Hacker Newsnew | comments | show | ask | jobs | submit | rosser's commentslogin

I put exactly as much stock in predictions like this as I do in those that say that Terminator-alikes are coming.

Zero.

reply


Because we've somehow as a culture made the decision that violence is to be glorified, but sex and bodies are still shameful — except, apparently, when we use them to sell things, and even then we can only be suggestive, not explicit.

reply


That reminds me of something that happened at the movie theater when I went to see Hunger Games. There was a couple with a small child maybe 5 years old. They asked what Hunger Games was about and the employee said it was about a bunch of teenagers brutally killing each other for sport. The father, without flinching, said "as long as there's no sex we'll take 2 adults and one child ticket!"

reply


Your database is just about the worst place in the world to be strict about DRY. It turns out, your model and validations don't actually prevent broken data. They just make you think you're safe from it...

...until your broken data starts biting you and your customers in places that don't typically see sunlight.

reply


>Your database is just about the worst place in the world to be strict about DRY.

There are no places in any code base at all where it doesn't pay to be rigorous about DRY.

>It turns out, your model and validations don't actually prevent broken data.

A) DRY isn't about preventing broken data.

B) Validations are for preventing broken data. That's what they do.

reply


Do you remember when, in the wake of Sandy Hook, &c, retailers and private sellers couldn't keep large-capacity magazines on the shelves, they were selling out so quickly, and at such a premium?

Now they're sitting in boxes on the floor at $10/per.

Nothing like a bit of artificially inflated demand for the old bottom line, eh?

reply


I'm reminded of the 'cstross quip, "Libertarianism is like Leninism: a fascinating, internally consistent political theory with some good underlying points that, regrettably, makes prescriptions about how to run human society that can only work if we replace real messy human beings with frictionless spherical humanoids of uniform density."

EDIT: corrected the quote.

reply


Wrong. All it takes is a browser fingerprint. If they can associate that with a name, whether or not you're logged into the porn site — e.g., through sites that you are logged into — they can identify your browsing session on the former.

reply


What is this browser fingerprint? If you are talking about some cookies and the user agent string. I wouldn't be concerned.

reply


https://panopticlick.eff.org

"Your browser fingerprint appears to be unique among the 5,053,325 tested so far."

reply


It seems like denying access to my plugins (and maybe non-standard fonts) would solve this. Why does a website need to know my plugins in the day and age of Flash being deprecated?

reply


But what about the incognito browsing? Would it prevent that?

reply


From the article:

"Web browsers leave an essentially unique footprint every time you visit a web page, even in Incognito mode (and even without supercookies). This is well established; many web tools such as Panopticlick will confirm that you give a website lots of information about your computer every time you visit."

reply


Yes. With the same URL for both discussion and article, though with differing scores and comment counts.

reply


I notice that one submission is "canonical" for the flag/unflag bit. You can flag one of the two submissions, and the "unflag" will show up on the other submission.

reply


Maybe Hacker News is budding. Is it spring already?

reply


...especially if he can put that he's gotten that big a payout from Facebook's bug bounty program on his résumé.

This isn't (generally) about the absolute dollar amount. It's a prestige thing, it's a pride thing, and it's an accomplishment thing. For the preponderance of people that participate in bug bounties, the money is probably very much secondary.

-----


Yeah, you absolutely can't trust client-generated timestamps. We have a table tracking metadata on customer-uploaded photos (dimensions, file size, color profile, &c), including the camera's timestamp. According to their cameras, our customers have uploaded pics taken before the Buddha sat beneath the Bodhi tree, and after the Khitomer Accord was signed.

Fortunately, we also store an upload timestamp, and our servers all sync to local NTP.

-----


What's really funny about this comment is that, while all of the features discussed in TFA are fully standards-compliant SQL, MySQL implements none of them, and its "upsert" isn't.

EDIT: And before one slags PostgreSQL too hard for not currently supporting upsert, one might peruse the relevant pg wiki page [1] to better understand where development stands and why we don't yet have it. (Hint: it's actually kinda complicated, assuming you want it done, you know, "right".)

[1] https://wiki.postgresql.org/wiki/UPSERT

-----


Everyone who needs 'upsert' is forced to go and read those discussions (and probably a few more articles as well), and then implement their own version of the same thing many times over.

The fact that it's complicated is precisely the reason this ought to be solved for the general case.

Otherwise, Postgresql is still an awesome product.

-----


Nah, you do not need to read those discussions unless you want to help out with the current patch which if enough people help out might land in PostgreSQL 9.5.

-----


Both MySQL and SQLite's implementations work satisfactorily, so I tend to think that PostgreSQL's reluctance is the perfect being the enemy of good.

It's a pattern that shows up often when you're mirroring data from a third-party, so it's a shame that the programmer has to do conflict handling for an operation that the database could easily do atomically.

-----


> Both MySQL and SQLite's implementations work satisfactorily

Satisfactory for you perhaps, but it may not be in the general case.

-----


"Get right" probably isn't the right term. Mostly I'm just annoyed that I can't choose an open source DB that has upsert (or merge if you want to do the standards version) and CTEs. I generally have uses for both of these in every project I work on.

-----


You can use writable CTEs as a kludge for an upsert depending on your use case.

-----

More

Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: