hacker news with inline top comments    .. more ..    16 Jun 2013 News
home   ask   best   6 years ago   
1
Terms of Service; Didn't Read tosdr.org
90 points by rfreytag  2 hours ago   21 comments top 11
1
rossjudson 42 minutes ago 2 replies      
One straightforward fix: A law that says an "I Agree" button only binds the user to the text that's actually visible on the screen. More text? More buttons!

That will drastically cut down on the boilerplate. Want to straitjacket your users with 60 pages of user agreement? No problem! You're only 60 button clicks away from complete lack of liability.

2
ef4 2 minutes ago 0 replies      
This is a nice idea. I would love to see these kind of agreements get commoditized and standardized, so that a new service can just check a bunch of boxes to generate their terms, and we can even represent the agreement in a machine readable standard way.
3
johnnygoods 30 minutes ago 2 replies      
Be wary of installing this extension, and this is why:

It's not lost on the legal world that no one reads Terms of Service. As a result, TOS are rarely enforceable in court, except inasmuch as they comply with broad industry standards.

However, compliance requirements are much MORE strict for parties who demonstrably should be aware of their legal obligations. Lawyers, for example, can't really argue that they didn't read a legal document they executed because of the manner in which it was delivered (in an inscrutable TOS doc, at the entrance to an amusement park, etc).

If you install this extension, you might actually be making yourself MORE bound to crappy terms of service, since you will not be able to make the case that obviously you didn't read them terms and therefore should not be held to some non-standard provision.

The reviews/ratings provided by tosdr.org are awesome, and I hope you guys continue this project, but I, for one, will be covering my ass and not installing this extension.

4
seferphier 1 hour ago 0 replies      
This is something we really need as consumers. A short summary of essential terms for us to know about.

Would be interested in Mobile apps like: Instagram, Vine and Path.

5
weisser 40 minutes ago 1 reply      
This is a fantastic idea. Of course, you need to be able to trust that the summaries cover the most important aspects but this seems like a good team to deliver.
6
lignuist 1 hour ago 3 replies      
Any chance to find out, what this is doing, without having to install an extension?
7
cybernoodles 12 minutes ago 0 replies      
Of all sites, no ToS on Facebook available?
8
makepanic 53 minutes ago 0 replies      
previous discussion:https://news.ycombinator.com/item?id=4350907

looks like they got a new domain

9
vysakh0 40 minutes ago 0 replies      
This is one of the best needed extension. Also this gets user some idea on how each site treats users.
10
whosbacon 53 minutes ago 0 replies      
Glad to see the browser extensions released. Thanks for this awesome project!
11
cLeEOGPw 1 hour ago 0 replies      
I was using it until it required additional rights for some reason. Then I suspected it to be making an online profile and selling it, so I uninstalled it.
2
Licenses Over Data: A Case Study with Github v BitBucket techlawyer.com.au
74 points by Maximal  2 hours ago   37 comments top 10
1
casca 2 hours ago 5 replies      
IANAL but this doesn't seem unreasonable. The exact clause is:

End User hereby grants Atlassian a non-exclusive license to copy, distribute, perform, display, store, modify, and otherwise use End User Data in connection with operating the Hosted Services.

For me, the key is "in connection with operating the Hosting Service". They will need to do things with your data as they move it between servers and storage and make it available to you. If you want it displayed publicly then you need to have given them a license to do so.

2
davidjgraph 1 hour ago 1 reply      
In my experience, the vast majority of developers completely ignore/misunderstand licensing most/all of the time.

The common excuse is that the intent by publishing source code online is that you clearly are allowing everybody to use it freely as they wish. I have no doubt the licenses on Bitbucket are not followed correctly more often than not.

Atlassian, if you've followed them, have always been a very transparent, developer-centric company, the behaviour of neither the founders, nor the company has ever suggested they are in the slightest bit interested in being arseholes in the manner being suggested here.

Yet somehow there's a switch from 'intent' to being licensing experts when it suits.

3
btipling 2 hours ago 0 replies      
> End User hereby grants Atlassian a non-exclusive license

The title of this post needs to be changed to reflect the title of the post. Right now it's disingenuous link bait.

4
ernesth 1 hour ago 0 replies      
From github's Terms of service : "You understand that the technical processing and transmission of the Service, including your Content, may be transfered unencrypted and involve (a) transmissions over various networks; and (b) changes to conform and adapt to technical requirements of connecting networks or devices."

In other words, the end user grants github a license to copy, distribute, store, modify End User Data (without encryption even if the user marked this data private).

5
mpchlets 1 hour ago 1 reply      
At Assembla, a project management tool that incorporates a repository service like github or bitbucket, we have a similar TOS as github:

"1. Assembla claims no copyright or other ownership rights in the Content you upload to the Service.2. By uploading or otherwise providing Content to Assembla.com, You grant to Assembla a non-exclusive, royalty-free, paid-up right and license to use, reproduce, display and distribute such Content on Assembla.com in connection Assembla's provision of the Services to such persons as you may authorize.3. You hereby represent and warrant that you have all intellectual property and other rights necessary concerning any Content posted by You on Assembla.com." https://www.assembla.com/terms_of_service

We do not want your data for our personal or corporate uses, we only want to display/reproduce/use your data with your expressed permission, i.e. you make your data public - the same as github.

The theory we have at Assembla is that the data is yours, always yours. We will never keep your data from you and we will never claim ownership over it.

We explicitly state that we do not own your IP because in today's world so many services are taking ownership over what you create. We feel it important to tell you right out that we do not claim ownership because if we do not, you will not know our stance.

Our stance is that we want you to feel comfortable using our service for both private and public projects for your data. We want you to be successful with a nice tool, we do not want to own your data.

6
wes-exp 1 hour ago 0 replies      
It's github's TOS that seems flawed to me, not Atlassian's. Maybe some jerk-off will sue Github because it's making "copies" of copyrighted coded without a license. I am more worried about that outcome than Atlassian going tyrannical.
7
magoon 2 hours ago 0 replies      
A service does need the right to store, process and display your data, and if their service makes use of third-parties then they need to assert the right to work with third parties.

That said, it would be comforting if Atlassian clarified this to make it clear they have zero claims on anybody's IP.

8
brudgers 2 hours ago 0 replies      
"courts have ruled that in connection with covers indirect connection as well as direct connection."

Which courts?

The question matters because while Github is located in San Francisco, Atlassian is an Australian company.

9
mnutt 2 hours ago 0 replies      
I'd be surprised if Atlassian inserted that phrase out of malice. I've been told by lawyers more than once that "it's necessary to prevent someone from suing you for doing exactly what they asked you to do". (display content they uploaded)

The lawyers also use it for covering all their bases. By uploading, do you automatically give them the right to feature your repo on their homepage? Or is that advertising?

10
paul_f 2 hours ago 1 reply      
Why does any service need to assertively state they don't own your IP? They don't own your IP. And can't claim it. Whether they mention it or not doesn't change that fact.
3
Acquisition and maintenance of a band of minions rachelbythebay.com
29 points by ericedge  2 hours ago   15 comments top 7
1
jmillikin 20 minutes ago 1 reply      
For those who don't regularly follow rachelbythebay.com, this post is a Google allegory. I disagree with a couple points.

First, Google really doesn't care as much about education as people think they do. They do love experience. I never graduated high school, and was hired into an SRE position (= programmer writing large-scale sysadmin tools) based on previous work experience. Grades are only useful if you've got nothing else to show off.

Second, if you want employees to be loyal to a company with unusually good perks, taking them fresh out of school is a terrible approach. Many people working here indeed have no real idea what working at non-tech companies is like, and that means they assume every other company is like Google. I have heard stories of employees getting frustrated on some project, leaving to work at (e.g.) a bank or webdev shop, and not realizing until their first day that there's no free food, or gym, or weekly heckling of the CEO. I used to work at a defense contractor, I know what it's like being a programmer employed at a non-tech company, and I don't want to ever go back.

(In other words, Google might get better retention by implementing Rumspringa)

Third, the proprietary parts aren't as pervasive as the article portrays. Our Linux kernel has weird Google-specific interfaces, but they're always in some stage of upstreaming and will eventually be in Linus's trunk. Our RPC system uses the same protobuf rpc-stubs that are generated by the open-source protobuf compiler. Desktops and Laptops run stock {Ubuntu,Windows,MacOS} with a few extra binaries. MapReduce and BitTable were published and inspired dozens of open-source implementations. Many of our Python-based tools have web frontends written with Django. Many systems persist data in MySQL.

When Google engineers avoid particular in-fashion systems such as Rails or MongoDB or node.js, it's not because we're ignorant of them, it's because we think they're not good enough.

2
gyardley 29 minutes ago 0 replies      
I wouldn't use such a pejorative term, but if you want to employ 'minions', you don't need to do anything particularly elaborate - just hire people who want to be minions. You can select for this in your interview process.

There's plenty of people out there who want to be told what to do and don't care to spend time thinking about the moral ramifications of their employment, including a great many skilled and experienced programmers. As long as they can choose how to implement what you want, they'll happily implement what you want, collect their paychecks, and go home.

Of course, that means you'll have to write extremely detailed specifications, which is a big pain in the ass. And you'll be the only one trying to figure out whether your product is actually something people want, so you damn well better be right.

3
ChuckMcM 46 minutes ago 0 replies      
Seems pretty far fetched, I mean can you imagine what ridiculous lengths you would have to go to in order to maintain the loyalty of the minions? I mean seriously if theywoke up to the reality of their situation, who knows what would happen :-) Seems like a common problem explored in literature as well, minor discontent, then an awakening, and then failure as the evil empire fails under more and more egregious attempts to maintain order ...
4
epochwolf 58 minutes ago 4 replies      
In case anyone missed it, she's talking about Google. :)
5
smurph 1 hour ago 0 replies      
In my experience, this is how the big defense contractors approach software. They will gravitate towards the most expensive proprietary tools in hopes that their engineers will pigeon hole themselves into that environment. I honestly had people tell me that I wasn't allowed to use anything open source (even through the military uses open source all the time) and that ClearCase is the most dominant version control system in the software industry.
6
norswap 39 minutes ago 0 replies      
What would the point of the band of minion be? To what (possibly evil) purpose will they be used?
7
andrewcooke 45 minutes ago 0 replies      
i don't think you need the last sentence, fwiw.

also, early on (before the backpacks and logos), talking about capturing them young reminded me of http://www.nsa.gov/kids/home.shtml

4
NSA admits listening to U.S. phone calls without warrants cnet.com
629 points by declan  16 hours ago   342 comments top 3
1
DanielBMarkham 14 hours ago 9 replies      
Since the modus operandi seems to be for the NSA to suck up everything it can and decide later it seems (wild speculation follows) that the NSA might be sitting on audio recrodings of all your phone calls for the past several years.

Can you imagine the number of divorce cases that would impact? Civil lawsuits? Proof of innocence or guilt in a crime?

Hell, get a decade or two of this and historians alone would have a field day with such material.

Oh, and by the way, it's completely fucked.

Back in the day, the FBI recorded folks that they suspected were subversives and it caused a huge stink. People were rightly outraged. It was considered a blemish on the FBI. Now we do the same thing -- only with everybody. And still 45% or so of the population hasn't figured out what the problem is. Amazing.

2
zmmmmm 14 hours ago 3 replies      
There's something sick and wrong in the semantics of how the laws have been interpreted here.

The authorities seem to have decided that they can record anything they want, any time they want. The legal boundary is only crossed when somebody listens to the recording. So it is fine for them to slurp up every bit of data they can tap into and then retrospectively figure out which bits they were authorized to listen to (with almost no oversight, as indicated by this article).

But most normal people don't interpret privacy that way. They consider the act of recording without consent the violation of privacy. The listening afterwards compounds it, but the power of the third party comes from having the conversation recorded, not the listening.

This misinterpretation of privacy is a subtle but deliberate and totally corrupt act by the authorities.

3
tptacek 15 hours ago  replies      
So that's not good.

You can see how that could be happening; NSA has trunk-level access to telephony circuits. Telcos are engaged in a long-running game of footsie with the government that makes billion dollar Internet companies look like anarcho-capitalists.

But I'm not seeing how we get from there to the contents of email. To have the email of arbitrary Americans without a warrant, the NSA would need direct access to the servers that run Google Mail. They do not have that access; Google has categorically denied it, and the Guardian walked the claim back. The "optical splitters on the Internet backbone" thing doesn't hold water either; most people need to go through some effort not to use strong crypto when communicating with people using Google Mail.

5
The ARM server apocalypse storagezilla.typepad.com
10 points by Ecio78  1 hour ago   2 comments top
1
VLM 22 minutes ago 1 reply      
"... with that comes all the awe & terror of living with Windows."

I had to LOL. Not even any point stating the obvious. That's good writing, can coin quite a phrase, unless thats a quote from somewhere.

On the bigger picture, I donno. I've seen the infinite circular wheel of IT rotate around quite a few times and this overall idea sounds like a rehashed Transmeta marketing message. That didn't turn out so well last time, but maybe the situation is different this time. Probably not, but maybe.

6
Algorithms from the Book. stackexchange.com
88 points by olalonde  7 hours ago   12 comments top 7
1
dmlorenzetti 1 hour ago 1 reply      
Nature's primary algorithm is massive parallel computation, at a scale that beggars us all.

"The Book" is all around us. The algorithms that nature cares about are woven into the fabric of the physical world. Our algorithms are just poor approximations, intended to make simulation tractable on discrete computers.

For example, this site occasionally carries posts about making water look realistic in games. Those posts usually acknowledge that the graphics approach they describe is cheating compared to actually solving the Navier-Stokes equations. But the NS equations are just a mathematical expression of reality. We then cook that mathematical expression down even more, in order to arrive at a collection of algorithms (finite-difference approximations, domain partitioning, numerical solvers) that attempt to embody the math.

Yet problems that today we would consider impossibly hard to solve computationally-- for example, fully resolving the flow of water around a sailboat, not to mention the wind in its sails, and the stresses in the mast-- nature solves billions upon billions upon billions of times a second.

2
fmax30 1 minute ago 0 replies      
For every different tree type i see , A searching tree i make it be, The fruit u see ; are like a key, i see u on the leaf nodes be. An Algo by the Almighty.

(tl;dr ) Whenever i see a real tree it looks to me like a specialized tree data structure implemented by the Almighty.

Also i tried to add little programming puns in my pseudo enigma styled poem thing.

3
pja 6 hours ago 1 reply      
See also "Proofs from the Book" by Martin Aigner & Gnter M. Ziegler, illustrated by Karl H. Hofmann.

  http://www.amazon.co.uk/Proofs-THE-BOOK-Martin-Aigner/dp/3642008550
Stuffed with beautiful short proofs. Each section starts at a fairly basic level, but finishes with some fairly deep maths.

(Edit: oh wait, the book is linked at the beginning of the SO thread. Never mind :) )

4
vanderZwan 1 hour ago 0 replies      
I don't know if it is particularly elegant, but I have a soft spot for Bresenham's line algorithm - it's not so much about lines as it is an algorithm to repeatedly add fractions to an accumulator using only addition and subtraction and without rounding errors (altough intermediate results are rounded to their nearest integer value).
5
tekacs 6 hours ago 0 replies      
Immediately upon seeing this I found myself jumping to click through - the idea is somewhat flawed (subjectivity (which people call 'beauty in the eye of the beholder' :P)) but an enjoyable one nonetheless.

To anyone who hasn't read it, I would heartily recommend 'Proofs from the Book' but moreso than that, to those who regularly come in contact with (semi-)formal methods (be they mathematical or logical) I would heartily recommend looking out for proofs that catch your eye like that and debating their worthiness for 'The Book'- it's a fun exercise! :)

6
metaobject 1 hour ago 0 replies      
If there are intelligent aliens out there and they have to search a sorted sequence then they certainly have developed binary search. So, I nominate 'binary search'.
7
nybbl3 30 minutes ago 0 replies      
Richard Bird took "Proofs from the Book" as an inspiration for his "Pearls of Functional Algorithm Design". I read a bit in it recently and there are really quite a few nice dderivations of functional programs, where the mathematical and the implementation part go hand in hand.
7
More details on MAINWAY and MARINA theweek.com
14 points by brown9-2  2 hours ago   4 comments top
1
jdp23 1 hour ago 3 replies      
Individually analyzing each incoming email is impossible. So the NSA automates the minimization procedures as much as it can. Based on dynamic link analyses done by computers, scores are assigned to emails and associated profiles inside the system. Every bit of data associated with an email address that might belong to a U.S. person "updates" the score. Analysts can query the system for individual names, and email addresses, and even subject lines. They can add, if they want, the place and time that the email was collected, too. If the "score" associated with the email indicates that there is a 51 percent chance or higher that it belongs to a person overseas, the analyst can start monitoring content right away and not do anything further. If that score is less than 51 percent, the analyst can, if directed by a superior, start to access the content, if it's available, but the large team of lawyers the NSA has will be instantly notified, and a FISA order will be sought.

