Hacker Newsnew | comments | show | ask | jobs | submit | happimess's comments login

I see where you're coming from, but poems, plays, and sculpture are "the fruits of the ancient world." A work like the Iliad only comes around once every few millennia, and no synopsis will frame its ideas so starkly.

The Iliad and The Odyssey are two of the most thrilling pieces of literature available to a reader today, and they both pose difficult moral questions. I just can't imagine a sociology textbook writer formulating a "What do you think: Glory, or Contentedness?" segment as compelling as the entire arc of Achilles' role in the battle for Troy.

So yes, the lessons of the ancient world are applicable to a broad range of subjects, but the art is also valuable in and of itself.


"So yes, the lessons of the ancient world are applicable to a broad range of subjects, but the art is also valuable in and of itself."

True, but I did mention studying these works through Literature courses, would this not be a suitable way to approach The Iliad and The Odyssey?

I guess I'd rather have a greater amount of flexibility in the education system for bringing together both old and new ideas. Whilst there's certainly plenty of material worthy of study from the activity of the ancient Greeks, what about other periods of time? If we have a separate course on the classics, should we have a course on the Renaissance as well (for example)?


You are certainly not alone. I both meditate (sometimes) and practice yoga (intermittently), and while both make me feel great and have noticeable effects on my productivity, they're both so much damned work. Once I miss a few consecutive days, its easy to miss a few more.

Brb going to meditate, even though its past my bedtime and I've got a couple glasses of wine in me.

-----


I know that it is considered suicidally hubristic to use homegrown cryptography; does that apply to writing your own implementation of a trusted protocol?

It seems like it'd be a cool project, but I don't want my github profile to advertise that I'm the kind of fool that rolls his own crypto.

-----


Writing your own crypto implementation is just like every other instance of reinventing the wheel, but more so. Namely, don't be a dilettante.

It's actually perfectly OK to reinvent wheels. Reinventing wheels is how people learn to build wheels and eventually invent new, never before seen wheels. Where we as programmers get in trouble is that we frequently reinvent a wheel once, and then drive around on it for the rest of our lives.

If you find cryptography interesting, try your hand at it. But don't just code up the first implementation once, slap it on a web app, and use it to protect your customers PII. Don't be a dilettante. Write lots of crypto implementations, and try to find the flaws in them. Read lots of books, read lots of other people's implementations. Whenever a new exploit of one comes out, try to understand it and try to find similar problems in your own code or other implementations (or figure out why a particular implementation doesn't have that flaw). Write more implementations, read more books, talk to other cryptographers.

It's not a crime to be interested in difficult things, but it is important to recognize that difficult things take a certain level of skill and devotion. Each of us has to decide which difficult things we want to devote our time to and which we want to casually watch from the sidelines.

-----


To further the analogy: Most of us don't have the resources or knowledge to properly test our wheels after we reinvent them.

-----


> does that apply to writing your own implementation of a trusted protocol?

As long as your README says that you're playing around with crypto and it's not production crypto, go wild -- nobody will care. Anyone who does isn't worth listening to, playing around never hurt anyone as long as at the end of the day you use real implementations by seasoned crypto developers.

-----


At the simple side of things you can write your own implementation and use known test vectors to verify that your implementation is acting the same as other implementations. That should cover interoperability.

Some of the issues in cryptography implementation are subtle things that can affect it like timing concerns, if you have a time optimization it can be exploited to leak information on the data or the key. This is one thing that a less experienced developer may fall into.

There are other side channel attacks as well that one needs to be cautious about. Optimizations for power usage may also leak information.

Part of writing crypto is to optimize for security on the expense of time and power.

-----


In cryptography, every layer of the stack has a set of possible vulnerabilities associated with it. In the rarest case, primitives (like ciphers and hash functions) are broken; more commonly, the protocol is ill-designed and flawed; but most common of all, the actual implementation itself has security flaws, like side channel attacks.

The issues associated with every layer are considered extremely subtle and tricky to both identify and fix. But I would say this is especially true for implementation attacks, which are not really addressed by cryptographic theory.

So, no, writing your own protocol implementation is not secure, even if you trust the design of the protocol. You are still vulnerable to the trickiest class of security flaws. However, so long as you clearly label your project as "learning only" or "insecure," no one will think worse of you for having your own protocol implementation. In fact, I'd say re-implementing TLS is one of the few ways to become intimately familiar with its internals.

-----


Yes, use existing libraries.

-----


If you feel the need to experiment, that's great - it's a fun exercise. Just don't use it in production, and call your repo something like "brokencrypto" so nobody else tries to use it.

-----


Or "Cryptocat".

-----


I recommend libsodium (http://doc.libsodium.org/).

-----


I mentally pronounce foldl' as "fold ell prime," and it never gives me any difficulty.

-----


I think that you misunderstand what the article means by "evolved twice." Neurons certainly did not appear out of whole cloth in one generation, and the process involved many false starts and dead ends.

The question is, do all currently living creatures with neurons trace back to a common ancestor who also had neurons, or are there several neuron-having lineages alive today, each of which traces back to a different earliest-neuron-having ancestor. In the latter case, each of those neuron-having ancestors would have shared a common ancestor, but one that did not have neurons.

The lineage of all life on earth certainly creates a more complicated graph than a tree, but at the time scale needed to create a novel feature like neurons, it certainly looks like a tree. To say otherwise, you'd have to point to a case where genetic information passed laterally between species, rather than vertically from parent to child. This probably has happened [1], but is not so common as to make all tree-shaped charts misleading.

