (ethically) and humans can live a long time.

It would make sense for at least some percentage of the population to have adverse reaction to Glyphosate. We all have slight genetic differences and reactions. Can it lead to specific cancers in humans consistently? Do we understand the mechanism by which it does this chemically? Can we replicate this in other animals where we control for other factors.

Just like the tobacco industry, I wouldn't put it past Monsanto to both bury and make up studies to suit their interests.

gumby 3 days ago 1 reply      
One important reasons for robotics is to reduce/eliminate the use of pesticides. After all we use weed killed because it's cheaper than weeding by hand.

Regardless of whether Glyphosate is toxic to humans or not, it kills the rhizome (fungi and other ecology around the roots), drying the soil and making it less productive. Robots will not only avoid this problem but support the planting of complementary crops.

macandcheese 3 days ago 2 replies      
It's not legal for sale in New York, mostly because of false advertising the company previously did touting it's biodegradability, even going so far as to say that it's "practically non-toxic".

In fact, they continue to be the subject of a class action lawsuit in NY: https://www.law360.com/articles/849367/monsanto-trims-but-ca...

Unfortunately all that may come of that lawsuit is a small label change...

It pains me to see so many people here supporting the company, especially from a group usually so ready to expose the faults of big corporations. You know, being a "hacker" and caring about the environment and the health of our planet and it's inhabitants are not mutually exclusive.

bootload 3 days ago 2 replies      
As a youngster I used to work PT while I was at Uni back in the 80's, taking care of a semi-rural parkland spread over 200 square miles. Every Spring, our workload would increase, slashing, clearing of weeds and blackberries. So Round-up was used. I told the boss no and refused to use it. The pesticide would be measured then added to the spray packs and the blokes would hand spray what ever needed to be knocked down. When they would slightly bend over, the air-relief valve would spit the spray out over their bare necks. After work was done they'd complain of dizziness.

Whenever I read about Monsanto now, I also think about Michael White and his fight to sell seed, [0] after a neighbour accidentally contaminating it with ^round-up ready^ seed. [1],[2]

So, F. Monsanto.


[0] "Why does Monsanto sue farmers who save seeds?"http://www.monsanto.com/newsviews/pages/why-does-monsanto-su...

[1] Seeding Fear: https://youtube.com/watch?v=YZGueeao0tE

[2] http://www.rollingstone.com/music/news/see-neil-youngs-monsa...

finid 3 days ago 4 replies      
We would be keeping the cost down by us doing the writing and they would just edit & sign their names so to speak, Mr. Heydens wrote, citing a previous instance in which he said the company had done this.

Science for sale.

Shouldn't that Mr. Rowland guy be in jail?

jnordwick 3 days ago 2 replies      
I think the proper comparison is Roundup verses other herbicides. It that comparative analysis, it definitely wins.
acd 3 days ago 1 reply      
Pesticide is killing gut bacteria in Bees which has led to Bee death.http://journals.plos.org/plosone/article?id=10.1371/journal....

Pesticide also increases the risk of getting Diabetics. Here is a meta study"After reviewing 21 previous studies, researchers found exposure to any type of pesticide was associated with a 61 percent increased risk for any type of diabetes. The increased risk for type 2 diabetes -- the most common type -- was 64 percent, the investigators found."http://www.webmd.com/diabetes/news/20150916/pesticide-exposu...

burntrelish1273 3 days ago 6 replies      
"Monsanto Advocate Says Roundup Is Safe Enough To Drink, Then Refuses To Drink It"


najajomo 3 days ago 1 reply      
"Weeds Your Way" Organic Farmers Share Secrets of Herbicide-Free Farming


baldfat 3 days ago 2 replies      
The funny thing is we have less herbicides because of Roundup. The option is we starve the world, because we will not be able to product enough wheat etc. or we use stronger herbicides.


ryanalam 3 days ago 3 replies      
In the US, the alternative to this would be to consume organic produce. However, most people don't realize that organic produce still uses plenty of, if not more pesticides than traditional production methods; they just use organic pesticides.

I wonder which is worse: highly mechanized, high efficiency, and low volume synthetic pesticides in traditional production methods - or low efficiency, high volume natural pesticides in organic production methods.

cholantesh 2 days ago 0 replies      
Notably, it doesn't seem like anyone in this thread has bothered looking up the court documents or the emails in question. Here they are, along with lots of background reading: http://skeptiforum.org/t/monsanto-and-the-case-of-unsealed-d...

The 'ghostwriting' refers to a position paper that Monsanto had a choice to either outsource to a number of outside experts at significant cost, or to write themselves, acknowledging the contributions of academics who wrote source material and/or would edit and review the document. And they only intended to do this for sections of the paper that were considered uncontroversial in the scientific community, with direct authorship in sections dealing with matters of contention.

It generally seems to be the case that most all stories of this nature are overreaching considerably by taking juicy sounding quotes out of context. It's remarkably analogous to the Climategate 'scandal' on close examination.

luckydude 3 days ago 7 replies      
My dad died because of roundup. He was a physics prof, smart guy, fought hard for wetland issues. Was on the board of Wisconsin Wetlands.

He didn't drink, didn't smoke, he was very active, very fit, and yet he got cancer. I can feel the down votes coming, but he was a guy that just should not have gotten cancer.

Roundup gave him cancer. I could tell you stories about him dieing that would be not so fun.

Fuck cancer and fuck roundup hard.

Edit: he and my mom fought invasive species and they used roundup. So maybe that's on them. That's why he got cancer.

djyaz1200 3 days ago 3 replies      
Having held my mothers hand as she received chemo for her Non-Hodgkin's lymphoma I can tell you this... if there is a even a tiny chance using Roundup increases the risk of the disease it isn't worth it.
tgb29 2 days ago 0 replies      
More advancements in computational biology and genetics will allow us to more precisely determine the effects of glyphosate on public health. Until we have better tools, there isn't enough evidence to make a judgment against Monsanto. However, the moment we are able to make the connection between poor agricultural practices and damages to health, a multi-billion dollar industry will be created for lawyers, and they will hold these companies acccountable.
pfarnsworth 3 days ago 1 reply      
I just doused my yard with Roundup to get rid of the vast amounts of weeds and vegetation. I have to say, it did a fantastic job. What does this mean about the soil though, is it totally fucked now?
nthcolumn 3 days ago 0 replies      
Roundup usage has been so ubiquitous for decades now so this is very worrying. I am much more concerned with Monsanto's GM food patents/diminishing biodiversity/pollution threat than this. I have no issue with GM science btw. NONE. (re:'GMO safety /mutant food nonsense') I wonder if this is a sly segway from Monsanto. Given a choice between Monsanto Roundup everywhere and Monsanto GM everywhere I'll take the former.
enibundo 3 days ago 1 reply      
If you really are concerned about this : buy organic.

If organic food gets more interest, more and more people will start growing it, and more and more people will have access to good healthy food.

These poisons wouldn't be abused if they wouldn't be profitable...

MrFantastic 3 days ago 0 replies      
I see little chance or Glyphosate being banned while Trump and Pruit are gangbanging the EPA.

We are such a short sighted species.

faragon 3 days ago 0 replies      
"New doubts", "people who claim"? That's FUD. Also, glyphosate patents are expired, and can be manufactured without Monsanto permission, e.g. [1].

[1] http://www.made-in-china.com/products-search/hot-china-produ...

Dowwie 3 days ago 0 replies      
Roundup has to be treated as if it were radioactive. I carefully sprayed only one dandelion in my lawn with roundup. Over a few weeks, the roundup spread and destroyed about a 5 foot radius of lawn.
GrumpyNl 3 days ago 0 replies      
The bees, they are killing the bees.
Vadoff 3 days ago 0 replies      
I wonder if non-GMO foods have a higher likelihood to cause cancer because of Roundup.
crumchunks 3 days ago 2 replies      
This is why people eat organic food.
crumchunks 3 days ago 1 reply      
This is why people eat organic food.

Now if you want some other curious links to pesticides and weedkillers, look at Stephanie Seneffs research.

5706906c06c 3 days ago 0 replies      
This is beginning to look like Michael Clayton.
Programmers are most likely to work from home qz.com
419 points by staringmonkey  4 days ago   362 comments top 45
NumberSix 3 days ago 9 replies      
The article does not discuss the impact of the open office movement. I've worked from home, in actual offices, in cubicles both cramped and spacious, and open offices. It can be quite difficult to focus at home due to various distractions, especially if you do not have a separate room or area for work. It is difficult to separate work and non-work with a home office. There are a variety of communications issues with colleagues when working from home. However, programming requires high levels of concentration and focus; I work on complex algorithms and mathematical software which requires extremely high levels of concentration and focus. Open offices are simply too noisy and full of interruptions. Thus, given a choice between an open office and home, home wins.

But in general I would rather work in a quiet office near my colleagues. There is a clear separation between work and non-work. Communication is faster and easier, less prone to misunderstandings. This however means something like an actual office or a quiet spacious cubicle with high sound absorbent walls.

In his book Deep Work, Cal Newport argues in favor of a "hub and spoke" office layout where knowledge workers can work in quiet in offices on the spokes, but meet and collaborate at hubs, such as common areas with food, coffee machines, printers etc. This seems like a much better way to balance the need for deep concentration on the one hand with "collaboration," annoying MBA buzz-word at present.

eddieh 4 days ago 22 replies      
I like working from my office. I don't understand people that like working from home.

Possible confounding variable: I live exactly two blocks from my office and don't have to commute. Perhaps, in actuality, people don't like to commute?

jonmb 4 days ago 0 replies      
I've worked both in offices and remotely. They each have their pros and cons. I prefer remote.

The biggest pros of remote work for me are no commute + not needing to get dressed in business clothes every day. I don't have to fight traffic, I don't have to iron clothes every day, I don't have to find parking and spend 10 minutes walking to and from my car, etc. I don't have to do a whole bunch of little things that going into the office required.

So the biggest advantage for me is saving time. And now I get to use all that extra time for spending more quality time with my wife and dog, side projects, exercise, video games, etc. I get more sleep! That's an important one.

The downsides to working from home is that it is harder to communicate in some situations, especially if you're the only guy working from home. It is easier to be overlooked for promotions since people don't know your face and see it every day. You miss out on the social aspect of work, though this can be mitigated if you're able to drive/fly-in to see your team occasionally. You miss out on the office banter, though some people would consider that a good thing.

Many other points people raise such as having lack of focus, being taken advantage of, and so on apply equally to being remote and working in the office (depending on the office) so I consider those to be moot points. If you can't focus at home, that's a fixable problem with your own mind and your environment.

edw519 3 days ago 2 replies      
After 38 years of commercial programming, 15 of them remote, here's the thing that almost no one talks about: working remotely actually benefits the company much more that the programmer. Here's why:

1. Profitability manufacturing something increases dramatically when lowering overhead and driving direct labor. Direct labor in software are the programmers. Time spent programming (usually) produces product. Time spent not programming flushes money down the toilet. I have never found a better way to increase the direct labor / overhead ratio than by working remotely.

2. Proper process building software can give geometric increases in value. Things like business requirements, technical specifications, test plans, UAT, QA, project management, etc. When programmers are in the office, it's just too easy for managers and analysts to "wave their hands" and "call a meeting". Too often, that's their answer to everything. The meetings rarely serve their (ususally undefined) purpose. They give the appearance of progress without the progress. Problem #1: You've just wasted a little bit of your programmers' time. Problem #2: You will waste a whole lot more of their time at the other end when things aren't right.

3. Workingly remotely enforces discipline. Things need to be written down. It's hard to peer review meeting notes or Skype recordings. Specs, reqs, test plans, etc. need to be documented and reviewed BEFORE wasting programmer time. I generally try to turn down any meeting or Skype without something in writing. (Skype / Webex is just another way for managers to waste programming resources that doesn't feel as bad as a physical meeting.)

I have hard data via thousands of tickets over the years to say that working remotely has easily made me at least twice as productive. Mainly by getting others to leave me alone and to drag them kicking and screaming into the 21st century by doing their jobs. The most important job of someone who doesn't program? Enabling those who do.

The main reason I love remote is not because of my home office, or short commute, or good 4-legged company, or working in my underwear, or anything else about me. It's because I have never found a better way to get shit done.

NateDad 3 days ago 0 replies      
I've worked remote for about 5 years (and about 18 years total). When I lost my last job, I resolved to only look for remote work. Commuting is a giant waste of time, which is the most precious resource we all have. I could live near Boston and have a tiny house with no yard and mediocre schools, or I could live an hour outside Boston and have a huge yard and amazing schools. The choice is clear. But it means that if I were to work in the tech hub, I'd never see my kids during the week.

When done right, remote is awesome. There's no reason every programming company couldn't be remote-friendly these days.

There are two things that companies often do that screw up remote workers:

1.) Having meetings in meeting rooms. This does not work for remote people. Remote people cannot participate in a conversation from a speakerphone when the majority of people are in the same room. You just can't break into conversations between people in the room.

2.) Having an open office. This prevents the fix to #1 - which is to have meetings via hangouts or other video chat, with everyone (even people in the office) participating via headset & personal video camera. The open office makes cross talk between mics too painful (with judicious muting you can sorta fix it, but it's a hassle).

These are fixable problems, but the company has to be committed to good remote culture to do so.

archeantus 3 days ago 1 reply      
I've been thinking a lot about this lately and I've decided that working remote IS the most important benefit of my job.

I've been fully remote doing iOS development for nearly four years now, and I am not interested in entertaining any new job offer unless my fully remote status can be retained.

Are there downsides to this mentality? Yes. Am I missing out on networking/schmoozing opportunities by being remote? Almost assuredly. But as I've been thinking about it lately, I don't think I want any of that stuff. I can't see myself enjoying the job of management or being a director, etc. I would probably enjoy the pay, but not the work.

So for me the most important thing is that I love my job, I get paid very well, and I'm home to watch my five kids grow up.

I don't think I'm interested in trading in that setup, not for any job title.

maxxxxx 4 days ago 0 replies      
If I actually had an office and not some little box with neighbors talking the whole day I may be ok with going to an office. Working from home is my only chance to actually think without distractions.
BeetleB 3 days ago 4 replies      
I work in a big company.

It's easy to see all the useful things I would have missed out on if I worked remotely. Examples:

- Networking: Serendipity plays a bigger role than anything else. And you get a lot less of it the fewer people you interact with. Simply bumping into people at the cafe is quite valuable.

- Career coaching: Lots of classes, talks, invited speakers, etc. Some can be done remotely, but roughly half require you to be live.

Also: Going to work makes it easier to leave work there when you come home.

ahallock 4 days ago 1 reply      
I've invested thousands of dollars in my home setup (which will never be done), to create an amazing working environment. Why would I want to give that up? Sure, employers may give you a little $ to customize your desk and equipment, but if I'm going to be spending so much of my life at a computer, it'd better be amazing.
ryandrake 4 days ago 1 reply      
I'm more of a "cat herder" than programmer these days, and I probably would have great difficulty doing my job from home, or with others working from home. Face-to-face conversations and in-person meetings are tools that have their uses, just as E-mail and asynchronous chat, phone calls and video conferences are tools that have their uses. To me, the cost of tossing out those "in person" tools does not make up for the pleasure of eliminating my [2 hour each way] commute.
xchaotic 4 days ago 0 replies      
This is so obvious, but so few roles allow for that. I am below my market rate but happy and motivated, as I am 100% remote. Imagine if someone offered market rate, they'd still be ahead, without the need to pay for the office space.
gdulli 3 days ago 0 replies      
I'd be bored sitting at home all day instead of being around people, and then there's the more subtle ways my work is more effective when in-person contact with others happens by default rather than letting the temptation to do solitary work win out.

If I chose a job with a bad commute or bad co-workers or bad working conditions I guess I'd be unhappy about going into the office. But it seems more logical to address the root cause than the symptom. Fundamentally wanting to be separate from other people doesn't seem like the most functional pattern to encourage. But I get it, the uninterrupted coding is the part of the job that's the most fun.

johan_larson 4 days ago 1 reply      
I've been working from home now for a year and a half, and I love it. It's really quiet, and no one interrupts me. The best possible arrangement would be a private office at work, but working at home is miles better than an open-plan office.
rocketlionqb 3 days ago 0 replies      
I would rather work from home. I lose about two hours commuting to and from. I would save on gas. My home office is confortable. I can cook lunch. I can go to the gym before everyone gets off at 5. I wouldn't have to listen to co-workers who likes to eat lunch with their mouths wide open. I won't have to smell the sack of diapers my co-workers like to microwave for lunch. I wouldn't have smell the daily onion odor from co-workers that enjoy showering bi-monthly. No broken A/C at the start of summer every year. No death/suicide commute dodging idiots that can't drive. I need another job...
nsxwolf 3 days ago 0 replies      
I've been working remote almost exclusively for 13 years now. It has its own benefits and problems but I really, really hate hearing it described as a "perk". We've had the technology for many jobs to be 100% remote for a very long time now, and I still see it treated by companies as a benefit like "summer hours" or casual Fridays or whatever.

It's pretty insulting, actually, to frame people like me as entitled slackers.

neverminder 4 days ago 0 replies      
As someone who's stuck in open office torture chamber and dreaming about working remotely I can't help but notice an obvious trend - developers from poorer countries are "outbidding" those who are not in what seems to be just another race to the bottom. Unless of course you're a highly sought after specialist with experience in some narrow area, or you have good contacts.
ensiferum 4 days ago 3 replies      
I think I'd be utterly depressed if I worked from home. Every day without any human interaction. Plus I really love the clear boundary between work and home. Wouldn't want to pollute my home with work.
mouzogu 3 days ago 0 replies      
It depends on the office and your personal circumstances. If I dread going to the office for whatever reason (uncomfortable, noisy, bad commute, dislike coworkers) then of course I'd rather work from home.

I think this argument of WFH detracts somewhat from the issue of making the office itself a better place. There is so much that can be done in that area to alleviate some of the issues around not wanting staff to wfh.

For me, the main issues are noise, lack of privacy and lack of environmental control. I get some of the same stress in my office that I would get standing in a busy highstreet during rush hour. I dislike open plan office, hot-desking etc - give me a space, I'm comfortable working and relaxing in - a second home almost. Or maybe I'm just a spoilt millenial.

dec0dedab0de 3 days ago 0 replies      
I've been working from home for a few years now, and I think the one thing I would miss the most is having my own private bathroom. If I'm ever in a position to design an office, the bathrooms will all be individual, or at least have stalls that go all the way down.
chrismealy 4 days ago 2 replies      
Never being on call is the ultimate perk.
mr_tristan 3 days ago 0 replies      
Many companies frequently build a hierarchy of "direct reports". That hierarchy really loves having people they oversee being local. It's kind of a cultural thing, but it requires a very, very patient and rational manager to oversee people they can't physically interact with. In my experience, most managers don't fit this bill.

Add to the fact that most of these direct reports are done via a direct 1:1 meeting, most company cultures just really, really want to do critical communication verbally.

I've rarely encountered a company that puts quality written communication at a high priority. The last few I've worked at have these half-assed wiki's (e.g., Confluence) where pages are written poorly and then forgotten about about 15 minutes after the page is updated. And then random email blasts.

It's this focus on verbal instead of written communication that is a blocker for remote work. As a remote employee, if nothing important is clearly written down, it's difficult to be a "self-starter". You can't just research a problem yourself, you frequently need to be handed work. Thus, in most businesses I've found, the remote employees end up in this strange "in house consultant" style role.

I suspect companies where everyone is remote also prioritize written communication.

lbrindze 3 days ago 0 replies      
I have worked in a quite office and an open office and I think at the end of the day my feelings are the same. I am more productive and can get more done in less time when I do my own thing in my own space.

One thing I think worth mentioning though is as our systems become more and more distributed there is a clear advantage to having the limitations in communication folks are bringing up. It really forces you into a mindset where you have to nail down your API so others can neatly interface with your work. When I'm in the same location as a teammate, I'm more likely to just go over and ask them how their module/service works, which I might argue leads to more intertwined, less decoupled code. If I am physically removed from other team members, I am forced to make more independent resilient systems because in order for projects to be more successful, I have to more closely stick to the predefined API specs from the outset.

I am fortunate in that I have garnered enough skill/demand that I can work from my boat, sailing around Mexico, so for me, the freedom independent contracting has allowed in my personal life is unmatched. I undrrstand why managers and business owners are loathe to offer this kind of work, and I think partly it's because a few bad eggs has given wfh a bad rep

uncensored 3 days ago 0 replies      
Bose 35 noise cancelling headphones (or similar) should be provided to every programmer who is required to work in an open office environment, and even for remote programmers who have to work from coffee shops.

It's a hustle to find remote work at top pay, not impossible but harder than getting top pay for onsite. When will that change?

I've been remote since August 2015, and it's been a challenge to keep getting highly compensated remote work, but I managed it somehow.

taternuts 3 days ago 0 replies      
I really think the best situation is a place that doesn't care all that much if you work from home, but you aren't technically a WFH employee. I used to be 100% remote and yes that had it's perks, but I think overall wasn't the best for me as someone who, left to their own devices, will likely sit out my couch at home all day every day. I actually enjoy going into the office for at least half the day and leave for home when I feel like it. Usually that's after breakfast and lunch from the cafeteria :)

It's nice though, to have real life friends at the office. Especially when you move to a new place and don't really have your old friends around. I don't really feel any loneliness because of this. I still keep in contact with my remote friends, but you know... it's not quite the same.

throwaway2016a 3 days ago 0 replies      
Anecdote but I'm sure other people feel the same:

I get cabin fever working from home more than a few days a week. I need human interaction and video chat and Slack don't cut it.

I found working from home I cooked a lot less (went out to eat instead just to get out of the house) and the days tended to blend together.

eikenberry 3 days ago 0 replies      
Hard to imagine why. Better work environment, better equipment, better office mates, better commute, fewer distractions, lower stress, etc. Plus it structures the communications better, so you have less of the random conversations and more use of ticketing systems and like.
pmontra 3 days ago 1 reply      
Well, I'm self employed and work for customers mainly from my home (backend development, web technologies). One or two on site meetings per week and that's it. Sometimes I had to go to customers sites in my town two or three days per week, usually during design phases. Working at home (I live alone) and avoiding the office is definitely great. Zero commuting time, I worked this morning, went on a 2 hours 50 km bicycle ride in the afternoon, got a shower and back to work. I'll probably get back those working hours on Saturday morning. I try very hard to allocate some time for my interests. I'll be back to working in a office only if business goes very bad and I can't avoid it.
samfisher83 3 days ago 5 replies      
You spend 8 hours a day working. Why would you want to be isolated from other people? As a kid you go to school you are around people. Working from home seems like you are kind of isolated from people. Its not the same as over skype or slack.
pklausler 3 days ago 0 replies      
So many companies require you to relocate to work for them, and then fail to provide an acceptable office environment that allows concentration, so they let you work from your (new) home. It's bizarre.
akinalci 3 days ago 0 replies      
I enjoy working in an office environment because working in my home can be isolating. But cubicles with low walls where I'm constantly seeing and hearing my officemates is awful. Who thought this could possibly be a good idea for work that requires focus?

Also, a year after moving to San Francisco to work for a team based in the city, they relocated us to the South Bay. Now everybody on the team spends 3-4 hours daily commuting from SF/Oakland/Berkeley and it's awful.

I suspect these are the kinds of measures companies take when they want to reduce their workforce without layoffs.

k__ 3 days ago 1 reply      
I'm much happier since I started working remote.

I've never been the 9-5 office guy and my coworkers were always joking about me not being in office before 10.

When I finally missed a promotion to head of development because the higher ups said it can't be the 10-o-clock guy, I left the company and with it employment in general.

As a contractor I can work from wherever I want, get paid much more per month and can keep much more of it because of cheap private insurance and pension funds.

I also can take as much holidays as I like.

I see my family and friends more often AND get more exiting new projects.

douche 4 days ago 0 replies      
Any day I don't have to go to the office is a good day.
cliffy 4 days ago 0 replies      
I've had really good experiences working from home, and awful ones too. It usually comes down to having a distributed-first mindset among the team and management.

The ideal would be to have an office with a super short commute when I need a change of scenery, but the option to work from home whenever I feel like it.

The requirement to sit your rear in a specific chair at a specific time is pretty stupid when you can code anywhere you can carry your laptop.

HenryBemis 4 days ago 0 replies      
Not only for devs. I was working for a mega-big US company doing audit/sec and 90% of the time I was working from home, and it was the best thing!
JimboOmega 3 days ago 0 replies      
Having worked from home and on remote teams... I didn't like it as much as working with others, because I never felt attached to the team.

A shocking amount (to me, anyway) of my motivation comes from caring about the people involved in the organization... That attachment just doesn't form with people I hear on the occasional conference call or daily slack messages.

stuaxo 3 days ago 0 replies      
I always used to want to go into the office to give me structure. Recently I worked with a client where the office was so loud it was impossible to get stuff done.

