hacker news with inline top comments    .. more ..    6 Nov 2014 News
home   ask   best   4 years ago   
1
The Sixth Stage of Grief Is Retro-Computing
261 points by daddy_drank  5 hours ago   35 comments top 21
1
japhyr 2 hours ago 0 replies      
My dad passed away three years ago. He began his career in the 60's and 70's, programming on punch cards. I remember him taking my brother and I to his cubicle at DEC in the 70's, letting us play a space invaders clone on a terminal. He taught me to program at 5 or 6 years old; I'll always remember my parents playing a simple number-guessing game I wrote in BASIC.

When my dad passed away, I went through his computer to help my mom figure out what to do with it. I say it was to help my mom, but really it was one last conversation about computers with my dad. I pored over the projects he was working on, and the books he had open on his desk. I remember thinking that this was the last language he'd use, the last modern framework he'd be working with. I remember feeling sad that no one would get to use this last project he was building.

So I see the old OS's popping up in the virtual machines described in the article, and all I can see is my dad. It starts to feel like grief, but then that feeling mixes with appreciation for everything my dad shared with me over the years. I didn't go into programming professionally out of college, but my dad's passing is pulling me back into it. I wish for one more day's conversation with him, to share what I'm doing these days.

We all love programming for many reasons, but at the end of the day it's really about how our work with computers and programming brings us into close circles with some of the best people we'll know.

2
jackgill 4 hours ago 4 replies      
The writing in this post is superb. One of my favorite lines:

"Windows is the Superbowl Halftime Show of operating systems. Given what everyone got paid, and how many people were involved, youd think it would be a lot more memorable."

As someone who spends a lot of time with Windows...yeah. But the post is really an amazing blend of technology and sentiment, kind of reminiscent of Neal Stephenson at his best. Makes me want to dust off my PDP-11 emulator and take another crack at Unix V6.

3
kraig911 4 hours ago 1 reply      
This really got to me and made me want to make an account just to comment that I am finding myself doing the same. I run the same old SNES emulator of FFVI(FF3) on SNES to play a hacked saved rom file I made to try and feel that energy I felt when I was just a boy with my best friend. Now I'm just a man that is caught up in habits of telling my wife I love her and pays the bills and all.

I feel no amount of planning an getaway vacation or getting a great project at work etc can bring me back that feeling of just kicking back with my friend jacking around with HIMEM.SYS to play Falcon 3.0 while we waited for duck tales to come on...

I miss you Nick - I wish you never found that gun.

4
ddingus 40 minutes ago 0 replies      
I really enjoyed both the writing and perspective in the piece.

Well done.

I have an Apple //e on my home work desk. It's running nicely, and it has a spiffy card that allows me to plug a USB flash drive in, boot from an image file on it, and reenter the first real computing world I started with.

Prior to the Apple, I got to flirt with a TRS-80 Model 1 a neighbor owned. Writing a few BASIC statements and actually having the machine respond was intoxicating for me. Loved it, and I knew right there and then I would be doing things with and on computers.

The Apple //e machine represents a whole lot of that early discovery time we all are thinking about. It was open, had a monitor, mini-assembler, reasonable BASIC, and, and, and...

I got bootstrapped onto computing and the magic of assembly language on that machine. And there were others, but that one really was the first. The friends I made, stuff we did, things we learned were like magic. I miss it all.

So, I boot that machine every so often. Really, I always just want to know if it still works. Then, I decide I want to write, play, code, and I do.

When I write, I can do it on that excellent keyboard, with the machine and it's memorable feel. The whole thing takes me back in time, and I do remember. And then I can get it back onto a modern machine with that same USB stick and wonder at such a gap, still being useful.

I was moved by the idea of keeping in touch with the little kid part. Yes. I have a great memory of my childhood, and can tell you many events, times, places, things, people. To be honest, I draw on it an awful lot. Sometimes it's to realize new perspectives for what they are, not as they are framed up, or colored to be. Other times, it's to remember that spark of interest and the drive to learn and explore.

Play. That too.

I love these machines and I love all the people I've come to know related to them. To me, I can understand a lot about somebody when we share a computing experience, be it retro, modern, or maybe something of a hybrid, like embedded.

@japhyr, I don't do it professionally either. Though I have done a few projects, drivers and problem solving. As you are aware, it's a bug that bites deep. Doesn't let go. Have fun. Remember. Your Dad would be happy with you doing just those things.

5
Yhippa 1 hour ago 0 replies      
This is one of the best pieces of literature I've read in a long time.

I have had a relationship with computing like many of the commenters here. I remember our kindergarten teacher letting us take turns grounding ourselves under the keyboard of an Apple IIe. I can't explain it but I could tell from that moment that I had a thing for computing technology.

I remember playing games at a friend's house on an IBM PC. Her dad worked there and we would just mess around and had no idea what we were doing in the game. I just loved interacting with the thing.

I remember long nights playing games on my cousin's C64. Playing Archon and some racing game. Doing basic programming.

I begged my parents for a computer and we eventually got one in 1993. It cost around $2,000 back then and was 33 MHz, had 8 MB RAM, and had a 207 MB hard drive. No sound card, CD ROM, or printer at the time. Game over from that point on. I knew I had to do something in computing technology for a living.

Things seem so figured out these days. I wonder if kids get that same feeling of novelty we got back then?

6
cbd1984 1 hour ago 0 replies      
And another little thing that stays with me, anyway: "C" as the name of a programming language. Not C, but "C". Maybe it's like Platonism: "C" is the "Form", C is the imperfect shadow the "Form" casts on our world. But then, why is Java never "Java"?

I'm over-thinking this, but it honestly transports me to old web fora and Usenet newsgroups and late nights with a modem, stumbling around in alt. and coming across spammed chapters from "The Trance-Formation Of America" is pretty damned creepy at 3 AM when you're the only one awake, and learning about the deep C secrets in chatty posts is amazing when your only other source is "Learn Java in 21 Days For Dummies", but O'Reilly books come close.

Names come back. Dan Pop. Chris Torek. (I'm pretty sure they're still alive.) From a different group, Pascal Bourguignon, whose name I spelled right the first time although I'm sure I still can't pronounce it.

Strange typographical quirks. That's all it takes.

7
patcon 3 hours ago 0 replies      
Holy f*ck, that article was so much more than I was expecting, and it just kept getting better. I can't believe I almost passed it by. I'm still digesting it...
8
narrator 2 hours ago 0 replies      
A while back I booted up an Apple II emulator and got in to Bard's Tale for a bit. I used to play that game for days and days during lonely boring summers during my misspent youth. While playing it I remembered, if just for an instant, what it was like to be that age. The world seemed so vast and mysterious and complcated at that age.
9
vanadium 4 hours ago 2 replies      
What a fantastic read; I can relate to going back and trying to relive that sense of wonder in a certain place or time, whether it be retrogaming or booting up MS-DOS 3.3 and System 7.5 after my wife and child have gone to sleep. It comes back, if somewhat fleeting; I message my brother to talk about how much fun it was in those days, or to try and drive back a memory or two on how to do something I've forgotten.

So, so very relatable. Thank you for this. Now I want to figure out where I put my old archived BBS, unpack it, and take it for a spin in the dark.

10
johnloeber 3 hours ago 0 replies      
This article was simply superb. So much emotional, human depth. How interesting: I think Paul Ford was scraping at some real, deep aspects of what it means to be human... in a piece that is at least superficially about computers.
11
hanasu 1 hour ago 0 replies      
I found this really moving. It brings me back to pilfering discarded computers from a scrap metal company and bringing them back home like I had found the Ark of the Covenant. When I chose Red Hat as a science fair project. My jigsaw puzzles were motherboards and drive jumpers. My Walter Cronkite was Leo Laporte. I wish I could go back and figure out for the first time again that to keep playing in Oregon Trail on the Apple //e in 4th grade all you had to do was flip the disk over and put it back in. I never thought the world could be faster than an ISDN line.
12
JohnBooty 3 hours ago 0 replies      
I do this by watching YouTube longplay videos of games I've never played, for systems I never owned. Games for "exotic" Japan like the Sharp X68000 and the FM Towns that we never got over here.

I'm always trying (and occasionally succeeding) to recapture that feeling of catching a glimpse of some amazing thing in a game magazine. The wanting and imagining was always better than the thing itself, which is probably why I generally seem to prefer watching screencapped videos of the games to actually playing them.

13
ChuckMcM 3 hours ago 0 replies      
Perfect. Man that touched a lot of emotions in me, from fondness to anger to frustration to depression to envy and back again. And I had no idea Jim Kent was a force in the genomics world. I just remember all sorts of crazy things we would do with Animator and my kids.
14
zhx 3 hours ago 0 replies      
I bought an Amiga 500 six or seven years ago from that guy singing the theme song. He's a pariah in the Commodore community, but I gotta admit he had a pretty cool garage.
15
voltagex_ 4 hours ago 3 replies      
I think I've been into retro computing since the first time I was able to run ZSNES on a Pentium 133.

Does anyone think that some "retro programming" tutorials would be of any interest?

16
stevenjohns 3 hours ago 0 replies      
I don't want to sound redundant by repeating what everyone else has said but I just have to: that was a really great read. If you are after a good 20-something minute read, this is it. Stirred up all sorts of emotions and memories.
17
mturmon 2 hours ago 0 replies      
Beautiful piece. It jumps around, hitting my memory like chimes. Such wonderful writing.
18
tacoman 3 hours ago 0 replies      
This caused me to reminisce about all the software that I've worked on and used. The vast majority of it is gone and completely irrelevant.
19
lukeh 3 hours ago 0 replies      
Wow. A really beautiful article.
20
bch 52 minutes ago 0 replies      
The cadence of this reminds me of William Gibsons Agrippa.
21
asdfw88342432 2 hours ago 0 replies      
Amazing article, very touching.
2
How to Survive in SF as a Broke Startup
25 points by wlimdo  1 hour ago   9 comments top 6
1
rtpg 13 minutes ago 1 reply      
Does anyone have an update on the utility of building a startup in SF? Except maybe for the (certainly large) class of "interacting with real world" or "local" startups (like Uber or Grubhub) I feel like you could gain so much more by even being outside of LA or something instead.
2
BadassFractal 12 minutes ago 0 replies      
Very impressive. I'd say that your age group and your relationship status have a very dramatic impact on your ability to pull something like this off.

Imho if you've already "done your time" somewhere else, this option becomes a lot less palatable.

3
qwerta 0 minutes ago 0 replies      
Move outside SF?
4
peter422 12 minutes ago 1 reply      
You can start a failed company in a lot of cities. Congrats on living in sf on the cheap but it really isn't useful information to help aspiring startup founders.
5
bsims 7 minutes ago 0 replies      
Any other Sunset start-ups out there?
6
hagope 1 hour ago 1 reply      
The thought of starting a company in San Fran makes me cringe a little with prices the way they are...but what you are doing seems very resourceful, kudos to you and good luck.
3
Show HN: Wall of Text
18 points by louisstow  1 hour ago   2 comments top 2
1
epaga 15 minutes ago 0 replies      
Oh this is too cool and I would love to hear more of how you did it. What is your backend? Firebase or something?

I made an iPad app (soonish to be universal) called Mindscope which has a similar "wall" idea but when you tap text, it opens up a sub-wall for that piece of text, which enables outliner-like navigation. https://itunes.apple.com/us/app/mindscope-mind-mapping-outli...

I've been considering what I could do to make a web app version of it, but web development is not my strong suit (yet).

2
johnloeber 16 minutes ago 0 replies      
Neat! I like how it appears to have an 'infinite' capacity for expansion in any direction, though I don't know if that's a good or a bad design choice. (Could a constraint be creatively beneficial in this case?) This also seems like a good use case for ASCII art.

Edit:

I made a quick walloftext page. I foolishly shared the link here on HN. I regret not recording a video of the mayhem as people began to pour in and edit the wall. People started having little conversations on some parts of the wall. Other people defaced them. It was all-around chaotic, like a full IRC channel with no moderation. It's really an interesting form of communication, and it was very cool to see it unfold.

4
Independence Day
173 points by AndrewGaspar  6 hours ago   37 comments top 16
1
kaptain 4 hours ago 2 replies      
It's disappointing to see the cynicism and negativity directed to this announcement. Yes, the presentation is a bit lacking: the website is difficult to read for many and the video seems to be a big ad. But the message is so hopeful. I'm not blind/visually challenged/whatever the correct terminology is, but this announcement/description/advertisement made me happy.

It made me happy not because this is another channel to bring advertisers and consumers together (as others have pointed out) but because it seems like a way to leverage technology to really give help and hope to others.

Is there a reason why Microsoft shouldn't put their branding forward and promote their own devices if they put up money for the research? Apple does this all the time. I hope we take joy in the possibilities of freedom that this technology could provide.

2
lukasm 5 hours ago 6 replies      
The site is unreadable.

Here is the video https://www.youtube.com/watch?v=BEzncMLLOxE

3
snarfy 3 hours ago 0 replies      
Complaints about the website aside, this technology is great and is exactly the type of thing microsoft needs to be developing.
4
3327 6 hours ago 0 replies      
This is great I wish more large corps were putting money into stuff like this. its a real problem and without realizing business and some awesome tech will come out of it.
5
sargegood 6 hours ago 3 replies      
Terrible web design for those of us with a vision impairment.
6
Rapzid 1 hour ago 0 replies      
This has got to be the first article I've read that has incorporated ambient sound. The loop is terrible, but it's still pretty awesome! The coconuts were annoying though.. I hope more articles introduce ambient sound... I'm imagining this being integrated into novels.

Also, this is fantastic. I can totally see this being of interested to the sighted as well; maybe it would see better uptake than glass.

7
hrktb 2 hours ago 0 replies      
This could be a prototype project where three or four routes in one or two cities will be enhanced with bluetooth, a dozen of test subjects will try it on a refular basis, a few articles in the news will appear praising this visionnary concept and two months later everybody forgets about it.

Or it could be a proof of concept of a much wider plan, and from the results we would see the start of a massive undertaking involving huge swaths of cities clearing budget to put a bluetooth beacon on every street corner, public transport infrastructure is massively updated to have up to date realtime data accessible from the mobile apps In a usable format, shop owner and public facilities join the movement to enhanced their places for discoverability.

If this was an IBM project partenaring a metropolitan city council, I would be expecting the later. It's a Microsoft story centering on the technological aspect of it, I guess it's the former.

8
euske 1 hour ago 0 replies      
From what I've seen, iPhone is the de facto standard of mobile phones for visually impaired for now, because its VoiceOver function is pretty well made, and more importantly, its UI experience is far less varied than its competitors, i.e. Windows Phones and Androids. It has already a strong community and support from organizations like AFB. I hope this bring them a more healthy competition among the tech companies.
9
politician 6 hours ago 0 replies      
Great story, and a neat device that, in my opinion, has a better consumer electronics future than Google Glass.
10
xyclos 5 hours ago 4 replies      
"a reminder you're walking by a place with great Chinese takeout"

is this just a way to target ads at people with a disability? if all I'm trying to do is get form point A to point B, the last think I want is "interesting facts about history" or targeted ads.

11
bequanna 1 hour ago 0 replies      
A good reminder that there are novel implementations of existing technology (mobile devices, beacons) that can markedly improve the lives of those with disabilities.
12
kruk 5 hours ago 0 replies      
It will take a huge amount of beacons to make this useful. But a worthy cause and an interesting solution. Let's wait and see if anything comes out of it.
13
coherentpony 4 hours ago 1 reply      
Colour me cynical, but this seems like the perfect opportunity for Microsoft to take payment from corporations to adjust a blind person's route past said corporations' branches, thereby providing a sneaky targeted advertising campaign.
14
moeedm 4 hours ago 0 replies      
That website sucks.
15
sard420 4 hours ago 0 replies      
So customized billboards for the blind.
16
donohoe 5 hours ago 0 replies      
Native advertising
5
Reverse OCR
655 points by mrtbld  18 hours ago   80 comments top 28
1
albertzeyer 17 hours ago 5 replies      
2
praptak 16 hours ago 2 replies      
This is similar to the project where images of clouds were fed to face recognition software: http://ssbkyh.com/works/cloud_face/
3
jparishy 16 hours ago 1 reply      
Not strictly related, but reminded me of the exercise in genetic programming by Roger Alsing: http://rogeralsing.com/2008/12/07/genetic-programming-evolut...

It's a rather cool attempt to draw the Mona Lisa using random, semi-transparent polygons

4
bane 17 hours ago 3 replies      
This could be a cool way to visually "encrypt" messages. They're readable, but only by the correct tool. I wonder how these squiggles might be creatively arranged steganographicly in an image and still be "read" by the OCR tool.
5
kitd 16 hours ago 0 replies      
Could be used for automated printing of doctors' prescriptions ;)
6
mrtbld 17 hours ago 6 replies      
Perhaps this could lead to a new kind of captcha that only bots can solve. I doubt it would be efficient, though.
7
carsonreinke 13 hours ago 1 reply      
Looks like he has written tons of very creative bots. They are all very interesting ideas (e.g. http://randomshopper.tumblr.com)
8
sgentle 6 hours ago 0 replies      
It would be pretty interesting to see one degree of abstraction up from this - what sets of lines are close enough to match a certain word?

If you averaged over all those sets, would the resulting blobby heatmap resemble the original word in a legible form? Or something else?

9
jdimov 17 hours ago 4 replies      
What (if anything) is this saying about the quality of the OCR process? Especially since none of these seem human readable.
10
userbinator 17 hours ago 0 replies      
I can imagine generating a few pages or even an entire book of this, and some future generations attempting to figure out what sort of language it was written in... reminds me of this:

http://en.wikipedia.org/wiki/Voynich_manuscript

11
klausa 16 hours ago 0 replies      
I highly recommend watching talk Darius Kazemi (author of Reverse OCR) gave at this years XOXO: http://www.youtube.com/watch?v=l_F9jxsfGCw
12
zwass 5 hours ago 0 replies      
This reminds me of an experiment I played with using random search to "teach" the browser how to draw characters: http://zwass.github.io/Learn2Write/
13
cosarara97 17 hours ago 1 reply      
I couldn't get that OCR to read my mouse-written E. It's a nice experiment nevertheless.
14
emhart 17 hours ago 0 replies      
It has been fantastic watching Darius' myriad experiments over the past few years. His work always has a great mixture of whimsy and serious experimentation.
15
k_sze 16 hours ago 0 replies      
I think one of the problems is that the OCR assumes the images to be (English) letters.

To be really really useful, the OCR would need to consider at least all characters in the Unicode Basic Multilingual Plane. And then it needs to be able to reject an image as containing any word, and then it needs to solve the halting problem.

16
driverdan 12 hours ago 0 replies      
Here's the source code on github: https://github.com/dariusk/reverseocr
17
Aaronneyer 17 hours ago 0 replies      
Looks like my handwriting
18
lucb1e 13 hours ago 0 replies      
I can already imagine the innovation:

> Type over this text to prove that you are a computer.

> Human detected. Shoo, shoo!

19
MrBra 17 hours ago 0 replies      
Nice. Finally computers approached the age of writing. :)
20
jostmey 15 hours ago 0 replies      
A generative model, although computationally expensive, would not suffer this problem. Essentially a generative model can run in reverse, which means that if you feed values into the output you get inputs that could explain the output. Check out "Boltzmann Machines" for an example. There are plenty of examples for the MNIST dataset of hand written digits.
21
bmh100 12 hours ago 1 reply      
This actually seems like a great program for automatically generating adversarial examples to improve OCR. A human could rate this text as being illegible or legible. Each example can then be added to the training data to improve its quality.
22
z3t4 11 hours ago 0 replies      
I can't believe OCR has not been solved yet. The only one even close is OmniPage.
23
eurleif 12 hours ago 0 replies      
It would be neat to see the same thing, except using two OCR libraries instead of just one, and requiring both libraries to be able to read the message. I imagine the letters would start to look a bit less insane.
24
achr2 13 hours ago 0 replies      
Could this be used in a pseudo reverse CAPTCHA by showing a series of words, and asking the user to say which is not human readable?
25
shangxiao 16 hours ago 0 replies      
This is pretty cool, although it makes me wonder what the real world applications could be. It does, at the very least, tantalise my curiosity and gets me thinking.
26
methyl 14 hours ago 0 replies      
I wonder what would happen if you run this program letter-by-letter, possibly the readability could increase.
27
mslot 14 hours ago 0 replies      
I love algorithmic art.
28
Applico 16 hours ago 0 replies      
very cool idea.
6
Reflected File Download: A New Web Attack Vector
199 points by lelf  13 hours ago   61 comments top 15
1
JackC 8 hours ago 4 replies      
So to summarize:

(1) You can use semicolons to get some web services to ignore the end of a request URL and respond normally, while tricking browsers into downloading the response as a file with an arbitrary name. This allows you to send a victim to a mainstream site (Google or Bing, e.g.) and have them end up with a file with the name of your choice in their Downloads folder.

(2) If the web service responds with user-submitted data, you can potentially get the contents of that file to be a valid executable. For example the author demonstrates a JSON response that is also a valid Windows shell script.

(3) By combining these two exploits, the author speculates that you can trick users into executing files that they wouldn't execute if they were hosted at g00gl3.com or similar.

The last part I'm not totally convinced of -- are there examples where attackers gain a big advantage by having a downloaded file come from a trusted URL?

Even setting that aside the first two parts are pretty neat, and I wouldn't be surprised if there are other interesting ways to exploit them.

2
metzman 9 hours ago 5 replies      
I think the author is claiming that clicking on https://www.google.com/s;/ChromeSetup.bat;/ChromeSetup.bat?g...results in a file ChromeSetup.bat being downloaded, but in chrome and firefox the file downloaded is f.txt.

Has anyone tried this on other browsers?

EDIT:

Here is the portion of the paper explaining why this no longer works:

"However, a common implementation error could result in Reflected File Download from the worst kind. Content-Disposition headers SHOULD include a "filename" parameter, to avoid having the browser parse the filename from the URL.

This is the exact problem that multiple Google APIs suffered from until I reported it to the Google security team, leading to a massive fix in core Google components."

3
matthewmacleod 9 hours ago 1 reply      
during the RFD research I discovered that all [Windows security] warnings are dismissed if one of the following strings appear in the filename:

- Install

- Setup

- Update

- Uninst

That's pretty amazing is this still the case? It's obviously a deliberate decision, and seems to totally negate the value of those warnings.

4
akavel 8 hours ago 0 replies      
The gist:

"The URI specification[1] defines the ability to send parameters in the path portion ofthe URI by inserting the semicolon character (before the query portion that starts with a question mark "?"). Many Web technologies support this feature [a.k.a. "path parameters"].

In simple words, if a web server accepts path parameters it does not really consider them to be a part of the path, which means we can inject any content, as it will be ignored. However, when it comes to determine the filename of a download the vast majority of Web browsers (all browsers but Safari) parse and set a filename from path parameters."

[1] http://tools.ietf.org/html/rfc3986#section-3.3

A fairly obscure feature of URIs, apparently Correctly handled by some web servers, but apparently overlooked by most browsers. Argh. Again.

5
murbard2 9 hours ago 0 replies      
I found this presentation a bit more helpful to understand the concept

https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Re...

6
adr_ 8 hours ago 1 reply      
7
apeace 4 hours ago 0 replies      
It seems browsers are making a poor assumption here: that if HTTP/HTML say to download, the browser should immediately begin downloading the file to the user's computer.

The content-disposition filename is an effective hack to fix RFD. But as other commenters pointed out, just linking to evil.com/worm.jpg.exe achieves a similar effect to RFD, and can be just as effective on many users.

Windows has failed to warn users about what is happening when random executables are run (and RFD attacks that in particular). They should improve on this.

Perhaps the browsers should also change their behavior? They could prompt users with information about what is happening when a protocol specifies that a download should begin.

8
jchrisa 7 hours ago 0 replies      
I really enjoyed the tone of this paper. If only more technical articles can be written in a matter-of-fact voice like this.
9
alkonaut 8 hours ago 1 reply      
If the downloaded payload would auto-execute without warning then this would be serious. Otherwise (if it needs intervention) it feels like a far fetched threat.

1) Aren't the people who would execute files that randomly download exactly the people who can never find the files they download?

2) Aren't the people who execute random stuff from the Internet also the people who won't be able to tell whether a URL feels trustworthy or not?

So by 1) you could just as well serve funny.jpg.exe to the victim, and by 2) you can reach a wide enough audience by serving it from your bad guy domain rather than trying to masquerade as Google.

10
Arnor 9 hours ago 0 replies      
> Having the ability to control some of the content that is returned by the server in the response body is crucial for an RFD exploit to be successful.

This sounds like an XSS attack against downloaded files as opposed to rendered HTML.

