hacker news with inline top comments    .. more ..    14 Aug 2014 News
home   ask   best   5 years ago   
1
What Do Blind People Actually See?
182 points by dnetesn  9 hours ago   85 comments top 20
1
deanclatworthy 0 minutes ago 0 replies      
A great article. I recently visited the "Blind Exhibition" in Warsaw. They show you some items that blind and visually impaired people use on a daily basis and then you have to guess what they are for. I'd never contemplated how blind people know when a coffee cup is full, or pair their socks.

They then take you into a series of rooms (bathroom, the street, art gallery, kitchen etc.) which are completely black. Not a shred of light. You are blind. I can't describe how it felt other than terrifying. I didn't know if my eyes were open or not. It wasn't the black that I saw when closing my eyes, or am sleeping in a dark room. It was this empty hollow of nothingness.

I highly recommend the exhibition if you're ever in Warsaw, and I think they have it in a couple of other cities:http://niewidzialna.pl/en/

2
jareds 8 hours ago 7 replies      
As someone who has been blind since birth this is accurate. I know that people who go blind later in life continue to dream in color since they have the memory of color to reference while I do not. I wonder if someone who goes blind later in life experiences things differently, possibly by automatically filling in what they assume they would see based on what they know of there surroundings from there other sences.
3
bramd 7 hours ago 1 reply      
First of all, be aware that the group that's actually totally blind is relatively small. Most people who are legally blind have some form of light perception, or can see something. I've been totally blind since birth.

Blind people can have a good or bad sense of direction, just like their sighted peers. I think the device described in the article might be more useful on short distances and less relevant for knowing where your home is while you're far away from it. This because blind people don't have the visual queues to determine if they're walking in a straight line for example. Getting immediate feedback could help with such skills and learn them how to verify the signals from the device with other senses.

Sensory substitution, aka how to replace input from one sense with input from another is a quite interesting topic.

4
tokenadult 8 hours ago 2 replies      
A very interesting take on the perceptions of blind people. I don't think I am acquainted with anyone who has been entirely blind from birth (which is a rare condition of life). I know a professor of psychology (who indeed does much of his research on human visual perception)[1] who has very limited vision, and thus is "legally blind." He began life, I think, with a bit more vision than he has now, but has long been visually disabled. In a personal conversation, he related that his originally intended research field was astrophysics, which of course can be studied by analyzing instrument readings from radio telescopes and other devices that don't necessarily have visual outputs. My wife is his piano teacher, and she has had to adapt her teaching to her first student who cannot read a printed musical score.

A much younger person I know who has very limited vision (and the prospect of declining vision as she grows up) attends summer mathematics programs with children running around playing soccer and Frisbee and seems to handle that with aplomb. To not even be able to recognize shapes or moving human beings, something that the blind people I know best are still able to do, would be especially challenging.

Aside: Have you all noticed that people who have acquired profound deafness that begins in adulthood have much less understandable speech than people with normal hearing? Apparently we all rely on feedback from our own senses to keep our speech behavior within the phonologically normal range of whatever language we speak as a native language, and habit alone can't maintain the fine tolerances necessary for readily understandable speech.

AFTER EDIT: Of course anyone can experience total lack of sight simply by going into a totally unlighted place. The human eye doesn't emit vision rays, after all (even though the ancient Greeks seemed to think otherwise), so if you are where there is no light, you see nothing with your eyes.[2] Studies on the human diurnal behavior cycle are sometimes done in deep caves with no source of artificial light.

[1] http://legge.psych.umn.edu/

[2] http://www.spring.org.uk/2008/03/50-of-college-students-thin...

http://www.npr.org/blogs/health/2013/10/30/241906619/seeing-...

5
pje 1 hour ago 0 replies      
Herzog's Land of Silence and Darkness [0], which follows some elderly members of the German deaf-blind community, is one of the most fascinating documentaries I've ever seen. One quote in particular has stuck with me since I saw it years ago:

People think that deafness means silence, but they are wrong. It is a constant noise that ranges from a gentle whisper going through some cracks to a constant buzz, which is worse.

[0]: http://en.wikipedia.org/wiki/Land_of_Silence_and_Darkness

6
mkoryak 2 hours ago 0 replies      
A couple of years ago I read a non-fiction book called Crashing Through[1] - about a guy who was blinded by some chemical at a very young age (<1y) and was able to have his vision restored in his 40s via a new procedure.

It went on about some difficulties he had processing the new data. His brain had to "learn" how to see. It was so difficult that he would sometimes close his eyes and and rely on his echolocation skills to navigate.

Very interesting book if you want a first hand account of what it is like to go from being blind to being able to see. (and also about being blind)

[1] http://www.amazon.com/Crashing-Through-Extraordinary-Story-D...

7
icantthinkofone 2 hours ago 0 replies      
Many years ago, blind people might put their hands on your face to help them get a sense of you. A blind friend of mine, Jim, got in the car with us, one night, and sat next to a friend he did not know. He put his hands on the other guy's face, then paused, then said, "Man, you are uuuuuugly!".
8
eru 8 hours ago 3 replies      
I still want that vibrating compass belt.
9
tempestn 5 hours ago 0 replies      
This made me realize that while it is instinctively difficult to imagine a lack of sight or touch, a lack of sound, smell, or taste, seems relatively easy to imagine. Sight vs sound is especially interesting; we tend to think of lack of sight as blackness, as the article describes, but there doesn't seem to be an instinctive parallel for lack of sound (at least in my mind). I guess it would be "silence", but that's much more akin to lack of sound than the concept of blackness is to lack of sight (even if blackness is technically lack of light).

Although having written that, I now wonder whether a person who loses their hearing might be plagued by phantom hums or such things, as can sometimes happen to hearing people when exposed to extended silence.

10
steffan 8 hours ago 3 replies      
> When the belt experiment was over, Wachter felt lost

It seems slightly cruel to me to give someone a device to augment their senses without some provision for them to continue using it if the experiment is successful.

I suppose it's also possible that Wachter didn't want to continue using / being reliant upon the belt despite the loss of the spatial sense it had provided.

11
tylerpachal 2 hours ago 0 replies      
For me this raises a question on a slightly different topic: if you're born deaf, what languages do you think in? I can consciously think in English and French, but if you have never heard a spoken language before, what would your thoughts be like?
12
jamesjyu 7 hours ago 0 replies      
This reminded me of the language of the Guugu Yimithirr [1] who always describe left/right/forward/back with cardinal directions. Thus, they always have a great sense of direction, and know where north is, even indoors. In that case, it's like the vibrating belt is built into the language.

[1] http://www.nytimes.com/2010/08/29/magazine/29language-t.html...

13
janus 5 hours ago 1 reply      
This story reminded me of the guy that had a magnet implanted in his pinky finger, who was then able to sense electromagnetic fields and other stuff

http://gizmodo.com/5895555/i-have-a-magnet-implant-in-my-fin...

14
dkresge 7 hours ago 1 reply      
I was born (40 some odd years back) with an underdeveloped optic nerve in my left eye. An early surgery for Amblyopia corrected my gaze, but those first years of wearing a patch over "my good eye" resulted in nothing more than a lot of stress for my folks. And while I attempted to explain what I could see (are they shadows?), I never really had an answer as to why I could count "how many fingers" someone was holding up. Curiously, it was only within the past few years that I realized my left eye renders what one perceives peripherally. Hold your hand to the side of your head -- it's there, but do you really _see_ it? I can't imagine putting blindness into words.
15
cel1ne 7 hours ago 0 replies      
I have exotropia on one eye and completely lack binocular vision.

My right eye is my "main" eye (95%) and my left eye just submits the missing parts from the left that my right can't see because of the nose being in-between.

I always have the right side of my nose in my field of view, except that at the same time it's somehow not there. Like 50% opacity. The left side of my nose isn't visible.

When I "hide" a finger behind my nose for the right eye and look in it's direction it's gone. When I stare straight forward, it appears again.

(My) vision is weird :).

16
3pt14159 7 hours ago 0 replies      
A blind person once explained it to me:

> I see what sighted people describe as "white". When I ask a sighted person what they see out of their elbow they typically get it. They see "nothing", but if pressed will usually say "static" or "white".

17
joedevon 6 hours ago 0 replies      
Tommy Edison, the Blind Film Critic's take: https://www.youtube.com/watch?v=ZDHJRCtv0WY
18
dicroce 3 hours ago 0 replies      
They see what you see out of your elbow.
19
gd1 8 hours ago 1 reply      
I suspect you experience true blindness (briefly) during laser eye surgery, when the flap is cut in the cornea. I remember how odd it felt - the feeling of seeing nothing at all, not even darkness.
20
gohrt 8 hours ago 2 replies      
Strange that the article doesn't mention the blind spot that everyone as.

http://en.wikipedia.org/wiki/Blind_spot_(vision)

2
Let's build a browser engine Part 3: CSS
45 points by TheHydroImpulse  5 hours ago   discuss
3
What's the matter with PGP?
180 points by silenteh  13 hours ago   96 comments top 22
1
tptacek 12 hours ago 7 replies      
At one point in this essay, Matt suggests that every successful end-to-end encryption scheme has employed transparent (or "translucent") key management. What he's referring to is the idea behind, say, OTR: two people can use it without the key handshake required by PGP.

Matt is wrong about this. He's being victimized by a pernicious fallacy.

It certainly appears that the most "successful" cryptosystems have transparent keying. But that's belied by the fact that, with a very few exceptions (that probably prove the rule), cryptosystems aren't directly attacked by most adversaries... except the global adversary.

In the absence of routine attacks targeting cryptography, it's easy to believe that systems that don't annoy their users with identity management are superior to those that do. They do indeed have an advantage in deployability! But they have no security advantage. We'll probably find out someday soon, as more disclosures hit the press, that they were a serious liability.

There is a lot wrong with PGP! It is reasonable to want it to die. But PGP is the only trustworthy mainstream cryptosystem we have; I mean, literally, I think it might be the only one.

2
pdkl95 2 hours ago 0 replies      
Problem:

PGP is complicated (VERY complicated, to the average user), resulting in next to zero adoption.

Suggestion:

Simplify the goals in a way that can be upgraded at at some later date.

I think we need a browser plugin (All browsers. Other non-browser tools too, ideally, but the browser is important) that lets you securely SIGN posts locally in a style more or less like GPG's --clearsign option. Ideally, this should literally be --clearsign for compatibility, with the plugin hiding the "---- BEGIN PGP SIGNED MESSAGE ----" headers/footers, though these details are less important.

The key should be automagically generated, and stored locally in a secure way. (Bonus points for leting you use the keyrings in ~/.gnupg/ as an advanced, optional feature). The UI goal is to simply let people post things and click a sign this button next to a <textarea> or similar. Ideally, later on, this could become sign-by-default.

On the other side, the browser plugin should notice signed blocks of text and authenticate them. Pubkeys are saved locally (key pinning). What this provides is 1) verification that posts are actually by the same author, and 2) it proves that someone is the same author cross-domain (or as different accounts/usernames).

No attempt is made to tie the key to some external identity (though this would be somewhat easy for to prove). The idea is to remove the authentication problem (keyservers/pki) entirely. This can be man-in-the-middled, but the MitM would have to be working 100% of the time or the change in key will be noticed.

No attempt is made regarding encryption (hiding the message). This should also greatly simplify the interface.

The goal here is to get people using proper (LOCAL STORE ONLY) public/private keys. The UI should be little more than a [sign this] button that handles everything, and a <sig ok!> icon on the reading side. It should be possible to get the average user to understand and use such a tool.

Later, when the idea of signing your posts has become more widespread and many people have a valid public/private key pair already in use, other features can be added back in. As those "2nd generation" tools have a large pool of keys to draw from, it should be easier to start some variant of Web Of Trust. Even if that never happens, getting signing widespread is useful on its own.

I realize this doesn't protect against a large number of well-known attacks, and only offers mild protection against MitM. This is intentional, as the goal is getting people to actually use some minimal subset of PGP/GPG-like tools, possibly as an educational exercise. The rest of the stuff can be addressed later.

3
acqq 1 hour ago 0 replies      
Why isn't RFC 1751

http://www.ietf.org/rfc/rfc1751.txt

used to provide the fingerprints that are readable? Verifying would be much more convenient than now.

"For example, the 128-bit key of:

         CCAC 2AED 5910 56BE 4F90 FD44 1C53 4766
would become

         RASH BUSH MILK LOOK BAD BRIM AVID GAFF BAIT ROT POD LOVE
Likewise, a user should be able to type in

         TROD MUTE TAIL WARM CHAR KONG HAAG CITY BORE O TEAL AWL
as a key, and the machine should make the translation to:

         EFF8 1F9B FBC6 5350 920C DD74 16DE 8009"

4
Tharkun 8 hours ago 2 replies      
Learning to drive a car is hard. You have to watch the road, coordinate hands and feet, anticipate other drivers' moves and so on. No one bats an eye about this, because "it's a skill you have to learn". If you don't play by the rules of the road, you'll end up killing someone, or getting killed.

But for some reason (maybe because it's generally less life-threatening), people seem to expect deeply complex subjects, like e-mail encryption and identity management, to be easy. "Yeah, if you can just give me a fancy, easy-to-use GUI with forward secrecy, that'd be great!" Sure, it'd be great. But it's not going to happen. And that's not because PGP is broken -- of course, it does have its weak points. It's because people are too lazy to bother to learn.

What's the old addage? You can have quick, cheap and reliable. Pick two? Same here. You can have secure, easy to use, and reliable. Pick two.

5
rmoriz 11 hours ago 3 replies      
In my opinion, mail crypto needs to become mainstream usable. E.g. even trivial contents should be encrypted by default and this should be usable by default. Currently, S/MIME does a better job than PGP.

While the CA-model seems to be broken in most X.509 use cases, like TLS/SSL, where a duplicate certifcate can be used to do a man-in-the-middle-attack, this does not really affect S/MIME, especially after both parties started a "conversion". People that need to communicate "really" secure, should therefore be able to ignore all "CA-Trust" and white-list certificates on a per user basis (e.g. like PGP).

Ordinary communication still can by default fall-back to the existing CA-model to keep it usable (but not secure).

Some steps:

1. We need more love by the MUA-vendors, who mostly support S/MIME but it's still a PITA to use. Google e.g. still does not support S/MIME on android, see https://code.google.com/p/android/issues/detail?id=34374

2. We need CAs that are usable. StartSSL is nice and free, but it's not easy to use. Lower the entry barrier for getting and renewing/recreation of certificates

3. (most important) Make it easy to manage local CA-trust. On each new system, the user should be able to select a "trust no CA/whitelist only" approach and then be responsible for trusting other parties. No vendor (Microsoft, Apple, Google, Mozilla) should silently distribute and trust new CAs without users consent.

6
Teodolfo 2 hours ago 0 replies      
The user needs to control the encryption, not Google or Yahoo. Surely Google is not proposing a system that prevents them from reading your email and serving you ads? Until we have something that actually prevents Google and Yahoo from getting the plaintext, none of the other problems matter that much.

The NSA isn't my concern, Google etc. are. I don't want to bother going to the lengths necessary to secure myself from the NSA since that just isn't practical. But it would be nice if google and its employees didn't have access to the plaintext of my email. If I send an email to anyone using gmail and they decrypt it in a way that lets google see my text when they reply, all of my own security steps are worthless.

