Hacker News new | past | comments | ask | show | jobs | submit | chishaku's favorites login
   submissions | comments

This is actually funny, because I was involved with the creation of this list, way back in 2004. The whole thing started as a way to stop phishing.

I was working at eBay/PayPal at the time, and we were finding a bunch of new phishing sites every day. We would keep a list and try to track down the owners of the (almost always hacked) sites and ask them to take it down. But sometimes it would take weeks or months for the site to get removed, so we looked for a better solution. We got together with the other big companies that were being phished (mostly banks) and formed a working group.

One of the things we did was approach the browser vendors and ask them if we could provide them a blacklist of phishing sites, which we already had, would they block those sites at the browser level.

For years, they said no, because they were worried about the liability of accidentally blocking something that wasn't a phishing site. So we all agreed to promise that no site would ever be put on the list without human verification and the lawyers did some lawyer magic to shift liability to the company that put a site on the list.

And thus, the built in blacklist was born. And it worked well for a while. We would find a site, put it on the list, and then all the browsers would block it.

But since then it seems that they have forgotten their fear of liability, as well as their promise that all sites on the list will be reviewed by a human. Now that the feature exists, they have found other uses for it.

And that is your slippery slope lesson for today! :)


Sometimes, it is about thinking-out-loud about an idea.

That is to say, getting multiple dopamine hits as you type a long comment and imagine people on the internet being impressed by a comment you wouldn't be motivated enough to journal about.


>I think it's kinda cool to consider that rogue planets / brown dwarfs [0] could be candidates for extending human life beyond the solar system post-Sol. Assuming we have enough fissile material (or master cold fusion) to perpetuate the civilization's energy requirements, we could explore the stars in darkness for eons.

Every time I read a comment like this I wonder if people have actually taken the time to consider what living off the Earth would actually be like.

The quality of life for anyone living off the Earth would be abysmal. Think of the most barren, hostile, nearly uninhabitable places on Earth, they're still magnitudes higher in habitability than anywhere we're likely to find outside Earth.

Then if somehow we actually manage to find a place with a climate similar to Earth, that may even have some life or organic material, there's the issue of compatibility.

Look at the issues humans have just travelling from one side of the world to the other. Pathogens, the environment, even the food can cause problems, let alone a place with entirely alien life.

Take something as simple as the prion that causes mad cow disease, it's a protein.

What kinds of bacteria, virii, amoebas, fungi, parasites etc. Will we encounter? Would we even know we're infected until it'a too late?

Maybe some kind of strange prion or virus that systemically and harmfully alters humans in a way that's undetectable until the whole population is infected?

I mean this happens still here, with life on our own world.

But, before all that is the endless darkness, entire generations living like nomads in the cold, black emptiness of space. Entire generations seeing nothing, living their lives only so their children's children's children can maybe someday see something.

Overall though, the idea that we can just escape the Earth someday so it'll be fine just leads to shortsighted neglectful actions that destroy the planet.

That colonial, we can just expand and keep growing indefinitely and just move to a new place, mindset stopped being reasonable the moment we spread across the world. Moving to a new planet is not the same as just hopping in a ship and sailing across the ocean. It's not a reasonable backup plan, it's not a reasonable solution.

We have one home, Earth, we are all made from this place, someday we go back to it. No other place we ever may find will be our home the way the Earth is. The idea we should just use and abandon the Earth is just so incredibly backwards to the way we should be thinking.


Perl’s DBD::CSV can do this. I would be surprised if Python didn’t have something similar.

Michel Foucault had this to say to contemporary critics of Hegel:

"We have to determine the extent to which our anti-Hegelianism is possibly one of his tricks directed against us, at the end of which he stands, motionless, waiting for us."

It seems any investigation of prior art regarding knowledge base systems comes back to Emacs, where the solution to all problems of note taking and memory retention is patiently waiting for everyone to finally learn Elisp. But Emacs is for dinosaurs, we repeat for the 100th time ...


As a manager and software engineer,

Seniority is also implicitly more about _independence_ than _capability_. This is something Junior engineers are often confused about.

Its easier to hire, or let a senior work at home, because generally, they have a much stronger track record of "not becoming blocked" and "not needing someone to prioritize tasks" etc.

In short, its less about "forcing" preferences, and more about managements have seen this person execute with less oversite. Which is almost definitionally seniority.

A lot of you will respond to this "I don't need oversite to get things done" and a lot of you will be wrong. Because a lot of engineers need oversite to get _the right things_ done.


Spot on. The metaphor I typically use here is cleaning up a mess vs spreading it around. If you have a really big mess and spend a year or two rearranging it into dozens or hundreds of smaller messes, yes the big obvious mess is gone, but the overall amount of mess has likely gone up and by segregating everything you’ve probably made it much harder to someday get to a clean state.

If you’re moving to microservices because the number of people working on a project is growing too large to manage and you need independent teams, great. If you’re refactoring to microservices because “we’re going to do everything right this time,” this is just big-rewrite-in-disguise.

Whatever engineering quality improvements you’re trying to make—tech stack modernization, test automation, extracting common components, improved reliability, better encapsulation—you’re probably a lot better off picking one problem at a time and tackling it directly, measuring progress and adjusting course, rather than expecting a microservices rewrite to magically solve a bunch of these problems all at once.


> ...the company’s upcoming pricing algorithms, which they hinted might be able to more precisely predict what riders might be willing to pay for a ride.

I hate the whole idea of this. If they track you around, maybe realize you order from fancy places on uber eats, then they will raise prices on something that costs them the same. There's something that strikes me as especially awful about automating the "how much is this individual willing to pay." It's like the worst parts of searching for air fare.

Yet another reason to advocate for privacy, so they can't just buy records about you to determine your price sensitivity from the rest of your life.

If everything everyone bought had perfect information on what they're willing to pay, I wonder what markets would look like. Would getting a raise immediately cancel itself out?


I've worked in government, late startup and corporate roles. There isn't anything fundamentally broken about government. The difference is operate vs. build.

Government is usually optimized around operational activity, and it usually does so very well from the perspective of how the organization is designed. Things get weird because priorities are driven by external mandate. DMV issues licenses, taxes are collected, social services are delivered. The downside of scaled operations is that changes are difficult and expensive. The exception is when there is growth -- the government is good at borrowing money and good at building stuff.

Large corporations aren't that much different. If anything, the average medium/large corporation has fewer controls and is less competent at a given task that a .gov organization would be, but delivers each marginal task at a lower cost and less red tape. (aka compliance requirements)

Startups are different. They are built to build and tend to do the minimum viable activity and are usually a big mess operationally.


The lowest level of truth telling is stating facts, but even stating facts can be extremely manipulative.

If I were to say:

"2x as many white Americans were killed by police as black Americans in 2018."

This a true fact.

If I take note of the fact that black Americans only constitute 13% of the population, then I can say

"A black American is 2.3x as likely as a white American to be killed by police."

This is also a true fact.

So not only are facts capable of telling a narrative, but it gets much more complicated once you start introducing conclusions.

If you say "A black person is 2.3x as likely as a white person to be killed by police in America. American police are being racially discriminatory when killing civilians."

This is a fact and a conclusion, and most news consists of facts and conclusions. Both the fact and the conclusion serve a particular narrative, and that's an issue. The problem is that a news organization with a different set of objectives, or simply operating under a different framework, would be entirely capable of coming to an entirely different conclusion, or introduce entirely different facts alongside it.

"A black person is 2.3x as likely as a white person to be killed by police in America. However, despite making up only 13% of the population, black Americans committed 36% of homicides, with an overall much higher representation in violent crime across the board. Only 5% of police shootings are with an unarmed victim, with the rest resulting from an armed altercation."

Different narrative.

In America, we understand that there is absolutely nothing more dangerous than an entity that feels entitled to control what is true. It might make things easier, and it might actually produce better results so long as the entity doing so is competent and benevolent, but nearly every structure in America is meant to serve as a bulwark for the cases in which the entity in power is precisely the sort that you do not want to be making those decisions. And to be frank, Europe should probably be more wary of that.


This is yet another example of the divide between wizarding and engineering[1]. When you're a small startup, what matters is the expressiveness of your language, and the ability do do a lot of things very very quickly. Type safety, performance, readability, those things don't matter. You're just a bunch of engineers who know the whole codebase inside out, you're pretty certain of what you're doing. In short, you're wizarding. If you grow big enough, this approach slows you down greatly, and you need to switch to engineering. You sacrifice some speed for making the codebase more understandable to a larger group of people, you can no longer assume everyone knows all the code, you write unit tests, need types and dislike metaprogramming because of the confusion it creates. This is why languages like Python, Ruby, Lisp or Smalltalk are amazing for small startups, but Java is what enterprises use. They're different ends of the wizarding/engineering spectrum. I wish there was a language that let you move gradually from one end to the other, exactly when you need to.

[1] https://www.tedinski.com/2018/03/20/wizarding-vs-engineering...


Story time! Recently, I've been thinking back to when lack of SSL was a huge, widespread problem on the Internet. This was back in the mid 2009-2010's, and at that point, one company in particular was lagging: Facebook.

So some random person made a browser extension that automatically collected the login credentials of everyone who opened Facebook on whatever public network you were connected to.[0] Then they publicly released it for free. Ironically, the very first comment in the article I link here is, "Okay, it's evil, but how is this news?"

But the Firesheep plugin was a really big influencing factor in forcing not just Facebook, but a number of companies to switch their entire sites to HTTPS.

The point I'm trying to make is not that you should go out and blow up the world to make a statement -- it's that it's possible for there to be a problem that's trivial to exploit, and that is regularly exploited by criminals and businesses, and that is widely known to be exploitable, and for some reason people will still ignore it.

But if it's personal, if your next-door neighbor or your weird coworker can suddenly start doing it, then something clicks and people realize, "Oh, this is actually a real problem."

There's no technical difference between what Superhuman was doing and what every other marketer is still doing, but people are weird about what exactly they're willing to care about, and if the Superhuman controversy can be used to direct some of that anger towards structural, useful goals, then is that really a problem?

I understand that sometimes the specific triggers that make people care are stupid, but my response to that is never to ask people to care less. It's already hard enough to make people care about things.

[0]: https://lifehacker.com/firesheep-sniffs-out-facebook-and-oth...


I've started a habit of sitting down with my son and taking them apart, screw by screw, piece by piece. He loves tools so he's into it 100%. The louder, brighter, and more annoying the y are, the more likely that they don't make it back together.

This is one of those announcements that seems unremarkable on read-through but could be industry-changing in a decade. The driving force between consolidation & monopoly in the tech industry is that bigger firms with more data have an advantage over smaller firms because they can deliver features (often using machine-learning) that users want and small startups or individuals simply cannot implement. This, in theory, provides a way for users to maintain control of their data while granting permission for machine-learning algorithms to inspect it and "phone home" with an improved model, without revealing the individual data. Couple it with a P2P protocol and a good on-device UI platform and you could in theory construct something similar to the WWW, with data stored locally, but with all the convenience features of centralized cloud-based servers.

The core concept to remember I think is that there are two ways to pay for things:

* Ways that involve cash or cash equivalents

* Ways where a purchase requires the permission of someone else

Just think of the word authorization, which is a required element of essentially all non-cash transactions. It has the word authority embedded right in it. If you're OK with that concept, you are necessarily OK with the idea that someone you have never met and don't control has the ability to stop you from using your funds in the way you'd like to at any time.

A cashless society is, at a fundamental level, not free.


> > "A deeper realization came further on: there might be limitations in language itself and our ability to represent ideas and think about them that could preclude us from actually understanding the foundations of our situation.

I see this play out every day. As a result of the continued linguistic apartheid in my country, the languages are dead, and the people are stupid as dirt (on average), to be blunt. However, this is mostly Karma, the result of accumulations of centuries past, playing out as the complete decimation of histories; naturally, the education/media system is a propaganda op, with tons of shills at every corner. Those whom you'd wish to see break out of chains, appear to find comfort in them alone. New ideas can't touch them nor move them, because the "programming language" is so outdated, that such sentences will be treated as garbage.

I believe there are deep reasons why India could only think of independence through a class which was more British than Indian. India is but a grave for the civilization it once sustained, and we are but mere flies who wish for a phoenix.

Language does indeed governs our thoughts, and in that respect governs the world we create - it's what makes us human, far more than anything else. Take out the language, and what you get is a mere animal.


I could write similar paens to Matcha, and the harsh truth, coffee lovers, is that the top feature of green tea is that it is not coffee.

Coffee , as is this piece by Balzac), is like dramatic prose, whereas green tea is like a haiku. Coffee seeks to kick the door open with it's legs, applying the full force of the femur (caffeine), sending the imbiber into a frenzy of activity, while green tea knocks on the door first (L Thanine). And isn't a polite knock enough to open many a door?

Coffee's influence is like a sugar rush, an exaggerated high followed by an artificial low, while green tea's influence is like a smooth lift-off.

For some reason, I end up choosing coffee when I'm stressed, and it worsens matters. I go for matcha when I'm well-rested and want to be productive, and it always leads to a good work session.


Just a reminder: https://mic.com/articles/167878/barney-frank-heres-how-to-no...

another user's summary:

tl;dr

1. Make sure you’re registered to vote — lawmakers check.

2. Lawmakers don’t care about people outside of their district.

3. Your signature — physical or electronic — on a mass petition will mean little.

4. The communication must be individual. Email, Letter, Phone call.

5. Know where your representative stands.

6. Communicate — even if you and your representative disagree.

7. Say “thank you" - to reinforce the behavior you want

8. Enlist the help of friends in other districts. - they write their own reps


Many of these practices are popularized by Google/Facebook/Amazon but don't make sense for a company with 100 or even 1,000 people. I try to focus on whether a practice will solve a concrete problem we're facing.

Switching from Hadoop to Spark was clearly a good idea for our team, even though it required learning a new stack, but there isn't a strong reason to switch to Flink or start using Haskell.

Agile makes sense when your main risk is fine-grained details of user requirements, but not when you have other substantial risks, such as making sure a statistical algorithm is accurate enough.

Microservices probably reduces the asymptotic cost of scaling but add a huge constant factor.

Relational databases are the right choice 95% of the time, non-relational stores require a really specific use case.

TDD is good for fast feedback in some domains, but for others, manually investigating the output or putting your logic into types is better. E.g. a lot of my time comes from scaling jobs that work on 10gb of data but crash on 1tb, TDD is not that helpful here.

Continuous integration mostly makes sense when you're making a lot of small changes and can reliably expect a test suite to catch issues.

In short, ask the question "when is practice X useful?" instead of "is practice X a good idea?"


I'll quote myself from a previous comment regarding epigenetics.

Epigenetics. It's the make-file for your genetic source code. Certain conditions can cause certain parts of your genetic code to be uncommented or commented-out. There are actually a number of different kinds of comments (histone modifications [1]) - each set of marks particular to a different compiler, in different contexts. And these comments/marks are copied with some fidelity to daughter-cells/children along with a high-fidelty copy of the underlying genetic code itself.

So the genes themselves are not being heritably altered, rather the recipe for which gene is where, when can be subtly changed. But again, the same mechanisms that permit the change in expression of those genes during a lifetime can be subsequently changed in the next just as easily.

In this way you can store the code for some trait or capability over many generations without having it always be running. It can manifest itself in individual organisms as having very different phenotypes even with the same underlying code.

[1] https://en.wikipedia.org/wiki/Histone_code


And that's why I think finance is smarter.

They've long understand that there are the finance analysts on the one hand and the software dev on the other. They get both and make them work together.

Looking for 5 rare skills in a single person is bound to disappointment: maths, statistics, programming, large scale systems, production.


Fallacies of composition are a norm on online forums, while all problems are treated as scale invariant - in online discussions, if someone find a negative counter-example, it will typically be employed to invalidate the whole thesis regardless of its actual significance.

I partly blame the popularity of the Action News format for dumbing people down, but the epistemological roots of this social trend run much deeper. Alas, demonstrating this to people seems to require a week of prior reading.


For giving a guiding vote from the citizens to assist in parliamentary or local decisions, yes.

For electing state officials, no. A voting scheme needs to be designed for the worst possible circumstances which practically means a bordering civil war, and where trust between voters is zero at best. Voting allows revolution to take place peacefully.

Therefore the method of voting needs to be understood, carried over, and be verifiable by the common (wo)man. No electronic scheme can do that: anything that runs in software means that the correctness of the system depends on the experts' word only, and that word is likely to mean nothing when half the population is already collecting arms.


This idea that politics or partisanship is something new to the modern world is fascinating.

I see it constantly among people that have little exposure to actual historical documents.

I suspect its origin is a bit of nostalgia for the "simpler times" of the past and the often horrendously bad methods many people learn history.

Often history is presented as a cleaned up and certain narrative - At simplest, a history of events that happen on dates. They often leave out the machinations, plotting, betrayals, and intrigue that was almost always present.

We strip the messy humanity from history as we build simplistic narratives.

Looking back it may seem to be obvious that Nazis should not have been appeased, but at the time there were many intelligent and informed people who thought otherwise. Same with the US getting involved in the War.

Politics have been a thing as far back as we have written records.


Disclaimers: I cannot see the future. These are just my opinions. I really appreciate the work and money that SamA, Elon, and others have put into the OpenAI project. The Universe work in particular might help encourage young people, many of whom love video games, to study AI.

But I feel that contrarians, such as myself, have an ethical commitment to young people to voice our doubts and criticisms, so that they can avoid making a long journey down a career/research path that leads to a dead end. That being said, I think this project leads in a very unpromising direction. Here are some reasons:

1. Games aren't a good testbed for studying intelligence. In a game the main challenge is to map an input percept to an output action (am I drifting off the side of the road? Okay swerve right). The real challenge of intelligence is to find hidden abstractions and patterns in large quantities of mostly undifferentiated data (language, vision, and science all share this goal).

2. This platform is not going to help "democratize" AI. To succeed in one of these domains, contestants will need to use VAST amounts of computing power to simulate many games and to train their DL and/or RL algos. DeepMind and others will sufficient CPU/GPU power will almost certainly dominate in all of these settings.

3. Deep Learning, as it is practiced, isn't intellectually deep. With a few exceptions, there is nothing comparable to the great discoveries of physics, not even anything comparable to the big ideas of previous AI work (A*, belief propagation, VC theory, MaxEnt, boosting, etc). Progress in DL mostly comes from architecture hacking: tweak the network setup, run the training algo, and see if we get a better result. The apparent success of DL doesn't depend on any special scientific insight, but on the fact that DL algos can run on the GPU. That, combined with the fact that, except for the GPU, Moore's Law broke down roughly 10 years ago, means that relative to everything else, DL looks amazingly successful - because all other approaches to AI are frozen in time in terms of computing power.


"Science talks about very simple things, and asks hard questions about them. As soon as things become too complex, science can’t deal with them… But it’s a complicated matter: Science studies what’s at the edge of understanding, and what’s at the edge of understanding is usually fairly simple. And it rarely reaches human affairs. Human affairs are way too complicated." — Noam Chomsky

If you're doing any kind of radical political work --- left or right --- and are worried about the attention you're going to attract, don't use things like RISEUP.NET. You shouldn't be running mailing lists at all. You shouldn't be using Jabber and asking all your peers to enable encryption. These are fundamentally unsafe services, and the idea that they can be provided safely just by paying attention to network security is terribly misleading.

In the universe of possible media in which to conduct discussions with a group of peers, there may be none less safe than SMTP email mailing lists. Keep secrets off mailing lists. Never use mailing lists for secrets. Assume your mailing lists are public. Nobody is going to deploy a mailing list security solution that will ever be adequate against state-level adversaries. Any site claiming to keep political activists secure that offers mailing lists should be viewed with suspicion, because "don't use mailing lists" is close to the only thing that messaging security people agree about.


I own some land in rural TN, with a winterized trailer and access to spring water. that is backup water and shelter for minimal cost. A person/year of shelf-stable food (not fun, but indefinitely survivable) is about $1000. So if I am smart about it, and fall back gracefully, every $3k-$4k in savings is a year of "backup survival". I still need to make sure I have at least a year's worth of currency in a liquid form in case of infrastructure or banking collapse and ideally at least 6-months food dry-packed on site in case purchasing food while falling back is not viable.

just a reminder, there is a lot more to back up than your hard-drive.


When you're running on your own against incumbents who've been in office for years (decades sometimes) you've really gotta work hard and build up the kind of contact data the big campaigns have easy access too. For example, I had trouble asking for people's phone numbers so I could call them (or robocall them) on election day - that was my own weakness, I bet someone with more sales skills could have done a better job there but I'm just an engineer. I had no e-mail addresses either. I should have also visited the retirement homes in town, I only went door to door. The churches never returned my calls but I did try to visit them. Lots of factors - I'm sure my South Asian name also lost me some votes but hey, I bet I can get past that next time.

I ran for board of education and it was an amazing experience. I went door to door in my small town, talked to hundreds of people, showed up at every town event wearing my blazer and nametag with "candidate for board of education". No BOE candidate before me had spent money on lawn signs - but they had to after me. I gave speeches, raised money, bought voter lists from the county and loaded them into our Oracle database at work (into my own DEV schema, of course, this was before I had cheap MySQL hosting) to identify the folks most likely to support me, used Google Maps and other mapping tools to map them out for personal visits.

And then I lost, and it was crushing. On election night when I stood in the election office and heard the precinct numbers come in one by one, I realized I'd never failed at anything significant before. But I'd do it all again - I will once my kids are older - it was one of the best experiences of my life.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: