hacker news with inline top comments    .. more ..    6 Jul 2017 News
home   ask   best   2 years ago   
SoundCloud cuts jobs, closes SF and London offices techcrunch.com
303 points by janober  2 hours ago   195 comments top 38
doublerebel 2 hours ago 9 replies      
It's been a downhill trend ever since trending likes were replaced by reposts. Trending likes actually showed which tunes my friends found most interesting. Reposts allowed a single user to spam a feed with their personal taste. Then repost bots were allowed to require repost to unlock a free download and now discovery on SoundCloud is almost dead. My friends who are successful producers but refuse to play the bot and pay-for-repost game are completely drowned in the noise.

My bet is that since trending likes are a Graph DB problem, SoundCloud just chose not to solve it once it became too hard on their database. They famously had issues with early Mongo adoption so this would fit right in. Their most recent frontend HTML5 rewrite always winds up my CPU and hasn't changed in a couple years.

SoundCloud to me has always been a great idea with some great design that got ruined by some poor engineering choices from the top. And at the end by a desperate grab for stats and cash. I think producers would have paid more, better subsidizing free plans, if discovery hadn't gone downhill. I ran the numbers once on how CDbaby and Bandcamp became successful (based on stats trickled out over the years) while SoundCloud could never turn a profit. There's still plenty of room for someone to do this right.

alistproducer2 0 minutes ago 0 replies      
SC had a unique product and at one point I really enjoyed discovering music. In fact, I had a music blog where I reviewed indie and folk music I found there. I found some incredible talents. For example, this dude Packwood from Australia. I ended up buying his albums on Bandcamp, but never would've found him without SC. Looking back it's surprising that SC never tried to get into selling music. I would've bought download for lots of the indie music I found; if for no other reason than I wanted to be able to listen to it in the event that SC folded.

I switched to Amazon music, which I pay ~ $6/mo. I couldn't be happier. I'm actually happy to pay money to have access to almost anything I ever want to listen to. they even have obscure Drum n bass albums (which surprised me). As great as AM is, it doesn't fully replace SC for me. No podcasts or indie music by random Australian dude without record deals.

thowaway999 13 minutes ago 0 replies      
I was a director of an engineering department for SoundCloud for a time and left several years ago. Frankly none of this should be surprising: nobody there could figure out a product definition nor a monetization plan. What is more: the engineering organization at SoundCloud at large was completely fractured and suffered from in-fighting. Nobody trusted anyone across organizations. There was no shortage of bullying even. Taking that in mind, SoundCloud's downfall was to be expected. Because of caustic environment even before the financial crunch, they couldn't execute. Blame the incestuous Brazilian boys club there for it (I'm male, by the way); they bullied just about everyone.

As for Berlin, I am sorry to say: I had high-hopes for the tech culture there, but to call it Mickey Mouse would be a charitable statement. It was laden with confused hipsters who couldn't differentiate between language du jour and its monads and delivering a product.

When I applied, the warning signs were strong. Nevertheless I ignored them to my own peril. Needless to say, I won't make those mistakes again!

Right before I resigned, it was revealed in a private leads meeting that 18 percent of the engineering force had resigned in that given quarter. Was I surprised? Not in the slightest. That knowledge gave me resolve to get out, which I hadn't yet announced.

aaronlevin 2 hours ago 50 replies      
SoundCloud employee here.

If you are hiring, please reach out to people from SoundCloud. The decisions of who to let go were not based on performance. A lot of amazing people, both attitude and technically.

pyronite 1 hour ago 1 reply      
19 days ago an employee of SoundCloud posted an Ask HN about deferred salary reviews:https://news.ycombinator.com/item?id=14575627
dustinmoris 2 hours ago 3 replies      
They also laid off the entire New York team and at least some individuals in Berlin:



> Well, SoundCloud just laid off all of its New York engineering

> Literally the entire payments and subscriptions team, ads-eng, monetization engineering, everybody

> Not really clear to me how the execs think this company will be able to make money from now on

JohnnyConatus 40 minutes ago 1 reply      
ITT no one admitting that the problem with the recorded music industry is now the fans who expect bits that make sound to be free while other bits are paid.

Spotify, Pandora, and Soundcloud fixed just about everything that people said was wrong with the industry from the consumer point of view. And don't give me that line about the labels screwing artists because thanks to fans who won't even pay for a premium subscription, Spotify literally can't afford to pay artists more without going under entirely.

TL;DR - music doesn't want to be free. Selfish people want it to be free.

skylark 1 hour ago 6 replies      
This is a perfect example of how strong software engineering from competitors can result in you getting completely left in the dust. YouTube and Spotify have great algorithms for suggesting new songs - I feel like when my current song is done, I have a really high chance of hearing another song that I've never heard, but will enjoy.

This is not the case on SoundCloud, where I'm almost always jolted back to reality when the next song comes on.

jinder 2 hours ago 4 replies      
Soundcloud started dying when they decided to be more like Spotify and less like the independent music discovery service they started out as. Now they have an app and experience that is not particularly good at either.
gregjw 47 minutes ago 0 replies      
The question isn't 'Will SoundCloud close?' but instead 'When will SoundCloud close?'.

Just a very steady decline over the past two years.

Their talented team will easily land of their feet anywhere else, it's a shame that someone's so previously unique is fading away due to trying to compete with Spotify.

Removing Likes & Groups have really pissed off their community.

maga_man_69 2 minutes ago 0 replies      
I wrote an AWS Lambda thing that automatically pirates soundcloud tracks you like:


pmoriarty 2 hours ago 2 replies      
For me as a music producer and consumer, one of the most frustrating changes recently made my Soundcloud has been their cancellation of groups, which used to be a decent means of discovering new music related to kinds of music you already like.

Once groups were cancelled, the listens on the songs I post to Soundcloud plummeted to virtually nothing, and I really don't bother to upload my music there anymore, nor to go to Soundcloud to discover new music.

phreeza 2 hours ago 4 replies      
Their Github org seems to have gone from 45 to 37 members. Not sure what that means, do they only have 37 devs?



edit: now it's at 35... ouch

mintplant 2 hours ago 6 replies      
> Some rough news today for SoundCloud, the audio streaming site whose content is largely based around uploads from its 175 million users in 190 countries.

Does SoundCloud see itself as an audio streaming service now, as opposed to an audio hosting service? That seems like a focus shift away from where they started, and puts them up against behemoths like Spotify. Maybe that's related to why they're struggling.

Tangentially: does anyone have any idea of how Bandcamp is doing?

kevinmannix 1 hour ago 3 replies      
SoundCloud is my go-to for music while programming. I've spent countless hours curating my likes, playlists, follows, etc. I'd be quite upset if the service shuts down, 1) for the artists that have gained large followings through the service and 2) for all the personal time spent that will in the end mean nothing.

I think I'm reiterating what has been said before, but the reposting is horrendous. It's made the listening experience quite poor from just using the activity stream. I've also been really unimpressed with the lack of track uniqueness - if 2 artists repost the same song, it'll show up in my stream twice. Even more frustrating was the lack of uniqueness between tracks & playlists, where one could conceivably listen to the same song multiple times in a row because artists would post the track and then a single-track playlist with that track inside it.

The UI is also lacking for quickly adding to playlists, etc. The simplicity was a feature, not a bug, and the power of SoundCloud has been their artist community.

awkward 1 hour ago 0 replies      
One thing that they did right was their use of HTLM5 to keep what you're listening to playing while you browse the site. Especially for long running podcasts it's nice not to feel like you would drop the thing you were listening to if you weren't careful.
janober 2 hours ago 0 replies      
Very sorry to hear! Apparently additionally also the engineers in New York:https://twitter.com/pje_txt/status/882977097232338947
drinchev 2 hours ago 0 replies      
That is so sad for Berlin as well. SoundCloud is one of the companies that made the startup scene an actual scene.

I know that SoundCloud's interview process is tough, so I guess it's a good day for companies looking for talent around Berlin.

jasonsync 59 minutes ago 0 replies      
I love SoundCloud, but the premium plan options are surprisingly confusing:

$4.99 - SoundCloud Go $9.99 - SoundCloud Go+

According to the SoundCloud Blog circa 2016 (and most external reviews), "SoundCloud Go" is the plan with the expanded catalogue:https://blog.soundcloud.com/2016/03/29/introducing-soundclou...

However, according to the SoundCloud Blog circa 2017, "SoundCloud Go+" is now the plan with the expanded catalogue:https://blog.soundcloud.com/2017/02/28/introducing-new-sound...

Is there some sort of "bait and switch" going on here?

I can only think that SoundCloud purposely shuffled the product names around to make us think that the $4.99 plan includes the expanded catalogue, comparable to Apple Music / Spotify. Or am I mistaken, and the $4.99 plan does include a catalogue comparable to Apple Music / Spotify?

Furthermore, both plans advertise more tracks (120M+ tracks) compared to Apple Music or Spotify (30M tracks), making it even more difficult to reconcile what you're getting. And the $4.99 price point is further complicated by Apple Music, which also offers a $4.99 price point (for students).

The product branding, pricing and positioning here is bonkers for anyone comparison shopping, reading external reviews or simply trying to understand what you get. It's easier to do nothing, and simply continue using the free service (and switch to Spotify from time to time to fill in the blanks).

untog 2 hours ago 1 reply      
Awful news. But I'm glad to see that it's part of an attempt to stay independent - I hope Soundcloud sticks around, in control of its own destiny, for a long time.
brudgers 25 minutes ago 0 replies      
As a cost cutting strategy, offices in San Francisco and London are plausible candidates. Particularly for a company based in the EU those cities are likely to hinder flexibility regarding colocating teams and staff due to increasing regulatory hurdles regarding work visas.
justanton 40 minutes ago 0 replies      
I wonder what made them to open offices in some of the most expensive cities in the world in the first place?

Was it in order to find the right talent? There are great people in other, less expensive cities.

batmansmk 26 minutes ago 0 replies      
Are they preparing to sell the company? There was rumors that they wanted to sell to Deezer recently.
tyingq 2 hours ago 1 reply      
Other sources say total employees are 420, so it's roughly a 40% cut. Ouch.
niftich 2 hours ago 1 reply      
I don't know how SoundCloud is managed and what their balance sheet looks like, but it's deeply unfortunate that a site that caters largely to up-and-coming musicians has so much trouble getting out of the red.

Presumably they're hurt by the presence of platforms such as Youtube or the 2010s' rebooted Myspace, where musicians can reach a larger audience and where both sides of the equation are subsidized by ads.

Meanwhile, more focused sites like Beatport appeared to have a successful recipe by selling actual tracks for download despite essentially offering unlimited streaming, yet even they ran into some trouble with their latest pivot.

It's a tough space to make money in, despite seemingly meeting a popular need.

expertentipp 1 hour ago 1 reply      
The wonder child of Berlin's startup scene is deceasing. Says a lot about the scene unfortunately.
pducks32 1 hour ago 0 replies      
I liked the idea of SoundCloud but it was horribly designed. The app was just so so clunky. I know some producers and they were early adopters on SoundCloud. The community was begging for this and jumped on early. They had the demand, they just failed to execute.
socrates1998 18 minutes ago 0 replies      
Do any of the most popular music streaming services make money?
nodesocket 1 hour ago 0 replies      
As somebody who listens to SoundCloud almost daily I really hope they can turn things around. They should completely ditch the free plan, and just have a $2.99 or $3.99 plan. I am actually signing up for SoundCloud Go+ (offline listening) now.
alydenardo 1 hour ago 0 replies      
Come work with us at Atrium in SF (Portero) and disrupt the legal industry.Cofounders: Justin Kan, Bebe Chueh, Augie Rakow, Chris Smoak. Atrium is hiring for Senior Full-Stack Engineers, Senior Backend Engineers, Frontend Engineers + more. See postings here! We want you!https://www.atriumlts.com/
myth_buster 1 hour ago 1 reply      
On a tangent, I now hope that A16Z podcast will be available on google play et al. That was the only reason for me to use Soundcloud and it frustrated me when I used it because it severely lacked features something as trivial as sorting by podcast date.
timeforanewSC 1 hour ago 0 replies      
I'm not sure if this is appropriate here (which is why I made a new account) but some friends and I have started developing a site which we hope captures the main benefits Soundcloud used to have for independent labels, DJs and artists. We can see many ways we think it could be sustainable as a business that benefits the creators and owners of the music as well as the listeners.So if anyone out there is interested in fixing this space and has the time and the inclination it would be great if you would make contact via DM.We've so far been developing in our spare time. We are getting close to Beta. No thought or plan as yet to raise investment.
kayoone 2 hours ago 1 reply      
SoundCloud is one of Berlin's prime examples when it comes to it's startup credentials, so them stumbling is really hard to see for someone working in the city.
richardknop 1 hour ago 0 replies      
Oh. I remember a post on HN from SC employee couple weeks ago asking if he/she should stay given that salary reviews have been postponed. In retrospect it seems he/she should have left.
buster 1 hour ago 0 replies      
I'm from Berlin and happen to have found an awesome employer, who is constantly looking for talent, so if someone from Soundcloud needs a hint for a job in Germany, message me.

Not that it would be hard to get a job in our industry, but well.. :)

norea-armozel 1 hour ago 0 replies      
I'm not surprised. It seems to me that they lost their way when they thought their competition was Spotify when it really was Bandcamp. At least Bandcamp is still growing especially when it comes to independent musicians and niche genres like synthwave. I really wish them the best of luck to get back on their feet because I think there's still plenty of room for competition in music hosting and sales.
pinaceae 1 hour ago 0 replies      
Well, I guess wonder.fm is getting screwed too.

They've been futzing around a bit too, they started as WeAreHunted, then got acquired by Twitter to become Twitter Music, then shut down, then restarted as Wonder.fm.

Making money in music is HARD.

cturitzin 2 hours ago 4 replies      
I use SoundCloud daily for music I can't find anywhere else. I'm amazed they haven't tried harder to make people like me pay for the service. I would pay if I hit a paywall at some point of usage.
Mental Health is still an issue in the workplace medium.com
162 points by bcx  2 hours ago   77 comments top 16
steven777400 2 hours ago 7 replies      
Great article. A few years ago (at a previous job) I took a sick day for "sanity", but told them I wasn't feeling well. I felt guilty about doing it. I think part of it is the association of sick leave with externally visible medical issues, and the corresponding "straightforward" medical verification.

In other words, if you have a temperature or are vomiting, that's obvious. Many infections or physical injury can be trivially verified by a doctor. But a "sanity day", as truthful and necessary as it might be, is neither of those.

Out of curiosity, I checked my current employment contract. It says sick leave is for "A personal illness, injury or medical disability that prevents the employee from performing his or her job, or personal medical or dental appointments." or "Exposure of the employee to contagious disease when attendance at work would jeopardize the health of others." There's a dozen or so other cases listed in the contract, mostly about allowing sick leave to care for sick family members/children. Our contract also allows for verification, "If the Employer suspects abuse, the Employer may require a written medical certificate for any sick leave absence."

I've never heard of anyone here being asked for a verification, but it would tend to discourage people doing the "sanity day" sort of thing.

curun1r 1 hour ago 2 replies      
My only issue with this is how he seems to lump in the "mental health" days that people without diagnosed mental health disorders face with the stigmatization that the other group feels. I fully support people who need to deal with mental fatigue in these ways, but if just taking time off "cures" your mental health issues, it's a different class of problem from what others are dealing with.

The "still" is incredibly premature when it comes to mental health in the workplace. We're just scratching the surface when it comes to acknowledging, accepting and understanding those with mental health disorders. Depression, ADHD and even Autism Spectrum and OCD are all on the leading edge of disorders that are receiving less stigmatization and more acceptance over time. But there's a lot more in the DSM-V that are completely misunderstood or completely unpublicized. And our workplaces are completely unprepared to deal with them.

I saw this first hand at my previous employer. We had a coworker who had a number of personal disagreements with other coworkers. In discussing it with my mother, a psychologist, she mentioned that much of his behavior sounded, to her, like someone with Borderline Personality Disorder. He was everyone's best friend up until they did anything he interpreted as being against him at which point he'd flip and try to sabotage them at every opportunity, including filing numerous baseless claims with HR. The organization was completely unprepared to deal with an individual like him. Each HR claim he filed was treated seriously, but there was never encouragement or a requirement that he talk to a trained mental health professional who could have been helped guide the company to a productive outcome. Instead, his conflicts with other employees caused at least 3 of them to quit before he was eventually forced out of the company for taking on someone who had too much pull with upper management. I can only imagine the carnage that would have been caused if he had been a she and had been able to abuse the sexual harassment policies.

HR is only trained to help the company avoid getting sued. But there's damage to both the employee and the company that can happen without the lawyers getting involved. The company's HR failed him and the rest of us that had to work with him by not knowing how to deal with that sort of psychological disorder.

Rather than "it's 2017 and mental health is still an issue," I'd say, "it's 2017 and we're finally starting to acknowledge the long road ahead of us."

siliconc0w 46 minutes ago 0 replies      
There is a kinda secret code for OOO or WFH emails that managers should respect. Definitely got to "Respect the code" (say in a pirate voice). As a manager I'd write purposely vague emails to contribute to this, "Sorry will be late, got jumped by a gang of ninjas" because I really don't like to set a cultural tone that isn't trusting of employees. I basically need to know you aren't going to be here but I don't need to know why.

There was an eng manager that would pester people about vaguer emails asking for clarification. I really wanted to just sit him down and explain that he isn't being clever and he was basically being a jackass for prying into people's personal lives - vague email is vague for a reason.

goodroot 1 hour ago 0 replies      
My partner works at Olark. It truly is a human-focused business. I love that she is there. The intention that their team and leadership have applied into creating a safe environment is deeply rooted and honest.

As someone who struggled with depression for two decades, while ultimately thwarted, it was a hopeless, numbing plague. As a coping mechanism, I developed my career working remotely. I was unable to function within a typical office environment. At home I could steal away to my bedroom and hide from the black under cover of blanket, when I needed to.

It's encouraging to see the silent struggle find words and champions. May others who are going through the darkness find supportive and loving environments; any change to find them is worth it. You are the author of your journey and the hero: write a happy story.

zitterbewegung 2 hours ago 2 replies      
I applaud the author for destigmatizing mental health issues. More companies need to be like this. Its really hard for people to understand mental health issues because you have to take many optional classes to even get an idea of what they are. Also, many people throw around terms like psychopath / ADD(ADHD) and either diagnose themselves or others and that can lead to more stigma or even misunderstandings. I think better education of mental health would help solve this.
j05huaNathaniel 9 minutes ago 0 replies      
Honestly, kind of sounds like the work she does may be the reason for the mental health issues. Maybe find a job that doesn't depress the shit out of you? I know, easier said than done.
nolepointer 1 hour ago 0 replies      
While I agree with the author's argument, stating the current year does not advance it. Seriously, it's even a meme.
wu-ikkyu 24 minutes ago 0 replies      
>We are in a knowledge economy. Our jobs require us to execute at peak mental performance. When an athlete is injured they sit on the bench and recover. Lets get rid of the idea that somehow the brain is different.
throwaway2928 56 minutes ago 2 replies      
Not that long ago, I was considering joining a startup where an old manager of mine was the head of eng. They seemed to be doing some cool stuff, another friend had recently joined and spoke well of it, and I thought I'd give it a go. As part of that process, my old manager took me out for coffee to talk about the company, etc.

When we chatted, he basically laid down that he was concerned- when I had worked for him, I'd been depressed. He wanted to protect his startup from that kind of attitude. So there I was jumping through hoops to assure him that I had gotten therapy, that I was keeping an eye on it, on and on... only afterwards did I realize how fucked up that was.

Yes, he's got a right to try to protect a fragile young startup. But on the other hand, he's doing it via discrimination due to health issues.

In the end, I also realized something else that mattered: I was always feeling like shit those days that I worked for him in large part because of how he ran things. After he left, we got a much better manager who honestly seemed to work hard to make me happy. Why the hell would I want to go work for that guy again in the first place?

techdom 1 hour ago 1 reply      
>it's the (((current year)))
DonbunEf7 1 hour ago 3 replies      
I couldn't afford to do this.

My mental illness is sufficiently severe that I need months, not days, to unpack and unwind, and I haven't felt not-burnt-out in about half a decade. I only get to do this between jobs.

I'm glad that this situation worked out alright for the employee, but there often isn't enough sick leave available.

alexashka 1 hour ago 1 reply      
It's not controversial, there's even a term for it - airing dirty laundry.

People don't talk about it because they don't want to all of a sudden be treated differently because 'mental health', and now people around you are walking on egg-shells or being fake supportive.

Why can't it just be a personality thing - some people need time alone more than others, for whatever reason that is. When you start labelling it mental health, all you're doing is self-diagnosing yourself into a hole that's hard to get out of. Unless you have debilitating problems of course, in which case the employer should know from day 1.

BadassFractal 1 hour ago 2 replies      
First hand experience. As a founder it's terrifying to let people know that you are experiencing debilitating levels of burnout, anxiety and moderate depression that prevent you from being effective at your job. There are days when you're just sitting there staring at your screen for 10 hours hoping nobody can tell you're checked out.

You put on a smile, try to follow the usual routine as a robot, and secretly go to your therapist to try to fix it before someone catches on. I was lucky therapy got me out of it, or at least mostly smoothed it out, in under 6 months.

xname2 1 hour ago 0 replies      
Shouldn't vacation days be used to help your mental health? If vacation days are not enough, there might be a more serious problem ...
xname2 2 hours ago 6 replies      
Can someone please explain to me what is special with 2017?
cryoshon 1 hour ago 1 reply      
first off, good for madalyn, it takes too much courage to introduce specifics regarding any kind of sick time and mental health is especially burdensome.

now, moving on to the rest of the post: of course it's still an issue. taking sick time for any reason is still an issue. everyone feels the pressure to not be sick, to not take sick time, and to work while sick. i have never worked for any organization where this was not the case-- even in some good places that were good to their workers-- and have only escaped it by working for myself.

>Its 2017. I cannot believe that it is still controversial to speak about mental health in the workplace when 1 in 6 americans are medicated for mental health.

you see, mental health is more of a threat than "physical" health. you get better from having a cold. you sniffle through a few days of work, maybe take a day at home, then sniffle through another day or two, and the lost productivity stops.

the spectre of mental health is that it is a long term sap on an employee's productivity that will also have flare-ups which result in time taken off, total work stoppage, malingering, unreliability, and bad morale. and it can't really be "cured" just treated. it's the profit seeking organization's nightmare. they'd never hire someone mentally ill, if they could reliably avoid being sued for their discrimination.

>Its 2017. I cannot believe that it is still controversial to offer paid sick leave.

only in the blisteringly backwards and proudly ignorant USA is it controversial. we are far behind the rest of the world when it comes to labor rights and treating people like human beings.

elsewhere the issue is settled definitively. to be blunt the CEOs haven't done their part in fighting for this basic right, nor has the government, nor have the workers. everyone has too much to lose by being the one to push, so nobody pushes.

>Our jobs require us to execute at peak mental performance. When an athlete is injured they sit on the bench and recover. Lets get rid of the idea that somehow the brain is different.

the difference is that an athlete ages out of being competitive after a time, and so their profit-driven self-infliction of injury ends earlier.

workers are stressed by work for most of their lives, for most of the hours of their waking day. work is far more detrimental to people's brains than being an athlete is to the body.

oh yeah, and workers can't choose when to stop, unless they want to choose to stop eating too. to be blunt there's no way that american workers could possibly operate at peak mental performance with their mental scaffolding so occupied with maintaining job security. this causes mental illness too, of course.

name a bigger stressor for people than their jobs / money.

>Take some time this week to express gratitude to individuals on your team. You might be surprised at the positive impact.

this is a bare minimum, not part of any solution.

the real solution (which won't be implemented because it is expensive) is to have an iron law in your corporation that your employees must take X paid sick days per year or per month. it's that simple.

then it won't be an issue, because it'll be a policy that people are forced to follow. there's no guilt about taking sick days for any health reason at that point. nobody feels like they're being dead weight when they take a sick day.

>Take some time to reflect on how your companys values help create a safe-space for your teammates

this is more likely to be lip service or self-deception at most companies than it is a reality. most companies value profit, and act accordingly when that value contradicts the health of their employees because their employees are replaceable.

>1 in 6 of whom is likely medicated for a mental health issue.

this should tell us that our society is violently unhealthy for our minds, as is our work culture.

and they are.

MySQL infrastructure testing automation at GitHub githubengineering.com
66 points by samlambert  2 hours ago   3 comments top 2
ngrilly 5 minutes ago 0 replies      
Great post! Do you use semi-synchronous or asynchronous replication? If you use asynchronous replication, when a server crashes and this triggers the automated failover, do you lose the last transactions?
jivid 1 hour ago 1 reply      
Super interesting post. Would love to read more detail about their backup and restore infrastructure.

If Tom and/or Shlomi are reading this: you mention taking multiple logical backups per day. What benefit does this bring versus just having one per day and doing a point-in-time restore using binlogs? Is this just a tradeoff between time taken for a restore and storage you're willing to dedicate to backups?

Disclaimer: I work on Facebook's MySQL backup and restore system (https://code.facebook.com/posts/1007323976059780/continuous-...)

Privileged Ports Cause Climate Change adamierymenko.com
13 points by phaer  41 minutes ago   1 comment top
justinsaccount 5 minutes ago 0 replies      
This is one of the reasons why the kubernetes network model[0] is kinda neat. Every service running in each pod can bind to port 80 without any conflicts because every pod gets a dedicated ip address.

[0] https://kubernetes.io/docs/concepts/cluster-administration/n...

Regex Puzzle bbc.co.uk
313 points by mboto  7 hours ago   63 comments top 17
bluesmoon 6 hours ago 2 replies      
bshimmin 4 hours ago 1 reply      
Brilliant. My dad is 71, loves puzzles (like cryptic crosswords and Sudoku), is a huge technophobe, and has just retired. This should keep him busy until about 2022.
canada_dry 5 hours ago 5 replies      
Regex is one of those tools that I use a couple times a year - usually for cleaning up lousy input data.

I always end up spending a fair amount of time using tools like:




And of course stackoverflow.

hokkos 4 hours ago 1 reply      
I've worked on the project where some XSD files defined fields with regex restrictions, also some rules over fields added other stricter regexps or negative regexps depending on some context in a format called Schematron. I had to generate XML files conforming to those XSD, so I used some tools around Z3 solver and Microsoft.Automata to generate those strings conforming to multiple regexps. It would convert the regexps to finite automaton and intersecting them, walking it from the starting state to a final one over a charset.

Links :



It now seems to be Open Source (MIT):


jgrahamc 6 hours ago 4 replies      
Worth doing this by hand to exercise your knowledge of regular expressions. My solution (SPOILER): http://imgur.com/a/9iK9J
KineticLensman 5 hours ago 1 reply      
This BBC report refers to a puzzle released by the UK's National Cyber Security Centre [1], as part of an online recruitment effort.

[1] https://www.ncsc.gov.uk/news/take-our-regex-crossword-challe...

dbrgn 5 hours ago 2 replies      
andyjohnson0 5 hours ago 3 replies      
I know that there are problems to do with regex matching that are NP-hard. So I'm wondering if it is possible to attack this puzzle using an algorithm that simplifies the individual regexes using knowledge of the regexes that that they interact with?
Cephlin 6 hours ago 0 replies      
Wow, finally a crossword I have a chance at!
Already__Taken 6 hours ago 0 replies      
Anyone know a decent android app for these? the MIT one has the most insane and broken scrolling functionality it's shocking.
shabble 3 hours ago 1 reply      
Does any common regex format/dialect require '\-' for a literal hyphen? AFAIK it's only special inside character classes, and escaping it doesn't necessarily work there if it would form a valid range identifier.
gumby 2 hours ago 1 reply      
Nice! At Keplers in Mountain View you can buy version of Scrabble that uses regexes. The designer used to sell it in front of the shop -- he is obviously a programmer.
timdierks 2 hours ago 1 reply      
I believe column E is under-constrained; a solution with column E = "YYYY " or "OOOO " passes the tests, but is clearly not what's intended.
jwilk 4 hours ago 0 replies      
ape4 5 hours ago 1 reply      
Since the clues are machine parsable it should be machine solvable.
IanCal 4 hours ago 0 replies      
Fun! I made a few mistakes by writing letters sideways which was then confusing (C vs U, for example), but this was a nice puzzle.
mcbobbington 3 hours ago 0 replies      
I love regexes. In addition to doing cool things and saving time, I feel like I'm a "real programmer" whenever I write a good one.
Wildcard Certificates Coming January 2018 letsencrypt.org
457 points by darwhy  3 hours ago   119 comments top 15
randomf1fan 3 hours ago 5 replies      
This is great news for organizations. I work at a large Fortune 150, and there are lots of services that require wildcard certs. We have a process to get these from our internal CA as well as a third-party - the internal CA is automated, but the third-party (for external services) can be slow and cumbersome, to the point where many departments just buy their own cert. And then a year later, they move on, forget, etc, and suddenly we have services that have expired certs and there's a scramble to fix them.

This move by Letsencrypt should hopefully make them the standard for any external service that doesn't require an EV cert.

madsushi 3 hours ago 3 replies      
Wildcards were one of the two big blockers for Let's Encrypt adoption at a lot of organizations. The second blocker, the operational discipline to automatically refresh the cert and restart services every <90 days, will likely be the only excuse left.
middleclick 3 hours ago 1 reply      
I am genuinely curious as to how much this will affect the cert providers commercial business? Other than Lets Encrypt not being able to issue EV certs. Does anyone have a resource that talks about this?
LinuxBender 2 hours ago 9 replies      
Serious question. What does LetsEncrypt buy me that I could not get from having a knob in applications and browsers that lets me accept self signed certs?

To be clear, the reason I am asking is that historically a CA was intended to be a way to validate "who" you are talking to. LetsEncrypt is providing a signed cert that does not validate an entity. It just solves the self signed cert, which could also be solved in applications by having a setting to "Accept Self Signed Certs". Some apps and appliances already have this.

mnglkhn2 2 hours ago 3 replies      
I would feel even more comfortable if I would be able to pay a nominal sum. Even $1 per cert would go a long way in securing their infrastructure. Maybe Letsencrypt does not want to handle the hassle of managing payments.
eridius 1 hour ago 1 reply      
What verification strategy are they using to determine when a wildcard cert can be created? I see the discussion on https://github.com/letsencrypt/acme-spec/issues/64 suggesting that they validate a sampling of randomly-generated subdomains, but it's unclear if that's actually the strategy they're using (and an obvious downside with that strategy is it won't work for a client that wants a wildcard cert for whatever reason but hasn't configured DNS to handle arbitrary subdomains, though you could of course argue that these clients don't actually need wildcard certs).
dopamean 1 hour ago 1 reply      
The company I work for is a large user of Let's Encrypt certs (we order them for our customer's sites). It doesn't look like we'll be able to use this since we don't control our customer's DNS.
kharms 3 hours ago 6 replies      
Question on this topic - is there a method of encrypting subdomains when you don't own the domain?

An example: I run a vm that exposes mysubdomain.azure.com, can I turn on ssl at that level? A google search says "no" but I figure this is a place where someone might have a workaround.

benth 2 hours ago 1 reply      
I recently read about how Plex got trusted SSL certificates for all their users in partnership with DigiCert, and was really curious if a similar scheme could be accomplished with Let's Encrypt. The scheme required wildcard certificates so I figured it wouldn't be possible. But with this announcement, maybe it would be! I work on a product that generates a self-signed cert and so our customers always get a cert warning. They can replace the cert with their own if they like, but some customers aren't set up to do that. Offering an alternative where we securely mediate creation of a trusted SSL cert would be fantastic.

See: https://www.plex.tv/blog/its-not-easy-being-green-secure-com... and https://blog.filippo.io/how-plex-is-doing-https-for-all-its-...

jpsim 3 hours ago 1 reply      
Is there a write-up somewhere explaining why this was a technical hurdle compared to base domain certs? Very curious.
gsylvie 2 hours ago 1 reply      
I want multi-wildcard-certs (using subject alternative names aka SAN). Also, if I get a cert that covers:

 [*.a.company.com] and [*.b.company.com]
Can I please also have [a.company.com] and [b.company.com] stuffed into two additional SAN slots!

p.s. How do I get an inline asterisk into my HN comment!?

dijit 3 hours ago 7 replies      
I strongly dislike wildcard certificates.

I worked in a few places that had a *.company.com which covered, obviously, everything under that domain.

That meant if that wildcard cert leaked then our EV cert for, say, checkout.company.com would be essentially compromised too.

Not to mention. If you have a wildcard cert it's rather likely you're passing those certs around servers, lots of scope for leakage.

I really think that if you feel the need to do wildcard certificates, then you should at least try to figure out another way around it. I'm not saying you absolutely must never use them, but be incredibly mindful of what is at stake and limit the scope and availability of such certs as much as possible.

For instance. Don't put the same wildcard on mail servers and IM servers and git servers and etc; a compromise of one will compromise them all and the revokation system is not good enough.


JepZ 2 hours ago 0 replies      
IncRnd 1 hour ago 0 replies      
It is a serious security issue to add wildcard certificates for multiple unrelated domains.
stephenr 1 hour ago 0 replies      

Wildcard certs, that are generally seen as a security risk, and could have been alleviated for most legitimate uses with higher limits on issuance per domain will be supported.

But S/MIME, the email encryption option that actually works out of the box in basically every mail client, sorry, nothing doing.

OpenBSD Will Get Unique Kernels on Each Reboot bleepingcomputer.com
255 points by SwellJoe  8 hours ago   57 comments top 11
brynet 5 hours ago 1 reply      
In addition to a new kernel at boot, several libraries in base are also randomly re-linked, including libc and libcrypto, which are prime targets.



This means that in addition to the dynamic linker loading libraries at random addresses, in a random order, the offsets inside the library itself are different on each boot, and on each system.

Robert Peichaer (rpe@) added the kernel re-linking at install/upgrade:https://marc.info/?l=openbsd-cvs&m=149884116824098

wolfgke 7 hours ago 6 replies      
> Having KARL on other OS platforms would greatly improve the security of both Windows and Linux users.

This is surely true, but at least on Windows the central security holes do not lie in Windows itself (these kinds of holes exist - but exploits are very expensive, which shows that they are typically rare and not easy to exploit), but in third-party applications.

For example the current 2017 version of the Petya ransomware was spreaded via a security hole in the software update mechanism in the Ukrainian tax preparation software M.E.Doc. Other well-known attack vectors that are commonly used to attack Windows PCs are Flash Player and the Java browser plugin.

CGamesPlay 2 hours ago 1 reply      
What is the attack vector on KASLR that KARL prevents?

My best guess: A leaked kernel pointer could be used to find an offset for the KASLR kernel, and that offset could produce a working payload for some other unrelated kernel shell code exploit.

If that's correct, KARL seems like a pretty fringe improvement over KASLR. Can anyone educate me?

perlgeek 5 hours ago 4 replies      
If the kernel image is different each time, you can't verify its integrity through a checksum.

I'm curious to hear from people working in infosec: is that real problem? How do you see the tradeoff?

andrew_ln 5 hours ago 6 replies      
And why would you ever reboot openbsd computer? :)
drdaeman 7 hours ago 3 replies      
Just curious - how would they deal with kernel crash dumps?
quanticle 1 hour ago 2 replies      
What's the performance impact of this? Are OpenBSD reboots suddenly going to take 5-10 minutes because the kernel has to be re-linked?
rsync 2 hours ago 0 replies      
I have not followed these features - are they proposed in any way for adoption in FreeBSD ?
pklausler 1 hour ago 1 reply      
Distinct, not unique, I believe.
kbradero 1 hour ago 0 replies      
is there any book/document about building embedded systems with openbsd/netbsd/freebsd ?
Easy Desk Alert Button (ESP8266 and Staples Easy Button) nicksypteras.com
33 points by nsypteras  2 hours ago   9 comments top 4
MrRadar 0 minutes ago 0 replies      
Thanks for requiring Javascript to view a static blog page. /s
WaxProlix 52 minutes ago 1 reply      
I had no idea `screen` could do that, and I've been using it for years. Assumed you'd have to use some sort of telnet to communicate with the board. Very cool stuff.
Animats 18 minutes ago 1 reply      
What does the device use WiFi for? It's a hard-wired USB peripheral. Why is it bringing up WiFi?

Bringing up WiFi on a device with no security and a keyboard-type connection to a more important machine is a recipe for being taken over.

ams6110 1 hour ago 3 replies      
Cute, but seems like overkill. Why not a $1.00 pushbutton and a flashlight bulb?
Secure database-driven applications on Neocities fauna.com
18 points by stefmonge  56 minutes ago   9 comments top 5
le-mark 2 minutes ago 0 replies      
> With a secure database that starts for free and runs at global scale, web applications hosted on Neocities can come alive with custom data. Kyle Drake, Founder of Neocities

Holy shit Kyle, that is a HUGE about face for you!

jitl 33 minutes ago 2 replies      
What is the security model here? I see the word "secure", but no discussion of threat models or what this security provides.

If there's a key that can create users and arbitrary records, and the key is stored in plaintext in your browser code, what's to keep an enterprising user from using your FaunaDB instance as their own data store if they copy-paste the key into their own scripts?

Does FaunaDB protect against a resource usage attack where the client key is used to (maliciously) create millions or billions of new users, costing $$$$?

manigandham 27 minutes ago 1 reply      

What is the point in having database access with secrets available to the end-user and how is that secure?

jchanimal 41 minutes ago 0 replies      
Author here: Only a few years ago the idea of the browser connecting directly to a cloud database was considered unthinkable from a security standpoint. Now backend APIs are used directly by browser and mobile apps everywhere.

Has anything changed other than developer's comfort with connecting directly from the browser to the backend? Mobile apps are common, and single page applications are accepted. In my experience moving to a simpler stack is good for security.

foota 16 minutes ago 0 replies      
I think the biggest take away from this article is that neocities still exists.
Why People with Brain Implants Are Afraid to Go Through Automatic Doors gizmodo.com
42 points by wolfgke  3 hours ago   34 comments top 7
jimrandomh 1 hour ago 2 replies      
The article is about someone whose brain implant failed, and concludes that the problem was caused by electromagnetic interference. But this is pure guesswork; no measurements were taken, no tests were performed and no electrical engineers were consulted.
wolfgang42 1 hour ago 1 reply      
Despite the title, automatic doors seem to have nothing to do with it:

> He thinks the theft-prevention system interfered with his implant and turned it off.

This makes far more sense as a possible cause of interference than a motion detector and motor.

Filligree 1 hour ago 2 replies      
Encryption was mentioned as a possible fix, which made me go WTF.

Am I misunderstanding this, or do these devices not do even the most rudimentary false-input rejection? EMI is one thing, but it sounds more like their radio is accepting random noise as valid commands.

timothycrosley 1 hour ago 5 replies      
Serious question: Could a user of such a device, wear some sort of protective hat for situations like this? Since you can't really fully predict where interference can occur, and otherwise avoiding it could cause you not to be able to have anything resembling a normal life.
noahmbarr 1 hour ago 1 reply      
Surprised the the word shielding doesnt appear anywhere in this article.
emXdem 42 minutes ago 0 replies      
What about faraday cages?
egwynn 29 minutes ago 0 replies      
Are people with brain implants afraid to go through automatic doors?
ELF An extensive, lightweight, and flexible platform for game research facebook.com
20 points by jimarcey  2 hours ago   4 comments top 2
steventhedev 1 hour ago 2 replies      
Are they dead set on the name? This isn't the first time Facebook has caused naming conflicts.

For those who don't know, ELF is the name of the format for Linux (and other OSs) executable files, and it's had that name for almost 30 years.

thephyber 34 minutes ago 0 replies      
Coding in a VR game-ified environment for work in 3, 2, 1...
Meow Generator ajolicoeur.wordpress.com
61 points by gk1  4 hours ago   27 comments top 7
lostgame 3 hours ago 1 reply      
Change the title? Seems like I wasn't the only one expecting some sort of audio-related thing.
waqf 4 hours ago 3 replies      
With this kind of task, how do you verify that you didn't just overfit and start reproducing the input data?
threepipeproblm 4 hours ago 3 replies      
I was expecting meows.
Zenbit_UX 2 hours ago 0 replies      
Wait, it's actually generating new cat faces as in cats that don't exist? Some of those images looked like they had backgrounds in the corners was that also generated???
leeoniya 2 hours ago 0 replies      
welp, that's terrifying.
bluetwo 2 hours ago 0 replies      
Still no cure for cancer.
JohnStrange 2 hours ago 1 reply      
This is maybe the most important question for mankind that has ever been asked, so let me ask it: Would it also be possible to use this method to generate new images of attractive, half-naked female humans on the basis of an existing database of such images?
An obsession with eminence warps research nature.com
47 points by max_  4 hours ago   24 comments top 7
__x0x__ 2 hours ago 1 reply      
I've been both a "toiling in relative obscurity" and "rockstar" scientist. I really didn't mind being the first one, and I don't think my earlier research was necessarily bad, but I was at an undergraduate-focused university where teaching dominated my time, and I did not have the resources to conduct world class research. I am now a soft funded researcher at an R1 and love my new position.

What the author seems to be advocating is some sort of normalization process for the peer review process... it's not entirely clear what she is calling for. I've always advocated for double blind reviews, but it's very difficult for these to work because in small fields such as my own, it's pretty trivial to figure out who wrote the proposal. So it one sense, the rich get richer, but so long as the science that comes out of it is good, so be it! You aren't going to get R1 research done when you have a 3/3 teaching load with no graduate support, that's just life.

I have been on both sides of the review process and I have yet to feel like I was snubbed in my earlier "toiling" days, nor have I, when reviewing, felt compelled to award someone just because they were a "star" - if anything, I might even be more critical when reviewing proposals and papers from "stars". For me, though, I just basically follow the guidelines for evaluating proposals and let the chips fall where they may.

nonbel 2 hours ago 1 reply      
Not a fan of the use of "Our" and "We" in this article. There is a long and storied history of researchers claiming the publication/review process is an arbitrary obstacle to sharing information:

>"That is why Robbie Fox, the great 20th century editor of the Lancet, who was no admirer of peer review, wondered whether anybody would notice if he were to swap the piles marked `publish' and `reject'. He also joked that the Lancet had a system of throwing a pile of papers down the stairs and publishing those that reached the bottom. When I was editor of the BMJ I was challenged by two of the cleverest researchers in Britain to publish an issue of the journal comprised only of papers that had failed peer review and see if anybody noticed. I wrote back `How do you know I haven't already done it?'"


madhadron 2 hours ago 1 reply      
Remember, kids, tenure decisions are sometimes made by counting the number of publications the victim has in Nature, Science, and Cell. Suggesting actually reading them is seen as a shocking, unnecessary idea.
Upvoter33 2 hours ago 0 replies      
All true, but very hard to fix. At some point, you want funding to go to people with a proven track record, and you want to know who such a person is.

That said, double-blind at review time for papers into conferences/journals makes a lot of sense, and does (in my experience) absolutely help level the playing field a bit...

netcan 2 hours ago 1 reply      
I think this dovetails somewhere with the scientific publishing discussions that have been popping up on HN.

Im not an academic, so I dont have very strong opinions, but from just reading about it at a surface level it feels like there are solvable problems in that system besides copyright and profit margins.

Publication builds eminence (publish-or-perish), determines eminence and (as this article suggests) is determined by eminence. Meanwhile, the system of publication is based against null results & repetitive/conformational experiments. This actually keeps valuable data out of the scientific body of knowledge in ways that harm the mission.

There are other issues that have more to do with the book-like format of articles. Could review be separated from publishing (so that publication can be multiple)? Could publications (that do not emit null results) be structured in a way that embeds meta-study by default?

Basically, what does science want/need from publication. Is it just the current model but free (beer & love) or something bigger?

asdfologist 2 hours ago 5 replies      
This may be naive but why not use something like PageRank as an objective measure of a paper (and the author's) quality? Of course this can be computed only after the paper is already published...
crimsonalucard 2 hours ago 3 replies      
Create some kind of publication that accepts only anonymous papers with an encrypted name. When the paper is published the author can reveal the key to decrypt the name.

Thus when the publication publishes a paper, the judgment, however biased, is based on the paper alone, and not the author.

NIST to redefine the kilogram based on a fundamental universal constant washingtonpost.com
131 points by nixme  8 hours ago   57 comments top 15
anonymfus 5 hours ago 0 replies      
>When the International Committee for Weights and Measures announced that it would reconsider the kilogram definition, it said it would require three measurements with uncertainties below 50 parts per billion, and one below 20 ppb. But with the new NIST measurement, the world now has at least three experiments below 20 ppb another was conducted by a Canadian team using a Kibble balance, the third by an international group that calculates the Planck constant based on the number of atoms in a sphere of pure silicon.

>The weights and measures committee will meet this month to establish a global value for Planck's constant by averaging the values calculated at NIST and other labs. And in 2018, at the next General Conference on Weights and Measures, the scientific community will draft a resolution to redefine kilogram based on this constant.

Looks like the current title "NIST to redefine the kilogram based on a fundamental universal constant" is confusing because it implies that NIST defines kilogram but it's International Committee's for Weights and Measures job.

kiernanmcgowan 4 hours ago 2 replies      
The kilogram is not the only unit that will be redefined based on universal constants. The seven base units[0] will transition to being based on elementary charge and the Planck, Boltzmann, and Avogadro constants[1].

[0] https://en.wikipedia.org/wiki/SI_base_unit#Seven_SI_base_uni...

[1] https://en.wikipedia.org/wiki/Proposed_redefinition_of_SI_ba...

sanxiyn 5 hours ago 1 reply      
> Scientists don't know whether the BIPM prototype is losing mass, perhaps because of loss of impurities in the metals, or if the witnesses are gaining mass by accumulating contaminants.

Can we stop this nonsense? It would be a big problem if it were true, but it isn't. It's the later (contamination weight gain) and we have fairly good understanding of what's going on. For example, see https://phys.org/news/2013-01-kilogram-weight.html

madengr 2 hours ago 3 replies      
There is an alternate definition using a sphere of silicon with N atoms:


What's really need though is a universal, stable over eons, single standard for time, length, and mass. I believe time is N cycles of an excited sodium (light) emission. Length is N wavelengths of that same emission in a vacuum. Mass would be N atoms.

So why are they not using a single element to define everything? Is it a matter of finding the proper element that is easy to excite and stable enough (chemically and atomically) over the long term? Sodium is very reactive and easy to excite. Silicon is probably the opposite.

ZeljkoS 4 hours ago 2 replies      
Interesting fact: this is important for US too, because pound is defined as exactly 0.45359237 kg (https://en.wikipedia.org/wiki/Pound_(mass)#Current_use)
shawncampbell 4 hours ago 4 replies      
It's a little ironic that the article expressed the value of Planck's constant using an SI Unit with kilograms.

>Based on 16 months' worth of measurements, it calculated Planck's constant to be 6.626069934 x 1034 kgm2/s.

msimpson 3 hours ago 1 reply      
cpr 2 hours ago 0 replies      
An interesting (banned) TEDx talk by Rupert Sheldrake, one part on the changing "fundamental constants", starting here:


The other parts are a bit "woo" and I'm sure would be laughed at by the HN crowd. But his points about fundamental "constants" changing, and the metrologists' dogmatic (really, anti-scientific) response, are worth pondering.

nerdponx 1 hour ago 2 replies      
Why is the kilogram the base unit and not the gram?
kronos29296 1 hour ago 1 reply      
Always thought why didn't we have some super complex standard for weight when we had one for length and time. Now my thoughts have become reality. Though since I am non sciencey, It makes me ask Why so long?
Aardwolf 5 hours ago 4 replies      
They define it based on Planck's constant, so the results also depends on the definition of meter and seconds if I understand it correctly.

Would it have been possible to define it as the weight of N amount of electrons (assuming all electrons have the exact same weight under all circumstances) or another fundamental particle?

EDIT: it would be the weight of 9.10938356e31 electrons at rest

slim 2 hours ago 3 replies      
It does not make sense, practically. So they'll be using a balance with multiple moving parts made of multiple minerals that have to be precisely calibrated with margins of error adding up, instead of a simple platinum cylinder?

Although, it makes sense politically

kazinator 2 hours ago 2 replies      
Ha, the irony! The USA's NIST defines a SI unit to the rest of the world; meanwhile, most of citizens don't know what it is.
moonbug22 7 hours ago 1 reply      
That's also a dreadful pun.
Magma An encrypted email server daemon magmadaemon.org
254 points by ycmbntrthrwaway  11 hours ago   37 comments top 11
SwellJoe 10 hours ago 1 reply      
One of the interesting things about this is the work on DMTP/DMAP, which are "Dark Mail" protocols that have security built in from the ground up (developed by Zimmerman of PGP fame, some Silent Circle folks, and Ladar Levison of Lavabit). It's a pretty neat thing that I hope sees widespread adoption. Fixing email has proven very difficult, due to the incredible inertia of existing systems...but, at some point we really do need to move forward on secure email communication.

So, this is really cool stuff.

mike-cardwell 40 minutes ago 0 replies      
I blogged up some security issues with the Lavabit.com service which uses this Magma server. Some of you may be interested - https://www.grepular.com/Lavabit_Security_Misconfiguration
djsumdog 10 hours ago 1 reply      
I see references to ClamAV, and references to soon coming official docker images. So is this a complete MTA and delivery (IMAP/POP/etc) servers? I was digging around on github and the about page, but there doesn't seem to be info on how it does spam detection, or DKIM. Does it support signing messages?

I wish they had a more detailed about page and feature list, but I am still excited about this.

doomrobo 3 hours ago 4 replies      
I guess I'll be the one to ask: Why write an email server with security as priority #1 in C? I'd understand if it was built off of an existing daemon, but it seems that this was written from scratch. There are many other options out there that are reasonably fast and don't have the pitfalls of manual memory management and undefined behavior that C has.
HurrdurrHodor 9 hours ago 1 reply      
Can somebody tell me what this actually does? All I see is an MTA and some hand waving.
ianopolous 8 hours ago 0 replies      
At first glance it seems like this will still expose who is emailing who to the network (and potentially other metadata), as well as relying on dns to function. Is that correct?
robert_foss 10 hours ago 3 replies      
I was hoping to see JMAP support. Is there a reason to prefer DMAP over JMAP?
eliaskg 8 hours ago 0 replies      
Could someone ELI5 what that actually does and how one would use it?
konschubert 7 hours ago 0 replies      
How does it handle Spam?
nwmcsween 3 hours ago 1 reply      
mm_set in memory.c won't actually do what you want, the asm statement needs fixing and it can be implemented in terms of memset.
kijin 8 hours ago 2 replies      
If the MTA supports regular SMTP, POP and IMAP, then it cannot be said to perform end-to-end encryption. When a client accesses mail through any of these legacy protocols, the server must decrypt all messages before pushing them down the last hop. This used to be Lavabit's way of offering "encrypted" email.

If the MTA also supports some other protocol that affords end-to-end encryption, that's great, but now you need to use special client software that is either proprietary or seriously lacking in features. This is ProtonMail's way of offering encrypted email.

ProtonMail is currently working on a proxy called ProtonMail Bridge that runs on the client and talks to legacy MUAs. All communication between Bridge and the outside world is still encrypted. That sounds like a good idea to me, since I have no intention to stop using Thunderbird anytime soon. It's also probably the only way to bring end-to-end encryption to a large number of people, since it embraces and accommodates the inertia around email instead of arrogantly telling people to switch and wondering why they don't. When it comes to email, backward compatibility is everything.

I'm not sure if Lavavit's Magma can fill the same need; the documentation is rather sparse. But I would gladly run a local MTA if it means I can have my cake (end-to-end encryption) and eat it too (compatibility with legacy MUAs). DIME also looks like a much more open protocol than the vendor-specific stuff that ProtonMail is using.

Fixing bugs like it's 1988 0xa000.blogspot.com
291 points by sohkamyung  13 hours ago   81 comments top 17
dirktheman 7 hours ago 3 replies      
I also started programming on a C64... good times! I also remember radio shows about C64 programs (in Dutch!) that would discuss the program first, and then transmit the source code over radio waves. Since the C64 had a cassette tape as memory, you could record that part of the radio show on a cassette tape, and play the tape back on your C64. It was a bit error prone, and I still have the occasional nightmare from the strange sounds...
s_dev 6 minutes ago 1 reply      
Why does Hacker News url preview suggest .com when site is .ie ? Is the author Irish?
bungie4 4 hours ago 3 replies      
Flashback time!

I got a chuckle about your dad still running his C128 for financials. Their was a local optometrist here who ran his entire practice on Tandy Color Computers, networked together in a multi-tasking environment running OS9. Each and every part of it was custom written by the doctor. I think he retired a few years back, but I know it was still running his home brewed system then.

mixmastamyk 12 hours ago 3 replies      
Excellent work and a fun read. I've got fond memories of loading programs from cassette tape on a Vic-20 in the early 80s (it took 10 minutes or so kids). I tried typing in a game from a magazine and was unsuccessful too--it never worked right, pre crc. Me and a few cousins had a ball though with a random sentence generator program. We filled all the data statements with all the bad words a group of 12 year olds could think up. Good times.

It was my first exposure to programming, and a bit too early perhaps. Other than an occasional session on an ancient TRS-80 in high school, I didn't do any real programming again until taking a Turbo Pascal course in the mid 90s in college.

activatedgeek 10 hours ago 4 replies      
"At some point, magazines started publishing listings with a checksum added to each line. They offered special tools that would compute the checksum of each line you typed, and checked it against the checksum you typed in at the end of the line."

This is just amazing.

bahjoite 9 hours ago 0 replies      
Is there a name for that style of magazine cover artwork? It seems to have been common on 80s computer magazines. Some more:-


harel 7 hours ago 2 replies      
I had to learn programming because I was given a VIC20 when the C64 was the model du jour. And because I couldn't get any games for it, all I could do is learn to make my own. 30 odd years later... Things might have been different had i gotten the "right" model.
mrspeaker 6 hours ago 0 replies      
That's why the most important part of computer magazines was the "Errata" section - and they could stretch across many months: "Reader Joe says last month's errata was incorrect and line 1080 should be...". As a kid I started to suspect some were doing it on purpose to make me buy the next magazine!

I loved doing type-in listings though. A while back I started making a game "BASIC Instincts" that was going to be about finding clues and typing in BASIC. I had a prototype working (https://www.youtube.com/watch?v=GwBiJR_rj_w) but then "Else heart.break()" was released and took the wind out of my sails. Might have to go back to it though!

tomsmeding 11 hours ago 0 replies      
Awesome stuff! I'm really curious what kind of program your father uses on the C128 (emulator) for finances; can't really imagine how that would be practical today. Love to be surprised, though!
w8rbt 1 hour ago 0 replies      
SYS 64738... that will forever be burned in my brain. Loved the C-64. Awesome article too.
vanderZwan 12 hours ago 2 replies      
This reminds me of the article about the ET game, where it turned out to be not quite as terrible after some bugfixing.

It might be fun to see a blog dedicated to bugfixing retro-games in their original (emulated) environments

GlennS 6 hours ago 0 replies      
The premise for the game sounds really interesting and imaginative.

Reminds me vaguely of Bozo's Night Out, where the goal is to get home from the pub.

ycombinete 10 hours ago 2 replies      
I've seen a number of blogs with hex names like this. Where does this come from?
torstenvl 4 hours ago 1 reply      
Interesting read, but frustrating at times. It felt inconsistent in its level of explanation - not sure why I need it spelled out to me that 40 x 25 is 1000, but the reader is presumed to know C64 assembly.
martinlofgren 11 hours ago 0 replies      
This was great reading. Sure brings memories to life. My first encounter with computers was an old Spectravideo SVI-728 which I tried to program.
pjmlp 11 hours ago 0 replies      
This surely brings back memories, nice article.
catteneo 9 hours ago 1 reply      
So you did a "quick Google search" in 1988? hum...
Ntdebugging Blog How the Clipboard Works, Part 1 microsoft.com
22 points by noselasd  3 hours ago   3 comments top 3
xenadu02 0 minutes ago 0 replies      
> Since the clipboard is part of Win32k.sys, youll need to use a kernel debugger.

I'll never understand why they ruined the perfectly good design of Windows NT 3.x by moving everything + kitchen sink into the kernel.

A bug in the clipboard functions shouldn't be a kernel exploit vector.

kazinator 19 minutes ago 0 replies      
> hData is null! Why is that? It turns out that the clipboard allows an application to pass in null to SetClipboardData for a given format.

"Turns out"? This is clearly spelled out in the MSDN API documentation, which is all you need to understand all this. (No NotePad stack traces required, let alone ones in a proportional font).

SetClipboard: https://msdn.microsoft.com/en-us/library/windows/desktop/ms6...

hMem [in, optional]


A handle to the data in the specified format. This parameter can be NULL, indicating that the window provides data in the specified clipboard format (renders the format) upon request.

jelder 4 minutes ago 0 replies      
I will never understand people who publish technical articles with code examples in variable width font.
Prismas next AI project is a fun selfie sticker maker called Sticky techcrunch.com
10 points by janober  1 hour ago   3 comments top 2
dmix 54 minutes ago 1 reply      
For those who didn't know what Prisma is I found an overview video on Youtube from some months ago: https://www.youtube.com/watch?v=Ey1lkwYGSC0

It's basically an advanced image filtering app ala Instagram but using "AI neural networks" to convert your images to artwork style themes.

Also TechCrunch is linking to www.sticky-ai.com but their web server isn't redirecting www properly, it just 404s, the actually working URL is: https://sticky-ai.com/

This similarly claims to use neural networks to convert images you take into stickers. For example: cropping out the background to only include the subject of the photo, making the surround background transparent, and lets you add text next to it in bubbles.

samtimalsina 21 minutes ago 0 replies      
Typo in "Artificial Intelegence", or was that intended? Also, does anyone know when this comes out on Android?
Undersea rivers we know little about bbc.com
73 points by happy-go-lucky  6 hours ago   15 comments top 3
b_emery 28 minutes ago 1 reply      
We know lots about these things - as the article explains. A lab I'm roughly associated with models them, here's an example: https://www.youtube.com/watch?v=UR5NoaqpCok

The physics (IIRC) are very similar to snow avalanches. I saw a talk once that presented evidence of one in the Indian Ocean flowed half way to the Antarctic (order 1000s of km). They have been observed to scour the canyons (such as Monterey Canyon) and are hypothesized to be set up similarly to avalanches, where the sediment depositions become unstable and slide.

A final bit of trivia: the photo of the mooring base shows a common oceanographic mooring construction material - used railroad car wheels. Big, super heavy and relatively cheap. I've never heard of them being recovered. Usually the important parts are detached and the wheels are left behind.

dsmithatx 4 hours ago 2 replies      
I immediately thought of Devil's Kettle Falls reading this. I had to Google it and found that 4 months ago scientist have decided it flows back into itself. They have a plan to put a large amount of dye in during low water and see where it reconnects.
phkahler 2 hours ago 1 reply      
My first thought was that these formed during glaciation when most of the continental shelf was exposed. The rivers just had to flow further to get to the sea. My second thought is that my first thought is still valid after reading the entire article. It is interesting that they have mud flows in those areas, but I doubt that has much to do with how they formed.
The third thumb daniclodedesign.com
46 points by fanf2  5 hours ago   15 comments top 8
micros 1 hour ago 0 replies      
Predicted by the Onion: Google Engineers Invent New Body Part To Strap Gadgets Onto https://www.youtube.com/watch?v=V7T6CAKUVJ4
zokier 1 hour ago 1 reply      
The guitar playing example feels like stretching the believability a bit. I'm not a guitar player, but I imagine that having precise feedback from the strings and frets would be kinda important for playing. And then there is of course the question of latency.

In terms of practicality otherwise, the exposed actuating wire looks like it would cause trouble (getting caught in places etc).

brathouz 1 hour ago 0 replies      
The Verge has an article about The Third Thumb where they state "[...] the aim is to re-imagine what we think of as a prosthetic something that adds capabilities, rather than just replacing those lost."

So much effort is put towards getting people back to baseline, and rightfully so. But it's the creativity of extending ourselves past baseline that gives me a child-like excitement for the future.

Animats 1 hour ago 0 replies      
Somebody (Ross-Heim?) built a symmetrical robot hand with two thumbs and two non-thumb fingers in the 1980s. They gave the outer fingers another degree of freedom, so the outer fingers can rotate inward from the base. Back then, nobody had good control algorithms for robot hands, and it didn't work well as a waldo because humans can't do that. Worth looking at again.
piyh 2 hours ago 1 reply      
When I was a kid, I dreamed of having a functional third arm, this seems like the first step in that direction.
sluggg 2 hours ago 1 reply      
what if I want two? I can't have two third thumbs
jff 2 hours ago 0 replies      
If anyone else is using uBlock Origin, at least for me the page displayed completely blank until I disabled uBlock temporarily.

Nice one.

googlryas 2 hours ago 1 reply      
This is what my ex-gf would call my manhood. Guess why we aren't dating any more...
Jeffrey Dahmer didnt eat everyone he met, either medium.com
19 points by ginger123  39 minutes ago   3 comments top 3
danso 1 minute ago 0 replies      
FWIW, the OP is responding to a July 1 piece by the co-founder of Slideshare, and both pieces were published before the later, more unsettling revelations and allegations about McClure. The piece being responded to has an update and link to a mea culpa, which states that she would have never posted her original apologia for McClure had she known about the newer allegations: https://medium.com/@rashmi/i-stand-in-support-of-the-victims...
dgllghr 25 minutes ago 0 replies      
I went through 500 Startups a few years ago. Dave McClure was barely present for the day-to-day, but I now have this feeling that while I was working my ass off, women in my cohort were also working their asses off AND may have been dealing with unwanted advances from McClure (and probably other difficulties associated with being a woman founder / early startup employee).

And that's what really gets me... how unequal the situation might have been and how oblivious I was.

So while part of me wants to defend McClure, someone who I've met and respected, I think of the women in my cohort and this article really resonates with me.

quirkot 31 minutes ago 0 replies      
How much of a jerk someone is (due to sexual harassment or other reasons) is like Big O notation. Sure, theyre not like that ALL the time, but do you want to be around someone with a jerk limit of O(n^n) ?
Ask HN: What about a platform for hiring teams instead of individuals?
162 points by dpflucas  6 hours ago   123 comments top 56
fecak 6 hours ago 6 replies      
I've almost hired full teams for my clients a few times as a recruiter.

There tend to be a couple issues with this model. For one, what if the hiring company interviews the team and wants 7 of the 10? The team has to make a decision to either look for work where they can all be on the team, or abandon members.

The other issue is timing. The team members need to all be available at (or around) the same time, and they typically will have conflicting interests related to other offers or ventures they are considering.

I've had situations where a startup closed and the team wanted to stay together, and they'd ask me to approach companies on their behalf - almost like an acquihire without the company. You would think a company might pay each member a bit more for a team experienced in working together, as in theory they should be more productive more quickly.

From a platform perspective I think it would be pretty difficult to build just based on how to categorize teams and/or individuals. Any given search of the platform seems like it would yield very similar results.

brudgers 6 hours ago 1 reply      
Hiring a team is often the basis for buying and selling consulting services. The premium that consultants charge is often based on the value of having assembled a team with specific expertise. The other way teams are bought and sold is via the outright purchase of companies.

It is hard to see why and how a functioning and talented team would be assembled outside those circumstances. I mean a team built to sell suggests that the members are not ideally busy solving technical problems.

jlgosse 6 hours ago 3 replies      
Stripe does this with BYOT: https://stripe.com/blog/bring-your-own-team

I've also worked at multiple organizations now where a great trick is to hire one "influencer" and then slowly hire everyone they know.

hedgew 6 hours ago 0 replies      
One significant problem is that teams have much more negotiating power than individuals. Which is why teams that stay together are consulting agencies.

To put it simply: The software development department of a company might bring the company $10 mil value. A consulting agency with great sales would bill them $9 mil to do the work. Individually hired developers might be paid a total of $1 mil.

If the company hires an entire team, eventually the team figures out that they bring $10 mil value and can easily negotiate their pay up to that because they coordinate together. Individual developers almost never coordinate like this.

iitr_sourabh 14 minutes ago 0 replies      
I have tried to do this on a couple of occasions. On both the occasions there were startups on the verge of shutdown and we were trying to onboard complete teams. The challenge is fitment of each and every member of the team. It is easier to decide on individuals, but very hard for whole teams unless teams are very homogenous, which they are generally not. In both the occasions we ended up making offers to only few of the members.
vincentmarle 4 hours ago 1 reply      
You can't validate an idea by posting on HN and decide what to do by reading the (overwhelmingly negative) comments alone. You would get the same negative responses if you were Travis Kalanick ("hey guys what do you think of starting a ride share app") or Brian Chesky.

You have to "get out of the building" (Steve Blank) and talk to your potential customers.

verisimilidude 2 hours ago 0 replies      
Some thoughts.

This kind of service might be much more valuable to huge corporations rather than startups. BigCo, Inc. is more likely to have enough cash lying around to hire an extended team all at once. Also, BigCo, Inc. is more likely to suddenly need X, Y, and Z skills to build upon recently acquired product ABC, where hiring a team with said specialty makes sense.

My uncle has been working on the same team for roughly two decades. They've migrated between companies together countless times. I think the main reason they've been able to keep the gang together is because they have a very niche specialty (within the domain of DSP hardware). This kind of service may be more valuable for finding those kinds of niche teams, rather than general BFF web devs.

tpae 5 hours ago 5 replies      
Please checkout our startup: https://www.superteam.io/

We're currently accepting closed beta testers. We're a platform designed to create teams with freelancers. Our mission is to make freelancing easy as possible, through team collaboration and specialization.

DougWebb 5 hours ago 0 replies      
I haven't been involved with outsourcing for a long time, but back when the company I was working for was outsourcing some work to Indian developers, we outsourced to a team rather than individuals. This was the standard practice at the firm we worked with. Essentially, the team consisted of one guaranteed long-term member who was our primary contact, a small group of senior developers we got to know (and train) who were usually dedicated to our project, and a larger group of junior developers who rotated around projects as needed. We generally didn't know who the junior devs were; the seniors and the manager were responsible for verifying and guaranteeing the quality of their work. My understanding is that we paid a monthly rate based on the amount of work the overall team would do. If the seniors could do the work themselves they got paid more, and if they had to share the work with juniors they got paid less. Basically, they sub-contracted to the juniors.

This arrangement might've worked well for us if the seniors and manager could've kept the quality consistent, but they couldn't. A couple of them were really good, but most were not and problems caused by the juniors kept leaking through to us. At one point I even had to entirely scrap a project their team had worked on, and redo it all myself. (That's one case where I have evidence of being a 10x developer, at least on that project and relative to that team.)

This isn't a great argument for teams vs individuals though, because a lot of the issues we had were more to do with the cultural and logistical difficulties of outsourcing from US to India and the company we were working with, rather than the consulting model.

xiaoma 41 minutes ago 1 reply      
I did have two acquaintances from long ago when I was a humanities major at school who did this. They were roommates in college, both worked for the same lab, then worked at the same tech company after college.

They later moved to California, continued living together and working on the same teams at work. Eventually, they got separate houses but still work together as a high functioning mini-team in their own shared office at a huge SV company last I heard. It probably raised eyebrows at interviews saying they wanted to work together, but they excelled technically and in the long run it seems to have been a significant career advantage that raised their productivity and possibly even rate of learning.

The impression I get is that the situation is something almost no manager would ask for or have any desire to disrupt.

troydavis 6 hours ago 1 reply      
A company called Elevator is trying to do that. From https://goelevator.com/ :

> The worlds first team hiring platform.> Assemble your best colleagues today and start receiving full-time or freelance team jobs.

JSeymourATL 1 hour ago 0 replies      
> a platform where recruiters can search and hire teams...

If your team is any good -- you're likely on Talent Acquisition's radar screen already. Relative to an actual platform to enable these deals, it would seem that the enthusiasm for "Aquihires" has piqued > > https://www.cbinsights.com/blog/acquihire/

siliconc0w 1 hour ago 0 replies      
So similar but I think there could be a platform that is approximately, "Kickstarter for teams". As a real example, a few months ago I was trying to build an app. My background is more infrastructure engineering and while I can code up a 'functional' if fugly POC I really needed someone awesome at frontend engineering to get the POC to a state where someone might want to use it.

There is some opportunity to 'disrupt' the founder model a bit where instead of a 'technical' and 'business' founder you could start with 4-5 more specialized individuals with more diverse backgrounds and probably get a lot more done.

keiferski 5 hours ago 0 replies      
Isn't a consulting firm the obvious rational economic conclusion of this? Surely a firm specializing in one area would earn more than a collective group of individuals.
d--b 3 hours ago 1 reply      
> However building teams on in individual hires take too much time and effort, with no knowledge about compatibility or assurance regarding the resulting efficiency of the team

Yes, but the cost of integrating too different cultures is also pretty steep. A group of people will tend to resist change stronger than an individual person. When you hire new people, they tend to bring what they know, arguing with things like "trust me, we used to do it that way in my previous company and it was great", now if the 10 people you hire think the same, you will have some serious cultural problems.

That said, I've seen a team (6 people) hire happen once, and it actually went well. The hired team was composed of super nice guys though and integrated very well with the existing team.

godot 1 hour ago 0 replies      
To add to what others have said so far, I think the real case where this comes in useful is when a startup is failing and going down. A lot of times startups have good engineering teams but are shutting down for various reasons (most likely failure to get product market fit, etc.). If you already have a good network, it's not hard to land somewhere in an acqu-hire thing, but that's not the case for everyone. Such a platform could help in these cases.
neebz 6 hours ago 1 reply      
Hiring teams will also mean they would be leaving together. If that is unplanned then your project(s) could really be in a pickle. Cheaper to have backup for individuals as opposed to teams.
Spooky23 3 hours ago 1 reply      
A "team" means more than one human, and coordination of >1 humans requires a contract.

A group of humans negotiating a contract for employment is "collective bargaining", which is a no-go for business, because divide and conquer is cheaper.

Terretta 3 hours ago 1 reply      
Wait, isnt HN a platform where one could find teams?

Lets try it...

If you are a team good at the things in my profile or on my LinkedIn, and would be interested to become full time employees in exchange for a guaranteed global scale customer problem to solve for one of 5 largest global banks I will hire you.

If this works, well report back here that HN can be a match maker between companies and entire dev teams.

TuringNYC 1 hour ago 0 replies      
At this point, you essentially have a boutique consultancy.
georgeek 2 hours ago 0 replies      
This is exactly what Questers do. https://www.questers.com/
rodolphoarruda 5 hours ago 0 replies      
Seven years ago I had the chance to work on the development of a set of products for "team building", all interconnected as part of a "portal". So instead of looking at the market and hiring a new team, the purpose of the products were to constantly assess the current population of an organization and define possible group arrangements. You have to imagine Myers&Briggs combined with other similar assessments to score individuals according to their: analytical skills, logic, decision making style, proactiveness, care to others etc. This is something useful for large organizations having to reallocate people, form new teams for geographical expansion, for ad-hoc work, for projects, even for downsizing. One of the product managers at the time was trying to sell it to Universities, proposing that academic coordination could be building student cohorts with specific characteristics: high performers, collaborative, innovative/visionary, and even low performers, who'd be managed via a different pedagogical approach and faculty support.

The "portal" company ended up being acquired by an American Educational group and used by a couple of brands for some time until it was finally frozen 3 years ago.

agotterer 1 hour ago 0 replies      
Exitround (https://exitround.com) facilitates some of what you are talking about. The primary purpose of the site is to sell an entire company, but it can also be used as a tool for acquihiring.
classybull 6 hours ago 0 replies      
I've worked at a couple of places where they've hired one key "influencer" manager who then proceeded to recruit half of their old team. It can be good or bad depending on the quality of the team. When its bad, its particularly toxic. Favoritism and cliqueness run rampant. Unqualified people are promoted ahead of qualified people. Eventually, it leads to heavy employee churn.

Its risky. Perhaps if it was a whole team, who didn't need to integrate any existing employees, it could work.

11thEarlOfMar 4 hours ago 0 replies      
It would need to be somehow unique from both an acqui-hire and contracting with a professional service company.

You really don't want to go to the step of individual interviews. The point you're making is that each member contributes in ways that have been demonstrated to have sufficient value from the team's perspective. The evidence is your portfolio of successful projects in the past. Each member's strength may not come through in interviews.

Also, part of the value to your clients is that all the recruiting, hiring and onboarding work has already been done. Saves them time & money.

You're still going to need contracts, accountability, communication overhead, and those aspects are difficult to administer if each member has their own contract. Moreover, you'll need to determine how the payments are going to be divided and how to handle payment terms, collections, etc.

It seems most reflective of a law firm... So at first glance, I'd consider setting the team up as an LLP.

mrleinad 2 hours ago 1 reply      
Here's a company [1] that recruits whole teams instead of individuals. I got a job offer from them, but ended up taking a different contract with another company. However, they're pretty solid and professional.

[1] https://www.linkedin.com/company-beta/10243022/

misterAxiom 3 hours ago 1 reply      
I think cost is going to be a problem. If you want a team of good people, it will cost $100,000+ per individual. That's before benefits. With benefits, it will be well over $200,000 per person. For a team of five people, this will run you over one million dollars per year.

Now, if you have a lucrative opportunity, and you hire this team, then either the team will figure out they can take the opportunity without you, or the opportunity is only worth slightly more than $1 million per year, so it isn't worth their time to cut you loose (since you, in effect, will be getting a "finder's fee" for finding the opportunity for the team).

dsacco 4 hours ago 0 replies      
Pinging 'tptacek or 'lvh in the hopes they'll comment on how they do this with Latacora :)

In my experience "hiring a team" is closer to consulting (maybe long-term contracting) than it is to literally taking on a team of W2 contributors. It's not that it can't happen, it's just how I see it manifest itself the most often.

A group of employees being hired as a team need to 1) work well together (so that bandwidth is more than the sum of its parts), 2) complement each others' skillsets to reduce skill gaps and 3) all be more or less looking for work at the same time.

Number 3 is what's really important, but number 1 is also important because a team being hired all at once is (presumably) a team where each member is more or less equal in productivity, but not necessarily redundant. In my experience, that typically defines something closer to a consulting team than an organizational team.

TamDenholm 6 hours ago 1 reply      
Wouldn't that typically be a digital agency?
swighton 6 hours ago 1 reply      
If there's a team of demonstrably awesome people, we already have a word for incorporating them wholesale into a company - acquisition.

If a team is truly great they are indeed more valuable than the sum of their parts so they would be selling themselves short not to shoot for a more lucrative acquisition.

Ultimate I would expect a platform such as this to either turn into an acquisition tool or be filled with mediocre teams while the good teams are acquired elsewhere.

KekDemaga 5 hours ago 0 replies      
The easy way to go about this is start a software development or consulting firm and sell services rather than attempting to move a whole team.
inetknght 5 hours ago 0 replies      
> Hiring teams instead of individuals

Sounds like you want the team to start a contracting business. Build your platform for that instead.

empty_inside 5 hours ago 0 replies      
I was on a team that tired this - we Formed, Stormed, Normed and Performed at $big_company then all wanted to leave at once after a change in management. We touted ourselves around as a ready-made team and nearly got hired by a couple of places but it didn't happen. A platform where we could have marketed ourselves to a much larger range of companies would have been great.
edoceo 4 hours ago 1 reply      
I'm on the demand side of this question. When I hear "hire a team" I think "that will cost more".

With early stage business/startup capital is scarce.

We're hiring one off, using contractors for focused products that ship. Modules of the whole.

100% of the solicitors of team things all have the same juggling and sorting I have to do with individuals. But the cost is more. And the work expectation is more. We'll build your whole app!!

Great! Now I've spent a bunch of time and money to build expertise in my problem domain yet nobody is on MY team.

calitalieh 1 hour ago 0 replies      
we this, for startups. https://partnerhero.com/
tmj2321 6 hours ago 0 replies      
I've thought about this myself, since I have a couple of friends who have traveled alongside me through several new ventures. Ultimately, though, I think it's impractical. We talk about building software "modularly"; talent should probably be modular too.
mbateman 4 hours ago 0 replies      
I am part of a startup with founding team of 12 previous coworkers. One of our selling points during the seed round was that we're starting off with an aligned team. It was really attractive to some investors.

In principle the same should go for hiring, but in practice I think it's game theoretically more complicated. I've hired swaths of cohered tech teams before, but it was one by one, to allow for more individualized assessment and negotiation.

wslh 5 hours ago 0 replies      
This is basically contracting a company or a small company if you want to talk about small teams. I don't get the difference between this and your proposal.
potatolicious 4 hours ago 0 replies      
I think the traditional form of this is the acquihire - though beware that this is much more expensive than hiring individuals.

IMO rightly so - the price paid in acquihires per-employee is reflective of the fact that the whole is greater than the sum of its parts - and a team that has proven itself capable of working well and shipping is worth a lot.

indigochill 6 hours ago 0 replies      
I don't see hiring a team full-time like you would hire an individual being practical, just because different people have different needs and no group of people is going to keep exactly the same members for very long. People will come and go as make sense for the individuals and the team.

The situation you're talking about sounds like one where it could make sense to contract out work to a team, outsourcing rather than hiring a team that will likely change soon after you hire them.

liester 5 hours ago 0 replies      
I'm not sure how effective it would be for all the same reasons that have been listed below. But I can say that a friend of mine and I just asked for this to be done for us. We work well together and wanted to stay on the same team, at least initially. With that in mind I think the platform would have some interest but I'm not sure how much or the difficulty in creating such a platform.

We told the recruiters to think of us as 'The Bipod' and that we would only go to a new job if we both were hired for the same team, at least initially.

They claimed they had done it one other time so I know it must be asked for occasionally. Long story short, my friend and I are leaving our current employer for the new employer next week. So it can be done. And I think it is nice to have some consistency in a new place of employment. It should make the transition easier for both of us.

ninjakeyboard 6 hours ago 0 replies      
Isn't this what system integrators do though? Like if you call Sapient. Or even a Digital agency like BlastRadius then you basically hire a team.
Nursie 4 hours ago 0 replies      
What you are describing as teams here would seem to me better served by forming a company and selling their services as a bespoke development house.

I'm not sure exactly how you bootstrap such a thing, but would love to know....

Donmario 4 hours ago 0 replies      
There is Digital Knights who offer exactly that http://digitalknights.co/
myrloc 6 hours ago 0 replies      
Personally, I love the idea. I have a couple of friends from school who I work especially well with. We will all be applying to jobs come the end of the next school year, and this could greatly increase our job satisfaction and productivity.
bobjordan 5 hours ago 0 replies      
My first thought is that this already exists in the form of consulting firms. My next thought is that a platform that made consulting firm discovery easier could possibly be a great thing.
aocvr 6 hours ago 0 replies      
This thread may be interesting to you: https://news.ycombinator.com/item?id=11567135 (Stripe - BYOT: Bring your own team)
iamthepieman 4 hours ago 0 replies      
the issue with this is that the fundamental unit of hiring is an individual person. You can hire by hour or hire by unit of work but this is typically called contracting, outsourcing or, quite simply, supply chain. Platforms already exist for those things and, just like in typical hiring platforms, the unit on those platforms is a small undividable amount.
tgfoster 3 hours ago 0 replies      
Isn't this basically the consulting firm model? (Thoughtworks, Happiest Minds, Digital Foundry, etc...)
mikeyanderson 3 hours ago 0 replies      
We built goelevator.com to do just this.
tps14 5 hours ago 0 replies      
This resonates with a side project I have been working on with a group for about a year. If you would like to talk deeper about this - I would love to.


rgb122 3 hours ago 0 replies      
Because startups don't like business savvy people. Especially organised groups. They want cheap programmers who will make them rich for peanuts.
sharemywin 5 hours ago 0 replies      
I think each team needs to be niche specific.
s73ver 1 hour ago 0 replies      
Why would you go this route instead of hiring, say, an agency or something to do the initial work for you?
gjjrfcbugxbhf 4 hours ago 0 replies      
Isn't this something that largish consultancies already provide?
anovikov 5 hours ago 3 replies      
Hiring freelancers is itself almost a scam; hiring teams means scam, squared. Easiest way to fail your startup. Hire only locally, people you know. Don't use any online platform for that, you are going to get ripped.
How to Create a MOOC in 28 Days indiehackers.com
40 points by sakunthala  2 hours ago   6 comments top 4
haberdasher 13 minutes ago 0 replies      
For anyone that wants to narrate slides, create a video of it, push to YouTube: https://presentio.us
xiaoma 1 hour ago 1 reply      
Is IH open for people to publish posts on now or does the author have some sort of connection to them? I've never seen a post like this and it's cool.
cven714 1 hour ago 0 replies      
Weird UI effect (I'm using Chrome 59): When the blue loading bar at the top of the page completes, I get popped back to the top of the page, regardless of where I've scrolled to. Bar finishes loading after ~3-5 seconds.
myth_drannon 1 hour ago 1 reply      
how did she get "100k in free AWS credits" isn't it reserved for startups in an some accelerator program?
Language Server Protocol, Rust and Emacs kellner.me
90 points by fanf2  9 hours ago   35 comments top 5
rayiner 5 hours ago 3 replies      
https://lists.gnu.org/archive/html/emacs-devel/2017-04/msg00... ("I am urging the GCC developers to work on implementing the languageserver."). Interesting statement from RMS, given LSP is a Microsoft technology, but it makes sense. The software on both sides of the reference implementation is under a GPL-compatible license. Also, LSP doesn't expose enough information to allow expropriation of GCC's frontend, which was RMS's concern with previous such efforts.

Really says something about Microsoft's evolution if you think about it.

corybrown 2 hours ago 0 replies      
As a vim user, I'm very excited about LSP. Neovim (close enough) may add native support, which would be great: https://github.com/neovim/neovim/issues/5522

It's possible to do a lot of the nice IDE features in vim (and I'm sure emacs) today w/ all sorts of contortions, but a standard way to get this done would be amazing.

kuschku 21 minutes ago 0 replies      
The Language Server Protocol is flawed already in its concept, as this article https://perplexinglyemma.blogspot.de/2017/06/language-server..., which was also on #1 of HN before, argues.

It instead proposes to have the language server expose the entire AST and environment that is available at each point, and have the IDE uses that for autocompletion, as this is far more powerful than what is currently doable with LSP. (Currently, the editor just transmits cursor position and content to the LSP, which then does all the highlighting, autocompletion, etc. This is not only less configurable, and less consistent, but also less usable, as often the LSP isnt able to offer as smart autocompletions)

Many IDEs, such as the JetBrains IDEA platform, do exactly this with their language plugins.

IshKebab 3 hours ago 2 replies      
Just a warning to anyone expecting auto-completion in Rust to be anything like C++ or Java, or even Typescript. It isn't close to that yet.
ilurkedhere 2 hours ago 0 replies      
How does it compare with racer-mode? Does it have roughly the same functionality or is one a subset of the other?
DeepMind expands to Canada with new research office in Edmonton deepmind.com
180 points by jonbaer  13 hours ago   47 comments top 8
rfrey 7 hours ago 0 replies      
Trace the graph of Reinforcement Learning movers and shakers, and see how many have their roots one or two levels up with Rich Sutton in Edmonton. David Silver, for example, quit a career in games AI and moved his family to Edmonton to study with Rich.

People are saying this is a coup for Edmonton, and it is. But it's also a coup for DeepMind. Having Rich Sutton, and giving him the resources to keep his best students together and working, is going to be amazing.

rsingla 12 hours ago 1 reply      
I am fairly surprised to see they opened up in Edmonton, rather than Toronto, Montreal or even Vancouver.

Despite that, it's a huge win for UofA - especially when you have names like Rich Sutton involved. I am quite excited to see the excellent growth of AI/ML expertise in Canada considering the Vector Institute [0] was announced recently as well!

[0] - http://vectorinstitute.ai/

jevonmac 6 hours ago 3 replies      
Despite some of the negative comments you see (Edmonton does have a real winter, on par with Toronto and Montreal for snow, but colder still) Edmonton is a pretty awesome place to live and spend time. It has always been the ugly step brother to Calgary and it took decades for oil wealth to really start to change the city. When it did, it wasn't in the cowtown-n-skyscrapers Texas style you saw in Calgary, but something a little less brash and more focused on arts and culture.

Don't forget as well, you are a short trip to Jasper, the BC interior and all sorts of absolutely amazing places that are busy and fun 4 seasons of the year.

That is all to say, from the perspective of someone who does not live there, Edmonton is an easy place to underestimate. There are many people who would prefer it to Toronto/Montreal just for the simple fact that they can buy a house, get around easily, and be much closer to the outdoors.

pmalynin 12 hours ago 1 reply      
I'm currently a student at the UofA, and I do Machine Learning / Deep Learning professionally; These are pretty good news, I know a lot of these professors personally and they do a lot of great (fundamental) work in the field of RL / ML, with a lot of collaboration happening between the university and the private sectors.

Hopefully, this will provide the needed boost to the University's CS department, and particularly Edmonton's tech sector.

diego_moita 12 hours ago 1 reply      
University of Alberta is a growing hub of AI studies. Dr. Jonathan Schaffer has done some interesting work on AI applied to games, his program Chinook has simply solved the game of checkers.

Bioware has offices in town and is a sponsor of the UofA CS department, so it makes sense the university research is directed towards games.

drpgq 5 hours ago 1 reply      
This is great news for Canada, but I'm curious what the pay would be like relative to the usual lowballing for Canadian tech workers across all levels.
rorygreig 7 hours ago 0 replies      
Apparently around a half of Deepmind's AI specialists are Canadian educated, so no surprises here.
pesenti 8 hours ago 1 reply      
The next AI winter is going to be really cold...
Satellites reveal melting of rocks under volcanic zone, deep in Earth's mantle phys.org
33 points by dnetesn  7 hours ago   1 comment top
mirimir 4 hours ago 0 replies      
> The TVZ is the southern tip of a zone of expansion, or rifting, in the Earth's crust that extends offshore for thousands of kilometres, all the way north in the Pacific Ocean to Tonga. Offshore, this takes place through sea floor spreading in the Havre Trough, creating both new oceanic crust and a narrow sliver of a plate right along the edge of the Australian tectonic plate. Surprisingly, this spreading is going on at the same time as the adjacent Pacific tectonic plate is sliding beneath the Australian plate in a subduction zone, triggering some of the major earthquakes in the region.

Isn't the Havre Trough rather more like Japan or the Andes (vulcanism over subducted oceanic crust) than the Mid-Atlantic ridge?

       cached 6 July 2017 19:02:02 GMT