7
junto 10 hours ago 2 replies      
I'm using TextSecure on my Android phone as a Messaging replacement and it is great. However it appears to me that the service is not decentralised in any way. Is that assumption correct?

I like the email model such that anyone can install and run an email server. I'd actively push friends, family and colleagues to use a decentralised email replacement that was as easy to use and secure as TextSecure.

8
blueking 9 hours ago 2 replies      
I don't agree. I use GPGtools on OSX with the openpgp smartcard and it works flawlessly and is truly convenient. Furthermore I can use 4096 bit RSA keys.

One thing I have learned watching the crypto forums over the years is that there are well calculated misinformation campaigns trying to dissuade people from using secure methods. I see it again and again and the people on this forum need to think carefully before swallowing this as sincere.

I would never never never trust a solution from Google or any large American corporation. They have just been caught lying about prism (Google) and taking bribes (RSA). These companies are now and always will be totally untrustworthy.

9
ef4 11 hours ago 0 replies      
Yes, usability is the problem. But none of these proposed solutions manage to actually solve the usability problem without throwing out the security.

We really do need to let users manage trust, because trust is a rich concept. And humans are actually really good at trust, because we've been thriving and competing with each other in complex social situations for a long time.

The trick is finding ways to recruit people's evolved trust behaviors into an electronic context. That is, can we build meaningful webs of trust through repeated social interactions, just like in real life?

So it's not the mail client vendors who are best positioned to solve the problem, it's the social networks.

(Whether they want to solve the problem is a separate question.)

10
BillFranklin 5 hours ago 0 replies      
I think https://lavaboom.com/en/ addresses most of the issues mentioned. Just because pushing for privacy (an abstract idea, difficult to measure the worth of - especially on the Internet) is hard doesn't mean we shouldn't do it. Encryption is one of the fews things we can rely on and we should be using it. PGP isn't a lost cause, we just need to make it easy use - this includes automating (to some degree) the key exchange. /I'm one of the founders of Lavaboom, happy to answer any questions/
11
alaaibrahim 5 hours ago 1 reply      
> Now let's ignore the fact that you've just leaked your key request to an untrusted server via HTTP.This is a public Key, so secrecy it's not needed here, also he is providing the Fingerprint on another location, so if there was a MITM attack, it should happen on both twitter (HTTPS) and pgp.mit.edu
12
jolan 11 hours ago 0 replies      
Here's a handy guide which addresses a couple of these problems:

https://help.riseup.net/en/security/message-security/openpgp...

13
lelf 11 hours ago 0 replies      
Not mainstream suck.

Also, about terrible mail client implementations, the problem is, to not be terrible for many is to be built-in to GMail (and work transparently there). The consequences of that are obvious I hope. So no, thanks.

14
TeMPOraL 9 hours ago 2 replies      
Just a random thought - maybe there is a way to nail hard the point that "you cannot have security if you're lazy"? The society expects people to do driving licenses before getting behind the wheel. Why not expect people to put some amount of effort to be able to get mortgage or interact with court, etc.? Sure, many people will screw this up, but maybe this will be enough to secure majority.

</dream>

(confession: I myself am too lazy to use PGP)

15
zokier 11 hours ago 1 reply      
> Adding forward secrecy to asynchronous offline email is a much bigger challenge, but fundamentally it's at least possible to some degree.

Is it really fundamentally possible? The author asserts this without really backing it with anything. I can understand how OTR-like systems can work between a static pair of clients, but it is not entirely clear if it is possible at all to extend such scheme to work in scenarios where message delivery is async and I might be using a set of clients/devices for messaging.

16
zimbatm 8 hours ago 2 replies      
> Except maybe not: if you happen to do this with GnuPG 2.0.18 -- one version off from the very latest GnuPG -- the client won't actually bother to check the fingerprint of the received key.

Even in it's long form, it's relatively easy to generate different keys that have the same fingerprint.

17
uvTwitch 2 hours ago 0 replies      
Yeah really, it's actually Pretty Good if you think about it.
18
exabrial 12 hours ago 2 replies      
PGP needs to onboard themselves with Elliptic Curve Crypto... significantly smaller makes them more distributable which solves a few of the problems mentioned.
19
gkop 10 hours ago 0 replies      
Here is a good criticism of PGP from 1999 that explains why it isn't usable by ordinary folks - http://www.cs.berkeley.edu/~tygar/papers/Why_Johnny_Cant_Enc...
20
aestetix 6 hours ago 0 replies      
I'm kind of sad the author didn't touch on key signing at all. The trust levels are basically meaningless. What does it mean to trust someone more than someone else? If doing a request to get someone's key exposes your social network, imagine what publicly signing someone's key does. Just some food for thought :)
21
eyeareque 11 hours ago 1 reply      
I just hope that however google and yahoo implement PGP into their mail offerings, they do it in a way that cannot be intercepted by governments/bad guys.
22
graycat 6 hours ago 1 reply      
> If the NSA is your adversary just forget about PGP.

Why? Last I heard, breaking PGP was equivalent to being able to factor large integers into a product of prime numbers. So, NSA is able to do that, and no one else can, no one in the public heard about it, no university research mathematician published about it, NSA has mathematicians who figured out how to do that but their major profs back in grad school don't know how, no one got a Fields Medal for it, etc.? I don't believe that.

What's going on here?

He means I need a Faraday cage? Okay, tell the NSA I have one; put it in place this afternoon.

He means the NSA has trained cockroaches that can wiggle into my hard drives while I sleep and steal all my data? If so, then fine. I'll spray bug killer.

Otherwise, why should I believe that the NSA could crack my PGP encrypted e-mail?

4
Satoshi's Hashrate
156 points by mdelias  13 hours ago   53 comments top 9
1
0x0 10 hours ago 1 reply      
Looking at the hash rate reductions and how it seems to be explicitly controlled first (1) to drop just below 50% and then (2) fading out, it's almost as if Satoshi was thinking (1) build trust in the network by not maintaining a 51+% attack position and (2) the network is self-sustainable, my work here is done.
2
yohanatan 10 hours ago 0 replies      
> It's clear that Satoshi was able to achieve some sort of fine tuned [hash-rate] control. I'm not sure how such control could be maintained, but I'm willing to guess that the standard client on a home PC wouldn't be able to do it.

This is something the operating system can provide (or another application). No need for a 'special' client.

3
abrkn 11 hours ago 4 replies      
I find it increasingly hard to believe that Satoshi was one person. It is, however, in the best interest of everyone but journalists that they keep their identities hidden to avoid ad hominem attacks.
4
streptomycin 11 hours ago 1 reply      
From this can we estimate what kind of hardware Satoshi was using? Like was it feasible to get that hash rate on 1 desktop computer back then, or would he have been using a large number of computers?
5
thekylemontag 11 hours ago 1 reply      
very interesting read.

definitely makes it seem as though Satoshi was a group of people running many machines.

would be very interested to see more content like this in the future from other early-stars of the BTC world.

6
mcs 9 hours ago 0 replies      
There most likely was a simple gpu miner that wasn't public knowledge until later, which helped in balancing out the network without needing a horde of machines early on.
7
MrJagil 7 hours ago 0 replies      
I hope Gwern and other writers interested in the Satoshi phenomenon keep tabs on stuff like this... I mean, the fact that you might be able to deduce his hardware and other small clues slowly being revealed, might eventually lead to a pretty stable image of the persona behind Bitcoin.
8
nikanj 10 hours ago 1 reply      
Unscrollable on iPad mini. Why must they keep on "improving" the basic web experience :(
9
leeoniya 12 hours ago 4 replies      
[off-topic] apparently blogspot.com has something against me wanting to use the top 20% of my scroll bar. (FF and Chrome)
5
Oracle Cranks Up The Cores To 32 With Sparc M7 Chip
29 points by mariusz79  5 hours ago   27 comments top 9
1
trhway 34 minutes ago 0 replies      
basically vaporware. In the sense that almost nobody will see/touch it. Huge chip - 10B transistors - using new process node - 3D 16nm - will have such low yield that its obviously high price will be even higher. Thus only a handful of systems will be delivered. Thus practical non-existence equivalence.

SPARC CPU division brought down Sun, and i see it still puts a good fight inside Oracle despite Rock cancelation :)

Edit: even if the CPU become realistically (in the High Enterprise sense) available just imagine what [ram-to-cpu] bus should the CPU to sit on for it to be able to feed the beast, especially considering that it will be DB application, not HPC for example

2
rodgerd 3 hours ago 0 replies      
And you won't get numbers from anyone who owns one, since Oracle expressly prohibit publishing performance figures without permission.
3
userbinator 3 hours ago 4 replies      
I like how they're adding hardware specifically to speed up databases, to a CPU based on a RISC core; it looks like there is a trend toward more CISC-like hardware, because designers have figured that operations that would've been done in software can be done faster with dedicated hardware.

My experience with using older SPARC servers for testing various things is that they're rather disappointing, both in terms of value and performance - "more cores" seems to be their guiding principle, and while this makes for impressive benchmark results and aggregate numbers, the speed of a single thread is pretty horrible; it's only in specific multithreaded applications that all the resources on the chip can be fully saturated. Meanwhile x86 servers cost far less and can handle different workloads better because per-clock, each core is several times faster.

4
capkutay 1 hour ago 1 reply      
I would think that Oracle would be investing more in something like flash storage in their hardware rather than optimizations to processor speed. More threads don't make the disc spin faster and a lot of DB workloads are bound by going to persistent storage.
5
matdrewin 4 hours ago 1 reply      
I wonder how much it would cost in licensing to run an Oracle DB on that kind of hardware.
6
jwr 2 hours ago 1 reply      
Does anybody know what the pipeline depth is? At 4GHz, it can't be short, and the cost of mispredicted branches could significantly worsen real-world results.
7
nsxwolf 4 hours ago 1 reply      
I'd love to see the SPARCStation make a comeback with that thing.
8
slambam 4 hours ago 0 replies      
One of the better write ups, since the Hot Chips presentation.
9
curiousDog 3 hours ago 5 replies      
Still don't understand why businesses buy this instead of scaling-out. Cost? Complexity?
6
Google Web Fundamentals: Monetization
106 points by ossama  11 hours ago   38 comments top 6
1
dozy 9 hours ago 3 replies      
Regarding the article 'Let Users Explore Before They Commit' -

This is much easier said than done, and the effort and complexity will vary greatly depending on your site/app. The example used (nondescript clothing app) is one of the simpler cases, whereby the cross-session and device user-state need not be maintained, or is at least pretty minimal.

For many app developers, though, the richness of their feature-set doesn't come across until the user has a detailed state, such as level achieved, past activity, preferences, etc. Without asking users to "commit", sites/apps need to associate state with an anonymous user.

Unfortunately, it's not quite trivial to maintain the concept of an anonymous user. For one, the lengths the mobile industry is going to restrict the use of unique device identifiers poses a complexity to identify the same device across sessions. Moreover, anonymous users pose an issue for services with a value proposition behind their cross-device/platform support. Also, for small sites, it may not be trivial to introduce a data-model that supports anonymous data, which either needs to be thrown out or eventually merged with account-linked data. Similarly, 3rd-party engagement and funnel analysis of anonymous users is also a hard problem, as when the user does eventually identify themselves with an account, you need to merge their previously anonymous data into their account. Some services call this Aliasing.

I'll echo other comments that the content is sparse - this section specifically speaks as if registration count is the sole goal of the target audience. A comprehensive document would account other conversion-like goals that site/app makers might have, and the weigh the cost-benefit analysis of requiring registration.

2
smaddock 8 hours ago 5 replies      
I have a landing page for an application I've made which users then click through to navigate to other websites. This single page gets around 1-2 million views a month and I'd like to place an ad on the page if possible. However, Google AdSense denied me being that the page doesn't actually have enough content for them to automatically determine relevant ads.

What other options do I have to get an ad placed onto the landing page?

3
idlewords 9 hours ago 2 replies      
I would be loath to take advice from Google about how to monetize a small website. Not just because of the conflict of interest (of course they want people to run ads), but because it's not their area of expertise.
4
kinlan 11 hours ago 6 replies      
One of the authors of the site here.

We are very keen to get feedback on the content that web developers want to see with regards to monetization. For example one area that I am keen to see us grow is building components in sites that optimize credit card data entry.

5
collyw 10 hours ago 0 replies      
Be nice if I could get an adsense account approved. Or even a reason why its not been approved.
6
fleitz 11 hours ago 1 reply      
It's too bad the Google+ team never saw this document.
7
Was Localizing Defender's Quest Worth It?
45 points by bane  8 hours ago   14 comments top 8
1
jblow 7 hours ago 1 reply      
It looks to me like the author is trying hard to justify localization because he wants it to be worthwhile, but looking at the numbers, I don't see the evidence. The reasons he gives seem like rally big stretches and factual cherry-picking.

It is nice to make your game available in many languages, but getting translations that aren't terrible is hard, and I have never seen a clear business case for it. So I think the proper attitude is "there is not an obvious business case, but we are doing it because we want to."

2
pixelcort 7 hours ago 1 reply      
Another simple benefit to localization is that it can make it easy to fix typos or reword things in your native language, too, if you use short keys in your code and have all real strings in a single place.

Even if you don't plan on localizing, it's a good habit to move all your strings to one place like this, as you can quickly see in one place if all of your strings have consistent tone, style, and word usage.

3
andrewljohnson 7 hours ago 1 reply      
I appreciate the article and data, had a couple of thoughts from my own experience localizing:

* Punting on localization can make a lot of sense. It helps to do localization up front and plan for it, but that's when opportunity cost is at its greatest. It's also a marginal "multiplier" effect, and so it's not a make-or-break engineering item usually.

* I doubt localization to Russian is as good as Spanish, very often.

* Definitely agree that translations from actual users are leagues ahead of professional translator services, good thought to cultivate that.

* You can do it incrementally, and localize your app description prior to the app itself, which doesn't have the same engineering requirements.

4
Zarel 4 hours ago 1 reply      
The link to Playism is broken.

URLs in HTML are treated as relative by default, so doing <a href="playism-games.com"> creates a link to http://www.fortressofdoors.com/was-localizing-defenders-ques...

5
hayksaakian 3 hours ago 0 replies      
You used geography as a metric to correlate with languages.

I would think there are some number of people in the USA that appreciate having the option to play in their preferred language.

It'd be more interesting to find out how many people picked language X vs buying from country Y.

6
nraynaud 7 hours ago 0 replies      
I still think you should not focus on localization for the release of your first game. Try to get stuff out of the door and improve on it later. For subsequent games, maybe your organization might able to do a bit more before a release, but remember that trying to do more and more at once is just a recipe for disaster.
7
melvinmt 4 hours ago 0 replies      
You might not have enough data yet but now I'm curious to see a study into the localization sensitivity for various languages.
8
th0br0 7 hours ago 1 reply      
I'm wondering how many of the Russian purchases were due to "cd key stores" or similar. Given that they're only paying half of what US customers are, the markup's high enough. Also, more and more of these stores send you the games as steam gifts.
8
Flynn Beta (YC S14)
128 points by dubcanada  14 hours ago   57 comments top 10
1
morgante 13 hours ago 5 replies      
Flynn still needs to do a much better job on the documentation front. It's entirely unclear how to use Flynn. Instead of just having vague architecture/philosophy discussions, they need very clear explanations.

From the demo/documentation they do have, it's unclear why Flynn is better than Deis, Heroku, etc.[1]

I had hoped that Flynn was/would be a tool for orchestrating complicated multi-container apps, not just deploying Procfiles. I don't need Procfiles, I need something which will let me integrate and orchestrate multiple Docker containers across multiple nodes. Most/many significant apps don't fit into the simplicity of Procfiles (we have over a dozen different services, some with relatively customize environments, all communicating with RabbitMQ middleware). At least for development, Docker containers have proven to be an ideal way to manage these services. As of yet, there doesn't seem to be a good tool for deploying them to production. I wish Flynn would tackle that head on (and document it!), instead of being yet another generic PaaS.

[1] https://github.com/flynn/flynn/tree/master/demo

2
dccarmo 14 hours ago 6 replies      
I tried reading most of the site and didn't understand what exactly it is. Am I the only one who doesn't have a clue on what "ops" is/are?
3
kevinflo 14 hours ago 1 reply      
I feel like this post would benefit from a succinct description of what the product is either in the title or on the linked page.
4
dubcanada 14 hours ago 2 replies      
I find it almost impossible to figure out what to do with Flynn after I have installed it (just comparing it to deis, deis on the other hand has a large amount of documentation). Is there going to be some more documentation on how exactly stuff is setup and how to manage it now that it is in beta?
5
danielsiders 14 hours ago 7 replies      
Flynn cofounder here, happy to answer any questions
6
anonfunction 8 hours ago 0 replies      
I think there is a bug on the pricing page. It appears that the startup plan is more expensive during beta.

http://i.imgur.com/CtWIytj.png

7
harrisreynolds 7 hours ago 0 replies      
Who can come up with a better headline? I like "Open Source PaaS for the Future"

https://www.dropbox.com/s/ret624lf739til4/Screenshot%202014-...

A more clear header would help with messaging.

8
druiid 12 hours ago 2 replies      
It appears that download issues with the ruby buildpack still aren't fixed. Really you guys should be hosting these on your own S3 account as literally every time I've tried to use Flynn or Deis they are unusable because both utilities use heroku hosted buildpacks and they're consistently broken (slugbuilder related I think?).
9
zbyte64 8 hours ago 2 replies      
Flynn lets you tie GIT deployment to a system that uses heroku buildpacks and launch using Docker containers. But what if I don't want to use a buildpack but a Dockerfile?
10
bthomas 13 hours ago 0 replies      
Understand it's hard to explain. I'd list the canonical use cases, so people know whether to dig in to the docs.
9
In Ferguson, Washington Post reporter Wesley Lowery gives account of his arrest
155 points by ForHackernews  1 hour ago   53 comments top 14
1
suprgeek 40 minutes ago 7 replies      
In Ferguson we are finally getting to see the glimpse(just a peek) of the tyranny creeping up on us in America.

- Fully militarized police with a Tank(!) and multiple snipers with assault rifles confronting unarmed civilian protesters.[1]

- Tear gassing and arresting reporters

- Al-Jazera news crew was shot at and tear gassed [2]

- No fly zone over all of Ferguson

- Street level blockades & teargassing of porches to keep people inside

- No badges, tags or any identifying marks on police

- etc, etc,

This is a disgrace for America and a wake up call for all of us.

[1] https://pbs.twimg.com/media/Bu9CVPGIYAA_tFz.jpg:large[2] https://pbs.twimg.com/media/Bu-N9uIIIAEImna.jpg:large

2
olefoo 1 hour ago 2 replies      
One striking thing about this and many other accounts of police misconduct is the refusal of law enforcement officers to identify themselves.

"""He was denied information about the names and badge numbers of those who arrested him."""

If hiding the badge numbers or other identifying marks distinguishing law enforcement officers from each other isn't already a crime it ought to be. And it ought to be one that disqualifies the officer involved from serving in any position of authority over the public.

There is no excuse by which law enforcement can expect to have both legitimacy and the cloak of anonymity. If there is one thing the last 4000 years of recorded history has taught us; it is that unaccountable power will be abused.

If our civilisation is to have a solid foundation of law; it's law enforcement authorities must be more law-abiding than the average citizen rather than less. As is so glaringly the case in Ferguson tonight.

3
jonknee 18 minutes ago 1 reply      
The Economist recently touched on the militarization of US police forces. It's worth a read:

http://www.economist.com/news/united-states/21599349-america...

> But it is hard to see why Fargo, North Dakotaa city that averages fewer than two murders a yearneeds an armoured personnel-carrier with a rotating turret. Keene, a small town in New Hampshire which had three homicides between 1999 and 2012, spent nearly $286,000 on an armoured personnel-carrier known as a BearCat. The local police chief said it would be used to patrol Keenes Pumpkin Festival and other dangerous situations.

And worse:

> Householders, on hearing the door being smashed down, sometimes reach for their own guns. In 2006 Kathryn Johnston, a 92-year-old woman in Atlanta, mistook the police for robbers and fired a shot from an old pistol. Police shot her five times, killing her. After the shooting they planted marijuana in her home. It later emerged that they had falsified the information used to obtain their no-knock warrant.

4
baddox 1 hour ago 1 reply      
> My hands are behind my back, I said. Im not resisting. Im not resisting. At which point one officer said: Youre resisting. Stop resisting.

One of the scariest subtleties with these situations is how police officers always chant "stop resisting" regardless of whether the person is resisting. It's almost as if they are explicitly trained to repeat that mantra. It's eery.

5
idlewords 1 hour ago 4 replies      
It's striking in the photos coming out of Ferguson to see municipal police in full military gear. They have even brought out armored vehicles, and there are multiple reports of police pointing automatic weapons at journalists and protestors. These cops seem out of their depth. They should not have access to this kind of firepower.
6
spain 36 minutes ago 1 reply      
I wonder how long it's going to take for people to take up arms (unless they already have), as this is exactly the kind of event some people use to justify gun ownership (huge emphasis on the some, I personally believe you don't need justification for gun ownership and that it's a human right and I know I'm not alone in this, but I also know some people have used it as justification and I wonder if they'd ever put their money where their mouth is). It's a miracle some nut hasn't snapped and engaged in all-out warfare already.

EDIT: Why the downvotes? Honest question, how much more are people willing to take?

7
SyncTheory13 16 minutes ago 0 replies      
None of this is new as anybody involved in protest (most recently and notably - Occupy) could attest to. This was the single most radicalizing event that we witnessed. Peaceful protestors that had once struck down any radical protestors suddenly turned radical themselves upon watching family and friends get beaten for filming and arrested for not obeying conflicting demands. A close friend of mine was only able to save the SD card in his sock and switch it out with a new one before the cops took it, pocketed the (unused) SD card and then spiked his digital camera on the asphalt.

This situation is going to keep escalating. If you visit Ferguson, you'll see the business-district smashed up but the residential areas nice, calm, well-kept - with families literally everywhere walking around. The community is united and organizing. I can only hope that the period of chaotic rage settles down into something strong, long-lasting, and effective. This would be a true tribute to Michael Brown.

Last - I want to mention that a St. Louis City Alderman/Protestor was also arrested tonight. He remains peaceful as his respected reputation depends on it, so one can only gather that it was to silence his filming.

http://m.huffpost.com/us/entry/5677157

An account of STL police two years ago:http://antistatestl.noblogs.org/post/2012/03/19/a-personal-a...

And some resistance:http://antistatestl.noblogs.org/post/2012/04/22/welcome-to-c...

8
bdevani 39 minutes ago 0 replies      
If you're looking for a live stream of activity you can find it here: http://new.livestream.com/accounts/9035483/events/3271930

Anonymous has claimed that they will be releasing the name of the cop who shot Mike Brown if they recover it: http://www.salon.com/2014/08/13/anonymous_released_alleged_a...

9
grecy 1 hour ago 1 reply      
How many incidents like this need to occur and make headlines before citizens of America realize they often don't have the "Freedom and Liberty" they so often drone on about?
10
sschueller 22 minutes ago 0 replies      
This is just the tip of the iceberg.

The US has such poor police training that this problem will not go away. There are also way to many people in the force that are mentally not fit for the job.

Sadly the the Police appears to reflect the conscience of the country. Where force rules over diplomacy. Shoot first ask questions later and revenge over forgiveness.

11
ugh123 42 minutes ago 0 replies      
Police have enormous protection from their unions. Their internal investigation units are often staffed with people directly affiliated with the union or former police personnel. This is often the reason why they can run with no accountability or recourse for their actions.
12
Shinkei 1 hour ago 0 replies      
It takes a lot of courage to stand your ground in these situations. Sounds like the classic South Park "Respect my Authoritah" sums up the cause of this confrontation.
13
bayesianhorse 10 minutes ago 0 replies      
Stop bitching, start suing...
14
venportman 21 minutes ago 0 replies      
This thread is going to be deleted, censored, disappeared, etc.
10
A Brazilian Wunderkind Who Calms Chaos
110 points by digital55  18 hours ago   23 comments top 4
1
ealloc 14 hours ago 3 replies      
He is doing an investigation into the underlying foundations of statistical mechanics.

Statistical Mechanics and thermodynamics are the basis for a huge amount of technology and scientific models of the world, yet they rely on a fundamental assumption which is in some sense unjustified, known as the 'Ergodic hypothesis': Even though (classically) we know that the current position of gas particles in a box can be determined from their positions in the past, in thermodynamics we make the (unjustified) assumption that their positions are actually random and independent of their previous positions. In other words, these models for the world are probabilistic, which contradicts our more fundamental models of the world which say it is deterministic (and even QM is deterministic, with the single exception of the born rule). What he's doing here helps justify the probabilistic treatment, and understand when it does or does not apply.

I have always though this to be one of the great 'foundations' questions in physics (The others being QM foundations/origin of the born rule, and foundations of Field Theory). These are 'hard' and borderline philosophical questions, which most scientists (with good reason) simply assume to be true, to the point they often find them uninteresting. Lately though there seems to be renewed interest in them.

2
temuze 14 hours ago 3 replies      
This is Brazil's first Fields Medal - no Brazilian citizen has won a Nobel prize either. Obviously, this is a big deal for our country.
3
danielrpa 14 hours ago 1 reply      
Brazilian here: between the fields medal and the world cup, I'll take the medal every time.
4
personlurking 14 hours ago 0 replies      
Congrats to him! It was also just announced that in 2018 the International Congress of Mathematicians will occur in Rio de Janeiro (being called the "Math World Cup" in Portuguese).

From the video interview, I understand he has been living in Paris for a while but his English accent is surprisingly non-Brazilian (sounds Russian with his Rs and closed vowels).

11
Show HN: Startuplister A startup directory listing service
49 points by crixlet  9 hours ago   29 comments top 12
1
crixlet 9 hours ago 3 replies      
In the vein of all the meta threads about directories and places to submit your startup, (https://news.ycombinator.com/item?id=7525584, https://github.com/mmccaff/PlacesToPostYourStartup, etc) i've compiled all of the directory submission forms into one form, and will submit your startup to the directories for a small fee.

30% discount code for HN crowd: HN2014

2
uptownhr 8 hours ago 1 reply      
I'm also very curious to find out how much you made today by being on hackernews today :) Would be awesome if you could share that tomorrow.
3
nodesocket 5 hours ago 2 replies      
Really wish I could save my startup form answers (to local storage) without submitting the form. I have to leave, and can't finish the form right now. Should be easy using something like http://sisyphus-js.herokuapp.com/
4
WWKong 3 hours ago 0 replies      
This is fantastic. I will be a customer in next couple weeks. If you could add more marketing services you can up-sell me.
5
dylanlacom 6 hours ago 1 reply      
Very cool service crixlet. Surprised ProductHunt isn't on there.

Also, the Useful Resources links at the bottom need hrefs and growthackers should be growthhackers :)

6
redtrackker 3 hours ago 0 replies      
This is totally worth the cost. I started manually trying to post to all those sites and it's just not worth it for me. Too time consuming. 50$ is pretty cheap. Great job
7
wodow 8 hours ago 0 replies      
Looks interesting!

It would be useful to have some sense of the relative importance of the sites on your list. Maybe Alexa ranks, as a start? Or data from e.g. compete.com

8
funkyy 4 hours ago 0 replies      
Great service, I will surely use you within 3 months!
9
sycren 7 hours ago 1 reply      
I'm somewhat surprised that Crunchbase is not on here...
10
derwiki 6 hours ago 1 reply      
"Enter at least keywords"
11
uptownhr 8 hours ago 1 reply      
You should add startuptabs.com
12
untilHellbanned 8 hours ago 1 reply      
Two questions:

1) Didn't see the HN discount, any chance that can be applied to my account retroactively? tim@onarbor.com.

2) There is alot to fill out on this one form. Can I save a partially completed application? What happens when I hit the submit button?

12
Microservices and the First Law of Distributed Objects
113 points by resca79  16 hours ago   53 comments top 10
1
PaulHoule 14 hours ago 4 replies      
The real strength of micro services is physical isolation more so than logical isolation. That is, there is an 80/20 rule as to scaling.

For instance, there is probably one function of your system that is responsible for a huge amount of work. If everything is in one database (say SQL, mongo,...) You have a complex system that is hard to scale. If you split the heavy load out, you might find the scaling problems vanish (because the high load no longer has the burden of excess data) and even if there is still a problem it is much easier to optimize and scale a system that does just one thing.

The most disturbing thing about microservice enthusiasts is that they immediately jump to: oh, we can write these services and clients in Cold Fusion, Ruby, COBOL, Scala, Clojure, PHP and even when we write them, the great thing is "WE DON'T HAVE TO SHARE ANY INFRASTRUCTURE!"

That's bougus to the Nth degree because a lot of the BS involved with distributed systems has to do with boring things like serialization, logging, service management, etc.

I think you still want to use the same language, same serialization libraries, management practices, etc. across all of these services otherwise you are going to get eaten alive dealing with boring but essential problems.

2
kentonv 5 hours ago 0 replies      
This article is missing any mention of promise pipelining, which solves some of the problems being discussed.

http://kentonv.github.io/capnproto/rpc.html

With promise pipelining, if you need to make two RPCs to the same server, and the result of the first is going to be an input to the second, you can actually do it in one network round trip. The trick is to send the server a message saying "Hey, when you finish that first call, substitute the result into the parameters of this second call".

With this, fine-grained calls no longer imply an enormous latency expense compared to course-grained. Meanwhile, fine-grained APIs are cleaner and more composable, as my link above describes.

It's unfortunate that CORBA gave distributed objects a bad name. Just like object-oriented design within a program is more expressive than procedural design, object-oriented network protocols are more expressive than the flat protocols we tend to see today. I've been working with object-oriented protocols a lot lately while using Cap'n Proto to build sandstorm.io, and I've surprised even myself at how much more elegantly I can express complex interactions.

