I do believe however that some experience is needed to understand what is possible and best benefit from existing tools or to be able to communicate with machine learning engineers about your needs.
While it is true that for most people will not need to be able to whiteboard a binary tree inversion in their day to day, it seems like they expect their engineers to be able to throw themselves at any problem they're given and require them to be able to pivot in skillset quickly, and have an appreciation of all the developments going on around them so they can apply anything novel ideas developed internally to what they are currently working on.
In those cases, hiring based on sound knowledge of CS fundamentals seems like a good bet...
60k engineers is a pretty terrifying number though.
"kitten bathroom 2013"
And there was a picture of the cat sitting in the tub on a blanket. Simply amazing.
AI is google's leverage. It should explore on that path.
After Google Now, DeepDream and all the self driving car hype, reading about that workshop being the start of the big transformation seems strange.
Sigh. Another instance of pop science getting most everything wrong (and I haven't even bothered to write anything about the technical content in the article).
As @sixQuarks has already written, finding the minimal amount of genes when there are 175 unknown ones and you don't know anything about their dependencies and relationships seems to be pretty much impossible.
> In fact, theres no single set of genes that all living things need in order to exist. ... They found that not a single gene is shared across all of life.
That's the most interesting point to me, I deeply believed that organisms share the same basic set of genes.
When you're talking about 175 unknown genes, the combination of all of these is a huge number. It's like finding a needle in a haystack the size of the solar system.
I don't think this brute force approach is going to work, we need a different way to figure this out, but I'm confident that once figured out, it will seem simple looking back on it.
Genes are not independent functional modules. Their placement and arrangement on the genome matters. Did they only mess with coding features (genes)? Or did they also mess with other genomic features? Or do such things just not matter with bacteria?
If you take someone's 4000-5000 line program and whittle it down to 473 lines which are still somehow useful, "newly created" doesn't apply in full honesty, let alone if you don't know what a third of those lines do.
This is just excellent science. It seems like it should be very easy to get these unknown genes to reveal their function now. Very exciting times.
Also what are the raw/compressed sizes for a human genome?
I have wondered this for a long time but never seem to find a concrete answer.
edit: appears to be the full article (scroll down past summary)
I found about the book from HN, and have since bought every single other book by him, almost done with Life Ascending now, which is also amazing
It is the activation key God puts on each living being... Ain't gonna work without it. =P
Thinking if it like:Just remove files from the OS until it wont start :)
About Sci-Hub: https://en.wikipedia.org/wiki/Sci-Hub
> Tor: 152k
> Tails (secure-by-default live operating system): 77k
> Caddy (HTTP/2 web server that uses HTTPS automatically and by default via Lets Encrypt): 50k
> Mio (asynchronous I/O library written in Rust): 30k
> DNSSEC/DANE Chain Stapling (standardizing and implementing a new TLS extension): 25k
> Godot Engine: (high-performance multi-platform game engine which can deploy to HTML5): 20k
> PeARS (lightweight, distributed web search engine): 15,5k
> NVDA (open source screen reader): 15k
I agree with the highlight given the open source screen reader. Accessibility is very important and unfortunately very neglected, mostly because (IMO) the tools to properly test can be very expensive or incompatible.
Unlike than in the previous one:
> Buildbot: $15,000. Their award will be used to remove the term slave from all documentation, APIs and tests, and also to make improvements so Buildbot works better in the Amazon EC2 cloud.
Of the millions (yes millions) of dollars they've received, little seems to have gone toward Firefox development.
Mozilla received over $121 million in 2010 from corporate sponsors. This is the same Mozilla that placed ADS in their new tab views. Really, they placed Paid Ads on the new tab screen. What were those for again?
I do understand that Mozilla's mission is to improve the web. Donating to these causes certainly helps with that. But I'm still troubled that they put ads (with aggregate user tracking) into their core product.
That being said, I still wonder whats behind it. Whether its so artists and proffessionals view microsoft as a standard, so that more servers run on chakra) or an attempt to gain control of market share so they can also be a part of the info selling market. Regardless, Im happy they are on board
Edit: looks like the pr ran into some opposition but im not sure what the final status is, ill have to read it again later when im not on mobile. https://github.com/nodejs/node/pull/4765
So I wonder if we have yet to find there niche environment
A somewhat related and interesting read: http://www.physicscentral.com/buzz/blog/index.cfm?postid=792...
On a related note, someone posted a question to r/newzealand if it was true that having a vegetable garden is illegal in NZ. The entire subreddit then spontaneously decided that indeed it was.
The deadpan was so well done, that it had lots of people actually confused, if not convinced!
r/OutOfTheLoop post "outing" the hoax: https://www.reddit.com/r/OutOfTheLoop/comments/4ovxb1/is_the...
I love the the logic here. As though "Lenin was a bottle nose dolphin" would have been more plausible. Also did the Soviets have the same taxonomy as the west, meaning mushrooms would be fungi and not plants?
I was in high school when one of the "moon landings were a hoax" documentaries made the rounds. A significant portion of my class was instantly converted by the documentary. I lost a little of my faith in humanity at that time, though much of it was quickly recovered thanks to an excellent math teacher who paid attention to his students, found out about the phenomenon, and dedicated half of a class to thoroughly debunking it.
I had to see this for myself.
Video, part1: https://www.youtube.com/watch?v=h2cs8QLnxlU
Video, part2: https://www.youtube.com/watch?v=ExXDxpBFFR0
The "revelation" occurs at 2m36s: https://youtu.be/ExXDxpBFFR0?t=156
Thanks, in part, to an unusual lull in population numbers of the notorious Spaghetti Weevil.
People had no clue that a TV can lie about "X happened" (rather than "X didn't happen"), what else you can do with money besides earn, buy and sell, and so on.
It was such a rich scam market.
"The last two weeks of March are an anxious time for the spaghetti farmer..."
Now people not just was given a freedom to think. Now it is a must. To think and to have OWN opinion.
And quite possibly one of the greatest artists of 90s Russia.
For example, things people believe about the EU will affect their vote on Brexit tomorrow. Here's an egregious example of a widely circulated totally false myth:
Is in Russian but has English subtitles
But now I've got the idea of trying to write lyrics for "Lenin Was A Mushroom" (to the tune of Jeremiah Was A Bullfrog) stuck in my head, but I can't because I have too much work to do today.
A Parasite from Outer Space:: How Sergei Kurekhin Proved That Lenin Was a MushroomAlexei YurchakSlavic ReviewVol. 70, No. 2 (SUMMER 2011), pp. 307-333
Many times survival in society vastly depends on believing absurdity because cost to sticking to obvious truth could mean death. That is why women in Saudi Arabia were Hijab and take beating from husband even though for any sensible human being it should sound ridiculously stupid.
Americans are no different either. One has to only look at the irrational fear of guns, terrorists or Muslims that schools or media promotes on regular basis and sometimes well supported by laws too.
To give an example, one of my friends bought a simple bow and arrow to his kids who practiced in a safe environment of his backyard. The bow itself was not very powerful and the arrows did not have any harmful tips. So one day cops showed up on his door and claimed that the neighbor had complained.
The cops told the guy that a "Bow and arrow" is considered a "Gun" in California. A gun can be fired only in a range as per the law and what his kids just did was "discharging a firearm in an harmful manner". This is a felony that required them to arrest the father and send him to jail. What father had done was completely common sense thing. The law was absurd. The cops were gracious to let him go but later the father told me that if tomorrow anyone tells him that it is a felony to make barbecue in your backyard without FDA approval I might as well believe it.
Here's the 55min version I've found - I think it's the longest one available on youtube.
Random phrases that I just had to translate to illustrate the whole tone of the video:
"Do you know that Quran allows jews to eat mushrooms only one day a week - on saturday?"
"So you would think that this is an ordinary small mushroom... Although really, it is a huge, spherical, energy-intensive, cosmological matter, spreading it's dome into open astral space. -- So where does it grow? -- Excellent question. The thing is, it grows nowhere. I reaches out and finds a human - see, it's mushrooms who are picking humans, not humans picking mushrooms."
"We are looking at a mushroom culture - not really a culture, but a geodynamic, geopolitic sphere of the mushroom world - as a certain telescopic object"
"A great group of mushroom geneticists work in the Nuclear Physics Institute."
"So, it's been said that mushrooms look like flaccid phalluses, so I thought that they carry within them a manly spirit - or corrupted manly spirit, actually, since they're flaccid."
Napoleon's a pastry Bismarck is a herring Alexander's a crme de cacao mixed with rum And Herbie Hoover is a vacuum Columbus is a circle and a day off Pershing is a square, what a pay-off Julius Caesar is just a salad on a shelf So, little brother, get wise to yourself Life's a bowl and it's full of cherry pits Play it big and it throws you for a loop That's the way with fate, comes today, we're great Comes tomorrow, we're tomato soup
I'm general, supercars are vastly overpriced for what you get. You can easily crush most for a fraction of the price with a dedicated track car. But simultaneously, no supercars are remotely practical on the road, and in fact are not even fun to drive on the street because of speed limits.
Some supercars have been a good investment, such as the Mclaren F1, but the majority depreciate immediately.
I don't really see the point.
The truth is there's plenty of us in the middle still. My two person iOS dev studio has pulled in 6 figures a year for the past 4 years. The problem is not that there's no middle ground, it's that the everyone used to get guaranteed downloads, and with the removal of new releases and the never ending flood of apps, 90% of apps will get just about zero downloads after launch nowadays.
But there's still plenty of room for small studios like us who know their target audience and what works on the app store to make a sustainable business. So I'd say top 0.1% for the insane successes that can support hundreds of employees, but for a small studio, just getting in the top 5% can work.
If you're curious about numbers, check thinkgaming.com, to see that the top 200 grossing game is still pulling ~$10K a day on iPhone in the US alone. When you add all countries, tablets, and Android devices, you start to see you don't need a top 10 or even top 100 grossing app to make some serious cash.
So while it has gotten a lot tougher in the app store and it's increasingly difficult for newcomers with no experience to hit it big, there's still very much a thriving middle ground between the insane successes and the utter failures. I suspect that it's not well known is due to the fact that those in similar positions to us don't want to dish out the valuable knowledge they've acquired through years of experience that could only increase the competition.
The reason I could be a Mac Developer was the small pond; There wasn't a LOT of work, but there was enough for good people, and it paid well. On balance I /never/ developed anything for windows, because of the 'tree vs forest' problem : Even if you are REALLY fantastically good, there are so many people on the market that you can't possibly stand out.
And that's why I never even wrote a single iOS app, even tho i was a wiz at ObjC and OSX (Imagine a Classic MacOS dev thrown together with a UNIX wiz, and that's me); it was guaranteed to bring in the 'forest' to OSX as well, and make any 'edge' more or less pointless.
Also, from what I've seen, if anyone comes out with a nice app/game, there's a dozen or more group of people who will throw their dev team at copying it immediately, diluting any hope of revenue. It's these guys business model after all, you just can't win, and it's not like you can defend your IP anyway.
So, 2016, I wonder what took people so long to realize it was all doomed but for a tiny fraction of apps.
I used to buy a lot of games as well, but often I was just in the mood to look for some neat applications. If I could somehow filter out all games and just browse apps across all categories, I might still browse the AppStore regularly and still buy apps (including games, when I'm in the mood for that). The end result now is that they've lost a customer who used to buy new apps every week.
The Apple App store in its current iteration is just mentally exhausting. Everytime I open it up I'm presented with a new grid of app icons and no context to why I should care.
To further detriment, Apple has trained the market to stay away from 3rd party curation of iOS apps in any kind of useful way. So we're left only with a gateway of lists. That's nice, but not worth my time.
Correct me if I'm wrong, but ultimately an indie game has limited replay value because they're just so small in scope, but they're usually a lot of fun. So a one time upfront payment to enjoy for a few weeks is a great business strategy I think.
Edit: Not to sound like I'm bashing Apple here, as I don't think the Google Play store does it any better.
I guess the market will eventually sort it out, but when? 2030?
Just to add another data point, we're small indie (games) developer, we spent over a year on our first title with very little marketing budget and these are our sales figures from our launch: http://www.gamasutra.com/blogs/YacineSalmi/20160519/273030/E...
In short, decent sales but not enough to recoup our costs. Still, we never expected that we would hit gold on the first try. I think to be as sustainable on iOS you either have a successful niche product or a collection of product, with each release building a further revenue stream.
The industry grew a lot - surely driven by the most successful titles, but also for the longer tail of developers. More of the total revenue and earnings are captured by the top 100 publishers -- but still, even compared to 2012 or 2013, the 10000th biggest app is earning more due to the opening of all the new territories.
The game earning model moved from a hits based model, where you launch with lots of hype and reviews and generate a lot of earnings in the initial months to a model where long playing loyal players stick with the game over many months & years and monetize via longer term in app purchases. It's not possible to bring back 2010. We need to be ok with that and learn to engage users over longer timelines.
Delete app to unsubscribe
Remove 0.99 one time pricing
$5.00 minimum one time download price
" the first non-iOS game I did after spending two years on iOS, released on a Sony handheld that many describe as being obscure, generated literally thousands of times more income for us than two years and ten games on iOS with its potential billions of users."
What was the platform? I wonder if there is a strategy to be carved out making games for Windows 10, Linux mobile, etc.
Link to the Google cache: http://webcache.googleusercontent.com/search?q=cache:-8QtKz9...
The App Store will keep growing but it won't be good if half the apps are abandoned.
If you connect tastes to groups of people rather than to preferences in the characteristics of something, it follows that taste will have trends (as people have generations), that will tastes differ from one city to another, etc., which is what we observe.
When I grew up in Germany in the 80s, there was a real sense that nuclear war could start any time. Unfortunately, we haven't used the short widow of opportunity after the cold war to get rid of all nuclear weapons. Now I wonder what, if anything, can happen to convince us as a species to get rid of them.
Personally I like small x-height and high-contrast strokes, so I find the article very readable. But I think fonts with these features require higher-DPI displays. Consider Computer Modern, which is beautiful on paper but unreadable at low resolution.
I wonder if the studies mentioned in the article took this into account. Were they testing readability on low-res screens, paper, or what? Would you get different results if you changed the medium?
One watches WWDC and Build game related talks, they talk about how to make games on their platforms. One watches Google IO and it is all about Play Store and Firebase integration.
> The line in the sand for me is: network vs cloud-based systems. I want things to be network connected, but I want it for my own network only. I want to be able to control my coffee pot, but only from home. If I choose to expose this over the internet, great! It's up to me to make sure it's secure. I don't want anyone making that decision for me.
I also want it to be upgradeable, and hackable. I'm willing to pay a lot of money for standalone quality devices, but nobody is supplying!
Has the GPL really lost it's power that much? I mean not responding to inquiries is one thing, but outright saying no?
Madness. And people wonder why there's so much skepticism about IoT being adopted by non-techies.
Turn on lights with a phone? No need for Internet.
Open doors with a fingerprint? No need for Internet.
An auto-adjusting energy-saving thermostat? No need for Internet.
A fridge that knows the milk is low? No need for Internet.
Charge people money to use their toaster? You need the Internet for that.
Overall: the hardware seems fine, the software is shoddy and the security is terrible
This article begins and ends with two great tl;dr for IoT. There is value in this. Just look at the prevailing cluelessness, and be much better than that to stand out from the pack. In fact, how about applying that formula to the next nascent big thing that comes along?
> Right now, the cloud - especially for IoT - isn't a healthy ecosystem. Your shiny new smart thermostat might as well be dialing into AOL on a dedicated landline. And unlike public services, these proprietary service providers lack long-term guarantees of service availability.
> What we need is a push for openness and interoperability in the cloud, and that will only happen if consumers demand it. The service providers are incentivized to do just the opposite.
I'm not expert in the area, but I would imagine a standard API could be implemented to handle the vast majority of use cases. Connecting to an app securely, turning things on and off, basic scheduling.
The Hue lights are great but expensive. The Hue switch made things a lot more useful as well. I'm waiting for them to come out with a compatible light switch so I can control my recessed lights the same way as my light bulbs.
What they need to work on is a better outdoor camera with motion detection that doesn't get triggered by shadows or wind moving a tree branch. I've tried almost every solution and none is acceptable.
Seriously why have NO companies come forward with products like this. I'd buy a house worth if someone did.
1) Full firmware source code and required toolchains/sign keys/... be submitted to the national libraries, to be kept for secure archival until the device is officially unsupported by the manufacturer.
2) For networked products, the full source code must be either published, or licensed institutes must perform a security check.
3) There must be provisions in place to ensure timely reactions in case of security issues. If the manufacturer does not respond to security issues, national libraries have the right to release the source code.
4) Required tools, service manuals, datasheets etc. must be submitted to the national libraries.
This should basically kill off GPL-abusing companies, as well as ensure serviceability, even for discarded products.
Is he the author of one of the libraries it uses?
The US state of Wyoming produces more than 200,000 barrels per day. 
The US as a whole produces more than 7,400,000 barrels per day. 
 http://www.indexmundi.com/energy.aspx?country=de&product=oil... https://www.eia.gov/dnav/pet/hist/LeafHandler.ashx?n=PET&s=M... http://www.indexmundi.com/energy.aspx?country=us&product=oil...
You will always need crude oil, not for burning, but for the synthetics, plastics, and materials of the future in our electric cars. Fracking in the USA has allowed us to use our own ethically sourced resources, rather than fueling wars in the middle east.
The only reason we see so many bad cases of fracking effects like earthquakes and so on is because the states that allow fracking also don't bother to regulate it. So it's just a matter of extra cost and engineering, which can decrease that relative cost over time.
Besides, if anyone can engineer themselves out of a problem, it's the Germans.
It is a compromise, not a ban. Certain tests will be allowed, until those are concluded there will be a moratorium (halt) on full-scale commercial fracking.
What's with the BS being reported about Germany lately? First the misreporting on the electric vehicles, now this.
From the awesome drone videos detailing exactly what I'm looking at, to the great writing and the animations throughout; this was awesome!
For a megaproject, 2x overrun is downright wonderful.
The concrete in the original locks is a century old and showing no problems. That's a major achievement in general, and in an application where concrete is exposed to salt water, very impressive. Check out almost any seawall or pier that's more than a few decades old.
Sad. When this project was first announced, the Panama Canal Authority insisted they were going to get the concrete right. They didn't.
Boy do I love arbitrary deadlines!
I mean, ain't the ocean floor the inviting highway? with minor to none obstacles? Design multiple tubes inside each other (to compensate high pressure) and suspend it at 100m deep water level with computer-regulated height and start rolling cargo by using pressure pushing it from one end to the other.
(I'm aware its bit more complicated than that, but you get the idea!)
And surprisingly, it can actually be cheaper to send scrap to China than a US smelter because of the imbalance of trade. The ships would be mostly empty on the return tip if not for scrap materials being sent back. Circle of life.
At first, I was shocked that Americans can throw away 1 year old and even half year old goods in the dumpster. In 2.5, years time I managed to make enought money of my commission selling refurbished cellphones to Russia through Alibaba to move to Canada and enrol into college.
But electronics manufacturers in general seem to be opposed to this idea, preferring that people dispose of products after a few years and buy something new, and often taking measures to actively discourage people from fixing their devices. Not only is this anti-consumer, it further promotes e-waste.
A lot has changed even in the ~3 months since the work in this post occurred, so it's not reflective of where we are now. But I'll stick around here to answer any questions relevant to this post or Eve in general.
