hacker news with inline top comments    .. more ..    5 Jun 2016 News
home   ask   best   3 years ago   
ASUS delivers BIOS/UEFI auto-updates over HTTP with no verification zaibatsutel.net
244 points by Kubuxu  5 hours ago   71 comments top 18
daxorid 3 hours ago 5 replies      
Very nice find. What are the business unit motivations behind critical suppliers like ASUS repeatedly violating customer trust in this manner? At what point in the management chain is the decision reached to sacrifice reputation for - whatever cost savings there are from not implementing TLS/blob signing?

edit: This is not rhetorical. Actually curious if someone on HN familiar with this class of companies (ASUS is not unique among OEMs) can educate.

userbinator 1 hour ago 0 replies      
I don't remember the brand(s) exactly --- don't think it was ASUS however --- but I do remember a few years ago of laptops which would automatically and silently download and install BIOS updates, and inevitably some of them would fail, leading to bricked machines.

IMHO the BIOS is not something that should ever change unless there's a very important reason to, and even then it should be on the explicit action and consent of the user, because of the risks of ending up with a completely non-working machine. UEFI is a whole new mess, but I think the same principle applies.

grawlinson 3 hours ago 2 replies      
Wow. I always knew hardware manufacturers half-assed their software, but this is kind of a new low.

I'm not sure whether to laugh or cry.

franciscop 1 hour ago 1 reply      
This means I can basically go to a Starbucks and pwn the Asus there, right?

I have an Asus now but installed Ubuntu first thing when I got it. If I couldn't use Ubuntu I'd use Mac. I see the problem has two sides, Windows for allowing for malware preinstalled and OEM for installing it.

fauigerzigerk 2 hours ago 2 replies      
Astonishing. Is there any PC maker left that hasn't been found to be grossly negligent or actively malicious?
Someone 1 hour ago 2 replies      
I fear that, as a bonus, there is a race condition where a local attacker can replace any update with its own 'update' between download and installation.

Worst-case, they might have implemented this like this:

 DownloadNewUpdatesIntoUpdateDirectory(); ProcessWhateverYouFindInTheUpdateDirectory();
If that's the case, you would only need to copy a payload to that directory.

philliphaydon 2 hours ago 2 replies      
Damn ASUS that's a real shame, because that Royal Blue Zenbook 3 is god damn sexy


brudgers 1 hour ago 0 replies      
It's probably not just ASUS.

How the Top Five PC Makers Open Your Laptop to Hackers:https://www.wired.com/2016/05/2036876/

45h34jh53k4j 1 hour ago 0 replies      
Routine updating of Administrator privileged binaries over HTTP is endemic especially by OEMs, and yes, ASUS should know better.

I hope this incident will push them towards https for all their http offerings. There really is no excuse anymore, its can be gratis and automated.

tonmoy 3 hours ago 0 replies      
The irony is that my system would be more secure without ASUS' attempts on updates.
graffitici 2 hours ago 2 replies      
Out of curiosity, how would an attacker exploit this to run a code s/he wants?

Try to direct the DNS requests to their own server instead of the LiveUpdate one? If so, how?

Also, would we be a better design? Hard-code IP addresses to prevent the DNS trick? Use HTTPS and hardcode the public key of the server on every machine?

(Only asking out of curiosity, clearly.. Seems like a good case study for designing things right.)

goombastic 42 minutes ago 0 replies      
I need a good home firewall device with community based filters now.
mtgx 2 hours ago 0 replies      
ryao 1 hour ago 2 replies      
Poor security hygiene is by no means unique to Asus' motherboards' firmware updates. You can find bad practices in all sorts of embedded systems' firmware updates. Manual downloads of router firmware are an excellent example of this, and that includes third party OSS firmware such as DD-WRT. The Obihai ATAs will auto-update over HTTP although I have not checked if they do any sort of code signing. I have seen OSS live media that is distributed without PGP signatures, or even HTTPS+checksums. There are plenty of other examples out there.

In the case of routers, things are beginning to change because the FCC is requiring that manufacturers prevent users from modifying radio parameters to their satisfaction and the easiest way to do that is to prevent users from using OSS firware:


In the case of Linksys routers, the router firmware appears to also auto-update and until recent firmware versions, it lacked verification. I do not know if it auto-updates over HTTP. If it does, the ones running older firmware would definitely be vulnerable to the same kind of attack as the Asus motherboards.

I recently purchased a Linksys EA8500-RB to use as an access point and wanted to flash OSS firmware that I built myself for a reasonable level of confidence in its trustworthiness. It turned out that DD-WRT is the only third party project that supports it at this time. There is no documentation on how to get the precise sources used by the ddwrt developer to build the images he distributes and those downloading them are vulnerable to MITM attacks from the absence of HTTPS+checksums and/or PGP signatures:


The DD-WRT project does have a subversion repository that could be used, but anyone doing a checkout are vulnerable to a MITM attack due to the absence of HTTPS. A mirror is available on github, although there have no assurance that whatever is replicating the repository from subversion to git is not vulnerable to a MITM attack. Furthermore, the build instructions for the image are missing and while generic instructions exist, they are incomplete. They also specify the use of a binary cross compiler toolchain, which similarly has no obvious source code and no protection against MITM attacks.

I built my own toolchain with Gentoo's crossdev, but the incomplete instructions require that I figure out how to use a custom toolchain, the dd-wrt config parameters, the kernel config parameters, how to go from a build to a factory to ddwrt image, etcetera. It is a huge pain, but it is one that I must endure if I want to have an access point running OSS firmware that built myself. Building it myself gives me a high level of assurance that the binaries correspond to the source code and that the source code can be audited by either myself or people in the community.

It really should not be that difficult to get trustworthy firmware and Asus' goof is just the tip of the iceberg.

raverbashing 2 hours ago 0 replies      
Edit: below is irrelevant, I RTFA and it's even worse than I thought

Would it be possible that UEFI does that check (against a built-in signature) instead of relying on HTTPS?

foggarty9 3 hours ago 0 replies      

i mean, what else is there?

hackney 1 hour ago 0 replies      
Look no further than their moniker, Asus ROG (republic of gamers).
GNU Taler 0.0.0 released gnu.org
98 points by Prygan  4 hours ago   61 comments top 8
kybernetyk 2 hours ago 5 replies      
>Unlike BitCoin or cash payments, Taler ensures that governments can learn their citizen's total income and thus collect sales, value-added or income taxes

Wow, what a feature ...

nwalfield 3 hours ago 0 replies      
Taler is quite different from, say, bitcoin in that it tries to enable taxation while preserving anonymity. The main webpage has more info: https://www.taler.net/ . Unfortunately, it doesn't appear that a paper has been published yet. But, there are a couple of presentations at https://taler.net/news .
programLyrique 1 hour ago 0 replies      
Previous discussion worth reading about Taler on HN a few months ago: https://news.ycombinator.com/item?id=10258312
yarrel 2 hours ago 1 reply      
I'm pro-taxation, but cryptocurrency with built-in state surveillance doesn't seem like a good combination.
brianolson 56 minutes ago 0 replies      
Title should say something about what "Taler" is. It's obviously brand new. A post about ffmpeg 67.9.5 might assume that there's more knowledge in the world about what "ffmpeg" is.
MatthewWilkes 2 hours ago 7 replies      
So, semver is great and all, but 0.0.x releases just look silly, in my opinion. I've never seen someone zero index the least significant column before though, which makes it look even worse.

Would people actually expect w piece of software marked as version 0.0.0 to be anything more than a placeholder?

technofiend 3 hours ago 1 reply      
This is cool but if you do look at where big investments are being made it's more in smart contract/block chain. Considering the extreme regulatory and DOJ pressure to expose all parties in any fiduciary transaction I'm skeptical we'll ever see an explicitly government-approved system with anonymity.
X86BSD 3 hours ago 1 reply      
GPL'ed. Dead in the water. But it looks interesting. Good luck guys!
What is the difference between deep learning and usual machine learning? github.com
85 points by hunglee2  5 hours ago   40 comments top 11
pmoriarty 2 hours ago 3 replies      
This may come as a shock to the layperson, but there's more to artificial intelligence than neural nets, and many non-NN AI approaches could arguably be said to "learn", and are thus "machine learning" too, depending on your definition.

I'm thinking of evolutionary algorithms, various other biologically inspired computation techniques (of which NN's are but one example), more traditional AI techniques such as expert systems, and a whole host of stochastic, non-biologically inspired algorithms.

I'm not super familiar with NN's myself, so I can't say whether the gigantically disproportionate attention from the media and the research community is deserved based on actual superiority in effectiveness of NN's compared to other techniques, or whether they're used and talked about mostly because that's what most people know.

It would be interesting to hear the thoughts of a non-NN AI researcher regarding this.

mcv 28 minutes ago 0 replies      
There is no such thing as "usual machine learning". There are many machine learning techniques, Neural Nets is one of them, and deep learning is a very powerful way of training deep neural networks.

Deep Learning is absolutely interesting and powerful, but it's not like all the other techniques are all the same, or necessarily less powerful, for that matter. Different techniques have different applications.

phinance99 3 hours ago 4 replies      
Feature Learning.

Deep Neural Networks can learn features from essentially raw data. Usual machine learning starts with features engineered manually.

DNNs also learn to predict from the features they learn, so you cold say (very roughly) "DNN = usual machine learning + feature learning".

In practice manually engineering features is a time-consuming "guess-and-check" process which benefits from domain expertise. Feature Learning, otoh, is more automatic and benefits from data, computing resources, and optimization algorithms.

wwwdonohue 4 hours ago 4 replies      
I'm going out on a limb here but I'm guessing if this explanation makes sense to you, you don't need to be told the difference between deep and usual machine learning. Could be wrong!
Hondor 2 hours ago 0 replies      
It has an unusual use of "we" instead of "us" in a few places. "... that helps we to detect features ...". I wonder if the author originally used "you" and "your" then did a search and replace to "we" and "our" because 2nd person sounds too informal? I notice the former two words don't appear anywhere.

Re-reading it with "you" and "your" and I realize that it works just as well. I guess it's really just a fashion which person you use. It used to be 3rd for academic writing. Now it's 1st, but I guess the most informal way is still 2nd.

ascendingPig 2 hours ago 0 replies      
I don't buy it. Even DL researchers will point to representation learning systems like word2vec, a shallow NN, as as examples of the success of DL approaches.

My take: "Deep Learning" is performative (https://en.wikipedia.org/wiki/Performative_utterance). An approach falls under the header of "Deep Learning" when used or developed by someone who identifies as a Deep Learning Researcher.

S4M 3 hours ago 3 replies      
Slightly OT, but what exactly is the difference between machine learning and statistics?
MichailP 4 hours ago 2 replies      
Can someone say a bit about minimum number of layers and neurons needed for structure to be called artificial neural network? I have seen papers with something like 10 neurons (which is very very tiny but authors claim it does the job), while on the other hand there are Google sized ANNs. Thanks :)
taneq 4 hours ago 3 replies      
Deep learning is machine learning involving neural nets with more than one hidden layer.
vikingyc 2 hours ago 0 replies      
There is no difference.
easytiger 4 hours ago 2 replies      
Both are facile bullshit designed to eat up CPU cycles. Which, incidentally is what major corporations are basing their business models on selling. I've had clients come to me and say they want to use machine learning. When I ask what for, it becomes very awkward.
NeXTstep Manual, Systems Programming with Objective-C and Driver Kit (1995) nextop.de
32 points by pjmlp  4 hours ago   22 comments top 2
Razengan 2 hours ago 7 replies      
Exactly how advanced was NeXTstep in its time, compared to say Windows 95?

The object oriented API alone seems to me like a huge step ahead. Imagine if Steve Jobs never left Apple and got to ship these things under the better-known Mac brand, possibly stealing a lot of Microsoft's thunder.

EDIT: It's also interesting, and maybe ironic, that the legendary Doom which went on to make PC/DOS a relevant force in gaming, was developed on NeXTSTEP, with some parts coded in Objective-C. [1]

[1] https://en.wikipedia.org/wiki/Development_of_Doom#Programmin...

l3m0ndr0p 1 hour ago 0 replies      
Ah, the good old days. I built a mini DB with the Indexing kit. What I discovered was that the kit itself wasn't 100% functional & some of the API/Function calls didn't work.But I had an amazing time programming on a NeXT computer. I was young (early 20's) and did lot's of trial and error with the IX kit.
Redis: RCP 11, the stream data type github.com
75 points by neo2001  5 hours ago   5 comments top 3
judofyr 3 hours ago 1 reply      
Yes, please. I've never understood why someone wants to do pub/sub and only base the reliability on TCP/WebSockets. The concept of "fire and hope everyone who wants the message still has a connection open" always seemed fragile to me.

This has been the reason I've recommended implementing long-polling instead of WebSockets for real-time applications. And every time I see a real-time solution which only uses WebSockets I try to steer away from it. Once you have a reliable data model (which includes log position, retrieving old messages etc.) it's just as simple to implement long-polling as WebSockets. With WebSockets-only solution I can't help but think they base all the message delivery reliability on TCP.

This proposal looks like a clean (very Redis-like) solution, and I immediately see use cases for it.

sintaxi 3 hours ago 1 reply      
Salvatore is a machine. Since 2012 Redis has been a main tool in my preverbal belt and it has always seemed to have forward momentum.
dunkelheit 1 hour ago 0 replies      
That's cool. In case you haven't seen this blog post [1], it provides an extended discussion of the uses of this abstraction.

One comment about the groups API is that while it is very convenient, it seems a bit fragile - if a consumer is nuked immediately after it gets a fresh batch from redis then this batch is lost forever.

[1] https://engineering.linkedin.com/distributed-systems/log-wha....

Is your smartphone listening to you? bbc.co.uk
40 points by CarolineW  4 hours ago   25 comments top 8
voidz 1 hour ago 0 replies      
The article takes it into a boring direction, and they didn't mention Samsung who is most active in this field. Vendors bypass appstores with their proprietary apps. Once upon a time I had a Samsung phone, and when I configured its email app, I saw Samsung's own servers, and not my phone, logging in to my email server. Which means they stole my password. That's when I tossed out Samsung devices once and for all.

But anyway, here's the courtesy tl;dr of the article:

Can it be done? Absolutely. Will it be done? Most likely. Have many people suggested that it's already happening to them? For sure, all over the place.

Is it allowed by Google, Facebook and the like? Most definitely not. So is it happening? Probably not, it's just a coincidence that you talk about something specific, and then suddenly find all kinds of ads about it.

Here's a dictionary definition of 'coincidence' followed by an explanation from a professor about how our minds have evolved to correlate stuff all over the place and see patterns in them, even though they're just coincidences.

jimhefferon 2 hours ago 3 replies      
If a vendor provided a physical switch with which I could turn off the mic, that would be a feature that I at least would consider very attractive.
smaisidoro 1 hour ago 1 reply      
I have to say, I'm very sceptical about all of this, but one day a friend showed me a product (some speakers that use the table surface for resonance) and the ad showed a couple of minutes after on Facebook.

I started thinking on how devices can emit audio signatures for other devices around it to be aware of its presence. A couple of years after, Chromecast uses audio for authentication of nearby devices.

I honestly dismissed my paranoia all of these years with the argument that it would show in battery and data usage. But with offline language models, I'm not so sure anymore.

jameslk 1 hour ago 1 reply      
This is why I use an app called DVasive which tells me when my mic or camera is in use. It's pretty good at figuring this out it seems, although I haven't found any nefarious apps yet that use my mic or camera unexpectedly (I've been using the app for a couple of years). It probably wouldn't work for vendors or other rogue ways to get access to my phones devices however.
ddebernardy 59 minutes ago 0 replies      
> Facebook also told the BBC it does not allow brands to target advertising based around microphone data and it never shares data with third parties without consent.

This and the follow-up paragraph read like:

> Facebook monitors background noise already without using it themselves for advertisement targetting purposes, but will share the data with third parties if you miss a privacy setting.


stephengillie 2 hours ago 1 reply      
I'd be interested to see low-power voice recognition. My PowerShiri demo uses ~12% CPU on a Core2 Duo laptop when it's listening.
ck2 1 hour ago 0 replies      
also related:

RSA key extraction in one hour via mobile phone microphone placed next to PC


ck2 2 hours ago 1 reply      
Doesn't this need a visible permission in an app or are there workarounds like using the google play api?
Swiss Overwhelmingly Reject Basic Income Guarantee swissinfo.ch
235 points by marcelsalathe  4 hours ago   296 comments top 22
s3nnyy 3 hours ago 9 replies      
Switzerland is the only country in the world that implements direct democracy. You can really feel the difference to the rest of Europe. Swiss more often than not stand behind decisions made by their government. When talking about their politicians, the Swiss say "WE decided that ..." whereas e.g., Germans say: "THEY decided that ..."

If you look for a coding job in Europe, Zurich is a great place to live and is the only place where net-salaries are on par with the Bay Area: You can expect to get 7000 - 12000 CHF / month after taxes. If you are from the EU and thinking to move, you find my email address in my Hacknews profile. Also you can read here why I moved to Switzerland to work in IT: https://medium.com/@iwaninzurich/eight-reasons-why-i-moved-t...

Zarkonnen 3 hours ago 3 replies      
Coming from Switzerland, this is not at all surprising. No one expected this initiative to pass. It was really more of an attempt to get a conversation started, and it's succeeded in that.

As a (tentative) supporter of basic income, I'm already quite happy that something like a fifth to a quarter of voters went for it.

chvid 2 hours ago 4 replies      
I think this is a nice demonstration of how well direct democracy can work.

The argument against direct democracy (referendums on any subject any sizeable group wants to put on vote) is that people will be economically irresponsible and vote themselves popular, expensive goodies with no regards of financing or cost.

This shows otherwise.

elcapitan 3 hours ago 8 replies      
I wish I would live in a country where essential political decisions like that are made by the people and not by some professional political elite in a far away capital.
hsnewman 2 hours ago 0 replies      
As technology advances, I would assume that work will become more scarce. Taking this scenario to the extreme will mean that the majority of the world will at some point will be unemployed in the future. Some form of basic income will result.
lolc 1 hour ago 0 replies      
I got up early this morning because I'd missed the date to vote by post. Somehow it feels like your vote matters more when you go cast it in person :-)

20% is not a bad result, I think they expected around 15%. A lot of people would've gone "Fuuuuuuu I voted for that" if it'd been accepted.

scboffspring 3 hours ago 0 replies      
Offical now, cantonal majority cannot be reached (12 no, 11 to go)http://www.swissinfo.ch/eng/results-votes-june-5th-2016-in-s...
anoplus 1 hour ago 0 replies      
Let me start by saying this is one of the most important topics to discuss.

I would argue that UBI itself will have unexpectingly positive effect on productivity by removing the bias causing people to justify unnecessary work because they need to make a living. This will give individuals the confidence to take the time and pursue further more value for society. There will always be laziness, of-course, but we try to achieve freedom for a change.

raverbashing 3 hours ago 0 replies      
I found it funny how most major news outlets made a big deal of this

Yeah, there's your answer. It seems the Swiss are conservative with how they spend their money

jdlyga 2 hours ago 1 reply      
It's an interesting idea, but I don't think the time is right just yet for basic income. When AI is to the point that most skilled jobs can be automated and humans don't really need to work, then we can start giving people money.
mpitt 3 hours ago 1 reply      
Change the title? It's misleading to imply the results are final.
highCs 37 minutes ago 0 replies      
Would a UBI potentially hurts switzerland main businesses?
_nalply 3 hours ago 2 replies      
It's too early to say that. The urban cantons did not finish counting, especially Zurich, Basel, Bern and Geneva. I'd expect that there will be 30% yes votes, but of course there are always surprises.
bjourne 2 hours ago 0 replies      
It seems like a lot of modern politics is not "we should have more" but instead "you guys should have less". I think the election result is an outcome of more and more people thinking along the latter lines.

To bad. Would have been fun watching Switzerland try something new.

areyoucrazy 1 hour ago 4 replies      
Why is Basic Income such a popular topic on Hacker News?
wokulski 2 hours ago 0 replies      
Is this d3.js?
2 hours ago 2 hours ago 5 replies      
Are you sure it's easy to get a green card and citizenship? Maybe half a century ago it was, and that's where all the stories come from.

Right now, it's actually very hard; even (or especially) for regular normal middle class hardworking people.

ck2 2 hours ago 1 reply      
But the swiss have guaranteed health care right?

I'd like to see the USA get basic healthcare guarantee someday.

If you are a human being, you get $2000 per year in healthcare regardless of proof of income, etc. Just being a human being in need.

I hope the Bernie Sanders movement now focuses on the 26 states that are preventing health insurance for millions of people instead of trying to change the USA from the top down.

MikeNomad 3 hours ago 1 reply      
Not happy with the headline. They voted no for an "unconditional" basic income. I think that is a huge difference, especially when a majority of the voters also want immigration reform.
DrNuke 3 hours ago 2 replies      
It is premature but inevitable: automation, stagnant growth, migrations and deflation are all pushing towards universal basic income. Not 2k euros/month but enough to allow surviving and decency.
fiatjaf 39 minutes ago 0 replies      
Die, basic income.

Of course, leftist supporters of democracy will say this does not count and wasn't "democratic".

DB-19: Resurrecting an Obsolete Connector bigmessowires.com
230 points by zdw  11 hours ago   35 comments top 12
byuu 9 hours ago 1 reply      
This is an awesome story!

We faced a similar problem trying to locate someone that could manufacture otherwise non-existent parts: a 28-pin card edge Super Nintendo expansion port connector.

The only company we could find that would even consider it wanted $5000-8000 for the initial setup fee, and an MOQ in the thousands. It would have set us back around $15000, but our potential market is maybe 50-100 sales.

In our case, we ended up finding a wider card-edge connector from Samtec for an entirely different application, and we dremeled the connector in half, and then filled the side in with epoxy to create this: http://www.qwertymodo.com/hardware-projects/snes/snes-expans...

The down-side is, they're not very stable. Sawing them in half and then filling one end with epoxy results in connectors that have mating cycles rated in the hundreds at best before the pins stop making clean connections. It also adds substantially to the workload to hand-dremel the parts. And they're surface-mount, with the tiniest headers you've ever seen, requiring an expert to assemble these boards.

Unfortunately, a group-buy isn't really viable for us. But I'm still hopeful that at some point, we can achieve success with something like the author's attempts at hand-making things with 3D printing and such.

engi_nerd 4 hours ago 1 reply      
Someone is still making them. At least, whenever I need some at work, our warehouse orders them and they appear, in plastic bags with recent manufactured dates on them. I realize those dates could just be BS.

Or maybe someone upstream of me in the supply chain was smart enough to do a huge buy?

This gentleman probably has the vast majority available for members of the public to buy, but I think the US military is probably still paying to have someone out there make them.

userbinator 48 minutes ago 0 replies      
For the moment at least, I have nearly the entire worlds supply of DB-19 connectors, stacked in my living room.

I'm almost willing to bet that there are many more still attached to equipment buried in rubbish dumps...

Animats 9 hours ago 2 replies      
Nice. This guy has been struggling with that DB-19 connector problem for a year or two. Finally, he had some made. Sometimes you have to do that for obsolete parts. I had Teletype tape printer tape made in China a few years ago.

When dealing with a parts manufacturer in China, it's not uncommon to make a deal where you pay a premium for a few prototypes, and after those work, you pay for a volume shipment. Paying for the whole job up front is a big leap of faith.

thought_alarm 9 hours ago 0 replies      
Awesome story!

I want to know more about the fabrication process that turned a Photoshopped DB-25 image into a manufacturable product.

WalterBright 8 hours ago 3 replies      
> Now youve done that maybe you can arrange a production run of DB23s which the Amiga used as its video output.

I had an Amiga for a while, and after discovering they used unique connectors in order to force you to buy monitors and keyboards from Amiga, I figured it had no future and sold it.

endgame 8 hours ago 0 replies      
Old Apple hardware isn't my jam, but preservation efforts like this are really important. Congratulations.
sundvor 6 hours ago 2 replies      
This is a cool story! This is a bit of a nostalgic side note, but I didn't realise there were even more obscure connectors than my DB-25 I am using today in my HTPC to AV setup.

DB-25 is what Rotel used for multi channel connectivity 20 years ago, which I guess made sense at the time but you'd never see it today. I had a Rotel RSP 980 pre-amplifier, Rotel RB-985 amplifier, and Rotel's Dolby Digital decoder - connected with 2x DB-25 cables. It was fine for my LD, but when moving forward to using a HTPC around 2005, this required real time DD encoding on the PC end, something that was not always that easy to get going. Also the Dolby Digital path didn't exactly give me stellar audio quality. High compressed, and there was something about the quality of the signal that left me wanting. Even listening to stereo music meant an enforced, compressed DD path.

In particular I wanted to access DTS HD Master + TrueHD audio, so with no other multi channel inputs, the alternative would have been to buy a completely new AV setup to support DTS etc. However the thought occurred to me that the DB-25 was just an analogue connection, and what if a converter cable existed? True enough, after much searching I managed to source a DB-25 to 6 RCA connector cable, which then let me hook up an Asus Xonar HDAV1.3 Deluxe sound card.

This switch resulted in a massive improvement of sound quality, much thanks to the excellent Asus product as well, and made using a now 20 year old hifi system completely viable.

Zardoz84 9 hours ago 0 replies      
Amiga community have a similar problem with the video connector. If I remember correctly is a db-21 and they take a db-29 and cut it to convert it to db-21.
Aloha 9 hours ago 0 replies      
It goes to show you that with enough effort nearly anything is manufacturable now.
Niksko 9 hours ago 3 replies      
Whoa, he just photoshoped technical drawings of a DB-25? Surely if you're doing a group buy worth that much money

a) somebody in the group buy has the technical skills to do a proper drawing, orb) you can spend a tiny amount of money to get proper drawings made.

I mean, it worked out in the end. But it seems like a giant case of Dunning-Kruger to think "Well I don't know how to make technical drawings, therefore photoshopping an existing drawing shouldn't present any problems".

halestock 9 hours ago 1 reply      
I wonder if there exists a current/former Apple employee who would have knowledge of the mechanical drawings that were originally used and/or what manufacturers made them.
Progressively Less Progressive trib.tv
14 points by bobajeff  2 hours ago   1 comment top
SimeVidas 29 minutes ago 0 replies      
The What can Google do? is all valid criticism.
Fraudulent Advertising on Facebook medium.com
218 points by bennettfeely  11 hours ago   73 comments top 27
stevoski 4 hours ago 2 replies      
When Google got into advertising, they were relaxed about what ads they accepted. They happily ran just about any advert. But then two things happened.

1) the scammers came.

2) governments started holding Google accountable for running ads for online gambling and prescription medication. Google (and Microsoft and Yahoo) had to pay large fines for running ads for products and companies that governments saw as illegal.

As the years passed, Google has become ever more restrictive in what ads it will run. To the point where trigger-happy Google Adwords staff whose job is to approved ads reject many ads that are actually fine.

I think Facebook will go down the same path.

My main product is software used by poker players to track and analyse their winnings and losses. I haven't been able to advertise on Google for years, because the ad reviewers see the word 'poker' and demand proof that I am certified to running a gambling company in the locales I'm advertising in. I've given up trying to argue my case to Google that just because my product has the word 'poker' in the title doesn't mean I'm running a casino!

Facebook, however, still approves my adverts within a few hours. I'm expecting this to stop as Facebook tightens up after a few large government fines.

downandout 5 hours ago 1 reply      
I discovered something quite similar to this several months ago and tried to submit it as a bug report. One can easily make the display URL of any shared post be anything they choose (screenshot of spoofed whitehouse.gov link [1] and techcrunch.com link [2]), while the link actually goes to any site the user wants. I was told, quite simply, that it wasn't a bug. No one seems to care about the implications of this.

[1] http://prntscr.com/bckcf4

[2] http://prntscr.com/bckdml

sleazebreeze 10 hours ago 3 replies      
Considering that Facebook lets you set the display domain separately from the actual link domain, this behavior seems entirely intentional. Convincing people to click on ads (by lying wholesale, in this case) is a crucial element of Facebook's business model.

This does seem like they're trading long-term trust for short-term profits - users will click on fewer and fewer sponsored posts as the number of deceitful posts like this increase.

DrScump 9 hours ago 0 replies      
Oh, and it gets worse in the shameless-clickbait category.

I've see frequently (and have documented) numerous cases of ads implying that a famous person has died (e.g. Sly Stallone, The Rock, Lamar Odom, Colin Kaepernick), luring clicks for details.

But what really disgusts me is the "Suggested Post" mechanism. In the past week alone, I've had "Suggested Posts" from people selling obviously counterfeit merchandise and sites that claim to be the "Official NHL/NBA/MLB Store", when they are not. And these include plain text that should be simple to parse and check, if they cared. (A more complicated strategy to catch is when the bogus claims are only in text within the ad image, like the oft-posted phony Ray-Ban Official Site.)

And Facebook (and especially the ad network who made the ad) makes money for every sucker served.

lordnacho 7 hours ago 1 reply      
I know a guy who does this for a living. What I gathered from talking to him:

- I'm not sure how his ads break the ToS, but something like what this article describes might be part of it.

- Put some non violating ad on for approval, then change it.

- He changes the destination based on whether the viewer is coming from FB's network.

- Use a prepaid card with phony details to pay for the ad.

- Says he is one of FB's largest customers. Readily admits to being a bit shady with his ads, doesn't seem to bother him.

I have no idea whether things have changed much in the past couple of years wrt to how the system works.

paulpauper 4 hours ago 1 reply      
It could also mean that the fraudster made enough money and decided to bail on the campaign and tear down all of their infrastructure. Tough to confirm either way.

Or the ads simply did not generate a positive ROI. I have read that Facebook advertising (especially for US traffic) is very expensive and tends to not convert well. I often see people run Facebook ads for non-scammy purposes (for example three months ago James Altucher ran Facebook ads for his books, and those ads are gone) and then pull them down , presumably because the conversion is crud. No one ever pulls a successful advertising campaign because they 'made enough money'.

MichaelGG 7 hours ago 1 reply      
FB should really be doing a bit more review when displaying popular websites - flag them for quick further review. For instance, how many legit CNN accounts do they have?

But this seems to be the norm. Google displays highly misleading ads, especially on mobile. I see fake virus scans, "fix battery issues" and other junk. Google's main search ads had malware downloads, even for popular things like Skype. (And Chrome?)

Microsoft's store had many misleading apps, including fake Netflix apps. It took several interactions between MS and Netflix to get that sorted, and MS still ran fake apps (paid!) for popular software and movies. MS wouldn't even deal with ISVs that complained. Hell, the Windows Store even carried a fake version of Windows at one point! They didn't (don't) verify any details, such as publisher name. For a while, typing "Facebook" into the Start Menu brought up a fake FB app. This should put W10's invasiveness into new light: MS is not competent when it comes to this kind of stuff.

I do wonder how much money this stuff brings in. Is it a significant percent of business for these companies? It can't just be simple incompetence -- in MS's case, they sometimes paid for the junk apps.

I'm still sort of surprised that this junk can make enough money for people to advertise it though. Guess even 20 years after the net started getting popular, there's still enough unsavvy people to scam.

ChicagoBoy11 3 hours ago 1 reply      
Is it just me, or do other people actually LOVE this new trend of plugging your product/work/yourself through interesting blog posts? Like, I don't care how much $$$ this guy could spend on advertising --- this blog post is certainly far more effective in getting me to buy the product. I learned something, I was entertained, I now "trust" this individual, I got a great demo of the product's use... love it!
GeneralMayhem 10 hours ago 6 replies      
Not to defend Facebook for not doing their due diligence, but this article is really underselling the complexity of the problem. The pseudocode given:

if (display_domain == landing_page_domain){ approve_ad = true;}else{approve_ad = false;}

is, for one thing, not robust against cloaking (if malicious advertisers see the request coming from a Facebook IP, they might actually redirect to the displayed domain).

deprave 6 hours ago 0 replies      
Why isn't Facebook doing domain verification for the display domain? There are plenty of ways (email to well-known account, DNS records, etc.) to verify domain ownership. Google is doing that and I'm sure plenty people at Facebook are familiar with the concept.

From a legal perspective, I wonder if the legitimate sites can sue Facebook over that, or if there's a case for class action on behalf of users.

In any case, I don't buy any arguments that claim this is intentional to help actual advertisers or an oversight. From a security standpoint this is a spoofing tool and without any kind of validation or verification it should be clear what this tool is being used for. Facebook's in the business of collecting and analyzing data, and I'm sure they know very well that it's being misused.

Lxr 10 hours ago 1 reply      
Why is there even a separate field for "Display Link", is there a reason this can't be parsed from the actual URL (like HN)?
markab21 3 hours ago 0 replies      
I've been running ads for a bit now on Facebook. Compared to googles ad stack, Facebook's feels definitely more unrefined, to say the least, than Google's. Sometimes basic things on Facebook's platform simply do not work.

Their ad approval process is random. I've had ad's that were not approved, resubmit for "automatic" approval. (Keep trying till it passes into the sample group of Auto-Approve, it's an older account?)

All that said... I know Facebook was under pressure after their IPO to get revenue coming. They've figured out now how to monetize their traffic base and marketers are flocking to their platform. I expect that over time you're going to see slow tightening of their policies, especially as marketers learn to exploit it. It's still impossible to get someone on the phone from Facebook if you have a problem and though you can generate very low cost CPA actions from facebook, it's dangerous to bet big on them right now as this article points out, change is going to have to come.

dansingerman 8 hours ago 0 replies      
Usually infomercial type blog posts like this turn me off both the content and the product, but this is a pretty great example of how to pimp your product through genuinely interesting content. I've rarely seen it done this well.
red_admiral 4 hours ago 1 reply      
Here's another "bug" I noticed today: if your browser window is "too narrow", for example because you're using that widescreen to have two windows open at once, you get a horizontal scrollbar and ads display like this:


scroll to the right and you get this:


Yes, someone's being charged for an ad where even if I scroll I can only see a few pixels on the left. If I make the window a bit narrower I don't see it at all, but it's presumably still an "impression".

josefresco 5 hours ago 0 replies      
"If you tried this in Google AdWords, you would be laughed right out of your account."

Feel the burn Facebook.

joesmo 15 minutes ago 0 replies      
I see a lot of posts suggesting what FB should do about this (as if they have incentives to change things; they don't) but perhaps we should focus on informing end users about the dangers of ads and how to properly use an ad-blocker. What would really be great is for the tech community to provide solutions that regular non-techie users can use. For example, if Firefox started bundling anti-ad functionality into its browser.

The age of debating whether ads are acceptable or not is long passed; ads are not acceptable because they are malware. Period. We should be teaching people how to avoid malware and that means avoiding all ads. How can we expect FB to fix this problem when they are causing the problem and they are profiting from it? On the other hand, putting ad blocking technology into the next Firefox would not only fix a huge chunk of the problem, but also send a clear message from a huge fraction of web users that malware is not acceptable in any form, including in ad form. I can't think of a better solution.

heisenbit 6 hours ago 0 replies      
Considering FB insistence on "real name" this is priceless.
ChuckMcM 10 hours ago 1 reply      
Pretty egregious. I hope facebook wakes up to this type of fraud quickly because it is the kind of stuff my relatives fall for all the time.
andrewvijay 6 hours ago 0 replies      
Laughed way too hard at the code suggestion. Fantastic write up. Genuinely shocking that Facebook allows such an easy loophole undetected. Or maybe they know it.
TimMeade 5 hours ago 0 replies      
I surprised that so far in the comments, no one has brought up the R word. "Revenue" How much revenue is fb getting for allowing this? Their income has suddenly jumped dramatically in the last few years. 26K Clicks is pretty good income imho.
mathraq 4 hours ago 0 replies      
The article feel a bit like an ad for hunch.ly as well
greenspot 6 hours ago 0 replies      

Facebook ad's can have different display-URLs and target-URLs, even the domain can be different, e.g. ad shows cnn.com but leads to myshadysite.com

+ some subtle promotion for Hunchly (full-text search for your browser history)

mathraq 4 hours ago 0 replies      
The article feel a bit like an ad for hunch.ly
sidcool 8 hours ago 0 replies      
If you search for the word 'video' on HN, the top link is 'Facebook Fraud'.
tdkl 7 hours ago 1 reply      
Response from FB : "it was a bug, ooopsies, carry on".
chris_wot 5 hours ago 0 replies      
These ads are appearing on more reputable news sites, but for things like gambling. The story line is almost always about a guy who is left by his woman and he gets revenge by winning big. There are a list of "Facebook" comments, and they make sure a few of them state that it's a scam, which makes it look more legit.
areyoucrazy 3 hours ago 0 replies      
Also relevant - Veritasium: Facebook Fraud [1]

 [1] https://www.youtube.com/watch?v=oVfHeWTKjag

To approximate 52! by hand, compute 54! and divide by 3000. solipsys.co.uk
76 points by ColinWright  6 hours ago   15 comments top 4
danbruc 2 hours ago 1 reply      
No discussion of 52! is complete without [1]. A somewhat condensed version of one of the illustrations from the site.

52! is the number of different ways you can arrange a single deck of cards. Let's try to wrap our puny human brains around the magnitude of this number with a fun little theoretical exercise. Start a timer that will count down the number of seconds from 52! to 0. We're going to see how much fun we can have before the timer counts down all the way.Start by picking your favorite spot on the equator. You're going to walk around the world along the equator, but take a very leisurely pace of one step every billion years. Make sure to pack a deck of playing cards, so you can get in a few trillion hands of solitaire between steps.

After you complete your round the world trip, remove one drop of water from the Pacific Ocean. Now do the same thing again: walk around the world at one billion years per step, removing one drop of water from the Pacific Ocean each time you circle the globe. Continue until the ocean is empty.

When it is, take one sheet of paper and place it flat on the ground. Now, fill the ocean back up and start the entire process all over again, adding a sheet of paper to the stack each time youve emptied the ocean. Do this until the stack of paper reaches from the Earth to the Sun.

Take a glance at the timer, you will see that the three left-most digits havent even changed. You still have 8.063 10 more seconds to go. So, take the stack of papers down and do it all over again. One thousand times more. Unfortunately, that still wont do it. There are still more than 5.385 10 seconds remaining. Youre just about a third of the way done.

[1] http://czep.net/weblog/52cards.html

sowbug 2 hours ago 1 reply      
I once met a guy who said he could count anything instantly. I had to test his claim. "This is my ranch, and over there's my cattle. How many are there?"

He looked over, paused for the briefest moment, and then said, "I see 742 cows."

Astonished, I exclaimed, "That's exactly right! Mind sharing your secret?"

He leaned in a bit and proudly explained. "It's simple, really. I count the number of legs and divide by four."

ipsin 42 minutes ago 0 replies      
I do wish my high school combinatorics had included Stirling's approximation. It allows great approximations for problems that are really asking for it.

If there are 200 white and 200 black balls in an urn, there's no sense asking for some expected value as an exact rational number.

mrpopo 3 hours ago 1 reply      
The real value being :


that is, the approximation was about 80% of the real value. Half of the approximation was in Stirling's formula, and another half in approximating 2^50.

Edit: nevermind. Stirling's formula is surprisingly accurate. https://www.google.co.uk/#safe=off&q=%2854%2Fe%29^54*sqrt%28...

Mean of two floating point numbers can be dangerous honzabrabec.cz
35 points by Scea91  4 hours ago   16 comments top 9
PDoyle 3 hours ago 2 replies      
Same happens with integers. Try computing the mean of 3 and 4 using integer math.

The only difference, really, is that floating point can lull you into believing they have unlimited precision. With integer math, the problem would have been more obvious in the first place.

d33 2 hours ago 0 replies      
Obligatory: "What Every Programmer Should Know About Floating-Point Arithmetic"


kazinator 52 minutes ago 0 replies      
I don't understand this article. If you know the index, or other indicator of location, of the second point in the sequence, then just split the sequence before that point. No arithmetic involved; the type of the object is not even relevant.
dingo_bat 2 hours ago 0 replies      
I think the more important lesson here is to not write algorithms in a way that go into recursion because data types aren't infinitely precise.
rwmj 2 hours ago 1 reply      
I had a fun floating-point related bug the other day: I wanted to sort a list of doubles in C, and my comparison function was in essence:

 static int compare (void *dpa, void *dpb) { return *(double*)dpa - *(double*)dpb; }
The doubles represented times in nanoseconds, and the program failed to sort properly when the total runtime was larger than (IIRC) 2 seconds. I wonder if you can work out why.

(Spoiler alert) the fix was:https://github.com/libguestfs/libguestfs/commit/1f4a0bd90df3...

bnolsen 51 minutes ago 0 replies      
to be robust you need to deal with overflow and underflow and also pesky differences in domain.

overflow breaks (x + y) / 2. where x and y are largeunderflow breaks (x / 2.) + (y / 2.) where x and y are small.

and of course the problem where x is outside the exponent of y. But one of these values gets treated as though it were insignificant and effectively 0.

jrg123 2 hours ago 0 replies      
That's (one reason) why standard containers use < instead of <=
Confusion 2 hours ago 0 replies      
Related: How do you compute the midpoint of an interval? [1]. PDF [2]

[1] http://dl.acm.org/citation.cfm?id=2493882[2] https://hal.archives-ouvertes.fr/hal-00576641v1/document

erikb 1 hour ago 0 replies      
I would have upvoted if the title would have been "Mean of two floating point numbers can be mean".
Charlie Brown and Franz Stigler Incident wikipedia.org
84 points by marvindanig  11 hours ago   21 comments top 9
sandworm101 22 minutes ago 1 reply      
The bomber did not surrender. It did not land and/or seek sanctuary with a neutral party, even though both options were the more humane. It was not a wounded soldier trying to stay alive: it was still fighting and showed no intention of surrender. Today, the German pilot should have shot it down or be punished for allowing a combatant to so escape.

Chivalry is all well and good but, like so many other stories from that war, this reminds me of the speech in Remains of the Day where the American congressman calls all the old powers amateurs, that the coming war (WWII) wouldn't be prevented by a agreement between gentlemen over dinner. Imagine the outrage today if a US soldier allowed a wounded ISIS fighter to limp home with his weapon rather than capture him. Conversely, imagine what would happen to that wounded ISIS fighter should his compatriots see him fail to kill the hesitant US soldier. War has moved on.

elcapitan 7 hours ago 1 reply      
Stiegler (the German pilot) was exactly one shot down enemy machine away from getting the Knight's Cross. So that machine would have been easy prey - maybe too easy for his sense of honor?

I think it's interesting that he justified his action with his commander telling his men that shooting enemy pilots that have parachuted out of their machines is dishonorable, and that he essentially saw the almost defenseless machine with most of the crew killed in a comparable position.

There's a sense that technological abstraction makes warfare more evil, because people don't see each other anymore, and killing becomes even more abstract. That's even noticeable in non-war situations like car traffic, where people can become pretty aggressive behind the glass windows of their metal boxes. Even more obvious with drone strikes from a safe place halfway around the world. But for some reason those early days of airfight (probably more so in WW1 and less in WW2 though) convey this notion of "chivalry", which is somewhat counter-intuitive.

Maybe the common shared experience of having to deal with these complicated flying machines created this kind of respect for the other side?

fiatmoney 9 hours ago 3 replies      
"Brown went on to complete a combat tour."

Traditionally the reason for not allowing enemies to escape is that they will regroup and fight you again (accepting surrender, or allowing parachutists to land & become POWs, is a different matter). In this case, the escaped crew was able to return to bomb German civilians.

sjclemmy 5 hours ago 2 replies      
My grandfather who fought in WWII (British) developed a close friendship with a German veteran in his later years. I think they met in southern Spain where they both spent a lot of time in their retirement in the 1980s. I doubt their story was as spectacular as this, but there was clearly some experience they both shared that led to the friendship. I'm not suggesting they knew each other in the war (but who knows?), but the fact they both went through similar experiences allowed them to develop a bond.

I wonder how common this is?

jbmorgado 1 hour ago 0 replies      
Am I the only one that see Stigler as clearly the better man in all this story?

All Brown did (not counting the his bravery and the bravery of his crew, but looking just at the interaction Brown Stigler) was to spare the German plane after he helped him get out of that mess and send him away with a pointed gun warning and then shut up about the gesture and keep bombing German civilians until the end of the war.

webreac 7 hours ago 1 reply      
I have just read https://en.wikipedia.org/wiki/Strategic_bombing_during_World... that was very different from what my teacher said. For him, germans were far more effective than uk in bombing war production factories and uk was getting short of airplanes. Churchill has decided to focus more on german towns, causing the retaliation on London bombing. According to him, this plan has been a total success, uk was able to rebuild its war production factories and to catch up with Germany.

As history is always rewrote by winner, I was not able to confirm this story.

theorique 4 hours ago 0 replies      
The Swedish power metal band Sabaton told the story of this incident in their song "No Bullets Fly"


saynsedit 5 hours ago 0 replies      
War is terrible. Average citizen doesn't realize it until there's a draft or until after they're a veteran.

I hope one day we'll reach critical mass of war awareness and stand up against it. For now, we're building "modern" smaller target nuclear weapons.

lb1lf 6 hours ago 0 replies      
I read an account of this incident and its aftermath - including the meet between the two pilots decades after the war.

Absorbing read, quite different from your average WWII literature - investigating Stigler's background in some detail to look for motivation for this act, &c.

It was titled 'A higher call' IIRC. Most recommended.

Building Problem Solvers (1993) northwestern.edu
52 points by callmekit  10 hours ago   2 comments top 2
icu 6 hours ago 0 replies      
Thank you for posting this link on HN :-)
The J1 Forth CPU (2010) excamera.com
31 points by panic  9 hours ago   4 comments top 2
dewster 40 minutes ago 0 replies      
Or try my Hive soft processor core:


I need to update the paper and code, the core is at v9.03 and the simulator can now parse assembly code as input.

IMO canonical stack processors aren't a good substitute for register-based processors. Hive is a stack / register hybrid that makes the 2 operand architecture more efficient. And I don't know why barrel processors aren't taking over the world - they make too much sense I suppose.

nickpsecurity 1 hour ago 1 reply      
A tiny, open CPU is good. Running Forth is not so good. People should also look at this one:


Their Java processor outperforms most of the others with small amount of space. It's open. Doesn't necessarily have to run Java as Oberon or something could probably be ported. The papers section is full of good stuff.

Show HN: Slide an open-source plain text presentation maker trikita.co
68 points by zserge  12 hours ago   35 comments top 12
escherize 5 hours ago 1 reply      
I ctrl+f'd for org-reveal, and didn't find it so I'll give it a plug.

I write org-mode files (kind of like a richer version of markdown), and use org-reveal and emacs' publishing system turn them into slide shows like [1] this: (pic: [2]). The best part about the workflow is including code snippets using org mode's add source block, which allows me to edit code in the usual mode that I edit code with. Also org-reveal uses emacs' code highlighting settings to do code highlighting.

 [1] http://escherize.com/rethinkdb_talk/ [2] http://take.ms/FHrR0

evacchi 6 hours ago 1 reply      
This is nice.

A bit OT: on the subject of presentation tools, I'm struggling to find something that suits me.

I really like Deckset[0], but found it sometimes limiting. For instance, I found that very few themes suite my style of presentation; and I often wish I could choose different color palettes, or left-align the text in a centered layout (e.g. when using bullet lists)

I generally dislike HTML-based presenting tools; I do not like the idea of using the browser; the PDF export is usually hit and miss, and I would not risk going to a venue with broken slides.

I have also tried to experiment with (La)TeX. Unfortunately I find LaTeX very boilerplate-y, and the de-facto standard for presentations, Beamer, is not easy to customize; even the most modern themes are designed with lots of text in mind, and I'd like Deckset-like layout with little text, many headings/large fonts (sometimes more than one section in one slide) and mostly source code.

I have experimented with `lecturer.tex` and even plain TeX [1]. The idea would have been to use it as a compilation target for Markdown (maybe using Pandoc). Unfortunately I could not find a satisfying way to typeset source code with syntax highlighting in plain TeX [2], and also working with modern fonts (TTF/OTF) in TeX is generally a pain (e.g. lecturer.tex doesn't play well with XeTeX; LuaTeX on the other hand is slightly less convenient with fonts)

[0] http://www.decksetapp.com/

[1] https://twitter.com/evacchi/status/738018333228978176 , https://github.com/evacchi/lecturer-playground

[2] http://tex.stackexchange.com/questions/312249/listings-for-p...

jonaf 2 hours ago 0 replies      
At first, I thought this was a terminal version of Powerpoint, akin to mdp[1], which has been my favorite. (I actually use mdp over powerpoint/keynote on my laptop at work these days, since I can checkin the markdown, write the presentation easily, and spend zero time on all the formatting garbage.) I do not work in marketing (can you tell?).

[1] https://github.com/visit1985/mdp

Gys 6 hours ago 0 replies      
Reminds me of the Golang Present tool which also works with a simple plain text file:https://godoc.org/golang.org/x/tools/present
geraldbauer 4 hours ago 0 replies      
Great to see more text to presentation makers. May I highlight the free (open source) Slide Show (S9) [1] presentation maker. What's different? Offers many themes e.g. reveal.js, deck.js, impress.js, Shower, S6, G5, etc. [2] Cheers. PS: Try online [3] PPS: The command line also include a --takahashi switch e.g. lets you use One // Two // Three (for breaking slides) [1] http://slideshow-s9.github.io[2] https://github.com/slideshow-templates[3] http://tryslideshow.herokuapp.com/
timvdalen 4 hours ago 0 replies      
Really interesting tool, the PDF export seems to work great as well.

I had not heard of the Takahashi method.I might use it for some informal talks or as a presentation prototyping tool.

freekygangster 10 hours ago 0 replies      
masukomi 1 hour ago 1 reply      
how does someone make a presentation app and a) not have a presentation about it b) not have any presentations made with it as examples?
unusximmortalis 7 hours ago 1 reply      
Any demos
znpy 6 hours ago 4 replies      
I recently gave a talk and crafted my slides using the good old LibreOffice Impress. Everything went smoothly and I only had some minor scratches with code highlighting.

I am always amazed by how much technical people underestimate office suites (MS Office and LibreOffice) and reinvent the wheel every month or so.

MichailP 7 hours ago 2 replies      
Anybody knows whats the catch with MacBook owners plugging their own laptops directly to projector during conference presentations, while others use already available common laptop and just transfer their ppt? It seems a bit snooty :) Although there are benefits, your ppt is not made available to everybody.
LionessLover 5 hours ago 3 replies      
Others may (will) see it differently, and obviously it depends on context - different things need different presentations - but I can't stand when people have text slides. You are already talking - seeing exactly what you say or the gist of it in text makes one of the two superfluous. Just yesterday I watched a JSConf presentation that I actually ended up sharing that I still found infuriating for the first 7 minutes: The speaker said exactly the sentence (plus verbal decorations, meaning no additional content, just more words) that he also showed on slides. A new slide, a new sentence. (This is the one: "Emanuel Kluge: Go Offline with Service Workers - JSUnconf 2016" - https://www.youtube.com/watch?v=ou6oPEEyjNQ)

I think a lot of presentations would gain a lot if the power went out. Imagine yourself in a round of people and you explain your idea to them. While common the handling of your smartphone or laptop during a conversation or explanation often is much more of a distraction than useful.

Obviously there are plenty of examples where you do need them when you want to show something concrete like code or the thing you are talking about (unless it's a common object everybody already knows), but especially "idea and concept presentations" often are better off without the visuals. And please don't add jokes just because you heard that you should.

I try to create a presentation by using "just me". And then only add other stuff if it's really necessary.

Java Exception Handling neverworkintheory.org
4 points by ingve  2 hours ago   discuss
TeamViewer users are being hacked in bulk, and we still dont know how arstechnica.co.uk
135 points by edward  8 hours ago   41 comments top 12
barking 6 hours ago 1 reply      
Maybe I have 2 factor authentication set up wrong or am missing something but here is what I have just noticed.

I ran teamviewer on 2 computers.

The teamviewer windows appear.

On neither instance do I log into my teamviewer account, so I don't enter my account password and therefore I don't enter a 2FA code from my phone.

However I can still open a session from one computer to the other using either the random password or the stored computer-specific password.

So how exactly does 2FA increase my protection from the alleged scam?

brudgers 3 hours ago 1 reply      
Initial Hacker News discussion, mainly for the top comment: https://news.ycombinator.com/item?id=11826431

I am not an expert. The top comment helped me assess the risk.

puddintane 3 hours ago 0 replies      
Reading more into this I really do wonder if this is related to other companies being hacked. If you look at this Reddit thread https://www.reddit.com/r/teamviewer/comments/4m6omd/teamview...

search "Do you have a TV Account" I have yet to find an answer from someone that said No (meaning they use the numbering system- only yes, used to and "free" which still is a login). A lot of answers to include that they use the same password for the same email for various accounts. A few that don't but those numbers are very small and more than likely that user was compromised another way.

edit Of course this is speculation and as mentioned in the original post of this article we should assume this was TV being hacked versus just a simple re-used password

pmontra 7 hours ago 2 replies      
The Teamviewer account is required to access another computer without someone being there [1]. When you're helping a friend or demoing to a customer, they're there to start their teamviewer and give you the access code. There is no need for accounts if those are all your use cases and there is no risk to be attacked without an account, is that correct?

[1] https://www.teamviewer.com/en/help/410-what-is-a-teamviewer-...

curiousgal 7 hours ago 1 reply      
They did report DNS issues, it could be that someone hijacked their domain/DNS and set up a fake authentication server. From there the possibilities are endless. [0] jumps to mind


rando289 4 hours ago 1 reply      
"we still don't know how." No one is stating the obvious: we would know more if we had the source code.
jsmeaton 5 hours ago 2 replies      
Happened to my friend about 3 weeks ago and he's a fairy savvy computer user. Had 5k extracted from PayPal which has just been recovered. All my friends have now uninstalled team viewer if they had it installed.
jbverschoor 3 hours ago 2 replies      
Disabled my teamviewer. Relying on zerotier + remote desktop
pronoiac 1 hour ago 3 replies      
Ugh! I use Team Viewer to take care of family computers. Is there a good alternative on Macs behind NAT?
Havoc 5 hours ago 1 reply      
Its pretty shocking that its still available for download.
Ace17 5 hours ago 1 reply      
It might be related to the fact that too many TV users usually send their id+password in one single clear-text email.
unusximmortalis 7 hours ago 3 replies      
Is this for real?
Cloud.gov cloud.gov
385 points by gmays  21 hours ago   102 comments top 14
bmogilefsky 18 hours ago 10 replies      
I'm the product lead on cloud.gov... Thanks for noticing us! There are other Cloud Foundry deployments, but what makes cloud.gov special is the focus on ensuring federal agencies are actually able to use it. Federal compliance for a cloud service provider is a tough bar to clear, and without it most agencies are simply unable to take advantage of capabilities the rest of the world now takes for granted. That in turn impedes improvements in the many services the government has to offer. We've just reached the "FedRAMP Ready" status, which is a signifier of confidence that cloud.gov will make it through the exhaustive auditing process to come. Best of all, everything were doing is open source, including all the compliance work, so others will be able to follow in our footsteps. AMA!
verst 19 hours ago 2 replies      
I'm about to join 18F (in a few weeks), working on cloud.gov.

I worked on the Google Cloud Platform team around the time Compute Engine and Big Query were launched (but spent most of my time on App Engine).

A few weeks ago at the Cloud Foundry Summit the folks from cloud.gov.au gave a keynote. Cloud.gov got some nice shoutouts - the Australian counterparts reused a lot of the cloud.gov work, thanks to the transparent open-source approach.

Listing of cloud.gov related Github repos:https://docs.cloud.gov/ops/repos/

rambos 3 hours ago 2 replies      
As someone who develops for a Gov't agency, this is the wrong move. So much money has been spent on mimicking the private sector innovators. Millions and millions of tax dollars spent on these type of projects.

The focus really needs to be on building a process to better integrate private cloud services and gov't applications. I mean they already are for the most part: https://aws.amazon.com/compliance/fedramp/



Seriously this is just another wasteful program. The Gov't and 18F will hype it up, but don't be fooled.

nvas 17 hours ago 3 replies      
I work in GSA as well, and I have a lot of trouble getting software approved that you use all the time, even getting nginx approved took a long time. Forget about vagrant, virtual box, recent versions of python, etc...

How were you able to get ATOs to operate most of your systems and work through these policies?

darawk 19 hours ago 1 reply      
This is really cool. 18F has been doing a lot of amazing work, it seems like the possibility of government tech not totally sucking may be on the (somewhat distant) horizon.
tfg4k 1 hour ago 0 replies      
I apologize but browsing first thing in the morning, was I the only one who assumed this was a joke?
homero 19 hours ago 2 replies      
I'd love to use them. Going to the source will reduce latency because the mitm is removed. Now it's just the man. Seriously, I'd switch from DO.
frozenport 18 hours ago 1 reply      
Isn't the the "Platform-as-a-service" logo the Amazon AWS logo?


19 hours ago 19 hours ago 1 reply      
Care to elaborate your disapproval?
19 hours ago 19 hours ago 1 reply      
Please don't do this here.
18 hours ago 18 hours ago 2 replies      
We detached this subthread from https://news.ycombinator.com/item?id=11838077 and marked it off-topic.
cloudjacker 18 hours ago 0 replies      
at first I was going to make fun of them for choosing "Cloud" half a decade after that buzz word reached its peak, but then I looked at the service and it is pretty cool
scalio 7 hours ago 0 replies      
What is such a fabulous cloud made of? Broccoli? Or maybe still only a datacenter?
sean99 3 hours ago 0 replies      

contact us on {masterminditservices@gmail.com}. or +1(205) 900-9736

Below is a list of some of some services we offerMobile Hacking, email, Social Media Hack, School grades changing, Clearing of criminal records, Password sniffing, Bank Transfers and Company Money-Wire services, Cyber Security, Computer Security, SMTP Any domain, Cpanel, Unlimited, Shell, RDP, Leads, Cpanel, fulls, EIN, Pin, W2, SSN, DOB, fulls for Loans, Mystery shopper, Assistant BOS, Any Country Leads, Location detecting, SQL DB penetration, Penetration testing, Software testing, Database Penetration, Website Ransoming etc

Headless Chrome is coming soon twitter.com
247 points by AnbeSivam  13 hours ago   39 comments top 13
jakozaur 7 hours ago 5 replies      
That would be so awesome. The current alternatives:

1. Use PhantomJS: It easy to script, but it lags over real browser by few years and development is stagnant. Many real website doesn't work in PhantomJS.

2. Use Chrome/Firefox xvfb. You have real browser, but scripting is hard. E.g. even hello world examples like make a thumbnail of a website takes a lot of time to get right.

According to some rumors, headless Chrome existed before even Chrome was released to the public. Google use it to do web scraping. However, though headless browsers are great for developers, they are also great for spammers and ad fraud. So the main developer likely has conflict of interests whether to invest resources into making headless Chrome public.

juliangamble 11 hours ago 0 replies      
If this would benefit you - please star this issue: https://bugs.chromium.org/p/chromium/issues/detail?id=546953
frik 9 hours ago 1 reply      
From the bug comments:

 headless: Implement screenshot capturing (based on patch from skyostil@, also sets default window size to 800x600 to enable basic snapshot support) With the --screenshot option, headless shell will save a PNG screenshot of the loaded page.

shanemhansen 51 minutes ago 0 replies      
I'm most excited about integration testing on sites with http/2 deployed.
joshschreuder 13 hours ago 2 replies      
Could this be used for Selenium tests too? And with visual diff testing tools?
emilong 11 hours ago 1 reply      
This is great news. In general I'm hoping this makes it easier to do browser testing in more CI services, rather than isolating this type of testing to services that have to specialize in it just to get it to to work.

One (minor?) benefit over Phantom is having working file uploads, though it would be awesome to have that in Phantom too.

erikb 1 hour ago 0 replies      
Please link the source and not twitter next time.
gildas 5 hours ago 0 replies      
Great news! I hope this will allow to change the hard-coded limit of the maximum number of connection per server in Chrome [1].

[1] https://bugs.chromium.org/p/chromium/issues/detail?id=85323

juliangamble 11 hours ago 1 reply      
Another way to solve this problem is to have Chrome in a docker container that you can start up: https://github.com/SeleniumHQ/docker-selenium
fuzionmonkey 12 hours ago 0 replies      
This is awesome. I've been using Electron for browser tests which has been a big improvement over Phantom, but setting up xvfb can be a pain.
jsprogrammer 11 hours ago 1 reply      
I just use XVFB.

 xvfb-run --server-args='-screen 0 1024x768x24 -ac' chromium-browser --user-data-dir <url>

shimon_e 12 hours ago 1 reply      
Isn't chromium already bundled with chromedriver? Or at least it is on arch linux. (fyi, chromedriver conflicts chromium in aur because of this)
qznc 10 hours ago 1 reply      
I wanted this 10 years ago. It is fascinating that it took so long already.
Image Processing with scikit-image (2014) yhat.com
27 points by kercker  13 hours ago   6 comments top 2
mbrundle 8 hours ago 2 replies      
I do a lot of image processing algorithm development (e.g. building custom segmentation algorithms). I started out using Matlab during my DPhil research because (a) it came with very fully featured toolboxes, and (b) most other researchers wrote their code in Matlab too.

Recently I've started making heavy use of Python at work. It's made significant strides in terms of its image processing libraries. I haven't used scikit-image much, but we routinely work with OpenCV at our office, because its feature set is a great complement to Matlab's. However there still remains a lot of really useful 3rd party code that's only accessible with Matlab.

Our current workflow, as a result, is to use Matlab and Python where necessary (because different problems are more tractable with one or the other), and to then stitch them together. This is a bit messy but doable. (I wrote a blog post about it on my site if anyone needs to look into this.)

Bottom line - the Python libraries are fantastic for dabbling with image processing, but for serious work, depending on what you're doing, you may still need to get your hands dirty with Matlab for the time being. This is unfortunate, because Python is free and Matlab is $$$. This will likely continue until a large enough proportion of the academic image processing / computer vision Matlab researcher userbase switches over to Python.

wodenokoto 4 hours ago 1 reply      
I noticed he is using ggplot, which is the python attempt of implementing the API of the ggplot2 R-package.

What is the status of ggplot on python? Is it ready to replace seaborn and matplotlib?


Anypixel.js googlecreativelab.github.io
249 points by afshinmeh  18 hours ago   30 comments top 13
CraigJPerry 6 hours ago 0 replies      
Theres a guy publishing yt vids about his installations of this nature


The attention to detail, I find the details fascinating. He's a really bright guy but designing the protocol, making software so that the creative agency can program the lighting without him in the loop, writing firmware that protects the installation from damage even if they're ham fisted with the lighting sequence they design etc etc

jc4p 15 hours ago 1 reply      
This is rad! I have a bunch of LED matrices I currently use https://github.com/hzeller/rpi-rgb-led-matrix for, I need to spend some quality time with Anypixel to see how it compares / if I can combine the two.

I wish that "in browser previewer" link actually led to a usable in browser thing rather than just a folder on GitHub.

sorenjan 15 hours ago 2 replies      
That page made my core i7 jump from 3% to ~50% utilization, just by opening it in a tab.
Splendor 11 hours ago 1 reply      
> AnyPixel.js straightforward hardware/software framework makes it easy to build any display where each pixel is an interactive element.

Interesting apostrophe here. I'd never consider how to attribute possession to a package name.

paddi91 7 hours ago 1 reply      
Obviously no way to build these PCBs by hand, 4 layer and a lot of hard to solder parts. BOM cost for the controller is about 100USD.


asd 10 hours ago 0 replies      
Very cool. Perhaps Adafruit, Sparkfun or the like will whip up with a kit that utilizes these types of led arcade buttons, but on a much smaller scale. Also, I wonder if they make "mini" led arcade buttons so you could tighten up the array a bit. It seems that smaller buttons would create better visualizations if space was limited.
lightx 12 hours ago 2 replies      
Those buttons looks cool. Anyone know where to get them? (https://googlecreativelab.github.io/anypixel/img/carousel_02...)
Negative1 15 hours ago 1 reply      
Very cool... OK I'll bite; what is Google Creative Lab?
shadowmint 14 hours ago 1 reply      
Is it just me, or is that video really bad at demoing the result?

It seems like pressing the buttons does nothing from the video?

kevinwang 11 hours ago 2 replies      
well this is the most beautiful webpage i've ever seen.
teddyknox 17 hours ago 3 replies      
Does anyone know which Google office the button wall in the demo video is installed?
alttab 13 hours ago 0 replies      
Reminds me of a Weezer light display
sjnair96 14 hours ago 1 reply      
How did they make the header loading animation ? Seems to be using canvas but I don't get how it works.
AWS Service Interuptions
67 points by codingninja  9 hours ago   37 comments top 18
romanr 5 hours ago 2 replies      
It will take a direct hit with nuclear weapon on the datacenter for Amazon to change icon to red on service status page.
WDCDev 20 minutes ago 0 replies      
Our Sydney EC2 DB instance is stuck spinning in the "stopping" state so we are basically offline right now. The team is working on getting a new DB instance set up, but I read that our payment provide, Westpac, is also having issues. So even if we do get back online, users might not be able to purchase.

What a mess.

lobe 7 hours ago 0 replies      
Not sure if relevant to this issue, but Sydney is currently being hit with one of the biggest storms I can remember in the past few years. Probably not crazy enough to take down a DC, but might be a contributing factor in this outage.
sidcool 8 hours ago 2 replies      
From AWS status page for Asia Pacific:

10:47 PM PDT We are investigating increased connectivity issues for EC2 instances in the AP-SOUTHEAST-2 Region.

11:08 PM PDT We continue to investigate connectivity issues for some instances in a single Availability Zone and increased API error rates for the EC2 APIs in the AP-SOUTHEAST-2 Region.

11:49 PM PDT We can confirm that instances have experienced a power event within a single Availability Zone in the AP-SOUTHEAST-2 Region. Error rates for the EC2 APIs have improved and launches of new EC2 instances are succeeding within the other Availability Zones in the Region.

Jun 5, 12:31 AM PDT We have restored power to the affected Availability Zone and are working to restore connectivity to the affected instances.

origami777 6 hours ago 2 replies      
I realize that some systems may need to have all of their servers located close together in a single AZ. But barring that, if this took you offline, you should really consider spreading your instances across AZs. It's so easy there's no excuse not to do it.

Another thing to look into is EC2 Auto Recovery [1]. I don't know if this would've kicked in with today's event, but it's worth setting up as an extra safety net.

[1] https://aws.amazon.com/blogs/aws/new-auto-recovery-for-amazo...

edit: I'm basing this off the status page which indicated that only one AZ was impacted.

DenisM 1 hour ago 1 reply      
I see lots of people using ELB for load balancing. Anyone tried using DNS on top of ELB to spread the load? That might just save you from the extended downtime.
25thhour 5 hours ago 1 reply      
Still down 5 hours later. ELB won't register instances. Ugh
MasterNayru 9 hours ago 0 replies      
For all intents and purposes, we're completely offline at the moment. It's clearly some serious issue because the icon for EC2 in Sydney on AWS' status page is yellow, rather than the usual green tick with the small 'i'.
PebblesHD 8 hours ago 0 replies      
Another confirmation here, all services in our Sydney AZ are down. AWS Support last mentioned a power failure or similar in AZ1, but some of ours are coming back online now.
aaratn 9 hours ago 1 reply      
Works for me - Sydney Region
rmdoss 9 hours ago 0 replies      
Yes, AWS EC2 (Sydney) is completely offline from what we see. We have almost 10 servers there unaccessible for over an hour.
mhealy 9 hours ago 1 reply      
Yes, it seems that zone A is completely down. However, load balancers seem to be affected as well.
schappim 7 hours ago 0 replies      
Still having issues with accessing apps hosted on Elastic Beanstalk on AP-SOUTHEAST-2 Region. Restarting app servers / rebuilding the environment doesn't make a difference.
vfulco 3 hours ago 0 replies      
Anyone having problems with BJ servers? My site is not running, https://www.weisisheng.cn, I can not SSH into machine nor access login page to AWS dashboard.
karmacondon 5 hours ago 0 replies      
I recently switched to Google Compute Engine. It's cheaper and so far more reliable than AWS. Might be another option for some people here.
theathea 8 hours ago 0 replies      
Curious if you are all based in Australia, or if the Sydney outage is effecting other regions?
mysteriousmango 8 hours ago 0 replies      
We appear to be back online, however all machines have rebooted.
25thhour 9 hours ago 0 replies      
ap-southeast-2 EC2 appears to be completely offline for us
Automatic laundry folding foldimate.com
55 points by andreapaiola  6 hours ago   57 comments top 15
jolux 1 minute ago 0 replies      
Is it just me or does this look very sketchy/like vaporware? They start off clipping the shirts into those things and then they flip to a CGI render, suggesting they don't even have a working prototype, and yet they're already accepting "pre-orders." For a startup that was started in 2012 (and the founder is listed as one of the seed investors) this seems like worryingly little progress.
MrQuincle 3 hours ago 4 replies      
The cardboard box solution: https://www.youtube.com/watch?v=cv7y2n0fOhw

The industrial solution: https://www.youtube.com/watch?v=oKgHEz05lqw

A black box that just as well can be Searle's chinese room: https://www.youtube.com/watch?v=7apeh4tjsgI

I think however the wrong thing is optimized here. I don't care about the folding. I do care about the steaming. If I could steam it at home, that would be awesome: https://www.youtube.com/watch?v=q_q-iDj6U3M

chongli 3 hours ago 2 replies      
This is not very impressive. I want to be able to dump an armload of clothes hot out of the dryer into a hopper and forget about it. Having to sort and hang the clothes on those clips (of which there don't appear to be very many) is more than half the work!
imeron 6 minutes ago 0 replies      
There's also Laundroid announced last year that can supposedly fold your clothes without hanging it first. https://www.youtube.com/watch?v=7apeh4tjsgI
smt88 1 hour ago 1 reply      
This looks like yet another crowdfunding vaporware. Their demo video is CGI, and the release date is 2017.
koolba 3 hours ago 2 replies      
From the FAQ, (emphasis mine):

> There is less than a 1% chance that FoldiMate will do anything other than fold your laundry and treat your clothes.

Let's be generous and say that less than 1% means .5% chance. Assuming each clothing fold is an independent event, that means if you fold 20 articles of clothing then you have a 90% chance of not destroying one of them[1].

I like those odds!

[1]: (1 - .005)^20 = 0.90461048

IgorPartola 3 hours ago 5 replies      
Yeah, I hang up my clothes, so...

If you want to save a crapton of time on doing laundry, throw out all your socks and buy the same kind. I standardized on UndeR Armor Resistor. Cheap, last about a year, seem to stay in profuction forever. If every household member does that, you never have to play the sock pairing game again.

MetallicCloud 3 hours ago 2 replies      
It doesn't really take very long to actually fold shirts and pants, most of the time is spent on sorting. I would think in the amount of time it takes you to properly clip a shirt onto the machine, you should easily have folded it yourself.
JustUhThought 3 hours ago 3 replies      
There are already a, proportionally, lot of comments of the sort "this doesn't save that much time" or "folding doesn't take that long".

Then, don't buy it. But to suggest that, in America, land of the Snuggie, The Clapper, Feet Socks, and single serve automatic coffee brewers, come on. There is a place in the market for something that makes doing laundry a little less misserable.

hanniabu 4 hours ago 2 replies      
While this is pretty interesting, the machine seems pretty bulky. I also wonder how accurate you have to be with the way you hang up the clothes on those clips. I'm sure if you're a little off the clothes won't last right. The other drawback I notice is that it seems this only folds tops. Pretty pricey and bulky for a one trick pony.
sundvor 3 hours ago 2 replies      

 > We start with a neat, professionally looking fold > * More methods will be available via FoldiMates internet store
That's potentially interesting; are we basically talking about software unlocking of capabilities here, i.e. like Tesla's autopilot?

huherto 1 hour ago 0 replies      
If we solved self driving. It may be possible to place all your clothes on a tote and have a robot pick all your clothes and take them to an automated washing, drying, ironing and folding facility.
organsnyder 3 hours ago 0 replies      
If someone could create a machine that actually put the laundry away, we'd get one (or at least covet one) in a heartbeat. Unfortunately, for our family of five, the folding part of the operation really isn't where most of the labor is.
dominotw 3 hours ago 2 replies      
I always used 'laundry folding' as a counterexample for fears of automation. This clumsy machine is case is point that pervasive automation is far far far away.
coderKen 3 hours ago 2 replies      
and we are wondering why a lot of Americans are obese. Simple tasks like these help burn a few calories.
Disadvantages of purely functional programming flyingfrogblog.blogspot.com
4 points by YAFZ  1 hour ago   discuss
NoScript and other popular Firefox add-ons open millions to new attack arstechnica.com
57 points by akavel  5 hours ago   9 comments top 5
JoachimSchipper 4 hours ago 1 reply      
The headline is very sensational. The actual research says that a malicious extension can do its malicious work by reusing part of the code of existing extensions, which may be less obvious than directly pwning the host.

The research isn't bad, but "here's a trick to hide (extension) malware using (the code of) NoScript" is very different from the most straightforward reading of "NoScript is vulnerable".

jccalhoun 2 hours ago 1 reply      
noscript author's response:

"It's a story of FUD and sensationalism, which got reported in such a careless way that now makes explaining and correcting readers' perception an uphill battle."


ryuuchin 3 hours ago 1 reply      
Paper this article is based on can be found here[1].

I'm not aware that the tools they used or the source for the tools they used was ever released although it was reportedly given to the Mozilla reviewers[2]. Outside of the top 10 extensions they listed this makes it hard to draw conclusions other than the fact that Firefox's extension architecture leaves something to be desired although I'm not sure I would call it surprising. Firefox has a long history of not making a push towards a more secure platform. I'm not sure I would say they don't care but it's clearly not a priority for them (in general, not specifically this incident).

This is speculating but I would imagine they may have integrated this into their automated review process or at the very least done a more thorough scan and contacted extension authors since they were reportedly given the tools. Although a better question is could anything actually be done about this in the extension's code (it may be in the paper, I didn't read it all the way through)?

[1] https://www.internetsociety.org/sites/default/files/blogs-me...

[2] https://github.com/gorhill/uBlock/issues/1534

hackney 1 hour ago 0 replies      
Instead of the incessant pandering to the, "look, it's insecure because of x", we need to focus on how it IS secure and then making it even moreso across the board.The pedantic, aint good enough, needs to change to how it can be better.
akerro 4 hours ago 0 replies      
But at least I have Pocket and FirefoxHello integrated. Wasted efforts...
Hacker News Highlights, the Alan Kay Edition themacro.com
285 points by craigcannon  23 hours ago   62 comments top 14
nickpsecurity 19 hours ago 1 reply      
This was already useful with him saying that Barton was a brilliant engineer. I have one paper with his name on it, sent by pjmlp, that describes his design of modern computing:


He describes need for ALGOL-like programming languages, how they'll be implemented, training people, and early notions of hardware/software co-design. Also, touches on various aspects of ALGOL that could be turned into a CPU. Later, helps design and build one that's essentially the first, business mainframe plus the first of mostly-safe, truly-engineered computers.


Later, another Burroughs guy, Anderson, uses similar engineering mindset invents INFOSEC per Roger Schell who expanded on his work. Another hired by Intel puts the MMU and segments in there to give security developers a chance. All may ultimately trace to Barton's work and framework for thinking about machines from high-level to hardware. Worth highlighting and becoming more clear thanks to Kay's little remark that tells me who brains of operation probably was among many author's names I see in various places.

Has Wikipedia page it turns out:


Note: Reading this, he may be the inventor of practical, abstract machines as computing solutions. He also taught lots of success stories in industry. Wonder what else he would've done if he stayed in industry.

dang 22 hours ago 6 replies      
We asked Alan to do an AMA a while ago and he said yes, but having him show up to comment on the topic of a given thread is in a way even better. I thought those comments were pure gold. If you missed them, take a look.

Alan and his group joining YC is the most mind-blowing thing to happen (for me) since I started working on HN. No one has influenced me more in thinking about computing, and his tireless work in talking about computing history (especially the work and culture around ARPA) is a true service. Watching his talks seems to be the only easy place to get that information, and when you start doing it it's like one of those dreams where you enter into a wing of your house that you didn't know existed.

Edit: One of my dreams for HN is for this community to become active in recovering, learning, and extending the computing culture that Alan talks about, which is so much more satisfying than the morass of complexity we mostly find ourselves bogged down in.

dirtyaura 19 hours ago 3 replies      
The "Alan Kay"-style moment of Hacker News for me was when I posted a link to article describing sendfile, tcp_nodelay and tcp_nopush. The article referred to Nagle's algorithm when describing tcp_nodelay and described the problem incorrectly. And lo and behold, Nagle itself came to enlighten the uninformed.


themartorana 22 hours ago 4 replies      
On object "states" as recorded object history (snapshots in time?):

"The just computed stable state is very useful. It will never be changed again -- so it represents a "version" of the system simulation -- and it can be safely used as value sources for the functional transitions to the next stable state. It can also be used as sources for creating visualizations of the world at that instant. The history can be used for debugging, undos, roll-backs, etc.

"In this model -- again partly from McCarthy, Strachey, Simula, etc., -- "time doesn't exist between stable states": the "clock" only advances when each new state is completed. The CPU itself doesn't act as a clock as far as programs are concerned.This gives rise to a very simple way to do deterministic relationships that has an intrinsic and clean model of time.

"For a variety of reasons -- none of them very good -- this way of being safe lost out in the 60s in favor of allowing race conditions in imperative programming and then trying to protect against them using terrible semaphores, etc which can lead to lock ups."

Oh, my kingdom for atomic, history-recording (and replayable) object states! Safety existed in this fashion in the 60s!! I didn't know this, and now I'm sad.

Race conditions continue to haunt us all to this day, especially as languages start supporting concurrency and parallelism primitively. (Not to mention that debugging race conditions is a nightmare - a nod to the Go language devs for making clear a race condition caused a crash in the stack trace.)

vonnik 20 hours ago 1 reply      
Feature request: Let us follow HN users we like and have all their comments show up in a feed.
justin66 18 hours ago 0 replies      
Alan Kay's response to the Dijkstra quote was wonderful. I'd always appreciated Kay's calling out Dijkstra, but that he was amused and not angered by Dijkstra's attitude is great.
dang 17 hours ago 0 replies      
While we're at it, anybody else have a highlight they'd like us to add to that list? Either recent or old is fine.
JepZ 21 hours ago 1 reply      
Since one of my professors forced all students to learn Smalltalk I deeply respect Alan Kay. This language is so consistent and readable at the same time. Whenever I heard a story of him or saw something he had done this respect grows.

But somehow I stick to code in golang in my spare time. I am afraid I will never see a language designed by Alan Kay and Ken Thompson together ;-)

Thx for the HN Alan Kay Edition

curiousgal 22 hours ago 0 replies      
I don't know why I found this heart-warming. I love HN. :')
xufi 20 hours ago 0 replies      
Thanks Alan for the Q&A. It was great to see you giving answers and your own thoughts on aching questions we had. Glad to have you as part of HN
kenko 16 hours ago 1 reply      
The idea that The Glass Bees is "little-known" is ... curious. It was republished by New York Review Books, not exactly a small little press no one's ever heard of.
minimaxir 23 hours ago 1 reply      
Er, the "Six Years of Hacker News Comments about Twilio" article was an admitted troll by the OP. https://news.ycombinator.com/item?id=11786464
syngrog66 8 hours ago 2 replies      
I am 99% confident of this, but would you clarify for us 100%: are you that Alan Kay?
jcoffland 20 hours ago 4 replies      
This over the top hero worship is part of the HN culture that I just can't get behind. Alan Kay has an impressive resume but so do a lot of people on here.

Political rallying behind a famous name only leads to the hangers-on getting a free ride to the top and keeps me standing far clear of the corporate world. I'm here to discuss the latest news.

Facebook disabling messaging in its mobile web app to push people to Messenger techcrunch.com
547 points by prostoalex  1 day ago   462 comments top 104
galdosdi 1 day ago 6 replies      
This is kind of convenient; it gives me one more excuse not to use facebook. A few days ago I got the usual notification email that somebody had sent me a message on FB. Clicking is a low barrier so I clicked, curiously. Then I instead got the "No, now you have to install Messenger app" screen. That was enough of a barrier that I said "oh forget it, who cares, anybody who knows me would know better than to send me an FB message anyway, if it matters they'll get in touch via a 'real' communications medium like email, text, or phone"

So sending me an FB message is now a black hole and I'm fine with that. FB's decision just pushed me and all other similar users (users that already are on the fringes of FB usage, using it only rarely) even further away.

I'm not sure if that's a bad thing or good thing for them, since honestly I don't know what FB could do alternately to win back people in my "barely use FB" demographic, and from comments here it does seem like people who actually use FB regularly did not share my reaction ("screw it then") and instead felt forced to install the app and move on with their lives.

jds375 1 day ago 10 replies      
So rather than fixing the problems that result in users messaging via the mobile web app instead of the messenger app, they're just going to "solve" the problem by forcing users to use the messenger app? This is why Facebook as a company doesn't have high levels of consumer trust. This will bite them in the future. Once you lose that level of trust it is extremely difficult to gain back.
rietta 1 day ago 6 replies      
I dislike this change. I specifically only access Facebook on my phone via the web app because (1) it saves significant battery and (2) I absolutely do not want the popup bubbles during the work day from church and other social groups I am connected to on Facebook. Ultimately, all this means is that I will stop accessing Facebook Messenger on my phone all together. I will communicate with the people who matter most over the Signal app or plain old SMS or email.
oneloop 1 day ago 16 replies      
It's really sad to me to see a bunch of intelligent people here being led like sheep by Facebook (no, this isn't a sheeple post, hear me out)

Virtually everyone here complains "Facebook does XYZ really bad but I still use them because all my friends are there".

I have a solution. Why don't you get all your friends off there? Pick a platform that you really like and start evangelising. The only reason why Facebook has as much power as it does is because of user lock-in, but that use lock-in is only strong because no one fights it actively.

Example. A while ago, WhatsApp didn't have a webapp. Telegram did. I prefer typing on my laptop instead of mobile if I can. Therefore, I started evangelising from WhatsApp to Telegram. Now all my friends are on Telegram. (They didn't leave WhatsApp, but now they use Telegram between them). (BTW, I kind of regret this now that WhatsApp has a webapp AND encryption by default, but that's another story).

So, stop complaining and do something about it.

wwweston 1 day ago 0 replies      
Just an FYI for any Facebook product geniuses who might be reading this thread:

If you're serious about this, you're going to also want to remove any non-FB contact information for users (email, phone number) that might be displayed, because I guarantee you that rather than installing Messenger that's what I'm going to use if you let me.

And really, if you're going to be so blatantly user hostile, it makes sense to really be thorough about it.

taurath 1 day ago 7 replies      
Eventually facebook will become so user hostile the network effect will mean that so many people are leaving it'll be like Digg and Myspace all over again. Can we go back to the time when companies tried to please users instead of advertisers?
yefim 1 day ago 3 replies      
Now it's going to be much harder to send messages from your friend's phone when your phone dies. Before you could use an incognito tab, and now you have to log out of the Messenger app entirely and log in as another user.
calsy 1 day ago 6 replies      
So much complaining. The web app version is crap, of course they want to move people over to the app. Why waste resources on an inferior web version when they can focus their attention on the very successful mobile app. Its just good business sense and seeing that 99.9999999999% of Facebook users already have Messenger installed, its a non issue.
prdonahue 1 day ago 3 replies      
Facebook's forced migration of their users from basic, functional chat is, in my opinion, more frustrating than any single decision they've made to date (perhaps second to platform risk materializing to those businesses built on top of them).

I once had a (protracted) debate with one of their earliest product designers who defended the decision unconditionally. His arguments weremore or less"it's better for the user". If instead it was simply "it's going to improve our bottom line" I'd not have given much of a second thought. It's just changes like this that they attempt to spin as positive to their users that drive me crazy.

ETA: found the convo from August 2014 and pasted below. Note this is when they first disabled within the app (and you could start the download to trick it into letting you continue).

> Me: Jared, i get that they want to encourage adoption of the standalone app -- probably for some business purpose, now that they're publicly traded -- but why cripple existing functionality just to obtain that goal? make it annoying so that you have to dismiss the "upgrade" comment .. fine. the only reason i can see is profit, which is fine/just own it, but people are masquerading this as a good product decision for users which i disagree with (obviously).

> Jared: A force is rarely a good product decision. That engenders distrust, and certainly they did not predict the frustration that would occur.

I whole heartedly believe the standalone application is better.

I believe Facebook took a calculated risk, but not a disingenuous one, and not one targeted at making money, one of the form of 'you won't know how to fly unless I push you out of the nest and then, woah, how much you'll thank me' and their convictions, which were backed by engagement data, were unable to actually test the event of "forcing the change". The reaons I belive they took the risk were to minimize ongoing development of a duplicative codebase and achieve engineering focus.

Now, with similar information to Facebook, I ask myself what would I do - would I recall the change with a more transitional approach (e.g. 60 days until install)? Or your friend sent you a sticker / selfie / audio file, to view use the new messenger app? It's a tough question and I pose it back to you, what would you do?

SimeVidas 1 day ago 3 replies      
This is hostile as fuck. Just clicking on the Messages icon on the mobile website launches Google Play Store.
mfkp 1 day ago 2 replies      
This announcement coming on the same day as the post about Facebook not using the microphone in the app seems strange to me.

I don't want any Facebook apps on my phone due to privacy and tracking reasons, and so I used the web view (with an app wrapper like Tinfoil with location disabled), now I won't be able to send messages any longer.

Guess I won't be using Messenger any longer.

curiousgal 1 day ago 1 reply      
I know every time a post about Facebook makes it to the front page here people say they don't use Facebook anymore but as a heavy Facebook user I am so fucking glad I blocked all Facebook domains last week. I feel liberated! This move would have quite ecked me but nope! Fuck you Facebook.
cypher543 1 day ago 2 replies      
> At the moment, you can just dismiss the notice and go about your business.

Hah, if only it were that easy. When viewing messages in Chrome for Android, I get redirected to Messenger on the Play Store when I close the overlay. Then the Play Store opens again when I tap on a conversation.

Screw you, Facebook.

exolymph 1 day ago 1 reply      
User-hostile moves like this fill me with deep, deep frustration.
daimyoyo 20 hours ago 0 replies      
I saw this change last night. I will never, EVER install FB Messenger because I don't want facebook to have access to my contact list. Period. This is the worst move the company has made since Beacon and I am at a loss for words to think of how they are justifying forcing people to use an app they clearly don't want to use.
lholden 1 day ago 2 replies      
I only use facebook over the browser when using my phone. The facebook applications request an appalling number of permissions... never mind the general intrusiveness and battery hogging.

Screw you Facebook.

Manishearth 1 day ago 2 replies      
Interestingly, it lets me use the mobile webapp messaging without asking me to do anything. Because the OS I'm on has no Messenger app, and it probably will never have one.

So if you spoof your UA string, it may stop bugging you and let you use messenger as usual.

alephu5 1 day ago 0 replies      
If fb can't support basic browser based text chat they have a major lack of talent. If it's costing them much to support they have serious financial problems.

I don't think that either is true so I guess they just want to sniff around my phone. Sorry fb, not today.

roymurdock 23 hours ago 0 replies      
I love how every HN thread about Facebook's scummy forced engagement tactics always turn into Fbook addiction-denail support groups.

Just drop Fbook guys - trust me, you'll be fine without it. If someone really wants to talk to you they'll get your email or phone number through a mutual friend/family member.

chamakits 1 day ago 0 replies      
Try Mbasic.facebook.com instead. I also use the browser for Facebook, and have now switched to mbasic instead. It's great.
marme 1 day ago 1 reply      
i refuse to install the mobile app because there is no way to stop people from calling you on messenger. There is no way to turn it off or have some kind of do not disturb. If someone wants to mess with you they can just keep calling you and your only choice is to block them and remove them from your friends list
spost 1 day ago 1 reply      
I mean, to be fair, the only thing I use Facebook for is Messenger, and the Messenger app is actually halfway decent. It caches user names and pictures a little too aggressively, and the new trend of "let's add a row of buttons to the text input box, doubling its size to reduce screen space for features that should be optional" is incredibly obnoxious, but overall it's a decent app. It's obviously not designed for the users, but it's better than the Hangouts app.

This isn't to say that removing the web functionality isn't a dick move and fairly user-hostile, but I don't really understand why so many people act like Messenger.app is an affront to god and man.

robbiep 1 day ago 0 replies      
This is awful. I refuse to have the Facebook app on my phone, and obviously refuse to have messenger too. The last thing I want is more of my xommunications and data owned by that company. Fortunately I can do perfectly well without reading my messages on the web browser. I hope this decision marks an inflexion point for the company
colordrops 1 day ago 2 replies      
Speaking of dark patterns, Google has completely broken Gmail and Google Docs/Drive in incognito mode in Android Chrome. It purposefully loses the cookie and will not function once you switch away to another app and then back to the browser. They are trying hard to force people into using the native apps, or at least staying logged in, for GMail/Inbox and Drive. It's really lame. Instead of being passive-aggressive, they could just put up a message saying that they don't support a specific usage. This is a well known "bug" that has been around in their bug tracker for a while.
Zpalmtree 1 day ago 1 reply      
I really hate using Facebook in general, and very rarely have to use it for group projects. I'm loathe to even load the website on my phone, so this is an awful update...
jeswin 1 day ago 0 replies      
As a heavy messenger user, my typical use-cases can entirely be fulfilled with a web-based messenger. However, FB doesn't let people open messenger.com from a mobile browser. And if you request the desktop site, it's virtually unusable on the tiny phone screen. It must have been really hard to make a responsive messenger UI.
bunkydoo 1 day ago 1 reply      
Well this means I'm done for good with Facebook. My disabled account will soon be deleted I guess, messenger is just packed with spyware :(
dec0dedab0de 1 day ago 0 replies      
I recently uninstalled both apps, and my phone seems to be running much smoother since. If someone needs me they can text. I think it's time to ween off facebook, and sell my stock.
the_duke 1 day ago 1 reply      
I very determinantly refuse to install both the regular FB app and the messenger, even though this is quite inconvenient as I often miss messages or event invites. But they require pretty much EVERY PERMISSION there is on Android, which is ridiciolous, and totally inacceptable to me.

So this change will make it even harder for me to access FB messaging. Buuh.

pmontra 1 day ago 0 replies      
I think it's their second attempt at this. I remember when they were opening dialogs to invite me use Messenger to reply to messages on a page I admin. I switched the browser to desktop user agent, which on a tablet is ok. Eventually they gave up. I'll do the same this time.
datapolitical 22 hours ago 0 replies      
It's incredibly difficult to do end to end encryption well in a mobile browser.

Facebook has hinted they are rolling that out and it will create all kinds of frustration for mobile web users.

padraic7a 1 day ago 0 replies      

Problem solver for Android. Available via fdroid.I use Tinfoil for Facebook and this compliments it nicely.

fma 1 day ago 0 replies      
I hate how when I go to a website it forces me to open it in the app. If I Google a restaurant, and Yelp comes up, opens up in Yelp app....same with Amazon. Seems like you can long press a link to open it in the browser...but it's a very poor user experience.

When I am running low on space on my phone, those apps the the first to get deleted Facebook and Messengae first, of course!. Facebook caches their data and at one point it was at 700mb...with no way to clear the data except for deleting the app and reinstalling.

pritambaral 23 hours ago 0 replies      
Behaviour like this is why we need efforts like purple-facebook[0]

I wish to be able to host purple-facebook on a server and throw a web UI in front of it. It won't be as complete as messenger, but at least basic chat will work without having to download a sneaky app.

0: https://github.com/dequis/purple-facebook

chrisdbaldwin 1 day ago 4 replies      
Why is anyone using Facebook for chat at all? (Real question)
wilwade 1 day ago 0 replies      
I don't use FB, but my wife does. She is quite unhappy about it. She doesn't want FB to have access to everything (yes, some poor folk like us are not on Android 6 and will not be for a while.).

The other issue is the size of the app. I realize that most people don't have this issue, but on the lower end phones adding another 36mb app means loosing another. And given history that 36mb app is likely to be 80 by the end of the year.

erikb 1 day ago 1 reply      
Yes, enforcing your users. That is how it works. (/sarcasm)

I was a very active facebook user for a long time and never imagined that I could stop using it, having so many of my relationships hosted in there. But honestly it all went so strange. 90% of the FB notifications are spam. The very good inapp chat was replaced by a worse extra app and now they enforce it everywhere. In the end I just deactivated notifications for all of that. Byebye, social network.

yason 1 day ago 0 replies      
You can just switch over to the desktop version of Facebook and the messaging will work as on a desktop browser. You can also use messenger.com by requesting the desktop version. It sucks but not as much as the intrusive messenger.

The trend is alarming though and just fortifies my perception of Facebook further. They're trying to make their cust..uh, I mean, products, behave the way they want instead of listening to what people want and how they want it. That's a classic bad move from any company. Since this is HN, wasn't success supposed to have a high correlation with "Make something people want" ?

Facebook's leverage is mostly based on their user base. As soon as there's at least one commonly used social network where I can find most of my friends, bye bye Facebook. That is a ridiculously hard problem to solve and Facebook know that. At the same time they're just using more and more of that leverage by trying to force things down on people's throats instead of adding to the pile of reasons why people would want to use Facebook. This makes it imperative that once something else, something even moderately bearable that is not Facebook, becomes available then people will be fleeing in masses.

jmspring 1 day ago 1 reply      
Well, this will mean even less fb interaction for me.

FB iOS apps were resource pigs and data whores. Neither installed.

Maybe I'll just vnc in to a browser on the home machine when I need to message.

Otherwise, iMessage it is.

zatkin 23 hours ago 0 replies      
I have the Messenger app. When I first installed it, it asked me to do the following:

- Enable Notifications

- Enable access to my Contacts

- Add my phone number to my FB account

I respectfully refused to allow any of this. Every time that I opened the Messenger app, I got a pop-up asking me to enable Notifications. I enabled notifications, then went into my iOS settings and disabled them. This stopped the pop-ups, but now I see a red warning symbol on my Messenger "Me" icon in the lower right which wants me to enable Notifications once and for all. I also see another red icon on the People icon which says that I need to sync my contacts.

I'm disappointed in the direction that Facebook is turning the Messenger app towards. They seem to be desperate for these three options to be enabled.

dump121 1 day ago 0 replies      
Its funny how every post about FB on HN, brings out users claiming not to use FB and so now they have so much free time now, which they can use to discuss FB :D
ptaipale 20 hours ago 0 replies      
I dislike this change, but fortunately - at least so far - it is possible to use Chrome on an Android phone and request the desktop version of any site, and Facebook desktop version still allows using the messaging function in browser.

I'm not going to install Facebook messenger, it east battery and reports my location when I don't want it to. So if they kludge the desktop site so that it doesn't work on Android Chrome, I'll just not use Facebook messaging. Facebook should at least add an auto-reply function to tell anyone who tries to message me that "please send email to xxx instead".

Zelmor 1 day ago 0 replies      
Mark my words, pop-up advertisement will be served via chat-bots in a year. Hence the push to an application that has a pop-up feature like those head-bubble things.

I've been using Tinfoil for Facebook for a good while now, since my old phone is just incapable of handling their applications. I guess it's time to just delete my profile for good.

nowaq 1 day ago 0 replies      
Did they notice people are uninstalling FB app? :) It's a bit scary to see how they grab vast amounts of our attention. I've heard they aim to make the Messenger a "business" communication app that replaces email. I sincerely hope they will not succeed.
JoshMnem 1 day ago 1 reply      
Simple solution: don't chat on Facebook. Reply via the web interface and tell the other person to send you an email, SMS, or Google Hangouts message.
iokanuon 1 day ago 1 reply      
That's not true. You still can access the conversations from a browser on Android.