The difference in productivity working quietly at home vs in an office with loud music being composed and conversations being had across it was night and day.

jordanlev 3 days ago 0 replies      
So many comments in this thread are comparing working at the office vs. working from home -- but there is a 3rd option, which is to rent your own office! I do this, it's not very expensive (a few hundred dollars a month -- if I get 2 extra hours of productivity per month then it's paid for itself).
matz1 3 days ago 0 replies      
That's why I prefer open space office, because if I want privacy I can just work at home or somewhere else. What's the point going to an office where i will be in my own private space.
ryanmarsh 3 days ago 0 replies      
"working from home" aka "actually getting work done"
craigvn 3 days ago 0 replies      
I actually prefer working in the office. When at home there are too many distractions, too easy to go to the shops (or driving range) or start working on your own projects.
nebabyte 3 days ago 0 replies      
> For programmers, the ultimate office perk

will vary depending on which programmer you ask

jaequery 4 days ago 1 reply      
how about them phone meetings? i really dreaded them made me almost hate wfh
draw_down 4 days ago 2 replies      
It's not really a perk. It comes with its own set of problems, friends.
humbleMouse 4 days ago 31 replies      
There is a dirty secret that nobody talks about and the real reason that companies want programmers in the office.

Companies want their top performers in the office so they can serve as trainers/mentors/teachers to the new college kids and the incompetent older people they hire.

I think this is the real reason companies crack down on working from home. It's infuriating as a top performer - I just want to get my assigned work done and leave it at that. I don't want to teach all your shitty college grads how to actually code.

edit: I'm not against mentoring people and helping build teamwork, knowledge sharing, etc. I'm just saying that an all out ban on WFH makes me feel like I am sitting in an open office all day doing other people's assigned work.

I actually am very social and enjoy teaching and helping people. I just wish it wasn't one extreme or the other - I can still mentor/knowledge share with tools like WebEx.

edit2: I am a contractor who was recently banned from WFH. We used to have a very lax WFH policy and it was great. Now I'm banned from WFH completely. The article was discussing the merits of WFH policies, which I am commenting on.

meritt 4 days ago 5 replies      
> I don't want to teach all your shitty college grads

humbleMouse's profile: "Mid-Twenties"


Princetons Ad-Blocker May Put an End to the Ad-Blocking Arms Race vice.com
455 points by hourislate  1 day ago   297 comments top 54
downandout 1 day ago 19 replies      
The article puts a significant emphasis on the idea that bulletproof ad-blocking technology, assuming that's what this turns out to be in practice, will work long-term becuase of legal restrictions imposed by the FTC. If Google, Facebook, or other multi-billion dollar entities detect an existential threat arising from this or any other technology, rest assured that the laws will change as quickly as is necessary to keep them happy. Lobbyists will be paid, and donations will be made. Anti-ad-blocking laws will be introduced, or the FTC's ad identification restrictions will be relaxed. Ads aren't going anywhere, and neither are advertisers.
gwu78 1 day ago 1 reply      
I do not have "block ads". I simply do not request them.

Users do not intentionally make requests for ads or pixels from tracking servers. Browsers do. Automatically.

People writing web pages that aim to cash in on advertising budgets depend on this "feature". However it is optional. I read hundreds of web pages and never see any ads. Because for eading the news I do not use a so-called "modern" browser.

It seems the entire web ad industry requires browsers to operate a certain way. If browsers do not follow these assumptions, then the user sees no ads.

Despite strange notions like the one in the top-voted comment in this thread, there is nothing that requires any user to use browsers written by people whose salaries are paid directly or indirectly from ad sales revenue.

Assuming certain companies were as all-powerful as the commenter suggests, then why not require users to access pages using software written by companies who profit from such web traffic? And make the software proprietary?

Surely no one would complain. Thank you sir, may I have another?

Let us not forget some of these "multi-billion dollar entities" are just websites. If the traffic dies down, the business of selling ads is no longer feasible. And the company disappears along with the website. It has happened before.

98% of revenue from web traffic/ad sales.

Castles made of sand.

IIIIIIIIIIII 1 day ago 6 replies      
This is not the end of the arms race.

At some point we will have AI designing and AI delivering ads, and while we may have AI designed to prevent us from having to watch ads we don't want we will also have AI that watches everything, gathering and filtering information that is too much for us to handle but tuned to our needs since it's "our AI". Then the race will be that one AI wants to trick the consumer AI into giving their information more weight and attention.

So instead of the race humans against humans we'll have a race humans => AI ("sellers" of anything, from goods to news) => AI (consumers) => human (us).

It's going to be a lot more complex: Right now all that people on both sides have to know is human psychology. In that future they'll have to understand the potentially far more varied world of possible AIs - and if that isn't enough the complex interactions between them and also between the AIs and the humans.

Are we creating the diversity and complexity that we remove from the biosphere (the ongoing mass extinction and/or reduction of many species) anew but in a completely different space? In addition to technical systems we are also getting much better (and better faster!) in controlling biological systems, creating our own ideas. At least some programmers of the future will write their code in DNA - or possibly even something more complex, something that can encode completely new proteins that the current code can't represent. And then there's combining biology and technology... an explosion of complexity and diversity?

I studied CS more than two decades ago. I kept up to date and continue to do the odd course in my field, but what I consider an amazing experience (for an IT guy) was when I spent the last few years taking hundreds of hours of courses in biology and medicine. Looking for new ideas? Take an introduction to biology and genetics course instead of learning an only very mildly different programming language, for example (free): https://www.edx.org/course/introduction-biology-secret-life-...

devy 1 day ago 4 replies      
> Another technique used to hide the ad blockers' activities is even more impressive. They are able to "create two copies of the page, one which the user sees (and to which ad-blocking will be applied) and one which the publisher code interacts with, and to ensure that information propagates between these copies in one direction but not the other."

So this ultimate ad-blocker would potentially consume twice as much resources as it would have been?

make3 1 day ago 5 replies      
Just change the alpha values in the `coverContainer` function in `utils.js` and it actually blocks ads.

Patched `utils.js`:https://pastebin.com/YLyN2uJ8

iamben 1 day ago 6 replies      
At risk of being very unpopular, am I the only person that doesn't mind ads? I mean some are pretty intrusive, but largely I'm happy to make the trade off. I'll look at (and maybe click on) your ad, if it means you have the cash to bring me what I want to look at. It's fantastic to think we live in a world where the web can support itself without ads, but it's not really practical, is it? Some stuff I'd support - but the best thing about the web is that I can dip in and out of sites completely based on one off content, knowing I don't have to pay before I read.

And the HN crowd is the sharp end of the web. A lot of us ARE likely to support the web in another way. The blunt end not so much. They're also the ones more likely to click on ads.

ktta 1 day ago 1 reply      
If anyone want's the source of the proof of concept extension[1] here's a link to get it. Just use wget


You should just be able to unzip it.


mark_l_watson 1 day ago 0 replies      
Great article, as much for the tension between people wanting free content and ad free content, and the practical issue of publishers 'keeping the lights on.'

I subscribe to Blendle (currently I have another tab open to a Wall Street Journal article by Garry Kasparov about issues with artificial intelligence - I paid Blendle $0.49 from the funds in my account wallet to read this, so Gary and the WSJ get paid). Many Blendle articles I read are only $0.09 or $0.15 - this was an especially expensive one.

I think the 'war' over ad blocking might have a beneficial effect in moving content providers to easy to use micro payment systems.

Most people I know think that I am crazy for spending small amounts of money to read stuff, but there are costs in life like supporting things we enjoy and charities (I really like Google's One a Day charity clearing house - easy to take 30 seconds and give a dollar or two to some worthwhile cause). The amount many people spend on coffee each day is more than paying for content and donating to One a Day.

throwaway13337 1 day ago 8 replies      
What would a post-ad-supported web looks like?

Only selling user data without a way to use it to target ads?

Consumer software that isn't free?

Sock puppet marketing run rampant?

It would sure be a different world.

pavel_lishin 1 day ago 1 reply      
Does this cover the issue of tracking, etc? It seems that in order to detect/block the ad, it must allow it to load - and at that point, the malicious payload is already on my machine, and I've already spent part of my precious allotted bandwidth on someone's idea of profit-making.
sharmi 1 day ago 0 replies      
A few days back, I started working on an high powered machine with a vanilla firefox. Even with just 20-30 tabs open, the software started to crawl. Please note that most of the pages open were either github pages, hn, stackoverflow or articles linked for hn (implying fairly reputable sites). Initially I thought it was the fault of the browser. (That performance was jarring as I am a tab hoarder, frequently having hundreds of tabs open). Only later did I realize that I had not installed Ublock Origin. Did it and Poof! The difference was night and day.

What I am trying to say is that, the advantage of ad-blockers is not just the removal of ads but also a significant removal of cruft that adds no value and hogs the system resources. The solution proposed in this article actually renders the page. So, it solves only one of the issues. It could still be beneficial to use it in conjunction with UBlock Origin.

bagacrap 1 day ago 3 replies      
Doesn't this blocker still require you to load and render the ads so they can apply their vision techniques to them? You won't get any performance win and you'd still see empty popovers or blank space. I don't see how detecting that something is an ad is enough on its own to create an effective ad blocking solution.

The part about defeating known anti-ad blockers seems rather unfair. If this technique did gain popularity I'm sure there would be ways around it (like tricking it into thinking the button used to dismiss a popover is itself an ad).

ams6110 1 day ago 2 replies      
I use a hosts file, and uBlock Origin. I can't remember the last time I've seen an ad on a website. I'm thinking there's not a lot of room for improvement.
mdpopescu 1 day ago 3 replies      
I think these guys haven't read pg's Submarine [1]. Assuming everything works as they claim (it won't), the ads will just pretend to be articles.

[1] http://www.paulgraham.com/submarine.html

nyolfen 1 day ago 0 replies      
nickbail3y 1 day ago 4 replies      
According to the article, current adblockers like Ublock Origin aren't searching for keywords in the page elements for ads, they're just using human maintained lookup lists?

That's very surprising. I would have thought that would be the first avenue of attack for adblockers.

Also, who wants to help me retrofit this thing to actually block ads?

jagthebeetle 1 day ago 0 replies      
Not seeing a whole lot of discussion about the implementation. Looking through the extension's code (which should be somewhere under your Chrome app files, if not online), briefly, it seems like an unsung hero here is Tesseract.js:http://tesseract.projectnaptha.com/.

The extension itself seems to do OCR (using Tesseract) on images and look for the string "adchoices", or else the adchoices icon, which yes, is cool: but just want to clarify that the folks at Tesseract seem to be doing the meaty "computer vision" part.

EDIT: oh, this isn't markdown.

quotemstr 1 day ago 0 replies      
Corey Doctorow predicted this event in his prescient 2012 article "The coming war on general-purpose computing": http://boingboing.net/2012/01/10/lockdown.html

He's talking about DRM as it applies to downloaded content, but the same argument applies to web advertising.

teaneedz 1 day ago 0 replies      
So much wasted development effort. I applaud Princeton and this team though. Ad tech is just a flawed attempt to monetize user data which has alienated users. Online ads are a security and privacy risk. Developers need to stop supporting ad tech completely. Put the effort into more beneficial endeavors. If only ... advertisers and publishers had listened and took UX seriously.
dlubarov 1 day ago 0 replies      
> Because advertisers must comply with these regulations, the authors imagine an "end game" in which consumersand ad blockersultimately win.

I don't entirely agree. Websites have an advantage too: they can withhold the interesting content until a time of their choosing. For example, a blog could

- Serve an ad page initially

- Include some javascript to load the text of the blog post

- Have the request handler for the text do a sleep(10)

Then there's not much an ad blocker can do.

- They could hide the ad, but then the user is waiting on a blank screen, which is probably an even worse experience for most.

- In some cases they could pre-fetch the text, but you can't always predict where the user will go, so it would only work sometimes.

- A more advanced ad blocker could mirror a bunch of content and serve it with no delays, but that wouldn't work for personalized content like Facebook timelines.

mattb314 1 day ago 0 replies      
Slightly related question from a non-expert in ad-blocking: is it possible to block interstitial ads? While the freedom to render a page as you wish seems to come with controlling the browser on your computer, I can't imagine any way to circumvent the ads the obstruct the entire page and force you to wait for a few seconds before seeing content. Obviously you can just choose not to render them, but if the server can just delay serving article content until X seconds after the interstitial loads, it seems like the fundamental advantage here lies with the publisher and not the user. While submarine ads and lobbying are obvious responses to the Ad-blocker proposed above, wouldn't interstitials (which personally bother me much more than sponsored facebook posts) also gain popularity?
avaer 1 day ago 0 replies      
Prediction: AI ad blockers become accurate and automatic enough; ads mutate into AI-based transformation of content to include paid placements.

The price of the news article or Youtube video of the future is that when you see someone drinking a Pepsi, you can't be sure if they ever actually did that. Or whether your friends saw the Pepsi when they watched the same thing in the other room.

And thus ad blockers cease to make sense; you can no longer tell what you'd be missing if you used them unless you're the centralized corporation that hoards this data.

takeda 1 day ago 1 reply      
Allow me to be a bit skeptic about it.

This reminds me a lot of Bayesian spam filters. Those things worked great very few false positives and negatives, once Google started using it on a large scale (GMail) spammers started playing the system and often they are successful.

ageyfman 1 day ago 0 replies      
This doesn't address the massive bloat that ads add to the website. I don't mind seeing ads when I browse the internet. I do mind having websites load for 10 seconds because 20 different ad networks are loading their iframes.
waylandsmithers 1 day ago 0 replies      
Cool! I wonder if this means all advertising on the web will have to be superficial, which might not be a great thing.

Maybe eventually we'll feel the same way about ads on the web as we do about ads in film-- a character can't stare into the camera and tell the viewer to go buy a Corona, but if he is asked what he'd like out of the cooler at a barbecue, he can say he wants a Corona.

I personally prefer a middle ground, like when magazines print ads with the text "ADVERTISEMENT" or "SPECIAL ADVERTISING SECTION"

ziikutv 1 day ago 0 replies      
Interesting read. I like how they took the time to put an update and clarify about what was not tested. Good journalism.

Additionally: I wanted to plug (not involved with the project) PI-Hole [1]. You route all traffic through the Raspberry PI which points to custom DNS that filters ads on their end, reducing data usage significantly. This leads to ad block on all devices without the need to install custom software on any of them.

[1] https://pi-hole.net/

Edit: append reference

ChuckMcM 1 day ago 0 replies      
That is a pretty clever attack and I think the reasoning is pretty solid, if the FTC requires that humans can 'tell' that something is an Ad then a machine learning algorithm can too.

I'd love to see how effective this is on a Google page like a search for 'free credit card'. The last time I checked that query had exactly 1 organic result on the page, and if this worked as described you'd get a google page with just one result. That would be kind of amusing in its own way.

yakult 1 day ago 0 replies      
End to the arms race? Hah. The next step is adversarial neural network generated images that fools the OCR while looking relatively normal to human eyes.

This war doesn't end until computers pass the Turing test and we build a complete simulation of the end-user into the adblocker/spam filter/marketing call blocker/girl-scout-cookie-seller-doorbell-deactivator.

tyingq 1 day ago 0 replies      
Guessing it has the same limitation that thwarts other ad blockers....running well on mobile, especially Android.

Google was smart enough to not allow extensions on mobile Chrome. So you are relegated to either 3rd party browsers or weird internal proxy solutions, both of which have downsides.

Still excited about serious resources going into ad blocking though.

polskibus 1 day ago 1 reply      
This is a beginning of a new arms race, not an end. We'll now see an explosion of machine cheating and computer blinding techniques.
dirkg 1 day ago 0 replies      
What about the many sites who legitimately exist only due to minimal ad revenue, and don't abuse ads, allow malware etc?

I'm all for supporting them. Its the sites that pose an actual threat or whose ad:content ration is something ridiculous like 2:3 that are the problem. Esp on mobile.

scottlegrand2 1 day ago 2 replies      
Google doesn't seem to like stuff like this:


strokeswan 1 day ago 0 replies      
Nobody mentioned Brave browser ?https://brave.com/about_ad_replacement.html
alexplainl8ter 1 day ago 0 replies      
I would just wrap all my content in whatever terms the legal restrictions require, thus blocking everything.
robrenaud 1 day ago 0 replies      
You don't get to claim you won the arms race until you've actually released your thing and it's got some significant adoption.

Otherwise you are just landing punches on an opponent who doesn't even know he is getting touched.

sologoub 1 day ago 0 replies      
Don't buy that this is undetectable - browser sends a lot of signals, including position of the mouse and interactions with content, so it's not a big stretch to say that it would be possible to detect interactions or lack thereof in the area that is supposed to be the ad and determine that it's likely blocked. Once detected, publishers are free to not let you consume content via paywalls or simply letting site break.

It's also not going to be able to be effective against stitched video, especially if the player playlist doesn't let you skip around easily - at best you'd end up with blank screen for the duration of the ad. Sound is another problem.

We need better solutions for advertising, not yet another escalation in blocking that will lead to even more intrusive/annoying behaviors. (Much louder sound from stitched mid-rolls than the content anyone?)

usernametbd 1 day ago 0 replies      
Unless the display technology is changed from html, css and js to something opaque for a client, like a video stream of content, ad blocking will always be there and effective even if there are laws against it.
ComodoHacker 1 day ago 0 replies      
So with this new revolutionary tech ads will still be loaded into my browser and tracking scripts will still track me?

No, thanks, I'll stick with uBlock Origin.

mankash666 1 day ago 0 replies      
State of the art in advertising today, is pusing it via websockets. This extension failed to detect those ads. PornHub is one example, with plenty others using webSockets.
mrcactu5 1 day ago 0 replies      
HIV is kind of like that too, when they circumvented CRISPR. I hear the nearest cure is decades away. Hopefully they have solved ad-blocking.
cbhl 1 day ago 0 replies      
I really would rather that banner and pop-up ads go away altogether, and that they be replaced with native advertising.

This war is silly.

accountyaccount 1 day ago 0 replies      
It doesn't work on Facebook's autoplay video ads, so that didn't last very long...
maverick_iceman 1 day ago 0 replies      
Didn't detect any 'sponsored' posts in Facebook.
strokeswan 1 day ago 0 replies      
Nobody mentioned Brave browser ?
peterwwillis 1 day ago 0 replies      
"A favorable legal climate and the existence of browsers friendly toward ad-blocking extensions are two key factors that may tip the scales toward users."

On the technical side, Google can just close up its browser, prevent ad-blocking malware, require only compliant browsers to connect to its site, and all sites that depend on advertising dollars can jump on board.

Unless they decide to simply change the regulations, which doesn't take the same investment in time, development, and bad PR.

Once faced with having to pay for the internet again, people will be fine with either of those options.

rdiddly 1 day ago 0 replies      
So circumspect are they. There's as much of an 'ethical dilemma' here as there's a climate change debate. In other words, there's the truth and then there's a ton of wishful thinking & misinformation trying to sound legitimate.

"A lie ain't a side of the story."

gaag2 1 day ago 0 replies      
Ads are necessary for business!
BugsJustFindMe 1 day ago 0 replies      
"Because advertisers must comply with these regulations..."

Hahahahahahahahahahahahahahahaha. sigh

justboxing 1 day ago 4 replies      
LeicaLatte 1 day ago 0 replies      
Mother of all blockers. Sounds like your typical knee-jerk solution that has nothing to do with the actual problems.
orblivion 1 day ago 1 reply      
The war on ads is like the war on drugs. This is just going to create more ruthless ad cartels. There is a demand to be met, it will find its way to the consumer, even if it has to plow over 50 others in the process.

The question is, what is the online ad equivalent of legalizing drugs?

throwaway91111 1 day ago 0 replies      
An ad blocker is worthless without also clicking on ads to inject noise.

Use Ad Nauseum.

downloadthisad 1 day ago 1 reply      
I thought this was hacker news. If you dont want something to be downloaded to your computer restrict your computer from downloading it. If you dont know how to do this then learn so. This cannot be stopped.

At the point it can be stopped the computer you have is no longer your computer. Like when the car you have is being driven by a computer and Tesla does not allow you to do self maintenance it is no longer your car.

So dont buy computers that restrict you from full access to the software (I dont think this has been done yet). And dont buy Tesla cars. Unless you like the product and dont mind renting or dont value complete ownership.

aub3bhat 1 day ago 1 reply      
Wait they don't even have a fully working implementation, and yet VICE is already proclaiming it as an end of Ad-blocking wars?

Color me skeptical.

Now I know that the original authors did not write the clickbait headline or even the article, but working on Ad blocker is a poor use of resources. On a longer time horizon websites that cannot be supported via Ads will turn into Apps that require multiple permissions + FB/Google login. This type of effort is frankly futile, you might win the battle on Ad-blockers but you are guaranteed to lose the War of economic incentives.

But hey in the meantime some clueless reporter writes a breathless article about your imaginary triumph on something everyone likes to hate, so why not.

Also as far as their scheme of detecting "adchoices" icon or container sizes, it can be trivially circumvented. When it comes to circumventing such algorithms, disorganized hackers routinely do that for far more secure things. Organized well paid engineers at Ad tech companies can probably beat them in couple of days if not hours. Worse their scheme penalizes good companies that opt-in into adchoices. So a site operator is forced to choose shadier ad networks (guaranteeing higher revenue) which this scheme won't be able to block. As a result the user gets a worse experience!

As much as it is in vogue to hate advertisers, crippling someone's business model (whatever your cute ethical reasons might be) while using institutional resources is not a great idea. Princeton CS might soon find itself on wrong side of a lawsuit, where upvotes and retweets might not count much.

Blender 2.79: OpenCL on par with CUDA blender.org
400 points by nedsma  4 days ago   136 comments top 12
aidos 3 days ago 4 replies      
There was an article on here a couple of months back that was an intro to blender from a geek / vim perspective. I felt a bit inspired and downloaded it to have a play. It's an absolutely brilliant application - I highly recommend giving it a try.

Edit here's the post https://news.ycombinator.com/item?id=13379597

zengid 3 days ago 8 replies      
Quoted from the article:

"OpenCL works fine on NVIDIA cards, but performance is reasonably slower (up to 2x slowdown) compared to CUDA, so it doesn't really worth using OpenCL on NVIDIA cards at this moment."

I wonder if that's intentional on NVIDIA's part.

Does it mention which version of OpenCL they're using? I'm looking forward to hearing news about v2.x and SPIR-V.

valine 3 days ago 2 replies      
Blender's progress has been astounding. I remember a while back they anounced the OpenCL implementation was being put on hold for a undetermined amount of time due to limitations with AMD cards. This really is an exciting announcement. It's great to see it on HN too.
gt_ 3 days ago 1 reply      
Either way, this has no effect.

The 3D artists using GPU production rendering require at least 4 of the top of the line cards for their workstation. My workstation crams x5 980Tis in the case (2 off the board with PCIe risers).

Joining the community using this approach not only requires the hardware and ability to build it but also new rendering software and a lot of time to learn a new approach/mindset/workflow. The best software available is crucial. It is worth every penny to invest in the best rendering software when entering this environment. Right now, there are 3 that matter and none of the GPU-specific remdering softwares support OpenCL. There is a unique exception with V-Ray, the last gen maverick of rendering engines. V-Ray's future in GPU rendering could be bright if the new companies don't entirely outpace them in GPu development. Either way, every part of the people actually using this solution in the real world is investing all of their time, money, energy into Nvidia right now.

The devs at Redshift, my chosen renderer, insist OpenCL is not even close to having what they need.

Pseudo-realtime feedback could actually advance the craft to a new era and Nvidia is carrying the entire ecosystem.

tombert 4 days ago 3 replies      
The performance of OpenCL has generally been fine for me, particularly on AMD GPUs, but I have to say I think CUDA is a lot simpler to work with.

OpenCL is one of those things that I never felt fully comfortable working with, but I felt productive in CUDA after a week or two. Granted, I learned them in that order, so it's possible that CUDA got an unfair head-start, but I stand by my initial thesis.

dharma1 3 days ago 0 replies      
roel_v 3 days ago 1 reply      
I don't quite get this page; isn't it more accurate to say 'amd on par with nvidia'? It seems for amd they use opencl, for nvidia cuda; but you can run opencl on nvidia too (1.2 only, apart from experimental, partial 2.0 support in the very latest drivers, but still).

I mean, there are numerical libraries that run 2x as fast on nvidia compared to their most optimized opencl implementations, because they use 'gpu assembly' specific for nvidia cards; how does that fit the 'opencl on par with cuda' claim? It depends on what effort is spent on optimizing for a certain platform, not what api is used...

I'm working in opencl myself but it's frustrating that I'll never get as much performance as I would when using opencl, even when I'm using gtx gpus myself.

throwblender 3 days ago 0 replies      
Blender is a really fun program to use, Tons of tutorials and information on youtube etc...I think more education could use 3d programs like this to help with algorithm visualization.

I made this video about worker in tech with blender.


The worker is slaving away at his terminal, he is writing code that creates the 'feed' of apps/entertainment/media/etc.. for the insatiable appetite of society (Represented by the somewhat-similar-to-a-hungry-hippo character in the depths).Who are these other two glowing beings? What do they represent? My friends have tried to guess some explanations, but I'll let each audience member decide for themselves.

radarsat1 3 days ago 1 reply      
Would it be a completely stupid idea to write a CUDA-based OpenCL back-end? i.e., an OpenCL-to-CUDA translator, so you can program your kernels in one single language but still get the benefit of the NVidia CUDA compiler?

Or are their machine models so different that that is an unreasonable thing to even try..

k_sze 3 days ago 0 replies      
What part of that page says it has to do with version 2.79 of Blender though?

I think the actual page that talks about Cycles rendering performance improvements in version 2.79 is this wiki page: https://wiki.blender.org/index.php/Dev:Ref/Release_Notes/2.7...

But that page doesn't seem to mention any comparison between OpenCL and CUDA.

I think something is still missing to make a concrete link between "OpenCL on par with CUDA" and version 2.79 specifically.

anc84 3 days ago 2 replies      
It looks significantly faster in those benchmarks! Koro takes almost half as long!
geertj 3 days ago 2 replies      
Anyone knows how to get OpenCL working on Linux using the open source AMDGPU driver (not the AMDGPU-PRO driver which is their proprietary driver)?
Apple receives permit in California to test self-driving cars reuters.com
360 points by weaksauce  1 day ago   297 comments top 23
11thEarlOfMar 1 day ago 12 replies      
In some markets, it is more about getting it right than getting in at the right time. We've seen many carcasses of products that were ahead of their time, not because they were bad ideas but because they were not formulated for mass adoption. Apple's own Newton is one example. It took the iPhone formulation to make the product features successful in the market.

A more recent example is the telepresence robot. Many entries, but still more Newton than iPhone.

With Apple, it's easy to pick out their winners and losers: iPhone, iMac, MacBook, ... vs, Apple TV, Lisa, Newton, ....

At their current scale, Apple needs to enter really big markets in order to move the needle on sales and profits. There aren't many really big tech markets left. Cars are an interesting play in that it combines robotics and consumer tech, and puts them into a market that has room for multiple large players and plenty of opportunity for disruption. The transition to an electric drive train and autonomous navigation presents an entry point. There will be multiple winners.

falcolas 1 day ago 6 replies      
Dear Car Companies:

If you would really like to advance the state of the art for self driving technology, I invite you come up to the mid-west, especially in the winter months, and make your toys work under those conditions.

Working up here will push your technology quite far, with snow, slush, worn away lane markers, cold temperatures, wind, potholes, washboard roads, ice, clogged sensors, blocked GPS, and any number of the above challenges thrown together in random and unpredictable patterns.

If you can get to level 4 or 5 automation in those conditions, making them work in the eternally sunny portions of CA will be a snap.

Sincerely, a Montanan (who is annoyed they had to deal with snow, ice, blocked sensors, and cold temperatures just this morning)

salimmadjd 1 day ago 7 replies      
Of all the SV tech giants (obviously Tesla excluded), Apple has the best DNA to build cars.

They know how manufacture in scale. They know how build a vertical product. They have the cash to do it and they have a strong brand.

But most importantly, if the world moves to a car-sharing car-hailing model of autonomous cars. Ultimately, it becomes a consumer mobile play. This is where both Google and Apple own that experience. Siri will know where you are and when you need a car. This is something both Lyft and Uber wont be able to compete with.

notliketherest 1 day ago 6 replies      
Is it just me, or have folks living in the bay area noticed a huge increase in the number of "self driving" cars driving around? I've even seen a minivan with what looked to be a hastly assembled lidar driving around Sunnyvale. The space seems to be really heating up.
ChuckMcM 1 day ago 0 replies      
This is pretty exciting but it is also the worst kept secret in the Bay Area :-) I suppose they could have surprised us and filed for a rocket launch license.

I'm not sure what Apple expects to bring to this party but I know if you're getting a masters or PhD right now make sure your thesis topic is machine learning autonomous action in health/life/safety situations :-). I expect you will be recruited heavily.

jcfrei 1 day ago 2 replies      
I doubt Apple will ever launch its own car. However it seems that quite a few large IT firms consider DaaS (Driving as a Service) a viable B2B market. If you can create a superior suite of machine learning tools (including always up-to-date road data) that successfully drives passengers and goods from point A to point B then you can secure big revenue streams from automobile companies for years to come.
mikerathbun 1 day ago 1 reply      
So far all the articles I have seen are about Apple experimenting with autonomous technology and most people assume that they are also building an electric vehicle. Those are two very different and challenging projects. I have been an Apple user since 2000 and a Tesla driver for four months and I don't see the current Apple being able to pull off an entire new car platform like that. This isn't a "one more thing" kind of reveal. Look at how long it took Tesla to get to the point where they can mass produce a relatively inexpensive electric vehicle with a basic self driving platform. I am a huge fan of both companies and have stained teeth from all of the Kool Aid, but just getting the battery manufacturing in place seems like an impossible feat for a company that is going to take over two years to design and release a new modular desktop computer for content creators.
jakelarkin 1 day ago 1 reply      
been seeing Apple Maps marked vans with Lidar units in SF and East Bay for months. Presumably theyre done building the base map.
ziikutv 1 day ago 4 replies      
Heres a question, I know a lot of companies are investing their time/money into working on self-driving cars.. but from what I see, a lot of the cars use the same sensor. LIDAR and cameras being the main sensors. Of course, we have already seen Tesla perform well with these sensors.

However, my question: Is/Was this industry only held back by sensing?

edit: Restructure paragraph


gajeam 1 day ago 1 reply      
I guess you never know with Apple but it just seems like a really crowded space for them to come into, especially if they insist on controlling the whole ecosystem like they do with their other products.

First of all, it's a high price tag for them to get top talent in the area. Waymo, Uber, Tesla, Ford (and a dozen other car companies), and who knows how many start ups are all vying for the same pool of engineers. Even if they get top talent, it's another story holding onto it. If you look at the LinkedIns (Anthony Levandowski, Jur van den Berg, Chris Thrun, all the founders of Otto and Argo AI), they change jobs every two years.

Their success I feel depends on how much control they are willing to give up in partnerships and how good they are at choosing winners in the race to autonomous vehicles. They already have $1B invested in Didi last year--it will be interesting to see where they go from here.

pryelluw 1 day ago 0 replies      
Interesting how many toyota vehicles are used as development mules
uptown 1 day ago 2 replies      
I'm guessing if and when Apple enters the market, they won't be selling cars. They'll be selling the service of transportation.
drawkbox 1 day ago 0 replies      
Uber and Google/Waymo do it in Phoenix quite a bit. The roads are perfect for first iteration/testing, mostly 1 mile squares and less intense. I see many Waymo and Ubers on the road here.
mvpu 1 day ago 2 replies      
Wow. Amazon is probably working on it too. Great that 10 years from now we'll be seeing Teslas, Apples, Googles and Amazons on the road more than Fords, Chevys, Hondas and Nissans. Interesting times.
chrismealy 1 day ago 2 replies      
Apple decided making wifi hardware was too hard, but they can make cars?
jes5199 1 day ago 2 replies      
Tesla has such a head start on car production, I don't see how Apple can catch up.
israrkhan 1 day ago 1 reply      
self-driving cars are becoming a crowded space. Too many players, with no clear winner in sight. The real problem to solve here is not technical , its regulatory.

Tesla and Google have some advantage, but it is still far from reality.

nyxtom 1 day ago 0 replies      
See, it's not that hard Uber
briandear 23 hours ago 0 replies      
This thread is going to be golden in 10 years: a time capsule of cynicism.
skdotdan 1 day ago 0 replies      
Apple is good at UX and design. A L5 Self-driving car implies no UX at all, and most people won't care of the design if Self-driving cabs become a commodity. Apple is not about logistics.

So, Apple's opportunity will be L2-L3.

randomsofr 1 day ago 3 replies      
Autoplay video, closes tab.
free23a 1 day ago 0 replies      
First,who dies Uber think it is circumventing the medallion sytem that taxi companies must abide by.Second, who does Apple or Google think they are by imposing dangerous obstacles on us on our roadways.
shouldbworking 1 day ago 7 replies      
Does anyone care that regulatory realities will prevent driverless cars from ever carrying human passengers?

Planes and trains have been driving themselves for many years but they still have human pilots. The human need for somebody to blame is stronger than market forces trying to eliminate human drivers

Low-Level Programming University A roadmap to becoming a low-level programmer github.com
421 points by znpy  3 days ago   159 comments top 17
CalChris 2 days ago 10 replies      
Don't go there. There's really not a lot of work. But if you must, low level is more a calling than a learned skill.

You probably shouldn't be learning assembler. First, compilers are really quite good. Yes, it's possible to beat them (I do) but generally not by much. And not by much ain't gonna put bacon on the table. You can probably get what you need from gcc inline asm() calls. Take a look at the linux sources and figure out why and when assembly is used there:


Secondly, writing in assembler is not low level. You just think it is. You should really be understanding caches and you can improve your cache performance in C.

Anyways, unless you deeply know what's going on inside of the microarchitecture of a modern superscalar, out of order, speculative, renaming, op-cached, hyper-threaded, multicore beast then you shouldn't be fooling yourself by writing in assembler.


Unless you've really read Intel's Intel 64 and IA-32 Architectures Optimization Reference Manual (and ARM's Cortex-A72 Software Optimization Guide) and meditated on the suras of Agner Fog's Microarchitecture you won't even know what's going on with something as simple as mov RAX, RBX.

Look, most compiler writers don't even know this stuff (Intel C Compiler yes, llvm occasionally) and frankly, it isn't very useful because Intel spends a billion dollars a year to make your bad x86 code run reasonably fast. Consider a switch statement which compiles into an indirect branch, jmp reg. That branch has to be predicted by the BTB before the jmp reg instruction is even fetched and that's really hard to do. Every year they get better and better to the point that you're not even aware of it. But if you want to the help the CPU out, you could put a UD2 right after the jmp reg. This is insanely hard to understand and will help very little.

Don't go there.

paulsutter 2 days ago 7 replies      
The bearishness here surprises me.

The more a company spends on infrastructure, the more they need low-level people. A good low-level programmer can reduce cost requirements 10x or more. Any company spending millions or billions on infrastructure can make enormous savings by hiring the right people. Crucial for Google, Amazon, Facebook, and even midsize startups can see a big improvement.

And its difficult to fill those jobs. Which means, there's opportunity there.

hackermailman 3 days ago 2 replies      
CS:APP 3rd version you can buy on Abe Books the global edition for $20, then follow this course and watch 'old videos' https://www.cs.cmu.edu/~213/schedule.html

Everything in this style guide is covered in CS:APP https://matt.sh/howto-c

There's also http://rust-class.org/ and https://www.nostarch.com/Rust

CliffyA 3 days ago 12 replies      
As someone who can code in C/C++ and was recently looking for work, I don't think someone should learn low level programming for a career. What I would consider simple PHP jobs were easily paying more than C++ jobs.

If you look at everyone reinventing the wheel in electron and not caring about performance I don't think the situation is going to get better anytime soon.

chimtim 3 days ago 5 replies      
Low level programmer here. This is great but the job market for low level programmers is very small. Recently, while interviewing, I described a thread safe, concurrent queue implementation to a hiring manager and he asked me -- "so how does this relate to big data and ML"?
pdelbarba 2 days ago 0 replies      
In this thread there's a lot of FUD about there being no job market. One place to look is to your undergraduate electrical engineering brethren. You'll basically always be following them around to wherever they go (though often in slightly higher demand given that board design is typically faster than the software development phase). Also worth noting that in recent years there has been an emphasis on FPGA skills for a lot of jobs in the space. It often helps to have some familiarity, especially if you like working for smaller companies that wouldn't want to hire a specialist for that role.
mtanski 3 days ago 0 replies      
This is great list.

My personal additional to the list would be "What Every Programmer Should Know About Memory" https://people.freebsd.org/~lstewart/articles/cpumemory.pdf

blueatlas 2 days ago 0 replies      
This embedded programming course from UNC Charlotte is quite good for getting started:


And, Stan Warford's systems programming class is exceptional:


I believe you can get the video lectures through iTunes U.

For university courses, these are both really good.

clavalle 3 days ago 0 replies      
I was having a conversation with a friend working on high volume data problems and was surprised just how low level he has to get in order to meet some very stringent but necessary requirements.

I've worked at a high level for so long that I've forgotten how much low level work I take for granted.

gurugio 1 day ago 0 replies      
Thank you to introduce my page to the world. I've just found this thread and understood why the traffic suddenly peaked.I'll add several link/books/courses here to the page.Thank you for all.
LeeHwang 3 days ago 3 replies      
This is great, but does any one have any gentler intros ?I'm trying to teach low-level programming to one of my junior devs. She graduated from a boot-camp school and is struggling a bit.

EDIT: Thanks for the replies. Alot of good links.

0xFFC 2 days ago 5 replies      
About career, is low level programming job market that small we see in this threads comments ? I want to be C/C++/Rust programmer. This is quite frightening.
mhh__ 1 day ago 0 replies      
Compiler backends are another topic that can really extends one's knowledge of their hardware. You end up having to learn a least a bit of every layer underneath your code e.g. ISAs, Calling Conventions and scheduling.
pklausler 2 days ago 0 replies      
Given two candidates for a job, one that knows assembly language and one that doesn't, I'll hire the assembly-capable programmer nearly every time.
anocendi 2 days ago 0 replies      
I can vouch for Paul E. McKenny's book.

I would recommend anyone with curious mind to read it, even if day to day work does not involve much low-level programming. It will open up a whole new set of ideas / knowledge in problem solving toolbox.

thegayngler 2 days ago 0 replies      
I want to create a new operating system even though we don't need one right now. So this looks very attractive to me. Thanks for posting.
trenzalore 2 days ago 0 replies      
Anyone knows the same kind of roadmap/tutorial but for Windows Low level programming ?Thank you !
Instagram Stories hits 200M users, surpassing Snapchat techcrunch.com
320 points by misiti3780  2 days ago   188 comments top 43
trevor-e 2 days ago 5 replies      
I think this is well deserved. Instagram Story's experience to me is way nicer and more complete since it integrates perfectly with their core photo sharing product. After I'm done viewing snaps I have on Snapchat, what else is there left to do? With Instagram, I can look at my photo feed and go to people's profiles, and all of the back-navigation works perfectly. Meanwhile, Snapchat's app is slow, buggy, and doesn't even take nice pictures. Other than the more gimmicky features, such as face filters which will inevitably come to Instagram, the product feels way behind.
niftich 2 days ago 0 replies      
Instagram is a social network where the best effect occurs when your account is public: you get social validation from a large audience liking your content on its merits, the sum of all your content forms a persistent feed, and your followers form a closer inner core with whom the nature of interaction is more immediate. This tends to be most rewarding for people who can attract a large number of likes; this number of likes is displayed to anyone who can see the content.

Snapchat is the inverse, where the content is aimed at one's followers, but one can submit notable content to be featured in the company-curated Discover section (about major events, for example). There is no public aggregation, there is no public display of likes.

The two platforms are still differentiated by their design philosophies, and in North America there is significant overlap in the userbase.

The danger, of course, is that once Instagram has cloned enough of Snapchat's functionality, the same users won't need to switch to Snapchat anymore to get the close-knit experience. Similarly, Snapchat may feel pressured to up its parity with Instagram in turn, by adding public features that are very different from its current model. In either case, the networks will have iterated themselves into equivalence [1], making the exact provider irrelevant and making pure network effects be the the deciding factor more often that not -- which gives an advantage to larger players.

[1] https://news.ycombinator.com/item?id=13168804

cocktailpeanuts 2 days ago 5 replies      
I'm sure most people would disagree but Snapchat was done the moment they released stories.

I say this despite the fact that stories was what really brought stratospheric growth to snapchat, because i'm taking into account opportunity cost.

They could have focused on making their core (1-1 messaging) better but they decided to become a broadcast media company, starting with stories and then those brand videos.

This has always been risky. Even at its peak when you look at what was happening on Snapchat stories, a lot of these microcelebrities on snapchat would use stories as a way to get more likes or follows on their instagram. They say stuff like "Hey i just posted a new photo on instagram, please like it!" etc. This was convenient for them because these needy behaviors go away on snapchat stories.

The moment snapchat decided to become 1:many, they became a serious threat to Facebook in pretty obvious ways, so it was no brainer that Facebook jumped to do something about it. And at the same time, you can't compete with Facebook on 1:many broadcast.

They should have focused on 1:1 and fought on their own turf. Sure it would have been harder to figure out the viral growth, but it was already doing well so I'm sure they could have figured out some way without jumping into Facebook's playground.

nostrademons 2 days ago 1 reply      
Would be interesting to see the demographics on those users. My understanding is that if you're under 25, you use SnapChat, and if you're over 25, you can't figure out how the hell to use SnapChat. Instagram Stories may've exploded into the demographic that doesn't use SnapChat. This is possibly supported by the comments here about Instagram's UI being a lot nicer; most of us on HN are in the demographic above SnapChat users.

If this is the case, it's not as damning for SnapChat as it seems, at least until some younger, hotter social app bumps them off the pedestal in a few years. Young users get older, but older users don't get any younger. My understanding is that SnapChat's inscrutable UI is deliberate: they want you to have to be shown how to use SnapChat by someone already on it, to avoid the "My grandmother's on Facebook, how uncool is that?" problem.

majani 2 days ago 5 replies      
The biggest question about Facebook has been whether they can stay relevant in the face of an onslaught of cooler apps in the future. The biggest test of this so far was Snapchat and they've managed to ethically out compete them with flying colors. Credit where credit is due, kudos to Facebook and the doubts about future relevance should be put to bed now.
plorg 2 days ago 2 replies      
On the other hand, Facebook's thirsty attempt at pushing the same feature in all of their apps is both fragmented and ham-handed. It seems to have landed with a thud - I have seen exactly one contact post a Story in either the Facebook or Messenger apps. They've now started posting greyed-out profile pictures of frequent contacts to make the space seem popular, seemingly encouraging the user to use the feature to contact those people. It seems sad, frankly.
kermire 2 days ago 2 replies      
Instagram stories are more accessible than Snapchat stories. Snapchat has one of the most bizarre UIs I've ever seen in my life. I was so confused when I opened it the first time. Main screen defaults to the camera instead of showing the stories. That's probably because it's a camera app more than a social media one. Previously there were only icons, now there's a bit of text to describe things. That's good but it's just not a very interesting product anymore.
lucideer 2 days ago 1 reply      
I wonder how much of this is Instagram stealing Snapchat's userbase and how much is it simply converting its existing userbase over to using Snapchat's new innovative features.

If Instagram has more users than Snapchat, saying "Instagram's Snapchat feature has more users than Snapchat" isn't really as significant as it sounds, and doesn't necessarily represent any erosion of their userbase or threaten their growth.

Of course their userbases are not mutually exclusive, but I do get the impression there's a rough demographic separation.

thinbeige 2 days ago 1 reply      
Why I still prefer Snapchat:

1. After launching the app I am right in the take-a-picture mode. With Instagram I need one or two touches.

2. Different DNA, different circles

3. Pics to one or several people is way better and faster than on Instagram.

Only because they share the stories features doesn't mean they are interchangeable. They are still different products.

Even if Instagram has more MAUs on the stories feature Instagram's DNA gets dilluted with the integration of the story feature. Random, inflationary and non-glossy media wasn't part of Instagrams previous shiny DNA and experience.

Axsuul 2 days ago 0 replies      
I believe both platforms will thrive because they target different audiences. Most people seem to prefer Instagram for their "professional" persona while keeping Snapchat for their "real" self. This is credit to Snapchat's "silly and fun" interface and brand in comparison to Instagram's more minimalistic one. Furthermore, Instagram will always have some pull due to its network effects.
crazypyro 2 days ago 0 replies      
As a young 20 something, Snapchat stories is still dominant among my social circle and other social circles I encounter. No one I know uses Instagram stories heavily. I even have a few friends with Spectacles.

Snapchat's app is absolutely shit on anything except an iPhone though and even casual users I know mention this.

vhost- 2 days ago 1 reply      
I decided to download snapchat and try it a couple months ago to see what all the fuss was about. I might be a black sheep here, but it was really confusing. I had no idea how to use it. And I've been building software for 15 years too.

I can completely understand Instagram, so I was happy they added stories. It's really easy to use and the functionality seems intuitive.

delecti 2 days ago 0 replies      
As a user of both Instagram and Snapchat, this doesn't surprise me. The UX for the Instagram stories functionality is pleasantly at the top of the normal UI, but Snapchat's UX is really quite hostile, and even though I'm very familiar with it, it continue to be unpleasant to use.

Add in that Instagram's typical user base is much more broad (Snapchat tends to be most popular with young tweens, whereas Instagram's user base is just about everybody), and you have one actively hostile interface in an already small market against a much more friendly interface in an almost unrestricted market.

radiusvector 2 days ago 17 replies      
As impressive as it may sound, this is pretty shocking for the state of the industry.

An innovative, new upshot getting sucked up/ blatantly ripped off by an established player with more muscle, money (and in this case - users) to throw at the problem is not a great incentive for entrepreneurs.

Consolidation at this level resembles communism more closely than the kind of free market innovation we should be seeing.


iamdave 2 days ago 1 reply      
I'm not the target audience, clearly. I'll get notifications from Instagram "So and so posted a story!" and I'll swipe left to clear it off my notification screen without ever even thinking about it again. Snapchat stories, the only ones I watch (and it's a rarity that I'll even watch them at all) are sports updates.

So. That being said: just curious what the appeal is for others. What is it you like about stories, what about the feature-other than it ostensibly being a video-is so engaging about these things?

maxwellito 2 days ago 0 replies      
It's not completely surprising. They did an amazing job to deploy this feature. It's directly available (perfect to attract new users) and it works like a charm. I used Snapchat and I loved it, but UX is a pain. It's incredibly heavy and slow, even on a good phone. It's the reason I uninstalled it twice and won't reinstall it. While on Instagram, the user experience is good. Probably leaving the camera on with effects is not a good choice.

PS: please WhatsApp, remove stories. It's not the place for it.

ybrah 2 days ago 1 reply      
I like stories on instagram because its not intrusive, unlike messenger, facebook, and whatsapp. The reason I still use snapchat and pretty much boycott stories that get handed out by facebook is because it feels like they're using dark UI practices to force it down my throat.

Why does messenger open up my camera when I launch it? Why does it ask me to put pictures that I send my friends on my public story? Why do peoples stories take half of my messenger screen? It's really intrusive, and incredibly annoying.

snaplove 2 days ago 1 reply      
1.Does this compare SNAPchat US/UK users with INSTA US/UK users?

2. INSTA has users across the world and in countries where their unit economics is a loss.

3. Nobody makes ad profit from India/Brazil/Vietnam. SNAP wants to redefine how valuation is done.

4. Having billion users is a wrong metric altogether when most users doesn't generate revenue. And yes, companies will always promise they will generate revenue in 10 years or some BS.

techaddict009 2 days ago 0 replies      
Because Snapchat is only for rich people: https://www.thesun.co.uk/tech/3324753/snapchat-boss-even-spe...
faitswulff 2 days ago 0 replies      
Where does the "no patents in software" position stand in relation to this story? Does it refer purely software (AKA Oracle v Google) or is it also design and experiences like stories?
codathroway 2 days ago 0 replies      
The hacker news title is incorrect. The metric is DAUs not MAUS. dang can you please correct?

I believe the article was changed after being published.

kneel 2 days ago 0 replies      
I'd be really interested to see how many of those 200M users are actually people.

Instagram novelty/celeb/art/bs accounts are all over the place, it's fairly lucrative to push products on the hot trend of the day and the whole platform is pretty spammy.

Snapchat doesn't really have this problem, you don't interact with people you don't know unless you seek them out. There is no easy way to add randoms on snapchat, users tend to be actual users.

snackai 2 days ago 1 reply      
Outside their app snapchat as close to zero visibility. No share buttons on the web, no snap ghosts in commercials (like "add us on facebook"), nothing. They really have to come up with something there.

When Facebook had their IPO everyone argued about them having no revenue, but they still had user growth, when Snap started they already had no user growth. This combined with no revenue... Wall Street does not approve!

0xCMP 2 days ago 0 replies      
Wow, this is brutal. I wonder how Snap is going to make it out of this.
m3kw9 2 days ago 0 replies      
The UI is excellent, you can pause, go back and the cues are great to capture attention
mmanfrin 2 days ago 0 replies      
Facebook's vassalization of Instagram was brilliant, in retrospect. Facebook is free to pursue its imperial ambitions while Instagram follows the much quicker and looser edge/leader features demanded by the market of Snap/IG/etc.
sekou 2 days ago 0 replies      
I remember reading Instagram blog posts and having a sense that engineering the product well was something they held to high importance. Since then they've been acquired by Facebook but their team still seems driven by those kinds of values.
samfisher83 1 day ago 0 replies      
Mark bought Instagram for 1 billion and now it's probably worth maybe 25. That was a pretty genius move by him.
Network2020 2 days ago 0 replies      
Long-time lurker here...

I don't understand how Facebook cloning Snapchat is any different from Chinese startups cloning various American apps. Why is cloning frowned-upon only when the Chinese do it?

ronilan 2 days ago 0 replies      
In an alternate universe Instagram never got bought by Facebook, so Snap never had room to grow.

But, then again, in same alternate universe YouTube never got bought by Google, so Facebook never had room to grow.

Think alternate universes don't make sense?

Does this one does?

s0me0ne 1 day ago 0 replies      
I'm hoping snapchat wins, its easy for FB with tons of money to just copy another company
justintbassett 2 days ago 0 replies      
MAU isn't a great metric, I'd prefer to see both platforms' DAU
ojr 2 days ago 0 replies      
for whats its worth a lot of cool people/influencers are still using Snapchat over Instagram, Kardashians, DJ Khaled, etc, this metric doesn't reflect my reality, I wouldn't sell any $SNAP shares, I'm more likely to buy after a dip when metrics like these are presented to the public, once people see revenue the price will pick up again
scirocco 2 days ago 0 replies      
Will Snapchat ever start selling to enterprise?

Taking their existing AR technology and apply to, let's say aircraft technicians. Snapchat + Boeing partnership?

quxbar 2 days ago 0 replies      
For the record, both myself and my partner 'used' stories this month, only to say 'yuck, can I turn this off?'

But hey, you gotta show off those metrics.

johnnydoe9 2 days ago 0 replies      
Snapchat clearly went out of their way to ignore Android users, Instagram works so much better.
notadoc 2 days ago 0 replies      
I can't think of a bull case for Snapchat, but admittedly I am not the target demographic.
Graphon1 2 days ago 2 replies      
Pinning stickers! I am so glad the USA is still leading in innovation. Thank you to all the hard workers who devoted their time to solving this problem as opposed to working on some vague or diffuse health-related issue. The world is so much better now that we can pin stickers on instagram gifs.
sandergansen 2 days ago 0 replies      
What do you think is going to be Snapchat's next move?
2_listerine_pls 2 days ago 0 replies      
How are these claims verified?
tomphoolery 2 days ago 1 reply      
what is "MAU"?
mbloom1915 2 days ago 1 reply      
this is why snap is not a good stock purchase until the inevitable tech dip comes -- say another 6-12 mo will be ripe to buy?
CorduroyBottom 2 days ago 5 replies      
What Instagram is doing is borderline illegal.

Facebook sat in stasis for years without innovating their products. Now they are using their incumbent position to steal every single snapchat feature with impunity.

Of course that's par for the course in tech. Where the giant companies throw their weight around to crush competition.

Will there be an antitrust suit?

Servo nightly builds on Windows now available servo.org
347 points by stshine  3 days ago   112 comments top 24
pcwalton 3 days ago 1 reply      
A lot of the Servo work lately has been pushing specific components, in particular the style system and WebRender, toward production quality. (These are the parts that are being integrated into Gecko on an experimental basis.) This is all necessary work for Servo--for instance, we have to have an industrial-grade style system that passes all tests, no matter what. But it doesn't result in immediately-visible improvements as much as some of the stuff we were doing earlier (like the push toward Acid2), as the layout, DOM, and thread manager (constellation) still need lots of work and are usually the source of the brokenness you see from day to day.

So there's plenty of forward progress going on, it's just a bit more behind the scenes. As always, filing issues is super appreciated :)

newsat13 3 days ago 5 replies      
I loved reading https://github.com/servo/servo/issues/12125. It is a great example of open source persistence despite it not being a priority. Things move forward at snail pace and stalls multiple times. Just when all hope seems lost, they manage to ship it ! This is the case with most opensource projects - things take their own sweet time but they eventually somehow manage.

On a side note, I noted that https://github.com/larsbergstrom owns lars.com. Wow! I wonder how much that is worth given that every 5th german is named lars ;) (though strom seems to indicate he is norwegian)

AdamSC1 3 days ago 1 reply      
I'm really hopeful for this. The world needs a new browser engine, there is dwindling competition in this space and time and time again I find myself dissatisfied with browser offerings.

I've tried every obscure browser out there, and many of them are great at specific things but nearly all of them lack a few key features or present an experience that frequently crashes.

I think the Servo project is the biggest chance that Mozilla has to make an impact in its "Internet for the people mantra."

As a non-dev I will do my part by guinea pigging nightly builds and submitting issues!

buster 3 days ago 1 reply      
After seeing a youtube demo[[1] of how the aggressive parallelisation that is done in Servo (safely possible by using Rust) speeds up this browser, i'm really excited for Servo! Also, i think this will give us a great base for all kinds of browser embedding what is not based on ancient webkit-gtk.

There is another nice presentation on Rust and Servo: https://www.youtube.com/watch?v=7q9vIMXSTzc

[1]: https://youtu.be/UGl9VVIOo3E?t=1019

chuckdries 3 days ago 1 reply      
I can't wait for people to start using this instead of chrome/electron to make desktop web apps. As much as I understand the philosophical (and at this point pragmatic) arguments against electron, there's something to be said about making deadlines and using technology your developers know well.
cwyers 3 days ago 4 replies      
Very, very nonresponsive. Sometimes when I press a letter in a form, it won't respond at all, but when I press it again, it will show up... and then when I press the next letter, the previous letter shows up. Which I thought was strange behavior.

EDIT: When I say "won't respond at all," I counted to 30 before the next keypress eventually just to verify I was really seeing what I was seeing.

zellyn 3 days ago 1 reply      
Just so you Servo folks know, we appreciate the plan of shipping components incrementally in Firefox, and realize the necessity, and how big a project building a whole browser is

and yet

I think you know we're all waiting for Servo itself to be usable as our main browser :-) Good luck!

digitalshankar 3 days ago 1 reply      
Tried Servo in Linux, even though the browser is slow in starting up, the page was loading very fast and scrolling the page is butter smooth! This Servo with Rust will redefine Browser and i wish this will restore the Crown back to Mozilla Firefox!
chaz6 3 days ago 2 replies      
A *.zip file would be useful for users who do not have admin privileges, as well as people who do not like giving elevated access to development software and who do not have access to a development computer nor a virtual environment.
po1nter 3 days ago 1 reply      
Doesn't even launch. The window appears very briefly then closes immediately. If any of the maintainers are here let me know how can I help you with this. I'm on Windows 10 version 1703 (OS Build 15063.13) x64
edko 3 days ago 0 replies      
Is there an accessible tutorial, for someone who is starting to learn Rust too, for embedding Servo within a Rust program? I haven't been able to find anything with a Google search.
1wd 3 days ago 1 reply      

I wondered, for what kind of problems should I bother to file issues? The page says:

> so please file issues about anything that doesnt work as expected!

Wouldn't that be quite a lot of obvious stuff? I just opened one web page and see over ten rendering errors.

Even the text edit control of the built-in search-bar doesn't work as expected (text selection doesn't work, both with mouse and keyboard). There seems to be no way to scroll.

Then it crashed.

Aissen 3 days ago 2 replies      
Meanwhile, the Linux nightly build has been broken on all major distros for a while (see https://github.com/servo/servo/issues/12015 ), because the project won't bundle openssl. For a nightly. Which they already do for Firefox (all release channels). And of course, there are bundling it for this Windows nightly as well
tambourine_man 3 days ago 2 replies      
We're all exited about Servo (and Rust) and I'm really looking forward to using it.

But what makes software that's used everyday feel great are the small details.

I can't use Chrome (for consumption, though I use it for development) because of the way it renders text and a few other UI annoyances.

A browser is a lot of things, but to me, it's first and foremost a reading platform. So please, do whatever you can to use the OS's native text rendering.

ubershmekel 3 days ago 1 reply      
I just tried it out. It froze when looking at a reddit comments page, it froze when I tried to use the URL bar. Pretty exciting nonetheless.
tn135 3 days ago 2 replies      
This project has moved real slowly but keep remembering how often Eich referred to this as the most important aspect of Mozilla.
ruleabidinguser 3 days ago 2 replies      
Does servo make any speed gains on machines that dont have dedicated gpus?
bitmapbrother 2 days ago 0 replies      
I just tried the Servo nightly tech demo on TheVerge.com. The first attempt crashed it and the second attempt rendered the page incorrectly. Memory usage was 1.27 GB.
wink 2 days ago 0 replies      
Awesome progress. Feels like a real alpha but I'm happy it's even displaying stuff and you can navigate some websites already.
frik 3 days ago 2 replies      
Can you also offer a Zip package? (portable)

Why only this MSI package?

frik 3 days ago 5 replies      

 VCRUNTIME140.dll required 
Why are open source projects built with Visual Studio these days? Especially as binaries built with VS2015 (release and up to service pack 2) are known to phone home "by accident". There are the GNU, Mingw, Msys, LLVM options on Windows - completely open source. Offer binary builds with at least one of these compilers on Windows platform.

campuscodi 2 days ago 0 replies      
Tried installing it on 3 computers and 2 VMs ... failed on all
davidgerard 3 days ago 1 reply      
How well should it be expected to work under Wine?
EugeneOZ 3 days ago 1 reply      
Add self-update feature please.
Filing Taxes in Japan Is a Breeze. Why Not in the US? nytimes.com
302 points by Cbasedlifeform  2 days ago   269 comments top 56
patio11 2 days ago 7 replies      
The NTA (National Tax Authority, cited as the Kokuzeicho in the article) doesn't figure out your taxes for you. Your employer does, as one of the (many!) ways in which they exercise paternalistic control of your life. If you do not have an employer, you get to go through a process which is almost exactly as fun as it is in the US, modulo a modestly competent online filing application.

I spent $3k this year on accountant time to file my personal taxes. The majority of the cost is driven by my various extracurricular activities. In the five years where I did my own taxes as a self-employed person, I generally lost between 2 and 5 working days a year to the effort, largely driven by the "calculate the income and expenses of your self-employed business" part of the return.

A Japanese corporation with one employee is in for about ~$5k a year of professional services fees incident to managing payroll for that single employee, not counting the taxes themselves. (I personally can't wait until this space gets Gusto-ed here, and SmartHr and other companies are starting to get there.)

pharrlax 2 days ago 6 replies      
Overlooked in this article and comments is the influence of one man -- Grover Norquist.

He runs an extremely influential organization that administers a sort of purity pledge that, for most Republican candidates for Congress, is necessary to sign in order to avoid being primaried.

He has decided that making taxes easier to do would make people more okay with tax increases, and so he has decreed that support for the kind of systems other countries use is a violation of this pledge. His excuse is that such a system would effectively slightly increase taxation by preventing people from getting away with taking erroneous deductions. This excuse is obvious, total bullshit.

Grover Norquist wants taxes to be painful because he wants people to dislike government and the concept of taxation in general. Thus, Republicans in Congress must take the same opinion or risk having their purity stamp revoked. Thus, no reforms get passed.

Perhaps this is one area Trump can do some good; certainly he's much less beholden to the traditions that bind the old guard (for better or for worse).

jschulenklopper 2 days ago 5 replies      
I don't know when the slogan of the Dutch tax authority, "We cant make paying taxes pleasant, but at least we can make it simple" was introduced, but in my view it has been supported in three different ways:

1) a simplification of the tax rules - mainly by reducing the number of exceptions and tax deduction rules,

2) filing the tax forms digitally - they started with desktop applications, and now the main focus is on a web application, and

3) pre-entering the information the DTA already has on you, so you just need to correct and add missing information instead of entering everything from scratch - and they collect a lot of data of you yearly.

This improvement happened over the last 15 years, and the time required to filing tax returns was reduced from many hours (mainly to gather all the information, and writing it on a paper form) to like 30 minutes. That is, if your administration is up to date. Filing the tax forms is my yearly reminder to update my administration...

BTW, that slogan is stated more succinctly in Dutch: "Leuker kunnen we het niet maken. Wel makkelijker."

eloisant 2 days ago 4 replies      
It's a breeze in France too. Login to the government website, verify that everything preloaded is correct, add the few things they don't know about and you're done.

It's a mess in the US because Turbotax and others make money on that complexity and do lobbying to keep it that way.

bogomipz 2 days ago 1 reply      
This is short and worth a listen, a Stanford Professor spent a year or so of his life piloting a program in California called "Ready Return", where the government filled out your taxes for you. Ultimately it was shot down by Intuit and H&R Block's lobbyists however.


ekblom 2 days ago 5 replies      
This years it took me about three minutes: log in, scan throug the numbers, sign to accept. Then i went for a coffee. That how we do it in Sweden.
msound 1 day ago 1 reply      
On a related note, a Stanford tax law professor Joseph Bankman had run trials of pre-filled forms for a few California state taxpayers. Listen to his journey on Episode 760 of PlanetMoney podcast:



* 99% of people liked the pre-filled forms

* He took this idea to California state congress, but Congresspeople were "warned" about him by Intuit lobbyists

* He hired his own lobbyist but lost by 1 vote in the Congress

Edit: Grammar

i_feel_great 2 days ago 1 reply      
In Australia, via the mygov tool, for a simple wage earner like me, 10 minutes. All the payroll taxes amounts are prefilled, maybe 10 questions in all. Got my refund in ~ 10 days. The Australian Tax Office has a fairly extensive developers program to encourage more/better tooling and compliance.

Edit: The ATO developers programme: http://softwaredevelopers.ato.gov.au/

FiatLuxDave 2 days ago 0 replies      
I've taken to referring to the time that I spend filling out US Government tax forms as the "Norquist tax". After all, it's hours of my time which I have to spend giving work to the government.

Maybe if we all start calling it that, Americans for Tax Reform will realize that they are causing more harm than good by lobbying against a more efficient filing system. They may think that having us spend a bunch of time doing our taxes makes us better realize how much taxes we pay. In reality, it's just another form of government waste.

maccard 2 days ago 1 reply      
I'm in the UK. If you work as a regular employee, your tax gets automatically deducted and noted in your payslip. Each year you get a form posted out and if you disagree with the amount (I don't know anyone who ever has) you can contact HMRC to sort out the difference.

If you work as a contractor/self employed, you have to fill in a self assessment form. I personally don't need to do one, but my partner did, and it took us about 30 minutes last year.

It really doesn't need to be this complex.

oakesm9 2 days ago 0 replies      
In the UK the majority of people do absolutely nothing. Your wage slip says how much tax you've paid each month (through the PAYE system) and then at the end of the tax year your company sends you a P60 form (https://www.gov.uk/paye-forms-p45-p60-p11d/p60) which is simply a pre-filled summary of all the tax you paid that year.

That's the case for anyone with the most common case of a single salaried job. If you have a more complex situation (dividends from company share, taxable investments, multiple jobs) then you need to fill in a self-assessment form. I did one last year and it was all done online and took about an hour in total.

oppositelock 1 day ago 0 replies      
The tax code is too complex, which is why it takes so much work to correctly compute what you owe. It doesn't matter whether the tax payer does this, or someone does this on their behalf to make it "easy". Taxes should be simple to pay because they're simply structured.

In the US, Congress derives much of its power from tweaking the tax code, it's how campaign contributions are rewarded. Do this for a hundred years, and you get a complex tax code. This is also why it's not going to be simplified anytime soon, since Congress will never vote to reduce its own power.

IkmoIkmo 2 days ago 2 replies      
Here in the Netherlands my employer's data is all pre-filled in. Just have to log in to a mobile app and sign with my citizen's digital ID. (just a login with 2FA).

All of that takes about 3 minutes, and it's pretty much sufficient for like 80-90% of my peers (fresh out of college).

But with more complex deductions, you need to use the 'full web app', which is also pre-filled but comes with tons of questions. They take me about 20-30 minutes, because I know how it all works nowadays. But the first time it took me 2 hours cause there's lots of definitions and words that aren't frequently used in the Dutch language.

rayiner 1 day ago 1 reply      
I love paying my taxes, and I kinda like the baroque U.S. process. Every April, I spend a couple of weeks being salty that government is penalizing me for being married, penalizing me for not taking out a giant loan to buy a McMansion in the suburbs, taking my money and using it to bomb Syria instead of helping working class families, etc. If my taxes just got auto-paid, I don't think I would even think of these things, and I don't think that'd be a good thing.
oblio 2 days ago 1 reply      
In Romania if you don't have any income except for your salary, you don't have to do anything. Yes, there are no tax exemptions or deductions, but on the other hand life is simple.

How often are those exemptions or deductions worth it, especially when compared to the potential complexity and additional cost of a byzantine tax system?

philsnow 2 days ago 2 replies      
pre-filled forms will probably help a largeish proportion of americans who have dead-simple taxes.

once you start doing absolutely anything else (having a side job, renting out property, participating in the stock market, having income in multiple states, etc etc etc), you're in the byzantine territory of income/deductions/credits/AMT where nearly every line on every form involves reading the instructions for that line (and yes, nearly every line has its own instructions) and reflecting on your life to decide whether you think that purchase qualifies as a deduction, or what percent of your car's annual depreciation you can allocate as a business expense, or whether you need to declare your 2014 California refund as income on your 2015 Oregon taxes. Money ping-pongs around, getting taxed coming and going (you pay tax on your salary and tax again when you use that money to pay for gasoline (and a very few of these taxes are multiplicative instead of additive, so you can in fact pay tax _on the tax you're paying to buy gas_)).

I'm really not doing justice to the intricacies of the tax system. I would really enjoy reading a James Mickens tribute to it.

Pre-filled forms aren't going to help navigate the insanity, unless the governments (federal and all the states) have access to data about every transaction, every penny that flows through your household.

dagenleg 2 days ago 1 reply      
The beauty of free market is that it can create markets where there otherwise would be none. Once you normalize lobbying in your society, possibilities are virtually limitless.
spangry 2 days ago 4 replies      
Does the US have a employer withholding system (i.e. if you get paid $1000 in a week, your employer withholds and remits whatever the pro rata amount is for $52,000 annual income to the Tax Office)? We have that in Australia, and it definitely simplifies the process for workers at the end of the year.

Personally, I've always liked the idea of a 'standard deduction'. People with a steady paying job for the whole year, and simple tax affairs, don't have much of a reason to fill out a tax return given how much data our Tax Office pulls in from other sources (e.g. your bank interest gets pre-filled). The longest part of the whole exercise is claiming all those little work-related deductions here and there. For most people I don't think this ever exceeds $1000 total.

So if the government just gave everyone a default $1000 deduction, combined with pre-filling, filing a tax return for most people would be a simple matter of looking at the summary and hitting 'agree'. You could even take it one step further: if you don't fill out a tax return the government assumes you agree that your default return is correct.

We almost had this in Australia [0]. It was a measure in our 2010-11 Federal Budget [1], but we didn't go through with it for.... reasons...

[0] And there's good reason to believe it would have radically simplified things. I recall 'tax agents' really hating the idea for some strange reason.

[1] http://www.budget.gov.au/2010-11/content/bp2/html/bp2_revenu...

chadlavi 2 days ago 2 replies      
What I find truly amazing about the tax situation here in the US is the sheer unpredictability. You the employee are burdened with choosing the right formula to deduct taxes from your paychecks, but there is no ironclad way to ensure that you deduct only the exact right amountor to check whether you've been deducting enough. For most people, tax time comes and either they get a bunch of money back (they deducted too much), or they owe a bunch of money (they deducted too little). I'd rather just have exactly the right amount deducted.

Some people choose to not deduct any, and put a guesstimate of what their tax bill will be into savings, so that they can make some tiny amount of interest on it over the course of the year, then when tax time comes, pay just exactly what's owed. But this feels like playing with fire to me.

strictnein 1 day ago 2 replies      
The reason American taxes are more complex is that both parties use the income tax system for social engineering. They want to encourage things like home ownership, attending college, having kids, donating to charity, etc, so they let you deduct related costs.
alkonaut 1 day ago 1 reply      
I file mine by ticking a checkbox and signing with the normal national digital id app. This is Sweden.

I do not understand how the hell this is still so complicated in the US. Just change it?

My impression of politics and authorities is "if something is obviously broken then it's already worked on and probably fixed within a year or two".

The reason crap isn't fixed in the US? Beats me - but I'll guess: because a lot of people don't want it fixed. And those people contribute money to politics. You have a political system where money can be used to campaign for political office. Fix that.

monster_group 1 day ago 1 reply      
I hate doing tax paper work like everybody but I would rather do it myself than let government do it. When I do it myself I am very careful to make sure I have gotten every possible deduction. If I let the government do it, most likely I will wait until the last day to review it and then I would say 'yeah looks right' without doing due diligence. If the government makes mistake of omitting a deduction or two on people's tax return then people would complain how government is trying to rip them off by deliberately omitting deductions. I also hate the complicated tax code like everybody else but that is a necessary evil I believe. US has large variations in income/wealth and one size doesn't fit all. The fact that tax code is complicated is actually an indication that there are tax breaks available for most people in many forms. US taxes are much lower than European taxes. It is easy to simplify the tax code by taxing everybody 30-40% like European countries. I would rather have a complicated tax code that results in lower taxes than a simple tax code that results in higher taxes.
CalRobert 2 days ago 0 replies      
Just filed my FBAR and every year it feels like the requirements change so they have a reason to convict you of something. This year they just moved the due date up by a few months for no apparent reason. I'm simply lucky that I happened to do it now (I normally procrastinate until June); that's a good $10,000 fine if they believe it was accidental; $100,000 otherwise.

I'm fine with taxes, but filing taxes in the US is utter bullshit.

To give credit where it's due, though, the state of California has free online filing (Calfile) , which is nice.

wobbleblob 2 days ago 2 replies      
We cant make paying taxes pleasant, but at least we can make it simple.

I actually don't mind paying taxes, because I can see around me every day that the money is mostly put to good use. I can imagine if I lived in a place where there were little or no public services, bad public schools, bad infrastructure, five digit annual college fees, polluted tap water, power with frequent blackouts or brownouts etc, I'd be pissed off with my tax bill too.

danjoc 1 day ago 2 replies      
I'm the only American I know that does my own taxes. I've never paid anyone to do them. I've never use software to do it. I print the form, and fill it out with a pen. It only takes me a few minutes. I even filed my own C corporation taxes once long ago. I'm not a CPA or tax lawyer or in any line of work related to taxes.
basseq 1 day ago 0 replies      
I did some work for the IRS several years ago to explore the same idea. There are many benefits, including simplicity and accuracy of filing (closing the $500B tax gap), as well as better fraud protection (another $25B).Protectionism of the tax return industry is common, but not the primary reason. Instead, the biggest pushback is from taxpayer advocacy groups. The issue is this: for many Americans, particularly low income Americans, their tax refund is the largest check they receive all year. Delaying that refund in order to receive all tax information (e.g., from banks and employers) and pre-populate a tax return would push back initial refund checks by 1-2 months. This is tantamount to political suicide.

More detail: https://news.ycombinator.com/item?id=14004152

mnm1 1 day ago 2 replies      
All other developed countries have no problem doing ________.

Why can't the US do _________?


Works for simple tax returns, healthcare, labor laws, unionizing, etc.

jaysoncena 1 day ago 0 replies      
I'm not sure how easy it is in Japan but in Singapore, It just took me 10-15 mins to file my tax.1. Login to IRAS(tax bureau) portal using the national ID (for me as foreigner, I used my employment pass ID)2. Open the page for filing income tax3. I entered total annual salary and allowances4. I have donated to a government-recognized charity and this is automatically reflected on the form. It seems that the charity uploads donation infos to IRAS5. Check if the tax relief for having a child is there6. Click submit7. Review and re-submit

You also have an option to do installment, deducting from your bank account monthly.

I don't have any other source of income so it will be different for other people.

Waterluvian 1 day ago 1 reply      
I don't have the most complex tax situation: a wife, child, income, capital gains. But it takes me maybe 15 minutes in Canada to do.

I once screwed it up and they fixed it for me, yielding a larger return than I calculated (I accidentally zeroed the RRSP contribution carry over value).

Thought maybe this would help give perspective of what can be.

shoshin23 2 days ago 0 replies      
In India, most people I know use ClearTax. It's freemium(the last 3 years I've only used the free version, that was enough.) and I spent only about 20 minutes or so every year filing my taxes. Everything becomes super simple with Form 16, given out by my employer. And apart from this the government has an e-filing system but I've never used it. ClearTax was enough.
andrewla 2 days ago 1 reply      
Ah, this takes me back -- one of things that I really liked in Obama's 2008 campaign [1]:

> Simplify Tax Filings for Middle Class Americans: Obama will dramatically simplify tax filings so that millions of Americans will be able to do their taxes in less than five minutes. Obama will ensure that the IRS uses the information it already gets from banks and employers to give taxpayers the option of pre-filled tax forms to verify, sign and return. Experts estimate that the Obama proposal will save Americans up to 200 million total hours of work and aggravation and up to $2 billion in tax preparer fees.

[1] https://web-beta.archive.org/web/20080402203402/http://www.b...

mbroncano 1 day ago 0 replies      
Sorry, but no: the US doesn't lead in this issue either. Filling in taxes here is worse that going to the dentist.

It's embarrassing as well to witness so many Americans to dismiss what's obvious for anybody having lived abroad. The tax system here sucks donkey balls. Background: lived and worked in three different countries, filled in taxes everywhere by myself. Sometimes with a dictionary, and never was so bad as in the US, even with Turbo Tax.

No, it's not only tax filling. No sir: immigration system, health care, education ... failing to admit the US lags far behind the (rest of the) civilized world is the surest recipe for worsening the situation.

Get smart, America. You're for a big surprise when you wake up to a world that's surpassed you already in most issues.

ivan_gammel 2 days ago 0 replies      
Ex-Russian here: this year I had very pleasant experience with FNS to declare and pay income tax for some extra income (13% flat rate btw). 5 minutes on the web site just to declare the money they were not yet aware of, click submit and choose payment method (could be cash payment in any bank, credit card or via integration with lots of banking APIs - my choice). Few more minutes after I figured out there's a small old debt on property tax, that they never bothered to collect, to pay it too. They started with rather complex desktop app and continuously improved UX, so now it's really good. Worth to mention that they have 2FA option with security token.
mvidal01 1 day ago 0 replies      
This is a very interesting story about a Stanford professor that tried to get California to pass a law to make paying state taxes easier.


