hacker news with inline top comments    .. more ..    8 Sep 2013 News
home   ask   best   4 years ago   
Snowden Disclosures Finally Hit 12 on a Scale of 1 to 10 motherjones.com
106 points by nkurz  1 hour ago   65 comments top 22
malandrew 1 hour ago 3 replies      

    "For what it's worth, this is about the point where I get     off the Snowden train. It's true that some of these     disclosures are of clear public interest. In particular,     I'm thinking about the details of NSA efforts to     infiltrate and corrupt the standards setting groups that     produce commercial crypto schemes."
If anything this new information should put more people on the Snowden train. In the 90s, legislation was proposed which would have put backdoors everywhere via the Clipper Chip. Back then, we voted against that bill and all was good. This new information is shocking because we've already told the government that backdooring things was unacceptable behavior, yet they've done so anyways. We should all be outraged by this because it clearly doesn't represent the interest of the people.

ChuckMcM 1 hour ago 0 replies      
Per the article the gains that were made in breaking existing systems have been made public, so all of that effort goes for naught as people move on to new systems (which requires all new efforts). Basically if you want to consider the "cost" (as in $$) of Snowden's leaks, this shows a bunch of budget $$s that were spent on the assumption that these broken systems would remain in use for a period of time. Since that assumption is removed, the $$s spent on breaking those systems won't be as useful as forecast, hence the cost estimate.

That said, at the big crypt-a-geddon moment, when Leon Panetta said [1] "It does not mean that the Department of Defense will monitor citizens personal computers. We're not interested in personal communication or in e-mails or in providing the day to day security of private and commercial networks. That is not our goal. That is not our job. That is not our mission." he was lying. Both by omission and by commission.

And perhaps the most painful aspect of Snowden's act is that by exposing this failure of integrity in the NSA, they will never again be able to take the "high road" of we need this to defend the nation.

[1] http://www.defense.gov/speeches/speech.aspx?speechid=1728

auctiontheory 1 hour ago 3 replies      
He seems to be saying that it would be better (for the US) if the NSA continued to secretly spy on all the world's communications networks.

That's certainly one point of view, but it's not one I expected to see in Mother Jones, or on HN. Isn't the whole point of this uproar that we do not trust these unelected (by the US, never mind the global population) spooks with unfettered access to all communications?

sillysaurus2 44 minutes ago 4 replies      
You know, there's one very valuable piece of info that I don't think has been revealed anywhere yet, or I missed it:

Recall, for example, Glenn Greenwald's admission that he "almost lost one of the biggest leaks in national-security history" because Snowden initially insisted on communicating with strong crypto and Greenwald didn't want to be bothered to install it.

What exactly did Snowden insist Greenwald do, precisely? Whatever Snowden insisted on, it's guaranteed to be an NSA-proof method of communication. So it seems like it's an essential first step to figure out the details and train people to use it habitually.

jmadsen 1 hour ago 1 reply      
I'm not going to come out on either side on this yet, still thinking about it.

But to anticipate those who will say, "do you think the bad guys are really dumb enough to use basic encryption techniques?" -

The 1993 (failed) World Trade Center bombers were caught because they went back to the rental truck company to try to collect the deposit on the "stolen" truck.

So yes, some of them certainly are.

blcknight 57 minutes ago 1 reply      
We need to stop posting these non-technical ravings of people who haven't a clue. Kevin Drum can certainly have an opinion about the NSA (and he's mostly wrong, I think), but his musings about what the NSA can do is clearly uninformed.

He seems to believe that all commercial crypto is suspect; and there exists some other nebulous category called "strong crypto." D'oh! If only we had all been so smart enough to use this obviously better "strong crypto" instead of "commercial." It's meaningless. The NSA has it's hands in all the crypto cookie jars.

The NY Times slides:


give us some new details that have some usable specifics that can be gleaned.

Steuard 43 minutes ago 0 replies      
It's very valuable to see this reaction to the latest Snowden disclosures: I expect it will be common, and the tech community needs to be prepared to make it clear why this really does reflect another betrayal of trust.

Personally, I can't blame the NSA for trying to intercept and read lots of "suspicious" internet traffic: that's their job. Governments do this, and whether it's good or bad, it's expected. (I'm not happy about the degree to which the NSA seems to be stretching the rules against them acting domestically, nor am I happy about massive all-encompassing interceptions rather than targeted ones, but those are separate issues.)

So there really is a legitimate argument that these latest Snowden disclosures damage national security. The thing is, they also indicate that the NSA has been doing its expected work by actively weakening the protections that we (and large parts of the global economy) depend on. Their actions and strategies have also undermined global confidence in American technology companies. And those are factors that I think the average watcher (like the author of this article) may not recognize unless folks like us point it out.

sehugg 31 minutes ago 0 replies      
The author has posted an update which kinda-sorta retracts this article: http://www.motherjones.com/kevin-drum/2013/09/hed
a3n 55 minutes ago 0 replies      
"It's not clear to me how disclosing NSA's decryption breakthroughs benefits the public debate much,"

Backdoors, bought or coerced. If I obtain crypto capability, I expect it to be at least as good as advertised.

Or, in other words, they went to the public in the 90s and asked for Clipper. They were denied. So they went against the public and implemented what they were told, by their supposed masters, that they couldn't have.

If your dog is eating your children, is he your dog?

brudgers 1 hour ago 0 replies      
All the latest revelations show is that corporate and consumer encryption is just corporate and consumer encryption. It's never going to phase a state sponsored intelligence organ. What they can't decrypt, they buy, what the cannot buy they subvert or cripple or backdoor.

In fairness, it would be grossly unprofessional if they did not. The three letter agencies take pride in their craft and part of their job is staying in front of any wide spread encryption technology.

nraynaud 14 minutes ago 0 replies      
we need facts, the list of compromised ciphers, the bugs they are exploiting etc.I guess those NSA guys can't travel abroad, since spying is a felony in most countries.
ig1 1 hour ago 0 replies      
Article 12. (The Universal Declaration of Human Rights)

"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks."

B0Z 18 minutes ago 0 replies      
I have a question from the article that I hope someone here can answer... What's the difference between simple encryption and the "strong" encryption Snowden was insisting on? Truecrypt volumes?
nly 29 minutes ago 0 replies      
It's a shame we'll likely never see the "Annexe (available to BULLRUN indoctrinated staff)" that contains a breakdown of their capabilities.
soora 1 hour ago 9 replies      
What does a 12 on a scale of 1 to 10 even mean? What criteria are they judging damages on?

So far, I do not think the NSA has lost any of the capabilities it previously had. I have not heard of any NSA backdoors being removed from existing software.

kalkin 51 minutes ago 0 replies      
The distinction which is the basis of this article between "commercial" and "strong" encryption seems confused. Kevin Drum in this post makes it sound as if commercial encryption is algorithmically weaker, which as a rule it is not, rather than just easier for the NSA to plant backdoors in by strongarming vendors.

The distinction matters here since we're meant to believe that most "bad guys.. figured that ordinary commercial crypto provided sufficient protection." But this translates to, they trusted Google, Microsoft et al. That seems less likely to me.

Disclaimer: I am not a cryptographer or security researcher. (On the other hand, given that I've done various kinds of antiwar political organizing and associated with members of Muslim Student Associations whose infiltration by NYPD later became a matter of public record, maybe I can speak as a government-classified "bad guy!" I should really do an FOIA request one of these days...)

masswerk 1 hour ago 0 replies      
Now this is quite a national-biased view (again).On the other hand standards, protocols, and the trust in networks are an international affair as well. So what is probably a future damage viewed from a national side is a damage already caused from an international point of view.
cjdrake 23 minutes ago 0 replies      
False. A scale of 1 to 10 only goes to 10. :).
logicallee 8 minutes ago 0 replies      
Reposted from elsewhere:

"These people have no imagination.

I don't think the damage, on a scale of 1 to 10, is 12.

Ten means that tens of millions of Americans in good standing, Doctors, Lawyers, dentists, teachers, farmers, everyone, is desperately trying to cross the border into Canada for safe haven while border patrol shoots people dead and tens of millions are in hiding.

Instead America is having civil discourse about a secret spying program. If the NSA (were, hypothetically) to delete all its materials, then things would "go back to normal".

Really, I don't see how this is a 12 so far. In fact it's a 3."

tomasien 1 hour ago 2 replies      
I wonder what criteria Snowden used in his disclosures in terms of what to release and what not to release.
logicallee 10 minutes ago 0 replies      
I guess some people have no imagination, or maybe don't really see the world in 3D, in color. As a post said:

"These people have no imagination.

I don't think the damage, on a scale of 1 to 10, is 12.

Ten means that tens of millions of Americans in good standing, Doctors, Lawyers, dentists, teachers, farmers, everyone, is desperately trying to cross the border into Canada for safe haven while border patrol shoots people dead and tens of millions are in hiding.

Instead America is having civil discourse about a secret spying program. If the NSA (were, hypothetically) to delete all its materials, then things would "go back to normal".

Really, I don't see how this is a 12 so far. In fact it's a 3."

the_french 1 hour ago 0 replies      
The way I've understood the recent leak was that we know the NSA has been concentrating on breaking SSL, 4G and others but that the actual techniques haven't been revealed. Besides, I feel that it is very important to know that bank, internet, and wireless security have been comprised by at least one actor.
The 10 commandments for happiness and success chentir.com
32 points by Amokrane  2 hours ago   17 comments top 8
freejack 12 minutes ago 0 replies      
A great list.

I'd add - Understand the cost of fitting in. Being truly outstanding at what you do sometimes means you need to do it by yourself. Fitting in is comfortable, and will rarely lead to excellence and deep personal satisfaction.

WalterGR 44 minutes ago 3 replies      
Does anyone know of any good meta-analyses of studies about happiness / life satisfaction?

Or put another way: what does actual research suggest the "commandments" for happiness are?

eksith 1 hour ago 2 replies      
Great advice, but... "Dont compare yourself to others" I've repeatedly found this to be near-impossible. It's just that no matter what standard I've set for myself, just the fact that I see someone doing better automatically makes me think I'm doing something wrong and/or I'm not good enough. That may not be the case, but that's the default thought for me and only after do I actually look into it.

What's worse is that not only is it totally the wrong attitude, I know that it's the wrong attitude. It's very disheartening.

jafaku 1 hour ago 2 replies      
> Have strong values and stick to them, no matter what.

What if someone shows me evidence, a better reasoning, or anything I didn't know, that goes against one of my values? I disagree with this point.

shire 49 minutes ago 0 replies      
2/ Only surround yourself with brilliant and positive people.

this really touched me, most of my friends are always negative and angry and sad to say but my family is also dysfunctional which at times leads me to being stressed and upset as well. It's hard to cut people off who are your family and friends though.

bigd 59 minutes ago 0 replies      
I've the feeling this is getting little out of hand. What this Oprah crap has to do with hackernews?

(a shitty negative person)

soora 1 hour ago 1 reply      
One concept that I think is hard to grasp, and makes taking this sort of advice hard to apply, is just how much our default happiness is biologically hard coded.

For this reason I view the point about exercise and eating healthy to be the most important one on the list.

6d0debc071 47 minutes ago 1 reply      
Commandments for happiness. Hmm, okay ^_^

From my experiences, these spring up as the big ones I'd mention:

1. Learn to be happy with your own company before you seek a relationship. People who want to be your emotional crutches are generally bad for your growth in the long run, and being able to be happy on your own will help you get out if the other person becomes abusive.

2. Don't have a totally unbalanced investment in any one person, group or activity. Doing so makes you very vulnerable and makes failure in that area devastating for no commensurate increase in happiness.

3. Find people you can listen to, and who are interested in some of the same sort of things that you are. Listen to these people if you honestly trust them or leave them if you don't. If your friends are honest, sometimes they'll hurt you in warning you off of things or people. This is worth it - don't get so lost in your own ego that you lose all tough with reality, in the long run that will hurt more.

4. Get enough high-quality sleep. Not all sleep is good, even if you manage to pass out. Silence and as near to total darkness as you can get are pretty much prerequisites to waking up refreshed. A comfortable bed that properly supports you is also worthwhile. I've had friends who've gone off of depression medication by virtue of changing their beds and buying some blackout blinds. Just -- check that sort of thing first if you're having problems.

5. Do things with others. Archery, dancing, swimming, martial arts, paint-balling, painting, singing, etc. It gives you a chance to discover new passions and gets you in contact with a wider variety of friends in situations where you can form lasting relationships.

6. Smile at people. A smile is a gift you give to everyone around you, and it's free to the giver. It also seems to be linked to areas of our brains that make us feel happy even if we don't really feel that happy inside at the time. And seeing people smile back is nice.

7. Learn to look for the potential positives in things and phrase everything that you can in terms of positives rather than negatives. Few people like little storm-clouds dooming and glooming over them - in my experience, even in my own head, having a different spin on things makes me happier. You can make yourself very lonely just on the strength of choosing a specific phrasing.

8. This may not be for everyone, but: Teach. Not necessarily in a school environment. It can be incredibly rewarding to see a younger girl smile at the program she's just written, celebrate her first job, or (I gather from my boyfriend,) a young man make his first bit of woodwork.

9. Learn to recognise when you're boring people. This is, I gather, initially a rather depressing skill - but if you persevere you can find people who actually like being around you, or moderate your egoism somewhat, and that tends to be more rewarding.

10. Caring for others can let you be at least partially happy about some things that you might be sad about. A social form of hedging your bets. When the weather is blisteringly hot, for instance, I remind myself that Ellen (one of my friends) likes putting her washing out and sunbathing on the weekends and that makes me smile.

The psychiatric drug crisis newyorker.com
60 points by npalli  4 hours ago   42 comments top 9
kyro 1 hour ago 2 replies      
Good riddance. Psychiatry by and large is a sham field. Physicians who practice it love seeing themselves as artists who are experts in identifying the subtleties of human behavior. That's their way of saying there's very little underlying science guiding their practice.

Many of the diagnoses given are pulled out of thin air and made to justify a patient's admission, or to appease a patient's desire to feel as if they have a treatable illness. I would ask psychiatrists I trained with to explain why a drug worked or why a disease developed. They would do nothing more than give me the same surface-level information we all know: SSRIs block serotonin reuptake, leading to more serotonin in the synaptic cleft that would then cause increased stimulation, and voila, you're not depressed. This is information anyone can attain with a google search. The majority of their knowledge dealt with pharmacological dynamics.

I sat in on a psychiatry conference one afternoon where the docs discussed the treatment of several patients. Never was a scientific article or concept uttered. It was all "well, let's try him on seroquel and olanzapine, let's also throw Paxil in there." It was evident that their treatment protocol was largely one of extremely unsupported trial-and-error based on very, very unique experiences, anecdotes, and preferences each psychiatrist had.

Now, I don't want to discredit the entire field. I do know friends and family who have benefited from psychiatric medications, although that could entirely be due to placebo effect. What needs to happen first is that we need to attain a much deeper understanding of how the brain works on the low and high levels, mechanically and abstractly. Mechanically so that we may develop effective meds, abstractly so that we may learn how to manipulate cognitive processes, like with what we see with CBT, which has worked wonders for many with depression -- no medication involved.

tl;dr: Psychiatry is a very, very loose and abstract field. You can't run any diagnostic tests on patients. It's mostly a field of educated guessing and confirmation bias. We need better mechanical and abstract understanding of the mind before we douse it in chemicals.

md224 1 hour ago 4 replies      
Fun Fact: Selective Serotonin Reuptake Inhibitors, the class of drugs used to treat depression and anxiety disorders by increasing the availability of serotonin, have a mirror opposite: Tianeptine (http://en.wikipedia.org/wiki/Tianeptine), which acts as a Selective Serotonin Reuptake Enhancer.

Incredibly, this drug has also been effective at treating depression. That's right: two classes of drugs with polar opposite first-order effects are used to treat the same disorder, and both of them apparently work.

dancric 2 hours ago 2 replies      
The book, "Anatomy of an Epidemic", provides a really comprehensive look at how we ended up in this situation. Some of the keys here:

1) A desire to bring a level of "science" to a part of our physiology we don't understand. The thinking here is that while we do not understand the etiology of depression, we can at minimum begin to use blunt tools to solve problems. The issue as anyone who has studied complex systems understands, is that the feedback loops are so dense, there is no method to understand what is happening.

2) Financialization of treatment drugs make more money than therapy and other methods. Or to use an HN phrase, drugs are more easily scaled to the population than other methods. The incentives throughout the entire system push people this direction, regardless of the underlying research.

3) Treatment doesn't happen instantly in any case. The issue with much of the research today is that we take a very limited time window to evaluate the efficacy of different treatments. If, instead, we looked at treatment over the life course, the results are often radically different.

This is where startups like Seven Cups of Tea will hopefully play the world. This mental health crisis offers a huge opportunity for disruption and creativity. As a quote in the Stanford alumni magazine said this month: "One hundred years from now, people will look back at the age of giving SSRIs and they will have a reputation that's akin to bloodletting."[1]

[1] http://alumni.stanford.edu/get/page/magazine/article/?articl...

FrankenPC 1 hour ago 1 reply      
Maybe humans are just...unhappy? By that I mean as a race, we are inherently unstable (see: entire human history) and for a long time we kept it together by forming very tight family and community bonds. We had central, realistic, and tangible goals. We had an invisible friend (religion). As science has systematically stripped all that away (for the better mind you...), nothing has filled those needs. We don't need more facebook and texting, we need human contact.

HAHAHA! Just kidding! Did you see the latest iPhone! It's got moar processors!

bdclimber14 32 minutes ago 0 replies      
I think it's relevant to point out the potent anti-depressant effects many people experience with natural supplements such as sam-e and 5htp. It's unfortunate that these drugs are rarely prescribed (in the U.S.). Few clinical studies have been done on these and there is little economic motivation for drug companies since these are un-patentable substances.
paul9290 1 hour ago 0 replies      
I haven't read this entire article, but my experiences with a handful of anti-depressants is that they all are a placebo. Though not for profits. Sell people hope and promise of becoming "normal," and they buy it in the million.

Again this is my own personal experience in taking various anti-depressants for a few years. Overall what helped me was talking to other people and realizing were all nuts (deal with same issues) and yet very normal.

So if your dealing with depression and anxiety and are hiding it, from my experiences please do not. Please talk about it with as many people as possible; realize we are all the same and deal with the same similar issues!

unono 1 hour ago 2 replies      
Hackers can make huge money in psychology/psychiatry (both prescientific fields). Life logging and it's analysis - quantified self. Positive psychology would be the better angle to play it, unregulated, big money in the self-help culture. Mobile apps are the right medium for it. There was recent doc on it 'Monitor Me' by bbc horizon.

edit: to replyers, it didn't want to post links for everything, so

google 'monitor me bbc horizon youtube', 'quantified self', 'self help industry', 'positive psychology'

whalemaker 2 hours ago 1 reply      
Obscure psychiatric drugs are also ridiculously expensive sometimes. A friend of mine switched from a brand name anti-psychotic to a generic version. He went from paying over $1200 a month to $22 for 30 pills, for something as important as preventing his psychotic episodes.
TheLegace 2 hours ago 1 reply      
My ADHD medication Strattera costs $170 a month and since the generic version only saves me $20 causes serious nausea and vomiting I don't have any choice.

And its one of the only medications you can't develop a tolerance for.

Luckily I'm Canadian, working part time at a Canadian university where health insurance covers the costs.

Easy 6502 skilldrick.github.io
139 points by steveklabnik  7 hours ago   22 comments top 13
s_q_b 5 hours ago 0 replies      
Ah, this is great. I first learned assembly programming to modify one of my favorite video games, Earthbound. To my surprise, the game was a cult classic, and extensive efforts had been made to develop tools to modify every aspect of the game.

As part of that effort, I learned 65816 assembly, a 16-bit descendant of the 6502. The day I modified the code to add a run button, thereby eliminating one of the most annoying aspects of the original game, I was ecstatic.

I checked back on the community, PK Hack, a few months ago. The level of development was amazing. Virtually the entire game was mapped, byte for byte. There's a sophisticated visual map editor, and a cross-platform data editor.

The coolest part was to see a tool I envisioned, for which I developed a lackluster proof of concept, come to full fledged fruition.

Earthbound, as it turns out is a rather uniquely developed game. The second game in the Mother series, which is enormously popular in Japan, ran into severe difficulties. Co-developed by HAL and Ape, the coding was rather schizophrenic from the outset. Eventually large parts were rewritten by Shigesato Itoi himself, as the legend goes. The end result is a spaghetti soup of code generated by some type of macro system, compiled from some variant of C, and written in assembly itself.

To manage this complexity, many of the events in the game used a text scripting language that abstracted away the underlying routines. This scripting was a series of in-line hex sequences, each its own set of instructions for how sprites, character entities, etc. were supposed to act when the code appeared, which we termed "control codes."

12-year-old me, supremely confident in his abilities and utterly lacking in all technical knowledge, suggested we build a scripting language on top of the control codes so that manual text editing would be eased. The result was a slapdash Visual Basic job that used a BASIC like syntax for simple substitutes for control codes. Of course at the time, I had no knowledge of parsers, DSLs, language design, or really basic computational knowledge. The result was a wreck.

But that wreck stuck in someone's mind. Years later, after obtaining his computer science degree, one of the hackers with whom I had worked implemented a full-fledged language on top of the control codes.

In retrospect, I don't remember the vast amounts of time I ostensibly wasted learning an obsolete game's design and building tools with which to modify it. I remember the heady moment when you suddenly knew how a data field worked, or after a whole night of hunting with a hex editor the data you wanted appeared, and the sheer giddy thrill of discovering new knowledge and seeing it implemented right there, like a physical mark on the world.

I recognize this has been a long and tangential exposition, so if you've read any of it thank you for indulging me. Another glimpse of that low level assembly, like the smell of home after a very long time away, brings back so many vivid memories.

cmccabe 3 hours ago 1 reply      
I disagree with the claim that learning x86 assembly is not useful. I occasionally use inline assembly in my day job. It's very rare, but it does happen. If you're doing C or C++, it helps to know a little bit of x86 assembly when debugging. There are also certain optimizations that you often need inline assembly for, such as using the built-in Intel instruction for CRC32 calculations.

I learned Z80 assembly when writing software for the TI-85. But if I were giving advice to someone interested in learning assembly now, I would suggest learning x86... it's more useful, and just as fun.

lclarkmichalek 6 hours ago 0 replies      
It emerged recently on r/ReverseEngineering that the 6502 has fewer transistors than the number of pages in Intel's x86 documentation. Link to the discussion: http://www.reddit.com/r/ReverseEngineering/comments/1lp61a/i...
__david__ 3 hours ago 1 reply      
Love it! The 6502 was the first assembly I ever learned. I still remember a handful of opcodes from all the hand-assembling I did:

   a9 44   20 ed fd   a9 41   20 ed fd   a9 56   20 ed fd   a9 49   20 ed fd   a9 44   20 ed fd   60
About a year ago, in a fit of nostalgia, I wrote an Apple ][ emulator in javascript [1]. My 6502 emulator isn't quite perfect yet, but it runs most things.

[1] http://porkrind.org/a2

Terretta 6 hours ago 2 replies      
Absolutely adore 6502. Started to learn it just a few weeks after being exposed to AppleSoft BASIC and realizing assembly was playing in the machine itself.

There was a holistic understanding of computing that came from the whole Apple II package: taking off the lid, looking at the chips, mapping that to the technical manual showing you the chips, their addresses, their wiring, their code, and being able to stick your hands in all of it. Even a kid could reason the whole machine's current state.

For a while in the late '90s and early '00s, I wondered if we'd lose that kind of education. Tablets worry me for this reason--all screen, no insides.

Thankfully "kids these days" (grownups too) have things like the Arduino so all hope of understanding computing from the inside out is not lost.

harrytuttle 3 hours ago 0 replies      
I never 'got' the 6502 and religiously went Z80 all over until someone described it in the following way:

Think of it as a RISC CPU with 256 registers (zero page).

It just clicked then. Wonderful processor.

transfire 5 hours ago 1 reply      
A few years back some really smart guys figured out how to make optical diodes. That means optical computers, that means really really fast computers. They said the problem was the the size of the diode was on the order 400nm as opposed to todays transistors being around 40nm or so. What did I think? Screw that! I'll take a 1 THz 6502 over all these bloated multi-core pipeliney chips any day of the week!
illicium 4 hours ago 0 replies      
>Well, I dont think learning x86 is useful.

Unless you are a security researcher and your day job is reverse engineering executables.

frozenport 3 hours ago 0 replies      
`I dont think youll ever have to write assembly language in your day job`

Doing C++ work I have had to do this a few times, maybe once a year to optimize a critical routine that the compiler wasn't able to pick up on. When it helped, it really helped.

hk__2 6 hours ago 2 replies      
danmaz74 4 hours ago 0 replies      
My first "serious" programming attempts were trying to use interrupts on a commodore 64 to play music in the background. It didn't work as I wanted - I was 10 - but I really learned a lot.
cz20xx 50 minutes ago 0 replies      
Can't you load custom assembly into the 6502 screensaver on XScreensaver? Going to try that.
rickjames28 5 hours ago 0 replies      
6502 reminded me of one of my favorite books Hackers. http://en.wikipedia.org/wiki/Hackers:_Heroes_of_the_Computer.... I wonder what happened to John Harris http://en.wikipedia.org/wiki/John_Harris_(software_developer... I heard he stubbornly refused to move to C from assembly.
Spooks break most Internet crypto, but how? arstechnica.com
28 points by shawndumas  4 hours ago   18 comments top 5
dpifke 33 minutes ago 0 replies      
My personal theory: NSA has gotten in bed with the Hardware Security Module (HSM) vendors. There's essentially only two of them: SafeNet and Thales. SafeNet has bought up all the smaller players.

All of the big guys use HSMs to protect key material from intruders or malicious insiders. Key generation happens inside a sealed box from which the keys can never leave, except into another identically-configured sealed box from the same vendor. As such, there's no way to inspect the keys being generated - you have to trust the FIPS certification that it's being done correctly.

If--perhaps as part of the FIPS certification process--the NSA were to compromise the key generation function of a handful of popular HSM models, in one fell swoop they would have compromised all of the CAs, DNSSEC, Google, Microsoft, Facebook, Amazon, etc. (Not to mention all of the banks, credit card companies, etc.)

Further data point: in my experience talking to SafeNet at least, they employ a lot of ex-DoD folks who probably still have connections to their old bosses.

This is just speculation, but seems a likely attack vector.

eksith 2 hours ago 2 replies      
As in most of these technological failures, the problem may just be between the keyboard and chair. I never cease to be amazed at the seemingly insurmountable odds people defeat to ensure something breaks somewhere in the least predictable way possible. In such an atmosphere, deliberate sabotage or sci-fi caliber cracking hardware are the least of your worries.
Sonicmouse 3 hours ago 3 replies      
"Unless the feds know of a flaw in the Diffie-Hellman key exchange process at the heart of this scheme..."

The only flaw in the DHM algorithm is that it depends on a RNG.

It goes back to the fact that if the NSA has infiltrated the RNG, then DHM key exchange is merely a slight nuisance.

I wrote some software that patched out MS' CryptGenRandom() to only return 0x01's all day. I was easily able to then implement a MITM attack on Adobe RTMPE traffic all day long.

I'm stupid... Imagine what an NSA engineer could accomplish.

croikle 1 hour ago 0 replies      
Chrome's pinning is a definite upgrade, but it's more vulnerable than some people make it seem. In practice, a pin consists of a list of CA certificates which are allowed to sign for the given domain (the list is in [1]). This list can be surprisingly long: for example, the list for twitter.com contains 22 keys from 3 different CAs.

This means that, e.g., if you are "good friends" with Verisign, you can get them to issue a certificate for any Google property, and Chrome will happily accept it.

[1] https://src.chromium.org/viewvc/chrome/trunk/src/net/http/tr...

tensor 2 hours ago 2 replies      
Has it been verified that they can break most internet crypto? Or is it just a claim?
Xiaomi Makes Another Big Move in Consumer Electronics bits.blogs.nytimes.com
16 points by guybrushT  3 hours ago   10 comments top 3
jkat 9 minutes ago 0 replies      
With their supposed interest in expanded outside of China, does anyone know if they are hiring? To me it is, by far, the most interesting startup right now.
continuations 2 hours ago 4 replies      
Why do companies keep pushing 3D TV? No one I know actually wants 3D TV.

Now if only they'll release a 42" 4K monitor at $500. I'll be the first to buy. The monitor market has been stagnant for years.

calbear81 1 hour ago 1 reply      
There's a lot of 47" 3D-capable sets in the $500 range available now and you can throw on a cheap Android box for $50 and have the same thing. A built-in version like this one from Vizio (http://www.walmart.com/ip/VIZIO-47-Class-Theater-3D-LCD-HDTV...) is $598 so I'm not getting why it's making waves?
John Gilmore: NSA obstructed development of IPSEC Crypto in Linux Kernel slashdot.org
10 points by teamgb  1 hour ago   discuss
Games That Teach Programming: A Brief Overview gamasutra.com
50 points by jlees  6 hours ago   32 comments top 22
edtechdev 5 hours ago 2 replies      
He forgot about all the robot fighting games, where you 'program' a robot (or tank) to fight other robots/tanks, such as: http://fightcodegame.com/ http://robocode.sourceforge.net/ http://www.nessbots.com/ and dozens of others: http://www.sumost.ca/steve/games/

Also, there are tools that make it easier for kids/beginners to create games, and in doing so learn programming, such as: http://www.playmycode.com/ http://pixieengine.com/ https://www.scirra.com/construct2

Some other LightBot-like games include Cargo-Bot, Robologic, and several others: http://breakoutmentors.com/kids-programming-resources/

There's ComputerCraft in Minecraft, etc.

And there's learning programming by modding games/simulations such as minecraft

mentos 4 hours ago 1 reply      
Running an Ultima Online server with an emulator called RunUO was a fantastic learning tool for me in high school.

I've always thought you could craft a curriculum around developing for the emulator.

You could start off small as I did by just teaching students how to create items in the game. Show the inheritance hierarchy where 'Uber Sword' inherits from 'Sword' which inherits from a base class 'Weapon'..

Teach students how to write their own spells in the game with delays and different damage types which exposes them to simple if/else logic, timers, enums, etc.

Advance to creating your own monsters and NPCs that respond to player speech which teaches state/simple AI/string manipulation.

You could leave the server running 24/7 so players could play/develop/hangout together.

Show how items disappear from the game world on reboot and how to serialize the game objects.

You could have an exam in the game where players showcase what they've developed and culminate with an all-class battle.

I think a stripped down MMO like this could be the perfect environment to foster creativity/learning.

1123581321 5 hours ago 0 replies      
My introduction to programming was ZZT-OOP[1], the language built into the roguelike ZZT created by Tim Sweeney (Unreal.)

Each ASCII character with a program was an object and they communicated by passing messages to each other. Items like bullets and the player also could pass messages to these custom objects. I remember piecing together some complicated multi-step, multi-object behaviors in a sort of concurrent programming.

My other introduction was changing the behavior of the gorillas in GORILLAS.BAS. From that I learned about Basic, and eventually wrote my first utility for another game, which was a battle success estimator/damage calculator for Sid Meier's Alpha Centauri.

I think the playfulness of games and the more straightforward representation of objects in games really helps children understand the point of programming and some programming concepts that are more obscured in business/utility software.


choxi 5 hours ago 1 reply      
I'd like to give a shoutout for our graphical implementation of Ruby Warrior if I may :)


kephra 3 hours ago 0 replies      
I wonder that the article does not mention Second Life. SL is a real boring thing, as long as you only consume it, but it becomes fascinating, once you start to design.

I know several people who learned Gimp because of SL, or scripting. Scripts could be as easy as a "say hello" if someone walks through a door, or as complex as self driving cars, or a 200x100 meter big pinball game, that requires 3 players: One for each flipper, and one inside the ball. Linden Scripting Language makes quarternions as easy to use as Havok physics.

siavosh 6 hours ago 1 reply      
One programming topic I'd love to see a game for is software concurrency. This is one topic near and dear to my heart which I think a lot of us struggle with since a lot of it can be so counter-intuitive. Reading through "Java Concurrency in Practice", some of the ideas and best practices really popped out at me as something that could be translated into an abstract art style game, and for some reason, the mechanics of guitar hero with multiple guitars visualized in my head. It would be a fast paced game with trippy colors and great digitized procedural music, and you shouldn't need to know anything about programming to play. Threads could be visualized as lines going through space, and you have to protect data units with good use of abstractions, queues, locks etc so they don't get corrupted. And the better you get, the more threads you have to deal with and more advanced topics/tools you'd need to use. I'm not a game developer, but I'd love it if such a game existed :)
8ig8 4 hours ago 0 replies      
The Big Trak [1] laid the foundation for me even before Logo. I wish I had one today for my kids.

[1] http://en.wikipedia.org/wiki/Big_Trak

soora 5 hours ago 1 reply      
I personally think games with level editors are one of the best introductions to programming.

My first exposure to "programming" when I was in middle school was using the Warcraft 2 level editor, setting up custom triggers and using my imagination to build something I thought would be fun for others to play.

ygra 6 hours ago 0 replies      
Weirdly enough, Light Bot is one programming game I enjoyed the least. My personal favourite would probably be Manufactoria [1].

[1] http://pleasingfungus.com/Manufactoria/

icefox 1 hour ago 0 replies      
If you made a game that used programming, but didn't play like something trying to teach you stuff what would it be like?
RodgerTheGreat 5 hours ago 0 replies      
I've built a few games along these lines, the most publicized of which is Forth Warrior: https://github.com/JohnEarnest/Mako/tree/master/games/Warrio...

I have some slow backburner plans for a game with similar mechanics but an easier introduction for total beginners and more challenging end-game tasks such as dealing with concurrency.

ruttiger 5 hours ago 1 reply      
Anyone play Rocky's Boot?https://en.wikipedia.org/wiki/Rocky%27s_Boots


I didn't realize until college that I had been learning EE when I was a kid.

zokier 4 hours ago 0 replies      
All the games from Zachtronics probably more or less fit this theme:


FrankenPC 3 hours ago 1 reply      
Anyone here remember Omega Tank by Origin? An old DOS PC game that gave you a simple but effective environment to program combat tanks to fight against the computer or programs written by your friends. Awesome game.
Hermel 3 hours ago 0 replies      
Kara (http://www.swisseduc.ch/compscience/karatojava/kara/) is an excellent and fun game to learn finite state machines. Also, there are variants to learn Java and concurrency.
thejteam 4 hours ago 0 replies      
My daughter used Microsoft Kodu Game Lab at summer camp and had a blast. I just started to look at it but it looks like a decent intro for at least the 7-8 year old group.
heurist 2 hours ago 0 replies      
Are there any games made to help software developers improve their design or intuitive skills? Maybe something where you have to minimize dependencies or visualize program flow, or apply known design patterns to solve problems... I'm envisioning minigames that are basically koans with immediate feedback. I think I would find those very useful.
cheesylard 49 minutes ago 0 replies      
It makes me sad that Garry's Mod was not at the top of that list.
trothoun 4 hours ago 1 reply      
It's a shame that CogniToy's MindRover is not mentioned, it really captured my imagination, and I wish there were more games like it. It does appear to be sadly defunct, however.
abstrct 4 hours ago 0 replies      
There is also the Schemaverse (http://schemaverse.com), a multi-player space battle game for learning SQL, pl/pgSQL, and really any other language that has a library for connecting to PostgreSQL
garybloom 3 hours ago 0 replies      
Creating a context where learning to program replaces our school system: http://www.gebloom.com/blog/Softworlds
Efficient String Concatenation in Python skymind.com
43 points by cvursache  6 hours ago   19 comments top 8
kingkilr 3 hours ago 0 replies      
If you really care about efficiency (and are using PyPy), an actually efficient way to concat strings:

    from __pypy__.builders import StringBuilder    builder = StringBuilder(<size estimate, optional>)    for i in xrange(10000):        builder.append(str(i))    return builder.build()

mappu 1 hour ago 0 replies      
For comparison, PHP has mutable strings. Some totally unscientific averaged benchmarks (Atom D2700, PHP 5.4.4-14 amd64):

    $buff = '';    for ($i = 0; $i != 100000; ++$i) {            $buff .= $i;    }
Runs in about 0.06s

    $buff = array();    for ($i = 0; $i != 100000; ++$i) {            $buff[] = $i;    }    $ret = implode('', $buff);
Runs slower, in about 0.10s

    $ret = implode('', range(0, 100000));
Takes roughly the same time, 0.10s

kstrauser 5 hours ago 2 replies      
How would a method 7 using generator expressions fare on the same system, like:

    return ''.join(`num` for num in xrange(loop_count))
On one hand, it avoids creating a temporary list in memory. On the other, it can't know in advance how long the final output of the loop will be and so couldn't use tricks like preallocating enough RAM.

inglesp 4 hours ago 1 reply      
Note that since this article was written (2004) CPython performs an in-place optimisation for assignments of the form

    s1 += s2
There are details at point six of http://docs.python.org/2/library/stdtypes.html#sequence-type..., where it also says that str.join() is preferable.

1st1 5 hours ago 0 replies      
A very old article from 2004 (please edit the title). The tests are only for cpython2 and for a very old one.
dbecker 1 hour ago 0 replies      
Doing stuff efficiently is great when there's some benefit from efficiency. But I've seen a lot of fragile code (and implementation specific hacks) created based on benchmarks, when the time savings were meaningless in practice.
gamegoblin 5 hours ago 1 reply      
I believe that the current most efficient way of doing this is

    ''.join(map(str, range(n)))

zeeboo 5 hours ago 1 reply      
Note these tests were run on Python 2.2 which makes the results old enough to almost certainly be invalid. Last time I checked, straight string concatenation was faster than everything else for the types of inputs I was dealing with.
What People Like About the Plan 9 OS bell-labs.com
65 points by rbc  8 hours ago   38 comments top 7
rbc 5 hours ago 1 reply      
There are Amazon AMI's for plan 9, called plan9-fossil. You don't use ssh to get in though. You need to use the plan 9 "cpu" command, using the "ec2" user and a random password printed on the instance console/system log. I have a plan 9 host running under VirtualBox that I used to access my Amazon Plan 9 host. It worked just great. Another little item is you have to allow TCP access to ports 17010 and 17013 on the instance.
rdtsc 6 hours ago 3 replies      
I was fascinated with Plan 9. It just has really cool ideas in its design.

It has been said before and I agree. The problem with Plan 9 adoption isn't Plan 9. Plan 9 is beautiful. The problem is that Linux is quite alright as well.

Also, Linux has drivers for more hardware when Plan 9 was ready to be played with. Plan 9 doesn't. It is a chicken and egg problem. I remember trying Plan 9 and it just didn't have drivers for some of my hardware. It was like Linux in back in the days.

D9u 5 hours ago 2 replies      
rcarmo 1 hour ago 0 replies      
Interesting. Serendipitously, I just came across some GSOC posts regarding getting Java on it:


If that turns out OK and someone manages to port a browser over, it might be a good environment to do run Clojure.

dasil003 3 hours ago 1 reply      
I think to really understand what makes Plan 9 great requires a deep understanding of Unix, but once you have a deep understanding of Unix...
carterschonwald 5 hours ago 0 replies      
Woah: I didn't realize there was still active work on plan 9. They've participated in Gsoc the past four years even!
frozenport 4 hours ago 2 replies      
Plan 9 was also slow and didn't support a normal version of GCC.

Developers! Developers! Developers!

London student reported to police: Enchanted by anarchism and individualism the-libertarian.co.uk
197 points by null_ptr  7 hours ago   145 comments top 23
SiVal 5 hours ago 6 replies      
This sort of thing is alive and well in US schools, too. The official policy of the Seattle Public School system is to stamp out racism in all its forms, and notice how many forms there are. (Note in particular the Cultural Racism section that includes, "emphasizing individualism as opposed to a more collective ideology" as a form of racism that, by official policy, is to be stamped out by the government education system):


btilly 2 hours ago 1 reply      
Here is the text of an email that I sent the school.


The primary duty that a school has is to turn out informed citizens who will try to maintain democracy. Despite your best efforts, you are apparently on the path to success with Kinnan Zaloom.

Unfortunately your headmaster has failed to learn the critical lesson that any organization populated by people will have failure modes, and a common failure mode is that those in authority will seek to use their authority inappropriately, and will also seek to assert more authority than they should have. This has been known for thousands of years, with famous examples including ancient Athens, the Roman Republic, and a plethora of dictatorships around the world today.

I am being generous in saying that your headmaster has failed to learn this lesson. In fact he seems to have learned it, but sees the path to petty dictatorship as something to emulate, not to fear. However one should never ascribe to malice and all that, so I will make the generous assumption that his actions came through incompetence.

But even making the generous assumption, it is clear that your headmaster is not the kind of person who should be put in a position where he can try to harm the future of children whose only crime is to think more clearly than he does. We need children to learn that authority is a necessary evil in a democratic society. Which lesson can best be learned in an environment where authority is exercised wisely enough that the "necessary" part of it becomes evident.

For the good of the children forced to suffer through your school, I sincerely hope that this fact is taken to heart and appropriate measures are taken to ensure that authority rests in more competent people going forward.

rhizome 6 hours ago 2 replies      
The headteacher, in addition to reporting Zaloom to the police, phoned Glasgow University, where the student had applied to study, in an attempt to dissuade them from accepting him.

Not the best way to counter charges of endemic corrpution in society, I must say. In the US, this kind of interference would pose a great deal of trouble for the ambitious functionary.

noonespecial 5 hours ago 2 replies      
You almost feel sorry for the teacher in this case. Sure, he's about to get the just desserts of a repugnant action like this, but its kind of like a dog digging up a nest full of yellow jackets. He "deserves" the stings but he's not going to understand why he is suddenly being stung.

It boggles our tech-savvy minds that someone could be this out of touch and still have a position of any authority whatsoever, but there it is.

I also hope the best for the student, but I can't help feeling that this will be nothing but a minor setback for him as much as it seems to potentially suck now.

auctiontheory 7 hours ago 4 replies      
I somehow doubt that sabotaging the kid's education would reduce his anarchism and individualism.
tjaerv 4 hours ago 1 reply      
Is this satire? It reads like satire.

"I must do something. In the last year he has become more and more enchanted by antiestablishment ways of thinking and has even said that there is an inherent risk that every government is corrupt."

protomyth 6 hours ago 0 replies      
Two things came to mind when I read this:

1) It doesn't often happen, but having the establishment individual confirm the blog's POV through word and deed is refreshing.

2) If you are from the University and read what this fool said to the newspapers / police, then you should be suspect of any individual whom he gave a recommendation.

motters 6 hours ago 1 reply      
You can't just have individualists roaming freely around doing whatever the heck they like. Where would it end?
zimbatm 3 hours ago 0 replies      
Yet another attack on an anti-authoritarian person.

The most compelling example that our society doesn't accept people with this personality treat is the psychiatrists who treat them as if they had a mental disorder.


kyllo 2 hours ago 0 replies      
This reads like a parody.

"has even said that there is an inherent risk that every government is corrupt"

Corruption in the government? Gasp! How dare you?!

Sagat 5 hours ago 4 replies      
I'm disgusted by the head teacher's nosy behavior. I also think the student is an insufferable person according to his blog posts [1]. He's one of those people who try to use loaded words like "anarchism" and "individualism" to justify annoying or selfish behavior. Kind of like Galt-wannabe libertarians who hide being the word "liberty" to give credence to social darwinism.

[1] http://hampsteadtrash.blogspot.co.uk/2013/07/sludge-obituary...

scotty79 2 hours ago 0 replies      
> In the last year he has become more and more enchanted by antiestablishment ways of thinking and has even said that there is an inherent risk that every government is corrupt.

If not for that line I'd say that techer just wanted to say that the student is vocal, selfish jackass and failed to invoke proper euphemisms. But this line shows teachers ignorance. I thought that risk of governemnt being corrupt is something so obvious that it's taught on history lessons in primaryschool. Or maybe I am wrong and it's not established that all government can become corrupt? And if there are some uncorruptible goverment forms, then why we don't use them? Or there is some non-constructive proof known that shows that some goverments are not at all prone to corruption but we have no idea how they look like?

Goverment by definition decides about the stuff it does not own. And if you decide about stuff you don't own you can trade doing some harm to that stuff for improving your own status. And that's coruption.

unimpressive 5 hours ago 1 reply      
Here is the post that seems to have triggered the response:


omarrr 6 hours ago 3 replies      
Doesn't sound like the kind of teacher I'd like in my university

Asked what had first inclined him to contact the police, Mr. Szemalikowski said the fact that Kinnan has mentioned the ideologies of anarchism and individualism on this blog. Digging himself even deeper, the headteacher added, I must do something. In the last year he has become more and more enchanted by antiestablishment ways of thinking and has even said that there is an inherent risk that every government is corrupt.

omarrr 6 hours ago 0 replies      
This is the kind of behavior current political systems are encouraging to the members of our society. Instead of teachers reaching out to students to create bonds and personal connections, we have a system that promotes unjustified surveillance, profiling and reporting.
zokier 3 hours ago 0 replies      
I think the story has completely wrong focus. The problem is not the teachers actions (no matter how despicable), but the effects of those actions. I mean if a teacher is able to "ruin" someones life by making couple of phonecalls, then therein lies the problem. In a ideal society the teacher would be free to voice his concerns, and if those concerns were baseless (as seems to be the case here) then the voicing should have no effect on the pupils life.

Of course there wasn't really any concrete effects mentioned in the story that had already happened, so hopefully this was just a sensationalist story and the uni and police will ignore the teacher. In fact the story heavily smells like an attempt to crucify the teacher while no damage/harm was actually done to the pupil.

DickingAround 6 hours ago 2 replies      
What did the police say? Did the teacher believe that the UK has thought-crime laws about uncommon political beliefs? Do they?
teawithcarl 5 hours ago 0 replies      
Kurtz79 5 hours ago 1 reply      
Check the comments on the article as well, for a few insane ramblings by the templeos maker...
rickjames28 5 hours ago 2 replies      
This "headteacher" should be arrested and prosecuted.
alextingle 6 hours ago 1 reply      
Prime Minister by 30?
muyuu 4 hours ago 1 reply      
Will he be accepted in Glasgow U?
bolder88 5 hours ago 1 reply      
pretty douchey to list the schools phone number at the bottom, just so idiot internet hate mobs can phone and abuse the school secretary.
New connection between stacked solar cells can handle energy of 70,000 suns phys.org
21 points by pyre  5 hours ago   4 comments top
LAMike 2 hours ago 2 replies      
How far does battery tech have to go until it's feasible for lower-middle income families have a solar panel on their roof in LA/San Fransisco?

10%? 50%?

Stealing Traction: How Youtube, Paypal, AirBnB grew through piggybacking medium.com
102 points by khadim  12 hours ago   26 comments top 9
birken 7 hours ago 5 replies      
The classic startup article fallacy. Let's look at these group of winning startups (from the somewhat distant past) and then find some commonalities and then make them a general guide for startups today. Without looking at the losers, you have no idea what characteristics of the "winning" startup was actually the most important. I have no doubt that for every one company that succeeded at one of these bullet points, ten failed doing something similar. That isn't to say the ideas are bad, but the fact that one startup succeeded doing them doesn't mean it is good.

Also why is everybody so afraid to mention luck in posts like these? I think if you build a product for a new web browser, and that browser becomes the #1 browser on the internet, that is pretty lucky. Yes, there is a ton of skill there too, but also a ton of luck.

I'm not saying the lessons in this post are necessarily bad, but statements like "This is how networked products achieve viral growth" and "So heres the secret" are just hyperbole, nothing more.

michaelbuckbee 7 hours ago 0 replies      
A new one that I don't see mentioned much is Imgur + Reddit. Imgur started as means to share images on Reddit, but has since developed their own community, commenting system, etc that directly competes with them.
victoriap 9 hours ago 0 replies      
So there are 2 cases. First one is when a startup offers a brilliant product with the 'wow' and 'aha' moments. It spreads like crazy. Second one is when a startup with less striking product comes, executes well, pivots a lot and steals networked users from established ones.

In all cases once a startup becomes dominant, it starts limiting and throttling their APIs fearing others obsoleting themselves. So the lesson, is to find a new grownup startup, which is not yet defensively throttling its platform or not yet pursuing ultimate monetization of its network.

arbuge 11 hours ago 2 replies      
The title is a bit off in my opinion. AirBnB could be said to have stolen Craigslist's traction, but that really doesn't apply to examples like Youtube making sharing videos possible on MySpace. Youtube added value to MySpace and made it a better platform; AirBnB on the other hand added value to landlords and tenants - at the expense of Craigslist.
tarr11 7 hours ago 0 replies      
Imgur is also a good example of this (piggybacking on reddit)
denzil_correa 12 hours ago 1 reply      
There was a similar discussion on a similar story 14 days back.


belowlightsblue 10 hours ago 1 reply      
Youtube to Myspace does not seem like the same as the other comparisons. Myspace is/was a social network and better in-page videos -- no matter where they are served from - would only make Myspace more appealing because of how they catered to music bands. to say that Youtube stole Myspace's traction is like saying imgur stole Reddit's traction when instead, it's more likely that imgur's great service accelerated Reddit's popularity (at least with memes...I'm talking quantity, not quality :)) -- and vice versa. There was no reason that couldn't have happened with myspace/youtube
jnotarstefano 9 hours ago 3 replies      
This is tangentially related, but here is less OT than in most discussions :)

I'm currently building http://www.bandol.it, a Humble Bundle clone targeted at Italian Independent Music (and, maybe, books).

I'm experiencing the dreaded chicken and egg problem: bands won't give me their music if I don't have a big following, while people won't follow me if I don't offer them good bands.

How did Humble Bundle solve this?

Michael_Murray 7 hours ago 1 reply      
I'm always amused by the way that what's old is always treated as new when it comes to online/digital marketing. While the methods may be different, brand positioning has always involved using the attributes, features and (especially) short-comings and weaknesses of the market players.

And the idea of "piggybacking" on other services that you know that users want isn't really new either... It's why Coke is the only cola you can get at certain baseball stadiums - Coke knows that people will come to the stadium and buy drinks, and they're "piggybacking" on that to drive demand in general.

Speculation on "BULLRUN" mail-archive.com
14 points by danieldk  4 hours ago   2 comments top 2
ChuckMcM 3 minutes ago 0 replies      
The author, John Gilmore, shared these sorts of stories with me when I was complaining about the NSA intervention on the crypto work I was doing on Java. Sun said I had to have them sign off that we were 'compliant' (which means they would tell the State Department to sign off on our export license) and that was a total PITA. At the time I was working on an end to end loadable strong encryption package [1].

[1] http://patents.justia.com/patent/6546487 - if that looks complex and twisted, it is. The original version wasn't "compliant."

Show HN: Bootstrap In Practice, my ebook for starters williamghelfi.com
24 points by trumbitta2  5 hours ago   36 comments top 11
steveklabnik 2 hours ago 1 reply      
You know how when discussing SaaS pricing, people always say "raise your prices, the cheapo customers aren't the ones you want?"

Well done actually releasing something. Your price is fine. Don't let people get to you.

edbloom 3 hours ago 1 reply      
I can't understand some of the comments here saying this is too expensive. Seriously folks, William has put together a great into to Bootstrap for a less than the price of a billable hour and it's too expensive? Sure all the information is out there - if you want to spend a few more billable hours finding it - plus a someone who is just now getting up to speed on Bootstrap - most of the tuts out there are for Bootstrap 2. I think the timing is right. The sample chapter is great. Williams product will hopefully save me many multiples of the purchase price by not wasting time seeking the right information and that is a point lots of people seem to be missing.
yurylifshits 37 minutes ago 1 reply      
A little amount of SEO can help.