11
STRML 9 hours ago 1 reply      
The bit about the semicolon separator was new to me. Are there many web services using the semicolon to send parameters?

In any case, it seems that the real bug is that browsers don't properly recognize `;` as a separator and can derive the resource name from what comes after. That's definitely a problem; it would be crazy if, for example, you could craft a querystring ending with "&/file.bat" and the browser would parse it as a file download.

12
0x0 9 hours ago 4 replies      
I'm not sure I understand how this is "worm"-able - it still requires the user to manually execute the downloaded file? How is this any different from pasting a link to a "lol.jpg.exe" malware?
13
gohrt 9 hours ago 1 reply      
The linked document describes all the obvious parts that have been known foreer, but doesn't mention the interesting part: what webservices respond to user input (URL) by serving a previously nonexistent (server-side) document with a name derived from the URL.
14
larrys 9 hours ago 5 replies      
"The user executes the file which contains shell commands that gain complete control over the computer."

Perhaps someone could verify the following.

If a user is logged in without privileges (not the admin user for example on Mac but a "standard user") then there is no (is there?) way to "gain complete control over the computer" without entering an admin user and password later in the process.

Typically I operate two (or more) logins under OSX. One is "standard" user and one is "admin" user. I only browse under "standard" user never under "admin" user. To me "admin" user really serves no purpose but needs to be there for obvious reasons.

This way I always have to enter the name of an admin user in order to install or make any system changes.

Further, from the command line I would need to do:

su <admin user name>[password]

and then

sudo -s [password]

15
hernan604 6 hours ago 0 replies      
Dont click on that link, it might contain a virus!
7
Why Intel is adding instructions to speed up non-volatile memory
51 points by joe_bleau  7 hours ago   14 comments top 4
1
unwind 26 minutes ago 0 replies      
Very interesting! It's always fun to see "external" development in the general field of computer architecture affect low-level stuff like a CPU's cache and memory subsystems.

It wasn't super-easy to figure out who in the grand ecosystem view of things is going to have to care about these instructions, but I guess database and OS folks.

Also, if the author reads this, the first block quote with instruction descriptions has an editing fail, it repeats the same paragraph three times (text begins "CLWB instruction is ordered only by store-fencing operations").

2
bahahah 54 minutes ago 0 replies      
There are several storage class memories that are nearing commercialization. Intel is betting big on at least one of them. Most technologies in this class are orders of magnitude faster and have orders of magnitude better endurance than flash memory, while being only slightly slower the DRAM, yet non-volatile.

It is plausible that with another layer of in-package cache they could eliminate DRAM altogether, replacing it with ultrafast NVM. Imagine the resume/suspend speed and power savings of a machine whose state is always stored in NVM.

3
Animats 2 hours ago 2 replies      
Computing really hasn't figured out how to handle non-volatile memory as yet. It's almost always used to emulate rotating disks, with file systems, named files, and a trip through the OS to access anything. Access times for non-volatile memory are orders of magnitude faster than disk access times, so small accesses are feasible. But that's not how it's treated under existing operating systems.

There are alternatives. Non-volatile memory could be treated as a key/value store, or a tree, with a storage controller between the CPU and the memory device. With appropriate protection hardware, this could be accessed from user space through special instructions. That's what I though this article indicated. But no. This is just better cache management for the OS.

4
sweis 4 hours ago 1 reply      
I've heard predictions that a significant portion of new x86 servers will be using non-volatile memory within the new 5-7 years.

Memory is becoming the new disk. This could have major security implications, as memory contents are unencrypted in general.

Fortunately, Intel CPUs will have hardware support to encrypt SGX enclaves. Perhaps that support can be used for general memory access as well.

8
How I reverse-engineered Google Docs to play back any document's keystrokes
393 points by jsomers  15 hours ago   83 comments top 30
1
morgante 2 hours ago 0 replies      
I don't understand why most of the commenters here are focusing on the privacy implications rather than the technical aspects.

Is this really a privacy breach? It's been obvious that Google stores revision history since it launchedyou've always been able to access a thorough revision history in the UI itself...

2
6stringmerc 12 hours ago 2 replies      
Clever, very clever.

As somebody who has worked full-time, over-time, and essentially in my sleep with Word files, PowerPoints, and highly sensitive bid documentation...yeah, I have to agree working in the cloud for this kind of stuff strikes me as career suicide. Maybe not in your turf, re: software development, but with respect to management, operations and marketing people, there should only be one person with the key to the kingdom. I'm not kidding about this, even if just talking internal development.

Also, this is why everything went out as a locked down PDF, unless explicitly mandated otherwise by RFP/etc specifications...and even then, Track Changes > Accept All Changes is gospel. Anybody in my line of work saw what the .GOV did with converting PDFs and simply redacting with a graphic over the text...yeah, that's why I'm a first-class proposal developer, because I've seen carnage yo.

3
character0 14 hours ago 4 replies      
The creation story for this is really neat. This could be an amazing tool in the school setting, especially for people that teach in university writing centers. This isn't just asking an author for a peek behind the curtain, asking a few questions about what they were thinking at the time of writing, this is Breaking the Magician's Code level stuff!

I am curious to see who is (brave enough?) to show their writing process in all its glory.

4
michaelx386 13 hours ago 3 replies      
I broke out in to a cold sweat watching this as I remembered all the times I've inadvertently pasted sensitive stuff in to a document. It's still very cool though, I'll just need to remember to be careful when sharing documents.
5
forca 13 hours ago 1 reply      
This is a very good reason to never use software in the so-called "cloud". I also remember years ago when someone showed me "Track Changes" in MS Word and other programs and how you could go back and look at, say, a bid offer and see if everything was on the up and up. You could see, esp. if the document was a form letter or canned response, to which other companies were offered different terms, you name it.

I dislike revision-able software for a number of reasons. Privacy is the foremost reason. Yes, yes, "if you've nothing to hide, you've nothing to fear..." That old chestnut gets trotted out every time someone worries about security or privacy.

Since about 2000, I keep my documents in plain text only on an encrypted drive backed up several times over -- none of the backups are online, but I'm still good if my house burns down, my machines get stolen, you name it.

No, just no.

6
bjoe_lewis 11 hours ago 0 replies      
For more information about the grammer/schema for document operations, which is actually what is transmitted in the /save call of gdocs,

[1] http://wave-protocol.googlecode.com/hg/spec/federation/waves...

[2] http://code.google.com/p/wave-protocol/ - wave protocol project (initiated by google, now maitained by apache) is the root from where gdocs adopted OT.

7
kens 14 hours ago 3 replies      
I find it fascinating to see how much deleting and rewriting the author did on the first two sentences of his Atlantic article. You can see the idea getting rewritten in many ways.

Is this a typical way to write a magazine article? I wouldn't have expected so much time revising the opening sentences before getting the rest of the article in place. (But there's probably a lot of variation between writers.)

8
marknadal 7 hours ago 1 reply      
Great article, fascinating.

The author mentions that his system doesn't handle rich text, which is fine, but I'd just like to comment on how difficult of a problem handling rich text is. If anyone is interested in having a personal text-only replay editor, check out http://sharejs.org/ by an ex-Google Wave engineer.

As far as handling rich text, I've talked to the original co-founders of Writely (which became Google Docs), and I've also spent a good 8+ months on it as well. There are lots of tradeoffs involved, that diff-patch-match (as mentioned in the article) won't work on. Doc's ultimately expresses styles as applied ranges, rather than actual markup.

Point being, Google keeping every keystroke you've made is absolutely necessary for realtime collaborative writing.

9
mintplant 7 hours ago 1 reply      
Didn't Google Docs used to have this "playback" feature built in? I clearly remember there being a slider at the top of the page that you could scrub back and forth through a document's revision history.
10
jrochkind1 11 hours ago 0 replies      
Lawyers doing discovery will definitely want to know about this.

So will document retention specialists trying to foil laywers doing discovery.

So will hackers looking for sensitive information, and security specialists looking to avoid sharing sensitive information.

There probably really ought to be an "erase history" function.

11
userbinator 9 hours ago 1 reply      
This is one of the reasons why it's great that the source code of web pages/apps is (relatively, compared to binaries) easy to reverse-engineer - because of their environment inside a browser, web apps have such a low barrier to "phoning home" and making requests that privacy-sensitive information being leaked may otherwise be difficult to notice. Imagine if they were all encrypted/obfuscated binaries...

I don't use Google Docs (and probably never will), but if I did, all those requests - "these /save calls every time I typed something" - would be enough for me to investigate why it's generating so much traffic. I'm using an OS that still has a useful network activity indicator icon, so I easily know when there's data being transmitted/received when there shouldn't be.

There's a line of thought that says those sorts of indicators are unnecessary and a distraction, and that maybe valid justification for removing them, but I can't help feeling like their removal is making users more unaware of what their machines are doing - and thus easier for companies to do things like this to them.

12
ChicagoBoy11 9 hours ago 0 replies      
I've tried using the example URL on his blog with one of my documents, just to see exactly how the information is stored, and I could never get it to send me an actual response with any of my documents. Has anyone had any luck?
13
skywhopper 13 hours ago 1 reply      
Interesting perspective by the author and most of the commenters here. My first thought when I read the headline and the article was "privacy breach!". This is certainly interesting data. But it can also be dangerous if the owner of the document isn't aware of the implications of the storage format.
14
misingnoglic 14 hours ago 1 reply      
I remember reading an article about how it's a shame that authors don't use pen/paper anymore, since we can't see their crossouts and things for rough drafts. I'd argue that this would be infinitely superior if authors would give us access to some revision history.
15
mattnewport 14 hours ago 4 replies      
When can we get an IDE that can do this, and track copy / paste across source files :)
16
jacquesm 7 hours ago 0 replies      
Very nice, not only because it shows you a playback of Google Docs documents but also because the author takes the time to note his inspiration, first drafts of the project and eventual evolution of it.
17
kdma 6 hours ago 0 replies      
Very cool read!but i dont seem to understand how the algorithm behind the whole phrase/paragraph tracking is supposed to work, anyone can enlighten me?
18
tlb 13 hours ago 1 reply      
Interesting -- I would not have guessed they were storing all our keystrokes. It'd be fascinating to mine that data, for example, to find patterns of typos.
19
maaaats 13 hours ago 0 replies      
Very cool. Just spent the day writing some integration for Google Drive, and was a bit amused when writing a single sentence in Google Doc increased the "Changes.list()" id with ~40.

But I'm curious: Can one delete these kind of revisions displayed here? Those visible in the GDocs UI are only a few, mayor revisions (which may be troublesome in itself for people not knowing about it and sharing a document).

20
pjc50 15 hours ago 1 reply      
Interesting. Is this a side-effect of the old Google Wave design, which had collaborative documents where you could watch your collaborator type in realtime?
21
atmosx 14 hours ago 0 replies      
Hahaha I loved the Hack the Gibson touch.
22
vtbose 12 hours ago 1 reply      
Reminds me of the submission https://news.ycombinator.com/item?id=557191 where we could see pg's thought process in writing the Founders Visa essay. (the link no longer works)
23
hftf 12 hours ago 0 replies      
Has the author made any insights into reverse-engineering Google Docs spell checking?
24
joshfraser 13 hours ago 0 replies      
I wish this was built as a Chrome extension instead of asking for OAuth access.
25
ThisIBereave 12 hours ago 0 replies      
Nice! Now I just need someone to make an emacs mode that does this.
26
steele 14 hours ago 1 reply      
Very interesting performance art opportunity here.
27
franciscop 13 hours ago 0 replies      
Horizontal Scroll of the Death...
28
zackify 12 hours ago 0 replies      
please add an SSL cert at least
29
salvadors 13 hours ago 0 replies      
I guess you didn't read past the first screen or two, then?

The section on "The Technical Origin" explicitly references that as the starting point for this project.

30
iclems 14 hours ago 0 replies      
Funny and interesting. Did you know that firepad.io is a rich-text OT text editor with timestamps? I think it's just what you need. You get a real-time collaborative text editor with a fully featured toolbar, and the exact history you need to replay.

Actually, Firepad does replay the history to display the current version on load (though it also has some snapshotting system to restart faster, but snapshots do not erase the history, they are kept in another location).

