hacker news with inline top comments    .. more ..    11 Dec 2013 News
home   ask   best   4 years ago   
1
Call me maybe: Redis redux aphyr.com
50 points by llambda  2 hours ago   4 comments top 3
1
rdtsc 1 hour ago 1 reply      
> Ultimately I was hoping that antirez and other contributors might realize why their proposal for a custom replication protocol was unsafe nine months ago, and abandon it in favor of an established algorithm with a formal model and a peer-reviewed proof, but that hasnt happened yet. Redis continues to accrete homegrown consensus and replication algorithms without even a cursory nod to formal analysis.

That is kind of my feel. Redis is an outstanding product with a beautiful code base. This replication feature has been tough though. It is kind of due to external factors as I've mentioned in the previous post. Everyone and their cousin are talking about distributed databases, everyone likes CAP, CRDTs, Vector Clocks, Raft, Zookeeper and so on. It is hard to come up and say "Here I have made this custom replication protocol". Everyone stares and asks, "Hey where is your whitepaper or your partition tolerance tests?". 5-7 years ago, there would be only nods and approvals. The other aspect is this is about a database, so it is potentially toying and touching user's valuable data. If that gets lost either by a bug, mis-communication in docs, bad default, anything, it will not be taken lightly.

In the end I think it is fine to have it as what it is, with the warnings and disclaimers that data could be lost and avoiding papering over or hiding issues.

As an extra side note, simply put partition tolerance is hard. Net-splits are the devil of the distributed world. Some claim it doesn't exist or doesn't happens often. Others fear and tremble its name is mentioned. When it does happen it means having to resolve conflicts, throwing away user data, stopping killing your availability to stop some from accepting writes in order to provide consistency. This is a tough test (that Aphyr runs) and not very many databases fair well in it. But it is good these things are discussed.

2
justin66 54 minutes ago 0 replies      
A person who found themselves sympathetic to the kind of hand-wavey feel-good explanation of things in yesterday's Redis thread might find this conclusion kind of snotty:

> I wholeheartedly encourage antirez, myself, and every other distributed systems engineer: keep writing code, building features, solving problemsbut please, please, use existing algorithms, or learn how to write a proof.

That person should be sure to note these experimental results:

> These results are catastrophic. In a partition which lasted for roughly 45% of the test, 45% of acknowledged writes were thrown away. To add insult to injury, Redis preserved all the failed writes in place of the successful ones.

3
rcoh 1 hour ago 0 replies      
As a gut check, if you're solving some replication problem and you'd consider using Paxos to solve the problem, be /very/ wary and reason extremely carefully about why your weaker solution will provide the same guarantees. Chances are, it will fail in certain cases of network outage or system failure.
2
Uruguay legalises production and sale of cannabis theguardian.com
254 points by wslh  6 hours ago   139 comments top 22
1
pstuart 5 hours ago 5 replies      
It feels like we're just about at the tipping point with cannabis. Once enough states in the US legalize it, the Feds will have to back down.

The next step will be for people to wake up to the fact that harder drugs need to be legal too. Not so that more people can take them, but so we can have less crime and eliminate a key justification for the growing police state.

2
chimeracoder 5 hours ago 4 replies      
Until today, the only places in the world where marijuana was legal are two states in the US (Colorado and Washington)[0], and the entire country of North Korea[1].

Other jurisdictions have decriminalized marijuana, but most of us haven't seen the legal sale of recreational marijuana in our lifetimes (in the US, it was all-but-illegal since 1937, and truly illegal since 1970 - there were only 6 months in 1969 during which there were technically no laws prohibiting its sale).

These are exciting times we live in.

[0] Technically these haven't gone into effect yet, but I'm still counting them.

[1] Surprising, but (as far as we can tell) true. Less surprising when you consider that exports of drugs that need to be engineered (like methamphetamine) are one of North Korea's biggest sources of foreign currency.

3
bitsoda 2 hours ago 0 replies      
Al Jazeera English posted a really good interview with Uruguay's president, Jose Mujica. If you haven't seen it yet, I highly recommend it.

http://www.youtube.com/watch?v=nu12Dhoma0k

4
vezzy-fnord 2 hours ago 0 replies      
I'm surprised there's still people who are so concerned with punishing people for putting things in their body. Many of these things actually being present in over-the-counter medicines.

Also I despise it when people treat alcohol and tobacco as distinct from "drugs". Illicit drugs, yes.

5
cfontes 4 hours ago 1 reply      
Uruguai's president, Jos Mujica is a truly unique old man.

He is a very interesting Character. I advise everybody to learn a bit about him and his way of leading the country.

Put that aside I think that way of working one works on small Countries or Cities with small populations.

6
alexeisadeski3 5 hours ago 2 replies      
Uraguay is actually the second current nation to legalize this. North Korea being the first. Cannabis is not regulated as a drug at all in North Korea.
7
jusben1369 4 hours ago 2 replies      
What's so interesting here is that here's a government implementing this against the will of the majority of its people. That's pretty rare period/full stop. Fascinating here. True visionary bold leadership or blatant disregard for democracy.
8
smtddr 5 hours ago 2 replies      
I can't wait for the results of this to come out so I can use it in debates with people who are against legalization. I'm almost certain Uruguay will be better off for this. The resources involved in trying to suppress cannabis is ridiculous; especially for a substance that doesn't even do as much harm to society as some other things that are perfectly legal.
9
almosnow 1 hour ago 1 reply      
Legal drugs != less crime...

On one hand, yeah sure, some people won't end up in jail for buying/selling/consuming drugs but those are just like little drops in the sea.

The sea is actually the major criminal organizations that are perpetually conflicting with each other in order to maximize their particular profits. A situation where the demand becomes bigger (because it's not illegal anymore) will only put more fuel onto their war.

And yeah, you would say 'it was the same way with alcohol'; NO it wasn't. That was a problem of a very different society at a very different time; to put that on perspective: when have you heard of ENTIRE countries employing practically everyone (even children) to grow, launder and even murder for the business?

10
waingake 4 hours ago 1 reply      
I suspect that nearly everyone here will be of the opinion that this is a good idea. If you are up for an alternative ( and yes I know, oh so unfashionable ) point of view, then I recommend watching this.

http://www.youtube.com/watch?v=36L0p2w_jtA

Its a fascinating and well put argument by Peter Hitchens that legalisation isn't beneficial to society. Yes imagine that.

11
fiorix 4 hours ago 0 replies      
I like the quote from Uruguai's president, Jos Mujica: We just regulated an existing market.
12
beloch 2 hours ago 0 replies      
Up in B.C., I'd appreciate legalization with a "gondola" provision. i.e. Cannabis would be legal, but if somebody insists on lighting up on a ski gondola I'm going to be stuck in for the next ten minutes, I'm allowed to toss him out if there's a nice soft snow-bank to aim for.
13
alexhutcheson 1 hour ago 0 replies      
Reminds me of this interesting 2009 essay from Steve Yegge about the complexity of legalizing marijuana: http://steve-yegge.blogspot.com/2009/04/have-you-ever-legali...
14
blah32497 5 hours ago 3 replies      
I'm all for legalization, but my concern would be that now gangs will grow pot in Uruguay to export to neighboring countries. This may spark turf wars and the like...

Given the limits on how much you can buy at have, hopefully they can still tackle large operations

EDIT: Let me expand, because I think people are missing the point. There are drug gangs in the region that grow pot. After this law comes in to effect it suddenly becomes easier to do business in Uruguay. Wouldn't that be an incentive to move shop to Uruguay? It seems like if all the local countries don't sign up, then you're signing yourself up for trouble.

15
aaaahhhhh 29 minutes ago 0 replies      
I'm always surprised to see people arguing against legalization of any recreational substance.

If this is your stance, I'm curious, how old are you? (serious question)

16
anoncow 1 hour ago 1 reply      
Stop downvoting posts you don't agree with.
17
oakaz 1 hour ago 2 replies      
http://www.magnumphotos.com/C.aspx?VP3=SearchResult&ALID=2K1...

See the heroin addicted family photo first, then make your freedom speeches.

18
nwatson 3 hours ago 0 replies      
A side effect: the sale of the tasty "chivito al plato" will soar (look it up).
19
gclaramunt 5 hours ago 2 replies      
My bet is just a lab test for Monsanto's GM cannabis. We're already a big exporter of GM soy
20
squozzer 1 hour ago 0 replies      
US invasion imminent.
21
thesimpsons1022 4 hours ago 0 replies      
see weed is bad. it turns you into north korea.
22
andyl 4 hours ago 6 replies      
I've got addicts and alcoholics in my family. My cousin died from overdose. I've got close friends who killed themselves with drink. Lots of you do too.

Exciting times? IMHO, the last thing we should celebrate is new ways to get a buzz on.

There should be more discussion about how to minimize the incredible damage caused by drugs and alcohol.

3
NSA uses Google cookies to pinpoint targets for hacking washingtonpost.com
157 points by mikecane  5 hours ago   63 comments top 13
1
Smerity 4 hours ago 5 replies      
There are two primary issues here: the prevalence of Google Analytics and the unencrypted nature of the majority of websites.

Google Analytics is on a substantial proportion of the Internet. 65% of the top 10k sites, 63.9% of the top 100k, and 50.5% of the top million[1]. My own partial results from a research project I'm doing using Common Crawl estimates approximately 39.7% of the 535 million pages processed so far have GA on them[2].

That means that you're basically either on a site that has Google Analytics or you've likely just left one that did.

If the page you're on has Google Analytics and isn't encrypted, the Javascript request and response is in the clear. That JS request to GA also has your referrer in it, in the clear.

The aim of my research project is to end with understanding what proportion of links either start or end in a page with Google Analytics. If it starts with Google Analytics, your present "location" is known. If the link ends with Google Analytics, but doesn't start with it, then when you reach that end page, the referrer sent to GA in the clear will state where you came from.All of this is then tied to your identity.

If people are interested when I get the results of my research, ping me. I'll also write it up and submit it to HN as it would seem to be of interest.

[1]: http://trends.builtwith.com/analytics/Google-Analytics

[2]: http://www.youtube.com/watch?v=pkoIUmP5ma8 GA specific results at 1:20)

3
suprgeek 4 hours ago 2 replies      
A perfect reason to NOT let Google own all layers of the stack between you and the internet (or indeed the real world).

Search - Check (goog.com)

Mail - Check (Gmail)

Browser - Check (chrome)

Devices - Check (Android/Chrome books)

Websites - Check (Double click/AdMob, Unknown number of other companies)

Google Analytics - Check

Your DNA - Check (23&Me)

Cars - Check (self-driving cars)

I am probably missing large chunks of tracking even with this list.

Where do you draw the line so that organizations like Google do not handover (willingly or inadvertently) our life to NSA, GCHQ, ASIO, CSIS & whatever New Zealand's Intelligence spooks go by, on a platter?

Heterogeneity - Make the buggers at least have to work a little bit to invade your privacy.

4
cromwellian 4 hours ago 0 replies      
Don't even need cookies if you have JS enabled (https://www.eff.org/deeplinks/2010/05/every-browser-unique-r...) Without JS and with HTTP headers alone, you might be able to reduce entropy by using Geo-IP.
5
drawkbox 19 minutes ago 0 replies      
So not only are businesses like cloud services, video games and messaging/devices affected by anti-business NSA trust breaches. But now we have the advertising industry that is going to be affected by the anti-privacy and anti-business practices of over the top spying on individuals. If any private company was doing this there would be legal issues.
6
gress 4 hours ago 3 replies      
So all that paranoia about being tracked by Google... wasn't paranoid at all.

Yes, I know Google likely didn't cooperate in this, but they built a giant tracking engine, so it's not surprising to see it repurposed.

7
gorhill 4 hours ago 2 replies      
What a coincidence... I was just a few seconds ago, before taking a break to read HackerNews, investigating an issue with a Chromium blocker (https://github.com/gorhill/httpswitchboard/issues/79#), and was puzzled finding that the `pref` cookie of `.google.ca` changed every single time the tab of the page lost focus. Even went to Google privacy page to understand what this cookie did, with nothing in their statement that could explain this. Now this?
8
gress 4 hours ago 0 replies      
Also, it's worth pointing out that the tracking isn't for search. It's for more profitable advertising.
9
chroem 4 hours ago 1 reply      
Hah, the joke is on them: I browse with cookies disabled.

Of course, I'm sure they have some other way to pwn me, but it's nice to know that I was doing something right.

10
judk 2 hours ago 0 replies      
Is there a way for mobile browsers to block analytics cookies JS , a la ghostery and adblock?
11
bottled_poe 4 hours ago 5 replies      
In my opinion, browsers should block all third party website content by default. Yeah, I know, the interwebs will break if they actually did this. Well perhaps someone should come up with some kind of website quality rating which indicates that a site can be viewed withing worrying about the prying eyes of FaceBook, Google, Twitter, LinkedIn, etc.
12
timbro 17 minutes ago 0 replies      
No website has to have Google track their users. If you do it, you choose to do it (you're disrespecting your users).

You can get your open-source and locally running web analytics here: https://prism-break.org/

13
timbro 20 minutes ago 0 replies      
> it lets NSA home in on someone already under suspicion

Like OWS protesters, for example.

4
Obscure C++ Features madebyevan.com
35 points by DmitryNovikov  2 hours ago   12 comments top 5
1
wyager 14 minutes ago 0 replies      
Every time I read about obscure C++ features, the more I'm convinced that the language needs to be torn down and rebuilt from scratch.
2
taspeotis 1 hour ago 1 reply      
This one [1] surprised me.

Q1: Is the following code legal C++?

    string f() { return "abc"; }    void g() {        const string& s = f();        cout << s << endl;    // can we still use the "temporary" object?    }
[1] http://herbsutter.com/2008/01/01/gotw-88-a-candidate-for-the...

3
kenrose 36 minutes ago 2 replies      
The function try blocks is new to me. It's actually kind of elegant (for C++). Granted, the reason I've probably never encountered it in the wild is that there are probably very few scenarios where you have a member in the initializer list where you want to handle an exception on initialization. If you were trying to handle an exception of an instance variable initializing, most people would just move that member to the constructor body (e.g., if you have a pointer). The only time this would be useful then is for members that don't have default initializers (e.g., a reference).
4
eonil 38 minutes ago 0 replies      
I couldn't even imagine something like ref-qualifier and function as template parameter.
5
kalimatas 57 minutes ago 3 replies      
I knew about the first sentence, but the second really obscure.

    Accessing an element of an array via ptr[3] is actually just short for *(ptr + 3).     This can be equivalently written as *(3 + ptr) and therefore as 3[ptr], which turns out to be completely valid code.

5
An Engineers guide to Stock Options alexmaccaw.com
496 points by olivercameron  13 hours ago   124 comments top 32
1
grellas 10 hours ago 7 replies      
Really nice write-up explaining stock options. A few added thoughts sparked by some of the comments already made in this thread and otherwise:

1. The value of options is inextricably linked to tax and you need to understand the tax basics in evaluating the economic risks and benefits of holding and exercising any kind of option. With NQOs, you are taxed on the spread as ordinary income on the date of exercise (meaning, on the difference between what the stock is worth and what you pay to exercise). With ISOs, the value of the spread becomes subject to AMT and you can wind up paying large taxes that way in spite of the supposed tax benefits of ISOs. The way to avoid having a large spread subjecting you to such tax risks is to exercise as early as possible before the company value goes up much but you then need to take the economic risk associated with having to pay hard cash for stock whose long-term value is highly uncertain. Moreover, early exercise is not possible if your options haven't vested unless you specifically get an early exercise privilege as part of your grant. With an early exercise privilege, and particularly if the grant is made for a bargain price, you can early-exercise, file an 83(b), and (as long as you hold the stock for at least 2 years) get the equivalent of a restricted stock grant by which you pay no further tax until you eventually sell the stock at a liquidation event. In that case, you are also taxed at the lower long-term capital gains rates. Of course, in the early-exercise scenario, you do not get to bypass vesting and your shares remain subject to their original vesting requirements and can thus be forfeited in whole or in part if those requirements are not met. But early exercise does provide an elegant solution to most of the tax risks associated with options provided you are willing to assume the economic risks of paying for the stock up front.

2. Other than the early-exercise scenario, 83(b) elections are not required for option grants. Under 83(a) of the Internal Revenue Code, any service provider who gets property in exchange for services is taxed at ordinary income rates on the value of the property received. For example, if you do work for a startup and are paid in stock when you complete the deliverable, you are taxed on the value of the stock received. You are taxed on the value of that stock as it exists as of the date you receive it in payment for such services. So, if you do development work tied to a milestone, and you meet that milestone, and you get 100,000 shares for the work, you would be taxed on, say, the $1.00/sh that the stock is worth on the day six months or a year (or whatever) out when the milestone is met, and not on the $.01/sh that it was worth when the contract terms began. In contrast to this performance-based form of incentive, let us say that you get a time-based incentive by which you buy the stock up front for a nominal price but you must earn it out over time. With such a time-based performance incentive, which is what is called "restricted stock", you own the stock up front and you pay no tax at the time of purchase in the normal case where the amount you pay for it equals its fair value on the date of the grant. Because the stock must be earned out as part of a continuing service relationship, and is hence subject to a "substantial risk of forfeiture", there is a very important technical question under section 83(a) on what the date is on which you are deemed to have received the stock in exchange for your services. Well, the default rule under 83(a) is that you receive it on the date it is no longer subject to a substantial risk of forfeiture and that then becomes the relevant date on which the value of the stock is measured for purpose of computing the taxable service income on which you must pay tax. So, if you get your 100,000 share grant at $.01/sh, and you pay $.01 share, you pay no tax at inception. But, as that grant vests at, say, a monthly ratable rate over four years, the IRS treats you as having received 48 separate grants (one each month) over the four-year period. Thus, at each vesting point, you are treated as having received property in exchange for services under 83(a) and you pay tax on the difference between the value of the property received and what you paid for it. If you paid $.01 per share, and if the stock is worth $1.00 at a given vesting point, you realize $.99 worth of taxable income per share. In a venture whose value is rising quickly, in the absence of any saving mechanism, you might have as many as 48 separate tax hits (basically, having to pay tax on the difference between what you paid for your grant and the 409A valuation price placed on the common) just for the privilege of holding a piece of paper that may or may not ever have an ultimate cash value of any type. It is in this type of scenario, and only here, that 83(b) comes into play by providing that, in lieu of having to suffer under the default rule of 83(a), you can elect to pay all taxes up front on the grant and not be subjected to the often onerous workings of the default rule. This means that, for an 83(b) election even to be relevant, you must first own your stock (or other property) and that stock or property must be subject to a substantial risk of forfeiture. If you hold only an unexercised option, you do not yet own the stock and it is not subject to forfeiture (hence, 83(b) is not relevant). If you do an early exercise, though, and get stock under terms where it must still vest out and can be forfeited, then 83(b) does apply. But that is the only case normally where it becomes relevant at all to options.

3. Options really shine when they wind up on a level playing field with the preferred stock and they tend to dim commensurately to the extent they do not. Optimum case is IPO when all stock is (typically) forced to convert to common prior to the public offering and, thus, all shares participate equally in the benefits. This can happen too in big-scale M&A exits but a drop-off occurs on lesser ones in at least two ways: (a) where the total acquisition price is largely gobbled up by the liquidation preferences and/or management incentive plans; (b) where an acqui-hire occurs in which a few founders get a disproportionate share of the total value through employment arrangements made on the other side of the deal.

4. Given all of the above, and given that IPOs remain at far below the old bubble levels in frequency, it can be risky to lay out any excessive cash to exercise at any time before a liquidity event. Too many things can happen by which a seeming "sure thing" winds up evaporating before your very eyes, leaving you with no more than a pretty lousy capital loss that you get the privilege of deducting at the rate of no more than $3,000 per year unless you can find other capital gains to offset it against.

5. The 90-day tail for exercise upon termination of a service relationship applies only to ISOs and not to NQOs but, of course, ISOs have other advantages and they are what is typically offered in VC-backed ventures. In other types of ventures, where the company value is already somewhat high at the time of grant, I have seen executives bargain for and get NQOs with long exercise periods following termination just to have the flexibility to leave the venture if needed without being forced to forfeit the options.

6. In light of all of the above, having to pay an angel backer 25 or 30% of your gains to provide you with a risk-free exercise in an otherwise high-risk situation may be worth it even though the cost seems high on its face. It is a matter of preserving some decent part of your potential upside while giving up the rest to make the upside potential even a possibility for you given the tax risks involved. If IPOs come back strong some day, then you may be giving up too much at such a cost because they are the great leveler when it comes to weighing the value of options against other forms of equity holdings. Until that day comes, however, options remain a valuable but relatively high-risk way of deriving value from a startup if you need to part with any significant cash (either for the purchase or for the associate tax) for the privilege of hoping to profit from a startup. Again, for those who need to weigh their choices, this piece provides great insights and stands head and shoulders above the typical discussion of such issues. Great work by the author in making an otherwise dry and even formidable subject pretty accessible.

2
JshWright 11 hours ago 3 replies      

  I like thinking about shares as a virtual currency.  Shareholders are speculating on that currency, and  the company is trying to increase its value. Companies  can inflate or deflate this currency depending on  their performance, perceived potential or by issuing  new shares.
I consider myself a fairly smart person, who had a reasonable grasp on the basics of financial markets, currencies, etc. That simple paragraph just triggered a huge light bulb moment for me. It's suddenly a lot easier to reason about stocks, etc, than it was 5 minutes ago...

3
nwatson 11 hours ago 2 replies      
I've "pre-exercised" before, with a meaning different from what's depicted here in the article.

In the "pre-exercise", I was able to exercise the stock before I'd vested in it, with the understanding, of course, that the company would buy back my unvested shares at the exercise price if I left the company before vesting all the options.

The disadvantage, of course, is that you pay for your stock up front, and will lose all or most of the money if the company doesn't pan out.

There are several advantages ...

Advantage: the price you exercise at is near the fair-market value of the Common Shares you purchase (and haven't yet vested in), so there's no immediate gain and so no immediate short-term gain tax consequences. You need to make sure to file an 83(b) form so you're telling the IRS you're paying your $0 tax up front, rather than monthly as your stock vests. (The disadvantage with the latter is that the difference between what you paid and what your stock is worth as it vests could be huge, and there's no way to liquidate your stock to pay that tax.) (There's also something about AMT in here, I'm kind of fuzzy, but I think consequences can be the same.)

Advantage: your long-term capital gains clock starts ticking the day you buy the stock, even though you bought before any of it vested. When, three years down the road, you can liquidate your stock in that acquisition or IPO or secondary-market sale, you already purchased your stock three years ago, and pay only long-term gains. Otherwise, you'd buy the stock and sell on the same day, with the gains considered as short-term-gains/income rather than long-term gains.

My personal outcome with pre-exercised stock: worked out OK twice, lost all my pre-exercise once, but overall I came out ahead on taxes even with the loss. YMMV.

What the article says is "pre-exercise" is just an "exercise" -- you vested the stock, you have every right to purchase it even though the company's stock isn't yet liquid. The problem, of course, is that you may have a huge gain and no way to pay for taxes on that gain.

(Edit: note about AMT, clarification.)

4
snorkel 10 hours ago 1 reply      
Here's the short version. Sell. Sell it all. As soon as you are legally allowed to, sell. Sell all of it. Taxes and maxes blah blah blah just sell it, take the cash, and be thankful.
5
vikas5678 10 hours ago 3 replies      
Is it odd that almost every startup I or my friends have interviewed with refuse to answer the "number of outstanding shares" question? Have others had similar experiences?
6
mseebach 9 hours ago 1 reply      
What is the exact mechanism for "golden handcuffs"? Can the company prevent a vested option holder from exercising and then selling the shares to a secondary market investor immediately (offering them to the company for first refusal, obviously)? In that case, can't I just line up a secondary market investor, borrow the cash to exercise, sell, repay the loan and thus get out of the handcuffs?
7
arielweisberg 12 hours ago 5 replies      
I thought 83(b) only helps with RSU grants? For ISO grants I thought you can't do an 83(b) election?

Can anyone clarify?

8
joosters 10 hours ago 3 replies      
Quick question: Why should a company give share options to employees, and not plain old shares? Is this just because it's better tax-wise for the company?
9
dlevine 10 hours ago 0 replies      
You didn't mention the difference between nonqualified (NQSO) and incentive (ISO) stock options. The difference is key.
10
dmourati 2 hours ago 0 replies      
Read Venture Deals by Brad Feld. It will make you more knowledgeable then 99.9% of all the people in venture funded companies and put you on the level playing field with the VC's.
11
gesman 7 hours ago 1 reply      
Red flags (from personal experience):

- "We will give you a big share of our (of-course-soon-to-be-facebook-or-google) company (15%+ in stock options) if you'll agree to work for us for close-to-nothing".

- Senior officers starting leaving the company one by one.

- Senior officers giving small promises that have tendency not to materialize.

- Senior officers do not have any/good exit track record. Opposite would be a green flag.

12
bsirkia 12 hours ago 2 replies      
Can you talk a bit more about the dilution an employee should expect if the company completes more funding? That could have a serious impact on your shares. Who usually gets diluted first? Founders? Previous investors? Employees?

If you're an employee that received options and the company is doing another round of funding, should you be worried or on the front foot about finding out what will happen to your options?

13
willvarfar 9 hours ago 0 replies      
And here's a nice guide from way back in 2004: http://www.ftpress.com/articles/article.aspx?p=170920

What's interesting is that this chap Ivan Goddard is doing the Mill processor, and that has an interesting company structure; OotB has an agreement to incorporate, and they keep renegotiating it. He explains this in this talk: http://www.youtube.com/watch?v=Bxga49vukQ8

14
unreal37 4 hours ago 0 replies      
I'm waiting for the day in the near future when an article on stocks begins with "Stocks are a lot like Bitcoin..."
15
mfkp 12 hours ago 0 replies      
Very interesting - I was unaware of the financing options until I read this article. Seems like it could be a good idea if you're unsure if the company will be successful long-term, a way of hedging your bet. Though I would hate to give up 20-25% of the potential upside, I'd consider this if I was on the fence about exercising my options.
16
sarah2079 11 hours ago 1 reply      
This is very helpful, thanks. I was very surprised when I first learned that AMT will cause you to owe tax on your gains when exercising options, even if they are only on paper. (If the company is public or there is a private market, fine, but it is incredibly inconvenient to be taxed on something for which there is currently no market). This is an area where it can really pay to plan ahead.
17
kylelibra 11 hours ago 3 replies      
Is there a good formula for figuring out taking a lower salary in exchange for options? For example:

.

Current Salary On Open Market = X

Startup Salary = Y

Option Value Today = Z

.

4(X) = 4(Y)+Z(2)

this is obviously the big IF, if people are saying think of it as windfall, maybe 1.5??

18
yogin 2 hours ago 0 replies      
Thank you for this, I have to admit I've been quite confused about this for some time. Great explanation, it finally makes a lot more sense to me!
19
tejay 8 hours ago 0 replies      
What about profit-sharing instead of options/warrants/shares?

We've found that it dampens the 'build-to-flip' mentality and lets us all enjoy the fruits of our labor while we're building the company, not afterwards =).

20
brosco45 10 hours ago 0 replies      
They are like lotto tickets, mostly worthless, some are worth a lot.
21
throwawayy123 9 hours ago 1 reply      
If I decide to leave a company in which I have partially vested stock options, would it be okay to ask my employer (or anyone else in my company) if they would be interested in buying the options off of me at the current valuation (EG, last amount of money raised)? Is something like this common, or would I get laughed out of the room?

Similarly, how liquid are markets like Second Market in terms of liquidating option value at a startup that's raised multiple rounds of funding but has yet to exit or IPO? Are there angels (or networks of angels) that buy small amounts of pre-exit equity?

22
egometry 8 hours ago 0 replies      
Pretty god. I've been recommending David Weekly's short e-book on this matter for years... specifically as mandatory reading for engineers taking their first or second job.

Learn from our mistaaaaakes!

http://www.amazon.com/Introduction-Stock-Options-David-Weekl...

23
7Figures2Commas 11 hours ago 1 reply      
There's some valuable information here, but a lot of detail is lacking. For instance, the post does not distinguish between incentive stock options (ISOs) and non-qualified stock options. The tax treatment is quite different.

More importantly, technical details aside, I think it's important for a prospective employee to make some strategic decisions about equity up front.

The author writes:

> If the company seems reluctant to answer these questions, keep pressing and dont take no for an answer. If youre going to factor in your options into any compensation considerations, you deserve to know what percentage of the company youre getting, and its value.

And in the next paragraph he writes:

> Id be wary of compromising on salary for shares, unless youre one of the first few employees or founders. Its often a red flag if the founders are willing to give up a large percentage of their company when they could otherwise afford to pay you. Sometimes you can negotiate a tiered offer, and decide what ratio of salary to equity is right for you.

You can't have it both ways. If you focus on equity (by demanding that the company divulge detailed information about its share structure), you are sending the signal that equity is just as important or more important than salary, and thus opening the door to a negotiation that contemplates a trade of equity for salary. Precisely the thing that you want to avoid!

Unless equity is expected to be liquid in the near future (i.e. you're at a company expected to go public in the near future), an equity-focused negotiation is more likely to benefit the prospective employer than employee.

24
dsri 10 hours ago 0 replies      
>> You can think of a stock option as a Future.

You probably shouldn't, as they are distinct terms. A futures contract obliges you to make the transaction on the specified transaction date, whereas an option gives you the option to do so.

25
michaelochurch 12 hours ago 4 replies      
Two corrections:

1. OP says: Once youve cliffed, you have the right to buy shares in the company.

"Cliffing", when used as a verb, refers to firing someone just before the cliff-- not an employee achieving it. It's something you'd rather avoid.

2. If the company isn't publicly traded, you should ask to see the cap table. If you're employee #30 and your share is 0.05%, that might be fair if it's a biotech that has already taken a $100M infusion from the venture capitalists (who'll typically take 90%, in that case). For a web startup, it's terrible. You need to know how much equity the investors, executives, and employees at various levels have, so you can evaluate your likelihood of getting an improvement if you perform well. Without the cap table, you don't know enough about the startup to decide whether to take a job there.

26
djm_ 10 hours ago 1 reply      
Does anyone have any UK specific advice considering stock options? ..and how does it affect things if these are offered to a contractor and not a FT employee, is that even possible?
27
elwell 8 hours ago 1 reply      
What if you're too lazy to exercise your share?
28
hafichuk 11 hours ago 1 reply      
Any advice if the company is already public and they are offering stock options as part of the compensation package?
29
puppetmaster3 4 hours ago 0 replies      
lol, none of this matters. the terms are, what the terms are, you can just try to get more shares and more $.
30
anon_nsotax 8 hours ago 2 replies      
Can someone comment on determining fair market value of a private company?

I exercised NSO stock options of a private company after being vested for a year. Everything I read indicates I need to declare the spread of current FMV with the value of the option grant date. How do I determine the current FMV if their is no market though?

31
lmartel 9 hours ago 0 replies      
Super irrelevant--unless you're trying to say that employees should never strike their options, which is probably not good advice.
32
antimora 12 hours ago 0 replies      
Taxes can be tricky depending what type of stock options you have. This recently found document tries to point out several strategies:

THE STOCK OPTION TAX DILEMMA FACED BY PRE-IPO COMPANY EMPLOYEESBY BRUCE BRUMBERG, ESQ.,MYSTOCKOPTIONS.COM EDITOR-IN-CHIEF AND CO-FOUNDER

https://welcome.sharespost.com/system/resources/BAhbBlsHOgZm...

6
US Fails To Close TPP Deal As Wikileaks Exposes Discord forbes.com
124 points by shill  7 hours ago   28 comments top 6
1
dil8 6 hours ago 3 replies      
Hard to believe that these talks are conducted in secret behind closed door. It is quite clear the some of the proposals are strictly designed to serve powerful interest groups. Great work by Wikileaks to put this in the public arena.
2
nate_meurer 2 hours ago 2 replies      
I didn't know that the one of the things we (the U.S.) are pushing for is patents on surgical procedures. The mind boggles. And then it fucking explodes.
3
rodgerd 4 hours ago 1 reply      
For the US, failure is a feature, not a bug.

The TPPA started as a deal between a variety of east Asian and Pacific nations in what the US regards as its back yard. The last thing the US wants is China becoming more cosy with US dependents such as New Zealand, Australia, or the Philippines. For the US, joining the deal, and then forcing it to either confirm to US wishes, or breaking it entirely are much, much better options than losing influence in the region.

4
RexRollman 5 hours ago 1 reply      
What kills me is that they want copyrights to be extended again. Copyrights are already last too long as it is.
5
jonathanwallace 5 hours ago 2 replies      
Everyone knows coupling is bad. Why couple the laws of such disparate cultures into one big ball of mud?
6
coldcode 5 hours ago 0 replies      
The more open the debate the less likely the US can dictate to the rest of the world.
7
Sharking: High-Rollers in the Crosshairs f-secure.com
9 points by sdoering  45 minutes ago   discuss
8
Nokia moves ahead with plans for a low-end Android handset arstechnica.com
20 points by shawndumas  2 hours ago   21 comments top 5
1
clumsysmurf 1 hour ago 7 replies      
"According to the report, Nokia plans to fork Android to fit its purposes, similar to the approach used by Amazon."

No, please no !!!

We have the Amazon fork; various Chinese forks; and now a Nokia fork ?!?

I think this damages the Android brand. The way Google has been consolidating functionality into Play Service is a direct move against this kind of thing, whatever they say about open source being good.

Whats the point of this? Samsung is making most of the profits from Android. They dominate the high end Android phones with LG in second if I recall. On the low end, there is a slew of junk but some interesting and very capable devices like the Moto G (as far as I can tell, it could only use a better camera and build quality).

Are they attempting to compete with the Moto G and future Google/Moto devices targeted at this space, presumably as Google lets other OEMs have the high end, using their own fork and ecosystem?

Maybe they should do Plan B with Ubuntu Touch and/or Firefox OS

2
rurounijones 1 minute ago 0 replies      
3 years too late.
3
nivla 1 hour ago 1 reply      
This is going to be interesting to watch since Nokia now belongs to Microsoft. I wonder if this is a tactic by Microsoft to tackle Google on their own turf. Atleast its better than those embarrassing Scroogled campaigns. No matter what it turns out to be, at the very best it will give the Open Handset Alliance some competition.
4
afsina 37 minutes ago 0 replies      
I say not gonna happen. MS bought Nokia, why submit to Android? Nokia will not pay OS licenses anyway.
5
Kuytu 1 hour ago 3 replies      
Microsoft wants to sell Windows Phones using Microsoft brand. How would developing Android handset and selling it under Nokia brand help that cause? It could be interpreted as lack of faith for their own platform.

Would Microsoft do it just to get time to convert Nokia customers to Microsoft customers? Seems unlikely to me.

9
EFF has 2x matching donations until Dec 17th eff.org
192 points by yincrash  11 hours ago   19 comments top 10
1
airlocksoftware 10 hours ago 1 reply      
Very cool of the people doing the matching donations. I'm always happy to do anything I can to help the EFF. But now, more than ever, it feels like they might be our best chance to avoid dystopia.

But considering the size of the tech industry and the amount of money the internet / technology is making all of us, I'm sometimes surprised by how small the EFF is. Does anyone have any thoughts on why the EFF isn't larger and better funded like most other industry groups?

2
tofof 9 hours ago 1 reply      
This is not 2x matching. This is just plain and simple matching. You donate 50, they get a total of 100 - 50 from you, and 50 from the donor.

Yes, the total amount they receive is 2x, but the matched amount is 1x.

I sound pedantic but it's because this is in stark contrast to the Internet Archive's "3x matching" through the end of the month, in which if you donate 50 they receive a total of 200, because the matching amount is triple - 3x - what you donate.

3
mdaniel 10 hours ago 3 replies      
I realize this might sound like a First World Problem, but I typically donate to my charities and organizations early in the year. Then things like this pop up and I have to weigh the opportunity cost of not donating while my power will be doubled against the feeling that I've already given a chunk of change.

I guess in the end, I'll probably cave and donate again because I think the EFF is very important, but I wonder what thoughts others have on this situation?

4
01Michael10 10 hours ago 0 replies      
I have donated to them indirectly many times over the years but this Xmas going to become an official EFF member. F*ck you NSA!
5
diminoten 53 minutes ago 0 replies      
I wish there were more options besides the EFF who supported the myriad of causes the EFF works towards.

Their treatment of CISPA was not, however, something I can stand to support, and for this reason I can't justify giving them money until they soften their hardline stance substantially.

Their "call to arms" press release was rife with doublespeak and inaccurate interpretations of the proposed bill, and it felt like there was some kind of ulterior motive at play for them to never be satisfied with concessions and changes to the bill text.

I get this sense that the EFF basically says, "no!" to every bill coming from congress that has anything at all to do with the Internet, and that's just not a useful way to run an advocacy group.

I support a free and open Internet (seriously, who doesn't around here?) but I would rather codify that in US law than sit around and wait for the FCC to fine Comcast. If congress can't touch the Internet, then they can't protect it, and I'm afraid the EFF would find itself on the wrong side of an open Internet if congress tried.

6
susi22 9 hours ago 0 replies      
I know my comment has little to do with EFF, but if you feel generous also consider donating to Give Directly. Goodventures will match every dollar for them until Jan 31st:

http://www.goodventures.org/research-and-ideas/blog/our-givi...

7
vinhboy 10 hours ago 0 replies      
Donating with my bitcoins! I hope they remember to send me a t-shirt this year.
8
terrik 4 hours ago 0 replies      
Donated. This is a great way to help the EFF, and even a small donation can go a long way.

You can also help the EFF non-financially at their Action Center: https://www.eff.org/action

9
kfarzaneh 8 hours ago 1 reply      
This is great! Too bad they sold 2,800 of their 3,500 BTC in 2011: http://philanthropy.com/article/Can-Nonprofits-Benefit-From/...
10
notdarkyet 8 hours ago 1 reply      
Maybe I am missing something but who is doing the matching? Is it the group of people on the bottom right?
10
Simulations back up theory that Universe is a hologram nature.com
181 points by ForHackernews  11 hours ago   96 comments top 23
1
crazygringo 9 hours ago 7 replies      
1) What the heck do they mean by a hologram? The analogy here baffles me. Is this just a layman's analogy, or does this actually mean something scientific?

2) Anybody have any suggestions on a high-quality layman's explanation? I finished reading Feynman's QED the other week, and loved it, and was wondering what the closest might be for string theory.

2
Sakes 9 hours ago 1 reply      
They took two different universe models, neither of which match the one we live in, and mathematically produced the same black holes. The key differentiators being that one universe has gravity and multiple dimensions while the other has no gravity and 1 single dimension.

While the article likes to take a logical leap and assume this supports the theory that our universe is a hologram, what was actually proved by this numerical experiment is eloquently explained in the article's quoting of theoretical physicist Leonard Susskind.

"They have numerically confirmed, perhaps for the first time, something we were fairly sure had to be true, but was still a conjecture namely that the thermodynamics of certain black holes can be reproduced from a lower-dimensional universe"

- Leonard Susskind

3
derefr 10 hours ago 1 reply      
So, the naive way I'm reading this might reduce to this lie-to-children analogy:

"You have a 2D layout of memory cells on a RAM chip (strings), which store the representation of a 3D universe. From within our 3D universe, we can tell that we're actually stored on a 2D medium by the way we see the effects of interactions between things in our 3D world that are distant in 3D, but stored on 'neighboring' memory-cells."

Anyone who knows enough about this to tell me how far off-base I am?

4
tlarkworthy 10 hours ago 1 reply      
I have lead loads of these physics theory of universe things and I am none the wiser about anything in the field. Might as well say "Physics have shown we are an electronc's imagination in 7.5D space like a windy coral on an orange Tuesday"
5
damon_c 10 hours ago 1 reply      
I have found this Leonard Susskind lecture to come closest to answering the question of "why would anyone even suggest such a thing?" about this subject:

http://www.youtube.com/watch?v=2DIl3Hfh9tY

6
ck2 10 hours ago 1 reply      
So basically they are saying we are a 3D projection (extrapolation) of a 2D source?

Can we do anything useful with that like FTL space folding?

7
richardjordan 10 hours ago 0 replies      
Of course this isn't helpful to the layman who thinks of holograms as things they get on a card in a cereal box.
8
herbig 10 hours ago 1 reply      
But not in the Matrix sense, as I was lead to believe from the title.
9
analog31 4 hours ago 0 replies      
Something puzzles me about the hologram analogy.

A hologram seems totally garbled, and is "played" by projecting it in a particular way so that we see an image of the original object.

In contrast, our 4-d world doesn't seem garbled to us at all, and there is no way to "play" it and see an image of a higher dimensional world.

10
anentropic 9 hours ago 1 reply      
I don't see explained anywhere what causes them to make the leap that, because the math of holographic theory works, the universe 'is' a hologram. Doesn't it just mean that they've found a way to convert between two abstractions?
11
apalmer 9 hours ago 0 replies      
So basically they are showing that a simple model exists that gives the same results as a more complex model? I mean the article seems clear that neither universes they modeled was actually the same as ours... so i dont get the significance.
12
glifchits 1 hour ago 0 replies      
Hmm, now wasn't there a commentary article on HN earlier today about how papers in Nature (et al.) are sensationalized?
13
diminoten 10 hours ago 0 replies      
Wait, I don't understand.

So there's the "flatland" where strings "live" and interact without gravity, and when these strings interact in this flatland the side-effects of those interactions are the 10-dimensional space we observe?

14
garraeth 8 hours ago 0 replies      
I'm a huge Susskind fan. One of the coolest books I've read was his "The Black Hole War". And he's got tons of his lectures (full lectures from Stanford) on YouTube -- so if you're curious you can hear it straight from him.
15
easy_rider 10 hours ago 0 replies      
I swear I've read this somewhere else before..http://en.wikipedia.org/wiki/Holographic_principle
16
mVChr 6 hours ago 0 replies      
Excitement builds as more of the article is read until near the end...

> Neither of the model universes explored by the Japanese team resembles our own, Maldacena notes.

...way to hide the disclaimer guys.

17
tomrod 5 hours ago 0 replies      
Could we use these observations to increase storage density of data?
18
ygmelnikova 7 hours ago 0 replies      
..who (God) stretchest out the heavens like a curtain. - Psalms 104:2 (pre 537 B.C
19
davidbielen 9 hours ago 0 replies      
there are much simpler theories that unite gravity and quantum physics, without going into 'matrix-mode': http://www.sciencedaily.com/releases/2013/12/131205142218.ht...
20
0xdeadbeefbabe 9 hours ago 0 replies      
I was confused till I read the comment by uncle Al, and that didn't help either. He's talking some science pidgin.
21
avaku 5 hours ago 0 replies      
I knew it!
22
jasonlfunk 10 hours ago 1 reply      
What would it even mean that the universe is a hologram? Wouldn't it imply some sort of holographic projector?
23
Demiurge 10 hours ago 2 replies      
I wonder if I would age faster or slower in the universe rewritten in Go?
11
The Criminalization of Everyday Life tomdispatch.com
359 points by mankypro  15 hours ago   261 comments top 38
1
dmix 12 hours ago 11 replies      
I wish people would move beyond 1984 and quote more Foucault's Discipline & Punishment [1]. There is a much deeper-rooted problem in society than mass surveillance or militarization of police. It's the question of why we all let this happen without any resistance. We accept and welcome our controllers. Foucault wrote about the effects of prisoner mindset in society in the 1960-70s. Our subjugation and tolerance to authoritarianism is very widespread and not limited to just police.

We're not just afraid to be anti-authoritative, we're institutionalized since our birth in schools and the concept of control is in embedded in every aspect of life (such as in language found in politics, school work, or newspapers).

Mass-surveillance is just a more direct implementation of "panopticon" [2] applied to everyday life, existing at all times. Having committed a crime is no longer the requirement to be imprisoned, whether physically or mentally.

http://www.amazon.com/Discipline-Punish-Birth-Prison-Vintage...

https://en.wikipedia.org/wiki/Panopticon

2
crazygringo 13 hours ago 5 replies      
I can't say I'm exactly surprised. If you ran a police department, you're not about to turn down a free tank -- I mean, how cool is that, toys for the boys?!?!

What's bothersome is that a police department is allowed to do this. That DoD rules don't prohibit selling/giving military equipment to police departments. That state legislatures don't prohibit it. A police department, like any organization, is always going to amass all the power/capability it can. Where are the people who are supposed to be limiting and regulating it?

3
MrZongle2 13 hours ago 5 replies      
When I read something like this, I always think back to when I would see some tinfoil-hat type ranting on Usenet 20 years ago about the growing surveillance/police state in America. It was generally eye-rolling or unintentionally hilarious stuff.

What's depressing is that it's starting to look like they were right.

4
iambateman 13 hours ago 9 replies      
If every police station in the country is equipped with military-grade weapons and vehicles, what happens in the event of despotic leadership?

Suppose someone rises to power with little regard for legislative oversight and activates the sleeping military at home. It might start with a real (or faked) terror event coordinated across several major cities. It wouldn't take much at all, 5-10 cities, and suddenly:1. Internet & cell communications are shut down2. a national state of emergency is declared3. A curfew is issued4. Dissidents are squashed via a military police force with little recourse themselves.5. Everyone is required to have location-aware implants "for safety."

With a little fear, a government could take full, permanent control of their citizens via aggressive laws and more aggressive enforcers. Would it even take two weeks?

5
aestra 13 hours ago 2 replies      
WOW! The most shocking linked article is the kids who got arrested for waiting for the bus. They were excepted to plea bargain. That's right, the charges weren't dropped!!!!!!

edit the DA dismissed the charges but the police chief thinks the arrest was justified.

http://www.usatoday.com/story/news/nation/2013/12/04/charges...

Interview with the coach (he seems like a really nice guy):

http://www.infowars.com/kids-arrested-waiting-for-school-bus...

6
tedks 9 hours ago 0 replies      
This article is not about police tanks. (Even though it's horrifying that if the tanks were about to roll into America's equivalent of Tianeman Square, our American Tank Man would just be tasered, at best.)

This article is about the prison/police system becoming the fundamental axis of civil society. Schools are run like prisons, and increasingly with police presence. Minority groups are, as always, increasingly targeted for harassment and neutralization. If you get on the radar of the police state, you and your family will be hounded forever. If you are imprisoned, it's more likely than not that you'll be held in solitary confinement.

The article doesn't seem to answer the question I wish I knew the answer to -- how did we get here? What happened that made the United States this way? Was it always like this, behind the curtains, just a nest of HUAACs and J Edgar Hoovers?

Well, now the J Edgar Hoover of 2013 knows everything about everyone, he can arrest anyone for any reason at any time, and he can't be opposed by any means I'm aware of. That iconic picture of a hippy putting a flower in the barrel of a riot cop's gun could never happen today -- as soon as the hippy reached for the gun I'm sure his head would be blown off.

7
JonnieCache 13 hours ago 3 replies      
The fact that this is being instigated by the federal government makes me suspect that this is deliberate planning for the long-term consequences of american societal breakdown, for when the war on drugs isn't enough to control the ever-growing underclass anymore.

Does this kind of thinking still place me firmly with the tinfoil contingent?

8
marincounty 10 hours ago 1 reply      
I have felt we have too many laws and over zealous cops for some time now. I guess I'm old--I was born in 1972, but I can assure you; things were not like it has beenin the last twenty years. I started noticing a change in the late 80's and it's(a over regulated society, cops whoabuse the system) just gotten worse. If Jesus Christ reappeared he would most likely be arrested for indecency.Ticketed for fishing without license. Arrested for loitering. Arrested for holding an event without a permit.Ticketed for sleeping in someone manger, without written consent. It's really not funny when you get an expensive ticket for no reason. I have thought about this and a solution; tie all fines to income, and require all Cruisers to be wired with 24/7 cams. This is a good website, but I sometimes wonder if I just blowing smoke, and racking up clicks for a already Rich Dude? Some of these topics are so important they deserve their own webpage?
9
coldcode 13 hours ago 4 replies      
What a depressing article(s). Our reality is only going to get worse since there is little we can (or have the will to) do. At least in the Ukraine people are really contemplating change. Here we watch our football and our shows and fawn over celebrities and nothing changes.
10
VonGuard 13 hours ago 1 reply      
Appropriate, seeing as how Kent State is in Ohio, too. Clearly, they learned their lessons in Ohio: shoot students first, ask questions later.
11
ericthor 13 hours ago 0 replies      
>in an era of terrorist attacks on U.S. soil and mass killings in schools, police agencies need to be ready for whatever comes their way..."

There has always been terrorism in the United States.http://en.wikipedia.org/wiki/Terrorism_in_the_United_States

As well as mass shootings.http://www.motherjones.com/politics/2012/12/mass-shootings-m...

This current "era" isn't defined by the number or scale of these tragedies but by institutions' and the public's reaction to them. If we want to protect the lives and welfare of the average U.S. citizen our money and efforts would be better spent tackling some of the less newsworthy health issues.

http://en.wikipedia.org/wiki/List_of_preventable_causes_of_d...

Also the time frame of the Sandy Hook Shooting was extremely brief. The shooter was believed to enter the school around 9:30 the first 911 call was made at 9:35 and the last shot heard was at 9:40 and the police enter at 9:44. The MRAP and other military artillery obviously wouldn't have made a difference due to time frame of the tragedy.

12
CurtMonash 13 hours ago 1 reply      
"If you didn't do anything wrong, you have nothing to fear (at least from the cops)" is looking stupider every day.
13
mortyseinfeld 13 hours ago 2 replies      
This is probably more of "If we scare people by throwing around the terrorist word then we get to spend money, have cool new toys, and look badass".

It's pathetic, but it seems to work.

14
api 14 hours ago 1 reply      
This is a common way that a totalitarian state can be implemented on top of an apparent democratic republic: pass so many laws (and contradictory / complex laws) that anyone can be found guilty of something, then enforce the law selectively.
15
ctdonath 13 hours ago 1 reply      
Used to be military surplus stores would acquire military surplus and sell them to an amused and subsequently harmless citizenry. All that old equipment has to go somewhere; now such civilian possession is prohibited (even used Humvees (basically just off-road cars) cannot, by law, be sold to the public), it ends up routed to the only group legally allowed to have it and wants it: police. In the meantime, stores that sold military surplus have adapted by selling military-like knockoff gear, and would-be buyers are pumping money into the fast-growing "tactical gear" market.

Fact is, if all this military equipment were sold on open market, no harm would come of it. Used to be available and wasn't a problem then, and the rather large paramilitary equipment market isn't a problem now. Question is: why is the government so afraid of its own citizens possessing such gear?

16
mortyseinfeld 12 hours ago 0 replies      
This story reminded me of the Boston bombing and it's "lockdown" (read martial law). Didn't Boston have one of these APCs roaming the streets during its martial law. In that case it's really a show of force against the "civilian" population than to catch terrorists.

Why the hell does Ohio State need an MRAP. Are they going to actually tell us that the terrorists might roll in with tanks or APCs. Or maybe the terrorists will be running around with APCs in full combat? No.

Geez, is anybody even questioning these clowns about these acquisitions.

17
DanielBMarkham 13 hours ago 4 replies      
One of the underpinnings of the U.S. Constitution is the Bill Of Rights, one of which states "A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed."

People go bouncing off the wall around this issue as if it were one having solely to do with owning guns, but the real purpose is arranging the real power in the government. The people reserve and are ultimately responsible for the use of lethal force in the United States. They can delegate that power to the government for certain things, like a defense department or law enforcement, but at the end of the day, it's everybody carrying guns that are responsible for social order. At least that's the way it was set up.

As we've drifted away from that principle, by assigning more and more powers to the defense department and police agencies, (gun control is part of this but not the only part), those folks have quite naturally started viewing themselves as the privileged few to hold the power to make things go boom. Then we got rid of the volunteer military, further separating the mass of the population from the things carrying lethal force.

So nowadays, if you want to become a specialist in the application of power tools to destroy people and things, you pick one of a few different career paths and become one of the chosen few. This is a VERY recent development. Not 50 years ago it was commonplace to know people who could operate machine guns, explosives, and drive tanks around. To those folks, cops were just another working Joe like them except they wore a badge. On the other side, cops viewed the population as a trained asset to have and use in time of crisis. It was not unusual to consider gathering up as many armed men as necessary from an area to conduct police operations.

But the professionals got involved, and having that kind of power was viewed as a terribly complicated responsibility that the average guy couldn't handle. This created a wall in society. On both sides now, it's us against them. We need MRAPS because, hell, anything can happen, and there's just a few of us cops in this county. We are no longer all in it together. It's not like if AQ comes knocking we can knock on doors and ask for help.

This is a self-fulfilling feedback loop: as the police arm themselves more and more with special gear, the average person really can't operate it. So even more specialized training is required. Same goes for military gear, where this divide originated.

I would suggest that what we need is some sort of ready reserve system where everybody is trained at reaching 18 on how to safely use most all common forms of police and military gear. I'd further suggest that local police departments be required to have a certain percentage of their patrols as civilian ride-alongs.

There are a lot of things that can be done here, and we don't have to argue gun control to make progress. But I think we do need an understanding of how we got here in the first place. This is a trend that has been a long time coming. The War On Terror just exacerbated it.

18
CalRobert 14 hours ago 3 replies      
Surprised this didn't get any comments. It's a good reason to leave (or not move to) the US, or increasingly, the UK.
19
whiddershins 11 hours ago 0 replies      
What's striking is the correlation between excessive police tactics and enforcement of victimless crimes.

From a right libertarian point of view, it is the government's responsibility to protect your rights, not to protect you.

From a left libertarian point of view, it is the government's responsibility to demonstrate that the good of enforcing a law outweighs the loss of individual freedom and other harm of enforcing it.

Drugs, immigration, fail those tests. Many sex crimes fail those tests. Seatbelt laws probably fail.

The police have to be so aggressive about these things because they never lent themselves to enforcement in the first place.

20
snake_plissken 12 hours ago 0 replies      
I just find it so incredible that a hospital can bill you for a rectal cavity search ordered by police/judge. Honestly I think my mind is experiencing some sort of race condition as I try to pick a word that accurately describes my incredulity about this. Ughhhhhh
21
acuozzo 12 hours ago 1 reply      
This is AMAZING! We're getting closer and closer to a cyberpunk society (unfortunately, authoritarianism is necessary, but not sufficient for this). Soon it'll be like Escape From L.A. or Snow Crash or Neuromancer!

I can't wait to stroll down the streets of Chiba like Case.

I can't wait to hack around in the Metaverse like Hiro.

I can't wait to explore the underbelly of prison-islands like Snake.

We just need a bit more authoritarianism, some advanced cybernetic implants, and just enough unrest for a Modern Wild West to be born.

Does anyone else plan on coming along for the ride?

HACK THE GIBSON! HACK THE PLANET!

22
ilaksh 6 hours ago 0 replies      
Please see historical and global context related to 'police-state' and despotism in order to understand the significance of these issues. You will need to set aside your American exceptionalism.

I do have an issue with the article though. My middle school did have quite a few young criminals in it, and a zero-tolerance policy would have been beneficial for everyone. Instead, quite a lot of physical violence and theft was dismissed as 'bullying' which resulted in escalation. I know for a fact that many of the students who misbehaved in less extreme criminal ways (and were allowed to get away with it) did enter into a life of crime before they were halfway through high school.

So there is a difference between militarization and despotic control and disciplining students enough to prevent them from becoming criminals.

I think that rather than worrying about harsh penalties for vandalism etc., take issue with the propaganda being fed to students and the lack of focus on problem solving outside of narrow domains.

23
hobb0001 9 hours ago 0 replies      
The largest problem that I see with the militarization of the local police is that they will increasingly start to view themselves as soldiers. (See http://en.wikipedia.org/wiki/Stanford_prison_experiment)
24
analog31 5 hours ago 0 replies      
I'd love to study how long it takes the tanks to fall into disuse, to the point of being inoperable, simply because police departments will lose interest in them, neglect maintenance, forget where all of the pieces are, fail to find suppliers for spares, etc.
25
mcantelon 10 hours ago 0 replies      
The post-911 federal gov has been directing resources towards building a domestic counter-insurgency apparatus and promoting a culture in law enforcement conducive to their inclusion in it. You don't spend over a decade building something without a reason. So what's the reason? Needless to say, if the founding fathers were around today they'd be pondering a strategy to resist it.
26
300bps 13 hours ago 1 reply      
This is a continuation of the military industrial complex. There aren't enough wars, but companies that supply the military still need to make money. So they make so much equipment that the DoD needs to give their completely usable equipment away for free.

This page should make any U.S. taxpayer sick and any non-U.S. citizen worried:

http://en.wikipedia.org/wiki/List_of_countries_by_military_e...

27
memracom 11 hours ago 1 reply      
Americans really should learn more about the Soviet KGB and its predecessor, the NKVD, and how they ran a campaign of terror against citizens who did little more than have a different opinion of how the country should be run. Because now that America no longer compares itself to the Soviet Union, this is the kind of police state that is being constructed in the USA.

Meanwhile, in Russia, the place where the Soviet system used to be, they have moved in the opposite direction and dismantled most of the police state. In Russia people have more personal freedoms with respect to the state than they do in the USA. Of course one unfortunate side effect of so much freedom is that there was a great increase in corruption and the growth of the oligarchs after the fall of the Soviet Union. But Russia is dealing with this step by step, reducing corruption and reigning in the oligarchs. Their ideal seems to be the USA of the 1960s or 70s, but not the USA of today.

28
afterburner 12 hours ago 1 reply      
I generally agree with the article, but I object to this section:

"And the mood is spreading. Take the asset bubble collapse of 2008 and the rising cries of progressives for the criminal prosecution of Wall Street perpetrators, as if a fundamentally sound financial system had been abused by a small number of criminals who were running free after the debacle. Instead of pushing a debate about how to restructure our predatory financial system, liberals in their focus on individual prosecution are aping the punitive zeal of the authoritarians. A few high-profile prosecutions for insider trading (which had nothing to do with the last crash) have, of course, not changed Wall Street one bit."

I think that the self-serving, damaging actions of those with a lot of power that affected the entire world's economy is worth looking into at least some prosecution, it's hardly in the same league as what happened to three innocent teenagers waiting for a bus. And if insider trading isn't related to the last crash, then of course prosecuting it isn't going to change anything.

29
rglover 10 hours ago 2 replies      
Here's what I don't understand: what is the ultimate goal of this newfound desire to police everything? The obvious answer is control over people en mass, but say that happens...then what?

Articles like this (which I'm glad are being written) point out the flaws and injustice in the system, but don't discuss the presumed results "those in control" are looking to achieve by manipulating it.

From what I understand, the desired result is to minimize the autonomy of the general public and funnel the bulk of money, control, and power into the hands of a national elite. What happens next (an honest question, as I have some semi-paranoid theories but am curious to hear from someone who is a bit more educated on the topic)?

30
0xdeadbeefbabe 13 hours ago 1 reply      
At least the 113th congress didn't create many new laws. No SOPA, PIPA, or COICA yet either.
31
timbro 14 hours ago 1 reply      
> Sheriff Bud York suggested, according to the Post-Star, the local newspaper, that in an era of terrorist attacks on U.S. soil and mass killings in schools, police agencies need to be ready for whatever comes their way...

And in reality, they're just preparing for social unrest that seem more likely by the day.

32
foxhop 10 hours ago 1 reply      
33
brooklynjam 2 hours ago 0 replies      
My family came on boat number 2 after the Mayflower. For the first time in my life, it may be time to checkout of the USA for awhile. Maybe it is time? Can always visit, but maybe this is it. This is just insane at this point.
34
csours 9 hours ago 0 replies      
This can only stop when the epithet "Weak on Crime" no longer has power in politics.
35
squozzer 9 hours ago 0 replies      
I would say this is a symptom that could be explained by Turchin's structural-demographic theory -- that is, increasing competition for resources (including political power) produces measures that even in earlier, more violent periods might have been considered too drastic.
36
vfclists 9 hours ago 0 replies      
The usual internet twaddle. How many commenters on this thread have bothered to look up incidents of this nature in their districts, neighbourhoods or whatever, and called their councilman or congressman?

I guarantee none. Spend less time online and more complaining to your representatives. You will achieve a lot more in turning things around, ie if you really want to, cowards.

37
jsiarto 9 hours ago 0 replies      
l9.
38
JoeAltmaier 13 hours ago 3 replies      
The 'good old days' had drug dealers and violence, don't kid yourself. It got covered up and ignored.

What is a police dept to do, when the crimes are escalating? Its simple to chide Warren County (or whoever); but who are you to say the next bombing or public rage will not occur there? The others were in similar places; no place is safe.

12
Google is building password-free locking and unlocking into Chrome OS thenextweb.com
14 points by ninthfrank07  2 hours ago   3 comments top
1
richardw 1 hour ago 2 replies      
Why not fingerprints?
13
Natural Language Processing in the kitchen latimes.com
18 points by grej  3 hours ago   1 comment top
1
nswanberg 1 hour ago 0 replies      
I'm sure that it's just due to my ignorance, but this is the first newspaper column I've seen with code in it. Have there been others?

The other nice part about this is that parsing recipes is an approachable problem and worth tackling.

14
Linear algebra tutorial in four pages minireference.com
195 points by ivan_ah  14 hours ago   81 comments top 23
1
j2kun 12 hours ago 6 replies      
A few minor mistakes (perhaps just in my eyes), but overall pretty good.

The hardest part about teaching linear algebra is that nobody explains the big picture. I teach mathematics and computer science and regularly tutor linear algebra students, and I encounter students all the time who ask me "What are vectors good for? I thought all we cared about were matrices and doing RREF and stuff."

For this reason, I deemphasize computations and emphasize the connection between linear maps and matrices. It can be summed up as follows: if you fix a basis, every linear map is a matrix and every matrix is a linear map, and operations on functions (like composition, inversion, whatever) correspond to operations on the corresponding matrices.

It's definitely not an analogy or anything in "scare quotes" that would imply something different is going on behind the scenes. It's exactly the same thing.

Other questions usually left out of discussions about linear algebra (and these notes): what are orthogonal vectors good for? Why would we ever want a basis besides the standard basis in real Euclidean space? Is Euclidean space the only vector space out there? Do vectors have to be lists of numbers?

2
dmlorenzetti 8 hours ago 1 reply      
It's a little surprising, in a "no-bullshit" discussion of "theoretical and computational aspects of linear algebra," to see matrix inversion touted as the way to solve linear equations. The guide literally introduces the examples by saying "Dude, enough with the theory talk, let's see some calculations." Yet standard numerical practice avoids literal inversion, in favor of factorization methods.

E.g., It is common practice to write the form A^{-1}b for economy of notation in mathematical formulas... The trouble is that a reader unfamiliar with numerical computation might assume that we actually compute A^{-1}... On most computers it is always more effective to calculate A^{-1}b by solving the linear system Ax = b using matrix factorization methods... (Dennis & Schnabel, "Numerical Methods for Unconstrained Optimization and Nonlinear Equations", section 3.2).

E.g., As a final example we show how to avoid the pitfall of explicit inverse computation... The point of this example is to stress that when a matrix inverse is encountered in a formula, we must think in terms of solving equations rather than in terms of explicit inverse formation. (Golub and Van Loan, "Matrix Computations", section 3.4.11).

3
wfunction 28 minutes ago 0 replies      
Why do linear algebra teaching materials never mention what a determinant is?

(It's the product of the eigenvalues.)

4
nilkn 11 hours ago 2 replies      
As someone with a math degree, I love this. However, I think the author over-estimates the familiarity of a typical high school student with mathematical notation:

> The only prerequisite for this tutorial is a basic understanding of high school math concepts

I think fundamentally the material in these four pages is accessible to many high school graduates, but perhaps not in this concise rendering (which is awesome for me, but probably overwhelming for someone not familiar with set-theoretic notation, summation notation, etc.).

5
ggchappell 6 hours ago 2 replies      
A little observation: You repeatedly use language that fails to distinguish definitions & properties vs. effective computational methods.

For example, in section G:

> To find the eigenvalue of a matrix we start from the eigenvalue equation ....

Solving the resulting equation is one way of computing eigenvalues. But it might not be the one you want to use in some practical situation.

Just before that, in section F:

> The determinant of a matrix, ... serves to check if a matrix is invertible or not.

It is true that a square matrix is invertible iff is has nonzero determinant. It certainly is not true that, for a matrix of any size, computing the determinant is a good method for checking whether a matrix is invertible.

6
dionyziz 21 minutes ago 0 replies      
I bought this guy's previous book and the print quality was crap. I hope he improves this on his next book.
7
baby 9 hours ago 1 reply      
erk, I don't think condensing much information in the smallest place possible is the best way to learn something (or even review it).

I'm all for a no bullshit and quick way to get something. That's why I sometimes check learnXinYminutes.com or some random cheatsheets on Google. But this doesn't make it for me.

Btw, if you really want to get a good grasp on Linear Algebra you should check Gilbert Strang's video courses on MIT OpenCourseWare. They are amazing and soooo easy to understand you don't even need to like mathematics to watch them. I haven't come across a better support to start with Linear Algebra.

8
ivan_ah 14 hours ago 1 reply      
Good luck to anyone who has a linear algebra exam coming up!

I also have a similar short tutorial for Newtonian mechanics here: http://cnd.mcgill.ca/~ivan/miniref/mech_in_7_pages.pdf

9
dergachev 12 hours ago 1 reply      
I really enjoyed the Gilbert Strang videos on linear algebra back when I was taking the course at McGill: http://ocw.mit.edu/courses/mathematics/18-06-linear-algebra-...
10
elvinmelvin 10 hours ago 1 reply      
Just to throw this out there in the hope it is useful, I have been using this book as a review of linear algebra:

http://linear.ups.edu/html/fcla.html

11
Perseids 6 hours ago 0 replies      
Studying at a university where all this and more is part of the first year education of computer scientists, I - probably foolishly - assumed basic linear algebra was common knowledge in the community. Now my interest is piqued: Which educational path / career path did you take ending up in IT and (more specifically) how much mathematical education did it include?

What is your educational background and which route

12
tdicola 11 hours ago 0 replies      
Very cool, I like title of the associated book "No Bullshit Guide To Linear Algebra" too.

Does anyone know of a nice, short summary of discrete mathematics to go along with this?

13
michaelchum 9 hours ago 0 replies      
Wow amazing stuff here, I agree with you that most math textbooks in our education system fail to explain concepts which are supposed to be very simple. Thank you so much for making things simpler. I'm having MATH 270 final next week at McGill, this is going to help a lot in studying :)
14
mrcactu5 10 hours ago 0 replies      
Courses would benefit from "quick-reference guides like the end of Dror Bar Natan's paper on Khovanov homology http://arxiv.org/abs/math/0201043 He says "It can fit inside your wallet."

See: http://www.math.toronto.edu/drorbn/Talks/HUJI-011104/cube.gi...

15
source99 7 hours ago 1 reply      
I love a lesson that doesn't include ANY real world examples. What's the purpose of this document? Does it accomplish that purpose?
16
graycat 12 hours ago 12 replies      
Roger Horn is one of the best linearalgebra and matrix guys around, and Iwas, by wide margins, the star studentin his class, effortlessly.

For the notes, I found serious problemsin just the first half of the first columnon the first page.

F'get about the four pages.

If enough people want an outlinein a few pages, then I'll considerknocking one out and putting upsomewhere as a PDF file.

17
af3 2 hours ago 0 replies      
Linear algebra class in one abbreviation: LAPACK.
18
aves 9 hours ago 0 replies      
Does anyone have a recommendation for an equally good and concise guide for Discrete Mathematics by any chance?
19
starstart 11 hours ago 0 replies      
Suppose that you are driving a car and you are hit with a big tree. The main eigenvector is in the direction from the car to the tree, the eigenvalue measures the deformation of the car produced by this accident. If the car is a half shorter after the accident then the eigenvalue is 1/2.
20
nathan-wailes 13 hours ago 1 reply      
thanks for the post, i've been trying to learn linear algebra for a long time but keep getting stuck / bored.
21
starstart 11 hours ago 0 replies      
Suppose that you want to project a vector of data (x1,x2,x3,...,xn) into the one dimensional subspace generated by the vector (1,1,...,1). What's the projection in this case?

Hint: You obtain the most important concept of statistics.

22
starstart 11 hours ago 0 replies      
In page 3, section B. Using elementary matrices: To remember what matrix correspond to a row operation just apply that operation to the identity matrix and you obtain the elementary associated matrix.
23
dblarons 8 hours ago 0 replies      
Literally just finished this exam. Too bad I didn't see this summary 4 hours ago!
15
Meet Jack. Or, What The Government Could Do With All That Location Data aclu.org
190 points by G5ANDY  13 hours ago   75 comments top 24
1
cjoh 8 hours ago 6 replies      
It's easy to imagine the kind of data government has, imagine its ability to process that data, and easy to interpret that they will do it. But it's also important to recognize that this is conjecture.

From my experience in government: they nailed the user experience (check out http://dsbs.sba.gov for some awesome gov UI), but really overestimated government's capacity to build intelligent technology like this.

I know this will make me unpopular amongst this crowd, but The truth is, I'm far more afraid of data like this getting into the wrong hands because it's being stored improperly or insecurely, than I am of government being malicious with it. Heck, I'm more afraid of my insurance adjuster than I am a malicious cop.

2
nswanberg 8 hours ago 1 reply      
This article attempts to show what a local government could do, but does anyone have access to the sort of location dataset that could give one an intuition about how likely it would be that individuals would be singled out using the data shown?

The article uses maps of Peoria, IL, so let's assume we're dealing with Peoria. There appear to be roughly 115K people between 18-64 in its metro area (http://www.wolframalpha.com/input/?i=population+of+peoria+il...), and 11 traffic cops. (http://www.peoriagov.org/peoria-police-department/police-div...)

These cops appear to arrest 23 people per month for driving under the influence, and hand out about 1750 other traffic citations (not linking directly to the PDF to save their server but you can find it under crime stats).

The article implies that there would be more traffic stops due to increased DUI suspicion, and it certainly seems that it could happen, but given these population, police, and police activity numbers, and given that the article itself gives a false-positive example, how likely would that be? Is it reasonable to think that these cops currently have a lighter load and have time to be dispatched to investigate a potential DUI?

I am not suggesting that it is of no concern for the government to have unfettered access to data, and I can imagine a vast number of possible scenarios in which the data could be misused, but possibly we can better quantify that concern.

3
wissler 9 hours ago 3 replies      
Yet another example of how the government can use this information to "discredit radicalizers":

http://www.huffingtonpost.com/2013/11/26/nsa-porn-muslims_n_...

4
rtpg 11 hours ago 9 replies      
Meet Jack. Or what the government could do with all these planes

>Article showing how half of San Francisco gets bombed

This argument can only hold on water by having a complete lack of faith in the rule of law.

The biggest issue I have with this is that this describes a massive , coordinated system to use all this location data in ways that are way outside the legal framework in place by the initial court order from the FISA court.

Stuff that has come out of these leaks have ranged from banal (oh, we listen to the German Chancelor's cell phone? What else is new) to absolutely damning (forcing companies to hand over SSL keys). But even in the most damning cases, all of these happened within the legal frameworks given to them (such as the National Security Letters) and maybe some overzealous law enforcement agents. The illegal incidents can be explained more by incidents outside of how things are "supposed" to work (LOVEINT is probably not sanctioned by the NSA), and a lack of strong implementation of the framework given by the courts.

The narrative has always seemed to be "check out how the NSA is going crazy over here!". But the reality is "check out how all these politicians are voting in these new laws allowing this to take place!"

From the leaks you can even see how the courts are constantly reeling things in, the system is actually working. We hear about old NSA programs that got shut down because of the FISA court's rulings. This is how rule of law works! We vote laws, and people follow them.

To actually come to this, given all we've seen from how courts rule on this issue in general, and the FISA court's rulings, this sort of data sharing would absolutely definitely not be allowed to exist. No judge would agree to this being allowed to be set in place, as it so obviously goes against 4th ammendement in such a program's intent.

Just because the data is at the NSA doesn't mean they can use it however they want, just like how Google would run into some problems if it tried to sell the contents of your e-mails to somebody.

This anger at the NSA should also be directed at the congressmen voting for these laws of large scope in the first place. Hopefully we can get rid of NSLs too. But the NSA is just doing the most it can with the tools we give it (which is what we expect). And rule of law is actually working, we just have some shitty laws.

5
aabalkan 1 hour ago 1 reply      
I don't know why everyone is paranoid about unseen location data being collected. They often blame proprietary software like iOS/Android collect location data and send Apple/Google servers. That sort of transfer would be evident by tracing traffic and there are tons of reverse engineers out there intentionally keeping an eye on transferred packages that might contain sensitive private data. That would be a huge breakthrough if it would exist and be revealed.
7
shurcooL 30 minutes ago 0 replies      
Is Jack a celebrity? Why does anyone (other than a data mining algorithm) care about him.
8
blah32497 5 hours ago 1 reply      
This is fear mongering. You could have some person out in the field tailing you and get the same info (maybe even more). You can also put up a camera and tag people as potential DUIs based on how close to the middle of the lane they are driving. So what?

What's important to ask is what can the government do with the data. And NSA or not, what they are can do is limited by the law. No database changes that.

9
lstamour 1 hour ago 0 replies      
Suddenly I'm not as sure I want a self-driving car.

Then again, if there are no tracking cookies, maybe they can't tell if I'm in it? (Wishful thinking, I'm sure...)

Of course a self-driving car would defeat the need to catch someone after a party perhaps, so bad example? :)

10
rurounijones 5 hours ago 0 replies      
For those thinking this is so far down the slippery slope as to be ridiculous: http://www.washingtonpost.com/blogs/the-switch/wp/2013/12/10...
11
at-fates-hands 10 hours ago 0 replies      
This is why its important for people to get their respective states to start writing laws which protect people's privacy and usurp the Federal Preemption of states rights in regards to people's private information.

This is a great paper which addresses this in regards to environmental laws. This kind of argument can also be made in protection of people's private information. It's about restraining and balancing the federal laws with state laws and not allowing the feds to overstep state laws.

http://www.law.northwestern.edu/lawreview/v102/n2/649/LR102n...

12
bane 6 hours ago 0 replies      
Now imagine similar data in the hands of a private company,

"I see you like to go to a bar regularly, would you like to see this beer advertisement?"

13
lanaius 9 hours ago 0 replies      
Setting aside all of the other existing information, the crux of many of the arguments in the article depend on the government knowing the use of particular addresses. That's data most city/county/state governments already have laws that they should know (for tax assessments, occupancy limits, health inspections, census, etc.) and yet they frequently have incorrect or incomplete information on this.

While pervasive tracking is indeed a problematic state, I still find it humorous at how competent we truly believe the government to be in retaining accuracy in all this data given how often our interactions with government and private businesses revolve around them FIXING their data about us.

14
inspectahdeck 11 hours ago 0 replies      
Hey, that's not what the Palantir UI looks like!
15
nl 9 hours ago 0 replies      
Nice of the ACLU to spec how the NSA's software work and what it should look like.
16
rayiner 11 hours ago 2 replies      
I understand the importance of focusing on the government, but I think use of this sort of data should be restricted for everyone, not just the government. What happens when employers realize that you can filter out less desirable employees by correlating the movements of their social groups and cross-referencing it against credit history databases? We fear what the government can do with the data, but as a practical matter its corporate America that's more likely to actually screw over large numbers of people with this sort of data.
17
bazzargh 11 hours ago 1 reply      
It feels like there's a game in here. The Sims meets Uplink.
18
neil_s 6 hours ago 0 replies      
Am I the only one for whom the article had the opposite than intended effect? I was expecting some real life horror story of a false positive or deliberate framing, but instead I was given examples of how this data could be used constructively to try and evaluate where there might be a high likelihood of crime occurring, and trying to prevent it. In my eyes, using tax dollars to prevent crime rather than punishing it a HUGE win!
19
Aaronneyer 10 hours ago 0 replies      
Maybe I'm just a huge data nerd, but this article made me really excited.
20
etanazir 10 hours ago 0 replies      
Could? The government may know you better than you know yourself; and perhaps the only reaction to be had upstairs is when you change a habit; i.e. quite unexpectedly break the prediction model for your life.
21
dredwerker 8 hours ago 0 replies      
The police go to Jack's house and educate him on not drinking and driving and give him a free taxi token.
22
diminoten 11 hours ago 2 replies      
Setting aside morality for a moment, that's a pretty cool little system there.

What havoc would be wrought if such a system were public? Heh, the mind reels.

23
tedunangst 11 hours ago 1 reply      
So was Jack arrested or not?
24
api 9 hours ago 0 replies      
This indirectly makes a great point. While everyone's been talking about the danger of a turn-key totalitarian state -- the danger of intentional totalitarianism -- much less has been made of the danger of an unintentional totalitarian state arising from overzealous use of these systems by law enforcement. I think that's a much greater immediate risk.

Replace "DUI pattern detected" with "likely child predator." Just the insinuation that a person is a pedophile can destroy a person's life.

16
Firefox 26 is released mozilla.org
267 points by lambda_cube  17 hours ago   178 comments top 25
1
kibwen 15 hours ago 2 replies      
According to the #ux channel on irc.mozilla.org, Australis will be relegated to Nightly builds (Firefox 29) for a while yet, and might be as late as Firefox 30 depending on the speed at which bugfixes roll in. Sorry, Aurora users. :(
2
riquito 15 hours ago 3 replies      
> Improved page load times due to no longer decoding images that aren't visible (847223) ( https://bugzilla.mozilla.org/show_bug.cgi?id=847223 )

This is pretty cool

3
pwnna 16 hours ago 4 replies      
> Support for H.264 on Linux if the appropriate gstreamer plug-ins are installed

\o/

4
prteja11 16 hours ago 3 replies      
Love this - All Java plug-ins are defaulted to 'click to play'

I tried convincing my coworkers to disable java and failed (we are not developers).

5
jevinskie 15 hours ago 0 replies      
EXIF rotation was long overdue but I'm happy it finally landed!
6
super_mario 7 hours ago 5 replies      
These frequent updates are going to kill Firefox and it's partially Google's fault. Basically, Google has managed somehow to coax Firefox developers to rapid release cycle with frequent Chrome updates. But this goes against Firefox users.

Why do people use Firefox? Most users claim extensions. What breaks extensions? Frequent updates. Effectively annulling the most compelling reason to use Firefox.

This is certainly my experience. Pentadactyl, the most compelling reason for me personally to keep using Firefox is more broken than not. Every single update in the last year has broken it and sometimes in non-trivial ways, and stretching my patience to the limit. If I have to abandon Pentadactyl, I really don't have a reason to use Firefox anymore.

UI changes proposed in Australis are not something to look forward to either esp. if you like hiding Firefox UI elements and basically just keeping undecorated minimal window with Pentadactyl.

7
shmerl 11 hours ago 6 replies      
Is there any way to update Firefox on Linux without resorting to ugly methods like running it as root and using update UI, or downloading the mar file manually and running the updater CLI tool with that file (as sudo / root)?

The issue is that I use stock Mozilla build (I prefer it to Iceweasel on Debian), so I just placed it in /opt, but I don't want to give write permissions to the firefox directory to my primary user (it's kind of bad security wise). Because of no write permissions, updating UI can't update the browser naturally, unless I run it as root. And manual mar + updater method isn't nice either.

Potentially there can be some better ways for updating:

1. Firefox can work with policykit and request authorization for updating (if user has it - it can ask for password). That's much better than running as root.

2. updater CLI tool can detect all the settings, channels sources and etc. from Firefox local DBs, and instead of forcing the user to manually grab some mar file, it can go and perform all that automatically. updater can be run with sudo still, but avoid all the manual steps.

Both these methods would be much neater than what I usually do now.

8
Ygg2 15 hours ago 2 replies      
I have a silly request, can timings on Network tab be displayed on mouse hover? I hate having to click to measure which part took much time? This is @Mozilla Web inspector
9
erichurkman 13 hours ago 0 replies      
See also the Firefox 26 for Developers: https://developer.mozilla.org/en-US/Firefox/Releases/26

And Site Compatibility for Firefox 26, https://developer.mozilla.org/en-US/Firefox/Releases/26/Site...

Of note, images with EXIF rotation data are now rotated correctly! And you can inspect :before and :after elements in the built-in inspector finally.

10
notjustanymike 15 hours ago 2 replies      
As a developer, it would just peachy if they'd start supporting HTML5 input elements.
11
caissy 16 hours ago 2 replies      
> There is no longer a prompt when websites use appcache.

Quite happy with this one. I had to develop an offline web-based application a few weeks ago and it really bugged me that I had to allow the application to use the offline cache.

12
raverbashing 12 hours ago 0 replies      
Just clicked on "About Firefox", the upgrade was downloaded and installed.

And a smaller download than downloading the new version.

13
_sabe_ 14 hours ago 4 replies      
How can this tiny minor changes be worthy of a whole version number? Firefox is the software equivalent of the Zimbabwe dollar.
14
shmerl 11 hours ago 1 reply      
About gstreamer video playback: I didn't find a way to prioritize formats. Let's say some video is available in VPx (WebM) and H.264 (mp4). Firefox will pick first whatever is listed first on the page. So for me it always picks H.264 on Youtube. I prefer to use open codecs though when there is a choice, but there is no apparent way to set the priority.
15
benjamincburns 15 hours ago 4 replies      
Maybe I'm biased, but jor1k is my FF benchmark of choice these days. Sadly I'm not seeing any major performance increase over FF 25 (posting this from jor1k via links [1]).

1: http://s-macke.github.io/jor1k had to edit in the link as the ':' and '-' keys don't appear to be working)

16
footpath 13 hours ago 1 reply      
The Android version has received a facelift as well, and it looks nice. However, I suppose there still isn't a way to manually pin sites to the about:home page if they do not show up there already?
17
dear 15 hours ago 4 replies      
Anyone with memory problem with Firefox? My FF is currently using 2G memory while I only have 13 tabs opened and most of them are just plain simple pages. I am sure it will keep sucking up memory until I do restart. This problem is not new. Is there a memory leak problem with FF?
18
anymane 11 hours ago 1 reply      
I am curious about this change in the changelog."Password manager now supports script-generated password fields"I couldn't easily find any details about. Would someone be kind enough to elaborate on what it does and where it is useful?
19
dijit 15 hours ago 0 replies      
>Support for H.264 on Linux if the appropriate gstreamer plug-ins are installed

I was trying to do this for ages using plug-ins, nothing works- was told to run nightly- but I need this browser.

can't wait until it makes it's way into repo's :D

20
nodata 16 hours ago 1 reply      
"has been released" or "is out".
21
xfalcox 9 hours ago 0 replies      
Can we see the gzipped size side by side with real size on network panel?
22
3rd3 13 hours ago 1 reply      
I wished they would improve the PDF viewer.
23
crb002 16 hours ago 1 reply      
Lol. I like the unresolved finger given to Flash.
24
achairapart 13 hours ago 4 replies      
Firefox 25 hanged most of the time, it seems was because of Firebug. I disabled Firebug.

Firefox 26 hangs at start up. CPU stuck at 100%. Almost 1 GB of ram used with 1 tab open (I can't even open a new one).

What happened, Mozilla?

I'm giving up with this browser.

25
lucb1e 14 hours ago 3 replies      
Firefox 3: Yay!

Firefox 3.6: Let's see what's new!

Firefox 4: oooh pretty UI (at least that's what most thought)

Firefox 26: sigh another one?

I think only every 10 versions should be news. Since they moved to this useless release cycle (basically replacing bugfix releases with major releases), we should shift our news upvoting from major releases to major-major releases (i.e. treat the decimal sign as if it were 2.6x instead of 26.x).

17
We cannot trust Intel and Vias chip-based crypto, FreeBSD developers say arstechnica.com
292 points by robin_reala  18 hours ago   150 comments top 16
1
ctz 17 hours ago 3 replies      
It was always the right answer to feed all available entropy sources (irrespective of previous laundering -- eg. Intel RDRAND gets laundered through the SP800-90 AES-CTR_DRBG internally) into a decent CSPRNG. Feeding multiple entropy sources of different qualities, speeds or backdooredness cannot (by construction) decrease the entropy of the output (it can, obviously, fail to increase it -- say if your ring oscillator got stuck in a fixed bit pattern like the Taiwanese smartcards).

Yarrow and Fortuna are examples of decent CSPRNGs, so I'd say this is a pretty good move by FreeBSD.

2
dangero 16 hours ago 4 replies      
Hmm I've been having similar concerns about the Windows rand_s function. Every Windows application including every modern browser relies on rand_s for secure random number generation but obviously the function is completely closed source. Seems like a perfect target for the NSA.
3
kkielhofner 16 hours ago 1 reply      
I've been working with this project for some time:

https://github.com/pwarren/rtl-entropy

Quite a bit of entropy using radio noise and a $15 RTL-SDR USB dongle. Still could use some work and review but seems like the start to an almost ideal solution.

4
polarix 17 hours ago 5 replies      
Have people talked about using sensor device input as prng seeds? onboard microphone, fan speed jitter, etc?
5
lifeisstillgood 10 hours ago 0 replies      
I used to work for an online gaming company (legal in the UK) - and they basically used the on server chips (as opposed to quantum RNG) - and was not unusual in the industry. which may lead to weaker randomness and so an exploit for scamming. It's just that the validation tests were to simulate a few million rolls of the dice and see if the graph came out right.
6
nightcracker 17 hours ago 0 replies      
7
ris 17 hours ago 2 replies      
This coming from a BSD distribution that ships binary blob device drivers.
8
pja 11 hours ago 1 reply      
mhoye points to the notes from the FreeBSD summit on his Twitter feed. The notes from the security sessions are here: https://wiki.freebsd.org/201309DevSummit/Security

Key quote: "rdrand in ivbridge not implemented by Intel."

9
ape4 18 hours ago 3 replies      
Where are the Intel and Via random instructions supposed to be getting their entropy?

Edit: thanks for the interesting replies!

11
salient 18 hours ago 3 replies      
Sounds like a good move to me. Intel has been awfully quiet about this.
12
UNIXgod 5 hours ago 1 reply      
This on AMD chips as well? Since it's BSD we can just have an option to turn it off.
13
timbro 14 hours ago 0 replies      
> the NSA and its British counterpart defeat encryption technologies by working with chipmakers to insert backdoors, or cryptographic weaknesses, in their products.

I had already started to forget about that...

From that other report (september):

> They reveal a highly classified program codenamed Bullrun, which according to the reports relied on a combination of "supercomputers, technical trickery, court orders, and behind-the-scenes persuasion" to undermine basic staples of Internet privacy, including virtual private networks (VPNs) and the widely used secure sockets layer (SSL) and transport layer security (TLS) protocols.

14
acqq 18 hours ago 0 replies      
You wouldn't prove anything by analyzing the results, for anybody who knows a bit of cryptography it's trivial to produce the stream that "doesn't have the patterns" but that can contain "master" key.
15
gnu8 18 hours ago 6 replies      
If I recall correctly, Linus refused to make this change in Linux, denouncing it as paranoia.

My fear is that the extra complexity adds additional opportunity for a back door to be inserted. However, software can be audited, the hardware cannot be.

16
noir_lord 16 hours ago 1 reply      
I think which Linux distro you use should be like religion and politics should be a personal matter ;).

That said I am a Mint XFCE user and have been back to 13 (before that Gnome 2) every release has been brilliant I run it on everything from an ancient ThinkPad to a thoroughly modern development machine and it has worked well.

It's also the only WM/DE that handles multiple screens (3 on both desktops and 2 on Dell/External) without any show stopping/tremendously irritating bugs couple that with the huge amount of software available via Debian/Ubuntu and PPA's and it's a cracking developer OS.

18
Ubuntu Touch OS wins its first smartphone partner cnet.com
95 points by tanglesome  11 hours ago   44 comments top 11
1
winslow 9 hours ago 2 replies      
"Shuttleworth founded Canonical in 2004, back in the day when Linux on the desktop was, if not exactly a contender, at least a more widely discussed alternative to Windows PCs than it is today."

I feel like Linux is a better contender now then it was in 2004. Or am I just in a "developers tech savvy world" and viewing linux as a viable contender now compared to the typical layman?

2
bobbles 4 hours ago 2 replies      
I really wonder whether this is going to be a partnership with Xiaomi...

after Hugo Barra went there from Google and made this quote "If I do my job right, in a few years, the world will be talking about Xiaomi in the same way that they talk about Google and Apple today."

It appears the company will be gearing up for a big smartphone release in 2014, which would also fit into the timelines here.

Xiaomi tends to be known for the high-performance low-price phones, but have always had poor software letting the devices down.

3
programminggeek 9 hours ago 2 replies      
This would be amazing on a device like the Moto G or something similar. If they get this in the sub $200 or sub $100 price point with reasonable performance, it could be a real big deal.
4
fidotron 8 hours ago 0 replies      
This could really turn into a messy war versus the crippled but strangely compelling ChromeOS, which once croutoned becomes radically more useful. Something that doesn't have those restrictions out of the box is going to have a clear advantage.

The problem from a dev point of view is just what security model for apps are they going to go with? I haven't seen any discussion about the exact details for how they plan on managing the app packaging, separation and permissions fun that exists on mobile today.

5
nsxwolf 3 hours ago 1 reply      
Is Ubuntu Touch OS the same thing as Ubuntu for Android? It's not clear on their site.
6
shurcooL 5 hours ago 0 replies      
As soon as there's a powerful mobile device that comes with a Terminal as a first class citizen and lets me compile/run Go programs, I'm ditching my iOS device and getting that.
7
keithpeter 9 hours ago 0 replies      
Excellent for Canonical. I look forward to the day I can walk into the local phone shop and buy an Ubuntu Mobile.

Bit worried by the 'high end' qualification in the OA. I'd imagine Apple/Samsung have that sewn up, and the lower end in China/Asia has the volume. But we shall see.

8
TallGuyShort 10 hours ago 1 reply      
If it's Verizon, I intend to be their first smartphone customer :)

edit: mind you - I'm guessing this is a manufacturing partner, not a network / distribution partner...

9
pianoben 8 hours ago 0 replies      
I can't bring myself to get too excited; with so many details unknown, this smells strongly of the vapors.

That said... I'm still holding out for the Ubuntu One, or something like it.

10
arunoda 3 hours ago 0 replies      
Waiting for it.
11
jolohaga 8 hours ago 1 reply      
Can't wait for a BSD phone
19
Earn $4 in bitcoins for any commit to sferik/t, a command-line Twitter tool tip4commit.com
129 points by sashazykov  13 hours ago   96 comments top 24
1
sferik 11 hours ago 7 replies      
The problem with this funding model is that it encourages fluff pull requests, such as this one: https://github.com/sferik/t/pull/138/files.

If there was no financial incentive, I would probably merge it but now I'm questioning the motivations of the committer. If I merge this, it means there will be less money for someone else, who makes a more significant contribution in the future.

Personally, I prefer Gittips model to incentivize open-source contributions, if only because it doesnt create this kind of noise for project maintainers.

2
edavis 12 hours ago 3 replies      
Projects like these is where Bitcoin can really shine.

Maybe Bitcoin will conquer the world, maybe it won't. I have no idea.

What I do know is there is real utility in being "electronic petty cash" which Bitcoin can easily become.

Imagine: Alice sends Bob a few bitcoins after Bob writes a particularly insightful comment on HN. Bob then comes across a great blog post by Charlie and sends him a few bitcoins. Charlie then finds an open-source project by Diane that will save him hours of work and sends her a few bitcoins. And so on.

It rarely would get converted to USD and wouldn't amount to much when it did. Instead, people would just earn a bit here and spend a bit here.

Bitcoin enthusiasts miss that USD works fine for most people. But right now it's really hard to do the above scenario using traditional banking. I don't want to connect my bank account to some website to send a someone a few bucks. It's just not worth the hassle/potential risk.

I can't be the first person to think of this. But I'm just not seeing much movement in this direction. Am I overlooking something? Or do I just need to be patient?

3
tinco 12 hours ago 3 replies      
I hate to be a party pooper here, but if this project would ever take off, and the project would receive serious amounts of bitcoin that would mean that serious amount of bitcoin would have to be managed and secured by whoever runs that project.

The past has shown that everyone, even persons who run e-wallets and currency exchanges, severely underestimates the amount of security such an endeavour requires.

There's a hundred questions you should ask anyone who asks you to keep care of bitcoin. How large is the hot wallet? How is the offline wallet stored? Where's the source code? What hardware does the service run on? Who are you? What will you do when someone steals your hot wallet? What monitors do you run to make sure the books add up?

So, nice idea, but please make sure this is actually going to be safe.

(BTW there seems to be a way to escrow bitcoin where a third party decides if the transaction should pass, but that third party never gains access to the bitcoin themselves, I haven't read the details of it, but that would seem perfect for this sort of thing)

4
rthomas6 13 hours ago 0 replies      
Some Bitcoin millionaire needs to drop 10 BTC in that donation address, then commits would earn $100 each. That would be interesting to watch.
5
olouv 12 hours ago 0 replies      
Awesome! It looks like a virtuous circle for both open source & the bitcoin network. Really hope this will take off.However, in my opinion, you should definitely switch to mB (mili-bits), and please add retina icons for the readme. I just added one of my projects there (github.com:mgcrea/angular-strap), this will be quite interesting to watch!
6
andrewgjohnson 12 hours ago 2 replies      
I like the idea of prepaying bit coins on bounties [presumably tied to an issue/bug report in GitHub] which is what I thought this was at first. As is seems a bit confusing, are all commits treated equally? I'd be peeved if I donated money then saw it get split up among people who did minor clean up, typo fixes, etc. Flip side, I'd be peeved if I spent a bunch of time on a commit then saw the same money go to someone doing a typo fix level commit.

Don't know if the whole intrinsic/extrinsic motivations factor will make this idea crater in any form but I think tweaking the current model is advisable in any case.

Best of luck.

7
unreal37 13 hours ago 2 replies      
I assume it's not affiliated with the projects at all. This is an independently-run tip system for open source projects. Cool idea.

Key disclaimer though, is that only 95% of donations for tips go to the coders. And if every commit donates 1% of the balance to the commit, that means that the project almost never donates it's full balance. So if this ever really takes off, the original developer of tip4commit will be holding a lot of money that takes a long time to pay out.

8
chrismorgan 7 hours ago 0 replies      
It looks to me like bors, the integration bot, will be getting all of the mozilla/rust tips: http://tip4commit.com/projects/149.
9
nailer 12 hours ago 5 replies      
Can someone more familiar with $BITC explain how Bitcoins can be portioned? I get that each bitcoin is a unique number - how can 0.4 of a number belong to someone and the other 0.6 of that number belong to someone else?
10
MBCook 13 hours ago 3 replies      
This seems like an accidental perverse incentive. While you only get the top if your commit is accepted, I would be worried the maintainers will just end up with a bunch of low effort trivial patches.
11
tobyjsullivan 13 hours ago 2 replies      
Is this operated with some sort of commit hook or done manually by the project maintainers or what?

Edit: At present this is obviously an MVP that is probably being completely "faked" on the back-end, so I suppose my question should be "What is the intended design?"

12
twodayslate 6 hours ago 0 replies      
A 5% fee to sponsor a project seems a little excessive. I'm still a top sponsor on http://coingiving.com/
13
pixelcort 6 hours ago 0 replies      
Ooh, what if there was a bot that had some unit tests, and then gave BTC to whomever writes code that passes all those tests?
14
olouv 10 hours ago 1 reply      
Got a tip putting the tip4commit link in the readme...!http://tip4commit.com/projects/143

Not sure this is intended behavior.

Shouldn't the owner of repositories be out of scope (or at least make it configurable)? tipping myself minus the commission is no fun ;-).

PS: would make sense to have a signup via github

15
bearbin 12 hours ago 0 replies      
MCServer, a FOSS Minecraft server is also on here: http://tip4commit.com/projects/74

We haven't got any outside donations yet, but I think it would be quite a good way to reward contributors, and I put a bitcent in to try it out.

16
alxndr 11 hours ago 0 replies      
All projects on tip4commit, conveniently sorted by tipjar size desc: http://tip4commit.com/projects

Only 15 projects with a nonzero tipjar at the moment.

17
ostikk 2 hours ago 0 replies      
maybe tips per number of lines changed would be a fairer benchmark than tips per commit. I guess that would still cause a bunch of unnecessary line changes.

I really don't think this kind of financial incentives are good for open source projects.

18
tomrod 8 hours ago 1 reply      
So could I add comments from junk accounts and earn $4 in bitcoin? I'm not sure I'm following the logic here... and what prevents highly unethical behavior.
19
mnem 11 hours ago 0 replies      
Somehow reminded of the bug bounty dilbert cartoon: http://www.dilbert.com/strips/comic/1995-11-13/
20
nkuttler 13 hours ago 3 replies      
Seems like a nice idea, but where on that page is the link to the repository?
21
lcasela 12 hours ago 1 reply      
This is a really good idea! It really adds an incentive to contributing.(Though I can see a lot of people abusing this.
22
dysoco 13 hours ago 0 replies      
I didn't know Linux had Bitcoin tips, could have used that.
23
aram 13 hours ago 0 replies      
sferik has a commit for each day over the past year:

https://github.com/sferik

It's the first time I see a full year streak!

24
AbraKdabra 12 hours ago 0 replies      
I somehow read "Earn 4 bitcoins for any commit..." and thought "wow that's really generous", I was like, very wrong haha.
20
Documents show how the NSA infers relationships based on mobile location data washingtonpost.com
47 points by bcn  8 hours ago   11 comments top 5
1
ismail 1 minute ago 0 replies      
I actually posted about this a while back here on HN, having figured this out when attending a course on SS7 signalling several years back. At the time i thought it was a 'theoretical possibility'

https://news.ycombinator.com/item?id=6682320

2
droopyEyelids 7 hours ago 1 reply      
What I'm enjoying about these documents is that they reveal the 'correct' amount of paranoia.

If you're pretty technical, it's easy to simulate what the NSA does with your imagination. Just imagine what databases they have, and imaging what you could do in a limited way if you made it your side project. Badabing.

3
polynomial 25 minutes ago 0 replies      
Given the glossary at the end, I'm surprised it didn't include Skyhook.
4
znowi 5 hours ago 1 reply      
So, basically, Google's location history is NSA's HAPPYFOOT data aggregator.

https://maps.google.com/locationhistory/

5
salient 7 hours ago 1 reply      
What's disturbing is that even though they know which data is from US citizens, they still won't discard it, and can even use it. I mean, maybe I can understand if they "incidentally" collect the data of some people - although doing that for tens of thousand of people a year is really pushing it since all sorts of people could be in that "incidental" collection, and US persons could actually be targeted this way, and then masked as being "incidental collection".

But even after they know they are Americans, they still keep it? That's just unacceptable. This other story puts things in an even scarier perspective, because of what they can do with that data if it gets trickled down to other agencies (parallel construction, etc:

https://www.aclu.org/meet-jack-or-what-government-could-do-a...

21
Server-generated JavaScript responses 37signals.com
76 points by steveklabnik  9 hours ago   65 comments top 24
1
spankalee 8 hours ago 2 replies      
I'd much rather use templates that can be rendered server side as an optimization if necessary, and then updated normally on the client.

As for the criticism of SPAs that you need to download the "entire" JavaScript library is loaded, this can be mitigated by lazy loading the dynamic bits. If you look at how Google+ behaves, it renders the page server side, and then loads controllers for various parts of the app on demand. For such a complex app it loads incredibly fast.

It might be a little bit before there's a server-side renderer for custom elements / Shadow DOM / template binding, plus patterns for deferred loading code, but personally I think that will be the way to go in the near future.

2
ryankshaw 8 hours ago 2 replies      
as I read that I kept wanting to say "No, we're so past that! i need client-side everything w/ json apis" (as I'm sure a lot of people and the mindshare of the interwebs are going) but then I read the last part:

  > If your web application is all high-fidelity UI, its completely legit to go this route all the way. Youre paying a high price to buy yourself something fancy. No sweat. But if your application is more like Basecamp or Github or the majority of applications on the web that are proud of their document-based roots, then you really should embrace SJR
and I realized that he's completely right, the majority of the web is still document oriented "pages". If that's your case, don't try to be an "app" and the 37signals way works just fine for you. in other words, it would not be a good idea to make a blog be a Single Page App (I'm looking at you blogger).

3
pilif 3 hours ago 0 replies      
The thing about SJR is that it lends itself much better to progressive enhancement: if you need/want to present a page which also works without JS, that means that you need to be able to render the page on the server, which means that by using SJR, you can easily reuse that same view code that you already need to have for the non-JS clients.

Of course, as JS on the server becomes more and more wide-spread, you might as well just use the same templates at both ends, but it' still more infrastructure than treating the client JS as just part of the view.

I discussed this back in 2011 on my blog: http://pilif.github.io/2011/04/ajax-architecture-frameworks-...

4
bastawhiz 4 hours ago 2 replies      
This is all well and good until you want to handle error responses on the client. Let's say your user is on spotty wifi and they hit the submit button for your form. Guess what happens if that AJAX request fails? Probably a whole lot of nothing, unless you've got some templates client-side to show an error message. At that point, if you're making your error messages fit into each of your UIs, you'd might as well just be using client-side templates anyway and SJR is moot.

On top of that, you can't update the UI in a meaningful way until you get a response from the server.

That's also not even touching any security considerations that you need to make to use this technique: you can't implement a CSP, you've got to make damn sure you're properly escaping every piece of data [in a special way] that comes through, and you've got to make sure the response that you're sending can't be used in a script tag (i.e.: you need to add an intentional syntax error that you strip off) or an attacker could simply put a script tag on his own site pointing at a URL on your site that returns sensitive information.

TL;DR: Badasses only.

5
paulbjensen 8 hours ago 1 reply      
There is this interesting pattern of having template compilation be possible from both the server and the client, such as with AirBnB's Rendr. It gives you the flexibility to choose where you want that template compilation to occur.

With regards to Twitter's Time To First Tweet being slow under their Single Page App, I recall Alex Maccaw mentioning that their JavaScript library execution was inefficient, in that the client had to download a whole bunch of JavaScript before it would load the part of the app responsible for rendering the data.

I believe he was suggesting that if Twitter optimised the delivery so that parts of Twitter's JS were served after the rendering part of Twitter's JS code, then the time to first tweet could be faster.

In my opinion, delegating template compilation to the client offers a nice separation of concerns; the server is the API, and the client is the UI.

It would be interesting if there was benchmarking done into comparing these approaches, to see where server-side template compilation can be beneficial over client-side template compilation.

6
chrismccord 6 hours ago 2 replies      
I've been experimenting along these lines with making Rails' partial real-time using websockets and it works quite well for Basecamp/Github style apps. Basically you can get "true" MVC while using your existing erb/haml views and you get real-time updates for all connected clients. Some web apps that are replicating desktop like behavior require full client-side MVC, but I think many apps can hit a sweet spot and get the best of both words of server-side rendering with realtime updates.

project: https://github.com/chrismccord/sync

7
dmazin 8 hours ago 0 replies      
RJS was the most awful experience of old Rails. This comment has no other utility, it was just really ugly and depressed me and I've never gotten to say that before.
8
rdtsc 1 hour ago 0 replies      
There is an interesting web framework that takes this approach as well -- N2O.

http://synrc.com/framework/web/

It can do server side rendering but then pushes it via a websocket (well with fallback) to the client.

The use case I understand is mobile clients.

9
carsongross 8 hours ago 0 replies      
Great stuff: we do ad-hock versions of this in a few of our applications. It deserves a formalization.

In my brief thinking about this, one potential version would use HTML 5 attributes like AngularJS, but use HTTP/restful endpoints as "the model". I can imagine a few different approaches, but something like:

<div data-dyna-src="http://myserver/my-div-endpoint" data-dyna-method="poll 500ms"> ...</div>

Which would then poll the given endpoint and swap in new content in a pluggable-but-visually-pleasing manner. http://myserver/my-div-endpoint would serve up the partial of the div, so everything would be DRY. Basically move the model back to the server, but still buff up the presentation layer a bit.

You'd probably need a few different patterns: updateable divs, forms, updatable tables, progress bars, as well as some good default transitions and, of course, make the whole thing pluggable, and potentially provide for both HTML and script interchange at the end point (that's what our ad-hoc version does: it provides a data channel, an html channel and a raw script channel, but it feels like a hack.)

Anyway, if anything is going to save us from the oncoming javascript-filled dystopian hellscape, it's probably something like this.

10
wldlyinaccurate 8 hours ago 2 replies      
To me, this seems really convoluted - maybe as a non-rails developer I'm missing some key information?

Why, for example, would you use this over client-side templating and data-binding? Create the template once, grab some data with AJAX, bind it to the template...

11
zinssmeister 8 hours ago 1 reply      
"The template is just JavaScript instead of straight HTML" I guess that's one way to make this work. But for everyone that is serious about writing a web app with a slick UI should build things around api calls and move the views to the frontend (backbone.js & handlebars templates are great).
12
milos_cohagen 49 minutes ago 0 replies      
I enjoy dhh articles, but find them a bit hard to understand not being a rubyist. dhh says:

2. Server creates or updates a model object.3. Server generates a JavaScript response that includes the updated HTML template for the model.

Why does a template need to be updated? Isn't that part of the idea of templates, that they are fixed for changes in the model?

13
izietto 8 hours ago 0 replies      
I'm the author of this comment: https://github.com/rails/rails/issues/12374#issuecomment-294...

I still don't get the benefit over using RJS (or SJR, or JSR, whatever) instead of render :json : with the former you have the javascript spreaded in your views, with the latter you can organize it inside the assets, which IMHO is a way better solution.

14
thurn 8 hours ago 1 reply      
Isn't it impossible to optimistically update the UI with this model? You need to wait for a server roundtrip before you can display the results. There are certainly cases where that's OK, but it can make an app feel a lot less snappy.
15
lazyjones 6 hours ago 0 replies      
Such things were popular more than 15 years ago, when websites had to conserve bandwidth (for many users with slow links) and JavaScript wasn't considered as dangerous as it is now (so people didn't use NoScript much and didn't frown upon JS-only websites like I do).
16
jcampbell1 7 hours ago 0 replies      
I suppose this is okay, but it can quickly become a mess as soon as you need to make the modified portion of the dom interactive:

    $('#messages').prepend('<%=j render @message %>')      .find('.delete').click(fn)      .end().find('.reorder').hover(fn,fn)
I suppose they work around this problem with event delegation.

If you use something like angular, the whole mess becomes:

    $scope.messages.unshift(message);

17
krapp 8 hours ago 0 replies      
I've done this in PHP as a hack but I didn't realize it was supposed to be A Thing, with an acronym and everything.
18
callmeed 8 hours ago 2 replies      
>> The combination of Russian Doll-caching, Turbolinks, and SJR is an incredibly powerful cocktail for making fast, modern, and beautifully coded web applications.*

I'm personally not against SJR and I haven't really gone whole-hog into any JS framework (Angular/Ember/Backbone) ... but almost every RoR developer I've talked to is disabling Turbolinks on all their Rails 4 apps. I personally find it slow to load/render in dev mode, which leads me to believe it would be confusing for users in production.

Is anyone using/liking Turbolinks for Rails 4 apps?

19
schpet 8 hours ago 1 reply      
is this secure by default in rails yet? i find it surprising that these techniques are promoted at the same time vulnerabilities are being publicly disclosed:

https://groups.google.com/d/msg/rubyonrails-core/rwzM8MKJbKU...

20
ilaksh 8 hours ago 1 reply      
I thought that was called JSONP?

Anyway this is clever from a traditional web development perspective but not from a contemporary one. I like to use AngularJS (with prerender.io when necessary for server side rendering). I write all the non HTML code for both the front and back end in ToffeeScript which is derived from CoffeeScript.

21
briantakita 5 hours ago 0 replies      
The web development world has been trending toward a Thick Client. This article is a call back to the Thin Client and centralizing all logic in the app server.

Most devs are still used to the Thin Client approach, so there is a productivity benefit to remain where you are familiar.

However, you can have just as many or more productivity enhancing libraries and practices in client side javascript as in the server side rails-like frameworks.

22
togasystems 9 hours ago 2 replies      
In general, is this a good practice? You do loose the ability to re-use endpoints on mobile.
23
smegel 8 hours ago 0 replies      
> unless you make youre doing a single-page JavaScript app

Yeah, cuz like no-one is doing that anymore. /s

24
vojant 7 hours ago 1 reply      
I don't understand what's the advantage of using SJR.
22
Doom released 20 years ago today wikipedia.org
214 points by timmillwood  18 hours ago   98 comments top 27
1
terhechte 16 hours ago 7 replies      
I just finished "Masters of Doom" a couple of days ago, and I've been on a sort of Doom/Quake/id/Carmack/Romero information frenzy ever since. It is beginning to consume almost too much of my time but very fulfilling since I was a huge Doom fan back when it came out (I created many levels and mods) and I also really liked the early Quake games.

So in the past weeks I read up on all the early id guys, and what became of them after they were fired or left, I did quite some (probably too much) reading on the mess that was Daikatana and how it came to be. I actually find this really interesting, to learn how a project backed with so many employees and so much money can fail so badly, there're probably lessons to learn here (I've even watched somebody play through Daikatana on Youtube).

While being on my search, I've found a lot of interesting or not so interesting things. So if you want to spend some time, here's an unordered list of trivia that I stumbled upon:

- Somebody playing through Daikatana: http://www.youtube.com/watch?v=nm3b0NJzhnQ

- Romero Himself on Daikatana, including a GB port of the game that actually got good reviews (never made it to the US though) http://rome.ro/games_daikatana.htm

- Awful public clash between John Romero and Mike Wilson (former Ion Storm Marketing guy): http://www.kotaku.com.au/2008/01/gamecock_head_tears_into_jo...

- Ravenwood Fair is a Facebook game that Romero did a couple of years ago (so that's what he's been up to recently): http://en.wikipedia.org/wiki/Ravenwood_Fair

- If you read Masters of Doom, you'll remember that it all started at Softdisk, when Carmack and Hall created "Dangerous Dave in Copyright Infringement", a Super Mario Bros copy. Romero uploaded the original game including their level editor, you can find it here: http://planetromero.com/games/dangerous-dave-in-copyright-in...

- Unreleased Doom Midi Music Files: http://planetromero.com/2007/06/doom-archaeology

Sadly, the original Doom editor, DoomEd was never released. I read that it wasn't particularly good (compared to what is available nowadays) but since it was written in NeXTSTEP, I'd love to port it current OSX (or at least give it a go).

2
drzaiusapelord 16 hours ago 2 replies      
John Carmack is only 43. He was 23 when this was released. It still blows my mind how young he is. Notch is only 9 years younger than him. Some people just get good at a very young age. Carmack is still in his prime and his move to the Oculus, hopefully, will bring sci-fi like VR to the masses.
3
mcphilip 17 hours ago 3 replies      
I still play Doom and Doom 2, I even list it as an interest in my HN profile. It's the perfect FPS, to me. There's still a reasonably active community making custom WADs. It's amazing what some people have come up with for this 20 year old series [1]. There's a ladder of difficulty in custom WADs that I've been working my way up over the years before finally throwing in the towel because of Scythe 2 Map 23 [2].

On a side note, John Romero and Tom Hall did an hour long post mortem on the design and development of the original Doom a couple years ago [3]. I found it interesting.

[1]https://www.youtube.com/watch?v=nxFlWeduknY

[2]https://www.youtube.com/watch?v=guHbCtbxiEo

[3]https://www.youtube.com/watch?v=EKg85-TXY5w

4
pavlov 17 hours ago 9 replies      
I respect the mastery of the Doom creators, but for me personally, it marked the point where computer games went downhill. Shooting at blobs through the eyes of an anonymous virtual character just never worked for me.

I remember playing Wolfenstein 3D for about an hour, then getting bored with the repetitiveness and lack of identification with the protagonist, and never touching the game again.

When Doom came out, I tried it for 10 minutes, concluded it's W3D with better graphics and aliens instead of Nazis, and never touched it again.

Of course I don't mind that others enjoyed the game. Unfortunately these games became so popular that everything turned to first-person 3D and killed most of the genres I had enjoyed, and so I eventually stopped playing completely.

5
sergiotapia 9 hours ago 1 reply      
John Carmack to me is the closes thing to a real Rock Star programmer in the world. He's one of the best software engineers and I follow him on Twitter to see what he's up to. Almost always it's something crazy and new.

Here's a video of John choking someone out: http://www.youtube.com/watch?v=X68Mm_kYRjc

He's a great role model to aspire to as a software engineer. :)

6
cmdkeen 18 hours ago 4 replies      
1/3 of the game released as shareware compared to today's pay for the game before it is done, sell it at release and keep selling you DLC.

At least with Steam the more obnoxious DRM has died a death for many games (Ubisoft I'm looking at you).

7
NAFV_P 16 hours ago 1 reply      
The chainsaw in DOOM is based on a real model: McCulloch Eager Beaver

http://en.wikipedia.org/wiki/McCulloch_Motors_Corporation

Since I've used a professional saw (such as a Stihl 260, a 650 and a Husqvarna 395 among others), the Eager Beaver just looks lame now.

Chainsaws should have a sticker on them that says how loud they are. The three mentioned above are around 115 decibels, three minutes of use without ear defenders will give you permanent hearing damage.

If you want to see a really mean saw...

http://www.southsidesales.com/stihl-ms-880-magnum-chain-saw....

8
bstar77 16 hours ago 2 replies      
I would argue that Wolfenstein 3D is more responsible for ushering in the first person shooter genre than Doom.

Wolfenstein was original in it's technology, Doom was based on that tech. Both were extremely popular in their time. The main difference is that iD sold their Doom 3d tech (which produced games like hexen and heretic) and did not with their Wolfenstein tech.

9
jimwalsh 17 hours ago 2 replies      
Wolfenstein 3D played a large part of driving my interest in computers and learning how they really work under the hood when I was young. Plus the release of MapEdit really made you feel powerful and a young kid getting involved in computers.

Doom is the point where I became interested in programming and it got me looking to how you actually made these games. id Software eventually open sourcing Wolf3D really helped spur that on. On top of that, Carmacks talk and his always interesting .plan file (a blog before blogs) made him seem very accessible and really opened up the world of game programming. I still enjoy going back and reading parts of the Wolf 3D or Doom code to see how they handled certain problems/limitations.

I'd agree with the other poster that 'Masters of Doom' is a great read and worth it to grab if you haven't read it already.

10
ColinWright 15 hours ago 1 reply      
See also "Doom as a SysAdmin Tool" : http://www.cs.unm.edu/~dlchao/flake/doom/

Submitted here, but no discussion:https://news.ycombinator.com/item?id=6881099

11
agumonkey 11 hours ago 0 replies      
Funny how very very creepy this game was and yet there was no problem with that. More than gore and 'biological' lets say, it had ingredients more haunting than Indiana Jones Temple of Doom (NPI) : corpses hanging, skulls, metal chains, spikes ... It didn't require effects to scare you, no hidden monster suddenly revealed through thromboscopic lights as in Doom 3. You just sink in this filthy space.
12
neovive 17 hours ago 0 replies      
I still remember playing Doom on my 486 DX2. It was a big step up from Wolfenstein 3D and really paved the way for the FPS gaming genre.
13
bsenftner 11 hours ago 1 reply      
I was working at E.A., on the 3DO console no less, when one day in early January of '94 one of the guys brought in a copy of Doom. That was the end of any productivity at E.A. for at least a week while that game erupted like a brush fire through E.A. advanced technology group.
14
shire 1 hour ago 0 replies      
I remember the first time I played Doom it was one of the best games I ever played, what beautiful memories, nostalgia.
15
js2 16 hours ago 1 reply      
Lots of mentions of W3D in the comments here. Wonder how many folks played the original Castle Wolfenstein on an Apple ][.
16
redbonsai 17 hours ago 0 replies      
There's a wonderful post on Metafilter about this very subject:http://www.metafilter.com/134597/Twenty-Years-of-Ultra-Viole...
17
ben1040 15 hours ago 0 replies      
I wonder how many people's GPA plummeted due to the fact that this was released straight into finals season at a lot of universities.
18
aaronetz 7 hours ago 0 replies      
An anecdote: One of my professors, Dan Gordon, authored a paper [1991 Gordon and Chen] which was used in Doom's engine implementation of BSP [1]. He was quite happy to learn about it from me, some 15 years later :)

[1] https://en.wikipedia.org/wiki/Binary_space_partitioning

19
MichaelTieso 17 hours ago 0 replies      
This is very fitting since I started reading "Masters of DOOM" book just a couple days ago. Haven't been able to put it down. Great read about the two Johns and the story of id Software.

http://www.amazon.com/Masters-Doom-Created-Transformed-Cultu...

20
rzt 16 hours ago 2 replies      
I was a Mac kid, so my world was Marathon, but I think a lot of the lessons are the same. I remember building my own custom worlds, really screwing up the physics, and then deleting en masse.

Whenever I play shooters now, I still think, "Man, I should just get a copy of Doom and play that instead." Too much noise in some of these games I just want to blow stuff up.

21
ChrisArchitect 16 hours ago 0 replies      
Some more nostalgia and retrospective over on Verge http://www.theverge.com/2013/12/10/5195508/doom-20th-anniver...
22
Zoomla 14 hours ago 0 replies      
Wolfenstein definitely started it but Doom was so much better. Modem to modem connections was great. OT: Comcast is having some real issues today.
23
yodsanklai 18 hours ago 0 replies      
Maybe it was a revolution in video games. But to me, it coincided with my forced transition from Amiga to PC. From then, I almost completely stopped playing video games (and programming as a hobby).

On a side note, I recommend the book "masters of doom" that that tells the story behind the game.

24
gnator 8 hours ago 0 replies      
Wow I am currently listening to the master of Doom is an amazingly good audiobook
25
kjozwiak 15 hours ago 0 replies      
Last week I decided to listen to all the keynotes from Carmack (2002-2013).. So much respect for this man and what he has done for the gaming community.
26
ilovecookies 12 hours ago 0 replies      
this could be interesting...

http://speeddemosarchive.com/Doom.html

27
reillyse 13 hours ago 0 replies      
This makes me feel very old.
23
Academia.edu slammed with takedown notices from Elsevier venturebeat.com
108 points by alecco  14 hours ago   44 comments top 10
1
jval 9 hours ago 1 reply      
Academia.edu face the same problems that all players in this space do, namely that almost all content in journals is owned by parties other than the authors themselves. It is almost like starting YouTube in a pre-handheld camera era, where the only videos are those produced by studios, and then targeting actors to have them upload the films.

Now that Elsevier have acquired Mendeley, they have chosen a winner from the battle between Mendeley, Academia.Edu, and ResearchGate. It is going to be fairly binary from here on in for the other two parties. Either Elsevier and other commercial publishers will try and sue them out of existence, or send them enough takedown notices to render them useless, or they will acquire them. Either way I can't see an endgame here between these three businesses that doesn't result in the academic publishing landscape remaining almost as balkanised as it was 5 years ago.

I think the ultimate winner in this space won't look anything like Academia.edu, RG, or Mendeley.

2
czr80 13 hours ago 3 replies      
It's probably irrational, but Academia.edu's domain really annoys me - I dislike a company using a .edu domain. It feels deceptive, in some way.

Come to think of it, implicitly calling for a boycott of another company while simultaneously trying to bootstrap a business based on violating that company's license terms feels pretty slimy too.

3
Osmium 12 hours ago 1 reply      
So I decided to finally fill out my Academia.edu profile recently and found there was no easy way to add papers. You could upload them or "import" them from another website, neither of which I could do due to the ambiguous copyright status of my papers, but you couldn't enter them manually. The most obvious and unambiguous way would be to enter a DOI, and have them query CrossRef for the paper metadata, but there seems to be no way to do that?

So, in a sense, are Academia.edu not encouraging this behaviour (which is frequently copyright-infringing) by making it hard to add references without actively uploading the pdfs themselves?

4
gjuggler 13 hours ago 2 replies      
There's nothing controversial here Elsevier merely bumped up the rate at which they're sending Academia.edu takedown notices for obvious infringement by its users.

What's more interesting to me is that ResearchGate, a site which is virtually identical to Academia.edu in its "mission" and design, has been redistributing a shockingly large number of Elsevier PDFs for a long time. Unless these google searches are misleading, there seem to be many thousands of them:

https://www.google.com/search?q=site:researchgate.net+filety...

https://www.google.com/search?q=site:researchgate.net+filety...

I'm really stumped as to how ResearchGate gets away with this, but Academia.edu is getting hit with DMCA takedowns. Maybe Elsevier and other publishers haven't yet learned to reliably "find" ResearchGate's shared papers, or perhaps they've come up with some arrangement that allows them to publicly share thousands of paywalled PDFs with impunity?

5
rmk2 13 hours ago 1 reply      
I only see winners in this: I think both Elsevier and academia.edu are bloody plagues, and whoever loses, I'm happy. The way I see this, either people are turned off academia.edu or away from Elsevier, both of which are desirable results in my opinion. So...good job, I suppose?
6
sjg007 12 hours ago 0 replies      
There's actually a simple technical way around this. Don't store the paper. Store a file hash and let the user access it via approved channels. Most users here will have legitimate access via their institution, or can easily find the paper via Google. Dedupe on upload and link to approved Elsevier stores. Easy peasey.
7
res0nat0r 13 hours ago 1 reply      
Are the papers being DMCA'd under copyright by Elsevir?
8
ivan_ah 13 hours ago 0 replies      
9
arabellatv 11 hours ago 0 replies      
The best things in life are free. And that's the problem here. Knowledge sharing, MOOC's (massive open online courses) and open source education is awesome and gives accessibility to the best information in the world. When you have a lot of knowledge, it becomes a commodity--and a precious commodity should have a high price tag, right?But knowledge really is priceless, and like paying for love, when you pay for knowledge, you might not get what you pay. And like paying for love, sometimes pimps want to control the market. And is that necessarily wrong? Because to make knowledge profitable means to make it sustainably accessible. A friend of mine (@habib) is a product manager at Elsevier and I wonder what he thinks about this. He happens to have been recruited by the company years ago from his blog on library science, and now he works on finding up-and-coming knowledge innovations. I'm going to tweet this to him and see what he thinks.
10
Empathenosis 6 hours ago 0 replies      
So, what the internet was for at the beginning....is not what the internet is for now?
24
Turn any application that uses stdin/stdout into a WebSocket server github.com
279 points by adito  23 hours ago   85 comments top 11
1
tlrobinson 22 hours ago 4 replies      
Basically the same thing in Node.coffee, just because:

    { Server } = require 'ws'    { spawn } = require 'child_process'    command = process.argv[2]    args = process.argv[3..]    wss = new Server port: 8080    wss.on 'connection', (ws) ->      ps = spawn command, args      ps.stdout.on 'data', (data) -> ws.send data.toString()      ws.on 'message', (data) -> ps.stdin.write data.toString()      ws.on 'close', -> ps.kill()      ps.on 'close', -> ws.close()
(Needs a bit more error handling)

2
joewalnes 16 hours ago 2 replies      
Author here.

If you use this on top of programs like bash, well ermm, you get what you deserve ;).

Here's an example of how I used websocketd to create a little dashboard for monitoring Linux CPU/memory/IO stats. It basically uses websocketd to stream the output of vmstat to a web-page that plots the numbers: https://github.com/joewalnes/web-vmstats

Other useful examples: tailing log files, executing long running job and monitoring output, or interactive querying of datasets that require a long running 'cursor'.

This is not for everyone or everything. Remember that like CGI, a process is forked for each connection so it's not the kind of thing if you want to handle a million concurrent connections on a single server.

However for dashboards, admin tools, quick mashups, visualizations, etc - it's a pretty handy tool.

3
xxchan 22 hours ago 6 replies      
Amazing how the old is new again. Welcome back, CGI!I hope everyone's aware that this is just a toy and should never be used to do any real work, because most command line tools were never written to be exposed to the internet at large.
4
babby 21 hours ago 1 reply      
For some stupid reason I hadn't considered that logging stdin/out/err to a web interface for my node.js web apps via websockets. To think, I made a browser-side web IRC interface, and didn't consider this. It would be so useful for my clients, who don't know how, or find it too archaic to ssh in.

To just open up the admin area and see what's going on, provided they're indeed full-permission admins. Then, to actually send input from said interface, that could make ssh'ing into the server something one need not do often beyond initially setting up the app.

Thanks for the idea. Assuming we're not running as root, and the admin side of things is secure, am I not considering any critical pitfalls of this approach? Also, any frameworky cmsy thingers that already do this? Is this new, am I a unique snowflake?

5
gren 21 hours ago 4 replies      

    websocketd --port=8080 bash
Then in the browser console:

    ws.send("ls")
I just ported bash to the web :)

6
phaed 22 hours ago 1 reply      
This is beautiful. I can think of a dozen use cases for this right now for one of my pet projects.
7
guard-of-terra 21 hours ago 1 reply      
Is this just xinetd for the ignorant?
8
minikomi 21 hours ago 1 reply      
Awesome.. I use the same kind of thing to monitor adb output sometimes:

https://github.com/minikomi/pipesock

also in go.

Edit: Doesn't do any receiving, only pipes to a socket what it gets.

9
hepek 21 hours ago 2 replies      
isn't this reimplementing netcat -e command?

http://linux.die.net/man/1/ncat

10
eddywebs 15 hours ago 2 replies      
If the shells script takes input parameters can we pass that and eventually turn it into some kind of web service ?
11
schrodinger 22 hours ago 4 replies      
anyone getting an HTTPS warning? It's telling me that github.com cert was signed by an untrusted issuer...
25
The AeroFS Private Cloud aerofs.com
105 points by yurisagalov  14 hours ago   55 comments top 12
1
rdl 11 hours ago 4 replies      
Silicon Valley startups might not think it's a big deal, but being able to run entirely on a private network (either "behind a firewall", or an entirely disconnected network) is pretty huge. Without AeroFS, your choices today kind of suck, especially for 10-500 person companies (or bigger companies where your corporate option sucks or isn't available). Dropbox doesn't work if you care about security. You're left with various forms of SMB crap, more backend-type things like iSCSI, or either blasts from the past (nfs, afs) or science projects (zfs).
2
zentrus 14 minutes ago 0 replies      
Overall I think their approach for easy installation and configuration is a good one. I struggle with these same issues at my job--we sell products with a complex application stack to customers that often have no system administrators. The only issue I see here is with the upgrade path. Particularly for a product that is meant for file storage, I can't imagine downloading a 1TB backup file and uploading it again every time there is a new release.
3
HorizonXP 14 hours ago 4 replies      
So I'm actually setting up a private cloud for my company right now. It's a company of 1, so the requirements are quite extensive. :-P

I'm building a FreeNAS server with 6x3TB hard drives in a RAID-Z2 config. My goal is to allow my Mac to use it for Time Machine backups, but to also use AeroFS as my file sync mechanism when I'm both in the office and on the road.

Hopefully it works out smoothly. I'll have to figure out how to access the machine from behind my router, and I'll have to determine how to get it to automatically back up to S3 + Glacier. I think there's going to be a lot of details that I'll have to research here.

4
magic5227 13 hours ago 3 replies      
Has anyone compared the reliability of this to Bittorrent's solution? I tried Aero a while ago and found it to be very buggy then. Are there any major differences between the two?http://www.bittorrent.com/sync
5
smtddr 11 hours ago 0 replies      
I've been using AeroFS for awhile on Linux(Mint & Debian).I have to say it's pretty nice. I don't actually know what makes it better than dropbox and all the other choices; never looked into any advanced features. A buddy just sent me an invite & I started using it and now it's part of my workflow since it works reliably between my work & home machine.
6
rajbala 10 hours ago 0 replies      
An "enterprise Dropbox" conversation is one that many customers will have with AeroFS. I know this from experience trying to sell this very type of product.

The challenge is that sales cycles are long and potentially high touch. One way to mitigate that is by getting sales distribution through 3rd parties. But avoid integrating with a bunch of 3rd party storage platforms unless you get commitments for leads from the vendors. In other words view integration efforts as an engineering to sales arbitrage.

7
kirillzubovsky 14 hours ago 0 replies      
Sounds like a great idea, especially for all the companies that are thinking about building their own cloud. I suspect building is their highest cost, and if by plugging AeroFS in that could be eliminated, that sounds like just the right way to go!

I am curious, what other sales mechanisms and/or software packages have you tried before you settled on private cloud w/out touching your servers idea?

This may be counter-futuristic, but what if you sold them servers, along with your software? What if you gave your clients the best in classes storage, coupled with the best way to manage it? I suspect you've thought about it before and I want to know what the reaction was like.

Enterprise clients are a black box for me, so anything else you share would be interesting to know.

8
Bjoern 13 hours ago 1 reply      
I'm new to AeroFS. How does it measure up against eg. Owncloud? Any important pro's and cons?
9
bifrost 13 hours ago 0 replies      
AeroFS is the solution to so many of my problems, its really pretty great.

I've been advising my customers to look at it for quite some time now :)

10
anthonys 5 hours ago 0 replies      
It'd be interesting to know your process for creating and maintaining the appliances you distribute to clients and any tools/packages you chose to help do it.
11
pedrocr 14 hours ago 2 replies      
I'd much rather have an Ubuntu PPA to deploy this over an existing server with chef/puppet than having to deploy this over virtualization.
12
hemancuso 7 hours ago 0 replies      
So AeroFS had been in beta for like 4 years so they could do serverless peer to peer dropbox. And now they are launching a private cloud server product. Can't help but worry that these guys don't have any clear product they are committed to.
26
Madagascar village 'hit by bubonic plague' bbc.co.uk
38 points by rb2e  8 hours ago   26 comments top 6
1
Renaud 7 hours ago 1 reply      
Madagascar is such a beautiful country, with lots of natural resources (oil, rare timber, minerals) and 90% of its fauna and flora is endemic. It's huge, has almost any kind of scenery you could wish and is easily one of the most interesting places to visit on earth.

Those interested should check out Sir David Attenborough's 4 part series on Madagascar: http://www.bbc.co.uk/nature/collections/p00db3n8

Yet it suffers from extreme poverty, an unbelievable level of corruption at all levels, and an education system that leaves everyone behind (school isn't free, so most kids can't afford it).

In recent decades, poverty has made the population desperate, levels of violence have risen, kidnappings are common, there is no real reason to think that the current elections are going to solve anything, those aspiring to be in power have proven to be as corrupted as those who are already in place.

On top of that, during the cyclone season (hurricane/typhoon if you come from other parts of the world), the island becomes a giant target and gets hammered by bad weather: houses destroyed, roads cuts, etc

In that context, it isn't surprising to learn that old diseases like the bubonic plague could easily get a hold; sanitation isn't high in the list of priorities.

2
atdt 2 hours ago 0 replies      
"And, indeed, as he listened to the cries of joy rising from the town, Rieux remembered that such joy is always imperiled. He knew what those jubilant crowds did not know but could have learned from books: that the plague bacillus never dies or disappears for good; that it can lie dormant for years and years in furniture and linen- chests; that it bides its time in bedrooms, cellars, trunks, and bookshelves; and that perhaps the day would come when, for the bane and the enlightening of men, it would rouse up its rats again and send them forth to die in a happy city." -- Camus, "The Plague".
3
joseph_cooney 7 hours ago 2 replies      
I never realized until recently how the high mobility of goods, flexible trade system etc. brought about by the rise of the Mongol empire a few centuries before, allowed the Bubonic Plague to spread from south-east asia through to the middle east and europe in a relatively short time. Your greatest strength is also your greatest weakness.
4
mehmehshoe 3 hours ago 2 replies      
Funny, I've been wondering when that little bug was going to surface again. Interesting that it sprung up in a relatively secluded island nation which would be comparatively easy to quarantine. If that hit in the slums of India or Brazil...CDC would be losing their shit right now.

Speaking of the CDC, nothing about the outbreak on their website right now. Neither in the news or outbreak sections. I also checked the travel section and the plague does not show up on the radar as a disease with a history in that nation.

5
soogan 7 hours ago 5 replies      
Is it too soon to say they should have closed their seaport?
6
gboudrias 4 hours ago 0 replies      
Come on man, this isn't reddit. Your comment is not constructive.
27
Bitcoin 0.8.6 Released: Updates Block Size Limits, Free Transactions, OS X Bugs thegenesisblock.com
114 points by CrunchyJams  15 hours ago   19 comments top 5
1
newsmaster 0 minutes ago 0 replies      
Genuine question: Does this mean Btc is not so decentralized after all? Could they possibly decide one day to release an update to exercise ultimate control/power over btc?
2
ck2 11 hours ago 1 reply      
Bitcoin is about to break 1 Billion difficulty.

The leap in difficulty must mean all the 500-600Ghash/sec 28nm ASICs are coming online.

3
nhilma 2 hours ago 0 replies      
By lifting min output for free transction does the bitcoin network become more vulnerable to DDOS?
4
aroch 15 hours ago 3 replies      
No one claimed the 10BTC bug bounty for the OSX client, so its all a matter of hoping things are fixed
5
AsymetricCom 12 hours ago 2 replies      
Seems kind if weird that Bitcoin (actually bitcoind) itself would be dependent on a google-developed database solution that isn't open source, and not only that, has non-determinate behavior, depending on the host system..
28
OK, Milt Olin, I'll start writing again sivers.org
530 points by revorad  1 day ago   62 comments top 12
1
sivers 1 day ago 4 replies      
Wow. Thanks for the unexpected post & votes here, HN buddies. This community is an ongoing inspiration.
2
hudibras 1 day ago 3 replies      
You try to do everything right (helmet, bike lane, daylight riding), and then a police car runs you over and kills you.

Sometimes I don't know why I bother doing anything except spending time with my family. I tell myself that I've got to pay the bills, be an adult, etc., but is it really worth it when everything can be over in an instant?

Now I'm depressing myself. Maybe reading another couple HN articles will cheer me up...

3
visakanv 1 day ago 3 replies      
I've always been bothered by what I call this 'life-perspective problem", and of course, I'm always bothered more when something horrible like this happens. (The preceding statement has its own problem buried in it- because something horrible is always happening, at every second.)

I've spoken about it in other forms- "procrastination should be solved by lighting fires, not filling buckets" and so on. There is powerful emotional energy to be harnessed, but a lot of us (maybe just me, but clearly others too) have no idea how to manipulate it effectively, so we typically go without it. When we do get a flash of inspiration, the energy needs to go into a system where it generates something lasting- otherwise we just get the one-off blogpost or product that doesn't go anywhere. We get tired and everyday life dehumanizes us again.

It's the same central idea: Can we modify our circumstances and environment such that they remind us of the things that matter, in a way that disrupts us from settling into sub-optimal comfort zones?

I used to think that maybe this was a self-indulgent problem that I had, simply romanticizing the moping around, but clearly it afflicts even highly productive and accomplished persons like Mr. Sivers. Clearly this is a broader human problem- our inability to contextualize things, to see the bigger broader picture except when it's too late, or when we're unexpectedly inspired.

Is meditation the solution? I think meditation is a practice that encourages the broadening of perspective, but I'm sure there are other ways to reach the same destination- I'm sure we could design for it into our media, into our daily lives.

There is some very meaningful work to be done in this "perspective/reminder" space, but I don't know what exactly, and I don't know how to do it. But I'd like to get involved in it somehow, someday, before it's too late.

I hope this is helpful to someone. Thanks for sharing, and thanks for reading.

4
sergiotapia 1 day ago 0 replies      
Sorry for your loss. I used to ride my bike everywhere when I was in my late teens; these days I can't imagine doing that. All it takes is one distracted driver to cause terrible loss.
5
leokun 1 day ago 9 replies      
Riding bikes is super dangerous. I always slow down and give bikes a lot of space. I also think bike riders should ride on slower, non-busy roads whenever possible, but I'm not at all blaming bike riders.
6
donretag 1 day ago 1 reply      
The other thread regarding Milt's death: https://news.ycombinator.com/item?id=6875151
7
3pt14159 1 day ago 0 replies      
sivers your work is some of the truly best.

I'm so sorry for your loss, I've never lost a close friend so I have no idea what you are going through, but obviously if there is anything we can do to help just put out the word.

8
menosee 1 day ago 0 replies      
Derek -- This is a nice piece in a difficult time. I am childhood friends with one of Milt's sons and know his family appreciates all the love being sent their way. Thank you for sharing with everyone.
9
iamthepieman 1 day ago 0 replies      
Sivers, may you be at peace.

It took a death in my family to make me realize that I needed to "start writing again". That was several years ago and I see myself in some of the old ruts and in some that are newly worn. I wonder how many tragedies before I learn my lesson.

10
javindo 1 day ago 0 replies      
Wow, just like that. This was amazingly sombre, sorry for your loss and thank you for your inspirational words.
11
sidcool 1 day ago 0 replies      
Sorry for your loss, Derek.
12
camkego 22 hours ago 0 replies      
Setting up dual booting two OSes is not a good use of my time?
29
Our first data centers in Asia are up and running googleasiapacific.blogspot.com
3 points by sciwiz  1 hour ago   1 comment top
1
zzzaim 3 minutes ago 0 replies      
Good news. Hope this also mean Google Compute Engine / App Engine will soon have regions/zones in Asia.
30
FreeBSD 10.0-RC1 now available freebsd.org
65 points by samwilliams  12 hours ago   28 comments top 6
1
McGlockenshire 9 hours ago 1 reply      
They've published a change summary on the wiki:

https://wiki.freebsd.org/WhatsNew/FreeBSD10

2
lorenzfx 6 hours ago 0 replies      
I'll take that as an opportunity to remind you of the FreeBSD Foundation's Year-End-Fundraising campaign (I gave them some money for the first time just last week, to support some of the awesome work they have been doing)https://www.freebsdfoundation.org/donate/
3
chrisblackwell 11 hours ago 1 reply      
Looking at the schedule, we can expect the full release to be out the day after New Years.
4
izietto 9 hours ago 6 replies      
I don't have much experience of FreeBSD, but I'm curious about it: for what purposes is FreeBSD used? Is it common in some work environments?
5
lvs 7 hours ago 1 reply      
The linux kernel basically already does this, right?

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.g...

6
vacri 8 hours ago 0 replies      
FreeBSD X?
       cached 11 December 2013 08:02:01 GMT