More: https://priceonomics.com/the-stanford-professor-who-fought-t...

markvdb 2 days ago 1 reply      
Belgium is interesting. The forms are really complicated, but luckily largely prefilled forms for most (salary and pension income, mortgage related deductions, ...).

Apart from the complexity, the problem here is the extremely slow return of what the government owes you.

For 2016 income:* filing between 20170426 - 20170630* final calculation by post ~20171101 - ~20180401* return of overpaid amount ~20180101 - ~20180601

The Belgian revenue service almost always overcharges on obligatory prepayments. Refunds happen only at the end of the process. That means an ordinary Belgian citizen gives a free loan to Belgian government for ~12-18 months.

tantalor 1 day ago 1 reply      
I don't mind the idea of figuring my own taxes, after all I can lookup all the numbers pretty easily, but the main obstacle to that is the tax instructions are impossible to parse.

We should require the IRS to release the tax forms in a machine-readable format, e.g., as open-source software. The human-readable instructions should merely be the spec.Other people can write nice interfaces on top of that. Then you can run the code on your phone to figure your taxes.

glenneroo 2 days ago 0 replies      
In Austria, we only have to file (online) every 5 years, and even that is somewhat optional. If you don't do your taxes, the only loser will be you, since you might lose out on getting some cash back.
kartan 2 days ago 2 replies      
Today I filed taxes in Sweden for the first time.

1. Sign-in from Bank-id at Skatteverket

2. Review pre-populated amounts

3. Digitally sign acceptance filing with Bank-id

If I just have one salary from one employer all year round, why should it be more complicated than this?

tbihl 1 day ago 0 replies      
Obligatory EconTalk for people who want to better understand US taxes and popular perception of them:


faebi 2 days ago 0 replies      
How much of those time savings and costs are beeing moved from the employee to the employer? How much simpler is it for the companies?
alexmingoia 1 day ago 0 replies      
Because like healthcare Americans are governed by lobbyists and ideology. US tax law filing complexity is a flagrant violation of due process but the Supreme Court refuses to hear the many cases they've received.
ominous 2 days ago 1 reply      
offtopic: Is this a new thing? Double clicked a word to try and select it, and the text changes size. Windows 10, Firefox.

Up there with "smooth scrolling", "clipboard hijack" and making me type something in the browser console so I can use javascript. Annoying.

oarla 2 days ago 0 replies      
Isn't there FreeFile on IRS's website which allows someone with a simple return (no capital gains, only standard deductions etc) to file for free. It would be as simple as described in this article.
coldcode 1 day ago 1 reply      
Perhaps it would be easier to have the government collect all of our income, subtract the taxes, and pay us the difference once a year. That would be even simpler.
wazoox 2 days ago 0 replies      
In France I only need to fill in charity donations opening tax reductions, and digitally sign the web form. Takes about 3 minutes.
Fej 1 day ago 0 replies      
I'm one of the somewhat lucky ones - I file a Form 1040EZ. It's pretty simple. Fill in the boxes, do a bit of really simple math, and sign on the dotted line. My state, New Jersey, does free online filing as well.

There is a silver lining to everything. US tax filing isn't completely bad.

Oletros 2 days ago 0 replies      
In Spain is a breeze, a web app prefilled with your financial data
dfar1 1 day ago 0 replies      
lobbying lobbying lobbying.... tax companies drop millions of dollars to get whatever they want. It's american politics at it's best.
warsharks 1 day ago 0 replies      
dont most places in the world have your employer deal with your tax contributions?
hyperliner 1 day ago 1 reply      
US tax payer here.

I'm going to stay away from discussing TurboTax from a political perspective.

However, I have used TurboTax since the first year I had income. It's super easy. As my income has gotten complex over time (from simple, one employer tax return to multiple employers in a same year, real estate, investments, and office expenses), I have found TurboTax worth the $90 or $100 it costs to purchase the software every year. I always purchase the $40 "Audit Protection" and have never used it: not once I have been audited.

It does take some investment of time. You need to read the questions, learn to figure out the forms that you get from banks, and be careful in inputing your data. But a lot of the sections are skipped anyway. I learned to stay away from buying stocks that are partnerships (pain the behind to do during TaxTime, not worth the hassle if you can find alternative stocks). TurboTax remembers my last year's numbers and that is also super easy. It helps me stay informed and keep responsibility for my tax situation and make my own decisions on what to do next year without "the government or the employer doing it for me."

I have always had the temptation to go to a full service (H&R Block, or some of the higher end ones offered by my bank), with the idea of maybe discovering that I have been overpaying all these years! But I have never done it, mainly because of concerns on identity theft. Today, all my data is in my computer and the only time the data leaves my network is when I send it to TurboTax for e-filing. This could also be avoided if I printed it and mailed it, but I rather not take my chances with lost mail.

I did have some large income a number of years back due to a sale of a company, and I was doubting myself about whether I was "paying too much." I simply asked folks around me, and they told me "nope, you are good" as the cash was distributed as regular income in my W2.

All in all, TurboTax has served me well. My investment is a total of about 10 hours or so spread over a few months. Every time I get a new form, I go to TurboTax and input it. Sometime around March I wrap things up and file.

juandazapata 2 days ago 0 replies      
Just one more proof that the U.S. Government is owned by corporations.
partycoder 1 day ago 0 replies      
For income tax return, many countries offer the possibility of filing a tax return that is pre-filled with information available to the tax revenue service.

For a person with simple reporting requirements, like only one source of income from a job, and no foreign income (99% of tax returns), the most likely required action is to just accept the proposal and file it... all done for free.

known 2 days ago 1 reply      
Unlike US, Japan is a homogeneous society http://www.boston.com/news/globe/ideas/articles/2007/08/05/t...
huffmsa 2 days ago 3 replies      
"Hey, we here at The Government would like to make your experience paying taxes less painful.

Hence forth, we're just going to take whatever amount we think is accurate, and you don't have to do anything!

Just trust us!"

Politely sir, take one giant step back from that and your beachfront property in Arizona, and diddle your own face.

Now, serious answer? Because EVERYTHING about the US Government is intentionally designed to be slow, cumbersome and painful, SPECIFICALLY to limit the amount of damage government institutions can cause to the country.

How I Used Twilio, Python and Google to Automate My Wedding twilio.com
413 points by SteveMorin  3 days ago   218 comments top 39
andrewguenther 3 days ago 6 replies      
In my opinion, this makes the whole process very impersonal. I invited people to my wedding because I care about them and wanted them to share that day with me. Although it was a lot of effort, I was happy to make save the dates, invitations, and hand write thank you notes to every singe one of them. If you're not willing to do that, then you're inviting too many people in my opinion.
ktzar 3 days ago 2 replies      
I didn't go as far as using automated messages with my guests, but

- organised everything, from guests attendance to guests in tables location, in a huge Gsheets with my wife and a few close relatives.

- did a mobile game for Android and iPhone that was a quiz about me and my wife to be with over 200 questions, that still, 2 years later, people still play at and try to get higher in the leaderboard.

- programmed a Raspberry Pi that showed a slideshow of over 500 pictures of us with our guests since like forever. These pictures were also printed and hanged around the venue for them to find them and take them home.

I also did 10 programmes in 10 different programming languages that printed the food menu (to be used as per table printed menus), but my wife wisely thought it wasn't a good idea.

Slamchunk 3 days ago 4 replies      
Author here.

Weddings are time sinks even small ones like mine, we viewed around 20 venues for example, multiple caterers etc. Anything you can do to save time is a good thing. Handwriting invitations, making 500 paper cranes by hand all are lovely gestures but we focussed on what was important to us - food! For example saved a bunch from ditching traditional wedding invites and table favors (we did have amazing flowers for the tables) that we could then reallocated to having the best food and wine for our guests.

Plus it may sound strange but we don't have all of our friends postal addresses noted down, so mailing out invites would have been even more cumbersome.

jdpedrie 3 days ago 5 replies      
I like it, but I think if I'd sent out save the dates via SMS for my wedding I'd have been sleeping alone for quite a while.
gunnihinn 3 days ago 1 reply      
And the divorce announcement will be an "Our incredible journey" post on Medium.
inputcoffee 3 days ago 7 replies      
For the whole pipeline, you should also connect:

Tinder + your calendar app + Opentable

to automate the dating process.

The output of that can be the input of this.

upbeatlinux 3 days ago 0 replies      
Hmm, not entirely sure I would title this wedding at scale. It does seem like a fairly standard wedding size. Great homebrew solution though.

I did something similar in 2009 with a custom Wordpress plugin. However, guests were imported from a CSV of our Google Sheet guest list as Wordpress users. Each guest was automatically assigned a randomly generated dinner code. The code was included in the wedding invite card as we wanted to be fairly traditional.

When a guest confirmed they received an email with custom directions from their home address and a printable parking pass. Guests could cancel up to two weeks before the event at which time an email was sent to the caterer. The plugin also generated email reminders 7, 2, and 1 day prior with the same links.

Two weeks prior to our wedding the guest food selections were compiled and sent directly to the caterer for final numbers. Seating charts and name cards with food selections were also printed using the WP database and PDF templates via pdftk.

Guest who provided email addresses were sent photos from the event via Picasa Web Albums 3 weeks after the event.

While this is much lighter weight and as others have expressed fairly impersonal the grooms family and bride probably knew this.

Kudos on a quick and fun implementation! In retrospect I wish I had use Twilio ;)

cableshaft 3 days ago 0 replies      
I'm terrible at responding to physical invitations (I had two friends actually have to ask me in person after I didn't get back to them for over a month).

But an SMS invite I most likely would get back to you within a day, most likely, possibly within ten minutes. For people like me, it's so much easier and much lower friction to respond to a text.

I can be just as bad with email. My parents get responses from me a lot more quickly now that they've started getting into the habit of texting (yes, it's taken that long).

unpythonic 3 days ago 2 replies      
Are you going to continue family life the automated way? Perhaps start a family using Jenkins: an enjoyable build process, lots of tests along the way, and release to production once they're out of college.
nutanc 3 days ago 0 replies      
What are the odds, wrote this blog exactly 5 years ago,to the day, http://blog.kookoo.in/2012/04/wedding-ivr.html

This was built using KooKoo, the Twilio for India and is more of an IVR rather than SMS as India is a voice friendly country, and who does not like to hear the invite in the groom's own voice :)

Its got options for directions etc too, people always seem to call to know the directions to marriage hall :)

iblaine 3 days ago 4 replies      
Physical wedding invitations are still tradition such that people may get offended if they do not get one in the mail.
semi-extrinsic 3 days ago 1 reply      
I'm surprised that he didn't find another solution to the cost of sending ~ 140 (70*2) invites for ~ 380 ($480), or $3.50 per invite. The profit margins people make on those invite cards is huge.

My personal hack that I use for invitations/thank you notes/christmas cards/etc. is this:

You can just create them yourself (any design! copy one off the internet!) in Photoshop/Gimp/Illustrator/PowerPoint/whatever. I won't judge (except if it's PowerPoint).

Then have them printed as 4x6 (or whatever) photos for $0.09 each. With envelopes at $0.03 each and postage at $0.49 you're up to $0.61 per invite, or $85 rather than $480 in OPs case.

zkanda 3 days ago 0 replies      
Hi, For people who want to do this but don't want to code anything, you can use https://www.engagespark.com/twilio-alternative/

* In this case you can do an SMS Poll asking who would like to come.

* If you want to do this a bit more personal, you could use an IVR Poll instead, so they'd hear your voice.

* You can even go further and build some logic, if they replied yes, then you ask them what food choice do they want, no need for interacting with google spreadsheet.

* You can view all this with some pretty graphs and download the spreadsheet with all the information that happened on the engagement.

* Or if you want fancier stuff, do the above, pass the results to Zapier, and manipulate them with any other apps linked into Zapier.

Disclaimer: I work on engageSPARK

mivv 3 days ago 0 replies      
My wife and I did something a little similar. I built out our RSVP system on a web app, but we still printed actual invitations pointing people to go to our website, with a unique handwritten code on each one.

You can check out the code here if interested. It also includes the wedding info site as part of it, so there is a bit of cruft, but I'm sure you could repurpose it if you dug into it deep enough: https://github.com/mvarrieur/vovarrieur-dot-com

cheeze 3 days ago 3 replies      
> It is a cash bar, so please bring sufficient money with you as there is no nearby cash machine.

Are guests expected to purchase their own alcohol at their wedding?

joshaidan 3 days ago 2 replies      
I'm working on a check-in system for our reception using a Raspberry Pi, a RC522 reader and MIFARE RFID cards. Guests tap their card to check-in and the monitor displays their table number. I'll log their check-in time among other things. Is there a point to it? No, it's just to be fun and cool.


nerdsaresingle 3 days ago 0 replies      
Lol. No wonder Nerds are single. There are events in life which are very personal and people value it when you actually spend time for them and with them.
gigatexal 3 days ago 0 replies      
hah, I thought I was a nerd until I saw this. I wish I had done this for my wedding. Kudos!
avip 3 days ago 4 replies      
Why do you need to "automate" an action you're expecting to perform, in the happy case, once in a lifetime?
odbol_ 3 days ago 0 replies      
I did something similar: I made a little Javascript web game which you have to play and win in order to RSVP. Made a spreadsheet of guests and their emails, and emailed them all using the Mail Merge extension for Google Sheets.

Once you play and win the game, it links to a Google Form with your name pre-filled. All the responses go into a spreadsheet, and I can easily do a query against the original spreadsheet to see who still needs to RSVP. Then follow up with those people personally. Overall people really enjoyed the game and thought it was a unique invite.

Plus it saved a crapton of money and trees and gasoline, which was the most important part for me. The wedding industry is built on waste and my fiance and I don't want to support such an outdated, unsustainable tradition.

securingsincity 3 days ago 0 replies      
I built a platform to manage invites using email for my wedding. We tracked delivery and opens. On the wedding website itself, we were able to have RSVPs for the people we sent to, intake song requests with Spotify with autocomplete.

It was pretty successful. It saved a ~$1000 in paper invites with postage and the stress of making sure people sent them back. We even had followed-up by sending reminder emails. Which we definitely couldn't have done with paper. The downside is that it's more informal but our guests appreciated the open bar instead.

I'm building something similar for a friend's wedding right now with the intention of having open to the public with features like SMS and table seating generators.

paulcole 3 days ago 8 replies      
>invites are not environmentally friendly

As opposed to the sustainability of dozens of people traveling from near and far.

sauronlord 1 day ago 0 replies      
Good luck with that. Come back in a couple years and tell us how it went.

Maybe you can automate your divorce too.

trengrj 1 day ago 0 replies      
I made a simple ruby Sinatra app using Google docs as my spreadsheet and then used Mailchimp for emails. It worked fairly well and made it easy to play with the data.
hamandcheese 3 days ago 1 reply      
If and when I get married I probably won't take it to this extreme, but I can imagine it might be nice to use some sort of CRM to manage my communications with all the guests and wedding vendors.
siliconc0w 3 days ago 0 replies      
You're missing the bitcoin registry.
Markoff 1 day ago 0 replies      
i get you did this as exercise but from efficiency point it seem like waste of time just to invite around 60 people (have i got it right if 40 accepted means acceptance around 70%), I would understand if you would have few hundred guests that it's with automating bit if you calculate your invested time compared doing it manually (send me group SMS and manually write in sheet who accepted, refused or didn't answer) you are actually losing time

i wish i had such small wedding

Walf 3 days ago 1 reply      
What happens when some oldie replies "Sorry, I'd love to say yes but Wilbur's having his heart surgery that weekend."?
j_s 3 days ago 0 replies      
I remember working too long on the email version of my wedding invitation for those who chose to receive the electronic edition when they filled out the Gogle Form to RSVP... trying to get fancy with email formatting is such a pain! I sent out the initial "Save the Date" postcard by mail.
robk 3 days ago 2 replies      
Cash bar is poor form
Cub3 3 days ago 0 replies      
I'm creating a process like this at the moment for my weddings RSVP, i'm using a paper invite that will be mailed out directing guests to a simple website that posts to a Google Form and generates an calendar invite for them with the details.
anigbrowl 3 days ago 0 replies      
Who says that romance is dead
willyyr 3 days ago 0 replies      
So could somebody build this please? I can already see the pricing page in front of me charging per invites and different features. I'd use it.
zukunftsalick 3 days ago 0 replies      
If it hurts, do it more often so we feel the pain hard enough to justify automating. I wonder how many weddings he has gone through in his life :)
s3nnyy 3 days ago 0 replies      
Has someone an idea why Twilio stocks are going "sideways" for months?
dschep 3 days ago 0 replies      
Hah, my sister did something not too different, she wrote a small Flask app hosted on PythonAnywhere[0] for guests to RSVP to her wedding.

[0] https://www.pythonanywhere.com/

kinkrtyavimoodh 3 days ago 2 replies      
I like the general spirit of automating things, but I find the attitude behind some of this automation a little weird. The point of a lot of these courtesy 'messages' (whether invites, postcards, thank you notes etc.) are that they were personal. The medium does not matter as much as the fact that they were personal, and the money spent on it matters even less, at least to me.

There's no joy in receiving an automated message any more than there is joy in listening to an IVRS voice or an automated sales call. I'd be happier if I received a simple handwritten note or a phone call from a friend inviting me to something than if I was one of 1000 automated recipients of fancy gold-plated card.

For instance, a friend wrote a script to auto reply to people who had wished him on his birthday (he wasn't hiding it, so I didn't have to guess that it was an auto-reply).

Now, the way FB displays and folds posts made on your timeline makes it very difficult and painstaking to reply to a lot of them (if you refresh your page by mistake, you'd have to keep clicking on More... multiple times to get back to where you left). So I'd be completely fine with him posting a common status saying Thank You to everyone.

But knowing that it's a bot reply kinda took away the point of the reply, at least for me.

dbg31415 3 days ago 0 replies      
SMS wedding invites... this needs to be a real thing.

I cringe at getting one of those hand-written save the date cards... knowing full well each one cost the host $5+ and all the time of writing those addresses. And all for what? So it can sit in my mailbox for a month with all the spam grocery store coupons until the next time I check? So inefficient.

I love this so much. I love the simplicity of it. Someone needs to set this up as a real service...

Upload a list of names and cell numbers...

Wedding tool confirms names, asks for photo so they can auto-sort photos of you.

Stolen from https://news.ycombinator.com/item?id=14102182 -- Wedding tool posts pictures of people who RSVP'd as solo and let's them Tinder each other. What a brilliant idea!

Along with lettings singles match up... the tool could let people say who they wanted to sit next to, and who they didn't... taking a lot of the stress off the bride for seating arrangements.

Wedding tool sends save the date RSVPs. Wedding tool sends status updates to all guests in real time... allows people to see if other friends will be there... (I know there are some weddings I only go to if I know enough other friends from college are going.)

Wedding tool sends link to some pretty online invite... with some cute backstory about the couple, or just their TheKnot page.

Wedding tool sends wedding registry to people... segmented would be hot. (I hate how people send those sorts of lists with huge gifts on them to everyone... a lot of that stuff should be targeted towards family, or long-time friends. Toasters and other $50 items for people flying in from out of state.)

Wedding tool figures out dinner options.

Wedding tool sends reminders, calendar invites, cute little pre-wedding marketing posts to generate some excitement. Polls users to share stories about the couple.

Wedding tool lets guests upload photos during the event, tracks back name to their phone number so all they have to do is text photos to the designated number. All photos are available in real time... and to all the guests after. (Of course some level of cleanup could be manually applied after the wedding.)

Wedding tool sends out thank you, links to photos you sent, photos with you in them... lets you say if you want your name tagged in it... or if you think photo is objectionable and should be removed...

Man, I want to go to that wedding... I never want to see another hand-written invite, having been suckered into writing about 500 of those once... yeah it's just torture that the couple inflicts on their closest friends. When my buddy who asked me to write cards was having some trouble, my first thought was literally, "Bro, stay with this girl... I ain't writing invites for you ever again... you'll die alone without her." Ha.

inputcoffee 3 days ago 1 reply      
See? This is the future liberals want...

(note: this is a joking reference to a meme.


Feel free to down-vote but at least realize what it is).

Golang SSH Security grumpy-troll.org
381 points by transitorykris  21 hours ago   90 comments top 18
3pt14159 20 hours ago 1 reply      
I love Digital Ocean, but they do the same thing with their API. I wrote to them about it years ago, even talked to some developers there, and the general explanation is the same: Screw around with cloud-init to get the public key.

If you use the DO API to provision servers my feature request is here:


Please upvote it or at the very least copy the cloud-init script to help provision your servers.

avar 20 hours ago 3 replies      
Oh man:

 > I am bemused by an approach to accepting > security reports which is to go through the > motions of having PGP public keys available > for people to use to report issues but upon > receiving such a request ask for it to be > submitted without PGP because digging out > the keys is too much of a hassle.

eropple 19 hours ago 1 reply      
I am...not a fan of Golang, as I have made pretty clear around here on occasion. But I'll give credit where credit's due, and this is a good decision on the part of the people maintaining x/crypto/ssh. Not the tooling vendor's awful response--I'm pretty sure I know who it is, and if not there's two of 'em because I've had these conversations before--but the maintainers are doing the right thing. This probably shouldn't have gotten out the door without host key verification in the first place (and that ties back into the reasons why I do not like or trust Golang or its community when it comes to tools that I have to consume), but it's better to bite the bullet and fix this now instead of letting it fester.

(The "PGP is too hard for discussing security issues" thing, though, is total nonsense. Can't be doing that.)

mbertschler 20 hours ago 1 reply      
While I really love the stable nature of Go and its standard library, I am happy that this breaking change was put out there in the interest of security.

This issue hit me while building a tool for internal use at my employer. I am using the glide vendoring manager for this project, added another dependency which triggered an update of all other dependencies. At that point my tool broke and forced me to actually think about host key verification.

adtac 20 hours ago 0 replies      
I'm really impressed with the quick response from the golang team. The fact that they didn't mind introducing breaking changes shows that their priorities are right.
YZF 19 hours ago 2 replies      
It's amazing how many people out there consider MITM as something they don't have to defend against. If you're a developer you have to assume your system will be MITMed. It doesn't matter if you're on the Internet or behind a firewall. Trust on first use is not a good solution because someone can tailor their attack against that first use.
niftich 20 hours ago 1 reply      
Golang seems to follow the 80/20 rule from the outset (or perhaps an even smaller proportion), which is perfectly fine. Some other languages' standardlibs try to offer a complete treatment of a particular problemspace from the start which is tricky to get right on first attempt. Those are the instances where developers complain about complex APIs, uneven abstractions, or the like.

However, one of the artifacts of a popular language having a lean-and-mean standard library is that custom code proliferates, and the Go community's distaste for frameworks (as opposed to libraries) means that the it's not just the business-specific edges of the code that's unique in each implementation (as you'd expect), but also a good amount of the plumbing and domain-specific control code and their immediate callers. In some other languages, where there's more of a culture for using a dependency to intentionally simplify your problem space in exchange for ceding control, this style would be derided as NIH.

The vendor's response here is a function of not only the vendor's own rationale and priorities, but also of the above developer philosophy. This is surprising to me, given that Go is an opinionated language, and yet opinionated third-party code driving your logic is frequently discouraged by its community.

On the other hand, the language maintainers' response was measured, proper, and commendable. They made a breaking change to an experimental API, and improved their product in the process.

mitchellh 17 hours ago 3 replies      
Hello! As the blog post clearly states, the vendor is HashiCorp. As the founder of HashiCorp and someone who participated in the initial report we received on this topic, I'd like to state our point of view from my own mouth.

I'd first like to be up front about exactly which of our software doesn't perform host key verification, since we have a lot of software and this CVE doesn't apply to most. There are three places that were identified as affected: Packer and Terraform with SSH provisioners, which both create a machine resource and can perform SSH connections to setup the machine; and Vaults SSH backend in Dynamic Key mode performs SSH connections from the Vault server to hosts (other modes do not).

Any other usage of our software is unaffected.

Well discuss each of these cases in detail, since the details matter to understand our thought process and response.


The SSH secret backend has three modes that can be used for generating SSH credentials: certificates, one-time passwords, and dynamic keys. Only the dynamic key mode ever actually makes connections to other machines, but more importantly, our documentation has always recommended that the dynamic key mode only be used as a last resort because of its various (documented) drawbacks compared to the other modes. With the addition of the ability to generate SSH certificates (which was on our roadmap for a long time and added in 0.7, prior to both the original report and the blog post), we did not explicitly mark the dynamic key mode as deprecated in our documentation, but we probably should do so.

Given that it is not recommended for usage (but maintained for backwards compatibility), we chose to warn users of this additional drawback of the dynamic key method, and documented the lack of host key verification (https://github.com/hashicorp/vault/commit/251da1bcdc27678fea...). As we stated in our response to the reporter, "It isnt something we want to hide (and were not trying to) and we will document this."