E.g. a typical search query can be "bootstrap ebook". Currently, you use "ebook" word only once in the smallest font. Your title has neither of this words.

At the very least, change your title to something like "Bootstrap in Practice ebook and step-by-step examples"

Demiurge 2 hours ago 0 replies      
I spent this Thursday and Friday migrating a pretty complicated site from 2 to 3, and boy it is a pain. My word of advice to anyone reading, do not use v3 for a desktop oriented website unless you specifically desire new hybrid grid system. It doesn't have fixed width elements anymore. It doesn't have truly flexible elements either. Form inputs are now screwed up (flexible) by default, lots of things are screwed up, some examples on the official website are still screwed up. It wasn't worth it, it looks and functions worse than it did, even with a bunch of new custom CSS.
solomatov 4 hours ago 2 replies      
The price is inadequate. I would pay $10, maximum $20 for it, especially taking into account that the subject is well documented in blogs and official documentation.
victorhooi 1 hour ago 0 replies      
I'm on the cusp of buying it - the $59 for the package is probably a bit much, the $29 is alright, but definitely not an impulse buy.

I guess you've done your pricing research - but the consensus, at least on HN, seems to be that $20 is a price most people would just go for, but as you get higher, people really want to know what justifies the higher price. It is a free-market economy, I know, but if you can somehow justify the higher price, then you'll have a lot more sales, and a lot more happy people willing to spread the word.

The fact that most O'Reilly/Pragmatic Programmer/Manning books - which are generally very good quality, well-proofed and technical - are priced around the $20-$30 mark doesn't help things.

trumbitta2 5 hours ago 0 replies      
Here you can also find the table of contents: http://www.williamghelfi.com/blog/2013/09/06/bootstrap-in-pr...
marveller 4 hours ago 0 replies      
Maybe $10 for the book (kindle books about bootstraps are around $5-$10 at Amazon) and $30 for the whole kit? There are so many free templates out there and also 5-10 commercial bootstrap bundled templates for only $10. Although they are not the best designs, but are good enough to learn how it's used and coded with live samples.

I agree with so well documented official documentation, it's going to be hard to sell.

Edit: BTW, there is even Bootstrap 3 video course at lynda.com.

michalu 3 hours ago 0 replies      
I agree it's expensive, there is no way I would pay that price and I would like to read it. I read a lot and it just feels inadequate to me, I never actually paid that much for a single book. The themes on the pic don't look any great either.
andmarios 3 hours ago 1 reply      
Show HN? More like spam.
arityfn 4 hours ago 1 reply      
Oh, its not free.
How I Travelled Across The World For Free Using Nothing But Google+ plus.google.com
51 points by mljlive  7 hours ago   26 comments top 15
gesman 0 minutes ago 0 replies      
Nobody uses Google Plus anymore. It's too crowded :)
petercooper 5 hours ago 0 replies      
I know a guy called Ramon Stoppelenburg who did this back in 2001 using the then similarly new medium of blogging without spending a penny: http://letmestayforaday.com/ .. he lasted about two years on the road just "staying for a day" at people's homes. He now runs a movie theater in Phnom Penh of all things :-)
vertis 3 hours ago 2 replies      
After reading for a bit, it became apparent that the title is misleading. This guy from England has indeed made it half way across Europe, but he has hardly traveled the world.
minimaxir 6 hours ago 1 reply      
Is it possible to travel across the world for FREE using nothing but +Google+ and a whole lot of hugs?

There's a significant opportunity cost associated with hugs.

thinkpad20 2 hours ago 1 reply      
"London, Paris, Amsterdam, Harderwijk, Emsdetten, Munster, Hamburg, Berlin, Munich, Zurich, Milan, Austria, Hungary, Serbia, Bulgaria and Athens, courtesy of Google+ users from one side of the world to the other."

So one side of the world is England, and the other is Bulgaria?

jangozo 5 hours ago 0 replies      
I used to follow this guy before he started begging.

The title should be renamed as: Michael Lee Johnson - The Social Beggar

ChuckMcM 2 hours ago 0 replies      
Generally these things feel awkward to me. I wouldn't be surprised if this guy is getting a stipend/support from Google since it is great PR for them (although I think the blogging rules would require he disclose it). I enjoyed the youtube videos of the guy dancing all over the world, that was just fun.
sliverstorm 6 hours ago 0 replies      
He hasn't done it yet.
OvidNaso 5 hours ago 0 replies      
>Why? Because I wanted to show the world that #GooglePlusIsNotAGhostTown

I'm more likely to be skeptical seeing as how there is a "Join Google+" banner following me across the entire page.

ninjazee124 3 hours ago 0 replies      
Sounds like a PR stunt, why else would he care so much to prove that G+ is not a ghost town? What next, Myspace?
tinbad 6 hours ago 3 replies      
In general a very interesting experiment. Assuming this is not a Google PR thing, why limit yourself to only the G+ community though? There's lots of other communities to connect with interesting people (HN could be one of them).
ivanbrussik 5 hours ago 0 replies      
So this guy is free loading across the world (not even for charity)...that's the deal?

Havn't we already proved Google was fairly large?

Sagat 5 hours ago 0 replies      
Nice ad.
pearjuice 5 hours ago 0 replies      
If Google desperately needs a G+ user base, why don't they run a few text ads on all their home pages? Like a line or three right under the search bar with the localized trending posts on Google+.
graeme 5 hours ago 0 replies      
Anyone know how influential Google+ author ranking is in the SERP results for Google? This guy now has a PR 4 on his Google+ page
Ask HN: How to best acquire theoretical computer science knowledge?
131 points by jophde  9 hours ago   92 comments top 39
jandrewrogers 3 hours ago 1 reply      
There is an alternative approach that inadvertently worked for me that may work well for you, particularly if your goal is to learn things beyond a conventional computer science curriculum. I have been working in high-end theoretical computer science for many years, with significant advances to my credit, but I went to school for chemical engineering. People are often curious as to how I acquired so much esoteric domain expertise in theoretical computer science without spending any time in a computer science class.

Pick an interesting "hard" problem in computer science and attempt to solve it. This works best if either there are no published solutions (e.g. massively parallelizing ad hoc graph search) or the solution space varies widely under the possible parameters (e.g. the design of a unique high-performance database kernel). Iterate, be creative, search the literature for interesting ideas that you can borrow from, and evaluate new designs you come up with. If something does not work, understand how and why and try to fix it. Wash, rinse, repeat.

This sounds like a lot of work, and it is, but there are three unique upsides. First, the challenge of it can be quite a bit of fun in its own right and there is a clear goal of what you are trying to achieve which helps keep you motivated and measures progress. Second, you will cover more of the phase space and explore some tangential theoretical areas while hunting for solutions to narrow sub-problems that you would never be exposed to in a more structured setting. Third, you will invariably explore some unusual or unorthodox ideas that you simply would not be exposed to in a directed, formal program. From the standpoint of being an effective theoretical computer scientist, it will help you develop a unique perspective of the problem space that is different than the perspective that arises from more structured programs.

Also, you might actually solve one of the unsolved theoretical computer science problems you have as your challenge in addition to developing a deep understanding of the surrounding problem space. That happened to me (and then replicated later once I realized it was possible) and it would never happen if I was simply taking courses on the subject matter.

This was an effective way for me to gain in-depth understanding of a diverse range of theoretical computer science areas on an informal basis. One of the downsides is that your rote knowledge will not perfectly overlap what is taught in CS curricula even though what you do know will likely be more valuable (e.g. in spatial indexing some CS courses teach priority trees even though they have no memorable theoretical value).

danieldk 8 hours ago 4 replies      
So, what is the best way for a proven and largely self taught developer to take their knowledge to the next level?

It depends on how you learn. Some people will recommend Coursera et al., which are great. I tried some Coursera courses, but found that I found the pace too slow and became bored quickly.

For me, reading always works the best, since I can adjust it to my pace. You could look up a curriculum (as someone else suggests) and compose a reading list from that. Also, there are some works where you really can't go wrong. Some examples:

- Structure and Interpretation of Computer Programs, Abelson and Sussman

- Algorithms, Sedgewick, Wayne

- Introduction to Automata Theory, Languages, and Computation, Hopcroft, Motwani, Ullman

Lesser known, but incredibly fun books:

- Purely Functional Data Structures, Chris Okasaki

- The Reasoned Schemer, Friedman, Byrd, Kiselyov (or a good Prolog book).

After learning the foundations, you could branch out to a subfield that interests you.

(Or as Frank Zappa has bluntly put it: If you want to get laid, go to college. If you want an education, go to the library.)

mahyarm 7 hours ago 5 replies      
This is the core of a CS degree, each one is class, sometimes multiple classes that go into more detail. All interview questions will basically only cover these topics.

1. Algorithms & Data Structures <- The biggest one

2. Baremetal Hardware. ASM, goes into the design of a physical cpu with ALUs, etc. Sometimes you make your own basic CPU. I suggest using a course with ARM ASM, simpler than x86 ASM.

3. Operating Systems & Multithreading Theory. You usually do a bunch of C language work here. Maybe combine it with a project on an ardunio or similar.

4. Discrete Mathematics

5. Databases

6. (Optional) Compilers. Write your own compiler, do this after the ASM course.

7. (Optional) Artificial Intelligence. Learn cool things such as machine learning. AI can be very statistical at times, so I suggest adding a Statistics & Probability course to supplement. Statistics is used a lot in business, so it's useful to know for life in general.

8. (Optional) Computer Graphics, using OpenGL!

On top of that I suggest you learn a functional language like Clojure or Haskell. Or both of them. Also learn a language where you have to do memory management and deal with pointers (like C, C++, Objective-C) if you don't include it in your Operating Systems course. After that you can basically do anything in software. Any new language and platform will be just covering concepts you already understand at that point, so you'll be able to learn them extremely quickly.

stiff 5 hours ago 4 replies      
Doing a BS in CS would be the best, otherwise you will need a ton of self-discipline to learn even a half of what you would learn in a degree program. If you decide to self study, and have enough "mathematical maturity", you will find everything you need on MIT OpenCourseWare, they have all the core courses available online with video lectures, solved homeworks etc. I would start with going through those two first:

Structure And Interpretation Of Computer Programs:


Mathematics For Computer Science:


The first one is pretty much a master class in software engineering, the other prepares you for studying algorithms, I would consider those the two main more theoretical facets of programming at a professional level. With that background you can try to work on their algorithms course:


It would also be very valuable to eventually take all the core mathematics subjects from OCW: Single+multivariable calculus, linear algebra and probability theory - the profit is less immediate but those things do come very useful. All those six courses on the MIT OCW are top notch.

petercooper 8 hours ago 1 reply      
I'm going to keep this reply shallow but my advice is dig up a curriculum and course guide for a CS degree (there are many publicly discoverable with Google), establish what all of the main topics and threads are, grab the best/most recommended textbooks for a couple of topics at a time, work through the books a few pages at a time and for anything you don't understand, Google and learn about it. Take copious notes as you go to refer back to. Read papers that pop up from time to time, get a feel for what you know you don't understand and quickly get up to speed with them (even if it's just reading Wikipedia for 20 minutes).

The above is deliberate practice and learning but also keep an eye out for CS-level posts linked on HN and http://www.reddit.com/r/compsci and relate them to what you're learning. Read a post about AI data structures in Prolog? Don't understand Prolog that sounds interesting? Get a feel for what Prolog is. Write a simple program. Get a feel for implementing the data structure in a language you do understand. Then try and bring both Prolog and the structure together. Rinse and repeat with anything that interests you. Again, be sure to TAKE NOTES or you'll forget things using this scattershot approach.

It'll take a TON of time but if you keep your sessions relatively short, you'll get a shallow knowledge of all of the major CS areas quickly, and then you can use your job or natural interest to drive you into going deep on areas that affect or motivate you.

I'm starting an MSc in software engineering later this year but my own CS knowledge has mostly been learned in the above ways (that is, I don't have a bachelors in CS).

Clarification: As cliveowen got me to realize (below), the above approach might not be for you if you have a very specific target in your career development. My experiences and recommendations are specifically around getting a broad level of experience rather than aiming at a specific role (which, perhaps, you should be doing).

nohuck13 8 hours ago 3 replies      
The other responses are great. But one meta point I think is worth making. Don't overestimate how much competency you gain from just getting a CS degree. Lots of people coasted their way through undergrad without internalizing a heck of a lot. The fact that you are motivated to go out and get knowledge puts you, IMO, at a great advantage.

My background: I did a BS in CS/Economics but spent most of my time playing online poker and skipping class. I managed to get a job I love on mostly potential, and I've had a great time re-learning all the stuff I was superficially exposed to but didn't work that hard at.

The most important thing is caring about what you do and taking ownership over your own development.

tel 8 hours ago 3 replies      
Read papers.

Read lots of papers. Start with easy ones to learn how to best digest highly academic technical writing then keep pushing.

CS is remarkable in how much of its academic knowledge is online, available, for free. Taking advantage of that resource is beyond key.

If you know roughly what you want to learn, search out a seminal paper in that area. If it's deep CS, you'll probably find a good one from the 80s. Seek out every citation that's proximal to a sentence in that paper that confuses or excites you. Search on Google Scholar for all the recent papers that cite the one you found and begin eating up the chain that direction. When you find a deep topic you want to learn more ofset theory, logic, formal languages, discrete math, matrix analysis, automata theory, geometry, topology, &c.don't be afraid to look for a good book on the topic. There are resources around the internet answering "What's a good introductory book to X" for all kinds of X.

If you don't know the general area you're interested in then I recommend the exact same strategy but with greater emphasis on following citations that make connections to other areas of CS. Additionally, pick a few disjoint topics (Category theory, system architecture, graph theory) and follow them all simultaneously looking for connections.

Formal languages, automata, and process algebras form a really fundamental mathematical course of study that I'd highly recommend to anyone interested in "why" CS works. Optimization, matrix analysis/linear algebra, and diffeq form a great basis for simulation and machine learning.

Generally, for any of these routes, learn to find your boundary of knowledge. Studying source material is very challenging because any given paper will tend to assume many things about your background. Most of those assumptions will be false and lead to density of the paper. You can often power through without them, but you can also take it as an indication of a new place to study.

Finally, see if you can find a study group or journal club. I'm not there, so I don't have firsthand experience, but I'm sure there are many in the bay area.

(Oh, and if you read mathematical papers/books don't skip the proofs and exercises. That'd be like reading the iOS documentation without ever programming anything.)

jzelinskie 1 hour ago 0 replies      
I'm a current senior Design & Development option at Penn State. The degree is basically worthless in terms of teaching you real software development. I did learn a lot about the social aspects of working for clients and working in teams, but I did not learn the proper structure to actually work on software. I literally spend all of my free time studying software development and computer science, because I know going to school will only yield me a piece of paper that will get me taken more seriously.

Here's a list of what I've done:

- Learn more languages. Penn State only teaches Java. I've worked professionally with Python, have open source projects in Go, and have read books on Erlang, Haskell, Scala, Clojure. The more languages you know the more abstract concepts you'll know that you can apply in any language.

- Watch online lectures in your free time. MIT Open Courseware, UC Berekely, Coursera, YouTube, InfoQ are all really good resources.

- Start a reading collection. I have tons of books and white papers downloaded that I read.

- Get an interest. I like distributed systems. I honestly don't know much about them, but I think the problems are interesting and I've read some of the important white papers that establish the field. Establishing an interest will help guide you down the rabbit hole.

- Get out there and do stuff. Find a project on GitHub or make one with a circle of friends. Pick something outside your comfort zone. Even if the project never sees the light of production use, you'll learn from the experience. Having your name in open source projects AUTHORS/CONTRIBUTORS files is also very nice.

I'm getting closer to graduating, so I've been reading up on algorithms and data structures again because I know I need brushing up on it. I'm close to getting a compsci minor and was recently debating just getting a masters in it instead. If you want someone to vent your experiences at PSU, feel free to drop me an email.

jkbyc 8 hours ago 2 replies      
Theoretical computer science is probably not what you mean. Theoretical computer science are things like complexity theory (up to arithmetical hierarchy and randomized and approximation algorithms), theory of recursion (up to e.g. Gdel's theorems), (various kinds of) logic, algorithms and datastructures (full of hardcore probability and statistics), etc.

Subjects like that give you a firm grounding in the area of computer science but you could study them for ages especially on your own. These subjects are also not very practical in terms of everyday engineering and on top of that before you even get to that level, a top school would require you to study a bunch of mathematics to gain a certain level of rigor of your thinking. My guess is that this is hard to do on your own.

On the other hand, since you have a related degree already and since you know programming, I would heartily recommend you to study on your own combining two approaches: bottom-up to learn the basics and top-down to immediately start increasing your market value and to start opening doors and to keep yourself motivated to go forward with the more tedious study of the basics.

E.g. say you are interested in distributed systems - you can start reading up on them (top-down) while digressing here and there to learn some of the basics.

Make use of online resources like Coursera for the necessary basics (bottom-up): at least some maths heavy on proofs [1], at least some complexity theory, at least some graph theory, ....

I think a purely bottom-up approach (going to a university) could be a waste of time and money in your case. But you need to emulate it a bit because a purely top-down approach could be too superficial and wouldn't teach you some of the more rigorous thinking you might need.

Whatever you do and learn try to do it in-depth. Superficial knowledge of many things will not benefit you much in the long term while in-depth study of many computer science fields will likely lead you through a series of small enlightenments.

[1] My professor of linear algebra used to insist that we as computer scientists have to know all the proofs of the theorems we were learning - in contrast to mathematicians learning the same subject - simply because we have to know how things are done to the last detail and we have to develop that kind of thinking.

samatman 8 hours ago 0 replies      
Read. Focus on foundational texts. I'm talking about texts like K&R, SICP, Lisp In Small Pieces, RFC 791. I'll add Gdel, Escher, Bach, because I genuinely believe it will make anyone a better computer programmer. There are far more than I could mention in a paragraph; L.I.S.P is not as well known as the others I mention, and got added mostly because I'm reading it at present. It's really good.

Also, read actual code. Want to know how diff works? Read diff. Getting better at code forensics is the second-best way for a self-taught programmer to learn real CS.

EDIT: I am a largely self-taught programmer.

msg 6 hours ago 1 reply      
My story is somewhat similar.

I took a BA in Linguistics, worked for a while, then discovered computers. I spent a year on prerequisites and then did an MS in CS. I got good grades and did a thesis and it opened a lot of doors for me.

Some things that an MS CS degree will teach you that you may not have learned as a seasoned developer are: How to invent solutions to cutting edge problems. How to operate at scale using efficient algorithms and appropriate data structures. How to think about problem spaces. How to research. How to operate at the correct level of abstraction and how to get a level deeper when the abstraction leaks. The intersection between math, stats, and software. How to think like a computer.

To me it sounds like that's exactly what you want to do. One way or another you want these skills.

You may want to separate your desire for these skills from your desire to be credentialed for these skills. It is going to take a while to see how employers react to the Georgia Tech online MS. I believe the vast majority will treat it as second-class for a while. The judgment of HR departments is a lagging indicator. But the top tier employers may not care and just test you to see if you walk the walk.

You don't need a top tier school to get a good job. My MS is from a state university, and I work for Amazon.

shawndrost 5 hours ago 0 replies      
You might be interested in my school, http://hackreactor.com. Our course is 50% CS (data structures, algorithm design and analysis) and software engineering (modularity, refactoring) and 50% web fundamentals and writing a lot of app code, and students are constantly working together on extracurricular study. This weekend, they're throwing a machine learning workshop (developed by students; alums invited), and in two weeks we're playing host to a PL design/implementation class (http://proglangmasterclass.com/). You can reach out to me at shawn@hackreactor.com.
jclos 8 hours ago 0 replies      
Is it theoretical CS as in "CS topics that are more theoretical" (NLP? AI? Search engines? Software engineering?), or as in "Theoretical CS" (the mathematical subdisciplines: combinatorics, type theory, lambda calculus, etc.)?

In any case you first need to investigate what is interesting to you, free resources are far from rare and you can probably build yourself a decent curriculum from MIT OCW, Coursera, Udacity and similar websites which you can then study at your own pace with videos and books. If finding a job is not your concern I wouldn't advise putting yourself into debt. See http://www.saylor.org/majors/computer-science/ for an example of curriculum.

kenjackson 8 hours ago 0 replies      
At the end of the day I think its a question of what you value more "money" or "time". If money is your main concern, use books and online courses. If time is your main concern, get an MS at a good CS program.

My problem with teaching myself is that it's hard for me to stay motivated after the first couple of weeks. Now this just me -- it's not you. So maybe you don't have this problem at all, but I've found school to be a good motivator.

Plus having a good professor can help get through the tough spots. I studied complexity under Papadimitriou and he was great at explaining things I struggled with.

One problem with school though is you'll have less flexibility to skip things you don't care about, and investigate those things you do. That can be a blessing or a curse.

justinhj 1 hour ago 0 replies      
I'm doing the Algorithms course on Coursera. It's fantastic. Interesting and practical, and taught by Princeton's Sedgewick. I have a BSc in AI and 20 years professional experience yet I'm still learning a lot from this course each week.
TimPC 8 hours ago 0 replies      
I think it's far and away self-study or if you can find a good online course among the free solutions you can start there. The Art of Computer Programming by Knuth has a lot of the theory included and doesn't hold back on the Math. Similarly, Introduction to Algorithms by Cormen, Leiserson, Rivest and Stein is quite good for the basis of Algorithm theory.

That being said, theory plays a small role in everyday development. If your primary goal is to increase your knowledge as it relates to development you don't want to focus on theory until it becomes a pain point. Algorithm theory helps with scalability, but practice is far more useful to programming. Conferences in your field that can expose you to new things to learn and different tool chains in your language are valuable. Learning a new related language can also be valuable you might consider learning iOS and then JavaScript which would let you work on Android, iOS and Cordova (formerly PhoneGap) applications at a level where you'd be comfortable going from JavaScript to native to write unavailable features.

If you're happy and have good opportunities on Android, focus on getting a deeper understanding: what are good open source repos, what coding conventions do they use, what frameworks and approaches could you know better. Are there parts of the OS you haven't worked with and wanted to? For instance, I built a demo app for LG designed for in-store promo devices where we hacked around in the OS to intercept the display of screens that would let the user delete apps from the phone and throw up a password lock that would kick them out to the main screen. Try and get a sense of where your best (however you measure it) opportunities are and focus your learning in that direction.

rorrr2 3 hours ago 0 replies      
Solve any 300 problems of the ACM problemset.


etler 5 hours ago 0 replies      
One of the biggest factors I think you should consider if you want to go the self learning route is if you'll have the time to while juggling a full time job as well. You might be able to take a few courses, but will you be able to dedicate your full attention to it, and really dig into the subjects?

If I were you I wouldn't add on any more debt until I've settled my current one. With a good CS job, that shouldn't take more than 2-3 years, considering you have no dependants and presumably relatively low living costs. In the meantime, maybe take part time courses where you can get class credit, and if you plan it right you might be able to complete your degree in a year or so, considering you already have your basic requirements done. Just do some research into making sure your class credits will be able to transfer. Good luck.

jlees 7 hours ago 0 replies      
In answer to the first part of the question (how to get more theoretical CS knowledge), I studied an extremely theoretical degree and the materials are online to dig through - if I were to self-teach now, I'd start at the final year's course list (http://www.cl.cam.ac.uk/teaching/1314/part3.html) and work backwards to chart a path to the modules that sounded most interesting.

In terms of "taking knowledge to the next level", though, it could mean anything from you wish you knew what red-black trees and big-O notation were, to you'd love to be able to design your own programming language and write a compiler, to you wish you could administer a Linux box. I would actually suggest the best approach here is to find someone with the job you want and talk with them 1:1 to figure out where your knowledge could be most improved.

Also, for Coursera, etc, there are local study groups at places like Hacker Dojo you could join to get some of the benefits of college without the expense.

porter 8 hours ago 0 replies      
I studied finance in college. A few years later I asked a similar question, ended up enrolling as a post-bac student, and taught myself web development.

First, you need to figure out exactly what you want to learn. By theoretical, what do you mean? If your goal is to be on the same level as other programmers who are CS grads, then you might consider digging into algorithms and data structures and discrete math. This is pretty much the base of anything theoretical you'll do in computer science.

If you're in it to learn, go the udacity route. If, after completing all of their courses, you still feel you have some gaps, then you can go back to school if need be. If, on the other hand, your goal is to go into research, then you'll just have to bone up and go back to grad school to be taken seriously. In research, credentials matter.

lucasrp 6 hours ago 0 replies      
I am a law major, who did 1 year of engineering a long time ago. I always been a math geek, but 0 in CS. In my last year of college, i created a startup with some friends. It was a ERP for small lawyers firms. That didnt work out, but turned me on into CS.

Now i work as a product manager in a bigger firm (also law related), and i'm learning how to code through Coursera and Edx. I HIGHLY recommend them.

They are the future. The classes are very good. Way better than a regular class over here (Brazil).

If you are intereste in theoretical CS, here are 2 classes that you may be interested:

Programming Languages (https://www.coursera.org/course/proglang): It focuses on functional programming. The first edition was VERY high recommended. Here you will learn about functional paradigm, and the differences in using it in several languages (some purely functional, like SML, some hybrid, like Ruby)

Automata (https://www.coursera.org/course/automata): It cant get more theoretical than this. The professor is Jeff Ullman. A legend. For free.

Machine Learning: A second version of Andrew Ng just ended. The third edition will be offered soon.

see.stanford.edu is also a very nice place to learn. They are actual stanford classes taped, and offered for free, online. I`m taking the three introdutory classes, and the machine learning classes.

Also, there are several architecture, compilers and algorithms classes too. After my first course (cs50.net), i realized that colleges (at least for CS) are redundant right now. They can be awsome. But, if you are short of money, or are already working, these online classes can fill the gap, easily.

add me on skype if you want to talk about more classes: lucasribeiropereira

See you!

PS. They can be VERY challenge. Take one, at most two at a time. 10-20 hours per week per course is a good rule of thumb

karanbhangui 7 hours ago 0 replies      
In addition to all the great advice here, if you want a bit of a more structured approach, check out Scott Young's MIT challenge: http://www.scotthyoung.com/blog/mit-challenge/
poppingtonic 2 hours ago 0 replies      
There's a guy called Scott H. Young who, supposedly, did the entire (4 year) MIT EECS curriculum in a year. So, if you'd like to do it the REALLY hard way, try something like this: http://www.scotthyoung.com/blog/mit-challenge/
evanb 8 hours ago 1 reply      
If you're OK learning on your own, you might try buying a book before committing to the cost of tuition, also. If you really mean "theoretical CS" I don't think you can go wrong with Sipser. The latest edition[1] is expensive, but a used copy of the second edition [2] isn't TOO bad, considering the cost of another few years of education.

[1] http://www.amazon.com/Introduction-Theory-Computation-Michae...

[2] http://www.amazon.com/Introduction-Theory-Computation-Michae...

jiggy2011 8 hours ago 1 reply      
It sounds like you're not quite sure what specifically you are interested in. CS is a very broad field and you could probably study it for a lifetime without scratching the surface.

Maybe better to choose a particular hard problem that is interesting and focus on that. Something that would be neat to do but isn't as simple as just calling a few library functions.

nhamann 8 hours ago 0 replies      
Sorry if this is obvious, but: read books. A good place to start is here: http://cstheory.stackexchange.com/questions/3253/what-books-...

There was another reading list that I remember seeing, I think it was from Stanford's TCS website, but I no longer can find it.

Self-teaching is fun because you get to choose your own curriculum, but it's often frustrating too because if you get stuck, there is no professor or TA to unstick you. This issue can somewhat mitigated via the internet.

adestefan 7 hours ago 0 replies      
Don't forget about the math side, too. Discretet math and linear algebra should be the minimum. Probability and statistics is also useful. Abstract algebra has interesting applications in CS, too.
jypepin 7 hours ago 0 replies      
I'm a Devbootcamp alumni, now working in a full time position. Just like you, I wanted to continue my learning and get more knowledge on algorithms, data-structures, and other things DevBootcamp doesn't teach you.

I strongly recommend- Algorithms in a nutshell from O'Reilly (http://www.amazon.com/Algorithms-Nutshell-In-OReilly/dp/0596...)

and- Cracking the Coding interview (http://www.amazon.com/Cracking-Coding-Interview-Programming-...)

Those two books are perfectly concise and straight to the point to understand and learn exactly what you feel you are lacking as a self-taught programmer.

The first one will teach you what you have to know, putting everything into work context, making it really easy to understand why and how this or that algorithm is useful.

Cracking the coding interview then offers really good challenges to practice and master those algorithms. And of course, if you are interested in getting a job, will perfectly prepare you for that ;)

asselinpaul 8 hours ago 0 replies      
Coursera, edX and Udacity.

I have myself taken half a course on Udacity(did not finish) and a Startup Engineering Course on Coursera. I've started a new course on Coursera and really enjoy the material on there.

Also, I'd suggest you read a lot, the internet is a treasure trove of information. I've learnt from long blog posts and free online books. Have a go and explore, you'll reach a point where you don't have enough time to study everything you want.


shail 8 hours ago 0 replies      
I am suggesting an approach rather than a source. Sources, as someone already said it, are far from rare.

I would say pick up a single system, say database (relational or document) or routing, OS, DNS, Web server, A compiler, Filesystem, NFS, etc. and study the hell out of it.

Once you know how to understand a particular system in depth, everything else will start falling in place.

soora 8 hours ago 1 reply      
One way of improving your knowledge is something you have already done.

Get another job that will force you to expand your knowledge. I am sure your job experience with your first start up is serving you better than a CS degree.

Similarly, a job which involves doing low level computer programming would force you to learn a lot of very practice CS, and you would be getting paid for it instead of the other way around.

kabouseng 8 hours ago 0 replies      
"I am not really worried about getting a job. This is about gaining knowledge."

Even so you want to be smart about it, and gain the knowledge in such a way such that employers will recognize your expertise. It is for this reason that I would rather recommend the MS. It will at least get you an interview next time you want to change jobs.

apw 7 hours ago 0 replies      
It might be worth your time to look at the course slides for "Gems of Theoretical Computer Science":


ulisesrmzroche 7 hours ago 0 replies      
Same way you get good everything else, really. Train, learn, rest.
MaysonL 8 hours ago 0 replies      
The previous suggestions are all good, but here's another tack, possibly better for self-teaching.

Tackle a big project: write an extensible text editor, design and implement a language and runtime, design and implement a new garbage collection system, or the currently quite popular RSS reader and feed provider.

kotakota 6 hours ago 0 replies      
Personally I would recommend doing a ms if you can afford it but if you can't I would recommend that you study the following areasAlgorithms and data structures (this is a must)Systems organizations and architectureSystems programmingDiscrete mathMath for cs books (generally proof based descrete and calculus based)Statistics and probabilityThen Start diving into areas that interest you likeMetaheuristicsAiMachine learningComputer visionCompilersDevice driversGraph theoryComputer Graphics (if your working in theoretical computer graphics strong maths skills are recommended)And the list goes on. Also read papers were in areas of interest. Papers are a great way to learn high level theoretical concepts.
ExpiredLink 8 hours ago 0 replies      
CS or SE? Not clear from you statement.
Ask HN: Running a hackathon and someone's laptop got stolen, what should we do?
73 points by pulakm  6 hours ago   47 comments top 19
georgemcbay 3 hours ago 0 replies      
Unless I was specifically informed that it would be safe to leave my belongings in any area, I would assume that it is not safe to do so, and if I left my laptop unattended and it were stolen under these circumstances I'd be pissed off, but I wouldn't expect the event organizers to take any responsibility for it at all.

The idea being kicked around to take a collection from attendees is okay in theory but I'm not convinced having to file a police report is a sufficient barrier to future attendees claiming lost laptops in the hopes of getting $1000 from random strangers. Also you'd have to be really careful to make sure it was well understood the collection is totally optional, and not set it up in such a way that people who didn't want to participate for whatever reason weren't made to look like asses in public. Put in that situation I'd have no problem dropping $1 or $20 into a collection hat, but expecting everyone (especially students) to have such disposable income isn't fair.

nkurz 35 minutes ago 1 reply      
I'd suggest a offering a significant reward for information leading to the return of the laptop. This signifies that it's a matter that you take seriously, without claiming responsibility for protecting others' property. Choose an amount that is comparable to the street value of the laptop. Take up a collection to pay it if ends up being paid.

This motivates anyone who has suspicions or inside information to come forward. If it's a theft by a student, it's quite possible that someone besides the thief knows what happened, but doesn't want to appear 'uncool' by expressing their disgust. A monetary reward may overcome this, and potentially makes them into a hero rather than a coward.

I would not offer any sort of amnesty or no-questions-asked policy. If you end up finding the thief, prosecute them. If someone claims to have 'found' the laptop in the the bushes, seems very interested in the reward, and you are suspicious, turn the matter over to the police and let them decide if the story holds up.

Specifically, I don't think you should offer warnings to others to take greater steps to protect their property. This has the appearance of blaming the victim, and potentially helps the thief (and potential friends) justify their actions to themselves as something the victim deserved for their negligence. Making it known the crime occurred is sufficient warning. It's in each individual's interest to protect their personal property, but not in the groups interest to create a 'fend for yourself' attitude.

frostmatthew 1 hour ago 0 replies      
As much as it sucks to have a laptop stolen if you're hosting an event with 1000+ people I think you need to adapt the policy of not being responsible for lost or stolen items.

Many of the comments here mention a certain level of trust in the [hacker] community...sorry but not every single developer is a saint who would never consider stealing someone's laptop. The larger the group the more people you'll have willing to steal if the opportunity arises.

rdl 55 minutes ago 0 replies      
If it were a company sponsored hackathon, I'd probably just pay for the laptop. Probably wouldn't publicize the whole thing, and if it happened a second time, would seriously re-evaluate security.

A school or community hackathon is a much more ambiguous situation. Get a police report, and see if you have event insurance or something to cover it.

I never leave stuff unattended in public, but things like hackerspaces, YC's office, etc. feel different. I do screenlock always, but I can't say I'd never leave a machine unattended in a semi-public environment.

Pro_bity 4 hours ago 4 replies      
Two choices IMO, 1) if you can afford it, replace the laptop. 2) If you can't afford it, then take up a collection from the attendees. As for adverse incentives, you should always presume that people are honest and good. However, to cover yourself (and it is a good idea anyways), make them fill out a police report. Keep a copy on file for yourself. This would give any would be profiteer pause, as there are real consequences to filing a false police report.
mindslight 4 hours ago 0 replies      
Relying on perimeter security is a folly. Believe it or not, there's an intersection of people who are are interested in both the hackathon and opportunistically stealing laptops. As your event scales, the chance of having these people increases while group-wide empathy decreases.
aroman 3 hours ago 0 replies      
As someone currently attending PennApps, I'd be happy to chip in a few bucks to support the person who had their laptop stolen.

Sorry that you have to deal with this Pulak :(

tonywebster 4 hours ago 0 replies      
If I was the participant with the stolen laptop, I'd first of all be really bummed out over not having the opportunity to participate in the hackathon because of stolen gear. I'd try to find them a computer they can use to hack on, and hopefully they didn't lose any work.

I don't know what to say about the stolen gear itself. People should take responsibility for protecting their own stuff, but that's a real challenge over a weekend non-stop sort of event, especially of that size. People need to eat, sleep, etc. I guess it's a lesson learned to have clear disclaimers of responsibility for future ones, and I'm not sure what to say about replacing that participant's computer. Not a fun situation, and it's hard to find fault on anyone (except the thief, of course).

shawnreilly 4 hours ago 1 reply      
I've never been to a PennApps Hackathon, but from what you describe (1000+ people), I'd imagine that it's pretty much impossible for event organizers to prevent this. I think the key here is the 'left unattended' part of the scenario. The solution would be to tell the teams not to leave the equipment unattended. It's unfortunate, but a reality of life (even at a Hackathon with a great community); There are bad people out there. I've been to quite a few Hackathon / Startup Events (granted, much smaller), but I've never left my equipment unattended. I consider it a part of Teamwork, Communication, and Organization. If someone from the Team isn't there to watch the equipment, then it comes with me or gets packed up and put away somewhere safe.
educating 3 hours ago 0 replies      
The appropriate response is to as much as possible help them contact the authorities and/or to keep a lookout for the laptop and the thief. But, you also have a hackathon to run, so you cannot inconvenience others just because someone was thoughless enough not to take their laptop with them when they went to the bathroom without someone they trust watching it for them.
redtexture 4 hours ago 1 reply      
On a community-basis, reporting widely and promptly about unfortunate events via your typical channels is important and a strong community-safety-measure, as well as an opportunity for safety-awareness and for participants and others to make-whole and contribute toward the losses that one or more community- or event-participants have had.

It is not so great that the possibility of the difficulty described by the original poster had not been thought of in advance, and that a clue and a policy is now needed after the fact.

Standard cautions to participants as a matter of policy are appropriate for all public events and occasions.

This is because no project or event can afford to suggest or create a culture that implies that the project is able to assume that participating individuals will be made whole from failing to attend to their valuable assets, whether they be computers, mobile phones, wallets, coats, hats or their bodies; further it is appropriate to warn all participants that civil authorities may be called upon to intervene or participate when inappropriate activity is discovered or reported.

A project or event code-of-conduct is appropriate, and having a policy guiding organizers and empowering all volunteers and participants to act against against miscreants with inappropriate behaviors is also a community-building and safety-building experience, in addition to the event's particular mission.

More generally, as a community-empowering project and event, an important measure, towards community-building, safety, and inclusiveness includes noticing populations that are desired and not always well-recognized, and dedicating your event toward providing a harassment-free conference experience (since property-stealing is a harassment) for all individuals, regardless of gender, sexual orientation, gender identity, disability, physical appearance, body size, race, or religion. This invites all participants to act individually when inappropriate behavior occurs.

This is a typical class of policy and notice that universities resort to, in anticipation of an occasion when a member of its population of students, staff, or professors is discovered to be acting beyond social, legal or ethical norms.

xdocommer 29 minutes ago 0 replies      
Collect $2 each from the 1000 participating students... and buy the guy a new laptop. I am sure they would not mind ... and for those who do there will be others who will put in some cash.
picsoung 2 hours ago 1 reply      
First thing to install on any devise : Prey.http://preyproject.com

It's great to track your hardware, it can event take screenshot of the screen and pictures with the camera.

larrys 3 hours ago 1 reply      
"Someone left a laptop unattended, and it was stolen."

Never been to one of these so could you elaborate as to how a laptop was left (and for how long) so that it was stolen? (I'm curious about the details).

As an example is this like being at an airport terminal with your laptop, turning around for a second, and turning back to see your laptop missing?

Or more like leaving the laptop and going to the bathroom?

Or leaving the laptop for a minute while you go two tables over to chat with someone?

Do you know the exact circumstances?

manarth 2 hours ago 0 replies      
Unfortunately, some of the side-effects of experience are distrust and paranoia. These are very effective experiences in software development.

If this theft happened to an experienced pro, then their data is encrypted and backed up, so all they've lost is hardware, and that's probably covered by insurance.

If the theft happened to a student, then maybe they're not the most experienced engineer. They might not have backups, and their data might not have been encrypted. They might not be ensured. The hardware cost is still - comparatively - cheap. But they might have to rewrite their thesis from scratch. Or risk having their personal data exposed to the public.

But at this point, the only help that financial aid can give, is restoration of the physical loss - i.e. a new laptop. In most cases, that wouldn't compare to the loss. But it might help, a little.

zrgiu_ 4 hours ago 0 replies      
What kind of computer was it ? What OS ?
dylanhassinger 4 hours ago 0 replies      
Tough call.

Definitely add a new section to the promo materials / introduction talk to remind people to watch their stuff, and that you're not responsible.

It's the person's fault for leaving their stuff unattended (everybody should know not to do that in a university building, even during special event). But you might chip in and help/replace it, as long as its just this once.

shire 3 hours ago 1 reply      
Was it a Mac? I'm sure MacBooks have the ability to be tracked if the owner allowed it. I have a MacBook pro and the guest account allows a thief to login and I can track them through the guest account.
ddebernardy 4 hours ago 1 reply      
Know Your HTTP Well github.com
89 points by obilgic  14 hours ago   4 comments top 3
pestaa 8 hours ago 0 replies      
Great work! Are there similar initiatives trying to collect common knowledge in structured data? (I know this is a broad topic, but can't stop thinking about a more semantic web.)
bpedro 14 hours ago 0 replies      
Great stuff! Makes it really easy to offer human readable messages instead of HTTP codes in your app.

If you're just looking for HTTP codes, here's the link to the JSON file: https://github.com/andreineculau/know-your-http-well/blob/ma...

zeckalpha 6 hours ago 1 reply      
When job applications are asking for significant knowledge of HTTP, is this what they mean?
Intel: [We] will not carry XMir patches upstream. freedesktop.org
12 points by mdellabitta  42 minutes ago   3 comments top 2
kevingadd 27 minutes ago 0 replies      
Some possibly related background? Not sure, I have no idea what XMir is


jrockway 27 minutes ago 1 reply      
Where does Intel say this? The patch is from a chris-wilson.co.uk email address, not intel.com.
Make Engaging Presentations dtsironis.net
11 points by tsironakos  4 hours ago   8 comments top 3
michaels0620 1 hour ago 1 reply      
One simple thing to make presentations visually appealing is to ensure a consistent style. If you are using outlined shapes, stick with outlined shapes. If you are using semi-transparent boxes stick with them. So often I see presentations with multiple type faces (where it isn't warranted) and different styles of diagrams. It can be distracting and give the sense that the presentation was just hastily assembled from various other presentations (whether true or not).
tiagobraw 2 hours ago 1 reply      
>For example, if youre presenting about a cutting-edge technology, you dont want to use neither a serif font nor a curly/hipster font.

I really don't understand why a serif font is not for "cutting-edge" projects, can someone explain this to me?

I actually like using serif fonts in my presentations...

ndr 2 hours ago 1 reply      
It's ironic that the typography of the website is totally broken on mobile.
YC Will Now Fund Nonprofits Too ycombinator.com
417 points by pg  1 day ago   106 comments top 31
e1ven 1 day ago 4 replies      
It's interesting to compare the differences between the two applications-

For Profit -https://gist.github.com/e1ven/6467215

Non Profit-https://gist.github.com/e1ven/6467309

Overall, it seems like they've replaced 'company' with 'organization', and dropped a number of questions relating to making money.

Interestingly, many of the questions have been dropped without replacement, even when I would imagine the answer would be very interesting to YC!

For instance, 'Who are your competitors' has been dropped entirely. Nonprofit companies can certainly compete with one another.. But they also often compete with for-profit companies.

Take for example Wikipedia - They're a 501(c)(3) but they've certainly competed with Encyclopedia Britannica, Grolier, Encarta, etc.It might be helpful to keep the questions, but to ask them in a modified way.For instance, "Who is this going to disrupt?"

Similarly they dropped "How do or will you make money?", without replacing it with "How do you plan to you raise money?"

"How will you get users", and "Was any of your code written by someone who is not one of your founders?" were also dropped.

They also haven't (yet) added questions relating to non-profits, such as "Why do you think you will be able to get a 501c(3) classification?"

It's a really interesting idea, and it'll be interesting to see where they grow with it.

It really reminds me of the first few years of YC where they were making it up as they went along, before they started the current cycle of continuous improvements through validated learning.

Watsi was the MVP, now they're ready for Beta ;)

sethbannon 1 day ago 2 replies      
So proud of YC for doing this. There are so many lessons the nonprofit world can learn from the world of startups. If YC can help great causes scale faster, the world will be better for it.
mikegagnon 1 day ago 11 replies      
I am very excited for this initiative. However, I think there is a mismatch between venture-funding models and non-profit funding models.

Venture capital economics is premised on founders accepting low initial salaries based on the hope for long-term big payoffs. Which makes it OK for seed funding to be very small (on the order of tens of thousands).

However, non-profits have no hope for long-term big pay offs and therefore have no financial incentive to seek small amounts of seed funding.

In other words, it is sensible for a for-profit startup founder to accept zero salary (or close to it). However, it is nonsensical for a non-profit startup founder to accept close-to-zero salary.

I believe the YC non-profit initiative could still be beneficial to non-profits for the sake of mentorship, networking, etc. But I don't think many non-profit founders will drop their day-job salaries to launch YC non-profit startups.

Edit: s/sensical/sensible/g

RKoutnik 1 day ago 2 replies      
This is a great move for YC. They've never been about making ludicrous amounts of money which is one reason they've been able to be so successful. I loved that they funded Watsi and agree wholeheartedly that non-profits can benefit from YC/startup advice in general.

As a side note, I think that we've as a culture have been approaching non-profits entirely wrong [0]. Instead of letting them build structure to actually maximise the help they can give, we require them to be stripped-down organizations so their metrics can show they're giving as much money away as possible. This is why we've seen such a surge in for-profit-but-that's-not-the-main-point companies like Tom's Shoes lately. It's simply the best way to do the most good.

[0] http://www.ted.com/talks/dan_pallotta_the_way_we_think_about...

lincolnq 1 day ago 0 replies      
YC is really demonstrating thought leadership here.

It would be super exciting if we started to see overlap between Y Combinator and the effective altruism movement (http://en.wikipedia.org/wiki/Effective_altruism), which is people who are trying to make the world a better place in the most effective way.

(I do for-profit startups but am also involved in the EA movement. Please contact me if this is interesting to you.)

jacquesm 1 day ago 1 reply      
I really love the concept of an early stage investor formalizing their commitment to improving the world by explicitly creating room for non-profits. Now all we need is a later stage fund to structurally commit follow on investment to these non-profit start-ups. YC deserves big props for this and for not just chasing the buck, if not with all their investments at least with these the mission really is to change the world and for the better at that.

Watsi was an experiment waiting to be repeated, looking forward to see which non-profits will make it through here.

hosay123 1 day ago 1 reply      
I'd love to apply to this, but most people around me are off having stable jobs, wives, mortgages, children and other such craziness. Is there much hope for accepting a solo founder with a non-profit idea?
louisdorard 1 hour ago 0 replies      
According to Eric Ries, "a startup is a human institution designed to create a new product or service under conditions of extreme uncertainty". "Institution" is broad enough to include nonprofits, which are explicitly mentioned in the Lean Startup book. After all, they do face similar challenges to those that companies face, as they also try to discover new sources of value and to grow... Looking forward to seeing the future YC nonprofits!
clicks 1 day ago 0 replies      
This is a wonderful initiative.

I'm someone who's generally very skeptical about the VC ways of doing things (difficult to really describe my feelings here, let's just say some just seem a bit too unapologetically mercenary in my eyes), so this move really sets apart YC from all the other startup-incubators/VCs.

Watsi is fantastic in every way I can think of. I hope more people are encouraged to create nonprofit companies to solve some real problems (read: non-first-world-problems) in a true hackerly fashion.

robg 1 day ago 1 reply      
Really awesome to see this.

pg - Can you explain your reasoning on a charitable donation to the "startup"? It seems that if these .orgs are successful one great way to literally pay it forward is into a separate fund that could grow more .org's.

Program-related investments (http://www.irs.gov/Charities-&-Non-Profits/Private-Foundatio...) from a ycombinator.org would seem to fulfill both investments in .orgs and investments in for-profits with a mission.

cenhyperion 1 day ago 0 replies      
As someone working for a nonprofit this makes me very happy. The world of a starting non-profit is surprisingly similar to that of a startup. :)
Caligula 1 day ago 1 reply      
hi pg,Any update on when you will update your 'startup ideas we'd like to fund'?


angersock 1 day ago 3 replies      
Aaaaaand now we'll start to see a lot of accelerators throwing non-profits in with their other companies, because YC did.

I don't think that--in the vast majority of cases--this will be particularly helpful.

marincounty 1 day ago 4 replies      
They need to ask:

1. At what percentage will your entity spend on administration costs?

2. Will you agree to keep it to lessthan 10%, if we give you funds?"

3. Flat out ask the future non-profit, "How much moneydo you feel you will need to run the non-profit. Wouldyou agree to take only what the standard cost of livingin the county you reside--if it succeeds?"

4. Will your BOD contain any family, friends, or relatives?

5.(Sorry if I sound callous; I live in a county where starting a non-profit is a career move. Some of the salaries are mind boggling.)

6. (Note to any future non-profit. I applaud your effortsif they are honest. Just a reminder--if you ever close down the 501(c)3 you can't keep any assets--not even a paper clip. Nothing belongs to you. )

dylandrop 1 day ago 3 replies      
Does anyone know what the financial motivation of YC to do this is? Is it to diversify the types of companies they invest in? As much as I love to think that venture capitalists give money to nonprofits out of the goodness of their hearts...
trevorcreech 1 day ago 1 reply      
Hey pg, the date on the apply page (https://news.ycombinator.com/apply) is still from the summer term. Cheers.
antidaily 1 day ago 0 replies      
Nonprofits are notoriously non-technical; run by people who just aren't able to use tech to advance their cause. So I think this makes sense.
mathattack 1 day ago 0 replies      
Great idea. Non-profits frequently run into two challenges: financing and scaling. This helps on both fronts. Providing initial seed capital, mentorship on growth and an audience of rich people (many of whom have committed to giving part of their legacy towards non-profits) will increasing the likelihood of their success. If YC takes on 5 non-profits and even 1 scales, this will be a venture worth doing.
studentrob 21 hours ago 0 replies      
Great idea! I'd love to see more data-centric nonprofits. The recent This American Life episode "I was just trying to help" discusses this with GiveDirectly. GiveDirectly points out that many many nonprofits are soliciting donations based on anecdotes and are reluctant to produce more data on their impact. I can only imagine that YC-selected nonprofits (and NGOs? Could this go global?) will be more data centric than the rest. Good luck!
andy_adams 1 day ago 0 replies      
I've been helping a family friend bootstrap her nonprofit, and let me say that it is darn near the purest form of bootstrapping to start a nonprofit. Not only did she have no income to start, but she has no expectations of personal financial gain. She bootstrapped for pure love of her cause.

Funnily enough, in her struggle to get her nonprofit off the ground, I got my idea for my "startup". Bravo to YC for taking an unorthodox step here.

AltruistLLC 1 day ago 1 reply      
The only true difference between a for-profit and a non-profit is the tax status.

Cosmic level blessings on Paul Graham for doing this. Badly needed. The entire sector needs catalytic infusions of entrepreneurial energy and expertise.

Only 150 non-profits have grown past $10M in revenue since 1970. North Korea has better business acumen. Love to see efforts like this.

Thank you Y Combinator!

soora 22 hours ago 0 replies      
I am interested to see how this turns out. The amount of money a person donates each year is roughly fixed. Each non-profit is competing for a splice of that donation. So in some ways having multiple non-profits in the same batch is like funding multiple companies which are direct competitors with each other.
Michael_Murray 21 hours ago 0 replies      
Great idea. Think it's a phenomenal idea to apply some of the same mechanisms for building high growth engines to the charitable space. It's a space that needs that type of growth.
mceoin 4 hours ago 0 replies      
user2 1 day ago 0 replies      
This is a game-changing equalizer for non-profits! Thanks YC.
wudf 1 day ago 0 replies      
This is awesome and encouraging. I hope it sets a trend.
dannowatts 1 day ago 0 replies      
this is absolutely awesome to hear and can not wait to see how things progress. a truly great initiative!
vishalzone2002 1 day ago 2 replies      
can you apply to both the categories..?
davidy123 1 day ago 1 reply      
That's a really undeveloped idea of "nonprofits" "rich people" and "charities."
bpedro 1 day ago 1 reply      
Interesting move by YC as a way of paying less taxes and helping nonprofits at the same time!
marincounty 1 day ago 0 replies      
They need to ask:

1. At what percentage will your entity spend on administration costs?

2. Will you agree to keep it to lessthan 10%, if we give you funds?"

3. Flat out ask the future non-profit, "How much moneydo you feel

The State of TLS on XMPP thijsalkema.de
57 points by xnyhps  11 hours ago   26 comments top 8
aprescott 8 hours ago 1 reply      
> Note that ECDH and DH are different authentication mechanisms: these require special certificates and offer no forward-secrecy.

I contacted the author about this, but I don't think this is correct.

The OpenSSL ciphers documentation[1] says "DH" is simply all suites using DiffieHellman, not necessarily authenticated DH, which is "aDH". I actually couldn't check if it does include aDH since `openssl ciphers -v 'aDH'` tells me I don't have any aDH ciphers!

Unfortunately there's no documentation to explain the difference between EDH (ephemeral DH?) and DHE. Are they synonyms? I'm assuming DHE is ephemeral since using a string with DHE Will get you Perfect Forward Secrecy "points" on an SSL Labs test[2]. (Run the test! Secure your web servers! You can get at least a B rating easily enough.)

[1]: http://www.openssl.org/docs/apps/ciphers.html

[2]: https://www.ssllabs.com/ssltest/index.html

mike-cardwell 9 hours ago 0 replies      
Handy tip: If you want to use ssllabs.com server test against a non-HTTP based SSL service on your host which runs on a different port, you can temporarily add this rule to iptables so that any connetions from SSL labs on port 443 get redirected to it:

iptables -t nat -I PREROUTING -s -p tcp --dport 443 -j REDIRECT --to-port 5223

In this particular case, I turned on legacy SSL in my XMPP servers (Prosody) configuration so that an SSL on connect service existed on port 5223.

Of course, in the results that SSLlabs displays, you'll get some strange information as it's expecting HTTP, but the majority of the information is useful.

JshWright 4 hours ago 1 reply      
What's the author's concern about AES128?

  "The best cipher offered is 128-bit AES. So far, this has been the only client that doesnt support 256-bit encryption that Ive seen."  "Surprisingly AES128 takes priority over AES256 here."  "Surprisingly AES128 is first, followed by 3DES and only then AES256."  "128 bit AES/Camellia is preferred over those with 256 bit, but at least RC4 is at the very bottom here."

In my opinion, preferring AES128 over AES256 is a feature. AES128 is more than sufficient in terms of cryptopgraphic strength, it's faster, and it isn't susceptible to the key schedule weakness that the higher key sizes have.

nsmartt 10 hours ago 2 replies      
Somewhat off-topic: What are some alternatives to XMPP? I haven't found much about messaging protocols.
devx 9 hours ago 2 replies      
Is HTTP 2.0 finalized and approved? If not could we push for it to support PFS by default with ECDHE, which seems to add only 15 percent overhead [1]? That seems like a small price to pay if the security of every session grows exponentially, with each one being encrypted with a new key.

HTTP 2.0/SPDY already makes TLS mandatory, no? So why not make PFS mandatory, too? I'd rather we do it now than wait for HTTP 3.0, and it might force a lot more companies to adopt it by default as they move to HTTP 2.0 (companies such as Microsoft [2]).

EDIT: Links

[1] - http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-se...

[2] - http://news.netcraft.com/archives/2013/06/25/ssl-intercepted...

frank_boyd 10 hours ago 1 reply      
If you're looking for encrypted OTR/decentralized/p2p messaging, also take a look at http://retroshare.sourceforge.net/
devx 10 hours ago 1 reply      
What about Moxie's TextSecure? I think it's going to be integrated into CyanogenMod ROM's soon, so I'd like to see an evaluation of that, too. An evaluation of Surespot would be nice, too, even though it's not using PFS.
Date parsing performance on iOS (NSDateformatter vs sqlite) vombat.tumblr.com
76 points by MishraAnurag  14 hours ago   50 comments top 11
stevoski 10 hours ago 2 replies      
A class like NSDateFormatter is designed to handle a wide range of date formats. This usual results in sub-optimal performance. If you find it too slow and you have a known, specific date format you should write a specific fast parser.

I did the same with Java's Integer.parseInt(...) method. It is an interesting task to go through.

Now I'll spend the rest of this rainy afternoon playing around with writing a fast ISO date parser :)

Edit: Seems Java's Joda Time library already does parse ISO dates really quickly. 7 seconds for 4 million on my MBP

Edit: A fast custom date parser for ISO dates I just wrote can parse 4 million dates in 150 milliseconds.

pilif 13 hours ago 7 replies      
>Many web services choose to return dates in something other than a unix timestamp (unfortunately)

Wrong. That's very fortunate. Unix time stamps have some serious deficiencies as data type for storing time information: for one, they lack precision. One second just might not do it. Then they lack any time zone information. You will never know what a specific time stamp is in. GMT? UTC? Time zone where the server is in?

Sure. Maybe you are lucky and it's documented (it probably isn't because people who care about such things are not using unix time stamps to begin with), but using a string time stamp formatted in ISO means that no documentation is needed. The encoding is good enough to store any sub second time stamp including time zone info.

That way, you can turn any of these into whatever your environment uses internally which you will then use in conjunction with the library routines to deal with all the difficulties related to doing math with dates (how many days in a month? What about leap years? What about time zones? Not really hard issues, but many to keep in mind and many possible causes for bugs)

0x0 13 hours ago 2 replies      
I wonder if this could be improved by just using the standard C library strftime(3) instead of going through sqlite?
andymoe 6 hours ago 0 replies      
> To parse a million randomly generated dates on an iPhone 5 running iOS 7, NSDateFormatter took a whooping 106.27 seconds, while the SQLite version took just 7.02 seconds.

Yes, NSDateFormatter is slower than other methods including some C libraries out there or this novel approach for turning a string into a NSDate however in most instances it's plenty fast enough and has a bunch of useful functionality [1] the least interesting of which is easily turning a string to a NSDate.

If you are optimizing this aspect of you code first you are likely wasting your time and would suggest iOS/Mac developers get to know NSDateFormatter intimately especially if you are displaying date/time information to users anywhere in you apps.


asveikau 8 hours ago 0 replies      
For those million timestamps I am sure that those extra allocations from the statement APIs are not helpful. Since he references the C code sqlite is using (at a quick glance it looks pretty contained) I don't know why he doesn't just include it directly in his project and call it from objc, no statement API needed.

[Edit: I see now that in the test there is only 1 statement object ever created for a test of a million dates. Better than I thought initially. But my guess is the statement object still creates some degree of inefficiency not found in directly calling the C version.]

7 seconds is a long time in CPU terms, I am sure that he can do better.

stcredzero 8 hours ago 0 replies      
NSDateForatter is designed for the UI and "Swiss Army knife" use case. SQLite is for a back end data context.

Two different design goals. Two different sets of design trade offs. (For "design" in the Rich Hickey sense.)

pothibo 12 hours ago 0 replies      
That's bad. Very bad. iOS Apps use timestamp everywhere so I'm sure this could be a low hanging fruit optimization for many apps out there.

You should wrap this piece of code in a nice API and let people benefit from your findings. (Someone else could do it too, I'm just saying!)

becauseICan 11 hours ago 1 reply      
These two methods start producing different dates after about year 3515.
willvarfar 12 hours ago 1 reply      
Why convert each date with a select if they are putting it into the db anyway? Why not just let sqlite do the conversion as part of the insert statement?
dante_dev 10 hours ago 2 replies      
mmm.....can I see the code about NSDateFormatter? because I feel like you're using it wrong. You need to cache somewhere the NSDateFormatter allocation (it is really expensive), reusing the same instance to convert the string to NSDate*.
jergosh 12 hours ago 1 reply      
terrible use of percentages.
NSA Codebreaking: I Am The Other popehat.com
383 points by thecoffman  1 day ago   109 comments top 12
mpyne 1 day ago 7 replies      
> The NSA's official response is to suggest that wanting to secure our communications from our surveillance is inherently suspicious and suggestive of criminal activity.

No, their official response is to suggest that encrypting your communications makes you indistinguishable (at their end) from those who encrypt for criminal activity. There is a difference, and there's no getting around the idea that if the set of Bad Actors are to have the crypto broken then it will necessarily involve breaking the same crypto in use by the Good Actors.

Even the NSA also says in the very paragraph quoted that encryption is also used for "nations [...] to protect their secrets" (which is hardly a criminal or illegitimate goal).

Likewise, if the government hires a lockpicker to plant a bug in an embassy then by definition they now have the technical ability to pick locks (even if they don't have the legal permission).

The rest of his points, on the whole, are quite valid but are sometimes answering a question that isn't actually behing asked from the other side.

ferdo 1 day ago 1 reply      
"Perhaps you think your E-mail is legitimate enough that encryption is unwarranted. If you really are a law-abiding citizen with nothing to hide, then why don't you always send your paper mail on postcards? Why not submit to drug testing on demand? Why require a warrant for police searches of your house? Are you trying to hide something? You must be a subversive or a drug dealer if you hide your mail inside envelopes. Or maybe a paranoid nut. Do law-abiding citizens have any need to encrypt their E-mail?

What if everyone believed that law-abiding citizens should use postcards for their mail? If some brave soul tried to assert his privacy by using an envelope for his mail, it would draw suspicion. Perhaps the authorities would open his mail to see what he's hiding. Fortunately, we don't live in that kind of world, because everyone protects most of their mail with envelopes. So no one draws suspicion by asserting their privacy with an envelope. There's safety in numbers. Analogously, it would be nice if everyone routinely used encryption for all their E-mail, innocent or not, so that no one drew suspicion by asserting their E-mail privacy with encryption. Think of it as a form of solidarity."

Phil Zimmerman, 1994


iandanforth 1 day ago 1 reply      
"Thousands of Americans have fought and suffered and died to preserve freedom over our history does it make sense to sacrifice freedom now because the state tells us people will die if we don't?"


aray 1 day ago 2 replies      
It would be great to break through the "if you have nothing to hide" line and push that responsible citizenry need security (and cryptography) as well.

I am also the other.

brown9-2 1 day ago 3 replies      
"I wonder: what if a substantial number of Americans started using strong crypto on a routine basis?"

They already do! Everyone who makes Amazon purchases, or sends Facebook messages, or does online banking is all using some form of strong crypto.

Does our government treat all e-commerce shoppers as "bad guys"? No.

anigbrowl 1 day ago 1 reply      
I mean I am the "other" contemptuously categorized by my government, a vast category of people with an interest in using encrypted communications to thwart my government's attempt to spy on me.

The government almost certainly doesn't want to spy on you, it just wants to be able to find spies and other bad actors among you.

I have to admit to taking a jaundiced view of these complaints, since for almost 20 years the US has maintained an immigration regime in which illegal aliens have virtually no legal path to residency (despite many of them having no criminal record - unauthorized presence in the US is a violation of administrative rather criminal law, and it only become a criminal matter in the case of deportation and repeated unlawful re-entry); illegal immigrants can be detained incommunicado for up 6 months without any right to a hearing, have no right to provided counsel, and enjoy very few constitutional protections (in general, those extended to 'persons' rather than 'citizens' or 'the people'). Leaving the US imposes a whole raft of additional sanctions on such a person (eg a 3 or a 10 year banishment during which the person may not even apply to re-enter the country) which don't apply to people who stay, and thus create a strong economic incentive to remain, resulting in an entirely legal underclass of about 11 million people who have even fewer rights than ex-felons. 'But they broke our laws' is the response of most people, as if the laws were not the responsibility of the legislators and people who elected them, but had come down from heaven.

I'm not excusing the NSA's overbroad vacuum-cleaner approach to gathering metadata, busting encryption and so on, other than to note it's not very different from the kind of data collection private actors fiercely defend the right to engage in, saying that the onus is on the data owner to use good security. But it's very hard for me to give a sympathetic ear to complaints of tyranny from people who seem happy to tolerate a system that severely curtails the freedom of several millions of their neighbors.

jusben1369 1 day ago 0 replies      
So I was really excited then disappointed as I clicked through. I thought it was going to be a developer who helps the NSA crack encryption. No offense to anyone here but the last thing I need is another article around the NSA and snooping from someone.

Who here wouldn't love to hear from a developer who's helping with this and has strong beliefs in their reasons for doing it?

Revisor 1 day ago 0 replies      
I am the spied upon Other, because I'm not an American. I don't have a voice in your debate, no representative, no senator, no amendment. My only hope is that privacy becomes a generally accepted human right.
devx 1 day ago 2 replies      
> "I wonder: what if a substantial number of Americans started using strong crypto on a routine basis?"

That may happen anyway, in time, if this situation is not fixed, but it could happen so much faster if companies like Google, Microsoft and Facebook (ok, I know I'm really pushing with this one) who have services used by over a billion people would offer very secure end-to-end communications platform, by default, and in a very transparent way (being able to check for sneaky backdoors pre-encryption, or anything like that).

They don't even have to do it for everything, especially the parts which are meant to be more public anyway, but there's absolutely no reason why IM's couldn't be completely private - from everyone and anyone, including the companies themselves.

So what are you waiting for Google, Microsoft and Facebook (and others, too)?

frank_boyd 17 hours ago 0 replies      
> Would it be better to say back to the government "no thank you" and accept a higher risk of terrorist attack if it means not living in a society of entitled spies?

Of course it would be better, b/c:

Right after the argument for the right to privacy comes the fact that there literally IS no terrorism (in western countries, anyway - I'm not about places like Iraq after the invasion etc.). We've been brainwashed by our media to think there is. Just take a look at some numbers: http://www.washingtonsblog.com/2011/06/fear-of-terror-makes-...

Conclusion (as an example): If we know that "You are 8 times more likely to be killed by a police officer than by a terrorist", then we'd first need to fight the police officers before pouring billions into a surveillance state.

pyaniv 1 day ago 0 replies      
Well...NSA is built by a democracy. The people wanted war..their representatives gave it. The people wanted spying...their representatives gave it to them. Only a minority doesn't want these. In a democracy, minority loses. Unfortunately, it turns out the majority are stupid..anywhere in the world. So, just have to live with it, hoping they get intelligent someday.
rasur 1 day ago 1 reply      
We are all The Other now.
Linux vs. Bullshit linuxjournal.com
123 points by Mithrandir  19 hours ago   70 comments top 15
GhotiFish 1 hour ago 0 replies      

  "To be fair, both the DAA and the IAB would like    advertising to be as wrought as possible, and for    consumers to appreciate the good intentions and effects    of their business. I know that because I've talked to    them about it. Those organizations see themselves,    correctly, as advocates for good behavior in a business    rife with the opposite. "
this paragraph stuck with me. I rigorously ad block, on everything. I make sure my relatives have PVR's and I train them to pause and skip effectively so that they never see advertisements. I install ad block on not just my computer, but my families as well. I actively avoid content that has advertisements in it (I don't play free to play games, for example).

I do all this for two reasons.

1. I don't trust them. I honestly believe that if an advertisement ever states anything, the opposite is likely to be true. eg. "Our product helps you lose weight!" I am now convinced this product makes you gain weight.

2. I fear that advertisements really alter the way I perceive the world. part of that fear discussed here: http://www.reddit.com/r/explainlikeimfive/comments/14y695/el...

I worry that advertisements gradually change the people that watch them.

but the paragraph mentioned above gave me pause. I can't help but feel, if there were advertisements that didn't lie or actively mislead, that didn't have a terrible and dishonest history, that didn't exist purely as a form of mass manipulation, that I would be more amenable to them.

Of course, that will NEVER happen EVER.

so I will continue to block them at every vector. Maybe when the advertising industry is completely squeltched, desperate, and trying to claw itself from its own dug grave, will they play by the users rules. I wouldn't hold your breath.

dap 9 hours ago 2 replies      
I found this article confusing because the introduction -- the title, the SunOS history, the Longfellow quote, and Morton's quote -- all suggest a self-righteous position around technical integrity and engineering choices. (Such a position would be poorly-founded anyway, since economics are a crucial part of engineering, even engineering that starts from a principle of technical integrity above all else. Besides that, various sources peg the percentage of Linux kernel contributions coming from commercial entities upwards of 75% -- which is a great thing, but can hardly be said to be free of commercial influence.)

The meat outlines some good points about modern advertising, but I don't get what it has to do with Linux. (Which "Linux" is this? The system? The community? Something else?)

It's also wrong to say that software systems don't lie: that's what virtual memory is, for example. Obviously educated people know the truth, but there's a real sense in which the system is presenting one thing as though it's really another, when the system is actually just going through great pains to make things look that way. This is often a good thing in software, unless the system gets caught in the lie (e.g., when it has to page things out or deploy the OOM killer), at which point real people are often surprised at what was going on all along.

Amadou 17 hours ago 3 replies      
I really appreciate this article. Searls has put to words a concept that has long bothered me on an intuitive level. Namely that all of these bullshit marketing techniques create a cognitive load that is not in proportion to any value that I as a customer receive from them.

I think it is self-evident that when it comes to matters of taste there is no really "right" answer, but these middle-men are all about muddying the waters for the (short term) benefit of their clients at my personal expense. That is really in contradiction to the premise of a market-based economy - that every transaction benefits both sides. These techniques are all about shifting as much of the benefit to the seller rather than improving the outcomes for both participants.

gibbitz 10 hours ago 1 reply      
I am a developer who works in advertising and I can say this article is bullshit (different agenda, but bullshit just the same).

Most of the literature out there makes the marketing world out to be the NSA. The truth is there are some very easy ways to control the ads you see on your screen if you take the time to understand how it works. Basically, not logging into Google while searching and periodically clearing your cookies will keep your searches for sex toys from showing you ads for butt-plugs. Most of this information is stored in cookies, except for when dealing with companies with large stakes in advertising that have user accounts where they can store your history with their service (Google). I find storing search information connected to a user in a database to be invasive so I don't log into Google. I have little reason to log into Google and do so very infrequently. If your argument for logging in is gmail, just don't use the web client. Cookies are protected by domain so the only visibility into the ads you're delivered via a cookied ad network is via your eyeballs.

Many of the technologies listed in the article are hair splitting variants and some are not advertising at all (Web Analytics are used mainly to determine where people go and what they are interested in in your website to drive changes that benefit users and keep your website profitable, whether that be through ad placement or order form flow). Additionally, ad buying for newspapers and television are only slightly less complicated and involve only slightly fewer middle men than internet advertising and these days those are considered "traditional" advertising media. CRM is listed here as well, which is basically the online equivalent of leaving your business card at someone's office and is mostly used by companies as an alternative to cold calling.

Much of the diversity listed here is about monetization. IE, does the publisher get paid for impressions (views of the ad) or clicks, or completed tasks (sign-ups, orders, etc). This is better for the advertisers because they can pay only for effective ad placements, and puts a lot of focus then on how the ads are placed effectively (so those who display them can make money from those who traffic them). Without going into it too deeply, this is how money from a company (like Aspen Solutions, who's ads I see on the article page for example) trickles down to linuxjournal.com to pay their staff and hosting bills. If you prefer paywalls on your news outlets and blogs or are willing to pay Google for access to their search database (or worse need to log in so they can collect data about your searches to sell to parties undisclosed), I'm sure that could be arranged, but I will go on avoiding traps and diverting my eyes because I understand that this is the middle-ground. At some point you have to accept that the services we enjoy on the internet are built by people with families that like to eat and your selfish desire for public search privacy and screens uncluttered by advertising are secondary to their well being. Are there people making a lot of money off of advertising? Yes, but much fewer than make money off of professional sports which is also funded by advertising and gets a hell of a lot less negative press.

millstone 17 hours ago 1 reply      
> Linux doesn't lie

Until you ask it to allocate some memory.

keithpeter 16 hours ago 0 replies      
"We now know that the Feds and marketing mills are both harvesting massive amounts of personal data without revealing to us what they know, and that the two are actually in cahoots, at least some of the time. This is especially vexing, because the feds should be the ones protecting us from bad actors, rather than bad actors themselves."

This quote nails it for me. The waste involved with universal surveillance.

Further down this discussion, some participants are arguing about terminology ('Linux' or 'GNU/Linux') which is the other side of the free software/open source process...

I was previously unaware of the work of Harry Frankfurt, and the original journal version of the On Bullshit essay is available online as a .pdf. There goes the morning...

hcarvalhoalves 16 hours ago 0 replies      
Great article. It can expand further than Linux and turn into a piece of it's own. Bullshitting is the disease of the decade.
quadrangle 7 hours ago 0 replies      
Yup, I use the Trader Joe's analogy too. I love them. There's no contrived nonsense. It's so refreshing. It's so obvious how all the rest are manipulative bullshitters. Hooray for integrity. Why they hell do 70% of GNU/Linux users still not use AdBlock????
jhspaybar 11 hours ago 3 replies      
I don't use Adblock. I could, obviously. All my friends and coworkers seem to. Honestly, the main reason I don't is because I want to support Google. Sure, they're only a large portion if ads, not all of them, but given the insane amount of value they provide to me, I'd feel downright guilty not allowing them to make money off of me.
javert 16 hours ago 3 replies      
I read the article, and I don't see what the thesis is.

The article is disorganized. You can't tell where it's going, and when it gets there, you can't tell where you are.

It also seems to contain a lot of pretentious pseudo-intellectual posturing.

Maybe I'm missing something, though. Someone feel free to enlighten me.

EDIT: Also, I should state that I find the scatalogical references to be vulgar, juvenile, and a big turn-off.

liveoneggs 9 hours ago 1 reply      
linux development is majorly funded by those same old school (with some new entries) companies with the same agenda of pushing linux in a friendly direction.

the "community" has long since ceased to be what most people think it is.

educating 8 hours ago 0 replies      
Things I think are bullshit:

1. Ubuntu's decision to include ads

Linux got a real black eye from that imo, and turned me off of the normal Ubuntu distro for the forseeable future. Even for my lightweight distro I use Mint XCFE now just to stay the hell away from an organization that would do that.

2. Corporate Linux

I liked RedHat in 1997-98, but they went corporate quickly, and since then I personally don't like paying anyone for Linux. I want to support the hacker ethos that made Linux great, not some big corporate head.

BruceIV 11 hours ago 1 reply      
Minor point: could the prevalence of ad-blocking on Linux be mostly because ad-blocking makes the Web significantly faster because Flash is dog-slow on Linux, rather than any particular philosophical objection to ads?
chatman 18 hours ago 6 replies      
"GNU/Linux" is the OS, "Linux" is just the kernel. The GNU project is responsible for many of the crucial parts responsible for making a complete OS, save for the kernel. Abbreviating the OS with "Linux", for the sake of convenience, should be avoided in order to give the GNU project its due credit.
kulinilesh456 14 hours ago 0 replies      
Linux doesn't lie, any more than gravity lies, or geology lies, or atmosphere lies. Like those other natural things, Linux has no guile, no agenda beyond supporting the entirety of use-space.
In defense of Core Data (Part I) thermal-core.com
21 points by LinaLauneBaer  7 hours ago   9 comments top 6
stevenwei 2 hours ago 0 replies      
Despite it's flaws, I have found Core Data to be quite necessary when working with iOS database driven apps, as it provides some rather crucial functionality that would otherwise be lost (or need to be manually recreated) when working with raw SQLite. Concurrency support (as mentioned) is one such example.

Another important function is the support it provides for object change tracking. As your objects are modified, Core Data will dispatch the relevant notifications so you can keep your views updated with the latest changes. If your objects can be updated from multiple places (say, multiple areas of your UI, plus changes occurring in a background thread if you're importing in bulk, or syncing data to a web service), you'll need some way to react to these updates efficiently. This is something that Core Data provides out of the box that you would otherwise have to handle manually, and refreshing the UI in real-time to database changes is something that is mandatory in any modern app. NSFetchedResultsController takes this one step further by determining which changes are relevant to your table view or collection view and inserting/removing/updating the correct cells as necessary. And it does so efficiently which is incredibly relevant on mobile devices. (Note that ContentProviders on Android have similar capabilities for notifying you when a particular object is inserted/updated/deleted. I prefer the Core Data approach as it actually tracks specifically what has changed.)

That said, Core Data is not without it's flaws. I find it somewhat overengineered in some areas and rather lacking in others. For example, the 'abstraction' of Core Data backends is a weakness rather than a strength. In practice, I would wager that 99% of people using Core Data are using it with the SQLite backend. Having to cater to the existence of an alternate XML backend means that certain actions can't assume (and hence take advantage of) SQLite specific features. For example:

- The inability to issue bulk updates or queries. Instead of doing a DELETE FROM x WHERE y, you have to iterate through all the objects you want to delete or update. This can be slow.

- If you need to do anything custom in a migration, it would be great to be able to write a SQL level migration script instead of going through the extremely cumbersome manual migration process.

Additionally, the recently added concurrency options are still missing support for a very common use case: running your initial fetch on a background thread, and then populating a table view with the objects you just fetched. This is technically possible to do but not very easy, as you can't safely pass managed objects between thread boundaries without a bunch of extra work, and not supported by the native NSFetchedResultsController so you lose the ability to use that. (Again, to compare to Android, their loader framework makes doing background queries very easy to implement.)

Overall I think Core Data is a huge plus for iOS/Mac developers but there is definitely lots of room for improvement.

eschaton 1 hour ago 1 reply      
I'd suggest using multiple contexts more, not less, in applications.

I'll generally use a shared "Library" instance to mediate access to data in a shoebox-style (as opposed to document-style) app. The Library has a root context with private queue concurrency, and has methods used by other parts of the app to obtain new child contexts: One to create a new main-queue child context, and one to create a new background (private-queue) context. The root context is never directly vended, and neither are objects from it; it's primarily used to save changes propagated from the child contexts, and the Library accomplishes this by observing the did-save notifications for child contexts it creates. When it saves, it also posts its own notification (wrapping the root context's did-save notification) so any longer-lived contexts can merge changes upwards from the root.

So in some piece of UI, such as a window controller on OS X or a view controller on either OS X or iOS, I'll ask the Library for a new main-queue context and use that to present that UIand only that UI. If I need to perform some calculations or a background update (say from a web service), I'll ask the Library for a new background context and use it for just that operation. Any save in either case triggers a subsequent save by the Library's root context, and a notification of that which can be used to update other child contexts.

And any time I'm passing objects around, I use managed object IDs rather than the objects themselves, so there's no concern about mixing objects from different contexts.

With the above in mind, it winds up being pretty straightforward to build nicely-performing apps that use Core Data to persist their object graphs.

RyanZAG 5 hours ago 1 reply      
Looks like someone missed the point of making a whole API on top of the database - to make accessing the database easier, not infinitely harder with more gotchas than Apple's TOS. This reads less like a defense of Core Data and more like a guide book on why using Core Data is terrible idea.
biznickman 3 hours ago 0 replies      
I honestly hated Core Data but then I found MagicalRecord (https://github.com/magicalpanda/MagicalRecord) and it solved all my problems. Given that at that point it takes less than 10 minutes to get functioning, Core Data no longer is a pain in the ass.
dmishe 4 hours ago 0 replies      
Um where you're describing context tree you say that root MOC has main queue concurrency and then that main queue has private concurrency, which is wrong. The picture is right

That said I agree on conclusion, I started my first (quite big) core data app constantly worrying about performance, so I juggled all kinds of MOCs around, but then I just threw all of them out, start with a single main queue MOC and only add private queues where absolutely needed.

kristianp 1 hour ago 0 replies      
The font on this page looks bad in Chrome 29, Windows 8. No antialising. Looks ok in Firefox though.
0 A.D., an Open-Source Strategy Game indiegogo.com
486 points by dgellow  1 day ago   95 comments top 30
InAnEmergency 1 day ago 3 replies      
0AD is the most polished, beautiful open source game I have ever played. This campaign is not about building a new game: the game already exists as shown in the video and is even in an enjoyable-to-play state. Definitely check it out if you haven't already (and it's cross-platform!): http://play0ad.com/
niuzeta 1 day ago 3 replies      
This is probably not the most constructive comment here, but it's more correct to say open source RTS game than RTS open source game because open source in this case is used as an attributive adjective(pre-nominal modifier) and RTS as a noun-string nominative adjective which modifies 'game'.

Also, your title tries a call to action, that is, the first Help is a intransitive verb rather than a noun. So to is unnecessary there. In which case, Help founding would be a better writing. Of course, if we're to use gerund then the word founding could be better replaced with.

Ah, the pedantry!

willvarfar 1 day ago 0 replies      
0ad and Megaglest are two great RTS games!

I particularly recall the good stuff re path-finding that came out of sponsored hacking on 0ad last time:

Jump Point Search (A*JPS) goodness e.g. http://www.wildfiregames.com/forum/index.php?showtopic=15270...

tlarkworthy 1 day ago 5 replies      
I love RTSs. Total Annihilation (TA) was an early favourite.

SpringRTS is an open source game engine that improved beyond TA and actually had UI features that Supreme Commander has drawn inspiration from.

The multilayer is epic, its totally LUA scriptable. People have re-purposed that engine for all manor of weird RTS type games. I sincerely hope this project is going to use that battle hardened, cross platform, actively developed, open source RTS engine rather than roll their own.


B-Con 1 day ago 2 replies      
I've been a long time fan of Age Of Empires II. 0AD looks like a clone of it, more or less.

I think I last checked in on 0AD 2 years ago, before there was AI. Back then AOE II had poor performance issues that I really wanted addressed, like wrong colors (fixable by a user patch), only low resolution support (also fixable by a user patch? I forget), and horrible network management on busy LAN games (6 teams with 150 population each? Players will get dropped once battles start).

Then AOE II got picked up by a contracted company for the pure purpose of bringing an old game into the modern world, and HD got released with lots of fixes. It wasn't perfect, but there was much rejoicing.

Anyone played both 0AD and AOE II HD? Any comparison points?

akg 1 day ago 0 replies      
Now only if Dwarf Fortress would be open sourced and combined with the amazing effort presented here -- that would make for an epic game.
alexlarsson 1 day ago 2 replies      
Hmm, i wonder if its possible to port this to asm.js + WebGL. That would make it very easy to start playing...
Aardwolf 1 day ago 1 reply      
This looks super cool!

Ideal would be if an online multiplayer community evolves around this game. Does the game feature the ability to track multiplayer win/losses and keep some kind of ELO rating or similar on a server? Is it reasonably safe against cheating in multiplayer? Does it allow setting a handicap for less good players?

Thanks :)

phaemon 1 day ago 2 replies      
When I first heard of a crowd-funded game, I assumed it would be open source and was surprised to find it wasn't. Glad to see it's starting to happen and hope they meet their target. I'll definitely be throwing a few dollars their way!
bloodorange 6 hours ago 0 replies      
While working fulltime, I find it hard to make time for free software projects and I would love to see something like this succeed. I have contributed to this project and encourage anyone who loves games to do so. We want free software games of all kinds to be out there!
microcolonel 17 hours ago 0 replies      
0 A.D. Has made enormous progress toward the 14th Alpha, it's already incredibly engaging. They have my buck, and hopefully they can get consistent gloss on this gem.
biehl 1 day ago 0 replies      
Awesome. $20 to them. (And finally got around to renewing my FSFE support too!)
shire 1 day ago 0 replies      
I've been waiting for a game similar to Age of Empires to come but this just completely destroys Age of Empires, Thanks for this awesome game I will support.
pothibo 1 day ago 1 reply      
This really looks like Age of Empires 2. It's not a bad thing I was a fan.
shire 1 day ago 1 reply      
I was absolutely shocked when I saw this, this is so awesome in so many ways. It resembles Age of Empires but much better graphics.

Age of Empires has this thing where you can upgrade your empire to the Castle age or Imperial Age I wonder if this game has that?

akg 1 day ago 1 reply      
This is excellent!

Out of curiosity, how do developers "stay in business"? Is Wildfire making enough off of donations and kickstarter-like campaigns to keep development going strong?

alifaziz 1 day ago 1 reply      
Beautiful soundtracks too, http://play0ad.bandcamp.com/
bfish510 1 day ago 1 reply      
I've been playing RTS games for ages and the one thing that concerns me is balance. With so many different factions I can imagine this is going to be rather hard to do without a large amount of overlap between them. Best of luck!
shire 5 hours ago 0 replies      
So when 0 A.D will be released is unpredictable? I was looking forward to the campaign.
educating 3 hours ago 0 replies      
Played this game and it really sucked. :(
ibudiallo 1 day ago 1 reply      
> This isnt your daddys Age of Empires.

Yes it is. It looks exactly like it. But no complAint. I will gladly back up this project cause I feel like AoE decided to take another route, while this game takes you back :)

kephra 1 day ago 1 reply      
I fear the price tag is much to high. A tag around $10k or $20k would be much better, as payout is only done for successful campaigns, iirc.
caiob 1 day ago 0 replies      
Crowdfund all the things!
fry_the_guy 1 day ago 1 reply      
Looks like fun, I am excited to try it out tonight
Tomis02 1 day ago 1 reply      
Do units fire while moving?
dariopy 1 day ago 1 reply      
0 A.D. is in development, if memory serves well, since at least 10 years ago. Maybe more. I doubt it will ever be completed.
atjoslin 1 day ago 0 replies      
Supported. Go wildfire!
iron77 1 day ago 0 replies      
Bitcoin donation address please!
ddorian43 1 day ago 0 replies      
Every fan of RTS games needs to play Metal Fatigue. One of the greatest/unique game ever.
PaulAJ 1 day ago 2 replies      
Has anyone pointed out that there was no year 0 A.D. 1 BC was followed by 1 AD.
Most TOR servers are vulnerable (NSA crackable) erratasec.com
6 points by cklaus  3 hours ago   1 comment top
eksith 2 hours ago 0 replies      
Debian/Ubuntu isn't alone in this. It should be noted that the majority of nodes are using Linux and of those, the 0.2.4 package is still not available unless you're running some flavor of "untested" or other bleeding edge distro.

Of course that doesn't stop operators from simply downloading the latest package themselves from the Tor project or compiling from source.

       cached 8 September 2013 01:02:01 GMT