- press the chat icon

- wait for Google Play to open

- switch back to your browser

- press the "X" on the "Your conversations are moved to Messanger" dialog

- select the person you want to chat with

- wait for Google Play to open again

- switch back to your browser

Proof that it works: http://i.imgur.com/29BoF8V.png

bfrog 1 day ago 0 replies      
Uh, I pretty much hate the facebook app these days because they're always trying to cram their overly zealous messenger app down my proverbial throught. No facebook, I don't want a bazillion notifications and another massive app on my tiny phone.
cm2187 1 day ago 2 replies      
I am not a mobile app junkie, and I count the number of messaging apps on my mobile: imessage, whatsapp, kik. That's already 3, ie two too many. Then I would need to add facebook, telegram, google's latest thing, skype? I mean why not a different messaging app for each contact? Why does facebook thinks I need more messaging apps?
pfista 1 day ago 1 reply      
I'm surprised at all the hate coming from everyone. Then again I already use messenger.com never used the mobile web app for chat.
brianberns 1 day ago 1 reply      
Facebook's "Paper" app has a better UI than the official client, and it still has messaging directly integrated.
andmed3 5 hours ago 0 replies      
If only there was a way to disable fb messages altogether, otherwise people who will be sending me messages there, will be distracted, and I will be the one to blame...
goblin89 1 day ago 0 replies      
Thatd be the end to staying in touch through mobile FB in w3m on an EC2 instance SSHd into from China.

(Not that its that convenient Gotta say though, impressed with both FB being able to work in w3m, and with w3m being able to handle FB.)

em3rgent0rdr 17 hours ago 0 replies      
FaceSlim has figured out a way to bypass this restriction:


bane 13 hours ago 0 replies      
What is it with companies? Why force these unnecessary transitions. What kind of possible revenue stream will the dedicated Messenger app provide that just using the messenger on the web app not provide?
cs702 1 day ago 2 replies      
Free market ideologues would have you believe that companies have only incentives to improve their products and services, giving customers what they want, so the company can earn more. Competition will ensure this happens, right?

Not in this case. Here we have a company that has incentives to cripple its product and services, taking away from many customers features they clearly use and want, and giving them something else they clearly don't want, so the company can earn more.

Jaruzel 21 hours ago 0 replies      
I have a blackberry (BB10 based Q5) as my personal phone. The reasons for this are manyfold, and I migrated from Android. I love my Q5 it does everything I need really well... except for FB and Messenger - there's no native apps. So I am now in the situation of trying to convert my friends to something else for chat, or change my phone.

It will probably be the latter.

(Written via my Blackberry)

stared 1 day ago 1 reply      
And I couldn't be happier. I discovered Messenger as "FB chat without all the distractions" (and much snappier); and seeing that it gets prioritized (instead of being an alternative way) is, for me, a good thing.
geggam 22 hours ago 0 replies      
Facebook has peaked... its downhill from here... annoying the users so they find something else small group by small group
mkhpalm 23 hours ago 0 replies      
Didn't they already do this long ago? I thought it was a few years ago that they made me install messenger to use messages. That thing was a little too... cowboy... with all those bubbles splattering all over my screen. I uninstalled Facebook Messenger to save my sanity and haven't conversed via messages for years.
f_allwein 1 day ago 1 reply      
You can also use Trillian for FB messages instead of installing the FB app. https://www.trillian.im
exabrial 1 day ago 0 replies      
I don't want their battery sucking apps on my phone. Occasionally I'd like to see messages people send me. Really really really stupid.
Karlozkiller 1 day ago 0 replies      
I found this app meant to fight this block by facebook.https://github.com/gsurrel/MessengerBypasser/blob/HEAD/READM...

I tried it with tinfoil for facebook and it seems to work well.

It also states that what crashes the tinfoil-app is a call to launch Messenger.

joshschreuder 1 day ago 1 reply      
Are they getting rid of messenger.com too?
foobarbecue 1 day ago 0 replies      
I've heard that the reason there are so many "varieties" of products in grocery stores (think varieties of Colgate toothpaste) is that the manufacturers are trying to maximize the shelf space their products take up.

Are Google and Facebook doing the same thing with home screens? Is that why they're smashing their big apps into little ones?

tdkl 1 day ago 0 replies      
So after this and screwing with Instagram (removed API access to timeline 3rd party apps used and enabled global curated timeline only) I wonder what will they ruin with WhatsApp.
vinceve 1 day ago 1 reply      
The reason I use the web interface and not the app are following:

- you can't disable notifications- you can't secure your app (aka Pin protection or a password)- huge battery drain as it is constantly connected to the internet.

The web app is easy. You log in and you check your messages. An alternative for android that I have found for Android is called fast Facebook. It shows a web view of the chat and ignores the market:// redirects. Which is already better.

hobarrera 17 hours ago 0 replies      
This seems to be the behavior last time I used the app (about 3-4 months ago).

Honestly, I just use Messenger without Facebok, since the IM part is the only thing I'd need on the road.

rufius 1 day ago 0 replies      
Honestly... That's the only part of FB I use. For a while now I've had only the Messenger app installed and just a FB shortcut to the webpage on my iPhone.

I only check FB about once a week and use Messenger daily with friends that live or travel internationally.

stolsvik 21 hours ago 0 replies      
Why do they want two apps? I have never used messaging in FB after they started forcing me over to Messenger in a nasty way (I read the messages on the Web platform when I happen to log in there, which is seldom).
Digit-Al 1 day ago 0 replies      
I had to uninstall the Facebook Android app and the Messenger app a while ago. After an update, just having the apps on my phone was causing it to keep stuttering. And if I actually opened the Facebook app my phone would completely lock up requiring a reboot.
cft 1 day ago 0 replies      
This is a nod probably towards the trend that Facebook itself is dying. What is left is Messenger, WhatsApp and Instagram.
marxidad 20 hours ago 0 replies      
I can't install Messenger on my MotoG3. It slows it the eff down to a crawl and drains the battery, even when I'm not using it.
Globz 1 day ago 0 replies      
Might because of this new "Deep learning text" ? I know this will be mainly integrated into Messenger.
peteretep 1 day ago 2 replies      
Help me understand - why is this so bad?
XJOKOLAT 1 day ago 0 replies      
I don't want notifications. I don't use FB to chat.

I'm totally happy with the web FB.

And, maybe I'm wrong, but it appears like the FB app using a crap-tonne of data in comparison with web.

Side benefit: FB app not following me around like a stalker.

DoubleMalt 1 day ago 0 replies      
Which means I will actively start steering my conversation partners to matrix.org and vector.im
allthetime 1 day ago 1 reply      
This is kind of a non issue... You can just use messenger.com, no need to download an app. I'm probably biased though because messaging is the only thing I really use Facebook for, and event tracking.
edem 1 day ago 0 replies      
Yet they killed the FB messenger for PC. Makes no sense. Now if I'm at my PC I need to log in to their website to chat since I only use this feature of FB.
ohthehugemanate 1 day ago 1 reply      
so... will it still work on facebook lite? For those of us who avoid the official apps for battery/data consumption, FB Lite is an available middle ground...
andrewmwatson 1 day ago 0 replies      
they did this before and rolled it back, if i'm remembering things correctly.
shostack 1 day ago 0 replies      
Anyone have a more informed opinion on whether this is in some way due to their efforts with bots?

I'm guessing a native app enables a lot more on that front in some regard than web, or perhaps provides a moat.

pbiggar 1 day ago 1 reply      
So glad they're doing this. FB messenger is just about my favourite messenger - it beats the pants off iMessage and isn't as annoying as WhatsApp (the UX around starting a conversation with a new person in whatsapp is super shit).

It was really annoying that there's some holdouts where voice chat doesn't work (has anyone noticed how much better the quality of voice chat over FB messenger or iMessage is, vs phone calls). Or where they didn't get my messages because they didn't have notificartions set up for FB messenger.

Glad they're fixing this (and I might be the only person on HN who is :))

Tepix 1 day ago 0 replies      
I refuse to be pressured into installing Messenger. I will tell my Facebook contacts not to use Facebook messaging.
MarkMc 1 day ago 0 replies      
And yesterday Pinterest forced me to install their app just to view a picture.

Native apps are really becoming dominant over mobile web apps.

partycoder 1 day ago 1 reply      
People follow the path of least resistance and that path will not be Messenger, but something else, like Google hangouts.
areyoucrazy 1 day ago 5 replies      
I have stopped using Facebook (Twitter and everything social) half a decade ago. I don't use messaging apps and turn on my phone only when I really need to.

Result: more free time to do interesting and productive things and people aren't bothering me as much. I have taken control of my life and I'm not being pushed around to do things based on notifications or desire for artificial status(likes, retweet, stars). Stop using these services that sell your privacy, control your communication, make hostile changes and in the end do not care about you.

Pxtl 20 hours ago 0 replies      
Yuck. I guess I can't be reached by fb messenger, then.
Brian_K_White 1 day ago 1 reply      
"Your conversations are moving to Messenger"

No problem. It's not there's conversations with dead people in there or anything.

Fej 1 day ago 0 replies      
Messenger recently started killing my battery life so I uninstalled it.
Geee 1 day ago 0 replies      
It seems that the actual problem is Android with their permission system.
orian 1 day ago 0 replies      
Oh, so it wasn't only me ~2months ago. I guess I ended up in an experiment ;-)
kevando 1 day ago 0 replies      
"Company makes product and decides how users should use it."
intrasight 23 hours ago 1 reply      
Previous long-time Facebook user here, but forgive my ignorance - what is Messenger? An instant message app I assume? How does this differ/improve upon the instant messaging built into every phone?
georgemcbay 1 day ago 0 replies      
I'm not going to claim that my experiences here are the norm because I doubt they are, but the primary impact of Facebook previously splitting Messenger off into a separate app (from the native mobile app) in the circle of people I communicate with on Facebook is that we all (organically, without ever really discussing it) just switched back to using olde timey SMS/MMS for things that would have been Facebook messages.

Not at all a spiteful/angry decision, just more of a "well, if I have to go out to another app to do this shit, I might as well just use this thing that works with all my friends including the increasing number of them that don't ever login to Facebook anymore".

skykooler 1 day ago 0 replies      
Brilliant. So much for being able to use Facebook on a non-Android device.
beedogs 1 day ago 0 replies      
I guess people will just have a hard time getting a response out of me if they try and contact me via Facebook message. The Messenger app will never touch my phone.
BuckRogers 1 day ago 1 reply      
I have a FB account but rarely login to it. I've never installed the app on my iPhone because I don't want notifications and generally find FB distasteful.

If there was a higher class crowd on FB I would probably use it more but for me it ended up being a bunch of people from my hometown / high school who are angry, usually at other ethnic groups and don't seem wildly successful in their own right.

If I do want to login, I just wait until I'm at a computer. The standalone Messenger app is horrible for permissions and should be avoided at all costs. If you can muster the strength to delete FB, even better. I'm able to very easily not feel tempted to login to that cesspool so I haven't needed to delete mine.

Animats 1 day ago 0 replies      
What was the alternative before Messenger? SMS?
Nitish_shah 1 day ago 0 replies      
fb account deleted.. just now
j45 23 hours ago 0 replies      
I've been hit with this and rather than give in to Facebook wanting me to install their messenger, will be looking into a third party app like Trillian, etc to do my chats.
pasbesoin 1 day ago 0 replies      
The Facebook community is, by and large, a positive for the world.

The Facebook platform is one giant, dark pattern.

Here's hoping the community wins.

Why we need to continue fostering alternatives. Diversity and competition, to keep things a little more honest.

shrugger 1 day ago 0 replies      
Whoa, who would've thought that a multi-billion dollar company would ever make a decision in order to promote newer versions of their own software?!?! /s

The whole point of Messenger is to consolidate messaging infrastructure. Being able to glean customer interests from that is just a bonus. Mobile web app is horrendous, and they know it, this is the solution.

I agree that Facebook lacks that trust with people, but they have every right to try and make their platform better and more efficient, and don't necessarily deserve the knee-jerk "they're up to something!" like this.

bricss 1 day ago 0 replies      
Screw you FB!
ben_jones 1 day ago 0 replies      
- Spend $18bn to acquire Whatsapp's current and future users

- Force people to download Facebook Messenger

- ???

- Profit?!

31 years later, we found the flight recorders operationthonapa.com
204 points by bond  1 day ago   77 comments top 8
trhway 20 hours ago 1 reply      
what seems to be the main cargo of the plane - illegally trafficked (by the airline itself) caiman skins:


"Pieces of snake/alligator/crocodile skins are scattered all over the mountain. In picking up a plane part for a closer look, often there would be crocodile hide on or near the part. They are in such abundance that we actually became quite sick of them as we combed the field for the black box.


While we dont think this is the sole reason for the bungling of the investigation immediately following the crash (10 months before an expedition was mounted!), these illegal animal skins are part of a larger pattern of smuggling illegal goods on Eastern Airlines commercial flights. Someone in the organization was making money on these sketchy practices. If some of this money found its way to the right pockets, it would been easy to delay the appropriate investigational response until many feet of snow/ice covered the crash site."

WalterBright 15 hours ago 0 replies      
> Boeing green

That's BMS 10-11 Type 2 primer. It's a very good corrosion resistant zinc chromate paint.

raverbashing 1 day ago 1 reply      
What's on the last picture is mostly casing. They seem to have found a magnetic roll that hopefully contains data, but there's some risk they found nothing
anonova 23 hours ago 0 replies      
For those interested, Bill Hammack (Engineer Guy) pulled apart a 1970s-era flight recorder in an old video.[1] The one in video, though, gets etched to a roll of tin rather than recorded to a magnetic tape.

[1]: https://www.youtube.com/watch?v=xlY5W7be5jU

derFunk 19 hours ago 0 replies      
If I entered the coordinates correctly, this is the location on Google Maps:1640'08.5"S 6746'26.8"W


1 day ago 1 day ago 1 reply      
There just isn't adequate satellite internet worldwide to trust that system just yet. Airplanes don't even broadcast their coordinates to satellites in many airlines, despite existing networks likely (ie Iridium) being able to handle the small increase in data (if they kept the packets small - just flight number/lat/lon - and let the satellites figure out where to send and what time the packets come, the total size from all flights worldwide every hour could still remain under 200mb)
jessaustin 1 day ago 9 replies      
Will Wikipedia ever get responsive?

[EDIT:] In other words, Wikipedia seems to be the last vestige of the dumb old "separate web for mobile" mindset of ideas like WML. Media queries are just better, and would prevent this inane "that link sucks for half of us; here's one that sucks for the other half" crap.

       cached 5 June 2016 16:02:01 GMT