Hacker News new | past | comments | ask | show | jobs | submit | prajjwal's comments login

As much as I love IRC, it is fundamentally incompatible with the way people use IM these days. Even if you gloss over the lack of "modern" features, you're still going to have a very hard time with vanilla IRC on mobile where keeping a persistent background socket open is frowned upon (if not outright illegal).

Don't get me wrong - I love IRC, and have used it as my primary social network for years. And after spending a full decade trying to switch people over to open protocols, I've found the hard way that the network effect trumps all.

I just don't see the average Whatsapp user ever switching to IRC.


>I just don't see the average Whatsapp user ever switching to IRC.

The participants of this thread are not the average Whatsapp user - they're self-identified "hackers".


It's amazing that technology is empowering these protestors, but I'm not sure a vulnerable group of people such as this should be leaving identifying information on these servers.

- You cannot sign up for Telegram without your phone number (even if it isn't public). - End to End encryption exists but is limited to 1-1 chats. - Telegram cooperates with data requests from law enforcements.

The kind of risk this puts them in cannot be overstated.


> Telegram cooperates with data requests from law enforcements.

It is not that black and white:

AFAIK and IIRC it is more like this:

- yes: Telegram gives data about members of public groups/channels

- no: Telegram does not give out information from closed groups / personal chats, and they go to great lengths to prevent that information from becoming available. We might be sceptical all we want about the custom crypto, but I've seen no credible source that I can think of that have backs you statement except the limited example I gave above.

Happy to learn more though.


"they go to great lengths to prevent that information from becoming available."

Where's the documentation for this? Without documentation your assumption that there's any security is just blind faith.


Telegram has been sued over and over in many countries for refusing to provide that info, and kept fighting (both legally and technologically - via smart proxy-server rotation, addresses distributed over Apples/Google's push notifications etc.).

Here's the case for Russia - https://en.wikipedia.org/wiki/Blocking_Telegram_in_Russia (eventually the govt has blocked over 20 million (!) IP addresses, including Google's and Cloudflare's, and that disrupted 30% of the Internet in the country, but the app just kept working fine)


Schneier was very vocal after the Snowden documents on how the NSA has multiple methods to get hold of the data. If it's not via judicial means, it's via extra-judicial means. NSA considers Telegram's servers outside US fair game (i.e. hacking them is not a problem). GCHQ considers servers inside the US fair game. The two agencies exchange intel which allows them to bypass constitutional protections. This is old news.

As for Russia, China, Israel etc. The servers are outside their borders, and mostly they don't give a flying fuck even if it was domestically hosted.


You will notice the same article states they eventually started cooperating with the Russian government, as the other poster noted already.


main opposition leader got poisoned yesterday you think it matters what a russia based organization says they will do?


You can cloak your phone number & not allow others to reach you via your phone number. Which means that the authorities cannot match your phone number to your Telegram identity, even if you posted in a public chat. This feature was implemented last year during Hong Kong protests to protect against government efforts to identify protestors by enumerating the limited phone number space in HK. There is also a password option to protect against SMS surveillance.

As to whether Telegram itself would cooperate with data requests from your government - that depends on which government it is, and in the end is up to personal judgement. I don't think there's any reason that Telegram would betray me to the Chinese government, for example, while I won't at all trust Facebook for that. Facebook, and Zuckerberg himself (for how long did he stick to that Wuzhen avatar?), tried hard to appease the Chinese government for such a long time.

International megacorp are generally the worst to trust in that respect. To many of us in authoritarian places, the illegality of Telegram is itself an attraction.


That basically hits the nail on the head, but it's not the full extent of it. We have ["Jugaad" culture](https://en.wikipedia.org/wiki/Jugaad), where we actually take pride in doing things that would be labeled outright fraud in a lot of places.

I also can't see how its changing, I've become rather cynical from having to deal with it constantly. I sure hope you're right, though.


I was about to mention "Jugaad" in my original comment - my dad talks about the concept proudly all the time. I am sort of proud of it, but also hate the conniving aspect of many jugaads!


Users who care about privacy are, quite literally, the only demographic that cares about Firefox at this point. The numbers clearly say that. I'm not even remotely versed in how to run a business, but in what twisted universe does it make sense to alienate us?

I put up with Firefox's single threaded nonsense for years, with their outright refusal to properly implement hardware acceleration for Linux, and with their clearly inferior performance. And now I find out they've got Google Analytics on a page where uBlock Origin can't even block it (at least not post FF 56), and that doesn't even respect my telemetry settings (which I've obviously disabled). Every decision they've made lately seems to be targeted at gaining the attention of people who clearly couldn't be arsed to get off Chrome if they proved it gives you cancer, instead of making it better for people who are keeping it afloat.

Congratulations, Mozilla. You've put a whole bunch of us out on the lookout for a replacement. Enjoy your descent into obscurity.


What's your preferred alternative browser? Serious, I haven't found one I like yet.


A fork like IceCat or Pale Moon?


The site is down for me. http://i.imgur.com/4goIadC.jpg

While this is nothing new, more sites like these are always welcome. If you plan on keeping this alive long term, please consider making an API so I can use it from the command line. Also, these services tend to get misused a lot, so you might want to log everything. Maybe encourage people to encrypt before uploading, too.

Take a look at a few existing services as well, to figure out what else you can add.

[1] https://file.io [2] https://transfer.sh

Just got done writing a script for the latter - https://gist.github.com/Prajjwal/63f5df1176ea05ee3679c04e0fa....


My apologies. I confused myself and made a typo with the URL, it is: https://tempfile.cloud/

It was more of a quickly thrown together app. I'll keep it up though, I've used it a couple of times myself now. I find most of the other sites like these either make you sign up, offer smaller upload limits of 300 to 500mb or they spam you with horrible popup windows and pornographic banner ads.

API is a good idea. At the moment the uploads are direct to S3 from the browser using presigned URL's, but wouldn't be too hard to add one in though.

I am absolutely logging everything that is uploaded. One of the first things I did was implement some solid logging.


I'm tired of these "assessments". Solving contrived algorithm puzzles is not an indication of programming skills, which mostly require organizational skill. I don't know how this sort of thing became so pervasive, but as someone who has recently been burned at a few job interviews because of it, it really grinds my gears. My ability to recall and produce a correct implementation of an RB tree on a piece of paper with no compiler feedback is NOT an indication of my ability to code your ReactJS website. Just because I can't solve in five minutes some brilliant logic puzzle that the interviewer read online and made it their go-to thing to prove how smart they are does not negate years of experience writing in the Language / Framework they said they were originally looking for. I have PTSD.

I wish more companies would hire based on code that you've written, than a bunch of contrived puzzles you're supposed to know by heart so you can solve it on a whiteboard without blinking. But, since that's how the fucking system works, I'm forced to spend time committing these things to memory than writing actual code.

James Hague said it best, "Organizational Skills beat Algorithmic Wizardry". http://prog21.dadgum.com/177.html


That's because they're easy to test and makes the interviewer think that they're smart. i.e. boosts their ego.


''there's always lots of state to keep track of, rearranging of values, handling special cases, and carefully working out how all the pieces of a system interact''

These are the skills actually that are needed to implement an RB tree (lot of special cases to handle, hard to organize the code well), although I have never been asked to implement any balanced tree on an interview.



I think maybe another way to look at it is that it mostly tests one's ability to handle stuff they don't necessary like. For ex, you are preparing for an interview. Suck it up and learn some standard algorithms and practice coding under a little pressure. That is the homework that you are supposed to do.

If you haven't done that, it is a good indication of how you will handing boring but necessary and important stuff at work. In all fairness, I think you can't fault people wanting to judge you based on that..


I wouldn't mind doing homework that is related to what they need me to do on the job. Make me code. On a real computer. With a compiler. With an internet connection. On real problems, even if they're conventionally hard to solve. I wouldn't mind rejection if I can't produce something satisfactory in a real life setting. Sometimes, they ask things that are too far removed from what they need from you, and I just don't get it.

It's not about learning algorithms. If you do the Stanford MOOC on algorithms on Coursera, which is one of the best MOOCs I've ever come across, you'll find that the instructor emphasizes understanding over rote learning and implementation details. If you understand what data structures and algorithms fit where, you can look them up and apply them as and when you need to. Memorizing every nook and cranny of CLRS so you can reproduce it quickly in an interview is a terrible waste of time, imho.


That explanation is ridiculous. If that were the reason they would just have you dig 6 foot ditch. Implementing RB trees is not "boring and important work" either, if you're implementing them in your day job (for 99.99% of programmers), you are grossly incompetent because you don't understand how to use libraries.


But why would the homework for a React job include RB trees? It seems some interviews add unrelated technical questions.


Not that I agree with it, but they're testing general CS knowledge at that point. What if they decided to switch from React to something else entirely? Have you made your future employer confident enough that you're competent enough to handle that and more?


Because switching from react to angular requires knowledge of RB trees. /s


I get what you're saying, but sometimes interview questions are too far removed from the position.


Glad to see this under scrutiny. A lot of websites are eager to recommend any application that claims to be secure, and it is often the case that neither the author nor the audience is equipped to make that judgment. Hopefully we'll see full fledged security audits for less popular secure messaging apps in the future.


Check the report again - they've now added Wire replies.


Orkut was our go-to social network as teens, before we all moved to Facebook in 2009. I'm was going to join this out of sheer nostalgia, but it appears to be lacking a web app.

I'm curious as to why they went with ONLY native Android / iOS apps. That will not only drive away people like me, who prefer to use things from a desktop web browser, but also people in developing countries who might not have access to a smartphone. That sounds like straying away from "I want to help connect people" to something more like "I want to help connect people who own an Android / iOS device".


> people in developing countries who might not have access to a smartphone

I live across a river from Burma, and I can tell you it's at least an order of magnitude easier for people there to get access to a smartphone than a desktop or laptop.

http://www.theatlantic.com/technology/archive/2016/01/the-fa...

I mean, I agree that it's a deal-killer for people like you and me, but the idea that it would make it less suitable for underdeveloped countries is just silly.


I live in a first-world country, I do have an Android phone, but I'm always out of internal storage and need to delete apps. Most people in my friends/family circle are in the same situation. So even if we have Android, services based exclusively on mobile apps have an accessibility problem for us. I suppose this problem will be larger in places like Burma, where smartphones will be cheaper and older on average.


Most devices in the developing world have micro SD slots.


Mine also has one, but the apps just don't want to go there. In fact, some apps like spotify insist on storing even their data in the internal storage. So I have a full internal storage and an almost empty big SD card. I know these things can be solvable via rooting, but most people doesn't root.


I was really frustrated by this for a while. There were some instructions on the Spotify website about re-installing the app when the SD card was plugged in, but it never seemed to work for me.

Recently they added the ability to explicitly choose where you want to store your offline data.


Mobile app means access (due to broken permission systems) to a user's contact, location, mic and camera. Also, captive web browser (user clicks a web link and that web page gets shown inside the app, instead of on the phone's own browser) means the app can track what sites you visit and for how long ("Dear buzzfeed.com, would you like to buy our stats for visits to your website?").


"broken permission systems" is just Android. iOS could offer more fine-grained options, but it's solid.


It's easier to suck up your information, access your contact lists and physical location, when you're stuck on a mobile app.


This, I believe, is the correct answer. I refuse to give most companies that much power.


> people in developing countries who might not have access to a smartphone

People in such countries are actually more likely to have access to a smartphone, specifically one of the myriad cheap Android devices one finds all over the world, than to a desktop web browser.


People use mobile more than desktop on social apps so it makes a lot of sense. Eventually there will be a web/desktop version as well(if it catches on). Shortly said mobile web sucks so a native app is better than a broken website.


Doesn't it suck for anything but simplest forms of communication?

I mean, I just can't stand touch-typing anything but very short messages. Whenever there's any conversation that involves more typing than posting a meme picture and replying with "lol" I run for a real terminal, with a real physical keyboard.

I don't know about others, but for me being significantly slowed down with typing is frustrating. And I hope to believe I'm not an outstandingly slow with touchscreen keyboards...


>> "I don't know about others, but for me being significantly slowed down with typing is frustrating. And I hope to believe I'm not an outstandingly slow with touchscreen keyboards..."

Just anecdotally watching people type I think that the general consumer who isn't typing on a real keyboard all day, is actually much quicker on a phone. Look at teenagers - they spend much of their day communicating on a phone hence they get quite good at typing on it. I'm shocked at how quickly a lot of people I know reply to me from their phone. So I don't think it's that you are outstandingly slow, just that you and I spend a lot of time using real keyboards so we can use them efficiently and a lot of other people spend most of their time using touch keyboards and can use them more efficiently than us.


I've made the same observation.


Services are becoming more and more "Mobile first" in recent times.

I do appreciate the importance of optimizing for mobile as a priority but share your sentiment in the poor experience left for those who us who actually like to use our laptops/desktops for some activities.

Watch the trend reverse once form factors that are both portable and usable as primary workstations (for light work) become the norm (like MS and Ubuntu's vision of a phone that can become your laptop in a dock)


Native app first is the problem, not mobile first.

Web apps designed for mobile first often give you a better desktop experience. Designers making a desktop web app feel obligated to fill the screen with stuff to make it clear that they did a lot of work. But if they start with mobile it stays focused on what's important. Additional interface element for desktop end up as actual enhancements instead of distractions.


Based on the size of the app and the interface, it's not native but some sort of webapp bundled with it's engine which means they could have done a mobile website, but my guess is that they know that if they do this no one will download the app atm.


I'm genuinely curious as to what makes LinkedIn worth that much. On the surface it just looks like Microsoft is trying to commit suicide.

As as aside, how many startups in Silicon Valley are rushing to up their spam game in the wake of this? :)


I know, right? They've been working on their v3 release for centuries now, but it looks like it's another few centuries away. It's a shame, because it's a really good client. I just wish development was faster.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: