Slashdot Mirror

http://news.ycombinator.com/item?id=5284311

The story was reported yesterday on Hacker News, and the headline on /. is just as sensational as it was in the other forum.

There is no admission, and there is no source. The anonymous staffer who will not be named is some underling with no pull or sway, and nobody has resigned. He didn't even say what the headline claims he said.

Or just don't worry about flattering the ego of people so insecure and unskilled that they require you to pretend that Ruby is a widely used, mature, stable language.

You want the advice of someone who learns languages effortlessly, and therefore has no insecurity about anyone else's preferences or prejudices. Anyone who needs you to "control your tone" about a language "because it puts food on their children's table" - I fear for those children. And for anyone who gets advice from their parents, who apparently had to struggle a bit too much to pull themselves up to that competency and, fearing criticism of their precious, hard-won skill, give the impression of hanging on by their fingernails.

Ruby is indeed still at risk of being described as a toy language, and it is not nearly as commonly used as, say Perl, Python, Visual Basic, or even C#, let alone Objective C, C/C++ or Java, (as evidenced here) ...and the community is similarly small. Witness the hilarity around the recent Rubygems compromise to see the price of small size and lack of maturity. The language is still young, and messily and poorly specified, relying on a horrifyingly slow, rats-nest reference implementation for its definition, rather than a comprehensive design.

There is great cleverness in Ruby. It represents a ruthless preference for developer productivity over performance. An interesting experiment, but unfortunately it was done "by feel" rather than with any hard data about speed or defect rates given different design decisions. So, while some things about it are wonderful, other things only appear to be wonderful. On the whole you are unlikely to experience much net gain over Perl or Python, though you may enjoy the novelty of it. It's a fun language. By all means, try, and see for yourself. Just beware that you foreclose the ability to scale your work easily if you use Ruby.

Although some very clever Ruby runtime implementers have come along to pick up the slack left by the language's founder (who still pretends the global interpreter lock is a virtue, or so I am told), many language features cause meaningful and irretrievable performance impacts that will never be ameliorated by runtime magic. It doesn't matter for many applications, but just something to keep in mind.

Theory: Broder didn't realize the logging capabilities of the car, and when the Model S' software ui initially supported his internal baises he took liberties with the truth. By "documenting" his experience through Tesla support he attempted to falsely add credence to what would be a traffic generating, "anti-electric" review masked in the journalistic repute of the NYT.

Firstly, all of Broder's excessive winging about the cold weather (I think) was designed to subtly imply that the Model S doesn't work in the cold. You future buyer, will be cold and your car will break. This is why Musk had to address the cold weather link directly in the evidence blog posting.

Secondly. Broder likely couldn't have fathomed that every parameter in the car was being logged. Very specific details add credibility and character to a story. They make the author appear diligent, and one who gives great attention to detail. In the past such details were a "literary tool used to bend the story. Now thanks to data driven engineering words and truth in such matters should align more closely.

Lastly. For a man who may or may not have a bias against electric vehicles (cars at least), the observation that "the estimated range was falling faster than miles were accumulating" at the outset of the author's journey might have set the tone of the coming review. With all the incessant calls to Tesla support to document all the "trouble", Broder had plenty of documentation to support his (what was IMHO a) journalistic malignment. This angle also had the added benefit of generating views for NYT - plus through the courtesy of Tesla arranging a tow - the money shot.

I hope NYT has the ethical chops to do what they must.

(comment posted first at http://news.ycombinator.com/item?id=5220302)

Hacker News is doing a great job of replacing /. as my nerd news source.

shame I have to undo my moderation to post this.. but http://news.ycombinator.com/ is better than /.

Yes, coondoggie is Michael Cooney, a news editor at Network World. He spends hours every day spamming his articles to Slashdot, Hacker News, etc. Why Slashdot editors continue to reward this sort of bad behavior is beyond me: his "articles" are rarely more than a quick, semi-accurate summary of someone else's article on another site.

Someone else called me out on that as well, my response was: "Sorry about the tone, I definitely could have said that part more nicely. To me Java smells like too many abstract interfaces, lots of boilerplate and hard to use build tools. Java was the first language I learned so I may very well be scarred from the experience." from http://news.ycombinator.com/item?id=5119259

http://news.ycombinator.com/item?id=5084022

As a reader of Hacker News I'm getting a bit sick of this coverage myself. Last night, 9 of the 10 top stories were in relation to Aaron and the whole situation. The guy did some great work, but he never even got into a courtroom to see how things would play out. The other thing to note is that it was known even publicly that he suffered from depression. A high-stress situation plus depression is the recipe for this type of situation.

I'm not say either side (the people making him into a martyr or prosecutor for going after him) is right or wrong with what they are doing. But to me, the reaction I've been seeing so far from those on sites like Hacker News seems to be a little far out there.

• TFS is destroying your development capability
• TFS is destroying your development capacity

The exploit does not depend on code the user has written and will work with a new rails application without any controllers.

Since the Chinese government has access to wiretap all Skype calls, I wonder if they would be able to access the silent bits of information as well.

Operator overloading can be a nightmare, it's a bad idea and it's needless: http://news.ycombinator.com/item?id=559976

do you have a link with more information or anything?

• http://forums.opendns.com/comments.php?DiscussionID=226
• http://www.dslreports.com/forum/remark,21284386
• http://news.ycombinator.com/item?id=136270
• http://en.wikipedia.org/wiki/OpenDNS#Issues.2C_conflicts_and_Google_redirection

Not sure that I agree with the implied attribution to Slashdot. As the Hacker News discussion revealed, the usual pattern of donations to FreeBSD is a late surge, apart from the fact that it got coverage in other places.

It would be nice if Slashdot dropped the self references, as it erodes its credibility.

Slashdot has credibility?

Not sure that I agree with the implied attribution to Slashdot. As the Hacker News discussion revealed, the usual pattern of donations to FreeBSD is a late surge, apart from the fact that it got coverage in other places.

It would be nice if Slashdot dropped the self references, as it erodes its credibility.

I've mentioned before that I don't use an Ad Blocker, and yet I rarely see ads. The addons I use (among others) are RequestPolicy, NoScript and Cookie Monster. These three allow me to not be tracked across most websites.

As well, I tend to use unique email addresses (either with Mailinator, or with another domain) for each website I sign up on (I record which email address I use where, and this allows me to track who is sharing my info).

And if I did somehow receive an email that said something like Sumit Suman received, I would be very unhappy with both the party I initially shared the email address with, and the other party. And would cease all business with both.

A commentator at Hacker News says at least one company uses the IP address to get the company and then looks up that company via LinkedIn. Another reason to a) support Tor, and b) not use LinkedIn I guess.
------

Ironically, 42Floors is using Disqus for their comments. This allows visitors to be obviously tracked across websites (at least that use Disqus) and I'm amazed that any privacy conscious person or organization would outsource like that. There are many other tools (e.g. Gravatar) that fall into the same category. In fact, with Gravatar, I can be tracked even if I don't use the service (by not having an avatar with them) because my email address is still sent every time I leave a comment. And I'm sure there are some blog maintainers wondering why they get email addresses of the form webmaster@domain from some of their more insightful commentators.

http://news.ycombinator.com/item?id=3491115

*chirping crickets* + downmod = "yeah, thought so ^_^"

Meanwhile, look at what HN is doing with the exact same story:

http://news.ycombinator.com/item?id=4888851

Here's the current top comment:

Reading what he is talking about, Stallman's description is absolutely correct. If I am doing a desktop search for local files, it is not be expectation that that search will be transmitted to servers without my consent, and that it does so makes it spyware even if we don't also take into consideration that it is being done to track my interests for monetary gain in the form of referral links. Good on him for calling attention to this functionality.

And the word pedophilia doesn't even occur anywhere on that page, not even once; wtf? Must be a bunch of evil perverts to talk about the actual topic like that, instead of obsessing about pedophilia like truly upstanding people are rightfully expected to.

Good we cleared that up! Merry Christmas, Keepers of the Brain, and thanks for keeping children everywhere safe from communism/pedophilia (same thing if you think about it, really).

What the fuck did you do to my link? HTTP is implied, FFS/

http://news.ycombinator.com/

Yea, I know. Eventually eBay finally paid attention to the problems and that is when Marcus was hired:
http://news.ycombinator.com/item?id=4494216

Start your own country

Hacker News has "News for Startups". Many /. articles show up there first. The community has, generally, far fewer commentators and much less humor. Expect to see a lot of stories about new javascript libraries, and blog posts from random idio^H^H^H^H"entrepreneurs". Tag it "RTFPressRease"

People tell me good subreddits exist. I'm not sure I believe it. Tag it "RTFImageCaption"

Linux Weekly News comes with a free neck adjustment to facilitate looking down on things with fewer freedoms. Tag it "RTFLKML"

Ars Technica, and Wired are both brought to you by their corporate overlords. Hard to complain about the reporting, it's sanitized but not awful. There's no community to speak of at either. It gets tagged for you.

Or you could DIY TFA with a custom RSS feed. But unfortunately I don't think what you're looking for exists outside slashdot, even in its supposed decline. You may get better answers, though, by defining what kind of nerd you are.

.. or here.

Anyone know if Rob would want to take back control of Slashdot...

So what you're saying is, you haven't seen enough Bitcoin articles lately?

Already some discussion on this over at Hacker News.

Anyone know if Rob would want to take back control of Slashdot if we ran a Kickstarter to get it back in the hands of someone who gives a shit?

Not that I'm saying Dice will treat /. badly... but I don't have high hopes for innovation.

We need a rethink of forum/chat systems.

My suggestion is do whatever these guys have done to keep eternal September at bay as long as possible.

ITT: Others brightly chime in with awesome ideas of how to innovate in forums

As far as Slashdot, disallowing AC posts might help raise the level of discussion. Maybe remove the karma cap and make the number publicly available maybe beside the user name. Since the community is large and healthy, disallow new users from posting for at least 3 days to stop some of the hit and run trolling. Something else that could be tried is maybe make a person lose some karma points everytime they post. That way people would more likely post things they think will get modded up rather than "me too" type stuff. Last but not least, how about bringing on the mighty "hell ban"? When a user trolls and trolls until his karma gets terrible, instead of just starting off his posts at -1 from then on, you bring in the hell ban. From the posters perspective, he is posting as normal and he can see his posts like he always could. But from the perspective of everybody else, his posts never actually appear. What happens is the poster eventually seeing that nobody is feeding his trolling, moves on or starts another account hopefully with a better attitude.

Reminds me of this: http://news.ycombinator.com/item?id=2011013

you can't patent ideas, most of the iOS patents are for specific implementations on the current touch screen tech. the fact that we had some kind of pinch to zoom 20 years ago has no bearing on current tech. different screens, different algorithms need to be created.

Vel, is that you?

Hacker News user gets confirmation from repo owner that this was a leak not an official open sourcing. Slashdot editors need to update the story to warn people.

This place has a proof of concept:
http://news.ycombinator.com/item?id=4311264

Old-school Slashdot is over here now, complete with Ask section.

We've all moved to hacker news. The discussion there was a lot better, and earlier, than the slashdot one.

Never mind Digg, how about GitHub's $100M capital raise?

I thought this was interesting when I read it in a news.ycombinator.com post from 2010.

* Optimized and deflated static resources
* Deflated HTML output
* SQLite prepared statements
* Integrated HTTP server (although it's currently in front of an Apache proxy)
* An optimized string builder (https://github.com/CyberShadow/DAppenderResearch)
* RAM cache of frequent DB queries

A Reddit story exists too where he speaks more about it:
http://www.reddit.com/r/programming/comments/ppre5/the_new_d_online_forum_software_written_in_d/#c3rhk2i

Well I fucked that up. http://news.ycombinator.com/

http://www.news.ycombinator.com/ A little heavy on the stay up scene need but probably the best alternative to Slashdot I've found yet.

I've been checking Y combinator's hacker news (which has more of an emphasis on dumb startup companies) and reddit programming lately.

I first saw the story there : http://news.ycombinator.com/item?id=4120837

After this much manual digging I've realized that I'm getting to jaded for /.

I still come back to /. out of long time habit, but I stopped looking at /. for real meat on topics sadly some time ago. It's getting to be a lot of spammy articles with little substance compared to what it was five or more years ago.

If you're interested in seeing more concrete discussion with substance, try reading over hacker news one day. They're also discussing Linaro

and most of the commenters on hacker news tend to be developers of various device platforms.

Yes. More specifically, http://news.ycombinator.com/item?id=4073309

http://www.mediafire.com/?n307hutksjstow3

When checking for your password, check both for its SHA-1 hash and for the SHA-1 hash with the first five chars zeroed. Quoting:

Some observations on this file:

0. This is a file of SHA1 hashes of short strings (i.e. passwords).

1. There are 3,521,180 hashes that begin with 00000. I believe that these represent hashes that the hackers have already broken and they have marked them with 00000 to indicate that fact.

Evidence for this is that the SHA1 hash of 'password' does not appear in the list, but the same hash with the first five characters set to 0 is.

5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 is not present
000001e4c9b93f3f0682250b6cf8331b7ee68fd8 is present

Same story for 'secret':

e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4 is not present
00000a1ba31ecd1ae84f75caaa474f3a663f05f4 is present

And for 'linkedin':

7728240c80b6bfd450849405e8500d6d207783b6 is not present
0000040c80b6bfd450849405e8500d6d207783b6 is present

2. There are 2,936,840 hashes that do not start with 00000 that can be attacked with JtR.

3. The implication of #1 is that if checking for your password and you have a simple password then you need to check for the truncated hash.

4. This may well actually be from LinkedIn. Using the partial hashes (above) I find the hashes for passwords linkedin, LinkedIn, L1nked1n, l1nked1n, L1nk3d1n, l1nk3d1n, linkedinsecret, linkedinpassword, ...

5. The file does not contain duplicates. LinkedIn claims a user base of 161m. This file contains 6.4m unique password hashes. That's 25 users per hash. Given the large amount of password reuse and poor password choices it is not improbable that this is the complete password file. Evidence against that thesis is that password of one person that I've asked is not in the list.

This watch looks pretty cool, and for $150.00, I'm thinking about getting one. I actually thought that's what this article was going to be about.

This watch is getting also getting a lot of talk on Hacker News.

What's amazing to me though, is that they make such a big sell of being able to hack and reprogram it, but the actual connectivity that gets the code and configuration to the watch isn't described in great detail, and it actually takes some digging to figure out that the technology used is BlueTooth only, and there's no MicroUSB jack or anything else available.

Also, they seem to be rebranding?

For whatever reason, (in particular, when you click on "BUY") http://www.getinpulse.com/ seems to redirect to: http://getpebble.com/

http://news.ycombinator.com/ might work better...

No, the code posted above was eaten by filters. The actual code in question may be found here. You can see clearly that there is a check to verify that "fromIndex" is greater than or equal to zero, that "toIndex" is greater than or equal to "fromIndex" and that "toIndex" is less than "arrayLength". In sum, a basic range check function easily recreated by any geeky child and something that would have taken Google engineers an equal amount of time write as it would to copy/paste.

Yea :(

http://news.ycombinator.com/item?id=3940683

5 Seconds sound like the real thing: from http://news.ycombinator.com/item?id=3940683

From OpenJDK:
private static void rangeCheck(int arrayLen, int fromIndex, int toIndex) {
                                if (fromIndex > toIndex)

                                                throw new IllegalArgumentException("fromIndex(" + fromIndex +
                                                                                            ") > toIndex(" + toIndex+")");

                                if (fromIndex arrayLen)
                                                throw new ArrayIndexOutOfBoundsException(toIndex);

                }
From Google:
private static void rangeCheck(int arrayLen, int fromIndex, int toIndex) {
                                if (fromIndex > toIndex)
                                                throw new IllegalArgumentException("fromIndex(" + fromIndex +
                                                                                            ") > toIndex(" + toIndex+")");

                                if (fromIndex arrayLen)
                                                throw new ArrayIndexOutOfBoundsException(toIndex);

                }
}

For those interested: (from http://news.ycombinator.com/item?id=3940683)

From OpenJDK:
private static void rangeCheck(int arrayLen, int fromIndex, int toIndex) {
                if (fromIndex > toIndex)

                        throw new IllegalArgumentException("fromIndex(" + fromIndex +
                                              ") > toIndex(" + toIndex+")");

                if (fromIndex arrayLen)
                        throw new ArrayIndexOutOfBoundsException(toIndex);

        }
From Google:
private static void rangeCheck(int arrayLen, int fromIndex, int toIndex) {
                if (fromIndex > toIndex)
                        throw new IllegalArgumentException("fromIndex(" + fromIndex +
                                              ") > toIndex(" + toIndex+")");

                if (fromIndex arrayLen)
                        throw new ArrayIndexOutOfBoundsException(toIndex);

        }
}

Some /. discussions are better than others, but for this matter, I think this discussion provides much better insight.