hacker news with inline top comments    .. more ..    19 Jan 2013 News
home   ask   best   6 years ago   
What every programmer should know about time unix4lyfe.org
87 points by arb99  3 hours ago   43 comments top 19
defrost 2 hours ago 3 replies      

50 year old numerical / geophysical / real time data acquisition/processing/interpretation programmer here.

Unix Time isn't much chop for "real time" continuous data from the "real world" - it's those pesky leap seconds. If you bother to read the first paragraph of the wikipedia article on Unix Time you'll see :

> Unix time, or POSIX time, is a system for describing instances in time, defined as the number of seconds that have elapsed since midnight Coordinated Universal Time (UTC), 1 January 1970,[note 1] not counting leap seconds.[note 2] It is used widely in Unix-like and many other operating systems and file formats. It is neither a linear representation of time nor a true representation of UTC.

It follows on with a definition of Unix Time and points out various examples when it is ambiguous. These are real issues and can occur when missiles fly, when planes navigate, and when stocks are traded.

Time is tricky.

lmm 3 minutes ago 0 replies      
Third point is worded really unclearly. GMT still = UTC (modulo seconds point that has been made elsewhere). BST = GMT + 1; British time is either GMT or BST depending on the time of year.

Advice to display an offset when displaying a time is wrong or at least incomplete; you should display a symbolic timezone (i.e. "London" or "Eastern US" etc.) as that's what's going to be meaningful to someone reading it.

lysol 1 hour ago 2 replies      
> When storing time, store Unix time. It's a single number.

Don't do this in your database. Use your datetime types. Please. You might save some work with your timezone but you're not going to be able to use intervals etc in a smart way.

This would be even dumber with PostgreSQL, which has much more robust date/time functionality (being able to use the - operator with datetimes and intervals, for example) and completely sane timezone support.

dmbaggett 1 hour ago 1 reply      
Also worth noting: there are many time zone variations beyond DST, and some are defined in terms of partial hours (30 or 15 minute variations).

True story: when I was at ITA Software, Orbitz ran hundreds of instances of QPX, our low fare search software, on their own servers. We had an ops fire drill one weekend because customers were complaining that the site was showing incorrect prices. The root cause? A single machine in their server farm had the time wrong, so advance purchase was computed incorrectly for any query sent to that particular machine. That was fun to debug.

Even the meaning of, say, a minium stay requirement is hard to precisely define. If you fly across the international date line and back on a Friday night, did you have a Saturday stay or not? There are so many flights going so many places, questions like this actually come up in practice.

timthorn 2 hours ago 0 replies      
GMT is not an old name for UTC. From http://www.bis.gov.uk/files/file32707.pdf :

Coordinated Universal Time (UTC) is based on International Atomic Time (TAI), but offset by an integer number of seconds so that it remains in approximate agreement with more traditional time scales based on the Earth's rotation (i.e. Universal Time or, equivalently, Greenwich Mean Time). There is no natural gearing between TAI and GMT and so additional ‘leap seconds' are applied when required to keep UTC in agreement with GMT to the nearest 0.9 seconds (see notes on time scales in Annex A for background information). UTC is the global standard for civil-time keeping today. It provides the most stable time base available because it is based on TAI, but also acts as a good approximation to its antecedent, GMT, for everyday purposes.

InclinedPlane 1 hour ago 1 reply      
Who was the genius who decided that unix time should handle leap seconds? It seems like such an obviously bad idea. The biggest advantage of unix time has always been that it is monotonically increasing and that it is precisely defined as seconds since the epoch, period. And then all of that is now broken because of this decision.

Also, does the problem that the leap second solves actually warrant all of the problems that it causes?

mmahemoff 32 minutes ago 0 replies      
Formatting timestamps is a difficult decision for REST APIs to make. I polled my networks a while back and got pretty much divided responses [1]. In the end, I opted for milliseconds over ISO 8601 and I've been happy with that choice for ease of processing and debugging, especially as I'm now using the same values in the URL for caching purposes.

1. Google Plus conversation remains https://plus.google.com/106413090159067280619/posts/Wtkhk9jU... Good luck finding it on Twitter

speeder 1 hour ago 0 replies      
He did not mention the issue that some processors might have different time counting for each core, sometimes resulting in very silly situations if you are reading time in milliseconds or below scale.

For example: I had a game that physics behaved "woobly" in multi core systems. The issue is that as the OS juggle your process around, you get the delta time since last physics step inaccurate, sometimes even with backwards jump in time ( and according backward movement in the game ).

Later I saw someone showing the effects of this on the file system, with a multithreaded file copy resulting in very strange timestamps.

For my game, the solution was force time-dependant threads to request affinity with one core.

albertzeyer 1 hour ago 2 replies      
This topic comes up again and again. But I mostly read only about the problems, not about the solutions.

This post advises to use Unix timestamps. That's already what I'm doing mostly everywhere. And it seems to me like most people do and like this is somewhat accepted as the best available option - but still not perfect.

Then I am wondering again: Isn't there really a perfect solution? Esp., the problems with Unix timestamps are the non-monotony and that e.g. two equal timestamps can actually represent two different times (seconds). This could be bad in cases where seconds matter (e.g. some log-files which need to be very precise about time).

Maybe TAI is and we all should store TAI timestamps instead of Unix timestamps? But is there an easy way to get TAI timestamps? Also, I haven't really seen other projects doing this - why? Maybe it is just too little gain over Unix timestamps and too less tools available to work with them... Btw., I just checked, there is http://cr.yp.to/libtai.html and http://pypi.python.org/pypi/tai64n, maybe I should just start using that.

This of course still doesn't solve anything about synchronization or inaccurate system clocks but it would be better than Unix times.

Edit: Getting the TAI timestamp is probably not easy or maybe even not possible... I just saw this: https://github.com/stoni/libtai/blob/master/tai_now.c ...

tantalor 22 minutes ago 2 replies      
> A time format without an offset is useless.

Not necessarily. The time might be "floating time", i.e., depends on some local context.

For example, the show starts at 10 pm 19 Jan 2012. You don't need the time zone because people going to the show know what 10 pm means locally.

NateEag 1 hour ago 0 replies      
As the article hints, even though timezones are usually presentation-only, there are some cases where business logic really does have to deal with timezones.

If your software has business logic that cares about, say, what day a specific person perceived an event as happening, it needs to think about the timezone they have set.

So, in such cases, you'd better keep a history of all the timezones they've ever chosen, and the time (UTC) they changed them.

(Hopefully this lets someone else avoid my past mistakes.)

egonk 16 minutes ago 0 replies      
> When storing time, store Unix time. It's a single number.

This won't work for any system that allows users to schedule events in the future. Let's say that you agree for a meeting in Moscow 1 dec 2013 3pm. The actual (astronomical) time of meeting might change significantly if they change daylight saving rules. So you need to store something like "2013-12-01 15:00 Moscow", there's no way around it.

chmike 31 minutes ago 0 replies      
I disagree that Timezone is just a presentation issue.

When information is to be transmitted between timezones, you want to be able to determine the locale time of the sender or the information relays. This is why you'll find a time zone information in dates and time stamps in mail headers.

This is also why ISO 8601 bothered to standardize specification of the time zone.

kator 2 hours ago 2 replies      
Funny I read the title and thought: TVM but then realized it was the age old quest for time keeping and dreaming of ways to track it with reasonable sanity.. :-)

Bonus points for anyone who knows what I mean by TVM and can describe why every programmer should know about it..

khitchdee 1 hour ago 0 replies      
I guess a related question is how do you synchronize a users perception of time with a program's perception of time -- a program that the user is interacting with. To effect this synchronization, you somehow need to know of the latencies involved in the user initiating actions that the program can sense and when those actions register with the program and in (latencies involved with) the program initiating actions that the user can sense and when the user senses those actions.
patrickmay 1 hour ago 0 replies      
Erik Naggum's "Long Painful History of Time" (http://www.scribd.com/doc/93991574/Erik-Naggum"ALongPainfulH...) is well worth reading, too.
stanonyime 1 hour ago 0 replies      
The relativistic warping of space-time forbids standardization of time measurements
wereHamster 2 hours ago 1 reply      
He missed to explain TAI and its relation with the other times.
Microsoft's ARM blunder: 7 reasons why Windows RT was DOA theregister.co.uk
23 points by bane  1 hour ago   16 comments top 3
brudgers 54 minutes ago 6 replies      
If Microsoft was a B2C company, the article would be spot on. They are not, however, Apple. They are primarily B2B. Windows didn't come to dominate the desktop because consumers loved it. It dominates because it provides a value proposition to businesses. Success with consumers is part of that value proposition, and one of the things which gives it an advantage over Linux.

RT is a long term strategy. It's not a tablet OS. It's the phone too, just not yet, fully.It's not targeted at consumers. It's targeted at enterprise.

As a B2C company, Apple will not offer a roadmap or backward compatibility. Google being an advertising agency, will always seek to read one's data. Microsoft knows what it is.

mittermayr 36 minutes ago 1 reply      
to be honest, what fascinates me is that microsoft seems to have invested a lot of work the past few years to bring forward a pretty decent line up of integrated products. if you want windows and office like you had, that's fine. and much of the windows 8 UI disaster was actually made up by the press to have a great story, even that one video with the guy's dad. i was shocked when i saw that. then i installed windows and while setting up my account, it actually taught me about the new things pretty well. there's room for improvement for sure, but compared to apple, they do not only need to come up with a reasonable set of visible features (yes, this is how the masses work, not us here), but also make these mostly visual features feasible for business and consumers. people tend to forget that talking about 'business' does not mean a brooklyn hipster photography shop, or a startup (although there are just as many employees there) - it means a small shop in india, a global giant like boeing or a government system in germany (munich switched back).

and, in all that chaos, they need to present a clear thread from the mobile sales guy to enterprise software, from consumer home to consumer mobile.

apple is basically focusing on getting the story at home right. now they have the luxury of adding to that, which they become less and less effective at. the iphone was fantastic, and my home is now equipped fully with apple. but it sucks that this is where the story ends, at least for now (i'm sure they've figured this out already).

i'd love to see microsoft getting a bit more love, honestly. all these guys working hard, being the 'bad guy' since the 80's and everyone forgetting that there's a reason they're still in business, were never close to being shut down and very rarely every fire more than a few people. when they do, it's even in the news (last firing spree iirc was 2000 employees, 3 years ago or so, with +100k staff).

very sad that the 'press' still finds it lovely to tell us all how much microsoft really sucks. i love visual studio, i love c#, i love my iphone but man the windows phone 8 is so smooth and great to use, i love the macbook it beats any other notebook, but I also love windows 8 and the freshness of it.

what a drama world.

dschiptsov 35 minutes ago 0 replies      
Excellent slogan: Microsoft: The software stinks

or it is better suited for Java?

MIT legal gave up on Xbox hacker bunnie, too bunniestudios.com
95 points by irq  4 hours ago   23 comments top 6
joezydeco 1 hour ago 1 reply      
Sorry to be a little cynical here, but I have a couple of questions.

1) Was bunnie's hack of the Xbox keys a MIT-endorsed project? Was it part of his degree work or something he did on his own time?

2) If the work was independent, what's MIT's obligation to shield bunnie in a legal sense? If it wasn't, did MIT step in and say "hey, this might piss off Microsoft if you do this" or was the work just put out there with unknown some degree of oversight?

3) bunnie was an MIT student, Arron was not. The statement "MIT gave up on me too" kind of implies the situations were similar. Were they?

Don't misunderstand me, I have immense respect for bunnie and hackers of his breed, but these things are just bugging me.

dshep 4 hours ago 1 reply      
Favorite quote:
"It saddens me that America's so-called government for the people, by the people, and of the people has less compassion and enlightenment toward their fellow man than a corporation."
michaelfeathers 3 hours ago 0 replies      
In the US, prosecution has become a punishment that overwhelms any eventual sentence.
dshep 3 hours ago 3 replies      
"I started rebuilding my life overseas, and I find a quantum of solace in the thought that my residence abroad makes it a little more difficult to be served."

Does this mean things are better outside the US these days?

drawkbox 2 hours ago 2 replies      
Cruel and unusual punishment via prosecution. Prison threats for non-violent crimes. I agree, things have gotten carried far away.
rdl 3 hours ago 0 replies      
Are there other universities known for being better at this than MIT?
Kim Dotcom's New MEGA Encrypted Cloud Storage: See No Evil, Store No Evil forbes.com
52 points by akosner  3 hours ago   35 comments top 14
WA 12 minutes ago 1 reply      
MEGA could be the only cloud storage I'd actually start trusting. I don't use Dropbox, I don't use Google Drive or anything else, because I'm not interested in other people being able to peep at my data.

While I don't perceive Dotcom as a trustable character, his incentive to NOT store any encryption keys on the servers is much higher than any of his competitors.

thoughtcriminal 2 hours ago 3 replies      
Personally, I can't wait for this. Yes, I have a Dropbox account and have for years, but I like the ideology behind this, and lately the US government doesn't seem to be all that concerned about the liberties of its citizens - or citizens of any country.

I'm just wondering if it has a desktop sync like Dropbox. Now that would be MEGA.

ninetax 2 minutes ago 0 replies      
So this says all files will be encrypted with RSA, doesn't that mean who ever wants to access them needs the key? Is this just not a successor to Megaupload then? How will sharing files publicly work? Or will it at all?
hcarvalhoalves 1 hour ago 0 replies      
I like this guy, he's beating copyright enforcers at their own game. That's literally DRM the other way around.
eps 1 hour ago 1 reply      
I'm getting a blank page with a simple

  Access Denied

when trying to access https://mega.co.nz. Is anyone else getting the same?

Kudos 1 hour ago 2 replies      
While it sounds like it would be great for secure archival storage, I can't help but worry that it would disappear one day in a raid.
speeder 1 hour ago 0 replies      
My associate is really wanting it. Not because it was Megaupload, my associate is very much against piracy...

But he is a privacy nut, has truecrypted hard drives, and was sad there was no encryption on Google Drive.

Now this has encryption, and office tools in the roadmap, I can see the excitement of a person against piracy can have!

keithpeter 1 hour ago 0 replies      

The Guardian interview linked from the original article is worth reading.

akosner 1 hour ago 2 replies      
I like the logical chess game that Dotcom is playing here. Even if everybody knows that some of the storage will be used for copyrighted material, it can't be proven that ANY of it is. There are many legitimate reasons why people want secure, encrypted and private storage, so innocent until proven guilty (which can't be proven!)
cdash 26 minutes ago 0 replies      
He just posted on twitter a new music video it seems.


00dgm 1 hour ago 0 replies      
From his twitter feed just now:

"In 3 hours it will be exactly 1 year after the US government destroyed #Megaupload. In 3 hours #Mega will be born."


edit: that'd put Mega online ~10:45am PST

dannyrosen 2 hours ago 7 replies      
http://www.spideroak.com has been doing this for years. Nothing new to see here.
jtreanor 1 hour ago 0 replies      
Mega's launch site (http://kim.com/mega/) appears to be down. It does seem to be getting lots of attention.
sgarbi 1 hour ago 0 replies      
down for me
The Creepy Details of Facebook's New Graph Search eff.org
31 points by petrel  2 hours ago   6 comments top 4
brown9-2 42 minutes ago 0 replies      
This feature has rolled everyone, by default, into a dating service ("Single females in San Francisco who like Radiohead") and a marketing database ("People under 25 who like Coca-Cola").

This assumes that the advertisers didn't have access to searches like this already. That seems very unlikely.

_dark_matter_ 1 hour ago 1 reply      
Seems to me like Facebook was already using these "creepy details" on a daily basis in targeted advertisements. I looked through the ad process, and you could choose any of the options they have in the article (age range, likes, location, etc.)
mbesto 1 hour ago 0 replies      
Just so I understand this correct, if everyone is only sharing things explicitly with friends or friends of friends, doesn't that render the open social graph search useless?
Techasura 1 hour ago 0 replies      
One thing you should know is,
the search has become more easy rather than typing some name in search and selecting "education,location,workplace".
SO, the search i believe has now been turned out more like ruby syntax.
Alias.sh | Manage, share and source your aliases online. alias.sh
23 points by motyar  2 hours ago   3 comments top 3
johnpmayer 26 minutes ago 0 replies      
I'd like to sign up using github, since that's a sensible authentication method for a developer-centric community.

> Update your user profile.

Why is this required? I very much like my profile the way it is. What do you plan on adding? Is this just poor wording in the github auth API for something that really doesn't mean "change my email, location, and availability for hire?"

hpaavola 2 hours ago 0 replies      
http://news.ycombinator.com/item?id=5053370 previous discussion few days ago.
marshallford 19 minutes ago 0 replies      
I really like this.
Send a Facebook message to anyone's inbox, for free lukasklein.com
120 points by lukashed  7 hours ago   25 comments top 9
peterkelly 1 hour ago 3 replies      
I heard that apparently there's a thing called "email" where you can send messages to anyone for free.
DennisP 4 hours ago 1 reply      
It's kinda sad that Facebook gives people a way to rat people out for using fake names. I hope they don't see much usage.
martin-adams 4 hours ago 2 replies      
I'm sure this is probably a quick way to get your account shut down as sending reports that aren't valid concerns would probably be frowned upon.

Good find though.

alttab 1 hour ago 0 replies      
Sounds like the job of a junior-level developer at Facebook, without the product management oversight of the feature. Whoopsie.
benjlang 5 hours ago 0 replies      
Have you sent this post to Mark Zuckerberg using this tactic?
jmix 5 hours ago 4 replies      
I wonder how much time the OP provided to FB to respond.
justplay 1 hour ago 0 replies      
i just found i have "other" folder in my fb
cihad 5 hours ago 1 reply      
does not work anymore
JonasKingsley 7 hours ago 0 replies      
Good exploit:)
Luddites: Rage Against the Machine thesmartset.com
12 points by lquist  1 hour ago   discuss
Breaking the MintEye image CAPTCHA in 23 lines of Python jwandrews.co.uk
52 points by cidquick  5 hours ago   18 comments top 9
paulgb 28 minutes ago 0 replies      
For those interested, the minteye captcha has been broken by other methods as well.

TTS: https://gist.github.com/4520930

Laplace: https://gist.github.com/4564489

Fourier transform: http://nbviewer.ipython.org/urls/raw.github.com/rjw57/mintey...

martinced 2 hours ago 2 replies      
Love it. +1.

But wouldn't an obvious answer to this be to use a background full of swirl, then add people onto it, then swirl again (so the background swirl is swirled twice).

Then when you'd be "deswirling" with you code, you'll be finding something always swirled?

maybe even use a background who's "swirled right" and then "swirl left" the "backgroung + people" (or nyan cat or whatever)?

Goranek 3 hours ago 1 reply      
Hhahahaha, comment on the blog

"Please post the Visual Basic codes for this. The language you post in the article is not Visual Basic.

Thank you."

xD God !

mistercow 2 hours ago 0 replies      
That's a really clever way of detecting the swirl effect. As for simply measuring overall sharpness, that could be thwarted by normalizing the FFT after swirling. That wouldn't help against the sum-of-edges technique though (in fact, it would make it worse).
buster 3 hours ago 0 replies      
Its actually a super fun excercise to do. I did that years ago with a browser game that showed images on login, some years ago. Also with python. It was a fun learning experience because it's so much more visual then your typical "todo list tutorial" or "hello world".
StavrosK 3 hours ago 1 reply      
Very interesting article, and an insightful realization. I had no idea Sobel could do that.
flaviojuvenal 1 hour ago 0 replies      
remembered me of how Interpol was willing to keep the reverse twirling capability as confidential: http://thelede.blogs.nytimes.com/2007/10/08/interpol-untwirl...
borplk 3 hours ago 0 replies      
I'd love to see MintEye respond.
Goranek 3 hours ago 2 replies      
Breaking captcha is bad, mkay :)
O'Reilly donating ebook "Open Government" as a tribute to Aaron Swartz github.com
302 points by code_chimp  16 hours ago   19 comments top 7
thangalin 13 hours ago 5 replies      
I'd like to see more than an Open Government. I'd like to see a web site developed where people read about issues of interest, learn about the benefits and drawbacks to upcoming policies at a centralized location, see how those policies affect budgets (federal, provincial, or municipal), and provide a simple voting mechanism to get a general sense of how agreeable people find the policy. More than that, it would be amazing if people could contribute to the discussion in a moderated fashion (with moderators selected at random, for random intervals of time, to avoid herd-mentality).

Something like this:

1. https://bitbucket.org/djarvis/world-politics/wiki/Interests%...

2. https://bitbucket.org/djarvis/world-politics/wiki/Policy%20P...

3. https://bitbucket.org/djarvis/world-politics/wiki/Debate%20P...

4. https://bitbucket.org/djarvis/world-politics/wiki/Supporting...

For anyone curious about the project, check out:


juddlyon 15 hours ago 0 replies      
That's a nice gesture by O'Reilly. Salute.
wamatt 7 hours ago 0 replies      
Kudos for a thoughtful gesture from O'Reilly.

It does make one wonder, has openness in Government increased under the current administration or not?

While the reality might remain elusive, my sense is, at a minimum, the perception of openness, has strengthened with the public.

egeozcan 2 hours ago 0 replies      
This is such a nice gesture! However I have a (maybe small) concern: They use creative commons no derivative license. Doesn't that make forking pointless, if not a breach of terms?
ouroboros 15 hours ago 2 replies      
for a split second there I read this as Papa Bear O'Reilly donating the book. During that split second my brain was almost fried trying to make sense of how he could have written a book titled "Open Government"
LuisD 14 hours ago 0 replies      
Is it on ResearchGate? http://www.researchgate.net
grogenaut 11 hours ago 0 replies      
They mean Bill not Tim.
Nginx Requests/Second " RaspberryPi vs Amazon EC2 evilsoapbox.com
32 points by chris_j  5 hours ago   26 comments top 13
chaz 4 hours ago 1 reply      
EC2 micro instances throttle down very heavily if you use CPU for more than a few seconds at a time. Other instances allow you to burn 100% CPU all day, but not the micros.


CJefferson 4 hours ago 2 replies      
This is interesting. One obvious question, although a little tricky to test. Did the raspberry pi get an advantage by being in the same room as you?
Nikkau 7 minutes ago 0 replies      
A blog is nearly a read-only webapp, it's the easiest type of website to scale.

If you can't avoid 502s with trafic HN can make, you should'nt do benchmarks about hosting matter.

jvc26 4 hours ago 0 replies      
Google Cache link - http://webcache.googleusercontent.com/search?q=cache:http://... currently main content not working for me.
simontabor 3 hours ago 1 reply      
Very unfair to be using a t1.micro instance, they're only meant to give very short bursts of power and don't give any dedicated hardware (so giving the hardware specs is pointless).

Do a new benchmark comparison vs a m1.small and it'd be interesting. I bet the small wins by an absolute mile.

FiloSottile 4 hours ago 2 replies      
Already down with 502. <joke> Was the blog hosted on the RPi? </joke>
loeg 2 hours ago 0 replies      
Fwiw, CascadeLink is a high-speed apartment building ISP in the Seattle area (or at least, I that's why I recognize the name). Some of my friends get 30/30 for $40/mo.
ck2 4 hours ago 1 reply      
File-System: ext4

Why would you use a journaling file system on a sd card?

Actually I take that back, I was not aware ext4 performance has been improved over ext3 and even ext2

and apparently in ext4 you can even turn journaling off entirely.

cbg0 4 hours ago 0 replies      
There is a bit of overhead since you are in a virtualized environment on EC2, plus the "micro" instance does not really give you a dedicated processor core - you're sharing CPU time with other instances.
jkat 4 hours ago 3 replies      
We just finished doing some video encoding testing on a few different platform and EC2 (along with EC2-based offerings) are considerably slower and more expensive. Although 10x more expensive than a 3930K, a cc2.8xlarge instance was only 1.75x faster.
mariusbutuc 2 hours ago 0 replies      
Guess what, 502 Bad Gateway!
mocko 3 hours ago 0 replies      
I get "502 Bad Gateway". Oh the irony.
Railyo - job board for Rails Freelancers railyo.com
12 points by rk0567  2 hours ago   13 comments top 7
bdclimber14 21 minutes ago 1 reply      
Having started a job board before (orangeslyce.com), one recommendation I have is to pre-seed the board with jobs to help get over the chicken/egg problem. You can hustle analog and get some posts or even copy quality postings off other sites. Sure they won't be paying customers, but it's kindling for the fire and gives the appearance of social proof.
bdclimber14 25 minutes ago 1 reply      
I tried to register 4+ times with a password that included special characters, but each time it said my password didn't match. Once I changed it to an insecure password, it went through. I could have been bad typing on my part 4 times, but... you may want to test this.

Also - It doesn't appear that the profile visibility dropdown gets repopulated after form submission failure with the previously selected option.

theflubba 3 minutes ago 0 replies      
rails -g scaffold developer name:string desc:text

post to hacker news

orangethirty 1 hour ago 2 replies      
I got your cold email the other day. About the 3rd cold email I've gotten from an HN user. I was happy. Anyhow, your email copy is not very good. Work on it. I also replied to the email and you never answered? If you contact me then reply. You lost your chance, because I know a lot of Rails developers.
caioariede 1 hour ago 0 replies      
If you are a Django developer, there is a similar approach:


yixizhang 1 hour ago 2 replies      
Is that I'm the only one think the site itself proves Rails isn't the silver bullet to solve all web application requirement out there? You guys could have done a way better job.
rk0567 2 hours ago 0 replies      
JavaScript Quiz Set bolshchikov.net
24 points by bolshchikov  4 hours ago   5 comments top
borplk 3 hours ago 2 replies      
Second example, "function scope"

"Based on knowledge of several other languages (such as Java or C), this would certainly be true. However, Javascript doesn't change scope when entering if statements, loops, or anything like that, really."

Dude what the hell?

In Java and C, 'if' blocks don't have their own isolated scope either. The equivalent Java or C code would also work perfectly fine.

Stripe Checkout stripe.com
476 points by illdave  23 hours ago   157 comments top 48
aresant 23 hours ago 3 replies      
One of the bread & butter services @ ConversionVoodoo.com is fixing broken UI's around checkout / carts.

I have yet to meet a retailer that we can't hit at least 15 - 25% improvement in sales by testing and fixing their checkout.

Take those gains and multiply that times the entire internet and Stripe has the opportunity to make a major impact on the GDP (I'm only half kidding).

A few years back I shared one of our "low hanging fruit" cart optimization strategies that almost always works:


Despite being nearly 3-year old advice, moving security / trust symbols into the visual field of sensitive information remains an easy conversion gain that we see STILL work nearly every time to the order of 5 - 10% gains.

But the current reality is that even being able to test your checkout process on most of the leading "off the shelf" ecommerce platforms is an incredible pain in the ass (I'm looking at you Magento, Oracle ATG, etc)

If Stripe executes on this idea - scaled cart testing - every dollar that an organization pays for Stripe fees is easily cancelled out by a properly optimized checkout form. This is huge.

slig 23 hours ago 2 replies      
For those of you reading Third-party JavaScript[1], check out their source https://checkout.stripe.com/v2/checkout.js it's uncompressed!). There's a lot of stuff to learn there.

[ 1]http://thirdpartyjs.com/

callmeed 23 hours ago 1 reply      
I'm hesitant to add this to https://www.bngal.com because it seems like there could be usability issues if you need to capture other information on a single checkout form (email address, shipping address, shipping method, etc.).

It seems like a customer would do the following:

- Fill out all data except billing info

- Click the "Pay with Card" button

- Overlay comes up, they enter billing info, then click "Pay $X"

- Overlay closes, token is passed back to form, form is automatically submitted via JS

The proof is in testing and data of course, but my gut tells me people prefer just a single form and button. That's why I like the original checkout method.

The mobile part is great BTW.

jhuckestein 17 hours ago 0 replies      
This is great, good work!

It looks like `token` is the only callback you can pass to the popup and it receives nothing but the stripe token. Is there any reason not to include more information?

For comparison, this is what stripe.js gives you

id : "tok_u5dg20Gra", // String of token identifier,
card : { // Dictionary of the card used to create the token
name: null,
address_line1: "12 Main Street",
address_line2: "Apt 42",
address_city: "Palo Alto",
address_state: "CA",
address_zip: "94301",
address_country: "US",
country: "US",
exp_month: 2,
exp_year: 2012,
last4: "4242",
fingerprint: "BzXGiNioaEH4iECL",
object: "card",
type: "Visa"
created : 1358552058, // Integer of date token was created
currency: "usd", // String currency that the token was created in
livemode: true, // Boolean of whether this token was created with a live or test API key
object: "token", // String identifier of the type of object, always "token"
used : false, // Boolean of whether this token has been used,

My app uses this information. So as much as I want to, I can't just drop in the new code.

I could use Stripe.getToken but I don't see why I need the extra roundtrips to the server (one for stripe.js, one for getting the info about the token)

Edit: Never mind, I didn't read the docs carefully enough. The callback receives all that, my bad. In the stripe.js docs the parameter is called response and in the new one it's called token. Sorry ;)

vezycash 9 hours ago 0 replies      
Hey stripe listen. Redirecting to stripe.com is STRESS but its good for users because of security.

The overlay can (and would) easily be imitated by crooks who want to steal credit card details.

It would be much safer for users if you offer a paypal-like service where you store their credit details before hand. If you do this, then this is what should happen.

If the users has already logged in, then the overlay would simply be selecting the amount to pay (which coincidentally is shorter for users) and optionally, which source of fund to deduct from if user has multiple credit cards stored.

Security of funds is more important than ease of use.

eagsalazar2 23 hours ago 2 replies      
Unless you are doing very simple ala carte purchases this button reduces total complexity by maybe 5%. If you are doing subscriptions, with coupons, with trial periods, creating users at the same time, wanting to show the user their coupon/trial status, last 4 of their CC, send emails on failed payments, cancel accounts on failed payments, let people update their card, etc, etc, etc it is still very complicated to get all that integration correct.

What stripe needs to do is sponsor the development of an official rails gem that handles all these things like ActiveMerchant (plus views people can then hack on like normal rails views). Many people are implementing these things over and over again, probably including stripe developers themselves for their own side projects. It is a huge waste of effort and source of bugs for everyone.

One nicely written gem that integrated easily with common practices for User models and people could integrate stripe with a simple "stripe_user :subscription, :email_notify" whatever. That would be awesome.

I realize rails is not the entirety of their business but I'm just saying it would make me and a lot of other people happy.

goronbjorn 22 hours ago 1 reply      
This is kind of similar to Gumroad's Overlay: https://gumroad.com/overlay
josscrowcroft 22 hours ago 2 replies      
Christ alive I hope Stripe get over to the UK soon.
orangethirty 19 hours ago 1 reply      
Dear stripe,

Hurry up and offer a ckeckout with stripe option. I'm tired of dealing with Paypal. Thank you.

coderrr 6 hours ago 0 replies      
Has anyone else not been receiving 'charge.succeeded' events on their Stripe webhooks? We have been receiving all events except that one, even when all charges are succeeding as verified through the management panel. This is a big problem as that is the event that's used to actually process a payment and create a new account.

The problem seems to have been going over for around 8 hours now.

We've received no reply from their support in 4 hours.

Anyone have any ideas how to get in contact with them at this time?

csense 6 hours ago 0 replies      
The site describes the popup as an "overlay." Another commenter used the words "div popup."

I'm writing this on a machine with Chromium and Firefox on a nearly new Linux Mint 14 install (all packages are up-to-date) with no browser extensions or other weirdness. When I click the "Pay with Card" button in the article, both browsers open it in a new tab.

Are my browsers broken, is Stripe's code broken, or is there some miscommunication about what the button is supposed to do?

sjs382 23 hours ago 0 replies      
This is great, and I've implemented it on two different sites so far. It's great to be able to tell a client "Just go to Stripe.com, link it to your bank account, and add my email to the account" rather than setting it all up from scratch.
sachinag 23 hours ago 1 reply      
Why ask for the name on card? That's not auth'ed.
substack 13 hours ago 0 replies      
What a crazy coincidence, I just factored out my company's payment widget code into a reusable module a few days ago:

Basic example: http://substack.net/projects/pricing-widget/basic/
Fancy example: http://substack.net/projects/pricing-widget/browserling/

ChuckMcM 20 hours ago 1 reply      
That is really nice. Love the integration hooks as well. Next up is a 'we know who you are' stripe cookie that would let you "pay with stripe" on web site A without entering any of this data. Or, for the paranoidish "Enter your StripeID: xxxx" pause "Enter the code we just texted you: xxx" thanks!
juzfoo 23 hours ago 3 replies      
Just confirming, this is the same solution that was earlier published as Stripe Button right?
tocomment 23 hours ago 1 reply      
I'm confused, so say I put this button/form on my site.

How does my app tell the button the final price?

How does the button send the token to my app?

What does the user see after they pay? Does the button display its own receipt or do I build that?

pclark 21 hours ago 0 replies      
Has anyone ever tried making the credit card box freeform? Where there are no rules. Just type your credit card number, your 3 digit security code, your expiry date, and name, and the form works out what entry is what data. I wonder if it would be easier to out weight the confusion of a user trusting a computer.
kemiller 22 hours ago 2 replies      
Can you style it to match your page?
madaxe 8 hours ago 0 replies      
It's nice that you say it works in all major browsers, but the mobile support is poor. No chrome.

Short-sighted... Mobile is growing at a crazy rate in ecommerce.

MicahWedemeyer 21 hours ago 1 reply      
I love it, but for my app we charge subscriptions with a free trial up front. Do you have any suggestions on how to phrase the wording so it's clear that the charge isn't going to happen right away?
askar 19 hours ago 1 reply      
Stripe is pretty cool. We've been using it on http://www.IslamicEventFinder.com and was the best library experience to integrate. A few things we noticed, the CVC check is not as impressive, it charges the card even if the CVC is not correct, at least we've seen in a few instances. Other than that it looks solid.

Would prefer some sort of a seal or something on the popup to indicate that their payments are safe, a few clients asked. At least an option to customize displaying that seal would be great and also may be the type of credit cards Stripe accepts.

Is this Checkout thing same as Stripe.js? I didn't get a chance to checkout (lol) this fully yet!

frankdenbow 21 hours ago 0 replies      
Added this to https://www.startupthreadsmonthly.com a few weeks ago and have had good success with it. Easy to implement and trigger from js. Still pulling in conversion numbers but users have said they like the flow.
silverlight 23 hours ago 1 reply      
Does this mean the older Stripe Payment "Tag" is deprecated? We're currently using it to great success, but I'm no longer seeing it mentioned in the docs. I don't really want my users to have to press an additional button -- right now as soon as they're on the payment page the form is right there waiting to be filled in.
knes 23 hours ago 2 replies      
gaaaahhh please let me play with it! Can't you come to europe, or at least UK ?!?!


gfodor 22 hours ago 1 reply      
Any Stripe employees want to comment on the idea of integrating this with a native iOS app via a web view? My guess is it will still be too clunky vs building your own, but the benefits of continued improvement may be worth it.
purephase 23 hours ago 2 replies      
Very neat.

Just wanted to add, the demo works if you use the 4242 sequence for all fields (YMMV).

slajax 23 hours ago 0 replies      
Very cool. Good job.

How about the ability to subscribe someone to multiple subscriptions now?

nudge nudge.

Goopplesoft 23 hours ago 0 replies      
Great looking checkout form. Stripe's adding some clutch features, somewhat seem to be evolving for just payments for developers to payments for developers and others.
tocomment 23 hours ago 2 replies      
Can anyone point me to a tutorial showing me how to integrate stripe with Django?

I think it would be clearer if I saw some examples.

jchung 23 hours ago 3 replies      
Recurring payment friendly?
humbyvaldes 23 hours ago 1 reply      
This is cool but Im confused about the workflow

On a signup form:

1. Enter email

2. Enter password

3. Click the Stripe checkout button, div popup, fill in and click pay, popup goes away, Token created and added to the form

4. User clicks submit on the original form

Is that right?

terrellm 23 hours ago 3 replies      
Wow looks nice. Is an SSL certificate still required since the JS is on Stripe's secure server?
programminggeek 21 hours ago 1 reply      
This is going to lead to phishing. Obviously the possibility is already there, but something tells me that once users get used to this, it will be lead to credit card fraud.

Not on a secure site? Well, the stripe widget just popped up, so it looks legit...

You get the idea.

tocomment 22 hours ago 1 reply      
Is there a way I can dynamically change the data-amount, data-name, and data-description fields with Javascript depending on what the user clicks?

I'm picturing the user clicking a checkbox for an add-on product without having to make a round-trip back to the server.

koa 14 hours ago 0 replies      
Does anyone know of a tutorial or some skeleton code samples that allows you to build an embeddable website widget like this?

From what I can see, there are 2 iframes for the button and the hidden overlay. Clicking on the iframe button enables the overlay via some sort of iframe to iframe communication on the parent(host) page

vickytnz 20 hours ago 1 reply      
Yeah, all good and well … but I just used this with a UK Visa Debit card (which are pretty strict in terms of acceptance) on Gumroad, and not only did the thing not verify without a name, but my card got flagged for fraud and frozen until I contacted my bank! I'm pretty nervous about using it now.
tocomment 23 hours ago 1 reply      
What do you recommend if I need to support users without Javascript? (I'm guessing this button isn't for me?
zerop 22 hours ago 0 replies      
Stripe, When are u going to support Micropayments??
melvinmt 23 hours ago 2 replies      


It looks nice but every payment solution where the client can arbitrarily change the amount they're going to pay is inherently flawed.

nickporter 22 hours ago 1 reply      
Thank you for mobile support! You guys are truly awesome. If only you would allow me to accept payments without a business and bank account number, like PayPal does...
pbreit 23 hours ago 0 replies      
Good idea but I hate the box rising from the bottom.
zyang 23 hours ago 1 reply      
Does it do address verification?
jcarden 23 hours ago 0 replies      
Awesome! I'm ready to use this.
pdsull 19 hours ago 0 replies      
Looks great. Any plans to include a coupon code field with this?
flexterra 22 hours ago 0 replies      
I'm going to use this to replace Paypal's "Buy now" button on my blog
meh01 19 hours ago 0 replies      
Needs support for a list of items (like PayPal shopping cart API functionality), not just one item.
pilom 23 hours ago 0 replies      
U.S. Senator Questions Attorney General about Aaron Swartz senate.gov
362 points by danso  20 hours ago   134 comments top 15
tptacek 19 hours ago 27 replies      
This is the same hyperpartisan Senator who was at the forefront of the effort to deny habeas rights to Guantanamo inmates; he was also involved in the Bush wiretapping scandal.

Expect to see lots of superficial genuflection from Republicans towards the Swartz case; the GOP is in a constant low-grade conflict with the Democratic DoJ.

Here, let me put it this way: what do you honestly think Aaron Swartz would think about this clown using his name to score political points?

TWAndrews 17 hours ago 2 replies      
Regardless of eventual outcome, I think it's probably safe to say that Ortiz's post-Justice department political career is probably done.

I don't see how she could win a democratic primary in Massachusetts anymore--too many other ambitious Dems who'd have field day with this, and Republican opposition will keep her from being appointed to anything requiring confirmation.

It's a lot less than she deserves, but there's some gratification in the thought that the over-aggressive prosecution which was most likely designed to advance her political career will prevent it.

politician 19 hours ago 0 replies      
"Finally, the U.S. Attorney has blamed the “severe punishments authorized by Congress” for the apparent harshness of the charges Mr. Swartz faced. Does the Department of Justice give U.S. Attorneys discretion to charge defendants (or not charge them) with crimes consistent with their view of the gravity of the wrongdoing in a specific case?"

Interesting game of "hot potato" going on. Nonetheless, I applaud Sen. Cornyn for asking these questions.

danso 19 hours ago 1 reply      
It's worth noting that Cornyn, though not an official PIPA co-sponsor, wasn't someone who was much against it either (until after the blackout)
msandford 19 hours ago 0 replies      
I don't care if this is blatant pandering or not; At least he's asking some of the tough questions. It's good to see someone other than Lessig saying "I'm not sure this was appropriate"
greesil 19 hours ago 1 reply      
I'm sure this senator is doing this for political points (+10 points for Gryffindor), but we can still be glad for the pressure applied to the DOJ.
smogzer 18 hours ago 0 replies      
Puppets, strings, now it's calling for it's right of FOIA ? Can't they just recognize they should not have the right to mess with individuals, specially if no harm is done.

These prosecutors jobs is a dream job for psycopaths, jack the ripper would exceed in a job like this.

We need the hacker news party.

denzil_correa 9 hours ago 0 replies      
IF Only, this was done earlier. Any system which requires a health check when the water rises above your head is a bad system.
honu 18 hours ago 1 reply      
The good news is that some good questions have been asked, and the reply will be available for scrutiny.

I'm not sure Cornyn was the best member of Congress to write this sort of letter. Yes, he is on the Committee of the Judiciary, but his political leanings might result in posturing that obfuscates the issues we care about. That being said, I'm glad someone asked.

jimfl 15 hours ago 0 replies      
Cornyn has been gunning for Holder for a little while, asking for his resignation earlier last year.


Edit: spelling

mitchi 8 hours ago 0 replies      
Decent letter, I'm glad someone from the Senate stepped up.
I would add this :

Seventh, really? 35 years for a kid who learned his lesson and didn't do something horrible in the first place? Some decency and common sense people.

ChristianMarks 17 hours ago 0 replies      
Holder will reply that the prosecution had nothing whatsoever to do with the FOIA.
stox 14 hours ago 0 replies      
There is nothing new about this behavior, Len Rose went through much the same 20 years ago. Maybe we are finally getting a clue that the system is, in fact, broken.
d0m 17 hours ago 0 replies      
These school baby killers should watch and listen more to politics; maybe they'd find a better target for their suicidal idiosyncrasies.
joering2 19 hours ago 1 reply      
I couldn't read beyond: "The Honorable Eric Holder". Seriously now? This should sound like an insult even to Eric himself.




Apple CEO Cook Gets Deposition Order in Antitrust Case bloomberg.com
21 points by skipper86  4 hours ago   8 comments top 3
JoeCortopassi 2 hours ago 3 replies      
Looking at forests, I always thought it was curious that the top of the trees always fell at the same height. Asked a ranger one day (before smartphones) about this, and he mentioned how the tree that rises above the rest is more prone to get struck by lightning and die. Now I'm sure that there is a variety of biological reasons why that ranger was wrong, but I believe what he said is analogous to what you often see in certain industries. There tends to be a herd of companies closely competing, and every once in awhile one of them leaps ahead with some new product or innovation. But once they are ahead, they become the lightning rod. No longer are the headlines "Car pollution causes asthma in kids", they are now "Toyota cars give inner city kids asthma", or instead of "Movie violence causes kids to be more irritable" it becomes "Billion dollar Batman movie causes man to shoot brother". At a certain point, people are just looking for an excuse to get mad.

All that being said, due to innovation[1] and marketing, Apple became a dominant industry leader. But because of that, they now get attached to anything and everything, because the link bait of a title sells ads for news and magazines. Would this article be more aptly named "CEO's of Adobe, Apple, Google, Intel, Intuit, Lucasfilm and Pixar being deposed in antitrust case"? Absolutely. Would it sell papers? Nope. Instead, the tallest tree in the forest gets the lightning.

[1] The iPod and iPhone launched industries due to the amount of polish and refinement went into them. That was innovation. I know that they didn't invent the things from scratch with individual atoms made of stardust. Every new product would not be possible without thousands of previous inventions.

CoolGuySteve 2 hours ago 0 replies      
I was a software engineer at Apple during this time and I'm sort of pissed about this. It always bothered me that the richest company in the world could be so stingy.

Anyone know if there's a class action coming up or anything?

Tycho 3 hours ago 0 replies      
I doing find the alleged agreements particularly outrageous, personally. I find the common 'confidentiality' clause about disclosing your salary more offensive.
A time for silence lessig.tumblr.com
460 points by danielpal  1 day ago   96 comments top 14
jacquesm 21 hours ago 4 replies      
Lawrence Lessig is an amazing person, and this piece underscores that. I really hope he will find that a time-out will help to heal these wounds and will begin to close the gap. Of all the words written about Aaron's plight these hit closest to home for me and I am halfway torn between following his example of tuning out and re-connecting with those around me (who I've been somewhat neglecting in the last week) and switching into 'action' mode from idle.

If there is one thing that all this has done it is that it has shocked me like not much has done in the last couple of years and I thought I was pretty tough. Lessig is a giant, imagine how much it would take to hurt a man of such stature that he needs to recover incommunicado and contrast that with the piece written by Mrs. Ortiz.

Worlds apart.

javajosh 23 hours ago 9 replies      
This attitude of not taking responsibility for anything, of simply denying reality, not to mention humanity, has a very specific beginning: George W. Bush's defeat of Al Gore. He demonstrated to everyone in government and in the private sector that you can reach out for power, nakedly, without respect to any kind of decency, and take it. And, gasp, the American people would not clamor for justice. They would not demand something (or someone) better. It was a watershed moment for government, when everyone realized: we can do whatever the fuck we want, and no-one can stop us.

And this thesis, hesitant at first, has been demonstrated again and again. By Bush himself - NSA wiretapping, gitmo, the TSA and the most epic 'fuck you' ever spoken to the American people: the attack and occupation of Iraq under false pretenses. Cheney's massive expansion of power of the office of the Vice Presidency was a more subtle but still important expression of this disregard for American oversight. Carmen Ortiz is an Obama appointee, but she is very much a product of the Bush era.

Bush was a wake-up call for all government employees: you have unchecked power. If you want to use it, expand it, abuse it then do it. No-one is going to stop you. Our justice system is so expensive that it's out of reach of most, and really, in the end, you're playing on the same team so go ahead and do what you want. 'Justice' has your back.

But the key to making this power grab work is to follow the Bush playbook: never, ever admit to any wrong doing. Do not, under any circumstances, even acknowledge the concerns of others - except possibly in tones of smirking dismissal and contempt. If you don't follow that playbook, then you give your opponents an opening, and weaken your position. Pretty soon you'll be explaining yourself, and when you're explaining, you're losing. You're losing power.

Stonewall, deny, and fight with every last tool given to you. Do not cooperate or discuss. Force your opponents to find leverage against you: don't just give it to them.

Ortiz is a smart woman, and learned her lessons well.

BenoitEssiambre 23 hours ago 7 replies      
At this point, the DOJ should apologize, investigate internally and fire those who were involved in Aaron's case.

If they refuse and insist that this is business as usual for them then it should be legislated by the government that all previous cases involving heavy handed plea bargaining under the current DOJ staff should be re-opened and re-negotiated under saner conditions.

This is clearly not justice.

Aaron Swartz himself wrote about this kind of situation:

purephase 23 hours ago 0 replies      
Very well put, and surprisingly earnest. I respect Lessig immensely and this sentiment only reinforces it.

There is a very pervasive and troubling thread of professional "politicking" invading every single aspect of our lives both institutional and private. No one cops to anything, no one apologizes, and no one ever sees the errors in their ways. Admitting otherwise is weak and will undermine ones political future, career etc.

It's sad that honesty is no longer the best policy.

RyanMcGreal 23 hours ago 0 replies      
"Ortiz's statement is a template for all that is awful in what we as a political culture have become."
phren0logy 22 hours ago 0 replies      
There are few people I respect more than Larry Lessig, and stuff like this this is why.

Thank you for doing what you do.

res0nat0r 21 hours ago 2 replies      
Everyone is blaming the evil government over this issue. Shouldn't we be blaming Aaron himself; maybe just a little?

Shouldn't someone if they are going to commit an act of civil disobedience be aware just a little bit of the possible consequences?

jamesaguilar 22 hours ago 0 replies      
Honest question: how many felonies the MLK commit? If he committed a lot of felonies but was charged with none, that would be quite surprising.
Daniel_Newby 7 hours ago 0 replies      
I do not understand the hoopla around this case.

Aaron Swartz picked a huge fight with the feds over, well, pretty much nothing. He then proceeded to run a spectacular PR campaign where he rubbed their noses in the Computer Fraud and Abuse Act and the copyright laws.

They did what the feds always do: calmly, carefully beat you to death with a billion dollar prosecuting machine. What happened to him was a foregone conclusion. He basically threw himself off a cliff a year ago.

I am flabbergasted that folks like Lessig, people who appear knowledgable and together, were egging him on. Swartz may have been an overenthusiastic young man, but his elders and advisers knew about Steve Jackson Games. They knew about Mitnick and the hundreds of other crackers, hackers, and phreaks that have been crushed by the Feds. They as good as wrote his eulogy a year ago, and now they cry crocodile tears.

Count me in the ranks of the unimpressed.

Millennium 20 hours ago 3 replies      
"Yes, Ms. Ortiz, you obviously can “only imagine.” Because if you felt it, as obviously as Reif did, it would move you first to listen, and then to think. You're so keen to prove that you understand this case better than your press releases about Aaron's “crime” (those issued when Aaron still drew breath) made it seem (“the prosecutors recognized that there was no evidence against Mr. Swartz indicating that he committed his acts for personal financial gain”). But if your prosecutors recognized this, then this is the question to answer:

Why was he being charged with 13 felonies?"

Swartz was being charged for what he did, not for why he did it. Crimes do not, as a rule, become "better" or "worse" based on why someone does them. I'll buy that this was a misguided attempt at civil disobedience, but the point of civil disobedience is to pay the price: that's where the protest truly begins, not when you do the deed.

pasbesoin 17 hours ago 0 replies      
He is taking a break, for his personal need. I don't think he is advocating that we all do.

Time for us to carry the ball.

Personally, I have no hope in Congress. But I still do, perhaps, have some hope in the people. Who have the power to change Congress, and to reform the judicial system.

For decades, people clamored for "tough on crime". Many of those voices may not change; however, many other voices may arise to insist that we... well, in the nature of things here, "look at the data" and "make some sense".

P.S. I meant to add, that we currently -- as we did last year with SOPA/PIPA, have momentum and national attention. We should not miss the opportunity to take it and use it to (metaphorically) burn away at least some of the corruption before our eyes.

And this should give at least some pause, hopefully, to those seeking to foist ever more corruption upon us. They are relentless; such respite would serve us well while continuing to construct an effective response.

wissler 23 hours ago 0 replies      
What a profound moral sense and courage. We need more people in the world like Lessig.
Create 2 hours ago 0 replies      
To the press " especially the press wanting “just five minutes” " I apologize. This isn't a “just five minutes” story, at least from me.


endlessvoid94 23 hours ago 2 replies      
I know that in our most emotional moments, we tend to act rashly and sometimes say things we eventually regret.

I'm not saying Lessig will regret writing this, but I wonder.

The Prosecution of Aaron: A Response to Orin Kerr thepublicdomain.org
103 points by wglb  12 hours ago   15 comments top 8
jlgreco 8 hours ago 1 reply      
> The implication, it seems clear, is that we should not focus on this one case, but on broader problems in our legal system. This seems to be a straw man. I see no one saying "let's only be angry about Aaron Swartz."

I have noticed several of comments with this "focus on the larger picture" style of criticism here, and frankly I think at this point it amounts to concern trolling. I think this article does a good job of rebutting that sentiment.

jacquesm 10 hours ago 0 replies      
It's a pity this got posted in the middle of the night when it will receive very few votes. It's a really long piece, it is fairly balanced and makes a few excellent points.
mdesq 1 hour ago 0 replies      
The very nature of the legal system is built on adversary. Each side, in general, works to the maximum overall advantage of their client. There is a bit of discretion available, but in general, expect prosecutors to press for maximum overall enforcement of the laws. This is how it works and how we expect law enforcement to act. The laws were generally put in place by legislators duly elected by their constituents. We expect the executive branch to execute, not legislate. Orin's posts seem to be simply pointing out that this case is business as usual. If we don't like it, this should gravely concern us. This type of prosecution is ho-hum, and not just in matters of technology.

Given that the state always has more resources available than individuals it prosecutes, cases like Aaron's are powerful arguments for a limited government. A real limited government, not the kind that just keeps hands off hackers and turns their arsenal of weapons on another class we care about less. I realize this perspective is completely out of vogue these days, but the fact that governments oppress individuals is an age-old truth that needs to be relearned over and over, it seems.

Asking prosecutors to be "nicer" won't cut it. Nor will firing one and replacing them with another, tasked to enforce the same law. We must remove some of their power, meaning many laws need drastic change or repeal. It's sad that it takes a high profile individual to raise concern when plenty of others have been destroyed before and gone unnoticed.

jerrya 10 hours ago 1 reply      

I like reading the Volokh Conspiracy. I disagree with them on at least half of what I read, but their posts and the comments almost always teach me something about the law, and interacting with lawyers, especially when they are wrong, helps take away the halo I seem to hold for them.

And many of them were former hackers, certainly Eugene Volokh got his start that way.

I write this now, because when I have submitted links to HN from the VC, the links seem to go dead pretty quickly, and I think that's a shame, because often what they write about certainly seems well targeted to the hacker community.

That said, regarding Professor Kerr, while I find his posts very informative, I have often detected a weird skew to his analyses.

I am not a lawyer and pretty ignorant and I am certain his analyses are just a zillion times better than anything I could say, but for example, in the Jones GPS case, Professor Kerr was very attached to the raw search and seizure aspects of the case, and seemed to ignore what the implications of his analyses would be in a world of very cheap government installed ALPR devices.

welder 9 hours ago 1 reply      
> If we think [Aaron] was treated poorly, we should realize we are condemning the system as a whole, not just the treatment of Aaron, and we should beware of special pleading for this famous person and friend of the famous; our concern should go equally to the unknown, poor and poorly represented person.
koide 6 hours ago 0 replies      
While I agree with the response in that Kerr has presented an overly condenatory view not necessarily warranted by existing evidence, I have a feeling that Kerr was trying to compensate for the huge amount of pro Aaron noise. Noise that is, likewise, overly simplistic and dismissive of laws and existing evidence.
hkhanna 9 hours ago 0 replies      
This post made me emotional about his death. I really hope people read this to understand what a wonderful person Aaron was.
jerrya 10 hours ago 0 replies      
Thank you for posting this.
Git Legit git-legit.org
134 points by misiti3780  16 hours ago   42 comments top 13
telemachos 15 hours ago 0 replies      
299 days ago - 132 comments: http://news.ycombinator.com/item?id=3752447

168 days ago - 26 comments: http://news.ycombinator.com/item?id=4332971

Not complaining at all about the repost, but I remembered previous discussions and people may find comments of interest there.

ketralnis 14 hours ago 3 replies      
This may be useful for a single beginner working only on their own projects, but I don't really want to be dealing with users submitting pull requests that they've made using a tool that tries to be clever about rebasing and merging. Unless it's right 100% of the time there's going to be a lot of difficult merge work to be done by the acceptor, that the submitter is unlikely to be able to understand how to do if they've been relying on a crutch. They may think they are using git, and see their code appear on github, but for the purpose of patch reviewers/mergers they are using a totally different version control system that can't properly talk to normal git users.
borplk 11 hours ago 1 reply      
Oh fantastic!

More stupid terminology. Just what git needs.

switch, checkout, pull, push, commit, stash, branch, tag, fetch, merge, log, reflog, tree, clone, rebase, squash and cherry pick

isn't enough! let's add

publish, unpublish, harvest, sprout and graft

greghinch 11 hours ago 2 replies      
So basically this is a way to change git's verbs? I haven't ever found them that obtrusive. No worse than learning some language syntax
laurent123456 7 hours ago 1 reply      
This is a nice little tool, however the problem I see with it is that if you learn how to use it, you'll be completely lost as soon as you move to a different computer. You'll basically always have to install it everywhere, but sometime that's not possible. It's much better to learn how to properly use git from the start. Also it's just not that hard to use, so I'm not sure it's useful to add another layer of abstraction.
JesseObrien 15 hours ago 3 replies      
Really not a fan of "sprout", "harvest" or "graft". They're not descriptive of what's happening just by their name.
dkhenry 15 hours ago 3 replies      
I am less interested in legit and more interested in how they extended git to make it so all their new commands worked.
VeejayRampay 11 hours ago 0 replies      
Amongst the usual HN negativity, I'll say that this is nice. Any project aiming at lowering the bar of entry for proper DVCS is more than welcome. And all the commands make sense once you're in the "tree/branches/organism" frame of mind.
pavanky 15 hours ago 3 replies      
There is legit install, but no legit uninstall ? It is as simple as editing the aliases to remove what is unnecessary. But would have expected it to be there.
waxjar 15 hours ago 0 replies      
I get that some of the commands are meant to have some connection with "the trees concept", but I doubt these terms are easier to remember than standard git comments.

Some are much clearer though, especially switch, sync and publish.

tjtrapp 11 hours ago 1 reply      
I feel one would benefit from learning the few simple commands of git versus this abstraction.

once this abstraction leaks (and it will), one will be forced to the git docs anyways.

my $0.02

malkia 15 hours ago 0 replies      
Wondering whether straight install for cygwin would work... Well I guess I have to try.
BadDesign 4 hours ago 0 replies      
Seems legit!
Show HN: Graphs of millions of atmospheric measurements from Android phones cumulonimbus.ca
4 points by cryptoz  1 hour ago   1 comment top
cryptoz 1 hour ago 0 replies      
This is from the pressureNET project, my open source app for Android that collects atmospheric pressure readings from onboard barometers. The linked page opens on Hurricane Sandy.

Download: https://play.google.com/store/apps/details?id=ca.cumulonimbu...

Source: https://github.com/JacobSheehy/pressureNET

Blog: http://cumulonimbus.ca

Also, we were recently featured in Wired Science: http://www.wired.com/wiredscience/2013/01/android-weather-pr...

Questions, comments? :)

Oculus Rift Will Change Your Gaming World tomshardware.com
162 points by mtgx  19 hours ago   77 comments top 20
ChuckMcM 18 hours ago 8 replies      
There is a really sort of chilling feeling when you get really good head tracking and high DPI visual input, it fools your brain enough to move your sense of place.

The absolute creepiest thing I've experienced with this was put the goggles on and have the screens showing the view of a pair of cameras mounted on a telepresence robot in the same room. Then slowly pull the telepresence robot back so that I could see myself sitting there with the goggles on looking around in real time. It literally gave me the shivers.

But creepy out of body experience aside, the challenge then was control. Moving through space with a game controller with full view control can make you feel like you're a quadraplegic in the virtual world. Something that will really be awesome will be these goggles and a Leap Motion controller, so that you gesture around your world. You still don't get to walk (were are those 2D treadmills when you need them? [1]) but its more flexible than a thumbstick and a d-pad.

[1] http://spectrum.ieee.org/automaton/robotics/robotics-softwar...

tarice 18 hours ago 2 replies      
> It may come down to the team adding a small camera on the outside " along with a possible push button " that allows the user to pause the game and see the feed without forcing the user to take the goggles completely off their head.

The idea of a camera to let you see the actual world is pretty nifty. It even comes pre-built with philosophical questions (which is the actual world?).

On the other hand, I can't help but think that the camera could also be used to prevent people from smacking their head into real, physical objects.

Stick a few distance sensors and overlay portions of the camera when an object is too close? It would interrupt the game, sure, but less so than you headbutting your monitor or a wall. Just a thought.

socialist_coder 1 hour ago 1 reply      
I got a demo of the Oculus Rift at this past Gamescom and I was completely blown away. From the second I put it on I knew this thing was gonna rock the gaming world. The realism and "awe" factor is off the charts.

My only complaint in their demo (and something they knew they had to figure out) was separating aiming from looking. In almost every FPS game, where you look = where you aim. With the Oculus rift, this now doesn't make 100% sense. You should be able to look around but still control your aim separately (just like how you do it now with a mouse or control stick).

A lot of people I talk to think the Oculus Rift isn't high enough resolution to be successful. I can see that complaint because on paper it does look low resolution compared to what we're used to now on traditional monitors. But in practice, the low resolution of the Oculus Rift did not bother me one bit. More pixels would have been nice but not necessary at all.

Bring on the Oculus Rift! I can't wait to see this thing come out and see what games people make for it.

falcolas 12 hours ago 3 replies      
Anecdote time.

The last time I played with a set of VR goggles was a few years back, and the technology was certainly not up to this pace. That said, the head tracking was pretty good, particularly for the FPS we were playing.

The problem wasn't in the head tracking... it was that the head tracking was pointless. Since you couldn't realistically look around more than ~120 degrees, you still needed a way to turn around and move. The result is that while the head mounted VR goggles were neat, they were just a trick.

After 30 minutes of play, I found that my head had lolled down to rest on my chest (in part due to the weight of the headset), and I wasn't using the goggles for anything more than I would use a monitor for.

Given that, despite the advances in technology, you'll still have a practical limit on how much your head can turn (and thus still requiring a mouse/joystick for real movement), I have a hard time seeing the niche these will successfully fill.

jiggy2011 17 hours ago 3 replies      
Apart from gaming, there's other interesting things this could do especially with a higher resolution display and fast connectivity.

For example , virtual tourism. Take a safari by streaming a 4K video via a mounted camera on a pivot on top of a truck.

Of course latency induced motion sickness could be a serious issue there but you may be able to get around this by streaming feeds from multiple cameras.

cwilson 13 hours ago 1 reply      
I highly suggest everyone go watch the first season (or even first few episodes) of an anime called Sword Art Online. It's about what will likely be a future iteration of this hardware applied to an MMO. Addiction to being plugged in, death within the game, and which is the true reality are all themes covered.

I never thought I'd suggest watching anime on Hacker News, but this topic proved to be the exception.

waterlesscloud 14 hours ago 0 replies      
All I really want out of this is a Snow Crash game. And maybe for someone to re-license Neuromancer for a game.
politician 12 hours ago 0 replies      
Isn't there a history of VR headsets directly causing brain and eye injury? (Sony, Nintendo Virtual Boy, eye desynchronization) Does anyone know if I am misremembering this, or if not, how the Rift avoids the earlier issues?

EDIT: Nope, I was not making this up... it was Sega VR causing strabismus.



james33 18 hours ago 4 replies      
I think a more compelling idea for having a camera on the outside is to allow for hand tracking within the game. Imaging if Leap-like functionality were added to the Rift. Flying through space in your star ship, you could reach out and actually interact with the controls in your cockpit. I think that could be a lot more compelling than what we are seeing with games on Kinect today.
gavanwoolery 13 hours ago 2 replies      
I have long been a proponent of stereoscopic 3d, but there are still two major problems. One is that is our current realtime rendering methods rely heavily on screen-space operations (blurring, many shadow types, SSAO, bloom, refraction, post-process fx), which confuse the brain when rendered in stereo (I.e. will make things float when the should not). The other problem is focus. In the real world, your eyes move to focus at different distances. Without eye tracking, the system is forced to focus at a given distance (the convergence point for right/left eye images). Still...can't wait for my rift to ship!
mattvot 14 hours ago 1 reply      
I can see this working wonders in the medical field. Imagine doctors able to do pinhole surgery with a 360 camera on a stick and the Oculus.
warrenmiller 6 hours ago 1 reply      
I'm wondering if this could be see for programming?
Infinite screen of data/code, just turn your head.
purplelobster 18 hours ago 1 reply      
This plus body tracking could revitalize arcade gaming.
twiceaday 18 hours ago 4 replies      
... only if game developers fully embrace it.
postscapes1 17 hours ago 1 reply      
Every time I see these referenced I think of Ready Player One and the start of OASIS
calebhc 16 hours ago 0 replies      
I ordered my dev kit a while back and I CANNOT wait to play Doom 3 BFG. I'm not sure if I'll even be brave enough to make it through the whole game. :)
stickydink 9 hours ago 0 replies      
The first thing I'm going to do when it arrives is figure out how to strap a Kinect to my head.
gokfar 16 hours ago 1 reply      
How well would this work for a desktop environment, in combination with a Leap?
abe_duarte 15 hours ago 1 reply      
When is this scheduled to come out for retail???
Your Mac Keeps A Log Of Your Downloads macgasm.net
218 points by fcukdigg  21 hours ago   82 comments top 18
ehamberg 21 hours ago 4 replies      
This is used to show where a program came from the first time you run it. For example, if I download iTerm 2 and then run it, I get the following warning:


phwd 20 hours ago 2 replies      
This is amazing, whoever feels comfortable about it should band together and see what files are in common, or domains. I want to delete this yet I don't. This contains all (most?) of the files I have ever downloaded, those I thought I lost when clearing browsing data from 2008.

My first few files

* Symantec_Antivirus_Mac.dmg

* http://msdn01.e-academy.com|http://download.e-academy.com/do... MSDN Alliance: Free Microsoft Software for Students)

* http://download2.vmware.com/software/fusion/VMware-Fusion-1....

* http://download.skype.com/macosx/Skype_2.7.0.330.dmg

Scary yes (The torrent files) but so much history to look at.

    sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEvents 'SELECT datetime(LSQuarantineTimeStamp + 978307200, "unixepoch") as LSQuarantineTimeStamp, LSQuarantineAgentName, LSQuarantineOriginURLString, LSQuarantineDataURLString from LSQuarantineEvent' | sort

Ordered by date

Evbn 21 hours ago 4 replies      
Guys, guys, watch out, I just noticed that my computer has a copy of all my files on it. Who gave Apple permission to do that? Privacy is dead!
martinced 15 hours ago 1 reply      
"Your Mac Keeps A Log Of Your Downloads"...

In your user account.

There's quite a difference right there. I thought it was some kind of "hidden" file (not unlike the GPS location which was saved by default on any iPhone with a GPS -- up to the latest iPhone!?) which had now been discovered.

It's just in your user account so it's no big deal.

tripzilch 19 hours ago 1 reply      
Hm, they could also have tagged the file as "came from the Internet" in the filesystem metadata associated with the file itself. That way, the "came from the Internet" tag is only around as long as it needs to: for the lifetime of the file. Avoiding the privacy problem, but also more sensible for another reason:

If you'd rename or copy the file, the "came form the Internet" tag will remain or be copied with the file. With the sqlite database approach, either this association breaks, or you need to check the database every time a file is copied, moved or renamed and if it's in there, update the database, if you want to be able to track a file when it's copied or renamed.

I don't know if OSX has extra logic for this, or if they just allow the association to break. But with the metadata tagging approach, you only have to run the tagging logic when the file is downloaded (to set the tag) and when it's about to be executed (to check the tag), not with every other file-operation.

A strange choice, IMO: the sqlite approach makes it harder to achieve the intended goal because you need extra effort/logic required to track a file as it's copied, renamed or moved, while at the same time it makes it easier for an unintended goal: tracking users by keeping the information about the file around even when it's deleted and the "came from the Internet" warning is no longer useful.

barista 21 hours ago 5 replies      
"You should not be downloading anything that you don't want anybody else to know" Eric Schmidt would say
schluete 20 hours ago 1 reply      
Nice article, but unless the database is "VACUUM"ed after the "DELETE" the rows are still readable in the database file.
This kinda defeats the purpose of the whole article b/c the user didn't gain any more privacy than he had before the deletion :
hoov 20 hours ago 3 replies      
Am I the only one that disables this behavior by default?

defaults write com.apple.LaunchServices LSQuarantine -bool NO

Works like a charm...

julien_p 21 hours ago 1 reply      
Files get a "quarantine flag" set on them as metadata when downloaded on OS X. Gatekeeper uses this (along with the developer signature) to check if an app is "safe" to open or not. Not sure where this sqlite database fits in, but it's very likely related to that.

See also https://support.apple.com/kb/HT3662

cynwoody 12 hours ago 0 replies      
You could try something like:

    $ sqlite3 -column ~/Library/Preferences/com.apple.LaunchServices.QuarantineEvents <<END|pbcopy
> .mode tabs
> .headers on
> SELECT strftime('%Y-%m-%d %H:%M:%S', LSQuarantineTimestamp+ 978307200, 'unixepoch', 'localtime') as date,
> LSQuarantineAgentName as App,
> LSQuarantineDataURLString as URL
> FROM LSQuarantineEvent
> --where LSQuarantineDataURLString like '%bankofamerica%'
> order by LSQuarantineTimestamp;

Then open your favorite spreadsheet program and paste in the results.

The 978307200 number corrects for the fact that Apple is using 2001-01-01, the year OS 10.0 was released, as its epoch.

I got way fewer rows than expected. Apparently, downloads by Firefox are not logged. When I screened for B of A downloads, I was puzzled to see only downloads in the past year or so. That's because I only recently started using Chrome to access that site.

Camillo 13 hours ago 0 replies      
Files that aren't quarantines don't seem to end up in that log, unsurprisingly. No images, audio or video files, but applications and archives.
binarycrusader 21 hours ago 3 replies      
And I suspect that if you had a virus scanner installed on windows every file it scanned would be logged somewhere depending on settings.

This post also fails to mention that this is specific to Safari at last check. I don't think Google Chrome integrates with this functionality.

tehwalrus 18 hours ago 0 replies      
I can't see any of my downloads, the database exists but is empty on my system (10.6.8). (and I've sure downloaded a lot of files...)
JC001 19 hours ago 2 replies      
Strange, on my machine this file only contains the URL from when I installed Firefox and a bunch of URLs for Adium updates. Not any of the many other things I've downloaded...

Is it only listing things downloaded through Safari?

newman314 16 hours ago 0 replies      
Actually, there are 2 versions of this file.

Depending on how long you have had your Mac, you will have both com.apple.LaunchServices.QuarantineEvents and com.apple.LaunchServices.QuarantineEventsV2

Naturally, both files will have to be cleansed.

atomical 16 hours ago 1 reply      
I get 'Error: no such table: LSQuarantineEvent'
jqqqz 16 hours ago 1 reply      
Install GNU+Linux, problem solved.
afandian 21 hours ago 0 replies      
Probably not, no.
Twice aubrey.me
245 points by danielpal  1 day ago   55 comments top 12
gatsby 23 hours ago 1 reply      
Fascinating story.

Fast Company did a piece on Bill Nguyen about 18 months ago: (http://www.fastcompany.com/1784823/bill-nguyen-boy-bubble) and included an infographic on his track record:


For a bunch of companies that have widely been considered failures in terms of product and number of users, he has had some unbelievable exits and financial successes.

rdl 1 day ago 3 replies      
The genius here was Bill Nguyen turning a failing company and a pittance $11mm offer from one failing company (Nokia) into an $80-160mm buyout from a real company (Apple), essentially though hustle alone.

But it's zero-sum genius. I can respect him for being good at playing a specific game, but it's not a game I want to play myself.

guptaneil 1 day ago 1 reply      
The point of this post is to talk about Bill's hustling when selling Lala, which is a very interesting story.

The author should have left the last word out to make a much more powerful story about Lala rather than changing the focus of the article to Apple's "genius," especially since there was no genius involved on Apple's part. Just good luck for Apple, and horrible luck for the Color team.

RandallBrown 23 hours ago 2 replies      
I miss Lala, at least the final streaming iteration. It had iTunes Match for FREE years ago. You would upload your library to Lala, they would decide what they already had and just let you stream that, then anything they didn't have would get uploaded. It was iTunes in the cloud. Their webapp was phenomenal, especially by 2009 standards.

I had big expectations for Lala after Apple bought them. I thought they might actually get a true iTunes in the cloud built.

zaidf 23 hours ago 1 reply      
Google was worried, they moved fast.

This is what I'm unsure about: how much of google's worries was a result of Lala being a worthwhile company and how much of it was a result of Bill's propping it up? Let's remove Bill for a minute. Let's say Mr. No-name-CEO reaches out to his contact at Google and presents the deal for Lala. My gut would be that Google guy would likely simply pass on the deal because he doesn't perceive Lala to be much of a competitive threat or a great product, not to mention the little traction they may have had was a result of Google's partnership(which I'm assuming they could easily opt out of). What am I missing? What made google worried, lala inc. or lala inc. with a salesman CEO with an acquisition offer?

aubreyjohnson 1 day ago 1 reply      
The title of this is a little misleading as I don't really discuss anything about Apple acquiring Color. I just link to the rumor articles.
capkutay 1 day ago 0 replies      
He was relieved of day to day activities by the board about a month or more before the Apple acquisition...was that acquisition really his doing?
speeder 1 day ago 1 reply      
I do not understood the tale :(

Why it was genius?

huytoan_pc 11 hours ago 0 replies      
Fascinating story but how is Apple genius here? Was it Apple's all along to acquire Lala, let Lala's engineers go before they exercised their options, somehow made Color a failure, then bought the all the engineers back on the cheap? The real genius (or at least real good biz person) in this story is Bill Nguyen, Apple just did what makes sense for them, it just happens that two of their acquisitions are Bill's companies.
lnanek2 18 hours ago 0 replies      
This is how the Finance people in NYC interview for a job. Give them a number and they'll shop it around and start a competition. :)
alpb 23 hours ago 0 replies      
No mention of the Color in the article, I guess but that was a great story.
sidcool 1 day ago 1 reply      
Why is this top link?
Nokia releases 3D printing files for Lumia phone cases slashgear.com
215 points by kenjackson  1 day ago   32 comments top 14
jeffbarr 21 hours ago 2 replies      
This is excellent, but it it important to see it as more than something that enables you to print your own case.

Think, instead, about the number of times you need some kind of mounting bracket or adapter to connect two pieces of consumer goods to each other. Think about mounting a phone on a car dashboard, or on a bike or motorcycle.

If there are N of the first and M of the second, there's no practical way for any manufacturer to support all MN combinations. As soon as some more companies follow Nokia's lead here, you should be able to combine two models, apply any final tweaks or customizations, and print your own adapter, perhaps even iterating over time as you add subtle new features.

This is the future, and you'd better be ready for it!

slacka 19 hours ago 1 reply      
My company has a variety of 3D printers and we actually produced several iPhone case/adapters in the past. It's a small company, so we all helped out by testing different case designs.

The first round of testing involved a simple case design utilizing all of the plastics and printers that we have available. Most plastics were too brittle and would crack when you snapped them on the iPhone. In fact, only 1 ABS was usable. The consumer models had a hard time with the curved surfaces and felt much grainier in the hand. But once I tried out the final soft-touch part that was produced using injection modeling, I would never go back to the 3D printed model. The difference it feels in your hand is night and day. Oh, and the mass produced cases cost < $.10 per unit. I think we spend more on packing than parts themselves.

3D printers are great for prototyping and hobbyists doing 1-offs. But the tech has a way to go before being useful to the average consumer.

jonemo 18 hours ago 1 reply      
This is nice PR by Nokia but not much more.

Nokia are wrong in saying that they are the first to do this. Granted, Apple didn't realese STL files (which are a huge list of coordinates describing the vertices of triangles). But for several years now Apple released very detailed engineering drawings of their products publicly: https://developer.apple.com/resources/cases/. These drawings are actually useful for someone who wants to design and make their own case, whereas Nokia's STL files only let you reproduce whatever Nokia designed for you (modifying STL meshes is possible but the format limits the possibilities).

I also don't understand why Nokia puts a "noncommercial personal use only" license on this. Isn't an accessories ecosystem something they should want? I would have loved to use this design for adding this Nokia phone to an online customization tool for iPhone cases which I run. Thanks to this license my website will stay iPhone4/5 only.

Footnote: One of the Nokia downloads claims to be "mechanical drawings" but it only contains STL files.

Footnote 2: And why on earth do I have to register as a Nokia developer to get this?

zacharydanger 1 day ago 3 replies      
This is easily the most exciting thing I've seen out of Nokia in years.
jmount 1 hour ago 0 replies      
Its not like you are printing a phone- just a useless case.
vellamike 23 hours ago 1 reply      
Nice. It's been such a long time since I've read something about Nokia and thought, "wow, cool!".
senthilnayagam 5 hours ago 0 replies      
Hope every company starts offering STL files for current and past products.

call me lazy but don't want to signup and login to download it.

FredFredrickson 23 hours ago 0 replies      
This is quite awesome. It's the next logical step from all the custom phone case services out there (mostly for iDevices, it seems).
thechut 23 hours ago 0 replies      
Very exciting concept for Nokia to come up with. Although, I'm not sure it's any more likely to make me buy a Nokia 820 even though I do own a 3D printer.
seferphier 22 hours ago 0 replies      
This is very cool and may become the norm in the future when 3d printers are abundant.

Instead of purchasing expensive cases, consumers can just go and pick their design and colors and print their cases out.

josteink 17 hours ago 0 replies      
While cool, the cynic in me says this is driven by nothing but desperation.
prodigal_erik 22 hours ago 1 reply      
This is clever, though it'll probably disillusion me about whether even tinkerers can take a principled stand against walled gardens.
senekisa 18 hours ago 0 replies      
This is a very cool
Open source game-theoretic poker player github.com
64 points by adamsmith  13 hours ago   29 comments top 7
martinced 1 hour ago 0 replies      
It's Limit Texas Hold'em. (of course)

Limit Texas Hold'em and No-Limit Texas Hold'em, are two entirely different game. They happen to share a few things in common but from a game theory they're two wholly different beast.

They're as different that, basically, limit Texas Hold'em is a solved problem: good bots can rival with the best professional players (playing Limit Hold'em for money online is risky: you can be playing vs a bot or vs someone entering the moves of a bot).

But No-Limit Texas Hold'em? There are players who've won several major tournaments. The psychological element is very, very important.

And unless we make amazing AI discoveries, it's going to be very difficult to write bots able to beat good players at No-Limit Texas Hold'em.

But you can find bots online, even for NLHE, able to beat beginners and the rake at very low limits (called the nanostakes and the micro-stakes, but not above).

Another thing: there's so much money to be made (as in millions of $) by writing a bot able to beat mid-stakes and high-stakes online no-limit Texas Hold'em that the last thing someone who'd write such would do would be to publish it online.

Major sites like PokerStars do pro-actively look out for bots: the EULA states that they have the right to scan the entire memory of your computer and your entire hard disk. And you can't install such a software without giving the root/admin password of your system. And you cannot legally use a VPN: if they detect one you're out (you still technically can if you manage to fly 100% below the radar). And you can't use remote desktops. It's overall very restrictive.

They're regularly busting bot-rings and chinese-colluders rings and confiscating their money (and redistributing it to other players).

And if they suspect an account of multi-accounting, they'll do tricky things like moving and resizing all the poker tables at once, while simultaneously showing a captcha.

If you fail to enter it, you'll have a hard time convincing the site to not confiscate your money...

But back in the wild wild west days, it was amazing: some people had "war rooms" made of tens of PCs, all playing online poker and making very very big money. It was a big business.

But games got tougher, poker "black friday" hit the US hard, bot detection has vastly improved, etc.

So the "gold rush" is over for most botters.

IsaacL 1 hour ago 0 replies      
I wrote a pokerbot for my university third year project: https://github.com/IsaacLewis/FYP. I haven't been able to spend any more time on that project since finishing it (though I wanted to), but I still find the space fascinating.

Unlike the linked bot, which is an "equilibrium" (or "game-theoretic") player, mine followed an "exploitative" strategy. What's the difference? Equilibrium strategies find (or attempt to find) a Nash equilibrium, and follow that. As the OP said, this minimises their losses, but also prevents them exploiting weaknesses in an opponent's playing style. Wheras an exploitative player adapts its strategy to take advantage of its opponent, but that leaves it open to being exploited itself.

The OP used RPS as an example - it's clear that the Nash equilibrium is picking each move with 1/3 probability. No matter what your opponent does, your expected value is 0. But what if your opponent decides that they will always pick rock? The EV of the equilibrium strategy is still 0, but you could switch to an exploitative strategy of always picking paper, in which case your EV is 1. For this reason, exploitative strategies will almost always win multiplayer RPS tournaments, because they can consistently beat the weaker players, whereas the equilibrium players will stay in the middle of the pack. It might seem like a surprising result that playing an exploitative strategy always leaves you open to exploitation yourself, but the maths works out.

If you an intuitive grasp of this idea, consider that to exploit your opponent's strategy, your play must be adapted based on observations of their play. But this means they can play with style X, leading you to play style X' which is dominant, before they catch you out by switching to style X'', which dominates X'. If you have experience playing poker with competent humans, they do the same thing.

In computer poker, AFAIK equilibrium players generally perform better. I think this is because poker is a more complicated game than RPS, so both humans and bots consistently make mistakes, so just playing solidly gives equilibrium bots the edge. But writing an exploitative bot is still pretty interesting, because it seems closer to human poker, which is more about bluffing and outthinking your opponents than mathematically optimising your play.

My bot wasn't especially interesting - it was based on an existing algorithm called Miximix, and I used Weka to try and machine learn a model of the opponent's strategy. Still, it could do interesting stuff - eg, if it played against an opponent that could be intimidated out of hands by large bets, it would realise that it could bet large without having good hands - ie, it successfully taught itself to bluff. What I thought would be really interesting was a bot with multiple-level opponent modelling - "what does my opponent think I have?" or "what does my opponent think I think he has?". Good human players think this way, and "recursively modelling other minds" seems integral to conscious thought, so it'd be cool to look into in more depth.

The other thing that would be cool to look into is "explanation-based learning". Normal machine learning approaches require large amounts of data to draw inferences, but human poker players seem capable of forming conclusions about their opponent based on very limited information. Explanation-based learning uses a domain model to help this.

Hmm, writing this comment has reignited my interest in this space - I really should dig out my old code and work on this again some time.

moccajoghurt 9 hours ago 1 reply      
There is actually a business behind bot-poker-player.

I have played about 20k tables Texas Hold'em Double or Nothing and stopped playing after 6 months with a profit of 1000$.

I have met quite a few bots and an experienced player will most likely recognize such bots. However it took a while to realize it and I had to look up the stats in order to see it.

The algorithm the bot used was really simple. In poker terms you'd call the bot-player a rock. He bets when he has good cards and will always go all-in whatever happens after the flop.

You'd think that this algorithm is too simple to be succesful but that's wrong. There are two factors that make this strategy profitable:

1. If you play on low limits the players usually play incredibly aggressive and will nearly always lose a lot of money whenever your bot bets.

2. Even if you have a winrate of only 55% (which is necessary to not make a minus, because you never play for free, there is a fee for each table) you will make profit because of the cashback your online poker provider will give you after each month.
This is also why you have to play a lot of tables. The bot played about 800 tables each day, which is insane. However it does increase the cashback and the more you play, the more money will get each month.

philh 1 hour ago 0 replies      
> But we can compute the optimal strategy for an abstract version of poker that, for example, during pre-flop betting treats pairs of aces the same way as pairs of kings.

Not a big deal, but the wording of this seems off. It doesn't sound like you're computing the optimal strategy for poker-prime, where poker-prime has the property that in pre-flop betting (but nowhere else?) pocket aces are no more valuable than pocket kings.

Rather it sounds like you're computing a sub-optimal strategy for poker, by taking an optimal strategy and making it computationally simpler at the expense of some correctness.

unreal37 10 hours ago 3 replies      
OK now that Chess and Jeopardy have been conquered.

I wonder if no-limit texas hold'em poker is something that massive computing power can consistently conquer as well. Imagine if you had 10,000's of instances of EC2 churning at playing one hand of poker against the world's best opponents...

Is it possible?

orensol 2 hours ago 0 replies      
Will be interesting to see how/if it can scale on cheap cloud based cpu oriented machines, such as Amazon High-CPU instances.
mbell 10 hours ago 0 replies      
Interesting, how much did you try to optimize this code? Some of it is a bit fishy.
'I Have a Dream' Posted in Defiance of Copyright for Internet Freedom Day mashable.com
165 points by zoowar  23 hours ago   44 comments top 16
jivatmanx 22 hours ago 1 reply      
You can also sing the happy birthday song for him on MLK's birthday, in defiance of copyright.

This is even more apt than you think:

"In the 1987 documentary Eyes on the Prize about the US Civil Rights Movement, there was a birthday party scene in which Dr. Martin Luther King Jr.'s discouragement began to lift. After its initial release, the film was unavailable for sale or broadcast for many years because of the cost of clearing many copyrights, of which "Happy Birthday to You" was one. Grants in 2005 for copyright clearances[15] have allowed PBS to rebroadcast the film as recently as February 2008.[16]"


danso 22 hours ago 2 replies      
One of the most famous (perhaps the most famous) speeches in our televised history...and now come to think of it, I don't think I've ever heard it in its entirety.
Create 19 hours ago 0 replies      
While Dr. King is primarily remembered as a civil rights leader, he also championed the cause of the poor and organized the Poor People's Campaign to address issues of economic justice. Dr. King was also a fierce critic of U.S. foreign policy and the Vietnam War.

In his “Beyond Vietnam” speech, which he delivered at New York's Riverside Church on April 4th, 1967, a year to the day before he was assassinated, Dr. King called the United States, quote, “the greatest purveyor of violence in the world today.” Time magazine called the speech “demagogic slander that sounded like a script for Radio Hanoi.” The Washington Post said King, quote, “diminished his usefulness to his cause, his country, his people.”

Today, we'll let you decide. We play an excerpt of Dr. King's speech “Beyond Vietnam.”


jwb119 22 hours ago 4 replies      
> "[The video is] copyrighted so what we are doing technically is illegal"

> "We think we have an excellent argument for Fair Use since it is clearly part of political speech and we are not making any money off it."

So which one is it, guys? Not illegal if it's fair use.

vertr 23 hours ago 2 replies      
I find this funny because Martin Luther King turned out to be a plagiarist.
slacka 21 hours ago 1 reply      
These draconian laws like DMCA, SOPA, and copyright extensions that pushed though by the RIAA and MPAA are suppressing our creativity
http://www.youtube.com/watch?v=tk862BbjWx4 and are destroying our cultural heritage.
To top it off, their outdated business model leaches most of the money from the artists.
Copyright needs to be reformed. Some changes that I'd like to see are:

* Abolish the Digital Millenium Copyright Act.

* Intellectual property should be taxed like real property.
It is an asset with a value, right? If you no longer make enough to pay your taxes on it, it goes to the state to dispose of.

* Copyrights are supposed to be an incentive to create. One that lasts unto your grandchildren are a dis-incentive, because not only are you not creating any more once you are dead, neither are your descendants. Copyright should last half a working lifetime (20 years), to encourage people to continue to create.

* Someone who makes copies without permission should pay a fine, but it should be at the regular royalty rate for the item x copies made. So upload a song, it's iTunes price x number of downloads, with perhaps a factor of 3 penalty to discourage doing it, not $150,000 per copy.

If you care about copyright reform, you can donate money to the EFF or at least sign this petition urging reform.

jamesbritt 21 hours ago 0 replies      
Happy Internet Freedom Day!

[Void where prohibited by law.]

maeon3 22 hours ago 0 replies      
the united states judicial system discriminates against programmers, giving 10x the sentences for equivalent crimes in other older offenses like armed robbery. downloading a file can get you more jail time than waving a gun around in a populated area demanding money.

I demand to be treated equally. that means when a senator gets caught bribing for millions in personal gain, he gets put away for 35 years, as an example.

RyanMcGreal 23 hours ago 2 replies      
Direct link to video: http://vimeo.com/57653391
delinka 22 hours ago 2 replies      
Can we get a journalist to cover the history of the copyright of this broadcast and the players who continue to profit from the doctor's fine words? I'd really like to know why his family ever felt entitled to keeping such a monumental event repressed.
danielweber 19 hours ago 2 replies      
What's wrong with the formatting on this page?

I mean, this HN page. Margins are messed up.

lnanek2 18 hours ago 1 reply      
Last time I researched this, it looked like the profits from licensing were being used for good works, so it is tough to begrudge them.
benwerd 20 hours ago 0 replies      
Removed at 1:03:37. That's a slightly suspicious-looking timestamp.
aspensmonster 22 hours ago 0 replies      
Well, that was fast. It's already taken down from the vimeo link in the article. I doubt anyone here hasn't already seen it, but here it is:


       cached 19 January 2013 17:02:01 GMT