hacker news with inline top comments    .. more ..    13 Aug 2017 Best
home   ask   best   2 weeks ago   
Ad blocking is under attack adguard.com
1080 points by tiagobraw  2 days ago   552 comments top 5
anilgulecha 1 day ago 12 replies      
It was admiral that did this:https://blog.getadmiral.com/dmca-easylist-adblock-copyright-...

They even clearly state they used the only tool available to them, DCMA. From all the current summaries on this, DMCA does not apply to a line entry in easylist. A domain can be trademarked.

This should be added back in. And if github cannot standup to DMCA abuse, then well, easylist and all other developers should be giving a clear hard though to their continued use of the github platform.

Edit: it looks like EFF has gotten in touch with easylist. Good. https://torrentfreak.com/dmca-used-to-remove-ad-server-url-f...

feelin_googley 1 day ago 1 reply      
A quick Google search reveals the following.

"Admiral identifies audiences with ad blockers turned on, works to re-establish those users (by opting in to a lightened ad experience, say, or asking to be whitelisted) and then makes a small cut of every ad served to the reacquired audience."

Source: https://adexchanger.com/publishers/another-ad-blocking-solut...

tl;dr Admiral is a startup that measures an audience's "ad block rate". If the rate is high, they then work to "establish explicit value propositions with users and then serve them with minimal tags and tracking". It also mentions plans to try to process micropayments.

"Admiral is built for a world where ad blockers have won."

Source: Id.

tl;drUnless the founder has changed course from what is described in the 2016 article, as far as I can tell, this startup relies on widespread usage of adblockers. If users do not use adblockers, then this startup has nothing to sell.

VC: "What happens if the ad blockers block the servers that serve the ad blocker tracking image?"

Founder: "I'll send them DMCA notices."

VC: "Excellent. I'm in."


MentallyRetired 1 day ago 2 replies      
From Admiral's responding blogpost:

> 5. We asked them 24 days ago to remove functionalclam[.]com on the original commit.

> Transparent engagement between publishers and visitors is a critical piece of that.

Umm, no? Admiral created an account that they hoped would be mistaken as an official github bot or something. And then, instead of asking, they threatened disruption of the repository.

So, in summary, they:

* Tried to hide their identity* Tried to trick people into thinking they were Github* Threatened, not asked, to remove the site from the list

Look, I'm okay with them wanting to remove a server that helps inform users that they'd like to show ads on their customers sites. At the very least, though, be honest about it.

Also, bless the EFF, man. Heading over there to donate right now.

nilved 2 days ago 3 replies      
The DMCA only applies to the US. Fork the repo and move on. It's time to forget about American hosting.
nkkollaw 1 day ago 4 replies      
I didn't get what the hell happened.

So, Admiralan anti-adblocker companycontacted EasyList and told them to remove a domain from their list. This domain was a server they needed for their anti-adblocker platform to work.

EasyList told Admiral that they would only do it if GitHub agreed, so Admiral contacted GitHub and the domain was removed from the EasyList list after GitHub told EasyList they should comply.

The "attack" is that any company can tell lists to remove their website via using a DMCA violation, so lists become useless.

I have two questions:

1. how would a domain name on a list violate copyright

2. why aren't lists hosted anywhere else but the US so that they can't be controlled by DMCA requests.

Disney acquires own streaming facilities, will pull Netflix content thewaltdisneycompany.com
727 points by anigbrowl  4 days ago   759 comments top 2
geff82 4 days ago 24 replies      
Maybe when I am 60, 70 or 80 the film industry will get their shi* together and finally agree on a solution that has long been found in the music business.

For a truly complete platform, I would FOR SURE pay more than the 10$ a month for Netflix. 20, maybe 30! But then I want it ALL. All films they have in storage.

I mean, it is 2017 and there are a lot of films I can't find on Netflix, Amazon Prime or, when I am in spending mood, on Apple TV. Why? I mean how silly would you want to be as studios? There is no big DVD business anymore, BlueRay never totally took off. People have a net connection and multiple streaming devices at home, thats it. Thats the big asset they could build on! Instead they let their libraries die the death of the unseen film.

Still, many keep shuffeling around harddrives with terabytes of pirated films. And why shouldn't they, as long as there is no substantial offer?

So I decided for me (and the cloud guy I am), that with my 3 services I have, I am ok. If a film is not there, I don't care. I surely won't order a DVD of some old film somewhere and I surely will not subscribe to another service. If Disneys pulls their films from Netflix: thanks Netflix for their growing self produced content that often has a quality not seen before.

Anatidae 4 days ago 46 replies      
If every studio thinks I'm going to pay them $10+ a month to stream their content, they are going to be very mistaken.

I can't imagine that a lot of people want to spend the collective hundreds of dollars to sign up for all the streaming services. It's almost asking to drive people to torrents.

Now, if Disney does something like $30/year or something really affordable - sure. I might do that on a whim. I guess it's all about volume vs. price.

Netflix, however, I'll keep paying for gladly because of the library size. For the streaming price, it is well worth the value.

I Fell Victim to a $1,500 Used Camera Lens Scam on Amazon petapixel.com
908 points by QUFB  1 day ago   415 comments top 8
dingaling 1 day ago 10 replies      
Recap as I understand it, since the blog post isn't

0. Buyer purchased item from third-party seller on Amazon

1. Seller picked a name and address in buyer's town, from an obituary, and sent parcel containing two baking mats thereto ( instead of camera lens )

2. Occupant of that address signed for it believing it to be for the deceased relative

3. USPS updated status to 'delivered' with signature and address recorded

4. However the proof of delivery shows the address from (1) and not the buyer's address

5. Buyer repeatedly appealed on the basis of (4) but Amazon only check that the parcel was signed-for IN THE SAME TOWN. Therefore requests for refunds or further action were denied.

Very clever seller, knows the system well. I wonder how many items he had to sell before striking it rich with a $1500 "lens".

mikeash 1 day ago 27 replies      
I'm wondering more and more why Amazon hosts third-party sellers at all.

They dilute the Amazon brand to a tremendous degree. It used to be that buying from Amazon meant a certain level of quality and service. Now there are really two Amazons: the old one, and a new one that's basically a shitty version of eBay.

I have to go out of my way to avoid these crappy third-party sellers when I'm searching for stuff on Amazon. It's not a nice experience to go searching for a product and have to step through a minefield of "cheap" items that take two months to arrive, or have outrageous shipping fees, or are outright scams.

It is really worth it for Amazon to have them? I struggle to see how.

rgbrenner 1 day ago 5 replies      
filing the chargeback is a good idea... but also, the sender made a critical mistake sending it usps.. that makes it mail fraud. Talk to the US Postal Inspection Service, it's a branch of law enforcement, and I'm sure they would be very interested with all of the evidence youve collected. They can cross state lines and arrest the sender.


ransom1538 1 day ago 3 replies      
Why do people do mail fraud?

While mail fraud crimes often involve the use of the United States Postal Service, or USPS, you can also commit the crime when you use any interstate carrier, such as FedEx, UPS, or other delivery services. Mail fraud is super easy to prove [prints on box, cameras at fedex offices, credit cards used for materials, amazon accounts, logged ips, bank accounts involved, federal authority] and carries ridiculous sentencing: 20 years. THIS is a bad plan for $1500. Most likely this person DID THIS MORE THAN ONCE so they could face like 10 counts - it is 20 years per count. Not to mention people doing the investigation are federal officers - they are on point. With 2nd murder you at least get parole and probably wont do 20 years or charged with multiple counts. mail fraud = bad times.


toast0 1 day ago 2 replies      
It won't get your money back, but it is worthwhile to file a fraud complaint with the USPS as well. Mail fraud for $1500 is a big deal to sweep under the rug with a charge back.
_Codemonkeyism 1 day ago 5 replies      
The only way I've got problems solved with Amazon is going to the police and let them sort it out. Worked every time.

Amazon was in now way responsive or helpful before I've got the police involved.

shiftpgdn 1 day ago 0 replies      
This is the poison in Amazon's well. The average layman has very little grasp of sold & shipped by amazon vs amazon marketplace. Amazon needs to tighten the clamps on all of these awful third party sellers before they become a casualty like ebay.

Anecdotally my father purchased a projector recently and the seller tried the "I can't ship it unless you make payment on my offsite merchant page because Amazon is holding me hostage" scam. My father remarkably recognized this as fraud and reported it to Amazon. He said they were less than helpful in getting a refund to his credit card so he could go make a purchase from a legitimate merchant. They made him wait out the full 30 days it could have possibly taken to ship before they were willing to work with him.

davidu 1 day ago 2 replies      
It seems like the Amazon reps weren't paying attention to the detail, or the seller was also supplying fraudulent evidence of delivery.

This blog post will likely get it resolved for the buyer, though it shouldn't have to be this way.

Four Earth-sized planets detected orbiting the nearest sun-like star ucsc.edu
635 points by mrfusion  2 days ago   293 comments top 7
ExactoKnight 2 days ago 24 replies      
I am flabbergasted that as a society we aren't rushing to build a 100 metre wide telescope mirror large enough for us to directly image the spectra of the potentially habitable exoplanets around us.

A telescope this large could tell us whether any of these potentially habitable planets contain oxygen, and thus, biological processes.

Yet thanks to funding cuts in science the biggest telescope we have in the pipeline right now is one with a 30 metre mirror. This telescope won't be big enough, and as a result, our failure to push now for bigger sizes is almost certainly going to push back for decades humanity's ability to answer one of the most important questions we face:

Why are we here, and are we alone.

semaphoreP 2 days ago 1 reply      
This title is a bit imprecise. They detected four planets with lower bound on their masses to be down to 1.7 Earth masses. Because these planets don't transit, there are no direct measurements from their radius. They can use mass-radius relations to infer the radius of these planets, but the key finding is their masses (actually lower bounds on their masses).
kilroy123 2 days ago 2 replies      
I really really want project Starshot to become a reality. I think this is our best bet for scoping out these near by star systems. At least within our lifetime.

If we could hit 50% speed of light we could do a fly-by mission in ~25 years. Then another 12 years waiting for the data. Honestly, ~37-40 years isn't bad for an interstellar mission. Remember the Voyager programhas been going on for that long! So we already have experience with long space missions.


baron816 2 days ago 16 replies      
Ok, let's assume we find a warm, watery planet like Earth's within ~20 light years, and we figure out a way to travel >= 50% the speed of light, making it somewhat reasonable to get there. If the planet's gravity is greater than 10% different from Earth's, or its Day/Night cycle is much different from Earth's, wouldn't it still be a nightmare to live on.

Anatomically modern humans have lived on Earth for 200,000 years, and the creatures we descended from have lived on Earth for 541 million years. Stuff as dumb as the moon cycles affect us. How are we going to live somewhere that isn't exactly Earth?

deanCommie 2 days ago 4 replies      
Key line to mitigate disappointment:

"The outer two planets around tau Ceti are likely to be candidate habitable worlds, although a massive debris disc around the star probably reduces their habitability due to intensive bombardment by asteroids and comets."

deepGem 2 days ago 0 replies      
Unlike more common smaller stars, such as the red dwarf stars Proxima Centauri and Trappist-1, they are not so faint that planets would be tidally locked, showing the same side to the star at all times.

In such planets, the most habitable zone is around an equator like region where the light and dark regions kind of merge to produce a reddish sunset like hue all through the day. I think one of the planets that Kepler discovered is like that. Life would evolve to absorb these light wavelengths. So for instance plants would all look black. Nova has a great episode on these exoplanets. https://www.youtube.com/watch?v=5HZsFMqqGJo&t=793s

chrismealy 2 days ago 3 replies      
The fastest spacecraft ever built would take 4000 years to travel one light year.
The Internet Archive has digitized 25,000 78rpm Gramophone records archive.org
698 points by yurisagalov  4 days ago   97 comments top 33
indescions_2017 4 days ago 5 replies      
House of the Rising Sun. As interpreted by Josh White, advisor and confidant to F.D.R. Priceless ;)


I find myself on Internet Archive a lot during these dog days of summer. Delving into classic texts like Edgar Rice Burroughs A Princess of Mars or Aldous Huxley's The Perennial Philosophy. Discovering a forgotten H. P. Lovecraft story in the Weird Tales archive. Mining old time radio shows like Suspense for story inspiration. And using the Internet Arcade for screen grabs that can be used in retro-style game texture art. It makes me think I should do a better job of preserving my own output. You never know what future generations may find useful!

komali2 4 days ago 2 replies      
Fun to read some of these reviews, apparentl from random internet folk, like on jungle boogie - https://archive.org/details/78_jungle-boogie_the-bobby-true-...

Some guy just wanted to tell everyone some neat little facts about this thing he apparently knows a lot about. I find it fascinated how much people care to know about things like this.

EDIT: whoever this "arc-alison" character is, they're prolific - I'm finding their informational reviews all over this archive.

guyfawkes303 4 days ago 10 replies      
The records I clicked on have this notice

Digitized from a shellac record, at 78 revolutions per minute. Four stylii were used to transfer this record. They are 3.8mm truncated conical, 2.3mm truncated conical, 2.8mm truncated conical, 3.3mm truncated conical. These were recorded flat and then also equalized with NAB.

The preferred version suggested by an audio engineer at George Blood, L.P. is the equalized version recorded with the 2.3mm truncated conical stylus, and has been copied to have the more friendly filename.

I'm trying to guess but can't imagine what the reasoning for this is. I've tried A/B/C/D testing a few tracks on some crappy speakers and can't discern any difference.

While it's certainly admirable to try and digitize it as thoroughly as possible, I just can't see how a difference of 0.5mm in the stylus width is worth increasing your work load 4x times over (having to record each record 4 times rather than just once).

ShirsenduK 4 days ago 1 reply      
jonah-archive 4 days ago 0 replies      
Lots more info here for the curious: http://great78.archive.org

You can see a picture of one of the four-armed turntables here: http://great78.archive.org/preservation/

beaugunderson 4 days ago 0 replies      
They had me make a Twitter bot that's tweeting out all of the 78s (with preview audio) as well:


sushisource 4 days ago 0 replies      
More sample fodder for the EDM artists and rappers. Always a good thing.
jrowley 4 days ago 3 replies      
I have no experience with this stuff, but I wonder if they could use a laser record player to capture the record, and then replay it with different simulated stylus sizes. Not exactly kosher probably, but could be an interesting experiment. Plus scanning time could be greatly reduced I imagine.
mortalkastor 4 days ago 1 reply      
The "Bibliothque nationale de France" (national library of France) did the same kind of thing with hundreds of thousands vinyl records from their archive, including international ones published in France: http://www.bnfcollectionsonore.fr/
e12e 4 days ago 0 replies      
Certainly a bit of everything on there... :)


pier25 4 days ago 1 reply      
Any sound restoration software would greatly improve these recordings.

For example this one from 1902: https://archive.org/details/78_medley-of-emmetts-yodles_yodl...

I'm sure Izotope would give the RX license for free in exchange for a blog post (or any other audio software company).

daveheq 4 days ago 0 replies      
Imagine after World War 3, the aliens sift through the remnants of humanity, find this archive of digitized 78rpm records, and turn into mustachioed corduroy-wearing hipsters.
0xcb0 4 days ago 0 replies      
This is just great! Listening to these songs instantly sets me back to a relaxed inner state. Together with that sizzling noise of the gramophone record in the background, so calm and chilled.

I currently listen to "A Duke Ellington Panorama", just nice!

Thanks for that and keep up the awesome work!

matt_wulfeck 4 days ago 3 replies      
How would one go about removing the pops and clicks from recorded audio programmatically?

I really like some of the audio here but it needs some post processing. The only thing I can find to do it is audacity and it doesn't look very friendly to scripting.

Finnucane 4 days ago 1 reply      
Too bad it doesn't seem to be easily searched by label--from a historical perspective, it would be cool to be able to search for say, Paramount or Gennet or Okeh.
Nav_Panel 4 days ago 3 replies      
Some very very good stuff in here. I've gotten pretty into 20s thru 50s music over the past couple of years. I usually buy compilations on LP, though, so it's a treat to find these straight off the 78s. A big portion of the stuff never even makes it to digital.

Just at a glance, I'm seeing The Light Crust Doughboys[1], basically a string band supergroup. Multiple members would go on to found famous western swing bands (Bob Wills, Milton Brown). Very proto-rock-and-roll -- listen to that electric guitar -- Elvis would cover some Western Swing numbers[2] in his early days[3].

Also seeing some older stuff, including a few recordings by the (arguable) best banjo player of all time, Vess L. Ossman[4] (from 1907). Pretty cool to listen to these march numbers and then hear them evolve into jazz/ragtime only a couple years later[5] (this is a recording by Fred Van Eps, the second best banjo player of all time, from 1914).

EDITS: seeing some other personal favorites:

Hank Penny, a favorite western swing singer of mine[6]. He usually does it hot/upbeat/fun.

Blind Blake, a guitarist who could play the fretboard like a ragtime piano[7]!

Oh, and here's the WWII-era Bob Wills I was waiting for[8]. Got that classic Leon McAuliffe pedal steel playing. No Tommy Duncan vocals, unfortunately.

Neat! An old solo Art Tatum[9]! Widely considered the best pianist of all time... And another, a whole album[10]!

Really classic early electric guitar playing on a jump blues number by T-Bone Walker[11]. I actually believe he's one of the first to use the electric guitar in blues.

Great steel guitar playing on this Gene Autry cowboy number[12].

Looks like there's a lot of Django for all you gypsy jazz fans[13]. Never heard this take on Avalon before, I dig it.

Lot more to dig through and lot of obscure stuff I'd like to give a shot, but I'm out of time for now...

1: https://archive.org/details/78_pretty-little-dear_light-crus...

2: https://www.youtube.com/watch?v=4wGCTFWhoqQ

3: https://www.youtube.com/watch?v=8bSVEA0ZAVw

4: https://archive.org/details/78_policy-king-march_vess-l.-oss...

5: https://archive.org/details/78_notoriety-rag_van-eps-trio-ka...

6: https://archive.org/details/78_get-yourself-a-red-head_hank-...

7: https://archive.org/details/78_tampa-bound_blind-blake_gbia0...

8: https://archive.org/details/78_texas-playboy-rag_wills-bob-w...

9: https://archive.org/details/78_deep-purple_art-tatum-mitchel...

10: https://archive.org/details/78_art-tatum_art-tatum-james-swi...

11: https://archive.org/details/78_t-bone-blues_les-hite-and-his...

12: https://archive.org/details/78_silver-haired-daddy-of-mine_g...

13: https://archive.org/details/78_the-quintet-of-the-hot-club-o...

menacingly 4 days ago 1 reply      
Very cool that they offer 24bit flac downloads. I'm sure this sentiment is shared here, but I am always impressed by the efforts of this organization
tamersalama 4 days ago 0 replies      
Looks like there are some recordings by Sergei Rachmaninoff himself [1]

[1] https://archive.org/details/georgeblood?sort=&and[]=subject%...

hmhrex 4 days ago 2 replies      
Just curious, what's the copyright on this kind of material?
sdsk8 4 days ago 0 replies      
I don't know about everybody here, but i am listening to so much new things to me on this archive that i'll definitely donate to the archive team today, congratulations for this fantastic job!
fortyfivan 4 days ago 0 replies      
Wow, this is great! I've been a serious record collector for 20 years, but never got into 78s.

My eventual life goal is to do something similar with my Brazilian record collection... have the skeleton of such catalog at: https://www.novedos.com/collection.

vinchuco 4 days ago 0 replies      
Is there a way to stream these indefinitely on shuffle without having to pick each one manually?
orbitingpluto 4 days ago 0 replies      
This is the crowning gem from the Internet Archive (from the 78 RPMs and Cylinder Recordings collection).

Cab Calloway, The Man from Harlem


S_A_P 4 days ago 0 replies      
So the obvious win here besides archiving art is that this is out of copyright sample fodder*

*IANAL and this may not be the case for all the material but I'm sure that there is mountains of inspiration to be mined.

kmeade 4 days ago 1 reply      
I'm curious about something and I can't find the answer on the web site -- Why were these recordings played and digitized in stereo when the records were mono?
barking 4 days ago 0 replies      
What did they smell of?It was really unusual.Tesco, briefly, had an own brand hand soap liquid in the 1990s with exactly the same smell.
amelius 4 days ago 0 replies      
Is it possible to search based on genre or geographic origin?
neelkadia 4 days ago 0 replies      
New stuff for Machine Learning. GAN. Magenta.
cJ0th 4 days ago 0 replies      
thanks for the heads up. this is just amazing!
anjc 4 days ago 0 replies      
I am become The Avalanches, mixer of old songs

Very cool

uBlock Origin Maintainer on Chrome vs. Firefox WebExtensions discourse.mozilla.org
767 points by nachtigall  3 days ago   320 comments top 11
bad_user 3 days ago 8 replies      
After being a Chrome user for several years, I've switched back to Firefox for the past two years or so and I'm really, really happy with it.

Latest version does multi-processing, e10s is finally here (though it might still get disabled by usage of certain add-ons, I remember I had to force it to stay enabled).

On performance, in the past it felt sluggish, but now Firefox is fast and for my usage patterns it uses less memory than Chrome.

And one thing I really love is the Awesome Bar, which is a pain point every single time I open Chrome. I have a lot of websites I need to return to and in Chrome I end up searching on Google far more than I should. I guess that's the biggest difference between Firefox and Chrome, as Mozilla does not feel obligated to shareholders to extract ads clicks from you (although I hope that whatever they do keeps them afloat).

Also, tab management. I installed "Tab Center" from the Test Pilot and it's awesome. The experiment is now over unfortunately and the code itself for Tab Center isn't compatible with WebExtensions, but there's work going on to port it and that highlights that Firefox's WebExtensions will be more flexible than Chrome, if they aren't already.

But in the end I actually care more about trusting my browser and its maker to protect my interests. I actually trust Google more than I trust other companies, but something feels very wrong for a company to have so much leverage on me. Which is why, as long as I have a choice, I'll always prefer Firefox over Chrome, or Safari, or Edge.

AdmiralAsshat 3 days ago 2 replies      
> It baffles me that some people thinks Firefox is becoming a Chrome clone, its just not the case, its just plain silly to make such statement.

That's probably the single most reassuring statement about Firefox that I've heard in some time, coming from a serious dev who makes a popular cross-platform addon for both Firefox and Chrome.

yborg 3 days ago 9 replies      
I found this disturbing:

"Chromium-based browsers are being infested by Instart Logic tech which works around blockers and worst, around browser privacy settings (they may start infecting Firefox eventually, but that is not happening now)."

From his linked post:

"Instart Logic will detect when the developer console opens, and cleanup everything then to hide what it does"

Is this implemented via a CDN-delivered script? Why would Chromium-based browsers be more susceptible?

nachtigall 3 days ago 1 reply      
To add to the list:

* You can run the uBlock Origin on Firefox for Android: https://addons.mozilla.org/EN-US/android/addon/ublock-origin...

Afaik there's no ad-blocking extension for Chrome for Android which I find pretty telling. I'm using Firefox on Android and the ad-blocking (less traffic, less blink-blink animations and less CPU consumption) make mobile browsing a night-day difference

penpapersw 3 days ago 2 replies      
Huh. These actually sound like good arguments to switch to Firefox, arguments I've never heard before until now.
Hasknewbie 3 days ago 2 replies      
Slightly OT: is that what a 'Discourse' page looks like? It's pretty awful: it will automatically update the URL as you scroll past each post in any direction, while breaking the Back button, so good luck getting back to the original post, since neither clicking on Back nor reloading the page will get you there. Basic UX failure.
wyc 3 days ago 3 replies      
Keep in mind that it's not within Google's incentives to facilitate ad-blocking and prevention of tracking. After all, that's where the lion's share of their revenue comes from. However, Mozilla is free to actively support such efforts.
albertgoeswoof 3 days ago 5 replies      
Firefox is coming back, finally- I think their market share is at the bottom and we'll see a big uptake over the next couple of years.
kasabali 3 days ago 1 reply      
uBlock Origin on Firefox would be more powerful than uBlock Origin on Chrome, but does it mean that uBlock Origin webextension on Firefox will be as powerful as uBlock Origin "legacy" Firefox extension ?

This is a post of gorhill from the last months Firefox - Google Analytics fiasco:

> Legacy uBlock Origin can block the network request to GA.

> However webext-hybrid uBO as per Network pane in dev tools does not block it. Same for pure webext Ghostery, the network request to GA was not blocked, again as per Network pane in dev tools.

> What is concerning is that both uBO webext-hybrid and Ghostery report the network request to GA as being blocked, while it is really not as per Network pane in dev tools. It's as if the order to block/redirect the network request was silently ignored by the webRequest API, and this causes webext-based blockers to incorrectly and misleadingly report to users what is really happening internally, GA was not really blocked on about:addons, but there is no way for the webext blockers to know this and report properly to users.


jancsika 3 days ago 0 replies      
Couldn't the devtools listener shenanigans be solved merely by putting a "pause" button in the browser chrome (possibly through an extension)? Browsers are already throttling CPU usage when the tab isn't visible, so it doesn't seem like it would be too difficult to just throttle to 0 with a toggle.

Even better-- have the pause button in devtools window, "pause" by default when you open devtools, and then unpause once something gets mutated/re-layout'd.

I guess you'd still need to protect the devtools shortcut key so that any DOM shenanigans are guaranteed to get invoked after the devtools listener. But browsers already have all kinds of crazy edge-cases in the name of security (e.g., no manual triggering of <select> menu). Keeping polymorphic worms from corrupting the devtools state seems rather important by comparison.

mnarayan01 3 days ago 0 replies      
> It baffles me that some people thinks Firefox is becoming a Chrome clone, its just not the case, its just plain silly to make such statement.

If you use a much narrower definition of "clone" than is typically used in this context, then sure. If, however, you use "clone" a bit more flexibly, and note the word "becoming", then it's a different story. That's not to say that Firefox won't be better than Chrome, and it's certainly not to say that it won't have any advantages over Chrome, but it is giving up some of its major current advantages.

YouTube AI deletes war crimes evidence as 'extremist material' middleeasteye.net
638 points by jacobr  23 hours ago   287 comments top 43
Hasknewbie 22 hours ago 14 replies      
Youtube's response regarding one of these videos documenting abuses (emphasis mine):

> "we've determined that your video does violate our Community Guidelines and have upheld our original decision. We appreciate your understanding."

Can someone explain to me why corporations, when interacting with customers regarding complaints/appeals, seem to have "don't forget to add insult to injury" as one of their motto more often than not? Does that kind of patronizing tone sound polite to the ears of a PR drone?

jacobr 22 hours ago 5 replies      
Also see this Twitter thread: https://twitter.com/EliotHiggins/status/896358097320636416

> Ironically, by deleting years old opposition channels YouTube is doing more damage to Syrian history than ISIS could ever hope to achieve

> Also gone are the dozens of playlists of videos from Syria I created, including dozens of chemical attacks in playlists by date

> Keep in mind in many cases these are the only copies of the videos, and in some the channel owner will have died, so nothing can stop it

nnq 4 hours ago 5 replies      
Maybe people should get their shit together and realize that true free speech include allowing videos that seek to recruit people into despicable organizations be available! Yeah, even Hitler had a right to say what he thought and it'a a good thing he had it, despite the consequences that ensued.

The problem that needs to be solved is how to educate people into not being lured into those organization DESPITE having access to those materials... This kind of censorship is just as STUPID as banning drugs like heroin and cocaine (instead of just making them unavailable to children, or without a "license") or the "war on drugs".

Imho the problem comes from the fact that corporations try to hard to be "democratic" about things and "please the majority". But this is not a good idea: sometimes the majority of 99% is against freedom, and they are wrong, despite being the 99%. And the majority should be opposed and freedom protected even when the cost is someone's blood. For me personally, there are these words from my native country's national anthem: "life in freedom or death [for all]"... and I will sure as hell fight, die or kill for them.

AdmiralAsshat 22 hours ago 5 replies      
It was folly to think that YouTube would be a safe place to document war crimes. YouTube is a distribution channel, not a preservation channel. Its ease of use certainly makes it an attractive option to upload things quickly, but anything of historical significance should have the video raws immediately turned over to a human rights organization for preservation.
cisanti 22 hours ago 0 replies      
I have (had) a channel that had videos about missing people, their last sightings on CCTV etc. The parents of a missing person even used an embed video on their site of a CCTV footage. They emailed me if I still have the video because they need it.

YouTube banned the whole channel for extremist/hateful content. Probably some of the videos/titles told the AI that the footage is extreme or some sort of glorification.

I appealed on some form but don't even bother anymore.

I hope YouTube as a video platform (not streaming) gets a serious competitor.

Iv 13 hours ago 1 reply      
During the Arab Springs I suspected many police violence video would be deleted from Youtube. I had downloaded them to my server and posted everywhere the links for people to mirror them. Not a single person did yet.

I have been amazed at the little importance people put on this kind of video. You have video evidence of crimes with faces appearing clearly. It can take 5 to 10 years for such events to calm down enough to reach a point where crimes can be prosecuted.

And it is hard to blame youtube for that. They are considered the channel for Lady Gaga and silly cats video. Hell, I know 3 years old toddler who browse youtube unsupervised.

In many places Youtube is criticized to promote violence and extremism by leaving these videos. I feel bad for them, they are between a hammer and a hard place.

I just hope that the censored video are not totally deleted from their servers. They should have someone reviewing criminal videos and keeping them at the disposal of judicial authorities but even that opens a whole can of worms: do you obey only to US authorities (who do not care about war crimes in other countries)? Do you obey all world authorities including Saudi and Chinese?

Anyway, that's youtube's problem, not ours. Simply, helping prosecute war crime is not part of Youtube's mission, so do not trust them for it. To anyone who feels this is important content, use youtube-dl and keep backups. Make torrents of it, share it around, make sure it does not disappear.

And when some NGO finally realize that this content is precious, pump up your upload bandwidth and fill their servers.

mnm1 22 hours ago 0 replies      
Such AI coupled with the inflexible policies of companies like Google and Amazon is already starting to be a problem and will only get worse as it's deployed more broadly. Accounts are closed without recourse for invalid reasons and their owners treated like violators. Short of a law requiring explanations and an appeal process, I don't see this situation getting better ever. Yet another reason not to trust these companies or use their services that require creating accounts and agreeing to their bullshit TOS.
alexandercrohde 17 hours ago 2 replies      
To me, if you want to regulate controversial opinions, you have to err strongly to the side of too-open.

Remember, before the declaration of independence our founding fathers were terrorists/rebels. I don't mean this as a snappy hollow comparison. I'm saying fundamentally, you can't distinguish between a US soldier recruitment video and an ISIS soldier recruitment video without applying a moral context. How would an AI ever do this? And even if it could, who's moral retelling is the right one?

Better in my mind to stay out of the censorship game altogether and promote a forum that is inherently structure in a format that incentivizes accuracy over emotions.

AmIFirstToThink 15 hours ago 3 replies      
Why not create a setting that allows user to see YouTube as sanitized by their AI or all content?

Allow people to chose content level just like they choose security level in browser settings.

1. Legal content. May include content that violates YouTube content policy, but is legal in USA, or the country of the viewer. Maximum freedom of speech and maximum ability to see content that you may find offending.

2. YouTube content policy met. Content that is legal and meets YouTube Content Policy.

3. Legal, Meets YouTube content policy, Meets a certain org's taste. Like when you can pick a charity that you can donate to when you shop on smile.amazon.com. You can select the org whose bubble you want to live in. ADL, Focus on Family, Skeptics etc. The org bans content and it only is banned for people who opt into that blacklist on youtube.

4. When user is not logged in they get AI filtered list but can select "all legal" or "all that meets content policy" filters, even when logged out. All others bubbles available to logged in users only.

Advertisers can opt into certain bubble if they want, or opt out of certain content e.g. content deemed inappropriate by the AI?

How does that sound YouTube?

Doesn't the government security agencies want to know who is watching extremist content and who is not interested in it? How would we know who the extremist are if they fall back to person to person, in person, communication?

013a 22 hours ago 1 reply      
YouTube is balking at their own size. They're discovering what should have been obvious to anyone; the sheer amount of content entering their centralized system is impossible to moderate in any fair way. The only way they can manage is (A) prioritize quality moderation toward channels which are more popular, and (B) enforce the most bland, vanilla experience possible.

They need to moderate because they are centralized, and their revenue demands it. We, as a society, need to create a better option. Not just another YouTube, but a seamless decentralized solution.

userbinator 21 hours ago 1 reply      
Yes, I could see how that classifies as "extremist material", but that's no reason to delete them...

IMHO the gradual increase of (self-)censorship in the popular Internet is worrying --- one of the most compelling things about the Internet as it existed was that, from the safety of your own home, you could see and experience things that would otherwise be impossible to access. Now it seems it's turned into a massively commercialised effort of "curating" content so that it doesn't offend anyone, and only results in more profits for advertisers.

tetromino_ 1 hour ago 0 replies      
Often there is no difference between war crime evidence and war crime glorification that machine learning could discern. Exactly the same content could be interpreted as "look at us do great things in defense of our noble ideals!" and "look at these monsters do horrific things for no justifiable reason!".

The difference is in the audience's mindset - which is only partially influenced by the uploader's intentions, and partially by how other pages and channels link to the video and present it, and partially by historical context (the same content can acquire a different interpretation five years down the road). Machine learning cannot be expected to emulate that.

Alex3917 22 hours ago 5 replies      
Since my understanding is that covering up a war crime is itself a war crime under Complicity doctrine, could Google executives get charged for this in The Hague?
monocasa 22 hours ago 1 reply      
Have they checked with YouTube to see if the files are actually deleted?

Like just because their gateway won't give you access to it doesn't necessarily mean that the bits have been scrubbed on the back end.

Also: here's a project to archive this information.


Anagmate 4 hours ago 0 replies      
I feel like YouTube uses its monopoly to create a walled garden focused on (in their own words) advertiser-friendly content.

The thing is, it makes perfect sense from their side - they will make people angry, but why would they bother if those people can't go anywhere else?

I'm starting to feel that a competitor providing the same quality of service while allowing all kinds of videos has a chance to succeed. It's OK to have both child videos, porn and Syrian documentation, as long as you can filter - maybe have some sort of a "curiosity" slider that filters child content on one side, YouTube content in the middle and all content to the other side. Also some category toggles,... If you're unhappy with the current selection, just take a few minutes of your time and change your preferences.

greyman 4 hours ago 0 replies      
As I understand it, this is the result of Google itself having quite a strong political opinions, at least recently. They profiled themselves as being leftist/progressive... their software just enforces this.
brndnmtthws 22 hours ago 2 replies      
If you use YouTube, you are subject to the whims of that private corporation, regardless of whether it's right or wrong.

They should find a way to host the content somewhere else.

raverbashing 22 hours ago 1 reply      
Why are people storing evidence on Youtube again?

Not blaming the victim, but at this point most of Google services have not shown to be reliable, especially if you require some kind of thinking human behind a decision

immanuel_huel 5 hours ago 0 replies      
This was to be expected. All history books are written this way. History books are government propaganda. History books do not document the truth. History lessons are nothing but propaganda. So history at school is nothing but learning government propaganda.
anotherbrownguy 18 hours ago 0 replies      
Given that all of the videos happen to be anti-ISIS... and YouTube happens to be owned by an evil empire in bed with American military industry which created ISIS... the AI must have figured out that the videos could be a threat to its masters.
AmIFirstToThink 18 hours ago 1 reply      
What did they train the AI on to deem something 'extremist'?

Should we get to see the training data used and labels?

Or is this the modern day equivalent of credit score algo, something that can have huge impact on lives, but you are not allowed to know what it is.

This is bad.

ajarmst 10 hours ago 0 replies      
YouTube does not seem to me to be an appropriate medium for "war crimes evidence". Evidence needs documented provenance, chain-of-custody, storage integrity, affidavits, etc etc. Why does this evidence need a high-bandwidth publicly accessible and searchable interface? For what purpose?

To be honest, if you have evidence of a war crime, I hope your plan to seek justice doesn't depend on Youtube.

dandare 6 hours ago 0 replies      
I am very concerned about Google using AI to filter hoaxes from search results. Government testing syphilis on black population or selling drugs to fund terrorism? That must clearly be a hoax, right?
dickbasedregex 22 hours ago 1 reply      
Screw YouTube's automation across the board. It's horrendous and lazy.
carvalho 20 hours ago 0 replies      
War crime evidence can also be extremist material. It is often repackaged as propaganda to rile up new troops.

Give evidence to the courts or police. Don't upload it to a video entertainment site and expect it to stay up, despite skirting their rules.

snakeanus 20 hours ago 0 replies      
It seems that we really need to find a new distributed/decentralised censorship-resistant way to distribute videos.
bedros 20 hours ago 0 replies      
very related to this article about facebook [0]

corporations control what info passed to people, and create their own version of reality, but blocking what they don't agree with.

I know it's AI, but seems that google appeal agrees with AI decision.

people should read Noam Chomsky's Manufacturing consent book, here's interview about it in 1992 [1]

[0] https://news.ycombinator.com/item?id=14998081

[1] https://www.youtube.com/watch?v=AnrBQEAM3rE

ajb 20 hours ago 0 replies      
Douglas adam's 'Peril sensitive sunglasses' are nearly here.
floatingatoll 19 hours ago 0 replies      
In case it's not already apparent, there's a business opportunity here for someone to automate "set up an S3 bucket and host videos in it" as an app that uses an API key, so that you simply provide the key to the app and it manages your video collection, gives you a UX to it, and charges you a fee per month.
StreamBright 7 hours ago 0 replies      
Torrent based Youtube alternative when? I think the technology is ready to move all of the content to a distributed system where it cannot be censored.
mirimir 8 hours ago 0 replies      
So does YouTube want to look like an ISIS supporter? Or at least, that it doesn't approve of criticizing ISIS?
mtgx 21 hours ago 0 replies      
I remember when I used to like - no, love - almost anything Google did.

That seems like such a long time ago. Since then my attitude has changed to being mostly hostile towards Google, with every such event.

Google should have never entered the "content game" and should have remained a neutral search and distribution (YouTube) platform. Once it went down the path of being a content company, it started "compromising" in all sorts of ways that were terrible for its users.

I wonder if the higher-ups have even noticed this change in attitude towards them, and if they did, then they've probably decided that making money is more important even if they become the Comcast of the internet (most hated company).

mschuster91 22 hours ago 1 reply      
Once again, the only hope for customer service seems to be a (social) media shitstorm.

Seriously, Google, Twitter and FB massively need to ramp up their customer service and not externalize the costs of a lack of support onto society any more. And there are many "costs": people being actively harrassed and intimidated, sometimes so far they are afraid leaving their house, due to hate speech or doxxing, a loss of historically relevant information as in this case, people locked out of vital emails or their businesses (e.g. when their Gmail account gets closed due to copyright violations on Youtube)...

cyanexttuesday 15 hours ago 0 replies      
Google is seemingly more and more a regular almost evil corporation.

I miss the days of "don't be evil".

davidreiss 2 hours ago 0 replies      
Thank you WSJ, NYTimes and the traditional media for pressuring youtube, facebook, reddit and social media to censor.

People aren't aware that for the past few years, traditional media and social media has been battling behind the scenes over content, narrative and censorship. It was a major war going on that the public was simply unaware of. Suffice it to say, traditional media won.

It is amazing how a select group of news organizations and their editors and journalists can use their bully pulpit to intimidate certain industries.

TheRealPomax 22 hours ago 6 replies      
To be fair, YouTube is under no obligation to some greater good; it's just a video hosting service. Expecting it to "preserve footage" and any footage at that, is a strange expectation.
ekianjo 13 hours ago 0 replies      
Is it possible to host such videos on archive.org ? is that a valid option?
chinathrow 18 hours ago 0 replies      
The revolution will not be televised.
devpalmari 7 hours ago 0 replies      
hope YT did a soft-delete on those files...
wyager 22 hours ago 1 reply      
YouTube is a really horrible service for content creators. For this type of content, you're practically probably best off with LiveLeak (which, incidentally, seems to be a much better source of breaking news than YouTube these days). Ideally, we'd all switch to LBRY or some sort of IPFS video distribution or something, but that will take time.
redthrowaway 8 hours ago 0 replies      
One of the most interesting developments in AI will be watching how we respond to human rationality detached from human morality. Programs that optimize for practical outcomes are going to come up with a whole host of solutions that we consider abhorrent, not least because the mere notion that that solution is a practical one riles our sensibilities.
AmIFirstToThink 21 hours ago 3 replies      
And, come to think they had me convinced that this was not going to happen for few decades.

I think YouTube went down pretty fast and without fight. The ideological takeover of Facebook and Twitter raged on for few years. I think YouTube was taken over literally overnight. I remember being appreciative of YouTube just a few days back.

Guess, time to cancel my $15 Youtube Red Family membership. Ugh, I really hate ads on YouTube. And I was happy to give my $15 month over month. But, I can't fund Youtube anymore given what they are doing. $15 to Youtube, $10 to NetFlix, $10 to Amazon, with $35 a month, I can sponsor ton of content on Patreon that I like. My subscription list on YouTube is not 35 people long, I think it would work out.

Never ever I thought I would type these words... break up Google and Facebook and Amazon.

crusso 21 hours ago 7 replies      
should be required by law

If your videos don't pass the algorithm, post them somewhere else rather than reaching for the government hammer.

Youtube/Google has every right to run their business of posting or denying video content the way they see fit without justifying it to you, free user of their service.

If you think they're making a bad business decision and that there's a need for a video service that gives great explanations when they deny your videos, start such a service.

Salesforce fires red team staffers who gave Defcon talk zdnet.com
696 points by stevekillian  3 days ago   287 comments top 11
defcontalks 3 days ago 6 replies      
I was one of the people that was there when it happened. My coworkers and I were asking one of them questions after the talk. The goons were kicking us out of the rooms because it was the last talk of the day and they wanted People to leave. We were talking in the hallway and asking him questions when we ran into the other presenter there(And people were asking him questions too). Anyway few mins later I see our old executive walk to them and tell them they have to talk. They started walking and talking but it was right in the open and you could pretty much hear them. They end up stopping and looks like they were trying to defend themselves. Few mins later the executive leaves and the end up walking back to the group that was still waiting to ask them questions (including us). They had been fired effective immediately.

The executive is Jim Alkove. He is a moron and our security org has completed revamped after he "left" to join other companies. All the recent advancements in Microsoft security/Win10 were because we no longer had a leader like him.

Feel sorry for these guys.

phobeusappola 3 days ago 4 replies      
If you're close to the Silicon Valley tech community you know the Salesforce datacenter organization and recently security organization has been taken over by many ex-Microsoft executives who are fairly clueless when it comes to security.

This has left the security organization mired in internal political turmoil and has triggered the exodus of most intelligent security professionals from the organization.

This situation appears to be a case of the new and confused security executive mentioned in comments on this thread over reacting.

I say "confused" because for the presenters to get this far they obviously has gone through levels of approval for the talk and presented material internally. This talk was indeed presented before at the Chatham House Red Team Summit in SF where many tech company Red teams were present and code released to some collaborating parties. If you don't know what is going on in your own organization with your directors you are confused.

I say "over reacting" because any decent security executive knows you can't ask a team member to pull a Defcon talk on extremely short notice as it would be damaging to their personal reputation in the community. Firing them for not pulling the talk is completely idiotic as it's likely burn the organizational reputation with the security community. It was likely just a snap decision by said confused executive who did not understand the ramifications of his decision. If you fire someone after they get off the stage at Defcon you more than likely have overreacted.

Sadly these are the types of this that happen when you have poor leadership at high levels. I feel bad for the good security folks still left at Salesforce who have to tolerate this garbage. Luckily there is a massive demand for good security professionals so they should have no trouble finding other employment, hopefully with competent leadership.

kafkaesq 3 days ago 3 replies      
The unnamed Salesforce executive is said to have sent a text message to the duo half an hour before they were expected on stage to not to give the talk, but the message wasn't seen until after the talk had ended.

Which said unnamed executive should have known was patently unreasonable to expect to be received and read in time.

Sounds like a failure in basic communication, somewhere in the organization. And if someone in the C-level feels they need to intervene at the last minute to set things straight -- this very strongly suggests point source of the failure was most likely somewhere in the middle layers (or at the C-level itself) - not with the frontline engineers.

But which at Salesforce is apparently no protection against getting hung out to dry.

Especially when we read the parts about "The talk had been months in the making" and that the executive pulled the plug at the last minute "despite a publicized and widely anticipated release."

rsj_hn 3 days ago 8 replies      
I was not at the conference and have no first hand knowledge of what happened.

But before everyone gets on their high horse, please pause to reflect:

This was all company work product being presented by company employees who were on a company funded conference trip. Therefore there is an approval process for vetting presentations as well as a legal process for opensourcing code. This is standard practice at all companies.

Now what do you think is more likely: That the PR department would approve of a talk titled "meatpistol" (FIXED) (have you seen the slides?) and the legal dept would approve of open sourcing the code and then at the very last minute both groups would change their mind and try to pull the talk, or that the presenters never got the OK in the first place, the company found out at the last minute, asked them to pull the talk and they refused?

How likely is it that they would get official approval for their talk under a "Chatham's rules" meeting in February to for a presentation <strike>in August</strike>at the end of July? Isn't it more likely that they got some initial approval for a talk in February, but that PR still wanted to vet the actual slides in <strike>August</strike>July? (I'm assuming that the slides were made after February.) Which PR department gives approvals like that? What legal department works this way? In my experience, stuff like this happens at the last minute, because that's when you're finishing your slides (as well as your code), and generally PR is going to ask that you make some changes to your slides and they will want the final copy before signing off. Now maybe I'm wrong and the article is correct, but I think it's unlikely.

Moreover given that Salesforce can't talk about this matter, who do you think is the source for the article and whose side are you hearing?

The last few days have really highlighted how quick people are to pile on with outrage and self-righteous indignation before getting all the facts.

tptacek 3 days ago 1 reply      
It's probably way too early for us to know what's really happened here. If you're unfamiliar with this stuff, you should know that Salesforce has a large and relatively savvy security team, including people who have presented at offensive security conferences in the past.

There's a lot of weirdness in the reporting here; for instance, the notion that Salesforce management had a meeting with members of their own team under "Chatham House rules".

Johnny555 3 days ago 2 replies      
Seems like a bad idea for a public SaaS company that relies on trust from customers that their data is secure to piss off their own offensive security team by firing them suddenly without even a warning received.

I expect that lots new Salesforce vulnerabilities will be discovered and disclosed.

djrogers 3 days ago 0 replies      
Much of the talk on this is about wether it not SFDC has a right to do this, or if its legal. Frankly thats all immaterial - this sounds like a perfect way to either lose most of your security staff over the next 6-8 months, or get yourself fired. Not sure the exec in question was planning on either of those outcomes, but they are the most likely.
just2n 3 days ago 0 replies      
That seems like a tad bit of an overreaction on Salesforce's part. The only mismatch here was the expectation set around the availability of the tool's source? So yeah, it was clear the tool is owned by Salesforce and ultimately something like that is decided by the company, but saying you're going to "fight to have it open sourced" and advocating to have tooling you build be shared outside of your company doesn't seem like a fireable offense to me. Look at what it's done for companies like Facebook and Google.

What the hell, Salesforce? This looks bad. There's either more to the story or this is just extreme knee jerk.

whatsmyhandle 3 days ago 1 reply      
EEK. When speaking in front of a large audience, it's generally a good idea to either mute your phone, or ditch it entirely before you get up onstage.

To get canned for not responding to a text message 30 minutes before a talk - which you were already approved for - seems terribly unfair and a decision probably made in the heat of the moment.

soft_serve 3 days ago 3 replies      
Most people at Defcon use a "burner phone" (a cheap supermarket feature-phone) while there. Nobody who is sane would turn on their work phone anywhere near the Defcon conference. I go there every year with a throwaway phone and laptop.

So nobody will see a text message in a timely manner, unless they knew the burner phone number.

0xfeeddeadbeef 3 days ago 2 replies      
Oh, the irony! Months before he was fired, in his talk [1] at QCon London 2017 (March 5-7), Josh Schwartz jokingly said: "I am going to tell some stories and hopefully I won't get fired for sharing this stuff but we'll see how it goes".

[1] How to Backdoor Invulnerable Code: https://youtu.be/EGshffkzZsY?t=680

DeepMind and Blizzard Open StarCraft II as an AI Research Environment deepmind.com
601 points by nijynot  3 days ago   269 comments top 21
qub1t 3 days ago 11 replies      
A lot of people here seem to be underestimating the difficulty of this problem. There are several incorrect comments saying that in SC1 AIs have already been able to beat professionals - right now they are nowhere near that level.

Go is a discrete game where the game state is 100% known at all times. Starcraft is a continuous game and the game state is not 100% known at any given time.

This alone makes it a much harder problem than go. Not to mention that the game itself is more complex, in the sense that go, despite being a very hard game for humans to master, is composed of a few very simple and well defined rules. Starcraft is much more open-ended, has many more rules, and as a result its much harder to build a representation of game state that is conducive to effective deep learning.

I do think that eventually we will get an AI that can beat humans, but it will be a non-trivial problem to solve, and it may take some time to get there. I think a big component is not really machine learning but more related to how to represent state at any given time, which will necessarily involve a lot of human-tweaking of distilling down what really are the important things that influence winning.

JefeChulo 3 days ago 8 replies      
"so agents must interact with the game within limits of human dexterity in terms of Actions Per Minute."

I am really glad they are limiting APM because otherwise things just get stupid.

dpflan 3 days ago 1 reply      
Related: Today I learned that a group of AI researchers has released a paper called: STARDATA: A StarCraft AI Research Dataset. According to one of the authors: "We're releasing a dataset of 65k StarCraft: Brood War games, 1.5b frames, 500m actions, 400GB of data. Check it out!"

> Article: https://arxiv.org/abs/1708.02139

> Github: https://github.com/TorchCraft/StarData

siegecraft 3 days ago 3 replies      
The API Blizzard is exposing is really nice. Sadly most of the advantages AI had in SC1 were just due to the fact that an automated process could micro-manage the tasks the game didn't automate for you (a lot of boring, repetitive work). SC2 got rid of a lot of that while still allowing room for innovative and overpowered tactics to be discovered (MarineKing's insane marine micro, SlayerS killing everyone with blue flame hellions, some more recent stuff I'm sure from the newest expansions). Hopefully the API lets AIs converge on optimal resource management and get to exploring new and innovative timings, transitions, army makeups, etc.
hitekker 3 days ago 7 replies      
This seems all in good fun but I wonder if it's come too late.

Starcraft 2 is at its twilight.

The biggest leagues of South Korea have disbanded. [1] The prolific progamers who transitioned to Starcraft 2 have gone back to Broodwar. [2]

Blizzard itself has scrubbed all references to Starcraft 2 on the very home page of Starcraft. [3] Except for the twitter embed, it has only only one "2" character... in the copyright statement.

My take is that the future for the Starcraft franchise will be through remastered and potential expansion packs following it.

Starcraft 2 had a good run but, with the entire RTS genre stagnating [4], I don't think Blizzard wants to bet on anything less than the top horse.

[1] https://www.kotaku.com.au/2016/10/the-end-of-an-era-for-star...

[2] http://www.espn.com/esports/story/_/id/18935988/starcraft-br...

[3] http://starcraft.com

[4]http://www.pcgamer.com/the-decline-evolution-and-future-of-t... (Aside from MOBAs)

SiempreZeus 3 days ago 2 replies      
It's a bit too bad they're having to move towards supervised learning and imitation learning.

I totally understand why they need to do that given the insane decision trees, but I was really hoping to see what the AI would learn to do without any human example, simply because it would be inhuman and interesting.

I'm really interested in particular if an unsupervised AI would use very strange building placements and permanently moving ungrouped units.

One thing that struck me in the video was the really actively weird mining techniques in one clip and then another clip where it blocked its mineral line with 3 raised depots...

arcanus 3 days ago 1 reply      
I also want to see the algorithm win on unorthodox maps. Perhaps a map they have never seen before, or one where the map is the same as before but the resources have moved.

Don't tell the player or the algorithm this, and see how both react, and adapt. This tells us a great deal about the resiliency of abilities.

ktRolster 3 days ago 5 replies      
When Watson won at Jeopardy, one of its prime advantages was the faster reaction time at pushing the buzzer. The fairness of that has already been hashed out elsewhere, but.....

We already know that computers can have superior micro and beat humans at Starcraft through that(1). Is DeepMind going to win by giving themselves a micro advantage that is beyond what reasonable humans can do?

(1)https://www.youtube.com/watch?v=IKVFZ28ybQs as one example

daemonk 3 days ago 2 replies      
Blizzard should put in an AI-assisted play mode where players are limited to X lines of code that can be launched with keyboard commands.
arnioxux 3 days ago 0 replies      
Are there any known arbitrary code injection for starcraft? Like how you can use a regular controller to reprogram super mario world to play pong?



Is this how we are going to accidentally let AGI loose into the world!? /s

On a more realistic note I think this will degenerate into a game of who can fuzz test for the best game breaking glitch. Think of all the programming bugs that turned into game mechanics in BW that we haven't discovered for SC2 yet: http://www.codeofhonor.com/blog/the-starcraft-path-finding-h...

krasi0 3 days ago 1 reply      
The StarCraft 1 BroodWar AI scene has been thriving for a few years now: https://sscaitournament.com/ You can watch 24/7 live AI vs AI games on Twitch at: https://www.twitch.tv/sscaitSupport for voting on who to play next and even a betting system are in place, too. For those who wish to get their feet wet with BW AI development, here are the Java / C++ tutorials: https://sscaitournament.com/index.php?action=tutorial
siliconc0w 3 days ago 0 replies      
The SCAI bots I've seen are more hardcoded tactics engines rather than machine learning models. They're still impressive, but their logic isn't quite 'learned' it's hand coded which is a crucial difference.
Lambent 2 days ago 0 replies      
It's not like this is going to create fantastic AI.

Keep in mind there's been an amateur AI project for broodwar for almost 7 years now. Even after such a long learning period, the games are very primitive, and the AI's still couldn't pose a threat to even a beginner human player. Sometimes the games take hours. Trying to build strategy and decision making into an AI is incredibly complicated. There have been teams working at the SSCAIT for many years now, and the product is still fairly primitive.

So what CA did was instead write up a simpler AI that mimics strategy and decision making. We all know it's not great, but I'd be really skeptical that 3rd parties would magically create an AI that can think strategically.

convefefe 2 days ago 0 replies      
I thought this was already happening. Right after AlphaGo beat Lee, I remember hearing about it. Did they give up on having their AI playing SC2? I wondered if that would work, since it seemed to take turns in Go at the same speed as a normal player, I wondered if it was trying to compute the most likely winning move each turn and the late game implications of those moves. If it tried that in a fast paced game how it would deal with the speed. It obviously would need to develop a pattern of pre-baked strategies that would win it the game. Would it play the same build every round or would it realize that changing things up each match wins it more games?
Companion 2 days ago 0 replies      
It's a bit too bad they're having to move towards supervised learning and imitation learning.

I totally understand why they need to do that given the insane decision trees, but I was really hoping to see what the AI would learn to do without any human example, simply because it would be inhuman and interesting.

I'm really interested in particular if an unsupervised AI would use very strange building placements and permanently moving ungrouped units.

One thing that struck me in the video was the really actively weird mining techniques in one clip and then another clip where it blocked its mineral line with 3 raised depots...

Havoc 3 days ago 1 reply      
That's surprising. I thought Bliz didn't want anyone near sc2 but approved of sc1 being used for this purpose.
hacker_9 3 days ago 1 reply      
There's something funny about a company that is actively developing bleeding edge AI technology, but who can't design a webpage that works on mobile without crashing.
JabavuAdams 2 days ago 0 replies      
When I used to play a lot of StarCraft, and then later with Total Annihilation, I wished for the ability to customize the AI.

So then BWAPI came along ... and ... AI is hard. The best SCBW bots are still pretty pathetic compared to a human player, never mind an expert human player.

Outrageous 2 days ago 0 replies      
Novice here: I really want to try this Starcraft API but I don't know how to start. I believe this uses more reinforcement learning and agent-based models (which honestly I am not familiar with yet) What are good papers to get started on this?
Ntrails 3 days ago 0 replies      
I'd be really interested in how differently tiered data sets (ladder rank) would work as sources for teaching.

Is it possible that training on diamond players is less effective than training on, say, silver? Is that actually even an interesting thing to look at?

ipnon 3 days ago 3 replies      
Any predictions for how long it will take for an AI to win against the world's best player?
SoundCloud saved by emergency funding as CEO steps aside techcrunch.com
536 points by janober  1 day ago   207 comments top 31
WisNorCan 1 day ago 4 replies      
I am surprised that the majority of commenters believe that this marks the end of SoundCloud. SC just secured $170M in new funding with $100M revenue run rate. They have a product that many users and creators love. The new CEO is a Harvard Business School grad with experience as CEO of Vimeo, a similar media business. He brought the COO of Vimeo with him. If SC can reduce cost (not knowing what the drivers are, it is unclear how easy that is), they might be able to reach profitability quickly. This might be the start of operating SC like a real company by a real operating team.

"The new management should provide some additional confidence. Id interviewed both Ljung and Wahlforss in the past, and neither had answers to the big questions facing SoundCloud about its product direction, business model, and the spurious copyright takedowns that have eroded its trust with musicians."

On the other hand, existing employees equity value is likely wiped out in the down round. They are underwater on strike price of options, face additional dilution from prior investors' anti-dilution provisions and now liquidation multiples/preference from investors.

BlackjackCF 1 day ago 7 replies      
Ooooh boy. This feels like the kiss of death for SC. So many startups hit this point and then get rescued at the 11th hour with more funding... on the condition of ushering in a new CEO and COO to try and pivot the company's direction. They completely change up the product and drive away the users, and the entire thing collapses like a house of cards.
thinbeige 1 day ago 5 replies      
Slightly OT: I understand how people feel about SoundCloud. But I am surprised that most of us exactly know what went wrong. They know what mistakes the management did and where the product should have gone. They know for sure how to lead employees, in good times and in bad times. They know when you should hire and when you should fire.

I wonder how many of us who are so fast in judging have really run a mid- or late-stage startup and know what they are talking about.

I know just one thing: Leading and managing people is a super tough job. We are not talking about leading a small team. No, it's leading a corporation and worse, managing investors who are chasing you night and day and playing power politics for years while being the nice daddy VC writing witty blog posts. And don't forget the three labels who blackmail you to death but are shareholders at the same time. Stuff nobody knows. We only know that Alex went to Burning Man and fired 173 people. So he must be a bad CEO having no clue of music, product and leadership. Of course.

It's easy to give good advice from outside. But it's so hard to understand what actually happens inside. All of us who managed just a small company know what I am talking about.

Managing machines, code or even a Kubernetes cluster is easy as pie compared to what the SC founders were going through the last years. Machines are predictable, humans are not. Just read Machiavelli's The Prince and get a notion of what people are willing and able to do to deal with other people. Backstabbing is their daily business and Game of Thrones is not that far away anymore from the life of a venture-backed CEO.

Not that I like Alex and Eric very much or what they did. Honestly, I don't care at all, I find SoundClound's products and the repetoire rather mediocre and I don't believe in online music as a healthy business model.

But I don't know any founders in Europe and in Germany who raised that big funds and could keep control for that long and the product still in an ok shape. Look what Travis is going through right now. For some who have never been in such a position, they just can't imagine how high the pressure and extreme the psychological stress is, how many ultra aggressive sharks are floating around you just waiting for one single mistake. Then, loosing control of everyhing happening in and around your organization happens quicker than you can think.

dchichkov 1 day ago 2 replies      
Sources from the company told us the layoffs had been planned for months, but SoundCloud still recklessly hired employees up until the last minute, with some being let go within weeks of starting. Employees told TechCrunch that the company was a shitshow with inconsistent

It's sad that the execs get free pass on ethics violations like these. And there are no consequences for these execs. And I don't understand why after such violations people still stay with the company.

forkLding 1 day ago 1 reply      
Can't SoundCloud be the recording studio that signs on popular and promising indie artists (such as SoundCloud rappers like Lil Yachty or XXXTentacion who have to promote on their own) and provide marketing, music production connections and management for them and in turn earn a royalty/cut.

This way it doesnt alienate its users but in turn empowers and supports those that people like?

Just my two cents, I could be totally wrong or that they do this already, happy to hear any feedback on this.

dpflan 1 day ago 5 replies      
Does SC help fledgling artists get "discovered" and get record deals (financing for their art)? Could an integration with something like Patreon help increase the value of using SC: first for creating content, then for allowing others to consume it.

Also, how has BandCamp done so well as an independent music service? Any lessons to learn there and to apply to SC?

dpflan 1 day ago 0 replies      
Probably worthwhile to link this HN post of SC's own announcement: https://news.ycombinator.com/item?id=14991071
nihonde 1 day ago 0 replies      
Yet another example of a great service that was killed by all the wrong kinds of licensing issues. Artists always saw the discovery potential in SoundCloud but bean counters just saw an opportunity to put the squeeze on.
sillysaurus3 1 day ago 5 replies      
This is what happens when a startup fails. The problem with SoundCloud is that Spotify ate their lunch. I'm not sure this is solvable -- it's like being second place to eBay. Trainor might not be able to do much unless he pivots the company Jobs-style, which isn't an easy feat.

I have to wonder why the VC sunk more money into SoundCloud. Do they see an opportunity we don't? Or is it politicking? Hard to tell.

bkanber 1 day ago 1 reply      
The article alludes to $169.5M raised at a pre-money valuation of $150M. I'm not sure I've ever seen a round like this take over 50%. Who knows what the future of the company will be, but one thing is for sure: it's completely investor-controlled now.
beebmam 1 day ago 4 replies      
Soundcloud offers an amazing service that benefits everyone that uses it. In a modern technologically competent socialist society, why can't something like this be run by the government?

The amount of art that would be lost if soundcloud actually shut down is tremendous. There's a public interest in keeping it around, in my opinion

myth_drannon 1 day ago 8 replies      
Programming at work will not be same without SC. 8 hours per day of productivity boost.
macrael 1 day ago 0 replies      
What role did Chance the Rapper play in this? When they were making chooses that they would shut down he reached out to the CEO personally, I know.
ulfw 10 hours ago 0 replies      
I can't see how keeping the co-founders on as Head of Product and Chairman respectively will help if the bad product decisions made (Soundcloud Go) were what basically brought Soundcloud down.
_lol 1 day ago 1 reply      
Can someone ELI5 how can a company raise a $169.5m at a valuation of $150m? How can they raise more than what the company is valued?
supernintendo 1 day ago 1 reply      
I've been saying this for years, SoundCloud needs some way for artists to monetize directly through the platform that doesn't involve advertising. Add a "support this creator" button to every page and take a cut like YouTube does with its Super Chat feature. I think they really missed out on this opportunity. Look at all of the podcasts that host on SoundCloud but monetize with Patreon, for example.
devmunchies 1 day ago 2 replies      
It would be interesting if SoundCloud implemented a Patreon model, where you can pledge $1-$100/month to an artist you like, and SC takes a small cut.
rakel_rakel 23 hours ago 0 replies      
To me it's weird, and very "bubbly" that someone would make an investment of this magnitude, at this stage, in a business that's proven as unsuccessful as SoundCloud.With this, and all the previously recieved/spent VC, do people investing like this actually expect to get their money back, and with profit?I can't wrap my head around that.strange times.
koolba 1 day ago 1 reply      
How much funding did they get and how much runway does hat provide?

I don't see it listed in either the TC article or any of the top level links.

pier25 1 day ago 0 replies      
Does it make sense to pour money to keep a sinking ship afloat?

Just like Twitter, if the service changes too much it might lose its only asset (the community) but if it doesn't change it will sink.

swampthinker 1 day ago 0 replies      
So SC will focus more on driving towards profitability now instead of growth. I wonder if SC will stagnate, or this cash infusion + new leadership will provide much needed stability.
ovrdrv3 1 day ago 1 reply      
If they do go down, I sure am going to miss that creamy react / redux front end... Amazing work by those devs!
exabrial 1 day ago 0 replies      
As a future feature, it would be pretty awesome to have SC be some sort of free DAW, or tools to help the musician create tracks, rather than just hosting.

That would be a differentiator between them and uploading to youtube with a static image.

nodesocket 1 day ago 1 reply      
It's funny how German banks/VC's did not step up to make an investment in one of the most visible tech German companies. Instead a New York based firm and Singapore firm did.
richardknop 1 day ago 0 replies      
I really don't like this. This looks like a death omen to me.

They will probably fire more employees, do 2 or 3 pivots to different business models and when that doesn't work out the company will die.

artursapek 1 day ago 2 replies      
How does SoundCloud need 173 employees to operate? I mean, they laid off 40% and nothing seems to have changed so they clearly didn't. I wonder why startups tend to run so inefficiently. Has recently happened to Twitter, Etsy, etc. I imagine the companies could still be a lot more lean staff-wise than they are.
rdiddly 1 day ago 0 replies      
"This financing means SoundCloud remains strong, independent and here to stay.

Independent? I beg to differ...

buryat 1 day ago 0 replies      
This article would suit Washington Post better
smegel 1 day ago 0 replies      
Wow for an in-browser music player that almost always doesn't work I am totally not shocked it is dying.
crispytx 1 day ago 1 reply      
Here's one of their problems: Check out their advertising page (https://advertising.soundcloud.com/). You have to contact them if you want to advertise on their platform. You ought to be able to upload your 15-second ad, provide your credit card info, and starting running advertisements... $$$
Eridrus 1 day ago 2 replies      
Does SC have ads? Would ads completely destroy the appeal? Could they not do the same free tier things as Spotify where you're largely paying to remove ads? Obviously not at $10/month, but maybe a few bucks. Could they license their content to Spotify/etc for ad-free play rolled into your existing subscription service?
Annual note to self: most of the world exists outside the tech bubble steveblank.com
527 points by chmaynard  1 day ago   315 comments top 6
unknown_apostle 21 hours ago 6 replies      
Working class people are being subjected to ultra efficient hypercapitalism, as in Uber drivers discovering they worked for free when they need to purchase a new car.

Meanwhile Wall Street has been bailed out 2 times in the last 15 years alone with monetary policy. How many people went to jail? (And they havent learned a thing, on the contrary and quite spectacularly so.)

If you want to know where the tech bubble comes from, dont think about the talent pool in SV.

Think 2008 and central banks. It's not normal for investors to accept visionaries wasting endless billions for years on end. Except when the availability of capital appears infinite and risk appears almost non-existent.

In contrast, a big group of people stagnate and even get squeezed. Not rich enough to enjoy the high life of the zero/negative yield world. Or to overcome decades of inflation. Not poor enough to just give up and go on food stamps.

Ultimately, its not about a tech bubble. Its about a credit cycle on steroids, held together with spit, rope and gum and massive moral hazard. Who gets access to the funny money first? And who will be left holding the bag?

bmwe30is 22 hours ago 16 replies      
>Some are rooted, embedded in their communities; and some are trapped because housing is unaffordable where the better paying jobs are. And the jobs that are high paying are not the jobs they built their lives on.

There's some texture and nuance to this statement. I remember on NPR, they interviewed a lady whom mentioned similar sentiments; her and her husband had built a family, worked in the blue-collar industry (precision machining) for decades, and now were losing their jobs. She also mentioned that they had been living in a small town for a long, long time.

That last part bothers me a lot. It seems a lot of people just don't want to move. Anecdotally I've moved nearly 6 times in the last 8 years. My parents have done the same.

People are stuck on this idea of living and dying in the same city once they buy a home or have children. That just isn't the case anymore.

Mobility and a willingness to learn new skills seems to prevail. It's what other generations have done, millions of immigrants (my parents included).

darod 22 hours ago 4 replies      
I wonder how long it will take for this thought to fade from Steve's mind once he returns to SV. It's easy for people come to these realizations after getting outside of their comfort zone but just as easily return to the status quo. I think one of the biggest myths about tech in general is that it's here to help people. It's really not. It's job is to remove barriers to make workflows more efficient, typically to the detriment of people, as they generally are that barrier. Once a company gets a robot/computer to do what a person does it's next logical step is to layoff those workers. You don't have to go to your summer home to see people are having hard times. You just have to walk down Market Street.
maxxxxx 23 hours ago 5 replies      
He should rename this to "Working outside the millionaire bubble". Plenty of people in tech feel the squeeze too. What it comes down to is that a lot of people with money have lost touch with the rest.
johngalt 23 hours ago 0 replies      
Being outside the tech bubble is hardly a desolate wasteland. Certainly many of you have friends and family outside of tech circles, and already know this. Tech is certainly a nice field filled with opportunity, more than many other professions at the moment, but there are often massive downturns in tech which make other careers suddenly seem much more compelling. Not to mention that no one asks if a 40 year old building engineer is still capable of being a building engineer.
bsaunder 21 hours ago 3 replies      
This is the use case for universal basic income. Its largely not their fault for their current economic situation. They played by the rules. They worked hard. If we could only remove the "necessity" of a job and the puritan shame of unemployment to live a moderate life of meager means. People should be encouraged to contribute to society not to simply "get a job".
Show HN: Extension-blocking domains removed by threat from other blacklists github.com
557 points by paulgb  1 day ago   141 comments top 27
cyphar 1 day ago 2 replies      
As the author notes, the Streisand effect at work. But more importantly, I am quite happy that someone actually decided to stand their ground and call the bluff of future malware distributors (sorry, advertising companies). I've seen the chilling effects the DMCA has had on reasonable discourse in the YouTube community, but it extending it to what people can block in their browsers is absolute insanity.
AdmiralAsshat 1 day ago 4 replies      
I'm a fan of "Code as protest", but it seems like the more practical solution would be to simply have a separately maintained domain list that could be easily integrated into the adblockers that already used EasyList.
dweekly 21 hours ago 2 replies      
FYI there appear to be a much longer set of Domains owned by this company, all of the same format of nonsensical word pairings.


0x10101 17 hours ago 1 reply      
Next step is to just build a script that parses the DMCA takedown notices here[1] and automatically builds a block list out of those domains.https://github.com/github/dmca
JackC 22 hours ago 1 reply      
As a legal fine point: the list I want isn't just "sites which have used DMCA takedowns to force removal from other blacklists," but more like "sites which allege that they are legally required to be loaded if embedded in other sites."

This would include all Admiral-owned domains (including those that haven't been included in DMCA takedowns yet), and all domains owned by any other companies that believe there is some legal obligation to load their trackers. It's an important list to have.

Echoing other comments, this list should be in a standard .txt form so it can be included by other extensions, so I can pick an extension that does what I want when it encounters such a site (e.g., decline to visit the page that embeds the site).

josteink 1 day ago 1 reply      
Firefox also supports webextensions.

Please consider publishing a version at addons.mozilla.org too.

The tool web-ext makes this almost effortless.


acdjuiamadfn 23 hours ago 1 reply      
Can we go one step further and block websites which serve contents from these domains? This would be good first step towards eliminating toxic advertisements.

We'll give up a bit first but may win eventually.

loeg 23 hours ago 0 replies      
Why not just distribute a list, like easylist, that can be added to existing extensions like uBlock Origin?
snakeanus 19 hours ago 0 replies      
I wonder, why is it an extension for a specific browser instead of a blacklist that can be used in any browser that has a blocker?
est 23 hours ago 4 replies      
> used DMCA takedowns to force removal from other blacklists

Could a hashed tld blacklist help? Each person downloads a unique hashed tld blacklist. Browser would calculate tld against list of hashes (or bloomfilters for what's worth)

> https://github.com/easylist/easylist/commit/a4d380ad1a3b33a0...

In this case, what if a rule says

- domain starts with "functio"

- domain ends with "onalclam.com"

- domain is no longer than 18 bytes.

Instead of cleartext?

2ion 23 hours ago 3 replies      
Hosting such a project on Github, a US-based company which responds to DMCA requests, is perhaps not the most sensible choice.
visarga 23 hours ago 1 reply      
What if Samsung issues another bogus DMCA? Would you dare blacklist Samsung? If the inconvenience level is high enough, almost nobody would use the blacklist. This only works for small players.
discreditable 23 hours ago 1 reply      
This seems to be a list of other admiral-owned domains: https://pgl.yoyo.org/adservers/admiral-domains.txt
appleflaxen 19 hours ago 1 reply      
the original DCMA take-down was against a uBlock Origin list.

why make an entirely new plugin when you can simply make a new list? As cool as your idea is, I don't need two browser extensions to manage when the first one will happily incorporate your list.

ajarmst 13 hours ago 1 reply      
This seems to beg an important question: are people who use legal means to remedy their inclusion on a blocklist necessarily doing so for nefarious reasons? Not everyone who's used a cease-and-desist or the DMCA process is a bad actor.

This extension isn't necessarily bad---if its purpose is simply to ensure that DMCA takedowns and cease-and-desist orders are properly supported and enforced only with good cause, then that seems valuable. If it ends up as a tool that starts making people who are legitimately trying to protect their livelihood or interests give up by making their legal remedies unenforceable or too onerous to undertake, then maybe we need something a little less cavalier.

suresh70 23 hours ago 0 replies      
This is one of the many situations where website owners,content creators and individuals being intimidated by using DMCA take down notice. Sometimes there are even fake notices as in here(https://www.eff.org/deeplinks/2016/10/samsung-sets-its-reput...).There should be proper checks to avoid misuse of DMCA take down notice.
ishitatsuyuki 23 hours ago 2 replies      
DMCA is targeted at service provider. Unless the code is self hosted, there's a risk that GitHub can take it down to avoid lawsuits.
jrwr 19 hours ago 1 reply      
Why not just switch to something like md5 for matching some domains that do this
dvfjsdhgfv 1 day ago 2 replies      
Kudos to the author for this. I wonder what the reaction of Admiral will be.
rocky1138 23 hours ago 0 replies      
A much easier solution is to just add those domains to your hosts file. Then it'll work across any program or browser you use.
jwilk 23 hours ago 1 reply      
> This is not my first DMCA-takedown rodeo

What's the story?

atomical 14 hours ago 1 reply      
What is functionalclam?
k__ 21 hours ago 0 replies      
doesn't stuff like privacy badger generate these lists on the fly locally?
CodeWriter23 20 hours ago 0 replies      
I take it as a good sign a player in the online ad industry is starting to squirm.
smegel 17 hours ago 0 replies      
Thank you good Sir.
dvl 23 hours ago 3 replies      
Not first time, it's stupid how GitHub accepts anything as DMCA request.
oelmekki 23 hours ago 2 replies      
Wouldn't put those domains in a blockchain be the proper answer? It could not be "took down", then (if it's a solid one, like btc or eth).
The world in which IPv6 was a good design apenwarr.ca
645 points by dbenamy  2 days ago   189 comments top 35
hueving 2 days ago 4 replies      
>They have to be special, because an IP node has to be able to transmit them before it has an IP address, which is of course impossible, so it just fills the IP headers with essentially nonsense

Not nonsense! The global IP broadcast is specified as and is used by other protocols. The source IP address for the initial discovery is indeed, which is not intuitive, but the rest of the DHCP exchange is handled with real IP addresses like normal IP traffic. DHCP is very much an IP protocol (see DHCP relay for how it transits IP networks).

>Actually, RARP worked quite fine and did the same thing as bootp and DHCP while being much simpler, but we don't talk about that.

Ugh, come on! RARP doesn't provide you with a route to get out of the network or other extremely useful things like a DNS server.

>and DHCP, which is an IP packet but is really an ethernet protocol, and so on.

No, it's not an ethernet protocol. It's a layer-3 address assignment protocol that runs inside of IP, which is normally encapsulated in ethernet frames. You can have a remote DHCP server running any arbitrary L2 non-ethernet protocol and if it receives a relayed DHCP request it will reply with IP unicast perfectly fine with no ethernet involved.

hueving 2 days ago 2 replies      
>In truth, that really is just complicating things. Now your operating system has to first look up the ethernet address of, find out it's 11:22:33:44:55:66, and finally generate a packet with destination ethernet address 11:22:33:44:55:66 and destination IP address is just a pointless intermediate step.

This is completely wrong, it's not pointless.

First, this can be used to easily swap out routers in a network without reconfiguring any clients or even incurring downtime. Without the intermediary gateway IP representation, this would mean you would either have to spoof the MAC on the second router or reconfigure all of the clients to point to the new gateway.

Second, ethernet addresses are a layer-2 construct and IP routes are a layer 3 construct. Your default gateway is a layer-3 route to There are protocols for exchanging layer-3 routes like BGP/RIP/etc that should not have to know anything about the layer-2 addressing scheme to provide the next-hop address.

Third, routers still need to have an IP address on the subnet anyway to originate ICMP messages (e.g. TTL expired, MTU exceeded, etc).

Fourth, ARP is still necessary even for the router itself to know how to take incoming IP traffic from the outside and actually forward it to the appropriate device on the local network. Otherwise you would have to statically configure a mapping of local IP addresses to MAC addresses on the router.

So ARP is critical for separation of concerns between L2 and L3. We don't live in an ethernet-only world.

>excessive ARP starts becoming one of your biggest nightmares. It's especially bad on wifi.

Broadcast can become a nightmare. Excessive ARP is a drop in the bucket compared to other discovery crap that computers spew onto networks.

The pattern of most computers now is to communicate with the external world (from the LAN perspective) and not much else. So on a network of 1000 computers (an already excessively large broadcast domain), your ARP traffic is going to be a couple of thousand ARP messages every few hours. If this is taking down your WiFi network, you have much bigger problems considering all of those are about a modern webpage load of traffic.

Animats 2 days ago 3 replies      
What he's really arguing for is a circuit-switched network, so that connections can be persistent over moves. He just needs a unique connection ID.

One amusing possibility would be to do this at the HTTPS layer. With HTTPS Everywhere, most HTTP connections now have a unique connection ID at the crypto layer - the session key. If you could move an HTTP connection from one IP address to another on the fly, it could be kept alive over moves. HTTPS already protects against MITM attacks, and if the transfer is botched or intercepted, that will break the connection.

I'm not recommending this, but it meets many of his criteria.

The trouble with low-level connection IDs that don't force routing is forgery. You can fake a source IP address, but that won't get you the reply traffic, so this is useful only for denial of service attacks. If you have connection IDs, you need to secure them somehow against replication, playback, etc.

ChuckMcM 1 day ago 0 replies      
It would be interesting to put that post into Genius and annotate its errors. At some level the premise is both true and false.

I lived the IPV6 debate, I went to IETF meetings, I worked on network services that would be affected one way or the other, I debated with others the various ways to "improve" or "replace" V4 to get a better system. And all through that time, while everyone felt there would be billions and billions of IP addresses, I was not aware of any discussion of dynamic routing such that a network endpoint could be found anywhere in the world without configuration. For everyone at the time felt network infrastructure was fixed, and network clients moved.

In that way a network client would move from one network to another, and then in that new network it would have to establish itself and then advertise somehow its new status. Everyone agreed that there would be some disruption during this change of status but things like TCP were designed to tolerate lossy networks. The network would adapt.

That pre-supposes a lot of little networks, with their own sets of rules. Except that isn't the way cellular carriers think, they have one network and your relationship to it rarely changes. If you aren't on their network you are 'roaming' and there are fixed rules in place for that. So they trade a lot of tracking and management for ease of use on the customer. And it enables some annoying things like 'header injection' in Verizon's case.

Dumb networks versus smart networks. AT&T's original switched network around the world vision versus Bob Metcalf's self organizing collection of independent nodes following a small set of rules. Architecturally its a debate that has been going on for a long long time.

hueving 2 days ago 3 replies      
>And nowadays big data centers are basically just SDNed, and you might as well not be using IP in the data center at all, because nobody's routing the packets. It's all just one big virtual bus network.

The opposite trend is true in large data centers. L3 fabrics where everything is routed have become extremely popular because BGP (or custom SDN setups) can be used to migrate IPs and you get to utilize multiple paths (rather than the single path offered by STP convergence).

Hikikomori 2 days ago 0 replies      
Interesting article, but it contains some weird statements.

>It is literally and has always been the software-defined network you use for interconnecting networks that have gotten too big. But the problem is, it was always too hard to hardware accelerate, and anyway, it didn't get hardware accelerated, and configuring DHCP really is a huge pain, so network operators just learned how to bridge bigger and bigger things.

IP forwarding (longest prefix match) is more complicated than mac forwarding yes, but it has been done in hardware (ASICs, typically NPUs today) for a long time now.Operators (I assume ISPs) do not build large bridged networks as they need their networks to scale as they grow, or they will hit a breaking point where their network collapses. ISP's typically use centralised DHCP servers (as opposed to configuring their access routers) and configure their routers to use DHCP relay. DHCP server configuration is easily automated by just reading your IPAM data, it's a non-issue.

tyingq 2 days ago 5 replies      
>One person at work put it best: "layers are only ever added, never removed."

Find this in the software world as well. Something about the java culture seems especially fascinated with multiple layers of abstraction.

Edit: Ok, some factions of the culture. "Convenient proxy factory bean superclass for proxy factory beans that create only singletons"

djrogers 2 days ago 1 reply      
> In truth, that really is just complicating things. Now your operating system has to first look up the ethernet address of, find out it's 11:22:33:44:55:66, and finally generate a packet with destination ethernet address 11:22:33:44:55:66 and destination IP address is just a pointless intermediate step.

Bollocks. The abstraction allowed by using an IP address instead of a MAC address is essential, considering that IP addresses are dynamic (even when statically configures, devices can and do get replaced) and MAC adresses are set at the factory. Can you imagine updating the routing table of every device in your network because you had to replace a core router and the MAC address was different? Its the equivalent of publishing your website on an IP address instead of a DNS hostname...

* yes, I know MAC addresses can be configured by software in many devices, but thats even more of a hack than using arp to determine a MAC address.

okket 2 days ago 1 reply      
> Actually, RARP worked quite fine and did the same thing as bootp and DHCP while being much simpler, but we don't talk about that.

Actually, no. You can only set an IP address with RARP, not even a netmask (RARP comes from pre-CIDR age) or other important stuff like default gateway, DNS server, etc like you can with DHCP.

ktRolster 2 days ago 2 replies      
We'll switch to IPv6, and every service will still go through port 80.
akshayn 2 days ago 1 reply      
"If, instead, we had identified sessions using only layer 4 data, then mobile IP would have worked perfectly."

Mobile IP can still work with the current infrastructure -- https://en.wikipedia.org/wiki/Mobile_IP

This proposal was basically a service which would host a static IP for you (similar to the LTE structure but with IP underneath instead of L2), and forward to whatever your "real" IP was using IP-in-IP encapsulation.

As the author states, layers are only ever added :)

hueving 2 days ago 0 replies      
>Network operators basically choose bridging vs routing based on how fast they want it to go and how much they hate configuring DHCP servers, which they really hate very much, which means they use bridging as much as possible and routing when they have to.

Very rarely does a network operator use bridging to avoid configuring DHCP. All modern protocols are built on IP so you still need an addressing scheme and most people want the Internet so the 169 auto addressing is out. So even in big bridged networks, you still have a DHCP server. In fact, you configure less DHCP in a big bridged network than DHCP for a ton of tiny networks.

The advantage to big bridging networks is that you have to setup very little routing (just the router to get in and out). If you routed between every port on the network, there would be an excessive amount of configuration involved to setup prefixes on every single interface.

feelin_googley 1 day ago 0 replies      
Suprising to see a recommendation for QUIC by someone who seems to ackowledge djb's contributions and incredible attention to detail. http://apenwarr.ca/log/?m=201103#28

Correct me if wrong, but QUIC was inspired by djb's CurveCP?

Would you rather have djb implement your trusted UDP congestion-controlled overlay or a company with 70,000+ employees who are paid from the sale of online ads?

@hashbreakerApr 15CurveCP's zero-padding (curvecp.org/messages.html) was designed years before ringroadbug.com, explicitly to stop that type of attack.



Leaking Sensitive Data in Security Protocols

What is Ring-Road?

The Ring-Road Bug is a serious vulnerability in security protocols [e.g, QUIC but not CurveCP] that leaks the length of passwords allowing attackers to bypass user authentication. The Internet Engineering Task Force for HTTP/2 led by Google is working to create a patch to protect security protocols vulnerable to Ring-Road.

Researchers a part of Purdue University identified a major security issue with Google's QUIC protocol (Quick UDP Internet Connections, pronounced quick).

mjevans 2 days ago 4 replies      
Ok, so QUIC or some other common layer 4/4+5 'Modern TCP over UDP for network compatibility' solution.

Lets just throw away the concept of 'addresses' for authentication and actually use a cryptographic authentication identifier of somekind, combined with some mux iteration ID.

luckydude 1 day ago 1 reply      
This is an awesome read and hilarious if you have any historical knowledge of networking.

+1 highly recommend even if all you want is a few chuckles.

Well done.

noahl 2 days ago 4 replies      
This was a very informative article for me, but there was one thing I didn't understand. At the end he made the case that mobile routing needed essentially two layers: a fixed per-device (or per session) identifier, and then a separate routing-layer address that could change as a device moved. QUIC has session identifiers, and that's great and could solve the problem.

But earlier in that very article, he already pointed out that every device already has a globally unique identifier used in layer 2 routing ... the ethernet MAC address.

Would someone please explain to me why we can't use MAC addresses as globally unique device IDs?

(Is MAC spoofing the issue?)

collinmanderson 1 day ago 0 replies      
A little off topic, but the TCP BBR Congestion Control they mention looks promising. I've been annoyed by "Bufferbloat" for over a decade and find different solutions to the problem pretty fascinating.

The nice part about this solution is that it doesn't require making changes to the individual nodes on the network (e.g. cable modem) in the way that other solutions have required (small and fair queues).

It also appears to be able to avoid the usual packet-drops of regular TCP congestion control.

femto 2 days ago 0 replies      
The "Internet Mobile Host Protocol" (IMHP) was written as a draft RFC in 1994. As far as I know it was never adopted, but is it still relevant, even as an inspiration for IPv6?

[1] https://www.cs.rice.edu/~dbj/pubs/draft-johnson-imhp-00.txt

Edit: Its official entry at the IETF: https://datatracker.ietf.org/doc/draft-johnson-imhp/

therealwardo 1 day ago 0 replies      
I gave a talk about a lot of the same concepts this piece covers - https://www.youtube.com/watch?v=g2czluHsmog

it has a more visual explanation of the OSI model and how it relates to routing and different kinds of hardware. I also tried to explain some of the interesting problems in actually building out a network in the second half of my talk.

if anyone is just trying to learn the basics of networking I'd also strongly recommend the Juniper Networking Fundamentals online class, its free at https://learningportal.juniper.net/juniper/user_activity_inf... or you can find videos of it on YouTube.

Aloha 2 days ago 2 replies      
Part of the difficulty here - is you're not just upgrading the whole stack, you're instead layering on whatever stack is already there - its a needed part of deploying any new technology without replacing everything from the basement up. I'm not sure what this guy would do instead however - as someone with a decent networking background, I got completely lost in the end.
teh_klev 1 day ago 0 replies      
There's quite a good (as usual) BBC Radio 4 "In Our Time" episode about Robert Hooke:


anilgulecha 2 days ago 6 replies      
One big UX mistake of IPv6: it was not made backward compatible with IPv4. (v6) ==

This simple design when planning and rolling it out would have meant incrementally updating the networking stack to also support v6. Now it turns out v4 and v6 are completely different, and no one has a big enough reason to make the change until everyone else makes the change. Hard chicken-egg problem.

undoware 2 days ago 1 reply      
Easily the best technical document I've ever read. Holy heck. "Now I see with pulse serene, the heart of the machine"
davidreiss 2 days ago 3 replies      
Is anyone else shocked at the low level of adoption of IPv6? I remember how in the late 90s people were saying we were going to run out of addresses and everyone need to migrate to IPv6 ASAP. Now, it seems that IPv4 is going to be around for a long while.
_pmf_ 2 days ago 0 replies      
> To save on electronics, people wanted to have a "bus" network

It was also to save sanity and avoiding having to rip apart every office building for installing hundreds of cables.

mirimir 2 days ago 0 replies      
I found the piece informative and entertaining. But I'm not technical enough to comment much. I would have liked to see what he thought of MPTCP as a replacement for TCP.
betaby 1 day ago 0 replies      
We have to stop IPv6 debate, it's already the reality.Even if you don't like it, even if you think it's ugly - doesn't matter.US IPv6 mobile traffic passed 50% some time ago https://engineering.linkedin.com/blog/2017/07/linkedin-passe...IPv6 at least on mobile is real and many of us even didn't notice it's there.
Hnrobert42 1 day ago 0 replies      
The best post I've ever read on HN.
peterburkimsher 2 days ago 2 replies      
That is a beautifully-written article.

The IEEE hardware and IETF software guys have been busy adding complexity to the networks, with so many legacy protocols (when everyone just uses TCP/IP) and extra ports (when everything happens on port 80 - seriously, even email is now on cloud services).

I can't get LTE because of political problems. So I just gave up trying to be online, and started caching everything possible.

Meanwhile, storage is getting larger capacity, smaller size, and cheaper. I've got a 512GB SD card in my pocket all the time, with a backup of my laptop in case my bag gets stolen.

My phone does everything offline if possible. Offline MP3 music. Offline maps. Wikipedia. StackOverflow. Hacker News. FML. UrbanDictionary. XKCD. The few YouTube videos I actually want to see again.

The only thing I need Internet for is communication. To send a message, I walk around looking for open WiFi and type my message to them on Facebook Messenger. If they need to reach me urgently, they can just use my phone number (which keeps changing every 6 months for the same political problems).

What if access points had large caches with mirrors of the content people want? Instead of asking Google's server in the US to send me a map tile, what if I could just get it from the local WiFi AP's web server? It would be much faster, and save so much trouble with networking.

Sure, there are some things that people need the network for (e.g. new content, copyrighted material). But so much else is free of licenses, and would be possible to mirror locally everywhere.

fundabulousrIII 2 days ago 0 replies      
This article was some of the most egregious nonsense I've read in a while.
marasal 2 days ago 0 replies      
This was a great read.
gridscomputing 2 days ago 2 replies      
killjoywashere 2 days ago 0 replies      
tardo99 2 days ago 2 replies      
What if the server needs to send you a packet while you're mobile but you haven't sent it a packet yet so it can update its cache? That packet will be lost in his scheme. Nice try.
beagle3 2 days ago 2 replies      
I am very glad IPv6 didn't catch on. The world in which it was designed was not a world in which everyone (NSA, Google, Facebook) was trying to document and correlate every tiny thing you do, whether it is related to them or not.

If IPv6 eventually becomes widespread, I hope it comes with ISPs that will let you replace your prefix, and phones/hardware that will randomize your suffix - otherwise, the internet becomes completely pseudonymous.

Benchmark Capital Sues Travis Kalanick for Fraud axios.com
463 points by bobsky  2 days ago   179 comments top 22
throwawy11111 2 days ago 6 replies      
Benchmarks in a bind and at war with travis; they need to liquidate their stake in next year or two. Softbank deal to buy out their shares fell apart in part b/c no CEO. Benchmark wants safe-hands leader who will cost-cut firesale their way to quick IPO. travis + allies being more long term; blocking benchmarks CEO picks (meg). so board civil war continues with benchmarks dirty tricks like this sour grapes lawsuit and selective leaks to undercut and force mgmt's hand in cost cuts (the lease car data earlier this week)
aresant 2 days ago 2 replies      
Among the complaints of bad behavior:

"Kalanick [aquired] a self-driving startup that, according to a confidential report not disclosed to Benchmark (the "Stroz report") allegedly harbored trade secrets from a competitor . . . "

The Stroz Report was created when "Otto and Uber jointly hired an outside forensic expert Stroz Friedman. Friedman interviewed employees, including Levandowski and Lior Ron, reviewed their digital devices like mobile phones and cloud storage, and prepared a report recording the results of the investigation. . . Uber dangled a huge carrot for Levandowski to be truthful . . and agreed to indemnify him for any prior bad acts he confessed to committing. In other words, if Levandowski told Stroz what he stole, then the high priests at Uber have absolved him of his civil sins and Uber will pay for any resulting lawsuits or penalties"(1)

Maybe I'm reading between the lines, but it seems like they're saying in black & white that the Stroz report contains incriminating evidence that Levandowski DID "harbor trade secrets" from Google which will materially impact the outcome of Ubers broader legal woes . . .

EDIT - Reading further in the actual complaint ""if the contents of Stroz's interim findings had been disclosed to Benchmark at the time, they would have had a material impact on Benchmark's decision to authorize the board seats . . ." (2)

Sounds quite a bit like a smoking gun, that Benchmark probably realizes now is going to come to light.

(1) https://medium.com/@nikhilgabraham/why-anthony-levandowski-h...

(2) https://www.documentcloud.org/documents/3922911-67730336-DE-...

rmason 2 days ago 6 replies      
If actual fraud is not found what sort of message does this send to entrepreneurs that Benchmark is founder friendly?

Looks like a grudge match to me. Apparently unhappy with merely removing Travis from the CEO's chair they want to make certain he's never allowed to ever enter the building.

whack 2 days ago 2 replies      
The key point of conflict appears to be the following:

The suit revolves around the June 2016 decision to expand the size of Uber's board of voting directors from eight to 11, with Kalanick having the sole right to designate those seats. Kalanick would later name himself to one of those seats following his resignation, since his prior board seat was reserved for the company's CEO. The other two seats remain unfilled. Benchmark argues that it never would have granted Kalanick those three extra seats had it known about his "gross mismanagement and other misconduct at Uber"

I never understood this practice of investors/founders having such wide discretion when it comes to controlling board seats. It always seemed to me that board representation should be roughly proportional to equity ownership. If a founder/VC controls 30% of the equity, he should be given control over ~30% of the board seats. Such an arrangement seems like the best way to ensure that incentives are aligned, and to prevent drama/shenanigans like whatever led to this suit.

WisNorCan 2 days ago 4 replies      
It's interesting to see how all the chaos at the board and management level has affected employees. Data from LinkedIn paints a troubling picture both in terms of hiring and retention.

* Uber has 31,537 employees as of August 2017.

* New hiring is down from 1000 per month in 2016 to 500 a month in 2017. July was the lowest month since the start of LinkedIn data which is August 2015 @ 440 hires.

* There are currently 8,000 job openings. Operations and Engineering are the two largest categories.

* With every 100 people that are hired. ~80 people are departing the company.

Hiring managers I have talked to say that it is very challenging to attract strong candidates to Uber and it is demoralizing because their best people are leaving.

sillysaurus3 2 days ago 5 replies      
Stakes: Per the complaint, Kalanick currently holds around a 10% equity stake in Uber, which most recently was valued at around $70 billion. Benchmark holds approximately 13 percent.

This is interesting. I thought HNers were saying Kalanick had the biggest stake, which is why the board couldn't fire him.

How does this work? If someone only has 10% equity, why was it so difficult to remove them? This is a useful tool for founders, so it's worth understanding.

nthcolumn 2 days ago 2 replies      
Before Travis got booted some Techcrunch article or other was submitted here on an almost daily basis about him and other issues Uber were having, some days two! I thought to myself: 'Boy! Techcrunch really have it in for Uber and Travis' (mit einen kleine schadenfreude, me being no fan of either). Once he left though, the posts seemed to me to end rather abruptly even though there were still newsworthy shenanigans at Uber. Has anyone else noticed this? Why? Cui bono?
zxcvvcxz 2 days ago 1 reply      
> Benchmark argues that it never would have granted Kalanick those three extra seats had it known about his "gross mismanagement and other misconduct at Uber"

Buyer's remorse! Investors think they deserve so much power because they put capital upfront and understand how to play the legal system to their benefit, while more industrious actors are busy actually building the value of the company.

Yeah and I can tell the folks at Benchmark about a bunch of guys I knew who wish they never would've gotten married. Oh well, when you take your vows... Till death do you part ;)

tareqak 2 days ago 0 replies      
Techmeme summary: Benchmark Capital sues Travis Kalanick for fraud, wants invalidation of the June 2016 stockholder vote to expand board, which would also remove him from board
tmh79 2 days ago 2 replies      
wonder what this means for the CEO search, softbank funding etc. My assumption is that both parties will settle quickly but I could be wrong. Also not noted in the article is that while travis owns 10% of the equity stake, he has super-voting shares, such that him, Ryan Graves, and Garret Camp as a trifecta hold controlling interest IIRC.
pfarnsworth 2 days ago 2 replies      
Who in their right mind, except for the utterly desperate, would accept money from Benchmark? Talk about letting the fox into the henhouse, you can't trust those guys whatsoever.
imsofuture 2 days ago 1 reply      
So the board agreed to create 3 new board seats over which Kalanick would explicitly have full control to appoint people. And now they're suing him because they regret that?
featherverse 2 days ago 0 replies      
As an aside.. the dude's face on the TechCrunch article about this is heartwrenching, if you stare at it long enough.


sjg007 2 days ago 0 replies      
Uber should IPO unless they are waiting until they decimate traditional taxis but I don't see that happening in key markets. They could buy up medallions on the sly though. Economically, Amazon loses money in expansion and they have no real competitors online so I don't see why uber can't do the same.
gavanwoolery 2 days ago 1 reply      
I do not know Travis well enough to say if he is a "good" or "bad" person but playing devil's advocate for a second: is it really a crime to organize a board in your favor? I imagine this is done all the time.
thebmax 2 days ago 5 replies      
Agreed. Fuck Benchmark. Travis makes each partner $1 billion personally and this is how they treat him? They should be blackballed by every great founder out there. I had respect for benchmark but not anymore. They are greedy assholes.
sergefaguet 2 days ago 0 replies      
will never, ever talk with Benchmark for any fundraising again. suing the CEO who made them ~ten billion dollars. what the actual fuck.
desireco42 2 days ago 0 replies      
I don't know about this infighting, but don't you think that someone like Meg Whitman would suck badly at being Uber CEO, not that she did wonders at HP. If anyone has opinion, I would be interested to hear.
revelation 2 days ago 1 reply      
There is nothing new here other than Benchmark Capital thinking they can choose and pick a shareholder decision to revert based on the recent Uber gates.

Seems very thin on the ground given there is no ruling in a court of law against Kalanick in any of those.

PhantomGremlin 2 days ago 4 replies      
In my best Nelson Muntz voice: "Ha-ha".

The VCs have done this to themselves. They put up all the money, they should have never allowed themselves to be put into this situation.

Decades ago, when I was at startups, this was 100% clear, cut and dried. The Golden Rule. People who have the gold make the rules.

I'm sure this won't be a popular opinion, since more HN readers are founders and employees than are VCs. But don't simply downvote. Explain. Articulate why, after taking billions of dollars in VC money, you feel like you're still owed control.

baccheion 2 days ago 2 replies      
Uber, AirBnb, Snapchat, Dropbox, etc will all crumble. They may continue to exist, but they'll be more like Twitter than Facebook. None of them are anything special.

Maybe Dropbox will get acquired after their failed IPO. Snapchat could also get filed away in a similar fashion, but it may be too late.

I wonder why they invested so much in a taxi company. It only makes sense if all cars are replaced with Uber autonomous vehicles, but what are the odds that will happen? Uber only makes sense in larger cities.

The "brain" trust may as well get started on teleportation or something else deserving of billions in blind/naive/"stupid" faith.

Is this the mobile bubble forming and collapsing live? As suggested by historical timings (8 <= year_ipod - year_founded <= 12), IPOs for all "big bets" should technically happen within the next year. I strongly doubt it's going to be pretty.

A rising sentiment that IBMs Watson cant deliver on its promises gizmodo.com
499 points by artsandsci  3 days ago   273 comments top 31
filereaper 2 days ago 5 replies      
I'm quite late to this thread, but I worked on Watson very briefly (not on the core development, but overall system performance improvements).

I think there's a major misunderstanding of Watson which isn't helped by IBM's Marketing efforts. IBM Marketing has been slapping the "Cognitive" label on everything and is creating unrealistic expectations.

The Jeopardy playing Watson (DeepQA pipeline) was a landmark success at Information Retrieval, its architecture is built largely on Apache UIMA and Lucene with proprietary code for scaling out (performance) and filtering & ranking. I'm not an expert on IR so I won't comment further. This is very different from Neural Nets that are all the rage in ML today.

I'd like to point the following links from David Ferrucci [1] the original architect of Watson and this technical publication at aaai.org [2].

The DeepQA pipeline wasn't fluff, the intention was to take this question-answer pipeline and apply it to other verticals such as Law and Medicine, essentially replace the Jeopardy playing Watson's corpus of Wikipedia, Britannica etc... with Legal and Medical equivalents.

Given its runaway PR success, the Watson brand was applied to many other areas which haven't been successful but I'd like to point out what the original product was here.

[1] https://www.singularityweblog.com/david-ferrucci-on-singular...[2] https://www.aaai.org/Magazine/Watson/watson.php

ChuckMcM 2 days ago 5 replies      
When I worked at IBM I expressed concern that the television commercials depicting a HAL9000 level interactive dialog system were dangerously overselling what Watson could do.

The challenge, as I saw it, was that no matter how good the tools and products that were used to help companies with data analysis to improve their operations were, when they realize they can't talk to a cube and joke with it about misusing colloquial phrases their disappointment overshadows all the 'good' stuff it was doing for them.

No relationship works well if it starts with a lie and as this article shows, people do take those ads at face value and assume there really is a talking AI inside of IBM. Then they are hugely disappointed when they find out it doesn't exist.

tangue 3 days ago 5 replies      
Crdit Mutuel (a french bank) has adopted Watson [0] and it's not encouraging : it was supposed to help answering emails, : they had to describe manually the concepts in emails and create topics in which looks a lot like decision-trees (and reminds me of this 1985 ad for Texas Instrument's Lisp AI https://www.scientificamerican.com/media/inline/blog/File/De... scroll to see the ad)

Indeed the whole thing looks like a database with basic AI as a sales argument...

[0 - in french] http://www.silicon.fr/credit-mutuel-non-ia-watson-magique-17...

slackingoff2017 2 days ago 7 replies      
IBM is a dying giant, I've seen it languishing for years. Their massive screw up was a decade ago when they decided shareholder value was more important than having good engineers. They've since gutted their R&D departments and all that's left are duds and underpaid undereducated consultants rented from places like Accenture.

The only good thing to come out of IBM in years is their Hyperscan regex library and unsurprisingly they don't market it at all or build practical applications with it

laichzeit0 2 days ago 0 replies      
I had problems with Watson to the effect that not even the documentation matches reality. There are some fairly basic things missing from their NERC offering. I can tell you that the functionality that is missing is so basic (e.g. negation) that without a doubt, no one in IBM has ever used this offering in practise beyond a toy example.

The idea that IBM Watson is some uniform AI in a box with a bunch of REST API's to "expose" its intelligence seems to be the sales pitch. It's not. It's just a bunch of acquired products (you can see this when e.g. Watson Knowledge Studio breaks and you see the Python scripts that glues everything together in the backend) that are poorly integrated, probably because the left hand has no idea what the right hand is doing.

Caveat emptor!


peteretep 3 days ago 4 replies      
A couple of years ago I was given a project that was essentially "Evaluate Watson APIs to see if there's anything there we could make use of", and came away with the distinct impression that it was largely smoke and mirrors, and there was very little that was either effective or interesting there.
notfromhere 3 days ago 1 reply      
The dirty secret is that IBM Watson is just a brand for their army of data consultants, and their consultants aren't very good. In my experience working for a competitor in this space, IBM Watson was widely agreed to be smoke and mirrors without much going on
blueyes 2 days ago 2 replies      
IBM has almost zero credibility in deep learning and AI. They haven't hired anyone of note. They haven't produced any novel or influential research in the field in years. And yet they air these cheesy Dylan ads and the rubes fall for it. Watson is a Theranos-scale fraud, and it's finally coming out.
throwaway_ibm 3 days ago 0 replies      
I know someone who is intimately involved with IBM Watson, they are highly educated and constantly diss the system. Calling it, 'Just a large database'. If Watson was a true breakthrough, it should be gaining marketshare throughout it's specialities but it's not. Google is leading the industry with DeepMind; Facebook and Microsoft aren't far behind. I'd encourage others to be very skeptical of the PR that IBM is pushing about their Watson problem.

disclosure: I haven't read the article but wanted to share a related story.

ams6110 3 days ago 0 replies      
What? A brand name which is just a word meaning "IBM Enterprise Products and Services" doesn't really live up to the marketing hype? I can't imagine such a thing.
strict9 3 days ago 0 replies      
Many years ago when I worked for a company that decided our existing ecommerce app was too terrible to fix and would be too much effort to rebuild, we talked to a number of vendors, including IBM. The marketing materials and salespeople made a compelling case, but deeper dives into the app itself and the support engineers behind it convinced even the most enthusiastic internal cheerleaders to look elsewhere.

In recent years as news articles heralding the future of Watson for various industries (including healthcare and supply chain), I predicted a similar path. An amazing product in a very narrow environment designed specifically for marketing and selling purposes, and not very adaptable.

FTA: And everybodys very happy to claim to work with Watson, Perlich said. So I think right now Watson is monetizing primarily on the brand perception.

This is painfully obvious, as this has been IBM for a very long time.

scottlocklin 2 days ago 1 reply      
Yeah, well, "duh."What boggles my mind is people will read this, nod sadly, and continue not to notice that a whole bunch of what they think they know about machine learning, autonomous vehicles and so on is also marketing department hype.
chisleu 2 days ago 0 replies      
I'm late but have something to add.

Until last week I was on a 6 month contract as a senior DevOps engineer for IBM/Watson. I was responsible for one of the huge real-time data ingestion pipelines that Watson receives. I left to work elsewhere in spite of being offered an excellent position. (If you guys are reading this, hi.)

I went to IBM not expecting much more than working as a cog in a lumbering giant.

Watson is the fastest growing part of IBM. If IBM has all of those eggs in one basket, it is the Watson basket. There were lots of jokes about cognitive in the office pool.

That said, it was by far one of the best managed companies I've seen. They have some fantastic data engineers and scientists. They are backing most of the open source projects related to AI and next generation tech. Spark, VoltDB...

The ads might seem sensational, but the concept of a black box that orders preemptive maintenance for an elevator isn't far fetched...

More over, Watson had so many current customers because it is valuable. The technical advisors that but products don't put faith in ads any more than we do.

dpflan 3 days ago 1 reply      
I like how IBM does very elaborate marketing ploys to hype their wares: like Deep Blue competing against Kasparov and Watson competing against Jennings to showcase IBM's engineering prowess. But it does sell the idea pretty well I think, but perhaps the idea is too grand/far ahead of the present.
simonh 2 days ago 2 replies      
This just goes to show just how tragically far away we are from even beginning to build the rudiments of a strong general purpose AI. For all the fantastic achievements of systems like Watson and Alphago, and they are amazing achievements, they are radically optimised special purpose systems fine tuned to solving one extremely specific and narrow problem, and that problem only.

Watson is a case study in this, but I know Google has big plans for applying the tech behind Alphago in medicine. I wish them every success, but I'm concerned they will hit similar specialisation issues.

Probooks 2 days ago 0 replies      
Problem is deeper (and simpler). IBM does not look for clients, but rather victims. We clients end up being caught in an internal upsales fight. Nobody cares which is the best solution IBM as a whole can offer to you (their own people do not even know all their available tools!), but rather how much suboptimal stuff each salesman can load onto you. I'm on my way out of IBM...
speeder 2 days ago 2 replies      
I actually love the idea of Watson being used for healthcare...

Sadly I think it is being used wrong...

IBM is focusing on using Watson to cure very specific diseases, like certain types of cancer.

I think a far better use for Watson would be to do initial diagnosis, for example my life got massively delayed because I got hypothyroidism as teenager, but only using internet data I could self-diagnose and self-treat (because doctors are still unwilling to help, not trusting data, and before someone come berate me for self-treatment, it is working...) as adult I could finally get my life 'started' (hypothyroidism affect physical and mental development, and slows down metabolism and the brain)

During my quest I met many, many, many people on internet, that had self-diagnosed with something using the internet as a tool. All of us would have been diagnosed properly if Watson was being used on the doctors office, using its data crunching capabilities and symptoms as input to find out what problem we had. (in my case: I have Hashimoto's disease)

jjm 2 days ago 0 replies      
They had so much time to contribute but instead chose marketing and pushed into areas where they didn't really have a handle on yet. As in management didn't understand.

I mean all the datasets, dozens of libraries, stunning NN demos and training sets, TPUs (multiple versions at that!) all could've come out of the company.

Think if keras and tensor flow were from IBM. Or all those cars now running Nvidia Jetson, or mega datacenters running NV100s or Google TPUs.

Shoot they even had a chance to enhance PowerPC ICs for NNs.

Alas but nope.

dislikes_IBM 2 days ago 2 replies      
IBM has a toxic culture. They are the vendor lock-in Gods. Every company I've ever worked for has cringed at the mention of IBM, never suggested them as a new solution, and always regretted whatever if anything they locked themselves into.

They are the only company that charges you to sample their API's. They are the absolute worst, an infection that needs to be cured.

tCfD 2 days ago 1 reply      
Obvious fix is for IBM to put Watson on a blockchain /s
ghostly_s 2 days ago 0 replies      
I overheard a good-'ol-boy businessman at a hotel bar a few months back. He bore an eerie likeness to Bosworth from Halt and Catch Fire, and was telling a younger gentleman about a project he worked on. "...so Watson comes in and they Algorithm the whole thing..."

I'm pretty sure he thought Watson was a person.

crsv 2 days ago 1 reply      
Replace IBM's Watson with anything branded with "AI" right now and themes in the article still hold up.
ExactoKnight 2 days ago 0 replies      
Watson's Natural Language Classifier, in particular its categorization API, is actually pretty impressive...
batmansmk 3 days ago 4 replies      
You can try by yourself. https://alchemy-language-demo.mybluemix.net/

Imagine analyzing product reviews to determine if it was positive or negative.Type "I like it", and see the inaccurate targeted sentiment (neutral sentiment instead of positive).

etiam 2 days ago 0 replies      
It's tempting to start whispering winter is coming, but I think one may reasonably hope that the current fashions at large have enough nuance to differentiate between this particular marketing gimmick and the broader developments in ML.

Personally I'd be happy to see the paragraphs/minutes at the beginning of far too many interviews about "intelligent" machines exchanged, from straightening out the misconception that Watson is an example of this new hot "Deep Learning" thing and one of the pinnacles of achievement in the field, for some type of more valuable type of commentary from leading researchers.

dboreham 3 days ago 4 replies      
Bundle up for the second AI Winter...
outside1234 3 days ago 0 replies      
You don't say! This is IBM consulting ware? Who would have guessed!
PaulHoule 2 days ago 0 replies      
This was my opinion when they started running these ads. My opinion has actually softened a little.

Some of the cognitive services they are offering today are not half bad; also I can say their salespeople are doing a gangbusters job in places.

ceedan 3 days ago 1 reply      
Does IBM itself even "use" Watson?
et2o 2 days ago 1 reply      
I saw a very humorous twitter exchange between a bioinformatician and IBM Watson's twitter account. The scientist asked them to provide any peer-reviewed ML publications and the best they could do was an abstract at a regional conference no-one has heard of. And it was a terrible abstract.

It's completely marketing. IBM still has a good name among people who don't know much about technology. They're trading on this and the current saturation of 'machine learning' in the popular press.

currymj 3 days ago 0 replies      
it's just a brand name at this point, which they attach to any machine learning they develop or acquire, and they should stop trying to sell it as a distinct technology.
Outraged about the Google diversity memo? backreaction.blogspot.com
569 points by rice_otaku  3 days ago   793 comments top 3
kromem 3 days ago 4 replies      
An interesting anecdote regarding gender bias and tech.

In the very early stage of my company, we wanted to outsource some UX work. After an exhausting review of applicants on one of the freelance sites out there, we finally settled on a Pakistani woman who had the best balance of portfolio vs cost.

At the initial Skype call, there was no video. And it turned out to be a guy speaking in a very high voice. We didn't really care and just went along with it (after a call or two he dropped his octave significantly, but everything continued with the original female name). But it was curious that this enterprising individual decided that the best way to stand out from the countless other developers with similar demographics he was competing against was to pretend to be a woman.

I do suspect that the presumed bias that women aren't actually as skilled and got where they are because of gender preference, while an uncomfortable bias for women, does make it so that a woman with equal skill to a male candidate is perceived as a greater rarity/find because "oh wow, this one is legit." (Not saying women are actually less likely to be legit, just saying the perception that is true can work to board in the opposite direction). I'd be extremely curious to see the classic "attach picture to resume/work sample" experiment done for tech with actual hiring managers. I'd be very surprised if the work with the female photo has a lower net score than the male photo across the experimental groups.

jernfrost 3 days ago 7 replies      
Great perspective. As a Northern European having dealt with American company ownership I don't think the main problem in Google's case was political correctness but rather a general American problem with how free speech is defined in the US. Freedom in America is always about government NOT doing something, while in Europe government is defined as a protector of these freedoms. This shows up clearly with respect to stating an opinion at a US company. There is no protection of free speech on private property in the US. I first encountered this when out company got bought by an American one and they i sisted that religion and politics should not be discussed at work. It surprised them that such a demand was illegal in Norway. Private property does not trumph everything else as it often seems to do in the US.

While americans are free to utter quite inflamatory speech in the public, I find that American culture seems to discourage any sort of controversial topic in polite company.

That applies to conservatives and liberals alike in the US. Discussing religion among conservatives in the US seems taboo. While liberals are not very open to having PC opinions challenged.

Const-me 3 days ago  replies      
IMO the best comment from there:

Giulio Prisco said...The results of this incident are easy to predict.

Now everyone at Google (and everyone in large tech companies, and everyone in academy) knows that they can be fired for expressing opinions that dissent from the party line.

Of course they'll shut up for fear of losing their job and the means to support their family.

But they won't change their position. If anything, their position will be radicalized. For example, from classical liberal to alt-right.

Yes, they'll stop expressing their opinion in public. But they'll express their opinion, with a vengeance, in the only place where one can do so in secrecy without fear of witch-hunting mobs: the voting booth.

Yes, that explains Trump.

Big brother is here, and his name is Facebook thenextweb.com
468 points by ahiknsr  1 day ago   253 comments top 45
Deimorz 23 hours ago 16 replies      
Personally, I think Google is just as terrifying, possibly more.

As an example, just take a fairly normal life situation like going out for dinner with some friends, and think about how much of it goes "through" Google:


One of your friends sends an email to 6 others, to ask if everyone's free for dinner on Friday. 5 of the 7 people involved use gmail or a google apps address.

You've never heard of the restaurant they're suggesting, so you search for it on Google to see what kind of food it is.

You click to the restaurant's site. It uses Google Analytics, so even though you're no longer on Google, it still knows the exact path you take through the site while you're "outside".

You decide the restaurant looks good, and enter the dinner into Google Calendar.

On Friday, you use Google Maps to get to the restaurant, so Google knows exactly where you were before, what time you left, and the route you took. While you're driving, maybe you send a couple of text messages using the Google voice assistant.

At the restaurant, it turns out your friend Doug is there, even though he wasn't part of the emails. During dinner, you're all trying to remember the name of that movie where Shaq plays a genie, so both you and Doug grab your phones and google for phrases like "shaq movie genie" at about the same time. Even though Doug wasn't included in any of the planning, Google now knows that you're almost certainly together, and what you're talking about.

You finish your meal and pay via the restaurant's Square system, which emails the receipt to your gmail address. Google now knows exactly what you ate, and how much you paid for it.

You use Google Maps again when leaving, telling Google exactly how long you stayed at the restaurant and where you're going next.


I didn't even push that very far. There are multiple other things I could have easily added, and you can do this with almost any situation. It's quite insane how much Google knows about what people are doing all the time, and the level of detail they can get by combining these things.

cisanti 23 hours ago 6 replies      
The authoritarian regimes' secret police would be delighted at something like this. People actually (well, not all of us) give them information themselves, and those who don't, sure do get tracked across the web.

"Thoughts control" is very much a real problem, as the Google Memo scandal showed us. People dug out the irrelevant donation of Brendan Eich. Think about the power FB has, they know exactly who is the enemy of the state using the word from good old Soviet Union where I happened to born in.

People on the left dangerously remind me the fanatic pioneers, who only think one way is right and preach false tolerance. Some are even so stupid that they hold a hammer and sickle in one hand and rainbow flag in another. Knowing the possibility of the power and the capabilities these people would have if in power. I would say we live in dangerous times.

neuro_imager 20 hours ago 1 reply      
"Old George Orwell got it backward. Big Brother isn't watching. He's singing and dancing. He's pulling rabbits out of a hat. Big Brothers busy holding your attention every moment you're awake. He's making sure you're always distracted. He's making sure you're fully absorbed. He's making sure your imagination withers. Until it's as useful as your appendix. He's making sure your attention is always filled. And this being fed, it's worse than being watched. With the world always filling you, no one has to worry about what's in your mind. With everyone's imagination atrophied, no one will ever be a threat to the world." Chuck Palahniuk
vayun 1 hour ago 0 replies      
The article is pure FUD spreading.

"potentially being able to eavesdrop on our conversations", so now any app which has access to microphone "may be listening"?

So it uses data which you are willingly share with it to "serve better ads". Where is a problem with that? Does the author prefer worse ads?

Joeri 17 hours ago 1 reply      
May 26 2018 is going to be a very interesting day. The GDPR will trigger across Europe, and Facebook will become legally compelled wrt any European citizen to share everything they know about them, discard data not relevant to delivering the Facebook service, and allow users to correct any of the data, or remove all of it. It will be fascinating to see what exactly they know about me. In theory, not that much, since I barely engage with Facebook at all, but in practice I suspect quite a lot.
intopieces 21 hours ago 2 replies      
Big Brother is here, but his name is not Facebook. It's WeChat.


WeChat has the tracking capability that Facebook could only dream of, and it does not even hide it.

darrmit 19 hours ago 0 replies      
I don't find Facebook useful for much and find that it brings the worst out in people, therefore I don't use it.

I do find Google useful but choose to use it very sparingly - no search, no mail, no maps. I do use Drive, Docs, and Photos (for now).

The problem I'm running into is some of Google's services are so exceptional compared to alternatives that it's becoming problematic to use alternatives. Maps is an example of this. In some ways Chrome is an example of this (when considering it as a platform/OS instead of just a browser).

I get the irony that their services are exceptional because of the data they collect, but that's sort of irrelevant.

But at the end of the day, I ask myself how much this matters in the absence of a VPN at home and on mobile when ISPs and cell providers are partnering up with advertisers and government agencies.

Animats 20 hours ago 1 reply      
I just can't see running the Facebook app. Facebook on the desktop, sure, but why on a phone? Other than checking in once a day or so to see what my friends are doing, Facebook has nothing I want.

I don't use Gmail. I have a Google account, but it's only used for updating browser add-ons. Last login was over a year ago. Mail comes from a IMAP server. Android's standard mail client does IMAP just fine. All my desktops and laptops use the same IMAP server, so it all syncs.

I don't have much Google stuff from my Android phone. When I bought the phone, uninitialized, it asked for a Google login. I clicked "later", and then deleted Google First-Time Login so that wouldn't come up again.After a while, voice dialing broke due to some update at Google, so I deleted more Google services. Location services come from ZANavi. (That uses unassisted GPS, so it takes a while to get a fix.)

msoad 23 hours ago 2 replies      
I heard form someone at Facebook that they use location data to figure out who you are with.

If a group of friends go to a restaurant and nobody checks in Facebook will know you are together because all of you opened one of their apps in the same time frame and location.

wonder_er 23 hours ago 7 replies      
I can't quite believe the argument that Facebook is Big Brother, because the first suggestion the author suggests is "stop using Facebook".

In 1984, I believe the most compelling attribute of "Big Brother" was that he/it could not be willfully turned off.

So, for this to be an appropriate analogy, Facebook would need to be able to legally compel you to have the app on your phone, and if you illegally removed the app/ignored FB, you could be thrown into jail.

Facebook is huge, but all the big tech companies cannot actually imprison you.

Seems like a useful distinction.

andreasgonewild 1 hour ago 0 replies      
There are plenty of superior alternatives; but this one is mine, and free; and secure:


Whatever you do, opt out before it's too late...

partiallypro 13 hours ago 1 reply      
Google knows far far more about you than Facebook. Facebook knows the information you want public or general information like usage. Google knows your darkest secrets. Sure, Facebook tracking pixels might track some of your shopping habits too; but Google has analytics everywhere, Adwords linked up, your search history, your browser history, your location history etc.
hutzlibu 19 hours ago 2 replies      
I wonder how many people who write about big brother and 1984, have actually read the book.

Because I live a life without facebook.

In 1984 there was no opt-out - full violent dominant controll, all the time. Also over the thoughts.

We are maybe beeing spied on a lot, by many different organizations - but I am not going to torture/brainwashed camp, because I THINK xxx is bad. I can also say it.

So continue to criticize bad things, but maybe with a little bit less alarmism/hystery ... thanks.

yhn4433 22 hours ago 1 reply      
... says a media outlet with live trackers for connect.facebook.com and graph.facebook.com, amoung others.
wbillingsley 10 hours ago 1 reply      
Twitter is more concerning, as it has connected society's social enforcers (those who are concerned with which views "have no place in our society") with media, government, employers, etc.

In terms of privacy, people have never been that concerned with "who's listening" so long as the scope of use is limited (eg, security cameras in carparks are seen as a sign of safety, not espionage, and people will happily mouth off loudly to their friends on balconies, untroubled by the ordinary passer by who might look on and scowl at the trash they might be talking).

It's not the overhearing and data collection part of zersetzung that's the most problematic -- it's the army of volunteers ready to take part in public denunciation and social undermining that people grow to fear.

benevol 18 hours ago 0 replies      
On one side, I'm happy to see that people slowly start to understand the situation.

On the other side, I'm kind of shocked it took so long. The way these companies were going to take control over us was so obvious about 15 years ago. A lot of damage is done, now.

sametmax 21 hours ago 0 replies      
Did you just wake up and realize it ? Cause it's something a lot of people have been saying for years now.
rogerthis 20 hours ago 0 replies      
To put things in a different perspective, imagine how much information about a farmer had an ancient imperor? How fast or effectively he could move the feelings of the people? Or order his army to attack or change tactics? Or how many months or years a pope from Middle Age would take to spread some dogma to all faithful?

When I relate these questions to what we have today I can't help but think that if we do not pay attention we'll head to a world with less and less freedom.

nigrioid 19 hours ago 0 replies      
All of the spooky privacy issues are bad enough, but what really makes me sad is the continuous movement away from things you can control and run yourself (e.g., mail and web servers) toward closed, opaque, proprietary stuff like Facebook.
amingilani 13 hours ago 0 replies      
Hrm. This article is functionally suspiciously like a banner-ad for the Nexus social network's ICO.

I'm not saying that it may have intended to be one, or that it isn't about Facebook taking over our lives. But it starts with how bad our privacy is, tells us how we can take control over messaging and our mic, and then ends with a switching to Nexus, and whose ICO starts in three days. Functionally speaking, it has the same impact as a sponsored article written for the ICO.

I mean, I use Telegram myself, but it doesn't replace Messenger for me. While we're on the subject, Whatsapp also provides end-to-end encryption, is owned by Facebook and is definitely a Telegram competitor.

newscracker 22 hours ago 1 reply      
> In most cases, granting permission is an all-or-nothing affair. This means you cannot cherry-pick the permissions to grant or deny when installing an app. You either accept or decline.

I wish the author had spent a few lines to expand on this one so people would understand it better. This is a huge problem for those using older Android phones (which is a huge number worldwide) with Android 5 and below. With Android 6 (Marshmallow) and beyond, one can control specific permissions post app install (whereas the "all or nothing at installation" model applies to lower versions). AFAIK, this is also a problem on Windows phones, but that's quite a small percentage comparatively.

Those using iOS devices haven't had this issue for a long time because app permissions are granted or denied individually at runtime (this has also improved over time) and not during installation.

> The choices here involve four things:


> Switch to secured and private decentralized social networks

The author mentions Nexus Social, but it still seems like it'll have decentralized storage only later next year. As of now, I don't know of any Facebook or Google+ replacements that are decentralized and help control/preserve privacy. There are simpler platforms to replace Twitter, like Mastodon. But a text-only platform will always remain a niche as far as social networking is concerned. We live in the age of memes, live videos and clips.

I personally would love to see a decentralized, feature rich and easy to use platform that preserves and allows control of privacy by the users (from others and the network), but at this point in time I don't have much hope for the next several years.

sonnhy 8 hours ago 0 replies      
I've read nothing new from this article, but I've never heard of that app RYL and the concept that you can occupy the mic with one app at the time.

Apart from the fact that that app will be listening all your day and that will make your phone containing sensible information anyway, I could be leaked as easily as that information is also stored as compressed as possible, for easy and non noticeable way in your internet footprint.Yet you can trust an app who's not open source, if your read their manifesto.

I wonder if this article was all about RYL anyway.

Micoloth 22 hours ago 0 replies      
Even tho i'll always remind that any reasoning that links this with a left or right political orientation is just dumb-

Yes, this is deeply and dramatically scary

williamle8300 21 hours ago 0 replies      
Don't forget about Google. It's less of a salient problem... but all the data collection is created to be monetized. In a few years, we'll end up seeing really interesting ways that data will be sold (not just for advertisers).
SubiculumCode 21 hours ago 3 replies      
"Passively Listening"

I will say this. The frequency of occasions is increasing where I've mentioned to my wife or son a product or service out of the blue only get served an ad with that product within the next 24 hours. Sure, it could be coincidence. I could be that the product was suggested subliminally to me via a campaign, etc. But some of these things are very specialized (plastic mold press), and not related to what I'm typically interested.

What I've not done is stage experiments where I randomly select products, intentionally mention said product near our family's cell phones, and make note of ads targeted at me in the next 24 hours.

yotamoron 20 hours ago 0 replies      
I deleted my fb account more then 2 years ago. Life is so much better now.
narrator 21 hours ago 2 replies      
I post all my daily thoughts and pictures and lots of personal details of my day to day activities TO MY OWN PRIVATE MASTODON SERVER. This is hosted on a VPS. I give accounts to my close friends and it gives me no impulse to use traditional social media for other than professional purposes. If friends want to know what is the latest on my life, they can just log in and read my activity feed.

My default search is duckduckgo and I'll use Google if I'm not getting good results.

I haven't really found a good alternative to Gmail though.

carl-erwin 18 hours ago 0 replies      
The funny thing is the "share on facebook" button at the end of the article.
pcunite 21 hours ago 0 replies      
Big Brother's name is actually IoT.
danirod 17 hours ago 0 replies      
Regarding the 'always listening' concerns, on Android 6.0 and above it is possible to grant granular permissions for resources such as microphone or location to applications. Even on applications that use an older SDK where granular permissions are not a thing, you can still disable those permissions after installing the application by tweaking the System Settings.

By looking at my current permission settings, only the Camera and the Phone app have permission to use my microphone. I closed my Facebook account a while ago but I use WhatsApp, owned by Facebook. Given that I don't send voice notes or make in-app calls, there is no need for it having access to my microphone. Same with location -- no need.

dzink 8 hours ago 0 replies      
Is it legal to announce a funding event like this ICO in the press? Especially in a PR piece?
SHAKEDECADE 9 hours ago 0 replies      
Startpage for google results and eu.ixquick.com for non google/yahoo/bing results. All with a happy meal toy of being able to use their proxy to view sites and images. DDG has bangs via !sp & !ix but DDG uses GET instead of POsT
kristianc 16 hours ago 1 reply      
> By running its platform on top of blockchain technology, Nexus integrates social networking, crowdfunding, and even e-commerce features embedded. Nexus is aiming to eliminate all invasion of privacy that large corporation are currently performing according to its founder, Jade Mulholland.

So the big plan to avoid Facebook's privacy creep is to put everything on an immutable, publicly accessible record which you don't control? Okay.

chrischen 22 hours ago 1 reply      
In these articles there are a lot of statements where Fb denies doing certain things specifically, such as storing audio recordings when the app is used to tag TV shows.

Im generally curious about if companies usually lie about practices like this, especially since company policy can change internally at any time without oversight. What happens if they are caught lying? Doesnt seem to be breaking the law in any way.

Its scary to think that while Facebook reassures everyone they arent listening to conversations or arent storing audio in a way thats connected to the harvested user, they really have no obligation to wihhold that promise and even if they dont they dont even have to tell us!

danblick 17 hours ago 0 replies      
"Orwell warns that we will be overcome by an externally imposed oppression. But in Huxley's vision, no Big Brother is required to deprive people of their autonomy, maturity and history. As he saw it, people will come to love their oppression, to adore the technologies that undo their capacities to think." - Neil Postman in Amusing Ourselves to Death
smokeyj 23 hours ago 2 replies      
Didn't Zuck assist Pakistan in enforcing blasphemy laws resulting in a mans death sentence?

Here's a prediction. Zuck will be the face of the Democratic party in the next 12 years.

nibstwo 23 hours ago 1 reply      
Brave New World not 1984.
RomanPushkin 21 hours ago 0 replies      
goalieca 23 hours ago 2 replies      
I've closed my Facebook account but as the article mentions, delete the app and use the browser interface if you must. Your battery will also thank you.
innocentoldguy 23 hours ago 0 replies      
This article states all the reasons I don't use the Facebook app, the Messenger app, nor do I ever use Facebook as an authentication mechanism. Why stick a "kick me" sign on your own back?
barhun 14 hours ago 0 replies      
oh, idiots are attacking again. go away, dunderheads! just leave us alone!

here is a list of some choices you are given:

- to not opt into facebook membership

- to opt out later if you ever opted in

- to not share anything on it whenever you want

- to remove any mobile app from your phone.

facebook, what a totalitarian company! en passant... tell me, honestly; have you ever read 1984?

throw2016 18 hours ago 0 replies      
Every problem is an opportunity and potential solution. The current centralization will bring with it all the problems of centralization. Individuals can't simply depend on goodwill. That never ends well. Power is arbitrary, concentrates itself and seeks its own expansion making individuals irrelevant.

The bigger problem is the potential solution. What seems to happen in the market economy is once any potential 'solution' takes off, the money and greed involved also do, and the solution becomes the exact same problem it was attempting to solve. Or it was just 2 powerful vested interests fighting all along masquerading as change.

There is plenty of wealth floating around, resources and power are increasingly centralized, the barriers to entry are getting higher exponentially, distract yourself, avoid it, accept it or vie for change, but most change-agents have been betrayers, merely replacing one set with another, hence the devil you know.

This is not to advocate helplessness but to think carefully about potential solutions and not blindly support self serving interests promoting change.

basicplus2 23 hours ago 0 replies      
I use the Facebook app, but it is in a separate phone used for nothing else, and lives permanently on a desk at home.
mattbgates 14 hours ago 0 replies      
All hail the Overlord Zuckerberg!
The Kolmogorov option scottaaronson.com
523 points by apsec112  4 days ago   458 comments top 3
habitue 4 days ago 13 replies      
Let's say this is about the Google memo. And let's say, for the sake of argument, you're a person who thinks Damore had some good points and some bad points but you think the hysterically censorious response to him was way over the line. But you don't want to become a pariah yourself, so you stay quiet about it. The argument Damore was making was fiddly, kind of subtle and takes a long time to explain, it's not worth the trouble you're going to get into. You take the Kolmogorov option and decide to wait out this insane time period.

Only it turns out, when you don't decide to argue for that subtle and qualified defense of Damore, a bunch of alt-right internet trolls make some terrible fallacious defenses of things he didn't say. Suddenly, the original censorious instincts seem much more righteous and justified. After all, "Now there are only full-throated red-pillers arguing in Damore's defense! We were right all along!"

Now there are two sides to this issue, and they're both identity politics and brain-dead shouting. Because no one stopped and offered a third option: actually discussing his argument, acknowledging where he was right, and discussing what he got wrong.

my_first_acct 3 days ago 0 replies      
Certain topics, that otherwise might be interesting to discuss, are surrounded by minefields. One such topic is the distribution of intellectual ability within subgroups of the population. In contrast to the minefields that Kolmogorov deliberately avoided, this minefield was not put in place by a repressive government. Nor was it secretly put in place overnight by a fanatic band of social-justice zealots.

My observation, which I will offer without citation, is that this particular minefield was put in place, mine by mine, over a period of decades, through a process of fairly broad societal consensus.

To those who suggest clearing the minefield, thus permitting this topic to be discussed freely in public, I will invoke the principle of Chesterton's fence [1]: Before you talk of removing the mines, you need to show that you understand why the minefield was created in the first place, and you need to explain why now is the time to remove it.

[1] https://en.wikipedia.org/wiki/Wikipedia:Chesterton%27s_fence

tpeo 4 days ago 6 replies      
Besides ideological self-righteousness, Aaronson left out one important component of oppressive regimes, which I think is actually far more important: it takes a relatively large amount of people to topple a regime, while small groups as well as individuals do nothing but expose themselves by rebelling. So no individual with any regard for his own personal safety has any incentive to rebel, and will instead go along with the flow for as long as it's tolerable to him.

But this, on the other hand, would create an odd situation where actually the vast majority of people might actually wish for rebellion, but none of them actually acts out on that wish. Which I also think is actually much more likelier than what he's putting forward. True crusaders are rare, most of people are "just following orders".

Time.gif hookrace.net
519 points by def-  1 day ago   97 comments top 28
koliber 1 day ago 6 replies      
In 1994 I was in high school, and there were no animated GIFs. One way you could make images move in the web browser was to use a mechanism similar to this.

I wrote a C program which would load 6 frames of a smiley face animation and would feed them sequentially, in an endless loop, to anyone who requested the image. Mosaic was happy to animate them.

I get called in to the web mistress's office. The web server is down. We had a donated Silicon Graphics Origin server, if my memory serves me correctly. This was a beefy machine.

The cgi-bin C program would load 6 images, as fast as it possibly could, and dump them into a network socket. It would not throttle. It would not check if the client disconnected. It had one job. It did it efficiently, and ruthlessly.

Poor server.

janci 1 day ago 2 replies      
I did something similar long time ago with multipart/x-mixed-replace content type. http://zabasoft.xf.cz/clock.gif
nkkollaw 1 day ago 1 reply      
This is absolutely awesome.

I wonder if this can be used to stream regular GIFs, so that you don't have to wait for the whole thing to load before seeing the animation.

I'm currently working on a project focusing on GIFs (https://www.gifsonic.com), I'll definitely study this to see if it's possible.

oxymoron 1 day ago 2 replies      
I did the same thing about fifteen years ago by generating a mJPEG stream from a PHP-script. As far as I can remember, it seemed more reliable than using GIF. See https://en.wikipedia.org/wiki/Motion_JPEG
have_faith 1 day ago 0 replies      
This technique used to be used to embed "videos" into html emails years ago. Haven't seen it used in a long time maybe email clients block the streaming behavior now (for good reason).
ungzd 23 hours ago 0 replies      
Tried to make it output with chunked-encoding:

- In Chrome it shows nothing (looks like it waits for end of stream)

- In Safari it shows only the first frame

- In Firefox it works (shows animated clock)

Branch with chunked encoding: https://github.com/kolen/time.gif/tree/chunked-encoding

warent 1 day ago 1 reply      
This is really cool! Completely suboptimal but fascinating none the less. Great project and idea :) would be interested in hearing some people's ideas for real applications of this
maweki 1 day ago 1 reply      
So this was done during a programming paradigms course at KIT? I'm teaching functional programming basics using Haskell at my university. At the end of the semester we aren't quite that far. But I am far from sure whether this exercise, just looking at the given types, has didactic value and I wonder how much of the stuff the instructor has given and how much the students worked out themselves given the course materials.

I would be a bit hesitant (teaching-wise), to talk about any function of the type IO () -> IO Char -> (Frame -> IO ()) -> IO ()

Although, not to be a spoil sport, it seems like a fun thing to do over a long weekend.

jbochi 1 day ago 0 replies      
This reminds me of a project I've created a few years ago that does live video streaming with endless GIFs: https://github.com/jbochi/gifstreaming
yogthos 13 hours ago 0 replies      
[gifsockets](https://github.com/videlalvaro/gifsockets) is another version of this
Jonas_ba 1 day ago 0 replies      
Very interesting from a tech perspective, make sure you lazy load the gif if you plan on using it after window load event otherwise it's never going to happen and you'll just get the endless spinner :D
garaetjjte 1 day ago 1 reply      
see also raytracing clock on PNG: http://www.ioccc.org/2013/mills/hint.html
otterpro 16 hours ago 0 replies      
Also check out https://github.com/ErikvdVen/php-gifIt generates real-time GIF images with PHP, such as countdown, etc.
royce 14 hours ago 1 reply      
eBay sometimes sends out emails with auction countdowns in them that do something similar.

The first time that I saw an accurate countdown ticking away in an email, it surprised the heck out of me.

scrollaway 1 day ago 2 replies      
Hey, cool, I wanted to do the exact same thing the other day but as a countdown clock. For those saying this has no practical use, a countdown definitely does :)
miduil 1 day ago 0 replies      
When you are running out of time, but still got a decent video player ready:

 $ mpv --cache=no https://hookrace.net/time.gif

lewis12345 1 day ago 2 replies      
Pretty interesting! Increases in size by ~4KB every second though. Probably would take a toll on your browser if you left it open for a while. :)
superasn 1 day ago 1 reply      
This is great. If I were to serve this over apache is there a limit on the connections? I'm asking because I'm assuming there is only a specific number of concurrent connections per child in apache(?).

So if gif 2 is embedded in 100 sites will it bring my server down since children are not closing connections?

LeoPanthera 1 day ago 4 replies      
Doesn't seem to work in iPhone safari. Displays the time you loaded the page but doesn't update.
indescions_2017 1 day ago 0 replies      
Am still waiting for it to finish looping ;)

There's probably a cheap optimization in there somewhere. Diffing frames on each tick, but for that size it probably doesn't matter. Thanks for the link to GifStream!

rad_gruchalski 22 hours ago 0 replies      
The code is constantly 1 second behind.
mrcactu5 1 day ago 2 replies      
> It is written in Haskell and works by dynamically generating each frame of the GIF and slowly feeding them over the HTTP connection.

This seems rather difficult. These are dynamically generated. There are 246060=86400 possible slides, but at download time, we have to find the correct starting point. Did I get that right?

petrikapu 1 day ago 0 replies      
finally useful haskell project
homero 1 day ago 1 reply      
It's slow by 4 seconds
lisper 1 day ago 1 reply      
I don't understand why this is getting so much attention. From the description:

"[It] works by dynamically generating each frame of the GIF and slowly feeding them over the HTTP connection."

So there is nothing (AFAICT) new or interesting going on here. It's just an animation generated by the server in real time that happens to be formatted as a gif. It's no different from what many low-end web-enabled security cameras do.

Markoff 1 day ago 0 replies      
interesting concept, but not very practical compared to www.time.is
charlex815 1 day ago 0 replies      
_Waits for the Node.js implementation_
archergod 1 day ago 0 replies      
it is one of those thing you do because you can do that. If you try to open the GIF only it won't work well and if you try to save it as image it won't work.

for me it has no real application that I can think of, it consume lot of bandwidth and processing even for small size gif.

good knowledge for developer, I certainly cannot even think in that line. But no use of it in current form.

Ask HN: Projects that don't make you money but you're doing it out of sheer joy?
472 points by superasn  3 days ago   554 comments top 60
StavrosK 3 days ago 11 replies      
Oh man, that describes all of them.

http://ipfessay.stavros.io/ - Publish uncensorable essays on IPFS

https://www.eternum.io/ - Pin IPFS files with a nice interface

https://www.pastery.net/ - The best pastebin

https://spa.mnesty.com/ - Fuck with spammers

https://www.timetaco.com/ - Easily make nice-looking countdowns

And this is just the last two months or so? Also, lots of hardware stuff:


yourduskquibble 2 days ago 8 replies      
I just saw this thread, and honestly it is probably too late to get noticed by many, but I'm attempting to 'unsuck the web' with my project[0] by pinning "sticky" website elements where they belong - i.e. the website header shouldn't steal your screen real estate and scroll down the page with you.

My project/uBO filter list removes the "annoying" elements noted above as well as other "features" of websites (e.g. social share bars, cookie notices, etc) through a filter list that works with uBlock Origin.

I update the list often, and admittedly am probably entering into an arms race but I'm just really sick of websites hijacking (what I think) the web was built for (information).

Feel free to subscribe to the filter list by pasting the URL below[1] into the 'Custom' section under the '3rd-party filters' tab of uBlock Origin.

This filter list also works on mobile Firefox for Android with uBlock Origin installed.

[0] Project Homepage https://github.com/yourduskquibbles/webannoyances

[1] https://raw.githubusercontent.com/yourduskquibbles/webannoya...

dmuth 2 days ago 8 replies      
I built a website which offers real-time statistics for Philadelphia's Regional Rail train system: https://www.septastats.com/

This lets public transit passengers answer questions like:

- "My train is getting later and later, is it actually moving?"

- "My train is getting later and later, has it actually STARTED its journey?" (sometimes the answer is "no", sadly)

- "Is it just my train, or are many trains running late?"

- "What was the on-time performance of this train like yesterday? 2 days ago? 7 days ago?" (Some trains tend to be chronically late)

It may come as a surprise that the backend of the system is actually not a database, but Splunk (http://www.splunk.com). DBs are nice, but Splunk is fantastic when it comes to data analytics and reporting.

I'm currently waiting for Splunk to make some of their machine learning modules available for free so that I can start pulling in weather data, train the machine learning component against both that and the train data, and use that to predict the likelihood of any given train becoming late.

jimhefferon 2 days ago 3 replies      
I write math texts that are Free. It is my creative outlet. My Linear Algebra (http://joshua.smcvt.edu/linearalgebra) has gotten some traction (and I get a small amount of money from Amazon). I also have an Introduction to Proofs: an Inquiry-Based Approach (http://joshua.smcvt.edu/proofs) that I find helps my students, but is in quite a niche area. And I'm working on a Theory of Computation.

If I didn't have some creative work I would be much less happy.

superasn 3 days ago 3 replies      
The reason I'm asking this question is because I realized something recently. I've been a programmer all my life. I used to love programming in Delphi, VB :P, Perl, PHP, Javascript, etc since school. I created all sorts of stupid things like Winamp plugins[1], Graphics software[2], Games, etc. It was programming just because i liked making the computer do things for me.

But then somewhere along the line my projects started making me money and then I start reading all these marketing books and my perception changed. Now if I'm creating a site I'm usually more focused on SEO, list building and crippling my software so that I can extract more money from my users. I am making more money but the joy of doing it is gone. I feel bored writing software and generally browse HN and reddit and generally force myself to work.

Maybe it's time to go back to the basics and work on stuff just for sheer joy of doing it :D

[1] https://techcrunch.com/2008/09/27/songrefernce-turns-your-mp...

[2] http://www.makeuseof.com/tag/extreme-article-marketing-conve...

grecy 2 days ago 0 replies      
I created, run and maintain http://wikioverland.org, the community encyclopedia of overland travel

It's a wiki of all the info you need to drive your own vehicle around a country, continent or the world.

Border crossings, paperwork, insurance, gas prices, camping, drinking water, safety... it's all in there for a massive number of countries in the world.

I'm driving around myself, and it occured to me there is so much info out there but it all slides off the front pages of blogs and forums or is buried in facebook posts. Every three months people re-write and re-post the same stuff because they couldn't find it in the first place. The idea is not for WikiOverland to contain all the info, but at least link directly to it.

ztravis 2 days ago 1 reply      

I've always wanted a good Arabic root-based dictionary with vowelling, plurals, etc (basically Hans Wehr online). I also wanted the structured dataset for some linguistic "research".

It was a fun project - I built out a web interface for reviewing and updating entries and put in a lot of hours of manual correction (just to get all the entries to validate - I still have a lot more corrections/fixes to make...). I'm a little burnt out on it at the moment, but I plan on:

- fixing those mistakes and a few other bugs

- cleaning up the UI/display

- moving onto a "real" server framework

- writing up some blog posts about those short linguistic investigations I'd like to do now that I have the structured data

- making an API?

Notably lacking is any plan to promote it... I posted it on reddit and I'd love it if people stumble upon it and find it useful, but I did it mostly as a labor of love and something that I personally find useful!

raphlinus 2 days ago 2 replies      
I have a largish open-source portfolio, including a markdown parser, a regex engine, some music synthesis, and some more researchy stuff like a font renderer and a prototype of concurrent text editing using CRDT's. I'm lucky to be working at Google where I get paid 20% time to work on this, but the motivation is definitely not money.

The biggest item in my portfolio is xi-editor, and I confess I'm wrestling with some of the questions raised in this thread. I think it has the potential to be a serious player in the editor space, with extremely high performance goals (including fast startup and low RAM usage) yet a modern feel. It also has a great little open-source community around it who have been contributing significant features.

Yet it's at the point where it's _almost_ done enough to use for day-to-day editing, and I'm hesitating a bit before pushing it over the line. I think I'm scared of having lots of users. It's also the case that I'm very interested in the engine and the core of the UX, but the complete product needs a plugin ecosystem and along with that ways to discover, upgrade, and curate the plugins (including making sure they are trustworthy, lately a fairly significant concern). That's potentially a huge amount of work, and it doesn't really line up with my interests.

I'm wondering if it's possible to focus on the parts I care about and try to foster the community to take care of the rest, but I'm not quite sure how that would work.

If this were a business and I had some way of making a few coins from every user, then my incentives would be lined up to make the best overall product possible, including the less fun parts. But that's off the table; among other things, there are a number of good free editors out there, and the niche for a better but non-free editor is also well occupied.

Maybe the HN crowd has some ideas?

CM30 2 days ago 2 replies      
Wario Forums and absolutely anything else associated with it:


Yeah, I know it's not particularly fancy, nor does it involve any clever coding tricks or interesting features. However, it's literally the only community on the internet dedicated to the series, and one I've decided to run for a minimum of two decades to make sure said franchise finally builds a decent fanbase.

Is it going to make money?

Probably not, given how the franchise it's based on sells about 2 million copies worldwide at most, and hasn't gotten a new game since either 2013 (WarioWare) or 2008 (Wario Land).

But it's one with a passionate audience that up until recently had nowhere online to discuss the series nor anywhere specifically dedicated to their favourite franchise. So I decided to change that by setting up and promoting a community based on it, with the guarantee I'd keep it open for decades in the hope that eventually a community at least the size of the Earthbound one comes about here. With the hope that eventually I won't need to run the forum because there'll be enough sites about it to sustain a decent fandom.

weddpros 2 days ago 3 replies      
I built https://sslping.com/ to help monitor website TLS/SSL security and certificates. It has 300 users and checks almost 7000 servers every day for TLS problems.

It's a little like SSLlabs server test, only much faster (5 seconds instead of 2 minutes), plus the tests are recurring every day, and you receive the diff if any.

It's always been a joy to receive thank you emails from users, or adding new features for users.

SSLping also allowed me to learn React and Redux. I'm still working on it, adding new features and refactoring what I don't like.

If I ever have to stop hosting it, I'll open source the whole thing. Or maybe I'll open source it anyway. If I could find a deal with a security company, I would work on it fulltime.

I consider it's a success, even if the numbers are not as high as I'd like.

t0mek 2 days ago 1 reply      
Yet another Game Boy Color emulator, written in Java:


It's quite compatible and brought me a lot of fun. Blog post describing it:


purescript 2 days ago 3 replies      
I work on the PureScript (http://purescript.org) compiler, tools, libraries and book in my spare time (along with many other unpaid contributors), because it's the programming language I wished had existed when I started creating it. It's still the closest thing to a perfect environment for web development, at least as far as I'm concerned :)
tomcam 2 days ago 1 reply      
Hope I don't get flagged or anything. I am astounded by the generosity of the amazing people on this page and have been upvoting like a madman. I probably look like a bot at this point
gadgetoid 2 days ago 4 replies      

A somewhat interactive GPIO pinout for the Raspberry Pi.

Not so much out of sheer joy, but because I needed it.

It started as a basic way to explore each pin and its available alt-functions.

Listings of add-on board pinouts were added later for people who want to use multiple boards- or perhaps connect them to a different host.

m52go 2 days ago 2 replies      
100 Million Books -- mission is to promote intellectual diversity.

It's a Chrome extension/homepage that shows you a new book every time you open a new tab, plus a special hand-picked idea that teaches you a new perspective/fact/concept.

I'm evaluating a couple different paths to make it profitable, but it's not currently making anything since Amazon cut me off its affiliate program.


xeo84 2 days ago 0 replies      
Touchboard: http://www.timelabs.io/touchboard Open source app for iPad to send keys to your pc / mac. I use it for gaming, I really find it useful, here is a video of it: https://www.youtube.com/watch?v=s1KOUj9SK_c

I've also made CbrConverter: https://github.com/timefrancesco/cbr-converter

Coverts pdf to cbr and vice versa.

And then there are a bunch of other small projects like:

- Ebay Search Scheduler (schedule Ebay searches with custom parameters)

- Twitter Time Machine (download and browse your twitter timeline) https://itunes.apple.com/us/app/tweet-time-machine-2/id83212... - windows version also available

- Autosleep (put the windows down for good) https://github.com/timefrancesco/autosleep

And many others I really enjoyed making and using.

snickerbockers 2 days ago 2 replies      
For almost a year, I've been writing a SEGA Dreamcast emulator called WashingtonDC. It's slow and it doesn't play any games yet, but it can boot the firmware menu and display the animated "spiral swirl" logo. https://github.com/washingtondc-emu/washingtondc
jconcilio 1 day ago 0 replies      
http://www.penginsforeveryone.com - giving away stuffed penguins. Just because we can. (Hoping to actually register this as a nonprofit, but right now it's basically a completely unprofitable business venture.)

ETA: On the development end this has been a pretty great project for my fiance and I. He built (and I'm learning from his efforts) a database for processing requests, filtering by priority, etc., and then an integration that allows those we want to send to be exported to a file we can pull into our stamps.com account, and that creates drafts of the Wordpress posts that power our map of sent friends. The database is pretty big (we're sitting at about 21K requests right now on a shared hosting platform) so some of the work has been to load the requests asynchronously so you're not waiting for 21,000 rows before you can manage requests...

apancik 2 days ago 1 reply      
I made Plain Email [0] just because I couldn't find any email client with clean work flow without distractions. I use it pretty much every day. Thinking about open sourcing it - just can't find the time to refractor it nicely.

I also built news aggregator 10HN [1] with throttling (ten best articles every morning and every evening). I use it daily and it helped to fight my procrastination a lot. It's also interesting to watch the data how stories evolve and get popularity.

[0] http://www.plainemail.com/[1] http://10hn.pancik.com

rayalez 2 days ago 1 reply      
I occasionally create digital art:


and make video tutorials about it:


Computer graphics is still by far the most fun hobby I've ever had, I absolutely love it, it's like the most engaging computer game you can imagine times 100.

There's not much profit in making art(unless you want to do it professionally), but it's an awesome way to spend my free time, and sometimes it generates some ideas I like to share on youtube.

If you want to get into it, I highly recommend checking out SideFX Houdini. It's a bit technical, but extremely powerful and well designed 3D software, kinda like emacs of CG applications.

codeplea 2 days ago 0 replies      
I have a lot of projects like that!

https://f5bot.com - Social media monitoring. It can email you when your keyword (e.g. company name) appears on Hacker News or Reddit. I don't have any plans to monetize it. I just made it as a small fun project.

Also, like many here, I've made a bunch of open source software for no reason other than the joy of it. Don't ever see that changing. https://github.com/codepleahttps://github.com/tulipcharts

cknight 2 days ago 1 reply      
I built https://suitocracy.com very slowly over the last few years. It is for collating information on the ethical conduct of large corporations, as well as rating and ranking them on various criteria.

It'll never make money, but it has been a good project for me to modernise my web development skills which had gone rusty over the preceding decade. I also took the opportunity to learn NGINX and a few other things that I hadn't really been exposed to beforehand.

teapot7 2 days ago 1 reply      
I guess I do ask for money for this, but it's pretty overengineered and I wrote it knowing that nobody wanted or needed it:

Long ago, when Sun workstations were new and exciting, I wrote a simple Roman numeral digital clock, which just showed the time in Roman numerals.

My friend, instead of admiring my cleverness, said "But that's not how the Romans told the time" - which is true. The Roman day started at dawn and finished at sunset, which meant that day and night length were different every single day, as well as in cities at different latitudes.

Several decades later I did something about it, and wrote it up as a mobile app which showed either the modern time or optionally the Roman time.

Then I made it use the Roman calendar, where you don't have individually numbered days of the month, but count instead how many days until the next Kalends (start of the month), Nones (fifth or seventh day) or Nones (thirteenth or fifteenth day), even if it occurs in the next month.

Then I thought I might as well go all the way, and spent more money than I would ever earn from it on having the help text translated into Latin, just in case any ancient Roman time travellers wanted to use it.

A waste of time and money, but one which made me happy.


OkGoDoIt 13 hours ago 0 replies      
I built an automated prank call system called Insultron a few years ago. You simply send a text message to 765-444-4442 and it will prank call your chosen friend with some randomly generated ridiculous insults. At one point a few years ago I used it on Steve Wozniak since he was a big fan of prank calling back in the day (pro tip for contacting Woz: his personal phone number is in his autobiography, but in order to get through you have to have a caller ID thats in the same area code.)

It used to cost me under five dollars a month using Twilio but its usage has taken off dramatically (completely organically) and now it cost me closer to $50 a month but I keep paying it because its fun.

I also built and ran an implementation of Cat Facts several years ago until that was shut down by my provider because people are abusing it too much.

dogas 2 days ago 1 reply      
I built + maintain todolist[1] which is a GTD-style task management app for the command line. It's getting a bit of traction now which is pretty fun. It got a ton of upvotes on Product Hunt which was really cool to see[2].

I have very loose plans to monetize via a paid subscription for syncing with other devices / phones, but there will always bee a free / open source version as well.

[1]: http://todolist.site

[2]: https://www.producthunt.com/posts/todolist

chubot 2 days ago 2 replies      
I'm building a new Unix shell called Oil: http://www.oilshell.org/

It's definitely not making me any money. I would say the motivation is a little bit "joy" / learning, but also frustration that shells are so old, unintuitive, and work so poorly.

I've been going for about 16 months and it's still fun, so that's good. I think that seeing progress is what make things fun.

vanderZwan 2 days ago 2 replies      
It doesn't have to be a full project, right? Do random drive-by PR-requests to open-source projects count?

A few months ago I ended up scratching an optimisation itch for weeks, trying to figure out ways to make the lz-string[0][1] library faster and smaller. Near the end I went a bit nuts with trying out what works, methinks (nested trees built out of arrays and such), but I had a lot of fun.

It's not even my library, nor did my PR request get accepted/rejected yet. It did however make the compression up to 2x to 10x faster, depending on how well the data compresses.

And hey, I now have an intuitive understanding of LZ compression that I never thought I'd have!

Since a few days I've been working on writing a component for idyll[2] that lets you embed p5js sketches[3]. Progress here[4][5].

[0] http://pieroxy.net/blog/pages/lz-string/index.html

[1] https://github.com/pieroxy/lz-string/pull/98

[2] https://idyll-lang.github.io/

[3] https://p5js.org/

[4] https://github.com/idyll-lang/idyll/issues/117

[5] https://jobleonard.github.io/idyll-p5/

martin_drapeau 2 days ago 0 replies      
Been working on https://www.findyourtennis.com since 2011. Amateur tennis league/tournament management. 3 leagues have been using it recurrently for 3 years here in Montreal. The managers, volunteers, save dozens of hours every season.

Started off as a 'find a tennis partner' forum however getting traction was difficult. Chicken and egg problem. Slowly migrating to solving problems of league and tournament management. Will drop the forum one day. Long transition to do part time.

Now working on a mobile version with cordova. Testing it on the league I am managing. Saves us a lot of time since it automates lots of tasks and avoids the use of Excel.

I don't expect to make money. Market is small and problem is tough to solve. UX intensive. However fun to do on spare time.

My objective is to launch on the app store in 2018. Then I hope lots of leagues around tue world will use to simplify their lives.

nfriedly 2 days ago 1 reply      
Everything to do with cryptocurrency! I wrote trading bot that was actually making a small profit - and then the exchange got hacked and took all of my coins & dollars with it :(

I've started to get into Ethereum and Solidity recently, but mining even a few coins just to have gas money costs more in electricity than they're worth. I'm letting my desktop mine anyways, but when I reach my pools payout threshold in a week or two (it's got a 3-year-old GPU), I'll probably kill the mining. (I know I could just buy some ETH with USD, but that's probably even more expensive and somehow feels different.)

(To be fair it hasn't been all negative - I bought a copy of the game Portal with the first bitcoin I ever earned, and a Kindle with the second bitcoin. But looking at it from a strictly money perspective, I'm definitely in the hole. In theory, it will be positive eventually.. but I'm still not sure exactly how.)

jjjensen90 2 days ago 1 reply      
I run/develop/manage a private MMOARPG game server for a dead game called Hellgate: London that we call London 2038. You can see more about it here http://london2038.com

Not only do I not make money on the project, it actually costs me money! :)

I have seemingly undying motivation to work on it, knock out bugs, release patches, catch cheaters, etc. The community being so active and excited helps keep me going. I probably spend 30-40 hours of week on the project.

Edit: grammar

apankrat 2 days ago 0 replies      
A networking IO abstraction library in C - https://github.com/apankrat/tcp-striper

Based around an idea of IO pipes with minimal semantics (duplex, reliable, ordered) that they can then extend to implement other traits like IO buffering, atomic send, packetization, compression, encryption, etc. [1]

This then allows merging together pipes of different types (by attaching the output of one to the input of another), which combines their traits and yields, for example, a reliable datagram carrier with in-flight compression.

With this it also becomes possible to write a simple IO bridge [2] that relays both data _and_ operational state between two pipes. The bridge in turn can be used to implement all sorts of interesting things, e.g. proper TCP relay, SSL tunneling proxy, TCP trunking proxy, etc.

[1] https://github.com/apankrat/tcp-striper/blob/master/src/io/i...

[2] https://github.com/apankrat/tcp-striper/blob/master/src/io/i...

TamDenholm 2 days ago 4 replies      
I'm grumpy, i dont like christmas: http://whychristmasisbullshit.com/
aroc 2 days ago 1 reply      

A way to motivate people (including myself) to exercise with a chat bot that tracks your progress.

Originally built it to track how often I worked out, and if I didn't, what the reason was and have that reported back to me regularly. Now I have a bunch of people using it, but as you can imagine, makes me zero dollars. Well, technically it costs me money so it makes me negative dollars.

nikivi 3 days ago 2 replies      
I am working on a community curated search engine to learn anything most optimally :


Everything is open source and is MIT licensed, both the search engine and the entire database it searches over.

There are however many things that we can still do to take this idea further. Hopefully more people join to help us with that. :)

neya 2 days ago 1 reply      
This is my current project: https://news.ycombinator.com/item?id=14785209. It's too long to describe in a sentence, but, it's essentially what I call it the mother of all software (internally). I created it out of pure annoyance towards many of the popular services such as Wordpress, MailChimp, Hubspot, Shopify, Unbounce who had screwed up some aspect of their tools. So, in essence this is a combination of all those softwares under one roof.

Here are some things you can do with this software:

1) Research your market, find out your target audience

2) Integrate with analytics tools and understand your users

3) Automate your marketing strategies

4) Maintain a central data warehouse

5) Maintain multi-domain content properties such as blogs, websites, news portals, etc.

6) Host online trainings, build a student list

7) Etc. (read the link: https://news.ycombinator.com/item?id=14785209)

I've been working on it over 3 years now, while trying to jump from one web framework to another. Finally, I've settled down on Phoenix. This project alone has helped me learn so many programming languages and also helped me gain more experience as a programmer in general, while simultaneously being able to integrate new tools and platforms into my pipeline - This is how I learned React, VueJS, Brunch, Google Cloud, etc.

At the moment, I've built this only for myself, just to support and test out my startup ideas. I am thinking of open-sourcing it at some point, at least the core functionality.

But as of now, there's nothing else I enjoy doing on a weekend than working on this project :) (also why I'm still single)

jtruk 2 days ago 3 replies      
130 Story - a daily microfiction challenge.


I started this as a Twitter game a few years ago; it felt like a compact idea with a good hook. Earlier this year I automated it- so it picks its own words and collates the stories on the website itself (mostly successfully).

It doesn't have a big following, but the people who play are passionate about it. Some people play every day, and the most prolific author has written ~650 of them.

I've seen people get better as writers, some experimental stuff (like an improvised longform story built over many daily prompts), and occasionally I see a microstory that knocks it out the park. That makes it worthwhile.

beilabs 2 days ago 1 reply      
Late arrival to this thread. One of my projects involve working with local female co-operatives in Nepal and help them sell their hand made products around the world. Paypal doesn't operate here, merchant services for international cards are impossible to get. They don't understand technology in any way and there is a lot of hand holding.

The site is https://www.pasatrade.com

We make no money off of this, I operate it at a loss, but each and every sale gets more money back to the women who really need it; a few extra dollars here and there can really make a huge difference in Nepal. The interesting part is they make more money on each sale through us than they do locally or selling through Fair Trade channels.

anfractuosity 3 days ago 2 replies      
A few of mine:

https://www.anfractuosity.com/projects/painting-a-christmas-... - 'painting' the LEDs on my christmas tree.

https://www.anfractuosity.com/projects/optical-magnetic-stri... - optically decoding data from magnetic stripe cards.

https://www.anfractuosity.com/projects/zymeter-simple/ - a rather unsuccessful attempt at measuring specific gravity.

https://github.com/anfractuosity/musicplayer - playing .wav files via RF emissions from a laptop.

dzenos 2 days ago 0 replies      
Building https://tuiqo.com to try and solve a document versioning problem. We realized that even though we created a new way to do document version control and avoid "v1.doc, v2.doc, final_final.doc" problem; people won't switch to it because of lack of options such as formatting tools or any other pure editor features. We are thinking of possible pivots we could try out and we obviously don't have a product-market fit.
yogthos 2 days ago 2 replies      
overcast 2 days ago 2 replies      

Sharing funny kid quotes.

Been going for years, not a whole lot of traffic, but the family loves it (that was the intention). Recently migrated from a severely aging kohana/mysql backend to express/rethinkdb.

reagent 2 days ago 1 reply      
I built this dead-simple "image enhancing" app (http://en.hance.me) to focus in on potentially embarrassing details in photos. It allows you to specify a zoom area and create a 4-panel stacked image that progressively "zooms in" on your target area.
domainkiller 2 days ago 3 replies      
Nomie! https://nomie.io The easiest way to track any aspect of your life.
expertentipp 2 days ago 0 replies      
Dead simple personal website in Python and plain JavaScript with contact form, URL shortener, private bookmarks, etc. It's my own territory and I do what I want! fuck unit tests, fuck linters, fuck commit messages length limit, fuck your newest web framework, fuck transpilers, fuck pull requests.
cozuya 2 days ago 2 replies      
My web adaptation of the social deduction board game Secret Hitler: https://secrethitler.io

Pretty fun, don't get to do much back end stuff so its a learning process. Its creative commons so can't make $ off it but the $10/month digital ocean box is doing fine. About 100 players on at peak and always games going.

lawrencewu 2 days ago 1 reply      
I created Juicebox, which lets you listen to youtube/soundcloud songs with other people: https://www.juicebox.dj/

I have made no money off of this. In fact, I've probably paid hundreds in hosting/domain fees. But I love what I've built so far and use it everyday with my friends. Please check it out, I'd love to hear any feedback!

albahk 2 days ago 0 replies      
Free OpenStreetMap Data extracts (be kind, it is a rushed POC at the moment)


I have created a free site containing extracts from OpenStreetMap data. Unlike the metro extracts sites (Geofabrik, Mapzen), my goal is to extract specific datasets such as buildings, schools, hospitals, fast food restaurants etc from OSM rather than standard map/gis data.

My overall goal is to make the extracts available, and then to encourage people who use them and get value to actively update OSM to improve the quality of the data they are interested in. By doing this, the overall quality and coverage of data in OSM should (in theory) be improved.

mimming 2 days ago 0 replies      

I fill out those 'other comments' on order forms with a request for a dinosaur drawing.

jesses 2 days ago 1 reply      
https://gigalixir.com After falling in love with Elixir, Phoenix, Ecto, etc I built this to help increase Elixir adoption by solving the biggest pain point I saw: deploying.
edhelas 2 days ago 0 replies      
Movim, a social network project built on XMPP https://movim.eu/. I'm working on it for 9 years already and starting to have a nice little community using it daily.

I'm really enjoying developing Movim on my free time because I'm still motivated to show the world that we can have decent social-networks and IM solutions by using existing standard protocols (and not proprietary silos like today).

dumbfounder 2 days ago 1 reply      
Twicsy (Twitter picture search) still gets around 1.5 million visitors per month, but nets no money. But I wouldn't call it sheer joy though, maybe sheer stubbornness?


preinheimer 2 days ago 1 reply      
Global Ping Statistics - https://wondernetwork.com/pingsWe have ~240 servers world wide, we get them all to ping each other every hour, and record the results.

We've been generating them for years, they're a pain to store, we've made $0 with it. But I really like the data we're getting. We recently moved a lot of the legacy data into S3 to save our own backup & restore process ( https://wonderproxy.com/blog/moving-ping-data-to-s3/ )

kadirayk 2 days ago 1 reply      
http://apimockery.com/ - API Mocking as a Service

I built it to learn React and brush up my Go skills. I occasionally add new features.

It makes $0 now, but I plan to earn 10$ a month before my amazon free tier expires :)

phuson 8 hours ago 0 replies      
https://fridgg.com - Fridgg lets you create a gallery to show off your own food photography, as well as discover other amazing food photography, delicious recipes, and great food bloggers.
jetti 2 days ago 0 replies      
All of my Elixir open source projects:

 * Plsm - https://github.com/jhartwell/Plsm - which is an Ecto model generator based on existing schemas * Taex - https://github.com/jhartwell/Taex - A technical Analysis library for Elixir. 
I'm also in the process of writing a GDAX (https://gdax.com) Elixir library but won't open source that until it is more complete. I'm using that and Taex in a cryptocurrency algo trading platform I'm developing.

atomashpolskiy 3 days ago 1 reply      
Yes, I've developed a full-featured BitTorrent library in Java: https://github.com/atomashpolskiy/bt/blob/master/README.md#-... . It was very warmly received by HN folks

It was VERY surprising for me to find out that one of the most popular programming languages offers little variety in terms of BT libs/clients. For a long time, if one needed advanced options like DHT or protocol encryption, his only choice would be jlibtorrent (JNI wrapper for the well-known C++ library). Well, not anymore :)

monkey_slap 2 days ago 0 replies      
Working on a GitHub iOS app to make managing GitHub projects easier. Fun part is now that it's shipped I'm using it to manage itself.


Turning this into more of a social experiment now, seeing where he community wants to take this. Publishing download reports and stuff.

Even made a landing page.


CiPHPerCoder 2 days ago 0 replies      
Virtually everything in the paragonie namespace on Packagist generates zero revenue, but we built and maintain them because we want to make the PHP ecosystem more secure by default.


kvz 2 days ago 1 reply      
I'm writing a bot for cryptotrading without having the proper knowledge for something like that. Learning as I go and I expect to lose some money on this (certainly won't give it a budget to manage that I can't afford to lose), but I'm having a ton of fun entertaining the fantasy that I could 'game the system' with my bot
Benefits of a Lifestyle Business bugfender.com
403 points by adchsm  3 days ago   261 comments top 33
weeksie 3 days ago 9 replies      
Sure! Lifestyle businesses are great, and so is the whole digital nomad thing (I spent all of 2016 and a good chunk of 2015 traveling around the world).

There are a ton of upsides but I wouldn't go back to it full time. For one, it's surprising how few of the digital nomad types are really that interesting, and while integrating with local populations is fun, you'll still find yourself missing the familiarity of people from your own culture (or similar, Western cultures, assuming you're a Euro or American)

Once you get used to life on the road it's grand. Still, nomad nests like Chiang Mai are insipid and full of scores of people hustling their drop ship schemes. More power to them, but it's just not my vibe.

I dunno. Go nuts, travel, see a bunch of shit, just don't assume the beach is going to be as stimulating as the (very likely) metro urban environment you're living in now.

sevensor 3 days ago 4 replies      
Your chosen lifestyle doesn't have to involve sea voyages in Southeast Asia or weeklong ski excursions. It could also be living in a medium-sized town in Flyover Country, U.S.A., working 40 hour weeks on interesting problems and spending lots of time with your spouse and children. If you've ever looked around at your Logan's Run coworkers and wondered what happens when you turn 30, here's one of your answers.
wanderings 3 days ago 3 replies      
Lifestyle business beats a startup, until it doesn't. I'm the example. Ran a category leading website for years until I was demolished by a fully focused bad ass team and thrown out of my leadership position. Ultimately, I was forced to sell out at a much lower valuation than I'd have if I were totally focused. It could vary on niche and industry. But one can't generalize it one way or the other. If you have a great position in a big sector and you don't go for the kill, someone else will and your lifestyle business would be likely chewed up by competition. If it's a business with an intrinsic moat(think a retail store in small tourist town), it's likely to sustain. Take frequent breaks while running a bad ass startup, but don't for a while think that you can let the ball drop.
AndrewKemendo 3 days ago 8 replies      
Is there some reason that people keep making the case for creating a standard business that supports one or two people? These types of posts have been pretty consistent over the years: "Take control of your life with a small business" "You don't need to make a massive company to be happy" etc...

I never see articles that encourage: "Here's why you should dedicate your life to starting a company and try to dominate an industry." It's like these posts are fighting against a boogeyman that isn't there.

I think 99% of all small businesses are "lifestyle businesses" where the founders aren't trying to build a market dominating billion dollar company. So who are these articles target to?

Is it simply the amount of press that surrounds VC and hyperscale companies that these folks are rejecting? I don't think any VC or founder has ever claimed that the only way to be happy/make money/do good is by trying to create a massive market dominating company.

pdimitar 1 hour ago 0 replies      
I am getting a strong cognitive dissonance by the loads of people here who conflate "lifestyle business" with "digital nomad". They are NOTHING alike.

Lifestyle business in this sense is a traditional business with minimal / zero external investment, no pressure from greedy VCs and people who have no lives and thus live in the office. A business where you can take a break at any time.

Why do people here equate this with people who travel around the world with a smartphone, clothes and some food?

k__ 3 days ago 1 reply      
Can we please stop calling regular businesses "lifestyle business", like it's some hobby for people who don't want to work in a " real" startup?!
orthoganol 3 days ago 0 replies      
From someone who's done both, they are not comparable, directly, but they have a complementary relation: The DN (digital nomad) life is absolutely an engine for the kind of creative and free thinking that engenders killer startup ideas. Startups are "the thing" you want to commit your life to, the world-changing vision that you're ready to sacrifice for; the DN/ lifestyle business/ remote gigs mode is the fertile ground, for when you lack strength of vision, you don't know what you want right now, so you slow down, gain experience, and grow your thinking.

Only ever doing one in your life without the other is unenviable, and makes it hard to fully enjoy and appreciate, or even excel at, whichever one you've chosen.

Grustaf 4 hours ago 0 replies      
One thing that is hard to have in a lifestyle business, especially one that is combined with constant travel, is innovation. A lot of people do startups because they want to create something radically new and impossibly ambitious, something that doesn't currently. If that is what drives you then doing web dev consulting will not be very exciting, even if you do it from a beach in Bali.
ArmandGrillet 3 days ago 2 replies      
"A good lifestyle business could even be turned into a multi-million dollar company, if thats what you want.": I've stopped reading there, I don't understand how articles that empty can arrive on top of HN. These questions (where to work? On what? How much?) get way better answers in "Ask HN" threads, articles coming from nowhere with a topbar selling me something are really not making me dream anymore.
boyce 3 days ago 2 replies      
This digital nomad thing just looks hellish to me. Maybe I'm getting old.

Can't imagine being somewhere nice but glued to a laptop, or getting anything useful done without reliable wifi etc, or being part of a team where the boss has gone on holiday but still showing up in slack etc.

I'd hate to feel like I wasn't part of the team for not getting our kids together or not wanting to holiday or spend a day off with colleagues. I'm not impressed by instagram or medium posts from perfect looking beaches giving business advice.

Not sure when a lifestyle business went from being a business that fits around your lifestyle to making the appearance of living an idealised lifestyle everybody else's business.

miheermunjal 3 days ago 3 replies      
I... I feel I can't believe the company has 1) top salary, 2) top benefits 3) unlimited travel 4) work remote 5) top enterprise clients 6) small teams 7) work as much as you want?

either someone is ridiculous at managing at all of this (kudos!) or something is slipping somewhere. Even in custom-dev it can be cutthroat, especially with large-scale projects and demanding clients.

jasonrhaas 3 days ago 0 replies      
Meh, kind of a generic article about how you should prioritize lifestyle over building a startup. I guess this is nothing new to me, I did the digital nomad thing with Remote Year for a year and change, and now I'm still working remotely in Austin, TX.

I do miss the constant travel, there is always something coming up to look forward to. When you are in one place, not constantly traveling, you have to make your own fun. Which is why I've taken up other things like riding motorcycles, brewing beer, and speaking at my local Python meetup.

All that year I was working full time as a Python Developer while traveling constantly. Every weekend was an epic adventure. It's an amazing lifestyle if you can pull it off, but its not for everyone can definitely will wear on you after a while.

buf 3 days ago 0 replies      
I own a lifestyle business and I work at a startup as the founding engineer, but I work remotely.

When you work remotely, you can treat both your lifestyle business and your gig the same, insofar as you have the freedom to take an hour off your gig to do some calls for your lifestyle business in the middle of the day, or you can test particular technologies on your lifestyle business before you commit to it in your startup.

I find them both to be healthily married.

I still have the freedom to hang out with my kid at lunch, or work from a far away place, while at the same time achieving my career goals and attaining financial independence.

Mz 3 days ago 0 replies      
Give me a break. He is playing fast and loose with terminology and it is disingenuous because he is twisting lifestyle business to be whatever he wants it to mean while dissing startups and not giving that term the same flexibility to be "anything that grows fast, even if it doesn't eat the CEO's life."

I hate the term lifestyle business and articles like this one are part of why. I have given my POV previously here:


My recollection is that Plenty of Fish was started by one guy who never took VC money, so he got to keep all the money when he sold for millions. Articles like this don't mention examples like that when justifying their biased opinion that "lifestyle business" = good and "startup" = bad. (In part because of the lack of VC money, I assume that Plenty of Fish was not a pressure cooker. Upon rereading my comment, that assumption does not seem clear.)

chatmasta 3 days ago 1 reply      
A lifestyle business seems fundamentally incompatible with a team oriented business. Let's assume the goal of a "lifestyle" business by a single founder is to automate all operations such that little to no work is required on the part of that founder.

Ok, that's all well and good. But some of that "automation" will inevitably be delegation to the founder's employees. So the employees have to work. The founder doesn't have to work. How can the founder possibly show good leadership and build a strong team if his goal is to work as little as possible?

As a founder, you are responsible for the well being of your employees. That's why they're employees, not independent contractors. If you're working four hours a week with a team of employees, there is a high chance you're shirking some responsibility toward them.

And if you decide to be a full time boss, then you're still building more than a business. You're building a team that you are responsible for. That is, you "answer" to other people - your employees. At this point, the advantages of a lifestyle business over VC funded business ("low hours," "not beholden to anyone") start to lose their luster.

If you're interested in building a team, and a lasting enterprise, then it becomes more logical to just take some seed funding so you can safely pay your employees and ensure an early growth trajectory. Whereas if you're only interested in a totally automated business to provide you and your family a stable income, then you should avoid hiring employees because you'll just end up beholden to them.

Thus the ideas of a "fully automated lifestyle business" and a "lifestyle business with a strong team" seem at odds with each other.

mcone 3 days ago 1 reply      
Site seems to be down. Here's the cached article: http://archive.is/p5ZLR
alissasobo 3 days ago 1 reply      
At a certain point, this blog post seemed mostly about the great traveling opportunities that this company offers its employees. That's' neat, for employees who are kid-free. But as a developer married to developer... with 2 kids under the age of three... I can tell you that those work retreats abroad actually become pretty challenging for families. At a certain point.. people want to have kids. I would find a company who made their employee perks more about realistically supporting families far more appealing.
swlkr 3 days ago 0 replies      
Lifestyle businesses eventually give you more of what you really want, freedom.

VC backed startups seem to just give you a new set of bosses.

tixocloud 3 days ago 1 reply      
I think what's important here is that we each have to know what our lifestyle aspirations are.

For some folks, a lifestyle business is better suited for them as they are looking to get more time out of their lives to do other things.

For others, a startup might be better because they have more control over whatever product/service they are providing.

znq 3 days ago 1 reply      
Just in case people are more interested in the details of the business we run, Indie Hackers recently ran an interview with us https://www.indiehackers.com/businesses/bugfender
thefuzz 3 days ago 6 replies      
I'm someone who is thinking of changing carriers at 30 to become a developer. I love the idea of cutting out bureaucracy and office politics and be paid decently. I'd love any thoughts and advice from more experienced people about what I should do in the next 12-24 months.
lafay 3 days ago 1 reply      
I'm all for lifestyle businesses and side hustles. But some ideas really do require a lot of up-front capital. It's hard to imagine Tesla, SpaceX, Boom, or Nest succeeding as lifestyle businesses.
fiatjaf 3 days ago 1 reply      
Has "lifestyle" changed its meaning? It seems to mean now that if you're "focusing on lifestyle" you are kayaking on the Pacific Ocean.
josh_carterPDX 3 days ago 0 replies      
I have grown both a lifestyle business and a startup and I still don't know which I prefer. I mean, it's nice to have some flexibility, but it's also nice to find the capital that helps propel your business faster. It really depends on the business, the person, and what you'd like to get out of the venture. At the end of the day it's a preference. I don't think one beats the other.
rb808 3 days ago 1 reply      
The people who I've seen who have the best lifestyle have big chunks of work followed by big chunks of time off.

They tended to work 6-12 month contracts followed by 3-6 months off. This works great in a good economy, when it turns sour its more difficult.

The other happy group worked in mines or oil rigs on a month on month off schedule. They got paid tax free and had 6 month long vacations a year to travel.

I think I prefer those options to working while travelling.

kornakiewicz 3 days ago 8 replies      
What does 'a lifestyle business' mean, anyway?
lquist 3 days ago 0 replies      
Also this doesn't have to be an either/or decision that you have to make on Day 1. We started our business as a lifestyle business and as it got traction have decided to pursue a startup approach. On track to do $10M+ revenue this year :)
chet177 3 days ago 0 replies      
You could pretty much have the lifestyle you want wherever you are. You don't need to go anywhere really, unless you want to be snorkelling or scuba diving everyday

Most days you just want to eat well, exercise, meditate, do a good job, try'n make some money, spend time with family, and sleep well. The odd day you do feel adventurous just take off on your motorcycle or hop on a plane.

No great scenic view will make your life automatically better. The scenic view in itself is only benefit there is. That I have to agree!

goodroot 3 days ago 0 replies      
Many comments in here make the dialogue feel like a roiling cauldron of over-work and burn-out. Whether you're nomadic, working in a start-up, working at a mega-corp, working at the the grocery store, balance in life is crucial.

In knowledge work, how can one really spend more than 40 hours producing quality output? It becomes an unhealthy compulsion to sate a hyper-stimulated existence instead of a strategy for creation. Whichever way you choose to work, focus on health and ample rest. The rest will take care of itself.

astrowilliam 3 days ago 0 replies      
I've been working in tech for the last 10 years. I've come to the point that I need to enjoy my life and not sit in an office 10 hours a day, coding for someone else's vision.

So I started a brand ( https://lasttrystuff.com ) of my own so I can enjoy an active lifestyle while adventuring. It doesn't quite pay as much, but the trade offs are immensely satisfying.

lazyjones 3 days ago 1 reply      
How does the business case of such a "lifestyle business" look, i.e. the numbers? I'm not sure whether operating out of a sailing boat is affordable for small companies and the $6500 MRR of bugfender can't be covering it...
matchagaucho 3 days ago 0 replies      
Not sure I'd agree with the OP's definition of Lifestyle Business, given he's operating a service company with employees, payroll, clients, and sales quotas.

That's no less hectic than a start-up.

jjmorrison 3 days ago 0 replies      
Sounds great if you want to optimize for your personal happiness. But not a feasible way to really make an impact on the world. The world needs more of the latter IMHO.
Apple staffers reportedly rebelling against open office plan bizjournals.com
404 points by V99  4 days ago   390 comments top 23
seorphates 4 days ago 8 replies      
Working in open office plans is simply awful.

Personally I believe remote work, for any tech-enabled employer, makes the most sense. The impact on infrastructure by removing commuting alone could maybe help save the planet. And our collective sanity.

Wouldn't it be nice to have ISPs that can provide an infrastructure that could actually support that? I think so.

The hideous effects of cluster-fucking hundreds of thousands of people daily just needs to stop. Tech companies are guilty. They're huge and, humbly opined, are idiots for making it worse and not really needing to. Top that off with an open floor destination and.. damn, work is beat.

inetknght 4 days ago 10 replies      
My company only has offices for upper management. Everyone else is at a table. Tables are arranged in groups of four.

Now, I get it, some people like open office environments. Good for them.

Me? Well, I've told many coworkers that I can't work from home because I wouldn't work from home. There are too many distractions at home, so I need to be at the office to be productive.

But this open office?

There are days where I am convinced I would do more work, be more productive, and feel more satisfied if I worked from home.

I went and bought some noise cancelling headphones. They help, but definitely not enough. My table is by the main door. With a room of 40+ engineers, there's constant distracting traffic. Some people make snide comments about my choice of operating system, keyboard, language, editor, typing noise, attire, whatever. Or to chat about the games that I missed last night, something happened at the not-company-sponsored-happy-hour that I didn't get the invite to, or something about lunch that, you know, you should have been there and if only you wouldn't leave the office for lunch. Or about how your racing car is in for the shop because, well, actually I don't even care why. It's just in the shop (I know! you told me!) and you expect me to care about car parts too, and shame on me for not knowing the difference between a maserati and a miata.

On the other hand, any time I mention to my boss that I'd like at least a cubicle the response is "it's not going to happen". Thanks, boss! I'm glad you've got my productivity concerns on your plate. I'm glad they can just, you know, be heard. Not addressed, just heard. It's really helpful to be heard. All day. It's real helpful to hear everyone's discussions while I'm trying to do work.

Honestly, guys, if you like an open office environment, that's good for you. Not everyone wants one and not everyone works well in one.

Joeri 4 days ago 2 replies      
Apple has insisted in presentations to the city of Cupertino that the open floor plan designs are conducive to collaboration between teams, per Bloomberg. But the high-level executives, including Apple CEO Tim Cook, are exempt from this collaborative environment and have offices on the fourth floor of the new building.

See, this is exactly what's wrong with open plan offices in most places. If a CEO honestly believes open plan is better for collaboration, then they need to eat their own dog food. That CEO needs to be sitting right in the middle of things. If they find they can't get anything done as a consequence of the collaboration they are in the right place to take action to fix that. And if they are able to achieve productive outcomes, they are also in the right place to argue against people who say it's not possible. Letting upper management avoid all the downsides of the open plan layout causes problems with it to fester and will bring overall worker satisfaction and productivity down. In short, it is bad management to treat management in a special way.

loco5niner 4 days ago 2 replies      
Hopefully, more and more companies experience backlash from this. It is a horrific mistake to add distracting elements to most programmers environments. Even worse, in my open office plan, they put our very loud finance group right next to us. Absolutely no thought of noise management was considered, except for putting in horrible "white noise" generators that set off my tinnitus Thankfully, my direct manager is understanding and let me turn off the one directly over my head. And by directly over my head, I mean about 4 feet.
nemo44x 4 days ago 4 replies      
It all seems so backwards. Instead of having collaborative working spaces with private rooms for meetings, doesn't it make more sense to have private rooms for working and collaborative meeting spaces?
hkmurakami 4 days ago 1 reply      
It's really kind of amazing to me how in 20 years we've gone from laughing at the cacophonous, claustrophobic, diseases-transmission-inducing, open office plans of other economic regions (ex: the traditional Japanese office http://1.bp.blogspot.com/-CadIFZ3h638/T7yGtzdxVDI/AAAAAAAABe..., or the Wall Street trading floor), to precisely emulating their layouts (with better superficial aesthetic design), inheriting both their economic efficiency and productivity inefficiencies.

I'll take a cube farm with 5 feet walls any day over an open office.

chmaynard 4 days ago 3 replies      
I worked at Apple during the years when the company designed and built its first campus at 1 Infinite Loop in Cupertino. As I recall, Apple R&D employees were considered stakeholders and participated in the design of the interior spaces. Apple wisely decided to give each engineer a private office. There were open areas near the offices with comfortable furniture and whiteboards for engineers to meet and collaborate. I worked in one of these buildings from 2001-2007, and I can confirm that the work areas were beautifully designed and ideal for fostering productive work. It's sad to hear that Apple apparently abandoned this approach in its new campus.
aetherson 4 days ago 1 reply      
I am fairly close to someone who works at Apple. His team is avoiding the new spaceship building. He mentioned wanting to keep his office, but that was just one part of several different complaints, including just "it turns out that the building isn't big enough for most of the people who work at the HQ in Cupertino," and "My team would probably have to split up in awkward ways because not everyone would be able to work in the spaceship (due to space constraints)."
nashashmi 4 days ago 8 replies      
Man, I remember in college when we would be working long hours in the library on a computer lined up in a row of computers. Every one would be intensely working on what they needed to. Sometimes two would work together. This was especially true before presentations when we were trying to put our stuff together. It was neat. It was collaborative. It was fun. And we were happy.

Open floor plan is reminiscent of those days, but it isn't working. And I cannot figure out why. What's missing? Intensity? Work? Stress? Team building therapy? Or just trust? Whatever it is I hope we figure it out.

sidlls 4 days ago 2 replies      
Open offices diminish workers to cattle status. Most work, even the kind many developers would not think of as being so, in tech companies requires thoughtfulness often and collaboration less often. I consider open office plans to be disrespectful and an indicator of second-class status.
minwcnt5 4 days ago 0 replies      
Headphones are a poor solution to the noise problem in open offices. I find it uncomfortable to wear them for 8 hours at a time, and it means I can't overhear the conversations I do want to overhear. Sitting elsewhere only works if I have a task I can do on a laptop; for serious development work I need a lot of screen real estate. That solution also has the same problem as headphones where I might miss important conversations because I'm too busy hiding from noise created by people doing work completely unrelated to mine.

There's a pretty happy medium, 2-10 person offices (with 4-5 being the most common size) with glass walls. Google used to have a lot of these before completely open plans became en vogue, and it was very rare to hear complaints. They allow frequent interaction with your most common collaborators while blocking out conversations from distant teams. They reduce visual distraction while still allowing in lots of natural light and inviting conversation. Doors were usually left open, so it was pretty comfortable to walk into another office and start up a conversation.

With the giant, open, chicken-farm style floorplans, people feel too self-conscious about dozens of people overhearing to have small 2-3 person conversations near their desks, which means more formal meetings with all the associated overhead, and fewer impromptu questions like "hey does anyone know of a tool to do X?" And then you're still more distracted anyway due to all the typing, people walking by, large groups being loud when gathering to eat lunch or go to a meeting together or whatever.

I only see two advantages of completely open floors: slightly cheaper (glass offices can be made almost as dense, but not quite, and I guess the glass partitions aren't free), and better circulation to dissipate bad odors more quickly.

kevinburke 4 days ago 1 reply      
One solution to this problem would be for Apple employees to form a union and collectively bargain for better working conditions. Probably just threatening to do this would lead to significant concessions.

Any Apple employees interested in this should contact Maciej Ceglowski on Signal at +1415-610-0231.

knorker 4 days ago 1 reply      
I recently watched the movie Office Space.

Oh, such a wonderful working environment. To have the privacy and isolation from distractions and interruptions that a cubicle gives. What I wouldn't give to work in such a great office space.

chank 4 days ago 1 reply      
My company recently switched to an open floor plan. It's done nothing but increase distractions and office gossip. Everyone I know tries to get away from their desk as often as possible. Ducking into side rooms, attempting to work from home, and just plain using any excuse to escape the zoo.

Management loves open plans because it's the cheapest seating arrangement. They claim that it will increase collaboration while exempting themselves from having to deal with the environment. The truth is that just being able to see someone without walking over to their desk isn't going to magically make you communicate with them more or make your output higher. Some people like open floor plans but it's been my experience most people don't and just grin and bear it while slowly dying inside.

borplk 4 days ago 0 replies      
> open floor plan designs are conducive to collaboration between teams

This is just an overused cover-up story to avoid stating the real reasons which is cutting costs and monitoring employees.

They use "collaboration" so that you can't voice your opposition to it easily.

If you do that they will beat you with the "not a team player" and "not a culture fit" sticks.

Then in reality unhappy employees sit next to each other with noise cancelling headphones whose job has been unnecessarily harder than it already is because now a part of their mental focus and capacity is actively going towards ignoring distractions.

synicalx 4 days ago 1 reply      
We're going one step better at my work with our new/future office, "Activity Based Working". All the trappings of "open plan" but with even more features to make Government work more soul-crushing and complicated.

One office, with desks for 80% of the staff (because the other 20% need to take the hint and resign). Each desk only has one monitor, keyboard, and a mouse. If you've got certain ergonomic requirements, or need a colour accurate monitor, or a large monitor, or several monitors then you're just a naysayer who is obviously not productive enough to understand the ways of the future.

No one 'has' a desk, instead you grab your laptop out of your locker each morning and go find one. Or you might be allocated a desk via a morning raffle, not sure on this one yet. At the end of each day you clean every surface with alcohol wipes, which you then queue up to place in the singular bin that services the 300ish staff. Anyone who sits at the same desk twice will have to complete "Activity Based Working" training, in much the same way intoxicated road users may attend a DUI class.

There will also be no car parks for staff, who are being encouraged to use public transport. The fact that this public transport doesn't actually exist yet is just a "growth opportunity", but who's growth we're referring to here is not yet clear.

This might all sound like a joke, but the sad thing is it's 100% serious. Literally all of the above has been set in stone by minister that our department reports to.

pimmen 4 days ago 0 replies      
"But the high-level executives, including Apple CEO Tim Cook, are exempt from this collaborative environment and have offices on the fourth floor of the new building."

Because private offices offers control over your working environment; if you need to collaborate, use a conference room, if you need a quick discussion, call them up on Slack.

I'm not going to touch wether or not the CEO has earned the best working environment, but let's bring attention to the fact that the CEO is promoting less control over your working environment for his employees and claim open-office plans offers all kinds of benefits, while the C-level management chooses to opt out. Either that's very noble of them to sacrifice all the benefits of open-office, or they're being a bit disingenuous about why almost everyone else gets an open-office plan.

a3n 4 days ago 1 reply      
In (almost) all open office environments, people above a certain level have private offices.


Why don't they want to be as productive and collaborative as their reports? Conference rooms and phone rooms are just as available to them as they are to the rest. They can probably even afford much better head phones than the rest.

I just don't see enough of a difference to justify it.

pasbesoin 4 days ago 0 replies      
Apple has the money to afford whatever it wants. If it's like any other place I've seen, I expect there's longstanding communication of one or another sort from high performers that they want distraction-free environments.

From what I've observed of such high performers, they are not anti-social nor anti-collaborative, nor are they "crippled" in either respect. Rather, many of them are the most capable in these areas, because they actually pay attention and focus on getting things done -- and done as well as time and resources allow.

The fact that Apple, like many workplaces I've observed, chooses to ignore this and push a paradigm that increases their stress and decreases their effectiveness and efficiency?

Well, as I learned in my own experience, over the years: This is just a fundamental level of dis-respect.

I don't know anything about Apple work internals, specifically; the last time I intersected with those peripherally was in the early '90's.

But when you blatantly disregard what employees tell you -- and in this case, "professional" employees who have a high degree of training and awareness about the tooling they need, including their work environments, to be most effective. Well, that's just disrespect.

And employers who persistently engage in such, deserve what they get. I hope -- because at some point, this counter-productive... "ideology" needs to die.

P.S. Those employees that want cubicles or open-space? Fine, give it to them. I don't want to dictate environment, either way.

Trust your employees to select what works best for them.

And measure the results. Objectively, not in the typical performance review ex post facto rationalization and justification.

In my own experience, top performers cautiously (politics) leapt at the chance to work from home and otherwise gain undistracted blocks of time to adequately focus on complex problems and program management.

Those who embraced the cycle of endless meetings, interruptions -- including environmental -- and superficially-addressed delegation? They faced the same problems, month after month, cycle after cycle.

nupertino 4 days ago 0 replies      
I wonder if anyone will make a claim about necessary workplace accommodations under the Americans with Disabilities Act for ADD/ADHD. I already take medication which makes it almost OK for me to share an office - a recent change for me after 20 years. But I'm still freaked out by someone literally 3 feet away from me. My social anxiety and borderline asperger's really make me seize up until I can be alone in the late afternoon / evening.

When I had my own office, I was able to do things like coordinate health care, talk to my wife, and eventually the divorce lawyers, but with the knowledge that I could close my door and have privacy - now I have to escape to a staircase to have a private conversation.

Plus, I'm terribly annoying to be around. From my mechanical clicky keyboard to a desk overflowing with artifacts and fidgets of various ilk, sharing a workspace means subjecting everyone else to my idiosyncrasies, mumblings and offensive body oder.

brudgers 4 days ago 1 reply      
Good architecture does not come from curved glass and 1mm joints between materials. It comes from human habitability. Why build a building that makes people unhappy? It seems to miss the point.
norea-armozel 4 days ago 0 replies      
I'll never understand the fascination with firms repeatedly going for the open office plan. I remember seeing pictures from the early 20th century where such offices existed full of people typing away. I don't know how they handled the noise or the fact they couldn't isolate themselves to do their work whether it was repetitive or novel in nature. It just seems like firms think of labor as a singular mechanical process and not as something that's done in an irregular and discoordinated fashion (as I've seen in my personal experience from working in factories and currently working in software development). I really think managerial practices need to update with the facts instead of forcing the facts to fit with their expectations.
skc 4 days ago 0 replies      
Every article I've read about this building in the past has gone to great pains to point out the artistry, elegance and taste that was applied in building it.

I now find it highly amusing that at Apple, form over function won out yet again.

JavaScript for People Who Hate JavaScript zachholman.com
424 points by ingve  4 days ago   325 comments top 30
cel1ne 4 days ago 14 replies      
Background: I learned Javascript 1997 and kept up.

I have extensive experience in ES6/React for the browser and Java/Kotlin for Server-, Desktop- and Mobile-Apps.

A week ago I switched a fairly new project from the usual setup (react/babel/webpack) to Kotlin-code only. My IDE compiles the Kotlin to JS now and webpack serves it as usual.

Writing the react-bindings took me an hour, after that my productivity went up by about 10.000%.It's finally on par with my productivity on server and desktop. No type errors, fast refactoring, no "undefined" errors and all the goodies (extensions) of Kotlin.

Removing the complex eslint settings and babel-setup from webpack and package.json felt triumphant.

My JSX looks like this now and is completely typesafe:

 val LieferungenList: (props: ListProps) -> ReactElement = { Datagrid { div { className = "..." ... } TextField { source = "date" } TextField { source = "produktname" } EditButton { } } }
I even get compiler-errors when I nest HTML-tags the wrong way (h1 inside h1) or so.

I couldn't be happier. I'll never touch plain ES6 again.

sametmax 4 days ago 7 replies      
TL;DR: JS with a ton of make up and tooling to not write JS is not as horrible as it used to be.

Well. That doesn't make it awesome either.

You just traded some problems for others.

Like the damn source map never working correctly, the build time being longer and longer, and the never ending list of plugins you expend every day after stumbling on yet another small-minuscule-not-that-important-I-swear detail.

The tool chain you spend more and more time on, despite all the "5-minutes" bundles provided by facebook or on githubs.

Explaining things to new comers has never been as difficult as it is now. Teaching is a pain.

Choosing your stack is a dangerous bet, and the odds and steaks are changing all the time.

If you opt-in for a flux architecture, you will soon write Java-as-in-the-90 on the frontend instead of Javascript, with so many adapters and design patterns as layers you will become angry.

If you don't (you-totally-don't-need-redux-to-use-react-guys) then most documentations and tutorials will not answer your questions, and you are own your own solving every single problems. Even the simplest ones, like redirecting on a route after data changes and closing a panel at the same time.

"Libs, not framework" means you need to relearn everything, rewrite a lot of code, tests and doc and renew maintenance for each new project. Meanwhile nobody agree on what a the proper stack is.

JS, despite all the paint on the rust, still has the old gotchas. This is still weird. ";" is still auto inserted. "==" still compares like nothing else. Errors come in different so many different forms it's not funny. Basic maths assumptions like commutativity are out of scope. Still no namespaces, but instead we use monstrosity like webpack and incompatible import systems to encapsulate things. Stdlib still doesn't have essential things like hashing, string/date formatting or encoding. Even basic operation like removing an element from an array using an index is a pain.

No, I'm sorry, JS has not become awesome. We just arrived to a point were we accepted we have everything to built with it and agree to pay the huge price for it. That's all.

Projects like vue.js makes me think there is still hope we end up with elegant tools from people who care. But right now I just embrace the madness and make money with it: all those poor customers don't realize the trap the current mindset lead them to, and I have so many solutions to the problem they should never have had to sell them.

twii 4 days ago 8 replies      
Omg, so this guy thinks he knows why I'm hating Javascript? Well, it's definitely not because of the lack of types, or because without Prettier my code looks shit, neither would it be the lack of E6/ES7 features since I'm using Coffeescript 2. No, I hate Javascript especially for it's conitnuously changing ecosystem being forced upon you. You named Dan Abramov? Ah, the guy who deprecated almost all flux in favor of his own idea (Redux), or by deprecating React Mixins, because he thinks Mixins are bad, Higher Order Components is the new holy grail?

If I am looking for a job as a Javasript developer at the moment it is not about my coding skills, it is about my willingness to adopt all those hyped technologies, and the author of this article is just making it worse.

I also hate Javascript for all those people reading this that think I don't understand it yet, and are going to explain me how great ES6/ES7, Promises, and/or Typescript are. Please don't.

pmlnr 4 days ago 4 replies      
Don't compare JS (or any language) to any other language - or any language to another language. People wrote a lot about it (Your language sucks because... - type things). JS is just another language.

The JS ecosystem is wild and moving way too fast, but even that is not really the trouble with it: it's that it's being overused.

He mentions DHTML at the beginning, which was the perfect example of using too much of something: mouse trailing bouncy balls with falling snow, my, I don't really miss those days.

Yet we're here in 2017 and React & Co. is crippling the web. Plain simple news or a blog site rendering with JS? AMP, loading megabytes of Javascript, claiming to speed up the web? When your product is text, how about you serve text and maybe only boost it or do analytics with JS? I know it's not fancy, but for a lot of sites out there, JS based rendering is completely unneeded.

In case of web apps... A little while ago I listened to a talk of front end colleagues, claiming that we'll speed up the site by async calling some blocks, so the initial content will get down fast and the less important ones will follow. When I asked if we're measuring the very end render time - the one that heats the CPUs, because you offload the rendering to the client, which can get quite stressful - the answer was 'no', mostly because nobody knows how to do it. I also asked about how screenreaders will work with this, and they thought I'm talking about mobile, which is extremely sad, and no, I'm unaware of any screenreader-friendly JS based app. (Screenreaders are the programs literally reading out the text for visually impaired.)

Google and FB offers fallback, HTML-only solutions to their services, because the realised their things don't work on slow connections and/or slow devices. Maybe this should be taken as a sign.

pbowyer 4 days ago 6 replies      
I've gone through the same experience this year, having picked up modern JavaScript, Angular2, TypeScript and RxJS for a project.

For me it was TypeScript that did it. I came to appreciate strong typing. And ES6, fixing the 'this' scope problems and with a conventional class syntax (I understand prototype inheritance is clever, but it's not the way I've been trained to think). I didn't get to use async/await for various reasons, but that looks to remove my third pain point (callback hell/promises/observables).

RxJS remains a mystery (I swear the API wasn't designed for humans) I use and hope it works, and combining code that use Observables with those that use Promises still wakes me up in a cold sweat.

But now going back to old territory (PHP, Symfony) I miss it. Yesterday's miss was union types. TypeScript has spoiled me.

golergka 4 days ago 1 reply      
It looks like the author didn't mention the main reason many of us hate Javascript: weak typing.

Weak typing is great for small-scoped project without a lot of business logic. But when there's a lot of data, a lot of assumptions about it, and, most importantly, these assumptions change A LOT during development - which happens all the time in game development, for example - strong typing is a godsend.

When I make a change in a strong-typed language, I deliberately make it in such a way that the code won't compile unless I complete it. If I can make something a compile-time instead of a run-time error, I do it (and that's why I dream of switching to Rust one day - on some game engine two generations from now, unfortunately). When I refactor something, I know that compiler will let me know if I forget to change it somewhere.

Compiler is my dearest friend. Compilation errors are his gentle hints that make my code better and prepare it from failing in user's hands. Without it, I feel lost and always on my toes. I have to write tests instead. I have to launch the project (which, when it uses a lot of resources, always has overhead) and test everything by hand. When I write a big project in Javascript, I feel like a minefield, unsure of what's broken and what's not.

I can't understand how people write serious, big projects in weak-typed languages.

agentultra 4 days ago 1 reply      
I was a Python developer for about 10 years before joining a startup that works almost exclusively in Javascript. I had to swallow my pride and make the best of it. I had a huge, smug chip in my shoulder.

ES6 has made the language tolerable. Enjoyable even. It has even been a decent medium for mentoring more junior developers who haven't had any exposure to functional programming in school. I can show them combinators, functors, applicatives without all of the usual ceremony in a more pure language. For that JS has been quite nice.

However for my own projects I just use GHCJS or Bucklescript and compile down to JS. Google Closure and Webpack are fine tools for shaking out the unused code and bundling everything up.

TazeTSchnitzel 4 days ago 3 replies      
I disliked JavaScript, but then I read JavaScript: The Good Parts, and I saw that with a bit of discipline* there's something quite pleasant underneath. It's a book that, rather than being focussed on telling you what not to use, instead shows you various approaches to programming with what you should use. If nothing else it'll give you food for thought and unlearn you of your worst beginner habits. Mind you, it's a dated book and ES6 added a lot to the language.

*don't listen to every suggestion of Crockford though; e.g. having to hoist your variable declarations is as obnoxious an idea in JavaScript as it is in C

eecc 4 days ago 2 replies      
Meh, all I got from this article is that this guy is writing a calendar app.

Perhaps that's the whole point of this post. ;)

mhd 4 days ago 0 replies      
My problem with the current Javascript culture (which definitely includes the React infospace) is basically the inverse how I felt about C++ back in the day. Then, in the early years of the second age, I felt that the libraries and frameworks I was using should use more of the then-current standard, like the STL, RTTI or whatever was hip and promosing back then.

These days, it seems that every feature that is semi-supported in at least one transpiler isn't just used (in various ways) but in fact begets a whole slew of libraries. Especially when we're talking about ways to circumvent the async-hole.

Other transpiled languages will either have the equivalent features, use lots of inline JS or ditch large parts of the ecosystem. While the latter would be possible if NewLangs standard library is big and good enough, I'm not feeling particularly optimistic about that.

Quite likely that C++ history will repeat itself: Just use the core language and a minimal library and do everything yourself (back then that was e.g. C++/Win32/ATL, not sure what it'll be for my future browser-based projects. Modula-3, I miss thee.).

inopinatus 4 days ago 0 replies      
I've gone through a similar experience with Rails 5.1 which has, having ditched jquery, gained support for webpack, babel, yarn, and vue.js (& react) instead; and thereby made writing JavaScript an order-of-magnitude less painful for me.

I feel that ES6 is a palace built on the ruins of a garbage dump and an odd stink still leaks through from time to time, but like the author, I can work with it now without loathing what I'm doing.

GeneralMaximus 4 days ago 1 reply      
I primarily built frontend applications, so JavaScript is pretty much the only programming language I use on a daily basis. I'm not in love with it (although post-ES6 JS is quite pleasant to write), but I don't mind it as much anymore.

The reason? I feel like JavaScript is heading in the same direction as Java. The core language is highly flawed, which has resulted in the community developing build-time tooling and editor niceties to keep things sane.

In the future I expect to see more tools like Flow and Prettier, and existing tools and editors becoming smarter. I'm excited for improvements to JS as a language, but these days I'm more excited for new tooling.

kreetx 4 days ago 4 replies      
This probably comes off as said from an ivory tower, but I don't think it's the people from other untyped languages who hate JavaScript nowdays. ES6+ looks pretty good compared to Python/Ruby/PHP perspective, and it works in the browser!
skocznymroczny 4 days ago 2 replies      
I switched to Dart few months ago, it actually makes JavaScript bearable. I never get to see the actual generated JS code.
sAbakumoff 3 days ago 1 reply      
I really enjoyed the writing style of the article - "hottest shit on the street", "Its just a yarn install away", "DHTML was totally rad, like how the Budweiser frogs were rad."...just brilliant! Also gave me a good nostalgic feeling about DHTML..
manx 3 days ago 0 replies      
I also started learning JS in the DHTML era and wrote small games and toys for IE4. I did PHP stuff for almost 10 years and it was my main programming language. But at some point I stopped doing webdev, since the whole thing was a big mess and didn't seem to get better. I hated it. After a long break I decided to do another web project again and worked with Scala in the backend and Angular and ES6 in the frontend (about 2.5yrs ago). At first it seemed to be a lot better, but we ended up with another working but unmaintainable SPA. Adding new features required a lot of knowledge and was a pain. In this project I tried and failed to implement a solid Graph Library in JS. This motivated me to look at ScalaJS and write this library part of the app in Scala. It worked very well and I was amazed by the JS interop. From this point on I develop new web-apps with Scala in the full stack and am very happy with it. I suggest to try it yourself for the frontend, since it has a very similar syntax to JS.The type safety avoids most runtime errors and therefore painful debugging time. Compile times became a lot better recently.


The real power comes when you share your data structures and algorithms with the backend, get a type safe REST API and macro-based high performance json/binary serialization.

simonlc 4 days ago 0 replies      
Lots of people relate ES2015 to giving us a better javascript, but the core language remains the same; the changes are just additions.

Building a tool chain can be an extreme pain in the ass because everyone is still experimenting, and trying to make the web better. Things like web workers, hot module reloading, and code splitting are relatively new, and don't have mature tools or patterns. Yes it's hard to learn, and yes it takes a lot of time, but once you learn a few tools you can keep using them over and over. I've been using gulp and browserify since 2011, and recently switched to gulp+webpack for code splitting, and HMR, and the switch couldn't have been easier.

finchisko 4 days ago 2 replies      
I'am huge fan of JavaScript and personally don't like both Ruby and Python, but would never write an article titled: "Ruby/Python for People Who Hate Ruby/Python". I just don't use them. Writing such a article is IMO arrogant and bad for your karma. I understand some programmers are forced to use JS against their will (because there is not other person for the job), but if you hate JS and you're not forced to use it, please just don't use it and then you don't have to write such a negative and opinionated articles.
DonHopkins 4 days ago 0 replies      
The best way to truly hate something is to know it very well.
mr_ali3n 3 days ago 0 replies      
Sorry, not trying to be a d*ck here but I don't get the point.

You said you don't like the NodeJS eco system as you need to install thousands of packages to get your work done whereas on the other hand, your find CRA which uses tons of NodeJS packages to get the work done.

Secondly, code splitting, Babel, bundling has nothing to do with CRA, they are just standalone packages which works well together.

Third, "Whats more, updates are great. Its just a yarn install away.", Isn't this something which NPM does as well?

Syntax - Again, nothing to do with ReactJS, it's babel which comes with polyfills.

So am just curious here to understand that how exactly CRA changed your mind where 90% of what you are doing is pure JS and has nothing to do with ReactJS?

rcarmo 4 days ago 1 reply      
I've been using Node 8 again after a few years of staunchly avoiding it, and the pain of selecting the right kind of libraries to use async/await sanely without having to massage promises (and .then()) is still there - in that sense, I feel very much like that cat with the strawberry beret on the article heading...
vmware513 4 days ago 1 reply      
Interesting, because Create React App is fairly new tool, however Ember CLI gives you the same thing for years now... so JavaScript World was always cool, at least for Ember.js developers. ;)
tchaffee 3 days ago 0 replies      
One thing I like about the more quirky languages like JavaScript and PHP, or even the far less quirky but still dangerous C language, is that they force you to write good tests. You don't get the false sense of confidence some other languages give you. I'm still not positive if static types are a poor man's test suite, or if a test suite is a poor man's static types, but I find tests are far more flexible and great at describing intent.
swlkr 3 days ago 0 replies      
The latest js tooling is certainly light years ahead of where it was last decade, but it's a double edged sword, because now it takes a lot more effort to get something going.

Indie hackers like myself are still better served by vanilla rails + turbolinks, it gets you something that feels fast wtih a lot less effort.

tambourine_man 3 days ago 1 reply      
This guy's got a great sense of humor. I pissed my pents with the linked[1] 1x1.gif article.

Or maybe I'm just as old as he is.

[0] https://zachholman.com/posts/only-90s-developers/

lopatin 4 days ago 0 replies      
> [Prettier] Its basically like gofmt for JavaScript.

Gotta mention jsfmt, which is actual gofmt for JavaScript. Awesome tool, hasn't been updated in a while though. RIP Rdio.


peterbe 3 days ago 0 replies      
vitomd 4 days ago 0 replies      
If React or Vue.js dont click for you try Riot.js https://github.com/riot/riot Its a minimalistic js library with a lot to offer.I made a tutorial some time ago, I think it could give you a glimpse about what you can do http://vitomd.com/blog/coding/hello-riot-js-quick-tutorial-a...
davidreiss 4 days ago 0 replies      
People either hate javascript with a passion or they love it with religious zeal.

Maybe it has to do with the fact that it's used mostly for web programming? But geez, there seems to be no middle ground when it comes to javascript.

But it doesn't come close the division over Perl. Yikes.

dmitriid 4 days ago 4 replies      
Javascript is only going to get worse. Much worse. TC39 proposal "process" is driven by a never-ending self-congratulatory circle-jerk. Any concerns are dismissed with "people on TC39 discussed it, they know better, how dare you question their wisdom".

While there's still time, escape to TypeScript (though it will be flooded by crap from TC39 soon enough), ClojureScript, Kotlin, Scala.js, Elm, Purescript

The Google memo isnt sexist or anti-diversity, its science theglobeandmail.com
588 points by 20100thibault  4 days ago   634 comments top
Ajedi32 4 days ago 11 replies      
Not much new here. This article is essentially just re-affirming all the scientific statements that were already made in the original memo, backed by links to scientific studies.

Only difference being that the author of this article has a PhD in sexual neuroscience (so people might have a harder time accusing her of not knowing what she's talking about) and is female (so some people might have a harder time of accusing her of sexism).

Why GitHub Can't Host the Linux Kernel Community ffwll.ch
387 points by okket  3 days ago   232 comments top 22
clarkevans 3 days ago 3 replies      
As I understand, Daniel Vetter is proposing a "monotree" as a source code control pattern where a monorepo (and its branches) is not the primary place where development is done, but is rather where works are integrated from subordinate repositories. In particular, he's asking for GitHub to support coordination (issues and pull requests) spanning upstream repositories that are indicated by a particular change request.

I was hoping to see discussion of the merits of this proposal here on HN... not a regurgitation of Torvalds' positions and personal demeanor. What other projects use a monotree? does it work well? How do those projects coordinate changes across subordinate repositories?

jacquesm 3 days ago 3 replies      
I'm fine with that. Github is 'too large to fail' already, adding the Linux kernel to the pile and forcing the kernel team into Github's workflow are two big negatives. It would be great for Github but bad for everybody else.
snakeanus 3 days ago 6 replies      
I can't really see the obsession that everyone has with centralised and closed services like github. We need to start moving away from them, not move more projects to them. Mailing lists and NNTP make decentralisation quite easy while being open standards and without having the need to have any account in any centralised service, why drop all these features away?
mi100hael 3 days ago 4 replies      
There's also Linus's personal aversion to how GitHub implements many opinionated workflows.

 > I don't do github pull requests. > > github throws away all the relevant information, like having even a > valid email address for the person asking me to pull. The diffstat is > also deficient and useless. > > Git comes with a nice pull-request generation module, but github > instead decided to replace it with their own totally inferior version. > As a result, I consider github useless for these kinds of things. It's > fine for hosting, but the pull requests and the online commit > editing, are just pure garbage. > > I've told github people about my concerns, they didn't think they > mattered, so I gave up. Feel free to make a bugreport to github.

mmagin 3 days ago 3 replies      
I imagine after the Bitkeeper fiasco, Linus and others are disinclined to become dependent on a proprietary service.
liaukovv 3 days ago 5 replies      
This font gave me a headacheWhy not write with white on white? It would be so stylish
monorepoman 3 days ago 2 replies      
Lost me at "And lots of people learned that monorepos are really painful, because past a certain size they just stop scaling." Plenty of counterexamples of monorepo projects much larger than Linux kernel.
mpd 3 days ago 0 replies      
Frankly, I think the Linux kernel is too important to even consider subjecting itself to the Github T&C, community guidelines, etc.
ericfrederich 3 days ago 2 replies      
Someone desperately needs to come up with an open source replacement for GitHub that is completely decentralized. Sure GitLab exists and the repo is decentralized since it's Git, but issues, merge requests, comments, etc aren't Git based (though they could be)
hyperion2010 3 days ago 0 replies      
Here is another overview of how the kernel uses git and why no emails is simply not possible (or sensible). https://www.youtube.com/watch?v=vyenmLqJQjs
tomschlick 3 days ago 1 reply      
The kernel seems better suited to something like Phabricator instead of Github. Keep Github simple and clean for our "normal" projects.
taeric 3 days ago 1 reply      
I actually really like the MAINTAINERS file. Keeps the metadata literally in the repository and doesn't rely on an external system.
shmerl 3 days ago 0 replies      
Is there some similar reason why Debian doesn't use more convenient bug tracking system that would allow a Web frontend?

I don't mind periodically using reportbug, but using something like Bugzilla is way more convenient.

vbernat 3 days ago 0 replies      
Not mentioned in the article, but work is also coordinated by maintainers with the use of patchwork. For example, for the network subsystem: http://patchwork.ozlabs.org/project/netdev/list/. This enables tracking the status of a patch and not loose them.
IceDane 3 days ago 0 replies      
This website is completely fucking unreadable on mobile. But hey, at least it's stylish or something.
TheChosen 2 days ago 0 replies      
I love using GitHub, but there is an established process and home for the kernel that works and I see no reason to change it.
web007 3 days ago 1 reply      
> Please support pull requests and issue tracking spanning different repos of a monotree.

Issue tracking you can already file against one or more repos and link them together. It's not ideal, but it'll do the job.

Is "pr against different repos of a monotree" not what submodules let you do? Update whatever things you want in whatever repos, and pull the submodule pointer update(s) as a single change in your monotree repo.

feelin_googley 3 days ago 1 reply      

Why does this blog need to be whitelisted with Adblock Plus? See data-adblockkey in HTML source. Are there any ads in this page? (Maybe owner wants revenue from domain parking?)

Why is this blog not working with simple user agents that do not process javascript (e.g., curl, etc.)?

mcs_ 3 days ago 0 replies      
> Like pull requests, issues can be relevant for multiple repos, and might need to be moved around

Not sure about the Linux kernel (no enough experience) but same issue across multiple projects looks something necessary...

Boothroid 3 days ago 0 replies      
Ugh that font is unreadable on my phone.
linkmotif 3 days ago 1 reply      
Oh wow, the MAINTAINERS file is a work of art: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/lin...
hgdsraj 3 days ago 0 replies      
Can we get a trade on this font, gosh it's bad. Color and weight both need to be increased. Seriously #00000 on #FFFFF makes life easy with a font weight of at least 400
Tesla raises $1.8B reuters.com
314 points by rising-sky  1 day ago   188 comments top 19
11thEarlOfMar 1 day ago 30 replies      
Let's talk about Solar City.

Their product is intended to be a solar roof, indistinguishable from a typical roof from street level. Costs look to be in the $50,000+ range. The marketing is that homeowners will not only drive electric vehicles, but go completely off grid by storing the energy collected into Tesla batteries.

In order for this to make financial sense, there needs to be an ROI for the homeowner. So... how long will it take the homeowner to recoup that, say, $75,000 investment?

I am currently spending about $125/month on electricity. That's $1,500 per year. Two Tesla's would run through about $1,000 [0] of electricity in the same year. That's $2,500 per year I'd spend on electricity to my grid operator.

That's 30 years to break even.

I could probably buy an equivalent roof-mounted system for half that, and the batteries, and see a return in 15 years. Is the aesthetic worth the longer term payoff?

Or would Tesla see more uptake in new home construction where the cost of the roof can be amortized into the construction cost?

I understand that Solar City has a different financing biz model, are they going to continue with that.

[0] http://www.greencarreports.com/news/1090685_life-with-tesla-...

dopamean 1 day ago 6 replies      
It's interesting to me that in May of last year Snap, Inc raised about the same amount of money. I've never understood how some companies need so much money. To me it makes sense for Tesla. They are building actual cars and that is expensive. What on earth did Snap need a 1.8 billion for?
d_t_w 1 day ago 3 replies      
Is there a difference between 'raises' and 'borrows'?

I read this as Tesla took investment of $1.8B (presumably in return for shares), but in this case they have issued $1.8B of bonds, so they've effectively taken out a loan.

Animats 1 day ago 2 replies      
Tesla sold $1.8 billion of eight-year unsecured bonds at a yield of 5.30 percent.

That's considered junk bond level today. Historically, it's not a bad interest rate. It's an OK deal for Tesla.

vit05 1 day ago 2 replies      
"Tesla aims to boost production to 500,000 cars next year, about six times its 2016 output."

What is the new goal to 2020? 2 years[0] ago they were expecting delivery 500,000 cars in 2020. If they will do that this year, maybe their new goal is to finally put a foot in the top 20 group of world manufacturers[1]?


mattnewton 1 day ago 2 replies      
It's heartening to see financial markets helping a company with such potential for positive externalities. Sometimes maybe the system does work!
simonebrunozzi 1 day ago 3 replies      
A little imprecision in the article: "The company, founded by Musk in 2003" is untrue. Musk joined the company after it was funded.
ChuckMcM 1 day ago 0 replies      
5.3% counts as junk these days? Wow, I miss the 13 - 22% days :-). Certainly shows a lot of confidence in Teslas ability to produce Model 3's. It also is going to squeeze the short sellers a bit harder as the capital is going to push out their 'dead by' dates. I feel no pity for them.
rmason 1 day ago 2 replies      
If there are any college student hackers interested in pushing boundaries MHacks is going to allow you to hack a Tesla this September in Ann Arbor.
legulere 1 day ago 3 replies      
Maybe they can use it to pay their workers fair wages [0] or to improve work conditions to be not twice as bad as in the rest of the industry [1]

[0] https://www.forbes.com/sites/alanohnsman/2017/02/09/unionizi...[1] https://amp.theguardian.com/technology/2017/may/24/tesla-fac...

mathattack 1 day ago 1 reply      
So much for their running out of money. Impressive that they can get it from the bond markets. Highlights maturity as a company.
ryanwaggoner 1 day ago 1 reply      
The "junk bond" rating and high debt load makes me a little nervous, but maybe that's irrelevant and this is just them raising money as an accelerant because they can get it at a good price?
chisleu 1 day ago 0 replies      
Looking at the stock price, people seemed to know 5 days ago.
doener 1 day ago 0 replies      
"Tesla (TSLA) bonds were oversubscribed by $300 million, $1.8 billion raised for Model 3 production"


nyxtom 1 day ago 0 replies      
I hope this works, otherwise we are all screwed when earth continues to catch fire
erdle 1 day ago 2 replies      
How much of this is actually being used to pay down SolarCity debt?
throwaway81122 1 day ago 1 reply      
Tesla should just mint their own crypto. IF filecoin gets 200M for a white paper, Tesla can get 20B.
mack1001 1 day ago 3 replies      
If tesla can get 500,000 cars out there, ICE cars are toast. Enough of legacy cars and makers.
Aron 1 day ago 1 reply      
The tension is building! They've got all this money, they've shown a few of the cars, they've got half a million deposits, but the cars are just dribbling out of the factory right now like pre-ejaculate.
Critical security updates for Git, Subversion and Mercurial marc.info
359 points by mnw21cam  2 days ago   124 comments top 20
jjnoakes 2 days ago 2 replies      
It's interesting to me that the fix was pattern matching the ssh hostname and banning a starting hyphen, rather than (say) passing "--" to ssh to signal the end of the intentional options so a hostname of "-oProxyCommand=whatever" is interpreted by ssh properly (as a hostname which can't be reached, instead of as a rogue argument).

I thought this was a fairly well known way to pass arbitrary strings to commands and ensure they aren't interpreted as options (for commands which honor "--", like ssh does).

icc97 2 days ago 7 replies      
Kudos to Chocolatey on Windows, they immediately updated their Git package [0] to v2.14.1, so a simple `choco upgrade -y git` gets me up to date. If only life on Windows had always been this hassle free.

[0]: https://chocolatey.org/packages/git

skj 2 days ago 0 replies      
Report from the person who discovered the vulnerability: http://blog.recurity-labs.com/2017-08-10/scm-vulns
innocenat 2 days ago 1 reply      
Just a note for everyone on Ubuntu, the fixed version for Ubuntu 16.04 is git v2.7.4-0ubuntu1.2 [0].

[0]: https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2...

jomar 2 days ago 2 replies      
A "ssh://..." URL can result in a "ssh" command line with a hostname that begins with a dash "-", which would cause the "ssh" command to instead (mis)treat it as an option.

It's a shame, because the Git dispatching code ought to be able to invoke the ssh command via

 ssh -p 22 -etc -etc -- <hostname>
to prevent interpreting options in <hostname>, thus defusing the in-band signalling causing this. But I suppose it can't depend on every ssh implementation understanding this "--" POSIX utility syntax guideline.

bburky 2 days ago 0 replies      
Wow, git's url bugs always seem to become easily exploitable due to .gitmodules.

I found CVE-2015-7545 a few years ago, a malicious URL using the ext:: scheme could cause code execution. It was only easily exploitable because you can ask the client to fetch any URL you want via git submodules. (This vulneriblity was fixed, and since then the entire ext url scheme was disabled by default.)

aroberge 2 days ago 0 replies      
This may be of interest to people using git on Windows and have malwarebytes installed.

I tried to install a new version and found I could not as there was another version that was present. Git did not appear anywhere as a program to uninstall. I tried to delete it (from an admin account) and it failed with an access denied - and no other information.

The solution was to use LockHunter (https://lockhunter.com/) which informed me that malwarebytes was the program preventing me from deleting it. Using LockHunter, I removed the lock and successfully removed the old version of git.

rubayeet 2 days ago 1 reply      
At the time of writing this, no official binary release for Mac[0], you have to build from source.

[0]: https://git-scm.com/download/mac

chungy 1 day ago 0 replies      
> * In the same spirit, a repository name that begins with a dash "-" is also forbidden now.

This will negatively affect https://github.com/nasser/---

HeadlessChild 2 days ago 0 replies      
Fix has landed for Debian Jessie/Stretch in the security repo


captn3m0 2 days ago 0 replies      
Arch Linux has the new package in testing: https://www.archlinux.org/packages/testing/i686/git/
megous 1 day ago 0 replies      
A lot of the time people use git to get source code to build and run on their computers. You can probably hide a nefarious code in many places, where it would be less noticeable, too, like pre-generated configure/Makefile.in scripts. I don't think anyone reads those. Another reason to welcome those new simpler configure/build systems like meson/ninja.
cyphar 2 days ago 0 replies      
This was already submitted earlier today (https://news.ycombinator.com/item?id=14984044).

It's actually quite easy to reproduce (the RCE aspect comes from the ProxyCommand and LocalCommand SSH options that you can set from the SSH command-line).

djstein 2 days ago 0 replies      
For MacOS users simply use:`brew install git`Then restart terminal instance.
avivo 1 day ago 2 replies      
Is there any site where as security vulnerabilities are disclosed, you can see each what platform/contexts are affected, which have updated, and how to do that update?
ing33k 2 days ago 2 replies      
VrEdxxx 2 days ago 1 reply      
I wonder how can I do it on OSX without brew or port?
numbsafari 2 days ago 1 reply      
I wonder how many "git client libraries" in various languages are also impacted by this.
the_common_man 1 day ago 0 replies      
FYI, Cloudron has pushed out updates for Gitlab, Gogs (from their slack).
diegoperini 2 days ago 2 replies      
How can I do it on OSX without brew or port?
Americans Are Dying Younger, Saving Corporations Billions bloomberg.com
312 points by mcone  4 days ago   306 comments top 15
buserror 4 days ago 14 replies      
I've been saying that for years. Here in europe, the reason the life expectancy is high is that it's based on people who die today at ripe old age, many of them having been retired 30 years, sometimes more... They are 85+, and they drag the mean age of death thru the roof.

When THAT lucky generation is gone, I think statisticians will realise that their children are /nowhere/ near as lucky, and I'm pretty sure the life expectancy number will fall off a cliff.

I don't have anything to back it up mind you, but raising the age of retirement, more stress related to job stability, whatever, you name it; it's just empirical but I've seen a lot of people in my environment die in their 60's -- many of them who had a perfectly 'sane' way of life.I know what you are thinking, many more people will die at 60 then will die at 90, but I'm still pretty sure there's some underlying pattern here.

Also, I do have a vague impression that making access to the NHS more difficult PLUS raising age of retirement EQUAL MOAR PROFITS for someone, somewhere.

Mahn 4 days ago 6 replies      
I have this theory that in a couple decades or three most of the developed world will enter a health crisis, as everyone will suddenly realize that we've been eating and drinking like shit for a long time. Almost 3/4 of what you can find in your average grocery store today has unnecessary amounts of sugar, salt and/or chemicals added and no one seems to care. Someday we'll look at the food we eat now like the way we see tobacco today.
gthtjtkt 4 days ago 0 replies      
Reminds me of this article from The Atlantic last year:

> For the last several months, social scientists have been debating the striking findings of a study by the economists Anne Case and Angus Deaton. Between 1998 and 2013, Case and Deaton argue, white Americans across multiple age groups experienced large spikes in suicide and fatalities related to alcohol and drug abusespikes that were so large that, for whites aged 45 to 54, they overwhelmed the dependable modern trend of steadily improving life expectancy. While critics have challenged the magnitude and timing of the rise in middle-age deaths (particularly for men), they and the studys authors alike seem to agree on some basic points: Problems of mental health and addiction have taken a terrible toll on whites in Americathough seemingly not in other wealthy nationsand the least educated among them have fared the worst.


bmc7505 4 days ago 1 reply      
But wait, there's good news: If you don't die quickly enough, they'll help!

Taking too long to die: Some 'terminal' patients can lose hospice benefits: http://www.news-press.com/story/news/2017/07/28/too-long-die...

sddfd 4 days ago 2 replies      
The absurdity is that life insurance/pension companies assume live expectancy is actually rising.

The company providing my pension fund estimates my life expectancy to 114 years - a fantasy number, albeit one that /increases/ my monthly payment and /decreases/ my expected pension.

twoquestions 4 days ago 9 replies      
Now I'm imagining our economy like some cruel volcano god, demanding blood in exchange for temporary safety. "People's lives are getting worse, look how much money that's making us!"

It's as if people exist only to make money, actually making people's lives better be damned. I doubt people will tolerate such a vampiric system for much longer, especially if it doesn't feel the need to conceal it's fangs anymore, and what comes afterward keeps me up at night.

joosters 3 days ago 1 reply      
I don't get it. The article does not say that life expectancies are decreasing. It says that they are still increasing, just not as fast as they were a few years ago. But the article (and most of the comments) seem to think it means that people are dying younger. That's not what the data is saying.
albertgoeswoof 4 days ago 1 reply      
It's difficult to predict mortality rates. Advanced healthcare techniques (e.g. CRISPR) could completely eradicate entire classes of diseases (kind of like how anti-biotics and vaccinations changed healthcare completely), or they could lead to nothing.

So we might find that the average age of death jumps up by 20+ years in the next 50-60 years (just like it did after WW2).

Nuclear war aside we almost certainly won't see a drop in the average age.

SamBoogieNYC 4 days ago 1 reply      
This headline is mindbogglingly dystopic and crass
emodendroket 4 days ago 2 replies      
Good news, everyone.
maaaats 4 days ago 4 replies      
How does the pension system in USA work? Do the companies pay you a small salary after you retire? It reads like that. In that case, what about the place you worked until you were 40, are they still on the hook? What if the company closes down?
swah 4 days ago 6 replies      
I never understood why everyone is against smoking if it saves those corps money in the long run.
Chardok 3 days ago 2 replies      
Its not hard to see why exactly Americans are dying younger. Hell, just look at the headline here.

When you have increased wealth concentration flowing upwards and more involvement of profit machines in people's lives (healthcare, correctional facilities, food, environment), people on average are working harder for less pay with increased cost of living. This means less recreational time to blow stress off, less time for doctor visits (not to mention the fun games our federal government is playing with healthcare), and less time/money/emphasis to treat yourself spiritually/psychologically. I am hardly surprised this equates to higher mortality rates.

America has a huge problem spending money on the betterment of its citizens, and it is starting to show.

mathattack 3 days ago 0 replies      
Looking at the chart, it seems like they're reading an awful lot into 1 or 2 data points. It's very noisy data.
Shivetya 4 days ago 2 replies      
purely anecdotal, but when my Doctor tells me he cannot tell fat people to diet because bad surveys affect the reviews of Doctors and their hospital; surveys from both government and insurance companies; it should be a clear indicator we are doing something wrong. He cannot connect their diabetes to their weight, only suggest what foods would help manage their diabetes without crossing the line into mentioning weight management.

what are people's actual expectations for how long they should or can live? I am at the age where I am not seeing relatives who I grew up learning from passing on, I am even having coworkers pass on. Perhaps I notice it more when people younger than I go.

OpenAI at the Dota 2 World Championships openai.com
484 points by frisco  1 day ago   210 comments top 45
darrenkopp 1 day ago 6 replies      
Really was quite interesting to watch (https://www.twitch.tv/videos/166172514?t=7h3m10s). Honestly, the bot played _extremely_ well, but I think the biggest advantage was how much faster it's reaction time was and it's movements were likely much more precise than a human is with a mouse.

I'm pretty interested in seeing their 5v5 results as well. It seems like that will have similar results as the bots can coordinate, but it's still a bit up in the air.

I'm really not sure how well a bot like this would do with 4 human teammates though. I would guess the bot would be a strong laner, but fairly weak overall due to it's inability to communicate, though if it's really good at learning how it's current teammates are playing as it goes, it may do alright.