CORBA only messed up in trying to make remote objects look the same as local objects. Everyone now agrees that was a terrible mistake. But making distributed objects work does not in any way require making them look exactly like local objects. Calls to a Cap'n Proto object look quite different from local calls, because you need to be aware of the network issues implied by the call. But I've found that the same higher-level OO design principles you might use locally translate remarkably well to Cap'n Proto interfaces.

3
rubiquity 14 hours ago 4 replies      
I find that the reason there is so much discussion about microservices and scaling object oriented applications is due to the limitations of object orientation in the first place. These same limitations are the reasons why distribution and network/local transparency, something Martin Fowler states he doesn't believe works, do work in functional programming languages but don't work in OO languages.

It all boils down to OO programmers want their applications to be scalable and maintainable. They have decided the way to do that is through modularity. But we suck at enforcing modularity in a single code base. This has been proven time and time again. Microservices are just a sneaky way of forcing that modularity on ourselves. Instead of designing your system as a single ball of mud (monolith), you'll design your system as a puddle of mud (microservices).

It is just entirely too hard to write good, modular OO programs. This is why we hang onto every book, blog post and word the Object-Oriented Gods send down to us. OO could be a great and amazing thing for certain domains of programming. By all means, create monoliths and use Martin Fowler's Cookie Cutter Scalability solution because it is simple. But if you find yourself needing microservices, you're better off picking up a functional language where modularity comes naturally.

4
AdrianRossouw 13 hours ago 2 replies      
This is the spirit of microservices to me :

https://news.ycombinator.com/item?id=7874317

"Instead of pretending everything is a local function even over the network ..., what if we did it the other way around?

Pretend your components are communicating over a network even when they aren't?"

-- Solomon Hykes (of Docker fame) on LibChan

To me, it's pretty much anti-OO, and that's why I find it refreshing.

5
munificent 12 hours ago 0 replies      
> Given this uncertainty, the most important thing a writer like myself can do is to communicate as clearly as I can the lessons we think we've learned, even if they are contradictory. Readers will make their own decisions, it is our job as writers to make sure those decisions are well-informed ones, whichever side of the architectural line they fall.

This is a really insightful description of the role of someone documenting software architecture.

6
oldpond 8 hours ago 0 replies      
I believe they are grasping in the right direction, but what they really need to do is let go of the attachment to object oriented development. I don't mean to start the flame war, but if you insist that the architecture reflects the intent of the application, then why choose OO? If the architecture requires messages and buses and adapters, etc. what does OO bring to the table? Why do I think I need distributed objects? Am I choosing micro-services just because I want to try to get distributed objects working again?

It's not a language issue either. At this level we are talking about frameworks, models, domains, contracts, protocols, etc. This layer is not language dependent, although some languages are better designed to build frameworks that support these intents.

A classic example of how these assumptions creep into your designs is seen in the first chapter of Head First Design Patterns where they discuss at length how to create the perfect object model for a duck computer game. When I read that the first first think that came to my mind was, "Wait a minute, you are designing a computer game! Everything on the screen is a sprite. Sprites are moved around the screen by their coordinates once per game loop. How does the perfect duck object model help me here?"

Sounds very much like a hammer looking for a nail to me.

[edit] fixed a few typos

7
pjungwir 14 hours ago 0 replies      
I really admire the humility of his wait-and-see attitude, especially since he is trying to keep an open mind against his instincts.

This is a bit OT, but it seems like Angular apps have similar problems to distributed objects, where you can wind up making lots of network calls to retrieve one of these, all of those, etc. I'm curious what advice people have about that.

8
rdtsc 14 hours ago 2 replies      
> I worry that this pushes complexity into the interconnections between services,

I guess the instinctive answer is to well let someone else solve the problem. Grab something existing / standard (REST API + rest client, RabbitMQ + msgpack) or something similar.

What it still doesn't save you from is managing basic distributed systems issues - network partitioning, timeout, asynchronous starts and stops. Maybe it is better because by building this distribution into the core of the system and not trying to abstract it away behind an API (like the author says) it forces you to deal with them explicitly.

Overall I still haven't decided if microservices is just one of those buzz words invented because the old ones (Object Oriented, SOA, etc) have gotten old and don't bring in consulting revenue anymore.

9
ilaksh 12 hours ago 0 replies      
High level knowledge representation like description logics can make these types of discussions obsolete if they are applied to information systems holistically. Describing relationships between data and describing processes themselves using a common machine-processable language would allow the plumbing to be generated automatically and could even enable systems to automatically be converted from course grained message types to finer grained ones and vice versa.
10
crack_one_out 9 hours ago 0 replies      
Oh for the love of <insert deity here> no!This will now be printed and stuck onto the wall by the astronaut architects where we work, who blindly parrot MFs words like gospel, without any understanding.

Software used to be shit, but at least fun, then we had software architects, and now software is just shit.

Sigh.

13
Edward Snowden: The Untold Story
575 points by promocha  19 hours ago   180 comments top 28
1
tokenadult 17 hours ago 4 replies      
I read through all the comments here before beginning to read the article. The comments that say that the usability of the article format is very bad are correct. The online format is too cute by half, and impairs readability. But the article is well worth reading. As Danso points out, the journalist who did the reporting on this article is a renowned independent investigative reporter, James Bamford, who has broken many important stories about NSA in previous years. The writing is worth reading and discussing here, and it's too bad Wired's editors mucked up the reader experience so much with the strange user interface and formatting.

"I confess to feeling some kinship with Snowden. Like him, I was assigned to a National Security Agency unit in Hawaiiin my case, as part of three years of active duty in the Navy during the Vietnam War. Then, as a reservist in law school, I blew the whistle on the NSA when I stumbled across a program that involved illegally eavesdropping on US citizens. I testified about the program in a closed hearing before the Church Committee, the congressional investigation that led to sweeping reforms of US intelligence abuses in the 1970s. Finally, after graduation, I decided to write the first book about the NSA. At several points I was threatened with prosecution under the Espionage Act, the same 1917 law under which Snowden is charged (in my case those threats had no basis and were never carried out). Since then I have written two more books about the NSA, as well as numerous magazine articles (including two previous cover stories about the NSA for WIRED), book reviews, op-eds, and documentaries."

As a substantive comment on the article, let me say that I find it interesting that Snowden himself thinks it is appalling that NSA's internal security auditing is so poor that NSA can't even tell which documents Snowden disclosed to journalists, nor can it tell how many other leakers may still be on its staff. This seems to be a completely plausible claim, and that would be a reason why many American voters or leaders of countries allied to the United States might desire the current leadership of NSA to resign and be replaced with more competent leaders.

2
adityab 17 hours ago 6 replies      
Two key 'new' things from this article, that were previously unknown:

1. The NSA exploited the firmware of a Syrian core internet router, and bricked it by mistake. This was an "oh shit" moment (sic). So in it's eagerness to scoop up all digital communications, it killed the majormost way for citizens to communicate while in the midst of a civil war. Great.

2. There is a project called "MonsterMind", which 100% automates adversarial hacking in retaliation to detected attacks. Very Strangelove-ian, as the article says.

EDIT: Typo, thanks to not having had coffee in time.

3
e0m 10 hours ago 3 replies      
This mentioned the NSA's "Mission Data Repository" in Bluffdale, Utah. They mentioned it could hold 1 yottabyte of data.

Let's put into perspective 1 yottabyte:

All Gmail accounts (~500 million users * 10GB/user = ~5000 PB) +All Facebook photos (~2 billion users * 1GB/user = ~2000 PB) +All of Netflix's videos (1-5 PB) +Library of Congress (10-30 PB) + Wikipedia (0.0005 PB)

= ~7000 PB= 7 Exabytes.= 0.0007% of 1 Yottabyte!!!

1 Yottabyte = 250 billion 4TB hard drives.

A hard drive is about 4" x 1" x 5.75".

The Pentagon is a big building (6,636,360 sqft over 5 floors). If you started stacking hard drives inside the Pentagon it would take about 50 pentagons to hold 250 billion hard drives.

At scale you might be able to make a 4TB hard drive for somewhere between $10 and $100.

1 Yottabyte would be $2.5 trillion - $25 trillion in hard drives. That's a couple USA GDPs.

Okay, I think a yottabyte clearly can't be what they mean because that's just unfathomable.

They also mention a 1 million sqft facility.

In a 1 million sqft you can probably pack about 250 million 3.5" hard drives. If each drive was 4TB you'd end up with 1 million PB, or 1000 EB, or 1 Zettabyte

So by Yottabyte they might (maybe) mean Zettabyte. Only off by a factor of 1,000.

Even still, all of the data of Gmail, Facebook, Netflix, Library of Congress, etc is still probably only ~10% of this data center.

Nuts.

4
elwell 16 hours ago 1 reply      
> One day an intelligence officer told him that TAOa division of NSA hackershad attempted in 2012 to remotely install an exploit in one of the core routers at a major Internet service provider in Syria, which was in the midst of a prolonged civil war. This would have given the NSA access to email and other Internet traffic from much of the country. But something went wrong, and the router was bricked insteadrendered totally inoperable. The failure of this router caused Syria to suddenly lose all connection to the Internetalthough the public didn't know that the US government was responsible. (This is the first time the claim has been revealed.)
5
ch4s3 17 hours ago 2 replies      
"Programs like this had existed for decades, but MonsterMind software would add a unique new capability: Instead of simply detecting and killing the malware at the point of entry, MonsterMind would automatically fire back, with no human involvement. That's a problem, Snowden says, because the initial attacks are often routed through computers in innocent third countries. These attacks can be spoofed, he says. You could have someone sitting in China, for example, making it appear that one of these attacks is originating in Russia. And then we end up shooting back at a Russian hospital. What happens next?"

This piece is pretty interesting.

6
normloman 17 hours ago 7 replies      
What the hell. I start scrolling with my mouse wheel, but nothing moves. I'm thinking my mouse must be broken, until 30 seconds later, I notice the "cover image" fade in and out. I swear, crappy flash intros are alive and well. They just don't use flash anymore.
7
bgentry 10 hours ago 0 replies      
> Indeed, some of his fellow travelers have already committed some egregious mistakes. Last year, Greenwald found himself unable to open the encryption on a large trove of secrets from GCHQthe British counterpart of the NSAthat Snowden had passed to him. So he sent his longtime partner, David Miranda, from their home in Rio to Berlin to get another set from Poitras. But in making the arrangements, The Guardian booked a transfer through London. Tipped off, probably as a result of GCHQ surveillance, British authorities detained Miranda as soon as he arrived and questioned him for nine hours. In addition, an external hard drive containing 60 gigabits of dataabout 58,000 pages of documentswas seized. Although the documents had been encrypted using a sophisticated program known as True Crypt, the British authorities discovered a paper of Mirandas with the password for one of the files, and they were able to decrypt about 75 pages. (Greenwald has still not gained access to the complete GCHQ documents.)

FYI, Glenn Greenwald is denying that any of the claims in this paragraph are true, and says that Wired never even contacted him or Miranda about the article:

https://twitter.com/ggreenwald/status/499570835989213184https://twitter.com/ggreenwald/status/499570963638669312https://twitter.com/ggreenwald/status/499572407284563969https://twitter.com/ggreenwald/status/499587347630284800

8
pflanze 15 hours ago 0 replies      
I've made a reformatted copy for easier reading:

https://github.com/pflanze/wired-snowden-untold-story/blob/m...

(Plain text version in the history, at https://github.com/pflanze/wired-snowden-untold-story/blob/c...)

9
Rapzid 17 hours ago 2 replies      
Well.. I knew our(US) government downplaying Snowden's credentials was just propaganda(lies)... But wow, were they ever downplaying his credentials. And our media was mostly content to just spread the propaganda with a smile :|
10
belorn 16 hours ago 1 reply      
A division of NSA hackers attempted in 2012 to remotely install an exploit in one of the core routers at a major Internet service provider in Syria, which was in the midst of a prolonged civil war. But something went wrong, and the router was bricked instead, which caused Syria to suddenly lose all connection to the Internet.

So in middle of a war zone, US conducted sabotage to core infrastructure of an other nation, with unknown cost to property or human lives.

It really should be seen as the obvious reason why hacking is not an acceptable tool to use in peacetime against other nations. Its not a defensive weapon, it hurt people, and it done with no responsibility what so ever.

11
ArtDev 14 hours ago 1 reply      
Here is the article on Readability: https://www.readability.com/articles/42wfcyub
12
csandreasen 6 hours ago 1 reply      
If the last straw to leak this information was when Snowden learned about this MonsterMind program, why are we learning about it more than a year later without any prior mention whatsoever? (and without documents to back up the claims) Also, if he learned about it after taking up his job with Booz Allen Hamilton in 2013, why was he contacting Glenn Greenwald in December of 2012?[1] Ditto with the excuse that Clapper's testimony in March 2013 factored into his decision to leak...

I'm honestly curious why so many people are willing to take Snowden's claims at face value. The NSA rightly got a lot of flack for the softball interviews on Dateline a few months back, but it feels like the general consensus is that the softball interviews with Snowden are beyond questioning.

[1] http://us.macmillan.com/excerpt?isbn=9781627790734

13
vdm 15 hours ago 0 replies      
14
archagon 15 hours ago 0 replies      
Great article. Snowden's closing thoughts make me excited about the idea of mesh networking with all these mobile devices in our pockets. Hopefully Google or Apple will give it the push it deserves. (Apple is already taking baby steps in this direction with its Multipeer Connectivity API.)
15
2close4comfort 18 hours ago 0 replies      
The TAO killed the internet in Syria not to mention MonsterMind. Just when you thought it was safe to get back on the internet...
16
pdknsk 7 hours ago 0 replies      
> He is living on New York time, the better to communicate with his stateside supporters and stay on top of the American news cycle.

I hope he has Vitamin D stocked.

17
jmscharff2 14 hours ago 1 reply      
I can buy that he saw a lot of things that made him mistrust the government. What I have a problem with is that it seems as though he took jobs and looked for positions that would give him access to even more data. If he was really just working and saw this stuff that is one thing to go in and try and steal it is another, whether or not he did the right thing is up for debate. Selling USA secrets to other governments is espionage no matter how you slice it. If it was just leak it to the USA and the world at the same time then sure I could buy the whistleblower if it is go run and hide in Russia or China and sell information that is a different story. I dont think anyone has all the facts about this though.
18
2close4comfort 18 hours ago 0 replies      
written by James Bamford too
19
20
notastartup 4 hours ago 1 reply      
I fear we will never realize the true freedom Snowden sacrificed himself for.
21
gbrindisi 16 hours ago 0 replies      
He is a fucking legend.
22
Kapow2112 16 hours ago 1 reply      
Does anyone have a link to the text in a more readable format?
23
XorNot 18 hours ago 11 replies      
So there's a bigger story here: good lord is the web-design here irritating.

They've overridden scroll events so they at best don't work properly. Scrolling on a laptop gives you a weird non-mapping slide animation.

This is seriously one of the most unreadable articles, from a design sense, that I've ever seen.

24
jwjwtest 10 hours ago 0 replies      
wwwwwww
25
peterwwillis 14 hours ago 2 replies      
Can someone remind me why Snowden became a public figure in the first place? The second leaker is anonymous and practically invisible, and here Snowden is, constantly getting more press. It's like he wants to be as visible as possible while other leakers want the opposite.