As I interpret this:

1) analysts are able to access email metadata without a specific court order or warrant

2) analysts are able to access email content without a court order or if there's a 51%+ chance it's a non-US person

3) analysts with the approval of supervisors are initially able to access anybody's email content without a court order, although the FISA court then has to approve it

8
Poll: What's your favorite bugtracker?
17 points by gnosis  2 hours ago   26 comments top 17
1
edw519 22 minutes ago 3 replies      
Other. Write code without bugs.

(I say this in jest, but only a little.) Think about it...

I know so many programmers who get lazy because they have such good debugging tools (Let me just slam something out there and let the debugger catch it.) I hate this.

If we developers would slow down and think a little more about what we're building, we may find a dramatically decreased need for debugging.

Variable local or global? Right variable name? Should that be a function? How much am I repeating myself? How should the data be structured for its intended uses? What's the best way to handle recursion? Where might memory leak? Where's the best place to do this? Which is the best technology for this need? And most of all: Will the next programmer be able to read this and tell what it's doing before they break it?

Slow down. Plan more. Think deeper. Debug less.

2
pero 8 minutes ago 0 replies      
I'm a PM in digital advertising and normally I wouldn't work with code - I largely build one-offs with vendors so issues/bugs and deliverables - and Sifter is by far the best I've used. It does one thing and it does it really really well, has a negligible learning curve, and looks pretty - oh, and it's cheap.

https://sifterapp.com/

Not that there's a reason why it wouldn't be used with code, just a disclaimer.

3
wting 40 minutes ago 1 reply      
I'm surprised GitHub is by far #1. I wonder if it's familiarity rather than preference. Github's minimal approach of using labels for everything is like Gmail's tags over folders.

I wish GitHub had a "This bug affects me" or +1 button so the comment history stays clean of "me too" responses.

4
EliRivers 38 minutes ago 0 replies      
Piece of paper taped to side of monitor, with badly written reference to a page in someone else's daybook, including cryptic calculations that are actually not at all related and enough circular rings from my tea mug to create a sort of mutant Olympics logo.
5
creature 9 minutes ago 1 reply      
I've been using Phabricator a lot recently, and it's ace. We started using it because we wanted to start doing code review, and the task tracking came along 'for free'. It's nice & lightweight (in terms of UI), is usable from the commandline via the arcanist tool, and integrates well with the other Phabricator tools.

Downsides? The website's sense of humour is irritating if it doesn't click with you. You have to host it yourself, which can be about a morning of setup. The documentation can be a little bit sparse. But it's the first bug tracking/developer workflow tool I've used that I've actually liked. And I like it a lot.

7
tedsuo 51 minutes ago 0 replies      
Pivotal Tracker
8
captn3m0 38 minutes ago 0 replies      
We use redmine internally, but I find myself preferring Github for issues. The interface is much simpler and easier to use. Redmine, on the other hand has 10-15 fields for every issue. It may help with very large projects but most of it is never used for small-sized projects.
9
milliams 43 minutes ago 0 replies      
10
HarveyKandola 45 minutes ago 0 replies      
11
lukeck 2 hours ago 1 reply      
Jira.
12
esalman 2 hours ago 0 replies      
Trello
13
jonnyrockit 48 minutes ago 0 replies      
14
chenster 23 minutes ago 0 replies      
unfuddle
15
jbrooksuk 55 minutes ago 1 reply      
Bugify
16
spingu 31 minutes ago 1 reply      
asana
17
pagekicker 1 hour ago 0 replies      
redmine
9
SolusVM 1.13.03 Vulnerabilities localhost.re
15 points by kamaln7  3 hours ago   7 comments top 6
1
kijin 38 minutes ago 0 replies      
The very idea of a web-based control panel for a Linux server is a recipe for disaster, because it means giving root access to a web-accessible program. Remember why you're never supposed to run Apache as root? Or why you should never give PHP scripts permission to write to any location outside of the upload folder? Root and web-access don't mix, period. In the VPS business it's a kind of necessary evil, but that's all the more reason to check if the survival of your business depends on a bunch of unsanitized SQL queries.

Back in 2009, before SolusVM came along, the most popular control panel for low-end VPS hosts was called HyperVM. One day in the summer of that year, HyperVM got hacked, or more accurately, a combination of slow updates and weak passwords caused major data loss at a popular low-end VPS host. The next day, the developer of HyperVM, an Indian man, committed suicide. There was a lot of publicity surrounding the incident, and many low-end VPS hosts went looking for a less infamous control panel.

Then came SolusVM. I can't remember exactly how it came to be the primary replacement for HyperVM, but almost overnight everyone adopted SolusVM. I'm actually surprised that it lasted nearly 4 years without a major security incident like this. The low-end VPS market is so crowded with assholes and 14-year-olds looking for a quick buck, the so-called companies exchange DDoS attacks every other day. Now that the easiest route into another company's servers has been published, expect them to start hacking one another into oblivion.

Meanwhile, I'm already starting to wonder what kind of flying PHP-spaghetti-code monster whose name is /^[A-Za-z]{5}VM$/ will come to replace SolusVM for the next 4 years or so. It probably won't be much more secure, since most of the kids have budgets that are too tight to buy proper software. Developers who know how to use prepared statements cost money. Auditing a complex piece of web app costs even more money.

Writing control panels is hard. Remember, even Linode sometimes gets it wrong. If you trust your root account and therefore the fate of your business with a bundle of obfuscated code that may or may not have been audited by any competent security researcher, it's only a matter of time before something like this happens to you.

2
ams6110 1 hour ago 0 replies      
I actually fear this kind of stuff more than the NSA when it comes to cloud services.
3
jemka 2 hours ago 0 replies      
Ramnode was hacked as a result: https://news.ycombinator.com/item?id=5888309
4
mpchlets 1 hour ago 0 replies      
Oh man - failure to use a framework or they worked around it - either way this was a big programming no no - direct use of SQL with NO sanitizing. Very bad.

I can't even call this a vulnerability - it's an open door.

5
tlongren 1 hour ago 0 replies      
This is not surprising at all. In their client API for checking server status, they can't even report memory usage correctly.

It's been a bug in their API for a very long time, with multiple requests for a fix. I made a new request for a fix about 2 months ago and they're still "working on it". Not difficult to look at the correct line in /proc/meminfo.

6
JosephRedfern 1 hour ago 1 reply      
Right now, their official fix (sent via email) is to 'rm f /usr/local/solusvm/www/centralbackup.php'. Great.
10
Upgrading a cPanel plugin. zamfoo.com
35 points by showsover  5 hours ago   16 comments top 7
1
sikhnerd 2 hours ago 2 replies      
This is part of what the developer released to fix the security vulnerability disclosed responsibly on WHT [1] tl;dr of that thread by the OP [2] . Beyond the ridiculous response of the developer in the thread, the fix released doesn't even fix the issue. Some other security researcher released the root vuln [3] and basically every install of this software is about to be rooted. And that's all before the ridiculousness of passing a root password over http, which strips "special characters" that is used to login to your box and upgrade their software. If you read the linked thread, it's like a case study on how to NOT respond to a security disclosure.

[1] - http://www.webhostingtalk.com/showthread.php?t=1275572[2] - http://www.webhostingtalk.com/showpost.php?p=8727714&postcou...[3] - http://localhost.re/p/zamfoo-120-vulnerability

2
Avalaxy 2 hours ago 2 replies      
See this thread for their response: http://www.webhostingtalk.com/showthread.php?t=1275572.

I tried submitting it to HN, but I receive an error "stop spamming us, you are wasting your time". Anyone knows why this is? (I'm most definitely not a spammer)

3
bigiain 4 hours ago 2 replies      
Errmmm, is that _really_ asking for root ssh credentials over an unencrypted http form?