I'm also pretty curious about the match limitations: no shrines (regen), no soul ring (mana regen at expense of some health), no raindrops (fixed amount of magic damage block)

dvt 1 day ago 3 replies      
Saw this live and as someone that's played Dota for many years, it's not as impressive as people make it out to be. A Shadowfiend 1v1 is primarily a test of mechanical skill and not judgment.

A similar comparison is if a Counter-Strike or Quake bot would instantly snap to your head getting a headshot. Like, yeah, cool I guess, and it would beat 100% of human players 100% of the time, but it's not even remotely as impressive as Chess or Go. The razes in particular are "skill shots" that are sometimes hard for humans to estimate whereas for a robot it's just simple math.

I will say that the one impressive aspect of the bot was raze faking, but I think that it was one of those cases where it was "coached" (same as the creep blocking).

ahh 1 day ago 4 replies      
The developer interviewed claimed that there was no domain-specific knowledge and implied (though didn't explicitly state) there wasn't any training against non-OpenAI bots or players. (I'd love to know the reward function they used for whatever Q-learning variation they ran with.)

If this is accurate, one of the things I'm most impressed with is that the bot figured out creep-blocking. (I can't find a good GIF, but this is walking in a wiggly path in front of the first wave of neutrals on your side, delaying their progress and pushing the lane towards you, which is good for ~reasons.)

Creep blocking isn't all that hard in dexterity--I am a terrible dota player and I can more or less do it. And it's one of the most common pieces of dota knowledge; every pro player does it and since it's relatively easy compared to a lot of pro micro, everyone else rapidly learns they should.

But nevertheless--the bot had enough games that it could randomly jump in front of the wave enough times that it noticed a win rate improvement for that slight wave push, and begin to do it intentionally? (And then get good at it?) Damn.

One thing I don't really know about Q-learning and the typical nets used for it: I am guessing it is likely that internally to the bot's evaluation functions, there is some learned feature whose activation correlates well to the location of the wave equilibrium (since that's a feature that correlates well with winning!) At that point, is it likely that the bot can learn in smaller increments--that is, it knows that pushing equilibrium towards itself is good, and thus randomly creep blocking a little becomes reinforced (rather than having to notice the creep block's effect on game wins?)

habitue 1 day ago 6 replies      
So an interesting thing you could do as a game company with an "unbeatable" bot is to use it to balance a metagame. Let the bots all play each other and tweak character stats etc until they win a proportional amount of the time. (This presupposes that the bot learns the game the way OpenAI claims it is, without needing to learn from player replays or from playing in a very different way than human players do with tree search etc)
UnpossibleJim 1 day ago 3 replies      
These types of MOBA games are a good precursor of military unit management. To be honest, I'm not totally sure whether to be happy or sad about this sort of thing. The strategic control of drone units on a combat field, without the loss of personel (on the countries with this technology, anyways) should make me happy, and does, to a point. BUT the potential for abuse (and, no, I haven't even begun to extrapolate towards the Terminator, nightmare scenarios) is rampant. Fewer people with a conscience on the battlefield or controlling the apparatuses of war may or may not be worth the cost of the lives of young men and women..... but I think wars should be fought by old men and women with swords, anyway. If you're old and can look i to the face of your enemy while you kill them, there's a better chance it's worth killing and dying for (by the numbers, anyways).... plus, the President, Congress and the Senate have to serve in combat positions, in my little fantasy scenerio =)
kibwen 1 day ago 3 replies      
In the interest of a "fairer" comparison, I wonder how much of a difference it would make to force the AI to simulate mouse/keyboard input and interpret the raw screen buffer output, rather than using direct APIs into the game's guts, to more faithfully emulate its human opponent. I'm guessing the peripheral inputs wouldn't be much of a hurdle, but the image processing step could be very interesting.
obastani 1 day ago 1 reply      
I think one of the biggest challenges in moving from 1v1 to 5v5 is the substantially increased possibility of creative strategies. In a 1v1, there isn't that much room for innovation, making it a perfect target for existing AI techniques, which are good at learning what is "in the data" but have not yet been shown to be capable of thinking outside the box. In contrast, in a 5v5 matchup, a much wider range of strategies is available. I'd imagine that in this more flexible setting, AIs would be highly vulnerable to cheese strategies, or in general strategies they have never seen before. Furthermore, if there are any exploitable quirks in the AI (which seems quite likely, given the established lack of robustness of neural nets), I have no doubt that clever human players will be quick to exploit them. On the flip side, I think that makes 5v5 a far more challenging and interesting goal that would be very exciting if achieved!

As a side note: I think the most impressive aspect of this AI is that it was trained without watching any human games. In contrast, AlphaGo was bootstrapped from a bunch of existing human games, which I imagine was crucial to its training. Being able to learn how to fake out the human player without having seen this action before is quite impressive.

justicezyx 1 day ago 3 replies      
To be clear 1v1 mid lane is harder than 1 unit v 1 unit in sc. But it is at least 3 levels behind 5v5 human play.

So first it's laining, which is showing in the game.

Then is the ganking basically 2-3 player working together.

Above that that's 5 men team fight.

Then you have the strategy planning in the band pick phase, and in game movement coordination.

There are other things like item choices, in game communication etc.

I guess bots never tilt...

This 1v1 match is definitely a proof of the strength and maturity of modern AI.

It will be extremely interesting to see if they can train a bot to achieve the above intelligence. If so, I guess the game is pretty much losing a lot of its appeal.

joefkelley 1 day ago 0 replies      
This will be HUGE for competitive Dota, even if they never take it further.

In much the same ways top chess players have learned from engines, I have to think top Dota players will practice against and study the hell out of this bot if OpenAI makes it available.

Not everything is replicable by humans... for instance I noticed it constantly animation-canceling razes and only finishing it if it was going to hit; a human will definitely mess this up. But other things can definitely be used. It was positioning somewhat strangely, for example.

personjerry 1 day ago 0 replies      
It was streaming and it's over, so here's the VOD: https://www.youtube.com/watch?v=ac1getNs2P8
sondr3 1 day ago 3 replies      
Wow, that was not even close either. And it only takes it two weeks to reach that level of play? OpenAI should create a team of five (as they said they would) and let it play in the qualifiers next year.
Tangokat 1 day ago 5 replies      
It is so weird reading all these comments. Almost half of them start out as "it's impressive.. but". Is it human nature or are HN commenters just so sceptical/negative of all the new tech?

One of the OpenAI guys mentioned that they could potentially use the same technique in real life applications like surgery. Surgery is not "just" run on a computer it has a physical component too. Is that really the next step or was he just throwing out a random example people could understand?

terda12 1 day ago 1 reply      
As a longtime DotA player and someone who's following the pro scene, this is very impressive. Especially considering how it's beaten Sumail, widely regarded as one of the best 1v1 players in the world. Can't wait to see what OpenAI have in store a year from now for 5v5.
taion 1 day ago 1 reply      
Is the "two weeks" of time in the Dota environment, or two weeks of training time running in parallel as with A3C or something?
jmkapz 1 day ago 2 replies      
I wonder if this a good move for Valve. How many people will be loose interest from the game if next year OpenAI manages to pull off the 5v5 challenge, thus bringing DotA 2 to the same level as GO and chess for AI, i.e. beating the best human(s).Has there been any study on the popularity of chess after AI moved in? How about prize pools, as a large driving force of DotA 2 is the competitive scene?I suppose Valve will find out soon enough and it may be a significant event to study of the impact of AI, if only by the scale (> 10 millions players [1]) and the traceability of the metrics.What if the numbers do indeed plunge? Maybe such public display of AI might be given second thoughts. And what of outside the gaming industry?

[1] http://www.criticalhit.net/gaming/dota-2-vs-league-legends-u...

brandonhsiao 1 day ago 2 replies      
Is it taking in raw pixels or reading from game memory? How did they gather data to train for this? (Did Valve give them an API?)
nacs 1 day ago 1 reply      
Looks like its also being hosted on Twitch.tv in addition to Youtube:


Hroble 1 day ago 0 replies      
If I remember correctly, Deep Mind recently releasead a kit to train bots to play Starcraft 2. Would anyone be able to compare the differences and difficulty of playing dota and starcraft for a bot?
bitmapbrother 8 hours ago 0 replies      
I really don't think this is a big accomplishment. Dota 2 is a team game where 5 players all work together. I went in thinking I would see a 5v5 against bots. They promised a 5v5 against bots next year so we'll see how that plays out.
bhntr3 1 day ago 1 reply      
This was fun. It's our intern's last day on the ML infra team here. And he happens to be a competitive collegiate DOTA player. We were all crowded around watching the screen, shouting. Couldn't have planned a better send off. Nice job, OpenAI!
evc123 1 day ago 0 replies      
Elon posted these AI fear/regulation tweets right after he retweeted the opeanai dota 2 blog post:



Hekatron 17 hours ago 0 replies      
Figuring teamplay out is going to be a lot more complicated but a strong 1v1 bot is already very impressive. Props to openAI, that universe didn't take off was a bummer, it was a pretty cool project as well.
rafinha 1 day ago 0 replies      
All these fancy stuff and valve still can't detect people feeding chicken...
antouank 19 hours ago 0 replies      
Seems like the AI was beaten at least 50 times.


ted12345 1 day ago 2 replies      
I wonder if some of the things the guy says are misleading.

In the video, we see the bot "creep blocking." For those unfamiliar with dota, players can use the model of the unit they control to obstruct the movement of allied computer controlled units in order to gain a favorable position.

I suppose it's possible that over millions and millions of matches played against itself, the OpenAI bot "invented" this behavior for itself. But it seems more likely to me that the programmers "built that behavior in."

kahlonel 1 day ago 0 replies      
Even with a lot of restrictions, I can't imagine how much variables this bot has to take into account; and then generate the output within a sub-millisecond time period. The most interesting part was aggressive positioning of the bot, and faking the spells to scare the shit out of Dendi (the pro player competing against it). Will definitely follow the progress of this project.
Asdfbla 1 day ago 0 replies      
I wonder what the input for the bot was. Just a screengrab like in other reinforcement learning examples (like Pong or GTA etc.) or did they use some Dota API to make their lives a bit more easy?

Impressive nonetheless, like others said, knowing the reward function would be interesting.

VHRanger 23 hours ago 0 replies      
Where's the paper describing the exact methods used?
kmnc 1 day ago 1 reply      
How do things like reaction time, and actions per second work with something like this? Is it just an assumed advantage the ai gets, or does it simulate the limitations of a human? If it doesn't, how big of an advantage is it in an ai versus human competition?
eduren 1 day ago 0 replies      
This is really cool outreach on OpenAI's part. So many young people watch The International and I'm guessing that at least a few of them are more interested in CS and STEM from seeing this.
Macrosmatic 17 hours ago 0 replies      
Anyone else interested in seeing this bot Vs itself?
Analemma_ 1 day ago 1 reply      
Not that this isnt very cool, but 1v1 Dota isnt anything like the full game, its mostly a competition of who has better micro. If it can beat a team of pros at 5v5 which is where the imperfect information, short-vs-long term strategy and inter-agent communication challenges come into play then Ill be impressed.
thatsadude 1 day ago 1 reply      
I love both Dota and ML, this is awesome. I would love to know whether they release the source code for us to play around.
exabrial 1 day ago 1 reply      
OT: Is backdooring prevented by the game engine yet? Annoyed me that a useful tactic was "against the rules"
ematvey 1 day ago 0 replies      
To OpenAI folks: are you planning to publish a paper with implementation details?
xfer 1 day ago 0 replies      
Very impressive, even if there are some limitations. I look forward to more progress for a team of bots.
savethefuture 1 day ago 0 replies      
Well the presentation was a little meh but very impressive tech they built, excited to see the 5v5.
csomar 1 day ago 1 reply      
Is this the start of the end of online gaming? If bots outperform humans, what to prevent someone from a running bots for online games (even Poker and Chess) and being sure that everyone loses?
wnevets 1 day ago 0 replies      
As a long time dota2 player, it was simply absurd just how good it was.
cissou 1 day ago 1 reply      
It looks like it's over? Someone has a replay of the relevant part(s)?
justicezyx 1 day ago 1 reply      
When will the match happen or did it already happen? I did not find any vods.
donovanm 1 day ago 0 replies      
this is pretty awesome, hopefully they'll release some more details about how it was implemented
demonshalo 1 day ago 1 reply      
MEH. I am not impressed. Restricting the number of parameters and variables in order to produce a bot that can do 1 sub-set of tasks really well is nothing special imo.

Complexity and simulations of what you have not yet encountered is something humans can do with ease. This is not something a bot can do in a complex environment like DOTA.

I'll be the first to admit that I was wrong and that AI is truly a thing once I see a bot like this one beat a pro-team in a 5v5. Until then, meh...

bronz 1 day ago 2 replies      
this whole emphasis that openai and deepmind put on human/robot collaboration is a paper thin pr move in my opinion. the robots will be better than any human, humans will not be able to contribute a single thing soon. but they try to make us all feel safe by making it look like they benefit from our brains.
nether 1 day ago 0 replies      
VPN Report Reviews of the top VPNs vpnreport.org
313 points by mobitar  3 days ago   222 comments top 69
Saqwert 1 minute ago 0 replies      
I'm looking for a great vpn.After looking at https://thatoneprivacysite.net/vpn-comparison-chart/I found Hide.me interesting except for the price but on their website they have guides to explain how to manually set up the vpn.I never see Hide.me mentioned.Is there someone using it or thinks it a good choice for privacy on Android, win10 or mac
kelnos 3 days ago 4 replies      
What's the intended audience for this? As a tech-savvy person, reading his commentary on TunnelBear completely discredited his site in my eyes. He talks about things that are completely irrelevant and are incredibly silly to even remotely care about from a VPN provider.

Despite his listed criteria at the top, the star ratings and rank order seem to be based on how the provider made him feel, and has nothing to do with actually how secure and privacy-protecting the provider is. (To be fair, though, without inside knowledge, it's hard to evaluate how up-and-up they are.) Based on his own metrics, PIA should be listed as #1, not #8; it's the only one that hits all nine of his "Important" list.

I'm completely baffled as to why this list was constructed as it is.

On a side note:

"First, I'm upset at Private Internet Access because I had to modify this site's CSS just for their needlessly long name."

Are you kidding me? Really?

abstractbeliefs 3 days ago 5 replies      
Regardless of how you feel about _why_ PIA sponsor the organisations they do, it is surprising to see someone claiming they "perhaps put [their money] to better use" given their record of supporting foss and digital/online rights [1].

Additionally, the characterization as being extremely focused on the tech illiterate I feel isn't really the case either, they have lots of docs about how to use OpenVPN [2].

Thirdly, while there's no online free trial, at DEFCON and other events they do liberally hand out free trial cards.

The above points, as well as reading the commentary, leads me to believe that the author hasn't spent much time at all using or understanding the various product offerings, and the written review and star-score seem to clash with the high feature based score listed above. I can't speak at all for the other providers, but I don't feel like PIA at least has been well researched.

[1] https://www.privateinternetaccess.com/pages/companies-we-spo...

[2] https://www.privateinternetaccess.com/pages/client-support/

As full disclosure, I'm a unpaid volunteer for a non-profit PIA has contributed to.I have used in the past, but do not currently use, PIA VPN.

joshstrange 3 days ago 3 replies      
Private Internet Access

> A pretty boring company. Extremely transactional. You get in and get out. It delivers its experience the way a utility company would. Sometimes, that may be a good thing. But in this case, since I have choice, I'd rather give my money to a company who would appreciate it a little more perhaps put it to better use.

PIA might be very "transactional" but I like them and I've never had any issues with their service. I'm surprised it didn't get a better rating. I don't need a flashy VPN, a utility is exactly what I'm looking for.

sp00ls 3 days ago 5 replies      
Lol this site is a joke, how much is TunnelBear paying him for the top spot? They're the only VPN provider I see consistently spending money on marketing and sponsoring YouTube videos. 'Fun to use'..what? I don't care if my VPN is 'fun', I want it to protect my privacy.

He mentions that 2 of the VPNs are 'uninspired'. Sorry, I didn't realize that tunneling traffic to protect privacy was an art project and not a technical one.

FWIW I've used PIA for 2 years now with no issues. A TON of torrenting has gone through them and they don't care in the least. In addition when their Russian servers were seized I received an email immediately letting me know their current situation and about their key changes due to the event. Plus they no longer do business in that location due to it. Pretty top notch company in my eyes even if their site does look 15 years old.

tptacek 3 days ago 8 replies      
To steal (and paraphrase) what is basically the perfect summary of this from @SwiftOnSecurity:

Commercial VPNs: for when you want all the security of Ukrainian coffee-house wifi from the comfort of your own home.

Taylor Swift isn't wrong about this. Use something like Algo to run your own VPN if you have to. If you must use a commercial VPN to get to Netflix or whatever, do it from inside a virtual machine that you use for nothing but that.

LeoPanthera 3 days ago 2 replies      
This guy has been reviewing VPN services for a while and has put together an incredibly comprehensive table as well as a selection of more detailed reviews, selected from the list at random so as to remain impartial. Recommended.


For example, TunnelBear scores highly on security, but poorly on ethics.

revanx_ 3 days ago 1 reply      
"The following VPNs were not reviewed due to their website experience being poorly designed. This can mean heavy use of stock photos, utter disregard for detail, difficult navigation, excessive and hard to follow text, non-defaulting to HTTPS, and overall poor usability. "

And apparently that applies to AirVPN? Lol, this guy lost all credibility, this is just another "honest and totally not payed for online review", thats why tunnelbear is righ there at the top (you see their commercials everywhere) and he even says it's his favorite VPN.


mathgenius 3 days ago 1 reply      
> PIA, Somewhat boring company.

I fail to see how being a boring company has anything to do with the service they offer. If anything, being boring is a very good thing.

wepple 3 days ago 1 reply      
> Extremely bland, stock-photo website. I felt uncomfortable giving them my email address, let alone my payment info.

That's not valuable information.

> A heavily marketed product lacking inspiration which I ultimately couldn't get to work properly.

At this point you've given up even trying. It's not a useful comparison any longer.

kevinr 3 days ago 3 replies      
lololol. Half of these VPN vendors show up on Kenn White's VPN Hall of Shame for offering unsafe configurations:


For anything actually sensitive, you're better off not using a VPN than using a VPN which provides an unsafe configuration.

If you'd rather not do your own pager duty for something like Algo, here's a recommendation I put together a while ago:


chairmanwow 3 days ago 1 reply      
As someone living in China, a VPN provider that doesn't provide direct download links to their Android client is completely useless. The only way for me to install an app from Google Play store is to flash a custom ROM and install the Google Play Store, install another VPN (?!!) to access the Play Store, and then download the app in question.

Furthermore, the fact that Apple has just pulled VPN apps from its App Store and the unfortunate fact that you can't sideload apps makes iOS an untenable OS choice.

Raphmedia 3 days ago 0 replies      
I strongly recommend using That One Privacy Site's detailed VPN comparison charts. There is a lot more information in there.


Edit: Link to his charts as a Google Document https://docs.google.com/spreadsheets/d/1L72gHJ5bTq0Djljz0P-N... for a much better usability than the widget on the website itself.

bitskits 3 days ago 1 reply      
Sad to see AirVPN excluded. While their website isn't the most elegant I've seen, it's not user hostile enough to abandon altogether, IMO.

It also seems a bit odd to rate VPNs on their specific technical merits and features, and then disqualify for their homepage UI or sign up flow. I'd venture most VPN customers would tolerate a lot of ugliness for a truly private, secure, and reliable service. I would.

anglebracket 3 days ago 1 reply      
> The screenshot of their app on the iOS App Store shows a bunch of credible logos of their mentions, but then quotes "VyperVPN is the best service on the market" as coming from a reddit comment by a random user. Questionable tactic.

That's referring to reddit the company, and it was quoting one of reddit's sysadmins: https://www.goldenfrog.com/blog/reddit-gives-every-employee-...

vacri 3 days ago 0 replies      
> The speeds were good and the apps work but are kind of boring

... isn't the point of a VPN do just do its job and stay out of sight? Why is 'boring' even remotely relevant to the VPN equation?

cgtyoder 3 days ago 1 reply      
Pretty surprised F-Secure Freedome wasn't mentioned - they're a major player and well-respected.
jk2323 3 days ago 0 replies      
"The only thing harder than finding a VPN provider is finding an honest VPN review website."

100% true since the "best VPN" likely has the highest affiliate commission.

In fact, websites that claim honesty and transparency like BestVPN and VPNMentor actually display pop-up alerts advertising their highest rated VPN.

"I built this website because I wanted to finally get to the bottom of the question: which VPN providers are trying to build an honest long-term brand while also delivering an exceptional product experience?"

This is a fair metric. Unfortunately useless for most VPN users but this is another question. And to give him credit: He does not use affiliate links.

I suspect that he knows little about VPNs and why many users have to use them. By the way, I suspect most of these VPNs to fail in China!

Astrill.com is good for China.

vcp.ovpn.to has a good reputation regarding privacy.

abalone 3 days ago 0 replies      
Interesting this showed up on HN the same day as the expos on Facebook's Onavo VPN logging its users activity.[1] I'm guessing Onavo should be put on that list and given zero stars.

[1] https://news.ycombinator.com/item?id=14972125

lalos 3 days ago 0 replies      
PIA has a kill switch on its client. That makes it for me. Lose the VPN connection and you lose the internet connection.
mcrocop 3 days ago 0 replies      
Reading his reviews I felt the author was looking for that warm feeling a toddler feels when being coddled by his mother. Take a look at his comments on PIA, "Extremely transactional. You get in and get out. It delivers its experience the way a utility company would. Sometimes, that may be a good thing. But in this case, I'd rather give my money to a company who might put it to better use."

What? Extremely transactional? You're in and out? When using my VPN I want to click 'connect' to connect, choose US if I want my connection for the US, and 'disconnect' to disconnect... No fancy website or pretty colors needed.

Cozumel 3 days ago 0 replies      
>'It's just so much fun to use'

Given that one of the criteria the VPNs were measured on was 'fun' makes me inclined to dismiss the whole thing.

VPNs are to stop the secret police from coming and killing your family and taking you away, 'fun' is coding, not playing with your life.

deadlyllama 3 days ago 1 reply      
I'm disappointed that Mo flat out disregards options "due to their website experience being poorly designed." A slick website means that money was spent on the website.

I've been using EarthVPN[1], one of his unreviewed options, for several years, and am very happy. It's cheap and cheerful, but yes, the website isn't great. The company is registered in Cyprus, and at USD40/year with three concurrent connections (from the same IP) and servers in many, many countries, it's a great way to bypass geoblocked websites.

[1] https://www.earthvpn.com/billing/aff.php?aff=1378

gambiting 3 days ago 0 replies      
Why is private Internet access so low? It ticks almost all boxes, has a native client for windows/Linux/Mac/android/iOS and I have used it on a 300Mbps connection with no degradation of speed. Yet here it gets 2/5 stars? Why??
kevindong 3 days ago 0 replies      
Are you really prioritizing "fun" over an objectively better (by your own metrics) service (picking TunnelBear rather than OVPN)?


You also seem to be prioritizing aesthetic appeal over function. Is there a reason for that?

> TunnelBear has somehow figured out how to make VPNs fun.

> Extremely transactional. You get in and get out.

> Heavy use of stock photos, fake customer service agent profiles, and sensational marketing copy.

> Extremely bland, stock-photo website. I felt uncomfortable giving them my email address, let alone my payment info.

> But I sort of like it when companies show more humility.

> First, I'm upset at Private Internet Access because I had to modify this site's CSS just for their needlessly long name.

MachinShinn- 3 days ago 0 replies      
Surprised few people picked up on this... this site is 100% Bullshit. The "ratings" are purely driven by which server is offering the author a commission per sign up.

How do I know this? I do the same thing with my sites.

toomanybeersies 3 days ago 2 replies      
Obviously not ideal for non-technical users, but I found it really easy to spin up a VPN on Digital Ocean.

I'm sure it wouldn't be hard to make it almost a turnkey operation, just run the script and you're good to go, and then it would be a viable option for non-technical people.

Of course, not ideal for anonymity, but a perfectly fine solution for if you want the security benefits of a VPN, or to get around geoblocking (I originally spun up my VPN to watch something that was geoblocked, now I keep it for when using open wifi connections).

mstaoru 3 days ago 1 reply      
I'm still looking for a reliable provider that would support openconnect and / or wireguard. Alas, here in China OpenVPN-based VPNs are getting more and more flaky, with talks of shutting down completely soon (not talking about the fake Bloomberg article). IPSec and Socks5 never really worked. Streisand only really works on AWS and having an AWS public IP means no Google most of the time (they block whole IP ranges), annoying Cloudflare captchas and other quirks.
mtmail 3 days ago 1 reply      
Too be honest despite your reassurance I still expected that there would be affiliate links, purchase cookies or other tracking somewhere (I checked, all good). Thanks for sharing your reviews!
gmac 3 days ago 1 reply      
I've been considering setting up a slightly different VPN service one that provides each user their own dedicated VPN server (based on my IKEv2 config script, https://github.com/jawj/IKEv2-setup).

100% vapourware web presence here: http://digitalsnorkel.net/


evancaine 3 days ago 0 replies      
This site seems to me an imitation of sitebuilderreport which was featured on indiehackers recently [1]. The design and copywriting are similar. OP, was your site inspired by sitebuilderreport or are you connected with that site?

[1] https://www.indiehackers.com/businesses/site-builder-report

fishywang 3 days ago 0 replies      
From the one line summaries, OP seems to prefer native apps vs. open protocols (e.g. OpenVPN/L2TP/etc.), why is that?

I looked at the Chrome extension of TunnelBear and it requires some ridiculous permissions [1], much more than just "change your proxy settings". This doesn't seem right.

[1] http://imgur.com/3PuH0tE

gerdesj 3 days ago 4 replies      
I'm (British) getting the impression that VPNs are becoming rather important to Americans (int al). Please bear in mind that us foreigners don't always get the memo about the current flavour of the day in all countries. I'm well aware that citizens of CN and many others really need privacy but it seems that there is a reasonably recent strange US fetish with VPNs.

Could someone please explain?

jiggunjer 3 days ago 0 replies      
How do you not get IP vanish to work? it's literally just a windows installer & reboot. You can manually add a server on Android too using their guides (they have step-by-step pictures!). O.m.g. I chose IPVanish over NordVPN because the later required me to upload a photo of my passport (to a third party) when paying! Who does that?!
bitexploder 3 days ago 1 reply      
TunnelBear claims to be secure but all they offer is an opaque app. Uhh, no thanks. I prefer to run my own VPN client that doesn't have potential spyware in it. I am surprised this was so highly rated by someone reviewing VPNs.

edit: I know you can't make everyone happy, but there are a LOT of VPN options out there and only the very best should be making it through.

abavatar 3 days ago 0 replies      
"Facebook uses an internal database to track rivals, including young startups performing unusually well, people familiar with the system say. The database stems from Facebooks 2013 acquisition of a Tel Aviv-based startup, Onavo, which had built an app that secures users privacy by routing their traffic through private servers. The app gives Facebook an unusually detailed look at what users collectively do on their phones, these people say.

The tool shaped Facebooks decision to buy WhatsApp and informed its live-video strategy, they say. Facebook used Onavo to build its early-bird tool that tips it off to promising services and that helped Facebook home in on Houseparty."

via https://www.wsj.com/articles/the-new-copycats-how-facebook-s...

captaindoe 3 days ago 2 replies      
Founder of OVPN.com here. Im happy to answer any questions regarding our infrastructure, policies or tech stack.
reflexing 3 days ago 0 replies      
I'll just leave it here: https://torrentfreak.com/vpn-services-anonymous-review-2017-...

The scene guys know their stuff.

rocky1138 3 days ago 1 reply      
I use KeepSolid. I've been really impressed. I think his review has done them a disservice. They have a really helpful app on all platforms and their staff are friendly, too.

Disclaimer: none. I have no affiliation other than I am a customer.

parito 3 days ago 1 reply      
What this review really lacks is the additional features VPN's can provide, such as malware and fishing protection, location diversity, scale, jurisdiction, protocols supported, etc etc.

I am a happy user of NordVPN with all of the above points adressed by them really well. BTW the latest feature, CyberSEC also blocks ads which is a major plus for me, making the VPN that much faster.

[1] https://nordvpn.com/blog/security-feature-cybersec/

linkmotif 3 days ago 0 replies      
"Honest" is such peacock language. Unsettling seeing it like this.
thinkMOAR 3 days ago 0 replies      
I kind of expected network based tests as reviews.

E.g. throughput, latency, connection setup, encryption strengths, fixed ip address etc etc. This is just a feature compare, where one trusts the vpn provider on their blue eyes, e.g. "No logging or tracking"

I cannot imagine a sane service provider that doesn't have some kind of logging, not of your (in vpn case,) browsing activity itself, but when you connected, what accounts are getting brute forced, etc etc. This is logging too.

MBCook 3 days ago 2 replies      
Both iOS and macOS (I don't know about windows, I havent used it recently) have built-in VPN clients so what would be the advantage to using a client from the VPN provider?
blubb-fish 3 days ago 0 replies      
Any opinions on ProtonVPN? I use it now more or less everywhere. No problems with it - it's fast enough (though definitely slows down my connection from about 12 to 16Mb/s to about 5 to 10 Mb/s.

I chose it b/c the organization behind it seems trustworthy. I don't know what the author has in mind when he labels the billing practice "shady".

welder 3 days ago 1 reply      
Could use a breakdown of which criteria each provider supported, because just a colored circle doesn't show which of those criteria are supported or not.
mirimir 3 days ago 0 replies      
I'm not impressed with this review. The author doesn't even mention the need to prevent leaks with firewall rules.

Edit: As others note, he doesn't include AirVPN, which is one of the best activist-focused services around. And his comments about IVPN are bizarre. It is expensive. But it has no affiliate program, and its apps are among the best. In particular, for being leak free.

bamboozled 3 days ago 0 replies      
Thanks for this! It's pretty cool and it's nice to have something to pass on to friends who are interested in subscribing to a VPN service.
mcrocop 3 days ago 0 replies      
How did this make the front page? People voting this story up must not have read his actual analysis. Pathetic.
mcrocop 3 days ago 0 replies      
He doesn't like PIA, a company that sponsors dozens of security companies/projects/etc because he would rather the company he chooses put their money to better use.... Like make bear graphics so his VPN is 'fun' to use.

Again - how did this make the front page... Embarrassing for HN.

Proof 3 days ago 0 replies      
Horrible article. If he tried the services he didn't like the websites for (fucking childish excuse btw), he would realise that airvpn offers all the services he was treating as a pro. This is a dissapointing read, and even more disgusting it made its way up to the top of this great website.
mobilio 3 days ago 0 replies      
jk2323 2 days ago 0 replies      
Questions, any advise/help appreciated:

1. oVPN.to Does it work in China? (Support not helpful but I still like them)

2. Does Softether https://www.softether.org/ work in China?

mk89 3 days ago 0 replies      
All this article is missing is the referral links - then I don't see any difference with other websites, which the author wants to distinguish from. Actually, there are some good websites around - it just takes a lot of patience to search...
darkblackcorner 3 days ago 0 replies      
I think you're better off with this for a proper technical feature-set... https://thatoneprivacysite.net/vpn-section/
Izmaki 3 days ago 0 replies      
Has the world forgotten about iPredator? The VPN service spawning from the legal issues with The Pirate Bay. One would assume that a VPN "by crime riders, for crime riders" would fulfil all the requirements and many more.
belorn 3 days ago 0 replies      
A Nice-to-have would be static IP address so that you can run a private home server. Pity that the site don't include this since only a few vpn providers have an option for that.
GTP 3 days ago 0 replies      
I think that https://thatoneprivacysite.net/ has a much better VPN comparison.
newbear 3 days ago 1 reply      
If I just don't like the feeling of being logged on some ISP , is paying for a VPN something for me? Any free options for privacy ? Or is it more for torrents and stuff?
scottmcdot 3 days ago 1 reply      
Is the TunnelBear "Vigilant" feature like a kill switch? So if the VPN drops out, it doesn't revert to downloading via non-VPN?
jianshi 3 days ago 0 replies      
Can you try https://cypherpunk.com/ and add it to the list?
theprop 3 days ago 0 replies      
We don't know if IPSec or L2TP is compromised...could be either or both. So why is using Ikev2 with IPSec secure??
sly010 3 days ago 0 replies      
What's up with all these VPN review websites? Are the affilite fees that good?
Mefis 3 days ago 1 reply      
This seems like a good thread to ask this.

I'm about to move to China. What vpn set up is best?

I use and android phone and Mac laptop.


WhiteSource1 3 days ago 0 replies      
You know the VPN providers paid for the ranking.
wyclif 3 days ago 1 reply      
He didn't review OpenVPN, or even mention it.
k734730 3 days ago 0 replies      
If they don't test cryptostorm this review is pretty worthless. They are one of the best options out there.
rubatuga 3 days ago 1 reply      
I hate to sound like I'm advertising, but I've found blackvpn quite good. It's based in Hong Kong.
nerdynerd 3 days ago 0 replies      
shill detected how does this tripe get so high on HN? is this reddit?
dbg31415 3 days ago 0 replies      
I use PIA, and it's great. I don't know why they listed it as low stars.
       cached 13 August 2017 15:11:02 GMT