Edit: Can somebody tell me what was downvote-worthy about this comment? This is getting ridiculous.

26
AwesomeTogether 18 hours ago 2 replies      
"Among other things, I want to answer a burning question: What drove Snowden to leak hundreds of thousands of top-secret documents, revelations that have laid bare the vast scope of the government's domestic surveillance programs?"

if the article presents a different answer than what's already known, through snowden statements communicated to laura poitras and greenwald, then they're probably not true, and if it repeats the same stuff, this is obviously a stupid question to ask and the article's just marketing b.s.

27
Hacker37 18 hours ago 1 reply      
I am not sure what part of the story was not already told.
28
AwesomeTogether 18 hours ago 0 replies      
Ed Snowden acting out his WhiteHouse situation room fantasies

https://dl.dropboxusercontent.com/u/10328969/rolledupsleeves...

14
Startup School 2014 applications are open
86 points by katm  12 hours ago   29 comments top 5
1
pptr1 4 hours ago 2 replies      
I think if your in the area or you know tons of people going; it might be worth going. I would't go out of my way to attend.

I went to the one in NYC few years back and it was not a good experience for me. I traveled from Boston and was super excited. Just a big let down.

PG was like a celebrity their. Impossible to get in anything with him. Same with other famous founders. Basically everyone was just circling and try to figure out who to talk to next. Was super awkward.

My takeaways from NYC:

1.) PG looks exactly like his pics and acts the same. It pretty hard to get to talk to him (due to all the people clamoring for his attention).

2.) Some famous YC alum are stuck up. Never met anyone as stuck up as the non-technical reddit co-founder.

3.) Justin Kan is the nicest person. Pure respect for him.

4.) In NYC at least hordes of MBA trolling looking for "technical cofounders". Met a really rude person who actually introduced himself as having an MBA from Harvard.

San Francisco might be different.

2
cperciva 12 hours ago 11 replies      
Polling the community: Should I attend?

I've watched videos of past events, and they seem to follow the TED model of being amusing and inspirational but not particularly informative; I'm too cynical to be interested in "inspirational". On the other hand, I get the feeling that the hallway track might be good.

3
jliechti1 12 hours ago 0 replies      
The lineup looks pretty good so far: Ron Conway, Reid Hoffman (LinkedIn), Danae Ringelmann (Indiegogo), Emmett Shear (Twitch).

Anyone know who else they might be bringing in? Does Zuckerberg do it every year?

4
jjling 12 hours ago 1 reply      
Awesome. Application submitted. Anyone know what the typical acceptance rate is for this?
5
goshx 9 hours ago 1 reply      
Are there other networking events happening during the same weekend? If not, maybe some locals could make them happen?
15
CoreOS Acquires Quay.io to Launch Its Private Docker Repository
95 points by superfreek  14 hours ago   5 comments top 4
1
nwenzel 3 hours ago 0 replies      
Congrats to both teams. There's a lot of work to make clusters as easy to manage as single machines. These are definitely the right people to make it happen.
2
amackera 10 hours ago 0 replies      
Seems like a very logical move. First we get stable CoreOS updates, now we have private Docker index built-in.
3
fideloper 13 hours ago 0 replies      
Definitely an interesting move, since Docker recently released their own private repositories with their 1.0
4
RazorX 9 hours ago 1 reply      
We need something like this for Chef cookbooks. Managed private and public API endpoints for organizations to host cookbooks that don't belong on the main community site,
16
Show HN: Self-hosted project management application
97 points by chintanb  16 hours ago   47 comments top 13
1
aw3c2 14 hours ago 2 replies      
Free 5 minute grumpy feedback on the landing page :)

Requires Javascript to display anything for no good reason.After enabling it and reloading it takes more than 10 seconds to anything but the loading icon to appear. When I quickly scroll down to see what's there, there is nothing, then it fades in. Screenshots are tiny. When I click them they jump into my face. FAQ is hard to impossible to read with the color combination and font and centering. On the whole page I have no idea what is a link and what is not. FAQ items take me back to the top when I click them. Requiring a mail address for downloading (free?!) software is a no-no for me. The buttons at the bottom (fb, twitter etc) have no anchors set so if I hover them, I have no idea what clicking will do. I would not want them to open my mail client or something. No idea what the rightmost icon even means.

> 92five app by Chintan Banugaria is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.

Creative Commons are not for programs. Please choose AGPL or something like that for code.

You waste a lot of vertical space, I would suggest putting elements of the top-most part of the side closer together and maybe strip some text like this: http://i.imgur.com/9MjNLvy.pngThat way the full screenshot has a better chance to appear on the page.

Writing:

Don't use slashes when you can use a word instead. "No-one can see / access your todos." could be "No-one can see or access your todos.". You are using "to-do" elsewhere which I prefer. I would recommend also using "To-Dos" in that header.

You say "I am sure you will love the design.". I would not use "I" in that page unless you introduce yourself first.

Also spotted "Yes its free." -> "Yes, it's free."!

-----

The praise is hidden here!The product itself looks slick and useful. Personally I am not a fan of flat design but you seem to have pulled it off nicely. Self-hosted tools are the best, thanks for doing that! I really really really suggest you make the landing page less annoying though. :P

2
M4v3R 1 hour ago 0 replies      
I would really love to see some good self-hosted Basecamp killer. This is getting close, but lacks Basecamp's most important feature (at least for me): discussions. This is something that we are using A LOT, and no other software even comes close to what Basecamp has to offer in that area.
3
notduncansmith 10 hours ago 2 replies      
Took 15 seconds to load the landing page. Honestly, you lost me as a user after the first 5 but I wanted to see the rest of the page.

Scrolled to the bottom quickly, had to wait for it to animate in so I was staring at a blank page for a few seconds.

Can't be bothered to try the product, since I'll be old and gray by the time it boots.

4
tjsix 13 hours ago 0 replies      
I think this app has potential but after installing a local copy and playing with it for a few minutes there are a few things right off the bat that are a bit of an issue:

First, creating a project doesn't work, after putting in the required info and clicking create I'm taken to an error page with no feedback as to what actually happened, even though the screen says 'something went wrong and we've noted that'. Also, requiring to add collaborators even if it's yourself is redundant, this shouldn't be required.

Tasks - The main tasks screen really isn't useful at all since each 'Task' takes up a huge amount of space, and all the links on the task card don't do anything, and even when sub-tasks are entered they don't show on the card. This section really seems like it should be tied into projects, not a standalone section, especially since there's a 'Todos' section as well.

In many places where input is required, it's not immediately apparent that the colored title area is editable or requires input.

There's quite a few little UI tweaks that need to be made, for instance the line height in the quick notes section on the dashboard does not match the notebook lines, so typing anything in there looks sloppy.

5
BorisMelnik 12 hours ago 1 reply      
I'm really impressed from what I see. Would love an excuse to not spend $200/month on project management software :)

I use a very popular SaaS right now but would actually rather self-host (I like to own my data.)

Haven't had a chance to install it yet but from from the look of it and general feedback I could see my company making a switch if it all checks out.

I don't need responsiveness, HTML 5, a mobile app or any of that. Just gimme something that works!

6
johnward 14 hours ago 6 replies      
Is "self hosted" considered a positive or negative these days? It seems like there is a small niche that still wants control over their data but everyone else seems ok with the cloud.
7
qmaxquique 10 hours ago 1 reply      
I just created a demo installation of 92fiveapp at Terminal.com. You just need to spin up a new container using this snapshot: https://terminal.com/tiny/yTUnxPVAiz
8
newman8r 12 hours ago 0 replies      
Seems like it's getting overloaded right now as I just get a loading animation for 20+ seconds.

I will take a look at this later though.

I have been liking scrumdo which also allows you to self-host the application (in addition to offering to host it for you - which is their profit model)

9
jotm 9 hours ago 0 replies      
Looks great, has potential: nice design, self hosted, responsive UI, open source. Maybe create a companion offline app for smartphones/tablets that would sync with the server?
10
Deusdies 14 hours ago 2 replies      
This looks exactly like something I've been looking for!

Curious, what kind of database (if any) backend is it using? If it's not using MySQL or anything heavy like that, I'm sold!

11
cpfohl 14 hours ago 1 reply      
I'd love to see a live demo of this...
12
ProAm 12 hours ago 0 replies      
This looks great.
13
skimmas 13 hours ago 0 replies      
Whoooa and it even runs on a macbook. sorry but I can't help but feeling screenshots inside "macs" look cheesy.
17
YC-Backed VizeraLabs Projects New Materials onto Any Surface
55 points by CSDude  10 hours ago   6 comments top 3
1
rustyconover 8 hours ago 0 replies      
This is pretty neat from a technical standpoint. I've used MadMapper before and it was kind of a pain to setup to use to do projection mapping.

First you had to hand map each section of the object you're mapping the texture onto. This involved having the projector project a pattern and you'd move and deform various mapping polygons (using a mouse) until you didn't have any bleed or holes in the projection. If someone moved (or more likely accidentally bumped) the projector or the target object the polygons had to be manually adjusted. It seems these guys have automated the process of mapping the object in physical space, against a pre computed model. They had some bleed above the top of the chair in their demo video so its not yet perfect.

If you're Ikea and can set this up in the store, for buying a couch, and just have people click their fabric combination they want to see. I see this being very useful because they can't show every fabric. Granted Ikea's are huge to accommodate lots of floor models, but this would still be a draw.

If Ikea had a whole bedroom or living room with projectors all around, you could try out an entire decorating scheme without having to pull everything together. I'd take the ferry from Wall Street to Red Hook just to play with it for a bit.

So rock on VizeraLabs, and start talking to Ikea and BoConcept.

2
throwaway7702 8 hours ago 2 replies      
It seems like the color of the furniture would have to be white, or nearly white, in order to project a full range of colors. Do they have a way of dealing with this?

Presumably the room also has to be dark, which might make it a bit harder to understand how the furniture will look in context. I'm curious: is there any projector technology that could make something like this work in brighter rooms?

3
HNJohnC 8 hours ago 0 replies      
I thought it was something that literally projects a material physically onto a surface. It's much more disappointingly mundane than that.

Bottom of idea barrel===scraped.

18
Whats 250M Light-Years Big, Almost Empty, and Full of Answers?
32 points by chicken_lady  9 hours ago   3 comments top 2
1
prawn 4 hours ago 0 replies      
For those too lazy to read the article: Botes void.

Love those graphics of the filaments and voids of the universe. Like bread or cake as it bakes and clumps around bubbles.

These scales are mind-blowing:http://en.wikipedia.org/wiki/Galaxy_filament

2
graycat 6 hours ago 1 reply      
Except for the full of answers part, the arrogance of the US Federal Government! Correction: They are full of answers, just not good answers!
19
Know How To Roll Your SSL Certificates
100 points by zrail  16 hours ago   24 comments top 8
1
simme_ 14 hours ago 2 replies      

    Just make a monthly recurring entry in your calendar that says "Check SSL certificates". 
If you rely on your calendar, it's simpler to create an entry in your calender for changing the certificate a few days prior to its expiration date. Monthly reminders will be ignored too easily.

2
spacefight 15 hours ago 2 replies      
"There's not much you can do to protect yourself against a service provider's certificate expiring,"

Well if you're a large bank or a heavyweight payment processor where an outage means lost $$$$ and not only $, you could easily have a few SSL certs from various root certs ready and roll one of them out once the sh*t hits the fan.

3
Someone1234 15 hours ago 4 replies      
> This is easy. Just make a monthly recurring entry in your calendar that says "Check SSL certificates".

I was honestly expecting them to reference a monitoring service. It is possible to do for free with Nagios if you have a Linux box kicking around on your network. There are also paid services who will monitor your certificates and send you a nice email when there is 30 days left to renew (including several SSL registers).

4
tilsammans 14 hours ago 1 reply      
I'd go with 2048 RSA key length, and put the certificate subject straight in the command line:

  openssl req -nodes -newkey rsa:2048 -keyout www.example.com.2014.key -out www.example.com.2014.csr -subj "/C=COUNTRY/ST=STATE/L=CITY/O=COMPANY/OU=/CN=www.example.com"
I have exactly this in an Ansible playbook https://github.com/tilsammans/playbook for rails).

5
relix 14 hours ago 1 reply      
If you want to be notified when your SSL certificates are about the expire, or when there's something wrong with them, I'm building a SaaS that will keep track of these things for you:

http://www.domainsquire.com/

6
zdw 2 hours ago 0 replies      
A good guide to creating your own CA to go with this:

https://pki-tutorial.readthedocs.org

7
bwblabs 14 hours ago 1 reply      

  Process  - Know where your key is  - Know how to generate a new CSR from that key
It's adviced to use a NEW private key, in case there was a private key compromise you didn't know about.

Also see https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Pr... point 1.2).

BTW there is NO reason to regenerate the CSR if you reuse the private key.

8
joseacta 13 hours ago 0 replies      
You can also configure alerts to be sent when domains and SSL certificates expire using Expiration Reminder. We already have customers using it specifically for SSLs:

http://www.expirationreminder.net

20
Hangouts Now Works With Google Apps Account
46 points by canguler  10 hours ago   11 comments top 7
1
hkarthik 9 hours ago 0 replies      
Pretty awesome. I was tired of having a Google Plus account for personal use and for work just to access Hangouts.

Very annoying that people would "discover me" on both Plus accounts when I did my best to hide both profiles.

2
scrollaway 9 hours ago 0 replies      
> Update: Google had given us early access to its blog post about todays announcement. In it, the company specifically referenced that anybody with a Google account could now use Hangouts with needing a Google+ profile. The final copy of the blog post changed that language to any Google Apps customer account. We regret the error.
3
mperham 8 hours ago 1 reply      
The requirement to log in coupled with multiple Google accounts made starting a Hangout so painful every single time. I switched to http://appear.in months ago and love the simplicity it provides.
4
Renaud 6 hours ago 1 reply      
This has been a pet peeve of mine, the fact that, even in an organisation paying for Google Apps, you were required to enable Google+ to use Hangout.

The issue is that Google+ leaks information: your profile picture and full name get returned from google searches, even when all privacy settings are turned on.

If you are in a position where security and privacy are somewhat important (even if it's only to yourself), your only resort is to not use Google+ and by extension not be able to use Hangout, which becomes an issue when other people in the organisation need to communicate with you.

Fortunately, https://appear.in works great (even in China, unlike Hangout) and there's no extra software to install.

5
cheald 6 hours ago 0 replies      
This is quite welcome. Having to run two G+ presences to be able to use hangouts personally and professionally was a big annoyance.

That said, I think it bodes poorly for the future of G+, since Hangouts is one of the biggest things it has going for it.

6
smegel 9 hours ago 0 replies      
Now please extend this to Play Store app reviews and YouTube comments...I won't be holding my breath.
7
crack_one_out 9 hours ago 1 reply      
Too. Late. Users. Gave. Up. Already.

Signed,

Real Name? Ha!

21
Transactional HTML Email Templates
233 points by twakefield  15 hours ago   29 comments top 13
1
patio11 14 hours ago 2 replies      
These are incredible. Thanks.

Elaboration: You can buy email templates on ThemeForest for ~$2 and they'll be prettier but it is very, very rare that they are actually as thoroughly tested as these are. Source: The guy who deals with bug reports like "It's unreadable on [insert a device that neither the designer nor the email sender owned]" way more often than he'd like to.