9
How My Printer Caused Excessive Syscalls and UDP Traffic
52 points by rzezeski  7 hours ago   9 comments top 4
1
akersten 2 hours ago 1 reply      
Yet another reason to cordon off printers and other mystery meat devices to their own special VLAN...
2
tedunangst 4 hours ago 0 replies      
I'll point out that the original vmstat output also revealed 3000 interrupts per second, in the column right next to syscalls. Many times it can be faster to look around at the high level instead of immediately diving deep. In this case, checking to see which device was causing the interrupt storm would have led to "something on the network" pretty quickly.
3
jmgrosen 2 hours ago 0 replies      
This reminded me of a Reddit comment I read just earlier today about overzealous mDNS packets causing battery life issues on Android: https://www.reddit.com/r/Android/comments/2ler3t/maybe_the_r...

Funny that these happened to appear on the same day :)

4
userbinator 4 hours ago 1 reply      
Is mDNS really so useful? Of all the people I know who know about it, everyone has disabled it when possible due to all the useless network traffic it produces.

Apparently Canon's wireless printers are well known for doing mDNS floods:

http://digitalhome.ca/forum/showthread.php?t=148153

http://forums.anandtech.com/archive/index.php/t-2171044.html

10
Apple malware affects mostly Chinese users
5 points by dan1234  24 minutes ago   discuss
11
Inflatable baby incubator wins James Dyson Award
7 points by twicenone  1 hour ago   discuss
12
Creating 3D worlds with HTML and CSS
240 points by tambourine_man  17 hours ago   39 comments top 16
1
newhouseb 11 hours ago 1 reply      
This is incredible work. I've written similar abstractions for my former startup (http://bubb.li/ - it'll take a while to load) which abstracted a 3D rendering engine across CSS3D, WebGL, and Flash. Unfortunately, when we launched the only platform stable enough for CSS3D were Safari & Mobile Safari and some Android (they also couldn't run any of the other aforementioned technologies at the time).

The primary issues are touch handling and clipping. The safari team nailed clipping (or they just relied on the GPU to do it for you) and touch handling has always been a little bit hit or miss, fortunately not huge for our requirements (although I did end up writing my own raycasting to compensate in some unreleased things). Chrome has been somewhat of an utter disaster with clipping and based on the current demo, still is (things flicker in and out randomly). They've come a long way (Android Chrome was locked around v18 or so for a while which was completely unusable for this sort of thing), but the fact that Chrome supports both real GPU accelerated and acceleration in software appears to have somewhat muddled their implementation.

2
fsloth 43 minutes ago 0 replies      
This is a very, very cool performance benchmark for CSS operations but for the love of god, don't ever even think about using it in production if there is a slightest chance a) someone else would need to maintain your code b) modify the content.

If you actually want to implement 3D graphics in production, please learn it first from a proper source.

This free online course get's you up and running on the basics of 3D graphics with WebGL: https://www.udacity.com/course/cs291

There are fairly decent books on WebGL available as well which also run you through the basics.

To get coherent 3D stuff going you need to actually understand what is going on at a fairly deep level, or you will just ruin everyones day who is a stakeholder in your project. Learn to use Blender at least on a rudimentary level. Learn WebGL. Figure out how to get the 3D content from Blender to your renderer. Then reconsider this.

[Note: I have a few years of professional graphics programming under my belt so I think I know what I am talking about.]

3
jbinto 11 hours ago 8 replies      
OT: Anyone remember VRML?

http://en.wikipedia.org/wiki/VRML

4
STRML 12 hours ago 1 reply      
This is probably the most insane way I've ever seen a 3d environment created (look at the DOM), but it really is incredibly well done. The performance is of course not nearly as good as WebGL, but it is a great proof of concept and could possibly be used a a polyfill for simple 3d effects and objects in browsers where WebGL is not supported or broken.
5
0x0 11 hours ago 0 replies      
This is awesome!

I guess this should be a nice test case for lots of work fixing z-indexing/z-buffering glitches for the Chrome developers, because I get constant z-fighting between the objects.

The fact that this works at all is a testament to how amazingly powerful modern DOM rendering engine are. All this from something that was initially designed to layout text on computer screen!

6
phkahler 9 hours ago 4 replies      
I'm going to offer a contrary opinion here and say that while the work is technically impressive, it's also crap. It's purely a case of "if the only tool you have is a hammer, everything looks like a nail". It is also NOT just HTML and CSS. Most of the real work is done in JavaScript. Given that, you might get better performance writing a software rasterizer that puts the whole image into a single rectangle and put that on a single div without 3d transforms. Another more "pure" implementation would use XSLT to convert XML into SVG with 3d transforms along the way.

What we really see here is a JavaScript 3D engine with a CSS backend. Impressive - yes. A good idea - not so much.

7
jnem 10 hours ago 0 replies      
I see things like this and am immediately humbled. Impressive work, the bar just got raised a bit.
8
AndrewKemendo 12 hours ago 1 reply      
In many ways this makes dealing with 3D easier, as theres no complex math to deal with just apply a CSS transform to rotate an element around an axis and youre done!

What? Knowing how to transform each object though is the hard part - especially as scaling needs to change if you are only using rectangles. The demo is a little wonky for me but I am also on an old FF system currently so I will look again when I get home.

I think this is really cool, and could be really interesting - I am mostly wondering how you transform 3D objects into the CSS dimensions.

9
overgard 6 hours ago 1 reply      
Really cool, although it seems to break a bit in my browser(s). Chrome ran it fast with some flickering, but in firefox it was a mess -- really slow and a lot of artifacts. Anyone else see that?
10
whoisthemachine 12 hours ago 0 replies      
This is interesting - it opens up the possibility of the usual design/coding separation of concerns that web development has had entering into web browser game development.

Also, the CSS syntax seems very straightforward as compared to the WebGL I've seen, which I haven't ever really been able to understand just by glancing at it.

11
stugrey 10 hours ago 0 replies      
He gave a great talk on this at the HNLondon meetup in September 2013, he was a really engaging speaker as I recall.
12
placebo 12 hours ago 0 replies      
I really like seeing examples that illustrate how the more limits are imposed, the more creativity thrives. Not that CSS/HTML are that limited, but as far as creating a full blown 3D environment they would definitely not be something I'd even think about, and then I see this...
13
doczoidberg 10 hours ago 0 replies      
Nice proof of concept. But I think there is no advantage in comparison to webgl.
14
mikelyman 12 hours ago 0 replies      
This is pretty cool. Has there been any performance comparisons between this new technique and HTML5 WebGL?
15
html5web 10 hours ago 1 reply      
Here's simple code for 360 Product Visualizer with CSS and HTML http://codepen.io/samarkandiy/pen/sLzmn
16
yummybear 12 hours ago 1 reply      
Hm. Yeah. Looks great I guess... But is it semantic?
13
Building C Projects
140 points by rsaarelm  14 hours ago   19 comments top 7
1
Rapzid 50 minutes ago 0 replies      
If anyone ever finds a linux C program that doesn't quite do what they need, my advice is this as I've had great success with it in the past modifying ntfs3g and the like..

Download the source package and open it in NetBeans! For what I needed clicking build JUST WORKED. For my purposes it was a short trip to adding some new arg commands and modifying functionality, then building and packaging it back into a .deb ready to go. I'm not sure if this is still the case, but NetBeans was pretty fantastic for this just 2 years ago.

2
tujv 9 hours ago 3 replies      
By contrast, the Plan 9 C compiler does use the header when linking. Header files contain a prama statement with library name, removing the need for linker flags.

See: http://plan9.bell-labs.com/sys/doc/comp.html

3
AceJohnny2 9 hours ago 0 replies      
Considering the glut of C build systems (often built on top of GNU Makefiles) as proof that this is a complicated field, this is a surprisingly undiscussed aspect of programming. Thanks for this link!
4
caf 5 hours ago 0 replies      
An interesting treatise, however the entire "Standard directory detection" part gives me the willies.
5
parados 10 hours ago 0 replies      
For the preprocessing part of the problem this might be useful: https://news.ycombinator.com/item?id=8356100
6
sysk 8 hours ago 0 replies      
This is probably the first time I really get what is happening during a build (despite having written a few C programs and Makefiles). Thanks for writing!
7
gnuvince 5 hours ago 1 reply      
> C is a compiled language[...]

Not off to a great start :/

14
Proxygen, Facebook's C++ HTTP Framework
251 points by mikeevans  13 hours ago   66 comments top 9
1
dcsommer 13 hours ago 10 replies      
Hey there, I work on Proxygen at Facebook. I'm happy to answer any questions you have about the project.
2
b3tta 12 hours ago 2 replies      
I really like your idea of the 4-part abstraction. Still Your library really is not "that" easy to use.

I'm currently working on my own library using libuv, http-parser, nghttp2 and wslay, which is very similiar in it's use to node.js. As you might guess a echo server is therefore only about 15 lines of code, but about as performant as your framework. The downsite is that it's not as flexible due to the missing "4-part abtraction" (really an excellent idea).

That's why your release somehow saddens me: When I'm going to release my framework to the public, it might be pretty good for cross platform apps etc. compared to others, but it will never ever be as popular as yours. Heck I don't even have 10 twitter followers.

EDIT: I wrote an example as fast as possible https://github.com/lhecker/libnodecc

3
beliu 12 hours ago 1 reply      
dcsommer (author of proxygen) gave a great talk about this at the last Sourcegraph open-source meetup. Here's the video: https://www.youtube.com/watch?v=-yxQIRl6Qic
4
rdrock 5 hours ago 0 replies      
We used to do nginx + gunicorn for our rest services, it was not responding well beyond a point (for a given ec2 instance). We replaced that with nginx + lua (openresty module), we saw almost 10x increase in response times. Would it make sense for us to invest in something like this and hope to see a significant performance gain? Lowering response times is not a big deal but being able to get those same response times on a lower priced instance would definitely help. We have no real C++ skills in the team but we could learn or hire.
5
thomasreggi 13 hours ago 4 replies      
"You will need at least 2 GiB of memory to compile proxygen and its dependencies." What?
6
bsaul 11 hours ago 2 replies      
Looks to me as facebook's answer to golang ?

Building simple, standalone http services with good performances seems to me what those two projects (proxygen and golang) are really about.

Now the question is, how much faster using C++ is, and how much safer and faster writing golang is...

7
cthulhuology 13 hours ago 1 reply      
what are the units on the table? the top looks like number of workers, but large numbers are unitless.
8
pcunite 13 hours ago 0 replies      
Excellent, I've been toying around with my own and looking at LibUV. I think the time is right for something like this. I want to maintain state on everything that connects to me.
9
amelius 11 hours ago 1 reply      
Skimming through the article, it seems to me that this server spawns a thread per connection, is that correct?
15
EFF asks for the right to revive abandoned online games
185 points by sinak  14 hours ago   34 comments top 12
1
abakker 10 hours ago 1 reply      
Bungie specifically allowed this to happen with the old Myth franchise. They open-sourced their bungie net code when they shut it down. Since then, several fan sites have kept the servers alive. The game was published in 1997.
2
teddyh 10 hours ago 1 reply      
Sadly, I dont think the game companies are going to accept this they are probably afraid that legitimizing this will make development of replacement server code start early (in anticipation of the shutdown of the official servers) and that the existence of working code, even though it will somehow be illegal to run, will still be run by many people, loosening the companys iron grip of the players through the official servers.
3
jkscm 10 hours ago 3 replies      
Correct me if I am wrong but the statement "games audiovisual content is primarily stored on the developers server and not in the client" is not true for any mmo.

3D models and audio are saved to the clients disk. It's the state of the persistent world that is stored on the server.

4
deanclatworthy 10 hours ago 0 replies      
I believe EA gave permission for xwis.net to do this for Red Alert 2. You can sign up with a legitimate key and it works as normal as the protocol was reverse engineered and DNS taken over :)

This was probably straightforward for an old game like this but I can't imagine that reverse engineering the infrastructure required for modern games is feasible. I doubt games companies will have the cash or resources spare to consider this from the beginning nor years after.

5
neito 11 hours ago 2 replies      
I'm kinda disappointed that they're carving out a huge exception for MMO-style games. If anything, I think that (if only due to the social structures that evolve within them) they're the most valuable but fragile types of online games.
6
kissickas 1 hour ago 0 replies      
Am I the only one still concerned that this is all still in the power of the Library of Congress? It's certainly nice when they're promoting openness and consumer rights, but I'm not sure I like the idea of leaving these choices up to unelected bureaucrats.
7
treehau5 7 hours ago 1 reply      
If we could get "NoX" by Westwood servers back online with clan matches and rankings I just may die a happy man
8
ChuckMcM 8 hours ago 1 reply      
Does anyone know if the previous abandonware allowances are still in effect?

[1] http://www.gamespot.com/articles/abandonware-now-legal/1100-...

9
subless 4 hours ago 0 replies      
I actually started a petition about this a year or two ago. Check it out and sign it: http://www.ipetitions.com/petition/let-memories-live/
10
austinstorm 7 hours ago 0 replies      
This is neat, so there's no chance it will happen.
11
djyaz1200 9 hours ago 0 replies      
Seizing the "moral high ground" in an attempt to get flappy birds back!
12
mahouse 10 hours ago 2 replies      
I wish this could apply to old WoW expansions.
16
Weekly Coding Interview Problems by Email
98 points by gameguy43  5 hours ago   28 comments top 8
1
travisfischer 4 hours ago 2 replies      
There is an occasional event that happens to me while on HN where I see a title that catches my eye because it rings a certain bell in my mind. I click through the link and as the page loads my stomach fills with butterflies as I experience the strange sensation of finding another person has implemented an idea of "mine", at times with frightening accuracy with regards to how I conceived of it.

I use "mine" because obviously the idea is not mine. It's an idea I'm sure hundreds of us of have had.

This particular site/product was one I "dreamed up" immediately after a very disappointing interview performance. The sting of that experience made me want to fix it for other people by giving them a clear path for being prepared for "Google-esque" interviews. This particular implementation looks to be fairly well executed. I signed up and hope it works out because I think it could be useful.

What these experiences confirm for me is something we all already know. There are really no new ideas under the sun. Or at least they are very, very rare. Just pick a problem you know you can solve and then solve it the best way you possibly know how and if your best is better than anyone elses best, and it's a good idea, and the timing is right, you'll probably be successful.

On another note, I think it's interesting the creator choose the "2 egg problem" as the example problem. I believe it is the prime example of everything that is wrong with engineering interview culture. Not sure if that makes it ideal material for a site like this or pointless trivia.

2
Aeolun 2 hours ago 2 replies      
I think the problem with this site is that it acknowledges that interview questions are something you can study for specifically.

Interview questions as a whole apparently have nothing to do with ability to really code. That's just sad isn't it? Riddles are no fun if they have to be solved under pressure.

3
karmacondon 3 hours ago 1 reply      
Interview questions are great tests of algorithmic thinking, which is why some companies ask them. I don't plan on interviewing for a job any time soon and I probably wouldn't want to work at a company that asks questions like this anyway. But I would like to get better at problem solving in general, and interview questions seem like a great way to focus on developing a better analytical approach.

I wonder if anyone else studies these types of problems and gains something from it, or if they're just asked during interviews and then forgotten.

4
mixologic 3 hours ago 1 reply      
I would walk out of a job interview that asked brain teasers. It's not revealing of anything and tells the interviewers that either you've heard that piece of trivia before, or you got lucky and reasoned it out. And "we just want to see how you think" is evidence that the interviewers hadn't thought about how to actually determine what kind of an engineer you were.

The best interview I ever had was basically a small amount of spec work accompanied by a writeup of why I did what I did.

5
marbemac 4 hours ago 1 reply      
Typo in the first sentence..

"We collect the most popular real-world coding interview questions and carefully craft wrteups that are ridiculously easy to understand."

wrteups = write-ups.

6
deadfall 4 hours ago 0 replies      
I signed up to http://codingforinterviews.com/ awhile back and only got a couple problems in my inbox. Hope to have better luck with this one.
7
kelukelugames 4 hours ago 0 replies      
i hope it's not just questions from Gayle's book and glassdoor
8
arturnt 5 hours ago 0 replies      
I get these emails weekly and it's very helpful in interview prep.
17
Delegative Democracy a scalable voting model
97 points by bdr  10 hours ago   89 comments top 24
1
jawns 7 hours ago 5 replies      
I came up with almost exactly this idea several years ago -- I called it augmented representative democracy.

I figured that software programmers would immediately latch onto the concept, because they are familiar with the concept of inheritance. You elect a legislator to vote on your behalf, and in many situations that legislator's vote is the same as your own, yet you retain the right to cast your own vote on any given issue.

But there are several objections that I could not overcome:

1) In our free, open, representative-style government, each legislator's voting record is a matter of public record, but each individual citizen's voting record is confidential. If we were to switch to augmented representative democracy, the question arises: Do we make each citizen's voting record public or private? Both options come with potential problems. For instance, if all votes are private, we lose out on transparency, and anonymity tends to embolden people to make some pretty nasty choices. (Exhibit A: Any online forum.) But if all votes are public, it could invite retribution that the average citizen is not equipped to handle.

2) It's hard enough to monitor roughly 535 federal legislators, to make sure they're not taking bribes or kickbacks in exchange for their votes on particular pieces of legislation. Could you imagine if you had to instead monitor all 207.6 million eligible voters? True, it also becomes more difficult to influence a significant number of them through nefarious means. (Suppose you need to bribe five senators to tip the scale in your favor on a particular piece of legislation. So you offer them each $1 million. Now suppose every eligible voter got to weigh in. You'd need to bribe more than 10 million of them, assuming they all voted. And a $1 bribe isn't nearly as attractive as a $1 million bribe.) But on bills where the vote is really, really close ... there is really no viable way to keep everybody honest.

3) A legislator's workload is (or should be) a full-time job. It takes a lot of time to read through bills and understand them. It takes even more time to fully consider its broader implications and its potential unintended consequences. As part of that process, you'll likely have to engage in discourse with fellow legislators; evaluate expert testimony; listen to the concerns of constituents, trade groups, lobbyists, and other organizations; and weigh the potential for the law to be challenged as unconstitutional. All of that takes time, and it's unrealistic to expect every eligible voter to assume that responsibility for the purpose of voting on policy directly.

4) In practice, the cases in which this augmented representative democracy would result in a vote different from the legislator's would be relatively few -- and yet there would be a whole lot of extra effort required to support the system. Basically, you would need an issue where the legislator's vote is different than what the people who elected him would expect (and the legislator, if he wants to be re-elected, is only going to do that sparingly), and you would need a substantial turnout of people willing to overrule him. Considering how few people vote in general elections, that's a tall order.

5) When you break it down, augmented representative democracy is really direct democracy, and not true representative democracy. And one objection to direct democracy -- take it for what it's worth -- is that there's a danger of mob-mentality policy decisions. If you look at some historic decisions, at least here in the U.S., the legislature was a bit ahead of the curve, compared with the population at large. So ... I guess the question is ... could direct democracy have derailed or delayed something like the civil rights legislation of the mid-20th century?

2
haberman 8 hours ago 4 replies      
Right now, the problem of "Representative democracy simply doesn't scale" worries me a whole lot less than "the politicization [and polarization] of absolutely everything": http://www.vox.com/2014/11/1/7136343/gamergate-and-the-polit...

I worry that letting people delegate their vote to their favorite outspoken political ideologue would make things even worse, because it would give those people real and direct power. Imagine Rush Limbaugh having the power to vote on behalf of millions of people.

3
JDDunn9 1 hour ago 3 replies      
Sampled democracy is a much better solution. Replace Congress with 1,000 randomly sampled citizens. That's the only way to get true representation.
4
astigsen 8 hours ago 3 replies      
Sortition[0] (selection of decision makers by lottery to get a group that is representative the population as whole) seems to me to be a much more interesting model. That was how the original Athenian democracy worked, and there has been several proposals to do this in a modern version.

I can recommend reading this proposal: http://www.context.org/iclib/ic11/calnbach/

The clear benefit of this approach is that it would be a much simpler and more transparent process, with far less opportunity for the emergence of career politicians and corruption. People would also feel that they were far closer to the democratic process, when they were represented by others just like themselves, and the actual decision makers may be enticed to make better decisions when they are ordinary people that will have to live with the result of their choices afterwards.

[0] http://en.wikipedia.org/wiki/Sortition

5
Lerc 1 hour ago 0 replies      
I had long decided that this was what I would focus on if I were going to be someone who did the start-up thing (I'm not. Mental illness is not compatible with doing a start up).

Rather Than governmental Democracy. Have a system where people can communicate information and ideas to large non-governmental entities.

Run a tree of delegates who feed information based upon its quality up to a higher level. Anyone may listen to anyone and speak to anyone but you can also choose to ignore anyone. You choose delegates for each individual case by picking someone receptive to your comment. People higher up the tree will generally only listen to people they know and trust.

This system would provide a useful middle ground to the current situation that people find themselves in when they need to communicate. Their main point of contact are automated systems or de-facto automated humans following processes. To get action on some significant issues, you need to win the publicity lottery and have you case become virally popular to the point where someone who can actually help makes contact.

It isn't as ambitious as running a government, but would serve a real need. As an example of the sort of thing where this may help, there have been numerous instances of Obvious Malware on the Google Play store that have managed to acquire a significant number of downloads. When these instances have been noticed and appear on reddit /r/android, they are swiftly removed from the store. I'm sure similar instances have happened where a company has taken the action they needed to take only after the problem has reached the front page of HN. Rather than having to make a big public noise (which only really works for a few), people should have an avenue to get information where it is needed.

As a business model I would aim to have companies pay to have their top tiers of the tree managed by full-time staff.

6
azov 4 hours ago 4 replies      
> Someone with power, like an employer, could pressure people into handing over their votes.

This is absolutely what's going to happen if such system is implemented.

Appearing to delegate one way, but having their votes counted another way? Seriously? It is way too complicated for an average voter. Even if you implement some sort of plausible deniability scheme (so that aforesaid someone can't just login with your credentials and set it up the way they want) - imagine explaining plausible deniability to a 90-years-old grandma or some uneducated farm worker, or a drug addict...

Elections are rigged this way even in countries with supposedly secret votes: bad guys might ask you to prove your vote by, say, snapping a picture of "correctly" filled ballot alongside your ID, but even that is not necessary - enough people will do what someone with power tells them to on a vague threat "if you try to fool us we will find out", or because it's a "patriotic" thing to do, or simply because they are told to and don't know better.

Not to mention that a huge number of people just couldn't care less. Half of population simply don't show up at the polls. How many of them will simply sell their right to vote for a token sum of money?

The current system is bad in many ways [1], but this proposal is even worse - way too much potential for abuse.

[1] Some reasons why - http://en.wikipedia.org/wiki/First-past-the-post_voting

7
dllthomas 2 hours ago 0 replies      
I've been thinking something along the lines of "legislature by jury" might be a better way of tackling propositions. Currently, I'm asked to make decisions about a bunch of issues that I don't know very much about. I can spend a lot of time researching them (and I usually do), or I can not vote (I do often triage a couple), or I can vote no if I don't understand it (or don't understand why the full time legislators can't just do it)... but regardless, it's a lot of time and effort and I imagine my vote is more or less lost in the sea of people who have paid less attention, and so much comes down to how effective the advertising, and I'm not confident that "stronger arguments in the set of arguments that can be understood in 5 minutes by the average voter" is a very good proxy for truth.

On the other hand, I do have some faith my my fellow citizen. Ask a group of us to set aside some time, do some research, sit down with some others, and make the best decision we can... and it wouldn't surprise me if we did a better job than either the legislature (not having to constantly think about how X will play with Y in the next election) or the broader mass of voters (having the time to focus on one particular issue, and knowing we have the responsibility of having our voice matter).

Oh, and pay us a high rate for our time. It would still be cheaper than running a campaign.

8
ljd 8 hours ago 0 replies      
This is exactly what we are doing over at PlaceAVote.com [0].

We are running 50 congressmen in 2016 on this platform.

Often times, it's called Liquid Democracy.

[0] http://placeavote.com

9
baddox 8 hours ago 1 reply      
I don't get it. Right now, an ostensibly fair and educated person could tweet his or her vote recommendations, and people could choose to vote according to those recommendations. Presumably a lot of voting is already motivated by trusted recommendations (even if it's just party lines).
10
chton 8 hours ago 1 reply      
How would this work with a case like foreign policy? Since everybody needs to able to participate, all the information related to a matter at hand needs to be made public. This is not always a good idea, especially when relating to diplomacy with other nations that don't follow this model, or to military intervention. It would essentially become impossible to hide anything from your enemies.
11
mooneater 9 hours ago 0 replies      
I think Delegative Democracy has lots of promise, and if done right may the the ideal form.

But it is very much still pervertable, and the devil is in the details as always.

It would be nice to see a thorough analysis of the ways DD can fail, and mitigations. Andrew hinted as some (including privacy and coercion) but most discussions are this are light on critique.

http://en.wikipedia.org/wiki/Delegative_democracy

12
revscat 4 hours ago 0 replies      
This looks like an interesting mechanism for fixing the moderator problem on Reddit. It would take a couple of cycles to get working rules in place, but it looks promising.
13
mladenkovacevic 9 hours ago 4 replies      
Does anyone know of any software products that use this model at their core?
14
Kinnard 1 hour ago 0 replies      
I'd love to see something like this explored on a blockchain.
15
mojuba 8 hours ago 0 replies      
When I read the title my first thought was that it would be a majoritarian system without districts: everyone votes for one candidate from the list and the top N candidates get elected to parliament. This would solve two main problems:

* The problem of the majority "choking" the minority in each district in the ordinary majoritarian system

* The problem of partisanship tending towards mergers and eventually a dual-party equilibrium in the proportional electoral system

I'm pretty sure this idea is not new and even has a name. And I'm wondering what potential drawbacks such a system could have.

16
humanrebar 8 hours ago 1 reply      
Isn't this basically the way the electoral college works, at least on paper?

Wouldn't it be subject to the same limitations of the electoral college, that future laws could restrict how delegates vote based on popular election results, etc.?

17
jiggy2011 8 hours ago 3 replies      
One of the biggest issues with this system would be that a rich company or individual could buy large blocks of votes on a particular issue.

Another might be that a delegate could present a popular set of views in public for the purposes of gaining a large number of delegate votes but then they could privately vote for their real beliefs which might be much more fringe, or perhaps they might change their mind close to the election.

18
webXL 9 hours ago 0 replies      
This sounds like it will create a marketplace for votes. But I might be OK with that, as long as bureaucracies can't buy themselves more power, which happens from time to time with the current system via campaign contributions.

Besides, people already vote with their dollars in the private sector, which should be the first place to attempt to solve problems.

19
Lidador 5 hours ago 0 replies      
How about Qualitative Democracy?

https://www.youtube.com/watch?v=X5cCyAqCkIw

20
ams6110 8 hours ago 1 reply      
Seems completely corruptible by intimidation, bribery... I guess our current system is too, but not as easily.

Who writes the legislation? Do we still have representatives for that? What does the Senate do? Seems to require a massive re-write of the constitiution. A non-starter.

21
bmmayer1 9 hours ago 5 replies      
In this model, what would stop a politician from paying voters to delegate their votes to his supporters and thus directly buying the election?
22
m0th87 8 hours ago 1 reply      
It's almost-pagerank applied to democracy
23
higherpurpose 9 hours ago 2 replies      
I think this is pretty much the German Pirate Party's "Liquid Democracy" internal voting model.

https://en.wikipedia.org/wiki/LiquidFeedback

24
jacques_chester 7 hours ago 1 reply      
Some version of this idea pops up every few months on HN. It's a recurring trope of techno-utopianism.

Here's what I said previously. https://news.ycombinator.com/item?id=2936365

I'd say something approximately as arrogantly today.

19
If you use a Mac or Android, e-commerce sites may be charging you more
68 points by altern8  8 hours ago   40 comments top 10
1
lorddoig 5 hours ago 7 replies      
> Unfortunately, the business logic underlying much of this personalization remains a mystery.

Price discrimination appears, at first glance, to be about maximising profit, but really it's about clearing the market.

Say you're a cinema, and you set your list price for a ticket at 10. 20 adults show up and buy the tickets and are happy. Then 10 students show up, scoff, and go home - they weren't willing to go above 7. The market has not cleared: you'd be happier with 70 from them than the nothing you've got, and the students would be happier being 70 worse off but having seen the film. Neither party got what they wanted, no trade occurred, and no economic value was created.

The situation could be improved so that everybody gets what they want without harming anybody else: set a student rate at 7. Students get to see the films and your cinema makes more money - everyone is as happy as they could be.

In this example, the criteria for price discrimination is discovered by intuition, existing knowledge of students, maybe surveys. But even this isn't ideal - what about that one really tight student who buys pasta in 20kg bags and who values a trip to the cinema at 4? Ideally you want their 4 and they want to see the film - but how to cater for them without shooting yourself in the foot by making the student price 4 across the board?

Until the advent of the internet and fancy algorithms that could at least try to understand you, you couldn't. But today maybe we can.

Everyone has their own "true" valuation for a given product (not how much they think it should be worth, but how much they're willing to pay), and if you're a supplier with a magic ball which can divine this with 100% accuracy then you're as well selling your product at 1p over cost if that's your customer's true valuation. Again: they get the product they wanted and you get profit you couldn't have had any other way, and everyone's as happy as they can be.

But we don't have magic balls, and you can't ask someone for their true valuation because suddenly you'll find yourself knee-deep in a bartering game of bullshit and lies. Your only option is to try to divine it somehow.

This is what these guys are doing. And it's a good thing. To say "this is wrong and it should stop" is incredibly selfish - with reference to the example above, an equivalent statement might be "Yes I'll pay 10 to see this movie, but only if those students don't get a discount, which I implicitly understand to mean robbing you, dear cinema owner, of 70, and those students of the chance to see this hot new flick, even though both of those things are fuck all to do with me."

If you're a habitual bargain hunter (not out of necessity, more as a personality trait) and you're feeling affronted by this then all you need do is take a cue from these companies and adjust your tactics to suit the 21st century. Googling around may have done you proud up til now, but the world has moved on. I daresay that once you've mastered the art of using a VPN, user agent spoofing, and possibly the cultivation of a set of dishonest consumer profiles, you may find you'll save even more money in the face of this new enemy.

2
bdkoepke 4 hours ago 2 replies      
I use http://camelcamelcamel.com for amazon price tracking. Does anyone know of any other websites like this with price tracking?

For instance, Artificial intelligence a modern approach is $135 right now, but using this site I can see that it was <$90 in January of this year and it hit $100 in September: http://camelcamelcamel.com/Artificial-Intelligence-Modern-Ap...

Same story with Introduction to Algorithms, except it is now $80 and the lowest it hit was $44 in October: http://camelcamelcamel.com/Introduction-Algorithms-Edition-T...

3
justcommenting 5 hours ago 2 replies      
these practices are converging on something like a 21st century version of redlining, and i hope consumer advocates will work to expose and address these modern forms of opaque price discrimination.

some may claim that these practices can benefit consumers, but unless it's done transparently in ways that consumers know and understand, it primarily serves to increase information asymmetry.

4
pixelcort 1 hour ago 0 replies      
Here's an auction style that could be used to determine an optimal price, particularly for digital goods:

1. Each shopper specifies the max they're willing to pay for the item. Perhaps pre-auth this price on their credit card.

2. Merchant calculates - for every hypothetical price point - total revenue from all the shoppers who would we willing to pay at least that hypothetical price.

3. Whichever price causes the most revenue wins. All shoppers who are willing to pay at least this much are charged and receive the item.

5
goforads 1 hour ago 0 replies      
It's worth reading the actual paper closely.

http://www.ccs.neu.edu/home/cbw/pdf/imc151-hannak.pdf

The authors didn't find any smoking gun. None. Zero.

They found some travel sites offering member discounts--no surprise there. They also found sellers were personalizing search rankings--no surprise again. And they found a persistent pricing differential for Home Depot, but were careful to note that it could be a server-side quirk.

6
userbinator 4 hours ago 1 reply      
I wonder if this works in the other direction too: pretend you're accessing their site from e.g. IE6 on Win98... or maybe a somewhat more recent but still extremely-outdated configuration that at least will work with their site.

Several years ago, for a brief period I used no user-agent header, which caused quite a few sites to show nothing more than an obscure "500 internal server error" message, which disappeared as soon as a UA header was added, even if it contained nothing more than random rubbish.

7
trhway 1 hour ago 0 replies      
Cue in Digital Millenium Retail Act prohibiting circumvention of technical measures of personalization (like turning cookies off with intent to circumvent personalization)...
8
calbear81 4 hours ago 0 replies      
I can provide some insight into why the hotel prices are different (I run Room77, a hotel metasearch site). Generally, many hotels enforce a parity price display rule with their sellers (think Minimum Advertised Price) so the travel sites aren't supposed to market a rate below the market price. There are exceptions built in for "members only" clubs since these users are gated and allowed to get a non-public rate. There are also exceptions in some cases for mobile rate discounting since they are generally last minute and if you have the app installed you could technically be considered part of a "club".
9
click170 5 hours ago 2 replies      
There are browser extensions to automatically compare prices for you already, is there something insufficient about those extensions or is it just that they aren't widely known and used?
10
etep 5 hours ago 0 replies      
So basically e-commerce sites are charging me more?
20
Nature: IPython interactive demo
106 points by ivoflipse  14 hours ago   19 comments top 7
1
jnoller 6 hours ago 1 reply      
Kyle (lambdaops) did the architecture: http://lambdaops.com/ipythonjupyter-tmpnb-debuts

It's a pretty amazing story about brining full instant on scientific notebooks to everyone.

It's running on the High Memory OnMetal instances here at Rackspace. Each container gets 512mb of ram.

2
rjtavares 9 hours ago 1 reply      
They also have an article about it: http://www.nature.com/news/interactive-notebooks-sharing-the...

I love the reproducible science movement and iPython is perfect for that. Glad to see Nature talking about it.

3
jofer 8 hours ago 0 replies      
Fantastic to see!!

As much as I hope things like this will be a tipping point for python in the scientific community (from a major player to the dominant player), monoculture hurts everyone. Fortunately, one of the great things about ipython/jupyter is that it's designed to be language independent.

I'm sure a lot of folks here are already aware of this, but just in case you're not: There are Julia, R, Haskell, Ruby, and who-knows-what-else kernels for ipython/jupyter.

I know the basic idea has been around for a long time (e.g. Mathematica), but ipython really is an incredibly well-done and flexible execution of the idea.

4
3rd3 5 hours ago 0 replies      
Its great to see IPython here. I think Mathematica is missing a huge opportunity in this area by being proprietary and by not providing a JavaScript implementation of the CDF player.
5
calebm 4 hours ago 0 replies      
I love IPython Notebook. Interactive public IPython Notebooks are very cool.
6
lake99 9 hours ago 3 replies      
I see this: "It looks like we're full up. Every single IPython Notebook is in use right now! Try again later and maybe you'll have better luck. Sorry for the inconvenience!"

Can someone tell me something about the notebook? I want to decide if this is something I should bookmark, and visit at a later date.

7
mapcar 3 hours ago 0 replies      
I'd never heard of dexy before but has anyone tried it?
21
The poetry and brief life of a Foxconn worker: Xu Lizhi (1990-2014)
189 points by jimmer  20 hours ago   80 comments top 17
1
xarien 9 hours ago 3 replies      
The second poem actually gives quite a bit of insight regarding his situation. Translation from Chinese to English is hard and much is lost in translation. I'll translate the following to prose as to minimize what's lost in the translation:

"Conflict"

They all say

I'm a child of few words

This I don't deny

But actually

Whether I speak or not

With this society I'll still

Conflict

"They've always told me that I was a quiet child. I do not deny that fact, however, whether I speak up or not doesn't alter the fact that I feel incompatible with this society."

The main beef I have with the translation is that conflict is a very explicit word whereas Chinese is much more implicit. It's pretty obvious that there was a large disconnect with what he wanted out of society vs reality. This is unfortunately quite common in China.

Being someone who grew up reading Chinese novels extensively, I can attest that the culture itself is heavily romanticized and when compared to the modern subversion influenced by the communist party, it's figuratively night and day.

2
CognitiveLens 12 hours ago 6 replies      
Suicide is a tragedy and people should always do what they can to prevent it. However, it is also something that will always occur in some portion of the population, typically as the result of depression. We should not ignore the fact that the suicide rate in, for example, the United States is an order of magnitude higher than it is at Foxconn. Foxconn employs over 1.2 million people, so the number of suicides will appear high compared with other, smaller companies. Working conditions are tough, the cultural environment is difficult for people with depression (which can be said for almost every culture), and the company could invest more resources to provide help to those in need. But we cannot 'fix' depression, and it's irresponsible to divert attention from the underlying mental health issue to blame the employer for all the employees who have committed suicide.
3
sbarre 13 hours ago 1 reply      
It's hard to remember sometimes that all the people in the world that live lives so much worse than ours still have their own hopes and dreams, their own aspirations and imaginations.

This article made me quite sad, despite the great poetry.

4
drderidder 2 hours ago 0 replies      
Wow, beautiful poetry. The article, and recently a documentary on the garment trade in Bangledesh [1] had me thinking about ethical consumption. Ever since watching "The Story of Stuff" [2] I've wanted a way to easily understand the ethical implications of purchases. I'd like to scan a bar code and get a 1-to-5 rating of how ethical and fair the product life cycle is - something like that. I'd be willing to pay more, and do with less, if it meant knowing that my purchases contributed to a healthy work-life balance, living wage, and... well, hope, basically, for the various people involved in the production chain. The Fair Trade label on my coffee doesn't go very far to quell the inner conviction that stories like this increasingly raise. I don't really care for a gold iGadget, or whatever, but I'd love one that's built with empathy. I don't buy the argument that fair-trade is a luxury for the upper middle class. I think it would benefit everyone and contribute to a more participatory economy. [3]

[1] http://www.cbc.ca/fifth/episodes/2013-2014/made-in-banglades...

[2] http://storyofstuff.org/

[3] https://news.ycombinator.com/item?id=8548035

5
mrottenkolber 10 hours ago 0 replies      

      "Conflict"      They all say      I'm a child of few words      This I don't deny      But actually      Whether I speak or not      With this society I'll still      Conflict   -- 7 June 2013

6
yourad_io 13 hours ago 3 replies      
The poems is heart breaking. Read them, even if they put a dent in your day.
7
modifier 4 hours ago 0 replies      
A few kind words, a moment of sadness and contemplation, then right back to the same consumer behaviors.

Hypocrites.

8
liangx4 12 hours ago 0 replies      
He ordered some books five days prior to the tragedy which makes me wonder if he is planned the suicide or not. Also I wondered if he has any poems that is relatively more positive. But it is just sad that these poems are so striking. Simply a loss.
9
brd 12 hours ago 4 replies      
This is one of those moments where I'm utterly distressed by the lack of a solution to curb all the frivolous consumerism of the world.

It's scary to consider how many others are just like Xu and how many more, us included, are only slightly better off.

10
yitchelle 13 hours ago 0 replies      
Does anyone else think that it is rather sad that the comments at the bottom of the article are bickering about the the licensing issues of the poetry? Although, it is an important issue, this article is probably not the most appropriate forum for the discussion.
11
oldmanjay 8 hours ago 0 replies      
I wonder how Xu would have felt about being used by such a wide variety of people to flog their pet causes?
12
bennyg 10 hours ago 0 replies      
Wow. Truly moving stuff. He has an amazing way with words, and the translator did an awesome job of porting it to English. So very sad.
13
frandroid 11 hours ago 0 replies      
I take great joy in seeing libcom.org linked on HN.
14
api 11 hours ago 3 replies      
Capitalism indeed seems to consign the masses to work that is drudgery and is intellectually beneath them, but so does socialism.

Every socialist experiment I'm familiar with has almost instantly devolved into a form of a capitalism based on social pull with the bureaucracy rather than financial leverage. The final endpoint of this trajectory seems to be the mafia state -- pure social pull capitalism within criminal-state complex hierarchies.

If there's a solution here, it may not lie within politics as we ordinarily think about it.

15
doctorstupid 6 hours ago 0 replies      
And I thought that the only totalitarian things about my macbook were its aesthetics and operating system.
16
simplemath 13 hours ago 3 replies      
Time for another facile PR stunt, Apple!

Alternatively, how about sowing 0.01% of your cash back into these workers and demanding that the factory improve working and living conditions?

17
omgmaouz 12 hours ago 4 replies      
As much as I feel for this poor guy I can't help but feel that this article is glamorising suicide.

Suicide is a selfish (IMO cowardly) act and I'm sure his family will suffer for the rest of their lives because of it.

22
Universal Fund
162 points by koopajah  12 hours ago   28 comments top 14
1
gracegarey 11 hours ago 1 reply      
Thanks for sharing! Want to make sure we mention that thanks to the founders of Teespring, donations are matched for the first 1,000 people to sign up. Let us know if you have feedback!
2
liber8 9 hours ago 1 reply      
I'm a little confused. For many months now, Watsi has charged my card each month for the amount I specified whenever I first signed up. Each month, I get an email explaining which patient my recurring donation was directed to that month.

What is different about the Universal Fund? Is this just the formal announcement of what was already in place? Also, will Teespring be matching the recurring donations that were already in place before this announcement? Thanks!

3
keeptrying 9 hours ago 0 replies      
Great idea for people who want to stay involved. Sometimes its easy to forget to give especially with a busy job and so many other things fighting for our attention.

When I fund a watsi patient, I usually post it to my facebook and try to herd a whole bunch of my friends into giving to the patient.

4
fillskills 8 hours ago 1 reply      
This is absolutely great. Very impressed by the team, website, idea. Its so amazing to see non-profits bringing transparency and reducing/removing marketing.

Something to think about: How does a funder know if the partner is not giving raised prices the operation. How well do you guys trust the partners and how close are your relationships?

[Edit] Found more info about the partners in their FAQ: https://watsi.org/faq#what-is-a-medical-partner. I guess the FAQ pretty much answer my questions.

5
sudonim 10 hours ago 0 replies      
Yay Watsi! I think this is a great extension to what you do.

For people who haven't tried the normal funding flow for Watsi - https://watsi.org/fund-treatments, directly funding someone's healthcare is an amazingly personal experience.

It literally costs you $10 to be part of changing someone's life and sometimes $100 to be the difference between them getting treatment or not. Making the donation recurring lowers the friction for someone to keep helping people if they had a good first experience.

6
hotgoldminer 9 hours ago 0 replies      
Amazing work! Beautiful design as well. Relevant NPR story: http://www.npr.org/blogs/goatsandsoda/2014/11/05/361433850/w...

Putting a face to the contribution bridges the gap. Sign me up!

7
vimarshk 8 hours ago 0 replies      
A Shoutout to Adam! He is doing an awesome job! This is something that will change the world..
8
kaahne 7 hours ago 1 reply      
Just signed up.

I was wondering how you select which patient will receive the donation each month ? Optimise impact ? Try and top up a maximum number of patient funds ?

9
mallyvai 11 hours ago 1 reply      
This is a really cool idea :-) looks like you guys are using Stripe's recurring billing features?
10
brandonmenc 4 hours ago 1 reply      
I just signed up, but can you show us what the average donation is?
11
coolnow 8 hours ago 1 reply      
What a great platform. Loving the transparency, but i have to ask, can you be transparent about where your funding comes from?
12
eximius 4 hours ago 0 replies      
Bold move to put the number of members on the website while it's so low. It's professional looking, but the low member count immediately makes me wary. I would have waited until it was higher. :/
13
TwoWheelWonder 6 hours ago 1 reply      
How is this different from the typical charity/NGO donation drives of "donate 39 cents a day" ad? I saw how introducing personal connections to individual medical treatments was different from the norm, however this now seems to reverse that by going right back to the old school, typical, individual international aid style of monthly monetary donations.
14
joeariel 10 hours ago 0 replies      
this is awesome, watsi!
23
Alaskans vote to legalize marijuana
292 points by lygi  17 hours ago   187 comments top 14
1
japhyr 16 hours ago 9 replies      
Here's an interesting piece of the Alaska marijuana legal status. We just voted to legalize recreational marijuana use, which includes growing and selling marijuana. I'm happy to see it pass because possession has been legal here for a long time, but sales and distribution has not. That's a murky legal situation, which I'm happy to see cleared up.

But last night an article ran in our local paper stating that the Coast Guard will continue to enforce federal marijuana regulations [0]. In Alaska, that's a huge asterisk next to legalization. You can't carry marijuana on a boat, which includes the ferries in southeast and throughout the Gulf of Alaska. That also impacts all of the villages throughout the state whose main access is by river. And finally, transporting marijuana by air is against federal regulations as well. That means marijuana is essentially legalized on the road system of Alaska, which leaves much of the state in another legal limbo.

I look forward to the day where the entire country has a more reasonable approach to marijuana regulation.

[0] http://juneauempire.com/local/2014-11-03/smoke-water#.VFpFQT...

2
chaostheory 15 hours ago 7 replies      
I still find it very strange that California wasn't one of the first states to legalize marijuana. Now there are three states ahead.

EDIT: Looking at the results, these counties that voted 'No' surprised me

Los Angeles County (Los Angeles, Long Beach, Glendale, Santa Clarita, Pomona, Palmdale, Pasadena, Torrance, Inglewood, Burbank, Carson, Santa Monica etc.)

Santa Clara County (San Jose, Santa Clara, Cupertino, Gilroy, Palo Alto)

Riverside County (Riverside, Moreno Valley, Corona, Palm Springs)

Orange County (Santa Ana, Anaheim, Irvine, Huntington Beach, Laguna Beach)

3
dmsinger 13 hours ago 1 reply      
This is very interesting considering Alaska has some strict alcohol laws. There are many areas that are completely dry, and alcohol is very expensive (black market). It's generally this way due to crime and abuse.

Will these areas kneejerk the same restrictions with marijuana, or will they wait to see how the community reacts?

/serious off

It's illegal to give a moose alcohol in Fairbanks:http://www.legalsource360.com/index.php/strange-laws-in-alas...Hope they're not left out, again.

4
eli 16 hours ago 4 replies      
DC and Oregon too. I think DC in particular will be interesting because Congress has power over DC it does not have with states. Could be the opening for a national debate (or the newly elected Congress could simply crush it).
5
Lambdanaut 13 hours ago 1 reply      
An interesting but perhaps meaningless correlation: The areas legalizing marijuana first are all predominantly cold, mountainous states.
6
Tiktaalik 14 hours ago 2 replies      
The Liberal Canadian government of the 90s toyed with the idea of marijuana decriminalization, but the opposing argument that was always raised was that the Americans would be so staunchly against it.

Back in the 90s I would not have expected all other "Cascadian" states would legalize marijuana before British Columbia.

7
nnx 15 hours ago 0 replies      
Ah, this reminds me of this priceless video of a journalist who quits live on air to dedicate all her energy towards this end.

http://www.youtube.com/watch?v=wBPsbgKeIFM

Hopefully all her energy was enough.

8
josho 12 hours ago 3 replies      
I can't help but to wonder if the tobacco lobby is somehow involved. For decades society fought against smoking and has largely won. So, what happened to all of those tobacco crops? I wonder if that industry is behind the legalize movement so they can shift their production to another crop.

Interesting historical fact is that initial tensions over marijuana came about because slaves, and later Mexican labourers were frequent users. White plantation owners (tobacco farmers) took issue with their practices. So, at least in part the banning of marijuana can be partially attributed to racism.

9
orand 12 hours ago 0 replies      
At the time of this comment there are 96 comments with only 6 of them about Alaska. I find that to be an interesting commentary on HN commentaries. ;-)
10
weewooweewoo 7 hours ago 0 replies      
A lot of what can be said has already been said. However, I would like to share a piece of joy- I'm in one of the pictures in this article. It feels great.
11
vaadu 13 hours ago 1 reply      
Does this MJ legalization apply to the native Alaskan areas where alcohol possession is illegal?
12
arca_vorago 15 hours ago 6 replies      
I'm ready for Texas to follow suite. You think corn, wheat, cotton, cows, and oil are profitable? Wait till the congressmen and farmers understand how valuable MJ is as a cash crop, I predict legalization even in our red state within a decade.
13
gadders 9 hours ago 0 replies      
I look forward to the day they have a vote on PEDs.
14
dbrannan 11 hours ago 2 replies      
I live in Alaska as a high school teacher.

We lead the nation in welfare, alcohol abuse and fetal alcohol effects, suicide, sexually transmitted disease, credit card debt, number of women murdered, and domestic abuse.

Now we are all going to be high as a kite, too.

This does not make my job any easier.

24
How Accurate Are These Smartphone Sound Measurement Apps?
4 points by liyanage  36 minutes ago   discuss
25
Metafilter, The Internet's First Family
79 points by samclemens  13 hours ago   12 comments top 5
1
daniel_reetz 8 hours ago 2 replies      
I'm fake, the guy who asked for help with his Russian friends. This is by far the best article on what happened, and also the best description of MetaFilter I've seen yet.

It was good to have an opportunity to reveal a few additional details, like how the guy wanted their passports in exchange for a "room", and other behind-the-scenes info I didn't want to share with the whole internet while it was happening.

The incident helped catalyze and strengthen anti-trafficking efforts within the State Department. Pollomacho, the State Dept. rep who contacted me, ended up receiving a meritorious service award for his work.

I posted other updates over the years if anyone is interested. http://metatalk.metafilter.com/23482/Hazlitts-love-letter-to...

2
keypusher 9 hours ago 3 replies      
For me one big lesson from metafilter, similarly to HN, is that you cannot create a truly amazing community from self policing and algorithms alone. At least not yet. To build a strong community, incentivizing people to submit and curate good content via upvotes and downvotes is not enough. Hands-on moderation is critical to cultivating a truly great community, because you need truly dedicated users and mods to set the tone, and to quickly step in when a post or comment is really inappropriate. Setting that tone from the very beginning was something metafilter did better than almost any other site. You also need to attract and keep the attention of the top-tier users, those who contribute high-quality content on a frequent basis. And once a few windows are broken, and users start to feel like nobody up top is paying attention, the whole thing starts to break down. Of course, the $5 paywall cannot not be ignored. It's a route I haven't seen many other sites take, and I'm not sure how much revenue it actually generated, but it definitely helped to keep the quality of discourse high. Also, I can hope that someday it turns into a great investment for me when I sell my 4 digit user number.
3
egypturnash 8 hours ago 1 reply      
One of my proudest moments on the Internet was being mentioned as "MeFi's own egypturnash" in a FPP linking to a Kotaku article I happened to show up on.
4
mrbill 9 hours ago 0 replies      
It's kinda weird to see an article that I'm meta-mentioned in spread to the sites I read.
5
imkevinxu 9 hours ago 0 replies      
Reminds me of some old relics of the Internet that are still around (and active apparently) like http://www.i-am-bored.com/
26
What Do You Need?
5 points by nreece  2 hours ago   2 comments top 2
1
joelthelion 2 minutes ago 0 replies      
Better Linux drivers. Open source and integrated into the mainline linux kernel.
2
anigbrowl 2 hours ago 0 replies      
The Reddit discussion linked to int he comments is informative.
27
Germany's top publisher bows to Google in news licensing row
4 points by BogdanCalin  2 hours ago   discuss
28
Winamp 2 in HTML5
5 points by jazzychad  4 hours ago   discuss
29
The Mysterious Mental Side Effects of Traveling into Space
78 points by benbreen  14 hours ago   31 comments top 9
1
blhack 9 hours ago 6 replies      
I wonder how different this is from the feelings you get from traveling to somewhere very different from the place where you normally live.

This is pretty corny:

Every year I go to Burning Man. It's the only "real" vacation I really take. I completely detach. No phones, no television, no news from the outside world, and except on days when I have volunteer shifts, no sense of "time".

It's pretty amazing how much you end up detaching from "default" world (which is burner parlance for the world outside of Black Rock City). By a few days in, default just feels impossibly far away, like none of it matters whatsoever, and you are completely detached from it. BRC is on another planet, and Default Planet doesn't matter.

All of the social conventions are different, all of the interactions or somehow (although indescribably, at least for me) different. Everything just feels different somehow.

Do most people get that feeling on "normal" vacations?

2
0x0 9 hours ago 0 replies      
I immediately had to re-watch this pretty awesome video after reading the article:

http://youtu.be/2aCOyOvOw5c

It goes from liftoff to space and back to earth in a handful of minutes, and the enhanced (but real) audio is pretty creepy.

3
dpflan 7 hours ago 0 replies      
Here is an excellent video about the overview effect: https://vimeo.com/55073825 best watched on a (very) large screen
4
Xcelerate 9 hours ago 2 replies      
Dissociation isn't just some feeling that you feel "separate" from everyone else. Rather, it's a very alien, unsettling mental state. If you want to see what it feels like, one way I know of that sometimes induces it is to stare at yourself in a mirror for a really long time. The effect is only temporary, but in some people it becomes permanent (in which case it becomes a psychological disorder).
5
mtdewcmu 2 hours ago 0 replies      
Not to be a wet blanket, but there doesn't seem to be anything mysterious about this side effect. I was expecting something different as a result of the sensational-sounding title: something truly hard-to-explain, not just having one's perspective expanded (quite literally).
6
tjradcliffe 6 hours ago 0 replies      
There was a moderate amount of speculation in mid-century SF on the possible psychological effects of space travel, the most extreme being "the Great Pain of Space" that figured in an early Cordwainer Smith story: https://en.wikipedia.org/wiki/Scanners_Live_in_Vain

When it turned out nothing quite so dramatic happened to the first space travelers, the idea was dropped, but it's certainly worth considering that less dramatic effects might yet have practical import in the future of human space travel.

7
bane 6 hours ago 0 replies      
I immediately thought about this video https://www.youtube.com/watch?v=uQenNw2s1cA

(continued here)https://www.youtube.com/watch?v=jIJRoj2qwsc

When James May returns to the Earth it's obvious that he's had a very special experience.

"If everybody could do that once, it would completely change the face of global politics, religion, education, everything."

8
snowwrestler 9 hours ago 2 replies      
There is a phenomenon that is fairly well documented and known among high-altitude mountain climbers, in which climbers high on the mountain develop a strong sense that they have a companion with them. They don't see anyone when they look around--it's not a visual hallucination--they just sort of know that there is another person there with them. The only reference I can think of off the top of my head is Greg Child, who wrote about it in his book "Mixed Emotions."
9
dbcooper 9 hours ago 2 replies      
Mysterious, eh. How long have you spent on an airplane? 12hrs, 27hrs? Imagine how awful living in a space station must be.
30
Drop dead
97 points by _pius  10 hours ago   72 comments top 20
1
shittyanalogy 3 hours ago 1 reply      
I think you guys are missing the point a little on this one. It's not that there is a picture of this dudes bare ass somewhere online and he's upset about it, it's that no matter what he did or tried he could be guaranteed in absolutely no way that the data was removed or under his control. Once it's in the pipes, it may or may not be there, there's no way to know. Anything you put online, in all sorts of incidental ways be it from giving your TV voice commands, sending your location to google maps, or your net connected security devices, becomes someones property other than just yours. Not that it's legal, or that people are spying on everything you do, but that you have no way of knowing about or controlling the data once it's there.

This isn't supposed to be scary, just a reminder that you can lose control easily.

This is a complex issue and if you think it goes away by saying things like "well then don't stand in front of the camera naked." then you are missing the point.

2
ChuckMcM 8 hours ago 3 replies      
The 'oh' moment of data dissemination.

Somethings are not good for the cloud, not only is there a picture of your buttocks in the cloud, its a lot easier to get a warrant to peek at Dropcam/Google's data than it is to get one to get a computer from your house and scan its hard drive. And if someone is fishing for a reason to get your attention, well getting snapshots inside your house is a lot easier than getting a search warrant for your house.

I was looking at the comm vaults Comcast and others put into the ground where they are doing fiber pulls and realized that it wouldn't be that hard to put one in a back yard, or in a weird kind of data center (kind of like a cemetery but selling server vaults instead of burial plots) which would at least keep your data 'off site' in the sense that your house burning down wouldn't cause it to go away.

3
knodi123 3 hours ago 0 replies      
On the one hand, "If you don't want naked pictures of yourself in the cloud, don't take naked pictures of yourself and put them in the cloud."

But this is like saying "If you don't want to get scammed, then don't respond to scammy emails." That is, it's perfectly good advice, which is fine for people who visit Hacker News, but maybe not sufficient for the vast majority of people who aren't aware of the ins and outs of our rapidly advancing technology.

There are whole communities of people devoted to the practice of finding women who accidentally configured their phones to upload all pictures to a publicly accessible cloud storage server. The women whose nudes are distributed this way may not realize their pics are being mirrored- or they may assume it's to a private site (because why the hell isn't that the default?!?)- or they may have shared these pics with a dude who made the same mistakes.

But regardless, the point remains- any individual is easily capable of being immune to this problem. But there's a whole population of vulnerable victims who don't even know they're being victimized. And that is a real problem.

4
serve_yay 7 hours ago 2 replies      
Funny. We're all so (justifiably) afraid of NSA and Google violating our privacy that we don't even consider the ways we do it to ourselves.
5
ggchappell 6 hours ago 1 reply      
I'm missing something here.

If you don't want naked pictures of yourself taken, then you don't undress in front of a running video camera, right? Seems kinda obvious.

This fellow put together a setup that automatically takes pix of whatever happens and uploads them to a company's server and ... he's shocked when it does what it's supposed to?

I don't get it.

--------

EDIT. Been pondering this. Perhaps he began with a misconception akin to that of a politician who wants a backdoor for the good guys to use, but who doesn't understand that if the good guys can use it, then so can the bad guys. Then the e-mail and his resulting thoughts showed him that he wasn't thinking about the world properly; thus his feeling of shock.

6
ubertaco 7 hours ago 1 reply      
The principle of the matter and all, I know, but you've got to love his response here: "now there's a web-accessible picture of me naked! Here, it's this picture: <insert web-accessible image>"
7
joshavant 6 hours ago 1 reply      
I have a Dropcam in my garage for miscellaneous reasons. I, too, have wondered the implications of providing the Google/NSA complex video evidence of my comings and goings...

It'd be nice if Dropcams were more hacker friendly, and allowed recording to personally-owned devices, instead of forcing you to use their (fairly expensive) cloud recording service.

(Not to mention the ~100ish GB/mo bandwidth savings to stream this video, which is a fairly nontrivial requirement.)

8
pavel_lishin 8 hours ago 1 reply      
I actually have my laptop set up to take a snapshot every 20 minutes (unless I'm connected to work wifi - never know when it might be pointed at confidential data on a whiteboard, and it felt unfair to opt all my coworkers into it.)

It has definitely made me more mindful of situations like this.

(It actually sporadically refuses to take a photo on the new laptop right now, so http://lishin.org/pavelcam.jpg doesn't always get updated.)

9
kentdev 5 hours ago 0 replies      
I may have to spend the weekend messing with my raspberry pi to make a local dropcam. Just found a link to a guide:

http://www.sonsoftone.com/?page_id=287

10
tlrobinson 5 hours ago 1 reply      
Assuming you do want off-site backups of your security footage, but only accessible to you (i.e. strongly encrypted), what are your options?

What if you want a remote live stream?

Linux or OS X, please.

11
kybernetyk 6 hours ago 0 replies      
> Its at this point you ask yourself if having a net-connected camera for monitoring your house was a good idea after all.

It's a good idea but you probably shouldn't buy the fancy "cloud" version. Just set up your own FTP server ...

12
sysk 7 hours ago 1 reply      
What do you mean by "web accessible"? Did Google decide to publicly publish all dropcam's customer pictures?
13
Nux 8 hours ago 5 replies      
Of all ipcams in the world why the hell did he buy the one in 0.1% of them that uploads shit to the "cloud"?
14
raldi 7 hours ago 1 reply      
1. Visit google.com

2. Search for [erase dropcam video]

3. Click first result

15
shittyanalogy 7 hours ago 0 replies      
The article is about not having control of your data, not being worried about a censored photo.

Now that the data is in someone else's control there are no guarantees whatsoever as far as who has it and if it's been deleted.

16
akkp 7 hours ago 2 replies      
To paraphrase: "The device functioned as intended so now I hate It".

The developers of this product don't deserve this blog post, especial when the feature in question is a paid extra that requires setup.

17
hellbanner 5 hours ago 0 replies      
The blog's subtitle is "doing it wrong". Naked in front of a camera and pondering implications of Internet of Things backed by private corporations?

Yes, you are doing it wrong.

18
imgabe 7 hours ago 1 reply      
Ultimately though, what are the negative consequences of some random stranger, or even the general public, seeing your naked ass? Pretty much nothing.
19
anigbrowl 2 hours ago 0 replies      
Much as I care about privacy and the exploitation of people's data for commercial gain, I find this a bit histrionic. If you put the automated camera inside your house and you are the sort of person who sometimes wanders around naked, then the two are eventually bound to collide (which is why I don't have automated cameras inside the house).

On the plus side, everybody has an ass and this one is so far into the background of the picture that the only conclusions I can reach about the subject are 'Mathowie is quite pale' and 'he has an ass like every other member of the human race.' In other words, this isn't really awkward enough to serve as a cautionary tale to anyone else. Now if he had been dressed up as a lobster that would be quite a different kettle of fish.

20
_Adam 7 hours ago 6 replies      
Except that image isn't accessible to anyone except the owner, or MAYBE the NSA.

But I'm pretty sure the NSA doesn't care about looking at some random guy's ass.

In the unlikely case that they do need to investigate the ass for national security reasons, they aren't going to disseminate the picture to the world, similar to how they don't disseminate intelligence data.

Which means the ONLY way the public will see the ass-picture is if:a) The ass is of interest to national securityANDb) The ass is of such concern to national security it is stored in the NSA's internal ass-databaseANDc) There exists some kind of ass-Snowden that leaks all the asses in the NSA arsenal.

...why does anyone care about this?

       cached 6 November 2014 08:02:04 GMT