_REALLY?_

4
joshguthrie 2 hours ago 1 reply      
I guess a real script with "curl zamfoo.com/?license=$ZAMFOO_LICENSE" | sh" was too hard so I'm better off giving my root password to strangers.
5
showsover 5 hours ago 1 reply      
This is the upgrade procedure for a critical security vulnerability found here: http://www.webhostingtalk.com/showthread.php?t=1275572
6
astar 1 hour ago 0 replies      
The upgrading process seems easyJust have to send your IP address, root user name, password, and license key through a form...and you can do it through the fast http scheme rather than the slow https.
7
quchen 3 hours ago 0 replies      
"Special characters may not work."

I guess we should change our root passwords to "root123" so upgrading becomes easier.

11
Six ways to protect yourself from the NSA and other eavesdroppers zdnet.com
6 points by tanglesome  1 hour ago   discuss
12
Lynda Obst: Hollywood's Completely Broken salon.com
12 points by JDulin  2 hours ago   12 comments top 7
1
mtgx 1 hour ago 0 replies      
That's the thing with disruptions. The new business models can't support the old cost structures, but they can support the new cost structures from new businesses built around the disruptions.

Hollywood would have to adapt, which means doing things in a very different way than they've done it so far, and that's not something they'd like to do. They'd rather try and hold on to what they have now for as long as possible.

2
iamwil 43 minutes ago 2 replies      
I had two thoughts.

1) That the golden age for DVDs only lasted about 10 years. I think the golden age of cinema lasted from late 1920 to early 1960's. Acceleration in technology results in accelerated culture change and accelerated market changes. We're use to it in tech, but I didn't think much of other industries.

2) Along those lines, I was surprised this was such as revelation to the author. As soon as I saw Netflix go streaming, I knew this was the way I wanted my movies delivered. And the attitude in the OP seemed to be, "Hey, we can't make great movies and take risks on movies because you guys aren't buying DVDs." Innovative films never seemed to be big-budget anyway. And for an industry that's not use to change like technology is, they seem to fail to see that with new technology comes new business models, and new opportunities. I wonder how tech can educate hollywood on this.

3
jseliger 1 hour ago 0 replies      
This was, literally, a Great Contraction

I think the basic problem is that contemporary movie studios are publicly traded companies whose goal is to grow by 10% a year (or at least hit market growth rates). In some businesses, that's just not possible because of limits to the size of the market; book publishers, for example, have only rarely grown at market or above-market rates.

Books are an interesting example for a couple reasons: book publishers have been real businesses far longer than movie studios. In addition, studios for a long time set up businesses that relied on people repeatedly re-buying the same movie on different formats. Books have never really gotten away with that (although we might be seeing some re-buying like behavior in the shift from paper to digital). Now there's not an obvious successor to DVDs, and movie studios might become, or be becoming, more like book publishers.

* Further background reading: Edward Jay Epstein, The Hollywood Economist.

4
transfire 1 hour ago 1 reply      
Let talk about the real problem with Hollywood: It's an enclave of nepotistic, narcissistic, over paid ninnies.
5
sp332 2 hours ago 1 reply      
>The DVD business represented fifty percent of their profits, he went on. Fifty percent. The decline of that business means their entire profit could come down between forty and fifty percent for new movies.

>If a studios margin of profit was only 10 percent in the Old Abnormal, now with the collapsing DVD market that profit margin was hovering around 6 percent. The loss of profit on those little silver discs had nearly halved our profit margin.

This actually explains a lot about the studios' rabid antipiracy campaigns and their unwillingness to make everything available streaming. DVDs aren't a huge slice of the pie, but as a percentage of profit, it becomes a huge deal.

6
dlg 1 hour ago 0 replies      
There are a few tech startups in Hollywood trying to help build a new model. I recommend this recent post for a sense of where things are going http://briannorgard.com/2013/06/14/rewiring-and-rethinking-h...
7
e3pi 2 hours ago 0 replies      
> "....He looked at me incredulously, as if to say, Havent you run a studio? Then he said very emphatically, The implications are youre seeing the implicationsthe implications are, those studios are frozen. The big implication is that those studios arenot necessarily inappropriatelyterrified to do anything because they dont know what the numbers look like.

Regarding tech advance crushing DVD sales, 50% of profit.

13
U.S. surveillance architecture includes collection of Internet, phone metadata washingtonpost.com
107 points by declan  11 hours ago   11 comments top 2
1
tptacek 10 hours ago 4 replies      
If you haven't read Gellman's _Angler_ yet, you really should; it's riveting. Read this whole article; towards the end, it reports that acting AG James Comey, along with FBI Director Robert Mueller, threatened to resign if NSA continued slurping Internet metadata out of American signals intercepts on orders from David Addington, a Cheney henchman.

Gellman's underselling the drama here a bit, but he captured it in _Angler_. Comey and Mueller didn't just threaten to resign. First, Comey simply refused to authorize the program. Comey was acting AG at the time because John Ashcroft --- a punching bag figure for civil libertarians (like myself) --- was hospitalized with appendicitis, doped up, and incapacitated. When Comey pushed back on the Addington order, future AG Alberto Gonzalez went to hospital to try to get Ashcroft to override Comey. Ashcroft, who Gellman (IIRC) reported was barely lucid, refused to override Comey. Comey and Mueller threatened to resign. The rest is history.

It is really hard to fathom just how bad the first Bush administration --- really, the Cheney shadow administration, which is what it was in the first term --- was. The last time mass senior resignations were a tool of influence in Washington was Watergate.

Incidentally: Comey and Mueller were both Republicans. From everything else we know about NSA surveillance post 9/11, we have every reason to believe that Addington's plan was stupid, but not much reason to believe its goal was to target anything other than foreign terrorists. Both Comey and Mueller were prepared to resign, from a Republican administration, over what most Americans would consider a legal technicality --- in a program whose goal they supported, and whose harm to the American people was abstract. This squares with my experience talking to judges and law enforcement people: their belief in the rule of law and in the importance of the law is profound.

Comey's been tapped to run the FBI for Obama.

2
jacquesm 7 hours ago 1 reply      
I shudder to think what a modern day McCarthy or Hoover could do with all this information at his disposal.
14
Understanding Garbage Collection in .NET stackoverflow.com
27 points by ygra  5 hours ago   1 comment top
1
octo_t 1 hour ago 0 replies      
Garbage collectors are incredible things, the ideas are really simple but then the tricks used to optimise them (removing stop-the-world etc) are pretty magical.

When they interplay with JITs, everything gets even more complex and fascinating.

15
Project Loon google.com
928 points by sabalaba  1 day ago   262 comments top 5
1
simonsarris 1 day ago 4 replies      
"I love those who yearn for the impossible." -Goethe

I wish other large companies showed such ambition. Telecoms like AT&T can't even be bothered to roll out the network upgrades they promised in the early 2000's.

2
wklauss 2 minutes ago 0 replies      
Is really that impractical to use stationary WiMax access points instead?

Last time I checked range was around 30 miles, couple of stations will blanket a good area without the hassle these balloons bring (you need to pick them and relaunch every couple of weeks, etc...).

3
waterlesscloud 1 day ago 3 replies      
There's a lot that I don't like about Google, but I do like that they're fucking insane.
4
ChrisNorstrom 1 day ago 6 replies      
It's fascinating to see how well Google has branched out. It started as just a search engine competing with Lycos, AltaVista, & Yahoo and yet they didn't just stop, they kept going. They built all these new services & products around their core product (search) and it's paid off tremendously.

It's definitely something to model future companies off of.

When you win the race, don't stop, keep running.

5
albertsun 1 day ago  replies      
That's odd, I'm looking at my calendar and it doesn't say April 1st.
16
Senators skip classified briefing on NSA snooping to catch flights home thehill.com
419 points by Libertatea  1 day ago   136 comments top 7
1
DanielBMarkham 23 hours ago 4 replies      
In a normal scandal story, the appropriate committee would grant immunity to Snowden, have him testify, then bring up Clapper, have him testify, and compare notes. Preferably publicly.

Here they bring in one side of the story for a secret Powerpoint presentation, no doubt with a high degree of spin to it, and publicly call Snowden a traitor. Then they complain that nobody shows up.

This isn't a bake sale or a dog and pony show, it's supposed to be the workings of the U.S. Senate. This sounds much more like an effort to CYA from the committee chair and NSA than it does an actual investigation or anything useful. Not going to make much progress continuing to operate in this fashion.

It IS interesting, however, that both sides here feel that, if only the other side knew more about what was actually going on, they would agree with them. But then the government insists on keeping it all secret. Meh.

2
startupfounder 1 day ago 11 replies      
Our government is broken. It is no longer by the people for the people.

Politicians are skipping out of their responsibilities.

Politicians spend much of their time in office fundraising for re-election.

Politicians raise much of their election financing from corporate interests, not the people, and thus have a diminishing obligation to the people.[1]

A vast minority of people elect our politicians because 50% of eligible voters don't go to polls.

Most are rich old white men, not a representation of the people.[2]

We can do better.

[1]http://www.ted.com/talks/lawrence_lessig_we_the_people_and_t...

[2]http://en.wikipedia.org/wiki/List_of_current_United_States_S...

3
linuxhansl 23 hours ago 3 replies      
It seems that rather than attracting the best of the best to lead this country we managed to arrive at a process that reliably picks the most self serving crooks this country has to offer and allow them to run this country.

With a few exceptions nobody in congress seems to actually care even a bit about the people, but only how to drive the personal agenda forward.

It's the same in Europe. Apparently representatives are actually paid by attendance, so what they do is, they come to the session, sign in their names, and then leave.

4
spinchange 23 hours ago 1 reply      
The icing on the cake is that Senate staff are prohibited from reading any classified materials Snowden leaked that are published in the press.

http://www.forbes.com/sites/kashmirhill/2013/06/14/senate-st...

(Legislators rely on their staff for input, research, background and assistance in making decisions)

5
fnordfnordfnord 22 hours ago 0 replies      
Friday afternoon briefings and statements like the following (paraphrased): "All congressmen have been briefed and are fully aware of the NSA's totally legit and above board program. There is simply nothing to see here, and making a big fuss about it compromises everyone's safety."

Reminds me of this:

"But Mr Dent, the plans have been available in the local planning office for the last nine months."

"Oh yes, well as soon as I heard I went straight round to see them, yesterday afternoon. You hadn't exactly gone out of your way to call attention to them, had you? I mean, like actually telling anybody or anything."

"But the plans were on display ..."

"On display? I eventually had to go down to the cellar to find them."

"That's the display department."

"With a flashlight."

"Ah, well the lights had probably gone."

"So had the stairs."

"But look, you found the notice didn't you?"

"Yes," said Arthur, "yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard'."

6
huhtenberg 1 day ago 1 reply      
Given the Father's Day weekend, it wasn't hard to guess that the attendance will be low, so the question is why the briefing was still scheduled for that particular spot. I bet they are trying to tell us something...
7
ck2 1 day ago  replies      
Not an excuse at all but part of the problem of our system, why they run home so fast, is they are constantly fundraising for their next election. They spend a massive amount of time in office just fundraising.

Not sure how this can ever be fixed.

17
Martin Luther King Jr. was wiretapped garrytan.com
213 points by ghosh  18 hours ago   65 comments top 4
1
hooande 16 hours ago 12 replies      
This story needs some historical context. This is pointed out in the blog post, but the main reason for wiretapping King wasn't his civil rights advocacy, but his communist leanings. This in no way excuses or apologizes for the dirty tricks used by the federal government against a non-violent protestor. But this should make sense to students of US history.

Communism was the absolute defining political issue of the 20th century in America. Today communism seems like a failed political ideology, a cute thing that hippies like along with pot and drum circles. But in the 50s and 60s communism was the most evil thing imaginable, like aids spreading terrorists who block cell phone signals. Hoover in particular had spent his entire life fighting communism and saw it as the greatest threat our country had ever faced. Many of our parents or grandparents had nuclear bomb drills in elementary school, ducking and covering under their desks to protect themselves from the communist threat. Growing up like that, you can imagine the fear and rabid hatred that people had for the ideology.

This isn't a story of "Evil US government subverts wiretapping power to go after peaceful protestor". This is a case of the government executing the will of the people at the time. Hindsight is 20/20 and looking back their actions seem evil, but in historical context the FBI was doing exactly what they were supposed to be doing: fighting communism with everything they had. It may sound silly to us, but back then that was the only fight that mattered. The FBI and the public didn't see it as wiretapping a private citizen, but as a part of a decades long political struggle.

Recently on HN people have been acting like the government can dominate the world through wiretapping. As if the NSA can find out a few secrets and people will bow their heads and be silent. Government wiretapping found a true dirty secret involving MLK and threatened to reveal it if he didn't change what he was saying. Did he stop? No. Did he slow down for a single second? Fuck no. True political reformers aren't cowed by blackmail and intimidation. As long as we have leaders like Martin Luther King, democracy will live forever.

2
tptacek 17 hours ago 5 replies      
Yes. This times 100. Prior to (I think) '68, there was no federal prohibition on wiretaps of any sort. Think about that before you say that the USG has never respected the 4th Amendment less than it does today.
3
jivatmanx 17 hours ago 1 reply      
"In 1964, after Hoover called King the most "notorious liar in the country" in a press conference, a package was sent to King in the mail, a package the House select committee ultimately traced back to the FBI. "

What I find most amazing about this story is that the House would actually do something to serve as a check on executive power.

4
karissa 10 hours ago 0 replies      
Forget wiretapped. He was assassinated in a conspiracy with 'unspecified governmental agencies.'

"...the jury ruled that Loyd Jowers and others, including unspecified governmental agencies, were all part of the conspiracy to kill Martin Luther King Jr.[3][4]"

http://en.wikipedia.org/wiki/Assassination_of_Martin_Luther_....

18
Sublime Text Ctrl+P Like Fuzzy Matching In Few Lines of Python crossplatform.net
53 points by cplat  9 hours ago   17 comments top 8
1
wting 1 hour ago 0 replies      
I had to do something similar for autojump (fuzzy matching search string vs directories list).

I started hand rolling my own based on Damerau-Levenshtein, but it turns that Python already has a similar implementation in the difflib:

http://docs.python.org/2/library/difflib.html#difflib.get_cl...

2
pjscott 6 hours ago 2 replies      
If you want to give more weight to matches of consecutive characters, or do other fancy things, a sequence alignment algorithm could be useful:

http://en.wikipedia.org/wiki/Smith-Waterman_algorithm

3
crucialfelix 6 hours ago 1 reply      
It was actually me that suggested to the TextMate guy to do the fuzzy lookup in this way: matching significant characters in side the search term.

AFAIK Sublime, Ctrl-P and friends all followed and improved from TextMate's version.

It was originally a feature in LaunchBar which was on NextStep and was ported to OS X [1] QuickSilver and Spotlight were also influenced by LaunchBar.

[1] http://www.obdev.at/products/launchbar/legacy.html

4
sorbits 4 hours ago 0 replies      
5
cjh_ 8 hours ago 0 replies      
I implemented something very similar in perl a few weeks back for my user interfaces project; I wrote a desktop search client that would take a query from the user and score results based on how many and how well it matches a series of different interpretations of the query (fuzzy was one of them).

I too am really amazed this isn't more prevalent as it is so easy to do, after discovering the vim ctrl-p [1] plugin I rarely go a day without using it.

[1] https://github.com/kien/ctrlp.vim

6
spencera 8 hours ago 0 replies      
A slightly more sophisticated implementation: https://code.google.com/p/google-diff-match-patch/
7
DrJosiah 8 hours ago 2 replies      
I added similar functionality to my editor about 5 years ago after seeing a coworker use Sublime Text. I'm amazed that all editors don't have it already.
8
gondo 3 hours ago 3 replies      
call me old school, but Ctrl + P should do print
19
Cryptogams and the NSA (fiction) warscapes.com
115 points by alexqgb  13 hours ago   43 comments top 9
1
clamprecht 11 hours ago 3 replies      
Jesus, as someone who has been interrogated by the US Secret Service, I thought this was real. It's very accurate, especially the psychological part.

I should write a blog post about this, but the short version:

When I was about 19, I was interrogated by the Secret Service for threatening the US president. I hadn't (ever) done this, and I didn't even know what they were talking about. It turns out that I was on an AT&T alliance (conference call, back then) with a bunch of phreakers (which I was). Sometime during the lifetime of the call (which could have been 24 hours or more), someone called the whitehouse and apparently did make some kind of threat.

I, being 19 and stupid, figured "I have no idea what they're talking about, and I have nothing to hide, so I'll just go in for their interview. It'll be fun." After about 5 hours of being grilled, polygraphed, good-cop-bad-cop'ed, I just wanted to get out of that room. Sweat was dripping off me. I wanted to tell them whatever they wanted to hear to get out of there. And they kept saying "look, we know you made the threat, why don't you just tell us?". Somehow I stayed strong enough to not give a false confession. They let me go, and eventually they charged some kid (a minor, it turns out) in Ohio for it.

If you have ever wondered about people recanting confessions, this is how it happens. The police are trained on how to break you down, make you confess, whether you are guilty or not. There are textbooks (for cops) on how to do it. In the US, they are allowed to lie to you. They can threaten to arrest your wife, etc.

If I'm ever questioned for anything again, no matter how innocent I may be, I'll always request an attorney be present.

2
achille 8 hours ago 0 replies      
While this story is fiction, the author was actually investigated by Fitzgerald for possibly uncovering CIA operatives.

See: http://m.motherjones.com/politics/2010/07/john-sifton-guanta...

Summarized: http://sidebarforplaintiffs.naomifein.net/?p=14164

3
LoganCale 12 hours ago 4 replies      
Just to be clear, this is a fictional scenario demonstrating a potential absurd situation that could arise from dragnet surveillance.
4
danso 11 hours ago 0 replies      
I guess the point of this...is...to separate the Joyce readers from the non-readers? Because doesn't the satire rely in some part on the analyzed content? I haven't read Joyce but if the OP was as unsubtle in referencing him as he was to Orwell I guess I didn't miss much.

The scenario illustrated here is a little absurd. Our nation would be bankrupt well before it had the finances to fund such rabid pursuit of false positives.

5
tptacek 11 hours ago 1 reply      
Anybody have a server in Peshawar we can use? I think a better plan is to use _Gravity's Rainbow_. It's just as hard to understand, but more things explode in it.
6
hawkharris 12 hours ago 0 replies      
The author included over-the-top details to make it clear that his story was fictional.

I mean, FBI agents seeking clarification about emails you wrote? Pssht...they'd just read the emails, build their case and send you to a military tribunal.

7
jackcviers3 12 hours ago 0 replies      
Also note the subtle allusions to 1984, Brave New World, and Farenheit 451. I really enjoyed it and would like to read a longer treatment of the theme by this author.
8
deeqkah 7 hours ago 0 replies      
I honestly couldn't get through reading this in it's entirety as i was laughing too hard. I've saved the page so i could finish later.

Clever, utterly insane and timely.

9
javert 12 hours ago 3 replies      
I'd always heard that Joyce is utter trash. This hasn't helped change that impression.
20
Django's Architecture: The Good, The Bad, and The Ugly speakerdeck.com
48 points by rubygnome  10 hours ago   26 comments top 8
1
makeramen 8 hours ago 3 replies      
Someone should mark this (2011).

South provides stable and mature migrations for schema changes [1]

Custom Auth models are now available in Django 1.5 [2]

The templating language definitely needs some work, but it's slowly getting better. I'd prefer them drop in Jinja2 but that's just me.

[1] http://south.readthedocs.org/en/latest/

[2] https://docs.djangoproject.com/en/1.5/topics/auth/customizin...

2
jgj 4 hours ago 1 reply      
Here's the video for folks who prefer sentences and context:http://www.youtube.com/watch?v=7KTVws3TiC0
3
mattchew 2 hours ago 2 replies      
I don't like Forms/ModelForms.

It doesn't seem to be a common complaint, but I always end up fighting with Forms when I try to use them. Too complicated, too confining, and too unique-to-Django. I wish Django had gone with field helpers instead.

4
gojomo 8 hours ago 1 reply      
[2011]

The auth customization story has improved recently in 1.5, and the author of this very presentation (Andrew Goodwin) is bringing support for schema changes into the core with his post-South project:

http://www.kickstarter.com/projects/andrewgodwin/schema-migr...

5
k_bx 7 hours ago 2 replies      
For me, the worst thing about django is it's source code. Every time I have to dig into some problem, I see really long functions with multiple abstraction levels mixed, a lot of strange names and other code that is really hard to read (ok, it's still python, so you still can read everything after a bit of tryings).
6
aroman 9 hours ago 1 reply      
Some excellent points here. The inflexibility of the auth page and the anti-"magic" stuff really hit home.
7
mixedbit 7 hours ago 1 reply      
Why Django model is not an ORM?
8
targusman 4 hours ago 0 replies      
This is why I prefer web2py. Unfortunately all jobs I can find are for Django. :(
21
Nitpicker an overly picky language style checker nitpickertool.com
56 points by Sami_Lehtinen  11 hours ago   34 comments top 18
1
pjscott 6 hours ago 1 reply      
I tried it on some decent-looking HN comments. I'm impressed that every "problem" it has found has been plausible, but disappointed that all of them have been wrong. This thing has one hell of a false positive rate.
2
charonn0 6 hours ago 2 replies      
I used the word "Premise," which is apparently British, and therefore wrong.

    Avoid using British English. (replace with *Premize*)
Premize?

3
jonemo 9 hours ago 1 reply      
The interface is a little confusing when you write a "perfect" text. I just wrote a few sentences, pressed "Analyze" and nothing at all happened. Pressed it again, nothing again. Maybe include a message like "Sorry, found nothing to nitpick about."
4
dsymonds 7 hours ago 2 replies      
It's ironic that the description has a language style error:

"Nitpicker is a language style checker which compares your text ..."

s/which/that/

5
microcolonel 2 hours ago 0 replies      
Where's the code?

I'd like to look at how you implemented this, and maybe at the rule db.

This would be a great thing to have in offline software as a library.

6
ajanuary 4 hours ago 0 replies      
The first thing I did was run the website copy through it. It picked up a few problems such as the use of the passive voice. A demonstration perhaps to not take the results at face value.
7
bbromhead 9 hours ago 1 reply      
Great idea although it doesn't appear to pick up the misuse of there, their and they're.

I typed "I'm going to walk over their" and Nitpicker only told me that " I'm " is an informal contraction.

8
tincholio 9 hours ago 0 replies      
This would be awesome as an Emacs minor mode...
9
artagnon 7 hours ago 1 reply      
Curbs artistic freedom, and nitpicks style instead of focusing on grammar issues/ ambiguity.
10
darxius 4 hours ago 0 replies      
Pretty cool. I would love to have something like this in Sublime.
11
5vforest 9 hours ago 1 reply      
Loved the idea, but the in first few test paragraphs I tried, the only results I got were false positives.
12
westi 6 hours ago 0 replies      
Interesting, it seems to have a way to go to match the quality of feedback that http://www.afterthedeadline.com/ gives though.
13
inovator 9 hours ago 0 replies      
Mac - Chrome browserI pressed Analyze and nothing happened o.O
14
C1D 8 hours ago 0 replies      
This was posted 5 months ago.. https://news.ycombinator.com/item?id=4985662
15
mikegreco 8 hours ago 0 replies      
At this late hour I made a note to comment on this in the morning, when I could make my thoughts more succinct. I then realized the inherent irony in that action.

I love this tool.

16
ErsatzVerkehr 6 hours ago 1 reply      
Disappointed that it doesn't correct "The NSA" to "NSA".
17
raminassemi 9 hours ago 0 replies      
I like it, it does exactly the kind of "thinking" my brain doesn't want to.
18
fady 9 hours ago 0 replies      
yeah, did not seem to work for me. xubuntu, chrome 27.
22
Watch 2013 Barack Obama Debate 2006 Joe Biden Over NSA Surveillance [video] eff.org
272 points by kirillzubovsky  23 hours ago   76 comments top 9
1
chimeracoder 22 hours ago 5 replies      
Related - here's a video of Candidate Obama debating President Obama on government surveillance: http://www.youtube.com/watch?v=7BmdovYztH8
2
cpursley 22 hours ago 3 replies      
If we were honest and classified President Obama objectively based on his actions alone, we'd label him a neoconservative corporatist in the same vein as Cheney. It's painful, especially after Bush. The truth hurts.
3
kunai 22 hours ago 1 reply      
Obama's speech is obviously canned, while Biden's is the opposite. He is speaking candidly and openly, because he knows that it's the truth. The President, on the other hand, is hesitant and only chooses neutral words.

Amazing what diction can do for public viewpoints. It's equally amazing how many don't care enough to notice the aural cues of the state of being disingenuous.

4
znowi 21 hours ago 3 replies      
Where did the master of public speaking go? I don't recognize Obama here. He's nervous and lost at words. Almost guilty.
5
ck2 12 hours ago 0 replies      
Not an excuse at all but watching President Obama these days is like watching the end of The Man Who Fell to Earth (the original one with Bowie) where he's lost all control of people around him that he helped bring to power in the first place and he's utterly frustrated but stuck having to work with them.

As someone who was thrilled to see him elected, I am going to be very relieved to see him flown away on that last day, just like Bush.

6
wilfra 19 hours ago 1 reply      
The difference between 2013 Obama and 2006 Biden is that 2013 Obama gets briefings on what exactly they uncover with that metadata and who they are catching with it. That's what he means when he says it was worth it.
7
pocketstar 22 hours ago 7 replies      
How do you identify terrorists with only phone call 'metadata'?
8
natch 13 hours ago 1 reply      
Has this been taken down? Mirror, anyone? Not working for me, just gives a black rectangle once the video is accessed.
9
sreddy1 19 hours ago 0 replies      
cool stuff
23
Returning to Free Software: A Guide steveklabnik.com
95 points by uggedal  9 hours ago   96 comments top 15
1
archivator 1 hour ago 1 reply      
I'm surprised no one has mentioned that using software full disk encryption on an SSD is a really bad idea. It increases wear dramatically, completely invalidates TRIM and works against the controller every step of the way. LVM has an option that supposedly passes TRIM through but in my case I'm pretty sure it didn't do anything.
2
anon1385 6 hours ago 5 replies      
I hope the author appreciates the irony of hosting this blog with svbtle
3
xiaomai 7 hours ago 3 replies      
I hope we see a lot more of this soon. It's disappointing to see so many hackers using proprietary OSes/editors/etc. to build systems based on free software.
4
D9u 3 hours ago 1 reply      
I'm running FreeBSD on a 4 + year old netbook for close to a year now, and before that it was various unix-like OS choices, from Xubuntu, to Kuki, to Tiny Core, to Fedora, along with too many others to list as I sought an OS to suit my needs.

I wiped WinXP (eXPloitable) off my hdd years ago, and haven't looked back ever since.

My only caveat is Netflix, but this is easily fixed by booting into a persistent Debian USB flash drive installation and running compholio's netflix-desktop.

As for those who complain about having to configure their unix-like systems, you can't really claim to be much of a "hacker" if configuring your own system is a task too onerous.

After all, if a moron such as myself can do it, genius such as yours should have absolutely no problem using unix-like systems.

5
mark_l_watson 1 hour ago 1 reply      
For me, it is a matter of moving in the right direction. I can't run on all free software. For example, I had to dig my old Windows laptop out of my junk closet today to do a homework assignment (without warning, the last assignment for the Cousera Data Science class requires Windows :-( )

Also, I prefer Android (not free software, but at least more open) but the are a few apps on my iPad I really like so I am not giving away my iPad anytime soon.

6
eksith 1 hour ago 2 replies      
Lot of comments on what exactly constitutes free software (and the snarky insinuation that somehow only the FSF can determine what exactly that means).

Let's let Richard explain it :

http://www.youtube.com/watch?v=ZPPikY3uLIQ

7
crocowhile 6 hours ago 2 replies      
I have been using archlinux exclusively since 2006. I would be lost and furious without a central repository for all the updates, compiz goodies, and the free-of-malware/viruses peace of mind that only linux gives me.

What is this "Chez" that OP is writing about?

8
glogla 5 hours ago 3 replies      
I'm not sure the X1 Carbon is such a great idea. I heard that Lenovo laptops are way cheaper in US than in Europe, but here, getting MBA instead would give you cheaper computer with better screen, and way better touchpad, while going for rMBP 13 would give you computer with better performance, more memory, way better screen and way better touchpad, while still being cheaper than the X1.

Now more expensive than Apple product, while worse ... that requires actual effort!

I'm planning to do just the same with Linux, though I'm waiting for Haswell Zenbook.

EDIT: I hope I recall correctly on X1 having TN screen.

9
reledi 5 hours ago 1 reply      
> One thing that I have yet to explore (but Id like to) is to use a tool like Chef to set up my personal machine, so that I can periodically wipe everything and re-build from scratch.

I'm in the same boat. Does anyone know a good tutorial to learn how to do this with Chef or Puppet? I don't have much of an interested in learning the tools, I just want to set it up and forget it (and occasionally update it).

Do people make their Chef/Puppet configuration files public (e.g. on GitHub) just like they do with their dotfiles?

10
bugsbunny4341 2 hours ago 1 reply      
I primarily use gnu/linux and I'm planning to upgrade my laptop. Any recommendation? rMBP, Zenbook, Carbon X1...? Long battery life and performance are the primary criteria.
11
pjmlp 6 hours ago 3 replies      
Unless there is a guarantee where the network traffic is going through, this is worthless even with encryption.

Secret service agencies have the ability to pose as whatever they want, even using "legit" certificates.

12
gits1225 6 hours ago 1 reply      
I still have improvements to make, but what I have works well so far. Please let me know what you think, and suggest ways to make this setup even better.

A crunchbanger for 2+ years, recent convert to elementary: http://elementaryos.org , especially if you are looking for 'polish'. Do check it out once its out.

13
geekymartian 2 hours ago 3 replies      
Coming from OSX, how do you handle the cmd + * to ctrl + * switch?After years of cmd key combinations I always find hard to switch to ctrl key combinations.The app switching with alt instead of cmd kills me too.
14
catmanjan 8 hours ago 5 replies      
GNU/Linux really isn't an option for laptops until the battery life improves. Yes, yes I know PowerTOP helps, but 3 hours under even the most minimal distro vs. 8 hours under Windows is unacceptable.

(Note: I know it's the hardware manufacturers fault for not releasing power related drivers, but as if the end user cares!)

15
cathyjf 7 hours ago 2 replies      
The author mentions installing Ghostery, which appears to be nonfree.
24
U.S. spy agency paper says fewer than 300 phone numbers closely scrutinized reuters.com
4 points by zt  1 hour ago   discuss
25
COINTELPRO wikipedia.org
131 points by geekfactor  16 hours ago   33 comments top 6
1
md224 16 hours ago 4 replies      
I actually thought about posting this as well... definitely required reading for anyone who believes the government would never abuse their powers to stifle dissent. Really sad chapter in American history.
2
ck2 11 hours ago 0 replies      
Note that something similar was done to groups that protested the Iraq War.

Some people who were known demonstrators ended up on the no-fly list.

3
namank 3 hours ago 0 replies      
FBI's stated motivation was "protecting national security, preventing violence, and maintaining the existing social and political order.

So the only way to progress is...how again?

I wonder how they view innovation, startups, and Silicon Valley.

4
readme 15 hours ago 3 replies      
To be fair, some of the groups that COINTELPRO targeted were subversive. For example, the weather underground:

http://en.wikipedia.org/wiki/Weather_Underground#Major_activ...

Ctrl+F "Bomb" ^^

5
e12e 5 hours ago 0 replies      
For anyone that's interested in the US history with dissidents, I recommend watching the documentary "The Black Power Mixtape (1967-1975)":

  http://blackpowermixtape.com/  (alt: http://www.youtube.com/watch?v=T5_qnnqyxQk )

6
dxm 9 hours ago 0 replies      
26
Programming Language - Compile C# subset to C, Java, C#, JS, AS, Perl and D sourceforge.net
83 points by gjndrtjh  14 hours ago   48 comments top 14
1
kevingadd 28 minutes ago 0 replies      
See also the C~ language that the author of Scintilla created for the purpose of building a retargetable text editor component:

http://www.scintilla.org/SWPortability.html

He wrote his text editor component in C~, then compiled it down to C++, Java and C#. Kind of interesting - I actually used SinkWorld in a product once.

2
fauigerzigerk 2 hours ago 0 replies      
If I ever create a programming language, I will call it either (pronounced music) or . (pronounced dot).

That's one thing brainfuck didn't get right. Even they couldn't predict how incredibly stupid programming language naming would become :)

3
AlexanderDhoore 9 hours ago 3 replies      
Great, another programming language we can't google!

Please rename it to Membranous language.

4
profquail 2 hours ago 1 reply      
This is a really interesting project. However...

It's licensed under GPLv3 -- in my experience, that's an instant turnoff for most .NET (C#/F#/VB.NET) developers. If you changed the license to something like Apache 2.0, I think you'd get much more interest; not only new users, but new contributors too.