Terraform and Packer support the ability to use "provisioners" to bootstrap a machine. In both, the provisioner is run very shortly after the machine is initially created, representing an extremely small window of attack. Neither support connecting to a pre-existing machine via SSH under normal use cases (you can make it happen through some advanced configuration trickery with Terraform, but it's abnormal). Because of this, we didn't register this as a high-priority issue.

However, we admit that this can be improved and we likely should've been more reactionary in our response. I apologize for that. We have added plans to improve this to our roadmap, covered in a couple paragraphs.

As the blog post states, the reporter suggested parsing console logs to determine the host key. And, as the blog post correctly says, we don't want to do this. There is a combinatorial explosion of complexity in supporting this, we have experience with this (due to Vagrant supporting this type of behavior), and we've found maintenance of this sort of functionality to be difficult to support over time. We came to this conclusion though only because there is a viable alternative: SSH certificate authentication. If a viable alternative didn't exist, we may have been forced to take the more complex route.

SSH certificate authentication was introduced many years ago and is broadly supported. This type of auth also provides authenticity to a first-use connection. We mentioned in our response email that this is something we're open to doing instead. I admit that in our response to the reporter, we explicitly said this "is not a priority" but shortly after decided to schedule this work for the next major TF release. We should've followed up again, but didn't.

And that's where we're at currently! I hope this helps make our response to the report and our future roadmap around this issue more clear.

risyasin 20 hours ago 0 replies      
Well. I haven't really started to learn golang yet. But sure that this breaking change indeed convinced me to do it. I have implemented an automated ssh session in another language there was absolutely no host key checking or tofu implementation even worse that they designed the api not to allow that manually. That was frustrating. But obviously the golang language designers and the entry owner and myself sharing the same concerns obviously. Thanks for writing about this
aceperry 19 hours ago 0 replies      
Really wonderful and thorough report. I'm not at all a security expert but manage to learn quite a lot from reading this post. Kudos to the author for giving context and background on the issues. If more security reports are written like this, the whole industry would benefit greatly.
joneholland 19 hours ago 1 reply      
Why do people keep saying "the vendor"? It's hashicorp.
baby 19 hours ago 6 replies      
A few things:

1. how can an experimental library (x/) get a CVE?

2. what is "hostkey verification"? Probably the fingerprint check you usually get when you ssh into a machine + the blocking warning you get when the fingerprint of the machine suddenly changes.

3. if this is what "hostkey verification" is. How is it so hard to implement? create some sort of fingerprint out of the server's public key; prompt the user for input; cache the result.

jakewins 10 hours ago 0 replies      
When we built the new set of drivers for Neo4j, we decided to allow three modes: No encryption, Trust on First Use and Trusted Signature - there's no way to establish an connection without trust.

This was a terrifying decision, because of ease of use concerns. Having done so and shipped it, TL;DR: It worked awesome, outside of some early kinks in TOFU that we worked out - and now everyone can sleep well knowing there's not a single install that thinks they are running an encrypted setup when they really aren't.

Anyone that came back asking for a flag to disable host key verification seemed happy with our argument for why that's not really much different from just disabling encryption.

See "Trust" here: https://neo4j.com/docs/developer-manual/current/drivers/conf...

If you're interested in doing this as well, we wrote code to do it in Python, JS, Java and C#, it's all Apache licensed:

JS: https://github.com/neo4j/neo4j-javascript-driver/blob/1.2/sr...

Python: https://github.com/neo4j/neo4j-python-driver/blob/1.2/neo4j/...

Java: https://github.com/neo4j/neo4j-java-driver/blob/1.3/driver/s...

C#: https://github.com/neo4j/neo4j-dotnet-driver/blob/1.3/Neo4j....

DanielDent 19 hours ago 0 replies      
I wrote about this a while back, and also proposed a solution which doesn't involve parsing console output: https://www.danieldent.com/blog/ssh-requires-a-chain-of-trus...
bradknowles 17 hours ago 0 replies      
Phil may be grumpy, but he is not a troll.
asveikau 12 hours ago 0 replies      
Good thing they didn't write this in C, or their library would have real security trouble. /s
bogomipz 18 hours ago 1 reply      
Could SSHFP records not have been an option here? Especially combined with something like DNSSEC?
chrisper 18 hours ago 0 replies      
I wonder if the devops company was this one:


EDIT: Actually, it looks like it's Hashicorp.

ShadowBrokers: The NSA Compromised the SWIFT Network medium.com
292 points by raesene9  2 days ago   87 comments top 17
raesene9 1 day ago 2 replies      
It's worth following @hackerfantastic (https://twitter.com/hackerfantastic) on twitter at the moment as he's looking through some of the exploits that were dropped along with this documents.

Highlights so far are a 0-day in windows from NT-->2012 which reliably exploits over the SMBv2 port and a bunch of other stuff. (https://twitter.com/hackerfantastic/status/85291588665052774...)

dmix 1 day ago 3 replies      
> This release includes logs, excel files, and even for the first time PowerPoint of TOP SECRET documents. This is a first from Shadow Brokers, this would mean ShadowBrokers has definitely more than only tools.

I'm curious what the implication is here. Why would a TOP SECRET power point slide be packaged together with malware on an attack server? It's either really sloppy OPSEC by NSA TAO (or random hired contractor) or may just be a collection of files put together by an intel agency/'criminal' hacker group from various sources to embarrass NSA.

ryanmarsh 1 day ago 5 replies      
Is anyone else as horrified by this as I am?

Bitcoin being a sewer rat, and the banking system being a bubble boy, I knew a day would come when the bubble boy would be exposed to something bitcoin had grown immune to, get sick, and possibly die. I didn't know his protective bubble was already gone. I thought these banks all communicated on leased lines and weren't exposed to the public internet.

Is there any indication that a criminal hacker gang couldn't have compromised this or other SWIFT service bureau's or banks in a similar manner?

Which fiat bank will be the first Mt Gox?

starefossen 1 day ago 1 reply      
And here is the EastNets' blog post denying the compromise ever happened http://www.eastnets.com/News_Details/17-04-14/No_credibility...
walterbell 1 day ago 0 replies      
> Windows XP/2003 has been unsupported for more than 3 years. This means that security vulnerabilities found on those systems will never be corrected.

Windows Embedded 2009 (based on XP) is receiving security updates until 2019.

jpalomaki 1 day ago 1 reply      
The title does not seem to be accurate. I don't see evidence that whole SWIFT network was compromised. Instead it looks like they compromised one company which connects to the SWIFT network.
SamLevin88 1 day ago 0 replies      
Perhaps this is one of the reasons Americans don't want to be surveilled unconstitutionally by our own government!
Nas808 1 day ago 1 reply      
Every time something like this breaks I have to take it with a grain of salt. I've been fooled by HN before about "major" security breaches that end up not having much of an impact at all.

Cloudflare leak in Feb... sounded like the world was ending here.

pera 1 day ago 1 reply      
I wonder why the TFTP[1] is not enough for the US IC, is there any official explanation?


Globz 1 day ago 1 reply      
is there a particular reason why ALL of them are using the same subnet 192.168.200.*?
nickpsecurity 1 day ago 1 reply      
Alright, maybe SWIFT will be interested in high-assurance systems now. Any day now they'll start applying the best of real INFOSEC to a world-wide, financial-transfer network. Any day now... Probably not lol...
Sephr 1 day ago 2 replies      
How is NSA TAO not being held criminally irresponsible by our administration for not patching the still-unreleased exploits that are currently in possession of third parties?
peterwwillis 1 day ago 1 reply      
We've known the NSA compromised SWIFT since 2013, that the US has control over SWIFT transactions since 2012, and that the US had been failing to guarantee the privacy of EU citizens' transactions on the network since 2011.

We've also known since last year that at least three separate hacks by three separate thieves stole millions of dollars from multiple banks after compromising the SWIFT network.

All 11,000 financial institutions connected to the network should just switch to sending their 15 million messages per day using iPhones. Problem solved.

swalsh 1 day ago 0 replies      
Correct me if i'm wrong, but i'm pretty sure that OddJob hack has a GUI interface built with Visual basic ;)
throwzaway 1 day ago 3 replies      
lallysingh 1 day ago 1 reply      
I'm not surprised that an agency tasked with counter terrorism is intercepting/manipulating wire transfers.
Kinnard 1 day ago 0 replies      
I find it interesting that he did not mention Bitcoin or other blockchain based solutions as an alternative to SWIFT. I doubt that that's because the author is unaware of these technologies.
Historian: Because Please Stop Deleting My Bash History undertitled.com
324 points by jcsalterego  3 days ago   178 comments top 44
larkery 3 days ago 1 reply      
For those on zsh I have something similar [1-2]. It hooks to zshaddhistory and stores the command, running time, CWD, hostname and exit status in a sqlite database, and provides a simple query command.

With a git merge driver [3] the history database can be kept in source control and shared between hosts.

Queries look a bit like

 $ histdb blah time ses dir cmd 09/02 24 ~ ogr2ogr temp/blah.shp 'WFS:http://environment.data.gov.uk/ds/wfs?SERVICE=WFS&INTERFACE=ENVIRONMENTWFS&VERSION=1.0.0&LC=3000000000000000000000000000000' 09/02 24 ~/temp cd blah.shp 15/02 146 ~/.emacs.d git commit -am "blah" 22/02 175 ~ test="asdf/blah.shp" 09:48 743 ~/.histdb hist blah
The sess column here is a unique (per-host) session number which means it can recreate any transcript with a suitable query; if I ran histdb -s 24 it would produce the whole session containing the top two results above, including directory history.

[1] https://github.com/larkery/zsh/blob/master/sqlite-history.zs...[2] https://github.com/larkery/zsh/blob/master/self-insert-overr...[3] https://github.com/larkery/zsh/blob/master/histdb-merge.zsh

forgotpwtomain 3 days ago 3 replies      
> The last few versions of MacOS have introduced random fires which burn down your .bash_history, leaving this occasional sad, sad result:

$ wc -l .bash_history0

I think there is some context missing here... Why is your .bash_history getting cropped? Was there a change in some default configuration of your Terminal app on update perhaps?

On a side-note I really think fish-shell really got history-recall and completion right, which is really the one thing that keeps me using it even if I still script in bash.

janwillemb 3 days ago 3 replies      
I'm a programmer and an historian. So the title of this entry gave me a wrong first impression: there are more people like me! I'm not alone! Imagine the disappointment... ;)
BhavdeepSethi 3 days ago 5 replies      
Something that has been serving me well over the years:

export PROMPT_COMMAND='if [ "$(id -u)" -ne 0 ]; then echo "$(date "+%Y-%m-%d.%H:%M:%S") $(pwd) $(history 1)" >> ~/.logs/bash-history-$(date "+%Y-%m-%d").log; fi'

Creates a daily log file of every command entered. Searching for anything is a simple grep command.

andmarios 2 days ago 1 reply      
Shameless plug, my version of YABHA (yet another bash history app):https://github.com/andmarios/bashistdb

Written in go, uses sqlite and can work locally or remotely. In the latter case you can send history from many accounts and search globally. Transport encryption is based on NaCl. One binary serves all roles.

Doesn't store other information than command line and time but this is what I need most of time.

The main pain point behind its creation was searching in history. There is a global flag (search in all accounts, -g), the wild card is SQL's wild card (%). Less frequently used but very helpful, content search (-A, -B, -C, like grep). Also regexp is supported though very rarely is needed.

saurik 3 days ago 0 replies      

^ In this comment I explained how I just have all my bash history logged directly into SQLite.

alister 3 days ago 7 replies      
What an interesting contrast in attitudes toward privacy:

He makes an extraordinary effort to maintain his bash history whereas I jump through hoops to delete my history (on logout using a .bash_logout file).

I also set my browser to maintain no history, disable saving of chats in everything, delete caches wherever possible, and generally wish that apps and programs had an option to save zero information on exit!

If I want "history" beyond a session, I'll explicitly make a shell alias for a command that I want to remember, or make bookmark for a site I want to revisit, etc.

l0b0 3 days ago 2 replies      
I've been curating my .bash_history for years; it's a great way to recall all those contorted commands which come in handy every year or so:


Git GUI plus a simple Makefile target to sort it is all the tooling necessary:


nikcub 3 days ago 2 replies      
When I was first programming and into UNIX it was the norm amongst those I was learning from that you'd symlink your history file to /dev/null

This had a few advantages which might not be immediately apparent. The most obvious is that you remove the risk of leaking private or sensitive data.

The second is that searching your history is an anti-pattern. If there is a command you can't remember, or if there is a group of commands you need to accomplish a task, you should be writing shell scripts

My ~/bin folder has 104 files in it[0] and is in git, is available wherever I log in, whichever tty I have open and has a much better taxonomy than 'search for part of command' based on doing tasks. The same can't be said for history files.

[0] at its peak when I was a BSD and RHEL user it would have been more files but i've recently switched to Alpine.

jlgaddis 3 days ago 1 reply      
If this article appeals to you, here's a few little items that you may find handy (cf. bash(1)):

 $ shopt -s histappend $ export HISTTIMEFORMAT="%F %T: " $ export HISTCONTROL=ignoreboth $ export HISTFILESIZE=-1 $ export HISTSIZE=-1
Also, maybe you should consider backing up ~/.bash_history occasionally?

kilroy123 3 days ago 1 reply      
Odd that your history is being cleared out, it's never happened to me.

I always keep my own history of every command I ever run. I've moved this from computer to computer. So I can look back years in the past and see what I've done.

 case "$TERM" in xterm*|rxvt*) PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD/$HOME/~}\007"; echo `date +"%b %e %Y %H:%M:%S"` $? \"`history 1|cut -c7-`\" in `pwd` >> ~/.audit' ;; *) ;; esac

TorKlingberg 3 days ago 3 replies      
It seems like Bash history was made for a time that is long gone, and has not been fixed to work in a modern environment. I have tons of shells open, and I cannot promise to close them carefully and sequentially.

Instead I found this to add to my .bashrc:

 pcmd='if [ "$(id -u)" -ne 0 ]; then echo "$(pwd) $(history 1)" >> ~/.logs/bash-history-$(date "+%Y-%m-%d").log; fi' PROMPT_COMMAND="$PROMPT_COMMAND;$pcmd"
It keeps all commands from all open shells in dated log files that I can grep through when Ctrl+R fails me.

Just be aware that if someone hacks into your PC they can see every command you have ever run, including any passwords accidentally pasted.

icehawk 3 days ago 2 replies      
For anyone wondering, the correct way to do that cowsay command is `figlet moo |cowsay -n`
bruce_one 3 days ago 0 replies      
Last time my .zsh_history was randomly emptied on me I was so so stranded - I felt helpless.

I've now doubled-down on it and actually store lots of todo notes or receipt numbers or random snippets like that in my shell history as comments. It's just always there :-)

And fortunately btrfs snapshots (and one time, a backup from a laptop migration...) have saved me form losing it for a long time now :-)

Shell history is awesome, I'm always really intrigued when I see someone like a sysadmin who doesn't use shell history very well (read, at all...)

alpb 3 days ago 4 replies      
Alternatively, you can use ZSH and not lose history, even better, have history work simultaneously in multiple terminal windows simultaneously without closing the window to save/read the history of other windows. http://ohmyz.sh/
jwigg 3 days ago 0 replies      
Alternatives to this implementation:



both are fairly featureful and capture additional metadata about the commands run

it is also possible to use similar tools to log your bash history to mysql, or to syslog, which may be preferable for auditing purposes.

yason 3 days ago 0 replies      
I've gradually come up with a way too elaborate system for maintaining and sharing bash histories locally. I run tmux with several long-running bash prompts and not only I want to append each shell's history into a log incrementally but also to share history between the running shells.

I have a function as my prompt command that does:

- dump the current in-memory history into a separate logfile every few minutes timestamped (using HISTTIMEFORMAT)

- clear the local in-memory history and reload in-memory history from unique history lines from all stored log files, using the most recent timestamp on each

Once there are more than N log files, one of the shells does a similar uniquefying compation step for N log files and writes the output into one new log file. It uses 'mv' to do the compation atomically by moving the affected log files away into a temporary directory for compaction.

If other shells were to update their logs during the compaction those additions would just be saved as normal and compacted in the next cycle. There are always duplicate history lines in the logs to keep things fast so there's no chance for a race condition: no command line in the history can get accidentally deleted and any duplicates are just removed during reading.

As a final step I atomically copy the latest compacted history into .bash_history as a backup. The real data lives in my logs anyway but a single .bash_history is easier to backup: it might be a few lines short but it's always mostly up-to-date.

Looking back at this, I reckon the current Bash history implementation surely can't be ideal.

chongli 3 days ago 3 replies      
Wow, cool! How does this handle the case of multiple shells writing to the history at the same time? I have yet to find a safe way to preserve all that.
hamandcheese 3 days ago 1 reply      
I really like how the search feature shows the frequency of each entry. I've thought before it would be cool to see the most used commands of some of the more experienced folks I work with, though ideally it would be slightly more generic than exact commands - i.e. Different arguments would count for the same command.
dima55 3 days ago 2 replies      
Or, you know, put out the "random fires that burn down your history"
imjustsaying 3 days ago 0 replies      
I like this. It looks like a much better fleshed out version of a one-off python script I use to search bash history - it even coincidentally has the same name so it'll fit right into the muscle memory :D


hendry 3 days ago 0 replies      
HISTFILE=~/bash_history/$(date +%Y-%m)withh() { grep -a $@ ~/bash_history/* }

Work for me... I don't lose bash history.


purephase 3 days ago 0 replies      
I love this idea. It's not important for production / env that are managed through tooling, but the "randomish" nature of losing history on dev/stage is one of those, admittedly minor, annoyances that this would solve.

Great idea, thanks for sharing.

fritzo 2 days ago 1 reply      
I wish there were a tool to share .bash_history across an organization. This would make onboarding so much easier. It would also help to disseminate shell tricks.
smike 3 days ago 1 reply      
I've been using a variant of this: https://debian-administration.org/article/543/Bash_eternal_h... which adds all commands to a file ~/.bash_eternal_history

Plus a script named "ehist" in my path which contains "cat ~/.bash_eternal_history" -- this enables searches with "ehist | grep git"

It also handles the case of multiple shells writing to a history file.

otterley 3 days ago 1 reply      
Some sites require the periodic deletion of .bash_history and .history files as a security policy, because they're quite likely to contain passwords and other secrets in them.
joelthelion 3 days ago 0 replies      
I think a lot of the problems linked to bash history could be solved elegantly by the use of a daemon to exchange information between concurrently opened shells.
softwarelimits 3 days ago 0 replies      
How can we store history of many users [with screen sessions] on another server - as a simple history keeping and monitoring thing? I looked into auditd but did not like the logging format (maybe there is just a nice web front-end missing that interprets the details) - a simple history would be enough.

Next todo was to look if we could send the history to some syslog server - do you have any experiences with a similar solution?

mschuster91 3 days ago 1 reply      
On a sidenote, how do I tell bash to immediately commit to history? I often close iterm tabs with cmd-w which seems to make my bash forget to write history.
rbc 2 days ago 0 replies      
I use my shell history to pickup past command invocations, but at some point, you have to clean things up and create a script. The script could be for repetitive tasks or help tame complicated command line syntax. The nmap, curl and groff utilities are a few of my favorite examples of commands that have too many options.
blincoln 2 days ago 1 reply      
As a pen tester who frequently finds passwords and other sensitive data in shell history files[1], I fully support this effort to make my job even easier :).

[1] Either inline in mysql-type commands, or when users accidentally paste/type their password in when the system isn't expecting it.

SubiculumCode 3 days ago 2 replies      
my bash history gets deleted whenever I inadvertently type my password and hit enter at the wrong prompt. Type sudo 30 time a day, its gonna happen. Yes I know my history has permissions protection, but still. It is plain text. I don't want to have to look for all the places it get copied too with these solutions.
red023 3 days ago 1 reply      
If you touch ZSH (oh my zsh, if that makes a difference) once you will never ever want to use bash again.
kortex 3 days ago 0 replies      
I use git/gitlab in a private repo to keep track of my zsh profile and history. Stupid like a fox!
tty7 3 days ago 1 reply      
What are the random fires? please provide an example, i like to control my HISTFILE

edit: FIRE == OSX specific

ams6110 2 days ago 0 replies      
I only save about 40 lines of shell history. If I find myself repeating something I make a script or alias.

Root account never saves history.

mcguire 2 days ago 0 replies      
"In its nascent form, a script backs up your .bash_history into a SQLite database that sits in your home directory as well."
saulgausin 2 days ago 0 replies      
I think this is nice. I use tmux every day and this will help me to keep my bash history in my multiple tabs.
jlebrech 3 days ago 0 replies      
ctrl-r is great, but i'd like to also delete unwanted results and favourite some and label them.
vfclists 3 days ago 1 reply      
Are there any bash history systems which also store the directory the command was issued in?
noway421 3 days ago 1 reply      
didn't even know that's the case, is zsh affected by this mac os bug?
visarga 3 days ago 1 reply      
My hand made script doing the same thing is also called "hist".
gradstudent 3 days ago 2 replies      
TIL about figlet and cowsay.

Thanks HN!

teddyknox 3 days ago 1 reply      
Teaching Machines to Draw googleblog.com
298 points by yarapavan  2 days ago   72 comments top 16
wimagguc 1 day ago 14 replies      
I've read through all comments and referred docs, but no one seemed to offer much reason why we'd want machines to draw sketches. An incomplete list:

 * It's a different way to represent drawings. Alternative to pixels * Perhaps making it easier to render old-school animation at one point? 
It's a fun rabbit hole though, the many sub-perfect bicycle sketches reminded me to this project, when someone created 3D renders from bicycle sketches: https://www.behance.net/gallery/35437979/Velocipedia?ilo0=1

hardmaru 1 day ago 3 replies      
Hi, I'm the author of this work. Happy to take any questions.
justifier 1 day ago 0 replies      
The article fails to explain where the human inputs came from

The input sketches look a lot like the doodles that people sketched in quick draw (o)

If true that they reused this data I commend their resourcefulness and their clever way of turning data entry into an unaware fun game

(o) https://quickdraw.withgoogle.com

Ono-Sendai 1 day ago 5 replies      
Plug of vaguely related work of mine: http://www.forwardscattering.org/post/42http://www.forwardscattering.org/post/44

One thing interesting about this kind of automatic/AI-generated art is that it forces us to examine preconceptions about human creativeness. What does art mean when an algorithm can paint or draw as well?

ominous 1 day ago 1 reply      
Teaching the Ape to Write PoemsJames Tate, 1943 - 2015

 They didnt have much trouble teaching the ape to write poems: first they strapped him into the chair, then tied the pencil around his hand (the paper had already been nailed down). Then Dr. Bluespire leaned over his shoulder and whispered into his ear: You look like a god sitting there. Why dont you try writing something?
My interpretation is, while we entertain these ideas of "teaching" animals or machines as something we control and decide to do, a long chain of events (evolution, causality, space jesus, technobabble simulation magic or ancient astronauts all the way back) behind us placed us here as well.

 We look like gods sitting here.

anigbrowl 1 day ago 3 replies      
You are teaching the computer to produce simple pictures of things that you find meaningful in response to prompts. You draw something from your imagination into the real world. You won't have built a machine that can draw until it produces a picture that it made on its own initiative without your prompt.
JohnJamesRambo 1 day ago 1 reply      
Welp those first images are terrifying. Gets much better as it goes on. :)
ysub 22 hours ago 0 replies      
Honestly, it's cute but this is somewhat like what you'd expect to come out of a student project at a university, in which case -- the student is getting valuable research experience, student and advisors are advancing their careers, and any IP produced becomes owned by student and advisor.

In this case, Google has spent shareholder resources on a project that really, could be done at any university, on a product that does not put the user first, and Google owns the IP. In fact, wake up -- you the public should view this product as a mechanism for Google to simply collect more data from people. The more people use this, the better Google's algorithms get at drawing. That's all there is to it. Thankfully, this product is not even fun.

There is a dangerous creed currently executed by Google leadership. Consider the Verily Study Watch: https://blog.verily.com/2017/04/introducing-verily-study-wat... . The watch shows to the wearer only one thing: the time. However, it collects all kinds of data, ostensibly for medical research (at least to start). Forget about putting the user first, the Verily blog post literally talks about "user compliance".

Of any project that comes out of Google, you should ask:Does this project even put the user first?Does this project even put Google's shareholders first?And if you are a current Google shareholder (as many of their current and former employees are, if they haven't sold), you should agitate that Google start accepting and focusing on becoming a value company, if all the further growth opportunities they are able to execute is just further user exploitation.

kyle-rb 1 day ago 0 replies      
>Exploring the latent space of generated chair-cats.

How is that not the title of the blog post?

shouldbworking 1 day ago 1 reply      
Oh my God. This is the first time I've seen anything related to AI research that's given me a visceral reaction of terror.

This is more than just making pretty pictures, the machine understands cats and pigs in a human way. It knows how many legs and eyes they're supposed to have, and where they go. And this isn't some human made algorithm, it learned that on its own.

The language of the paper even implies that the researchers don't quite know how the machine can do it. If this is a prequel to research on strong AI humanity is completely fucked.

sedachv 1 day ago 0 replies      
For some historical perspective, compare this to Harold Cohen's AARON generative rule-based system:



Pamela McCorduck's book about Cohen's work, Aaron's Code, is also a good read.

huula 1 day ago 0 replies      
Good work! Training on vector pictures instead of rasterised images seems such a good way to go. With some related data, I imagine this can also be colored.
torcs 1 day ago 0 replies      
the author created an animation using vector drawings generated frame-by-frame using this method, by slowly adjusting the latent variable:


bborud 1 day ago 1 reply      
Everyone I know who tried it drew a somewhat small repertoire of naughty sketches. Yet the service militantly refuses to recognize even the most basic of naughty sketches. :)
ziikutv 1 day ago 3 replies      
Why is this above topics that are many times higher than the current topic rating (17 points vs other topics with 40-50 points)
Overtonwindow 1 day ago 1 reply      
We already have plenty of machines that draw, they're called printers. That aside, I don't see the novelty in a machine drawing, other than a nice display of programing.
Mary Anderson, a Founder of the Outdoor Cooperative REI, Dies at 107 nytimes.com
265 points by BobbyVsTheDevil  2 days ago   112 comments top 10
macNchz 2 days ago 5 replies      
I have a lot of appreciation for the fact that, despite how large the company has become, it's very clear that outdoorsiness is still a big part of the REI's DNA, especially with so many companies these days owned by private equity firms that seem to be most interested in milking their brands for all they're worth.
SnacksOnAPlane 2 days ago 3 replies      
REI is my favorite toy store. I know their prices are higher than, say, Wal-Mart, but I actually feel good supporting them. Plus, you can find insanely good sales if you're a member and you go to their garage sales.

One year I got an entire ski setup (boots, skis, bindings, and installation) for under $300. Ended up reselling them for like $500 3 years later when I moved away from Boston.

Got great boots at a garage sale for like $30, too. You just have to be prepared to get there early and scavenge.

ejlangev 2 days ago 1 reply      
What a great company, always feel like they have good products, good sales, and helpful employees. Never regretted buying something from REI.
Paul-ish 1 day ago 3 replies      
Why aren't more businesses run as coops owned by either the workers or the customers?
davidw 1 day ago 1 reply      
I wish we had 'Decathlon' in the US. It's kind of similar to REI, but the gear is much cheaper, and in some cases of more modest quality (but still quite functional rather than 'cheap crap'). This is a great tradeoff to make if you're pretty casual about this or that activity and not ready to invest the big bucks.
subpixel 2 days ago 2 replies      
As a member, I get an annual dividend from REI. I can assure you that sending customers money is a great way to engender loyalty.
anon263626 1 day ago 0 replies      
REI usually has fantastic gear good enough to not have to seek out specialty stores. Just one example: I got a better, rugged water bottle (7 gal) for less that the cost of the crappy (3 gal) one offered by the local water store. If you needed an ultracompact sleeping-bag and tent for protesting in North Dakota winters, REI probably carries it. Or climbing gear. Or a titanium spork.
code4tee 2 days ago 0 replies      
REI is a great company
nether 2 days ago 1 reply      
What type of rope coiling is that on Mr. Anderson's shoulder?
arkis22 2 days ago 2 replies      
107. Holy cow. Dude did something right.
New research says starting university classes at 11am would improve learning qz.com
229 points by prostoalex  2 days ago   153 comments top 33
brightball 2 days ago 4 replies      
I remember my freshman year at Clemson my dad suggested that I retake calculus even though I already had the AP credit because it would be an "easy A" for GPA sake. It was 8am 4 days a week.

After the first test was failed for not showing my work I dropped the class. My grades in every other class went up after that (next class was closer to 11am) and I never took another 8am class during college.

hackermailman 2 days ago 3 replies      
For a year I got up at 4:30am, rode a bike for 20mins, showered then spent 3-4 hours doing math proofs and watching lectures. The morning was the only time I could get this done since distractions are minimal, you don't have emails/phone calls/obligations to think about like you do after lunch when they start rolling in demanding your attention.
nafizh 2 days ago 5 replies      
I highly suspect that is because most of the students do not go to bed early.
thetli8 2 days ago 1 reply      
A while back, I read an article that discussed the differences in people and how, during the hunter & gatherer era, some humans evolved to be night owls and some humans evolved to be early birds. It determined which person would keep watch at night.

In college, I remembered only signing up for 11am classes as a freshman before changing to 9am classes in sophomore and senior year. I think a lot of this has to do with staying up late in college.

There's probably a time where students can function properly, earlier than 11am, if they were to sleep by 12am.

parthdesai 2 days ago 2 replies      
In my first two years, i didn't even try going to 8am classes after 1st week. And i know alot of engineering classmates who were like this. But i did end up going to 8am classes in my 4th year. Is it because you mature or because courses are actually related to you? I don't know.
bpodgursky 2 days ago 1 reply      
Or maybe... students would just stay up even later.

I know my own sleep basically drifts later and later until I run into hard deadlines. I'd be surprised if most people don't work that way, in a vacuum.

alttag 2 days ago 1 reply      
I have no evidence to rebut the conclusionindeed it aligns with similar research on high school students.

However, a big chokepoint at my current school (major state university) is the availability of classrooms. Classes are already booked in the old (and recently expanded!) building and in the new graduate building for 12-plus hours each day.

There simply isn't enough space to put off scheduling courses until 11.

Besides, just because something is good for the average student doesn't mean it's good for all students. My classes certainly have a different flavor depending on whether they're in the early morning or late evening. Even if it's the same course, the differently timed sections have their own character and attract different sorts of students.

pasbesoin 2 days ago 1 reply      
It's not even an individual choice nor just "biology." When you have a dorm full of people making noise until 1 or 2 am. When you have all the social activity kicking off at 8 or 9 pm...

Unless your institution has a "quiet dorm" you can get a slot in, and you are sufficiently secure in your own, non-mainstream social status...

P.S. U.S. perspective.

charles-salvia 2 days ago 2 replies      
I usually just rely on drugs like... um, caffeine, rather than trying to religiously stick to a particular sleep schedule.
nashashmi 2 days ago 0 replies      
So what should be the idea here: brainless work in the morning and brain-intense work in the afternoon? Yup, sounds like the advice a lot of people use and give others.

What is frustrating is the article does not give that great information where I can just take a few of my own theories and test them through here.

I remember having a routine in high school where I would wake up at 5 am, do some language deciphering intense reading for half an hour, read through some interesting non-fictions for another half, get ready for school, and become sharper than anytime I have been before by 8o'clock.

cJ0th 2 days ago 1 reply      
Tbh, starting later would seem like a typical "doing things for the sake of doing things" thing to me. In my opinion, the majority of people who try to "fix" education are first and foremost just trying to leave a mark, letting everyone know that they were here (maybe without realizing it). Let's suppose you were given the chance to attend lectures by the most impressive person in the world. Don't you think that you'd soak it all in even when those talks were given at 6 am?
TazeTSchnitzel 2 days ago 2 replies      
> High school and college classes in the US can start as early as 7am.

Yikes, that seems cruel, given that might mean getting up at 5am or earlier.

vic-traill 2 days ago 0 replies      
My view is that life rarely aligns to one's habits and/or inclination. This as as true in my teen years as it is in my fifth decade.

I won't project my experience on anyone else; I do however feel strongly that the learned ability to impose my sense of responsibility on my inclination has been a valuable skill in my life.

ben_jones 2 days ago 0 replies      
I remember one year when the math classes I needed were only held at 8am. Combined with roommates who regularly made loud noises as late as 4 in the morning, a lease I could not afford to break, and myself being a very light sleeper... it was a major detriment to my academics.
bluenose69 2 days ago 0 replies      
Why no discussion of the fact that people tend to wake up earlier as they age? A lot of professors are quite tired late in the day, and their lectures might not be too terrific. It seems we should multiply two functions, one increasing and the other decreasing, to find the best time. And then put all classes at that single best hour. Or, well, you know ... stick with the working hours that basically every other adult has to deal with.
gumby 2 days ago 0 replies      
MIT (in the 1980s) almost never had early morning classes. In fact, notoriously, Unified Engineering (aero-astro core sequence) started at 9AM; on the first day of class they apologized to us for the 9AM start saying that they just couldn't schedule it any other way (all the AF ROTC kids were already up so maybe this was a fig leaf excuse).

On the other hand I had more than one undergraduate class start in the early evening.

jriot 2 days ago 9 replies      
18 years old I had to be at work at 545am in the military to learn how to become an air traffic controller. I completed my training in 50% of the allotted time, becoming a fully certified air traffic controller in a fairly complex airspace - White Sand Missile Range, NM when F-117s were still in service. Maybe college students just need to have better self-accountability and learn responsibility.
neutronicus 2 days ago 0 replies      
One year in college I had Calc III at 6 PM. That may have been the most engaged I have ever been in a lecture.
tstegart 2 days ago 1 reply      
What kind of university has the space to start classes at 11AM? Just the logistics of trying to fit that many more classes into your limited building space seems impossible. You'd either need a lot more buildings, or you'd need to be forcing other things to the early time slot.
enahs-sf 2 days ago 0 replies      
My advisor told me that many of the prerequisites for engineering were deliberately set at 8AM as a way to weed out the less dedicated students. Don't know how much truth there is to that statement, but I do know I missed a lot of physics lectures freshman year for this reason.
cbhl 2 days ago 1 reply      
If you actually started the university day at 12pm, though, then evening classes would run later, and students would stay up later, creating a vicious cycle.

Plus, you'd have fewer daylight hours to walk home after class.

hughes 2 days ago 2 replies      
I really don't understand the dependency on hours of the clock.

Would a student struggling in an 8am class in Pacific time suddenly excel if they moved to the East coast and went to 11am classes starting at the same moment?

Is there any variation between the east and west extremes of a given time zone?

Is 11am post daylight savings as effective as 11am before shifting the clocks?

Or is this more about the social habits of the people around the students than the height of the sun in the sky?

dingo_bat 2 days ago 0 replies      
I hate classes that start late. It just means I'll sleep till the time I need to leave for class. If the class is at 8, I'll get up at 730 and of the class is at 11, I'll wake up at 1030. So a later class just wastes my morning.
Spooky23 2 days ago 0 replies      
I always preferred early classes. Usually in school I would be done by lunch MWF, and do 1-6 or 3-7 TuTh.

Most of the people I knew complaining about early classes were hung over. I only drank and carried on during the weekend to avoid that.

gozur88 2 days ago 0 replies      
I expect students would do better for a week or two. By then they'd be getting up at 10:30 and the 11:00 classes would seem early.
ericcumbee 2 days ago 0 replies      
8AM Systems Analysis and Design and 8AM IT Project Management are the two biggest mistakes of my college career.
jksmith 2 days ago 0 replies      
The Nick (local dive bar) closed at 4a to keep from turning into a B&B. Saw RHCP there - good show.
ganfortran 2 days ago 0 replies      
University students optimal learning time of the day varies person by person, common sense indicates.
mifeng 2 days ago 1 reply      
"University students go to sleep later than most people, neuroscience research shows"

- the next mind-blowing revelation in this series of articles.

ctsciencenut 2 days ago 1 reply      
I know this has been proven for high school students as well. There have been some interesting studies about starting times and standardized testing as well. Check out the study "Examining the Impact of Later High School Start Times on the Health and Academic Performance of High School Students: A Multi-Site Study"
Fiahil 2 days ago 1 reply      
Today I learned, American students are lazy and ineffective before 11AM.
douche 2 days ago 0 replies      
That is about when the hangover starts to wear off...
zxcvvcxz 2 days ago 1 reply      
I understand completely that exhausted students are going to perform worse than if they were better-rested. I absolutely do, as I was one - a more naturally late-night person who had to make it to those 9am classes and exams.

But look at the opening photo folks.

We're being asked to give the younger generation later start times because they're going to stay out partying no matter what during school, and we better compensate for this.

What a pathetic state of affairs. Higher education is not meant to be 4 years of partying. Or if it is, let me know which schools are selling this vision, so as an employer I can more carefully filter people's 'educational' experience.

How I Made My Own iPhone in China [video] youtube.com
393 points by nostrademons  3 days ago   132 comments top 30
SexyCyborg 3 days ago 6 replies      
As a Shenzhen local, I'd consider this video one of very few that present a 100% accurate view of the local hardware and market culture. It's very well done and everything he says is correct and that's unusual.
Veratyr 3 days ago 0 replies      
Blog post for those who prefer text to video: https://strangeparts.com/how-i-made-my-own-iphone-in-china/
tag2 3 days ago 6 replies      
Really well edited video. Shenzen seems like a crazy awesome place. One thing I noticed was how he would never haggle on the price. He would always accept straight up say yep ok. Either the prices were really good...or being an American he's not so used to the idea of having to haggle the price (or maybe he felt order size was too small to warrant a haggle). However when in Asia always and negotiate, otherwise you're just increasing the prices for the rest of the expats :)
nsxwolf 3 days ago 2 replies      
I've tried to fix the screen on an iPad and an iPhone. In both cases, I destroyed a ribbon cable connector and rendered the devices useless. I tried to follow the instructions, I tried to use proper tools and go as slowly as possible, and in both cases, the delicate surface mount connectors just turned into powder and flaked right off the board.
sergiotapia 3 days ago 1 reply      
For those curious and don't want to watch the entire video: He uses an iphone backplate, three other parts (touch id etc), and the logic board. So he's using Apple OS.
idank 3 days ago 3 replies      
Makes me wish you could buy a kit and assemble your own phone. We need someone like Arduino to come along for this kind of tech. Would be awesome to just pick up my old and faithful Hakko and solder some sensor to a phone.
Animats 3 days ago 3 replies      
All those people and all that parts infrastructure, just to repair and recycle one brand of phones. Phone repair training school with posters of iPhone boards on the wall. All those shops selling phone parts. All that specialized equipment for servicing them. I like the "bubble removing" machine, a heated vacuum chamber. It looks like mid 20th century automotive, when there were corners with four gas stations that actually could fix cars, and many automotive machine shops.

Why should phones break? It's not like they can't be made much tougher.[1] The real question is, why do people put up with such fragile phones? Is this an interim stage of the technology? Does this stop when iPhone N+1 comes out and the reaction is "yawn?"

So what does all that Shentzen parts retail look like when you're building something new? Can you go into those buildings with a bill of materials and come out ready to load your pick and place machine? Can you get boards fabbed one-off while you wait? Or is it all about repair and simple mods?

[1] https://www.youtube.com/watch?v=mVPku-xItv8

chirau 3 days ago 6 replies      
On top of that 300, add R&D costs, marketing, assembly and shipping and you could very well justify the hefty price we pay for the iPhone.

I am actually surprised it cost this much to make custom.

Abishek_Muthian 3 days ago 1 reply      
So IFixit iPhone repair scores are invalid if you live in Shenzhen.
bitmapbrother 3 days ago 1 reply      
The video should have included the costs for the components as he purchased them as it constantly left me wondering.
namuol 3 days ago 1 reply      
Ha! I met Scotty (the man featured in this video) in Bali, Indonesia about 1.5 years ago. We wound up crossing paths a few more times at a hackerspace after I moved to SF. As you can imagine, he's an incredibly focused but personable guy. Hope to see more videos like this!
cr0sh 3 days ago 2 replies      
I haven't watched the video - but I'm curious where and how he got a 4G LTE module cheaply. I've never found one via Ali Express or TaoBao, but maybe I didn't use the right keywords (or maybe they aren't available as modules?). The best I've been able to find are 3G modules; the 4G ones I have found (from one or two US suppliers) tended to be extremely expensive.

EDIT: NVM all - downthread it was explained what this guy did, and how he didn't go true DIY on the whole thing. So no special 4G module needed.

oldgun 3 days ago 1 reply      
Moral of the story is not how cheap YOU can build YOUR phone by $300, but how cheap Chinese electronic parts could mean to the competition and innovation in the whole electronic industry.

My personal opinion (not necessarily correct): it means that electronic industry could no longer only compete on low prices but newer designs and newer technologies, for better or worse, because Shenzhen, China can always catch up with your price fast with its astonishingly cheap parts.

ben174 3 days ago 2 replies      
Great experiment, and it looks like a lot of fun. But to be practical, the amount of time + effort + risk required to pull this of would offset any amount of money saved.
dazhbog 2 days ago 1 reply      
As a foreigner living in SZ for the past few years, and literally 3 minutes away from the markets, I have to say, well done Scotty for capturing the mess and awesomeness of Huaqiang Bei. Shame that the markets won't stay like this for long though :(
singletoon 2 days ago 0 replies      
One of the very best documentaries I 've ever watched. My most favorite part on describing modern Chinese culture : the need to replace the logic board, and the seller's reaction : 'legit'. In China people still are, indeed, very honorable.
vit05 3 days ago 1 reply      
Amazing how they use WeChat for everything and how someone's word has value in the negotiations. They hardly use paper, receipts.
kiallmacinnes 3 days ago 1 reply      
There are very few YouTube videos that I particularly enjoy watching, this was one of them.

Interesting topic, well filmed given the market circumstances, clear audio, and well edited.. and it definitely didn't hurt that I'm currently learning how to design and build electronics from scratch as a hobby ;)

nodesocket 3 days ago 4 replies      
A fun hobby and project, but I'm guessing nearly all those parts are knock offs and of very cheap quality.
seltzered_ 3 days ago 0 replies      
Somewhat reminded me of the fairphone documentary which follows someone trying to build a phone business (i.e. Talking with suppliers/factories/etc.): https://youtu.be/7C-VTPJxWlw
overcast 3 days ago 1 reply      
This is hilariously awesome.
f311a 1 day ago 0 replies      
How much fully refurbished iPhone 6S will cost here?
andoon 3 days ago 1 reply      
You can buy refurbished iPhones from AliExpress that more or less are the same: made from parts from several iPhones put together.
2bluesc 3 days ago 2 replies      
With a 2-4x standard margin mark-up he hits the price point of a new retail iPhone. Minus his time and Apple support of course. :)
hexagonsun 3 days ago 0 replies      
awesome video. inspiring, when you finally turned it on... that feeling must've been surreal!
nsxwolf 3 days ago 3 replies      
How many of these parts are genuine? Many of the parts are so specific to the iPhone they can't be generic off the shelf components. Some seem impossible to knock off like the SoC or the touch sensors.

If you find a genuine part, that works, is it stolen? Some aesthetic problem? Some defect that doesn't quite render it unusable?

formula_ninguna 3 days ago 0 replies      
how much money did it cost to make this phone?
esMazer 3 days ago 3 replies      
pretty cool!! more like buying and assembling an iphone from parts tough
ruleabidinguser 3 days ago 1 reply      
Really can't stand this style of video.
throwaway000002 3 days ago 3 replies      
"I'm really impressed by Apple's engineering. It's so easy to repair and recycle these phones. I've gotta think that Apple's really proud that their phones don't really end up in landfills."

He then adds, "But there's also credit due to the many thousands of people here who have figured out how to turn trash like this [shows mangled screen assembly] back into beautiful working phones."

Dear friends in Shenzhen, not all Westerner's are as shallow and fantastically, well, douchey as this asshole. We praise you for your ingenuity and unwavering work ethic. Thank you.

Security Certifications Are Causing More Harm Than Good tacnetsol.com
287 points by ginasilvertree  3 days ago   213 comments top 47
e79 3 days ago 6 replies      
The thing with infosec is that no matter if you're a consultant pen tester or an in-house member of a blue team, a high proficiency in technical writing is required. And few certs demonstrate that the person is a good technical writer. It's not enough to know the answers to multiple choice questions. It's not even enough to know how to exploit things. If you don't understand something well and can discuss it in technical detail to a number of different audiences, I don't believe you'll get very far in the industry.

There are a couple of exceptions, of course. OSCP is a good certificate to have. To pass the exam, you are required to not only demonstrate proficiency in several areas (i.e SQL injection, buffer overflows), but you must also write and submit a technical report to a review team. The technical report must address vulnerability overview, impact, risk rating, reproduction steps, and more. Of course the exam isn't perfect, but it's probably the biggest test of real technical understanding and ability I've ever seen.

orev 3 days ago 10 replies      
There is a huge problem in IT. It's not certifications. It's the totally illogical bias against certifications. There's no reason someone can't have both skills and certifications, but everyone treats them as mutually exclusive. Certs help with administrative things like HR requirements, contractual obligations, audits, etc... No, those things do not make one secure, but running a business is not only about being secure. The problem most IT people have is thinking that certs address technical issues, when in fact they address business issues.
leoscuro 3 days ago 12 replies      
Articles like this one frustrate me.

I'm 30, and am essentially starting life over after finishing my military enlistment a couple years ago. all the experience of setting up shops and drafting reports meant nothing with out a degree. So I start working on my degree, and I am absolutely miserable. My love of learning was sucked out of me because I wasn't learning: I was working towards an extra line on my resume.

Right now, I am in a jr. sysadmin position making minimum wage, but I was selected for a SANS scholarship where they pay for your GSEC, GCIH, and one elective cert. My friend bought me a decent laptop, so I could experiment on virtual machines. Another registered me for the NCL so I could access their gyms to spread my legs a bit with more powerful tools. I READ SECURITY WHITEPAPERS FOR FUN NOW. I love trying to figure out how to best balance company workflow and security best practices.

I know at the end, that the three certs are not going to make me a SME, but at the very least I hope that this particular extra line on my resume can help get my foot in the door somewhere I can be mentored and develop my base. A salary that can actually pay my bills would be nice too.

Then I read articles like this, and wonder if I'm going to be sidelined again. I feel like at that point, my life is worthless.

w8rbt 3 days ago 2 replies      
There's 'compliance security' and then there's 'street-smart security'. They are very different things.

Most organizations aim for compliance (it's cheap and easy). They base security on contracts, certs and insurance policies.

Street-smart security practitioners are appalled by this. And, management doesn't understand why the 'security people' aren't on-board with 'compliance'.

It's a lot like the old west with Cowboys and Indians. Two totally different world views.

sathackr 3 days ago 2 replies      
I was involved once in a criminal forensics case. The defense's "expert" witness was a one man computer shop. He had created his own "certifications" and listed them on his resum as indications to the court of his suitability as a witness.

It was literally "person's-company-name Certified Forensic Examiner".

He had created about 6 certifications, all of which he held.

It's kinda funny, but also kinda scary that the court accepted this as proof of his qualifications. The prosecution never raised an objection to it either.

raw23 3 days ago 3 replies      
I think soon that this sentiment will start to apply to Universities. It seems inevitable at some point in the near future there will be an online 'university' (for lack of a better word) who's graduates will be considered equal or even better than a standard university education, particularly for tech related degrees.

Universities have been a centralized source of accreditation for a long time. All it takes is for someone to figure out how to restrict graduation and filter good candidates using testing or some other means to gain accreditation and acceptance of its graduates by industry.

VLM 3 days ago 0 replies      
Certs show the candidate is in the upper 90% of the group. Its no different than fizzbuzz. Its very much like stack ranking and tossing out the bottom 10%, those being the cert-less.

My day job maybe 15, 20 years ago was basically Cisco CCNP Routing test. It was kinda useful to study and pass Cisco Switching test because switching is a different world of networking. Probably I was in the top 10% of router ops, but I was only in the top 90% of switch ops. For many jobs thats perfectly OK.

Something very few people like to talk about is self inflation of company requirements. Top 90th percentile is frankly more than good enough for most companies. Yes lots of self important strutting about rockstars and ninjas but all they really need, often all they can get, is top 90th percentile, and it works out fine.

A cert is not a Nobel prize or Congressional Medal of Honor. Its not even a PHD. Its kinda like graduating middle school, or having a clean-ish criminal record. Maybe the best example is its like passing a drug test for a job, having the self control to not get high for a whopping two or three days before the test is kind of a minimum display of self discipline to get a job.

strictnein 3 days ago 1 reply      
> "Recruiter Thomas Ptacek, whose Chicago-based agency Starfighter specializes in recruiting security folk"

 NET::ERR_CERT_DATE_INVALID Subject: www.starfighters.io Issuer: Go Daddy Secure Certificate Authority - G2 Expires on: Nov 13, 2016 Current date: Apr 12, 2017
Is there some infosec version of Muphry's law?

ryan-c 3 days ago 1 reply      
My pet peeve with CISSP (and all other ISC^2 certifications) is this: https://www.isc2.org/candidate-background.aspx

It appears to say that if you ever hung out on IRC and tried to keep your handle private, you're ineligible.

mi100hael 3 days ago 1 reply      
From most people I talk to, the exception is the OSCP since it requires you to actually pop real, live boxes. Anyone holding that cert has actually exploited a buffer overflow, escalated privileges, etc. CEH, CISSP, etc are just too theoretical with no hands-on requirements.
HenryBemis 3 days ago 2 replies      
Having a 1-2 certifications on a specific domain means that we speak the "same language" regarding our work.

Red flag: someone that has an email signature with 50 letters next to his/her name,there is NO WAY someone is spent enough time on each: coding, security, audit, accountancy, at the age of 30 AND be proficient in all these domains.

unethical_ban 3 days ago 1 reply      
I find value in the SANS courses I've taken. Not hat the certs mean too much, since the tests are pretty easy... but the concepts, common jargon and best-practices discussions that take place can be useful.