Edit: I wasn't anticipating this would be on HN today, but it is, so here is part 2 with the rest of the story: http://incidentalcomplexity.com/2016/06/22/mar2/
In its most simple form the thin layer of the bubble is a plasma made of electrons oscillating radially. Like soap bubbles, a plasma bubble may have multiple ecapsulated bubbles.
A plasma ball is a dynamic system at an equilibrum using ions like ozone as energy source. The plasma ball will follow ions gradient. It explains why lightning balls may follow complex path like circling in a room and suddently going through a cheminey or a key hole.
He explains why plasma balls can traverse windows which are electrical and chemical reaction insulators.
This theory is now ready to be tested experimentally.
What happened was that lightning struck the ground at the edge of our yard while we were waiting at the front door for the rain to slow (so we could get to the car). I jerked my head to the right because of course the sound and flash scared the heck out of me, and right as I looked there was what looked like a glowing ball of electricity, the size of a beach ball, just above the ground, for what seemed like a few seconds.
Impressive that the model has "passed all the tests" for an acceptable theory of the origin of ball lightning.
From some Googling, there are 8M lightning strikes per day on earth, so say about 3.5B strikes per year. Let's say 3% of those strikes are in populated areas. So ~250,000 lightning strikes per day in populated areas. In the past 5 years, that is ~500M lightning strikes in populated areas. Let's say that there's at least one person or video camera filming the sky during 20% of those strikes.
Given we only have 1 video of marginal quality of ball lightning, that makes 1 in a 100M strikes a reasonable guess. But that also makes me think it really could just be 0 and eye witness accounts are just some visual misperception.
Not that Redux is too complicated (it actually has a super simple API). Redux is a (fantastic!) tool you should use once your project is at a large enough scale that you need it. You can go a long way in vanilla React before you feel the pains that Redux (or Relay) solves. The React part of my current codebase is over 25k LoC and I still don't feel the need to throw Redux into the mix.
Take a peep at http://djcordhose.github.io/hh-react-conf-2016/redux-vs-rela...
If you're just starting out then first spend several weeks/months in vanilla React. Unless you need to learn Redux to work on a bigger codebase at a new job or something...
Qualification: I used to work on React Native at Facebook.
I have trouble following someone else's pace in a video (or audio for that matter). I also like to be able to copy and paste code into my editor. Navigation to particular sub sections is easier too.
Much-needed article. Worth adding some color on AngelList syndicate incentives:
Syndicate leads are compensated by earning carried interest on the additional capital that follows them.   
Carry creates leverage for syndicate leads. Which is cool because syndicate leads have a bigger stake in a company's success, and often want to help the company more.
This also means a lead may want to invite as many investors as possible in order to get more $ into their syndicate and create more leverage. If left unchecked, this would create conflicts with a founder's interest in privacy.
Part of AngelList's job is to ensure lead behavior doesn't conflict with a founder's interests. Here's some of what we do:
* 80% of syndicate deals in the last 4 months were private (invite-only).
* AngelList has tools to block specific users / competitors from seeing information about a deal.
* Probably the most interesting tidbit: AngelList is undergoing a professionalization of capital. Most syndicate deals have fewer than 20 investors participating, and much of the capital is institutional. These investors are vetted by AngelList and act more like LPs in in a VC fund (for example, most institutional investors on AngelList have signed confidentiality agreements)
If you've got ideas or questions about syndicates, feel free to ask below or email me at email@example.com
 Some syndicates (both on and off AngelList) do charge 0% carry, but they're uncommon.
 Leads earn carry deal-by-deal vs. on a portfolio basis, where gains net out losses. This creates a different set of incentives, but IMO doesn't impact founders much. (http://avc.com/2016/02/fund-level-vs-deal-by-deal-carry/)
 Currently no management fees on AngelList.
For corporate investment, either direct or through investor arms, an important incentive some companies might have is to constrain your M&A options down the road. Between information rights, potential board control, investment terms themselves, or simple signaling, taking investment dollars from a giant company might make it difficult to do deals with that company's competitors. I feel like that's something that happened to a pretty big startup I worked for before.
Their incentive is to get the service to themselves as quickly as possible hitting all their required features.
The downside is that they may insist on over-fitting the solution to their particular needs.
I would also add "yourself / your own saving" as a source of investment.
- No loss of control
- Quick to close the deal
- Putting in one's own money sends a strong signal to your investors and employees that you are committed to the company
- The investor's incentive is perfectly aligned with the entrepreneur :)
> Notably absent in this years list are Y Combinator and RockHealthboth programs now classify themselves as seed funds rather than accelerators, and asked us to respect their evolution into a new model.
I get that this might fall under the crowd-funding category, but you also might want to add debt vehicles, including crowd-based advanced ordering platforms like kickstarter.
There's no equity exchange, but then again that's true of the government grants as well.
We already have crowdfunding options for both individuals and projects, pre-orders for products, but are now considering how to offer even more through larger funding options for people and startups -- specifically thinking about how we can merge these two models that makes sense for the community.
For example there is a growing informal network of angels and VCs associated with the SENS Research Foundation / Methuselah Foundation community and the so-far handful of companies that are emerging from the past years of research funding into treating aging by repairing its root causes. The goal here is as much to produce specific new capabilities in medical science and get them to the clinic as it is to make money. In many cases these investors have the view that the only use for making money is to funnel it back into growing this research and development community.
There are analogous groups in other spaces.
This is an important motivation because it lets you look further than just for-profit funding. If I were launching a fund today, I'd try to set it up as 90% for-profit, 10% non-profit investment, with the latter going to nudge promising research across the line into startup viability. With the right connections in the research community, a group that is split between scientists, advocates, and funding sources can be meaningful minority owners in the creation of an entire new field by shepherding the research and seed funding the startups. Modern day early stage life science research, and proving mouse studies, are so cheap in comparison to later development for the clinic that this is a great investment model.
One reason most people don't do this is that they don't understand how to understand the spaces they invest in at the level of research and seeding new companies, and finding things that are a year or two away from viability, and could be pushed across the line with a little money and coordination, and the people who do understand that typically have little interest in investment. It is very hard to gather the necessary knowledge and will in one room.
Plex did solve this in conjunction with a certificate authority, but that solution only works for them. The general approach could work for others if someone like letsencrypt led the effort. https://blog.filippo.io/how-plex-is-doing-https-for-all-its-...
Browsers and OS vendors shipping CAs seems to be the root of the problem, in my mind. Those should be distributed by the service providers, who are the actual trustworthy entities in the user's minds.
LetsEncrypt is almost built upon the idea of frequently (and automatically) re-issuing your certificate(s). The graph's line shows what appears to be an accumulated sum of certificates issued by day.
If every 90 days most certificate(s) expire, of course the graph will look like that!
Whats most interesting to me is the steps up in the graph. It appears that the steps in the graph roughly occur on 70-90 day intervals.
Impressive growth for a great mission/service, but I wanted to point out the mechanics behind the graph. Hopefully others can offer some alternative perspectives!
edit: Grammar, illogical sentence structure.
How effective is something like certificate pinning against fraudulent certs?
How can you cover 7 million unique domains if you've only issued 5 million certificates?
That way when https is found to lack some feature, we can easily upgrade to httpz almost immediately?
Encrypting everything increases the demand for low-rent SSL certs. Anything below OV (Organization Validated) is junk, and if money is involved, an EV (Extended Validation) cert should be used. Trying to encrypt everything leads to messes such as Cloudflare's MITM certs which name hundreds of unrelated domains. This is a step backwards.
I find I am better at almost every area of business than I was 10 years ago for a number of reasons.
Learn and put what you learned to use, doesnt matter if you are young or old.
30-somethings start companies which serve 30-something customers, or enterprise customers of the type they've worked at (where purchasing decisions are made by 30-something directors).
There are exceptions to those rules, but they're pretty consistent.
What's important is that entrepreneurs be consistently visible across age/race/gender/class/origin/etc demographics, so all markets are best served.
I agree with the article, at least as far as technical knowledge goes. Some friends of mine who I graduated with are starting an Instagram for music app called Cymbal in Brooklyn, and I talk to them somewhat frequently about what's going on tech-wise. They're seed-funded and have runway for the next while, and have produced a really quality app. Whether or not they'll succeed, I don't know, but I know the quality of their work isn't in question.
My takeaway from conversations with their back-end engineer is that he's getting a lot of experience building an infrastructure from the group up that's taking a lot of traffic, learning what to do and what not to do by things failing. He's developing the "right way to do things". By contrast, my time at Twitter as a backend/fullstack engineer has taught me a lot about what that infrastructure looks like when it's mature, and I've learned the Twitter-approved "right way to do things". We're both learning what scalable robust infrastructure looks like, but while he gets the benefit of familiarity with every part of the stack and learning first hand what works and why, I get a huge jump in general knowledge with less details.
Which is arguably better? We'll only know for certain when I start my own startup in a few years, but my gut feeling is that the skills I'm gaining here by perusing scaled-up systems that face hundred of millions of requests every day will serve me more. I've learned so much about good ways to build things in just my past few months that have already radically changed how I face my own personal projects, that I can't imagine sticking with code I wrote before I had this knowledge.
I know the article is more about industry experience as applied to creating a network of peers and the business side of things, but I'm confident it extends to the technical side as well.
Cool hacks are cool I guess but from the sounds of it, the C code is a bit scary. If you had to build this, why not build it in Rust? At least it wouldn't be so terrifying from a security standpoint and you'd still get whatever performance is supposedly needed.
I can see at least one buffer overrun dependent on database contents, and I wouldn't be surprised if there's public-facing vulnerabilities in this thing, but I don't want to spend another 5 minutes looking.
But that said, building a proper HTTP stack is not trivial.
If you want to use C language, then why not create Nginx module?
Nginx already solved the hard problems:
* HTTP parser
* Distribute work via event loop on multiple workers
* Useful load balancing strategies (not as great as HAProxy, but i am satisfied with it)
* Serious effort in dealing with CVE
* Widely used and battle tested
Here's a fine guide on how to write Nginx module in C:http://www.evanmiller.org/nginx-modules-guide.html
$ curl -i http://lon.gs/abf HTTP/1.1 301 Moved Permanently Location: foo X-Evil-Header: evilvalue
(they claim to have fixed this elsewhere in the thread, but I guess some of the "evil" URLs still work)
What are the api endpoints? docs? Can you view a list of all shortened urls? Can you delete shortened urls?
Can you change the base domain of lon.gs?
YOURLS was popular for a while, and I tried it, but I was concerned with running a not very popular PHP app even on shared hosting. At least Wordpress gets decent attention. I was worried of people compromising my own YOURLS instance against me.
EDIT: Very strange, the redirect now goes to a URL I didn't enter... (http://www.sadfasdfasfdasdfsadfasd.com)
Here's the short url of http://news.ycombinator.com --> lon.gs/amk
Going to lon.gs/amk redirects me to an overstock.com address for a specific product.
The site doesn't appear to have been hacked, at least there's no affiliate link in the URL I was sent to. It just appears the site is broken.
I'll bet InMobi really feels chastised now! Thanks, FTC; you sure showed them!
Why should the penalty be reduced based upon InMobi's finances? If the fine bankrupts them, all the better!
Edit: Honestly, I don't know why companies can't be fined based upon a percentage of revenue taken over, say, the past year. A fine of 10% yearly revenue would actually make these bastards sit up and pay attention.
The author of this article might need a new technical advisor.
We're also supporting other platforms such as the cc3200 so it will enable you to easily change the target; some platforms are good for prototyping, some are better for production; often it's impossible to choose wisely at the beginning so it's nice to not require a full rewrite of your logic.
This resulted recently in this: https://github.com/micropython/micropython/releases/tag/v1.8...
From a humble yet proud backer :)