5
aaronbrethorst 9 hours ago 1 reply      
Pronunciation: http://www.asusilc.net/scr101/les1/s1glas.htm

"ch or tch as in: church, fetch, pronounced softer than the English sound"

6
trailfox 8 hours ago 1 reply      
Nice idea, but please give it a name that makes the language easy to discuss and search for.

There's no way I'm going to work on Monday and discussing: 'did you see that new language that I have no idea how it's pronounced that was on HN?'

7
DenisM 10 hours ago 0 replies      
That's awesome. I remember I spent some time rewriting the code I had from C# into Java and wishing there was a way for me to just write it once and reuse in multiple places. Just so that I do not have to patch multiple locations as I add features.

Maybe Objective C for the next iteration? :)

8
dsego 3 hours ago 0 replies      
Time to start working on I guess.
9
Moto7451 10 hours ago 0 replies      
This is great. Glad to see Perl support as I'm working in both these days. I have a C# DLL I'm planning on porting and I think I'll give this a whirl. If it can do a good port I'll be very impressed.
10
piokuc 1 hour ago 0 replies      
Does it do garbage collecting in all the target languages? The question is mainly about C, cause I can imagine it can rely on native garbage collector when targeting Java, Perl, etc.
11
nnq 7 hours ago 1 reply      
Great idea, but why another new language? Why not just pick a subset of C#? (or Java, or D, but subjectively speaking, C# is the most "friendly" language from that list)
12
chipsy 10 hours ago 0 replies      
I really like this concept. It would make a good counterpart to Haxe.
13
ycamel 8 hours ago 0 replies      
Why not support floating point number type?
14
chris_wot 11 hours ago 1 reply      
What was the need for this?
27
The quiet war in tech scripting.com
14 points by pron  5 hours ago   21 comments top 5
1
calinet6 1 hour ago 2 replies      
I couldn't help but laugh at this:

"Our tools have been getting more precarious, thanks to bugs introduced by the browser vendors"

Bugs introduced by the browser vendors? What? What?? Wait just second there, you think the global economy and power structure of the world is being affected by bugs in browsers?

This reads like a thinly veiled conspiracy theory. Actually, I'll just be blunt: it reads like crazy talk.

These things are not conspiracies against the stability of human society, they are the random results of a stochastic process of creation. If you want to say something valuable about the impact of tech on society, there are a whole bunch of directions you could go, but this ain't one of 'em.

2
toyg 1 hour ago 2 replies      
Yes, let's compare RSS and Javascript to international diplomacy and totalitarian government surveillance, they have a lot in common. Look at all those people killed by ambiguous standard specifications! People are starving! GIVE ME YOUR F*ING MONEY!

... why do people keep reading Dave Winer, again? Is it something about age, some sort of rite of passage when you're 21 and naive? "Oh yeah, back then I survived on ramen and read Dave Winer. I know, crazy, right?"

3
amirmc 5 hours ago 2 replies      
"By now it should be obvious that the big tech companies are not our friends. They're more like the government than they are like you and me."

In Europe (at least the UK), it's usually the big companies that are viewed with more suspicion than the governments. I don't think anyone felt that BigCo was ever 'like you and me'.

4
norswap 2 hours ago 1 reply      
I don't see what RSS has to do with anything, really.
5
kalms 1 hour ago 0 replies      
Wait, what? What did I just read? I think the conspiracy theories has started to run a little wild in here.
28
Kevin Mitnick on NSA Leaks
15 points by mikemoka  1 hour ago   5 comments top 3
1
joering2 32 minutes ago 0 replies      
> That indicates that there is potentially some very significant leak of someone who is violating their oath

Regardless if he swore to other oaths, this one is THE MOST important and succeeds all others: "I swear to protect US soil from enemies foreign and domestic". It says nothing as of how you are supposed to (or being forced to) execute this oath.

3
diminoten 26 minutes ago 2 replies      
Why does Kevin Mitnick know more than the general public on this topic?
29
The lack of proper alter table support in SQLite dustycloud.org
82 points by paroneayea  15 hours ago   43 comments top 9
1
rogerbinns 14 hours ago 3 replies      
I am very familiar with SQLite internals. The answer is already in there. SQLite stores each row as each column value encoded sequentially corresponding to the declared order of the columns. Changing column order or deletions/inserts require a rewrite of every row. The one special case that is allowed is adding a column on the end of the schema providing it has a default value.

A SQLite provided ALTER TABLE implementation would do exactly what was stated - start a transaction, rename the existing table to a temporary name, create a new one with the desired schema, and copy data across mangling as appropriate before deleting the old table and finishing the transaction. For plain tables this is no big deal, but for more complicated ones there are a lot of issues such as foreign key references, constraints, indices. The majority of the code would be dealing with all these conditions and interactions.

It also wouldn't be any more efficient than code the developer writes - ie there are no shortcuts available to the SQLite developers that aren't available to developers using SQLite. The net effect would be a larger library (they limit to a 250kb library size so something else would need to be chopped), some complex documentation and a heck of a lot of testing code. For something that is relatively rarely needed (see requests on the mailing lists).

The chance of something like this ending up in the SQLite core is extremely slim, so you could never depend on it being there anyway.

SQLite does have several things to help. There is a user_version pragma you can use to keep track of the schema version and use for upgrading. You can temporarily disable foreign key and constraint enforcing. There are numerous pragmas to get table metadata. The table definitions are stored as SQL strings in a sqlite master table, and a pragma allows you to make that writeable.

2
revelation 14 hours ago 4 replies      
ALTER is in itself an odd command, useful only in development, never in production, and bringin with it deep architectural implications and an endless list of problems in basically all SQL systems today.

In SQLite, an embedded database, it is certainly out of place. Drop, rebuild, and move on with life.

3
stevoski 41 minutes ago 0 replies      
The H2 open source java database implements "alter table" exactly as per the description of sql alchemy: create a new table with the new structure, copy all the data across, delete the original table, rename the new table to the origina name.

This could perhaps be acceptable for sqlite.

4
tome 6 hours ago 1 reply      
> I'm pre-pledging $200.00 towards fixing the problem

Nice idea, but wouldn't he have to find about one hundred other pledgers to make this financially viable?

5
bobbyi_settv 10 hours ago 1 reply      
> a successor called Alembic founded by the same core author as sqlalchemy-migrate

Alembic is not founded by the same core author as sqlalchemy-migrate. Alembic is founded by Mike Bayer who is the core author of SQLAlchemy itself.

6
k_bx 7 hours ago 2 replies      
> but we also want people to be able to run smallish installations for themselves or their friends and family as well

So, what's the problem in running PostgreSQL or MySQL in small installations? They really need small amount of space and memory to be installed and operated.

7
ams6110 1 hour ago 0 replies      
SQLLite is "lite"

If you want alter table support, use a SQL database that provides it. There are many.

8
mrbaxter 1 hour ago 0 replies      
SQLite is a replacement for fopen(), not a database.
9
ExpiredLink 6 hours ago 1 reply      
So he gets a free, lightweight, immensely practical tool. His answer: complaint.
30
Design your focus - Read better, work better, sleep better, X better. medium.com
39 points by gnus  10 hours ago   6 comments top 5
1
austenallred 11 minutes ago 0 replies      
It's faster for me to hit cmd+t/f/enter to bring up Facebook (people still use the bookmarks bar?) But I respect the principle of designing my life.

For me it's about having on/off time. There's nothing wrong with scanning Facebook/twitter/HackerNews, but I find myself mindlessly going there, especially in times of frustration or when I'm stuck on something. Basically it weakens my ability to really focus on hard problems. For me the best solution is something like the stayfocusd chrome plugin. It simply makes you aware when you're on one if those sites.

2
Ralz 1 hour ago 0 replies      
That's a little extreme and useless to put only one app on the IPhone dock. I could see this becoming extremely frustrating in an emergency situation where you need to call someone quickly. Why not just practice self control instead.
3
peatmoss 1 hour ago 0 replies      
Hide bookmarks? Don't use them. Am I just a weirdo for treating the location bar as the sole navigation UI element?
4
Carlee 5 hours ago 1 reply      
"Great idea" - Continues procrastinating.
5
gnus 5 hours ago 0 replies      
Oh, www.JFDIN.com
       cached 16 June 2013 16:02:01 GMT