Fun story, which I'm telling you because it is a fun story and not because I want to scare you off using Themeforest designs: I once bought, and promptly shipped, a transactional email template. It happened to include a reproducible remote crash against at least three major versions of Outlook. (After finding this out the hard way, I reported it to Microsoft's security, which looked into it for a few months before deciding "That sucks but it doesn't look like remote code execution is actually exploitable so phew dodged a bullet there, didn't we.")

2
sundance0 13 hours ago 4 replies      
These are great, and really simple to use. Already adapted for my latest project!

Also, if you didn't catch it in there: the [premailer][1] library is awesome, and helps make email templates more manageable (use CSS/LESS/SCSS styles like normal, then run your HTML email through premailer before shipping and it'll inline everything for you). I use the Python library with Django to preflight emails before sending. Works like a charm!

[1]: https://github.com/peterbe/premailer/tree/master

Also available in Ruby, Node, and PHP flavors

3
SuperKlaus 14 hours ago 3 replies      
Directly on the heels of "Open Source Email Templates (sendwithus.com)"https://news.ycombinator.com/item?id=8154646

Gotta love competition.

4
encoderer 14 hours ago 0 replies      
These are great. I've been thinking a lot lately about HTML email vs Text. I used to snicker at people who wanted plaintext, thinking them luddites. But I've had some experience on the other side of this lately with our SaaS startup, Cronitor. I've learned that a plainly worded and concise plaintext email can be a very powerful tool.
5
lelf 13 hours ago 0 replies      
Please don't forget to include text/plain multipart/alternative while you are at it.
6
jimktrains2 13 hours ago 0 replies      
For those of you, like me wondering what a transactional email is: http://blog.mailchimp.com/what-is-transactional-email/

    > So what is transactional email? Coming from a MailChimp     > state of mind, you might simply think of it as "anything     > that isnt bulk". Basically, it is email sent to an    > individual based on some action. It could be:    >    >   * an action they took directly    >   * an action they were the target of or,    >   * perhaps even inaction on their part

7
michaelmior 7 hours ago 0 replies      
Here's an alternative[0] from Sendwithus worth checking out.

[0] https://github.com/sendwithus/templates

8
pearknob 1 hour ago 0 replies      
A side note: I really love Mailgun as a service :
9
mendelk 11 hours ago 0 replies      
For those that need more complex designs, there's also responsive email templates from Zurb[0].

[0] http://zurb.com/playground/responsive-email-templates

10
jasonwen 12 hours ago 0 replies      
This is really awesome. Just needed this. 3 years ago. Sometimes I really think why things are so obvious but takes so long before someone realises and take action.

Thanks a lot for the resource!

11
callmeed 13 hours ago 0 replies      
These are really great.

If anyone is interested in collaborating, I'm thinking about converting these (and the SendWithUs ones) into ActionMailer layouts and views for use in Rails apps.

12
ferrantim 14 hours ago 0 replies      
Thanks Mailgun! These are really awesome.
13
orliesaurus 8 hours ago 0 replies      
sweet!
22
Salmon Cannon Fires 40 Fish a Minute
230 points by jjp  1 day ago   76 comments top 24
1
limaoscarjuliet 19 hours ago 2 replies      
Reminds me of Chatham Island black robin conservation efforts that turned out not so good:

http://www.plosone.org/article/info%3Adoi%2F10.1371%2Fjourna...

Conservation management often focuses on counteracting the adverse effects of human activities on threatened populations. However, conservation measures may unintentionally relax selection by allowing the survival of the not-so-fit, increasing the risk of fixation of maladaptive traits. Here, we report such a case in the critically-endangered Chatham Island black robin (Petroica traversi) which, in 1980, was reduced to a single breeding pair. Following this bottleneck, some females were observed to lay eggs on the rims of their nests. Rim eggs left in place always failed to hatch. To expedite population recovery, rim eggs were repositioned inside nests, yielding viable hatchlings. Repositioning resulted in rapid growth of the black robin population, but by 1989 over 50% of all females were laying rim eggs. We used an exceptional, species-wide pedigree to consider both recessive and dominant models of inheritance over all plausible founder genotype combinations at a biallelic and possibly sex-linked locus. The pattern of rim laying is best fitted as an autosomal dominant Mendelian trait. Using a phenotype permutation test we could also reject the null hypothesis of non-heritability for this trait in favour of our best-fitting model of heritability. Data collected after intervention ceased shows that the frequency of rim laying has strongly declined, and that this trait is maladaptive. This episode yields an important lesson for conservation biology: fixation of maladaptive traits could render small threatened populations completely dependent on humans for reproduction, irreversibly compromising the long term viability of populations humanity seeks to conserve

2
arethuza 22 hours ago 0 replies      
Transferring live fish by pipeline has been used in the fishing industry for a long time - large trawlers will store fish in salt water in tanks and when they get into port they are transferred by pipeline directly from the trawler to the fish processing plant so they are still alive when they hit the table where they are "processed".

[NB A fisherman explained this to me in Mallaig Scotland, none of the fishing boats I've been on were so high tech!]

3
ChuckMcM 1 day ago 2 replies      
I do not want to be there when the bears learn implicitly that salmon spring from the end of the tube :-) But I love the concept.
4
hudibras 22 hours ago 2 replies      
This is Hyperloop's MVP.
5
SinFulNard 1 day ago 1 reply      
I feel like this was the highlight;http://gfycat.com/SophisticatedFarawayEthiopianwolf
6
tombrossman 23 hours ago 2 replies      
I wonder how this affects the fish's slime coating, which is important to preserve. It seems like this would be rubbed off on the material as the fish is propelled along the tube, no?
7
alexissantos 15 hours ago 0 replies      
In 20 Million Years...

"Our ancestors traveled the beige tube to new waters, while the two-legged creatures watched and guided them."

8
ars 1 day ago 1 reply      
Watch only the second video, the first is terrible.
9
cwal37 15 hours ago 0 replies      
If you're interested in the current state of the US hydropower generation, potential resource out there, and really most everything around hydropower in the USA, check out the NHAAP website.

http://nhaap.ornl.gov/

NHAAP is the National Hydropower Asset Assessment Program, and it's put together a large chunk of the groundwork for the DOE's hydropower vision project.

http://energy.gov/eere/water/new-vision-united-states-hydrop...

10
morganm 22 hours ago 0 replies      
I recently watched DamNation [1] and was quite surprised at the shear number of dams located in the United States. The film claims that most have outlived their purpose. I can't recall the exact cost stated per fish to divert them around dams or raise them in a hatchery, but it was fairly high. The film's production quality was quite high and was fairly eye opening.

While doing a little googling, I found an article [2] claiming $7 million in fish ladder work after structural damage forced a reduction in water level. So perhaps this solution could be cost effective or quickly put in place in case damage occurs just before a run.

[1] http://damnationfilm.com/[2] http://www.columbian.com/news/2014/apr/12/crack-in-dam-force...

11
anon4 1 day ago 3 replies      
I've watched all the videos and I still can't understand how that thing can possibly work. They say it creates vacuum and transports things using atmospheric pressure, but both ends of the tube are open! What vacuum are they talking about? Is there a pump at one end sucking air? Am I looking at an elaborate prank?
12
freejack 11 hours ago 0 replies      
I've just finished listening to a radio interview where the guest asserted that technology and innovation is solely the domain of young white males focused on social networking problems to make money for the benefit of investors. I am so happy to have seen this on the heels of such a terrible interview.

And I love the thinking that went into this invention. I really appreciate the novel approach although I can't help but wonder how they've dealt with the issue of friction and how that might affect the fish - I imagine that there's a fair amount of heat created over such a long run, even at the relatively low speeds described in the videos.

13
ASneakyFox 22 hours ago 1 reply      
This would be crazy if fish start to understand the cannon. Use it on their own and then continue on to find their destination (rather than be totally lost and confused
14
ommunist 1 day ago 1 reply      
This device in its usefulness reminds me the squid gun of the infamous Vector superhero from Despicable Me. Normal people build cascades around dams for salmon. Once built these require zero maintenance.
15
chrisBob 14 hours ago 3 replies      
What attracts the fish to the tube? The ladders work by providing some water that is going down stream slowly it is an obvious path. If there is no water to swim upstream against I don't understand why a fish would enter a random tube.
16
lubos 1 day ago 5 replies      
Could this be used for humans? Looks like fun way to commute.
17
ErikRogneby 11 hours ago 0 replies      
This is a huge improvement on trucking them around the dams when the reservoirs are too low for the fish ladders.
18
gipp 16 hours ago 1 reply      
How do they get back down?
19
davidgerard 7 hours ago 0 replies      
Science article headline of the year.
20
jevgeni 20 hours ago 0 replies      
I'm happy to live in these times.
21
nether 1 day ago 0 replies      
into my mouth
22
Fragment 22 hours ago 0 replies      
How long before this is a Minecraft mod?
23
dsirijus 23 hours ago 0 replies      
It's a good thing to get out of your comfort zone every once in a while.
24
praptak 23 hours ago 0 replies      
Here is a Cow Cannon, we can estimate its firing rate at 10 cows per second: https://www.youtube.com/watch?v=F8sMXp6zCl8#t=205
23
Screenshot URL tracking and niki-bot
165 points by jpoesen  23 hours ago   45 comments top 9
1
orf 21 hours ago 3 replies      
I'm not fond of Chrome's app permissions at all. Too many apps just ask for permission to access everything, and there is little insight into what they exactly do.

I run the Ghostery extension and a year or so ago I noticed that when visiting YouTube ~15 analytic trackers were being blocked. Turns out a couple of extensions were injecting tens of trackers into popular sites (without my express permission), and I would have had no idea unless I had another extension to block and report this activity.

My girlfriends computer is worse - her extensions seem to inject actual adverts into lots of her pages. I asked her why there was an obnoxious "click the bottle to win 1000000$" flash advert on Facebook and she thought it was just how Facebook is. Same thing for YouTube and other popular sites.

2
fmavituna 18 hours ago 0 replies      
6 years ago I reported reported 2 important issues [1] to Diigo (XSS in all URLs if their extension is installed and information leakage for SSL pages - similar to what author said).

Due to their response and lack of ability to understand security issues I stopped using them, it's a shame to see they are not any better after 6 years!

[1] http://www.securityfocus.com/archive/1/493531

3
laggyluke 13 hours ago 0 replies      
Hm, whoever edited the title should reconsider - "Awesome Screenshot" is the actual name of the tool.
4
roh26it 21 hours ago 1 reply      
Free tools that provide value should hence be avoided. While evaluating a tool, I've always checked for if a company runs on 1.subscription money, 2. ads, 3. selling my data

Usually stay wary of signing up for anything which tilts towards 3.

5
splitbrain 22 hours ago 6 replies      
Can anyone recommend a similar extension as AwesomeScreenshot without this shady behaviour?
6
walterbell 22 hours ago 0 replies      
> You can drop api28.webovernet.com and the other site into your browser to see where they lead, but well save you the suspense: they are actually redirects for the API for a company called Similar Web, which is one of many companies doing this kind of tracking, and selling the data so other companies can spy on what their competitors are doing.

Is that part of SimilarWeb Pro? It's not clear from the website how their service could be used to monitor the web client traffic of specific companies. An independent reference on the quoted claim would be helpful.

7
spyder 13 hours ago 0 replies      
Yes, be careful because probably all of the developers of popular extensions are regularly getting offers to share their users' browsing data or to insert/replace ads on websites.
8
osxman 9 hours ago 0 replies      
For Mac it's also possible to use 'Stache' from the app store. This has a full-page screenshot functionality built in. It cost's $6,99 but it is also possible to store collections of interesting or inspiring pages/websites in a nice looking library. https://itunes.apple.com/us/app/stache/id870659406
9
ecommercewiz 19 hours ago 0 replies      
Wow, I didn't acknowledge this at all. Thanks for sharing your discoveries!
24
Show HN: Opp.io Meeting Minutes Made Useful
88 points by bujatt  16 hours ago   37 comments top 20
1
kenshi 8 hours ago 1 reply      
I think the demo on the landing page should be in the form of meeting minutes, rather than someone messaging a load of tasks to their (I assume) direct reports.

Why? Because the feeling the demo evoked for me was: "Uh oh. This looks like a micro-managers wet dream".

So rather than just have "@John please !phone client" perhaps the demo would itemise the meeting minutes with: "@John said he would !phone client and discuss requirements".

Perhaps this is simply because I have had the unpleasant experience of working for panic-driven micromanagers before. But I think you really want to make sure your landing page is resonating with "Awesome - this is going to make my life easier" vs. "What pandora's box of hell will this tool unleash in my organization and work life".

Product definitely looks useful though, and the above comments are about making sure you present it in its best light. Good luck!

2
steven777400 14 hours ago 2 replies      
The landing page is fantastic. I know exactly what this product does, and I can see where it would fit into our organizational needs, all without any effort on my part (I didn't even need to scroll, although there is more detail when I did).
3
mbesto 3 hours ago 0 replies      
Sorry to be that guy, but this clearly doesn't follow the Show HN guidelines:

https://news.ycombinator.com/showhn.html

"If your work isn't ready for people to try out yet, please don't put "Show HN" in the title. Once it's ready, come back and share it then.

For example, blog posts, email signups, and fundraisers can't be tried out, so they don't count as Show HNs."

4
taprun 12 hours ago 0 replies      
I get the feeling that this product would be really good for people who are moving about quite a bit - delivery folks, plumbers, surveyors, etc. Are you going to call out specific types of people who would be best served by this?

Also, minor grammatical nitpick: "LESS MESSAGES" should probably be "FEWER MESSAGES".

5
alphydan 2 hours ago 0 replies      
How is it different from the old "The Deadline"? (a startup from the now defunct http://hackfwd.com/ which has been trying this for a few years). They changed their name to:

https://www.telety.pe/

6
bujatt 15 hours ago 8 replies      
Hey, I am one of the guys behind this. Would love to hear your feedback on the landing page of our upcoming beta.
7
malloreon 4 hours ago 1 reply      
It should be "Fewer messages are more."

You use "less" when the item in question is not measured in discrete units - "there is less rain today than yesterday."

You use "fewer" when the item in question is measured in discrete units - "there are fewer raindrops today than yesterday."

Messages are discrete units.

9
ams6110 7 hours ago 0 replies      
You say meeting minutes made useful but the header on the website is "Succinct Team Messaging." I actually didn't see anything that looked like meeting minutes presented anywhere.

Was hoping this would take minutes from Word as 95% of secretaries will use, somehow extract action items, and then help communicate/track them.

Everything shown here I would just use email to manange. It's not outdated, it works and it's an LCD. I run a small nonprofit organization and was hoping this might be helpful because action item followup is a pain point. But I wouldn't use this.

10
itazula 5 hours ago 0 replies      
I see that Sarah says that "As you may know ... " so presumably everybody is on the same page to start, but going forward it seems that only Sarah has a holistic view of the situation. Is this not the case? And are dependencies handled? For example, in a more complicated case, should Task A be done before Task B, etc.?
11
erichurkman 9 hours ago 0 replies      
If the mini demo on the home page is accurate, be careful with those colors - light red & green specifically. Full protanopia is present in approximately 1-2% of males. Deuteranopia (less severe than protanopia) is present in some form in up to 5% of males of certain European descent.

For a reference, this is an approximation of what light red & light green look like for someone with protanopia: http://i.imgur.com/EGSlsmB.png

12
donaldguy 11 hours ago 0 replies      
This is a good idea and I'd like to use it, but it needs presentational work for adoption, I suspect.

In particular, I don't think that people without a software background are going to be comfortable with the abundance of syntactic sigils. Even in the twitter-native world, I think it will makes the product seem intimidating and un-natural (at least at first).

This is especially a concern because the value of using them is not immediately clear (excepting @person).

13
CWIZO 8 hours ago 0 replies      
As a non native speaker, I had to look up the definition of succinct, which was the very first thing I saw on the page. And I consider myself a very good English speaker.

So you might want to change that word to something a broader audience would understand.

14
rubyn00bie 7 hours ago 0 replies      
Looks awesome! I've been wanting something similar to this for a while now.

I wish there weren't 69,772 people ahead of me... (first world problems) :( or at least some way to gauge what that means.

15
omnivore 7 hours ago 0 replies      
We surely need this at my large government bureaucracy of an organization. Thanks for sharing.
16
fortpoint 14 hours ago 0 replies      
Interesting idea. Speaking as someone who manages a bunch of folks I don't find assigning action items w/o due dates very helpful. Is there a facility to specify a date?
17
thenipper 14 hours ago 0 replies      
This product looks pretty cool. I think i'd want a way to then take this an export the todos into an already existing workflow. Say into Trello or Outlook etc.
18
abengoam 14 hours ago 0 replies      
Oh wow. I was in the early stages of creating something exactly like this this myself - looks good guys!
19
trumbitta2 9 hours ago 1 reply      
Hello, Oppio is the italian word for Opium, one of the most dangerous drugs out there.

Just thought you'd wanted to know.

20
shamsulbuddy 13 hours ago 0 replies      
You have hit the pain point ..Very useful app ..great job
26
Our ancestors leaky membrane answers big questions in biology
69 points by happyscrappy  17 hours ago   15 comments top 7
1
ascotan 14 hours ago 2 replies      
Here's the actual article: http://www.plosbiology.org/article/info:doi/10.1371/journal....

tl;dr

The hypothesis here is that early bacteria/archea basically worked a lot like a car battery, with a + and a - terminal and the the permeability of the cell membrane allowed H+ to flow through the cell turning the little ATPase crank to turn out ATP. The unspoken hypothesis here is that organisms like this probably lived on the rock surface of a geothermal vent when there aqueous phase was acidic and there was another 'layer' that was alkaline (probably on the rock face?).

Overtime a Na+/H+ exchanger was added to increase the movement of H+ across the membrane which made the ATPase crank turn 60% faster. Eventually in phase 3 ion pumps really supercharged the ion gradient and allowed these organisms to move into environments that didn't need a bi-phasic H+/OH- layer. It's likely that the ion pumps and non-permeable membranes formed as the little guys moved out of the geothermal vents and diverged into new environments, giving rise to the divergent archea and bacteria.

2
fasteo 12 hours ago 0 replies      
There are highly conserved molecular structures that made it to our DNA. This is a good hint about the common origin of life.

Due to my genetic defect in the mitochondrial respiratory chain (ETC), this one[1] caught my attention. Apart from its potential therapeutic application, it shows how a xenotransplantation[2] at the molecular level can rescue a defective molecular structure in a living creature that is orders of magnitude more complex than the donor.

If you visualize the ETC as an engine with 5 different steps, with step 1 being broken, you go and get a repair piece from a much simple organism, a yeast in this case, plug it in the receptor and, lo and behold, the engine start working again.

And not only that, the piece from the donor serves the same function (pump protons to complex II of the ETC), but it is "internally" much more simple. This is a molecular "Lego" across species !!

[1] http://www.plosone.org/article/info%3Adoi%2F10.1371%2Fjourna...

[2] http://en.wikipedia.org/wiki/Xenotransplantation

3
mrfusion 12 hours ago 2 replies      
Would this tend to rule out panspermia since it looks like early life was primitive and very specialized to conditions on certain locations of earth?
4
idlewords 11 hours ago 1 reply      
"My name is LUCAI live on the deep sea floor"
5
scarmig 12 hours ago 0 replies      
Naive question: are we anywhere near being close to reproduce this in the laboratory?

As in, someone constructing something like the proposed primitive leaky LUCA, showing that it could survive and reproduce in the described environment, and then observing or engineering the changes that'd let it leave the vent?

Or is that far too ambitious to be realistic?

6
hammock 13 hours ago 0 replies      
How did the "bizarre, complex mechanism to harvest energy" evolve? Is there any evidence of simpler ones that failed?
7
im3w1l 13 hours ago 1 reply      
It is claimed that "all cells use the same bizarre, complex mechanism to harvest energy".

Could we in principle use some genetic engineering to make this process more efficient?

27
Law Students Fend Off a Patent Troll
355 points by teachingaway  1 day ago   78 comments top 21
1
TheMagicHorsey 1 day ago 6 replies      
I'm surprised there isn't an EFF-like non-profit that provides pro-bono patent defense to start-ups, against patent trolls. I would donate to that organization.

I've seen a lot of horseshit patents asserted against start-ups. If there was an organization that followed the troll around and offered defense services against all of their defendants, it would make trolling a lot harder, and might reduce the numbers of these parasitic lawyers involved in this shameless trade.

I just read about a Fish & Richardson patent partner who started filing his own "inventions" with the patent office, based on slight modifications of the patents he was filing for clients, and then sold those patents to trolls for huge sums. Its actually really easy to write patents focused on sabotaging your clients, if you are a lawyer and become familiar with their future roadmaps.

I know a bunch of trivial claims I could write right now and they would be worth a few million in a couple years, because Google, Facebook, and others would have to move in that direction in a few years (related to Machine Learning and image recognition).

All you have to do is follow conferences, understand the papers, and then write some trivial, and obvious evolutions of those techniques. Obviousness is something defendant's find extremely difficult to prove for highly complex technology, because the juries are made of people that have no idea what programming is, much less Machine Learning, and the judge is probably some moron, that thinks he is really smart, and assumes that he patent office is full of diligent geniuses ... and so he will give a lot of weight to the plaintiff's "USPTO certified" claims.

All it takes is for a programmer to be involved in one patent litigation and you see the patent system for what it is. A colossal system of giant, continuous, expensive injustice implemented in the hope of preventing an extremely rare form of injustice (when a true original inventor is cheated by a shameless larger company).

Imagine we institute an expensive system of highly trained commandos to follow every nerd in America around in high schools across the country, to protect them from bullying and to be their friends. It would certainly stop all physical bullying. But would it be worth the giant overhead/expense?

That is what we have to start asking ourselves. Even if the patent system prevents some rare injustices, WTF, is this continuous, and overwhelming cloud of uncertainty for every start-up and company worth it?

I feel like China and India are doing quite alright without overburdensome strong patent protection. And Europe seems fine with a hamstrung software patent system. And even in the US, Microsoft, Oracle, Adobe, IBM, and Apple got their start before software became patentable ... and they all did, and are doing fine.

If you see someone arguing for patents, they are almost always some fucking lawyer, troll, or someone sitting on a giant portfolio. The people actually making software every day don't want this shit system. VCs that fund start-ups, don't want it ... even though you would expect they want it, to protect their investments.

2
emptywindow 1 day ago 1 reply      
THESE PEOPLE DESERVE CREDIT:

- Prof. Jonathan Askin - @jaskin - runs the clinic, and trusted us to try this experiment.

- Maegan Fuller - @mafuller21 - did the lion's share of research and writing. Brilliant and dedicated student. She just took the bar exam.

- Jorge Torres - @jorgemtorres - Guy who actually knows patent litigation. Too bad he dropped out of law to be a VC. Pitch him :-)

3
nkurz 1 day ago 2 replies      
"The Supreme Court issued 6 patent helpful patent decisions while our case was pending. In particular, Alice v. CLS Bank invalidated patents on taking mundane tasks and doing them on a computer. The patent in our case was basically for sending notification calls from a computer. Probably invalid under Alice. A second Supreme Court case, Octane v. Icon encouraged judges to impose fee shifting penalties in appropriate patent cases."

...

"After reading it, and weighing the recent Supreme Court decisions, the troll simply dropped its case against CarShield. After months of dedicated work, the clinic students deserved a gavel-banging judicial decision in their favor. All they got was a quiet withdrawal. But I think we can still chalk it up in the win column. The case is dismissed (for now), the students learned real patent litigation skills."

Does the decision encouraging "fee shifting" require that the case go to trial? Does it require that the fees actually be paid by the defendant? Or might the law school students still be able to receive payment by the troll for their pro bono defense? It seems like the "new standard" would be much more effective if it also applied in cases like this.

4
dang 1 day ago 0 replies      
This is why we started using law school clinics to do free legal defense. Its a win-win arrangement: students cut their teeth on real litigation, startups get free legal defense, and patent trolls get nothing.

Bravo!

5
dave1619 1 day ago 2 replies      
I love this story and it's a great effort by this law school. I wonder if there could be some crowdsourced efforts to pool together key documents, resources, processes, etc so that defending against a patent troll could be more efficient. This would lower costs of defense and further discourage patent trolls.
6
monochromatic 1 day ago 3 replies      
> The patent behind all these lawsuits is not particularly innovative. It claims something about sending notifications after an emergency phone call. Heres the gist from one of the figures . . . .

This is a little disingenuous. You know the patent doesn't cover the "gist" or any particular figure. It covers the claims (which you don't mention at all, even in passing). And for some reason, you don't even tell us what the patent number is so we can look at it for ourselves!

From a little googling, I suspect that we're talking about Pat. No. 6,775,356. But why hide the ball and characterize the patent as "not particularly innovative" when you could just let people see it for themselves?

https://docs.google.com/viewer?url=patentimages.storage.goog...

7
funkyy 1 day ago 0 replies      
I love how Medium becomes my favourite "time waster". I remember about buzz in media about how pointless Medium was but since some time majority of articles I found on major suggesting websites from Medium are extremely interesting.

When reading articles from Medium I feel like I am not only not wasting time but acquiring knowledge in extremely fast pace.

8
josho 1 day ago 3 replies      
I love this. But, am saddened that the troll hasn't lost. The troll is free to move on to the next mark, which likely won't have a free legal team behind them.

I wonder if invalidating patents, that trolls commonly use, a good use of a law student's time?

9
u124556 1 day ago 2 replies      
>the troll simply dropped its case against CarShield

Yet the startup and the judicial system already lost time on this. There should be a fee for withdrawing cases like this.

10
darksim905 1 day ago 3 replies      
It was dismissed without prejudice. This means nothing. If a patent troll wanted to do the same thing & file for the same lawsuit, they could easily do so. This isn't a "win" for the sutdents as much as it's "oh, let's just drop it."

I'm glad they didn't have to the pay the troll, but I also hate when the troll doesn't get what it deserves, either: losing.

11
thro1237 1 day ago 0 replies      
I wonder if this model can work with the criminal justice system as well. Quite often, defendants feel it is better to accept a plea deal even when they have done nothing wrong because the economics of fighting a lawsuit (as well as the outcome in case of a botched up defense) makes it compelling to accept the accept the plea deal. The mechanism is analogous to the patent troll scenario. If law school students can take up these "troll equivalent" cases, they gain valuable experience and defendants get a fair shot.
12
ProfOak_ 1 day ago 0 replies      
This article reads like one from 2600. You should consider publishing it on that magazine. I'm not sure about the process, but it might be really neat to do so.
13
otterley 1 day ago 0 replies      
Alas, the case was dismissed without prejudice, which means the troll can just wait a little while and sue again later.
14
aceperry 1 day ago 0 replies      
I wouldn't be surprised if there was a lawschool that had students supporting patent trolls. There are some schools out there that are founded on ideological grounds.
15
gear54rus 18 hours ago 0 replies      
Seems like a brilliant solution to this problem

Stick it to them! Good work.

16
thinkcomp 1 day ago 0 replies      
The reason why it's so expensive for startups to even consider defending themselves is because attorney fees are supra-competitive and corporations cannot represent themselves in court pro se according to Local Rules, such as Civil Local Rule 3-9(b) in the Northern District of California. Whether through (absurd) precedent or rules codifying that precedent, it's been that way for 200 years.

However, it shouldn't be that way anymore--not after Citizens United. I'm fighting a lawsuit about this issue right now, and if I win (however unlikely), corporations will be able to represent themselves against patent trolls.

Is it difficult, confusing and complex work? Yes. Is it any harder than programming, or anything else a serious startup would do? Not really. And it beats paying a law firm six or seven figures.

The case is:

http://www.plainsite.org/dockets/29himg3wm/california-northe...

17
zavi 1 day ago 0 replies      
This is an efficient and sustainable model for higher education in general.
18
Confusion 22 hours ago 0 replies      
Isn't there a potential startup in here? The judicial process follows clear and distinct steps, with clear and distinct documents for every step. It seems like much of this can be automated as much as the trolls automate their process?

Question 1: has the lawsuit been filed in an odd/irrelevant place? Followed by some subquestions to be more precise. If so, fill out this form, include the addresses of .. and ... and we'll send a form letter to them for you, asking for a dismissal.

Question 2-5: keep stalling and asking for dismissals based on various reasons.

Question 6-10: try some other ways to get the troll to drop it, for instance by presenting an example of obvious prior art

Of course all letter include repeating references to relevant higher court decisions.

19
dang 1 day ago 0 replies      
20
asloobq 1 day ago 0 replies      
So much WIN!
21
peterJHS 1 day ago 2 replies      
This article suggests that this is a win-win situation for the startups and law students, but, it's a pretty one-sided deal here. This doesn't work out at all in the long term without unfair exploitation of the unpaid labor of the students.

While helping out gives the students experience, it's not reasonable to consider this any sort of real option beyond an occasional situation in which a startup can solicit a law-student who takes on a single case as part of their curriculum.

28
What caused today's Internet hiccup
174 points by jvdh  23 hours ago   23 comments top 6
1
BrandonMarc 1 hour ago 0 replies      
I like Renesys's take [1] on the subject as well:

Note that theres no good exact opinion about the One True Size of the Internet every provider we talk to has a slightly different guess. The peak of the distribution today (the consensus) is actually only about 502,000 routes, but recognizably valid answers can range from 497,000 to 511,000, and a few have straggled across the 512,000 line already.

[1] http://www.renesys.com/2014/08/internet-512k-global-routes/

It's interesting how they explain that since there's no true consensus for the actual size of the routing table, the "event" of crossing the 512k barrier has frankly already begun ... and, so far, hasn't been catastrophic, nor likely to be.

2
pilif 20 hours ago 2 replies      
>The 512,000 route limitation can be increased to a higher number, for details see this Cisco doc

and that doc goes ahead to explain how to increase the limit at the cost of space for IPv6. Worse: The sample code (which everybody is going to paste) doubles the space for IPv4 at the cost of nearly all the IPv6 space, even though we should soon cross the threshold when we're going to see more IPv6 growth than IPv4 growth.

3
kosinus 17 hours ago 1 reply      
It doesn't go on to say what exactly happens on the routers in question, but I guess they simply close the session and log an error?
4
freeasinfree 14 hours ago 1 reply      
I'm curious what Verizon's story is here.
5
VLM 14 hours ago 0 replies      
That's a nice site with some interesting graphs. They are a bit higher level than the simplest level of surveillance systems so I wouldn't start at an inappropriately higher level to see if there even is a problem. One lower level simple technique to determine or isolate if a problem even exists is to monitor TCP port 179 traffic rate (aka BGP) between your BGP speakers and your peers / customers. If the routers have nothing to talk about between each other, then there IS nothing to talk about, at least WRT routing problems. Or if one of "my" routers was having an intense discussion with another router, I knew something was up in that general direction. And it can be basically completely passive and completely isolated from the routing systems, which is cool. Just sniff -n- graph TCP 179 bandwidth over time. You'd like to see a nice horizontal low line of keepalives. Reboots or restarts make a nasty spike, never got much agreement but log-y-axis is probably for the best.

Obviously this only finds routing level problems. We can send a /17 to you just fine, but if you're having an IGP problem and sending every byte of it to null, well, from the BGP perspective that's just fine. Much as if you insist on sending us RFC1918 traffic we'll drop that route and traffic for you just fine, just like we had to eat your 0/0 route you're trying to get us to advertise to the entire internet. I think my head still has a flat spot from hitting it on the desk arguing with people.

Its been a decade since I did that stuff professionally at a regional ISP and I really don't miss it. Not much, anyway.

6
elchief 13 hours ago 0 replies      
Probably just the NSA upgrading some software.
29
X to close
666 points by viclou  1 day ago   186 comments top 46
1
pwg 21 hours ago 3 replies      
Another old example.

WordStar: Used "X" to Exit to system in its main menu (https://www.flickr.com/photos/markgregory/6946218793/?rb=1) - I do not know the revision shown in the screen shot.

According to Wikipedia (http://en.wikipedia.org/wiki/WordStar) WordStar was released in 1978. Which moves the date back to at least 1978 to use X for exit.

However, there is possibly a very simple explanation that the blog posting overlooked. In text menu's, such as WordStar's, which were quite common for a lot of software from that era, using the word "Exit" to mean "leave this program/application" was also common. When one goes looking for a single character memonic for "Exit" to build in as a keystroke to activate the "Exit" command from the menu, one has four choices: [e] [x] [i] [t]

Since [x] is an uncommon letter, while e, i, t, are more common, and therefore more likely to be used for triggering other commands in the menu(s), choosing [x] to mean exit meant that the same character could likely be used as a universal "leave this menu" command key across all the menus.

Which would then lead to the common _F_ile->E_x_it command accelerators in drop down style menus (whether in a GUI or in a text menuing system). [x] was unlikely to have been used for the keyboard accelerator for other entries in the "file" menu, so picking e[x]it was a safe choice.

It is not a far reach from _F_ile->E_x_it using [x] as its accelerator key to labeling the title bar button that performs the same function with an X as well, to take advantage of whatever familiarity users might have with the drop down menu accelerators

2
bhauer 1 day ago 2 replies      
As an Atari ST user from 1985 to roughly 1993, I wasn't expecting the author would actually mention GEM/TOS. I was pleasantly surprised when I scrolled down and, lo, there it is.

That said, since the "X" in this case is white on a black background, I always interpreted the icon as four arrows pointing inward to indicate a shrinking/disappearing motion. In fact, when you closed a window, GEM would play an (inelegant) animation akin to the Macintosh of the time, composed of a sequence of boxes first shrinking from the size of the window to a small box and then shuffling that off to the top left of the screen.

As bemmu points out, the maximize button (at the top right in a GEM/TOS window) is four arrows pointing outward. Incidentally, GEM did not have a notion of "minimize."

Put another way, although I find the Japanese inspiration argument interesting, I don't think there's a whole lot to it. I think it's a fun coincidence.

In any event, thank you for the trip down memory lane and for the fun screen grabs!

3
glurgh 1 day ago 6 replies      
http://toastytech.com/guis/ns08.html

NextStep 0.8, '88 vintage.

4
sbw1 1 day ago 6 replies      
Interesting, but the connection to symbols from Japan seems a bit dubious (or at least not very recent). The term "cross out", and hence the use of an "x" to indicate negating something, seems to have been in common use in English since at least the 1920s:https://books.google.com/ngrams/graph?content=cross+out
5
lunchbox 1 day ago 3 replies      
It can also be thought of as a pun -- when you want to "exit" an application, you "X it".
6
itazula 1 day ago 2 replies      
Wow, I had always thought the "X" was like an elevator close button. Sort of like a greater-than sign and a less-than sign put together: ><.
7
kybernetikos 1 day ago 1 reply      
The Acorn Arthur operating system, a precursor to Risc OS used a sort of fat X icon to close windows in 1987

http://www.mjpye.org.uk/images/screens/arthur2.gif

8
literalusername 1 day ago 3 replies      
In this early demo (Codename: Chicago), the minimize and maximize buttons have been redesigned, but the close button remains the same, and to the left as before.

I wonder where the author got the idea that the [-] button at the top-left was a close icon. It was the "Control Box", a menu icon. AFAIK it's still there, just invisible -- hit alt+space to open it.

Disclaimer: I'm currently unable to test that.

9
lwh 21 hours ago 2 replies      
The delete/rubout key on many old terminals had an X on it. Like this: http://www.cosam.org/images/vt220/keyboard.jpg
10
iachimoe 1 day ago 2 replies      
As the article shows, the close button on MacOS classic was basically an empty box, but on mousing down on that box, it transformed into something that looks a bit like an x. I'm basing this on what I can see from using [1], but from my possibly inaccurate recollection of using the real thing in the 80s and 90s, some versions of MacOS had an even more "x like" mouse down image on the close button.

[1] http://jamesfriend.com.au/pce-js/

11
batiudrami 1 day ago 2 replies      
I always found it interesting that Sony swapped the X and O buttons for the western Playstation market. In Japan X (batsu) does mean "back" or "no", whereas elsewhere it is reversed.
12
panzi 16 hours ago 0 replies      
It's not X, it's . (90 angle of the two lines) I always hate it when someone actually uses an X. Looks ugly.
13
quux 16 hours ago 0 replies      
NeXT had X buttons to close windows before windows 95, with a very similar look to to win 95 window button styles too. I think NeXTStep 1.0 was in 1989 or thereabouts.
14
jzzskijj 1 day ago 5 replies      
Too bad, that popular Windows applications like Skype and Spotify have gone against this and made "X to minimize". And their making of Alt+F4 also to minimize drives me nuts.
15
nwp90 1 day ago 3 replies      
No 'x' to close vi? Was that not always there? I've certainly been using it as long as I can remember; that's not to say it's always been there though - does anyone know when it was first available?

Edit: seems Wordstar used X too, probably starting in 1978.

16
pjlegato 9 hours ago 0 replies      
The use of the X symbol to mean "cancel, close" isn't nearly so mysterious as the author claims. "Cross off" and "cross out" are common phrases in English, and traditionally denoted by an X symbol (the "cross").

There is no reason to suppose that the GUI usage was inspired in any way by exotic Japan. The X as "cancel symbol" has been quite common in the west and indeed worldwide for millenia.

17
bluthru 1 day ago 0 replies      
What about crossing out dates or tasks?

http://cache1.asset-cache.net/gc/88203236-calendar-with-date...

Or crossing-out an item to "delete" it on the page?

18
spacesword 1 day ago 7 replies      
They mention X and O on the PS controller but usually in games O is for no and X is for yes. Completely opposite of the batsu/maru, incorrent/correct they were discussing.
19
kentosi 1 day ago 2 replies      
I recall being mildly shocked when Windows 95 came out with the the [x] button. I don't know why, but I thought that it was somewhat dangerous to allow users to quickly exit an application like this.

Maybe it's because I was used to Windows 3.11, where you had to actually double-click the [-] button to exit an application.

20
bemmu 1 day ago 1 reply      
In the Atari TOS screenshots, other icons such as arrows are black on white background.

If the icons in upper left and right are also like that, then the upper left icon is actually four little triangles pointing inwards and not an X. The one on the right is four little triangles pointing outwards.

(Or it could be an X)

21
BorisMelnik 1 day ago 1 reply      
Windows 95 was the first time I remember using it, and I have been using PC's since TRS model 80. It makes sense, X means "stop" in most cases and stop essentially means close or terminate a process / app.
22
pjmlp 23 hours ago 0 replies      
Windows versions prior to Windows 95 lacked an "X" button, but double clicking on the left menu icon would close the window.

A behavior still present in modern versions.

23
crystaln 22 hours ago 1 reply      
If I recall, clicking on the X on old Macs added an X inside the square, so I think there's a step missing from this article.
24
markmontymark 1 day ago 2 replies      
"Vi, vim, emacs or edlin?

No [x] to close these 1980's text editors either. X was commonly used to delete characters in-line, but not to close the program."

Hmm... I've used :x to write+quit in Vim for years. And, :X is to encrypt+quit. Don't have a year when that was added though. Could be fun to try and dig that up.

25
baq 21 hours ago 2 replies      
26
bane 1 day ago 1 reply      
Wow great article. I don't agree with his conclusion that it came from Japan. But it's as good a reason as any I suppose.

One quick thing, IIR Windows 2.0 and 3.0, the '-' button in the upper left wasn't "close". It was a small menu that happened to have close as an option.

27
lotsofmangos 1 day ago 1 reply      
RiscOS had the x as well in the late 1980s

edit - Here's Arthur, the precursor to RiscOS in ~ 1986 - http://www.rougol.jellybaby.net/meetings/2012/PaulFellows/10... - It has nice x icons.

28
mambodog 1 day ago 0 replies      
If you want to see the UI of GEM for yourself, here's an in browser emulator of an Atari ST with GEM:

http://jamesfriend.com.au/pce-js/atari-st/

29
kentaromiura 22 hours ago 0 replies      
IIRC on windows 3.1 keyboard navigation X was always the key for exiting, as E was already used for other things.

I clearly remember that for closing windows one could do alt+f4 (which was itself a shortcut to Close) or open the file menu (Alt+F) and select eXit.

I can't check but I believe it was the same for Write and notepad as well and any other programs that had the Exit option.

So maybe that's where the windows 95 developer took inspiration for the X icon

30
lukeh 1 day ago 0 replies      
Also: NEXTSTEP.
31
rangibaby 20 hours ago 0 replies      
I had a non-technical friend who insisted it was an x because you used it to "x it"
32
jimmaswell 14 hours ago 0 replies      
I'd always thought of it like the "crossing out" kind of gesture such as drawing an X over something on paper.
33
samdb 23 hours ago 0 replies      
Someone in our office insists on calling closing a window 'crossing it off'.
34
autokad 17 hours ago 0 replies      
This is a great story, and I enjoyed the look back at all the different OS. sadly if it happened today the x to close would have been patented.
35
edpichler 19 hours ago 1 reply      
I'm not icon designer, but I just finished the hackdesign.org course (I recommend it) and now I understand a little bit of it and now I always try to think as one.

The [X] icon in graphic windows software (not in WordStar, Vim, etc), and not thinking as a letter of the alphabet (remember that maximize and minimize don't are also) but just as picture, it remembers me something collapsing. Like something bigger in a normal state with the borders collapsing to a center till disappear. As when you turn off and old CRT television (or an Android powered cell phone).

36
brador 1 day ago 1 reply      
When we have completed a todo task we "cross it" to mark it done. i would say the x to close is intended to represent a "crossing out" not the letter x. It is pressed to signify a task has been completed.
37
boobsbr 19 hours ago 0 replies      
What about using CTRL-X to exit DOS programs?
38
mschuster91 1 day ago 0 replies      
Lots of banner ads make the close symbol e.g. the second from right (swap maximize and close) or swap the functions... thus exploiting muscle memory of people to open the ad :/
39
webkike 1 day ago 0 replies      
Perhaps it's not an icon, and was meant to indicate eXit. I know must use 'q' for quit, but I've seen a few programs that use 'x'
40
colmmacc 1 day ago 0 replies      
'X' always seemed fitting for another, more poetic, reason: The kiss of death (X also represents a kiss). I wonder if it was in the designers mind.
41
enesunal 20 hours ago 0 replies      
Well what you know about `windows` in GUI? What is the first appearence of the `windows` based-GUI?
42
Dewie 14 hours ago 0 replies      
Mouse-wheel to scroll (to intro).
43
EGreg 22 hours ago 0 replies      
I think I remember that hitting the "close" button on early, black-and-white macs would make a star appear in the square, signifying the press. Almost like the X...
44
mjcohenw 1 day ago 2 replies      
I misinterpreted the title as "X Windows consortium to close."
45
msie 1 day ago 1 reply      
For me, the pinnacle of Windows UI design has always been Windows 95.
46
minusSeven 1 day ago 2 replies      
Mind telling us why this is so important !
30
A Tenacious Explorer of Abstract Surfaces
95 points by Varcht  18 hours ago   23 comments top 10
1
onetimeusename 15 hours ago 1 reply      
A minor point, the article says that Hypatia of Alexandria was killed by Christian Zealots which is true except it was for non-religious reasons but rather political and it was in a city and time where public political executions were common. Maybe some women have had difficulty with their math, not in my experience but maybe elsewhere, but not Hypatia, she was not killed for her mathematics.[1]

[1]http://en.wikipedia.org/wiki/Hypatia#Death

2
codyb 10 hours ago 1 reply      
Correlation does not equal causation but the first thing that stands out to me among these two articles today about Mathematicians who've won Field Medals is their tenacious appetites for literature of all sorts as children.

I think it's incredibly important to note the diversity of subjects consumed and the importance of literature in these children's upbringing.

3
wglb 17 hours ago 1 reply      
Another thread with very remarkable discussion at https://news.ycombinator.com/item?id=8169367
4
alphydan 7 hours ago 0 replies      
for those interested to see the kind of language that is used to develop her ideas ... here's a taste

http://arxiv.org/pdf/0811.2362.pdf, Counting closed geodesics in Moduli space (PDF)

5
ph0rque 12 hours ago 0 replies      
My girls enjoyed my reading this article to them :)
6
kaitai 16 hours ago 0 replies      
The big speculation was whether it would be Mirzakhani or Sophie Morel, in number theory (Langlands program etc). So now we can start betting on the next round of Fields medals: will Morel be next?
7
triplesec 16 hours ago 1 reply      
A fine explanation of her work and trajectory for the intelligent nonspecialist: http://www.simonsfoundation.org/quanta/20140812-a-tenacious-...
8
jankeromnes 16 hours ago 2 replies      
Why not call it the Fields Medal?
9
bernardom 16 hours ago 0 replies      
Why does the WaPo use different colored fonts for different sentences within certain paragraphs?
10
tempodox 16 hours ago 2 replies      
It's about time. There seems to be hard evidence that girls are better at math than boys, on average. Hence, all other things being equal, more than half of world-class mathematicians should be female. I wonder how that applies to programming.
       cached 14 August 2014 07:02:01 GMT