[1]http://en.wikipedia.org/wiki/Symbiogenesis

-----


>point to a case where genetic information passed laterally between species

http://en.wikipedia.org/wiki/Horizontal_gene_transfer

-----


Thanks, that's a more apt link than symbiogenesis.

However, it doesn't change the fact that, when viewed from 10,000 feet, the tree of life looks more like a tree than a web. Especially with regards to the question "did neurons evolve twice," very little is lost by ignoring that sometimes cousins marry, and sometimes a virus leaves a chunk of genetic material in its host.

-----


It is worth remembering that part of the case against Mr. Aleynikov involves his use of "subversion" software, which sounds, well, subversive.

From the Vanity Fair article[1]:

"The Web site Serge had used (which has the word 'subversion' in its name) as well as the location of its server (Germany) McSwain clearly found highly suspicious."

[1]http://www.vanityfair.com/news/2013/09/michael-lewis-goldman...

-----


Wow, thanks for pointing that out.. that makes this reporting look pretty laughable, and wildly uninformed: "..through a so-called 'subversion repository'.." Apparently I can add "not looking suspicious" to a list of reasons to use git.

-----


Sergey must not have visited HN, because it seems safe to say had they found that in the browser history it would have been mentioned as well.

-----


Eh, I mean, the URL is news.ycombinator.com which is pretty innocuous.

"Hacker News" is just in the title of the HTML document.

-----


I would have thought the same about SVN.. When confronted with a mixture of money, ignorance and fear, all bets are off.

-----


noun 1. British Slang. a foolish or contemptible person.

I would say Source Safe is your best bet.

-----


Ahh, thanks, good looking out. "safe" seems like an additional layer of perceived good intentions.

-----


It could also mean you have something to hide. Something of great value.

-----


Yep, that's about par for the course reporting. If it sounds ominous, it must be. I remember a small town newspaper that was all mad 10+ years ago about the master / slave IDE toggle and how it was racist. It was not an Onion article, sadly.

-----


This quote was not about the reporter or the news outlet. Michael McSwain was the FBI agent in charge of the case, and the reporting seems to suggest that having 'subversion' in Sergey's Web history was a component of building probable cause.

-----


Remind me to write a a source code control system called "Patriot". I really don't want to know what they think of "git".

On a serious note, I guess the modern lesson is names are used by idiots to attack us so pick your project names carefully.

-----


"Patriot is binary-compatible with Git ..."

  sudo cp /usr/bin/git /usr/bin/patriot
... of course that is likely not enough, as all the porcelain still says "git". ;)

-----


It wasn't a small town, it was Los Angeles County.

http://www.cnn.com/2003/TECH/ptech/11/26/master.term.reut/

-----


I thought I saw the article in some small town newspaper. Oh well, I guess the memory isn't quite as good. I swear it was a weird editorial.

-----


I believe that stemmed from a lawsuit by a woman who took offense to those terms being used in some documentation that unfortunately passed through her hands.

-----


Oh god... Thanks for pointing that out, hilarious and saddening at the same time.

-----


I was wondering why everyone calls it svn now.

-----


I am not sure this issue has anything to do with that. I believe it is called svn because it was replacing cvs and developers do so love symmetry.

-----


And developers love TLAs (Three letter acronyms!)

-----


Is the emphasis on the word "subversion" from McSwain, or is it from the author of the article? It's not made clear from the text which one of them is emphasizing that part.

-----


To my ear, it seems that the emphasis comes from the FBI agent. The reporter keeps a fairly neutral voice, but the paragraph quoted, combined with the ones immediately before and after, paint the FBI agent as uninformed and credulous.

-----


I think this is exactly the kind of situation that GP had in mind. A computer would be undoubtedly faster and more accurate concentrating fire on the weakest stalker, but a human is better at deciding whether to attack now or move into position.

So instead of 'attack this unit,' the player could command his units to 'attack the weakest stalker in range.' Or even, 'stutter step along this path, concentrating fire on the weakest anti-air unit.'

-----


To be fair, I think a lot of sighted people would agree with you on both points.

-----


Surely you're joking--Notch gave away the POC for free, and started charging for the beta somewhere before 2011 (when I started playing). Since then, new features and bug fixes have been essentially non-stop.

I picked it up after a long hiatus and found new terrain types, new monsters, new neutral creatures, an enchanting system, a brewing system, an entirely new dimension ("The End"), and several types of abandoned structures.

-----


Does anyone have any insight as to how painful it is to relocate to Paris from outside of France, or even from outside of the Schengen zone?

-----


Finding an apartment in Paris is a special circle of hell, get help by whomever is hiring you, because it's a very lengthy and humiliating process for foreigners.

I've visited apartments for about two months before finding a place outside of Paris and have been asked all sorts of private questions about my life, for example looking at your tax and salary receipts is considered standard practice.

-----


It's standard practice because once you're inside, if you stop paying rent it's really really hard to kick you out (it can take years).

-----


I'm sad to say, quite painful. A sibling mentioned the housing problem. There's also the immigration problem.

If you're in France on a visa, you'll have to renew it every year. To do that, take a day off to go through a humiliating process that will have you wait in front of a government building from 12PM for 10 to 15 hours until it opens and then until it's your turn.

Of course, if you dare forget something, you'll just have to lose another 10 hours of your life another day, waiting in front of that same building. People sometimes take pounds and pounds of paper when they do that to be sure they'll have what they're asked for.

One of my friends is in this situation and she dreads it for weeks when the time comes to renew her visa...

-----

More

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: