hacker news with inline top comments    .. more ..    28 Aug 2012 News
home   ask   best   5 years ago   
Add two-factor authentication to your ssh in 30 seconds authy.com
129 points by danielpal  4 hours ago   68 comments top 15
cs702 2 hours ago 4 replies      
Using a third-party service like authy.com has its advantages, but if you prefer, you can get two-factor authentication in the latest Ubuntu without involving a third party by installing libpam-google-authenticator from Ubuntu's "universe" repository.

Here's how you do it: first, sudo apt-get install libpam-google-authenticator; second, run google-authenticator as the user you will access remotely and follow the instructions; then, edit /etc/pam.d/sshd, and add "auth required pam_google_authenticator.so" in a new line; edit /etc/ssh/sshd_config and add (or change) the ChallengeResponseAuthentication line so it reads "ChallengeResponseAuthentication yes"; and finally, sudo service ssh restart to restart the ssh server.

More info is available from the packager of libpam-google-authenticator[1], and from the Google Authenticator PAM module's README.[2]


[1] http://blog.theroux.ca/security/ubuntu-2-step-authentication...

[2] http://code.google.com/p/google-authenticator/source/browse/...


Edits: Corrected typos; added more context.

pejoculant 3 hours ago 3 replies      
Pretty cool. Google authenticator is another alternative that be used via a pam module, with the additional benefit that it doesn't need to connect to something else for verification.


subway 3 hours ago 1 reply      
You should really package this up, and provide a signed repo instead of relying on the busted SSL infrastructure and GitHub to provide security to your users.

While this one isn't quite as offensive as some, all these curl/sudo/bash combos really make me sad, particularly when used to "increase" security.

tylermenezes 3 hours ago 0 replies      
Been using this for around a month and it's great. Highly recommended.
peterwwillis 2 hours ago 4 replies      
SMS is not secure. It can be faked. It goes through multiple networks. It's not encrypted. And if you use a GSM phone, this could be owned two years ago at DEF CON: http://www.pcmag.com/article2/0,2817,2367247,00.asp Not to mention the provider-specific attacks, cloning, etc.

If you start pushing insecure technologies like this, people will just get really comfortable with them and eventually get taken advantage of.

stcredzero 3 hours ago 0 replies      
Has anyone added this to other than a server? Seems like this could be added to a notebook or desktop running OS X. (And for that, I would actually prefer Google Authenticator.)

Also, it occurs to me: With TFA, it finally makes sense to periodically change passwords.

aclimatt 29 minutes ago 0 replies      
Seriously? Another (virtual) token-based 2FA solution? What is your competitive advantage against Duo, Authentify, Entrust, and the thousand other SMS or virtual token 2FA solutions out there?
a3_nm 3 hours ago 2 replies      
Does this mean that you ping them whenever you ssh? Does this mean that if their service is down you won't be able to ssh anymore?
dsl 3 hours ago 0 replies      
If you are looking for a clean reliable two-factor auth system, I highly recommend Duo: http://www.duosecurity.com/

I've been using them across a half dozen personal machines for quite a while now, looking to roll it out at work as well.

msie 1 hour ago 0 replies      
I can't wait until three-factor authentication!!!
cmsj 2 hours ago 0 replies      
In the video I see a private key coming from a Dropbox folder :(

Missing. The. Point.

eslachance 3 hours ago 2 replies      
This is great but one thing bugs me. When you add a new user, you have to restart SSH? Wouldn't that prevent people from connecting every time a new user is added?
jfaucett 4 hours ago 0 replies      
yes exactly what I've been looking for, awesome tool! Thanks for sharing.
raffpaquin 27 minutes ago 0 replies      
Simple and great idea
SanjayUttam 3 hours ago 0 replies      
Great idea
Break Apart Your Backbone.js Render Methods ianstormtaylor.com
31 points by ianstormtaylor  1 hour ago   13 comments top 6
Vekz 36 minutes ago 0 replies      
This is not a problem specific to backbone rendering. This is a common issue in jQuery plugins, and vanilla javascript in general. Its a best practice overall to keep your functions small.

Have them do one thing and do it well, keep them unix like, small sharp tools. You can always copy paste a large conditional from one function into its own named function. This significantly improves readability and divides the code in to smaller units which makes testing more graceful.

ernestipark 1 hour ago 0 replies      
Another great article, Ian. As a newbie to Backbone, I find myself refactoring and going over best practices frequently. One of the first things I found myself trying to wrap my head around is different ways to render my templates properly. This seems like a good approach when you have pretty distinct modular chunks that are reusable.

Rivets does look promising in that there are some parts of my code in templates that are just a single number (say # of notifications). That's a pain to have to separate out into a separate view or render function for something so small.

catshirt 52 minutes ago 2 replies      
the problem the author is solving is clear; "Instead of writing gigantic render functions that do everything under the sun (and then more, admit it!) you should break your render methods into small chunks. That way you only ever re-render what you need."

but breaking apart your render method is only one way to achieve this. using a sane layout manager with subviews is my preferred approach (though i suppose you could argue this is just breaking up the render method across several views). this technique is also admittedly a pain at small scales.

the beauty of this technique, though, is that every view is responsible for it's own rendering. that is, parent views don't need to be aware of the re-rendering process of their subviews (how or when). another great benefit is you will find yourself referencing items by selector less often, and instead through the subview's element.

shawndrost 1 hour ago 1 reply      
What made you choose this setup over subviews (with one render per subview)?
padolsey 1 hour ago 0 replies      
Doesn't this necessitate lots of individual templates? (in this example: inputTemplate, labelTemplate...)

Is there an easy way to manage this? From what I've seen it's typical to have one template per view (and possibly sub-views with sub-templates).

MatthewPhillips 1 hour ago 1 reply      
May I suggest more line breaks, and fewer inline if statements. The two would make your code more readable.
Rich Hickey: Deconstructing the Database youtu.be
106 points by noidi  4 hours ago   20 comments top 5
lhnz 3 hours ago 4 replies      
There are two people that I will stop what I'm doing and watch every new lecture they make: Rich Hickey and Bret Victor. Both are visionaries.
arscan 2 hours ago 1 reply      
I recall Datomic making a bit of a splash on HN when it was announced 6+ months ago, but basically crickets since then. Anybody build something cool that took advantage of Datomic's unique design?
erikpukinskis 1 hour ago 1 reply      
Fascinating stuff. Some things that came up for me while watching this and the other videos on their site[1]:

It's not Open Source, for anyone who cares about that. It's interesting how strange it feels to me for infrastructure code to be anything other then Open Source.

I'm sort of shocked that the query language is still passing strings, when Hickey made a big deal of how the old database do it that way. I guess for me a query is a data structure that we build programmatically, so why force the developer to collapse it into a string? Maybe because they want to support languages that aren't expressive enough to do that concisely?

[1] http://www.datomic.com/videos.html

brlewis 3 hours ago 2 replies      
Anyone have a summary for those of us who don't want to watch an hour-long video?
duck 3 hours ago 1 reply      
I'm getting "This video is currently unavailable"?
The 11th Principle of Good Design wells.ee
32 points by skyfallsin  2 hours ago   6 comments top 6
dsr_ 22 minutes ago 0 replies      
If you spend all your time repositioning the trees, you'll never grow a forest.

Not everything needs to be shipped every day. Or built. Or tweaked.

ericdykstra 55 minutes ago 0 replies      
I'll just contrast two quotes from the article:

- Good design is iterative

- Vitsoe 606 Shelving system, designed in 1960 by Dieter Rams. They still make them today, and to the same spec.

kevinpet 18 minutes ago 0 replies      
Rams' 10 principles of good design are properties of the design. This proposed 11th is a property of the process to produce that design. The giveaway is that his question is "how can we do iterative design?" rather than "how can achieve a design that is X?"
Detrus 38 minutes ago 0 replies      
Dieter Rams as any other designer would do lots of iteration before coming up with a design to meet the 10 principles. At some point with hardware you have to settle on something for the long haul. Somehow people managed in that A/B testing free world.

And would users say that the constant UI rearrangements in modern apps are good design? Absolutely not. The UI paradigm of putting buttons in set places on screen doesn't jive with constantly changing their positions, because you memorize the UI by those positions. This is particularly annoying with rarely used features because every time you use them it's a totally different UI.

Depending on constant iteration is not good design. It is a crutch permitted you by software. You can still come up with long lasting solutions if you give them some thought.

001sky 1 hour ago 0 replies      
Good design is iterative

I can't help but feel this when i look at architecture. Medeival stone masonry, for example. When it takes decades to build, you can tweak the design. In particular, this is evident to with respect to "human scale," 3-dimensionality, volumetric balance, and proportionality. Much early modern architecture, was just designed to look cool as a model; or to photgraph well in publication. Much of this architecture has a PRE_FAB feel to it (brutalist, etc). Ironically this emerged in the context of (a) more powerul modeling tools; and (b) more degrees of freedom in plastic materiel (ie, modern materials, RC etc).

Edited: brevity

AMD reveals Steamroller CPU architecture details techreport.com
16 points by geoffgasior  56 minutes ago   6 comments top 3
incision 12 minutes ago 0 replies      
I'd really like to know what happened at AMD between the great success of the original Athlon [1] and their recent struggles [2].

1: http://en.wikipedia.org/wiki/Athlon#Athlon_.22Classic.22

2: http://semiaccurate.com/2011/10/17/why-did-bulldozer-underwh...

tmurray 13 minutes ago 0 replies      
Looks like too little too late. If Steamroller is still a year or more out, that will put it in competition with Haswell (DDR4 in the server part, AVX2 with FMA ops, etc.). Considering how much Ivy Bridge is already dominating and those kinds of memory bandwidth and FP throughput increases, Haswell looks like it will be a monster.
programminggeek 25 minutes ago 2 replies      
I don't follow AMD's stuff much beyond knowing that Bulldozer was not very competitive beyond the $100-120 price point. Is Steamroller set to change that or is AMD dying a long, slow death?

Also, is AMD going to do anything in mobile or is that all ARM moving forward?

How I cracked my neighbor's WiFi password without breaking a sweat arstechnica.com
145 points by laxk  6 hours ago   99 comments top 22
scott_s 5 hours ago 1 reply      
No doubt, this neighbor should have changed his password long ago, but there is a lot to admire about his security hygiene nonetheless.

I think it's taken too much for granted that one should change passwords on a regular basis. If we assume that changing passwords more frequently means that we are more likely to use more rememberable - and, thus, more guessable - passwords, then perhaps this is not a fluke. Perhaps "pick a truly random, long sequence and keep it for a long time" is not actually bad policy.

In short, I find it odd that the author unquestionably says his neighbor should have had different password behavior, yet it was the only password he couldn't crack. That's an opportunity to revisit assumptions.

ctdonath 2 hours ago 2 replies      
When addressing various physical home security issues, I came to the realization that if a trained team of attackers equipped with body armor and night vision broke into my home, the issue escalated beyond anything I could sensibly prepare for.

The article reminded me of that. If someone attacks my home wifi with network sniffing hardware, sophisticated password guessing tools, hours of planning and execution, etc then, well, the issue escalated beyond anything I could sensibly prepare for.

I realize these computing tools are easy to come by and not terribly hard to use. Ditto body armor, night vision, and combat training. And if someone is inclined to apply them against my pathetic existence, I'm screwed. Planning for such events is pretty pointless, I have other things to do.

ryanmolden 5 hours ago 2 replies      
>What's more, WPA and WPA2 passwords require a minimum of eight characters, eliminating the possibility users will pick shorter passphrases that could be brute forced in more manageable timeframes

Should I point out that 'password' is 8 characters :) Have there been studies done that attempt to test the hypothesis that when forced to pick passwords that meet some arbitrary complexity threshold most common users pick things like "password1"? I have a hard time believing most non-techies (heck, even a lot of techies) pick secure passwords.

peterwwillis 5 hours ago 0 replies      
People are still really surprised when I offer to crack their neighbors' wifi passwords for them - "You can do that?". We've only been at it for over 10 years now.
koevet 1 hour ago 0 replies      
I nave successfully cracked a couple of Routers using a bug in WPS (wifi protected setup) and Reaper: http://arstechnica.com/business/2012/01/hands-on-hacking-wif...
It's way faster than brute force or dictionary attacks.
joshuahedlund 5 hours ago 5 replies      
> To his chagrin, it took CloudCracker just 89 minutes to crack the 10-character, all-numerical password he used...

> Remarkably, neither CloudCracker nor 12 hours of heavy-duty crunching by Hashcat were able to crack the passphrase. The secret: a lower-case letter, followed two numbers, followed by five more lower-case letters

So an all-number password was easily cracked with this method, but a shorter password with letters was untouchable?

Edit: I get that 10^10 is less than 36^8. I was more wondering how the cracker assumes, without knowing already if it's all-numeric or not, that it should try longer numerics before shorter alphanumerics and when it decides to give up on the numbers. I guess it's just known to be more likely for a good number of characters.

rel 6 hours ago 2 replies      
You know, at the cost of $2,500 per year, (although I can't actually find where to purchase the software) you'd probably be better to just YouTube some kid's backtrack tutorial.
laxk 1 hour ago 0 replies      
Is there way to measure WiFi signal quality between router and connected devices? any API on linux side? An easy generic protection can be done in the following way (if there is api): Ban all unknown MAC addresses with WiFi signal quality below the specific treshhold. In that case if hacker decides to use fake MAC address he cannot fake signal quality on my side.

Does it work?

frankus 2 hours ago 1 reply      
My strategy is to use a human-readable password for my guest network (which I actually considered leaving completely open), and a crazy-long random password that I copy and paste from my password manager for my internal network.
recursive 1 hour ago 0 replies      
The only reason I even have a password is on my router is that it crashes more often under traffic if I leave it open. I intentionally made the password easy to guess.
X-Istence 1 hour ago 1 reply      
That is why a passphrase is so important. No longer it is a dictionary word, now it is multiple dictionary words together.
zerohm 3 hours ago 1 reply      
I found this article to be a bit sensational. It should be titled, "how I paid some experts to crack my neighbor's Wifi." I'm not trying to dismiss the threat, just put it in perspective. The use of these tools is either expensive ($2500 a year?) or requires a non-trivial amount of expertise (Aircrack-ng).

I did find the article linked within to be more interesting and informative.


forcer 5 hours ago 2 replies      
Don't really want to hijack this thread so feel free to downvote me if you feel its not appropriate.

We launched a product that protects you from these attacks - more discussion here - http://news.ycombinator.com/item?id=4444478

guilhermetk 5 hours ago 3 replies      
>To capture a valid handshake, a targeted network must be monitored while an authorized device is validating itself to the access point.

I think it's a really noob question, but how do you monitor a network if you are not connected to it?

smackfu 4 hours ago 1 reply      
I would place good money that most AT&T wireless routers (SSID = 2WIREXXX) are using the same 10-digit password that is printed on the sticker on the unit. Yes, it's more secure than the old days of a default password being "default" or "admin" but not so great if 10-digit passcodes are easily broken.
rvid 5 hours ago 1 reply      
You're also screwed if you have WiFi Protected Setup enabled (Its enabled by default in most routers). Once can easily crack a WPA2 passphrase easily in a few hours using a tool like reaver.
mgualt 4 hours ago 2 replies      
A couple of naive questions about the design of the security system:

1. Why is it possible to do the password tests remotely? Why would the key on the router be allowed to be transmitted? Even a 6 character password should be safe if you don't allow multiple tries.

2. Why isn't the handshake protocol encrypted?

phusion 5 hours ago 0 replies      
As one of the comments mentions, you can bypass this whole step by using Reaver, which attacks the WPS pin number instead of the encryption scheme. It's not 100% and it takes 8-12 hours to complete, but it does work.
chadyj 5 hours ago 2 replies      
What is the command for aircrack-ng to generate the pcap file with the handshake?

(For those curious mac users, you can simply type "brew install aircrack-ng")

nickpresta 5 hours ago 1 reply      
So what do I run now instead of Kismac, since it doesn't support anything > 10.7.2? Aircrack with some GUI frontend?
pc86 5 hours ago 1 reply      
Am I the only one that's bothered by seeing that red dotted underline for ANonce, SNonce and Ack?
praveenhm 4 hours ago 0 replies      
This is very interesting read.
Don't drink the startup Kool-Aid " just find a problem and try to solve it venturevillage.eu
126 points by adamfletcher  7 hours ago   28 comments top 7
nirvana 4 hours ago 1 reply      
The silicon valley Startup Kool-aid has a false dichotomy:

You're either patio11[1], a "nobody" building a "lifestyle business" or you're making the next Instagram.

Consequently we have a cargo cult mentality that has evolved. Lets compare these two:


"Obviously you need to be in Silicon Valley. This is where all the wannabe startup hipsters move to!"

I mean, you can't go to a coffeeshop without hearing a harvard MBA who think's he's a programmer because he made an excel macro work once, talking about how he's going to disrupt multiple paradigms with his massive SoLoMo app they're building. "This is where it's all happening, man!"[5]

"Japan? There's no startup scene in Japan. Hell, that's a 12 hour flight. You think VCs are going to fly 12 hours for a board meeting?"

Business model:

"Dude, if you charge money, like %90 of the people aren't going to use your product! But if you're free, and you've gamified your appointment calendar, people will share it! If you can get your virality factor to 2, you'll have a billion customers in 5 months!"

"Oh, there will be a way to make money later, somehow, just look at google, twitter and Facebook!" [2]


"If you're going to be scalable, you need bank, man! The VCS are in silicon valley, the VCs are critical to having a business. They'll give you great advice, connect you up with the other movers and shakers so you can have Cock-Tails Man!" (Yeah, I can't make myself sound like a startup hipster, I know.)

"Without money, how are you going to build anything? How could you ever scale it? You have to start with money!"

Company culture:

"IF you see the CEO writing code, you've failed. You gotta delegate. I mean, never invest in a company run by a programmer, they'll spend all their time delighting in some technical solution that's super elegant but nobody at any cocktail party is going to give a damn about! I mean, what do customers care about how good you did something? They company has to be run by a people person-- so at the cocktail parties he[3] can network with other people! People's what drives business, and this is what gets business done!"

Do they even have cocktail parties in Japan? Isn't liqueur outlawed or something there?[4]


"You see with VCs, its not the money that's valuable, its the advice! They're going to be able to tell you the right moves and you'll be able to grow so much faster!"

I can't contrast this with patio, because I don't know where he gets advice. But in my experience, VCs [can be] beyond clueless[6]. I've seen them force companies to shut down profitable businesses and focus on long shots (which had the nice side effect of making the company more desperate for the investment, and by drawing it all out the VC was able to get much better terms and take the whole thing when the company later sold, shutting out the founders and employees who got nothing.) I've seen VCs force product direction based on fads, and force the use of inappropriate technologies (provided by a company they had a relationship with, naturally) which caused product delay and ultimately a significant reduction in the value of the company on exit.

Much of the investment process seems to be spending time getting investors up to speed so that they even understand what it is you're doing-- which maybe is one of the reasons they'd rather fund instagram than patio11. I mean, they don't know anything about the hair salon industry (his only clients as far as they can tell) but everyone likes to take instamatic pictures!

And if you don't have a business model, you don't have to worry about the business model!

[1] All respect to patio11. I think he's on the right track here, and he seemed to be the best example to use. Nothing derogatory said here about him or his business is meant that way, merely to characterize the people who would see him in a derogatory light.
[2] Here's a bonus: Why is google's monetezation strategy significantly better than twitter an facebooks? It might turn out not to be if the latter two find a way to make it work, but right now, it works much better.
[3] Always. No such thing as a She CEO, I mean, women just don't have the ruthlessness needed, amirite?
[4] I don't think people are this naive about Japan in particular, but I hear them say the strangest stuff.
[5] Somehow startup hipsters in the bay area speak with a style that's a cross between "Brah" and San Fran hippy from the 1970s. In my head.
[6] This is why YC has had so much success, in part, as PG is not clueless and his vetting and blessing lets VCs outsource dealflow. I think angels are probably a lot less clueless, though I have less experience with them. Looking at Gabriel Weinbergs recent summary of his angel experience you see a very different approach than the mentality I'm laying out here.

jackkinsella 6 hours ago 6 replies      
Small online business owner here, chiming in.

I believe the overuse of the word startup comes from a certain kind of pretentiousness, a want to associate one's own small-business, small-market, technically trivial, mom-and-pop online business with world leaders like Facebook and Google. Making the linguistic link is good for the founder's ego, and even better for convincing naïve investors to fund barely viable visions.

If you're one of the many non-technical teams who cannot build products yourselves and have an idea with dubious money-making prospects then you can have a great adventure on half a million euro of dumb money, and believe me many founders in Berlin are.

I've lived in Berlin since January and during that time I witnessed a rising hipster startup culture. Unskilled and unexperienced college graduates with big egos raise dumb money, hire programmers to build code they don't understand, then spend their days 'networking' at trendy hotels in down-town, throwing minimal techno parties and going on trips across Europe for 'business and pleasure'. It's a great lifestyle, and I've nothing against people enjoying themselves - it's certainly my priority now. But I find this sort of carry on repugnant when an investor's money is at stake.

Viaweb was founded by PHD students at MIT, one who invented the worm and the other who wrote timeless Common Lisp textbooks. The modern waterfall of self-professed 'startups' are run by guys and girls who watched 'How to Build a Blog in 15 minutes using Rails' then decided they were the next Steve Jobs. Let's get realistic here - building a web app or an Iphone app these days is no more high-tech than a mechanic fixing your broken car.

Drop the ego, drop the pretense - the majority of business now labelled as startups are small online businesses and there's nothing wrong with that.

yesimahuman 5 hours ago 0 replies      
I just blogged about something similar today called the Failure Fallacy (http://news.ycombinator.com/item?id=4444523).

We are making it hard on ourselves to be successful because of the ideas and types of businesses we are drawn to create.

We jump into crazy ideas with no provable business model or customer when we could experiment and apply customer validation to our potential product. Jumping in like a crazy person is glorified in our community because we love watching others do wild things and hope it will help us be more wild.

I want this to change. More people should be running successful businesses, though they might not be instagrams. I want to see your unique touch on so many tired products and ideas.

josscrowcroft 5 hours ago 0 replies      
Fantastic writing style in this post - it somehow jumps out of the page, not sure how to describe it. Congrats.

Only time I ever felt like giving up on my latest venture[1] was when I started trying to view it as a "startup" and thereby compared it to other "startups". I got really depressed for a week or so trying to be a "startup guy", which thankfully I didn't become. It was like the goals of the business (provide a killer service in order to fund my continuing education and frugal lifestyle) got replaced by the "be the coolest thing ever" startup vibe, which sucked.

This article reminds me again that it's not a startup... it's a site that makes a little money by solving a common problem for developers like me, better than other people, and will hopefully make a little more money, once I've done some good marketing and solved that problem even better!

[1] https://openexchangerates.org

nihonjon 5 hours ago 2 replies      
Anyone else tired of all these entrepreneur/startup blogs and articles? It's a bubble in itself.

Now I skip past them like I skip tabloid and gossip "articles".

001sky 5 hours ago 0 replies      
In between all that succeeding and failing were a large number of businesses who didn't really know what they were doing yet or how they would do that thing profitably. So, weren't really businesses in the traditional sense and we needed a new word with which to call them.

cheap to scale > scale per se > scale potential

protolif 3 hours ago 0 replies      
modal adverts make baby jesus cry.
Firefox 15 arrives, supports compressed textures for impressive 3D gaming arstechnica.com
65 points by shawndumas  5 hours ago   11 comments top 2
Hilyin 3 hours ago 4 replies      
No HiDPI support yet. They are slacking!
elchief 1 hour ago 3 replies      
can someone just email me when it's faster than chrome? thx
12 Interesting C Interview Questions and Answers thegeekstuff.com
21 points by giZm0  1 hour ago   13 comments top 4
kstenerud 38 minutes ago 4 replies      
Question 10 is a bad question. The host environment is under no obligation to provide you with pointers to writable memory in argv. Furthermore, this is veering off from C knowledge into C trivia.

Question 12 is even worse, as the processing order is implementation defined. On my compiler, it prints out 60..40..60.

C questions should be designed to show whether or not the candidate can write robust, professional quality code, not to test esoteric knowledge that even the interviewer can't get right.

I was asked questions like these in an interview once. It was such a massive red flag to me that I went with another company (the final straw was arguing over the size of int, which he insisted was always 32 bits).

jdoliner 3 minutes ago 0 replies      
Well, Though the above code is not freeing up the memory allocated to ‘ptr' but still this would not cause a memory leak as after the processing is done the program exits.

Well this is always true, so I guess that means there's no such thing as memory leaks in C. Checkmate garbage collectors.

joezydeco 8 minutes ago 0 replies      
Don't give me hints in the title of the question! That kind of wrecked the challenge.
mitjak 44 minutes ago 3 replies      
I've studied most of these as part of my introductory C course in university. Are they really that interesting?
HBO No Go avc.com
150 points by cwan  9 hours ago   86 comments top 21
twoodfin 8 hours ago 5 replies      
Do you still get the video on the iPad? If so, this feature makes some sense. If you've got AirPlay speakers, they'd be a great substitute for the crummy built-in ones.

Clearly HBO is walking a fine line here: The cable companies that partially subsidize them in order to lure subscribers don't want you walking over to your (non-subscriber) friend's house and throwing "Game of Thrones" up on the big screen via Apple TV.

The whole "let me pay for it!" debate has been well-covered elsewhere: In short, HBO probably couldn't make a living charging individual subscribers for content, especially on a per-show basis. How could they produce new material without the guarantee of N-million monthly subscribers? And cable/fiber/satellite companies who help promote their service?

mortenjorck 6 hours ago 5 replies      
This isn't just HBO Go, or even just third-party apps " first-party video playback on iOS will, depending on hidden flags from iTunes store purchases, arbitrarily disable video over AirPlay.

A friend and I found this out the hard way one afternoon when we decided to rent Ridley Scott's Alien, in anticipation of seeing Prometheus. He pulled up the store on his iPhone, found the movie, selected Rent: HD, and signed on to my wi-fi network, my Apple TV appearing on his iPhone without a hiccup. So far, pure Apple seamlessness " until he selected the AirPlay output. The audio played back over my speakers, but the video remained on the 3.5" screen.

Thinking resourcefully, I suggested he try AirPlay mirroring. This, at last, gave us the "fuck you, consumer" from the studio in explicit form: a message appeared on his phone saying the AirPlay display couldn't be trusted.

We both resolved never to use the iTunes store for movies again.

w1ntermute 8 hours ago 2 replies      
It's amazing what people will put up with. I built a media center PC running Windows 7 using a guide like this[0]. It was the best decision I made. I just torrent content on my desktop, access it over the network share on my HTPC, and everything's good to go.

You can get a 10' UI using XBMC if you want, and you can access the full versions of YouTube, Netflix, Hulu, (and HBO Go, I presume) etc. - no restrictions. No transcoding, no syncing - if it works on your PC, it works on an HTPC.

0: http://lifehacker.com/5936546/how-i-built-the-media-center-o...

js2 6 hours ago 2 replies      
The reason for this is that iOS allows an app to opt-out of video AirPlay, but not opt-out of AirPlay audio [1]. HBO has opted out of video AirPlay most likely to satisfy its cable provider partners who provide the vast majority of its income[2].

1. http://developer.apple.com/library/ios/documentation/AudioVi...

2. http://dcurt.is/hbo-forbes-journalism

parfe 8 hours ago 0 replies      
I have a Galaxy S3. I bought an MHL -> HDMI adapter, hooked up to my tv and started up HBO Go for a test run. On Android they don't even bother with an audio only implementation. The app simply crashes.

Until this article I assumed the developer sucked. Now I'm not so sure the crashing is a bug.

sudonim 8 hours ago 3 replies      
Roku has the HBO Go app on it, but will probably fail you too.

Subscribers log in to HBO Go with their username and password from their cable subscription, not something they get from HBO.

Time Warner Cable blocks using the Roku with HBO Go. When you try to authenticate the device, they slap you on the wrist and say no.

You can however, airplay from the HBO website in Mountain Lion, but I find things get a little out of sync.

britta 4 hours ago 0 replies      
If you happen to have a jailbroken iPad 3rd generation, iPad 2, or iPhone 4S, you can install UnrestrictPremium to work around this limitation: http://www.idownloadblog.com/2012/08/09/unrestrictpremium/
BklynJay 8 hours ago 1 reply      
Not a week goes by where I don't hear from someone who wants to watch HBO GO on their Apple TV or output from their iPad to the tv. The idea that the consumer has the right to view their legally paid-content where they want and how they want is slowly but surely becoming a reality. It's just a matter of time before HBO caves. Frustrating in the interim though.
pwthornton 6 hours ago 2 replies      
I've written about the issues with HBO Go extensively. It's a terrible app that has a lot of promise, but it's really hampered by old-media ways of thinking about content distribution. The app is intended to be a second, third of fourth screen in your house, nothing more. That's not what the name implies, nor does that fit the reality of how many people consume content today.

You can't cache/download shows to use on the go, meaning that your streaming ability requires a connection and a good one at that: http://interchangeproject.org/2012/05/14/game-of-thrones-loo...

Why is HBO Go not a to-go service? http://interchangeproject.org/2012/05/10/why-is-hbo-go-not-a...

Here is a podcast discussing the issues with HBO Go: http://interchangeproject.org/2012/05/22/episode-38-to-go-or...

Essentially, what I'm trying to say is that HBO Go is a needless usability mess.

revscat 6 hours ago 0 replies      
OP seems like exactly the kind of customer that the cable industry would want to bend over backwards to make happy, not unnecessarily hamstring. He has all the devices and subscriptions he ostensibly needs, and appears to be a Good Cable Citizen. The fact that HBO feels it necessary to restrict him in this way smacks of hubris.
eddieroger 7 hours ago 3 replies      
Calling it broken is a relative statement. On a technical level, they had to do something to prevent mirroring from functioning as the article wants. So, they implement AirPlay, but audio only. But, I'd argue this works exactly as HBO wants it to, so it's not broken, it just doesn't do what you want it to.

HBO's business model isn't terribly friendly to watching their programming on a TV unless it comes via cable or one of their heavily licensed, and generally stationary, partner products. You are a lot less likely to take a Roku or Xbox to a friends' house to watch Game of Thrones, but you always have your iPhone. Of course you could have them over and this falls apart, but you could do that with their cable feed as well. They're trying to slow the bleeding since they can't stop it.

sofuture 7 hours ago 2 replies      
It's amazing that people are surprised at all when a combination of proprietary media-playback system don't work as desired.

No snark intended, I've just not ever had a good experience dealing with a single proprietary playback mechanism.

iopuy 4 hours ago 0 replies      
Okay listen to this. HBO GO is only available to people with certian cable companies. I live in an apartment complex so i cannot changes who provides my cable. My younger sister has HBO GO app on xbox live and direct tv. I have knology, a non support cable provider while direct tv is. She gave me her direct tv credentials and i put them into mh 360 and it worked no problem, all it does is show a direct tv logo in the app itself.
jonaphin 5 hours ago 2 replies      
After many trials and tribulations (Apple TV + Airplay, Roku 2, PS3) the ONLY decent (read working) option was XBox 360 + XBox Live Gold + Comcast XFinity* + HBO Go App.

It does feel like I lost my soul signing packs with so many devils, but at long last, I have an HD HBO Go app running the way it ought to.

* Not all cable companies have a deal with HBO for HBO Go

monatron 8 hours ago 2 replies      
I can imagine being a developer on this product would be insanity. They probably implemented the Airplay feature, showed it to their bosses and for whatever reason the higher-ups had their reasons for nixing the second screen... Then they thought -- Ok, so we can't do video but perhaps people would want to airplay the audio to their fancy pants audio setup in their homes, better than nothing, right? Wrong.

I hope the big media companies get their acts together. They only get to screw up a finite number of times before someone comes and blows them out of the water

MatthewPhillips 8 hours ago 0 replies      
The iTunes screenshots don't show the AirPlay icon:


The conspiracy theorist in me wanted to believe they left audio in there just to advertise AirPlay support.

daveman 5 hours ago 0 replies      
It's particularly annoying that this prohibition is in place even though there are still other ways-- albeit less convenient ones-- to get the video streaming to your TV. For example, you can use a thunderbolt-to-hdmi connector (or VGA) from your laptop, and probably a 30pin-to-hdmi from your iPad (although I've never tried the latter).

So it's possible to still get the content to your TV, in a much less user-friendly (i.e. tethered) way. I know not everyone has these connectors, but since the ability is there, you'd hope they would just be gracious and allow for the better experience.

ricardobeat 7 hours ago 0 replies      
Shouldn't the App Store approval process reject an app that does this? It must be violating some ux guideline.
Zelphyr 6 hours ago 0 replies      
Its tactics like this that are the reason I'm cutting the cord when my DirecTV contract is up in November. HBO has great content. Some of the best available in fact. But I refuse to give them a dime while they institute policies that actively diminish my viewing experience.
kingnothing 6 hours ago 1 reply      
Amazon Instant Video suffers from the same problem.
falicon 9 hours ago 1 reply      
It's got the button, but not the feature. Gotta love it! ;-)
PG: The Art of Funding a Startup is now free on Amazon amazon.com
167 points by neya  10 hours ago   74 comments top 15
arihant 9 hours ago 2 replies      
I believe the reviews are bad because of people's high expectations. This is essentially an interview transcript. Most PG interviews are laid back and most Andrew Warner's are about getting the information out rather than creating a documentary. That combination gives an informative video, not a book.

This is still a good read for a short flight. Definitely better than the 2-star rating Amazon has for it.

davidw 9 hours ago 1 reply      
Formatting problems with your Kindle books? We can help:


davidpayne11 7 hours ago 3 replies      
If you find yourself frustrated with the Kindle walled garden, and want the book in another format (PDF, EPUB, etc), then you can convert your kindle books to PDF/Whatever format by following this procedure. Please note - This may not be legal, and is demonstrated for educational purposes only!

1)Download and install Kindle for PC (Or Mac, if you have a Mac)

2)Download and install freeware Calibre (Open Source)

3)Download and install DRM removal plug-ins for Calibre
(if you use Kindle for PC app, you will just need to add the Kindle plug-in to Calibre)

4)Download your .AZW (Amazon's proprietary format) ebook onto Kindle For PC

5)Run Calibre

6)Find the folder with Kindle for PC ebooks (My documents/My Kindle Content)

7)Select DRM-protected AZW files and drag-n-drop them onto Calibre

8)Calibre will remove DRM protection from AZW ebook(s)

9)Convert your DRM-free MOBI ebooks to any other format (like ePub/fb2/LRF/Mobi/PDF/PDB/TXT/RTF/LIT) using Calibre if needed.

10)Enjoy reading the book in your new format. This is another way to say 'fuck you' to walled gardens like the Kindle.

klausjensen 19 minutes ago 0 replies      
I wonder if I was the only one, who read the headline and thought of some sort of Bizspark-like program for amazon (free hosting for startups).
lylejohnson 10 hours ago 1 reply      
Looks like its getting great reviews at Amazon.com.
adnam 9 hours ago 1 reply      
"Free on Kindle" <> free.
alpb 8 hours ago 0 replies      
Could anybody get an ePub file? Amazon is not available in my country. I feel bad. :(
OoTheNigerian 5 hours ago 1 reply      
Yet again, African dwellers are not allowed to have access to information


lazyjones 9 hours ago 0 replies      
If I want to borrow it (for free) and not own it, I can borrow the book also. But generally I prefer buying physical books that I actually own.
pjmo 9 hours ago 0 replies      
I just got it, but would never actually pay to read an interview.
raphinou 9 hours ago 0 replies      
Very good initiative, but giving an epub option would have been even better.
its_so_on 6 hours ago 2 replies      
Free with purchase of Kindle
q_revert 9 hours ago 1 reply      
from one of the amazon reviews:

"The price to content ratio of this publication is enormous and much of the information can be gleaned from a web search. "

for a free book it seems harsh but probably fair

JoeAltmaier 8 hours ago 0 replies      
mfringel 9 hours ago 1 reply      
Thanks for the posting. This has inspired me to learn how to write Mozilla plugins. My first project will be to write one that will strip (or at least alert on) referrer codes.
The Siege of Academe: Silicon Valley's fight to disrupt higher education washingtonmonthly.com
41 points by joshuahedlund  4 hours ago   29 comments top 4
pg 4 hours ago 2 replies      
It's still hard to predict how well these efforts will work, but I've rarely seen a domain more ripe for reform than undergraduate education.

If there's a riper one, it would be K-12 education. That's the really big prize, measured both by how much room there is for improvement and the forces arrayed against you. But if you're feeling heroic here's the place to go: http://imaginek12.com.

brudgers 33 minutes ago 0 replies      
University of Phoenix already disrupted higher education. Half a billion in net income last year, the ability to raise money on Wall Street, and full accreditation give it significant clout. 300,000 students doesn't hurt, either.

It's not the technology that's the barrier to entry. UoP primarily uses NNTP for it's classes. Pull technology allows for 24 hour delivery and flexible schedules for adjunct its largely faculty.

In my opinion, the big competition in online higher education could come from institutions able to outsource faculty positions to the same parts of the world to which call centers are often outsourced.

stephengillie 2 hours ago 3 replies      
A week after I graduated, I was walking across campus. I watched as my tuition dollars (and others) paid for a team of workers to hoist an entire 60-year-old house, drop it onto a large frame, drive it about 200 feet, and plop the house onto an empty lawn. Just so another building could be built at the old location.

In the 3 years since I graduated, I've watched my university move 2 buildings, demolish and replace 5 dorm buildings (half of the university's dorm capacity), and massively expand their stadium.

I watched as the school's president approved all of these expenditures, then watched him leave to head the NCAA as students rallied about the cost of tuition, which has doubled in the past 3 years.

fscof 49 minutes ago 0 replies      
"While the [Minerva] courses will be conducted primarily online, students will live together in shared housing units in cities around the world. They'll start in their home country and then rotate to different cities in later years, finishing with a capstone project in their chosen major."

I'm a huge fan of this approach. A clear advantage of university education is the network of awesome people you meet while attending. I've learned way more from working and conversing with smart people than I ever did in classes.

Excited to see how their experiment turns out.

Azure Mobile Services launched: A Cloud Backend For Mobile Apps techcrunch.com
6 points by friism  45 minutes ago   discuss
Mailgun (YC W11) is being acquired by Rackspace mailgun.net
126 points by twakefield  9 hours ago   54 comments top 20
viscanti 6 hours ago 0 replies      
I met Ev and Taylor a couple months ago. They're a brilliant team, in a not-so-glamorous market (there's not a lot of buzz around sending mail). These guys are committed to building a reliable/developer friendly email service though. They totally deserve this.
j45 5 hours ago 0 replies      
Congrats to Ev + team, from day 1 when they launched he's continued to answer my emails directly and openly, it's refreshing.

I really hope my beloved mailgun remains competitive and independently available and doesn't get assimilated like slicehost -- mailgun is a not-so-well kept secret that needs to stay as is.

aepstein 8 hours ago 0 replies      
Congrats guys! Great service and well-deserved, we're big fans (and customers).
csallen 7 hours ago 0 replies      
Sweet, congrats guys! Been using Mailgun happily for ~2 years now, and it's great to see I won't have to change anything. Looking forward to the Rackspace integration!
aidos 5 hours ago 3 replies      
This is probably a good time to ask about how people handle transactional email generally.

I had a play with Mailgun a while back (and others, Mailgun felt nicest to me) but there was a feature that seemed to be missing from them all.

How do you handle rules between outgoing emails?

For example, say there's an email that gets sent out on a user action, but you only want to send it out once a day. It feels to me like I should be able to set rules within Mailgun to say, only send out this email every x minutes, or, don't allow it to go out if another type of email has gone out before etc.

Is there a way of dealing with that? At the moment we have to put all those rules into our app, and it seems like something the app shouldn't have to deal with.

lubos 3 hours ago 1 reply      
Nooo. I absolutely love this company. The last company I loved this much was JungleDisk and we all know what happened to it once Rackspace acquired it.

This is not such a great news for customers. Sorry.

jmcnevin 7 hours ago 2 replies      
Rackspace customers can use SendGrid to send up to 40K emails a month for free. I wonder how this might impact that deal.
bryanh 3 hours ago 0 replies      
Congrats guys! We just started using you not too long ago and have been impressed the whole time.
sgrove 5 hours ago 0 replies      
Wow, that's great to hear - especially that Mailgun will continue along as-is. Their support has been phenomenal, and we've been extremely happy users.

Congrats to Ev, Taylor, and the rest of the team!

martindale 2 hours ago 0 replies      
Man, would it be nice if the local mail function on Rackspace servers was directly connected to Mailgun and billed to my account.
savrajsingh 4 hours ago 0 replies      
Congrats. Mailgun is a great product, hope the service continues!
unfoldedorigami 7 hours ago 0 replies      
Congratulations Mailgun. You guys deserve it.
nikita 4 hours ago 0 replies      
Congratulations to the mailgun team!
k33l0r 8 hours ago 0 replies      
That link should probably point to the permalink for the blog post: http://blog.mailgun.net/post/30381960476/mailgun-is-being-ac...

Edit: The link appears to be fixed now.

ericfrenkiel 3 hours ago 0 replies      
congrats Ev and Taylor!
BenjieGillam 6 hours ago 0 replies      
Congratulations guys - great product, well deserved acquisition :)
memnips 6 hours ago 0 replies      
Congrats! I love the service.
tomjen3 6 hours ago 11 replies      
Anybody know a good alternative? It seems that aquired SAS means they will either suck or close.
kategleason 6 hours ago 0 replies      
buster 8 hours ago 5 replies      
Soooo.. they are sending mails?

Not to be rude or anything, congrats! But from the website itself it sounds like "woohoo, we can send email". Atleast the features page lists 99% standard-mail features like "can send mail, can do SPF, can do DKIM, can filter mails"..

I guess that's not why they were aquired, so what is the real value of the company?

1 million accounts leaked in megahack on banks, websites theregister.co.uk
67 points by j_col  6 hours ago   25 comments top 9
tomku 4 hours ago 0 replies      
This is the same leak that claimed to have "CIA records", which actually turned out to be from http://ciaservices.com/ instead of the government agency. There's a lot of hype surrounding this that seems to be total bullshit. The "1 million records/accounts" includes a lot of trivial, non-sensitive information, and the targets are mostly low-value to begin with. Seems like someone just ran a bunch of SQL injection attacks on random vulnerable websites and is trying to pass it off as grandiose political activism.
droob 6 hours ago 1 reply      
"Team GhostShell said the online leaks, which are part of its Project Hellfire campaign, were made in protest against banks"

Hey there, lady trying to make a car payment! Hey, guy checking his balance before he buys groceries! Your bank's a dick, so we ruined your week. Hope that's okay.

polyfractal 6 hours ago 0 replies      
A small-ish blog post by Imperva security discussing the leak: http://blog.imperva.com/2012/08/analyzing-the-team-ghostshel...
peterwwillis 5 hours ago 2 replies      
Ahhhh, we've come full circle. Back from the days when script kiddies would DoS a site or 'crack' a telnet password, then deface and claim they have street cred.

I would love to find someone who has actual street cred and had their account information released by these chuckleheads, and put them in a room together.

This isn't about politics. I doubt these losers even know anything about the companies they attacked. Fucking douchebags.

However, I should also blame the companies involved here. If they can afford $1000 for some kind of web app firewall they probably could have detected sqlmap raping their site with faulty queries.

aswanson 6 hours ago 1 reply      
Even if the original article capitalized the "million", it's good practice here to convert to regular capitalization when submitting. It just reeks of loudmouthed sensationalism and linkbaiting. I refuse to clickthrough on such submissions.
jpdus 6 hours ago 2 replies      
Semes like a linkbaiting headline (of the original article) once again...
Don´t see these "1 MILLION" accounts anywhere an neither the mentioned blog post [1] nor the original announcement at pastebin [2] does mention that. (EDIT: The pastebin statements indeed mentions "one million accounts/records leaked", buy thats not quite the same imho (emphasis on "records").

The blog post states explicitly that "a lot of the stolen content did NOT include any sensitive information".



sp332 5 hours ago 0 replies      
Posted a couple days ago http://news.ycombinator.com/item?id=4435348 not much discussion though.
TazeTSchnitzel 6 hours ago 1 reply      
What's megahack? Is it run by Kim Dotcom?
trekkin 6 hours ago 2 replies      
> An analysis of the hacks by security biz Imperva reveals that most of the breaches were pulled off using SQL injection attacks.

Client-side encryption, even in JS, would have prevented this, it seems.

The Andreessen Horowitz Effect techonomy.com
36 points by rrbrambley  4 hours ago   7 comments top 3
pg 1 hour ago 2 replies      
“They are overpaying for deals,” says one VC

This is false. If anything they can get lower prices than other investors due to their prestige.

(If you're wondering why a VC would say such a thing, it's the one thing a competitor could say that could raise doubts in the minds of LPs, the people who invest in VC funds. AH's successes are obvious, so the only way to spread FUD about them with LPs is to imply that they're paying too much to get into those successful deals, and that their returns will thus be proportionately lower.)

ChuckMcM 2 hours ago 0 replies      
I wonder how close this is to the 'ebay' effect, basically before ebay existed there were garage sales and flea markets that people would go to in order to buy junk. Something I was familiar with was old computers, they were just fun to buy for a few bucks and get them running again. Something cool about getting a machine for $5 that you knew sold new for $100,000 up an running 'like new.' (albeit it could be emulated by a modern PC at a much faster rate, that wasn't the point :-)

Then Ebay came along and opened up the market to a lot more people, and the people in that market actually had a sense of what some of this stuff was worth (primarily to folks keeping legacy systems alive) and prices shot up.

What was worse was that at the flea markets now vendors wanted 10x what they wanted before for their junk. And if you offered them a more typical amount they would say "Nah, I'll just go sell it on Ebay rather than take that offer." So you could get a discount (sort of a real world buy it now) but your leverage was greatly diminished.

In the world of investing, and Venture Capital specifically, I think Andreessen Horowitz brought a better understanding of value to the table. That meant that VCs that used to be able to get away with underpaying were forced to stump up closer to market value and that makes them grumpy. Just like I was paying $50 for a DEC VAX that I knew I could have had for $5 before Ebay ruined things.

programminggeek 4 hours ago 1 reply      
It sounds similar to the pricing effect that Apple has on suppliers. By buying out the existing supply of a component, it drives up the price on the component for everybody else, giving Apple that much more advantage. If Andreessen Horowitz can pull the same thing against other VC's, well that is going to make them that much more profitable over the long haul.
Tom Knight, Godfather Of Synthetic Biology, On How To Learn Something New fastcompany.com
8 points by tokenadult  1 hour ago   1 comment top
ScottWhigham 15 minutes ago 0 replies      
Save yourself the time: " I like to read books, three or four at a time. I rarely read books all the way through. I'll get a few books on a subject--you want single-author books, someone with a well-defined point of view--and read a section, and then switch to a different book and read about the same thing. I keep switching back and forth--it's a great technique because you get to look at the same subject from many people's perspective. That turns out to be actually really useful."
Google Consumer Surveys Election Center google.com
4 points by seregine  25 minutes ago   discuss
American Houses Are Still Much, Much Bigger Than They Used To Be npr.org
30 points by pg  4 hours ago   23 comments top 9
breckinloggins 2 hours ago 2 replies      
I've gone from small places to large places and back, and I can see the appeal of both. One thing that's nice about a bigger house is that you can have special purpose rooms. If you have only a living room but would love to have a pool table, you're either out of luck or need to convince whoever you're living with (sometimes yourself!) that it's ok to stick a pool table in the middle of the living room. Or you have to compromise and get one of those "pool table slash foosball table slash pingpong table" things that are pretty much worthless.

Another example is home theatre. It's true that you can just put a big tv and surround sound in your living room, but that more often than not screws up the decor and larger purpose of the living room as a family gathering spot. When you have a dedicated room, you can go nuts with the stadium seating and all of that.

That said, I've downsized in the past two years from a two story four bedroom house with a yard to a one bedroom apartment. I'm now preparing to spend the next several months in an RV. I'm actually much, much happier with this arrangement.

For some, space is a true necessity (large families that wish to keep their sanity). For others, space is a luxury that they can afford and that truly makes them happy. For people like myself, though, I've found that I only wanted what I thought space could get me... "breathing room". Turns out I needed psychological and intellectual breathing room more than I need more physical space. Perhaps that will change as I get older, but right now I'm glad I learned that I can be happier in far less space. The freedom, flexibility, and lower financial burdens this affords are well worth the cost of having to move a table every now and then.

ChuckMcM 2 hours ago 2 replies      
And backyards are getting smaller.

If you look at the whole trend, houses are bigger, lots are smaller. One of the more interesting things I found in England when my sister was living there was that many folks had a small house but a large garden, because they spent most of their 'home' time in the garden rather than indoors. Whereas in the US there are a lot of people for who the 'garden' (or the yard as we yanks refer to it) is just a maintenance nightmare. Going so far as to install artificial turf to reduce the time burden of keeping it looking nicely.

I think it is sad if people don't get out much, but recognize that more and more of folks leisure time requires more electricity than is available out there.

ktizo 11 minutes ago 0 replies      
Does this mean that in the future, all houses will be massive and all the doors will be circular and we will just roll between all the rooms like giant beachballs made of meat?
Alex3917 2 hours ago 0 replies      
Ever notice that the bathrooms in houses built in the 60s are tiny, in houses built in the 90s they were enormous, and now they're roughly back to 'normal'? I wonder what this says about society.
debacle 2 hours ago 1 reply      
My home is 1300 square feet. 800 more square feet would be a 20 x 40 room. I don't know what I would do with that much space, but chances are it would make my wife upset. That's a vast amount of space - my first office was only 300 square feet and that included the bathroom and was room for three of us with plenty of space.
dsr_ 2 hours ago 1 reply      
And all the rooms are the wrong size.

(That's a joke.)

I suspect that the size of each kind of average apartment has not changed much over the last few decades. One bedrooms are still about 650 sq ft, two bedrooms about 780. Big buildings are designed for efficiency over the long term, and don't partake in fads so much.

When you go out and buy a house, there's an inclination to buy as much house as you think you can afford. More space is more flexibility, after all, and after years living in not-quite-enough space, you want all that you can get.

kevinpet 2 hours ago 0 replies      
Single family homes may be a declining fraction of housing, and the lower end may be getting replaced by townhomes or condos.
amalag 3 hours ago 1 reply      
The sound insulation inside US houses is also terrible. Maybe people wouldn't need so much space if they had some decent sound insulation between rooms. Otherwise it is the simple case of having a better house than your acquaintances and thinking of the extra space as an "investment".
EliRivers 1 hour ago 0 replies      
Here in the UK, about 850 sq ft is the average for a new home. Less than half. Please do not complain about having lots of room until you've had to live here :)


When it comes to governments and houses, the British public are idiots who accept whatever is waved in front of them

Play mario to navigate this website concetto.co.in
25 points by sherjilozair  2 hours ago   10 comments top 8
Smudge 47 minutes ago 0 replies      
Sometimes, if you really know your target audience and how they'll respond, it's okay to create what might typically be considered a UX nightmare. I'm not convinced that this was one of those times, but I could be wrong.
Kiro 8 minutes ago 0 replies      
Reminds me of http://www.effectgames.com/games/mariodemo/ which is also made with divs only (no canvas!).
Yhippa 36 minutes ago 0 replies      
I wouldn't want to have to use their site all the time in this way but I really enjoyed this. Talk about "gamification" of your website!
pavel_lishin 1 hour ago 0 replies      
Cute, but surprisingly difficult to get to some places. (Also, wouldn't be surprised if Nintendo lawyers came knocking.)
saygt 2 minutes ago 0 replies      
A lot of painful movement bugs
dakotasmith 1 hour ago 1 reply      
Cute and potentially litigious.

Hope that is what you were going for.

icefox 19 minutes ago 0 replies      
In Chrome and Safari I can't get past the instruction screen :(
jbupit 1 hour ago 0 replies      
Awesome site. Navigate enough and you'll find a hidden 'Star' on the home page behind the Events pipe. :D
Craigslist is on board: OpenStreetMap soars to new heights arstechnica.com
4 points by evo_9  27 minutes ago   2 comments top 2
latchkey 1 minute ago 0 replies      
OSM is great, except they don't provide a https solution for their tiles, which is necessary if you run your site over https. It is easy enough to setup a free nginx proxy on heroku to workaround this issue (which then sits behind cloudflare for transparent caching), but it would be nice if OSM just provided https.
dredmorbius 4 minutes ago 0 replies      
The good news: CL now show a map on the listing itself (previously you had a link to a Google Maps page), which makes it somewhat easier to tell where a listing is located.

What's still missing is the geographic overview that PadMapper offered. If you want that experience, and access to CL listings, your best bet appears to be the "CLMapper" Chrome extension, which pops up a two-panel brwoser window with listings on the left, map on the right, and coordination between the two (hovering over a listing URL highlights the map pin, hovering over a map pin scrolls to and highlights the listing entry).


The observation that GoogleMaps commercial terms-of-use is increasingly driving third-party sites to free and open alternatives is noted. With irony.

Show HN: A versioned filesystem inspired by Git github.com
95 points by artagnon  9 hours ago   40 comments top 13
tolmasky 5 hours ago 3 replies      
OK, first off -- awesome! Secondly, I have a number of questions that probably have to do with the fact that I'm unfamiliar with a lot of this stuff.

1. Would it be possible to build this fully on top of git (perhaps using libgit2)? I ask, because the "holy" grail for me is finding some magic way for my designers to use git without knowing it. Right now my designers (and I think most non-programmer people), love to use Dropbox. Dropbox has a number of issues as a shared project tool in my perspective (not the least of which being that you are only allowed ONE dropbox account per computer, so you start having a shared folder mess and your dropbox begins to balloon in size on every computer with that account). It appears that something like this could look like Dropbox to everyone disinterested in vcs and act like Git to everyone else who cares.

2. The other reason for libgit2 is to ideally also git-push after every edit/save, to something like github.

3. Max OS X support please :)

tensor 3 hours ago 0 replies      
This is relevant:


If only half the stuff done by the likes of IBM and HP were to make it into common usage the world would be a very different place.

akg 7 hours ago 1 reply      
Congrats on a tremendous technical feat!

Any advantage of using a full-scale FS over something like git-annex (http://git-annex.branchable.com/)?

gcr 4 hours ago 1 reply      
Can this handle large binary files? That's been my main problem with storing backups of my servers in git, and it's one of the strong-ish points of git-annex.

There seems to be nothing inherently limiting in Git's repository design. Interested parties can look into bup, for example, which stores large binary files in git's packfile format. https://github.com/apenwarr/bup

adam-a 7 hours ago 1 reply      
Sounds a bit like ZFS snapshots[1]. I always wished that would catch on a bit more, seems like it would be very useful.

[1]: http://en.wikipedia.org/wiki/ZFS#Snapshots_and_clones

mosburger 6 hours ago 4 replies      
Nice! Reminds me a bit of a better version of VMS's versioned filesystem.

Also: I'm old enough to have used VMS's filesystem. :(

al3xbio 8 hours ago 1 reply      
Nice. Why not use libgit2 (https://github.com/libgit2/libgit2)?
nicholassmith 7 hours ago 0 replies      
This looks pretty good. I had a look at doing something similar (but wayyyyy smaller scale than full FS), and gave up as there was many dragons. Nice to see someone pull it off.
icebraining 7 hours ago 1 reply      
Extremely interesting. I wonder: when does it "commit"/create a new rev?
jeremyjh 6 hours ago 1 reply      
Very cool. I would like to have some automatic revisions for example of my /etc tree.
jblz 5 hours ago 1 reply      
This is tremendously cool!

Any plans for MacOS (or other *nix) support?

prezjordan 7 hours ago 0 replies      
Wow, awesome project!
BananaBread: 3D first person shooter game compiled to JS+WebGL mozilla.org
53 points by robin_reala  7 hours ago   22 comments top 9
pmr_ 3 hours ago 1 reply      
I'm wondering: Was the technique of compiling from C++ to JS primarily for code reuse? I always perceived the ability to code in something else besides C++ as one of the main advantages of the whole "Games on the Web" thing.
idm 4 hours ago 1 reply      
It took a few tries on OSX/Chrome (no relevant errors from the console to report) but it seemed to be more reliable when running inside a "fresh" tab as opposed to one I had already reloaded several times.

Having played it, I must report back to say: this is stunning. It's wicked fast. Wow. Just wow.

FrojoS 2 hours ago 0 replies      
Very impressive!

Was playable in low-ress mode, though sometimes laggy, on my 2010 MacBook Air with Chrome.

stcredzero 3 hours ago 1 reply      
"Banana Bread" was also the name of a very early and very obscure erotic adventure game on the Apple II.
wazoox 1 hour ago 1 reply      
Alas, unplayable with a non-QWERTY keyboard.
magikbum 6 hours ago 1 reply      
Tried playing but didn't load. The demo video though looks amazing.
EastCoastLA 4 hours ago 0 replies      
Should have evolved some element for the http://www.ludumdare.com/ event.

Maybe next time ;)

crowhack 3 hours ago 1 reply      
tried it in chrome windows 7, got error pointer lock/mouse is missing, any ideas?
circa 5 hours ago 0 replies      
looks awesome.. i'll try it when i get home.
       cached 28 August 2012 22:02:01 GMT