It's kind of like college. It's about what you get out of it. From a hiring perspective, though - if a course provides utility, perhaps if one of the interviewers also has taken the cert course, they can probe the candidate more thoroughly on their knowledge from the course.

infosecdude64 3 days ago 1 reply      
Being a manager of an InfoSec team I agree with this, especially the CISSP and CEH.

I've seen a few folks get a CEH and then they're off to App testing land, but the funning thing is, none of them has ever written an app, some not even a script, and they are now doing security testing on mobile apps. Basically they just push a button on an app scanner and pull a report, it's sad.

The folks that do succeed in security are the ones with curiosity, experience and drive to learn.

abraves10001 3 days ago 0 replies      
It doesn't seem like the certs themselves are causing more harm than good, it seems like the lack of evaluation employers do for potential employees is the real issue. Giving too much credence to essentially any degree is problematic, I don't think security certs are exceptional, in this case.
peterwwillis 3 days ago 0 replies      
I joined the workforce at the same time that people were realizing that certs were a joke. That both hurt and helped me, as people hired me based on talent, and not a piece of paper.

But I wasn't in management, and I've since learned how very little technical skill you actually need to be an effective manager, and now I realize that certs are a great way for a manager to understand a complete baseline of the concepts needed for a particular field.

A manager does not need to be a hacker, but they need to understand a baseline of security concepts. That's what certs are really useful for.

amckenna 3 days ago 0 replies      
I think the point is more that security certifications CAN be worthless and you don't NEED them, but that doesn't make them inherently bad/worthless. I think the author's argument should be that the industry has begun to rely on them too heavily for vetting. That makes sense though because it can be very difficult to vet the skills of a client. The hiring process is very time consuming so if you see two candidates and one has "proven" they at least have some baseline skill in an area then they will lean on that for decision making in the same way they look at education or self reported experience.

Experience on a resume is self reported so that is an even worse indicator of skill than a cert. At least one of those two involved external validation by a 3rd party.

I think there are a few good ones out there and getting them ensure the person has at least a baseline knowledge of some subject. I have worked in the industry for years as a pentester, but I still went and got my OSCP and OSCE for fun. A lot of it was review, but it was nice to fill in some gaps and practice things I hadn't had as much experience with.

Certs are like college degrees, you can get by without them, but it can be easier if you have them. You will probably learn some things along the way and the provide a foundation for later studying or pursuit. You don't NEED them, but you don't need a lot of things in life, that doesn't make them worthless.

Maven911 3 days ago 1 reply      
So the article alluded to reading books and hacking on your own. But for those who need some sort of curriculum, progress bar, or structure, what would HN recommend to get to some sort of level of competency in the infosec field (like intermediate level/beginner-advanced).
sxldier 3 days ago 0 replies      
@tptacek and everyone else,

What are your opinions on colleges/Universities with degrees focusing on Cybersecurity?

Such as Utica and there Bachelor/Master degree in Cybersecurity. [1][2]

[1]Program info: http://programs.online.utica.edu/programs/online-cyber-secur...

Curriculum: http://programs.online.utica.edu/programs/bachelor-cyber-sec...

[2]Program info: http://programs.online.utica.edu/programs/masters-cybersecur...

phaus 3 days ago 0 replies      
Many certifications are worthless, but I would argue that not all of them are.

I learned more useful, practical concepts and skills by taking a couple of SANS courses than I did in four years of a CIS program at a University. Both my university classes and the SANS courses consisted of books, presentations, lectures, and individual or group assignments/labs. If they are taught the same as a university course, why is it automatically considered inferior? SANS teaches a lot of tools, but they also teach the underlying concepts to prevent people from becoming dependent on tools. In some subjects, it would be insane to not teach tools. For example, I took the GREM (Malware Analysis) course. Its an very basic course, but it would be foolish for anyone to teach a course about reverse engineering or malware analysis without using IDA or OllyDBG.

While the class won't (and doesn't claim to) turn someone into a professional-level reverse engineer, this course helped me understand a few things about assembly that I just wasn't comprehending when I used other sources.

Would I attempt to use my GREM as justification for applying to a malware analysis job? Of course not, but the course has helped put me on the right path. Its possible many people learned through another, far less expensive method, but that doesn't mean the training was worthless.

If I were hiring someone, I wouldn't use certifications as a sign that they are qualified. However, I would use the certifications listed on their resumes, combined with their work experience, to figure out what kinds of questions I should ask them.

I also wouldn't use certifications or a lack of certifications to disqualify a person. Using your anecdotal evidence of bad experiences with certified people to label all of them as incompetent is ignorant.

rbc 3 days ago 0 replies      
I don't really go along with this post. I think the title is a good eye-catcher, but inaccurate. Terry seems biased toward working on the cutting edge of embedded firmware and I agree that is really important work. I also agree that a certification like the CISSP (I have one of those) won't prepare you for that sort of work.

I'll wildly speculate that some potential Tactical Network Solutions customers are asking about DoD 8570.1 security certifications. That may be a mistake on their part for something as far down in the weeds as embedded firmware solutions or the Centrifuge IoT Security Platform.

On the other hand, some of Terry's customers likely hold those 8570.1 certifications, so he might want to be careful about rubbing in how they wasted their time in acquiring them.

If he takes a look at SI-7 in the System and Information Integrity control family (found in NIST Special Publication 800-53) he might find some selling points for his products. A certified security engineer who had done a RMF audit would know that ;)

cmdrfred 3 days ago 2 replies      
I feel this way about certifications in general. I work with tons of Microsoft and Cisco certified people and the basic computer science errors they make has be doubting the value of those certifications.
gwbas1c 3 days ago 1 reply      
Would you feel comfortable letting a doctor be your primary care physician if all it took was to pass a written multiple choice exam?

Doctors have to go through extensive certification in order to be hired, and constantly have to re-certify. The difference, though, is that a doctor's certification is very rigorous and well-designed.

The difference is that a medical certification proves competency. Certifications in our field do not.

unstatusthequo 3 days ago 2 replies      
Absence of them when you're a consultant is the issue. Its not that it wins you clients by having them, but not having them might lose you opportunities. Also, not obtaining them (especially if you know what you're doing) shows either potential laziness or "better than everyone" attitude that also is negative. The thrust of that article was exceptionally tilted to that attitude, and I would think twice about hiring someone with such a huge head. I'm sure those guys are good at what they do. If so, take the minimal effort to credential yourself so when people see your name on paper, they have some reference that you know what you're doing. Without it, is the readers imagination.

I have CEH, EnCE, and EnCEP. Doing CISSP this year. Why? Because it makes me stand out regardless. And I've landed clients who were amused by the "ethical hacker" destination. So don't undervalue cert just because of some cocky nerds.

secretsinger 3 days ago 0 replies      
There is a similar issue with technology certifications (e.g. FIPS 140-2).

A lot of companies treat these as some kind of mystical incantations that will protect them if sufficiently invoked. Case in point: being mandated to switch from one OTP generator app to another because the latter is "FIPS-Compliant" - regardless of the fact that both generate the exact same set of OTPs.

This cargo-culting is not inherently harmful, but it leads to magical thinking and a false senses of security, as well as diverting time and energy away from more productive avenues.

I suspect that the CISSP-genre of certifications suffers from a similar pathology: intrinsically they do function as at least a partial indicator of some type of competence. The problem is when actors with a financial incentive to game the system meet up with bureaucracies: the less defined but more accurate metrics are thrown under the bus in favour of something that is easy to quantify and sell.

gumby 3 days ago 0 replies      
Every comment seems to be about whether the certs demonstrate anything but this article says, "a job description requiring a CISSP was a warning flag to industry elite not to apply."

In other words: if the company asks for certs it's the equivalent of wanting "6 years of react.js experience". I completely agree.

lazyant 3 days ago 0 replies      
I had a CISSP certification, I let it expired, I couldn't afford traveling and going to conferences to get the Continuous Education points.

If you do the math, attending webminars, reading books and writing reviews don't get you all the points you need every year (I can't imagine the fraud that must be going on for people trying to get those points). So I said "fuck it".

Funny thing is, I'm way more experience in security now (with CISSP expired due to stupid points) than when I got it and was certified. Joke and money-grabbing scheme no doubt.

fosco 3 days ago 0 replies      
I am familiar with people who have purchased undergrad and grad level degrees in various fields as well.

The reality is recognizing the importance of a foundation of education is critical. there will always be shortcuts that people take in every imaginable part of life. With that said, people who have a firm education or knowledge no matter where it is from (institution and/or self-taught) will be able to point out people who took short ccuts fairly quicky. The challenge is knowing the right course of action to take, firing or other knee-jerk reactions can result in more harm than good in some situations.

technion 3 days ago 0 replies      
I had this comment from a recruiter on LinkedIn:

 The CCNA Security only costs $180. It's a very small investment and I don't see why anyone serious about security wouldn't spend the money to get certified
It's like they viewed it as being completely outside of any actual training and development time - even the person hiring saw it as a sticker you were meant to buy.

Edit: Interestingly, this vendor specific cert is far more valuable in my country than anything like CEH if recruiters are anything to go by

godzilla82 3 days ago 0 replies      
My experience with all the certified security consultants is that they refuse to put any effort to understand the end risk of a security vulnerability on the product that is being audited. For e.g. for many sites, it doesnt make sense to implement security features that are required by online banks.

As an aside question for web developers: How many web developers encrypt/checksum all fields on the client-side?

strictnein 3 days ago 1 reply      
It's the oldest story in tech, certs are "worthless" but look at almost any infosec job posting and you'll see:

 Ideal candidate will have CISSP, OSCP, CEH, SSCP, WTFBBQ, etc etc

Zork212 3 days ago 0 replies      
I heard this back in the day when the CNE was "money printing machine, " and the MCSE just kicked off. So nothing has changed from the complainer side of things.

Certs have value depending on the person's skills. Never hire just because they have a CISSP or XYZ.

Sometimes it's just the key to the door to the interview. From there it's up to Employer to properly vet the candidate. If they hire an idiot with a paper cert, then it's their fault... and then they write an article. LOL

homakov 3 days ago 0 replies      
Btw, I conducted pentests for over a hundred of companies (sakurity.com), and none of them ever mentioned any certifications. Maybe 1% of deals failed because of government-specific clearance.
austincheney 3 days ago 0 replies      
I am wondering how many of these wise commenters have actually taken the CISSP exam, or even know what it is? It costs $600 and only has a 60% pass rate even after it requires certain validations in order to achieve a test appointment.

In discussions like these I really wish people would post up front if they had taken the test (regardless of pass or fail). This lets me know which comments I can ignore as completely ignorant.

throwaway2016a 3 days ago 1 reply      
I wanted to get my consulting company into PCI auditing and you need certifications to do that. One problem with the certifications is they aren't actually skill based.

I wouldn't be able to get one despite having experience because:

For several of them it requires years of work experience with a specific job titles (your job needs to be security, it can't just be part of your job) and the continuing education credits are expensive and largely not helpful.

I would love if there was a recognized certification that was actually interested in proving your skills not for making money.

I know other disciplines are the same way.

They don't really serve to keep unskilled people out, they serve as kind of an elite paywall where you need time and money to break through. And breaking through is largely an exercise in brute force not in skill.

abarringer 3 days ago 1 reply      
I once tried to hire for a MS DBA position. The certified MCDBA's could not tell me what an index was or how it would be used. I was shocked so I went and took the tests myself. There were a few questions on indexes but I could see how someone could answer those questions and forget the exam cram by the next week. We ended up hiring someone with no certs and no degree and he was fantastic at the job.
sathackr 3 days ago 0 replies      
I'd venture to say most certifications in general are junk, CYA processes. If you are basing your hiring decision on the letters someone puts after their name, you're doing it wrong.

The same could probably be said for a degree, particularly with the current snowflake "everyone must pass" mentality at so many schools.

Certifications and degrees are nice, but neither guarantees a person is competent in any field.

foo_bar_baz_quu 3 days ago 0 replies      
Disagree with the sensationalism of the article but for anicdata: I interviewed 41 security engineers last year. Gave offers to 8, hired 5.

A few, less than 10, had certs listed on their resumes and no one in the interview loops gave weight to those certs or even talked about them from what I recall

raesene6 3 days ago 2 replies      
I'm going to partially disagree with the article. the problem with the approach of "just learn to be a good security person" is that it doesn't scale. Sure back when I, and a lot of other people who are a bit older, learned security that was the only option, there weren't structured courses and certifications.

However when we're working at scale, certifications can be useful as providing a demonstration that the holder has some level of exposure/knowledge of the arena in question.

what complicatates this quite a bit is that some of the more popular certifications are, rightly, not considered that good as the process to get them lends itself to rote learning. So things like the CEH and CISSP where the exam is multi-choice, not so great.

On the other hand things like the CREST CCT definitely require a decent level of knowledge to pass and you need to be able to apply that knowledge in a practical situation and in time limited conditions.

I find the anti-certification bias in IT and security a bit odd really. If you look at other professions (e.g. law, accountancy, architecture etc etc) it's recognised that these things are required to get a minimum level in place in situations where you have a large body of people, I don't really see why IT Security should be any different.

To me, the problem of "these certifications are bad" should have an answer of "lets make better certifications" not "lets not use certification"

jstewartmobile 3 days ago 0 replies      
A lot of the bigger certs have all kinds of high-dollar prerequisites and accounting that only larger firms are going to bankroll. Perhaps the certs aren't so much an expression of how "good" you are as much as they're a token of how much faith "the man" has that you will stick around long enough to recover the investment.
jvehent 3 days ago 0 replies      
True infosec l33t$ know the only real certification is being able to recite from memory the lyrics of https://www.youtube.com/watch?v=FoUWHfh733Y
doke01 3 days ago 0 replies      
Certs value, if any, are to show a very basic skill level, or starting point. That's it. If you are hiring someone just because they have a CISSP where another individual does not, you don't know what you are doing either.
_pdp_ 3 days ago 0 replies      
While I agree that many of the certifications are worthless they do help newcomers to get into the security field.

I was lucky enough to start early when the only thing you had to do was to show your skills and willingness to learn. Those days are long gone but you can still prove yourself by delivering awesome security research or commentary - and people will hire you based on that.

That being said, any IT field which requires some sort "technical" certification to get hired is probably not the field you would like to get into. Why? Too much competition and race for the bottom line.

Luckily this is not exactly the case with Information Security - yet. In our line of work there are people who do a lot of the uplifting where certifications do matter. I would not say these are very technical jobs and they are totally dispensable. Other professionals acquire specific skill sets which are rare or difficult to obtain and as a result they tend to have the upper hand. There is of course a lot in between.

I do not mean that everyone who has certifications next to their name sucks. Not at all. But unfortunately, unless you are applying for a commoditized IT security field or security manager type of role, it will raise some questions.

Keep in mind that HR is also partially to blame. Many people do not know how internal HR teams typically work which is essential to understand why certain things happen the way they do when hired or when progressing through the ranks of a company.

HR are typically not technical and they are not experts in security either so they do not know what exactly they should be looking for. Of course they are not completely clueless but a seasoned hacker can smell bullshit a far while a well informed HR cannot. HR's filter is your CV and the job spec and these two are simply not enough to evaluate a successful candidate. Some job specs are written by HR themselves which is crazy because they are not in the position to formulate the role so they have to stick to what is known - i.e. certifications.

That being said there is a shortage of IT security professionals. As a result of that almost anyone can get hired if they show the right attributes. It does not take a long time.

The only thing that bothers me with the InfoSec industry these days are not the certs but that companies tend to have really bad hires (maybe due to bad certifications) who due to lack of deep understandings of the subject work on things that practically do not matter. As a result of that these companies have the illusion that they are doing something while the fact is that they do not in a practical sense. This is why in many places no one knows what the security department does - I am not kidding.

Scuds 3 days ago 1 reply      
If I'm a competent enough services and web developer wanting to move into infosec, what else could I be doing to get my foot in the door besides collecting certs, as ostensibly shite as they are?
konceptz 3 days ago 0 replies      
"If you must obtain a security certificate for compliance or regulator reasons, so be it."

It's interesting that his argument is against certs for companies but then he looks at regulation as unchangeable.

ef743b3baa573 3 days ago 0 replies      
so, How does one get into security? (to be specific like Incident response and analyzing intrusions)
jcoffland 3 days ago 0 replies      
There is a lot of self promotion and all my friends agree with me type logic in this article.
geekamongus 3 days ago 0 replies      
OSCP for the win.
Apple's cash hoard swells to $246B cnbc.com
258 points by jgrahamc  22 hours ago   480 comments top 36
cm2187 10 minutes ago 0 replies      
Hum. A quick look at their financials [1]. Their balance sheet only shows $130B of shareholders equity. What it means is that half of that cash/liquidity is not attributable to its shareholders but is effectively borrowed cash. I am sure there all sort of good (tax?) reasons for that. But it doesn't mean Apple is sitting on $246B of liquidity they can spend as they please. They are sitting on more like half of that they can actually spend.

Still a staggering amount though.

[1] https://images.apple.com/newsroom/pdfs/Q1FY17ConsolidatedFin...

breatheoften 19 hours ago 17 replies      
What possible reason could Apple have to repatriate their cash hoard (even with a tax holiday?)

They don't manufacture anything in the us -- do they need those kinds of billions to hire more software developers in Cupertino -- that seems pretty unlikely to me. Do they need it to build more US apple stores (nope they've got that covered).

They are already paying a dividend with free cash flow from their US business ...

I can't imagine why they would ever want to "increase investment" in the us vs the many far more productive things they could conceivably do by spending that money outside the us ...

matt_wulfeck 20 hours ago 7 replies      
They're smart to wait for a more favorable tax environment for repatriation. It really is backwards that we tax money returning to the United States so aggressively. It's greatly in our interest to bring that money home.
CalChris 18 hours ago 3 replies      
Apple is able to use their Double Irish with Dutch Sandwich strategy because they can employ the army of tax lawyers and lobbyists necessary to keep the government busy. XYZ Company cannot do this. So when you see that the United States has a 35% top corporate tax rate, you need to remember Leona Helmsley's observation: We don't pay taxes. Only the little people pay taxes. That rate would be lower if it were administered fairly. It effectively is lower.
faragon 6 hours ago 2 replies      
In my opinion, Apple should buy TSMC (~100 billion) and Qualcomm (~100 billion). It would be a hell of competition for Intel and AMD, now that Moore Law seems to reach its limits.
pokemongoaway 20 hours ago 5 replies      
Invest in R&D you fools! Make a laptop to appease power users, many of whom work for you! Capture our imagination instead of kowtowing to mainstream desire for each product design!
anigbrowl 9 hours ago 0 replies      
Another year of record corporate cash piles, another year of the same old tired rationalizations for a policy that doesn't make good economic sense but seems tied to the future of the gravy train.

I know all the technical and philosophical arguments in favor of doing this, but most people neither know nor care, and their anger is reaching boiling point. Apple won't be the first target, but when enough people are angry enough to take action that's not going to be any comfort. My advise is use it or lose it, because angry people don't make good listeners.

israrkhan 20 hours ago 0 replies      
Apple Is reportedly planning to bid for Toshiba semiconductor business unit. Perhaps they would also want to control critical parts of their supply chain. They can use this cash to acquire foreign companies. I do not expect them to bring this cash back to USA without a major tax break. Perhaps that is what they are waiting for.
Waterluvian 10 hours ago 1 reply      
What is the endgame of a corporation?

Does Apple hold on to $246B because they simply have nothing sensible to use it on and have no need to give it away?

How big can a corporation get before the whole system kind of breaks down or governments break it apart?

lobster_johnson 20 hours ago 5 replies      
There was a brief window, back when Apple started taking off post-Jobs, when their pile of money put them in danger of a hostile, leveraged "bust-up" takeover -- i.e. an outsider could buy the company with borrowed money by using Apple's assets and cash flow as collateral. I always found that idea fascinating. Of course, that moment passed pretty quickly.
happycube 19 hours ago 4 replies      
It's amusing that literally 20 years ago, Apple was a bit cash-strapped and got a $150m investment from Microsoft...
Animats 19 hours ago 0 replies      
Even building the Mothership in Cupertino didn't make a dent in that cash. It's supposed to open soon, but it doesn't look finished yet.
andy_ppp 5 hours ago 0 replies      
Might as well start their own hedge fund with that much cash. They could build the best trading/hedge fund infrasin the world in house then make billions selling it to other players.
wtfishackernews 21 hours ago 13 replies      
Excuse my potentially dumb question, but what is the point of hoarding cash like that? would it not be more useful to reinvest it?
sidcool 9 hours ago 0 replies      
I would buy a bunch of startups and diversify business. Kinda like Alphabet did. Let there be smaller startups within Apple with funding from Apple. Not sure if they are already doing it.
beezle 17 hours ago 1 reply      
No, it did not swell to 246B. Or are we not counting the debt and other obligations they have issued to pay out dividends and do share buybacks? This has been their game for a while now so to trumpet the asset side in isolation is disingenuous by the press and purely clickbait. (another minor point is that the figure is cash + short and long-term marketable securities).
return0 19 hours ago 2 replies      
Hmmm... how much does a big car company cost?
neom 17 hours ago 1 reply      
Will they buy:a) a bank b) a car companyc) healthcare provider/insurance company


mongol 20 hours ago 2 replies      
With that kind of cash, would it make sense to start a bank?
LeicaLatte 9 hours ago 0 replies      
Textbook tech depression, often alluded to by industry watchers like Marc Andreessen. $246B in the bank and not able to use it for good.
LeicaLatte 9 hours ago 0 replies      
Startup idea: Create a country. Setup tax laws so that huge corporations, politicians, business folks can hoard money. Profit.
5_minutes 16 hours ago 0 replies      
And still they cant make a 15" laptop with a normal keyboard.
nodesocket 11 hours ago 0 replies      
Heads up, this is from January. For all negative nancies, if you bought $AAPL on this day (1/31) you'd be up a nice 16%.
bookbinder 20 hours ago 1 reply      
$246B is more than a "rainy day" fund. Unless they are planning to buy Disney or a small country, they should return some of that money to their shareholders.

They could pay out half of their fund and still make do with $123B in the bank.

jlebrech 6 hours ago 0 replies      
they should enter the airliner industry, electric passenger jets or glider jets. and take that worldwide quite quickly.
walkingolof 17 hours ago 0 replies      
Wonder at what point a government would just seize the money, there are few looser compared to what good you could do with the money.....
skdotdan 19 hours ago 1 reply      
Stock buyback?
nodesocket 15 hours ago 0 replies      
I'd love to see Apple acquire Stripe. Let me make a case for why this could be a great addition.

 1.) Apple pay. Apple pay has not caught on, and perhaps Stripe could push it over the tipping point. 2.) Acquire Stripe's team of amazing designers, front-end engineers and operations engineers. 3.) Further revenue into Apple's increasingly massive services business
The problem is Stripe is crazy Silicon Valley over valued. Consensus is that Stripe recently raised 150M at a 10B valuation. 10 billion? No way!

Payments processing is a very slim margin business. From their 2.90% and $0.30, Stripe will make about 1% on average, the rest goes to Wells Fargo. That doesn't seem too bad except that Stripe's total processing volume can't nearly justify that crazy valuation.

peterwwillis 16 hours ago 0 replies      
Weird question: What if Apple folded tomorrow? What happens to the cash? The people? The [global] economy?
heifetz 20 hours ago 1 reply      
this is an article from Jan 31st!
aklemm 13 hours ago 0 replies      
At this point aren't they at risk of thieves (elected officials) conspiring to take huge pieces of that money?
shmerl 9 hours ago 0 replies      
It's sad when so much money is hoarded by such a nasty company.
intrasight 11 hours ago 0 replies      
As a stockholder, I consider that my cash. And it saddens me that I can't get to it ;)
z3t4 19 hours ago 1 reply      
It would surprise me if it's just cash, like literally just laying there. It's probably used to fund startups etc. You should probably be lucky that they are not liquidating it. If it's just laying there doing nothing though, I think that would be bad for the economy, making interests return negatives.
zackmorris 20 hours ago 3 replies      
That's 2.5 million startups that never saw the light day, at $100,000 a pop. When I was in my 20s and hungry to change the world, that would have been FU money for 5 years.

It occurs to me that the problem isn't wealth inequality, but opportunity cost. If you subscribe to the corporate ethos, life is fantastic right now. But if you don't, then you're likely struggling to make rent. Large multinational corporations are standing in the way of progress in a way not seen since the gilded age.

P.S. I like Apple and have always owned a Mac. This is not directed solely at them, I just think that this is not the progress we're looking for.

throwawaybug 20 hours ago 3 replies      
They should buy Uber and Tesla. Both are in markets that shouldn't trigger antitrust concerns. Apple has a patent portfolio that would make the waymo lawsuit go away. Apple would get revenge on google for dicking it over with android vs the iPhone. It would acquire visionary leadership (Musk and Holden) and pragmatic/effective gets things done leadership (Kalanick). Musk+Kalanick = Steve Jobs. These two acquisitions would give them the car manufacturing, self driving car talent, and the market in ridesharing. SpaceX also makes sense since they have plans to put 4000+ satellites up which would erode the only other advantage Google has, which it it's network.
       cached 16 April 2017 15:11:02 GMT